saml2/xmlsig/SigProviderTest.java

	SigProviderTest.java revision 98e3fb57b029202011533928efade9138ce99b20
4b22b9337f359bfd063322244f5336cc7c6ffcfars/*
4b22b9337f359bfd063322244f5336cc7c6ffcfars * The contents of this file are subject to the terms of the Common Development and
cda73f64f20b8a0afc4909f5ea1f055ec7913856Toomas Soome * Distribution License (the License). You may not use this file except in compliance with the
4b22b9337f359bfd063322244f5336cc7c6ffcfars * License.
4b22b9337f359bfd063322244f5336cc7c6ffcfars *
4b22b9337f359bfd063322244f5336cc7c6ffcfars * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
4b22b9337f359bfd063322244f5336cc7c6ffcfars * specific language governing permission and limitations under the License.
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome *
4b22b9337f359bfd063322244f5336cc7c6ffcfars * When distributing Covered Software, include this CDDL Header Notice in each file and include
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
4b22b9337f359bfd063322244f5336cc7c6ffcfars * Header, with the fields enclosed by brackets [] replaced by your own identifying
4b22b9337f359bfd063322244f5336cc7c6ffcfars * information: "Portions copyright [year] [name of copyright owner]".
4b22b9337f359bfd063322244f5336cc7c6ffcfars *
4b22b9337f359bfd063322244f5336cc7c6ffcfars * Copyright 2013-2014 ForgeRock AS.
4b22b9337f359bfd063322244f5336cc7c6ffcfars */
4b22b9337f359bfd063322244f5336cc7c6ffcfars
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soomepackage com.sun.identity.saml2.xmlsig;
4b22b9337f359bfd063322244f5336cc7c6ffcfars
4b22b9337f359bfd063322244f5336cc7c6ffcfars
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soomeimport com.sun.identity.saml.xmlsig.KeyProvider;
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soomeimport com.sun.identity.saml2.common.SAML2Exception;
4b22b9337f359bfd063322244f5336cc7c6ffcfarsimport com.sun.identity.saml2.common.SAML2Utils;
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soomeimport com.sun.identity.shared.xml.XMLUtils;
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soomeimport org.forgerock.openam.utils.AMKeyProvider;
4b22b9337f359bfd063322244f5336cc7c6ffcfarsimport org.testng.Assert;
4b22b9337f359bfd063322244f5336cc7c6ffcfarsimport org.testng.annotations.BeforeClass;
4b22b9337f359bfd063322244f5336cc7c6ffcfarsimport org.testng.annotations.Test;
4b22b9337f359bfd063322244f5336cc7c6ffcfarsimport org.w3c.dom.Element;
4b22b9337f359bfd063322244f5336cc7c6ffcfarsimport org.w3c.dom.NodeList;
4b22b9337f359bfd063322244f5336cc7c6ffcfars
4b22b9337f359bfd063322244f5336cc7c6ffcfarspublic class SigProviderTest {
4b22b9337f359bfd063322244f5336cc7c6ffcfars
4b22b9337f359bfd063322244f5336cc7c6ffcfars    private static final String DEFAULT_PRIVATE_KEY_ALIAS = "defaultkey";
4b22b9337f359bfd063322244f5336cc7c6ffcfars    private static final String XML_DOCUMENT_TO_SIGN = "documenttosign.xml";
4b22b9337f359bfd063322244f5336cc7c6ffcfars    private static final String SIGNED_XML_DOCUMENT = "signeddocument.xml";
4b22b9337f359bfd063322244f5336cc7c6ffcfars    private static final String ID_ATTRIBUTE_VALUE = "signme";
4b22b9337f359bfd063322244f5336cc7c6ffcfars
4b22b9337f359bfd063322244f5336cc7c6ffcfars    private KeyProvider keyProvider = null;
4b22b9337f359bfd063322244f5336cc7c6ffcfars    private SigProvider sigProvider = null;
4b22b9337f359bfd063322244f5336cc7c6ffcfars
4b22b9337f359bfd063322244f5336cc7c6ffcfars    @BeforeClass
4b22b9337f359bfd063322244f5336cc7c6ffcfars    public void setUp() {
4b22b9337f359bfd063322244f5336cc7c6ffcfars
4b22b9337f359bfd063322244f5336cc7c6ffcfars        // The keystore properties required to bootstrap this class are setup in the POM
4b22b9337f359bfd063322244f5336cc7c6ffcfars        keyProvider = new AMKeyProvider();
4b22b9337f359bfd063322244f5336cc7c6ffcfars        sigProvider = SigManager.getSigInstance();
4b22b9337f359bfd063322244f5336cc7c6ffcfars    }
4b22b9337f359bfd063322244f5336cc7c6ffcfars
4b22b9337f359bfd063322244f5336cc7c6ffcfars    @Test
4b22b9337f359bfd063322244f5336cc7c6ffcfars    public void testSigning() {
4b22b9337f359bfd063322244f5336cc7c6ffcfars
4b22b9337f359bfd063322244f5336cc7c6ffcfars        String documentToSignXML = XMLUtils.print(
4b22b9337f359bfd063322244f5336cc7c6ffcfars                    XMLUtils.toDOMDocument(ClassLoader.getSystemResourceAsStream(XML_DOCUMENT_TO_SIGN),
4b22b9337f359bfd063322244f5336cc7c6ffcfars                            SAML2Utils.debug), "UTF-8");
4b22b9337f359bfd063322244f5336cc7c6ffcfars
4b22b9337f359bfd063322244f5336cc7c6ffcfars        // Test the signing of an XML document
4b22b9337f359bfd063322244f5336cc7c6ffcfars        Element signature = null;
4b22b9337f359bfd063322244f5336cc7c6ffcfars        try {
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome            signature = sigProvider.sign(
4b22b9337f359bfd063322244f5336cc7c6ffcfars                    documentToSignXML,
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome                    ID_ATTRIBUTE_VALUE,
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome                    keyProvider.getPrivateKey(DEFAULT_PRIVATE_KEY_ALIAS),
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome                    keyProvider.getX509Certificate(DEFAULT_PRIVATE_KEY_ALIAS));
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome        } catch (SAML2Exception e) {
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome            Assert.fail(e.getMessage());
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome        }
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome        Assert.assertNotNull(signature);
4b22b9337f359bfd063322244f5336cc7c6ffcfars        NodeList nodes = signature.getOwnerDocument().getElementsByTagName("ds:Signature");
4b22b9337f359bfd063322244f5336cc7c6ffcfars        Assert.assertTrue(nodes.getLength() > 0);
4b22b9337f359bfd063322244f5336cc7c6ffcfars        Assert.assertTrue(signature.isEqualNode(nodes.item(0)));
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome    }
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome    @Test
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome    public void testVerifySignature() {
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome
4b22b9337f359bfd063322244f5336cc7c6ffcfars        String signedDocumentXML = XMLUtils.print(
4b22b9337f359bfd063322244f5336cc7c6ffcfars                    XMLUtils.toDOMDocument(ClassLoader.getSystemResourceAsStream(SIGNED_XML_DOCUMENT),
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome                            SAML2Utils.debug), "UTF-8");
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome        // Verify that the signed document has a valid signature
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome        boolean verified = false;
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome        try {
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome            verified = sigProvider.verify(signedDocumentXML,
5ffb0c9b03b5149ff4f5821a62be4a52408ada2aToomas Soome                    ID_ATTRIBUTE_VALUE, keyProvider.getX509Certificate(DEFAULT_PRIVATE_KEY_ALIAS));
4b22b9337f359bfd063322244f5336cc7c6ffcfars        } catch (SAML2Exception e) {
4b22b9337f359bfd063322244f5336cc7c6ffcfars            Assert.fail(e.getMessage());
4b22b9337f359bfd063322244f5336cc7c6ffcfars        }
4b22b9337f359bfd063322244f5336cc7c6ffcfars        Assert.assertTrue(verified);
4b22b9337f359bfd063322244f5336cc7c6ffcfars    }
4b22b9337f359bfd063322244f5336cc7c6ffcfars}