ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1815235 - in /webservices/wss4j/trunk/ws-security-dom/src: main/java/org/apache/wss4j/dom/action/SignatureAction.java main/java/org/apache/wss4j/dom/message/WSSecSignature.java test/java/org/apache/wss4j/dom/message/SignaturePartsTest.java
Date Tue, 14 Nov 2017 17:36:52 GMT
Author: coheigea
Date: Tue Nov 14 17:36:52 2017
New Revision: 1815235

URL: http://svn.apache.org/viewvc?rev=1815235&view=rev
Log:
WSS-618 - Also add the fix for the action case

Modified:
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureAction.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignaturePartsTest.java

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureAction.java?rev=1815235&r1=1815234&r2=1815235&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureAction.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureAction.java
Tue Nov 14 17:36:52 2017
@@ -39,6 +39,7 @@ import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 
 public class SignatureAction implements Action {
+
     public void execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
             throws WSSecurityException {
         CallbackHandler callbackHandler = reqData.getCallbackHandler();
@@ -132,6 +133,13 @@ public class SignatureAction implements
                 } else if (WSConstants.WSSE_NS.equals(part.getNamespace())
                     && WSConstants.BINARY_TOKEN_LN.equals(part.getName())) {
                     signBST = true;
+                }  else if ("KeyInfo".equals(part.getName()) && WSConstants.SIG_NS.equals(part.getNamespace())
+                    && part.getElement() == null) {
+                    // Special code to sign the KeyInfo - we have to marshal the KeyInfo
to a DOM Element
+                    // before the signing process
+                    Element keyInfoElement = wsSign.getKeyInfoElement();
+                    part.setElement(keyInfoElement);
+                    break;
                 }
             }
 

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java?rev=1815235&r1=1815234&r2=1815235&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
Tue Nov 14 17:36:52 2017
@@ -378,19 +378,8 @@ public class WSSecSignature extends WSSe
                     && part.getElement() == null) {
                     // Special code to sign the KeyInfo - we have to marshal the KeyInfo
to a DOM Element
                     // before the signing process
-                    Element parent = secRef.getElement().getOwnerDocument().createElement("temp");
-                    DOMCryptoContext cryptoContext = new DOMCryptoContext() { };
-                    cryptoContext.putNamespacePrefix(WSConstants.SIG_NS, WSConstants.SIG_PREFIX);
-                    try {
-                        keyInfo.marshal(new DOMStructure(parent), cryptoContext);
-                    } catch (MarshalException ex) {
-                        LOG.error(ex.getMessage(), ex);
-                        throw new WSSecurityException(
-                            WSSecurityException.ErrorCode.FAILED_SIGNATURE, ex
-                        );
-                    }
-                    part.setElement((Element)parent.getFirstChild());
-                    break;
+                    Element keyInfoElement = getKeyInfoElement();
+                    part.setElement(keyInfoElement);
                 }
             }
         }
@@ -723,6 +712,26 @@ public class WSSecSignature extends WSSe
     }
 
     /**
+     * Return the computed KeyInfo value as a DOM Element
+     * Call this method after <code>prepare()</code>
+     */
+    public Element getKeyInfoElement() throws WSSecurityException {
+        Element parent = getDocument().createElement("temp");
+        DOMCryptoContext cryptoContext = new DOMCryptoContext() { };
+        cryptoContext.putNamespacePrefix(WSConstants.SIG_NS, WSConstants.SIG_PREFIX);
+        try {
+            keyInfo.marshal(new DOMStructure(parent), cryptoContext);
+        } catch (MarshalException ex) {
+            LOG.error(ex.getMessage(), ex);
+            throw new WSSecurityException(
+                WSSecurityException.ErrorCode.FAILED_SIGNATURE, ex
+            );
+        }
+
+        return (Element)parent.getFirstChild();
+    }
+
+    /**
      * Get the id generated during <code>prepare()</code>.
      *
      * Returns the the value of wsu:Id attribute of the Signature element.

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignaturePartsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignaturePartsTest.java?rev=1815235&r1=1815234&r2=1815235&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignaturePartsTest.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignaturePartsTest.java
Tue Nov 14 17:36:52 2017
@@ -24,12 +24,16 @@ import org.apache.wss4j.common.saml.Saml
 import org.apache.wss4j.dom.SOAPConstants;
 import org.apache.wss4j.dom.WSDataRef;
 import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.dom.common.CustomHandler;
 import org.apache.wss4j.dom.common.SAML1CallbackHandler;
 import org.apache.wss4j.dom.common.SOAPUtil;
 import org.apache.wss4j.dom.common.SecurityTestUtil;
 import org.apache.wss4j.dom.engine.WSSConfig;
 import org.apache.wss4j.dom.engine.WSSecurityEngine;
 import org.apache.wss4j.dom.engine.WSSecurityEngineResult;
+import org.apache.wss4j.dom.handler.HandlerAction;
+import org.apache.wss4j.dom.handler.RequestData;
+import org.apache.wss4j.dom.handler.WSHandlerConstants;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
@@ -49,6 +53,7 @@ import org.w3c.dom.Element;
 
 import java.io.InputStream;
 import java.security.KeyStore;
+import java.util.ArrayList;
 import java.util.List;
 
 import javax.xml.namespace.QName;
@@ -607,6 +612,45 @@ public class SignaturePartsTest extends
         assertTrue(WSConstants.C14N_EXCL_OMIT_COMMENTS.equals(transformAlgorithms.get(0)));
     }
 
+    @Test
+    public void testSignedKeyInfoAction() throws Exception {
+        final WSSConfig cfg = WSSConfig.getNewInstance();
+        final RequestData reqData = new RequestData();
+        reqData.setWssConfig(cfg);
+        reqData.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
+
+        java.util.Map<String, Object> config = new java.util.TreeMap<String, Object>();
+        config.put(WSHandlerConstants.SIG_PROP_FILE, "crypto.properties");
+        config.put("password", "security");
+        config.put(
+            WSHandlerConstants.SIGNATURE_PARTS, "{}{" + WSConstants.SIG_NS + "}KeyInfo"
+        );
+        reqData.setMsgContext(config);
+
+        final Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+        CustomHandler handler = new CustomHandler();
+        List<HandlerAction> actions = new ArrayList<>();
+        actions.add(new HandlerAction(WSConstants.SIGN));
+        handler.send(
+            doc,
+            reqData,
+            actions,
+            true
+        );
+        String outputString =
+            XMLUtils.prettyDocumentToString(doc);
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("Signed message:");
+            LOG.debug(outputString);
+        }
+
+        WSHandlerResult results = verify(doc);
+
+        List<Integer> receivedActions = new ArrayList<>();
+        receivedActions.add(WSConstants.SIGN);
+        assertTrue(handler.checkResults(results.getResults(), receivedActions));
+    }
+
     /**
      * Verifies the soap envelope
      * <p/>



Mime
View raw message