You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2015/06/22 12:31:52 UTC
svn commit: r1686832 - in
/webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom:
processor/EncryptedKeyProcessor.java util/EncryptionUtils.java
Author: coheigea
Date: Mon Jun 22 10:31:52 2015
New Revision: 1686832
URL: http://svn.apache.org/r1686832
Log:
Make it easier to retrieve MGF algorithm from an EncryptedKey
Conflicts:
ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
Modified:
webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/EncryptionUtils.java
Modified: webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java?rev=1686832&r1=1686831&r2=1686832&view=diff
==============================================================================
--- webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java (original)
+++ webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java Mon Jun 22 10:31:52 2015
@@ -60,7 +60,6 @@ import org.apache.wss4j.dom.util.Encrypt
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.wss4j.dom.util.X509Util;
import org.apache.xml.security.algorithms.JCEMapper;
-import org.apache.xml.security.exceptions.Base64DecodingException;
import org.apache.xml.security.utils.Base64;
public class EncryptedKeyProcessor implements Processor {
@@ -163,13 +162,13 @@ public class EncryptedKeyProcessor imple
if (WSConstants.KEYTRANSPORT_RSAOEP.equals(encryptedKeyTransportMethod)
|| WSConstants.KEYTRANSPORT_RSAOEP_XENC11.equals(encryptedKeyTransportMethod)) {
// Get the DigestMethod if it exists
- String digestAlgorithm = getDigestAlgorithm(elem);
+ String digestAlgorithm = EncryptionUtils.getDigestAlgorithm(elem);
String jceDigestAlgorithm = "SHA-1";
if (digestAlgorithm != null && !"".equals(digestAlgorithm)) {
jceDigestAlgorithm = JCEMapper.translateURItoJCEID(digestAlgorithm);
}
- String mgfAlgorithm = getMGFAlgorithm(elem);
+ String mgfAlgorithm = EncryptionUtils.getMGFAlgorithm(elem);
MGF1ParameterSpec mgfParameterSpec = new MGF1ParameterSpec("SHA-1");
if (mgfAlgorithm != null) {
if (WSConstants.MGF_SHA224.equals(mgfAlgorithm)) {
@@ -184,7 +183,7 @@ public class EncryptedKeyProcessor imple
}
PSource.PSpecified pSource = PSource.PSpecified.DEFAULT;
- byte[] pSourceBytes = getPSource(elem);
+ byte[] pSourceBytes = EncryptionUtils.getPSource(elem);
if (pSourceBytes != null) {
pSource = new PSource.PSpecified(pSourceBytes);
}
@@ -214,7 +213,7 @@ public class EncryptedKeyProcessor imple
if (xopUri != null && xopUri.startsWith("cid:")) {
encryptedEphemeralKey = WSSecurityUtil.getBytesFromAttachment(xopUri, data);
} else {
- encryptedEphemeralKey = getDecodedBase64EncodedData(xencCipherValue);
+ encryptedEphemeralKey = EncryptionUtils.getDecodedBase64EncodedData(xencCipherValue);
}
String keyAlgorithm = JCEMapper.translateURItoJCEID(encryptedKeyTransportMethod);
@@ -239,6 +238,7 @@ public class EncryptedKeyProcessor imple
WSSecurityEngineResult.TAG_ENCRYPTED_KEY_TRANSPORT_METHOD,
encryptedKeyTransportMethod
);
+ result.put(WSSecurityEngineResult.TAG_TOKEN_ELEMENT, elem);
String tokenId = elem.getAttributeNS(null, "Id");
if (!"".equals(tokenId)) {
result.put(WSSecurityEngineResult.TAG_ID, tokenId);
@@ -287,77 +287,6 @@ public class EncryptedKeyProcessor imple
}
/**
- * Method getDecodedBase64EncodedData
- *
- * @param element
- * @return a byte array containing the decoded data
- * @throws WSSecurityException
- */
- private static byte[] getDecodedBase64EncodedData(Element element) throws WSSecurityException {
- StringBuilder sb = new StringBuilder();
- Node node = element.getFirstChild();
- while (node != null) {
- if (Node.TEXT_NODE == node.getNodeType()) {
- sb.append(((Text) node).getData());
- }
- node = node.getNextSibling();
- }
- String encodedData = sb.toString();
- try {
- return Base64.decode(encodedData);
- } catch (Base64DecodingException e) {
- throw new WSSecurityException(
- WSSecurityException.ErrorCode.FAILURE, e, "decoding.general"
- );
- }
- }
-
- private static String getDigestAlgorithm(Node encBodyData) throws WSSecurityException {
- Element tmpE =
- WSSecurityUtil.getDirectChildElement(
- encBodyData, "EncryptionMethod", WSConstants.ENC_NS
- );
- if (tmpE != null) {
- Element digestElement =
- WSSecurityUtil.getDirectChildElement(tmpE, "DigestMethod", WSConstants.SIG_NS);
- if (digestElement != null) {
- return digestElement.getAttributeNS(null, "Algorithm");
- }
- }
- return null;
- }
-
- private static String getMGFAlgorithm(Node encBodyData) throws WSSecurityException {
- Element tmpE =
- WSSecurityUtil.getDirectChildElement(
- encBodyData, "EncryptionMethod", WSConstants.ENC_NS
- );
- if (tmpE != null) {
- Element mgfElement =
- WSSecurityUtil.getDirectChildElement(tmpE, "MGF", WSConstants.ENC11_NS);
- if (mgfElement != null) {
- return mgfElement.getAttributeNS(null, "Algorithm");
- }
- }
- return null;
- }
-
- private static byte[] getPSource(Node encBodyData) throws WSSecurityException {
- Element tmpE =
- WSSecurityUtil.getDirectChildElement(
- encBodyData, "EncryptionMethod", WSConstants.ENC_NS
- );
- if (tmpE != null) {
- Element pSourceElement =
- WSSecurityUtil.getDirectChildElement(tmpE, "OAEPparams", WSConstants.ENC_NS);
- if (pSourceElement != null) {
- return getDecodedBase64EncodedData(pSourceElement);
- }
- }
- return null;
- }
-
- /**
* @return the Certificate(s) corresponding to the public key reference in the
* EncryptedKey Element
*/
Modified: webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/EncryptionUtils.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/EncryptionUtils.java?rev=1686832&r1=1686831&r2=1686832&view=diff
==============================================================================
--- webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/EncryptionUtils.java (original)
+++ webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/EncryptionUtils.java Mon Jun 22 10:31:52 2015
@@ -34,10 +34,13 @@ import org.apache.wss4j.dom.message.DOMC
import org.apache.xml.security.algorithms.JCEMapper;
import org.apache.xml.security.encryption.XMLCipher;
import org.apache.xml.security.encryption.XMLEncryptionException;
+import org.apache.xml.security.exceptions.Base64DecodingException;
+import org.apache.xml.security.utils.Base64;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
+import org.w3c.dom.Text;
import org.xml.sax.SAXException;
import javax.crypto.Cipher;
@@ -48,6 +51,7 @@ import javax.security.auth.callback.Call
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.ParserConfigurationException;
+
import java.io.IOException;
import java.io.InputStream;
import java.security.NoSuchAlgorithmException;
@@ -419,4 +423,75 @@ public final class EncryptionUtils {
}
}
+ /**
+ * Method getDecodedBase64EncodedData
+ *
+ * @param element
+ * @return a byte array containing the decoded data
+ * @throws WSSecurityException
+ */
+ public static byte[] getDecodedBase64EncodedData(Element element) throws WSSecurityException {
+ StringBuilder sb = new StringBuilder();
+ Node node = element.getFirstChild();
+ while (node != null) {
+ if (Node.TEXT_NODE == node.getNodeType()) {
+ sb.append(((Text) node).getData());
+ }
+ node = node.getNextSibling();
+ }
+ String encodedData = sb.toString();
+ try {
+ return Base64.decode(encodedData);
+ } catch (Base64DecodingException e) {
+ throw new WSSecurityException(
+ WSSecurityException.ErrorCode.FAILURE, e, "decoding.general"
+ );
+ }
+ }
+
+ public static String getDigestAlgorithm(Node encBodyData) throws WSSecurityException {
+ Element tmpE =
+ WSSecurityUtil.getDirectChildElement(
+ encBodyData, "EncryptionMethod", WSConstants.ENC_NS
+ );
+ if (tmpE != null) {
+ Element digestElement =
+ WSSecurityUtil.getDirectChildElement(tmpE, "DigestMethod", WSConstants.SIG_NS);
+ if (digestElement != null) {
+ return digestElement.getAttributeNS(null, "Algorithm");
+ }
+ }
+ return null;
+ }
+
+ public static String getMGFAlgorithm(Node encBodyData) throws WSSecurityException {
+ Element tmpE =
+ WSSecurityUtil.getDirectChildElement(
+ encBodyData, "EncryptionMethod", WSConstants.ENC_NS
+ );
+ if (tmpE != null) {
+ Element mgfElement =
+ WSSecurityUtil.getDirectChildElement(tmpE, "MGF", WSConstants.ENC11_NS);
+ if (mgfElement != null) {
+ return mgfElement.getAttributeNS(null, "Algorithm");
+ }
+ }
+ return null;
+ }
+
+ public static byte[] getPSource(Node encBodyData) throws WSSecurityException {
+ Element tmpE =
+ WSSecurityUtil.getDirectChildElement(
+ encBodyData, "EncryptionMethod", WSConstants.ENC_NS
+ );
+ if (tmpE != null) {
+ Element pSourceElement =
+ WSSecurityUtil.getDirectChildElement(tmpE, "OAEPparams", WSConstants.ENC_NS);
+ if (pSourceElement != null) {
+ return getDecodedBase64EncodedData(pSourceElement);
+ }
+ }
+ return null;
+ }
+
}