You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2013/05/27 15:43:48 UTC
svn commit: r1486621 -
/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java
Author: coheigea
Date: Mon May 27 13:43:48 2013
New Revision: 1486621
URL: http://svn.apache.org/r1486621
Log:
Allow for the case that a BinarySecurityToken is referenced from an EncryptedKEy
Modified:
webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java?rev=1486621&r1=1486620&r2=1486621&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java Mon May 27 13:43:48 2013
@@ -20,6 +20,7 @@ package org.apache.wss4j.stax.impl.secur
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
+import org.apache.wss4j.stax.ext.WSSConfigurationException;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.xml.security.exceptions.XMLSecurityException;
@@ -31,6 +32,7 @@ import java.security.cert.X509Certificat
public class X509_V3SecurityTokenImpl extends X509SecurityTokenImpl {
private String alias = null;
+ private Crypto crypto;
public X509_V3SecurityTokenImpl(WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
byte[] binaryContent, String id, WSSecurityTokenConstants.KeyIdentifier keyIdentifier,
@@ -38,7 +40,23 @@ public class X509_V3SecurityTokenImpl ex
throws XMLSecurityException {
super(WSSecurityTokenConstants.X509V3Token, wsInboundSecurityContext, crypto, callbackHandler, id, keyIdentifier, securityProperties);
+ this.crypto = crypto;
setX509Certificates(new X509Certificate[]{getCrypto().loadCertificate(new UnsynchronizedByteArrayInputStream(binaryContent))});
+
+ // Check to see if the certificates actually correspond to the decryption crypto
+ if (getX509Certificates() != null
+ && getCrypto().getX509Identifier(getX509Certificates()[0]) == null) {
+ try {
+ Crypto decCrypto = securityProperties.getDecryptionCrypto();
+ if (decCrypto != null
+ && decCrypto != getCrypto()
+ && decCrypto.getX509Identifier(getX509Certificates()[0]) != null) {
+ this.crypto = decCrypto;
+ }
+ } catch (WSSConfigurationException ex) { //NOPMD
+ // Just continue
+ }
+ }
}
@Override
@@ -48,4 +66,9 @@ public class X509_V3SecurityTokenImpl ex
}
return this.alias;
}
+
+ @Override
+ public Crypto getCrypto() {
+ return crypto;
+ }
}