/*
* XAdES4j - A Java library for generation and verification of XAdES signatures.
* Copyright (C) 2011 Luis Goncalves.
*
* XAdES4j is free software; you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 3 of the License, or any later version.
*
* XAdES4j is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
* details.
*
* You should have received a copy of the GNU Lesser General Public License along
* with XAdES4j. If not, see <http://www.gnu.org/licenses/>.
*/
package xades4j.production;
import java.io.FileInputStream;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import junit.framework.Assert;
import org.apache.xml.security.keys.content.KeyValue;
import org.apache.xml.security.keys.content.x509.XMLX509Certificate;
import org.apache.xml.security.signature.SignedInfo;
import org.apache.xml.security.signature.XMLSignature;
import org.junit.BeforeClass;
import org.junit.Test;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import xades4j.providers.BasicSignatureOptionsProvider;
import xades4j.utils.SignatureServicesTestBase;
/**
*
* @author Luís
*/
public class KeyInfoBuilderTest extends SignatureServicesTestBase
{
static class TestBasicSignatureOptionsProvider implements BasicSignatureOptionsProvider
{
private final boolean includeSigningCertificate;
private final boolean includePublicKey;
private final boolean signSigningCertificate;
public TestBasicSignatureOptionsProvider(boolean includeSigningCertificate, boolean includePublicKey, boolean signSigningCertificate)
{
this.includeSigningCertificate = includeSigningCertificate;
this.includePublicKey = includePublicKey;
this.signSigningCertificate = signSigningCertificate;
}
@Override
public boolean includeSigningCertificate()
{
return this.includeSigningCertificate;
}
@Override
public boolean includePublicKey()
{
return this.includePublicKey;
}
@Override
public boolean signSigningCertificate()
{
return this.signSigningCertificate;
}
}
/*****/
private static X509Certificate testCertificate;
@BeforeClass
public static void setUpClass() throws Exception
{
org.apache.xml.security.Init.init();
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
testCertificate = (X509Certificate) certificateFactory.generateCertificate(new FileInputStream(toPlatformSpecificCertDirFilePath("my/LG.cer")));
}
@Test
public void testIncludeCertAndKey() throws Exception
{
System.out.println("includeCertAndKey");
KeyInfoBuilder keyInfoBuilder = new KeyInfoBuilder(
new TestBasicSignatureOptionsProvider(true, true, false),
new TestAlgorithmsProvider(),
new TestAlgorithmsParametersMarshallingProvider());
XMLSignature xmlSignature = getTestSignature();
keyInfoBuilder.buildKeyInfo(testCertificate, xmlSignature);
Assert.assertEquals(0, xmlSignature.getSignedInfo().getLength());
KeyValue kv = xmlSignature.getKeyInfo().itemKeyValue(0);
Assert.assertTrue(kv.getPublicKey().getAlgorithm().startsWith("RSA"));
XMLX509Certificate x509Certificate = xmlSignature.getKeyInfo().itemX509Data(0).itemCertificate(0);
Assert.assertEquals(testCertificate, x509Certificate.getX509Certificate());
}
@Test
public void testIgnoreSignSigningCertificateIfNotIncluded() throws Exception
{
System.out.println("ignoreSignSigningCertificateIfNotIncluded");
KeyInfoBuilder keyInfoBuilder = new KeyInfoBuilder(
new TestBasicSignatureOptionsProvider(false, true, true),
new TestAlgorithmsProvider(),
new TestAlgorithmsParametersMarshallingProvider());
XMLSignature xmlSignature = getTestSignature();
keyInfoBuilder.buildKeyInfo(testCertificate, xmlSignature);
Assert.assertEquals(0, xmlSignature.getSignedInfo().getLength());
KeyValue kv = xmlSignature.getKeyInfo().itemKeyValue(0);
Assert.assertTrue(kv.getPublicKey().getAlgorithm().startsWith("RSA"));
Assert.assertEquals(0, xmlSignature.getKeyInfo().lengthX509Data());
}
@Test
public void testSignSigningCertificateIfIncluded() throws Exception
{
System.out.println("signSigningCertificateIfIncluded");
KeyInfoBuilder keyInfoBuilder = new KeyInfoBuilder(
new TestBasicSignatureOptionsProvider(true, true, true),
new TestAlgorithmsProvider(),
new TestAlgorithmsParametersMarshallingProvider());
XMLSignature xmlSignature = getTestSignature();
keyInfoBuilder.buildKeyInfo(testCertificate, xmlSignature);
SignedInfo signedInfo = xmlSignature.getSignedInfo();
Assert.assertEquals(1, signedInfo.getLength());
Node refNode = signedInfo.item(0).getContentsBeforeTransformation().getSubNode();
Assert.assertSame(xmlSignature.getKeyInfo().getElement(), refNode);
Assert.assertEquals(1, xmlSignature.getKeyInfo().lengthX509Data());
}
private XMLSignature getTestSignature() throws Exception
{
Document doc = getNewDocument();
XMLSignature xmlSignature = new XMLSignature(doc, "", XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256);
xmlSignature.setId("sigId");
doc.appendChild(xmlSignature.getElement());
return xmlSignature;
}
}