You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by gi...@apache.org on 2013/01/16 15:04:48 UTC
svn commit: r1433941 - in
/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax:
ext/AbstractInputSecurityHeaderHandler.java
impl/processor/input/AbstractSignatureInputHandler.java
impl/processor/input/XMLSignatureInputHandler.java
Author: giger
Date: Wed Jan 16 14:04:48 2013
New Revision: 1433941
URL: http://svn.apache.org/viewvc?rev=1433941&view=rev
Log:
Small improvement and additional utility method in preparation for WSS-363
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/AbstractInputSecurityHeaderHandler.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureInputHandler.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/XMLSignatureInputHandler.java
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/AbstractInputSecurityHeaderHandler.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/AbstractInputSecurityHeaderHandler.java?rev=1433941&r1=1433940&r2=1433941&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/AbstractInputSecurityHeaderHandler.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/AbstractInputSecurityHeaderHandler.java Wed Jan 16 14:04:48 2013
@@ -25,6 +25,7 @@ import org.apache.xml.security.stax.impl
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import javax.xml.namespace.QName;
+import java.util.ArrayList;
import java.util.Deque;
import java.util.Iterator;
import java.util.List;
@@ -65,4 +66,20 @@ public abstract class AbstractInputSecur
}
return xmlSecEventIterator.next();
}
+
+ protected List<XMLSecEvent> getResponsibleXMLSecEvents(Deque<XMLSecEvent> xmlSecEvents, int index) {
+ List<XMLSecEvent> xmlSecEventList = new ArrayList<XMLSecEvent>();
+
+ Iterator<XMLSecEvent> xmlSecEventIterator = xmlSecEvents.descendingIterator();
+ int curIdx = 0;
+ while (curIdx++ < index && xmlSecEventIterator.hasNext()) {
+ xmlSecEventIterator.next();
+ }
+
+ while (xmlSecEventIterator.hasNext()) {
+ xmlSecEventList.add(xmlSecEventIterator.next());
+ }
+
+ return xmlSecEventList;
+ }
}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureInputHandler.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureInputHandler.java?rev=1433941&r1=1433940&r2=1433941&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureInputHandler.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/AbstractSignatureInputHandler.java Wed Jan 16 14:04:48 2013
@@ -20,7 +20,6 @@ package org.apache.xml.security.stax.imp
import org.apache.xml.security.binding.excc14n.InclusiveNamespaces;
import org.apache.xml.security.binding.xmldsig.CanonicalizationMethodType;
-import org.apache.xml.security.binding.xmldsig.KeyInfoType;
import org.apache.xml.security.binding.xmldsig.SignatureType;
import org.apache.xml.security.binding.xmldsig.SignedInfoType;
import org.apache.xml.security.exceptions.XMLSecurityException;
@@ -266,17 +265,14 @@ public abstract class AbstractSignatureI
XMLSecurityProperties securityProperties) throws XMLSecurityException {
this.signatureType = signatureType;
- KeyInfoType keyInfoType = signatureType.getKeyInfo();
- SecurityToken securityToken =
- retrieveSecurityToken(keyInfoType, securityProperties, securityContext);
- securityToken.verify();
+ SecurityToken securityToken =
+ retrieveSecurityToken(signatureType, securityProperties, securityContext);
+ this.securityToken = securityToken;
- handleSecurityToken(securityToken);
createSignatureAlgorithm(securityToken, signatureType);
- this.securityToken = securityToken;
}
- protected abstract SecurityToken retrieveSecurityToken(KeyInfoType keyInfoType,
+ protected abstract SecurityToken retrieveSecurityToken(SignatureType signatureType,
XMLSecurityProperties securityProperties,
SecurityContext securityContext) throws XMLSecurityException;
@@ -284,9 +280,6 @@ public abstract class AbstractSignatureI
return securityToken;
}
- protected void handleSecurityToken(SecurityToken securityToken) throws XMLSecurityException {
- }
-
protected void createSignatureAlgorithm(SecurityToken securityToken, SignatureType signatureType)
throws XMLSecurityException {
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/XMLSignatureInputHandler.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/XMLSignatureInputHandler.java?rev=1433941&r1=1433940&r2=1433941&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/XMLSignatureInputHandler.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/XMLSignatureInputHandler.java Wed Jan 16 14:04:48 2013
@@ -18,7 +18,6 @@
*/
package org.apache.xml.security.stax.impl.processor.input;
-import org.apache.xml.security.binding.xmldsig.KeyInfoType;
import org.apache.xml.security.binding.xmldsig.SignatureType;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.ext.InputProcessorChain;
@@ -58,37 +57,7 @@ public class XMLSignatureInputHandler ex
signatureValueSecurityEvent.setCorrelationID(signatureType.getId());
securityContext.registerSecurityEvent(signatureValueSecurityEvent);
- final SignatureVerifier signatureVerifier =
- new XMLSignatureVerifier(signatureType, securityContext, securityProperties) {
- @Override
- protected void handleSecurityToken(SecurityToken securityToken) throws XMLSecurityException {
- //we have to emit a TokenSecurityEvent here too since it could be an embedded token
- securityToken.addTokenUsage(SecurityToken.TokenUsage.Signature);
- XMLSecurityConstants.TokenType tokenType = securityToken.getTokenType();
- TokenSecurityEvent tokenSecurityEvent = null;
- if (tokenType == XMLSecurityConstants.X509V1Token
- || tokenType == XMLSecurityConstants.X509V3Token
- || tokenType == XMLSecurityConstants.X509Pkcs7Token
- || tokenType == XMLSecurityConstants.X509PkiPathV1Token) {
- tokenSecurityEvent = new X509TokenSecurityEvent();
- } else if (tokenType == XMLSecurityConstants.KeyValueToken) {
- tokenSecurityEvent = new KeyValueTokenSecurityEvent();
- } else if (tokenType == XMLSecurityConstants.KeyNameToken) {
- tokenSecurityEvent = new KeyNameTokenSecurityEvent();
- } else if (tokenType == XMLSecurityConstants.DefaultToken) {
- tokenSecurityEvent = new DefaultTokenSecurityEvent();
- } else {
- throw new XMLSecurityException("stax.unsupportedToken", tokenType);
- }
- tokenSecurityEvent.setSecurityToken(securityToken);
- tokenSecurityEvent.setCorrelationID(signatureType.getId());
- securityContext.registerSecurityEvent(tokenSecurityEvent);
-
- super.handleSecurityToken(securityToken);
- }
- };
-
- return signatureVerifier;
+ return new XMLSignatureVerifier(signatureType, securityContext, securityProperties);
}
@Override
@@ -107,14 +76,38 @@ public class XMLSignatureInputHandler ex
}
@Override
- protected SecurityToken retrieveSecurityToken(KeyInfoType keyInfoType,
+ protected SecurityToken retrieveSecurityToken(SignatureType signatureType,
XMLSecurityProperties securityProperties,
SecurityContext securityContext) throws XMLSecurityException {
- return SecurityTokenFactory.getInstance().getSecurityToken(keyInfoType,
- SecurityToken.KeyInfoUsage.SIGNATURE_VERIFICATION,
- securityProperties,
- securityContext);
+
+ SecurityToken securityToken = SecurityTokenFactory.getInstance().getSecurityToken(signatureType.getKeyInfo(),
+ SecurityToken.KeyInfoUsage.SIGNATURE_VERIFICATION, securityProperties, securityContext);
+
+ securityToken.verify();
+
+ //we have to emit a TokenSecurityEvent here too since it could be an embedded token
+ securityToken.addTokenUsage(SecurityToken.TokenUsage.Signature);
+ XMLSecurityConstants.TokenType tokenType = securityToken.getTokenType();
+ TokenSecurityEvent tokenSecurityEvent = null;
+ if (tokenType == XMLSecurityConstants.X509V1Token
+ || tokenType == XMLSecurityConstants.X509V3Token
+ || tokenType == XMLSecurityConstants.X509Pkcs7Token
+ || tokenType == XMLSecurityConstants.X509PkiPathV1Token) {
+ tokenSecurityEvent = new X509TokenSecurityEvent();
+ } else if (tokenType == XMLSecurityConstants.KeyValueToken) {
+ tokenSecurityEvent = new KeyValueTokenSecurityEvent();
+ } else if (tokenType == XMLSecurityConstants.KeyNameToken) {
+ tokenSecurityEvent = new KeyNameTokenSecurityEvent();
+ } else if (tokenType == XMLSecurityConstants.DefaultToken) {
+ tokenSecurityEvent = new DefaultTokenSecurityEvent();
+ } else {
+ throw new XMLSecurityException("stax.unsupportedToken", tokenType);
+ }
+ tokenSecurityEvent.setSecurityToken(securityToken);
+ tokenSecurityEvent.setCorrelationID(signatureType.getId());
+ securityContext.registerSecurityEvent(tokenSecurityEvent);
+
+ return securityToken;
}
}
-
}