You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2013/05/27 15:43:48 UTC

svn commit: r1486621 - /webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java

Author: coheigea
Date: Mon May 27 13:43:48 2013
New Revision: 1486621

URL: http://svn.apache.org/r1486621
Log:
Allow for the case that a BinarySecurityToken is referenced from an EncryptedKEy

Modified:
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java?rev=1486621&r1=1486620&r2=1486621&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java Mon May 27 13:43:48 2013
@@ -20,6 +20,7 @@ package org.apache.wss4j.stax.impl.secur
 
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
+import org.apache.wss4j.stax.ext.WSSConfigurationException;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
 import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
 import org.apache.xml.security.exceptions.XMLSecurityException;
@@ -31,6 +32,7 @@ import java.security.cert.X509Certificat
 public class X509_V3SecurityTokenImpl extends X509SecurityTokenImpl {
 
     private String alias = null;
+    private Crypto crypto;
 
     public X509_V3SecurityTokenImpl(WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
                                     byte[] binaryContent, String id, WSSecurityTokenConstants.KeyIdentifier keyIdentifier,
@@ -38,7 +40,23 @@ public class X509_V3SecurityTokenImpl ex
             throws XMLSecurityException {
 
         super(WSSecurityTokenConstants.X509V3Token, wsInboundSecurityContext, crypto, callbackHandler, id, keyIdentifier, securityProperties);
+        this.crypto = crypto;
         setX509Certificates(new X509Certificate[]{getCrypto().loadCertificate(new UnsynchronizedByteArrayInputStream(binaryContent))});
+        
+        // Check to see if the certificates actually correspond to the decryption crypto
+        if (getX509Certificates() != null 
+            && getCrypto().getX509Identifier(getX509Certificates()[0]) == null) {
+            try {
+                Crypto decCrypto = securityProperties.getDecryptionCrypto();
+                if (decCrypto != null
+                    && decCrypto != getCrypto()
+                    && decCrypto.getX509Identifier(getX509Certificates()[0]) != null) {
+                    this.crypto = decCrypto;
+                }
+            } catch (WSSConfigurationException ex) { //NOPMD
+                // Just continue
+            }
+        }
     }
 
     @Override
@@ -48,4 +66,9 @@ public class X509_V3SecurityTokenImpl ex
         }
         return this.alias;
     }
+    
+    @Override
+    public Crypto getCrypto() {
+        return crypto;
+    }
 }