ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1295267 [10/11] - in /webservices/wss4j/branches/swssf: rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/ streaming-ws-policy/src/main/java/org/swssf/policy/ streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/ ...
Date Wed, 29 Feb 2012 20:54:56 GMT
Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/CryptoBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/CryptoBase.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/CryptoBase.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/CryptoBase.java Wed Feb 29 20:54:51 2012
@@ -19,24 +19,16 @@
 
 package org.swssf.xmlsec.crypto;
 
+import org.swssf.xmlsec.ext.XMLSecurityException;
+
+import javax.security.auth.x500.X500Principal;
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
 import java.lang.reflect.Constructor;
 import java.security.MessageDigest;
 import java.security.NoSuchProviderException;
-import java.security.cert.CertPath;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import javax.security.auth.x500.X500Principal;
-
-import org.swssf.xmlsec.ext.XMLSecurityException;
+import java.security.cert.*;
+import java.util.*;
 
 /**
  * This Abstract Base Class implements the accessor and keystore-independent methods and
@@ -46,56 +38,58 @@ public abstract class CryptoBase impleme
     public static final String SKI_OID = "2.5.29.14";
     /**
      * OID For the NameConstraints Extension to X.509
-     *
+     * <p/>
      * http://java.sun.com/j2se/1.4.2/docs/api/
      * http://www.ietf.org/rfc/rfc3280.txt (s. 4.2.1.11)
      */
     public static final String NAME_CONSTRAINTS_OID = "2.5.29.30";
-    
+
     private static final Constructor<?> BC_509CLASS_CONS;
 
-    protected Map<String, CertificateFactory> certFactMap = 
-        new HashMap<String, CertificateFactory>();
+    protected Map<String, CertificateFactory> certFactMap =
+            new HashMap<String, CertificateFactory>();
     protected String defaultAlias = null;
     protected String cryptoProvider = null;
-    
+
     static {
         Constructor<?> cons = null;
         try {
             Class<?> c = Class.forName("org.bouncycastle.asn1.x509.X509Name");
-            cons = c.getConstructor(new Class[] {String.class});
+            cons = c.getConstructor(new Class[]{String.class});
         } catch (Exception e) {
             //ignore
         }
         BC_509CLASS_CONS = cons;
     }
-    
+
     /**
      * Constructor
      */
     protected CryptoBase() {
     }
-    
+
     /**
      * Get the crypto provider associated with this implementation
+     *
      * @return the crypto provider
      */
     public String getCryptoProvider() {
         return cryptoProvider;
     }
-    
+
     /**
      * Set the crypto provider associated with this implementation
+     *
      * @param provider the crypto provider to set
      */
     public void setCryptoProvider(String provider) {
         cryptoProvider = provider;
     }
-    
+
     /**
-     * Retrieves the identifier name of the default certificate. This should be the certificate 
-     * that is used for signature and encryption. This identifier corresponds to the certificate 
-     * that should be used whenever KeyInfo is not present in a signed or an encrypted 
+     * Retrieves the identifier name of the default certificate. This should be the certificate
+     * that is used for signature and encryption. This identifier corresponds to the certificate
+     * that should be used whenever KeyInfo is not present in a signed or an encrypted
      * message. May return null. The identifier is implementation specific, e.g. it could be the
      * KeyStore alias.
      *
@@ -104,11 +98,11 @@ public abstract class CryptoBase impleme
     public String getDefaultX509Identifier() throws XMLSecurityException {
         return defaultAlias;
     }
-    
+
     /**
-     * Sets the identifier name of the default certificate. This should be the certificate 
-     * that is used for signature and encryption. This identifier corresponds to the certificate 
-     * that should be used whenever KeyInfo is not present in a signed or an encrypted 
+     * Sets the identifier name of the default certificate. This should be the certificate
+     * that is used for signature and encryption. This identifier corresponds to the certificate
+     * that should be used whenever KeyInfo is not present in a signed or an encrypted
      * message. The identifier is implementation specific, e.g. it could be the KeyStore alias.
      *
      * @param identifier name of the default X509 certificate.
@@ -116,11 +110,11 @@ public abstract class CryptoBase impleme
     public void setDefaultX509Identifier(String identifier) {
         defaultAlias = identifier;
     }
-    
+
     /**
      * Sets the CertificateFactory instance on this Crypto instance
      *
-     * @param provider the CertificateFactory provider name
+     * @param provider    the CertificateFactory provider name
      * @param certFactory the CertificateFactory the CertificateFactory instance to set
      */
     public void setCertificateFactory(String provider, CertificateFactory certFactory) {
@@ -130,13 +124,14 @@ public abstract class CryptoBase impleme
             certFactMap.put(provider, certFactory);
         }
     }
-    
+
     /**
      * Get the CertificateFactory instance on this Crypto instance
      *
      * @return Returns a <code>CertificateFactory</code> to construct
      *         X509 certificates
      * @throws org.apache.ws.security.XMLSecurityException
+     *
      */
     public CertificateFactory getCertificateFactory() throws XMLSecurityException {
         String provider = getCryptoProvider();
@@ -161,13 +156,13 @@ public abstract class CryptoBase impleme
                 certFactMap.put(factory.getProvider().getName(), factory);
             } catch (CertificateException e) {
                 throw new XMLSecurityException(
-                    XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "unsupportedCertType",
-                    null, e
+                        XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "unsupportedCertType",
+                        null, e
                 );
             } catch (NoSuchProviderException e) {
                 throw new XMLSecurityException(
-                    XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "noSecProvider",
-                    null, e
+                        XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "noSecProvider",
+                        null, e
                 );
             }
         }
@@ -180,6 +175,7 @@ public abstract class CryptoBase impleme
      * @param in The <code>InputStream</code> containing the X509Certificate
      * @return An X509 certificate
      * @throws org.apache.ws.security.XMLSecurityException
+     *
      */
     public X509Certificate loadCertificate(InputStream in) throws XMLSecurityException {
         try {
@@ -187,8 +183,8 @@ public abstract class CryptoBase impleme
             return (X509Certificate) certFactory.generateCertificate(in);
         } catch (CertificateException e) {
             throw new XMLSecurityException(
-                XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "parseError",
-                null, e
+                    XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "parseError",
+                    null, e
             );
         }
     }
@@ -221,9 +217,9 @@ public abstract class CryptoBase impleme
                 return digest.digest(value);
             } catch (Exception ex) {
                 throw new XMLSecurityException(
-                    XMLSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN, "noSKIHandling",
-                    new Object[]{"No SKI certificate extension and no SHA1 message digest available"},
-                    ex
+                        XMLSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN, "noSKIHandling",
+                        new Object[]{"No SKI certificate extension and no SHA1 message digest available"},
+                        ex
                 );
             }
         }
@@ -249,19 +245,19 @@ public abstract class CryptoBase impleme
      * @throws XMLSecurityException
      */
     public byte[] getBytesFromCertificates(X509Certificate[] certs)
-        throws XMLSecurityException {
+            throws XMLSecurityException {
         try {
             CertPath path = getCertificateFactory().generateCertPath(Arrays.asList(certs));
             return path.getEncoded();
         } catch (CertificateEncodingException e) {
             throw new XMLSecurityException(
-                XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "encodeError",
-                null, e
+                    XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "encodeError",
+                    null, e
             );
         } catch (CertificateException e) {
             throw new XMLSecurityException(
-                XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "parseError",
-                null, e
+                    XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "parseError",
+                    null, e
             );
         }
     }
@@ -275,15 +271,15 @@ public abstract class CryptoBase impleme
      * @throws XMLSecurityException
      */
     public X509Certificate[] getCertificatesFromBytes(byte[] data)
-        throws XMLSecurityException {
+            throws XMLSecurityException {
         InputStream in = new ByteArrayInputStream(data);
         CertPath path = null;
         try {
             path = getCertificateFactory().generateCertPath(in);
         } catch (CertificateException e) {
             throw new XMLSecurityException(
-                XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "parseError",
-                null, e
+                    XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "parseError",
+                    null, e
             );
         }
         List<?> l = path.getCertificates();
@@ -297,13 +293,13 @@ public abstract class CryptoBase impleme
 
     protected Object createBCX509Name(String s) {
         if (BC_509CLASS_CONS != null) {
-             try {
-                 return BC_509CLASS_CONS.newInstance(new Object[] {s});
-             } catch (Exception e) {
-                 //ignore
-             }
+            try {
+                return BC_509CLASS_CONS.newInstance(new Object[]{s});
+            } catch (Exception e) {
+                //ignore
+            }
         }
         return new X500Principal(s);
     }
-    
+
 }

Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/CryptoType.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/CryptoType.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/CryptoType.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/CryptoType.java Wed Feb 29 20:54:51 2012
@@ -24,10 +24,10 @@ import java.math.BigInteger;
 /**
  * This class represents a way of passing information to the Crypto.getX509Certificates() method.
  * The TYPE enum describes which method to use to retrieve the Certificate(s). The corresponding
- * get accessor must be set accordingly. 
+ * get accessor must be set accordingly.
  */
 public class CryptoType {
-    
+
     /**
      * TYPE.ISSUER_SERIAL - A certificate (chain) is located by the issuer name and serial number
      * TYPE.THUMBPRINT_SHA1 - A certificate (chain) is located by the SHA1 of the (root) cert
@@ -38,48 +38,54 @@ public class CryptoType {
      */
     public enum TYPE {
         ISSUER_SERIAL, THUMBPRINT_SHA1, SKI_BYTES, SUBJECT_DN, ALIAS
-    };
-    
+    }
+
+    ;
+
     private TYPE type;
     private String issuer;
     private BigInteger serial;
     private byte[] bytes;
     private String subjectDN;
     private String alias;
-    
+
     /**
      * Default constructor
      */
     public CryptoType() {
         //
     }
-    
+
     /**
      * Constructor with a TYPE argument
-     * @param type describes which method to use to retrieve a certificate (chain) 
+     *
+     * @param type describes which method to use to retrieve a certificate (chain)
      */
     public CryptoType(TYPE type) {
         this.type = type;
     }
-    
+
     /**
      * Set the type.
-     * @param type describes which method to use to retrieve a certificate (chain) 
+     *
+     * @param type describes which method to use to retrieve a certificate (chain)
      */
     public void setType(TYPE type) {
         this.type = type;
     }
-    
+
     /**
      * Get the type
-     * @return which method to use to retrieve a certificate (chain) 
+     *
+     * @return which method to use to retrieve a certificate (chain)
      */
     public TYPE getType() {
         return type;
     }
-    
+
     /**
      * Set the Issuer String, and Serial number of the cert (chain) to retrieve.
+     *
      * @param issuer the issuer String
      * @param serial the serial number
      */
@@ -87,69 +93,77 @@ public class CryptoType {
         this.issuer = issuer;
         this.serial = serial;
     }
-    
+
     /**
      * Get the issuer String.
+     *
      * @return the issuer String
      */
     public String getIssuer() {
         return issuer;
     }
-    
+
     /**
      * Get the serial number
+     *
      * @return the serial number
      */
     public BigInteger getSerial() {
         return serial;
     }
-    
+
     /**
      * Set the byte[], which could be the SHA1 thumbprint, or SKI bytes of the cert.
-     * @param bytes an array of bytes 
+     *
+     * @param bytes an array of bytes
      */
     public void setBytes(byte[] bytes) {
         this.bytes = bytes;
     }
-    
+
     /**
      * Get the array of bytes, which could be the SHA1 thumbprint, or SKI bytes of the cert.
+     *
      * @return an array of bytes
      */
     public byte[] getBytes() {
         return bytes;
     }
-    
+
     /**
      * Set the Subject DN of the cert (chain) to locate
+     *
      * @param subjectDN the Subject DN of the cert (chain) to locate
      */
     public void setSubjectDN(String subjectDN) {
         this.subjectDN = subjectDN;
     }
-    
+
     /**
      * Get the Subject DN of the cert (chain) to locate
+     *
      * @return the Subject DN of the cert (chain) to locate
      */
     public String getSubjectDN() {
         return subjectDN;
     }
-    
+
     /**
      * Set the alias of the cert (chain) to locate.
+     *
      * @param alias the alias of the cert (chain) to locate.
      */
     public void setAlias(String alias) {
         this.alias = alias;
     }
-    
+
     /**
      * Get the alias of the cert (chain) to locate.
+     *
      * @return the alias of the cert (chain) to locate.
      */
     public String getAlias() {
         return alias;
     }
-    
+
 }

Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/DERDecoder.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/DERDecoder.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/DERDecoder.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/DERDecoder.java Wed Feb 29 20:54:51 2012
@@ -19,16 +19,16 @@
 
 package org.swssf.xmlsec.crypto;
 
-import java.math.BigInteger;
-
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.swssf.xmlsec.ext.XMLSecurityException;
 
+import java.math.BigInteger;
+
 /**
  * Provides the means to navigate through a DER-encoded byte array, to help
  * in decoding the contents.
- * <p>
+ * <p/>
  * It maintains a "current position" in the array that advances with each
  * operation, providing a simple means to handle the type-length-value
  * encoding of DER. For example
@@ -41,11 +41,17 @@ import org.swssf.xmlsec.ext.XMLSecurityE
 public class DERDecoder {
     private static Log log = LogFactory.getLog(DERDecoder.class);
 
-    /** DER type identifier for a bit string value */
+    /**
+     * DER type identifier for a bit string value
+     */
     public static final byte TYPE_BIT_STRING = 0x03;
-    /** DER type identifier for a octet string value */
+    /**
+     * DER type identifier for a octet string value
+     */
     public static final byte TYPE_OCTET_STRING = 0x04;
-    /** DER type identifier for a sequence value */
+    /**
+     * DER type identifier for a sequence value
+     */
     public static final byte TYPE_SEQUENCE = 0x30;
 
     private byte[] arr;
@@ -62,7 +68,7 @@ public class DERDecoder {
             throw new XMLSecurityException(
                     XMLSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
                     "noSKIHandling",
-                    new Object[] { "Invalid DER string" }
+                    new Object[]{"Invalid DER string"}
             );
         }
         arr = derEncoded;
@@ -88,7 +94,7 @@ public class DERDecoder {
             throw new XMLSecurityException(
                     XMLSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
                     "noSKIHandling",
-                    new Object[] { "Unsupported DER format" }
+                    new Object[]{"Unsupported DER format"}
             );
         }
         pos += length;
@@ -98,21 +104,19 @@ public class DERDecoder {
      * Confirm that the byte at the current position matches the given value.
      *
      * @param val the expected next byte.
-     * @throws XMLSecurityException
-     *         if the current position is at the end of the array, or if the
-     *         byte at the current position doesn't match the expected value.
+     * @throws XMLSecurityException if the current position is at the end of the array, or if the
+     *                              byte at the current position doesn't match the expected value.
      */
     public void expect(int val) throws XMLSecurityException {
-        expect((byte)(val & 0xFF));
+        expect((byte) (val & 0xFF));
     }
 
     /**
      * Confirm that the byte at the current position matches the given value.
      *
      * @param val the expected next byte.
-     * @throws XMLSecurityException
-     *         if the current position is at the end of the array, or if the
-     *         byte at the current position doesn't match the expected value.
+     * @throws XMLSecurityException if the current position is at the end of the array, or if the
+     *                              byte at the current position doesn't match the expected value.
      */
     public void expect(byte val) throws XMLSecurityException {
         if (!test(val)) {
@@ -120,7 +124,7 @@ public class DERDecoder {
             throw new XMLSecurityException(
                     XMLSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
                     "noSKIHandling",
-                    new Object[] { "Invalid DER format" }
+                    new Object[]{"Invalid DER format"}
             );
         }
         pos++;
@@ -132,14 +136,14 @@ public class DERDecoder {
      * @param val the value to test for a match with the current byte.
      * @return true if the byte at the current position matches the given value.
      * @throws XMLSecurityException if the current position is at the end of
-     *                             the array.
+     *                              the array.
      */
     public boolean test(byte val) throws XMLSecurityException {
         if (pos >= arr.length) {
             throw new XMLSecurityException(
                     XMLSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
                     "noSKIHandling",
-                    new Object[] { "Invalid DER format" }
+                    new Object[]{"Invalid DER format"}
             );
         }
         return (arr[pos] == val);
@@ -147,7 +151,7 @@ public class DERDecoder {
 
     /**
      * Get the DER length at the current position.
-     * <p>
+     * <p/>
      * DER length is encoded as
      * <ul>
      * <li>If the first byte is 0x00 to 0x7F, it describes the actual length.
@@ -158,16 +162,15 @@ public class DERDecoder {
      * </ul>
      *
      * @return the length, -1 for indefinite length.
-     * @throws XMLSecurityException
-     *         if the current position is at the end of the array or there is
-     *         an incomplete length specification.
+     * @throws XMLSecurityException if the current position is at the end of the array or there is
+     *                              an incomplete length specification.
      */
     public int getLength() throws XMLSecurityException {
         if (pos >= arr.length) {
             throw new XMLSecurityException(
                     XMLSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
                     "noSKIHandling",
-                    new Object[] { "Invalid DER format" }
+                    new Object[]{"Invalid DER format"}
             );
         }
         int len;
@@ -182,7 +185,7 @@ public class DERDecoder {
                 throw new XMLSecurityException(
                         XMLSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
                         "noSKIHandling",
-                        new Object[] { "Invalid DER format" }
+                        new Object[]{"Invalid DER format"}
                 );
             }
             byte[] lenBytes = new byte[nbytes];
@@ -199,22 +202,21 @@ public class DERDecoder {
      * @param length the number of bytes to return.
      * @return an array of the requested number of bytes from the current
      *         position.
-     * @throws XMLSecurityException
-     *         if the current position is at the end of the array, or the
-     *         length is negative.
+     * @throws XMLSecurityException if the current position is at the end of the array, or the
+     *                              length is negative.
      */
     public byte[] getBytes(int length) throws XMLSecurityException {
         if (pos + length > arr.length) {
             throw new XMLSecurityException(
                     XMLSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
                     "noSKIHandling",
-                    new Object[] { "Invalid DER format" }
-             );
+                    new Object[]{"Invalid DER format"}
+            );
         } else if (length < 0) {
             throw new XMLSecurityException(
                     XMLSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
                     "noSKIHandling",
-                    new Object[] { "Unsupported DER format" }
+                    new Object[]{"Unsupported DER format"}
             );
         }
         byte[] value = new byte[length];
@@ -222,5 +224,5 @@ public class DERDecoder {
         pos += length;
         return value;
     }
-    
+
 }

Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/Loader.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/Loader.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/Loader.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/Loader.java Wed Feb 29 20:54:51 2012
@@ -31,8 +31,8 @@ import java.security.PrivilegedAction;
  * @author Davanum Srinivas (dims@yahoo.com).
  */
 public class Loader {
-    private static org.apache.commons.logging.Log log = 
-        org.apache.commons.logging.LogFactory.getLog(Loader.class);
+    private static org.apache.commons.logging.Log log =
+            org.apache.commons.logging.LogFactory.getLog(Loader.class);
 
     /**
      * This method will search for <code>resource</code> in different
@@ -65,7 +65,7 @@ public class Loader {
         } catch (Throwable t) {
             log.warn("Caught Exception while in Loader.getResource. This may be innocuous.", t);
         }
-    
+
         // Last ditch attempt: get the resource from the class path. It
         // may be the case that clazz was loaded by the Extension class
         // loader which the parent of the system class loader. Hence the
@@ -73,13 +73,13 @@ public class Loader {
         log.debug("Trying to find [" + resource + "] using ClassLoader.getSystemResource().");
         return ClassLoader.getSystemResource(resource);
     }
-    
+
 
     /**
      * This method will search for <code>resource</code> in different
      * places. The search order is as follows:
      * <ol>
-     * <p><li>Search for <code>resource</code> using the supplied class loader. 
+     * <p><li>Search for <code>resource</code> using the supplied class loader.
      * If that fails, search for <code>resource</code> using the thread context
      * class loader.
      * <p><li>Try one last time with
@@ -117,13 +117,13 @@ public class Loader {
      * @throws InvocationTargetException
      */
     public static ClassLoader getTCL() throws IllegalAccessException, InvocationTargetException {
-         return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+        return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
             public ClassLoader run() {
                 return Thread.currentThread().getContextClassLoader();
             }
-         });
+        });
     }
-    
+
     /**
      * Get the class loader of the class argument
      * <p/>
@@ -135,7 +135,7 @@ public class Loader {
             public ClassLoader run() {
                 return clazz.getClassLoader();
             }
-         });
+        });
     }
 
     /**
@@ -171,9 +171,9 @@ public class Loader {
      * @return Class
      * @throws ClassNotFoundException
      */
-    public static <T> Class<? extends T> loadClass(ClassLoader loader, 
-                                      String clazz,
-                                      Class<T> type) throws ClassNotFoundException {
+    public static <T> Class<? extends T> loadClass(ClassLoader loader,
+                                                   String clazz,
+                                                   Class<T> type) throws ClassNotFoundException {
         try {
             if (loader != null) {
                 Class<?> c = loader.loadClass(clazz);
@@ -186,6 +186,7 @@ public class Loader {
         }
         return loadClass(clazz, true, type);
     }
+
     /**
      * If running under JDK 1.2 load the specified class using the
      * <code>Thread</code> <code>contextClassLoader</code> if that
@@ -199,6 +200,7 @@ public class Loader {
     public static Class<?> loadClass(String clazz) throws ClassNotFoundException {
         return loadClass(clazz, true);
     }
+
     /**
      * If running under JDK 1.2 load the specified class using the
      * <code>Thread</code> <code>contextClassLoader</code> if that
@@ -211,19 +213,20 @@ public class Loader {
      * @throws ClassNotFoundException
      */
     public static <T> Class<? extends T> loadClass(String clazz, Class<T> type)
-        throws ClassNotFoundException {
+            throws ClassNotFoundException {
         return loadClass(clazz, true, type);
     }
-    
-    public static <T> Class<? extends T> loadClass(String clazz, 
+
+    public static <T> Class<? extends T> loadClass(String clazz,
                                                    boolean warn,
                                                    Class<T> type) throws ClassNotFoundException {
         return loadClass(clazz, warn).asSubclass(type);
     }
+
     public static Class<?> loadClass(String clazz, boolean warn) throws ClassNotFoundException {
         try {
-            ClassLoader tcl = getTCL(); 
-            
+            ClassLoader tcl = getTCL();
+
             if (tcl != null) {
                 Class<?> c = tcl.loadClass(clazz);
                 if (c != null) {

Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/Merlin.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/Merlin.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/Merlin.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/Merlin.java Wed Feb 29 20:54:51 2012
@@ -18,15 +18,15 @@
  */
 package org.swssf.xmlsec.crypto;
 
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.swssf.xmlsec.config.ConfigurationProperties;
+
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.security.KeyStore;
 
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.swssf.xmlsec.config.ConfigurationProperties;
-
 public class Merlin extends MerlinBase {
 
     private static final Log log = LogFactory.getLog(Merlin.class.getName());
@@ -38,7 +38,7 @@ public class Merlin extends MerlinBase {
      */
     public Merlin() {
         super();
-        
+
         if (truststore == null) {
             InputStream cacertsIs = null;
 

Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/MerlinBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/MerlinBase.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/MerlinBase.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/MerlinBase.java Wed Feb 29 20:54:51 2012
@@ -19,48 +19,26 @@
 
 package org.swssf.xmlsec.crypto;
 
+import org.swssf.xmlsec.ext.XMLSecurityException;
+
+import javax.security.auth.x500.X500Principal;
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.math.BigInteger;
-import java.security.GeneralSecurityException;
-import java.security.Key;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.CertPath;
-import java.security.cert.CertPathValidator;
-import java.security.cert.CertStore;
+import java.security.*;
+import java.security.cert.*;
 import java.security.cert.Certificate;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.PKIXParameters;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.Enumeration;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.swssf.xmlsec.ext.XMLSecurityException;
+import java.util.*;
 
 /**
  * A base Crypto implementation based on two Java KeyStore objects, one being the keystore, and one
  * being the truststore.
  */
 public class MerlinBase extends CryptoBase {
-    
-    private static final org.apache.commons.logging.Log log = 
-        org.apache.commons.logging.LogFactory.getLog(MerlinBase.class);
+
+    private static final org.apache.commons.logging.Log log =
+            org.apache.commons.logging.LogFactory.getLog(MerlinBase.class);
     private static final boolean doDebug = log.isDebugEnabled();
 
     protected static CertificateFactory certFact;
@@ -68,23 +46,23 @@ public class MerlinBase extends CryptoBa
     protected KeyStore truststore = null;
     protected CertStore crlCertStore = null;
     protected boolean loadCACerts = false;
-    
+
     public MerlinBase() {
         // Default constructor
     }
-    
+
     /**
      * Load a KeyStore object as an InputStream, using the ClassLoader and location arguments
      */
-    public static InputStream loadInputStream(ClassLoader loader, String location) 
-        throws XMLSecurityException, IOException {
+    public static InputStream loadInputStream(ClassLoader loader, String location)
+            throws XMLSecurityException, IOException {
         InputStream is = null;
         if (location != null) {
             java.net.URL url = Loader.getResource(loader, location);
             if (url != null) {
                 is = url.openStream();
             }
-    
+
             //
             // If we don't find it, then look on the file system.
             //
@@ -96,14 +74,14 @@ public class MerlinBase extends CryptoBa
                         log.debug(e.getMessage(), e);
                     }
                     throw new XMLSecurityException(
-                        XMLSecurityException.ErrorCode.FAILURE, "proxyNotFound", new Object[]{location}, e
+                            XMLSecurityException.ErrorCode.FAILURE, "proxyNotFound", new Object[]{location}, e
                     );
                 }
             }
         }
         return is;
     }
-    
+
 
     /**
      * Loads the keystore from an <code>InputStream </code>.
@@ -112,19 +90,19 @@ public class MerlinBase extends CryptoBa
      * @param input <code>InputStream</code> to read from
      * @throws XMLSecurityException
      */
-    public KeyStore load(InputStream input, String storepass, String provider, String type) 
-        throws XMLSecurityException {
+    public KeyStore load(InputStream input, String storepass, String provider, String type)
+            throws XMLSecurityException {
         KeyStore ks = null;
-        
+
         try {
             if (provider == null || provider.length() == 0) {
                 ks = KeyStore.getInstance(type);
             } else {
                 ks = KeyStore.getInstance(type, provider);
             }
-                    
-            ks.load(input, (storepass == null || storepass.length() == 0) 
-                ? new char[0] : storepass.toCharArray());
+
+            ks.load(input, (storepass == null || storepass.length() == 0)
+                    ? new char[0] : storepass.toCharArray());
         } catch (IOException e) {
             if (doDebug) {
                 log.debug(e.getMessage(), e);
@@ -143,11 +121,11 @@ public class MerlinBase extends CryptoBa
         }
         return ks;
     }
-    
+
     //
     // Accessor methods
     //
-    
+
     /**
      * Gets the Keystore that was loaded
      *
@@ -156,7 +134,7 @@ public class MerlinBase extends CryptoBa
     public KeyStore getKeyStore() {
         return keystore;
     }
-    
+
     /**
      * Set the Keystore on this Crypto instance
      *
@@ -165,7 +143,7 @@ public class MerlinBase extends CryptoBa
     public void setKeyStore(KeyStore keyStore) {
         keystore = keyStore;
     }
-    
+
     /**
      * Gets the trust store that was loaded by the underlying implementation
      *
@@ -174,7 +152,7 @@ public class MerlinBase extends CryptoBa
     public KeyStore getTrustStore() {
         return truststore;
     }
-    
+
     /**
      * Set the trust store on this Crypto instance
      *
@@ -183,27 +161,29 @@ public class MerlinBase extends CryptoBa
     public void setTrustStore(KeyStore trustStore) {
         truststore = trustStore;
     }
-    
+
     /**
      * Set the CertStore from which to obtain a list of CRLs for Certificate Revocation
      * checking.
-     * @param crlCertStore the CertStore from which to obtain a list of CRLs for Certificate 
-     * Revocation checking.
+     *
+     * @param crlCertStore the CertStore from which to obtain a list of CRLs for Certificate
+     *                     Revocation checking.
      */
     public void setCRLCertStore(CertStore crlCertStore) {
         this.crlCertStore = crlCertStore;
     }
-    
+
     /**
      * Get the CertStore from which to obtain a list of CRLs for Certificate Revocation
      * checking.
-     * @return the CertStore from which to obtain a list of CRLs for Certificate 
-     * Revocation checking.
+     *
+     * @return the CertStore from which to obtain a list of CRLs for Certificate
+     *         Revocation checking.
      */
     public CertStore getCRLCertStore() {
         return crlCertStore;
     }
-    
+
     /**
      * Singleton certificate factory for this Crypto instance.
      * <p/>
@@ -211,6 +191,7 @@ public class MerlinBase extends CryptoBa
      * @return Returns a <code>CertificateFactory</code> to construct
      *         X509 certificates
      * @throws org.apache.ws.security.XMLSecurityException
+     *
      */
     @Override
     public CertificateFactory getCertificateFactory() throws XMLSecurityException {
@@ -226,10 +207,10 @@ public class MerlinBase extends CryptoBa
         if (provider != null) {
             factory = certFactMap.get(provider);
         } else if (keyStoreProvider != null) {
-            factory = 
-                certFactMap.get(mapKeystoreProviderToCertProvider(keyStoreProvider));
+            factory =
+                    certFactMap.get(mapKeystoreProviderToCertProvider(keyStoreProvider));
             if (factory == null) {
-                factory = certFactMap.get(keyStoreProvider);                
+                factory = certFactMap.get(keyStoreProvider);
             }
         } else {
             factory = certFactMap.get("DEFAULT");
@@ -239,13 +220,13 @@ public class MerlinBase extends CryptoBa
                 if (provider == null || provider.length() == 0) {
                     if (keyStoreProvider != null && keyStoreProvider.length() != 0) {
                         try {
-                            factory = 
-                                CertificateFactory.getInstance(
-                                    "X.509", mapKeystoreProviderToCertProvider(keyStoreProvider)
-                                );
+                            factory =
+                                    CertificateFactory.getInstance(
+                                            "X.509", mapKeystoreProviderToCertProvider(keyStoreProvider)
+                                    );
                             certFactMap.put(keyStoreProvider, factory);
                             certFactMap.put(
-                                mapKeystoreProviderToCertProvider(keyStoreProvider), factory
+                                    mapKeystoreProviderToCertProvider(keyStoreProvider), factory
                             );
                         } catch (Exception ex) {
                             log.debug(ex);
@@ -264,30 +245,30 @@ public class MerlinBase extends CryptoBa
                 certFactMap.put(factory.getProvider().getName(), factory);
             } catch (CertificateException e) {
                 throw new XMLSecurityException(
-                    XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "unsupportedCertType",
-                    null, e
+                        XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "unsupportedCertType",
+                        null, e
                 );
             } catch (NoSuchProviderException e) {
                 throw new XMLSecurityException(
-                    XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "noSecProvider",
-                    null, e
+                        XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "noSecProvider",
+                        null, e
                 );
             }
         }
         return factory;
     }
-    
+
     private String mapKeystoreProviderToCertProvider(String s) {
         if ("SunJSSE".equals(s)) {
             return "SUN";
         }
         return s;
     }
-    
+
     /**
-     * Retrieves the identifier name of the default certificate. This should be the certificate 
-     * that is used for signature and encryption. This identifier corresponds to the certificate 
-     * that should be used whenever KeyInfo is not present in a signed or an encrypted 
+     * Retrieves the identifier name of the default certificate. This should be the certificate
+     * that is used for signature and encryption. This identifier corresponds to the certificate
+     * that should be used whenever KeyInfo is not present in a signed or an encrypted
      * message. May return null. The identifier is implementation specific, e.g. it could be the
      * KeyStore alias.
      *
@@ -298,7 +279,7 @@ public class MerlinBase extends CryptoBa
         if (defaultAlias != null) {
             return defaultAlias;
         }
-        
+
         if (keystore != null) {
             try {
                 Enumeration<String> as = keystore.aliases();
@@ -311,13 +292,13 @@ public class MerlinBase extends CryptoBa
                 }
             } catch (KeyStoreException ex) {
                 throw new XMLSecurityException(
-                    XMLSecurityException.ErrorCode.FAILURE, "keystore", null, ex
+                        XMLSecurityException.ErrorCode.FAILURE, "keystore", null, ex
                 );
-            } 
+            }
         }
         return null;
     }
-    
+
     //
     // Keystore-specific Crypto functionality methods
     //
@@ -325,7 +306,7 @@ public class MerlinBase extends CryptoBa
     /**
      * Get an X509Certificate (chain) corresponding to the CryptoType argument. The supported
      * types are as follows:
-     * 
+     * <p/>
      * TYPE.ISSUER_SERIAL - A certificate (chain) is located by the issuer name and serial number
      * TYPE.THUMBPRINT_SHA1 - A certificate (chain) is located by the SHA1 of the (root) cert
      * TYPE.SKI_BYTES - A certificate (chain) is located by the SKI bytes of the (root) cert
@@ -340,61 +321,62 @@ public class MerlinBase extends CryptoBa
         CryptoType.TYPE type = cryptoType.getType();
         X509Certificate[] certs = null;
         switch (type) {
-        case ISSUER_SERIAL: {
-            certs = getX509Certificates(cryptoType.getIssuer(), cryptoType.getSerial());
-            break;
-        }
-        case THUMBPRINT_SHA1: {
-            certs = getX509Certificates(cryptoType.getBytes());
-            break;
-        }
-        case SKI_BYTES: {
-            certs = getX509CertificatesSKI(cryptoType.getBytes());
-            break;
-        }
-        case SUBJECT_DN: {
-            certs = getX509CertificatesSubjectDN(cryptoType.getSubjectDN());
-            break;
-        }
-        case ALIAS: {
-            certs = getX509Certificates(cryptoType.getAlias());
-            break;
-        }
+            case ISSUER_SERIAL: {
+                certs = getX509Certificates(cryptoType.getIssuer(), cryptoType.getSerial());
+                break;
+            }
+            case THUMBPRINT_SHA1: {
+                certs = getX509Certificates(cryptoType.getBytes());
+                break;
+            }
+            case SKI_BYTES: {
+                certs = getX509CertificatesSKI(cryptoType.getBytes());
+                break;
+            }
+            case SUBJECT_DN: {
+                certs = getX509CertificatesSubjectDN(cryptoType.getSubjectDN());
+                break;
+            }
+            case ALIAS: {
+                certs = getX509Certificates(cryptoType.getAlias());
+                break;
+            }
         }
         return certs;
     }
 
     /**
-     * Get the implementation-specific identifier corresponding to the cert parameter. In this 
+     * Get the implementation-specific identifier corresponding to the cert parameter. In this
      * case, the identifier corresponds to a KeyStore alias.
+     *
      * @param cert The X509Certificate for which to search for an identifier
      * @return the identifier corresponding to the cert parameter
      * @throws XMLSecurityException
      */
     public String getX509Identifier(X509Certificate cert) throws XMLSecurityException {
         String identifier = null;
-        
+
         if (keystore != null) {
             identifier = getIdentifier(cert, keystore);
         }
-        
+
         if (identifier == null && truststore != null) {
             identifier = getIdentifier(cert, truststore);
         }
-        
+
         return identifier;
     }
-    
+
     /**
      * Gets the private key corresponding to the identifier.
      *
      * @param identifier The implementation-specific identifier corresponding to the key
-     * @param password The password needed to get the key
+     * @param password   The password needed to get the key
      * @return The private key
      */
     public PrivateKey getPrivateKey(
-        String identifier,
-        String password
+            String identifier,
+            String password
     ) throws XMLSecurityException {
         if (keystore == null) {
             throw new XMLSecurityException("The keystore is null");
@@ -415,8 +397,8 @@ public class MerlinBase extends CryptoBa
                 }
             }
             */
-            Key keyTmp = keystore.getKey(identifier, password == null 
-                                         ? new char[]{} : password.toCharArray());
+            Key keyTmp = keystore.getKey(identifier, password == null
+                    ? new char[]{} : password.toCharArray());
             if (!(keyTmp instanceof PrivateKey)) {
                 String msg = "Key is not a private key, alias: [" + identifier + "]";
                 String logMsg = createKeyStoreErrorMessage(keystore);
@@ -426,19 +408,19 @@ public class MerlinBase extends CryptoBa
             return (PrivateKey) keyTmp;
         } catch (KeyStoreException ex) {
             throw new XMLSecurityException(
-                XMLSecurityException.ErrorCode.FAILURE, "noPrivateKey", new Object[]{ex.getMessage()}, ex
+                    XMLSecurityException.ErrorCode.FAILURE, "noPrivateKey", new Object[]{ex.getMessage()}, ex
             );
         } catch (UnrecoverableKeyException ex) {
             throw new XMLSecurityException(
-                XMLSecurityException.ErrorCode.FAILURE, "noPrivateKey", new Object[]{ex.getMessage()}, ex
+                    XMLSecurityException.ErrorCode.FAILURE, "noPrivateKey", new Object[]{ex.getMessage()}, ex
             );
         } catch (NoSuchAlgorithmException ex) {
             throw new XMLSecurityException(
-                XMLSecurityException.ErrorCode.FAILURE, "noPrivateKey", new Object[]{ex.getMessage()}, ex
+                    XMLSecurityException.ErrorCode.FAILURE, "noPrivateKey", new Object[]{ex.getMessage()}, ex
             );
         }
     }
-    
+
     /**
      * Evaluate whether a given certificate chain should be trusted.
      * Uses the CertPath API to validate a given certificate chain.
@@ -451,19 +433,19 @@ public class MerlinBase extends CryptoBa
     public boolean verifyTrust(X509Certificate[] certs) throws XMLSecurityException {
         return verifyTrust(certs, false);
     }
-    
+
     /**
      * Evaluate whether a given certificate chain should be trusted.
      * Uses the CertPath API to validate a given certificate chain.
      *
-     * @param certs Certificate chain to validate
+     * @param certs            Certificate chain to validate
      * @param enableRevocation whether to enable CRL verification or not
      * @return true if the certificate chain is valid, false otherwise
      * @throws XMLSecurityException
      */
     public boolean verifyTrust(
-        X509Certificate[] certs, 
-        boolean enableRevocation
+            X509Certificate[] certs,
+            boolean enableRevocation
     ) throws XMLSecurityException {
         try {
             // Generate cert path
@@ -475,11 +457,11 @@ public class MerlinBase extends CryptoBa
                 Enumeration<String> truststoreAliases = truststore.aliases();
                 while (truststoreAliases.hasMoreElements()) {
                     String alias = truststoreAliases.nextElement();
-                    X509Certificate cert = 
-                        (X509Certificate) truststore.getCertificate(alias);
+                    X509Certificate cert =
+                            (X509Certificate) truststore.getCertificate(alias);
                     if (cert != null) {
-                        TrustAnchor anchor = 
-                            new TrustAnchor(cert, cert.getExtensionValue(NAME_CONSTRAINTS_OID));
+                        TrustAnchor anchor =
+                                new TrustAnchor(cert, cert.getExtensionValue(NAME_CONSTRAINTS_OID));
                         set.add(anchor);
                     }
                 }
@@ -494,11 +476,11 @@ public class MerlinBase extends CryptoBa
                 Enumeration<String> aliases = keystore.aliases();
                 while (aliases.hasMoreElements()) {
                     String alias = aliases.nextElement();
-                    X509Certificate cert = 
-                        (X509Certificate) keystore.getCertificate(alias);
+                    X509Certificate cert =
+                            (X509Certificate) keystore.getCertificate(alias);
                     if (cert != null) {
-                        TrustAnchor anchor = 
-                            new TrustAnchor(cert, cert.getExtensionValue(NAME_CONSTRAINTS_OID));
+                        TrustAnchor anchor =
+                                new TrustAnchor(cert, cert.getExtensionValue(NAME_CONSTRAINTS_OID));
                         set.add(anchor);
                     }
                 }
@@ -521,48 +503,48 @@ public class MerlinBase extends CryptoBa
             validator.validate(path, param);
             return true;
         } catch (java.security.NoSuchProviderException e) {
-                throw new XMLSecurityException(
+            throw new XMLSecurityException(
                     XMLSecurityException.ErrorCode.FAILURE, "certpath",
-                    new Object[] { e.getMessage() }, e
-                );
+                    new Object[]{e.getMessage()}, e
+            );
         } catch (java.security.NoSuchAlgorithmException e) {
-                throw new XMLSecurityException(
+            throw new XMLSecurityException(
                     XMLSecurityException.ErrorCode.FAILURE,
-                    "certpath", new Object[] { e.getMessage() },
+                    "certpath", new Object[]{e.getMessage()},
                     e
-                );
+            );
         } catch (java.security.cert.CertificateException e) {
-                throw new XMLSecurityException(
-                    XMLSecurityException.ErrorCode.FAILURE, "certpath", 
-                    new Object[] { e.getMessage() }, e
-                );
+            throw new XMLSecurityException(
+                    XMLSecurityException.ErrorCode.FAILURE, "certpath",
+                    new Object[]{e.getMessage()}, e
+            );
         } catch (java.security.InvalidAlgorithmParameterException e) {
-                throw new XMLSecurityException(
+            throw new XMLSecurityException(
                     XMLSecurityException.ErrorCode.FAILURE, "certpath",
-                    new Object[] { e.getMessage() }, e
-                );
+                    new Object[]{e.getMessage()}, e
+            );
         } catch (java.security.cert.CertPathValidatorException e) {
-                throw new XMLSecurityException(
+            throw new XMLSecurityException(
                     XMLSecurityException.ErrorCode.FAILURE, "certpath",
-                    new Object[] { e.getMessage() }, e
-                );
+                    new Object[]{e.getMessage()}, e
+            );
         } catch (java.security.KeyStoreException e) {
-                throw new XMLSecurityException(
+            throw new XMLSecurityException(
                     XMLSecurityException.ErrorCode.FAILURE, "certpath",
-                    new Object[] { e.getMessage() }, e
-                );
+                    new Object[]{e.getMessage()}, e
+            );
         } catch (NullPointerException e) {
-                // NPE thrown by JDK 1.7 for one of the test cases
-                throw new XMLSecurityException(
+            // NPE thrown by JDK 1.7 for one of the test cases
+            throw new XMLSecurityException(
                     XMLSecurityException.ErrorCode.FAILURE, "certpath",
-                    new Object[] { e.getMessage() }, e
-                );
+                    new Object[]{e.getMessage()}, e
+            );
         }
     }
-    
+
     /**
      * Evaluate whether a given public key should be trusted.
-     * 
+     *
      * @param publicKey The PublicKey to be evaluated
      * @return whether the PublicKey parameter is trusted or not
      */
@@ -573,7 +555,7 @@ public class MerlinBase extends CryptoBa
         if (publicKey == null) {
             return false;
         }
-        
+
         //
         // Search the keystore for the transmitted public key (direct trust)
         //
@@ -591,18 +573,18 @@ public class MerlinBase extends CryptoBa
         }
         return false;
     }
-    
+
     /**
      * Get an X509 Certificate (chain) according to a given serial number and issuer string.
      *
-     * @param issuer The Issuer String
+     * @param issuer       The Issuer String
      * @param serialNumber The serial number of the certificate
      * @return an X509 Certificate (chain) corresponding to the found certificate(s)
      * @throws XMLSecurityException
      */
     private X509Certificate[] getX509Certificates(
-        String issuer, 
-        BigInteger serialNumber
+            String issuer,
+            BigInteger serialNumber
     ) throws XMLSecurityException {
         //
         // Convert the subject DN to a java X500Principal object first. This is to ensure
@@ -628,32 +610,33 @@ public class MerlinBase extends CryptoBa
         if ((certs == null || certs.length == 0) && truststore != null) {
             certs = getCertificates(issuerName, serialNumber, truststore);
         }
-        
+
         if ((certs == null || certs.length == 0)) {
             return null;
         }
-        
+
         X509Certificate[] x509certs = new X509Certificate[certs.length];
         for (int i = 0; i < certs.length; i++) {
             x509certs[i] = (X509Certificate) certs[i];
         }
         return x509certs;
     }
-    
+
     /**
-     * Get an X509 Certificate (chain) of the X500Principal argument in the supplied KeyStore 
+     * Get an X509 Certificate (chain) of the X500Principal argument in the supplied KeyStore
+     *
      * @param subjectRDN either an X500Principal or a BouncyCastle X509Name instance.
-     * @param store The KeyStore
+     * @param store      The KeyStore
      * @return an X509 Certificate (chain)
      * @throws XMLSecurityException
      */
     private Certificate[] getCertificates(
-        Object issuerRDN, 
-        BigInteger serialNumber, 
-        KeyStore store
+            Object issuerRDN,
+            BigInteger serialNumber,
+            KeyStore store
     ) throws XMLSecurityException {
         try {
-            for (Enumeration<String> e = store.aliases(); e.hasMoreElements();) {
+            for (Enumeration<String> e = store.aliases(); e.hasMoreElements(); ) {
                 String alias = e.nextElement();
                 Certificate cert = null;
                 Certificate[] certs = store.getCertificateChain(alias);
@@ -670,8 +653,8 @@ public class MerlinBase extends CryptoBa
                 if (cert instanceof X509Certificate) {
                     X509Certificate x509cert = (X509Certificate) cert;
                     if (x509cert.getSerialNumber().compareTo(serialNumber) == 0) {
-                        Object certName = 
-                            createBCX509Name(x509cert.getIssuerX500Principal().getName());
+                        Object certName =
+                                createBCX509Name(x509cert.getIssuerX500Principal().getName());
                         if (certName.equals(issuerRDN)) {
                             return certs;
                         }
@@ -680,12 +663,12 @@ public class MerlinBase extends CryptoBa
             }
         } catch (KeyStoreException e) {
             throw new XMLSecurityException(
-                XMLSecurityException.ErrorCode.FAILURE, "keystore", null, e
+                    XMLSecurityException.ErrorCode.FAILURE, "keystore", null, e
             );
         }
         return new Certificate[]{};
     }
-    
+
     /**
      * Get an X509 Certificate (chain) according to a given Thumbprint.
      *
@@ -695,12 +678,12 @@ public class MerlinBase extends CryptoBa
      */
     private X509Certificate[] getX509Certificates(byte[] thumbprint) throws XMLSecurityException {
         MessageDigest sha = null;
-        
+
         try {
             sha = MessageDigest.getInstance("SHA1");
         } catch (NoSuchAlgorithmException e) {
             throw new XMLSecurityException(
-                XMLSecurityException.ErrorCode.FAILURE, "noSHA1availabe", null, e
+                    XMLSecurityException.ErrorCode.FAILURE, "noSHA1availabe", null, e
             );
         }
         Certificate[] certs = null;
@@ -712,11 +695,11 @@ public class MerlinBase extends CryptoBa
         if ((certs == null || certs.length == 0) && truststore != null) {
             certs = getCertificates(thumbprint, truststore, sha);
         }
-        
+
         if ((certs == null || certs.length == 0)) {
             return null;
         }
-        
+
         X509Certificate[] x509certs = new X509Certificate[certs.length];
         for (int i = 0; i < certs.length; i++) {
             x509certs[i] = (X509Certificate) certs[i];
@@ -725,19 +708,20 @@ public class MerlinBase extends CryptoBa
     }
 
     /**
-     * Get an X509 Certificate (chain) of the X500Principal argument in the supplied KeyStore 
+     * Get an X509 Certificate (chain) of the X500Principal argument in the supplied KeyStore
+     *
      * @param subjectRDN either an X500Principal or a BouncyCastle X509Name instance.
-     * @param store The KeyStore
+     * @param store      The KeyStore
      * @return an X509 Certificate (chain)
      * @throws XMLSecurityException
      */
     private Certificate[] getCertificates(
-        byte[] thumbprint, 
-        KeyStore store,
-        MessageDigest sha
+            byte[] thumbprint,
+            KeyStore store,
+            MessageDigest sha
     ) throws XMLSecurityException {
         try {
-            for (Enumeration<String> e = store.aliases(); e.hasMoreElements();) {
+            for (Enumeration<String> e = store.aliases(); e.hasMoreElements(); ) {
                 String alias = e.nextElement();
                 Certificate cert = null;
                 Certificate[] certs = store.getCertificateChain(alias);
@@ -757,8 +741,8 @@ public class MerlinBase extends CryptoBa
                         sha.update(x509cert.getEncoded());
                     } catch (CertificateEncodingException ex) {
                         throw new XMLSecurityException(
-                            XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "encodeError",
-                            null, ex
+                                XMLSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "encodeError",
+                                null, ex
                         );
                     }
                     byte[] data = sha.digest();
@@ -770,12 +754,12 @@ public class MerlinBase extends CryptoBa
             }
         } catch (KeyStoreException e) {
             throw new XMLSecurityException(
-                XMLSecurityException.ErrorCode.FAILURE, "keystore", null, e
+                    XMLSecurityException.ErrorCode.FAILURE, "keystore", null, e
             );
         }
         return new Certificate[]{};
     }
-    
+
     /**
      * Get an X509 Certificate (chain) according to a given SubjectKeyIdentifier.
      *
@@ -792,31 +776,32 @@ public class MerlinBase extends CryptoBa
         if ((certs == null || certs.length == 0) && truststore != null) {
             certs = getCertificates(skiBytes, truststore);
         }
-        
+
         if ((certs == null || certs.length == 0)) {
             return null;
         }
-        
+
         X509Certificate[] x509certs = new X509Certificate[certs.length];
         for (int i = 0; i < certs.length; i++) {
             x509certs[i] = (X509Certificate) certs[i];
         }
         return x509certs;
     }
-    
+
     /**
-     * Get an X509 Certificate (chain) of the X500Principal argument in the supplied KeyStore 
+     * Get an X509 Certificate (chain) of the X500Principal argument in the supplied KeyStore
+     *
      * @param subjectRDN either an X500Principal or a BouncyCastle X509Name instance.
-     * @param store The KeyStore
+     * @param store      The KeyStore
      * @return an X509 Certificate (chain)
      * @throws XMLSecurityException
      */
     private Certificate[] getCertificates(
-        byte[] skiBytes, 
-        KeyStore store
+            byte[] skiBytes,
+            KeyStore store
     ) throws XMLSecurityException {
         try {
-            for (Enumeration<String> e = store.aliases(); e.hasMoreElements();) {
+            for (Enumeration<String> e = store.aliases(); e.hasMoreElements(); ) {
                 String alias = e.nextElement();
                 Certificate cert = null;
                 Certificate[] certs = store.getCertificateChain(alias);
@@ -840,12 +825,12 @@ public class MerlinBase extends CryptoBa
             }
         } catch (KeyStoreException e) {
             throw new XMLSecurityException(
-                XMLSecurityException.ErrorCode.FAILURE, "keystore", null, e
+                    XMLSecurityException.ErrorCode.FAILURE, "keystore", null, e
             );
         }
         return new Certificate[]{};
     }
-    
+
     /**
      * Get an X509 Certificate (chain) according to a given DN of the subject of the certificate
      *
@@ -869,7 +854,7 @@ public class MerlinBase extends CryptoBa
         } catch (java.lang.IllegalArgumentException ex) {
             subject = createBCX509Name(subjectDN);
         }
-        
+
         Certificate[] certs = null;
         if (keystore != null) {
             certs = getCertificates(subject, keystore);
@@ -879,22 +864,22 @@ public class MerlinBase extends CryptoBa
         if ((certs == null || certs.length == 0) && truststore != null) {
             certs = getCertificates(subject, truststore);
         }
-        
+
         if ((certs == null || certs.length == 0)) {
             return null;
         }
-        
+
         X509Certificate[] x509certs = new X509Certificate[certs.length];
         for (int i = 0; i < certs.length; i++) {
             x509certs[i] = (X509Certificate) certs[i];
         }
         return x509certs;
     }
-    
+
     /**
      * Get an X509 Certificate (chain) that correspond to the identifier. For this implementation,
      * the identifier corresponds to the KeyStore alias.
-     * 
+     *
      * @param identifier The identifier that corresponds to the returned certs
      * @return an X509 Certificate (chain) that corresponds to the identifier
      */
@@ -937,13 +922,13 @@ public class MerlinBase extends CryptoBa
         }
         return x509certs;
     }
-    
+
     /**
-     * Find the Public Key in a keystore. 
+     * Find the Public Key in a keystore.
      */
     private boolean findPublicKeyInKeyStore(PublicKey publicKey, KeyStore keyStoreToSearch) {
         try {
-            for (Enumeration<String> e = keyStoreToSearch.aliases(); e.hasMoreElements();) {
+            for (Enumeration<String> e = keyStoreToSearch.aliases(); e.hasMoreElements(); ) {
                 String alias = e.nextElement();
                 Certificate[] certs = keyStoreToSearch.getCertificateChain(alias);
                 Certificate cert;
@@ -969,18 +954,19 @@ public class MerlinBase extends CryptoBa
         }
         return false;
     }
-    
+
     /**
-     * Get an X509 Certificate (chain) of the X500Principal argument in the supplied KeyStore 
+     * Get an X509 Certificate (chain) of the X500Principal argument in the supplied KeyStore
+     *
      * @param subjectRDN either an X500Principal or a BouncyCastle X509Name instance.
-     * @param store The KeyStore
+     * @param store      The KeyStore
      * @return an X509 Certificate (chain)
      * @throws XMLSecurityException
      */
-    private Certificate[] getCertificates(Object subjectRDN, KeyStore store) 
-        throws XMLSecurityException {
+    private Certificate[] getCertificates(Object subjectRDN, KeyStore store)
+            throws XMLSecurityException {
         try {
-            for (Enumeration<String> e = store.aliases(); e.hasMoreElements();) {
+            for (Enumeration<String> e = store.aliases(); e.hasMoreElements(); ) {
                 String alias = e.nextElement();
                 Certificate cert = null;
                 Certificate[] certs = store.getCertificateChain(alias);
@@ -1005,12 +991,12 @@ public class MerlinBase extends CryptoBa
             }
         } catch (KeyStoreException e) {
             throw new XMLSecurityException(
-                XMLSecurityException.ErrorCode.FAILURE, "keystore", null, e
+                    XMLSecurityException.ErrorCode.FAILURE, "keystore", null, e
             );
         }
         return new Certificate[]{};
     }
-    
+
     private static String createKeyStoreErrorMessage(KeyStore keystore) throws KeyStoreException {
         Enumeration<String> aliases = keystore.aliases();
         StringBuilder sb = new StringBuilder(keystore.size() * 7);
@@ -1023,25 +1009,26 @@ public class MerlinBase extends CryptoBa
             firstAlias = false;
         }
         String msg = " in keystore of type [" + keystore.getType()
-            + "] from provider [" + keystore.getProvider()
-            + "] with size [" + keystore.size() + "] and aliases: {"
-            + sb.toString() + "}";
+                + "] from provider [" + keystore.getProvider()
+                + "] with size [" + keystore.size() + "] and aliases: {"
+                + sb.toString() + "}";
         return msg;
     }
-    
+
     /**
      * Get an implementation-specific identifier that corresponds to the X509Certificate. In
      * this case, the identifier is the KeyStore alias.
-     * @param cert The X509Certificate corresponding to the returned identifier
+     *
+     * @param cert  The X509Certificate corresponding to the returned identifier
      * @param store The KeyStore to search
      * @return An implementation-specific identifier that corresponds to the X509Certificate
      */
     private String getIdentifier(X509Certificate cert, KeyStore store)
-        throws XMLSecurityException {
+            throws XMLSecurityException {
         try {
-            for (Enumeration<String> e = store.aliases(); e.hasMoreElements();) {
+            for (Enumeration<String> e = store.aliases(); e.hasMoreElements(); ) {
                 String alias = e.nextElement();
-                
+
                 Certificate[] certs = store.getCertificateChain(alias);
                 Certificate retrievedCert = null;
                 if (certs == null || certs.length == 0) {
@@ -1065,5 +1052,5 @@ public class MerlinBase extends CryptoBa
         }
         return null;
     }
-    
+
 }

Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/X509SubjectPublicKeyInfo.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/X509SubjectPublicKeyInfo.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/X509SubjectPublicKeyInfo.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/crypto/X509SubjectPublicKeyInfo.java Wed Feb 29 20:54:51 2012
@@ -19,10 +19,10 @@
 
 package org.swssf.xmlsec.crypto;
 
-import java.security.PublicKey;
-
 import org.swssf.xmlsec.ext.XMLSecurityException;
 
+import java.security.PublicKey;
+
 /**
  * Represents the X.509 SubjectPublicKeyInfo for a public key, as specified
  * in RFC3280/5280:
@@ -42,17 +42,17 @@ public class X509SubjectPublicKeyInfo ex
      * Construct a SubjectPublicKeyInfo for the given public key.
      *
      * @param key the public key.
-     * @throws XMLSecurityException if the public key encoding format is 
-     *                             not X.509 or the encoding is null.
+     * @throws XMLSecurityException if the public key encoding format is
+     *                              not X.509 or the encoding is null.
      */
     public X509SubjectPublicKeyInfo(PublicKey key) throws XMLSecurityException {
         super(key.getEncoded());
-        if (!("X.509".equalsIgnoreCase(key.getFormat()) 
+        if (!("X.509".equalsIgnoreCase(key.getFormat())
                 || "X509".equalsIgnoreCase(key.getFormat()))) {
             throw new XMLSecurityException(
-                XMLSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
-                "noSKIHandling",
-                new Object[] { "Support for X.509-encoded public keys only" }
+                    XMLSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
+                    "noSKIHandling",
+                    new Object[]{"Support for X.509-encoded public keys only"}
             );
         }
     }
@@ -86,18 +86,18 @@ public class X509SubjectPublicKeyInfo ex
             throw new XMLSecurityException(
                     XMLSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
                     "noSKIHandling",
-                    new Object[] { "Unsupported X.509 public key format" }
+                    new Object[]{"Unsupported X.509 public key format"}
             );
         }
         skip(algIDlen);           // AlgorithmIdentifier contents
         expect(TYPE_BIT_STRING);  // subjectPublicKey BIT STRING
-        int keyLen = getLength()-1;
+        int keyLen = getLength() - 1;
         if (keyLen < 0) {
             // Invalid BIT STRING length
             throw new XMLSecurityException(
                     XMLSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
                     "noSKIHandling",
-                    new Object[] { "Invalid X.509 public key format" }
+                    new Object[]{"Invalid X.509 public key format"}
             );
         }
         skip(1);   // number unused bits

Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/AbstractInputSecurityHeaderHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/AbstractInputSecurityHeaderHandler.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/AbstractInputSecurityHeaderHandler.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/AbstractInputSecurityHeaderHandler.java Wed Feb 29 20:54:51 2012
@@ -24,8 +24,11 @@ import org.swssf.xmlsec.impl.XMLSecurity
 
 import javax.xml.bind.JAXBException;
 import javax.xml.bind.Unmarshaller;
+import javax.xml.namespace.QName;
 import javax.xml.stream.events.XMLEvent;
+import java.util.ArrayList;
 import java.util.Deque;
+import java.util.List;
 
 /**
  * Abstract class for SecurityHeaderHandlers with parse logic for the xml structures
@@ -46,4 +49,18 @@ public abstract class AbstractInputSecur
             throw new XMLSecurityException(XMLSecurityException.ErrorCode.INVALID_SECURITY, e);
         }
     }
+
+    protected List<QName> getElementPath(DocumentContext documentContext, Deque<XMLEvent> eventDeque) throws XMLSecurityException {
+        List<QName> elementPath = new ArrayList<QName>();
+        elementPath.addAll(documentContext.getPath());
+        XMLEvent xmlEvent = eventDeque.peek();
+        if (xmlEvent.isStartElement()) {
+            elementPath.add(xmlEvent.asStartElement().getName());
+        } else if (xmlEvent.isEndElement()) {
+            elementPath.add(xmlEvent.asEndElement().getName());
+        } else {
+            throw new XMLSecurityException(XMLSecurityException.ErrorCode.INVALID_SECURITY);
+        }
+        return elementPath;
+    }
 }

Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/DocumentContext.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/DocumentContext.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/DocumentContext.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/DocumentContext.java Wed Feb 29 20:54:51 2012
@@ -60,7 +60,7 @@ public interface DocumentContext {
      * @param eventType current event type
      * @return the name of the parent element
      */
-    public QName getParentElement(int eventType);
+    public List<QName> getParentElementPath(int eventType);
 
     /**
      * @return The current level in the document

Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/SecurityContext.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/SecurityContext.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/SecurityContext.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/SecurityContext.java Wed Feb 29 20:54:51 2012
@@ -28,17 +28,17 @@ import java.util.List;
  */
 public interface SecurityContext {
 
-    public <T> void put(String key, T value);
+    <T> void put(String key, T value);
 
-    public <T> T get(String key);
+    <T> T get(String key);
 
-    public <T> T remove(String key);
+    <T> T remove(String key);
 
-    public <T extends List> void putList(Class key, T value);
+    <T extends List> void putList(Class key, T value);
 
-    public <T> void putAsList(Class key, T value);
+    <T> void putAsList(Class key, T value);
 
-    public <T> List<T> getAsList(Class key);
+    <T> List<T> getAsList(Class key);
 
     /**
      * Register a new SecurityTokenProvider.
@@ -46,7 +46,7 @@ public interface SecurityContext {
      * @param id                    A unique id
      * @param securityTokenProvider The actual SecurityTokenProvider to register.
      */
-    public void registerSecurityTokenProvider(String id, SecurityTokenProvider securityTokenProvider);
+    void registerSecurityTokenProvider(String id, SecurityTokenProvider securityTokenProvider);
 
     /**
      * Returns a registered SecurityTokenProvider with the given id or null if not found
@@ -54,6 +54,5 @@ public interface SecurityContext {
      * @param id The SecurityTokenProvider's id
      * @return The SecurityTokenProvider
      */
-    public SecurityTokenProvider getSecurityTokenProvider(String id);
-
+    SecurityTokenProvider getSecurityTokenProvider(String id);
 }

Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/SecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/SecurityToken.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/SecurityToken.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/SecurityToken.java Wed Feb 29 20:54:51 2012
@@ -18,9 +18,11 @@
  */
 package org.swssf.xmlsec.ext;
 
+import javax.xml.namespace.QName;
 import java.security.Key;
 import java.security.PublicKey;
 import java.security.cert.X509Certificate;
+import java.util.List;
 
 /**
  * This class represents the different token types which can occur in WS-Security
@@ -33,6 +35,20 @@ import java.security.cert.X509Certificat
  */
 public interface SecurityToken {
 
+    public enum TokenUsage {
+        Signature,
+        MainSignature,
+        Encryption,
+        MainEncryption,
+        SupportingToken,
+        SignedSupportingTokens,
+        EndorsingSupportingTokens,
+        SignedEndorsingSupportingTokens,
+        SignedEncryptedSupportingTokens,
+        EndorsingEncryptedSupportingTokens,
+        SignedEndorsingEncryptedSupportingTokens,
+    }
+
     /**
      * Returns the token id aka wsu:Id
      *
@@ -47,6 +63,14 @@ public interface SecurityToken {
      */
     Object getProcessor();
 
+
+    /**
+     * Returns the absolute path to the XMLElement
+     *
+     * @return A list containing full qualified element names
+     */
+    List<QName> getElementPath();
+
     /**
      * Returns the token type
      *
@@ -94,14 +118,11 @@ public interface SecurityToken {
      *
      * @return The wrapping SecurityToken
      */
-    SecurityToken getKeyWrappingToken();
+    SecurityToken getKeyWrappingToken() throws XMLSecurityException;
 
-    /**
-     * Returns the Key wrapping token's algorithm
-     *
-     * @return the KeyWrappingToken algorithm
-     */
-    String getKeyWrappingTokenAlgorithm();
+    List<SecurityToken> getWrappedTokens() throws XMLSecurityException;
+
+    void addWrappedToken(SecurityToken securityToken);
 
     /**
      * Returns the KeyIdentifierType
@@ -109,4 +130,8 @@ public interface SecurityToken {
      * @return the KeyIdentifierType
      */
     XMLSecurityConstants.TokenType getTokenType();
+
+    void addTokenUsage(TokenUsage tokenUsage) throws XMLSecurityException;
+
+    List<TokenUsage> getTokenUsages();
 }

Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/SecurityTokenProvider.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/SecurityTokenProvider.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/SecurityTokenProvider.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/SecurityTokenProvider.java Wed Feb 29 20:54:51 2012
@@ -18,8 +18,6 @@
  */
 package org.swssf.xmlsec.ext;
 
-import org.swssf.xmlsec.crypto.Crypto;
-
 /**
  * A SecurityTokenProvider is a object which provides a Token for cryptographic operations
  *
@@ -31,11 +29,10 @@ public interface SecurityTokenProvider {
     /**
      * Returns the represented SecurityToken of this object
      *
-     * @param crypto The Crypto to use to restore the Token
      * @return The SecurityToken
      * @throws XMLSecurityException if the token couldn't be loaded
      */
-    public SecurityToken getSecurityToken(Crypto crypto) throws XMLSecurityException;
+    public SecurityToken getSecurityToken() throws XMLSecurityException;
 
     public String getId();
 }

Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/DocumentContextImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/DocumentContextImpl.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/DocumentContextImpl.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/DocumentContextImpl.java Wed Feb 29 20:54:51 2012
@@ -22,8 +22,7 @@ import org.swssf.xmlsec.ext.DocumentCont
 import org.swssf.xmlsec.ext.XMLSecurityConstants;
 
 import javax.xml.namespace.QName;
-import javax.xml.stream.XMLStreamConstants;
-import java.util.ArrayList;
+import java.util.Collections;
 import java.util.Deque;
 import java.util.LinkedList;
 import java.util.List;
@@ -37,7 +36,7 @@ import java.util.List;
 public class DocumentContextImpl implements DocumentContext, Cloneable {
 
     private static final QName nullElement = new QName("", "");
-    private List<QName> path = new ArrayList<QName>(10);
+    private List<QName> path = new LinkedList<QName>();
     private String encoding;
 
     public String getEncoding() {
@@ -49,11 +48,11 @@ public class DocumentContextImpl impleme
     }
 
     public void addPathElement(QName qName) {
-        getPath().add(qName);
+        this.path.add(qName);
     }
 
     public QName removePathElement() {
-        return getPath().remove(getPath().size() - 1);
+        return this.path.remove(this.path.size() - 1);
     }
 
     protected void setPath(List<QName> path) {
@@ -61,27 +60,19 @@ public class DocumentContextImpl impleme
     }
 
     public List<QName> getPath() {
-        return path;
+        return Collections.unmodifiableList(path);
     }
 
-    public QName getParentElement(int eventType) {
-        if (eventType == XMLStreamConstants.START_ELEMENT || eventType == XMLStreamConstants.END_ELEMENT) {
-            if (getPath().size() >= 2) {
-                return getPath().get(getPath().size() - 2);
-            } else {
-                return nullElement;
-            }
-        } else {
-            if (getPath().size() >= 1) {
-                return getPath().get(getPath().size() - 1);
-            } else {
-                return nullElement;
-            }
+    public List<QName> getParentElementPath(int eventType) {
+        List<QName> parentPath = new LinkedList<QName>();
+        if (this.path.size() >= 1) {
+            parentPath.addAll(this.path.subList(0, this.path.size() - 1));
         }
+        return parentPath;
     }
 
     public int getDocumentLevel() {
-        return getPath().size();
+        return this.path.size();
     }
 
     Deque<XMLSecurityConstants.ContentType> contentTypeDeque = new LinkedList<XMLSecurityConstants.ContentType>();
@@ -126,8 +117,8 @@ public class DocumentContextImpl impleme
     protected DocumentContextImpl clone() throws CloneNotSupportedException {
         super.clone();
         DocumentContextImpl documentContext = new DocumentContextImpl();
-        List<QName> subPath = new ArrayList<QName>();
-        subPath.addAll(this.getPath());
+        List<QName> subPath = new LinkedList<QName>();
+        subPath.addAll(this.path);
         documentContext.setEncoding(this.encoding);
         documentContext.setPath(subPath);
         documentContext.setContentTypeDeque(getContentTypeDeque());

Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/SecurityContextImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/SecurityContextImpl.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/SecurityContextImpl.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/SecurityContextImpl.java Wed Feb 29 20:54:51 2012
@@ -31,7 +31,7 @@ import java.util.*;
  */
 public class SecurityContextImpl implements SecurityContext {
 
-    private Map<String, SecurityTokenProvider> secretTokenProviders = new HashMap<String, SecurityTokenProvider>();
+    private Map<String, SecurityTokenProvider> securityTokenProviders = new HashMap<String, SecurityTokenProvider>();
 
     @SuppressWarnings("unchecked")
     private Map content = Collections.synchronizedMap(new HashMap());
@@ -83,10 +83,10 @@ public class SecurityContextImpl impleme
         if (id == null) {
             throw new IllegalArgumentException("Id must not be null");
         }
-        secretTokenProviders.put(id, securityTokenProvider);
+        securityTokenProviders.put(id, securityTokenProvider);
     }
 
     public SecurityTokenProvider getSecurityTokenProvider(String id) {
-        return secretTokenProviders.get(id);
+        return securityTokenProviders.get(id);
     }
 }



Mime
View raw message