You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2013/06/13 14:53:04 UTC
svn commit: r1492653 - in /webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl: processor/output/EncryptedKeyOutputProcessor.java securityToken/EncryptedKeySha1SecurityTokenImpl.java

Author: coheigea
Date: Thu Jun 13 12:53:04 2013
New Revision: 1492653

URL: http://svn.apache.org/r1492653
Log:
Enabling using WSS4J with CXF + the SymmetricBinding

Modified:
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptedKeyOutputProcessor.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/EncryptedKeySha1SecurityTokenImpl.java

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptedKeyOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptedKeyOutputProcessor.java?rev=1492653&r1=1492652&r2=1492653&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptedKeyOutputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptedKeyOutputProcessor.java Thu Jun 13 12:53:04 2013
@@ -19,6 +19,8 @@
 package org.apache.wss4j.stax.impl.processor.output;
 
 import org.apache.commons.codec.binary.Base64;
+import org.apache.wss4j.common.ext.WSPasswordCallback;
+import org.apache.wss4j.common.ext.WSPasswordCallback.Usage;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.stax.ext.WSSConstants;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
@@ -40,8 +42,12 @@ import javax.crypto.KeyGenerator;
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.spec.OAEPParameterSpec;
 import javax.crypto.spec.PSource;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.xml.namespace.QName;
 import javax.xml.stream.XMLStreamException;
+
+import java.io.IOException;
 import java.security.InvalidAlgorithmParameterException;
 import java.security.InvalidKeyException;
 import java.security.Key;
@@ -303,6 +309,20 @@ public class EncryptedKeyOutputProcessor
                         );
                     }
                     byte[] encryptedEphemeralKey = cipher.wrap(secretKey);
+                    
+                    if (((WSSSecurityProperties)getSecurityProperties()).getCallbackHandler() != null) {
+                        // Store the Encrypted Key in the CallbackHandler for processing on the inbound side
+                        WSPasswordCallback callback = 
+                            new WSPasswordCallback(securityToken.getId(), Usage.ENCRYPTED_KEY_TOKEN);
+                        callback.setKey(encryptedEphemeralKey);
+                        try {
+                            ((WSSSecurityProperties)getSecurityProperties()).getCallbackHandler().handle(new Callback[]{callback});
+                        } catch (IOException e) { // NOPMD
+                            // Do nothing
+                        } catch (UnsupportedCallbackException e) { // NOPMD
+                            // Do nothing
+                        }
+                    }
 
                     createCharactersAndOutputAsEvent(subOutputProcessorChain, new Base64(76, new byte[]{'\n'}).encodeToString(encryptedEphemeralKey));
 

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/EncryptedKeySha1SecurityTokenImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/EncryptedKeySha1SecurityTokenImpl.java?rev=1492653&r1=1492652&r2=1492653&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/EncryptedKeySha1SecurityTokenImpl.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/EncryptedKeySha1SecurityTokenImpl.java Thu Jun 13 12:53:04 2013
@@ -65,7 +65,7 @@ public class EncryptedKeySha1SecurityTok
         }
 
         WSPasswordCallback secretKeyCallback =
-                new WSPasswordCallback(getId(), null,
+                new WSPasswordCallback(sha1Identifier, null,
                         WSSConstants.NS_ENCRYPTED_KEY_SHA1, WSPasswordCallback.Usage.SECRET_KEY);
         WSSUtils.doSecretKeyCallback(callbackHandler, secretKeyCallback, sha1Identifier);
         if (secretKeyCallback.getKey() == null) {