public void testDerivedKeyBadUserEncryption() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setUserInfo("alice", "security");
builder.addDerivedKey(false, null, 1000);
builder.prepare(doc);
byte[] derivedKey = builder.getDerivedKey();
assertTrue(derivedKey.length == 20);
String tokenIdentifier = builder.getId();
//
// Derived key encryption
//
WSSecDKEncrypt encrBuilder = new WSSecDKEncrypt();
encrBuilder.setSymmetricEncAlgorithm(WSConstants.AES_128);
encrBuilder.setExternalKey(derivedKey, tokenIdentifier);
Document encryptedDoc = encrBuilder.build(doc, secHeader);
builder.prependToHeader(secHeader);
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc);
assertTrue(outputString.indexOf("wsse:Username") != -1);
assertTrue(outputString.indexOf("wsse:Password") == -1);