diff --git a/ballerina/modules/wssec/tests/test_utils.bal b/ballerina/modules/wssec/tests/test_utils.bal index 9724223..cc39826 100644 --- a/ballerina/modules/wssec/tests/test_utils.bal +++ b/ballerina/modules/wssec/tests/test_utils.bal @@ -14,6 +14,7 @@ // specific language governing permissions and limitations // under the License. import ballerina/test; +import ballerina/crypto; const USERNAME = "username"; const PASSWORD = "password"; @@ -29,6 +30,29 @@ const X509_PUBLIC_CERT_PATH_2 = "modules/wssec/tests/resources/x509_certificate_ const X509_KEY_STORE_PATH = "modules/wssec/tests/resources/x509_certificate.p12"; const X509_KEY_STORE_PATH_2 = "modules/wssec/tests/resources/x509_certificate_2.p12"; +const crypto:KeyStore clientKeyStore = { + path: X509_KEY_STORE_PATH_2, + password: KEY_PASSWORD +}; +crypto:PrivateKey clientPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(clientKeyStore, KEY_ALIAS, + KEY_PASSWORD); +crypto:PublicKey clientPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(clientKeyStore, KEY_ALIAS); + +const crypto:KeyStore serverKeyStore = { + path: X509_KEY_STORE_PATH, + password: KEY_PASSWORD +}; +crypto:PrivateKey serverPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(serverKeyStore, KEY_ALIAS, + KEY_PASSWORD); +crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); + +crypto:KeyStore keyStore = { + path: KEY_STORE_PATH, + password: KEY_PASSWORD +}; +crypto:PrivateKey symmetricKey = check crypto:decodeRsaPrivateKeyFromKeyStore(keyStore, KEY_ALIAS, KEY_PASSWORD); +crypto:PublicKey publicKey = check crypto:decodeRsaPublicKeyFromTrustStore(keyStore, KEY_ALIAS); + function assertTimestampToken(string envelopeString) { string:RegExp ts_token = re ``; string:RegExp created = re `.*`; diff --git a/ballerina/modules/wssec/tests/ws_security_tests.bal b/ballerina/modules/wssec/tests/ws_security_tests.bal index a5a47d5..2d1559a 100644 --- a/ballerina/modules/wssec/tests/ws_security_tests.bal +++ b/ballerina/modules/wssec/tests/ws_security_tests.bal @@ -204,19 +204,6 @@ function testSymmetricBindingPolicyWithSignatureOnly() returns error? { `; xmlns "http://schemas.xmlsoap.org/soap/envelope/" as soap; - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore keyStore = { - path: KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PrivateKey symmetricKey = check crypto:decodeRsaPrivateKeyFromKeyStore(keyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey publicKey = check crypto:decodeRsaPublicKeyFromTrustStore(keyStore, KEY_ALIAS); - SymmetricBindingConfig symmetricBinding = { signatureAlgorithm: RSA_SHA256, symmetricKey: symmetricKey, @@ -227,7 +214,8 @@ function testSymmetricBindingPolicyWithSignatureOnly() returns error? { string envelopeString = securedEnvelope.toString(); byte[] signedData = check getSignatureData(securedEnvelope); - boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), signedData, publicKey); + boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), + signedData, publicKey); test:assertTrue(validity); assertEncryptedSymmetricKey(envelopeString); @@ -244,19 +232,6 @@ function testSymmetricBindingPolicyEncryptionOnly() returns error? { `; xmlns "http://schemas.xmlsoap.org/soap/envelope/" as soap; - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore keyStore = { - path: KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PrivateKey symmetricKey = check crypto:decodeRsaPrivateKeyFromKeyStore(keyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey publicKey = check crypto:decodeRsaPublicKeyFromTrustStore(keyStore, KEY_ALIAS); - SymmetricBindingConfig symmetricBinding = { encryptionAlgorithm: RSA_ECB, symmetricKey: symmetricKey, @@ -284,19 +259,6 @@ function testSymmetricBindingWithSignatureAndEncryption() returns error? { `; xmlns "http://schemas.xmlsoap.org/soap/envelope/" as soap; - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore keyStore = { - path: KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PrivateKey symmetricKey = check crypto:decodeRsaPrivateKeyFromKeyStore(keyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey publicKey = check crypto:decodeRsaPublicKeyFromTrustStore(keyStore, KEY_ALIAS); - SymmetricBindingConfig symmetricBinding = { signatureAlgorithm: RSA_SHA256, encryptionAlgorithm: RSA_ECB, @@ -308,7 +270,8 @@ function testSymmetricBindingWithSignatureAndEncryption() returns error? { byte[] signedData = check getSignatureData(securedEnvelope); - boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), signedData, publicKey); + boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), + signedData, publicKey); test:assertTrue(validity); byte[] encData = check getEncryptedData(securedEnvelope); @@ -330,19 +293,6 @@ function testSymmetricBindingPolicyWithX509SignatureAndEncryption() returns erro `; xmlns "http://schemas.xmlsoap.org/soap/envelope/" as soap; - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore keyStore = { - path: KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PrivateKey symmetricKey = check crypto:decodeRsaPrivateKeyFromKeyStore(keyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey publicKey = check crypto:decodeRsaPublicKeyFromTrustStore(keyStore, KEY_ALIAS); - SymmetricBindingConfig symmetricBinding = { signatureAlgorithm: RSA_SHA256, encryptionAlgorithm: RSA_ECB, @@ -356,7 +306,8 @@ function testSymmetricBindingPolicyWithX509SignatureAndEncryption() returns erro byte[] signedData = check getSignatureData(securedEnvelope); - boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), signedData, publicKey); + boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), + signedData, publicKey); test:assertTrue(validity); byte[] encData = check getEncryptedData(securedEnvelope); @@ -386,19 +337,6 @@ function testUsernameTokenWithSymmetricBinding() returns error? { envelope = check applyUsernameToken(envelope, utRecord); - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore keyStore = { - path: KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PrivateKey symmetricKey = check crypto:decodeRsaPrivateKeyFromKeyStore(keyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey publicKey = check crypto:decodeRsaPublicKeyFromTrustStore(keyStore, KEY_ALIAS); - SymmetricBindingConfig symmetricBinding = { signatureAlgorithm: RSA_SHA256, encryptionAlgorithm: RSA_ECB, @@ -410,7 +348,8 @@ function testUsernameTokenWithSymmetricBinding() returns error? { byte[] signedData = check getSignatureData(securedEnvelope); - boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), signedData, publicKey); + boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), + signedData, publicKey); test:assertTrue(validity); byte[] encData = check getEncryptedData(securedEnvelope); @@ -467,7 +406,8 @@ function testUsernameTokenTimestampWithSymmetricBindingAndX509Token() returns er string envelopeString = securedEnvelope.toString(); byte[] signedData = check getSignatureData(securedEnvelope); - boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), signedData, publicKey); + boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), + signedData, publicKey); test:assertTrue(validity); byte[] encData = check getEncryptedData(securedEnvelope); @@ -531,7 +471,8 @@ function testSymmetricBindingWithOutboundConfig() returns error? { } byte[] signedData = check getSignatureData(securedEnvelope); - boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), signedData, publicKey); + boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), + signedData, publicKey); test:assertTrue(validity); } @@ -545,19 +486,6 @@ function testAsymmetricBindingWithSignatureRsaSha256() returns error? { `; xmlns "http://schemas.xmlsoap.org/soap/envelope/" as soap; - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore clientKeyStore = { - path: X509_KEY_STORE_PATH_2, - password: KEY_PASSWORD - }; - crypto:PrivateKey clientPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(clientKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey clientPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(clientKeyStore, KEY_ALIAS); - AsymmetricBindingConfig asymmetricBinding = { signatureAlgorithm: RSA_SHA256, signatureKey: clientPrivateKey, @@ -566,7 +494,8 @@ function testAsymmetricBindingWithSignatureRsaSha256() returns error? { xml securedEnvelope = check applyAsymmetricBinding(envelope, asymmetricBinding); string envelopeString = securedEnvelope.toString(); byte[] signedData = check getSignatureData(securedEnvelope); - Error? validity = check verifyData((envelope//*).toString().toBytes(), signedData, clientPublicKey, RSA_SHA256); + Error? validity = check verifyData((envelope//*).toString().toBytes(), signedData, + clientPublicKey, RSA_SHA256); test:assertTrue(validity is ()); assertSignatureWithoutX509(envelopeString); @@ -582,19 +511,6 @@ function testAsymmetricBindingWithX509Signature() returns error? { `; xmlns "http://schemas.xmlsoap.org/soap/envelope/" as soap; - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore clientKeyStore = { - path: X509_KEY_STORE_PATH_2, - password: KEY_PASSWORD - }; - crypto:PrivateKey clientPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(clientKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey clientPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(clientKeyStore, KEY_ALIAS); - AsymmetricBindingConfig asymmetricBinding = { signatureAlgorithm: RSA_SHA256, signatureKey: clientPrivateKey, @@ -605,7 +521,8 @@ function testAsymmetricBindingWithX509Signature() returns error? { string envelopeString = securedEnvelope.toString(); byte[] signedData = check getSignatureData(securedEnvelope); - boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), signedData, clientPublicKey); + boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), + signedData, clientPublicKey); test:assertTrue(validity); assertSignatureWithX509(envelopeString); @@ -621,19 +538,6 @@ function testAsymmetricBindingWithEncryption() returns error? { `; xmlns "http://schemas.xmlsoap.org/soap/envelope/" as soap; - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PrivateKey serverPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(serverKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore clientKeyStore = { - path: X509_KEY_STORE_PATH_2, - password: KEY_PASSWORD - }; - crypto:PrivateKey clientPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(clientKeyStore, KEY_ALIAS, KEY_PASSWORD); - AsymmetricBindingConfig asymmetricBinding = { encryptionAlgorithm: RSA_ECB, signatureKey: clientPrivateKey, @@ -659,20 +563,6 @@ function testAsymmetricBindingWithSignatureAndEncryption() returns error? { `; xmlns "http://schemas.xmlsoap.org/soap/envelope/" as soap; - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PrivateKey serverPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(serverKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore clientKeyStore = { - path: X509_KEY_STORE_PATH_2, - password: KEY_PASSWORD - }; - crypto:PrivateKey clientPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(clientKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey clientPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(clientKeyStore, KEY_ALIAS); - AsymmetricBindingConfig asymmetricBinding = { signatureAlgorithm: RSA_SHA256, encryptionAlgorithm: RSA_ECB, @@ -684,7 +574,8 @@ function testAsymmetricBindingWithSignatureAndEncryption() returns error? { string envelopeString = securedEnvelope.toString(); byte[] signedData = check getSignatureData(securedEnvelope); - boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), signedData, clientPublicKey); + boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), + signedData, clientPublicKey); test:assertTrue(validity); byte[] encData = check getEncryptedData(securedEnvelope); @@ -705,20 +596,6 @@ function testAsymmetricBindingWithX509SignatureAndEncryption() returns error? { `; xmlns "http://schemas.xmlsoap.org/soap/envelope/" as soap; - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PrivateKey serverPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(serverKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore clientKeyStore = { - path: X509_KEY_STORE_PATH_2, - password: KEY_PASSWORD - }; - crypto:PrivateKey clientPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(clientKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey clientPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(clientKeyStore, KEY_ALIAS); - AsymmetricBindingConfig asymmetricBinding = { signatureAlgorithm: RSA_SHA256, encryptionAlgorithm: RSA_ECB, @@ -730,7 +607,8 @@ function testAsymmetricBindingWithX509SignatureAndEncryption() returns error? { string envelopeString = securedEnvelope.toString(); byte[] signedData = check getSignatureData(securedEnvelope); - boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), signedData, clientPublicKey); + boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), + signedData, clientPublicKey); test:assertTrue(validity); byte[] encData = check getEncryptedData(securedEnvelope); @@ -758,20 +636,6 @@ function testUsernameTokenWithAsymmetricBindingAndX509() returns error? { }; envelope = check applyUsernameToken(envelope, utRecord); - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PrivateKey serverPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(serverKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore clientKeyStore = { - path: X509_KEY_STORE_PATH_2, - password: KEY_PASSWORD - }; - crypto:PrivateKey clientPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(clientKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey clientPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(clientKeyStore, KEY_ALIAS); - AsymmetricBindingConfig asymmetricBinding = { signatureAlgorithm: RSA_SHA256, encryptionAlgorithm: RSA_ECB, @@ -783,7 +647,8 @@ function testUsernameTokenWithAsymmetricBindingAndX509() returns error? { string envelopeString = securedEnvelope.toString(); byte[] signedData = check getSignatureData(securedEnvelope); - boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), signedData, clientPublicKey); + boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), + signedData, clientPublicKey); test:assertTrue(validity); byte[] encData = check getEncryptedData(securedEnvelope); @@ -813,20 +678,6 @@ function testUsernameTokenTimestampWithAsymmetricBindingAndX509() returns error? envelope = check applyUsernameToken(envelope, utRecord); envelope = check applyTimestampToken(envelope = envelope, timeToLive = 600); - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PrivateKey serverPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(serverKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore clientKeyStore = { - path: X509_KEY_STORE_PATH_2, - password: KEY_PASSWORD - }; - crypto:PrivateKey clientPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(clientKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey clientPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(clientKeyStore, KEY_ALIAS); - AsymmetricBindingConfig asymmetricBinding = { signatureAlgorithm: RSA_SHA256, encryptionAlgorithm: RSA_ECB, @@ -838,7 +689,8 @@ function testUsernameTokenTimestampWithAsymmetricBindingAndX509() returns error? string envelopeString = securedEnvelope.toString(); byte[] signedData = check getSignatureData(securedEnvelope); - boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), signedData, clientPublicKey); + boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), + signedData, clientPublicKey); test:assertTrue(validity); byte[] encData = check getEncryptedData(securedEnvelope); @@ -862,20 +714,6 @@ function testAsymmetricBindingWithOutboundConfig() returns error? { `; xmlns "http://schemas.xmlsoap.org/soap/envelope/" as soap; - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PrivateKey serverPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(serverKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore clientKeyStore = { - path: X509_KEY_STORE_PATH_2, - password: KEY_PASSWORD - }; - crypto:PrivateKey clientPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(clientKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey clientPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(clientKeyStore, KEY_ALIAS); - AsymmetricBindingConfig asymmetricBinding = { signatureAlgorithm: RSA_SHA256, encryptionAlgorithm: RSA_ECB, @@ -901,7 +739,8 @@ function testAsymmetricBindingWithOutboundConfig() returns error? { securedEnvelope = check xml:fromString(envelopeString); } byte[] signedData = check getSignatureData(securedEnvelope); - boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), signedData, clientPublicKey); + boolean validity = check crypto:verifyRsaSha256Signature((envelope//*).toString().toBytes(), + signedData, clientPublicKey); test:assertTrue(validity); } @@ -915,19 +754,6 @@ function testAsymmetricBindingWithSignatureWithRsaSha1() returns error? { `; xmlns "http://schemas.xmlsoap.org/soap/envelope/" as soap; - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore clientKeyStore = { - path: X509_KEY_STORE_PATH_2, - password: KEY_PASSWORD - }; - crypto:PrivateKey clientPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(clientKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey clientPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(clientKeyStore, KEY_ALIAS); - AsymmetricBindingConfig asymmetricBinding = { signatureAlgorithm: RSA_SHA1, signatureKey: clientPrivateKey, @@ -936,7 +762,8 @@ function testAsymmetricBindingWithSignatureWithRsaSha1() returns error? { xml securedEnvelope = check applyAsymmetricBinding(envelope, asymmetricBinding); string envelopeString = securedEnvelope.toString(); byte[] signedData = check getSignatureData(securedEnvelope); - Error? validity = check verifyData((envelope//*).toString().toBytes(), signedData, clientPublicKey, RSA_SHA1); + Error? validity = check verifyData((envelope//*).toString().toBytes(), signedData, + clientPublicKey, RSA_SHA1); test:assertTrue(validity is ()); assertSignatureWithoutX509(envelopeString); @@ -952,19 +779,6 @@ function testAsymmetricBindingWithSignatureWithRsaSha384() returns error? { `; xmlns "http://schemas.xmlsoap.org/soap/envelope/" as soap; - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore clientKeyStore = { - path: X509_KEY_STORE_PATH_2, - password: KEY_PASSWORD - }; - crypto:PrivateKey clientPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(clientKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey clientPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(clientKeyStore, KEY_ALIAS); - AsymmetricBindingConfig asymmetricBinding = { signatureAlgorithm: RSA_SHA384, signatureKey: clientPrivateKey, @@ -973,7 +787,8 @@ function testAsymmetricBindingWithSignatureWithRsaSha384() returns error? { xml securedEnvelope = check applyAsymmetricBinding(envelope, asymmetricBinding); string envelopeString = securedEnvelope.toString(); byte[] signedData = check getSignatureData(securedEnvelope); - Error? validity = check verifyData((envelope//*).toString().toBytes(), signedData, clientPublicKey, RSA_SHA384); + Error? validity = check verifyData((envelope//*).toString().toBytes(), signedData, + clientPublicKey, RSA_SHA384); test:assertTrue(validity is ()); assertSignatureWithoutX509(envelopeString); @@ -989,19 +804,6 @@ function testAsymmetricBindingWithSignatureWithRsaSha512() returns error? { `; xmlns "http://schemas.xmlsoap.org/soap/envelope/" as soap; - crypto:KeyStore serverKeyStore = { - path: X509_KEY_STORE_PATH, - password: KEY_PASSWORD - }; - crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS); - - crypto:KeyStore clientKeyStore = { - path: X509_KEY_STORE_PATH_2, - password: KEY_PASSWORD - }; - crypto:PrivateKey clientPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(clientKeyStore, KEY_ALIAS, KEY_PASSWORD); - crypto:PublicKey clientPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(clientKeyStore, KEY_ALIAS); - AsymmetricBindingConfig asymmetricBinding = { signatureAlgorithm: RSA_SHA512, signatureKey: clientPrivateKey, @@ -1010,7 +812,8 @@ function testAsymmetricBindingWithSignatureWithRsaSha512() returns error? { xml securedEnvelope = check applyAsymmetricBinding(envelope, asymmetricBinding); string envelopeString = securedEnvelope.toString(); byte[] signedData = check getSignatureData(securedEnvelope); - Error? validity = check verifyData((envelope//*).toString().toBytes(), signedData, clientPublicKey, RSA_SHA512); + Error? validity = check verifyData((envelope//*).toString().toBytes(), signedData, + clientPublicKey, RSA_SHA512); test:assertTrue(validity is ()); assertSignatureWithoutX509(envelopeString);