ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1654180 - in /webservices/wss4j/trunk/ws-security-dom/src: main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java test/java/org/apache/wss4j/dom/message/EncryptionAlgorithmSuiteTest.java
Date Fri, 23 Jan 2015 11:52:09 GMT
Author: coheigea
Date: Fri Jan 23 11:52:09 2015
New Revision: 1654180

URL: http://svn.apache.org/r1654180
Log:
RSA v1.5 fix

Modified:
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionAlgorithmSuiteTest.java

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java?rev=1654180&r1=1654179&r2=1654180&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
Fri Jan 23 11:52:09 2015
@@ -111,8 +111,8 @@ public class EncryptedKeyProcessor imple
         }
         if (WSConstants.KEYTRANSPORT_RSA15.equals(encryptedKeyTransportMethod)
             && !data.isAllowRSA15KeyTransportAlgorithm()
-            && algorithmSuite != null
-            && !algorithmSuite.getKeyWrapAlgorithms().contains(WSConstants.KEYTRANSPORT_RSA15))
{
+            && (algorithmSuite == null
+              || !algorithmSuite.getKeyWrapAlgorithms().contains(WSConstants.KEYTRANSPORT_RSA15)))
{
             LOG.debug(
                 "The Key transport method does not match the requirement"
             );

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionAlgorithmSuiteTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionAlgorithmSuiteTest.java?rev=1654180&r1=1654179&r2=1654180&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionAlgorithmSuiteTest.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionAlgorithmSuiteTest.java
Fri Jan 23 11:52:09 2015
@@ -135,6 +135,49 @@ public class EncryptionAlgorithmSuiteTes
     }
     
     @org.junit.Test
+    public void testEncryptionKeyTransportRSA15NoAlgorithmSuite() throws Exception {
+        
+        Crypto wssCrypto = CryptoFactory.getInstance("wss40.properties");
+        
+        WSSecEncrypt builder = new WSSecEncrypt();
+        builder.setUserInfo("wss40");
+        builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
+        builder.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES);
+        builder.setKeyEncAlgo(WSConstants.KEYTRANSPORT_RSA15);
+        
+        Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+        WSSecHeader secHeader = new WSSecHeader();
+        secHeader.insertSecurityHeader(doc);
+        
+        Document encryptedDoc = builder.build(doc, wssCrypto, secHeader);
+
+        if (LOG.isDebugEnabled()) {
+            String outputString = 
+                XMLUtils.PrettyDocumentToString(encryptedDoc);
+            LOG.debug(outputString);
+        }
+        
+        Element securityHeader = WSSecurityUtil.getSecurityHeader(encryptedDoc, null);
+        
+        try {
+            verify(securityHeader, null, wssCrypto);
+            fail("Expected failure as RSA 15 is not allowed");
+        } catch (WSSecurityException ex) {
+            // expected
+        }
+        
+        // Now enable RSA v1.5 processing
+        WSSecurityEngine secEngine = new WSSecurityEngine();
+        RequestData data = new RequestData();
+        data.setDecCrypto(wssCrypto);
+        data.setAllowRSA15KeyTransportAlgorithm(true);
+        
+        data.setCallbackHandler(new KeystoreCallbackHandler());
+        
+        secEngine.processSecurityHeader(securityHeader, data);
+    }
+    
+    @org.junit.Test
     public void testEncryptionMethodAES128() throws Exception {
         
         Crypto wssCrypto = CryptoFactory.getInstance("wss40.properties");



Mime
View raw message