ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1668656 [1/2] - in /webservices/wss4j/trunk: ws-security-common/src/main/java/org/apache/wss4j/common/token/ ws-security-common/src/main/java/org/apache/wss4j/common/util/ ws-security-dom/src/main/java/org/apache/wss4j/dom/ ws-security-dom...
Date Mon, 23 Mar 2015 14:42:55 GMT
Author: coheigea
Date: Mon Mar 23 14:42:53 2015
New Revision: 1668656

URL: http://svn.apache.org/r1668656
Log:
Fairly large refactor - moving a lot of DOM functionality into "common" for re-use by other projects, who don't require the DOM module

Added:
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509Data.java
      - copied, changed from r1668605, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509Data.java
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509IssuerSerial.java
      - copied, changed from r1668605, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509IssuerSerial.java
Removed:
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509Data.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509IssuerSerial.java
Modified:
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/KeyUtils.java
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSDocInfo.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecBase.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/BinarySecurity.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Reference.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityTokenReference.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedAssertionProcessor.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/ReferenceListProcessor.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/X509Util.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/DerivedKeyTokenSTRParser.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/EncryptedKeySTRParser.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/STRParserUtil.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SecurityTokenRefSTRParser.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SignatureSTRParser.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/transform/STRTransform.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/transform/STRTransformUtil.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java
    webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/AbstractTestBase.java

Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509Data.java (from r1668605, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509Data.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509Data.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509Data.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509Data.java&r1=1668605&r2=1668656&rev=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509Data.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509Data.java Mon Mar 23 14:42:53 2015
@@ -17,12 +17,12 @@
  * under the License.
  */
 
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.token;
 
-import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.util.DOM2Writer;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
+import org.apache.wss4j.common.util.XMLUtils;
+import org.apache.xml.security.utils.Constants;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
@@ -42,8 +42,8 @@ public final class DOMX509Data {
         // Parse X509IssuerSerial child
         //
         Element issuerSerialElement = 
-            WSSecurityUtil.getDirectChildElement(
-                element, WSConstants.X509_ISSUER_SERIAL_LN, WSConstants.SIG_NS
+            XMLUtils.getDirectChildElement(
+                element, "X509IssuerSerial", Constants.SignatureSpecNS
             );
         x509IssuerSerial = new DOMX509IssuerSerial(issuerSerialElement);
     }
@@ -53,9 +53,7 @@ public final class DOMX509Data {
      */
     public DOMX509Data(Document doc, DOMX509IssuerSerial domIssuerSerial) {
         element = 
-            doc.createElementNS(
-                WSConstants.SIG_NS, WSConstants.SIG_PREFIX + ":" + WSConstants.X509_DATA_LN
-            );
+            doc.createElementNS(Constants.SignatureSpecNS, "ds:X509Data");
         
         element.appendChild(domIssuerSerial.getElement());
     }

Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509IssuerSerial.java (from r1668605, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509IssuerSerial.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509IssuerSerial.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509IssuerSerial.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509IssuerSerial.java&r1=1668605&r2=1668656&rev=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509IssuerSerial.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509IssuerSerial.java Mon Mar 23 14:42:53 2015
@@ -17,12 +17,11 @@
  * under the License.
  */
 
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.token;
 
-import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.common.util.DOM2Writer;
 import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
+import org.apache.xml.security.utils.Constants;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
@@ -45,15 +44,12 @@ public final class DOMX509IssuerSerial {
         element = issuerSerialElement;
         
         Element issuerNameElement = 
-            WSSecurityUtil.getDirectChildElement(
-                element, WSConstants.X509_ISSUER_NAME_LN, WSConstants.SIG_NS
-            );
+            XMLUtils.getDirectChildElement(element, "X509IssuerName", Constants.SignatureSpecNS);
         issuer = XMLUtils.getElementText(issuerNameElement);
         
         Element serialNumberElement = 
-            WSSecurityUtil.getDirectChildElement(
-                element, WSConstants.X509_SERIAL_NUMBER_LN, WSConstants.SIG_NS
-            );
+            XMLUtils.getDirectChildElement(element, "X509SerialNumber", Constants.SignatureSpecNS);
+        
         String serialNumberStr = XMLUtils.getElementText(serialNumberElement);
         if (serialNumberStr != null) {
             serialNumber = new BigInteger(serialNumberStr);
@@ -77,21 +73,15 @@ public final class DOMX509IssuerSerial {
         this.serialNumber = serialNumber;
         
         element = 
-            doc.createElementNS(
-                WSConstants.SIG_NS, WSConstants.SIG_PREFIX + ":" + WSConstants.X509_ISSUER_SERIAL_LN
-            );
+            doc.createElementNS(Constants.SignatureSpecNS, "ds:X509IssuerSerial");
         
         Element issuerNameElement = 
-            doc.createElementNS(
-                WSConstants.SIG_NS, WSConstants.SIG_PREFIX + ":" + WSConstants.X509_ISSUER_NAME_LN
-            );
+            doc.createElementNS(Constants.SignatureSpecNS, "ds:X509IssuerName");
         issuerNameElement.appendChild(doc.createTextNode(this.issuer));
         element.appendChild(issuerNameElement);
         
         Element serialNumberElement = 
-            doc.createElementNS(
-                WSConstants.SIG_NS, WSConstants.SIG_PREFIX + ":" + WSConstants.X509_SERIAL_NUMBER_LN
-            );
+            doc.createElementNS(Constants.SignatureSpecNS, "ds:X509SerialNumber");
         serialNumberElement.appendChild(doc.createTextNode(serialNumber.toString()));
         element.appendChild(serialNumberElement);
     }

Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/KeyUtils.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/KeyUtils.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/KeyUtils.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/KeyUtils.java Mon Mar 23 14:42:53 2015
@@ -21,7 +21,9 @@ package org.apache.wss4j.common.util;
 
 import java.security.NoSuchAlgorithmException;
 
+import javax.crypto.Cipher;
 import javax.crypto.KeyGenerator;
+import javax.crypto.NoSuchPaddingException;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 
@@ -108,4 +110,37 @@ public final class KeyUtils {
             );
         }
     }
+    
+    
+    /**
+     * Translate the "cipherAlgo" URI to a JCE ID, and return a javax.crypto.Cipher instance
+     * of this type. 
+     */
+    public static Cipher getCipherInstance(String cipherAlgo)
+        throws WSSecurityException {
+        try {
+            String keyAlgorithm = JCEMapper.translateURItoJCEID(cipherAlgo);
+            return Cipher.getInstance(keyAlgorithm);
+        } catch (NoSuchPaddingException ex) {
+            throw new WSSecurityException(
+                WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unsupportedKeyTransp", 
+                ex, "No such padding: " + cipherAlgo);
+        } catch (NoSuchAlgorithmException ex) {
+            // Check to see if an RSA OAEP MGF-1 with SHA-1 algorithm was requested
+            // Some JDKs don't support RSA/ECB/OAEPPadding
+            if (XMLCipher.RSA_OAEP.equals(cipherAlgo)) {
+                try {
+                    return Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding");
+                } catch (Exception e) {
+                    throw new WSSecurityException(
+                        WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unsupportedKeyTransp",
+                        e, "No such algorithm: " + cipherAlgo);
+                }
+            } else {
+                throw new WSSecurityException(
+                    WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unsupportedKeyTransp",
+                    ex, "No such algorithm: " + cipherAlgo);
+            }
+        }
+    }
 }

Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java Mon Mar 23 14:42:53 2015
@@ -22,6 +22,8 @@ import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.OutputStream;
+import java.util.ArrayList;
+import java.util.List;
 
 import javax.xml.transform.Source;
 import javax.xml.transform.Transformer;
@@ -35,6 +37,7 @@ import javax.xml.transform.stream.Stream
 import org.w3c.dom.Attr;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
+import org.w3c.dom.NamedNodeMap;
 import org.w3c.dom.Node;
 import org.w3c.dom.Text;
 import org.xml.sax.InputSource;
@@ -43,6 +46,11 @@ public final class XMLUtils {
     
     public static final String XMLNS_NS = "http://www.w3.org/2000/xmlns/";
     public static final String XML_NS = "http://www.w3.org/XML/1998/namespace";
+    public static final String WSU_NS = 
+        "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
+    
+    private static final org.slf4j.Logger LOG = 
+        org.slf4j.LoggerFactory.getLogger(XMLUtils.class);
     
     private XMLUtils() {
         // complete
@@ -171,4 +179,310 @@ public final class XMLUtils {
     public static InputSource getInputSourceFromURI(String uri) {
         return new InputSource(uri);
     }
+    
+    /**
+     * Set a namespace/prefix on an element if it is not set already. First off, it
+     * searches for the element for the prefix associated with the specified
+     * namespace. If the prefix isn't null, then this is returned. Otherwise, it
+     * creates a new attribute using the namespace/prefix passed as parameters.
+     * 
+     * @param element
+     * @param namespace
+     * @param prefix
+     * @return the prefix associated with the set namespace
+     */
+    public static String setNamespace(Element element, String namespace, String prefix) {
+        String pre = getPrefixNS(namespace, element);
+        if (pre != null) {
+            return pre;
+        }
+        element.setAttributeNS(XMLNS_NS, "xmlns:" + prefix, namespace);
+        return prefix;
+    }
+
+    public static String getPrefixNS(String uri, Node e) {
+        while (e != null && e.getNodeType() == Element.ELEMENT_NODE) {
+            NamedNodeMap attrs = e.getAttributes();
+            for (int n = 0; n < attrs.getLength(); n++) {
+                Attr a = (Attr) attrs.item(n);
+                String name = a.getName();
+                if (name.startsWith("xmlns:") && a.getNodeValue().equals(uri)) {
+                    return name.substring("xmlns:".length());
+                }
+            }
+            e = e.getParentNode();
+        }
+        return null;
+    }
+    
+    /**
+     * Turn a reference (eg "#5") into an ID (eg "5").
+     * 
+     * @param ref
+     * @return ref trimmed and with the leading "#" removed, or null if not
+     *         correctly formed
+     */
+    public static String getIDFromReference(String ref) {
+        if (ref == null) {
+            return null;
+        }
+        String id = ref.trim();
+        if (id.length() == 0) {
+            return null;
+        }
+        if (id.charAt(0) == '#') {
+            id = id.substring(1);
+        }
+        return id;
+    }
+    
+    /**
+     * Returns the single element that contains an Id with value
+     * <code>uri</code> and <code>namespace</code>. The Id can be either a wsu:Id or an Id
+     * with no namespace. This is a replacement for a XPath Id lookup with the given namespace. 
+     * It's somewhat faster than XPath, and we do not deal with prefixes, just with the real
+     * namespace URI
+     * 
+     * If checkMultipleElements is true and there are multiple elements, we LOG.a 
+     * warning and return null as this can be used to get around the signature checking.
+     * 
+     * @param startNode Where to start the search
+     * @param value Value of the Id attribute
+     * @param checkMultipleElements If true then go through the entire tree and return 
+     *        null if there are multiple elements with the same Id
+     * @return The found element if there was exactly one match, or
+     *         <code>null</code> otherwise
+     */
+    public static Element findElementById(
+        Node startNode, String value, boolean checkMultipleElements
+    ) {
+        //
+        // Replace the formerly recursive implementation with a depth-first-loop lookup
+        //
+        Node startParent = startNode.getParentNode();
+        Node processedNode = null;
+        Element foundElement = null;
+        String id = XMLUtils.getIDFromReference(value);
+
+        while (startNode != null) {
+            // start node processing at this point
+            if (startNode.getNodeType() == Node.ELEMENT_NODE) {
+                Element se = (Element) startNode;
+                // Try the wsu:Id first
+                String attributeNS = se.getAttributeNS(WSU_NS, "Id");
+                if ("".equals(attributeNS) || !id.equals(attributeNS)) {
+                    attributeNS = se.getAttributeNS(null, "Id");
+                }
+                if (!"".equals(attributeNS) && id.equals(attributeNS)) {
+                    if (!checkMultipleElements) {
+                        return se;
+                    } else if (foundElement == null) {
+                        foundElement = se; // Continue searching to find duplicates
+                    } else {
+                        LOG.warn("Multiple elements with the same 'Id' attribute value!");
+                        return null;
+                    }
+                }
+            }
+
+            processedNode = startNode;
+            startNode = startNode.getFirstChild();
+
+            // no child, this node is done.
+            if (startNode == null) {
+                // close node processing, get sibling
+                startNode = processedNode.getNextSibling();
+            }
+            // no more siblings, get parent, all children
+            // of parent are processed.
+            while (startNode == null) {
+                processedNode = processedNode.getParentNode();
+                if (processedNode == startParent) {
+                    return foundElement;
+                }
+                // close parent node processing (processed node now)
+                startNode = processedNode.getNextSibling();
+            }
+        }
+        return foundElement;
+    }
+
+    
+    /**
+     * Returns the first element that matches <code>name</code> and
+     * <code>namespace</code>. <p/> This is a replacement for a XPath lookup
+     * <code>//name</code> with the given namespace. It's somewhat faster than
+     * XPath, and we do not deal with prefixes, just with the real namespace URI
+     * 
+     * @param startNode Where to start the search
+     * @param name Local name of the element
+     * @param namespace Namespace URI of the element
+     * @return The found element or <code>null</code>
+     */
+    public static Element findElement(Node startNode, String name, String namespace) {
+        //
+        // Replace the formerly recursive implementation with a depth-first-loop
+        // lookup
+        //
+        if (startNode == null) {
+            return null;
+        }
+        Node startParent = startNode.getParentNode();
+        Node processedNode = null;
+
+        while (startNode != null) {
+            // start node processing at this point
+            if (startNode.getNodeType() == Node.ELEMENT_NODE
+                && startNode.getLocalName().equals(name)) {
+                String ns = startNode.getNamespaceURI();
+                if (ns != null && ns.equals(namespace)) {
+                    return (Element)startNode;
+                }
+
+                if ((namespace == null || namespace.length() == 0)
+                    && (ns == null || ns.length() == 0)) {
+                    return (Element)startNode;
+                }
+            }
+            processedNode = startNode;
+            startNode = startNode.getFirstChild();
+
+            // no child, this node is done.
+            if (startNode == null) {
+                // close node processing, get sibling
+                startNode = processedNode.getNextSibling();
+            }
+            // no more siblings, get parent, all children
+            // of parent are processed.
+            while (startNode == null) {
+                processedNode = processedNode.getParentNode();
+                if (processedNode == startParent) {
+                    return null;
+                }
+                // close parent node processing (processed node now)
+                startNode = processedNode.getNextSibling();
+            }
+        }
+        return null;
+    }
+    
+    /**
+     * Returns all elements that match <code>name</code> and <code>namespace</code>. 
+     * <p/> This is a replacement for a XPath lookup
+     * <code>//name</code> with the given namespace. It's somewhat faster than
+     * XPath, and we do not deal with prefixes, just with the real namespace URI
+     * 
+     * @param startNode Where to start the search
+     * @param name Local name of the element
+     * @param namespace Namespace URI of the element
+     * @return The found elements (or an empty list)
+     */
+    public static List<Element> findElements(Node startNode, String name, String namespace) {
+        //
+        // Replace the formerly recursive implementation with a depth-first-loop
+        // lookup
+        //
+        if (startNode == null) {
+            return null;
+        }
+        Node startParent = startNode.getParentNode();
+        Node processedNode = null;
+
+        List<Element> foundNodes = new ArrayList<>();
+        while (startNode != null) {
+            // start node processing at this point
+            if (startNode.getNodeType() == Node.ELEMENT_NODE
+                && startNode.getLocalName().equals(name)) {
+                String ns = startNode.getNamespaceURI();
+                if (ns != null && ns.equals(namespace)) {
+                    foundNodes.add((Element)startNode);
+                }
+
+                if ((namespace == null || namespace.length() == 0)
+                    && (ns == null || ns.length() == 0)) {
+                    foundNodes.add((Element)startNode);
+                }
+            }
+            processedNode = startNode;
+            startNode = startNode.getFirstChild();
+
+            // no child, this node is done.
+            if (startNode == null) {
+                // close node processing, get sibling
+                startNode = processedNode.getNextSibling();
+            }
+            // no more siblings, get parent, all children
+            // of parent are processed.
+            while (startNode == null) {
+                processedNode = processedNode.getParentNode();
+                if (processedNode == startParent) {
+                    return foundNodes;
+                }
+                // close parent node processing (processed node now)
+                startNode = processedNode.getNextSibling();
+            }
+        }
+        return foundNodes;
+    }
+    
+    /**
+     * Returns the single SAMLAssertion element that contains an AssertionID/ID that
+     * matches the supplied parameter.
+     * 
+     * @param startNode Where to start the search
+     * @param value Value of the AssertionID/ID attribute
+     * @return The found element if there was exactly one match, or
+     *         <code>null</code> otherwise
+     */
+    public static Element findSAMLAssertionElementById(Node startNode, String value) {
+        Element foundElement = null;
+
+        //
+        // Replace the formerly recursive implementation with a depth-first-loop
+        // lookup
+        //
+        if (startNode == null) {
+            return null;
+        }
+        Node startParent = startNode.getParentNode();
+        Node processedNode = null;
+
+        while (startNode != null) {
+            // start node processing at this point
+            if (startNode.getNodeType() == Node.ELEMENT_NODE) {
+                Element se = (Element) startNode;
+                if (se.hasAttributeNS(null, "ID") && value.equals(se.getAttributeNS(null, "ID"))
+                    || se.hasAttributeNS(null, "AssertionID") 
+                        && value.equals(se.getAttributeNS(null, "AssertionID"))) {
+                    if (foundElement == null) {
+                        foundElement = se; // Continue searching to find duplicates
+                    } else {
+                        LOG.warn("Multiple elements with the same 'ID' attribute value!");
+                        return null;
+                    }
+                }
+            }
+
+            processedNode = startNode;
+            startNode = startNode.getFirstChild();
+
+            // no child, this node is done.
+            if (startNode == null) {
+                // close node processing, get sibling
+                startNode = processedNode.getNextSibling();
+            }
+            // no more siblings, get parent, all children
+            // of parent are processed.
+            while (startNode == null) {
+                processedNode = processedNode.getParentNode();
+                if (processedNode == startParent) {
+                    return foundElement;
+                }
+                // close parent node processing (processed node now)
+                startNode = processedNode.getNextSibling();
+            }
+        }
+        return foundElement;
+    }
+    
 }

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSDocInfo.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSDocInfo.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSDocInfo.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSDocInfo.java Mon Mar 23 14:42:53 2015
@@ -40,8 +40,8 @@ import javax.xml.crypto.dom.DOMCryptoCon
 
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.message.CallbackLookup;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
@@ -161,7 +161,7 @@ public class WSDocInfo {
      * @return the token element or null if nothing found
      */
     public Element getTokenElement(String uri) {
-        String id = WSSecurityUtil.getIDFromReference(uri);
+        String id = XMLUtils.getIDFromReference(uri);
         if (id == null) {
             return null;
         }
@@ -189,7 +189,7 @@ public class WSDocInfo {
     }
     
     public void setTokenOnContext(String uri, DOMCryptoContext context) {
-        String id = WSSecurityUtil.getIDFromReference(uri);
+        String id = XMLUtils.getIDFromReference(uri);
         if (id == null || context == null) {
             return;
         }
@@ -216,7 +216,7 @@ public class WSDocInfo {
      * @return the WSSecurityEngineResult or null if nothing found
      */
     public WSSecurityEngineResult getResult(String uri) {
-        String id = WSSecurityUtil.getIDFromReference(uri);
+        String id = XMLUtils.getIDFromReference(uri);
         if (id == null) {
             return null;
         }
@@ -254,7 +254,7 @@ public class WSDocInfo {
      * See whether we have a WSSecurityEngineResult of the given Integer tag for the given Id
      */
     public boolean hasResult(Integer tag, String uri) {
-        String id = WSSecurityUtil.getIDFromReference(uri);
+        String id = XMLUtils.getIDFromReference(uri);
         if (id == null || "".equals(uri)) {
             return false;
         }

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java Mon Mar 23 14:42:53 2015
@@ -26,6 +26,7 @@ import javax.xml.crypto.dom.DOMCryptoCon
 
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -76,7 +77,7 @@ public class DOMCallbackLookup implement
     public Element getAndRegisterElement(
         String id, String valueType, boolean checkMultipleElements, DOMCryptoContext context
     ) throws WSSecurityException {
-        String idToMatch = WSSecurityUtil.getIDFromReference(id);
+        String idToMatch = XMLUtils.getIDFromReference(id);
         
         //
         // Try the SOAP Body first
@@ -93,7 +94,7 @@ public class DOMCallbackLookup implement
         }
         // Otherwise do a general search
         Element foundElement = 
-            WSSecurityUtil.findElementById(doc.getDocumentElement(), idToMatch, checkMultipleElements);
+            XMLUtils.findElementById(doc.getDocumentElement(), idToMatch, checkMultipleElements);
         if (foundElement != null) {
             if (context != null) {
                 if (foundElement.hasAttributeNS(WSConstants.WSU_NS, "Id")
@@ -117,7 +118,7 @@ public class DOMCallbackLookup implement
             || "".equals(valueType)
             || valueType == null) {
             foundElement = 
-                WSSecurityUtil.findSAMLAssertionElementById(
+                XMLUtils.findSAMLAssertionElementById(
                     doc.getDocumentElement(), idToMatch
                 );
             if (foundElement != null) {
@@ -156,7 +157,7 @@ public class DOMCallbackLookup implement
             bodyElement.getNamespaceURI().equals(namespace)) {
             return Collections.singletonList(bodyElement);
         }
-        return WSSecurityUtil.findElements(doc.getDocumentElement(), localname, namespace);
+        return XMLUtils.findElements(doc.getDocumentElement(), localname, namespace);
     }
 
     

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecBase.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecBase.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecBase.java Mon Mar 23 14:42:53 2015
@@ -20,9 +20,9 @@
 package org.apache.wss4j.dom.message;
 
 import org.apache.wss4j.common.WSEncryptionPart;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSSConfig;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
@@ -171,8 +171,7 @@ public class WSSecBase {
         
         if (id == null || id.length() == 0) {
             id = wssConfig.getIdAllocator().createId("id-", bodyElement);
-            String prefix = 
-                WSSecurityUtil.setNamespace(bodyElement, newAttrNs, newAttrPrefix);
+            String prefix = XMLUtils.setNamespace(bodyElement, newAttrNs, newAttrPrefix);
             bodyElement.setAttributeNS(newAttrNs, prefix + ":Id", id);
         }
         return id;

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java Mon Mar 23 14:42:53 2015
@@ -25,6 +25,7 @@ import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.common.WSEncryptionPart;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.util.KeyUtils;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.common.derivedKey.ConversationConstants;
 import org.apache.wss4j.dom.message.token.Reference;
 import org.apache.wss4j.dom.message.token.SecurityTokenReference;
@@ -174,10 +175,8 @@ public class WSSecDKSign extends WSSecDe
      */
     public Element getSignatureElement() {
         return
-            WSSecurityUtil.getDirectChildElement(
-                securityHeader,
-                WSConstants.SIG_LN,
-                WSConstants.SIG_NS
+            XMLUtils.getDirectChildElement(
+                securityHeader, WSConstants.SIG_LN, WSConstants.SIG_NS
             );
     }
     

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java Mon Mar 23 14:42:53 2015
@@ -23,6 +23,7 @@ import org.apache.wss4j.common.ext.Attac
 import org.apache.wss4j.common.ext.AttachmentRequestCallback;
 import org.apache.wss4j.common.ext.AttachmentResultCallback;
 import org.apache.wss4j.common.util.AttachmentUtils;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.common.WSEncryptionPart;
@@ -35,7 +36,9 @@ import org.apache.wss4j.dom.message.toke
 import org.apache.wss4j.dom.message.token.SecurityTokenReference;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.xml.security.algorithms.JCEMapper;
-import org.apache.xml.security.encryption.*;
+import org.apache.xml.security.encryption.EncryptedData;
+import org.apache.xml.security.encryption.XMLCipher;
+import org.apache.xml.security.encryption.XMLEncryptionException;
 import org.apache.xml.security.keys.KeyInfo;
 import org.apache.xml.security.utils.Base64;
 import org.w3c.dom.Attr;
@@ -53,7 +56,10 @@ import javax.security.auth.callback.Call
 import javax.security.auth.callback.CallbackHandler;
 
 import java.security.cert.X509Certificate;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
 
 /**
  * Encrypts a parts of a message according to WS Specification, X509 profile,
@@ -253,7 +259,7 @@ public class WSSecEncrypt extends WSSecE
             // then add the ENC namespace
             //
             if (!encryptSymmKey) {
-                WSSecurityUtil.setNamespace(
+                XMLUtils.setNamespace(
                     dataRef, WSConstants.ENC_NS, WSConstants.ENC_PREFIX
                 );
             }
@@ -529,9 +535,9 @@ public class WSSecEncrypt extends WSSecE
                     doc.createElementNS(
                         WSConstants.WSSE11_NS, "wsse11:" + WSConstants.ENCRYPTED_HEADER
                     );
-                WSSecurityUtil.setNamespace(elem, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
+                XMLUtils.setNamespace(elem, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
                 String wsuPrefix = 
-                    WSSecurityUtil.setNamespace(elem, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+                    XMLUtils.setNamespace(elem, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
                 headerId = config.getIdAllocator().createId("EH-", elementToEncrypt);
                 elem.setAttributeNS(
                     WSConstants.WSU_NS, wsuPrefix + ":Id", headerId
@@ -551,7 +557,7 @@ public class WSSecEncrypt extends WSSecE
                     if (attr.getNamespaceURI().equals(WSConstants.URI_SOAP11_ENV)
                         || attr.getNamespaceURI().equals(WSConstants.URI_SOAP12_ENV)) {                         
                         String soapEnvPrefix = 
-                            WSSecurityUtil.setNamespace(
+                            XMLUtils.setNamespace(
                                 elem, attr.getNamespaceURI(), WSConstants.DEFAULT_SOAP_PREFIX
                             );
                         elem.setAttributeNS(

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java Mon Mar 23 14:42:53 2015
@@ -36,10 +36,10 @@ import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoType;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.token.DOMX509Data;
+import org.apache.wss4j.common.token.DOMX509IssuerSerial;
 import org.apache.wss4j.common.util.KeyUtils;
 import org.apache.wss4j.dom.message.token.BinarySecurity;
-import org.apache.wss4j.dom.message.token.DOMX509Data;
-import org.apache.wss4j.dom.message.token.DOMX509IssuerSerial;
 import org.apache.wss4j.dom.message.token.Reference;
 import org.apache.wss4j.dom.message.token.SecurityTokenReference;
 import org.apache.wss4j.dom.message.token.X509Security;
@@ -238,7 +238,7 @@ public class WSSecEncryptedKey extends W
         X509Certificate remoteCert,
         Crypto crypto
     ) throws WSSecurityException {
-        Cipher cipher = WSSecurityUtil.getCipherInstance(keyEncAlgo);
+        Cipher cipher = KeyUtils.getCipherInstance(keyEncAlgo);
         try {
             OAEPParameterSpec oaepParameterSpec = null;
             if (WSConstants.KEYTRANSPORT_RSAOEP.equals(keyEncAlgo)
@@ -343,7 +343,7 @@ public class WSSecEncryptedKey extends W
                     document, issuer, serialNumber
                 );
             DOMX509Data domX509Data = new DOMX509Data(document, domIssuerSerial);
-            secToken.setX509Data(domX509Data);
+            secToken.setUnknownElement(domX509Data.getElement());
             
             if (includeEncryptionToken) {
                 addBST(remoteCert);
@@ -447,7 +447,7 @@ public class WSSecEncryptedKey extends W
         Element encryptedKey = 
             doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":EncryptedKey");
 
-        WSSecurityUtil.setNamespace(encryptedKey, WSConstants.ENC_NS, WSConstants.ENC_PREFIX);
+        org.apache.wss4j.common.util.XMLUtils.setNamespace(encryptedKey, WSConstants.ENC_NS, WSConstants.ENC_PREFIX);
         Element encryptionMethod = 
             doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":EncryptionMethod");
         encryptionMethod.setAttributeNS(null, "Algorithm", keyTransportAlgo);

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java Mon Mar 23 14:42:53 2015
@@ -20,6 +20,7 @@ package org.apache.wss4j.dom.message;
 
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -138,7 +139,7 @@ public class WSSecHeader {
 
         String soapNamespace = WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
         String soapPrefix = 
-            WSSecurityUtil.setNamespace(
+            XMLUtils.setNamespace(
                 securityHeader, soapNamespace, WSConstants.DEFAULT_SOAP_PREFIX
             );
         
@@ -164,7 +165,7 @@ public class WSSecHeader {
                 mustUnderstandLocal
             );
         }
-        WSSecurityUtil.setNamespace(securityHeader, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+        XMLUtils.setNamespace(securityHeader, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
         
         return securityHeader;
     }

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java Mon Mar 23 14:42:53 2015
@@ -26,10 +26,11 @@ import org.apache.wss4j.common.WSEncrypt
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoType;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.token.DOMX509Data;
+import org.apache.wss4j.common.token.DOMX509IssuerSerial;
 import org.apache.wss4j.common.util.KeyUtils;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.message.token.BinarySecurity;
-import org.apache.wss4j.dom.message.token.DOMX509Data;
-import org.apache.wss4j.dom.message.token.DOMX509IssuerSerial;
 import org.apache.wss4j.dom.message.token.KerberosSecurity;
 import org.apache.wss4j.dom.message.token.PKIPathSecurity;
 import org.apache.wss4j.dom.message.token.Reference;
@@ -213,7 +214,7 @@ public class WSSecSignature extends WSSe
                 DOMX509IssuerSerial domIssuerSerial = 
                     new DOMX509IssuerSerial(doc, issuer, serialNumber);
                 DOMX509Data domX509Data = new DOMX509Data(doc, domIssuerSerial);
-                secRef.setX509Data(domX509Data);
+                secRef.setUnknownElement(domX509Data.getElement());
                 
                 if (includeSignatureToken) {
                     addBST(certs);
@@ -424,10 +425,8 @@ public class WSSecSignature extends WSSe
      */
     public Element getSignatureElement() {
         return
-            WSSecurityUtil.getDirectChildElement(
-                securityHeader,
-                WSConstants.SIG_LN,
-                WSConstants.SIG_NS
+            XMLUtils.getDirectChildElement(
+                securityHeader, WSConstants.SIG_LN, WSConstants.SIG_NS
             );
     }
     

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/BinarySecurity.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/BinarySecurity.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/BinarySecurity.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/BinarySecurity.java Mon Mar 23 14:42:53 2015
@@ -28,7 +28,6 @@ import org.apache.wss4j.common.ext.WSSec
 import org.apache.wss4j.common.util.DOM2Writer;
 import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.bsp.BSPEnforcer;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.xml.security.utils.Base64;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -122,7 +121,7 @@ public class BinarySecurity {
      * efficiency purposes.
      */
     public void addWSSENamespace() {
-        WSSecurityUtil.setNamespace(element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
+        XMLUtils.setNamespace(element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
     }
     
     /**
@@ -130,7 +129,7 @@ public class BinarySecurity {
      * efficiency purposes.
      */
     public void addWSUNamespace() {
-        WSSecurityUtil.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+        XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
     }
 
     /**

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java Mon Mar 23 14:42:53 2015
@@ -32,6 +32,7 @@ import org.apache.wss4j.common.derivedKe
 import org.apache.wss4j.common.derivedKey.DerivationAlgorithm;
 import org.apache.wss4j.common.principal.WSDerivedKeyTokenPrincipal;
 import org.apache.wss4j.common.util.DOM2Writer;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.bsp.BSPEnforcer;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.xml.security.utils.Base64;
@@ -91,7 +92,7 @@ public class DerivedKeyToken {
         ns = ConversationConstants.getWSCNs(version);
         element = 
             doc.createElementNS(ns, "wsc:" + ConversationConstants.DERIVED_KEY_TOKEN_LN);
-        WSSecurityUtil.setNamespace(element, ns, ConversationConstants.WSC_PREFIX);
+        XMLUtils.setNamespace(element, ns, ConversationConstants.WSC_PREFIX);
         bspEnforcer = new BSPEnforcer();
     }
 
@@ -115,7 +116,7 @@ public class DerivedKeyToken {
             );
         }
         elementSecurityTokenReference = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 element,
                 ConversationConstants.SECURITY_TOKEN_REFERENCE_LN,
                 WSConstants.WSSE_NS
@@ -124,27 +125,27 @@ public class DerivedKeyToken {
         ns = el.getNamespaceURI();
         
         elementProperties = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 element, ConversationConstants.PROPERTIES_LN, ns
             );
         elementGeneration = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 element, ConversationConstants.GENERATION_LN, ns
             );
         elementOffset = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 element, ConversationConstants.OFFSET_LN, ns
             );
         elementLength = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 element, ConversationConstants.LENGTH_LN, ns
             );
         elementLabel = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 element, ConversationConstants.LABEL_LN, ns
             );
         elementNonce = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 element, ConversationConstants.NONCE_LN, ns
             );
     }
@@ -154,7 +155,7 @@ public class DerivedKeyToken {
      * efficiency purposes.
      */
     public void addWSUNamespace() {
-        WSSecurityUtil.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+        XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
     }
 
     /**
@@ -249,7 +250,7 @@ public class DerivedKeyToken {
                 //Check whether this property is already there
                 //If so change the value
                 Element node = 
-                    WSSecurityUtil.findElement(elementProperties, propertyName, ns);
+                    XMLUtils.findElement(elementProperties, propertyName, ns);
                 if (node != null) { //If the node is not null
                     Text node1 = getFirstNode(node);
                     node1.setData(properties.get(propertyName));
@@ -488,7 +489,7 @@ public class DerivedKeyToken {
         SecurityTokenReference securityTokenReference = getSecurityTokenReference();
         if (securityTokenReference.containsReference()) {
             basetokenId = securityTokenReference.getReference().getURI();
-            basetokenId = WSSecurityUtil.getIDFromReference(basetokenId);
+            basetokenId = XMLUtils.getIDFromReference(basetokenId);
         } else {
             // KeyIdentifier
             basetokenId = securityTokenReference.getKeyIdentifierValue();

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Reference.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Reference.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Reference.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Reference.java Mon Mar 23 14:42:53 2015
@@ -24,7 +24,7 @@ import javax.xml.namespace.QName;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.util.DOM2Writer;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
@@ -76,7 +76,7 @@ public class Reference {
      * efficiency purposes, as the reference is embedded in a wsse:SecurityTokenReference.
      */
     public void addWSSENamespace() {
-        WSSecurityUtil.setNamespace(this.element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
+        XMLUtils.setNamespace(this.element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
     }
 
     /**

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java Mon Mar 23 14:42:53 2015
@@ -24,8 +24,8 @@ import javax.xml.namespace.QName;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.util.DOM2Writer;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.common.derivedKey.ConversationConstants;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.xml.security.stax.impl.util.IDGenerator;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -76,7 +76,7 @@ public class SecurityContextToken {
         element = 
             doc.createElementNS(ns, "wsc:" + ConversationConstants.SECURITY_CONTEXT_TOKEN_LN);
 
-        WSSecurityUtil.setNamespace(element, ns, ConversationConstants.WSC_PREFIX);
+        XMLUtils.setNamespace(element, ns, ConversationConstants.WSC_PREFIX);
 
         elementIdentifier = 
             doc.createElementNS(ns, "wsc:" + ConversationConstants.IDENTIFIER_LN);
@@ -100,7 +100,7 @@ public class SecurityContextToken {
         element = 
             doc.createElementNS(ns, "wsc:" + ConversationConstants.SECURITY_CONTEXT_TOKEN_LN);
 
-        WSSecurityUtil.setNamespace(element, ns, ConversationConstants.WSC_PREFIX);
+        XMLUtils.setNamespace(element, ns, ConversationConstants.WSC_PREFIX);
 
         elementIdentifier = 
             doc.createElementNS(ns, "wsc:" + ConversationConstants.IDENTIFIER_LN);
@@ -137,7 +137,7 @@ public class SecurityContextToken {
         }
 
         elementIdentifier = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 element, 
                 ConversationConstants.IDENTIFIER_LN,
                 el.getNamespaceURI()
@@ -149,7 +149,7 @@ public class SecurityContextToken {
      * efficiency purposes.
      */
     public void addWSUNamespace() {
-        WSSecurityUtil.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+        XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
     }
 
     /**

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityTokenReference.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityTokenReference.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityTokenReference.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityTokenReference.java Mon Mar 23 14:42:53 2015
@@ -27,6 +27,7 @@ import org.apache.wss4j.common.crypto.Cr
 import org.apache.wss4j.common.crypto.Merlin;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.token.DOMX509IssuerSerial;
 import org.apache.wss4j.common.util.DOM2Writer;
 import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.bsp.BSPEnforcer;
@@ -114,7 +115,7 @@ public class SecurityTokenReference {
      * efficiency purposes.
      */
     public void addWSSENamespace() {
-        WSSecurityUtil.setNamespace(element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
+        XMLUtils.setNamespace(element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
     }
     
     /**
@@ -122,7 +123,7 @@ public class SecurityTokenReference {
      * efficiency purposes.
      */
     public void addWSUNamespace() {
-        WSSecurityUtil.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+        XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
     }
     
     /**
@@ -131,7 +132,7 @@ public class SecurityTokenReference {
      */
     public void addTokenType(String tokenType) {
         if (tokenType != null) {
-            WSSecurityUtil.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
+            XMLUtils.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
             element.setAttributeNS(
                 WSConstants.WSSE11_NS, 
                 WSConstants.WSSE11_PREFIX + ":" + WSConstants.TOKEN_TYPE, 
@@ -251,7 +252,7 @@ public class SecurityTokenReference {
         String uri,
         String type
     ) throws WSSecurityException {
-        String id = WSSecurityUtil.getIDFromReference(uri);
+        String id = XMLUtils.getIDFromReference(uri);
         //
         // Delegate finding the element to the CallbackLookup instance
         //
@@ -283,7 +284,7 @@ public class SecurityTokenReference {
         String uri,
         String type
     ) throws WSSecurityException {
-        String id = WSSecurityUtil.getIDFromReference(uri);
+        String id = XMLUtils.getIDFromReference(uri);
         //
         // Try to find it from the WSDocInfo instance first
         //
@@ -561,22 +562,6 @@ public class SecurityTokenReference {
         return skiBytes;
     }
 
-
-    /**
-     * Sets the X509Data.
-     *
-     * @param domX509Data the {@link DOMX509Data} to put into this
-     *            SecurityTokenReference
-     */
-    public void setX509Data(DOMX509Data domX509Data) {
-        Element elem = getFirstElement();
-        if (elem != null) {
-            element.replaceChild(domX509Data.getElement(), elem);
-        } else {
-            element.appendChild(domX509Data.getElement());
-        }
-    }
-    
     
     /**
      * Set an unknown element.
@@ -624,7 +609,7 @@ public class SecurityTokenReference {
         }
         if (WSConstants.X509_DATA_LN.equals(elem.getLocalName())) {
             elem = 
-                WSSecurityUtil.findElement(
+                XMLUtils.findElement(
                     elem, WSConstants.X509_ISSUER_SERIAL_LN, WSConstants.SIG_NS
                 );
         }

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java Mon Mar 23 14:42:53 2015
@@ -25,8 +25,8 @@ import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.common.bsp.BSPRule;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.util.DOM2Writer;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.bsp.BSPEnforcer;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.xml.security.exceptions.Base64DecodingException;
 import org.apache.xml.security.utils.Base64;
 import org.w3c.dom.Document;
@@ -84,7 +84,7 @@ public class SignatureConfirmation {
                 WSConstants.WSSE11_NS, 
                 WSConstants.WSSE11_PREFIX + ":"  + WSConstants.SIGNATURE_CONFIRMATION_LN
             );
-        WSSecurityUtil.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
+        XMLUtils.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
         if (signVal != null) {
             String sv = Base64.encode(signVal);
             element.setAttributeNS(null, SC_VALUE_ATTR, sv);
@@ -96,7 +96,7 @@ public class SignatureConfirmation {
      * efficiency purposes.
      */
     public void addWSUNamespace() {
-        WSSecurityUtil.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+        XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
     }
 
     /**

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java Mon Mar 23 14:42:53 2015
@@ -34,10 +34,10 @@ import org.apache.wss4j.common.util.DOM2
 import org.apache.wss4j.common.util.DateUtil;
 import org.apache.wss4j.common.util.WSCurrentTimeSource;
 import org.apache.wss4j.common.util.WSTimeSource;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.dom.bsp.BSPEnforcer;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -220,7 +220,7 @@ public class Timestamp {
      * efficiency purposes.
      */
     public void addWSUNamespace() {
-        WSSecurityUtil.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+        XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
     }
 
     /**

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java Mon Mar 23 14:42:53 2015
@@ -113,27 +113,27 @@ public class UsernameToken {
             );
         }
         elementUsername = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 element, WSConstants.USERNAME_LN, WSConstants.WSSE_NS
             );
         elementPassword = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 element, WSConstants.PASSWORD_LN, WSConstants.WSSE_NS
             );
         elementNonce = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 element, WSConstants.NONCE_LN, WSConstants.WSSE_NS
             );
         elementCreated = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 element, WSConstants.CREATED_LN, WSConstants.WSU_NS
             );
         elementSalt = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 element, WSConstants.SALT_LN, WSConstants.WSSE11_NS
             );
         elementIteration = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 element, WSConstants.ITERATION_LN, WSConstants.WSSE11_NS
             );
         if (elementUsername == null) {
@@ -285,7 +285,7 @@ public class UsernameToken {
      * efficiency purposes.
      */
     public void addWSSENamespace() {
-        WSSecurityUtil.setNamespace(element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
+        XMLUtils.setNamespace(element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
     }
     
     /**
@@ -293,7 +293,7 @@ public class UsernameToken {
      * efficiency purposes.
      */
     public void addWSUNamespace() {
-        WSSecurityUtil.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+        XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
     }
 
     /**
@@ -366,7 +366,7 @@ public class UsernameToken {
             doc.createElementNS(
                 WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX + ":" + WSConstants.SALT_LN
             );
-        WSSecurityUtil.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
+        XMLUtils.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
         elementSalt.appendChild(doc.createTextNode(Base64.encode(saltValue)));
         element.appendChild(elementSalt);
         return saltValue;
@@ -381,7 +381,7 @@ public class UsernameToken {
             doc.createElementNS(
                 WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX + ":" + WSConstants.ITERATION_LN
             );
-        WSSecurityUtil.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
+        XMLUtils.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
         elementIteration.appendChild(doc.createTextNode(text));
         element.appendChild(elementIteration);
     }

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedAssertionProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedAssertionProcessor.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedAssertionProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedAssertionProcessor.java Mon Mar 23 14:42:53 2015
@@ -25,13 +25,12 @@ import java.util.List;
 import javax.xml.namespace.QName;
 
 import org.w3c.dom.Element;
-
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSDocInfo;
 import org.apache.wss4j.dom.WSSecurityEngineResult;
 import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
 
 /**
  * This will process incoming <code>saml2:EncryptedAssertion</code> elements. EncryptedKey
@@ -52,7 +51,7 @@ public class EncryptedAssertionProcessor
         }
         
         Element encryptedDataElement =
-            WSSecurityUtil.getDirectChildElement(elem, WSConstants.ENC_DATA_LN, WSConstants.ENC_NS);
+            XMLUtils.getDirectChildElement(elem, WSConstants.ENC_DATA_LN, WSConstants.ENC_NS);
         if (encryptedDataElement == null) {
             // Maybe it has already been decrypted...
             return Collections.emptyList();

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java Mon Mar 23 14:42:53 2015
@@ -35,6 +35,7 @@ import org.apache.wss4j.common.crypto.Al
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.principal.WSDerivedKeyTokenPrincipal;
 import org.apache.wss4j.common.util.KeyUtils;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSDataRef;
 import org.apache.wss4j.dom.WSDocInfo;
@@ -70,7 +71,7 @@ public class EncryptedDataProcessor impl
         final String encryptedDataId = elem.getAttributeNS(null, "Id");
 
         Element kiElem =
-            WSSecurityUtil.getDirectChildElement(elem, "KeyInfo", WSConstants.SIG_NS);
+            XMLUtils.getDirectChildElement(elem, "KeyInfo", WSConstants.SIG_NS);
         // KeyInfo cannot be null
         if (kiElem == null) {
             throw new WSSecurityException(
@@ -83,11 +84,11 @@ public class EncryptedDataProcessor impl
         
         // Get the Key either via a SecurityTokenReference or an EncryptedKey
         Element secRefToken = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 kiElem, "SecurityTokenReference", WSConstants.WSSE_NS
             );
         Element encryptedKeyElement = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 kiElem, WSConstants.ENC_KEY_LN, WSConstants.ENC_NS
             );
         

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java Mon Mar 23 14:42:53 2015
@@ -44,6 +44,7 @@ import org.apache.wss4j.common.crypto.Al
 import org.apache.wss4j.common.crypto.AlgorithmSuiteValidator;
 import org.apache.wss4j.common.crypto.CryptoType;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.token.DOMX509IssuerSerial;
 import org.apache.wss4j.common.util.KeyUtils;
 import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.WSConstants;
@@ -52,7 +53,6 @@ import org.apache.wss4j.dom.WSDocInfo;
 import org.apache.wss4j.dom.WSSecurityEngineResult;
 import org.apache.wss4j.dom.bsp.BSPEnforcer;
 import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.DOMX509IssuerSerial;
 import org.apache.wss4j.dom.message.token.SecurityTokenReference;
 import org.apache.wss4j.dom.str.EncryptedKeySTRParser;
 import org.apache.wss4j.dom.str.STRParser;
@@ -125,18 +125,18 @@ public class EncryptedKeyProcessor imple
         // Check BSP Compliance
         checkBSPCompliance(elem, encryptedKeyTransportMethod, data.getBSPEnforcer());
         
-        Cipher cipher = WSSecurityUtil.getCipherInstance(encryptedKeyTransportMethod);
+        Cipher cipher = KeyUtils.getCipherInstance(encryptedKeyTransportMethod);
         //
         // Now lookup CipherValue.
         //
         Element tmpE = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 elem, "CipherData", WSConstants.ENC_NS
             );
         Element xencCipherValue = null;
         if (tmpE != null) {
             xencCipherValue = 
-                WSSecurityUtil.getDirectChildElement(tmpE, "CipherValue", WSConstants.ENC_NS);
+                XMLUtils.getDirectChildElement(tmpE, "CipherValue", WSConstants.ENC_NS);
         }
         if (xencCipherValue == null) {
             throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "noCipher");
@@ -226,7 +226,7 @@ public class EncryptedKeyProcessor imple
         }
         
         Element refList = 
-            WSSecurityUtil.getDirectChildElement(elem, "ReferenceList", WSConstants.ENC_NS);
+            XMLUtils.getDirectChildElement(elem, "ReferenceList", WSConstants.ENC_NS);
         
         byte[] encryptedEphemeralKey = null;
         byte[] decryptedBytes = null;
@@ -306,7 +306,7 @@ public class EncryptedKeyProcessor imple
                         && WSConstants.ENC_NS.equals(node.getNamespaceURI())
                         && "DataReference".equals(node.getLocalName())) {
                     String dataRefURI = ((Element) node).getAttributeNS(null, "URI");
-                    return WSSecurityUtil.getIDFromReference(dataRefURI);
+                    return XMLUtils.getIDFromReference(dataRefURI);
                 }
             }
         }
@@ -336,12 +336,12 @@ public class EncryptedKeyProcessor imple
     
     private static String getDigestAlgorithm(Node encBodyData) throws WSSecurityException {
         Element tmpE = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 encBodyData, "EncryptionMethod", WSConstants.ENC_NS
             );
         if (tmpE != null) {
             Element digestElement = 
-                WSSecurityUtil.getDirectChildElement(tmpE, "DigestMethod", WSConstants.SIG_NS);
+                XMLUtils.getDirectChildElement(tmpE, "DigestMethod", WSConstants.SIG_NS);
             if (digestElement != null) {
                 return digestElement.getAttributeNS(null, "Algorithm");
             }
@@ -351,12 +351,12 @@ public class EncryptedKeyProcessor imple
 
     private static String getMGFAlgorithm(Node encBodyData) throws WSSecurityException {
         Element tmpE =
-                WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                         encBodyData, "EncryptionMethod", WSConstants.ENC_NS
                 );
         if (tmpE != null) {
             Element mgfElement =
-                    WSSecurityUtil.getDirectChildElement(tmpE, "MGF", WSConstants.ENC11_NS);
+                XMLUtils.getDirectChildElement(tmpE, "MGF", WSConstants.ENC11_NS);
             if (mgfElement != null) {
                 return mgfElement.getAttributeNS(null, "Algorithm");
             }
@@ -366,12 +366,12 @@ public class EncryptedKeyProcessor imple
 
     private static byte[] getPSource(Node encBodyData) throws WSSecurityException {
         Element tmpE =
-                WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                         encBodyData, "EncryptionMethod", WSConstants.ENC_NS
                 );
         if (tmpE != null) {
             Element pSourceElement =
-                    WSSecurityUtil.getDirectChildElement(tmpE, "OAEPparams", WSConstants.ENC_NS);
+                XMLUtils.getDirectChildElement(tmpE, "OAEPparams", WSConstants.ENC_NS);
             if (pSourceElement != null) {
                 return getDecodedBase64EncodedData(pSourceElement);
             }
@@ -383,7 +383,7 @@ public class EncryptedKeyProcessor imple
         Element xencEncryptedKey, RequestData data
     ) throws WSSecurityException {
         Element keyInfo = 
-            WSSecurityUtil.getDirectChildElement(xencEncryptedKey, "KeyInfo", WSConstants.SIG_NS);
+            XMLUtils.getDirectChildElement(xencEncryptedKey, "KeyInfo", WSConstants.SIG_NS);
         if (keyInfo != null) {
             Element strElement = null;
 
@@ -483,7 +483,7 @@ public class EncryptedKeyProcessor imple
                     && WSConstants.ENC_NS.equals(node.getNamespaceURI())
                     && "DataReference".equals(node.getLocalName())) {
                 String dataRefURI = ((Element) node).getAttributeNS(null, "URI");
-                dataRefURI = WSSecurityUtil.getIDFromReference(dataRefURI);
+                dataRefURI = XMLUtils.getIDFromReference(dataRefURI);
                 
                 WSDataRef dataRef = 
                     decryptDataRef(refList.getOwnerDocument(), dataRefURI, docInfo, decryptedBytes, data);

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/ReferenceListProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/ReferenceListProcessor.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/ReferenceListProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/ReferenceListProcessor.java Mon Mar 23 14:42:53 2015
@@ -38,6 +38,7 @@ import org.apache.wss4j.common.ext.Attac
 import org.apache.wss4j.common.ext.AttachmentRequestCallback;
 import org.apache.wss4j.common.ext.AttachmentResultCallback;
 import org.apache.wss4j.common.util.AttachmentUtils;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.xml.security.algorithms.JCEMapper;
 import org.w3c.dom.Attr;
 import org.w3c.dom.Document;
@@ -109,7 +110,7 @@ public class ReferenceListProcessor impl
                 && WSConstants.ENC_NS.equals(node.getNamespaceURI())
                 && "DataReference".equals(node.getLocalName())) {
                 String dataRefURI = ((Element) node).getAttributeNS(null, "URI");
-                dataRefURI = WSSecurityUtil.getIDFromReference(dataRefURI);
+                dataRefURI = XMLUtils.getIDFromReference(dataRefURI);
                 
                 // See whether we have already processed the encrypted node 
                 if (!wsDocInfo.hasResult(WSConstants.ENCR, dataRefURI)) {
@@ -152,7 +153,7 @@ public class ReferenceListProcessor impl
         //
         String symEncAlgo = X509Util.getEncAlgo(encryptedDataElement);
         Element keyInfoElement =
-                WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                     encryptedDataElement, "KeyInfo", WSConstants.SIG_NS
                 );
         // KeyInfo cannot be null
@@ -167,7 +168,7 @@ public class ReferenceListProcessor impl
         // shared key using a KeyName.
         //
         Element secRefToken = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 keyInfoElement, "SecurityTokenReference", WSConstants.WSSE_NS
             );
         SecretKey symmetricKey = null;
@@ -399,11 +400,11 @@ public class ReferenceListProcessor impl
         dataRef.setAlgorithm(symEncAlgo);
         
         try {
-            Element cipherData = WSSecurityUtil.getDirectChildElement(encData, "CipherData", WSConstants.ENC_NS);
+            Element cipherData = XMLUtils.getDirectChildElement(encData, "CipherData", WSConstants.ENC_NS);
             if (cipherData == null) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
             }
-            Element cipherReference = WSSecurityUtil.getDirectChildElement(cipherData, "CipherReference", WSConstants.ENC_NS);
+            Element cipherReference = XMLUtils.getDirectChildElement(cipherData, "CipherReference", WSConstants.ENC_NS);
             if (cipherReference == null) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
             }

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java Mon Mar 23 14:42:53 2015
@@ -24,9 +24,9 @@ import org.apache.wss4j.dom.WSDocInfo;
 import org.apache.wss4j.dom.WSSecurityEngineResult;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.message.token.SecurityContextToken;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.wss4j.dom.validate.Credential;
 import org.apache.wss4j.dom.validate.Validator;
 import org.w3c.dom.Element;
@@ -70,7 +70,7 @@ public class SecurityContextTokenProcess
             result.put(WSSecurityEngineResult.TAG_SECRET, returnedCredential.getSecretKey());
         } else {
             String id = sct.getID();
-            id = WSSecurityUtil.getIDFromReference(id);
+            id = XMLUtils.getIDFromReference(id);
 
             byte[] secret = null;
             try {

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java Mon Mar 23 14:42:53 2015
@@ -63,6 +63,7 @@ import org.apache.wss4j.common.principal
 import org.apache.wss4j.common.principal.UsernameTokenPrincipal;
 import org.apache.wss4j.common.principal.WSDerivedKeyTokenPrincipal;
 import org.apache.wss4j.common.util.KeyUtils;
+import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSDataRef;
 import org.apache.wss4j.dom.WSDocInfo;
@@ -81,7 +82,6 @@ import org.apache.wss4j.dom.str.Signatur
 import org.apache.wss4j.dom.transform.AttachmentContentSignatureTransform;
 import org.apache.wss4j.dom.transform.STRTransform;
 import org.apache.wss4j.dom.transform.STRTransformUtil;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 import org.apache.wss4j.dom.validate.Credential;
 import org.apache.wss4j.dom.validate.Validator;
@@ -114,7 +114,7 @@ public class SignatureProcessor implemen
             LOG.debug("Found signature element");
         }
         Element keyInfoElement = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 elem,
                 "KeyInfo",
                 WSConstants.SIG_NS
@@ -484,14 +484,14 @@ public class SignatureProcessor implemen
         Element signatureElement
     ) {
         Element signedInfoElement = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 signatureElement,
                 "SignedInfo",
                 WSConstants.SIG_NS
             );
         if (signedInfoElement != null) {
             Element signatureMethodElement = 
-                WSSecurityUtil.getDirectChildElement(
+                XMLUtils.getDirectChildElement(
                     signedInfoElement,
                     "SignatureMethod",
                     WSConstants.SIG_NS

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/X509Util.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/X509Util.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/X509Util.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/X509Util.java Mon Mar 23 14:42:53 2015
@@ -24,7 +24,6 @@ import org.apache.wss4j.common.ext.WSPas
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.util.KeyUtils;
 import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 
@@ -55,7 +54,7 @@ public final class X509Util {
 
     public static String getEncAlgo(Node encBodyData) throws WSSecurityException {
         Element tmpE = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 encBodyData, "EncryptionMethod", WSConstants.ENC_NS
             );
         String symEncAlgo = null;
@@ -80,7 +79,7 @@ public final class X509Util {
     ) throws WSSecurityException {
         String keyName = null;
         Element keyNmElem = 
-            WSSecurityUtil.getDirectChildElement(
+            XMLUtils.getDirectChildElement(
                 keyInfoElem, "KeyName", WSConstants.SIG_NS
             );
         if (keyNmElem != null) {

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java Mon Mar 23 14:42:53 2015
@@ -45,12 +45,12 @@ import org.apache.wss4j.common.ext.WSSec
 import org.apache.wss4j.common.saml.OpenSAMLUtil;
 import org.apache.wss4j.common.saml.SAMLKeyInfo;
 import org.apache.wss4j.common.saml.SAMLUtil;
+import org.apache.wss4j.common.token.DOMX509Data;
+import org.apache.wss4j.common.token.DOMX509IssuerSerial;
 import org.apache.wss4j.common.util.KeyUtils;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.message.WSSecHeader;
 import org.apache.wss4j.dom.message.WSSecSignature;
-import org.apache.wss4j.dom.message.token.DOMX509Data;
-import org.apache.wss4j.dom.message.token.DOMX509IssuerSerial;
 import org.apache.wss4j.dom.message.token.Reference;
 import org.apache.wss4j.dom.message.token.SecurityTokenReference;
 import org.apache.wss4j.dom.message.token.X509Security;
@@ -413,7 +413,7 @@ public class WSSecSignatureSAML extends
                 final DOMX509IssuerSerial domIssuerSerial =
                         new DOMX509IssuerSerial(document, issuer, serialNumber);
                 final DOMX509Data domX509Data = new DOMX509Data(document, domIssuerSerial);
-                secRef.setX509Data(domX509Data);
+                secRef.setUnknownElement(domX509Data.getElement());
                 break;
 
             default:



Mime
View raw message