jdk/test/javax/xml/crypto/dsig/ValidationTests.java
changeset 2 90ce3da70b43
child 3462 4477fb399895
equal deleted inserted replaced
0:fd16c54261b3 2:90ce3da70b43
       
     1 /*
       
     2  * Copyright 2005-2007 Sun Microsystems, Inc.  All Rights Reserved.
       
     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
       
     4  *
       
     5  * This code is free software; you can redistribute it and/or modify it
       
     6  * under the terms of the GNU General Public License version 2 only, as
       
     7  * published by the Free Software Foundation.
       
     8  *
       
     9  * This code is distributed in the hope that it will be useful, but WITHOUT
       
    10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
       
    11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
       
    12  * version 2 for more details (a copy is included in the LICENSE file that
       
    13  * accompanied this code).
       
    14  *
       
    15  * You should have received a copy of the GNU General Public License version
       
    16  * 2 along with this work; if not, write to the Free Software Foundation,
       
    17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
       
    18  *
       
    19  * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
       
    20  * CA 95054 USA or visit www.sun.com if you need additional information or
       
    21  * have any questions.
       
    22  */
       
    23 
       
    24 /**
       
    25  * @test
       
    26  * @bug 4635230
       
    27  * @bug 6365103
       
    28  * @bug 6366054
       
    29  * @summary Basic unit tests for validating XML Signatures with JSR 105
       
    30  * @compile -XDignore.symbol.file KeySelectors.java SignatureValidator.java
       
    31  *     X509KeySelector.java ValidationTests.java
       
    32  * @run main ValidationTests
       
    33  * @author Sean Mullan
       
    34  */
       
    35 import java.io.File;
       
    36 import java.io.FileInputStream;
       
    37 import java.security.*;
       
    38 import javax.xml.crypto.Data;
       
    39 import javax.xml.crypto.KeySelector;
       
    40 import javax.xml.crypto.OctetStreamData;
       
    41 import javax.xml.crypto.URIDereferencer;
       
    42 import javax.xml.crypto.URIReference;
       
    43 import javax.xml.crypto.URIReferenceException;
       
    44 import javax.xml.crypto.XMLCryptoContext;
       
    45 import javax.xml.crypto.dsig.XMLSignatureFactory;
       
    46 
       
    47 /**
       
    48  * This is a testcase to validate all "merlin-xmldsig-twenty-three"
       
    49  * testcases from Baltimore
       
    50  */
       
    51 public class ValidationTests {
       
    52 
       
    53     private static SignatureValidator validator;
       
    54     private final static String DIR = System.getProperty("test.src", ".");
       
    55     private final static String DATA_DIR =
       
    56         DIR + System.getProperty("file.separator") + "data";
       
    57     private final static String KEYSTORE =
       
    58         DATA_DIR + System.getProperty("file.separator") + "certs" +
       
    59         System.getProperty("file.separator") + "xmldsig.jks";
       
    60     private final static String STYLESHEET =
       
    61         "http://www.w3.org/TR/xml-stylesheet";
       
    62     private final static String STYLESHEET_B64 =
       
    63         "http://www.w3.org/Signature/2002/04/xml-stylesheet.b64";
       
    64 
       
    65     private final static String[] FILES = {
       
    66         "signature-enveloped-dsa.xml",
       
    67         "signature-enveloping-b64-dsa.xml",
       
    68         "signature-enveloping-dsa.xml",
       
    69         "signature-enveloping-rsa.xml",
       
    70         "signature-enveloping-hmac-sha1.xml",
       
    71         "signature-enveloping-hmac-sha1-40.xml",
       
    72         "signature-external-dsa.xml",
       
    73         "signature-external-b64-dsa.xml",
       
    74         "signature-retrievalmethod-rawx509crt.xml",
       
    75         "signature-keyname.xml",
       
    76         "signature-x509-crt-crl.xml",
       
    77         "signature-x509-crt.xml",
       
    78         "signature-x509-is.xml",
       
    79         "signature-x509-ski.xml",
       
    80         "signature-x509-sn.xml",
       
    81 //      "signature.xml",
       
    82         "exc-signature.xml",
       
    83         "sign-spec.xml"
       
    84     };
       
    85 
       
    86     static KeySelector skks;
       
    87     static {
       
    88         try {
       
    89             skks =
       
    90                 new KeySelectors.SecretKeySelector("secret".getBytes("ASCII"));
       
    91         } catch (Exception e) {
       
    92             //should not occur
       
    93         }
       
    94     }
       
    95     private final static KeySelector SKKS = skks;
       
    96     private final static KeySelector KVKS =
       
    97         new KeySelectors.KeyValueKeySelector();
       
    98     private final static KeySelector CKS =
       
    99         new KeySelectors.CollectionKeySelector(new File(DATA_DIR));
       
   100     private final static KeySelector RXKS =
       
   101         new KeySelectors.RawX509KeySelector();
       
   102     private final static KeySelector XKS = null;
       
   103     private final static KeySelector[] KEY_SELECTORS = {
       
   104         KVKS,
       
   105         KVKS,
       
   106         KVKS,
       
   107         KVKS,
       
   108         SKKS,
       
   109         SKKS,
       
   110         KVKS,
       
   111         KVKS,
       
   112         CKS,
       
   113         CKS,
       
   114         RXKS,
       
   115         RXKS,
       
   116         CKS,
       
   117         CKS,
       
   118         CKS,
       
   119 //        XKS,
       
   120         KVKS,
       
   121         RXKS
       
   122     };
       
   123     private static URIDereferencer httpUd = null;
       
   124 
       
   125     public static void main(String args[]) throws Exception {
       
   126         httpUd = new HttpURIDereferencer();
       
   127 
       
   128         validator = new SignatureValidator(new File(DATA_DIR));
       
   129 
       
   130         boolean atLeastOneFailed = false;
       
   131         for (int i=0; i < FILES.length; i++) {
       
   132             System.out.println("Validating " + FILES[i]);
       
   133             if (test_signature(FILES[i], KEY_SELECTORS[i])) {
       
   134                 System.out.println("PASSED");
       
   135             } else {
       
   136                 System.out.println("FAILED");
       
   137                 atLeastOneFailed = true;
       
   138             }
       
   139         }
       
   140         // test with reference caching enabled
       
   141         System.out.println("Validating sign-spec.xml with caching enabled");
       
   142         if (test_signature("sign-spec.xml", RXKS, true)) {
       
   143             System.out.println("PASSED");
       
   144         } else {
       
   145             System.out.println("FAILED");
       
   146             atLeastOneFailed = true;
       
   147         }
       
   148 
       
   149         if (atLeastOneFailed) {
       
   150             throw new Exception
       
   151                 ("At least one signature did not validate as expected");
       
   152         }
       
   153     }
       
   154 
       
   155     public static boolean test_signature(String file, KeySelector ks)
       
   156         throws Exception {
       
   157         return test_signature(file, ks, false);
       
   158     }
       
   159 
       
   160     public static boolean test_signature(String file, KeySelector ks,
       
   161         boolean cache) throws Exception {
       
   162         if (ks == null) {
       
   163             KeyStore keystore = KeyStore.getInstance("JKS");
       
   164             keystore.load
       
   165                 (new FileInputStream(KEYSTORE), "changeit".toCharArray());
       
   166             ks = new X509KeySelector(keystore, false);
       
   167         }
       
   168         return validator.validate(file, ks, httpUd, cache);
       
   169     }
       
   170 
       
   171     /**
       
   172      * This URIDereferencer returns locally cached copies of http content to
       
   173      * avoid test failures due to network glitches, etc.
       
   174      */
       
   175     private static class HttpURIDereferencer implements URIDereferencer {
       
   176         private URIDereferencer defaultUd;
       
   177 
       
   178         HttpURIDereferencer() {
       
   179             defaultUd = XMLSignatureFactory.getInstance().getURIDereferencer();
       
   180         }
       
   181 
       
   182         public Data dereference(final URIReference ref, XMLCryptoContext ctx)
       
   183         throws URIReferenceException {
       
   184             String uri = ref.getURI();
       
   185             if (uri.equals(STYLESHEET) || uri.equals(STYLESHEET_B64)) {
       
   186                 try {
       
   187                     FileInputStream fis = new FileInputStream(new File
       
   188                         (DATA_DIR, uri.substring(uri.lastIndexOf('/'))));
       
   189                     return new OctetStreamData(fis,ref.getURI(),ref.getType());
       
   190                 } catch (Exception e) { throw new URIReferenceException(e); }
       
   191             }
       
   192 
       
   193             // fallback on builtin deref
       
   194             return defaultUd.dereference(ref, ctx);
       
   195         }
       
   196     }
       
   197 }