ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1202218 - in /webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security: message/WSSecEncrypt.java util/WSSecurityUtil.java
Date Tue, 15 Nov 2011 14:50:26 GMT
Author: coheigea
Date: Tue Nov 15 14:50:25 2011
New Revision: 1202218

URL: http://svn.apache.org/viewvc?rev=1202218&view=rev
Log:
Adding in a key length check to WSSecurityUtil.prepareSecretKey()

Modified:
    webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/message/WSSecEncrypt.java
    webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/util/WSSecurityUtil.java

Modified: webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/message/WSSecEncrypt.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/message/WSSecEncrypt.java?rev=1202218&r1=1202217&r2=1202218&view=diff
==============================================================================
--- webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/message/WSSecEncrypt.java
(original)
+++ webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/message/WSSecEncrypt.java
Tue Nov 15 14:50:25 2011
@@ -161,6 +161,9 @@ public class WSSecEncrypt extends WSSecE
      * @see WSConstants#AES_256
      */
     public void setSymmetricEncAlgorithm(String algo) {
+        if (symEncAlgo != null && !symEncAlgo.equals(algo)) {
+            symmetricKey = null;
+        }
         symEncAlgo = algo;
     }
 

Modified: webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/util/WSSecurityUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/util/WSSecurityUtil.java?rev=1202218&r1=1202217&r2=1202218&view=diff
==============================================================================
--- webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/util/WSSecurityUtil.java
(original)
+++ webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/util/WSSecurityUtil.java
Tue Nov 15 14:50:25 2011
@@ -741,10 +741,31 @@ public class WSSecurityUtil {
         return doc.createTextNode(Base64.encode(data));
     }
 
+    /**
+     * Convert the raw key bytes into a SecretKey object of type symEncAlgo.
+     */
     public static SecretKey prepareSecretKey(String symEncAlgo, byte[] rawKey) {
-        SecretKeySpec keySpec = 
-            new SecretKeySpec(rawKey, JCEMapper.getJCEKeyAlgorithmFromURI(symEncAlgo));
-        return (SecretKey) keySpec;
+        // Do an additional check on the keysize required by the encryption algorithm
+        int size = 0;
+        try {
+            size = JCEMapper.getKeyLengthFromURI(symEncAlgo) / 8;
+        } catch (Exception e) {
+            // ignore - some unknown (to JCEMapper) encryption algorithm
+            if (log.isDebugEnabled()) {
+                log.debug(e.getMessage());
+            }
+        }
+        String keyAlgorithm = JCEMapper.getJCEKeyAlgorithmFromURI(symEncAlgo);
+        SecretKeySpec keySpec;
+        if (size > 0) {
+            keySpec = 
+                new SecretKeySpec(
+                    rawKey, 0, ((rawKey.length > size) ? size : rawKey.length), keyAlgorithm
+                );
+        } else {
+            keySpec = new SecretKeySpec(rawKey, keyAlgorithm);
+        }
+        return (SecretKey)keySpec;
     }
 
     public static SOAPConstants getSOAPConstants(Element startElement) {



Mime
View raw message