You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2015/03/23 15:42:55 UTC
svn commit: r1668656 [1/2] - in /webservices/wss4j/trunk:
ws-security-common/src/main/java/org/apache/wss4j/common/token/
ws-security-common/src/main/java/org/apache/wss4j/common/util/
ws-security-dom/src/main/java/org/apache/wss4j/dom/ ws-security-dom...
Author: coheigea
Date: Mon Mar 23 14:42:53 2015
New Revision: 1668656
URL: http://svn.apache.org/r1668656
Log:
Fairly large refactor - moving a lot of DOM functionality into "common" for re-use by other projects, who don't require the DOM module
Added:
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509Data.java
- copied, changed from r1668605, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509Data.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509IssuerSerial.java
- copied, changed from r1668605, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509IssuerSerial.java
Removed:
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509Data.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509IssuerSerial.java
Modified:
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/KeyUtils.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSDocInfo.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecBase.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/BinarySecurity.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Reference.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityTokenReference.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedAssertionProcessor.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/ReferenceListProcessor.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/X509Util.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/DerivedKeyTokenSTRParser.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/EncryptedKeySTRParser.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/STRParserUtil.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SecurityTokenRefSTRParser.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SignatureSTRParser.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/transform/STRTransform.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/transform/STRTransformUtil.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/AbstractTestBase.java
Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509Data.java (from r1668605, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509Data.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509Data.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509Data.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509Data.java&r1=1668605&r2=1668656&rev=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509Data.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509Data.java Mon Mar 23 14:42:53 2015
@@ -17,12 +17,12 @@
* under the License.
*/
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.token;
-import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.DOM2Writer;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
+import org.apache.wss4j.common.util.XMLUtils;
+import org.apache.xml.security.utils.Constants;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -42,8 +42,8 @@ public final class DOMX509Data {
// Parse X509IssuerSerial child
//
Element issuerSerialElement =
- WSSecurityUtil.getDirectChildElement(
- element, WSConstants.X509_ISSUER_SERIAL_LN, WSConstants.SIG_NS
+ XMLUtils.getDirectChildElement(
+ element, "X509IssuerSerial", Constants.SignatureSpecNS
);
x509IssuerSerial = new DOMX509IssuerSerial(issuerSerialElement);
}
@@ -53,9 +53,7 @@ public final class DOMX509Data {
*/
public DOMX509Data(Document doc, DOMX509IssuerSerial domIssuerSerial) {
element =
- doc.createElementNS(
- WSConstants.SIG_NS, WSConstants.SIG_PREFIX + ":" + WSConstants.X509_DATA_LN
- );
+ doc.createElementNS(Constants.SignatureSpecNS, "ds:X509Data");
element.appendChild(domIssuerSerial.getElement());
}
Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509IssuerSerial.java (from r1668605, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509IssuerSerial.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509IssuerSerial.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509IssuerSerial.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509IssuerSerial.java&r1=1668605&r2=1668656&rev=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DOMX509IssuerSerial.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509IssuerSerial.java Mon Mar 23 14:42:53 2015
@@ -17,12 +17,11 @@
* under the License.
*/
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.token;
-import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.util.DOM2Writer;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
+import org.apache.xml.security.utils.Constants;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -45,15 +44,12 @@ public final class DOMX509IssuerSerial {
element = issuerSerialElement;
Element issuerNameElement =
- WSSecurityUtil.getDirectChildElement(
- element, WSConstants.X509_ISSUER_NAME_LN, WSConstants.SIG_NS
- );
+ XMLUtils.getDirectChildElement(element, "X509IssuerName", Constants.SignatureSpecNS);
issuer = XMLUtils.getElementText(issuerNameElement);
Element serialNumberElement =
- WSSecurityUtil.getDirectChildElement(
- element, WSConstants.X509_SERIAL_NUMBER_LN, WSConstants.SIG_NS
- );
+ XMLUtils.getDirectChildElement(element, "X509SerialNumber", Constants.SignatureSpecNS);
+
String serialNumberStr = XMLUtils.getElementText(serialNumberElement);
if (serialNumberStr != null) {
serialNumber = new BigInteger(serialNumberStr);
@@ -77,21 +73,15 @@ public final class DOMX509IssuerSerial {
this.serialNumber = serialNumber;
element =
- doc.createElementNS(
- WSConstants.SIG_NS, WSConstants.SIG_PREFIX + ":" + WSConstants.X509_ISSUER_SERIAL_LN
- );
+ doc.createElementNS(Constants.SignatureSpecNS, "ds:X509IssuerSerial");
Element issuerNameElement =
- doc.createElementNS(
- WSConstants.SIG_NS, WSConstants.SIG_PREFIX + ":" + WSConstants.X509_ISSUER_NAME_LN
- );
+ doc.createElementNS(Constants.SignatureSpecNS, "ds:X509IssuerName");
issuerNameElement.appendChild(doc.createTextNode(this.issuer));
element.appendChild(issuerNameElement);
Element serialNumberElement =
- doc.createElementNS(
- WSConstants.SIG_NS, WSConstants.SIG_PREFIX + ":" + WSConstants.X509_SERIAL_NUMBER_LN
- );
+ doc.createElementNS(Constants.SignatureSpecNS, "ds:X509SerialNumber");
serialNumberElement.appendChild(doc.createTextNode(serialNumber.toString()));
element.appendChild(serialNumberElement);
}
Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/KeyUtils.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/KeyUtils.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/KeyUtils.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/KeyUtils.java Mon Mar 23 14:42:53 2015
@@ -21,7 +21,9 @@ package org.apache.wss4j.common.util;
import java.security.NoSuchAlgorithmException;
+import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
+import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
@@ -108,4 +110,37 @@ public final class KeyUtils {
);
}
}
+
+
+ /**
+ * Translate the "cipherAlgo" URI to a JCE ID, and return a javax.crypto.Cipher instance
+ * of this type.
+ */
+ public static Cipher getCipherInstance(String cipherAlgo)
+ throws WSSecurityException {
+ try {
+ String keyAlgorithm = JCEMapper.translateURItoJCEID(cipherAlgo);
+ return Cipher.getInstance(keyAlgorithm);
+ } catch (NoSuchPaddingException ex) {
+ throw new WSSecurityException(
+ WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unsupportedKeyTransp",
+ ex, "No such padding: " + cipherAlgo);
+ } catch (NoSuchAlgorithmException ex) {
+ // Check to see if an RSA OAEP MGF-1 with SHA-1 algorithm was requested
+ // Some JDKs don't support RSA/ECB/OAEPPadding
+ if (XMLCipher.RSA_OAEP.equals(cipherAlgo)) {
+ try {
+ return Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding");
+ } catch (Exception e) {
+ throw new WSSecurityException(
+ WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unsupportedKeyTransp",
+ e, "No such algorithm: " + cipherAlgo);
+ }
+ } else {
+ throw new WSSecurityException(
+ WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unsupportedKeyTransp",
+ ex, "No such algorithm: " + cipherAlgo);
+ }
+ }
+ }
}
Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java Mon Mar 23 14:42:53 2015
@@ -22,6 +22,8 @@ import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
+import java.util.ArrayList;
+import java.util.List;
import javax.xml.transform.Source;
import javax.xml.transform.Transformer;
@@ -35,6 +37,7 @@ import javax.xml.transform.stream.Stream
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.w3c.dom.Text;
import org.xml.sax.InputSource;
@@ -43,6 +46,11 @@ public final class XMLUtils {
public static final String XMLNS_NS = "http://www.w3.org/2000/xmlns/";
public static final String XML_NS = "http://www.w3.org/XML/1998/namespace";
+ public static final String WSU_NS =
+ "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
+
+ private static final org.slf4j.Logger LOG =
+ org.slf4j.LoggerFactory.getLogger(XMLUtils.class);
private XMLUtils() {
// complete
@@ -171,4 +179,310 @@ public final class XMLUtils {
public static InputSource getInputSourceFromURI(String uri) {
return new InputSource(uri);
}
+
+ /**
+ * Set a namespace/prefix on an element if it is not set already. First off, it
+ * searches for the element for the prefix associated with the specified
+ * namespace. If the prefix isn't null, then this is returned. Otherwise, it
+ * creates a new attribute using the namespace/prefix passed as parameters.
+ *
+ * @param element
+ * @param namespace
+ * @param prefix
+ * @return the prefix associated with the set namespace
+ */
+ public static String setNamespace(Element element, String namespace, String prefix) {
+ String pre = getPrefixNS(namespace, element);
+ if (pre != null) {
+ return pre;
+ }
+ element.setAttributeNS(XMLNS_NS, "xmlns:" + prefix, namespace);
+ return prefix;
+ }
+
+ public static String getPrefixNS(String uri, Node e) {
+ while (e != null && e.getNodeType() == Element.ELEMENT_NODE) {
+ NamedNodeMap attrs = e.getAttributes();
+ for (int n = 0; n < attrs.getLength(); n++) {
+ Attr a = (Attr) attrs.item(n);
+ String name = a.getName();
+ if (name.startsWith("xmlns:") && a.getNodeValue().equals(uri)) {
+ return name.substring("xmlns:".length());
+ }
+ }
+ e = e.getParentNode();
+ }
+ return null;
+ }
+
+ /**
+ * Turn a reference (eg "#5") into an ID (eg "5").
+ *
+ * @param ref
+ * @return ref trimmed and with the leading "#" removed, or null if not
+ * correctly formed
+ */
+ public static String getIDFromReference(String ref) {
+ if (ref == null) {
+ return null;
+ }
+ String id = ref.trim();
+ if (id.length() == 0) {
+ return null;
+ }
+ if (id.charAt(0) == '#') {
+ id = id.substring(1);
+ }
+ return id;
+ }
+
+ /**
+ * Returns the single element that contains an Id with value
+ * <code>uri</code> and <code>namespace</code>. The Id can be either a wsu:Id or an Id
+ * with no namespace. This is a replacement for a XPath Id lookup with the given namespace.
+ * It's somewhat faster than XPath, and we do not deal with prefixes, just with the real
+ * namespace URI
+ *
+ * If checkMultipleElements is true and there are multiple elements, we LOG.a
+ * warning and return null as this can be used to get around the signature checking.
+ *
+ * @param startNode Where to start the search
+ * @param value Value of the Id attribute
+ * @param checkMultipleElements If true then go through the entire tree and return
+ * null if there are multiple elements with the same Id
+ * @return The found element if there was exactly one match, or
+ * <code>null</code> otherwise
+ */
+ public static Element findElementById(
+ Node startNode, String value, boolean checkMultipleElements
+ ) {
+ //
+ // Replace the formerly recursive implementation with a depth-first-loop lookup
+ //
+ Node startParent = startNode.getParentNode();
+ Node processedNode = null;
+ Element foundElement = null;
+ String id = XMLUtils.getIDFromReference(value);
+
+ while (startNode != null) {
+ // start node processing at this point
+ if (startNode.getNodeType() == Node.ELEMENT_NODE) {
+ Element se = (Element) startNode;
+ // Try the wsu:Id first
+ String attributeNS = se.getAttributeNS(WSU_NS, "Id");
+ if ("".equals(attributeNS) || !id.equals(attributeNS)) {
+ attributeNS = se.getAttributeNS(null, "Id");
+ }
+ if (!"".equals(attributeNS) && id.equals(attributeNS)) {
+ if (!checkMultipleElements) {
+ return se;
+ } else if (foundElement == null) {
+ foundElement = se; // Continue searching to find duplicates
+ } else {
+ LOG.warn("Multiple elements with the same 'Id' attribute value!");
+ return null;
+ }
+ }
+ }
+
+ processedNode = startNode;
+ startNode = startNode.getFirstChild();
+
+ // no child, this node is done.
+ if (startNode == null) {
+ // close node processing, get sibling
+ startNode = processedNode.getNextSibling();
+ }
+ // no more siblings, get parent, all children
+ // of parent are processed.
+ while (startNode == null) {
+ processedNode = processedNode.getParentNode();
+ if (processedNode == startParent) {
+ return foundElement;
+ }
+ // close parent node processing (processed node now)
+ startNode = processedNode.getNextSibling();
+ }
+ }
+ return foundElement;
+ }
+
+
+ /**
+ * Returns the first element that matches <code>name</code> and
+ * <code>namespace</code>. <p/> This is a replacement for a XPath lookup
+ * <code>//name</code> with the given namespace. It's somewhat faster than
+ * XPath, and we do not deal with prefixes, just with the real namespace URI
+ *
+ * @param startNode Where to start the search
+ * @param name Local name of the element
+ * @param namespace Namespace URI of the element
+ * @return The found element or <code>null</code>
+ */
+ public static Element findElement(Node startNode, String name, String namespace) {
+ //
+ // Replace the formerly recursive implementation with a depth-first-loop
+ // lookup
+ //
+ if (startNode == null) {
+ return null;
+ }
+ Node startParent = startNode.getParentNode();
+ Node processedNode = null;
+
+ while (startNode != null) {
+ // start node processing at this point
+ if (startNode.getNodeType() == Node.ELEMENT_NODE
+ && startNode.getLocalName().equals(name)) {
+ String ns = startNode.getNamespaceURI();
+ if (ns != null && ns.equals(namespace)) {
+ return (Element)startNode;
+ }
+
+ if ((namespace == null || namespace.length() == 0)
+ && (ns == null || ns.length() == 0)) {
+ return (Element)startNode;
+ }
+ }
+ processedNode = startNode;
+ startNode = startNode.getFirstChild();
+
+ // no child, this node is done.
+ if (startNode == null) {
+ // close node processing, get sibling
+ startNode = processedNode.getNextSibling();
+ }
+ // no more siblings, get parent, all children
+ // of parent are processed.
+ while (startNode == null) {
+ processedNode = processedNode.getParentNode();
+ if (processedNode == startParent) {
+ return null;
+ }
+ // close parent node processing (processed node now)
+ startNode = processedNode.getNextSibling();
+ }
+ }
+ return null;
+ }
+
+ /**
+ * Returns all elements that match <code>name</code> and <code>namespace</code>.
+ * <p/> This is a replacement for a XPath lookup
+ * <code>//name</code> with the given namespace. It's somewhat faster than
+ * XPath, and we do not deal with prefixes, just with the real namespace URI
+ *
+ * @param startNode Where to start the search
+ * @param name Local name of the element
+ * @param namespace Namespace URI of the element
+ * @return The found elements (or an empty list)
+ */
+ public static List<Element> findElements(Node startNode, String name, String namespace) {
+ //
+ // Replace the formerly recursive implementation with a depth-first-loop
+ // lookup
+ //
+ if (startNode == null) {
+ return null;
+ }
+ Node startParent = startNode.getParentNode();
+ Node processedNode = null;
+
+ List<Element> foundNodes = new ArrayList<>();
+ while (startNode != null) {
+ // start node processing at this point
+ if (startNode.getNodeType() == Node.ELEMENT_NODE
+ && startNode.getLocalName().equals(name)) {
+ String ns = startNode.getNamespaceURI();
+ if (ns != null && ns.equals(namespace)) {
+ foundNodes.add((Element)startNode);
+ }
+
+ if ((namespace == null || namespace.length() == 0)
+ && (ns == null || ns.length() == 0)) {
+ foundNodes.add((Element)startNode);
+ }
+ }
+ processedNode = startNode;
+ startNode = startNode.getFirstChild();
+
+ // no child, this node is done.
+ if (startNode == null) {
+ // close node processing, get sibling
+ startNode = processedNode.getNextSibling();
+ }
+ // no more siblings, get parent, all children
+ // of parent are processed.
+ while (startNode == null) {
+ processedNode = processedNode.getParentNode();
+ if (processedNode == startParent) {
+ return foundNodes;
+ }
+ // close parent node processing (processed node now)
+ startNode = processedNode.getNextSibling();
+ }
+ }
+ return foundNodes;
+ }
+
+ /**
+ * Returns the single SAMLAssertion element that contains an AssertionID/ID that
+ * matches the supplied parameter.
+ *
+ * @param startNode Where to start the search
+ * @param value Value of the AssertionID/ID attribute
+ * @return The found element if there was exactly one match, or
+ * <code>null</code> otherwise
+ */
+ public static Element findSAMLAssertionElementById(Node startNode, String value) {
+ Element foundElement = null;
+
+ //
+ // Replace the formerly recursive implementation with a depth-first-loop
+ // lookup
+ //
+ if (startNode == null) {
+ return null;
+ }
+ Node startParent = startNode.getParentNode();
+ Node processedNode = null;
+
+ while (startNode != null) {
+ // start node processing at this point
+ if (startNode.getNodeType() == Node.ELEMENT_NODE) {
+ Element se = (Element) startNode;
+ if (se.hasAttributeNS(null, "ID") && value.equals(se.getAttributeNS(null, "ID"))
+ || se.hasAttributeNS(null, "AssertionID")
+ && value.equals(se.getAttributeNS(null, "AssertionID"))) {
+ if (foundElement == null) {
+ foundElement = se; // Continue searching to find duplicates
+ } else {
+ LOG.warn("Multiple elements with the same 'ID' attribute value!");
+ return null;
+ }
+ }
+ }
+
+ processedNode = startNode;
+ startNode = startNode.getFirstChild();
+
+ // no child, this node is done.
+ if (startNode == null) {
+ // close node processing, get sibling
+ startNode = processedNode.getNextSibling();
+ }
+ // no more siblings, get parent, all children
+ // of parent are processed.
+ while (startNode == null) {
+ processedNode = processedNode.getParentNode();
+ if (processedNode == startParent) {
+ return foundElement;
+ }
+ // close parent node processing (processed node now)
+ startNode = processedNode.getNextSibling();
+ }
+ }
+ return foundElement;
+ }
+
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSDocInfo.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSDocInfo.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSDocInfo.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSDocInfo.java Mon Mar 23 14:42:53 2015
@@ -40,8 +40,8 @@ import javax.xml.crypto.dom.DOMCryptoCon
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.message.CallbackLookup;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -161,7 +161,7 @@ public class WSDocInfo {
* @return the token element or null if nothing found
*/
public Element getTokenElement(String uri) {
- String id = WSSecurityUtil.getIDFromReference(uri);
+ String id = XMLUtils.getIDFromReference(uri);
if (id == null) {
return null;
}
@@ -189,7 +189,7 @@ public class WSDocInfo {
}
public void setTokenOnContext(String uri, DOMCryptoContext context) {
- String id = WSSecurityUtil.getIDFromReference(uri);
+ String id = XMLUtils.getIDFromReference(uri);
if (id == null || context == null) {
return;
}
@@ -216,7 +216,7 @@ public class WSDocInfo {
* @return the WSSecurityEngineResult or null if nothing found
*/
public WSSecurityEngineResult getResult(String uri) {
- String id = WSSecurityUtil.getIDFromReference(uri);
+ String id = XMLUtils.getIDFromReference(uri);
if (id == null) {
return null;
}
@@ -254,7 +254,7 @@ public class WSDocInfo {
* See whether we have a WSSecurityEngineResult of the given Integer tag for the given Id
*/
public boolean hasResult(Integer tag, String uri) {
- String id = WSSecurityUtil.getIDFromReference(uri);
+ String id = XMLUtils.getIDFromReference(uri);
if (id == null || "".equals(uri)) {
return false;
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java Mon Mar 23 14:42:53 2015
@@ -26,6 +26,7 @@ import javax.xml.crypto.dom.DOMCryptoCon
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -76,7 +77,7 @@ public class DOMCallbackLookup implement
public Element getAndRegisterElement(
String id, String valueType, boolean checkMultipleElements, DOMCryptoContext context
) throws WSSecurityException {
- String idToMatch = WSSecurityUtil.getIDFromReference(id);
+ String idToMatch = XMLUtils.getIDFromReference(id);
//
// Try the SOAP Body first
@@ -93,7 +94,7 @@ public class DOMCallbackLookup implement
}
// Otherwise do a general search
Element foundElement =
- WSSecurityUtil.findElementById(doc.getDocumentElement(), idToMatch, checkMultipleElements);
+ XMLUtils.findElementById(doc.getDocumentElement(), idToMatch, checkMultipleElements);
if (foundElement != null) {
if (context != null) {
if (foundElement.hasAttributeNS(WSConstants.WSU_NS, "Id")
@@ -117,7 +118,7 @@ public class DOMCallbackLookup implement
|| "".equals(valueType)
|| valueType == null) {
foundElement =
- WSSecurityUtil.findSAMLAssertionElementById(
+ XMLUtils.findSAMLAssertionElementById(
doc.getDocumentElement(), idToMatch
);
if (foundElement != null) {
@@ -156,7 +157,7 @@ public class DOMCallbackLookup implement
bodyElement.getNamespaceURI().equals(namespace)) {
return Collections.singletonList(bodyElement);
}
- return WSSecurityUtil.findElements(doc.getDocumentElement(), localname, namespace);
+ return XMLUtils.findElements(doc.getDocumentElement(), localname, namespace);
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecBase.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecBase.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecBase.java Mon Mar 23 14:42:53 2015
@@ -20,9 +20,9 @@
package org.apache.wss4j.dom.message;
import org.apache.wss4j.common.WSEncryptionPart;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSSConfig;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -171,8 +171,7 @@ public class WSSecBase {
if (id == null || id.length() == 0) {
id = wssConfig.getIdAllocator().createId("id-", bodyElement);
- String prefix =
- WSSecurityUtil.setNamespace(bodyElement, newAttrNs, newAttrPrefix);
+ String prefix = XMLUtils.setNamespace(bodyElement, newAttrNs, newAttrPrefix);
bodyElement.setAttributeNS(newAttrNs, prefix + ":Id", id);
}
return id;
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java Mon Mar 23 14:42:53 2015
@@ -25,6 +25,7 @@ import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.KeyUtils;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.common.derivedKey.ConversationConstants;
import org.apache.wss4j.dom.message.token.Reference;
import org.apache.wss4j.dom.message.token.SecurityTokenReference;
@@ -174,10 +175,8 @@ public class WSSecDKSign extends WSSecDe
*/
public Element getSignatureElement() {
return
- WSSecurityUtil.getDirectChildElement(
- securityHeader,
- WSConstants.SIG_LN,
- WSConstants.SIG_NS
+ XMLUtils.getDirectChildElement(
+ securityHeader, WSConstants.SIG_LN, WSConstants.SIG_NS
);
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java Mon Mar 23 14:42:53 2015
@@ -23,6 +23,7 @@ import org.apache.wss4j.common.ext.Attac
import org.apache.wss4j.common.ext.AttachmentRequestCallback;
import org.apache.wss4j.common.ext.AttachmentResultCallback;
import org.apache.wss4j.common.util.AttachmentUtils;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.common.WSEncryptionPart;
@@ -35,7 +36,9 @@ import org.apache.wss4j.dom.message.toke
import org.apache.wss4j.dom.message.token.SecurityTokenReference;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.xml.security.algorithms.JCEMapper;
-import org.apache.xml.security.encryption.*;
+import org.apache.xml.security.encryption.EncryptedData;
+import org.apache.xml.security.encryption.XMLCipher;
+import org.apache.xml.security.encryption.XMLEncryptionException;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xml.security.utils.Base64;
import org.w3c.dom.Attr;
@@ -53,7 +56,10 @@ import javax.security.auth.callback.Call
import javax.security.auth.callback.CallbackHandler;
import java.security.cert.X509Certificate;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
/**
* Encrypts a parts of a message according to WS Specification, X509 profile,
@@ -253,7 +259,7 @@ public class WSSecEncrypt extends WSSecE
// then add the ENC namespace
//
if (!encryptSymmKey) {
- WSSecurityUtil.setNamespace(
+ XMLUtils.setNamespace(
dataRef, WSConstants.ENC_NS, WSConstants.ENC_PREFIX
);
}
@@ -529,9 +535,9 @@ public class WSSecEncrypt extends WSSecE
doc.createElementNS(
WSConstants.WSSE11_NS, "wsse11:" + WSConstants.ENCRYPTED_HEADER
);
- WSSecurityUtil.setNamespace(elem, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
+ XMLUtils.setNamespace(elem, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
String wsuPrefix =
- WSSecurityUtil.setNamespace(elem, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ XMLUtils.setNamespace(elem, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
headerId = config.getIdAllocator().createId("EH-", elementToEncrypt);
elem.setAttributeNS(
WSConstants.WSU_NS, wsuPrefix + ":Id", headerId
@@ -551,7 +557,7 @@ public class WSSecEncrypt extends WSSecE
if (attr.getNamespaceURI().equals(WSConstants.URI_SOAP11_ENV)
|| attr.getNamespaceURI().equals(WSConstants.URI_SOAP12_ENV)) {
String soapEnvPrefix =
- WSSecurityUtil.setNamespace(
+ XMLUtils.setNamespace(
elem, attr.getNamespaceURI(), WSConstants.DEFAULT_SOAP_PREFIX
);
elem.setAttributeNS(
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java Mon Mar 23 14:42:53 2015
@@ -36,10 +36,10 @@ import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoType;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.token.DOMX509Data;
+import org.apache.wss4j.common.token.DOMX509IssuerSerial;
import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.dom.message.token.BinarySecurity;
-import org.apache.wss4j.dom.message.token.DOMX509Data;
-import org.apache.wss4j.dom.message.token.DOMX509IssuerSerial;
import org.apache.wss4j.dom.message.token.Reference;
import org.apache.wss4j.dom.message.token.SecurityTokenReference;
import org.apache.wss4j.dom.message.token.X509Security;
@@ -238,7 +238,7 @@ public class WSSecEncryptedKey extends W
X509Certificate remoteCert,
Crypto crypto
) throws WSSecurityException {
- Cipher cipher = WSSecurityUtil.getCipherInstance(keyEncAlgo);
+ Cipher cipher = KeyUtils.getCipherInstance(keyEncAlgo);
try {
OAEPParameterSpec oaepParameterSpec = null;
if (WSConstants.KEYTRANSPORT_RSAOEP.equals(keyEncAlgo)
@@ -343,7 +343,7 @@ public class WSSecEncryptedKey extends W
document, issuer, serialNumber
);
DOMX509Data domX509Data = new DOMX509Data(document, domIssuerSerial);
- secToken.setX509Data(domX509Data);
+ secToken.setUnknownElement(domX509Data.getElement());
if (includeEncryptionToken) {
addBST(remoteCert);
@@ -447,7 +447,7 @@ public class WSSecEncryptedKey extends W
Element encryptedKey =
doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":EncryptedKey");
- WSSecurityUtil.setNamespace(encryptedKey, WSConstants.ENC_NS, WSConstants.ENC_PREFIX);
+ org.apache.wss4j.common.util.XMLUtils.setNamespace(encryptedKey, WSConstants.ENC_NS, WSConstants.ENC_PREFIX);
Element encryptionMethod =
doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":EncryptionMethod");
encryptionMethod.setAttributeNS(null, "Algorithm", keyTransportAlgo);
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java Mon Mar 23 14:42:53 2015
@@ -20,6 +20,7 @@ package org.apache.wss4j.dom.message;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -138,7 +139,7 @@ public class WSSecHeader {
String soapNamespace = WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
String soapPrefix =
- WSSecurityUtil.setNamespace(
+ XMLUtils.setNamespace(
securityHeader, soapNamespace, WSConstants.DEFAULT_SOAP_PREFIX
);
@@ -164,7 +165,7 @@ public class WSSecHeader {
mustUnderstandLocal
);
}
- WSSecurityUtil.setNamespace(securityHeader, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ XMLUtils.setNamespace(securityHeader, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
return securityHeader;
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java Mon Mar 23 14:42:53 2015
@@ -26,10 +26,11 @@ import org.apache.wss4j.common.WSEncrypt
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoType;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.token.DOMX509Data;
+import org.apache.wss4j.common.token.DOMX509IssuerSerial;
import org.apache.wss4j.common.util.KeyUtils;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.message.token.BinarySecurity;
-import org.apache.wss4j.dom.message.token.DOMX509Data;
-import org.apache.wss4j.dom.message.token.DOMX509IssuerSerial;
import org.apache.wss4j.dom.message.token.KerberosSecurity;
import org.apache.wss4j.dom.message.token.PKIPathSecurity;
import org.apache.wss4j.dom.message.token.Reference;
@@ -213,7 +214,7 @@ public class WSSecSignature extends WSSe
DOMX509IssuerSerial domIssuerSerial =
new DOMX509IssuerSerial(doc, issuer, serialNumber);
DOMX509Data domX509Data = new DOMX509Data(doc, domIssuerSerial);
- secRef.setX509Data(domX509Data);
+ secRef.setUnknownElement(domX509Data.getElement());
if (includeSignatureToken) {
addBST(certs);
@@ -424,10 +425,8 @@ public class WSSecSignature extends WSSe
*/
public Element getSignatureElement() {
return
- WSSecurityUtil.getDirectChildElement(
- securityHeader,
- WSConstants.SIG_LN,
- WSConstants.SIG_NS
+ XMLUtils.getDirectChildElement(
+ securityHeader, WSConstants.SIG_LN, WSConstants.SIG_NS
);
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/BinarySecurity.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/BinarySecurity.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/BinarySecurity.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/BinarySecurity.java Mon Mar 23 14:42:53 2015
@@ -28,7 +28,6 @@ import org.apache.wss4j.common.ext.WSSec
import org.apache.wss4j.common.util.DOM2Writer;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.bsp.BSPEnforcer;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.xml.security.utils.Base64;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -122,7 +121,7 @@ public class BinarySecurity {
* efficiency purposes.
*/
public void addWSSENamespace() {
- WSSecurityUtil.setNamespace(element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
+ XMLUtils.setNamespace(element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
}
/**
@@ -130,7 +129,7 @@ public class BinarySecurity {
* efficiency purposes.
*/
public void addWSUNamespace() {
- WSSecurityUtil.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
}
/**
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java Mon Mar 23 14:42:53 2015
@@ -32,6 +32,7 @@ import org.apache.wss4j.common.derivedKe
import org.apache.wss4j.common.derivedKey.DerivationAlgorithm;
import org.apache.wss4j.common.principal.WSDerivedKeyTokenPrincipal;
import org.apache.wss4j.common.util.DOM2Writer;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.bsp.BSPEnforcer;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.xml.security.utils.Base64;
@@ -91,7 +92,7 @@ public class DerivedKeyToken {
ns = ConversationConstants.getWSCNs(version);
element =
doc.createElementNS(ns, "wsc:" + ConversationConstants.DERIVED_KEY_TOKEN_LN);
- WSSecurityUtil.setNamespace(element, ns, ConversationConstants.WSC_PREFIX);
+ XMLUtils.setNamespace(element, ns, ConversationConstants.WSC_PREFIX);
bspEnforcer = new BSPEnforcer();
}
@@ -115,7 +116,7 @@ public class DerivedKeyToken {
);
}
elementSecurityTokenReference =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
element,
ConversationConstants.SECURITY_TOKEN_REFERENCE_LN,
WSConstants.WSSE_NS
@@ -124,27 +125,27 @@ public class DerivedKeyToken {
ns = el.getNamespaceURI();
elementProperties =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
element, ConversationConstants.PROPERTIES_LN, ns
);
elementGeneration =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
element, ConversationConstants.GENERATION_LN, ns
);
elementOffset =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
element, ConversationConstants.OFFSET_LN, ns
);
elementLength =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
element, ConversationConstants.LENGTH_LN, ns
);
elementLabel =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
element, ConversationConstants.LABEL_LN, ns
);
elementNonce =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
element, ConversationConstants.NONCE_LN, ns
);
}
@@ -154,7 +155,7 @@ public class DerivedKeyToken {
* efficiency purposes.
*/
public void addWSUNamespace() {
- WSSecurityUtil.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
}
/**
@@ -249,7 +250,7 @@ public class DerivedKeyToken {
//Check whether this property is already there
//If so change the value
Element node =
- WSSecurityUtil.findElement(elementProperties, propertyName, ns);
+ XMLUtils.findElement(elementProperties, propertyName, ns);
if (node != null) { //If the node is not null
Text node1 = getFirstNode(node);
node1.setData(properties.get(propertyName));
@@ -488,7 +489,7 @@ public class DerivedKeyToken {
SecurityTokenReference securityTokenReference = getSecurityTokenReference();
if (securityTokenReference.containsReference()) {
basetokenId = securityTokenReference.getReference().getURI();
- basetokenId = WSSecurityUtil.getIDFromReference(basetokenId);
+ basetokenId = XMLUtils.getIDFromReference(basetokenId);
} else {
// KeyIdentifier
basetokenId = securityTokenReference.getKeyIdentifierValue();
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Reference.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Reference.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Reference.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Reference.java Mon Mar 23 14:42:53 2015
@@ -24,7 +24,7 @@ import javax.xml.namespace.QName;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.DOM2Writer;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
+import org.apache.wss4j.common.util.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -76,7 +76,7 @@ public class Reference {
* efficiency purposes, as the reference is embedded in a wsse:SecurityTokenReference.
*/
public void addWSSENamespace() {
- WSSecurityUtil.setNamespace(this.element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
+ XMLUtils.setNamespace(this.element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
}
/**
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java Mon Mar 23 14:42:53 2015
@@ -24,8 +24,8 @@ import javax.xml.namespace.QName;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.DOM2Writer;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.common.derivedKey.ConversationConstants;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.xml.security.stax.impl.util.IDGenerator;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -76,7 +76,7 @@ public class SecurityContextToken {
element =
doc.createElementNS(ns, "wsc:" + ConversationConstants.SECURITY_CONTEXT_TOKEN_LN);
- WSSecurityUtil.setNamespace(element, ns, ConversationConstants.WSC_PREFIX);
+ XMLUtils.setNamespace(element, ns, ConversationConstants.WSC_PREFIX);
elementIdentifier =
doc.createElementNS(ns, "wsc:" + ConversationConstants.IDENTIFIER_LN);
@@ -100,7 +100,7 @@ public class SecurityContextToken {
element =
doc.createElementNS(ns, "wsc:" + ConversationConstants.SECURITY_CONTEXT_TOKEN_LN);
- WSSecurityUtil.setNamespace(element, ns, ConversationConstants.WSC_PREFIX);
+ XMLUtils.setNamespace(element, ns, ConversationConstants.WSC_PREFIX);
elementIdentifier =
doc.createElementNS(ns, "wsc:" + ConversationConstants.IDENTIFIER_LN);
@@ -137,7 +137,7 @@ public class SecurityContextToken {
}
elementIdentifier =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
element,
ConversationConstants.IDENTIFIER_LN,
el.getNamespaceURI()
@@ -149,7 +149,7 @@ public class SecurityContextToken {
* efficiency purposes.
*/
public void addWSUNamespace() {
- WSSecurityUtil.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
}
/**
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityTokenReference.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityTokenReference.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityTokenReference.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityTokenReference.java Mon Mar 23 14:42:53 2015
@@ -27,6 +27,7 @@ import org.apache.wss4j.common.crypto.Cr
import org.apache.wss4j.common.crypto.Merlin;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.token.DOMX509IssuerSerial;
import org.apache.wss4j.common.util.DOM2Writer;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.bsp.BSPEnforcer;
@@ -114,7 +115,7 @@ public class SecurityTokenReference {
* efficiency purposes.
*/
public void addWSSENamespace() {
- WSSecurityUtil.setNamespace(element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
+ XMLUtils.setNamespace(element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
}
/**
@@ -122,7 +123,7 @@ public class SecurityTokenReference {
* efficiency purposes.
*/
public void addWSUNamespace() {
- WSSecurityUtil.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
}
/**
@@ -131,7 +132,7 @@ public class SecurityTokenReference {
*/
public void addTokenType(String tokenType) {
if (tokenType != null) {
- WSSecurityUtil.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
+ XMLUtils.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
element.setAttributeNS(
WSConstants.WSSE11_NS,
WSConstants.WSSE11_PREFIX + ":" + WSConstants.TOKEN_TYPE,
@@ -251,7 +252,7 @@ public class SecurityTokenReference {
String uri,
String type
) throws WSSecurityException {
- String id = WSSecurityUtil.getIDFromReference(uri);
+ String id = XMLUtils.getIDFromReference(uri);
//
// Delegate finding the element to the CallbackLookup instance
//
@@ -283,7 +284,7 @@ public class SecurityTokenReference {
String uri,
String type
) throws WSSecurityException {
- String id = WSSecurityUtil.getIDFromReference(uri);
+ String id = XMLUtils.getIDFromReference(uri);
//
// Try to find it from the WSDocInfo instance first
//
@@ -561,22 +562,6 @@ public class SecurityTokenReference {
return skiBytes;
}
-
- /**
- * Sets the X509Data.
- *
- * @param domX509Data the {@link DOMX509Data} to put into this
- * SecurityTokenReference
- */
- public void setX509Data(DOMX509Data domX509Data) {
- Element elem = getFirstElement();
- if (elem != null) {
- element.replaceChild(domX509Data.getElement(), elem);
- } else {
- element.appendChild(domX509Data.getElement());
- }
- }
-
/**
* Set an unknown element.
@@ -624,7 +609,7 @@ public class SecurityTokenReference {
}
if (WSConstants.X509_DATA_LN.equals(elem.getLocalName())) {
elem =
- WSSecurityUtil.findElement(
+ XMLUtils.findElement(
elem, WSConstants.X509_ISSUER_SERIAL_LN, WSConstants.SIG_NS
);
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java Mon Mar 23 14:42:53 2015
@@ -25,8 +25,8 @@ import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.DOM2Writer;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.bsp.BSPEnforcer;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.xml.security.exceptions.Base64DecodingException;
import org.apache.xml.security.utils.Base64;
import org.w3c.dom.Document;
@@ -84,7 +84,7 @@ public class SignatureConfirmation {
WSConstants.WSSE11_NS,
WSConstants.WSSE11_PREFIX + ":" + WSConstants.SIGNATURE_CONFIRMATION_LN
);
- WSSecurityUtil.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
+ XMLUtils.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
if (signVal != null) {
String sv = Base64.encode(signVal);
element.setAttributeNS(null, SC_VALUE_ATTR, sv);
@@ -96,7 +96,7 @@ public class SignatureConfirmation {
* efficiency purposes.
*/
public void addWSUNamespace() {
- WSSecurityUtil.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
}
/**
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java Mon Mar 23 14:42:53 2015
@@ -34,10 +34,10 @@ import org.apache.wss4j.common.util.DOM2
import org.apache.wss4j.common.util.DateUtil;
import org.apache.wss4j.common.util.WSCurrentTimeSource;
import org.apache.wss4j.common.util.WSTimeSource;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.dom.bsp.BSPEnforcer;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -220,7 +220,7 @@ public class Timestamp {
* efficiency purposes.
*/
public void addWSUNamespace() {
- WSSecurityUtil.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
}
/**
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java Mon Mar 23 14:42:53 2015
@@ -113,27 +113,27 @@ public class UsernameToken {
);
}
elementUsername =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
element, WSConstants.USERNAME_LN, WSConstants.WSSE_NS
);
elementPassword =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
element, WSConstants.PASSWORD_LN, WSConstants.WSSE_NS
);
elementNonce =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
element, WSConstants.NONCE_LN, WSConstants.WSSE_NS
);
elementCreated =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
element, WSConstants.CREATED_LN, WSConstants.WSU_NS
);
elementSalt =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
element, WSConstants.SALT_LN, WSConstants.WSSE11_NS
);
elementIteration =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
element, WSConstants.ITERATION_LN, WSConstants.WSSE11_NS
);
if (elementUsername == null) {
@@ -285,7 +285,7 @@ public class UsernameToken {
* efficiency purposes.
*/
public void addWSSENamespace() {
- WSSecurityUtil.setNamespace(element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
+ XMLUtils.setNamespace(element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
}
/**
@@ -293,7 +293,7 @@ public class UsernameToken {
* efficiency purposes.
*/
public void addWSUNamespace() {
- WSSecurityUtil.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
}
/**
@@ -366,7 +366,7 @@ public class UsernameToken {
doc.createElementNS(
WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX + ":" + WSConstants.SALT_LN
);
- WSSecurityUtil.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
+ XMLUtils.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
elementSalt.appendChild(doc.createTextNode(Base64.encode(saltValue)));
element.appendChild(elementSalt);
return saltValue;
@@ -381,7 +381,7 @@ public class UsernameToken {
doc.createElementNS(
WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX + ":" + WSConstants.ITERATION_LN
);
- WSSecurityUtil.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
+ XMLUtils.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
elementIteration.appendChild(doc.createTextNode(text));
element.appendChild(elementIteration);
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedAssertionProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedAssertionProcessor.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedAssertionProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedAssertionProcessor.java Mon Mar 23 14:42:53 2015
@@ -25,13 +25,12 @@ import java.util.List;
import javax.xml.namespace.QName;
import org.w3c.dom.Element;
-
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSDocInfo;
import org.apache.wss4j.dom.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
/**
* This will process incoming <code>saml2:EncryptedAssertion</code> elements. EncryptedKey
@@ -52,7 +51,7 @@ public class EncryptedAssertionProcessor
}
Element encryptedDataElement =
- WSSecurityUtil.getDirectChildElement(elem, WSConstants.ENC_DATA_LN, WSConstants.ENC_NS);
+ XMLUtils.getDirectChildElement(elem, WSConstants.ENC_DATA_LN, WSConstants.ENC_NS);
if (encryptedDataElement == null) {
// Maybe it has already been decrypted...
return Collections.emptyList();
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java Mon Mar 23 14:42:53 2015
@@ -35,6 +35,7 @@ import org.apache.wss4j.common.crypto.Al
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.principal.WSDerivedKeyTokenPrincipal;
import org.apache.wss4j.common.util.KeyUtils;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSDataRef;
import org.apache.wss4j.dom.WSDocInfo;
@@ -70,7 +71,7 @@ public class EncryptedDataProcessor impl
final String encryptedDataId = elem.getAttributeNS(null, "Id");
Element kiElem =
- WSSecurityUtil.getDirectChildElement(elem, "KeyInfo", WSConstants.SIG_NS);
+ XMLUtils.getDirectChildElement(elem, "KeyInfo", WSConstants.SIG_NS);
// KeyInfo cannot be null
if (kiElem == null) {
throw new WSSecurityException(
@@ -83,11 +84,11 @@ public class EncryptedDataProcessor impl
// Get the Key either via a SecurityTokenReference or an EncryptedKey
Element secRefToken =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
kiElem, "SecurityTokenReference", WSConstants.WSSE_NS
);
Element encryptedKeyElement =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
kiElem, WSConstants.ENC_KEY_LN, WSConstants.ENC_NS
);
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java Mon Mar 23 14:42:53 2015
@@ -44,6 +44,7 @@ import org.apache.wss4j.common.crypto.Al
import org.apache.wss4j.common.crypto.AlgorithmSuiteValidator;
import org.apache.wss4j.common.crypto.CryptoType;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.token.DOMX509IssuerSerial;
import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
@@ -52,7 +53,6 @@ import org.apache.wss4j.dom.WSDocInfo;
import org.apache.wss4j.dom.WSSecurityEngineResult;
import org.apache.wss4j.dom.bsp.BSPEnforcer;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.DOMX509IssuerSerial;
import org.apache.wss4j.dom.message.token.SecurityTokenReference;
import org.apache.wss4j.dom.str.EncryptedKeySTRParser;
import org.apache.wss4j.dom.str.STRParser;
@@ -125,18 +125,18 @@ public class EncryptedKeyProcessor imple
// Check BSP Compliance
checkBSPCompliance(elem, encryptedKeyTransportMethod, data.getBSPEnforcer());
- Cipher cipher = WSSecurityUtil.getCipherInstance(encryptedKeyTransportMethod);
+ Cipher cipher = KeyUtils.getCipherInstance(encryptedKeyTransportMethod);
//
// Now lookup CipherValue.
//
Element tmpE =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
elem, "CipherData", WSConstants.ENC_NS
);
Element xencCipherValue = null;
if (tmpE != null) {
xencCipherValue =
- WSSecurityUtil.getDirectChildElement(tmpE, "CipherValue", WSConstants.ENC_NS);
+ XMLUtils.getDirectChildElement(tmpE, "CipherValue", WSConstants.ENC_NS);
}
if (xencCipherValue == null) {
throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "noCipher");
@@ -226,7 +226,7 @@ public class EncryptedKeyProcessor imple
}
Element refList =
- WSSecurityUtil.getDirectChildElement(elem, "ReferenceList", WSConstants.ENC_NS);
+ XMLUtils.getDirectChildElement(elem, "ReferenceList", WSConstants.ENC_NS);
byte[] encryptedEphemeralKey = null;
byte[] decryptedBytes = null;
@@ -306,7 +306,7 @@ public class EncryptedKeyProcessor imple
&& WSConstants.ENC_NS.equals(node.getNamespaceURI())
&& "DataReference".equals(node.getLocalName())) {
String dataRefURI = ((Element) node).getAttributeNS(null, "URI");
- return WSSecurityUtil.getIDFromReference(dataRefURI);
+ return XMLUtils.getIDFromReference(dataRefURI);
}
}
}
@@ -336,12 +336,12 @@ public class EncryptedKeyProcessor imple
private static String getDigestAlgorithm(Node encBodyData) throws WSSecurityException {
Element tmpE =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
encBodyData, "EncryptionMethod", WSConstants.ENC_NS
);
if (tmpE != null) {
Element digestElement =
- WSSecurityUtil.getDirectChildElement(tmpE, "DigestMethod", WSConstants.SIG_NS);
+ XMLUtils.getDirectChildElement(tmpE, "DigestMethod", WSConstants.SIG_NS);
if (digestElement != null) {
return digestElement.getAttributeNS(null, "Algorithm");
}
@@ -351,12 +351,12 @@ public class EncryptedKeyProcessor imple
private static String getMGFAlgorithm(Node encBodyData) throws WSSecurityException {
Element tmpE =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
encBodyData, "EncryptionMethod", WSConstants.ENC_NS
);
if (tmpE != null) {
Element mgfElement =
- WSSecurityUtil.getDirectChildElement(tmpE, "MGF", WSConstants.ENC11_NS);
+ XMLUtils.getDirectChildElement(tmpE, "MGF", WSConstants.ENC11_NS);
if (mgfElement != null) {
return mgfElement.getAttributeNS(null, "Algorithm");
}
@@ -366,12 +366,12 @@ public class EncryptedKeyProcessor imple
private static byte[] getPSource(Node encBodyData) throws WSSecurityException {
Element tmpE =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
encBodyData, "EncryptionMethod", WSConstants.ENC_NS
);
if (tmpE != null) {
Element pSourceElement =
- WSSecurityUtil.getDirectChildElement(tmpE, "OAEPparams", WSConstants.ENC_NS);
+ XMLUtils.getDirectChildElement(tmpE, "OAEPparams", WSConstants.ENC_NS);
if (pSourceElement != null) {
return getDecodedBase64EncodedData(pSourceElement);
}
@@ -383,7 +383,7 @@ public class EncryptedKeyProcessor imple
Element xencEncryptedKey, RequestData data
) throws WSSecurityException {
Element keyInfo =
- WSSecurityUtil.getDirectChildElement(xencEncryptedKey, "KeyInfo", WSConstants.SIG_NS);
+ XMLUtils.getDirectChildElement(xencEncryptedKey, "KeyInfo", WSConstants.SIG_NS);
if (keyInfo != null) {
Element strElement = null;
@@ -483,7 +483,7 @@ public class EncryptedKeyProcessor imple
&& WSConstants.ENC_NS.equals(node.getNamespaceURI())
&& "DataReference".equals(node.getLocalName())) {
String dataRefURI = ((Element) node).getAttributeNS(null, "URI");
- dataRefURI = WSSecurityUtil.getIDFromReference(dataRefURI);
+ dataRefURI = XMLUtils.getIDFromReference(dataRefURI);
WSDataRef dataRef =
decryptDataRef(refList.getOwnerDocument(), dataRefURI, docInfo, decryptedBytes, data);
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/ReferenceListProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/ReferenceListProcessor.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/ReferenceListProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/ReferenceListProcessor.java Mon Mar 23 14:42:53 2015
@@ -38,6 +38,7 @@ import org.apache.wss4j.common.ext.Attac
import org.apache.wss4j.common.ext.AttachmentRequestCallback;
import org.apache.wss4j.common.ext.AttachmentResultCallback;
import org.apache.wss4j.common.util.AttachmentUtils;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.xml.security.algorithms.JCEMapper;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
@@ -109,7 +110,7 @@ public class ReferenceListProcessor impl
&& WSConstants.ENC_NS.equals(node.getNamespaceURI())
&& "DataReference".equals(node.getLocalName())) {
String dataRefURI = ((Element) node).getAttributeNS(null, "URI");
- dataRefURI = WSSecurityUtil.getIDFromReference(dataRefURI);
+ dataRefURI = XMLUtils.getIDFromReference(dataRefURI);
// See whether we have already processed the encrypted node
if (!wsDocInfo.hasResult(WSConstants.ENCR, dataRefURI)) {
@@ -152,7 +153,7 @@ public class ReferenceListProcessor impl
//
String symEncAlgo = X509Util.getEncAlgo(encryptedDataElement);
Element keyInfoElement =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
encryptedDataElement, "KeyInfo", WSConstants.SIG_NS
);
// KeyInfo cannot be null
@@ -167,7 +168,7 @@ public class ReferenceListProcessor impl
// shared key using a KeyName.
//
Element secRefToken =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
keyInfoElement, "SecurityTokenReference", WSConstants.WSSE_NS
);
SecretKey symmetricKey = null;
@@ -399,11 +400,11 @@ public class ReferenceListProcessor impl
dataRef.setAlgorithm(symEncAlgo);
try {
- Element cipherData = WSSecurityUtil.getDirectChildElement(encData, "CipherData", WSConstants.ENC_NS);
+ Element cipherData = XMLUtils.getDirectChildElement(encData, "CipherData", WSConstants.ENC_NS);
if (cipherData == null) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
}
- Element cipherReference = WSSecurityUtil.getDirectChildElement(cipherData, "CipherReference", WSConstants.ENC_NS);
+ Element cipherReference = XMLUtils.getDirectChildElement(cipherData, "CipherReference", WSConstants.ENC_NS);
if (cipherReference == null) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java Mon Mar 23 14:42:53 2015
@@ -24,9 +24,9 @@ import org.apache.wss4j.dom.WSDocInfo;
import org.apache.wss4j.dom.WSSecurityEngineResult;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.message.token.SecurityContextToken;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.wss4j.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
import org.w3c.dom.Element;
@@ -70,7 +70,7 @@ public class SecurityContextTokenProcess
result.put(WSSecurityEngineResult.TAG_SECRET, returnedCredential.getSecretKey());
} else {
String id = sct.getID();
- id = WSSecurityUtil.getIDFromReference(id);
+ id = XMLUtils.getIDFromReference(id);
byte[] secret = null;
try {
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java Mon Mar 23 14:42:53 2015
@@ -63,6 +63,7 @@ import org.apache.wss4j.common.principal
import org.apache.wss4j.common.principal.UsernameTokenPrincipal;
import org.apache.wss4j.common.principal.WSDerivedKeyTokenPrincipal;
import org.apache.wss4j.common.util.KeyUtils;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSDataRef;
import org.apache.wss4j.dom.WSDocInfo;
@@ -81,7 +82,6 @@ import org.apache.wss4j.dom.str.Signatur
import org.apache.wss4j.dom.transform.AttachmentContentSignatureTransform;
import org.apache.wss4j.dom.transform.STRTransform;
import org.apache.wss4j.dom.transform.STRTransformUtil;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
import org.apache.wss4j.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
@@ -114,7 +114,7 @@ public class SignatureProcessor implemen
LOG.debug("Found signature element");
}
Element keyInfoElement =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
elem,
"KeyInfo",
WSConstants.SIG_NS
@@ -484,14 +484,14 @@ public class SignatureProcessor implemen
Element signatureElement
) {
Element signedInfoElement =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
signatureElement,
"SignedInfo",
WSConstants.SIG_NS
);
if (signedInfoElement != null) {
Element signatureMethodElement =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
signedInfoElement,
"SignatureMethod",
WSConstants.SIG_NS
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/X509Util.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/X509Util.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/X509Util.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/X509Util.java Mon Mar 23 14:42:53 2015
@@ -24,7 +24,6 @@ import org.apache.wss4j.common.ext.WSPas
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -55,7 +54,7 @@ public final class X509Util {
public static String getEncAlgo(Node encBodyData) throws WSSecurityException {
Element tmpE =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
encBodyData, "EncryptionMethod", WSConstants.ENC_NS
);
String symEncAlgo = null;
@@ -80,7 +79,7 @@ public final class X509Util {
) throws WSSecurityException {
String keyName = null;
Element keyNmElem =
- WSSecurityUtil.getDirectChildElement(
+ XMLUtils.getDirectChildElement(
keyInfoElem, "KeyName", WSConstants.SIG_NS
);
if (keyNmElem != null) {
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java?rev=1668656&r1=1668655&r2=1668656&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java Mon Mar 23 14:42:53 2015
@@ -45,12 +45,12 @@ import org.apache.wss4j.common.ext.WSSec
import org.apache.wss4j.common.saml.OpenSAMLUtil;
import org.apache.wss4j.common.saml.SAMLKeyInfo;
import org.apache.wss4j.common.saml.SAMLUtil;
+import org.apache.wss4j.common.token.DOMX509Data;
+import org.apache.wss4j.common.token.DOMX509IssuerSerial;
import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecSignature;
-import org.apache.wss4j.dom.message.token.DOMX509Data;
-import org.apache.wss4j.dom.message.token.DOMX509IssuerSerial;
import org.apache.wss4j.dom.message.token.Reference;
import org.apache.wss4j.dom.message.token.SecurityTokenReference;
import org.apache.wss4j.dom.message.token.X509Security;
@@ -413,7 +413,7 @@ public class WSSecSignatureSAML extends
final DOMX509IssuerSerial domIssuerSerial =
new DOMX509IssuerSerial(document, issuer, serialNumber);
final DOMX509Data domX509Data = new DOMX509Data(document, domIssuerSerial);
- secRef.setX509Data(domX509Data);
+ secRef.setUnknownElement(domX509Data.getElement());
break;
default: