You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by co...@apache.org on 2008/10/01 15:56:11 UTC
svn commit: r700768 [2/4] - in /webservices/wss4j/trunk: ./
interop/org/apache/ws/axis/oasis/ src/org/apache/ws/axis/security/
src/org/apache/ws/axis/security/handler/ src/org/apache/ws/security/
src/org/apache/ws/security/action/ src/org/apache/ws/sec...
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java?rev=700768&r1=700767&r2=700768&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java Wed Oct 1 06:56:10 2008
@@ -74,44 +74,44 @@
*/
public class WSSecSignature extends WSSecBase {
- private static Log log = LogFactory.getLog(WSSecSignature.class.getName());
+ private static Log log = LogFactory.getLog(WSSecSignature.class.getName());
- protected boolean useSingleCert = true;
+ protected boolean useSingleCert = true;
- protected String sigAlgo = null;
+ protected String sigAlgo = null;
- protected String canonAlgo = Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
+ protected String canonAlgo = Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
- protected WSSecUsernameToken usernameToken = null;
+ protected WSSecUsernameToken usernameToken = null;
- protected byte[] signatureValue = null;
+ protected byte[] signatureValue = null;
- /*
- * The following private variable are setup during prepare().
- */
- protected Document document = null;
+ /*
+ * The following private variable are setup during prepare().
+ */
+ protected Document document = null;
- private Crypto crypto = null;
+ private Crypto crypto = null;
- protected WSDocInfo wsDocInfo = null;
+ protected WSDocInfo wsDocInfo = null;
- protected String certUri = null;
+ protected String certUri = null;
- protected XMLSignature sig = null;
+ protected XMLSignature sig = null;
- protected KeyInfo keyInfo = null;
+ protected KeyInfo keyInfo = null;
- protected String keyInfoUri = null;
+ protected String keyInfoUri = null;
- protected SecurityTokenReference secRef = null;
+ protected SecurityTokenReference secRef = null;
- protected String strUri = null;
+ protected String strUri = null;
- private byte[] secretKey = null;
-
- private String encrKeySha1value = null;
+ private byte[] secretKey = null;
+
+ private String encrKeySha1value = null;
- protected BinarySecurity bstToken = null;
+ protected BinarySecurity bstToken = null;
private String customTokenValueType;
@@ -119,88 +119,88 @@
private String digestAlgo = "http://www.w3.org/2000/09/xmldsig#sha1";
- /**
- * Constructor.
- */
- public WSSecSignature() {
- }
-
- /**
- * set the single cert flag.
- *
- * @param useSingleCert
- */
- public void setUseSingleCertificate(boolean useSingleCert) {
- this.useSingleCert = useSingleCert;
- }
-
- /**
- * Get the single cert flag.
- *
- * @return A boolean if single certificate is set.
- */
- public boolean isUseSingleCertificate() {
- return this.useSingleCert;
- }
-
- /**
- * Set the name of the signature encryption algorithm to use.
- *
- * If the algorithm is not set then an automatic detection of the signature
- * algorithm to use is performed during the <code>prepare()</code>
- * method. Refer to WSConstants which algorithms are supported.
- *
- * @param algo
- * Is the name of the signature algorithm
- * @see WSConstants#RSA
- * @see WSConstants#DSA
- */
- public void setSignatureAlgorithm(String algo) {
- sigAlgo = algo;
- }
-
- /**
- * Get the name of the signature algorithm that is being used.
- *
- * Call this method after <code>prepare</code> to get the information
- * which signature algorithm was automatically detected if no signature
- * algorithm was preset.
- *
- * @return the identifier URI of the signature algorithm
- */
- public String getSignatureAlgorithm() {
- return sigAlgo;
- }
-
- /**
- * Set the canonicalization method to use.
- *
- * If the canonicalization method is not set then the recommended Exclusive
- * XML Canonicalization is used by default Refer to WSConstants which
- * algorithms are supported.
- *
- * @param algo
- * Is the name of the signature algorithm
- * @see WSConstants#C14N_OMIT_COMMENTS
- * @see WSConstants#C14N_WITH_COMMENTS
- * @see WSConstants#C14N_EXCL_OMIT_COMMENTS
- * @see WSConstants#C14N_EXCL_WITH_COMMENTS
- */
- public void setSigCanonicalization(String algo) {
- canonAlgo = algo;
- }
-
- /**
- * Get the canonicalization method.
- *
- * If the canonicalization method was not set then Exclusive XML
- * Canonicalization is used by default.
- *
- * @return The string describing the canonicalization algorithm.
- */
- public String getSigCanonicalization() {
- return canonAlgo;
- }
+ /**
+ * Constructor.
+ */
+ public WSSecSignature() {
+ }
+
+ /**
+ * set the single cert flag.
+ *
+ * @param useSingleCert
+ */
+ public void setUseSingleCertificate(boolean useSingleCert) {
+ this.useSingleCert = useSingleCert;
+ }
+
+ /**
+ * Get the single cert flag.
+ *
+ * @return A boolean if single certificate is set.
+ */
+ public boolean isUseSingleCertificate() {
+ return this.useSingleCert;
+ }
+
+ /**
+ * Set the name of the signature encryption algorithm to use.
+ *
+ * If the algorithm is not set then an automatic detection of the signature
+ * algorithm to use is performed during the <code>prepare()</code>
+ * method. Refer to WSConstants which algorithms are supported.
+ *
+ * @param algo
+ * Is the name of the signature algorithm
+ * @see WSConstants#RSA
+ * @see WSConstants#DSA
+ */
+ public void setSignatureAlgorithm(String algo) {
+ sigAlgo = algo;
+ }
+
+ /**
+ * Get the name of the signature algorithm that is being used.
+ *
+ * Call this method after <code>prepare</code> to get the information
+ * which signature algorithm was automatically detected if no signature
+ * algorithm was preset.
+ *
+ * @return the identifier URI of the signature algorithm
+ */
+ public String getSignatureAlgorithm() {
+ return sigAlgo;
+ }
+
+ /**
+ * Set the canonicalization method to use.
+ *
+ * If the canonicalization method is not set then the recommended Exclusive
+ * XML Canonicalization is used by default Refer to WSConstants which
+ * algorithms are supported.
+ *
+ * @param algo
+ * Is the name of the signature algorithm
+ * @see WSConstants#C14N_OMIT_COMMENTS
+ * @see WSConstants#C14N_WITH_COMMENTS
+ * @see WSConstants#C14N_EXCL_OMIT_COMMENTS
+ * @see WSConstants#C14N_EXCL_WITH_COMMENTS
+ */
+ public void setSigCanonicalization(String algo) {
+ canonAlgo = algo;
+ }
+
+ /**
+ * Get the canonicalization method.
+ *
+ * If the canonicalization method was not set then Exclusive XML
+ * Canonicalization is used by default.
+ *
+ * @return The string describing the canonicalization algorithm.
+ */
+ public String getSigCanonicalization() {
+ return canonAlgo;
+ }
/**
* @return the digestAlgo
@@ -218,41 +218,41 @@
this.digestAlgo = digestAlgo;
}
-
- /**
- * @param usernameToken
- * The usernameToken to set.
- */
- public void setUsernameToken(WSSecUsernameToken usernameToken) {
- this.usernameToken = usernameToken;
- }
-
- /**
- * Returns the computed Signature value.
- *
- * Call this method after <code>computeSignature()</code> or <code>build()</code>
- * methods were called.
- *
- * @return Returns the signatureValue.
- */
- public byte[] getSignatureValue() {
- return signatureValue;
- }
-
- /**
- * Get the id generated during <code>prepare()</code>.
- *
- * Returns the the value of wsu:Id attribute of the Signature element.
- *
- * @return Return the wsu:Id of this token or null if <code>prepare()</code>
- * was not called before.
- */
- public String getId() {
- if (sig == null) {
- return null;
- }
- return sig.getId();
- }
+
+ /**
+ * @param usernameToken
+ * The usernameToken to set.
+ */
+ public void setUsernameToken(WSSecUsernameToken usernameToken) {
+ this.usernameToken = usernameToken;
+ }
+
+ /**
+ * Returns the computed Signature value.
+ *
+ * Call this method after <code>computeSignature()</code> or <code>build()</code>
+ * methods were called.
+ *
+ * @return Returns the signatureValue.
+ */
+ public byte[] getSignatureValue() {
+ return signatureValue;
+ }
+
+ /**
+ * Get the id generated during <code>prepare()</code>.
+ *
+ * Returns the the value of wsu:Id attribute of the Signature element.
+ *
+ * @return Return the wsu:Id of this token or null if <code>prepare()</code>
+ * was not called before.
+ */
+ public String getId() {
+ if (sig == null) {
+ return null;
+ }
+ return sig.getId();
+ }
/**
* Get the id of the BSt generated during <code>prepare()</code>.
@@ -268,358 +268,358 @@
return this.bstToken.getID();
}
- /**
- * Initialize a WSSec Signature.
- *
- * The method sets up and initializes a WSSec Signature structure after the
- * relevant information was set. After setup of the references to elements
- * to sign may be added. After all references are added they can be signed.
- *
- * <p/>
- *
- * This method does not add the Signature element to the security header.
- * See <code>prependSignatureElementToHeader()</code> method.
- *
- * @param doc
- * The SOAP envelope as <code>Document</code>
- * @param cr
- * An instance of the Crypto API to handle keystore and
- * certificates
- * @param secHeader
- * The security header that will hold the Signature. This is used
- * to construct namespace prefixes for Signature. This method
- * @throws WSSecurityException
- */
- public void prepare(Document doc, Crypto cr, WSSecHeader secHeader)
- throws WSSecurityException {
- /*
- * Gather some info about the document to process and store it for
- * retrieval
- */
- crypto = cr;
- document = doc;
-
- wsDocInfo = new WSDocInfo(doc.hashCode());
- wsDocInfo.setCrypto(cr);
-
- /*
- * At first get the security token (certificate) according to the
- * parameters.
- */
- X509Certificate[] certs = null;
- if (keyIdentifierType != WSConstants.UT_SIGNING
+ /**
+ * Initialize a WSSec Signature.
+ *
+ * The method sets up and initializes a WSSec Signature structure after the
+ * relevant information was set. After setup of the references to elements
+ * to sign may be added. After all references are added they can be signed.
+ *
+ * <p/>
+ *
+ * This method does not add the Signature element to the security header.
+ * See <code>prependSignatureElementToHeader()</code> method.
+ *
+ * @param doc
+ * The SOAP envelope as <code>Document</code>
+ * @param cr
+ * An instance of the Crypto API to handle keystore and
+ * certificates
+ * @param secHeader
+ * The security header that will hold the Signature. This is used
+ * to construct namespace prefixes for Signature. This method
+ * @throws WSSecurityException
+ */
+ public void prepare(Document doc, Crypto cr, WSSecHeader secHeader)
+ throws WSSecurityException {
+ /*
+ * Gather some info about the document to process and store it for
+ * retrieval
+ */
+ crypto = cr;
+ document = doc;
+
+ wsDocInfo = new WSDocInfo(doc.hashCode());
+ wsDocInfo.setCrypto(cr);
+
+ /*
+ * At first get the security token (certificate) according to the
+ * parameters.
+ */
+ X509Certificate[] certs = null;
+ if (keyIdentifierType != WSConstants.UT_SIGNING
&& keyIdentifierType != WSConstants.CUSTOM_SYMM_SIGNING
&& keyIdentifierType != WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER) {
- certs = crypto.getCertificates(user);
- if (certs == null || certs.length <= 0) {
- throw new WSSecurityException(
- WSSecurityException.FAILURE,
- "noUserCertsFound",
- new Object[] { user, "signature" }
- );
- }
- certUri = "CertId-" + certs[0].hashCode();
- /*
- * If no signature algo was set try to detect it according to the
- * data stored in the certificate.
- */
- if (sigAlgo == null) {
- String pubKeyAlgo = certs[0].getPublicKey().getAlgorithm();
- log.debug("automatic sig algo detection: " + pubKeyAlgo);
- if (pubKeyAlgo.equalsIgnoreCase("DSA")) {
- sigAlgo = XMLSignature.ALGO_ID_SIGNATURE_DSA;
- } else if (pubKeyAlgo.equalsIgnoreCase("RSA")) {
- sigAlgo = XMLSignature.ALGO_ID_SIGNATURE_RSA;
- } else {
- throw new WSSecurityException(
- WSSecurityException.FAILURE,
- "unknownSignatureAlgorithm",
- new Object[] {
- pubKeyAlgo
- }
- );
- }
- }
- }
-
- /*
- * Get an initialized XMLSignature element.
- */
- if (canonAlgo.equals(WSConstants.C14N_EXCL_OMIT_COMMENTS)) {
- Element canonElem = XMLUtils.createElementInSignatureSpace(doc,
- Constants._TAG_CANONICALIZATIONMETHOD);
-
- canonElem.setAttributeNS(null, Constants._ATT_ALGORITHM, canonAlgo);
-
- if (wssConfig.isWsiBSPCompliant()) {
- Set prefixes = getInclusivePrefixes(secHeader.getSecurityHeader(), false);
-
- InclusiveNamespaces inclusiveNamespaces = new InclusiveNamespaces(
- doc, prefixes);
-
- canonElem.appendChild(inclusiveNamespaces.getElement());
- }
-
- try {
- SignatureAlgorithm signatureAlgorithm = new SignatureAlgorithm(
- doc, sigAlgo);
- sig = new XMLSignature(doc, null, signatureAlgorithm
- .getElement(), canonElem);
- } catch (XMLSecurityException e) {
- log.error("", e);
- throw new WSSecurityException(
- WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, e
- );
- }
- } else {
- try {
- sig = new XMLSignature(doc, null, sigAlgo, canonAlgo);
- } catch (XMLSecurityException e) {
- log.error("", e);
- throw new WSSecurityException(
- WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, e
- );
- }
- }
-
- sig.addResourceResolver(EnvelopeIdResolver.getInstance());
- String sigUri = "Signature-" + sig.hashCode();
- sig.setId(sigUri);
-
- keyInfo = sig.getKeyInfo();
- keyInfoUri = "KeyId-" + keyInfo.hashCode();
- keyInfo.setId(keyInfoUri);
-
- secRef = new SecurityTokenReference(doc);
- strUri = "STRId-" + secRef.hashCode();
- secRef.setID(strUri);
-
- /*
- * Prepare and setup the token references for this Signature
- */
- switch (keyIdentifierType) {
- case WSConstants.BST_DIRECT_REFERENCE:
- Reference ref = new Reference(document);
- ref.setURI("#" + certUri);
- if (!useSingleCert) {
- bstToken = new PKIPathSecurity(document);
- ((PKIPathSecurity) bstToken).setX509Certificates(certs, false,
- crypto);
- } else {
- bstToken = new X509Security(document);
- ((X509Security) bstToken).setX509Certificate(certs[0]);
- }
- ref.setValueType(bstToken.getValueType());
- secRef.setReference(ref);
- bstToken.setID(certUri);
- wsDocInfo.setBst(bstToken.getElement());
- break;
-
- case WSConstants.ISSUER_SERIAL:
- XMLX509IssuerSerial data = new XMLX509IssuerSerial(document,
- certs[0]);
- X509Data x509Data = new X509Data(document);
- x509Data.add(data);
- secRef.setX509IssuerSerial(x509Data);
- break;
-
- case WSConstants.X509_KEY_IDENTIFIER:
- secRef.setKeyIdentifier(certs[0]);
- break;
-
- case WSConstants.SKI_KEY_IDENTIFIER:
- secRef.setKeyIdentifierSKI(certs[0], crypto);
- break;
-
- case WSConstants.UT_SIGNING:
- Reference refUt = new Reference(document);
- refUt.setValueType(WSConstants.USERNAMETOKEN_NS + "#UsernameToken");
- String utId = usernameToken.getId();
- refUt.setURI("#" + utId);
- secRef.setReference(refUt);
- secretKey = usernameToken.getSecretKey();
- break;
-
- case WSConstants.THUMBPRINT_IDENTIFIER:
- secRef.setKeyIdentifierThumb(certs[0]);
- break;
-
- case WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER:
- secRef.setKeyIdentifierEncKeySHA1(this.encrKeySha1value);
- break;
+ certs = crypto.getCertificates(user);
+ if (certs == null || certs.length <= 0) {
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "noUserCertsFound",
+ new Object[] { user, "signature" }
+ );
+ }
+ certUri = "CertId-" + certs[0].hashCode();
+ /*
+ * If no signature algo was set try to detect it according to the
+ * data stored in the certificate.
+ */
+ if (sigAlgo == null) {
+ String pubKeyAlgo = certs[0].getPublicKey().getAlgorithm();
+ log.debug("automatic sig algo detection: " + pubKeyAlgo);
+ if (pubKeyAlgo.equalsIgnoreCase("DSA")) {
+ sigAlgo = XMLSignature.ALGO_ID_SIGNATURE_DSA;
+ } else if (pubKeyAlgo.equalsIgnoreCase("RSA")) {
+ sigAlgo = XMLSignature.ALGO_ID_SIGNATURE_RSA;
+ } else {
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "unknownSignatureAlgorithm",
+ new Object[] {
+ pubKeyAlgo
+ }
+ );
+ }
+ }
+ }
+
+ /*
+ * Get an initialized XMLSignature element.
+ */
+ if (canonAlgo.equals(WSConstants.C14N_EXCL_OMIT_COMMENTS)) {
+ Element canonElem = XMLUtils.createElementInSignatureSpace(doc,
+ Constants._TAG_CANONICALIZATIONMETHOD);
+
+ canonElem.setAttributeNS(null, Constants._ATT_ALGORITHM, canonAlgo);
+
+ if (wssConfig.isWsiBSPCompliant()) {
+ Set prefixes = getInclusivePrefixes(secHeader.getSecurityHeader(), false);
+
+ InclusiveNamespaces inclusiveNamespaces = new InclusiveNamespaces(
+ doc, prefixes);
+
+ canonElem.appendChild(inclusiveNamespaces.getElement());
+ }
+
+ try {
+ SignatureAlgorithm signatureAlgorithm = new SignatureAlgorithm(
+ doc, sigAlgo);
+ sig = new XMLSignature(doc, null, signatureAlgorithm
+ .getElement(), canonElem);
+ } catch (XMLSecurityException e) {
+ log.error("", e);
+ throw new WSSecurityException(
+ WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, e
+ );
+ }
+ } else {
+ try {
+ sig = new XMLSignature(doc, null, sigAlgo, canonAlgo);
+ } catch (XMLSecurityException e) {
+ log.error("", e);
+ throw new WSSecurityException(
+ WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, e
+ );
+ }
+ }
+
+ sig.addResourceResolver(EnvelopeIdResolver.getInstance());
+ String sigUri = "Signature-" + sig.hashCode();
+ sig.setId(sigUri);
+
+ keyInfo = sig.getKeyInfo();
+ keyInfoUri = "KeyId-" + keyInfo.hashCode();
+ keyInfo.setId(keyInfoUri);
+
+ secRef = new SecurityTokenReference(doc);
+ strUri = "STRId-" + secRef.hashCode();
+ secRef.setID(strUri);
+
+ /*
+ * Prepare and setup the token references for this Signature
+ */
+ switch (keyIdentifierType) {
+ case WSConstants.BST_DIRECT_REFERENCE:
+ Reference ref = new Reference(document);
+ ref.setURI("#" + certUri);
+ if (!useSingleCert) {
+ bstToken = new PKIPathSecurity(document);
+ ((PKIPathSecurity) bstToken).setX509Certificates(certs, false,
+ crypto);
+ } else {
+ bstToken = new X509Security(document);
+ ((X509Security) bstToken).setX509Certificate(certs[0]);
+ }
+ ref.setValueType(bstToken.getValueType());
+ secRef.setReference(ref);
+ bstToken.setID(certUri);
+ wsDocInfo.setBst(bstToken.getElement());
+ break;
+
+ case WSConstants.ISSUER_SERIAL:
+ XMLX509IssuerSerial data = new XMLX509IssuerSerial(document,
+ certs[0]);
+ X509Data x509Data = new X509Data(document);
+ x509Data.add(data);
+ secRef.setX509IssuerSerial(x509Data);
+ break;
+
+ case WSConstants.X509_KEY_IDENTIFIER:
+ secRef.setKeyIdentifier(certs[0]);
+ break;
+
+ case WSConstants.SKI_KEY_IDENTIFIER:
+ secRef.setKeyIdentifierSKI(certs[0], crypto);
+ break;
+
+ case WSConstants.UT_SIGNING:
+ Reference refUt = new Reference(document);
+ refUt.setValueType(WSConstants.USERNAMETOKEN_NS + "#UsernameToken");
+ String utId = usernameToken.getId();
+ refUt.setURI("#" + utId);
+ secRef.setReference(refUt);
+ secretKey = usernameToken.getSecretKey();
+ break;
+
+ case WSConstants.THUMBPRINT_IDENTIFIER:
+ secRef.setKeyIdentifierThumb(certs[0]);
+ break;
+
+ case WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER:
+ secRef.setKeyIdentifierEncKeySHA1(this.encrKeySha1value);
+ break;
- case WSConstants.CUSTOM_SYMM_SIGNING :
+ case WSConstants.CUSTOM_SYMM_SIGNING :
Reference refCust = new Reference(document);
refCust.setValueType(this.customTokenValueType);
refCust.setURI("#" + this.customTokenId);
secRef.setReference(refCust);
- break;
- default:
- throw new WSSecurityException(WSSecurityException.FAILURE,
- "unsupportedKeyId");
- }
- keyInfo.addUnknownElement(secRef.getElement());
-
- }
-
- /**
- * This method adds references to the Signature.
- *
- * The added references are signed when calling
- * <code>computeSignature()</code>. This method can be called several
- * times to add references as required. <code>addReferencesToSign()</code>
- * can be called any time after <code>prepare</code>.
- *
- * @param references
- * A vector containing <code>WSEncryptionPart</code> objects
- * that define the parts to sign.
- * @param secHeader
- * Used to compute namespaces to be inserted by
- * InclusiveNamespaces to be WSI compliant.
- * @throws WSSecurityException
- */
- public void addReferencesToSign(Vector references, WSSecHeader secHeader)
- throws WSSecurityException {
- Transforms transforms = null;
-
- Element envelope = document.getDocumentElement();
-
- for (int part = 0; part < references.size(); part++) {
- WSEncryptionPart encPart = (WSEncryptionPart) references.get(part);
-
- String idToSign = encPart.getId();
-
- String elemName = encPart.getName();
- String nmSpace = encPart.getNamespace();
-
- /*
- * Set up the elements to sign. There are two reserved element
- * names: "Token" and "STRTransform" "Token": Setup the Signature to
- * either sign the information that points to the security token or
- * the token itself. If its a direct reference sign the token,
- * otherwise sign the KeyInfo Element. "STRTransform": Setup the
- * ds:Reference to use STR Transform
- *
- */
- transforms = new Transforms(document);
- try {
- if (idToSign != null) {
- Element toSignById = WSSecurityUtil.findElementById(
- document.getDocumentElement(), idToSign,
- WSConstants.WSU_NS);
- if (toSignById == null) {
- toSignById = WSSecurityUtil.findElementById(document
- .getDocumentElement(), idToSign, null);
- }
- transforms
- .addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
- if (wssConfig.isWsiBSPCompliant()) {
- transforms.item(0).getElement().appendChild(
- new InclusiveNamespaces(document,
- getInclusivePrefixes(toSignById))
- .getElement());
- }
- sig.addDocument("#" + idToSign, transforms, digestAlgo);
- } else if (elemName.equals("Token")) {
- transforms
- .addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
- if (keyIdentifierType == WSConstants.BST_DIRECT_REFERENCE) {
- if (wssConfig.isWsiBSPCompliant()) {
- transforms
- .item(0)
- .getElement()
- .appendChild(
- new InclusiveNamespaces(
- document,
- getInclusivePrefixes(secHeader.getSecurityHeader()))
- .getElement());
- }
- sig.addDocument("#" + certUri, transforms, digestAlgo);
- } else {
- if (wssConfig.isWsiBSPCompliant()) {
- transforms.item(0).getElement().appendChild(
- new InclusiveNamespaces(document,
- getInclusivePrefixes(keyInfo
- .getElement()))
- .getElement());
- }
- sig.addDocument("#" + keyInfoUri, transforms, digestAlgo);
- }
- } else if (elemName.equals("STRTransform")) { // STRTransform
- Element ctx = createSTRParameter(document);
- transforms.addTransform(
- STRTransform.implementedTransformURI, ctx);
- sig.addDocument("#" + strUri, transforms, digestAlgo);
- } else if (elemName.equals("Assertion")) { // Assertion
-
- String id = null;
- id = SAMLUtil.getAssertionId(envelope, elemName, nmSpace);
-
- Element body = (Element) WSSecurityUtil.findElement(
- envelope, elemName, nmSpace);
- if (body == null) {
- throw new WSSecurityException(
- WSSecurityException.FAILURE, "noEncElement",
- new Object[] { nmSpace + ", " + elemName });
- }
- transforms
- .addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
- if (wssConfig.isWsiBSPCompliant()) {
- transforms.item(0).getElement().appendChild(
- new InclusiveNamespaces(document,
- getInclusivePrefixes(body))
- .getElement());
- }
- String prefix = WSSecurityUtil.setNamespace(body,
- WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
- body.setAttributeNS(WSConstants.WSU_NS, prefix + ":Id", id);
- sig.addDocument("#" + id, transforms, digestAlgo);
-
- } else {
- Element body = (Element) WSSecurityUtil.findElement(
- envelope, elemName, nmSpace);
- if (body == null) {
- throw new WSSecurityException(
- WSSecurityException.FAILURE, "noEncElement",
- new Object[] { nmSpace + ", " + elemName });
- }
- transforms
- .addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
- if (wssConfig.isWsiBSPCompliant()) {
- transforms.item(0).getElement().appendChild(
- new InclusiveNamespaces(document,
- getInclusivePrefixes(body))
- .getElement());
- }
- sig.addDocument("#" + setWsuId(body), transforms, digestAlgo);
- }
- } catch (TransformationException e1) {
- throw new WSSecurityException(
- WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null,
- e1);
- } catch (XMLSignatureException e1) {
- throw new WSSecurityException(
- WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null,
- e1);
- }
- }
- }
-
- /**
- * Prepends the Signature element to the elements already in the Security
- * header.
- *
- * The method can be called any time after <code>prepare()</code>.
- * This allows to insert the Signature element at any position in the
- * Security header.
- *
- * @param secHeader
- * The secHeader that holds the Signature element.
- */
- public void prependToHeader(WSSecHeader secHeader) {
- WSSecurityUtil.prependChildElement(document, secHeader.getSecurityHeader(), sig
- .getElement(), false);
- }
+ break;
+ default:
+ throw new WSSecurityException(WSSecurityException.FAILURE,
+ "unsupportedKeyId");
+ }
+ keyInfo.addUnknownElement(secRef.getElement());
+
+ }
+
+ /**
+ * This method adds references to the Signature.
+ *
+ * The added references are signed when calling
+ * <code>computeSignature()</code>. This method can be called several
+ * times to add references as required. <code>addReferencesToSign()</code>
+ * can be called any time after <code>prepare</code>.
+ *
+ * @param references
+ * A vector containing <code>WSEncryptionPart</code> objects
+ * that define the parts to sign.
+ * @param secHeader
+ * Used to compute namespaces to be inserted by
+ * InclusiveNamespaces to be WSI compliant.
+ * @throws WSSecurityException
+ */
+ public void addReferencesToSign(Vector references, WSSecHeader secHeader)
+ throws WSSecurityException {
+ Transforms transforms = null;
+
+ Element envelope = document.getDocumentElement();
+
+ for (int part = 0; part < references.size(); part++) {
+ WSEncryptionPart encPart = (WSEncryptionPart) references.get(part);
+
+ String idToSign = encPart.getId();
+
+ String elemName = encPart.getName();
+ String nmSpace = encPart.getNamespace();
+
+ /*
+ * Set up the elements to sign. There are two reserved element
+ * names: "Token" and "STRTransform" "Token": Setup the Signature to
+ * either sign the information that points to the security token or
+ * the token itself. If its a direct reference sign the token,
+ * otherwise sign the KeyInfo Element. "STRTransform": Setup the
+ * ds:Reference to use STR Transform
+ *
+ */
+ transforms = new Transforms(document);
+ try {
+ if (idToSign != null) {
+ Element toSignById = WSSecurityUtil.findElementById(
+ document.getDocumentElement(), idToSign,
+ WSConstants.WSU_NS);
+ if (toSignById == null) {
+ toSignById = WSSecurityUtil.findElementById(document
+ .getDocumentElement(), idToSign, null);
+ }
+ transforms
+ .addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
+ if (wssConfig.isWsiBSPCompliant()) {
+ transforms.item(0).getElement().appendChild(
+ new InclusiveNamespaces(document,
+ getInclusivePrefixes(toSignById))
+ .getElement());
+ }
+ sig.addDocument("#" + idToSign, transforms, digestAlgo);
+ } else if (elemName.equals("Token")) {
+ transforms
+ .addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
+ if (keyIdentifierType == WSConstants.BST_DIRECT_REFERENCE) {
+ if (wssConfig.isWsiBSPCompliant()) {
+ transforms
+ .item(0)
+ .getElement()
+ .appendChild(
+ new InclusiveNamespaces(
+ document,
+ getInclusivePrefixes(secHeader.getSecurityHeader()))
+ .getElement());
+ }
+ sig.addDocument("#" + certUri, transforms, digestAlgo);
+ } else {
+ if (wssConfig.isWsiBSPCompliant()) {
+ transforms.item(0).getElement().appendChild(
+ new InclusiveNamespaces(document,
+ getInclusivePrefixes(keyInfo
+ .getElement()))
+ .getElement());
+ }
+ sig.addDocument("#" + keyInfoUri, transforms, digestAlgo);
+ }
+ } else if (elemName.equals("STRTransform")) { // STRTransform
+ Element ctx = createSTRParameter(document);
+ transforms.addTransform(
+ STRTransform.implementedTransformURI, ctx);
+ sig.addDocument("#" + strUri, transforms, digestAlgo);
+ } else if (elemName.equals("Assertion")) { // Assertion
+
+ String id = null;
+ id = SAMLUtil.getAssertionId(envelope, elemName, nmSpace);
+
+ Element body = (Element) WSSecurityUtil.findElement(
+ envelope, elemName, nmSpace);
+ if (body == null) {
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE, "noEncElement",
+ new Object[] { nmSpace + ", " + elemName });
+ }
+ transforms
+ .addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
+ if (wssConfig.isWsiBSPCompliant()) {
+ transforms.item(0).getElement().appendChild(
+ new InclusiveNamespaces(document,
+ getInclusivePrefixes(body))
+ .getElement());
+ }
+ String prefix = WSSecurityUtil.setNamespace(body,
+ WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ body.setAttributeNS(WSConstants.WSU_NS, prefix + ":Id", id);
+ sig.addDocument("#" + id, transforms, digestAlgo);
+
+ } else {
+ Element body = (Element) WSSecurityUtil.findElement(
+ envelope, elemName, nmSpace);
+ if (body == null) {
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE, "noEncElement",
+ new Object[] { nmSpace + ", " + elemName });
+ }
+ transforms
+ .addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
+ if (wssConfig.isWsiBSPCompliant()) {
+ transforms.item(0).getElement().appendChild(
+ new InclusiveNamespaces(document,
+ getInclusivePrefixes(body))
+ .getElement());
+ }
+ sig.addDocument("#" + setWsuId(body), transforms, digestAlgo);
+ }
+ } catch (TransformationException e1) {
+ throw new WSSecurityException(
+ WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null,
+ e1);
+ } catch (XMLSignatureException e1) {
+ throw new WSSecurityException(
+ WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null,
+ e1);
+ }
+ }
+ }
+
+ /**
+ * Prepends the Signature element to the elements already in the Security
+ * header.
+ *
+ * The method can be called any time after <code>prepare()</code>.
+ * This allows to insert the Signature element at any position in the
+ * Security header.
+ *
+ * @param secHeader
+ * The secHeader that holds the Signature element.
+ */
+ public void prependToHeader(WSSecHeader secHeader) {
+ WSSecurityUtil.prependChildElement(document, secHeader.getSecurityHeader(), sig
+ .getElement(), false);
+ }
/**
* Appends the Signature element to the elements already in the Security
@@ -637,24 +637,24 @@
.getElement());
}
- /**
- * Prepend the BinarySecurityToken to the elements already in the Security
- * header.
- *
- * The method can be called any time after <code>prepare()</code>.
- * This allows to insert the BST element at any position in the Security
- * header.
- *
- * @param secHeader
- * The security header that holds the BST element.
- */
- public void prependBSTElementToHeader(WSSecHeader secHeader) {
- if (bstToken != null) {
- WSSecurityUtil.prependChildElement(document, secHeader.getSecurityHeader(),
- bstToken.getElement(), false);
- }
- bstToken = null;
- }
+ /**
+ * Prepend the BinarySecurityToken to the elements already in the Security
+ * header.
+ *
+ * The method can be called any time after <code>prepare()</code>.
+ * This allows to insert the BST element at any position in the Security
+ * header.
+ *
+ * @param secHeader
+ * The security header that holds the BST element.
+ */
+ public void prependBSTElementToHeader(WSSecHeader secHeader) {
+ if (bstToken != null) {
+ WSSecurityUtil.prependChildElement(document, secHeader.getSecurityHeader(),
+ bstToken.getElement(), false);
+ }
+ bstToken = null;
+ }
/**
* Returns the SignatureElement.
@@ -686,167 +686,167 @@
bstToken = null;
}
- /**
- * Compute the Signature over the references.
- *
- * After references are set this method computes the Signature for them.
- * This method can be called any time after the references were set. See
- * <code>addReferencesToSign()</code>.
- *
- * @throws WSSecurityException
- */
- public void computeSignature() throws WSSecurityException {
- WSDocInfoStore.store(wsDocInfo);
- try {
- if (keyIdentifierType == WSConstants.UT_SIGNING ||
- keyIdentifierType == WSConstants.CUSTOM_SYMM_SIGNING ||
- keyIdentifierType == WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER) {
- sig.sign(sig.createSecretKey(secretKey));
- } else {
- sig.sign(crypto.getPrivateKey(user, password));
- }
- signatureValue = sig.getSignatureValue();
- } catch (XMLSignatureException e1) {
- throw new WSSecurityException(WSSecurityException.FAILED_SIGNATURE,
- null, null, e1);
- } catch (Exception e1) {
- throw new WSSecurityException(WSSecurityException.FAILED_SIGNATURE,
- null, null, e1);
- } finally {
- WSDocInfoStore.delete(wsDocInfo);
- }
-
- }
-
- /**
- * Builds a signed soap envelope.
- *
- * This is a convenience method and for backward compatibility. The method
- * creates a Signature and puts it into the Security header. It does so by
- * calling the single functions in order to perform a <i>one shot signature</i>.
- * This method is compatible with the build method of the previous version
- * with the exception of the additional WSSecHeader parameter.
- *
- * @param doc
- * The unsigned SOAP envelope as <code>Document</code>
- * @param cr
- * An instance of the Crypto API to handle keystore and
- * certificates
- * @param secHeader
- * the security header element to hold the encrypted key element.
- * @return A signed SOAP envelope as <code>Document</code>
- * @throws WSSecurityException
- */
- public Document build(Document doc, Crypto cr, WSSecHeader secHeader)
- throws WSSecurityException {
- doDebug = log.isDebugEnabled();
-
- if (doDebug) {
- log.debug("Beginning signing...");
- }
-
- prepare(doc, cr, secHeader);
-
- SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc
- .getDocumentElement());
-
- if (parts == null) {
- parts = new Vector();
- WSEncryptionPart encP = new WSEncryptionPart(soapConstants
- .getBodyQName().getLocalPart(), soapConstants
- .getEnvelopeURI(), "Content");
- parts.add(encP);
- }
-
- addReferencesToSign(parts, secHeader);
-
- prependToHeader(secHeader);
-
- /*
- * if we have a BST prepend it in front of the Signature according to
- * strict layout rules.
- */
- if (bstToken != null) {
- prependBSTElementToHeader(secHeader);
- }
-
- computeSignature();
-
- return (doc);
- }
-
- protected Element createSTRParameter(Document doc) {
- Element transformParam = doc.createElementNS(WSConstants.WSSE_NS,
- WSConstants.WSSE_PREFIX + ":TransformationParameters");
-
- WSSecurityUtil.setNamespace(transformParam, WSConstants.WSSE_NS,
- WSConstants.WSSE_PREFIX);
-
- Element canonElem = doc.createElementNS(WSConstants.SIG_NS,
- WSConstants.SIG_PREFIX + ":CanonicalizationMethod");
-
- WSSecurityUtil.setNamespace(canonElem, WSConstants.SIG_NS,
- WSConstants.SIG_PREFIX);
-
- canonElem.setAttributeNS(null, "Algorithm",
- Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
- transformParam.appendChild(canonElem);
- return transformParam;
- }
-
- protected Set getInclusivePrefixes(Element target) {
- return getInclusivePrefixes(target, true);
- }
-
- protected Set getInclusivePrefixes(Element target, boolean excludeVisible) {
- Set result = new HashSet();
- Node parent = target;
- NamedNodeMap attributes;
- Node attribute;
- while (!(parent.getParentNode() instanceof Document)) {
- parent = parent.getParentNode();
- attributes = parent.getAttributes();
- for (int i = 0; i < attributes.getLength(); i++) {
- attribute = attributes.item(i);
- if (attribute.getNamespaceURI() != null
- && attribute.getNamespaceURI().equals(
- org.apache.ws.security.WSConstants.XMLNS_NS)) {
- if (attribute.getNodeName().equals("xmlns")) {
- result.add("#default");
- } else {
- result.add(attribute.getLocalName());
- }
- }
- }
- }
-
- if (excludeVisible == true) {
- attributes = target.getAttributes();
- for (int i = 0; i < attributes.getLength(); i++) {
- attribute = attributes.item(i);
- if (attribute.getNamespaceURI() != null
- && attribute.getNamespaceURI().equals(
- org.apache.ws.security.WSConstants.XMLNS_NS)) {
- if (attribute.getNodeName().equals("xmlns")) {
- result.remove("#default");
- } else {
- result.remove(attribute.getLocalName());
- }
- }
- if (attribute.getPrefix() != null) {
- result.remove(attribute.getPrefix());
- }
- }
-
- if (target.getPrefix() == null) {
- result.remove("#default");
- } else {
- result.remove(target.getPrefix());
- }
- }
+ /**
+ * Compute the Signature over the references.
+ *
+ * After references are set this method computes the Signature for them.
+ * This method can be called any time after the references were set. See
+ * <code>addReferencesToSign()</code>.
+ *
+ * @throws WSSecurityException
+ */
+ public void computeSignature() throws WSSecurityException {
+ WSDocInfoStore.store(wsDocInfo);
+ try {
+ if (keyIdentifierType == WSConstants.UT_SIGNING ||
+ keyIdentifierType == WSConstants.CUSTOM_SYMM_SIGNING ||
+ keyIdentifierType == WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER) {
+ sig.sign(sig.createSecretKey(secretKey));
+ } else {
+ sig.sign(crypto.getPrivateKey(user, password));
+ }
+ signatureValue = sig.getSignatureValue();
+ } catch (XMLSignatureException e1) {
+ throw new WSSecurityException(WSSecurityException.FAILED_SIGNATURE,
+ null, null, e1);
+ } catch (Exception e1) {
+ throw new WSSecurityException(WSSecurityException.FAILED_SIGNATURE,
+ null, null, e1);
+ } finally {
+ WSDocInfoStore.delete(wsDocInfo);
+ }
+
+ }
+
+ /**
+ * Builds a signed soap envelope.
+ *
+ * This is a convenience method and for backward compatibility. The method
+ * creates a Signature and puts it into the Security header. It does so by
+ * calling the single functions in order to perform a <i>one shot signature</i>.
+ * This method is compatible with the build method of the previous version
+ * with the exception of the additional WSSecHeader parameter.
+ *
+ * @param doc
+ * The unsigned SOAP envelope as <code>Document</code>
+ * @param cr
+ * An instance of the Crypto API to handle keystore and
+ * certificates
+ * @param secHeader
+ * the security header element to hold the encrypted key element.
+ * @return A signed SOAP envelope as <code>Document</code>
+ * @throws WSSecurityException
+ */
+ public Document build(Document doc, Crypto cr, WSSecHeader secHeader)
+ throws WSSecurityException {
+ doDebug = log.isDebugEnabled();
+
+ if (doDebug) {
+ log.debug("Beginning signing...");
+ }
+
+ prepare(doc, cr, secHeader);
- return result;
- }
+ SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc
+ .getDocumentElement());
+
+ if (parts == null) {
+ parts = new Vector();
+ WSEncryptionPart encP = new WSEncryptionPart(soapConstants
+ .getBodyQName().getLocalPart(), soapConstants
+ .getEnvelopeURI(), "Content");
+ parts.add(encP);
+ }
+
+ addReferencesToSign(parts, secHeader);
+
+ prependToHeader(secHeader);
+
+ /*
+ * if we have a BST prepend it in front of the Signature according to
+ * strict layout rules.
+ */
+ if (bstToken != null) {
+ prependBSTElementToHeader(secHeader);
+ }
+
+ computeSignature();
+
+ return (doc);
+ }
+
+ protected Element createSTRParameter(Document doc) {
+ Element transformParam = doc.createElementNS(WSConstants.WSSE_NS,
+ WSConstants.WSSE_PREFIX + ":TransformationParameters");
+
+ WSSecurityUtil.setNamespace(transformParam, WSConstants.WSSE_NS,
+ WSConstants.WSSE_PREFIX);
+
+ Element canonElem = doc.createElementNS(WSConstants.SIG_NS,
+ WSConstants.SIG_PREFIX + ":CanonicalizationMethod");
+
+ WSSecurityUtil.setNamespace(canonElem, WSConstants.SIG_NS,
+ WSConstants.SIG_PREFIX);
+
+ canonElem.setAttributeNS(null, "Algorithm",
+ Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+ transformParam.appendChild(canonElem);
+ return transformParam;
+ }
+
+ protected Set getInclusivePrefixes(Element target) {
+ return getInclusivePrefixes(target, true);
+ }
+
+ protected Set getInclusivePrefixes(Element target, boolean excludeVisible) {
+ Set result = new HashSet();
+ Node parent = target;
+ NamedNodeMap attributes;
+ Node attribute;
+ while (!(parent.getParentNode() instanceof Document)) {
+ parent = parent.getParentNode();
+ attributes = parent.getAttributes();
+ for (int i = 0; i < attributes.getLength(); i++) {
+ attribute = attributes.item(i);
+ if (attribute.getNamespaceURI() != null
+ && attribute.getNamespaceURI().equals(
+ org.apache.ws.security.WSConstants.XMLNS_NS)) {
+ if (attribute.getNodeName().equals("xmlns")) {
+ result.add("#default");
+ } else {
+ result.add(attribute.getLocalName());
+ }
+ }
+ }
+ }
+
+ if (excludeVisible == true) {
+ attributes = target.getAttributes();
+ for (int i = 0; i < attributes.getLength(); i++) {
+ attribute = attributes.item(i);
+ if (attribute.getNamespaceURI() != null
+ && attribute.getNamespaceURI().equals(
+ org.apache.ws.security.WSConstants.XMLNS_NS)) {
+ if (attribute.getNodeName().equals("xmlns")) {
+ result.remove("#default");
+ } else {
+ result.remove(attribute.getLocalName());
+ }
+ }
+ if (attribute.getPrefix() != null) {
+ result.remove(attribute.getPrefix());
+ }
+ }
+
+ if (target.getPrefix() == null) {
+ result.remove("#default");
+ } else {
+ result.remove(target.getPrefix());
+ }
+ }
+
+ return result;
+ }
public void setSecretKey(byte[] secretKey) {
this.secretKey = secretKey;
@@ -863,5 +863,5 @@
public void setEncrKeySha1value(String encrKeySha1value) {
this.encrKeySha1value = encrKeySha1value;
}
-
+
}
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignatureConfirmation.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignatureConfirmation.java?rev=700768&r1=700767&r2=700768&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignatureConfirmation.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignatureConfirmation.java Wed Oct 1 06:56:10 2008
@@ -46,50 +46,50 @@
public WSSecSignatureConfirmation() {
}
- /**
- * Set the Signature value to store in this SignatureConfirmation.
- *
- * @param signatureValue
- * The Signature value to store in the SignatureConfirmation
- * element
- */
- public void setSignatureValue(byte[] signatureValue) {
- this.signatureValue = signatureValue;
- }
+ /**
+ * Set the Signature value to store in this SignatureConfirmation.
+ *
+ * @param signatureValue
+ * The Signature value to store in the SignatureConfirmation
+ * element
+ */
+ public void setSignatureValue(byte[] signatureValue) {
+ this.signatureValue = signatureValue;
+ }
- /**
- * Creates a SignatureConfimation element.
- *
- * The method prepares and initializes a WSSec SignatureConfirmation structure after
- * the relevant information was set. Before calling <code>prepare()</code> the
- * filed <code>signatureValue</code> must be set
- *
- * @param doc
- * The SOAP envelope as W3C document
- */
- public void prepare(Document doc) {
- document = doc;
+ /**
+ * Creates a SignatureConfimation element.
+ *
+ * The method prepares and initializes a WSSec SignatureConfirmation structure after
+ * the relevant information was set. Before calling <code>prepare()</code> the
+ * filed <code>signatureValue</code> must be set
+ *
+ * @param doc
+ * The SOAP envelope as W3C document
+ */
+ public void prepare(Document doc) {
+ document = doc;
sc = new SignatureConfirmation(doc, signatureValue);
- String scId = "SigConf-" + sc.hashCode();
- sc.setID(scId);
- }
+ String scId = "SigConf-" + sc.hashCode();
+ sc.setID(scId);
+ }
- /**
- * Prepends the SignatureConfirmation element to the elements already in the
- * Security header.
- *
- * The method can be called any time after <code>prepare()</code>.
- * This allows to insert the SignatureConfirmation element at any position in the
- * Security header.
- *
- * @param secHeader
- * The security header that holds the Signature element.
- */
- public void prependToHeader(WSSecHeader secHeader) {
- WSSecurityUtil.prependChildElement(document, secHeader
- .getSecurityHeader(), sc.getElement(), false);
- }
+ /**
+ * Prepends the SignatureConfirmation element to the elements already in the
+ * Security header.
+ *
+ * The method can be called any time after <code>prepare()</code>.
+ * This allows to insert the SignatureConfirmation element at any position in the
+ * Security header.
+ *
+ * @param secHeader
+ * The security header that holds the Signature element.
+ */
+ public void prependToHeader(WSSecHeader secHeader) {
+ WSSecurityUtil.prependChildElement(document, secHeader
+ .getSecurityHeader(), sc.getElement(), false);
+ }
/**
* Adds a new <code>SignatureConfirmation</code> to a soap envelope.
@@ -98,36 +98,36 @@
* to the <code>wsse:Security</code> header.
*
* @param doc
- * The SOAP enevlope as W3C document
+ * The SOAP envelope as W3C document
* @param sigVal
* the Signature value. This will be the content of the "Value"
* attribute.
- * @param secHeader
- * The security header that holds the Signature element.
+ * @param secHeader
+ * The security header that holds the Signature element.
* @return Document with SignatureConfirmation added
*/
public Document build(Document doc, byte[] sigVal, WSSecHeader secHeader) {
log.debug("Begin add signature confirmation...");
signatureValue = sigVal;
- prepare(doc);
- prependToHeader(secHeader);
+ prepare(doc);
+ prependToHeader(secHeader);
return doc;
}
- /**
- * Get the id generated during <code>prepare()</code>.
- *
- * Returns the the value of wsu:Id attribute of this SignatureConfirmation.
- *
- * @return Return the wsu:Id of this token or null if <code>prepareToken()</code>
- * was not called before.
- */
+ /**
+ * Get the id generated during <code>prepare()</code>.
+ *
+ * Returns the the value of wsu:Id attribute of this SignatureConfirmation.
+ *
+ * @return Return the wsu:Id of this token or null if <code>prepareToken()</code>
+ * was not called before.
+ */
public String getId() {
- if (sc == null) {
- return null;
- }
+ if (sc == null) {
+ return null;
+ }
return sc.getID();
}
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecUsernameToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecUsernameToken.java?rev=700768&r1=700767&r2=700768&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecUsernameToken.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecUsernameToken.java Wed Oct 1 06:56:10 2008
@@ -35,61 +35,61 @@
*/
public class WSSecUsernameToken extends WSSecBase {
- private static Log log = LogFactory.getLog(WSSecUsernameToken.class
- .getName());
+ private static Log log = LogFactory.getLog(WSSecUsernameToken.class
+ .getName());
- private String passwordType = WSConstants.PASSWORD_DIGEST;
+ private String passwordType = WSConstants.PASSWORD_DIGEST;
- private UsernameToken ut = null;
+ private UsernameToken ut = null;
- private boolean nonce = false;
+ private boolean nonce = false;
+
+ private boolean created = false;
+
+ private boolean useDerivedKey = false;
+
+ private boolean useMac = false;
+
+ private byte[] saltValue;
+
+ private int iteration = UsernameToken.DEFAULT_ITERATION;
+
+ private Document document = null;
+
+ /**
+ * Constructor.
+ */
+ public WSSecUsernameToken() {
+ }
+
+ /**
+ * Defines how to construct the password element of the
+ * <code>UsernameToken</code>.
+ *
+ * @param pwType
+ * contains the password type. Only allowed values are
+ * {@link WSConstants#PASSWORD_DIGEST} and
+ * {@link WSConstants#PASSWORD_TEXT}.
+ * or null when no password is needed.
+ */
+ public void setPasswordType(String pwType) {
+ this.passwordType = pwType;
+ }
+
+ /**
+ * Add a Nonce element to the UsernameToken.
+ */
+ public void addNonce() {
+ nonce = true;
+ }
- private boolean created = false;
-
- private boolean useDerivedKey = false;
-
- private boolean useMac = false;
-
- private byte[] saltValue;
-
- private int iteration = UsernameToken.DEFAULT_ITERATION;
-
- private Document document = null;
-
- /**
- * Constructor.
- */
- public WSSecUsernameToken() {
- }
-
- /**
- * Defines how to construct the password element of the
- * <code>UsernameToken</code>.
- *
- * @param pwType
- * contains the password type. Only allowed values are
- * {@link WSConstants#PASSWORD_DIGEST} and
- * {@link WSConstants#PASSWORD_TEXT}.
- * or null when no password is needed.
- */
- public void setPasswordType(String pwType) {
- this.passwordType = pwType;
- }
-
- /**
- * Add a Nonce element to the UsernameToken.
- */
- public void addNonce() {
- nonce = true;
- }
-
- /**
- * Add a Created element to the UsernameToken.
- */
- public void addCreated() {
- created = true;
- }
-
+ /**
+ * Add a Created element to the UsernameToken.
+ */
+ public void addCreated() {
+ created = true;
+ }
+
/**
* Add a derived key to the UsernameToken
* @param useMac whether the derived key is to be used for a MAC or not
@@ -106,24 +106,24 @@
}
}
-
- /**
- * Get the derived secret key.
- *
- * After the <code>prepare()</code> method was called use this method
- * to compute a derived secret key. The generation of this secret key is according
- * to WS-Trust specification.
- *
- * @return Return the derived secret key of this token or null if <code>prepare()</code>
- * was not called before.
- */
- public byte[] getSecretKey() {
- if (ut == null) {
- return null;
- }
- return ut.getSecretKey();
- }
-
+
+ /**
+ * Get the derived secret key.
+ *
+ * After the <code>prepare()</code> method was called use this method
+ * to compute a derived secret key. The generation of this secret key is according
+ * to WS-Trust specification.
+ *
+ * @return Return the derived secret key of this token or null if <code>prepare()</code>
+ * was not called before.
+ */
+ public byte[] getSecretKey() {
+ if (ut == null) {
+ return null;
+ }
+ return ut.getSecretKey();
+ }
+
/**
* Get the derived key.
*
@@ -141,69 +141,69 @@
return UsernameToken.generateDerivedKey(password, saltValue, iteration);
}
- /**
- * Get the id generated during <code>prepare()</code>.
- *
- * Returns the the value of wsu:Id attribute of this UsernameToken.
- *
- * @return Return the wsu:Id of this token or null if <code>prepare()</code>
- * was not called before.
- */
- public String getId() {
- if (ut == null) {
- return null;
- }
- return ut.getID();
- }
-
- /**
- * Creates a Username token.
- *
- * The method prepares and initializes a WSSec UsernameToken structure after
- * the relevant information was set. A Before calling
- * <code>prepare()</code> all parameters such as user, password,
- * passwordType etc. must be set. A complete <code>UsernameToken</code> is
- * constructed.
- *
- * @param doc
- * The SOAP envelope as W3C document
- */
- public void prepare(Document doc) {
- document = doc;
- ut = new UsernameToken(wssConfig.isPrecisionInMilliSeconds(), doc,
- passwordType);
- ut.setName(user);
- if (useDerivedKey) {
- saltValue = ut.addSalt(doc, saltValue, useMac);
- ut.addIteration(doc, iteration);
- } else {
- ut.setPassword(password);
- }
- if (nonce) {
- ut.addNonce(doc);
- }
- if (created) {
- ut.addCreated(wssConfig.isPrecisionInMilliSeconds(), doc);
- }
- String utId = "UsernameToken-" + ut.hashCode();
- ut.setID(utId);
- }
-
- /**
- * Prepends the UsernameToken element to the elements already in the
- * Security header.
- *
- * The method can be called any time after <code>prepare()</code>.
- * This allows to insert the UsernameToken element at any position in the
- * Security header.
- *
- * @param secHeader
- * The security header that holds the Signature element.
- */
- public void prependToHeader(WSSecHeader secHeader) {
- WSSecurityUtil.prependChildElement(document, secHeader
- .getSecurityHeader(), ut.getElement(), false);
- }
+ /**
+ * Get the id generated during <code>prepare()</code>.
+ *
+ * Returns the the value of wsu:Id attribute of this UsernameToken.
+ *
+ * @return Return the wsu:Id of this token or null if <code>prepare()</code>
+ * was not called before.
+ */
+ public String getId() {
+ if (ut == null) {
+ return null;
+ }
+ return ut.getID();
+ }
+
+ /**
+ * Creates a Username token.
+ *
+ * The method prepares and initializes a WSSec UsernameToken structure after
+ * the relevant information was set. A Before calling
+ * <code>prepare()</code> all parameters such as user, password,
+ * passwordType etc. must be set. A complete <code>UsernameToken</code> is
+ * constructed.
+ *
+ * @param doc
+ * The SOAP envelope as W3C document
+ */
+ public void prepare(Document doc) {
+ document = doc;
+ ut = new UsernameToken(wssConfig.isPrecisionInMilliSeconds(), doc,
+ passwordType);
+ ut.setName(user);
+ if (useDerivedKey) {
+ saltValue = ut.addSalt(doc, saltValue, useMac);
+ ut.addIteration(doc, iteration);
+ } else {
+ ut.setPassword(password);
+ }
+ if (nonce) {
+ ut.addNonce(doc);
+ }
+ if (created) {
+ ut.addCreated(wssConfig.isPrecisionInMilliSeconds(), doc);
+ }
+ String utId = "UsernameToken-" + ut.hashCode();
+ ut.setID(utId);
+ }
+
+ /**
+ * Prepends the UsernameToken element to the elements already in the
+ * Security header.
+ *
+ * The method can be called any time after <code>prepare()</code>.
+ * This allows to insert the UsernameToken element at any position in the
+ * Security header.
+ *
+ * @param secHeader
+ * The security header that holds the Signature element.
+ */
+ public void prependToHeader(WSSecHeader secHeader) {
+ WSSecurityUtil.prependChildElement(document, secHeader
+ .getSecurityHeader(), ut.getElement(), false);
+ }
/**
* Appends the UsernameToken element to the elements already in the
@@ -220,28 +220,28 @@
WSSecurityUtil.appendChildElement(document, secHeader
.getSecurityHeader(), ut.getElement());
}
- /**
- * Adds a new <code>UsernameToken</code> to a soap envelope.
- *
- * Before calling <code>build()</code> all parameters such as user,
- * password, passwordType etc. must be set. A complete
- * <code>UsernameToken</code> is constructed and added to the
- * <code>wsse:Security</code> header.
- *
- * @param doc
- * The SOAP envelope as W3C document
- * @param secHeader
- * The security header inside the SOAP envelope
- * @return Document with UsernameToken added
- */
- public Document build(Document doc, WSSecHeader secHeader) {
- log.debug("Begin add username token...");
+ /**
+ * Adds a new <code>UsernameToken</code> to a soap envelope.
+ *
+ * Before calling <code>build()</code> all parameters such as user,
+ * password, passwordType etc. must be set. A complete
+ * <code>UsernameToken</code> is constructed and added to the
+ * <code>wsse:Security</code> header.
+ *
+ * @param doc
+ * The SOAP envelope as W3C document
+ * @param secHeader
+ * The security header inside the SOAP envelope
+ * @return Document with UsernameToken added
+ */
+ public Document build(Document doc, WSSecHeader secHeader) {
+ log.debug("Begin add username token...");
- prepare(doc);
- prependToHeader(secHeader);
+ prepare(doc);
+ prependToHeader(secHeader);
- return doc;
- }
+ return doc;
+ }
/**
* Returns the <code>UsernameToken</code> element.
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSignEnvelope.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSignEnvelope.java?rev=700768&r1=700767&r2=700768&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSignEnvelope.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSignEnvelope.java Wed Oct 1 06:56:10 2008
@@ -366,13 +366,13 @@
*/
try {
if (idToSign != null) {
- Element toSignById = WSSecurityUtil
- .findElementById(doc.getDocumentElement(),
- idToSign, WSConstants.WSU_NS);
- if (toSignById == null) {
- toSignById = WSSecurityUtil.findElementById(doc
- .getDocumentElement(), idToSign, null);
- }
+ Element toSignById = WSSecurityUtil
+ .findElementById(doc.getDocumentElement(),
+ idToSign, WSConstants.WSU_NS);
+ if (toSignById == null) {
+ toSignById = WSSecurityUtil.findElementById(doc
+ .getDocumentElement(), idToSign, null);
+ }
transforms = new Transforms(doc);
transforms
.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/token/SecurityTokenReference.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/token/SecurityTokenReference.java?rev=700768&r1=700767&r2=700768&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/token/SecurityTokenReference.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/token/SecurityTokenReference.java Wed Oct 1 06:56:10 2008
@@ -209,7 +209,7 @@
// In some scenarios id is used rather than wsu:Id
if (tokElement == null) {
- tokElement = WSSecurityUtil.getElementByGenId(doc, uri);
+ tokElement = WSSecurityUtil.getElementByGenId(doc, uri);
}
}
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/token/Timestamp.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/token/Timestamp.java?rev=700768&r1=700767&r2=700768&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/token/Timestamp.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/token/Timestamp.java Wed Oct 1 06:56:10 2008
@@ -71,22 +71,22 @@
if (currentChild instanceof Element) {
if (WSConstants.CREATED_LN.equals(currentChild.getLocalName()) &&
WSConstants.WSU_NS.equals(currentChild.getNamespaceURI())) {
- if (strCreated == null) {
- strCreated = ((Text) ((Element) currentChild).getFirstChild()).getData();
- }
- else {
+ if (strCreated == null) {
+ strCreated = ((Text) ((Element) currentChild).getFirstChild()).getData();
+ }
+ else {
throw new WSSecurityException(WSSecurityException.INVALID_SECURITY,
"invalidTimestamp");
- }
+ }
} else if (WSConstants.EXPIRES_LN.equals(currentChild.getLocalName()) &&
WSConstants.WSU_NS.equals(currentChild.getNamespaceURI())) {
- if (strExpires == null) {
- strExpires = ((Text) ((Element) currentChild).getFirstChild()).getData();
- }
- else {
+ if (strExpires == null) {
+ strExpires = ((Text) ((Element) currentChild).getFirstChild()).getData();
+ }
+ else {
throw new WSSecurityException(WSSecurityException.INVALID_SECURITY,
- "invalidTimestamp");
- }
+ "invalidTimestamp");
+ }
} else {
customElements.add((Element) currentChild);
}
@@ -96,14 +96,14 @@
DateFormat zulu = new XmlSchemaDateFormat();
try {
- if (strCreated != null) {
+ if (strCreated != null) {
created = Calendar.getInstance();
- created.setTime(zulu.parse(strCreated));
- }
- if (strExpires != null) {
+ created.setTime(zulu.parse(strCreated));
+ }
+ if (strExpires != null) {
expires = Calendar.getInstance();
- expires.setTime(zulu.parse(strExpires));
- }
+ expires.setTime(zulu.parse(strExpires));
+ }
} catch (ParseException e) {
throw new WSSecurityException(WSSecurityException.INVALID_SECURITY,
"invalidTimestamp",
@@ -124,22 +124,19 @@
customElements = new Vector();
- element =
- doc.createElementNS(WSConstants.WSU_NS,
- WSConstants.WSU_PREFIX
- + ":"
- + WSConstants.TIMESTAMP_TOKEN_LN);
- WSSecurityUtil.setNamespace(element,
- WSConstants.WSU_NS,
- WSConstants.WSU_PREFIX);
+ element =
+ doc.createElementNS(
+ WSConstants.WSU_NS, WSConstants.WSU_PREFIX + ":" + WSConstants.TIMESTAMP_TOKEN_LN
+ );
+ WSSecurityUtil.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
DateFormat zulu = null;
if (milliseconds) {
- zulu = new XmlSchemaDateFormat();
+ zulu = new XmlSchemaDateFormat();
}
else {
- zulu = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
- zulu.setTimeZone(TimeZone.getTimeZone("UTC"));
+ zulu = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
+ zulu.setTimeZone(TimeZone.getTimeZone("UTC"));
}
created = getCurrentTime();
@@ -174,7 +171,7 @@
* @return calendar the current time
*/
protected Calendar getCurrentTime() {
- return Calendar.getInstance();
+ return Calendar.getInstance();
}
/**
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/message/token/UsernameToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/token/UsernameToken.java?rev=700768&r1=700767&r2=700768&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/message/token/UsernameToken.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/message/token/UsernameToken.java Wed Oct 1 06:56:10 2008
@@ -409,12 +409,12 @@
*/
public void setPassword(String pwd) {
if (pwd == null) {
- if(this.passwordType != null) {
- throw new IllegalArgumentException("pwd == null but a password is needed");
- } else {
- // Ignore setting the password.
- return;
- }
+ if(this.passwordType != null) {
+ throw new IllegalArgumentException("pwd == null but a password is needed");
+ } else {
+ // Ignore setting the password.
+ return;
+ }
}
raw_password = pwd; // enhancement by Alberto coletti
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/processor/DerivedKeyTokenProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/processor/DerivedKeyTokenProcessor.java?rev=700768&r1=700767&r2=700768&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/processor/DerivedKeyTokenProcessor.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/processor/DerivedKeyTokenProcessor.java Wed Oct 1 06:56:10 2008
@@ -139,8 +139,8 @@
//Now use the callback and get it
this.secret = this.getSecret(cb, uri.substring(1));
} else if (processor == null && keyIdentifierValue != null
- && keyIdentifierValueType != null) {
- this.secret = this.getSecret(cb, keyIdentifierValue, keyIdentifierValueType);
+ && keyIdentifierValueType != null) {
+ this.secret = this.getSecret(cb, keyIdentifierValue, keyIdentifierValueType);
} else if (processor instanceof EncryptedKeyProcessor) {
this.secret = ((EncryptedKeyProcessor) processor)
.getDecryptedBytes();
@@ -190,22 +190,22 @@
private byte[] getSecret(CallbackHandler cb, String keyIdentifierValue, String keyIdentifierType)
throws WSSecurityException {
-
+
if (cb == null) {
throw new WSSecurityException(WSSecurityException.FAILURE,
"noCallback");
}
WSPasswordCallback pwcb = null;
-
+
//Handle the EncryptedKeySHA1 type key references
- if (keyIdentifierType.equals
- (SecurityTokenReference.ENC_KEY_SHA1_URI)) {
+ if (keyIdentifierType.equals
+ (SecurityTokenReference.ENC_KEY_SHA1_URI)) {
pwcb = new WSPasswordCallback(keyIdentifierValue,
WSPasswordCallback.ENCRYPTED_KEY_TOKEN);
try {
- cb.handle(new Callback[]{pwcb});
+ cb.handle(new Callback[]{pwcb});
} catch (IOException e) {
throw new WSSecurityException(WSSecurityException.FAILURE, "noKey",
new Object[] { id }, e);
@@ -215,7 +215,7 @@
}
}
- return pwcb.getKey();
+ return pwcb.getKey();
}
/**
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedKeyProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedKeyProcessor.java?rev=700768&r1=700767&r2=700768&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedKeyProcessor.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedKeyProcessor.java Wed Oct 1 06:56:10 2008
@@ -104,7 +104,7 @@
if (tlog.isDebugEnabled()) {
t0 = System.currentTimeMillis();
}
- // need to have it to find the encryped data elements in the envelope
+ // need to have it to find the encrypted data elements in the envelope
Document doc = xencEncryptedKey.getOwnerDocument();
// lookup xenc:EncryptionMethod, get the Algorithm attribute to determine
@@ -160,9 +160,9 @@
}
SecurityTokenReference secRef = new SecurityTokenReference(secRefToken);
/*
- * Well, at this point there are several ways to get the key.
- * Try to handle all of them :-).
- */
+ * Well, at this point there are several ways to get the key.
+ * Try to handle all of them :-).
+ */
alias = null;
/*
* handle X509IssuerSerial here. First check if all elements are available,
@@ -239,14 +239,14 @@
"unsupportedBinaryTokenType",
null);
}
- /*
- * The following code is somewhat strange: the called crypto method gets
- * the keyname and searches for a certificate with an issuer's name that is
- * equal to this keyname. No serialnumber is used - IMHO this does
- * not identifies a certificate. In addition neither the WSS4J encryption
- * nor signature methods use this way to identify a certificate. Because of that
- * the next lines of code are disabled.
- */
+ /*
+ * The following code is somewhat strange: the called crypto method gets
+ * the keyname and searches for a certificate with an issuer's name that is
+ * equal to this keyname. No serialnumber is used - IMHO this does
+ * not identifies a certificate. In addition neither the WSS4J encryption
+ * nor signature methods use this way to identify a certificate. Because of that
+ * the next lines of code are disabled.
+ */
// } else if (secRef.containsKeyName()) {
// alias = crypto.getAliasForX509Cert(secRef.getKeyNameValue());
// if (log.isDebugEnabled()) {
@@ -332,7 +332,7 @@
"ReferenceList", WSConstants.ENC_NS);
ArrayList dataRefs = new ArrayList();
if (refList != null) {
-
+
for (tmpE = refList.getFirstChild();
tmpE != null; tmpE = tmpE.getNextSibling()) {
if (tmpE.getNodeType() != Node.ELEMENT_NODE) {
@@ -408,7 +408,7 @@
boolean content = X509Util.isContent(encBodyData);
- // get the encryprion method
+ // get the encryption method
String symEncAlgo = X509Util.getEncAlgo(encBodyData);
SecretKey symmetricKey = WSSecurityUtil.prepareSecretKey(
@@ -418,11 +418,11 @@
XMLCipher xmlCipher = null;
try {
xmlCipher = XMLCipher.getInstance(symEncAlgo);
- xmlCipher.init(XMLCipher.DECRYPT_MODE, symmetricKey);
- } catch (XMLEncryptionException e) {
- throw new WSSecurityException(
- WSSecurityException.UNSUPPORTED_ALGORITHM, null, null, e);
- }
+ xmlCipher.init(XMLCipher.DECRYPT_MODE, symmetricKey);
+ } catch (XMLEncryptionException e) {
+ throw new WSSecurityException(
+ WSSecurityException.UNSUPPORTED_ALGORITHM, null, null, e);
+ }
if (content) {
encBodyData = (Element) encBodyData.getParentNode();
@@ -561,7 +561,7 @@
* @return The Id string
*/
public String getId() {
- return encryptedKeyId;
+ return encryptedKeyId;
}
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/processor/Processor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/processor/Processor.java?rev=700768&r1=700767&r2=700768&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/processor/Processor.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/processor/Processor.java Wed Oct 1 06:56:10 2008
@@ -27,14 +27,21 @@
import java.util.Vector;
public interface Processor {
- public void handleToken(Element elem, Crypto crypto, Crypto decCrypto,
- CallbackHandler cb, WSDocInfo wsDocInfo, Vector returnResults,
- WSSConfig config) throws WSSecurityException;
-
+
+ public void handleToken(
+ Element elem,
+ Crypto crypto,
+ Crypto decCrypto,
+ CallbackHandler cb,
+ WSDocInfo wsDocInfo,
+ Vector returnResults,
+ WSSConfig config
+ ) throws WSSecurityException;
+
/**
- * Get the Id of the processoer.
+ * Get the Id of the processor.
*
* @return The Id string
*/
- public String getId();
+ public String getId();
}
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org