ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1484511 - in /webservices/wss4j/trunk: ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/ ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/ ws-security-stax/src/main/java/org/apache/w...
Date Mon, 20 May 2013 16:08:18 GMT
Author: giger
Date: Mon May 20 16:08:18 2013
New Revision: 1484511

URL: http://svn.apache.org/r1484511
Log:
fix for WSS-443

Modified:
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/TransportBindingIntegrationTest.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenAssertionState.java?rev=1484511&r1=1484510&r2=1484511&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenAssertionState.java
Mon May 20 16:08:18 2013
@@ -99,14 +99,23 @@ public abstract class TokenAssertionStat
                     continue loop;
                 }
 
-                SupportingTokens supportingTokens = (SupportingTokens) parentAssertion;
-                
-                // Allow *SupportingToken policies which are processed as Signed*SupportingTokens
-                if (!(tokenUsage.getName().startsWith("Signed")
-                    && !supportingTokens.getName().getLocalPart().contains("Signed"))
-                    && !tokenUsage.getName().equals(supportingTokens.getName().getLocalPart()))
{
-                    ignoreToken++;
-                    continue loop;
+                // Allow *SupportingToken policies which are processed as Signed|Encrypted*SupportingTokens
+                final SupportingTokens supportingTokens = (SupportingTokens) parentAssertion;
+                final String tokenUsageName = tokenUsage.getName();
+                final String supportingTokensName = supportingTokens.getName().getLocalPart();
+                if (!tokenUsageName.equals(supportingTokensName)) {
+                    if (supportingTokensName.contains("Endorsing") && !tokenUsageName.contains("Endorsing"))
{
+                        ignoreToken++;
+                        continue loop;
+                    }
+                    if (supportingTokensName.startsWith("Signed") && !tokenUsageName.startsWith("Signed"))
{
+                        ignoreToken++;
+                        continue loop;
+                    }
+                    if (supportingTokensName.contains("Encrypted") && !tokenUsageName.contains("Encrypted"))
{
+                        ignoreToken++;
+                        continue loop;
+                    }
                 }
             }
         }

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/TransportBindingIntegrationTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/TransportBindingIntegrationTest.java?rev=1484511&r1=1484510&r2=1484511&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/TransportBindingIntegrationTest.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/TransportBindingIntegrationTest.java
Mon May 20 16:08:18 2013
@@ -486,6 +486,218 @@ public class TransportBindingIntegration
     }
 
     @Test
+    public void testIncludeTimestampAndSignedUsernameSupportingTokenPolicyNegativeTest_2()
throws Exception {
+
+        String policyString =
+                "<wsp:ExactlyOne xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\"
" +
+                        "xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n"
+
+                        "            <wsp:All>\n" +
+                        "                <sp:TransportBinding>\n" +
+                        "                    <wsp:Policy>\n" +
+                        "                        <sp:TransportToken>\n" +
+                        "                            <wsp:Policy>\n" +
+                        "                                <sp:HttpsToken>\n" +
+                        "                                    <!--<sp:Issuer>wsa:EndpointReferenceType</sp:Issuer>-->\n"
+
+                        "                                    <sp:IssuerName>transmitter</sp:IssuerName>\n"
+
+                        "                                    <wsp:Policy>\n" +
+                        "                                        <sp:HttpBasicAuthentication/>\n"
+
+                        "                                    </wsp:Policy>\n" +
+                        "                                </sp:HttpsToken>\n" +
+                        "                            </wsp:Policy>\n" +
+                        "                        </sp:TransportToken>\n" +
+                        "                        <sp:AlgorithmSuite>\n" +
+                        "                            <wsp:Policy>\n" +
+                        "                                <sp:Basic256/>\n" +
+                        "                            </wsp:Policy>\n" +
+                        "                        </sp:AlgorithmSuite>\n" +
+                        "                        <sp:Layout>\n" +
+                        "                            <wsp:Policy>\n" +
+                        "                                <sp:Lax/>\n" +
+                        "                            </wsp:Policy>\n" +
+                        "                        </sp:Layout>\n" +
+                        "                    </wsp:Policy>\n" +
+                        "                </sp:TransportBinding>\n" +
+                        "                <sp:SignedSupportingTokens>\n" +
+                        "                    <wsp:Policy>\n" +
+                        "                        <sp:UsernameToken IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n"
+
+                        "                            <wsp:Policy>\n" +
+                        "                                <sp:NoPassword/>\n" +
+                        "                            </wsp:Policy>\n" +
+                        "                        </sp:UsernameToken>\n" +
+                        "                    </wsp:Policy>\n" +
+                        "                </sp:SignedSupportingTokens>\n" +
+                        "            </wsp:All>\n" +
+                        "        </wsp:ExactlyOne>";
+
+        WSSSecurityProperties outSecurityProperties = new WSSSecurityProperties();
+        outSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        outSecurityProperties.setEncryptionUser("receiver");
+        outSecurityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"),
"default".toCharArray());
+        outSecurityProperties.setSignatureUser("transmitter");
+        outSecurityProperties.setTokenUser("transmitter");
+        outSecurityProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_NONE);
+        outSecurityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"),
"default".toCharArray());
+
+        WSSConstants.Action[] actions = new WSSConstants.Action[]{WSSConstants.USERNAMETOKEN,
WSSConstants.SIGNATURE, WSSConstants.ENCRYPT};
+        outSecurityProperties.setOutAction(actions);
+
+        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+        ByteArrayOutputStream baos = doOutboundSecurity(outSecurityProperties, sourceDocument);
+
+        WSSSecurityProperties inSecurityProperties = new WSSSecurityProperties();
+        inSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        inSecurityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"),
"default".toCharArray());
+        inSecurityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"),
"default".toCharArray());
+
+        PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+        inSecurityProperties.addInputProcessor(new PolicyInputProcessor(policyEnforcer, inSecurityProperties));
+
+/*
+        HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
+        httpsTokenSecurityEvent.setIssuerName("transmitter");
+        httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpBasicAuthentication);
+        HttpsSecurityTokenImpl httpsSecurityToken = new HttpsSecurityTokenImpl(true, "transmitter");
+        httpsSecurityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
+*/
+
+        List<SecurityEvent> securityEventList = new ArrayList<SecurityEvent>();
+        //securityEventList.add(httpsTokenSecurityEvent);
+
+        try {
+            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()),
securityEventList, policyEnforcer);
+
+            //read the whole stream:
+            Transformer transformer = TransformerFactory.newInstance().newTransformer();
+            transformer.transform(new DOMSource(document), new StreamResult(
+                    new OutputStream() {
+                        @Override
+                        public void write(int b) throws IOException {
+                            // > /dev/null
+                        }
+                    }
+            ));
+            Assert.fail("Exception expected");
+        } catch (XMLStreamException e) {
+            Assert.assertTrue(e.getCause() instanceof WSSecurityException);
+            Assert.assertEquals(e.getCause().getMessage(),
+                    "Assertion {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}UsernameToken
not satisfied");
+            Assert.assertEquals(((WSSecurityException) e.getCause()).getFaultCode(), WSSecurityException.INVALID_SECURITY);
+        }
+    }
+
+    @Test
+    public void testIncludeTimestampAndSignedEncryptedUsernameSupportingTokenPolicy() throws
Exception {
+
+        String policyString =
+                "<wsp:ExactlyOne xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\"
" +
+                        "xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n"
+
+                        "            <wsp:All>\n" +
+                        "                <sp:TransportBinding>\n" +
+                        "                    <wsp:Policy>\n" +
+                        "                        <sp:TransportToken>\n" +
+                        "                            <wsp:Policy>\n" +
+                        "                                <sp:HttpsToken>\n" +
+                        "                                    <!--<sp:Issuer>wsa:EndpointReferenceType</sp:Issuer>-->\n"
+
+                        "                                    <sp:IssuerName>transmitter</sp:IssuerName>\n"
+
+                        "                                    <wsp:Policy>\n" +
+                        "                                        <sp:HttpBasicAuthentication/>\n"
+
+                        "                                    </wsp:Policy>\n" +
+                        "                                </sp:HttpsToken>\n" +
+                        "                            </wsp:Policy>\n" +
+                        "                        </sp:TransportToken>\n" +
+                        "                        <sp:AlgorithmSuite>\n" +
+                        "                            <wsp:Policy>\n" +
+                        "                                <sp:Basic256/>\n" +
+                        "                            </wsp:Policy>\n" +
+                        "                        </sp:AlgorithmSuite>\n" +
+                        "                        <sp:Layout>\n" +
+                        "                            <wsp:Policy>\n" +
+                        "                                <sp:Lax/>\n" +
+                        "                            </wsp:Policy>\n" +
+                        "                        </sp:Layout>\n" +
+                        "                        <sp:IncludeTimestamp/>\n" +
+                        "                    </wsp:Policy>\n" +
+                        "                </sp:TransportBinding>\n" +
+                        "                <sp:SignedParts>\n" +
+                        "                    <sp:Body/>\n" +
+                        "                    <sp:Header Name=\"Header1\" Namespace=\"...\"/>\n"
+
+                        "                    <sp:Header Namespace=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"/>\n"
+
+                        "                </sp:SignedParts>\n" +
+                        "                <sp:SignedElements>\n" +
+                        "                    <sp:XPath xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">wsu:Created</sp:XPath>\n"
+
+                        "                </sp:SignedElements>\n" +
+                        "                <sp:EncryptedParts>\n" +
+                        "                    <sp:Body/>\n" +
+                        "                    <sp:Header Name=\"Header2\" Namespace=\"...\"/>\n"
+
+                        "                    <sp:Header Namespace=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"/>\n"
+
+                        "                </sp:EncryptedParts>\n" +
+                        "                <sp:EncryptedElements>\n" +
+                        "                    <sp:XPath xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">wsu:Created</sp:XPath>\n"
+
+                        "                </sp:EncryptedElements>\n" +
+                        "                <sp:ContentEncryptedElements>\n" +
+                        "                    <sp:XPath xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">wsu:Expires</sp:XPath>\n"
+
+                        "                </sp:ContentEncryptedElements>\n" +
+                        "                <sp:SignedEncryptedSupportingTokens>\n" +
+                        "                    <wsp:Policy>\n" +
+                        "                        <sp:UsernameToken IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n"
+
+                        "                            <wsp:Policy>\n" +
+                        "                                <sp:NoPassword/>\n" +
+                        "                            </wsp:Policy>\n" +
+                        "                        </sp:UsernameToken>\n" +
+                        "                    </wsp:Policy>\n" +
+                        "                </sp:SignedEncryptedSupportingTokens>\n" +
+                        "            </wsp:All>\n" +
+                        "        </wsp:ExactlyOne>";
+
+        WSSSecurityProperties outSecurityProperties = new WSSSecurityProperties();
+        outSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        outSecurityProperties.setEncryptionUser("receiver");
+        outSecurityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"),
"default".toCharArray());
+        outSecurityProperties.setSignatureUser("transmitter");
+        outSecurityProperties.setTokenUser("transmitter");
+        outSecurityProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_NONE);
+        outSecurityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"),
"default".toCharArray());
+
+        WSSConstants.Action[] actions = new WSSConstants.Action[]{WSSConstants.USERNAMETOKEN,
WSSConstants.TIMESTAMP, WSSConstants.SIGNATURE, WSSConstants.ENCRYPT};
+        outSecurityProperties.setOutAction(actions);
+
+        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+        ByteArrayOutputStream baos = doOutboundSecurity(outSecurityProperties, sourceDocument);
+
+        WSSSecurityProperties inSecurityProperties = new WSSSecurityProperties();
+        inSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        inSecurityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"),
"default".toCharArray());
+        inSecurityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"),
"default".toCharArray());
+
+        PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+        inSecurityProperties.addInputProcessor(new PolicyInputProcessor(policyEnforcer, null));
+
+        HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
+        httpsTokenSecurityEvent.setIssuerName("transmitter");
+        httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpBasicAuthentication);
+        HttpsSecurityTokenImpl httpsSecurityToken = new HttpsSecurityTokenImpl(true, "transmitter");
+        httpsSecurityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
+
+        List<SecurityEvent> securityEventList = new ArrayList<SecurityEvent>();
+        securityEventList.add(httpsTokenSecurityEvent);
+
+        Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()),
securityEventList, policyEnforcer);
+
+        //read the whole stream:
+        Transformer transformer = TransformerFactory.newInstance().newTransformer();
+        transformer.transform(new DOMSource(document), new StreamResult(
+                new OutputStream() {
+                    @Override
+                    public void write(int b) throws IOException {
+                        // > /dev/null
+                    }
+                }
+        ));
+    }
+
+    @Test
     public void testIncludeTimestampAndProtectionOrderEncryptBeforeSignAndSignedUsernameSupportingTokenPolicyTest()
throws Exception {
 
         String policyString =

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java?rev=1484511&r1=1484510&r2=1484511&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java
Mon May 20 16:08:18 2013
@@ -238,7 +238,7 @@ public class InboundWSSecurityContextImp
 
             boolean transportSecurityActive = Boolean.TRUE == get(WSSConstants.TRANSPORT_SECURITY_ACTIVE);
 
-            List<InboundSecurityToken> encryptingSecurityTokens = isEncryptedToken(tokenSecurityEvent,
securityEventDeque);
+            List<InboundSecurityToken> encryptingSecurityTokens = isEncryptedToken(tokenSecurityEvent,
securityEventDeque, httpsTokenSecurityEvent);
 
             boolean signatureUsage = tokenSecurityEvent.getSecurityToken().getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_Signature);
             boolean encryptionUsage = tokenSecurityEvent.getSecurityToken().getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_Encryption);
@@ -483,9 +483,14 @@ public class InboundWSSecurityContextImp
     }
 
     private List<InboundSecurityToken> isEncryptedToken(TokenSecurityEvent tokenSecurityEvent,
-                                                 Deque<SecurityEvent> securityEventDeque)
throws XMLSecurityException {
+                                                 Deque<SecurityEvent> securityEventDeque,
+                                                 HttpsTokenSecurityEvent httpsTokenSecurityEvent)
throws XMLSecurityException {
 
         List<InboundSecurityToken> securityTokenList = new ArrayList<InboundSecurityToken>();
+        if (httpsTokenSecurityEvent != null) {
+            securityTokenList.add(httpsTokenSecurityEvent.getSecurityToken());
+            return securityTokenList;
+        }
         for (Iterator<SecurityEvent> iterator = securityEventDeque.iterator(); iterator.hasNext();
) {
             SecurityEvent securityEvent = iterator.next();
             if (WSSecurityEventConstants.EncryptedElement.equals(securityEvent.getSecurityEventType()))
{

Modified: webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java?rev=1484511&r1=1484510&r2=1484511&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java
Mon May 20 16:08:18 2013
@@ -18,10 +18,12 @@
  */
 package org.apache.wss4j.stax.test;
 
+import org.apache.wss4j.common.crypto.WSProviderConfig;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.saml.SAMLCallback;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
 import org.apache.wss4j.common.saml.bean.SubjectBean;
+import org.apache.wss4j.stax.WSSec;
 import org.apache.wss4j.stax.ext.WSSConstants;
 import org.apache.wss4j.stax.impl.InboundWSSecurityContextImpl;
 import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
@@ -32,12 +34,14 @@ import org.apache.wss4j.stax.impl.securi
 import org.apache.wss4j.stax.securityEvent.*;
 import org.apache.wss4j.stax.securityEvent.X509TokenSecurityEvent;
 import org.apache.xml.security.exceptions.XMLSecurityException;
+import org.apache.xml.security.stax.config.Init;
 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
 import org.apache.xml.security.stax.ext.stax.XMLSecEventFactory;
 import org.apache.xml.security.stax.securityEvent.*;
 import org.opensaml.common.SAMLVersion;
 import org.testng.Assert;
+import org.testng.annotations.BeforeClass;
 import org.testng.annotations.Test;
 
 import javax.xml.namespace.QName;
@@ -50,6 +54,12 @@ import java.util.List;
 
 public class InboundWSSecurityContextImplTest {
 
+    @BeforeClass
+    public void setUp() throws Exception {
+        WSProviderConfig.init();
+        Init.init(WSSec.class.getClassLoader().getResource("wss/wss-config.xml").toURI());
+    }
+
     @Test
     public void testTokenIdentificationTransportSecurity() throws Exception {
 
@@ -71,7 +81,7 @@ public class InboundWSSecurityContextImp
             } else if (securityEvent instanceof UsernameTokenSecurityEvent) {
                 UsernameTokenSecurityEvent tokenSecurityEvent = (UsernameTokenSecurityEvent)
securityEvent;
                 Assert.assertEquals(tokenSecurityEvent.getSecurityToken().getTokenUsages().size(),
1);
-                Assert.assertTrue(tokenSecurityEvent.getSecurityToken().getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_SignedSupportingTokens));
+                Assert.assertTrue(tokenSecurityEvent.getSecurityToken().getTokenUsages().contains(WSSecurityTokenConstants.TokenUsage_SignedEncryptedSupportingTokens));
             }
         }
     }



Mime
View raw message