Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 18D52200D3A for ; Wed, 15 Nov 2017 18:47:28 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 175EA160BF4; Wed, 15 Nov 2017 17:47:28 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 5D8CF160BE4 for ; Wed, 15 Nov 2017 18:47:27 +0100 (CET) Received: (qmail 602 invoked by uid 500); 15 Nov 2017 17:47:26 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 593 invoked by uid 99); 15 Nov 2017 17:47:26 -0000 Received: from ec2-52-202-80-70.compute-1.amazonaws.com (HELO gitbox.apache.org) (52.202.80.70) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 15 Nov 2017 17:47:26 +0000 Received: by gitbox.apache.org (ASF Mail Server at gitbox.apache.org, from userid 33) id CFDFC81B50; Wed, 15 Nov 2017 17:47:25 +0000 (UTC) Date: Wed, 15 Nov 2017 17:47:25 +0000 To: "commits@cxf.apache.org" Subject: [cxf] branch master updated: Adding some encryption tests for tampering MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Message-ID: <151076804575.7008.8547337371434479594@gitbox.apache.org> From: coheigea@apache.org X-Git-Host: gitbox.apache.org X-Git-Repo: cxf X-Git-Refname: refs/heads/master X-Git-Reftype: branch X-Git-Oldrev: 3ebafed47e8ddb65f19860fc9a5991562c85e949 X-Git-Newrev: ffca1ae7d06ec471e95a65966662a41b05a53709 X-Git-Rev: ffca1ae7d06ec471e95a65966662a41b05a53709 X-Git-NotificationType: ref_changed_plus_diff X-Git-Multimail-Version: 1.5.dev Auto-Submitted: auto-generated archived-at: Wed, 15 Nov 2017 17:47:28 -0000 This is an automated email from the ASF dual-hosted git repository. coheigea pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/cxf.git The following commit(s) were added to refs/heads/master by this push: new ffca1ae Adding some encryption tests for tampering ffca1ae is described below commit ffca1ae7d06ec471e95a65966662a41b05a53709 Author: Colm O hEigeartaigh AuthorDate: Wed Nov 15 17:09:03 2017 +0000 Adding some encryption tests for tampering --- .../security/jose/jwejws/JweJwsAlgorithmTest.java | 54 +++++++++++++++++++++- 1 file changed, 53 insertions(+), 1 deletion(-) diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/JweJwsAlgorithmTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/JweJwsAlgorithmTest.java index 876c784..2ca1dcb 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/JweJwsAlgorithmTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/JweJwsAlgorithmTest.java @@ -67,6 +67,7 @@ public class JweJwsAlgorithmTest extends AbstractBusClientServerTestBase { // // Encryption tests // + @org.junit.Test public void testEncryptionProperties() throws Exception { @@ -260,10 +261,61 @@ public class JweJwsAlgorithmTest extends AbstractBusClientServerTestBase { assertNotEquals(response.getStatus(), 200); } + @org.junit.Test + public void testManualEncryption() throws Exception { + + URL busFile = JweJwsAlgorithmTest.class.getResource("client.xml"); + + List providers = new ArrayList<>(); + providers.add(new JacksonJsonProvider()); + + String address = "http://localhost:" + PORT + "/jweoaepgcm/bookstore/books"; + WebClient client = + WebClient.create(address, providers, busFile.toString()); + client.type("application/json").accept("application/json"); + + Map properties = new HashMap<>(); + properties.put("rs.security.encryption.properties", + "org/apache/cxf/systest/jaxrs/security/bob.jwk.properties"); + WebClient.getConfig(client).getRequestContext().putAll(properties); + + String header = "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkExMjhHQ00iLCJjdHkiOiJqc29uIn0"; + String encryptedKey = "f_Njrwn8fLxvIfftV27lSqEgvyIvkfx5tcI6xJdzXqxSL-Xssaq9TFwbhiJIU6k23i1uLFDd3r7rL" + + "V9THMcAo80C-m_SIbA6X4daeIm7ANmREZ9sw9QkD0URis6MAuZkoYIRB6z9g7TDmPTdrpTUWJbwYaBAe-_VYaoVBwRv_A" + + "ikPdKJEUWSMxouJEq4TZUVveNjI_tflZpudz1mYXKv9Lw_5byYpwgIB9crI9BR0kfCK9x3BXVFMZHJAg0yIuAKDkcs9Ts" + + "TIV0jLXRnb50Uc62OuJ6VFGQw-AL3tNHLRKYXjwDnE492wAZmsaxefql9wbv7b8BLmRUNeKER-26tdA"; + String iv = "rqUxWbEenVnC3QFx"; + String cipherText = "8iE2vM79BkXVJ0afH6fbig5uFpQ71nxc-i2SbokQtZO7"; + String authnTag = "bZk8RwVMZgawyFNSOkMLaw"; + + + // Successful test + Response response = client.post(header + "." + encryptedKey + "." + iv + "." + cipherText + "." + authnTag); + assertEquals(response.getStatus(), 200); + + // Tamper with the values + response = client.post(header + "xyz." + encryptedKey + "." + iv + "." + cipherText + "." + authnTag); + assertNotEquals(response.getStatus(), 200); + + response = client.post(header + "." + encryptedKey + "xyz." + iv + "." + cipherText + "." + authnTag); + assertNotEquals(response.getStatus(), 200); + + response = client.post(header + "." + encryptedKey + "." + iv + "xyz." + cipherText + "." + authnTag); + assertNotEquals(response.getStatus(), 200); + + response = client.post(header + "." + encryptedKey + "." + iv + "." + cipherText + "xyz." + authnTag); + assertNotEquals(response.getStatus(), 200); + + response = client.post(header + "." + encryptedKey + "." + iv + "." + cipherText + "." + authnTag + "xyz"); + assertNotEquals(response.getStatus(), 200); + + response = client.post(header + "." + encryptedKey + "." + iv + "." + cipherText + "."); + assertNotEquals(response.getStatus(), 200); + } + // // Signature tests // - @org.junit.Test public void testSignatureProperties() throws Exception { -- To stop receiving notification emails like this one, please contact ['"commits@cxf.apache.org" '].