org.opensaml.xmlsec.encryption.support

Class SimpleEncryptionTest

java.lang.Object

org.opensaml.core.OpenSAMLInitBaseTestCase

org.opensaml.core.xml.XMLObjectBaseTestCase

org.opensaml.xmlsec.encryption.support.SimpleEncryptionTest

public class SimpleEncryptionTest
extends org.opensaml.core.xml.XMLObjectBaseTestCase

Simple tests for encryption.

Field Summary

Fields

Modifier and Type	Field and Description
private String	algoURI
private DataEncryptionParameters	encParams
private Encrypter	encrypter
private String	expectedKEKKeyNameAES
private String	expectedKEKKeyNameRSA
private String	expectedKeyName
private String	expectedRecipientAES
private String	expectedRecipientRSA
private org.opensaml.xmlsec.signature.KeyInfo	kekKeyInfoAES
private org.opensaml.xmlsec.signature.KeyInfo	kekKeyInfoRSA
private KeyEncryptionParameters	kekParamsAES
private List<KeyEncryptionParameters>	kekParamsList
private KeyEncryptionParameters	kekParamsRSA
private String	kekURIAES
private String	kekURIRSA
private org.opensaml.xmlsec.signature.KeyInfo	keyInfo
private org.opensaml.security.SecurityProviderTestSupport	providerSupport
private String	targetFile

Fields inherited from class org.opensaml.core.xml.XMLObjectBaseTestCase

builderFactory, marshallerFactory, parserPool, simpleXMLObjectQName, unmarshallerFactory

Constructor Summary

Constructors

Constructor and Description
SimpleEncryptionTest() Constructor.

Method Summary

Methods

Modifier and Type	Method and Description
private void	checkKEKAES(org.opensaml.xmlsec.encryption.EncryptedKey encKey, boolean hasKeyInfo) Helper method to test AES KEK.
private void	checkKEKRSA(org.opensaml.xmlsec.encryption.EncryptedKey encKey, boolean hasKeyInfo) Helper method to test RSA KEK.
private String	getDigestMethod(org.opensaml.xmlsec.encryption.EncryptedKey encryptedKey)
private String	getMGF(org.opensaml.xmlsec.encryption.EncryptedKey encryptedKey)
private String	getOAEPParams(org.opensaml.xmlsec.encryption.EncryptedKey encryptedKey)
protected void	setUp()
void	testAutoKeyGen() Test basic encryption with auto-generated symmetric key.
void	testAutoKeyGenNoKEK() Test failure with auto-generated symmetric key and no KEK(s).
void	testEncryptContentMultipleKEK() Test basic encryption with symmetric key, one KEK.
void	testEncryptContentSingleKEK() Test basic content encryption with symmetric key, one KEK.
void	testEncryptContentWithKeyNameNoKEK() Test basic content encryption with symmetric key, no key wrap, set key name in passed KeyInfo object.
void	testEncryptDataBadKEKDSA() Test proper error handling of attempt to encrypt with a DSA key.
void	testEncryptDataMultipleKEK() Test basic data encryption with symmetric key, one KEK.
void	testEncryptDataSingleKEK() Test data basic encryption with symmetric key, one KEK.
void	testEncryptDataWithKeyNameNoKEK() Test data basic encryption with symmetric key, no key wrap, set key name in passed KeyInfo object.
void	testEncryptKeyDigestMethodsRSAOAEP() Test code for the Apache XML-Security issue workaround that requires we expliclty express SHA-1 DigestMethod on EncryptionMethod, only when key transport algorithm is RSA-OAEP.
void	testEncryptKeyDigestMethodsRSAv15() Test code for the Apache XML-Security issue workaround that requires we expliclty express SHA-1 DigestMethod on EncryptionMethod, only when key transport algorithm is RSA-OAEP.
void	testEncryptKeyMultipleKEK() Test basic encryption of a symmetric key into an EncryptedKey, set key encrypting key name in passed KeyInfo object.
void	testEncryptKeySingleKEK() Test basic encryption of a symmetric key into an EncryptedKey, set key encrypting key name in passed KeyInfo object.
void	testRSAOAEPParameters() Test encryption of a symmetric key into an EncryptedKey, using various RSAOAEPParameters options.

Methods inherited from class org.opensaml.core.xml.XMLObjectBaseTestCase

assertXMLEquals, assertXMLEquals, buildXMLObject, fetchDuration, getBuilder, getMarshaller, getMarshaller, getUnmarshaller, getUnmarshaller, getUnmarshaller, initXMLObjectSupport, parseXMLDocument, printXML, printXML, unmarshallElement

Methods inherited from class org.opensaml.core.OpenSAMLInitBaseTestCase

initOpenSAML

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

encrypter

private Encrypter encrypter

encParams

private DataEncryptionParameters encParams

algoURI

private String algoURI

kekParamsList

private List<KeyEncryptionParameters> kekParamsList

kekParamsAES

private KeyEncryptionParameters kekParamsAES

kekURIAES

private String kekURIAES

kekParamsRSA

private KeyEncryptionParameters kekParamsRSA

kekURIRSA

private String kekURIRSA

keyInfo

private org.opensaml.xmlsec.signature.KeyInfo keyInfo

kekKeyInfoAES

private org.opensaml.xmlsec.signature.KeyInfo kekKeyInfoAES

kekKeyInfoRSA

private org.opensaml.xmlsec.signature.KeyInfo kekKeyInfoRSA

expectedKeyName

private String expectedKeyName

expectedKEKKeyNameAES

private String expectedKEKKeyNameAES

expectedKEKKeyNameRSA

private String expectedKEKKeyNameRSA

expectedRecipientRSA

private String expectedRecipientRSA

expectedRecipientAES

private String expectedRecipientAES

targetFile

private String targetFile

providerSupport

private org.opensaml.security.SecurityProviderTestSupport providerSupport

Constructor Detail

SimpleEncryptionTest

public SimpleEncryptionTest()

Constructor.

Method Detail

setUp

protected void setUp()
              throws Exception

Throws:

Exception

testEncryptDataWithKeyNameNoKEK

public void testEncryptDataWithKeyNameNoKEK()

Test data basic encryption with symmetric key, no key wrap, set key name in passed KeyInfo object.

testEncryptDataSingleKEK

public void testEncryptDataSingleKEK()

Test data basic encryption with symmetric key, one KEK.

testEncryptDataMultipleKEK

public void testEncryptDataMultipleKEK()

Test basic data encryption with symmetric key, one KEK.

testEncryptContentWithKeyNameNoKEK

public void testEncryptContentWithKeyNameNoKEK()

Test basic content encryption with symmetric key, no key wrap, set key name in passed KeyInfo object.

testEncryptContentSingleKEK

public void testEncryptContentSingleKEK()

Test basic content encryption with symmetric key, one KEK.

testEncryptContentMultipleKEK

public void testEncryptContentMultipleKEK()

Test basic encryption with symmetric key, one KEK.

testEncryptKeySingleKEK

public void testEncryptKeySingleKEK()
                             throws NoSuchAlgorithmException,
                                    NoSuchProviderException,
                                    net.shibboleth.utilities.java.support.xml.XMLParserException,
                                    KeyException

Test basic encryption of a symmetric key into an EncryptedKey, set key encrypting key name in passed KeyInfo object.

Throws:

NoSuchProviderException - bad JCA provider

NoSuchAlgorithmException - bad JCA algorithm

net.shibboleth.utilities.java.support.xml.XMLParserException - error creating new Document from pool

KeyException

testEncryptKeyMultipleKEK

public void testEncryptKeyMultipleKEK()
                               throws NoSuchAlgorithmException,
                                      NoSuchProviderException,
                                      net.shibboleth.utilities.java.support.xml.XMLParserException,
                                      KeyException

Test basic encryption of a symmetric key into an EncryptedKey, set key encrypting key name in passed KeyInfo object.

Throws:

NoSuchProviderException - bad JCA provider

NoSuchAlgorithmException - bad JCA algorithm

net.shibboleth.utilities.java.support.xml.XMLParserException - error creating new Document from pool

KeyException

testAutoKeyGen

public void testAutoKeyGen()

Test basic encryption with auto-generated symmetric key.

Throws:

NoSuchProviderException

NoSuchAlgorithmException

testAutoKeyGenNoKEK

public void testAutoKeyGenNoKEK()

Test failure with auto-generated symmetric key and no KEK(s).

Throws:

NoSuchProviderException

NoSuchAlgorithmException

testEncryptKeyDigestMethodsRSAOAEP

public void testEncryptKeyDigestMethodsRSAOAEP()
                                        throws NoSuchAlgorithmException,
                                               NoSuchProviderException,
                                               net.shibboleth.utilities.java.support.xml.XMLParserException,
                                               KeyException

Test code for the Apache XML-Security issue workaround that requires we expliclty express SHA-1 DigestMethod on EncryptionMethod, only when key transport algorithm is RSA-OAEP.

Throws:

NoSuchProviderException - bad JCA provider

NoSuchAlgorithmException - bad JCA algorithm

net.shibboleth.utilities.java.support.xml.XMLParserException - error creating new Document from pool

KeyException

testEncryptKeyDigestMethodsRSAv15

public void testEncryptKeyDigestMethodsRSAv15()
                                       throws NoSuchAlgorithmException,
                                              NoSuchProviderException,
                                              net.shibboleth.utilities.java.support.xml.XMLParserException,
                                              KeyException

Test code for the Apache XML-Security issue workaround that requires we expliclty express SHA-1 DigestMethod on EncryptionMethod, only when key transport algorithm is RSA-OAEP.

Throws:

NoSuchProviderException - bad JCA provider

NoSuchAlgorithmException - bad JCA algorithm

net.shibboleth.utilities.java.support.xml.XMLParserException - error creating new Document from pool

KeyException

testEncryptDataBadKEKDSA

public void testEncryptDataBadKEKDSA()
                              throws NoSuchAlgorithmException,
                                     NoSuchProviderException

Test proper error handling of attempt to encrypt with a DSA key.

Throws:

NoSuchProviderException

NoSuchAlgorithmException

testRSAOAEPParameters

public void testRSAOAEPParameters()
                           throws NoSuchAlgorithmException,
                                  NoSuchProviderException,
                                  net.shibboleth.utilities.java.support.xml.XMLParserException,
                                  KeyException,
                                  EncryptionException

Test encryption of a symmetric key into an EncryptedKey, using various RSAOAEPParameters options.

Throws:

NoSuchProviderException - bad JCA provider

NoSuchAlgorithmException - bad JCA algorithm

net.shibboleth.utilities.java.support.xml.XMLParserException - error creating new Document from pool

KeyException

EncryptionException

checkKEKAES

private void checkKEKAES(org.opensaml.xmlsec.encryption.EncryptedKey encKey,
               boolean hasKeyInfo)

Helper method to test AES KEK.

Parameters:

encKey - EncryptedKey to test

hasKeyInfo - flag indicating expectation of KeyInfo presence

checkKEKRSA

private void checkKEKRSA(org.opensaml.xmlsec.encryption.EncryptedKey encKey,
               boolean hasKeyInfo)

Helper method to test RSA KEK.

Parameters:

encKey - EncryptedKey to test

hasKeyInfo - flag indicating expectation of KeyInfo presence

getDigestMethod

private String getDigestMethod(org.opensaml.xmlsec.encryption.EncryptedKey encryptedKey)

getMGF

private String getMGF(org.opensaml.xmlsec.encryption.EncryptedKey encryptedKey)

getOAEPParams

private String getOAEPParams(org.opensaml.xmlsec.encryption.EncryptedKey encryptedKey)