ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1153794 - in /webservices/wss4j/trunk/src/main/java/org/apache/ws/security: components/crypto/Merlin.java saml/WSSecSignatureSAML.java
Date Thu, 04 Aug 2011 09:03:22 GMT
Author: coheigea
Date: Thu Aug  4 09:03:21 2011
New Revision: 1153794

URL: http://svn.apache.org/viewvc?rev=1153794&view=rev
Log:
[WSS-303] - Support SKI_KEY_IDENTIFIER, THUMBPRINT_IDENTIFIER, ISSUER_SERIAL when signing
"sender vouches" assertions
 - Patch applied, thanks.

Modified:
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/components/crypto/Merlin.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/WSSecSignatureSAML.java

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/components/crypto/Merlin.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/components/crypto/Merlin.java?rev=1153794&r1=1153793&r2=1153794&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/components/crypto/Merlin.java
(original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/components/crypto/Merlin.java
Thu Aug  4 09:03:21 2011
@@ -964,10 +964,6 @@ public class Merlin extends CryptoBase {
     private X509Certificate[] getX509Certificates(byte[] thumbprint) throws WSSecurityException
{
         MessageDigest sha = null;
         
-        if (keystore == null) {
-            return null;
-        }
-
         try {
             sha = MessageDigest.getInstance("SHA1");
         } catch (NoSuchAlgorithmException e) {

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/WSSecSignatureSAML.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/WSSecSignatureSAML.java?rev=1153794&r1=1153793&r2=1153794&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/WSSecSignatureSAML.java
(original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/WSSecSignatureSAML.java
Thu Aug  4 09:03:21 2011
@@ -29,6 +29,8 @@ import org.apache.ws.security.components
 import org.apache.ws.security.handler.RequestData;
 import org.apache.ws.security.message.WSSecHeader;
 import org.apache.ws.security.message.WSSecSignature;
+import org.apache.ws.security.message.token.DOMX509Data;
+import org.apache.ws.security.message.token.DOMX509IssuerSerial;
 import org.apache.ws.security.message.token.Reference;
 import org.apache.ws.security.message.token.SecurityTokenReference;
 import org.apache.ws.security.message.token.X509Security;
@@ -395,9 +397,28 @@ public class WSSecSignatureSAML extends 
             case WSConstants.X509_KEY_IDENTIFIER :
                 secRef.setKeyIdentifier(certs[0]);
                 break;
+                
+            case WSConstants.SKI_KEY_IDENTIFIER:
+                secRef.setKeyIdentifierSKI(certs[0], iCrypto != null ? iCrypto : uCrypto);
+                break;
+
+            case WSConstants.THUMBPRINT_IDENTIFIER:
+                secRef.setKeyIdentifierThumb(certs[0]);
+                break;
+
+            case WSConstants.ISSUER_SERIAL:
+                final String issuer = certs[0].getIssuerDN().getName();
+                final java.math.BigInteger serialNumber = certs[0].getSerialNumber();
+                final DOMX509IssuerSerial domIssuerSerial =
+                        new DOMX509IssuerSerial(document, issuer, serialNumber);
+                final DOMX509Data domX509Data = new DOMX509Data(document, domIssuerSerial);
+                secRef.setX509Data(domX509Data);
+                break;
 
             default:
-                throw new WSSecurityException(WSSecurityException.FAILURE, "unsupportedKeyId");
+                throw new WSSecurityException(
+                    WSSecurityException.FAILURE, "unsupportedKeyId", new Object[]{}
+                );
             }
         } else if (useDirectReferenceToAssertion) {
             Reference ref = new Reference(doc);



Mime
View raw message