ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1689445 - in /webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src: main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java test/java/org/apache/wss4j/dom/message/XOPAttachmentTest.java
Date Mon, 06 Jul 2015 16:10:12 GMT
Author: coheigea
Date: Mon Jul  6 16:10:11 2015
New Revision: 1689445

URL: http://svn.apache.org/r1689445
Log:
[WSS-544] - Added support for EncryptedHeaders


Conflicts:
	ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java

Modified:
    webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
    webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/XOPAttachmentTest.java

Modified: webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java?rev=1689445&r1=1689444&r2=1689445&view=diff
==============================================================================
--- webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
(original)
+++ webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
Mon Jul  6 16:10:11 2015
@@ -469,6 +469,11 @@ public class WSSecEncrypt extends WSSecE
 
         final String attachmentId = config.getIdAllocator().createId("", doc);
         String encEncryptedDataId = config.getIdAllocator().createId("ED-", attachmentId);
+        
+        if ("Header".equals(encryptionPart.getEncModifier()) 
+            && elementToEncrypt.getParentNode().equals(WSSecurityUtil.getSOAPHeader(doc)))
{
+            createEncryptedHeaderElement(doc, elementToEncrypt, config);
+        }
 
         Element encryptedData =
             doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":EncryptedData");
@@ -678,45 +683,9 @@ public class WSSecEncrypt extends WSSecE
         String xencEncryptedDataId = 
             config.getIdAllocator().createId("ED-", elementToEncrypt);
         try {
-            String headerId = "";
             if ("Header".equals(modifier) 
                 && elementToEncrypt.getParentNode().equals(WSSecurityUtil.getSOAPHeader(doc)))
{
-                Element elem = 
-                    doc.createElementNS(
-                        WSConstants.WSSE11_NS, "wsse11:" + WSConstants.ENCRYPTED_HEADER
-                    );
-                WSSecurityUtil.setNamespace(elem, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
-                String wsuPrefix = 
-                    WSSecurityUtil.setNamespace(elem, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
-                headerId = config.getIdAllocator().createId("EH-", elementToEncrypt);
-                elem.setAttributeNS(
-                    WSConstants.WSU_NS, wsuPrefix + ":Id", headerId
-                );
-                //
-                // Add the EncryptedHeader node to the element to be encrypted's parent
-                // (i.e. the SOAP header). Add the element to be encrypted to the Encrypted
-                // Header node as well
-                //
-                Node parent = elementToEncrypt.getParentNode();
-                elementToEncrypt = (Element)parent.replaceChild(elem, elementToEncrypt);
-                elem.appendChild(elementToEncrypt);
-                
-                NamedNodeMap map = elementToEncrypt.getAttributes();
-                for (int i = 0; i < map.getLength(); i++) {
-                    Attr attr = (Attr)map.item(i);
-                    if (attr.getNamespaceURI().equals(WSConstants.URI_SOAP11_ENV)
-                        || attr.getNamespaceURI().equals(WSConstants.URI_SOAP12_ENV)) { 
                       
-                        String soapEnvPrefix = 
-                            WSSecurityUtil.setNamespace(
-                                elem, attr.getNamespaceURI(), WSConstants.DEFAULT_SOAP_PREFIX
-                            );
-                        elem.setAttributeNS(
-                            attr.getNamespaceURI(), 
-                            soapEnvPrefix + ":" + attr.getLocalName(), 
-                            attr.getValue()
-                        );
-                    }
-                }
+                createEncryptedHeaderElement(doc, elementToEncrypt, config);
             }
             
             xmlCipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
@@ -732,6 +701,49 @@ public class WSSecEncrypt extends WSSecE
         }
     }
     
+    private static void createEncryptedHeaderElement(
+        Document doc,
+        Element elementToEncrypt,
+        WSSConfig config
+    ) {
+        Element elem = 
+            doc.createElementNS(
+                WSConstants.WSSE11_NS, "wsse11:" + WSConstants.ENCRYPTED_HEADER
+            );
+        WSSecurityUtil.setNamespace(elem, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
+        String wsuPrefix = 
+            WSSecurityUtil.setNamespace(elem, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+        String headerId = config.getIdAllocator().createId("EH-", elementToEncrypt);
+        elem.setAttributeNS(
+            WSConstants.WSU_NS, wsuPrefix + ":Id", headerId
+        );
+        //
+        // Add the EncryptedHeader node to the element to be encrypted's parent
+        // (i.e. the SOAP header). Add the element to be encrypted to the Encrypted
+        // Header node as well
+        //
+        Node parent = elementToEncrypt.getParentNode();
+        elementToEncrypt = (Element)parent.replaceChild(elem, elementToEncrypt);
+        elem.appendChild(elementToEncrypt);
+        
+        NamedNodeMap map = elementToEncrypt.getAttributes();
+        for (int i = 0; i < map.getLength(); i++) {
+            Attr attr = (Attr)map.item(i);
+            if (attr.getNamespaceURI().equals(WSConstants.URI_SOAP11_ENV)
+                || attr.getNamespaceURI().equals(WSConstants.URI_SOAP12_ENV)) {         
               
+                String soapEnvPrefix = 
+                    WSSecurityUtil.setNamespace(
+                        elem, attr.getNamespaceURI(), WSConstants.DEFAULT_SOAP_PREFIX
+                    );
+                elem.setAttributeNS(
+                    attr.getNamespaceURI(), 
+                    soapEnvPrefix + ":" + attr.getLocalName(), 
+                    attr.getValue()
+                );
+            }
+        }
+    }
+    
     /**
      * Create a KeyInfo object
      */

Modified: webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/XOPAttachmentTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/XOPAttachmentTest.java?rev=1689445&r1=1689444&r2=1689445&view=diff
==============================================================================
--- webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/XOPAttachmentTest.java
(original)
+++ webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/XOPAttachmentTest.java
Mon Jul  6 16:10:11 2015
@@ -56,6 +56,18 @@ public class XOPAttachmentTest extends o
         + "<value xmlns=\"\">15</value>" 
         + "</add>";
     
+    private static final String SOAP_HEADER_MSG = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>"
+
+        "<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\"
xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">"
+
+        "   <soapenv:Header>" + 
+        "       <foo:bar1 xmlns:foo=\"urn:foo.bar\" >baz1</foo:bar1>" + 
+        "       <foo:foobar xmlns:foo=\"urn:foo.bar\" >baz</foo:foobar>" + 
+        "       <foo:bar2 xmlns:foo=\"urn:foo.bar\" >baz2</foo:bar2>" +
+        "   </soapenv:Header>" +
+        "   <soapenv:Body>" +
+        "      <ns1:testMethod xmlns:ns1=\"http://axis/service/security/test6/LogTestService8\"></ns1:testMethod>"
+
+        "   </soapenv:Body>" +
+        "</soapenv:Envelope>";
+    
     private static final org.slf4j.Logger LOG =
             org.slf4j.LoggerFactory.getLogger(XOPAttachmentTest.class);
 
@@ -181,14 +193,16 @@ public class XOPAttachmentTest extends o
         encrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
         encrypt.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
 
-        WSSecHeader secHeader = new WSSecHeader(doc);
-        secHeader.insertSecurityHeader();
+        WSSecHeader secHeader = new WSSecHeader();
+        secHeader.insertSecurityHeader(doc);
         
         AttachmentCallbackHandler outboundAttachmentCallback = new AttachmentCallbackHandler();
         encrypt.setAttachmentCallbackHandler(outboundAttachmentCallback);
         encrypt.setStoreBytesInAttachment(true);
 
-        encrypt.getParts().add(new WSEncryptionPart("Body", "http://schemas.xmlsoap.org/soap/envelope/",
"Content"));
+        List<WSEncryptionPart> parts = new ArrayList<WSEncryptionPart>();
+        parts.add(new WSEncryptionPart("Body", "http://schemas.xmlsoap.org/soap/envelope/",
"Content"));
+        encrypt.setParts(parts);
 
         Document encryptedDoc = encrypt.build(doc, crypto, secHeader);
         
@@ -219,8 +233,8 @@ public class XOPAttachmentTest extends o
         builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
         
         Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
-        WSSecHeader secHeader = new WSSecHeader(doc);
-        secHeader.insertSecurityHeader();
+        WSSecHeader secHeader = new WSSecHeader();
+        secHeader.insertSecurityHeader(doc);
         
         AttachmentCallbackHandler outboundAttachmentCallback = new AttachmentCallbackHandler();
         builder.setAttachmentCallbackHandler(outboundAttachmentCallback);
@@ -244,6 +258,85 @@ public class XOPAttachmentTest extends o
         verify(signedDoc, inboundAttachmentCallback);
     }
     
+    @org.junit.Test
+    public void testEncryptedHeaderAsEncryptedData() throws Exception {
+        Document doc = SOAPUtil.toSOAPPart(SOAP_HEADER_MSG);
+        WSSecEncrypt encrypt = new WSSecEncrypt();
+        encrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
+        encrypt.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
+
+        WSSecHeader secHeader = new WSSecHeader();
+        secHeader.insertSecurityHeader(doc);
+        
+        AttachmentCallbackHandler outboundAttachmentCallback = new AttachmentCallbackHandler();
+        encrypt.setAttachmentCallbackHandler(outboundAttachmentCallback);
+        encrypt.setStoreBytesInAttachment(true);
+
+        List<WSEncryptionPart> parts = new ArrayList<WSEncryptionPart>();
+        WSEncryptionPart encP =
+            new WSEncryptionPart(
+                "foobar", "urn:foo.bar", "");
+        parts.add(new WSEncryptionPart("Body", "http://schemas.xmlsoap.org/soap/envelope/",
"Content"));
+        parts.add(encP);
+        encrypt.setParts(parts);
+
+        Document encryptedDoc = encrypt.build(doc, crypto, secHeader);
+        
+        List<Attachment> encryptedAttachments = outboundAttachmentCallback.getResponseAttachments();
+        assertNotNull(encryptedAttachments);
+        // Should have EncryptedKey + EncryptedData + the header stored in attachments...
+        assertTrue(encryptedAttachments.size() == 3);
+        
+        if (LOG.isDebugEnabled()) {
+            String outputString = XMLUtils.PrettyDocumentToString(encryptedDoc);
+            LOG.debug(outputString);
+            // System.out.println(outputString);
+        }
+
+        AttachmentCallbackHandler inboundAttachmentCallback = 
+            new AttachmentCallbackHandler(encryptedAttachments);
+        verify(encryptedDoc, inboundAttachmentCallback);
+    }
+    
+    @org.junit.Test
+    public void testEncryptedHeaderasEncryptedHeader() throws Exception {
+        Document doc = SOAPUtil.toSOAPPart(SOAP_HEADER_MSG);
+        WSSecEncrypt encrypt = new WSSecEncrypt();
+        encrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
+        encrypt.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
+
+        WSSecHeader secHeader = new WSSecHeader();
+        secHeader.insertSecurityHeader(doc);
+        
+        AttachmentCallbackHandler outboundAttachmentCallback = new AttachmentCallbackHandler();
+        encrypt.setAttachmentCallbackHandler(outboundAttachmentCallback);
+        encrypt.setStoreBytesInAttachment(true);
+
+        List<WSEncryptionPart> parts = new ArrayList<WSEncryptionPart>();
+        WSEncryptionPart encP =
+            new WSEncryptionPart(
+                "foobar", "urn:foo.bar", "Header");
+        parts.add(new WSEncryptionPart("Body", "http://schemas.xmlsoap.org/soap/envelope/",
"Content"));
+        parts.add(encP);
+        encrypt.setParts(parts);
+
+        Document encryptedDoc = encrypt.build(doc, crypto, secHeader);
+        
+        List<Attachment> encryptedAttachments = outboundAttachmentCallback.getResponseAttachments();
+        assertNotNull(encryptedAttachments);
+        // Should have EncryptedKey + EncryptedData + the header stored in attachments...
+        assertTrue(encryptedAttachments.size() == 3);
+        
+        if (LOG.isDebugEnabled()) {
+            String outputString = XMLUtils.PrettyDocumentToString(encryptedDoc);
+            LOG.debug(outputString);
+        }
+
+        AttachmentCallbackHandler inboundAttachmentCallback = 
+            new AttachmentCallbackHandler(encryptedAttachments);
+        verify(encryptedDoc, inboundAttachmentCallback);
+    }
+    
     /**
      * Verifies the soap envelope.
      * This method verifies all the signature generated.



Mime
View raw message