luisgoncalves#255 Add test for signature generation using an EC key

CodericBrainstorm · May 14, 2021 · 3e93812 · 3e93812
1 parent 4f29502
commit 3e93812
Show file tree

Hide file tree

Showing 7 changed files with 50 additions and 9 deletions.
diff --git a/src/main/java/xades4j/providers/impl/DefaultAlgorithmsProviderEx.java b/src/main/java/xades4j/providers/impl/DefaultAlgorithmsProviderEx.java
@@ -30,7 +30,7 @@
  * The default implementation of {@link AlgorithmsProviderEx}. The defaults
  * are:
  * <ul>
- *  <li>Signature: RSA(RSA_SHA256), DSA(DSA_SHA1)</li>
+ *  <li>Signature: RSA(RSA_SHA256), DSA(DSA_SHA1), EC(ECDSA_SHA256)</li>
  *  <li>Canonicalization: Canonical XML 1.0 without comments</li>
  *  <li>Digest: SHA256 (data objs and refs properties); SHA1 (time-stamps)</li>
  * </ul>
@@ -45,6 +45,7 @@ public class DefaultAlgorithmsProviderEx implements AlgorithmsProviderEx
         signatureAlgsMaps = new HashMap<String, Algorithm>(2);
         signatureAlgsMaps.put("DSA", new GenericAlgorithm(XMLSignature.ALGO_ID_SIGNATURE_DSA));
         signatureAlgsMaps.put("RSA", new GenericAlgorithm(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256));
+        signatureAlgsMaps.put("EC", new GenericAlgorithm(XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256));
     }
 
     @Override

diff --git a/src/test/cert/my/lg_ec.crt b/src/test/cert/my/lg_ec.crt
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBdTCCARoCCQDZdSkJqTVxEzAKBggqhkjOPQQDAjBCMQswCQYDVQQGEwJQVDEN
+MAsGA1UECgwESVNFTDELMAkGA1UECwwCQ0MxFzAVBgNVBAMMDkx1aXMgR29uY2Fs
+dmVzMB4XDTIxMDUxNDE1MTUzMloXDTMxMDUxMjE1MTUzMlowQjELMAkGA1UEBhMC
+UFQxDTALBgNVBAoMBElTRUwxCzAJBgNVBAsMAkNDMRcwFQYDVQQDDA5MdWlzIEdv
+bmNhbHZlczBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMdzIzhT0M/zdnfNwbT8
+t/y384gPHj4+RYcY68j7ZZx/ikDOxSmXq+1Q3KDPIg9mQHWBgCVKBLDi5yLUmxMq
+YzAwCgYIKoZIzj0EAwIDSQAwRgIhANGvZirAXt1hQdxlBSopulrVpPSTWdTD96Wx
+kxjQ4hydAiEA8JEDiAttxD9pWZ92DtibnZm6+ejfKbcBNYo+eaYEnQE=
+-----END CERTIFICATE-----
diff --git a/src/test/cert/my/lg_ec.key b/src/test/cert/my/lg_ec.key
@@ -0,0 +1,8 @@
+-----BEGIN EC PARAMETERS-----
+BggqhkjOPQMBBw==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIG/xORqbg0NSH8GidETqpB3AFKpU7j9q/y0Uhy/EaDOvoAoGCCqGSM49
+AwEHoUQDQgAEx3MjOFPQz/N2d83BtPy3/LfziA8ePj5FhxjryPtlnH+KQM7FKZer
+7VDcoM8iD2ZAdYGAJUoEsOLnItSbEypjMA==
+-----END EC PRIVATE KEY-----
diff --git a/src/test/cert/my/lg_ec.p12 b/src/test/cert/my/lg_ec.p12
diff --git a/src/test/cert/my/readme.txt b/src/test/cert/my/readme.txt
@@ -21,6 +21,9 @@ makecert -sv Interm.pvk -cy authority -iv TestCA.pvk -ic TestCA.cer -n "CN=Iterm
 makecert -sv LG.pvk -iv Interm.pvk -ic Interm.cer -n "CN=Luis Goncalves, OU=CC, O=ISEL, C=PT" -a sha1 LG.cer
 pvk2pfx.exe -pvk LG.pvk -pi mykeypass -spc LG.cer -pfx LG.pfx
 
+openssl ecparam -out lg_ec.key -name prime256v1 -genkey
+openssl req -new -x509 -key lg_ec.key -out lg_ec.crt -days 3650
+openssl pkcs12 -export -in lg_ec.crt -inkey lg_ec.key -out lg_ec.p12 -name lg_ec
 
 =========== Creation of trust-anchors keystore ===========
 

diff --git a/src/test/java/xades4j/production/SignerBESTest.java b/src/test/java/xades4j/production/SignerBESTest.java
@@ -16,24 +16,25 @@
  */
 package xades4j.production;
 
-import java.io.File;
-import xades4j.algorithms.EnvelopedSignatureTransform;
-import xades4j.properties.DataObjectDesc;
-import xades4j.properties.AllDataObjsCommitmentTypeProperty;
-import xades4j.properties.CommitmentTypeProperty;
-import xades4j.properties.IndividualDataObjsTimeStampProperty;
-import xades4j.properties.DataObjectFormatProperty;
 import org.junit.Test;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
+import xades4j.algorithms.EnvelopedSignatureTransform;
 import xades4j.algorithms.XPath2FilterTransform.XPath2Filter;
 import xades4j.algorithms.XPathTransform;
+import xades4j.properties.AllDataObjsCommitmentTypeProperty;
+import xades4j.properties.CommitmentTypeProperty;
 import xades4j.properties.CounterSignatureProperty;
+import xades4j.properties.DataObjectDesc;
+import xades4j.properties.DataObjectFormatProperty;
+import xades4j.properties.IndividualDataObjsTimeStampProperty;
 import xades4j.properties.SignerRoleProperty;
 import xades4j.providers.SignaturePropertiesCollector;
 import xades4j.providers.SignaturePropertiesProvider;
 
+import java.io.File;
+
 /**
  *
  * @author Luís
@@ -67,6 +68,22 @@ public void testSignBES() throws Exception
         outputDocument(doc1, "document.signed.bes.xml");
     }
 
+    @Test
+    public void testSignBESWithEllipticCurveKey() throws Exception
+    {
+        System.out.println("testSignBESWithEllipticCurveKey");
+
+        Document doc = getTestDocument();
+        Element elemToSign = doc.getDocumentElement();
+
+        XadesSigner signer = new XadesBesSigningProfile(keyingProviderMyEc)
+                .withBasicSignatureOptions(new BasicSignatureOptions().includePublicKey(true))
+                .newSigner();
+        new Enveloped(signer).sign(elemToSign);
+
+        outputDocument(doc, "document.signed.bes.ec.xml");
+    }
+
     @Test
     public void testSignBESExternalRes() throws Exception
     {

diff --git a/src/test/java/xades4j/production/SignerTestBase.java b/src/test/java/xades4j/production/SignerTestBase.java
@@ -35,6 +35,7 @@ public class SignerTestBase extends SignatureServicesTestBase
 {
     /**/
     static protected KeyingDataProvider keyingProviderMy;
+    static protected KeyingDataProvider keyingProviderMyEc;
     static protected KeyingDataProvider keyingProviderNist;
 
     static protected String PTCC_PKCS11_LIB_PATH = "C:\\Windows\\System32\\pteidpkcs11.dll";
@@ -44,10 +45,11 @@ public class SignerTestBase extends SignatureServicesTestBase
         try
         {
             keyingProviderMy = createFileSystemKeyingDataProvider("JKS", "my/LG.jks", "mykeypass", true);
+            keyingProviderMyEc = createFileSystemKeyingDataProvider("PKCS12", "my/lg_ec.p12", "mykeypass", true);
             keyingProviderNist = createFileSystemKeyingDataProvider("JKS", "csrc.nist/test4.jks", "password", false);
         } catch (KeyStoreException e)
         {
-            throw new NullPointerException("SignerTestBase init failed: " + e.getMessage());
+            throw new IllegalStateException("SignerTestBase init failed: " + e.getMessage());
         }
     }