You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by re...@apache.org on 2016/05/01 21:36:29 UTC
[13/36] cxf git commit: [CXF-6884] - Don't include
Signature/EncryptedKey Elements if there are no references to be
signed/encrypted
[CXF-6884] - Don't include Signature/EncryptedKey Elements if there are no references to be signed/encrypted
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/811f40df
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/811f40df
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/811f40df
Branch: refs/heads/master-jaxrs-2.1
Commit: 811f40df5523aee9eb938c2999aeac8d2fe7bf8d
Parents: 4bce078
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Apr 26 17:32:35 2016 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Apr 26 17:32:35 2016 +0100
----------------------------------------------------------------------
.../AsymmetricBindingHandler.java | 69 +++++++++++---------
.../policyhandlers/SymmetricBindingHandler.java | 54 ++++++++-------
2 files changed, 67 insertions(+), 56 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/811f40df/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
index 963b4db..ef2503a 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
@@ -511,10 +511,14 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
this.insertBeforeBottomUp(attachment);
}
}
- this.addEncryptedKeyElement(encryptedKeyElement);
+ if (refList != null || (attachments != null && !attachments.isEmpty())) {
+ this.addEncryptedKeyElement(encryptedKeyElement);
+ }
} else {
Element refList = encr.encryptForRef(null, encrParts);
- this.addEncryptedKeyElement(encryptedKeyElement);
+ if (refList != null || (attachments != null && !attachments.isEmpty())) {
+ this.addEncryptedKeyElement(encryptedKeyElement);
+ }
// Add internal refs
if (refList != null) {
@@ -679,20 +683,21 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
dkSign.getParts().addAll(sigParts);
List<Reference> referenceList = dkSign.addReferencesToSign(sigParts, secHeader);
-
- // Add elements to header
- addDerivedKeyElement(dkSign.getdktElement());
-
- //Do signature
- if (bottomUpElement == null) {
- dkSign.computeSignature(referenceList, false, null);
- } else {
- dkSign.computeSignature(referenceList, true, bottomUpElement);
+ if (!referenceList.isEmpty()) {
+ // Add elements to header
+ addDerivedKeyElement(dkSign.getdktElement());
+
+ //Do signature
+ if (bottomUpElement == null) {
+ dkSign.computeSignature(referenceList, false, null);
+ } else {
+ dkSign.computeSignature(referenceList, true, bottomUpElement);
+ }
+ bottomUpElement = dkSign.getSignatureElement();
+ addSig(dkSign.getSignatureValue());
+
+ mainSigId = dkSign.getSignatureId();
}
- bottomUpElement = dkSign.getSignatureElement();
- addSig(dkSign.getSignatureValue());
-
- mainSigId = dkSign.getSignatureId();
} catch (Exception ex) {
LOG.log(Level.FINE, ex.getMessage(), ex);
throw new Fault(ex);
@@ -714,24 +719,26 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
}
List<Reference> referenceList = sig.addReferencesToSign(sigParts, secHeader);
- //Do signature
- if (bottomUpElement == null) {
- sig.computeSignature(referenceList, false, null);
- } else {
- sig.computeSignature(referenceList, true, bottomUpElement);
- }
- bottomUpElement = sig.getSignatureElement();
-
- if (!abinding.isProtectTokens()) {
- Element bstElement = sig.getBinarySecurityTokenElement();
- if (bstElement != null) {
- secHeader.getSecurityHeader().insertBefore(bstElement, bottomUpElement);
+ if (!referenceList.isEmpty()) {
+ //Do signature
+ if (bottomUpElement == null) {
+ sig.computeSignature(referenceList, false, null);
+ } else {
+ sig.computeSignature(referenceList, true, bottomUpElement);
+ }
+ bottomUpElement = sig.getSignatureElement();
+
+ if (!abinding.isProtectTokens()) {
+ Element bstElement = sig.getBinarySecurityTokenElement();
+ if (bstElement != null) {
+ secHeader.getSecurityHeader().insertBefore(bstElement, bottomUpElement);
+ }
}
+
+ addSig(sig.getSignatureValue());
+
+ mainSigId = sig.getId();
}
-
- addSig(sig.getSignatureValue());
-
- mainSigId = sig.getId();
}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/811f40df/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
index b785898..789b9ff 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
@@ -751,22 +751,24 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
dkSign.getParts().addAll(sigs);
List<Reference> referenceList = dkSign.addReferencesToSign(sigs, secHeader);
-
- //Add elements to header
- Element el = dkSign.getdktElement();
- addDerivedKeyElement(el);
-
- //Do signature
- if (bottomUpElement == null) {
- dkSign.computeSignature(referenceList, false, null);
- } else {
- dkSign.computeSignature(referenceList, true, bottomUpElement);
+ if (!referenceList.isEmpty()) {
+ //Add elements to header
+ Element el = dkSign.getdktElement();
+ addDerivedKeyElement(el);
+
+ //Do signature
+ if (bottomUpElement == null) {
+ dkSign.computeSignature(referenceList, false, null);
+ } else {
+ dkSign.computeSignature(referenceList, true, bottomUpElement);
+ }
+ bottomUpElement = dkSign.getSignatureElement();
+
+ this.mainSigId = dkSign.getSignatureId();
+
+ return dkSign.getSignatureValue();
}
- bottomUpElement = dkSign.getSignatureElement();
-
- this.mainSigId = dkSign.getSignatureId();
-
- return dkSign.getSignatureValue();
+ return null;
}
private byte[] doSignature(List<WSEncryptionPart> sigs,
@@ -885,17 +887,19 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
sig.prepare(saaj.getSOAPPart(), crypto, secHeader);
sig.getParts().addAll(sigs);
List<Reference> referenceList = sig.addReferencesToSign(sigs, secHeader);
-
- //Do signature
- if (bottomUpElement == null) {
- sig.computeSignature(referenceList, false, null);
- } else {
- sig.computeSignature(referenceList, true, bottomUpElement);
+ if (!referenceList.isEmpty()) {
+ //Do signature
+ if (bottomUpElement == null) {
+ sig.computeSignature(referenceList, false, null);
+ } else {
+ sig.computeSignature(referenceList, true, bottomUpElement);
+ }
+ bottomUpElement = sig.getSignatureElement();
+
+ this.mainSigId = sig.getId();
+ return sig.getSignatureValue();
}
- bottomUpElement = sig.getSignatureElement();
-
- this.mainSigId = sig.getId();
- return sig.getSignatureValue();
+ return null;
}
}