ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1490977 [4/4] - in /webservices/wss4j/trunk: ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/ ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/ ws-security-policy-stax/src/test/java/org/...
Date Sat, 08 Jun 2013 13:20:19 GMT
Copied: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509V3SecurityTokenImpl.java
(from r1485168, webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509V3SecurityTokenImpl.java?p2=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509V3SecurityTokenImpl.java&p1=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java&r1=1485168&r2=1490977&rev=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509V3SecurityTokenImpl.java
Sat Jun  8 13:20:18 2013
@@ -20,6 +20,7 @@ package org.apache.wss4j.stax.impl.secur
 
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
+import org.apache.wss4j.stax.ext.WSSConfigurationException;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
 import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
 import org.apache.xml.security.exceptions.XMLSecurityException;
@@ -28,17 +29,33 @@ import org.apache.xml.security.stax.impl
 import javax.security.auth.callback.CallbackHandler;
 import java.security.cert.X509Certificate;
 
-public class X509_V3SecurityTokenImpl extends X509SecurityTokenImpl {
+public class X509V3SecurityTokenImpl extends X509SecurityTokenImpl {
 
     private String alias = null;
 
-    public X509_V3SecurityTokenImpl(WSInboundSecurityContext wsInboundSecurityContext, Crypto
crypto, CallbackHandler callbackHandler,
-                                    byte[] binaryContent, String id, WSSecurityTokenConstants.KeyIdentifier
keyIdentifier,
-                                    WSSSecurityProperties securityProperties)
-            throws XMLSecurityException {
-
-        super(WSSecurityTokenConstants.X509V3Token, wsInboundSecurityContext, crypto, callbackHandler,
id, keyIdentifier, securityProperties);
-        setX509Certificates(new X509Certificate[]{getCrypto().loadCertificate(new UnsynchronizedByteArrayInputStream(binaryContent))});
+    public X509V3SecurityTokenImpl(
+            WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto, CallbackHandler
callbackHandler,
+            byte[] binaryContent, String id, WSSSecurityProperties securityProperties) throws
XMLSecurityException {
+
+        super(WSSecurityTokenConstants.X509V3Token, wsInboundSecurityContext, crypto, callbackHandler,
id,
+                WSSecurityTokenConstants.KeyIdentifier_X509KeyIdentifier, securityProperties,
true);
+
+        X509Certificate x509Certificate = getCrypto().loadCertificate(new UnsynchronizedByteArrayInputStream(binaryContent));
+        setX509Certificates(new X509Certificate[]{x509Certificate});
+
+        // Check to see if the certificates actually correspond to the decryption crypto
+        if (getCrypto().getX509Identifier(getX509Certificates()[0]) == null) {
+            try {
+                Crypto decCrypto = securityProperties.getDecryptionCrypto();
+                if (decCrypto != null
+                        && decCrypto != getCrypto()
+                        && decCrypto.getX509Identifier(getX509Certificates()[0])
!= null) {
+                    setCrypto(decCrypto);
+                }
+            } catch (WSSConfigurationException ex) { //NOPMD
+                // Just continue
+            }
+        }
     }
 
     @Override

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityToken/WSSecurityTokenConstants.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityToken/WSSecurityTokenConstants.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityToken/WSSecurityTokenConstants.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityToken/WSSecurityTokenConstants.java
Sat Jun  8 13:20:18 2013
@@ -34,16 +34,12 @@ public class WSSecurityTokenConstants ex
     public static final TokenUsage TokenUsage_EndorsingEncryptedSupportingTokens = new TokenUsage("EndorsingEncryptedSupportingTokens");
     public static final TokenUsage TokenUsage_SignedEndorsingEncryptedSupportingTokens =
new TokenUsage("SignedEndorsingEncryptedSupportingTokens");
 
-    //todo correct/cleanup/rename/revisit KeyIdentifierTypes over the whole framework. I
messed it up...
-    public static final KeyIdentifier KeyIdentifier_IssuerSerial = new KeyIdentifier("IssuerSerial");
     public static final KeyIdentifier KeyIdentifier_SecurityTokenDirectReference = new KeyIdentifier("SecurityTokenDirectReference");
-    public static final KeyIdentifier KeyIdentifier_X509KeyIdentifier = new KeyIdentifier("X509KeyIdentifier");
-    public static final KeyIdentifier KeyIdentifier_SkiKeyIdentifier = new KeyIdentifier("SkiKeyIdentifier");
     public static final KeyIdentifier KeyIdentifier_ThumbprintIdentifier = new KeyIdentifier("ThumbprintIdentifier");
     public static final KeyIdentifier KeyIdentifier_EncryptedKeySha1Identifier = new KeyIdentifier("EncryptedKeySha1Identifier");
     public static final KeyIdentifier KeyIdentifier_EmbeddedKeyIdentifierRef = new KeyIdentifier("EmbeddedKeyIdentifierRef");
     public static final KeyIdentifier KeyIdentifier_UsernameTokenReference = new KeyIdentifier("UsernameTokenReference");
-    public static final KeyIdentifier KeyIdentifier_SecurityTokenReference = new KeyIdentifier("SecurityTokenReference");
+    public static final KeyIdentifier KeyIdentifier_ExternalReference = new KeyIdentifier("ExternalReference");
 
     public static final TokenType UsernameToken = new TokenType("UsernameToken");
     public static final TokenType SecurityContextToken = new TokenType("SecurityContextToken");

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/BinarySecurityTokenValidatorImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/BinarySecurityTokenValidatorImpl.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/BinarySecurityTokenValidatorImpl.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/BinarySecurityTokenValidatorImpl.java
Sat Jun  8 13:20:18 2013
@@ -25,10 +25,10 @@ import org.apache.wss4j.common.ext.WSSec
 import org.apache.wss4j.stax.ext.WSSConfigurationException;
 import org.apache.wss4j.stax.ext.WSSConstants;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
+import org.apache.wss4j.stax.impl.securityToken.X509V3SecurityTokenImpl;
 import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
 import org.apache.wss4j.stax.impl.securityToken.KerberosServiceSecurityTokenImpl;
 import org.apache.wss4j.stax.impl.securityToken.X509PKIPathv1SecurityTokenImpl;
-import org.apache.wss4j.stax.impl.securityToken.X509_V3SecurityTokenImpl;
 import org.apache.xml.security.exceptions.XMLSecurityException;
 import org.apache.xml.security.stax.securityToken.InboundSecurityToken;
 
@@ -54,12 +54,11 @@ public class BinarySecurityTokenValidato
         try {
             if (WSSConstants.NS_X509_V3_TYPE.equals(binarySecurityTokenType.getValueType()))
{
                 Crypto crypto = getCrypto(tokenContext.getWssSecurityProperties());
-                X509_V3SecurityTokenImpl x509V3SecurityToken = new X509_V3SecurityTokenImpl(
+                X509V3SecurityTokenImpl x509V3SecurityToken = new X509V3SecurityTokenImpl(
                         tokenContext.getWsSecurityContext(),
                         crypto,
                         tokenContext.getWssSecurityProperties().getCallbackHandler(),
                         securityTokenData, binarySecurityTokenType.getId(),
-                        WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference,
                         tokenContext.getWssSecurityProperties()
                 );
                 x509V3SecurityToken.setElementPath(tokenContext.getElementPath());

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java
Sat Jun  8 13:20:18 2013
@@ -23,6 +23,7 @@ import org.apache.wss4j.common.ext.WSSec
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
 import org.apache.wss4j.stax.securityToken.SamlSecurityToken;
 import org.apache.wss4j.stax.impl.securityToken.SamlSecurityTokenImpl;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
 import org.apache.xml.security.stax.securityToken.InboundSecurityToken;
 
 public class SamlTokenValidatorImpl extends SignatureTokenValidatorImpl implements SamlTokenValidator
{
@@ -80,7 +81,7 @@ public class SamlTokenValidatorImpl exte
                 samlAssertionWrapper, subjectSecurityToken,
                 tokenContext.getWsSecurityContext(),
                 sigVerCrypto,
-                null,
+                WSSecurityTokenConstants.KeyIdentifier_NoKeyInfo,
                 tokenContext.getWssSecurityProperties());
 
         securityToken.setElementPath(tokenContext.getElementPath());

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SecurityContextTokenValidatorImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SecurityContextTokenValidatorImpl.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SecurityContextTokenValidatorImpl.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SecurityContextTokenValidatorImpl.java
Sat Jun  8 13:20:18 2013
@@ -40,8 +40,8 @@ public class SecurityContextTokenValidat
             throws WSSecurityException {
 
         AbstractInboundSecurityToken securityContextToken = new AbstractInboundSecurityToken(
-                tokenContext.getWsSecurityContext(),
-                securityContextTokenType.getId(), null) {
+                tokenContext.getWsSecurityContext(), securityContextTokenType.getId(),
+                WSSecurityTokenConstants.KeyIdentifier_ExternalReference, false) {
 
             @Override
             public boolean isAsymmetric() {
@@ -73,7 +73,6 @@ public class SecurityContextTokenValidat
 
             @Override
             public WSSecurityTokenConstants.TokenType getTokenType() {
-                //todo and set externalUriRef
                 return WSSecurityTokenConstants.SecurityContextToken;
             }
         };

Modified: webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java
Sat Jun  8 13:20:18 2013
@@ -38,6 +38,7 @@ import org.apache.xml.security.stax.conf
 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
 import org.apache.xml.security.stax.ext.stax.XMLSecEventFactory;
+import org.apache.xml.security.stax.impl.util.IDGenerator;
 import org.apache.xml.security.stax.securityEvent.*;
 import org.opensaml.common.SAMLVersion;
 import org.testng.Assert;
@@ -128,7 +129,7 @@ public class InboundWSSecurityContextImp
         UsernameSecurityTokenImpl usernameSecurityToken = new UsernameSecurityTokenImpl(
                 WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST,
                 "username", "password", new Date().toString(), null, new byte[10], 10L,
-                null, null, null);
+                null, IDGenerator.generateID(null), WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
         usernameSecurityToken.setElementPath(usernameTokenPath);
         usernameSecurityToken.setXMLSecEvent(usernameTokenXmlEvent);
         usernameTokenSecurityEvent.setSecurityToken(usernameSecurityToken);
@@ -318,7 +319,7 @@ public class InboundWSSecurityContextImp
         UsernameSecurityTokenImpl usernameSecurityToken = new UsernameSecurityTokenImpl(
                 WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST,
                 "username", "password", new Date().toString(), null, new byte[10], 10L,
-                null, null, null);
+                null, IDGenerator.generateID(null), WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
         usernameSecurityToken.setElementPath(usernameTokenPath);
         usernameSecurityToken.setXMLSecEvent(usernameTokenXmlEvent);
         usernameTokenSecurityEvent.setSecurityToken(usernameSecurityToken);
@@ -561,7 +562,7 @@ public class InboundWSSecurityContextImp
         UsernameSecurityTokenImpl usernameSecurityToken = new UsernameSecurityTokenImpl(
                 WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST,
                 "username", "password", new Date().toString(), null, new byte[10], 10L,
-                null, null, null);
+                null, IDGenerator.generateID(null), WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
         usernameSecurityToken.setElementPath(usernamePath);
         usernameSecurityToken.setXMLSecEvent(usernameTokenXmlEvent);
         usernameTokenSecurityEvent.setSecurityToken(usernameSecurityToken);
@@ -671,8 +672,8 @@ public class InboundWSSecurityContextImp
         keyStore.load(this.getClass().getClassLoader().getResourceAsStream("transmitter.jks"),
"default".toCharArray());
 
         X509SecurityTokenImpl x509SecurityToken =
-                new X509SecurityTokenImpl(tokenType, null, null, null, "",
-                        WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier, null)
{
+                new X509SecurityTokenImpl(tokenType, null, null, null, IDGenerator.generateID(null),
+                        WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier, null,
true) {
 
             @Override
             protected String getAlias() throws WSSecurityException {



Mime
View raw message