You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by cs...@apache.org on 2013/08/10 09:52:39 UTC
svn commit: r1512574 [1/6] - in /cxf/branches/2.7.x-fixes: parent/ services/
services/xkms/ services/xkms/xkms-client/ services/xkms/xkms-client/src/
services/xkms/xkms-client/src/main/
services/xkms/xkms-client/src/main/java/ services/xkms/xkms-client...
Author: cschneider
Date: Sat Aug 10 07:52:35 2013
New Revision: 1512574
URL: http://svn.apache.org/r1512574
Log:
Backport of xkms from trunk
Added:
cxf/branches/2.7.x-fixes/services/xkms/ (with props)
cxf/branches/2.7.x-fixes/services/xkms/README.txt
cxf/branches/2.7.x-fixes/services/xkms/pom.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/ (with props)
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/pom.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheUtil.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheXKMSClientCache.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSCacheToken.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSClientCache.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/client/
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/client/X509AppId.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/client/XKMSInvoker.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderException.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderFactory.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderUtils.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/MissingPrincipalException.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProviderFactory.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/resources/
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/resources/OSGI-INF/
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/resources/OSGI-INF/blueprint/
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/resources/OSGI-INF/blueprint/beans.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/resources/cxf-xkms-client-ehcache.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/ (with props)
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/pom.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/exception/
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/exception/ExceptionMapper.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/exception/XKMSArgumentNotMatchException.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/exception/XKMSCertificateException.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/exception/XKMSConfigurationException.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/exception/XKMSException.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/exception/XKMSLocateException.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/exception/XKMSNotFoundException.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/exception/XKMSRequestException.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/exception/XKMSTooManyResponsesException.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/exception/XKMSValidateException.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/handlers/
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/handlers/Applications.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/handlers/DnUtils.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/handlers/HandlerContext.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/handlers/Locator.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/handlers/Register.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/handlers/Validator.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/handlers/XKMSConstants.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/model/
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/model/extensions/
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/model/extensions/AdditionalClassesFactory.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/model/extensions/ClassArrayFactoryBean.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/java/org/apache/cxf/xkms/model/extensions/ResultDetails.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/model/
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/model/binding.xjb
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/model/xenc-schema.xsd
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/model/xkms.wsdl
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/model/xkms.xsd
cxf/branches/2.7.x-fixes/services/xkms/xkms-common/src/main/model/xmldsig-core-schema.xsd
cxf/branches/2.7.x-fixes/services/xkms/xkms-features/ (with props)
cxf/branches/2.7.x-fixes/services/xkms/xkms-features/pom.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-features/src/
cxf/branches/2.7.x-fixes/services/xkms/xkms-features/src/main/
cxf/branches/2.7.x-fixes/services/xkms/xkms-features/src/main/resources/
cxf/branches/2.7.x-fixes/services/xkms/xkms-features/src/main/resources/features.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-features/src/main/resources/org.apache.cxf.xkms.cfg
cxf/branches/2.7.x-fixes/services/xkms/xkms-features/src/main/resources/org.apache.cxf.xkms.client.cfg
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/ (with props)
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/pom.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/java/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/java/org/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/java/org/apache/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/java/org/apache/cxf/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/BasicIntegrationTest.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/handlers/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/handlers/validator/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/handlers/validator/ValidatorTest.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/service/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/service/XKMSServiceTest.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/service/XKRSSDisableTest.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/resources/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/resources/data/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/resources/data/xkms/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/resources/data/xkms/certificates/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/resources/data/xkms/certificates/cas/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/resources/data/xkms/certificates/cas/alice.cer
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/resources/data/xkms/certificates/dave.cer
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/resources/data/xkms/certificates/expired.cer
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/resources/data/xkms/certificates/oscar.cer (with props)
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/resources/data/xkms/certificates/trusted_cas/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/resources/data/xkms/certificates/trusted_cas/root.cer
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/resources/etc/
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/resources/etc/org.apache.cxf.xkms.cfg
cxf/branches/2.7.x-fixes/services/xkms/xkms-itests/src/test/resources/etc/org.apache.cxf.xkms_noXKRSS.cfg
cxf/branches/2.7.x-fixes/services/xkms/xkms-osgi/ (with props)
cxf/branches/2.7.x-fixes/services/xkms/xkms-osgi/pom.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-osgi/src/
cxf/branches/2.7.x-fixes/services/xkms/xkms-osgi/src/main/
cxf/branches/2.7.x-fixes/services/xkms/xkms-osgi/src/main/resources/
cxf/branches/2.7.x-fixes/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/
cxf/branches/2.7.x-fixes/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/
cxf/branches/2.7.x-fixes/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/blueprint.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-osgi/src/test/
cxf/branches/2.7.x-fixes/services/xkms/xkms-osgi/src/test/resources/
cxf/branches/2.7.x-fixes/services/xkms/xkms-osgi/src/test/resources/test-requests/
cxf/branches/2.7.x-fixes/services/xkms/xkms-osgi/src/test/resources/test-requests/request-locate.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-osgi/src/test/resources/test-requests/request-validate.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-osgi/src/test/resources/test-requests/response-locate.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-osgi/src/test/resources/test-requests/response-validate.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/ (with props)
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/pom.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/main/
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/main/java/
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/main/java/org/
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/main/java/org/apache/
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/main/java/org/apache/cxf/
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/main/java/org/apache/cxf/xkms/
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/main/java/org/apache/cxf/xkms/service/
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/main/java/org/apache/cxf/xkms/service/XKMSResponseFactory.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/main/java/org/apache/cxf/xkms/service/XKMSService.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/test/
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/test/java/
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/test/java/org/
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/test/java/org/apache/
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/test/java/org/apache/cxf/
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/test/java/org/apache/cxf/xkms/
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/test/java/org/apache/cxf/xkms/service/
cxf/branches/2.7.x-fixes/services/xkms/xkms-service/src/test/java/org/apache/cxf/xkms/service/CheckXKRSS.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-war/ (with props)
cxf/branches/2.7.x-fixes/services/xkms/xkms-war/pom.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-war/src/
cxf/branches/2.7.x-fixes/services/xkms/xkms-war/src/main/
cxf/branches/2.7.x-fixes/services/xkms/xkms-war/src/main/resources/
cxf/branches/2.7.x-fixes/services/xkms/xkms-war/src/main/resources/log4j.properties
cxf/branches/2.7.x-fixes/services/xkms/xkms-war/src/main/resources/logging.properties
cxf/branches/2.7.x-fixes/services/xkms/xkms-war/src/main/webapp/
cxf/branches/2.7.x-fixes/services/xkms/xkms-war/src/main/webapp/WEB-INF/
cxf/branches/2.7.x-fixes/services/xkms/xkms-war/src/main/webapp/WEB-INF/cxf-servlet.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-war/src/main/webapp/WEB-INF/web.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-war/src/main/webapp/WEB-INF/xkms-endpoint.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-war/src/main/webapp/WEB-INF/xkms-key-handlers.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/ (with props)
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/pom.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/handlers/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/handlers/X509Locator.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/handlers/X509Register.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/CertificateRepo.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/CertificateRepoFactory.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/file/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/file/FileCertificateRepo.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/ldap/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/ldap/LdapCertificateRepo.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/ldap/LdapSchemaConfig.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/ldap/LdapSearch.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/utils/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/utils/X509Utils.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/DateValidator.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/ValidateRequestParser.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/handlers/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/handlers/X509LocatorTest.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/repo/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/repo/file/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/repo/file/FileCertificateRepoTest.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/repo/ldap/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/repo/ldap/LDAPCertificateRepoTest.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/repo/ldap/LDAPSearchTest.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/utils/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/utils/X509UtilsTest.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/validator/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/validator/BasicValidationTest.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/validator/DateValidatorTest.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidatorTest.java
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/cert1.bas64
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/cert1.cer
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/registerRequest.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/registerRequestWithCertificate.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/registerResult.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/reissueRequest.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/revokeRequest.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/store1/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/store1/CN-www.issuer.com_L-CGN_ST-NRW_C-DE_O-Issuer-11688544847478700689-CN-www.issuer.com_L-CGN_ST-NRW_C-DE_O-Issuer.cer
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/alice.cer
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/dave.cer
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/oscar.cer
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/root.cer
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestInvalidOscar.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestOKAlice.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestOKDave.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestOKRoot.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/validateRequestCorrupted.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/validateRequestExpired.xml
cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/test/resources/validateRequestOK.xml
Modified:
cxf/branches/2.7.x-fixes/parent/pom.xml
cxf/branches/2.7.x-fixes/services/pom.xml
Modified: cxf/branches/2.7.x-fixes/parent/pom.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/parent/pom.xml?rev=1512574&r1=1512573&r2=1512574&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/parent/pom.xml (original)
+++ cxf/branches/2.7.x-fixes/parent/pom.xml Sat Aug 10 07:52:35 2013
@@ -156,7 +156,7 @@
<cxf.woodstox.core.version>4.2.0</cxf.woodstox.core.version>
<cxf.woodstox.stax2-api.version>3.1.1</cxf.woodstox.stax2-api.version>
<cxf.wsdl4j.version>1.6.3</cxf.wsdl4j.version>
- <cxf.wss4j.version>1.6.11</cxf.wss4j.version>
+ <cxf.wss4j.version>1.6.12-SNAPSHOT</cxf.wss4j.version>
<cxf.xmlbeans.version>2.6.0</cxf.xmlbeans.version>
<cxf.xmlschema.version>2.0.3</cxf.xmlschema.version>
<cxf.xpp3.bundle.version>1.1.4c_6</cxf.xpp3.bundle.version>
Modified: cxf/branches/2.7.x-fixes/services/pom.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/pom.xml?rev=1512574&r1=1512573&r2=1512574&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/services/pom.xml (original)
+++ cxf/branches/2.7.x-fixes/services/pom.xml Sat Aug 10 07:52:35 2013
@@ -36,6 +36,7 @@
<module>sts</module>
<module>wsn</module>
<module>ws-discovery</module>
+ <module>xkms</module>
</modules>
</project>
Propchange: cxf/branches/2.7.x-fixes/services/xkms/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Sat Aug 10 07:52:35 2013
@@ -0,0 +1 @@
+.settings
Added: cxf/branches/2.7.x-fixes/services/xkms/README.txt
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/README.txt?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/README.txt (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/README.txt Sat Aug 10 07:52:35 2013
@@ -0,0 +1,19 @@
+
+This folder contains the XKMS (XML Key Management Service) implementation of
+Apache CXF. It contains:
+
+
+xkms-client - The XKMS client and invoker implementations
+xkms-common - Common functionality, XML schemas, generated code
+xkms-service - The XKMS core service implementation
+xkms-x509-handlers - The implementation of pluggable commands for X509 keys.
+xkms-features - Karaf features for XKMS client and service
+xkms-itests - Integration tests
+xkms-osgi - OSGi blueprint configuration for OSGi deployment
+xkms-war - Web spring configuration for Web depoyment
+
+Installation
+------------
+
+features:addurl mvn:org.apache.cxf.services.xkms/cxf-services-xkms-features/2.7.7-SNAPSHOT/xml
+features:install cxf-xkms-service cxf-xkms-client
Added: cxf/branches/2.7.x-fixes/services/xkms/pom.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/pom.xml?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/pom.xml (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/pom.xml Sat Aug 10 07:52:35 2013
@@ -0,0 +1,48 @@
+<?xml version="1.0"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <groupId>org.apache.cxf.services.xkms</groupId>
+ <artifactId>cxf-services-xkms</artifactId>
+ <packaging>pom</packaging>
+ <name>Apache CXF XKMS</name>
+ <description>Apache CXF XKMS service</description>
+ <url>http://cxf.apache.org</url>
+
+ <parent>
+ <groupId>org.apache.cxf.services</groupId>
+ <artifactId>cxf-services</artifactId>
+ <version>2.7.7-SNAPSHOT</version>
+ <relativePath>../pom.xml</relativePath>
+ </parent>
+
+ <modules>
+ <module>xkms-common</module>
+ <module>xkms-x509-handlers</module>
+ <module>xkms-service</module>
+ <module>xkms-client</module>
+ <module>xkms-features</module>
+ <module>xkms-osgi</module>
+ <module>xkms-war</module>
+<!-- <module>xkms-itests</module>-->
+ </modules>
+
+</project>
Propchange: cxf/branches/2.7.x-fixes/services/xkms/xkms-client/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Sat Aug 10 07:52:35 2013
@@ -0,0 +1,7 @@
+.settings
+
+.project
+
+.classpath
+
+target
Added: cxf/branches/2.7.x-fixes/services/xkms/xkms-client/pom.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/xkms-client/pom.xml?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/xkms-client/pom.xml (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/xkms-client/pom.xml Sat Aug 10 07:52:35 2013
@@ -0,0 +1,92 @@
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.apache.cxf.services.xkms</groupId>
+ <artifactId>cxf-services-xkms-client</artifactId>
+ <packaging>bundle</packaging>
+ <name>Apache CXF XKMS Client</name>
+ <url>http://cxf.apache.org</url>
+
+ <parent>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-parent</artifactId>
+ <version>2.7.7-SNAPSHOT</version>
+ <relativePath>../../../parent/pom.xml</relativePath>
+ </parent>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.cxf.services.xkms</groupId>
+ <artifactId>cxf-services-xkms-common</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-api</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>net.sf.ehcache</groupId>
+ <artifactId>ehcache-core</artifactId>
+ <version>${cxf.ehcache.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-ws-security</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.ws.security</groupId>
+ <artifactId>wss4j</artifactId>
+ <version>${cxf.wss4j.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>xml-apis</groupId>
+ <artifactId>xml-apis</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-bundle-plugin</artifactId>
+ <extensions>true</extensions>
+ <configuration>
+ <instructions>
+ <Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
+ </instructions>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Added: cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheUtil.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheUtil.java?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheUtil.java (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheUtil.java Sat Aug 10 07:52:35 2013
@@ -0,0 +1,88 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.cache;
+
+import java.lang.reflect.Method;
+
+import net.sf.ehcache.CacheException;
+import net.sf.ehcache.CacheManager;
+import net.sf.ehcache.config.CacheConfiguration;
+import net.sf.ehcache.config.Configuration;
+
+/**
+ */
+public final class EHCacheUtil {
+ private static Method cacheManagerCreateMethodNoArg;
+ private static Method cacheManagerCreateMethodConfigurationArg;
+ static {
+ // these methods are either completely available or absent (valid assumption from 2.5.0 to 2.7.2 so far)
+ try {
+ // from 2.5.2
+ cacheManagerCreateMethodNoArg = CacheManager.class.getMethod("newInstance", (Class<?>[])null);
+ cacheManagerCreateMethodConfigurationArg = CacheManager.class.getMethod("newInstance", Configuration.class);
+ } catch (NoSuchMethodException e) {
+ try {
+ // before 2.5.2
+ cacheManagerCreateMethodNoArg = CacheManager.class.getMethod("create", (Class<?>[])null);
+ cacheManagerCreateMethodConfigurationArg = CacheManager.class.getMethod("create", Configuration.class);
+ } catch (Throwable t) {
+ // ignore
+ }
+ }
+ }
+
+ private EHCacheUtil() {
+ //
+ }
+
+ public static CacheConfiguration getCacheConfiguration(String key, CacheManager cacheManager) {
+ CacheConfiguration cc = cacheManager.getConfiguration().getCacheConfigurations().get(key);
+ if (cc == null && key.contains("-")) {
+ cc = cacheManager.getConfiguration().getCacheConfigurations().get(
+ key.substring(0, key.lastIndexOf('-') - 1));
+ }
+ if (cc == null) {
+ cc = cacheManager.getConfiguration().getDefaultCacheConfiguration();
+ }
+ if (cc == null) {
+ cc = new CacheConfiguration();
+ } else {
+ cc = (CacheConfiguration)cc.clone();
+ }
+ cc.setName(key);
+ return cc;
+ }
+
+ public static CacheManager createCacheManager() throws CacheException {
+ try {
+ return (CacheManager)cacheManagerCreateMethodNoArg.invoke(null, (Object[])null);
+ } catch (Exception e) {
+ throw new CacheException(e);
+ }
+ }
+
+ public static CacheManager createCacheManager(Configuration conf) throws CacheException {
+ try {
+ return (CacheManager)cacheManagerCreateMethodConfigurationArg.invoke(null, new Object[]{conf});
+ } catch (Exception e) {
+ throw new CacheException(e);
+ }
+ }
+}
Added: cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheXKMSClientCache.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheXKMSClientCache.java?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheXKMSClientCache.java (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheXKMSClientCache.java Sat Aug 10 07:52:35 2013
@@ -0,0 +1,131 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.cache;
+
+import java.io.File;
+import java.io.IOException;
+import java.net.URL;
+
+import net.sf.ehcache.Cache;
+import net.sf.ehcache.CacheManager;
+import net.sf.ehcache.Ehcache;
+import net.sf.ehcache.Element;
+import net.sf.ehcache.config.CacheConfiguration;
+import net.sf.ehcache.config.Configuration;
+import net.sf.ehcache.config.ConfigurationFactory;
+import net.sf.ehcache.config.DiskStoreConfiguration;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.common.classloader.ClassLoaderUtils;
+
+/**
+ * An in-memory EHCache implementation of the XKMSClientCache interface.
+ */
+public class EHCacheXKMSClientCache implements XKMSClientCache {
+
+ public static final String CACHE_KEY = "cxf.xkms.client.cache";
+ private static final String DEFAULT_CONFIG_URL = "cxf-xkms-client-ehcache.xml";
+
+ private Ehcache cache;
+ private CacheManager cacheManager;
+
+ public EHCacheXKMSClientCache() {
+ this(DEFAULT_CONFIG_URL, null);
+ }
+
+ public EHCacheXKMSClientCache(Bus bus) {
+ this(DEFAULT_CONFIG_URL, bus);
+ }
+
+ public EHCacheXKMSClientCache(String configFileURL) {
+ this(configFileURL, null);
+ }
+
+ public EHCacheXKMSClientCache(String configFileURL, Bus bus) {
+ createCache(configFileURL, bus);
+ }
+
+ private void createCache(String configFile, Bus bus) {
+ if (bus == null) {
+ bus = BusFactory.getThreadDefaultBus(true);
+ }
+ URL configFileURL = null;
+ try {
+ configFileURL =
+ ClassLoaderUtils.getResource(configFile, EHCacheXKMSClientCache.class);
+ } catch (Exception ex) {
+ // ignore
+ }
+ if (configFileURL == null) {
+ cacheManager = EHCacheUtil.createCacheManager();
+ } else {
+ Configuration conf = ConfigurationFactory.parseConfiguration(configFileURL);
+
+ if (bus != null) {
+ conf.setName(bus.getId());
+ DiskStoreConfiguration dsc = conf.getDiskStoreConfiguration();
+ if (dsc != null && "java.io.tmpdir".equals(dsc.getOriginalPath())) {
+ String path = conf.getDiskStoreConfiguration().getPath() + File.separator
+ + bus.getId();
+ conf.getDiskStoreConfiguration().setPath(path);
+ }
+ }
+
+ cacheManager = EHCacheUtil.createCacheManager(conf);
+ }
+
+ CacheConfiguration cc = EHCacheUtil.getCacheConfiguration(CACHE_KEY, cacheManager);
+
+ Ehcache newCache = new Cache(cc);
+ cache = cacheManager.addCacheIfAbsent(newCache);
+ }
+
+ /**
+ * Store an XKMSCacheToken in the Cache using the given key
+ */
+ public void put(String key, XKMSCacheToken cacheToken) {
+ cache.put(new Element(key, cacheToken));
+ }
+
+ /**
+ * Get an XKMSCacheToken from the cache matching the given key. Returns null if there
+ * is no such XKMSCacheToken in the cache, or if the certificate has expired in the cache
+ */
+ public XKMSCacheToken get(String key) {
+ Element element = cache.get(key);
+ if (element != null && !element.isExpired()) {
+ return (XKMSCacheToken)element.getObjectValue();
+ }
+ return null;
+ }
+
+ public void close() throws IOException {
+ if (cacheManager != null) {
+ if (cache != null) {
+ cache.removeAll();
+ }
+ cacheManager.shutdown();
+ cacheManager = null;
+ cache = null;
+ }
+ }
+
+}
Added: cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSCacheToken.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSCacheToken.java?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSCacheToken.java (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSCacheToken.java Sat Aug 10 07:52:35 2013
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.cache;
+
+import java.io.Serializable;
+import java.security.cert.X509Certificate;
+
+public class XKMSCacheToken implements Serializable {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 7097585680022947024L;
+ private X509Certificate x509Certificate;
+ private boolean xkmsValidated;
+
+ public XKMSCacheToken() {
+ //
+ }
+
+ public XKMSCacheToken(X509Certificate x509Certificate) {
+ this.x509Certificate = x509Certificate;
+ }
+
+ public X509Certificate getX509Certificate() {
+ return x509Certificate;
+ }
+
+ public void setX509Certificate(X509Certificate x509Certificate) {
+ this.x509Certificate = x509Certificate;
+ }
+
+ public boolean isXkmsValidated() {
+ return xkmsValidated;
+ }
+
+ public void setXkmsValidated(boolean xkmsValidated) {
+ this.xkmsValidated = xkmsValidated;
+ }
+
+}
\ No newline at end of file
Added: cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSClientCache.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSClientCache.java?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSClientCache.java (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSClientCache.java Sat Aug 10 07:52:35 2013
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.cache;
+
+import java.io.Closeable;
+import java.io.IOException;
+
+public interface XKMSClientCache extends Closeable {
+
+ /**
+ * Store an XKMSCacheToken in the Cache using the given key
+ */
+ void put(String key, XKMSCacheToken cacheToken);
+
+ /**
+ * Get an XKMSCacheToken from the cache matching the given key. Returns null if there
+ * is no such XKMSCacheToken in the cache.
+ */
+ XKMSCacheToken get(String key);
+
+ void close() throws IOException;
+}
\ No newline at end of file
Added: cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/client/X509AppId.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/client/X509AppId.java?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/client/X509AppId.java (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/client/X509AppId.java Sat Aug 10 07:52:35 2013
@@ -0,0 +1,83 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.xkms.client;
+
+import org.apache.cxf.xkms.handlers.Applications;
+
+public class X509AppId {
+ private final Applications application;
+ private final String id;
+
+ public X509AppId(Applications application, String id) {
+ this.id = id;
+ this.application = application;
+ }
+
+ public Applications getApplication() {
+ return application;
+ }
+
+ public String getId() {
+ return id;
+ }
+
+ @Override
+ public String toString() {
+ return String.format("application: %s; id: %s", application, id);
+ }
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((application == null)
+ ? 0
+ : application.hashCode());
+ result = prime * result + ((id == null)
+ ? 0
+ : id.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj) {
+ return true;
+ }
+ if (obj == null) {
+ return false;
+ }
+ if (!(obj instanceof X509AppId)) {
+ return false;
+ }
+ X509AppId other = (X509AppId) obj;
+ if (application != other.application) {
+ return false;
+ }
+ if (id == null) {
+ if (other.id != null) {
+ return false;
+ }
+ } else if (!id.equals(other.id)) {
+ return false;
+ }
+ return true;
+ }
+
+}
Added: cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/client/XKMSInvoker.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/client/XKMSInvoker.java?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/client/XKMSInvoker.java (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/client/XKMSInvoker.java Sat Aug 10 07:52:35 2013
@@ -0,0 +1,249 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.xkms.client;
+
+import java.io.ByteArrayInputStream;
+import java.math.BigInteger;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.UUID;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.namespace.QName;
+
+import org.apache.cxf.xkms.exception.ExceptionMapper;
+import org.apache.cxf.xkms.exception.XKMSException;
+import org.apache.cxf.xkms.exception.XKMSLocateException;
+import org.apache.cxf.xkms.exception.XKMSNotFoundException;
+import org.apache.cxf.xkms.exception.XKMSValidateException;
+import org.apache.cxf.xkms.handlers.Applications;
+import org.apache.cxf.xkms.handlers.XKMSConstants;
+import org.apache.cxf.xkms.model.xkms.KeyBindingEnum;
+import org.apache.cxf.xkms.model.xkms.LocateRequestType;
+import org.apache.cxf.xkms.model.xkms.LocateResultType;
+import org.apache.cxf.xkms.model.xkms.MessageAbstractType;
+import org.apache.cxf.xkms.model.xkms.QueryKeyBindingType;
+import org.apache.cxf.xkms.model.xkms.StatusType;
+import org.apache.cxf.xkms.model.xkms.UseKeyWithType;
+import org.apache.cxf.xkms.model.xkms.ValidateRequestType;
+import org.apache.cxf.xkms.model.xkms.ValidateResultType;
+import org.apache.cxf.xkms.model.xmldsig.KeyInfoType;
+import org.apache.cxf.xkms.model.xmldsig.X509DataType;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3._2002._03.xkms_wsdl.XKMSPortType;
+
+public class XKMSInvoker {
+ private static final Logger LOG = LoggerFactory.getLogger(XKMSInvoker.class);
+
+ private static final org.apache.cxf.xkms.model.xmldsig.ObjectFactory DSIG_OF =
+ new org.apache.cxf.xkms.model.xmldsig.ObjectFactory();
+ private static final org.apache.cxf.xkms.model.xkms.ObjectFactory XKMS_OF =
+ new org.apache.cxf.xkms.model.xkms.ObjectFactory();
+
+ private static final String XKMS_LOCATE_INVALID_CERTIFICATE =
+ "Cannot instantiate X509 certificate from XKMS response";
+ private static final String XKMS_VALIDATE_ERROR = "Certificate [%s] is not valid";
+
+ private final XKMSPortType xkmsConsumer;
+
+ public XKMSInvoker(XKMSPortType xkmsConsumer) {
+ this.xkmsConsumer = xkmsConsumer;
+ }
+
+ public X509Certificate getServiceCertificate(QName serviceName) {
+ return getCertificateForId(Applications.SERVICE_SOAP, serviceName.toString());
+ }
+
+ public X509Certificate getCertificateForId(Applications application, String id) {
+ List<X509AppId> ids = Collections.singletonList(new X509AppId(application, id));
+ return getCertificate(ids);
+ }
+
+ public X509Certificate getCertificateForIssuerSerial(String issuerDN, BigInteger serial) {
+ List<X509AppId> ids = new ArrayList<X509AppId>();
+ ids.add(new X509AppId(Applications.ISSUER, issuerDN));
+ ids.add(new X509AppId(Applications.SERIAL, serial.toString(16)));
+ return getCertificate(ids);
+ }
+
+ public X509Certificate getCertificate(List<X509AppId> ids) {
+ try {
+ LocateRequestType locateRequestType = prepareLocateXKMSRequest(ids);
+ LocateResultType locateResultType = xkmsConsumer.locate(locateRequestType);
+ return parseLocateXKMSResponse(locateResultType, ids);
+ } catch (RuntimeException e) {
+ String msg = String
+ .format("XKMS locate call fails for certificate: %s. Error: %s",
+ ids,
+ e.getMessage());
+ LOG.warn(msg, e);
+ throw new XKMSLocateException(msg, e);
+ }
+ }
+
+ public boolean validateCertificate(X509Certificate cert) {
+ try {
+ ValidateRequestType validateRequestType = prepareValidateXKMSRequest(cert);
+ ValidateResultType validateResultType = xkmsConsumer.validate(validateRequestType);
+ String id = cert.getSubjectDN().getName();
+ CertificateValidationResult result = parseValidateXKMSResponse(validateResultType, id);
+ if (!result.isValid()) {
+ LOG.warn(String.format("Certificate %s is not valid: %s",
+ cert.getSubjectDN(), result.getDescription()));
+ }
+ return result.isValid();
+ } catch (RuntimeException e) {
+ String msg = String.format("XKMS validate call fails for certificate: %s. Error: %s",
+ cert.getSubjectDN(),
+ e.getMessage());
+ LOG.warn(msg, e);
+ throw new XKMSValidateException(msg, e);
+ }
+ }
+
+ protected LocateRequestType prepareLocateXKMSRequest(List<X509AppId> ids) {
+ QueryKeyBindingType queryKeyBindingType = XKMS_OF
+ .createQueryKeyBindingType();
+
+ for (X509AppId id : ids) {
+ UseKeyWithType useKeyWithType = XKMS_OF.createUseKeyWithType();
+ useKeyWithType.setIdentifier(id.getId());
+ useKeyWithType.setApplication(id.getApplication().getUri());
+
+ queryKeyBindingType.getUseKeyWith().add(useKeyWithType);
+ }
+
+ LocateRequestType locateRequestType = XKMS_OF.createLocateRequestType();
+ locateRequestType.setQueryKeyBinding(queryKeyBindingType);
+ setGenericRequestParams(locateRequestType);
+ return locateRequestType;
+ }
+
+ @SuppressWarnings("unchecked")
+ protected X509Certificate parseLocateXKMSResponse(LocateResultType locateResultType, List<X509AppId> ids) {
+
+ XKMSException exception = ExceptionMapper.fromResponse(locateResultType);
+ if (exception != null) {
+ throw exception;
+ }
+
+ if (!locateResultType.getUnverifiedKeyBinding().iterator().hasNext()) {
+ throw new XKMSNotFoundException(
+ "X509Certificate is not found for id: " + ids);
+ }
+ KeyInfoType keyInfo = locateResultType.getUnverifiedKeyBinding()
+ .iterator().next().getKeyInfo();
+ if (!keyInfo.getContent().iterator().hasNext()) {
+ throw new XKMSNotFoundException(
+ "X509Certificate is not found for id: " + ids);
+ }
+ JAXBElement<X509DataType> x509Data = (JAXBElement<X509DataType>)keyInfo
+ .getContent().iterator().next();
+ JAXBElement<byte[]> certificate = (JAXBElement<byte[]>)x509Data
+ .getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName()
+ .iterator().next();
+
+ try {
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ X509Certificate cert = (X509Certificate)cf
+ .generateCertificate(new ByteArrayInputStream(certificate
+ .getValue()));
+ return cert;
+ } catch (CertificateException e) {
+ throw new XKMSLocateException(XKMS_LOCATE_INVALID_CERTIFICATE, e);
+ }
+ }
+
+ protected ValidateRequestType prepareValidateXKMSRequest(
+ X509Certificate cert) {
+ JAXBElement<byte[]> x509Cert;
+ try {
+ x509Cert = DSIG_OF.createX509DataTypeX509Certificate(cert
+ .getEncoded());
+ } catch (CertificateEncodingException e) {
+ throw new IllegalArgumentException(e);
+ }
+ X509DataType x509DataType = DSIG_OF.createX509DataType();
+ x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(
+ x509Cert);
+ JAXBElement<X509DataType> x509Data = DSIG_OF
+ .createX509Data(x509DataType);
+
+ KeyInfoType keyInfoType = DSIG_OF.createKeyInfoType();
+ keyInfoType.getContent().add(x509Data);
+
+ QueryKeyBindingType queryKeyBindingType = XKMS_OF
+ .createQueryKeyBindingType();
+ queryKeyBindingType.setKeyInfo(keyInfoType);
+
+ ValidateRequestType validateRequestType = XKMS_OF
+ .createValidateRequestType();
+ setGenericRequestParams(validateRequestType);
+ validateRequestType.setQueryKeyBinding(queryKeyBindingType);
+ // temporary
+ validateRequestType.setId(cert.getSubjectDN().toString());
+ return validateRequestType;
+ }
+
+ protected CertificateValidationResult parseValidateXKMSResponse(ValidateResultType validateResultType,
+ String id) {
+ XKMSException exception = ExceptionMapper.fromResponse(validateResultType);
+ if (exception != null) {
+ throw exception;
+ }
+
+ StatusType status = validateResultType.getKeyBinding().iterator()
+ .next().getStatus();
+ if (KeyBindingEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_VALID != status.getStatusValue()) {
+ return new CertificateValidationResult(false, XKMS_VALIDATE_ERROR);
+ }
+ return new CertificateValidationResult(true, null);
+ }
+
+ public static class CertificateValidationResult {
+
+ private final boolean valid;
+ private final String description;
+
+ public CertificateValidationResult(boolean valid, String description) {
+ this.valid = valid;
+ this.description = description;
+ }
+
+ public boolean isValid() {
+ return valid;
+ }
+
+ public String getDescription() {
+ return description;
+ }
+ }
+
+ private void setGenericRequestParams(MessageAbstractType request) {
+ request.setService(XKMSConstants.XKMS_ENDPOINT_NAME);
+ request.setId(UUID.randomUUID().toString());
+ }
+
+}
Added: cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderException.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderException.java?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderException.java (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderException.java Sat Aug 10 07:52:35 2013
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.xkms.crypto;
+
+public class CryptoProviderException extends RuntimeException {
+
+ private static final long serialVersionUID = 7177198444823997289L;
+
+ public CryptoProviderException() {
+ super();
+ }
+
+ public CryptoProviderException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public CryptoProviderException(String message) {
+ super(message);
+ }
+
+ public CryptoProviderException(Throwable cause) {
+ super(cause);
+ }
+
+}
Added: cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderFactory.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderFactory.java?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderFactory.java (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderFactory.java Sat Aug 10 07:52:35 2013
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.crypto;
+
+import org.apache.cxf.message.Message;
+import org.apache.ws.security.components.crypto.Crypto;
+
+public interface CryptoProviderFactory {
+
+ Crypto create(Message message);
+
+}
Added: cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderUtils.java?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderUtils.java (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/CryptoProviderUtils.java Sat Aug 10 07:52:35 2013
@@ -0,0 +1,157 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.crypto;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.util.Properties;
+
+import javax.security.auth.callback.CallbackHandler;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.common.classloader.ClassLoaderUtils;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.resource.ResourceManager;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.ws.security.WSPasswordCallback;
+import org.apache.ws.security.components.crypto.Merlin;
+
+public final class CryptoProviderUtils {
+
+ private CryptoProviderUtils() {
+ }
+
+ public static Properties loadKeystoreProperties(Message message, String propKey) {
+ Object o = message.getContextualProperty(propKey);
+ if (o == null) {
+ throw new CryptoProviderException("Keystore properties path is not defined");
+ }
+
+ Properties properties = null;
+ if (o instanceof Properties) {
+ properties = (Properties)o;
+ } else if (o instanceof String) {
+ ResourceManager rm = message.getExchange().get(Bus.class)
+ .getExtension(ResourceManager.class);
+ URL url = rm.resolveResource((String)o, URL.class);
+ try {
+ if (url == null) {
+ url = ClassLoaderUtils.getResource((String)o, CryptoProviderUtils.class);
+ }
+ if (url == null) {
+ try {
+ url = new URL((String)o);
+ } catch (Exception ex) {
+ // ignore
+ }
+ }
+ if (url != null) {
+ InputStream ins = url.openStream();
+ properties = new Properties();
+ properties.load(ins);
+ ins.close();
+ } else {
+ throw new CryptoProviderException("Keystore properties url is not resolved: "
+ + o);
+ }
+ } catch (IOException e) {
+ throw new CryptoProviderException("Cannot load keystore properties: "
+ + e.getMessage(), e);
+ }
+ } else if (o instanceof URL) {
+ properties = new Properties();
+ try {
+ InputStream ins = ((URL)o).openStream();
+ properties.load(ins);
+ ins.close();
+ } catch (IOException e) {
+ throw new CryptoProviderException("Cannot load keystore properties: "
+ + e.getMessage(), e);
+ }
+ }
+ if (properties == null) {
+ throw new CryptoProviderException("Cannot load keystore properties: " + o);
+ }
+
+ return properties;
+ }
+
+ public static String getKeystoreAlias(Properties keystoreProps) {
+ String keystoreAlias = null;
+
+ if (keystoreProps.containsKey(Merlin.KEYSTORE_ALIAS)) {
+ keystoreAlias = keystoreProps.getProperty(Merlin.KEYSTORE_ALIAS);
+ }
+
+ if (keystoreAlias == null) {
+ throw new CryptoProviderException("Alias is not found in keystore properties file: "
+ + Merlin.KEYSTORE_ALIAS);
+ }
+
+ return keystoreAlias;
+ }
+
+ public static CallbackHandler getCallbackHandler(Message message) {
+ Object o = message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
+
+ CallbackHandler handler = null;
+ if (o instanceof CallbackHandler) {
+ handler = (CallbackHandler)o;
+ } else if (o instanceof String) {
+ try {
+ handler = (CallbackHandler)ClassLoaderUtils
+ .loadClass((String)o, CryptoProviderUtils.class).newInstance();
+ } catch (Exception e) {
+ handler = null;
+ }
+ }
+
+ return handler;
+ }
+
+ public static String getCallbackPwdFromMessage(Message message, String userName, int usage) {
+ // Then try to get the password from the given callback handler
+ CallbackHandler handler = getCallbackHandler(message);
+ if (handler == null) {
+ throw new CryptoProviderException("No callback handler and no password available");
+ }
+
+ return getCallbackPwd(userName, usage, handler);
+ }
+
+ public static String getCallbackPwd(String userName, int usage, CallbackHandler handler) {
+ if (handler == null) {
+ return null;
+ }
+ WSPasswordCallback[] cb = {
+ new WSPasswordCallback(userName, usage)
+ };
+ try {
+ handler.handle(cb);
+ } catch (Exception e) {
+ throw new CryptoProviderException("Cannot get password from callback: " + e, e);
+ }
+
+ // get the password
+ return cb[0].getPassword();
+ }
+
+}
Added: cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/MissingPrincipalException.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/MissingPrincipalException.java?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/MissingPrincipalException.java (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/MissingPrincipalException.java Sat Aug 10 07:52:35 2013
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.crypto;
+
+public class MissingPrincipalException extends CryptoProviderException {
+
+ private static final long serialVersionUID = 7177198444823997289L;
+
+ public MissingPrincipalException() {
+ super();
+ }
+
+ public MissingPrincipalException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public MissingPrincipalException(String message) {
+ super(message);
+ }
+
+ public MissingPrincipalException(Throwable cause) {
+ super(cause);
+ }
+
+}
Added: cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java Sat Aug 10 07:52:35 2013
@@ -0,0 +1,241 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.crypto;
+
+import java.math.BigInteger;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.cert.X509Certificate;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import javax.security.auth.callback.CallbackHandler;
+
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.xkms.cache.EHCacheXKMSClientCache;
+import org.apache.cxf.xkms.cache.XKMSCacheToken;
+import org.apache.cxf.xkms.cache.XKMSClientCache;
+import org.apache.cxf.xkms.client.XKMSInvoker;
+import org.apache.cxf.xkms.handlers.Applications;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.components.crypto.CryptoBase;
+import org.apache.ws.security.components.crypto.CryptoType;
+import org.apache.ws.security.components.crypto.CryptoType.TYPE;
+import org.w3._2002._03.xkms_wsdl.XKMSPortType;
+
+public class XkmsCryptoProvider extends CryptoBase {
+
+ private static final Logger LOG = LogUtils.getL7dLogger(XkmsCryptoProvider.class);
+
+ private final XKMSInvoker xkmsInvoker;
+ private Crypto defaultCrypto;
+ private XKMSClientCache xkmsClientCache;
+
+ public XkmsCryptoProvider(XKMSPortType xkmsConsumer) {
+ this(xkmsConsumer, null);
+ }
+
+ public XkmsCryptoProvider(XKMSPortType xkmsConsumer, Crypto defaultCrypto) {
+ this(xkmsConsumer, defaultCrypto, new EHCacheXKMSClientCache());
+ }
+
+ public XkmsCryptoProvider(XKMSPortType xkmsConsumer, Crypto defaultCrypto, XKMSClientCache xkmsClientCache) {
+ if (xkmsConsumer == null) {
+ throw new IllegalArgumentException("xkmsConsumer may not be null");
+ }
+ this.xkmsInvoker = new XKMSInvoker(xkmsConsumer);
+ this.defaultCrypto = defaultCrypto;
+ this.xkmsClientCache = xkmsClientCache;
+ }
+
+ @Override
+ public X509Certificate[] getX509Certificates(CryptoType cryptoType) throws WSSecurityException {
+ if (LOG.isLoggable(Level.INFO)) {
+ LOG.info(String
+ .format("XKMS Runtime: getting public certificate for alias: %s; issuer: %s; subjectDN: %s",
+ cryptoType.getAlias(), cryptoType.getIssuer(), cryptoType.getSubjectDN()));
+ }
+ X509Certificate[] certs = getX509CertificatesInternal(cryptoType);
+ if (certs == null) {
+ LOG.severe(String
+ .format(
+ "Cannot find certificate for alias: %s, issuer: %s; subjectDN: %s",
+ cryptoType.getAlias(), cryptoType.getIssuer(), cryptoType.getSubjectDN()));
+ }
+ return certs;
+ }
+
+ @Override
+ public String getX509Identifier(X509Certificate cert) throws WSSecurityException {
+ assertDefaultCryptoProvider();
+ return defaultCrypto.getX509Identifier(cert);
+ }
+
+ @Override
+ public PrivateKey getPrivateKey(X509Certificate certificate, CallbackHandler callbackHandler)
+ throws WSSecurityException {
+ assertDefaultCryptoProvider();
+ return defaultCrypto.getPrivateKey(certificate, callbackHandler);
+ }
+
+ @Override
+ public PrivateKey getPrivateKey(String identifier, String password) throws WSSecurityException {
+ assertDefaultCryptoProvider();
+ return defaultCrypto.getPrivateKey(identifier, password);
+ }
+
+ @Override
+ public boolean verifyTrust(X509Certificate[] certs) {
+ return verifyTrust(certs, false);
+ }
+
+ @Override
+ public boolean verifyTrust(X509Certificate[] certs, boolean enableRevocation) {
+ if (certs != null) {
+ LOG.fine(String.format("Verifying certificate id: %s", certs[0].getSubjectDN()));
+ }
+ return certs != null && xkmsInvoker.validateCertificate(certs[0]);
+ }
+
+ @Override
+ public boolean verifyTrust(PublicKey publicKey) throws WSSecurityException {
+ throw new CryptoProviderException("PublicKeys cannot be verified");
+ }
+
+ private void assertDefaultCryptoProvider() {
+ if (defaultCrypto == null) {
+ throw new UnsupportedOperationException("Not supported by this crypto provider");
+ }
+ }
+
+ private X509Certificate[] getX509CertificatesInternal(CryptoType cryptoType) {
+ CryptoType.TYPE type = cryptoType.getType();
+ if (type == TYPE.SUBJECT_DN) {
+ return getX509CertificatesFromXKMS(Applications.PKIX, cryptoType.getSubjectDN());
+ } else if (type == TYPE.ALIAS) {
+ return getX509CertificatesFromXKMS(cryptoType);
+ } else if (type == TYPE.ISSUER_SERIAL) {
+ String key = getKeyForIssuerSerial(cryptoType.getIssuer(), cryptoType.getSerial());
+ // Try local cache first
+ if (xkmsClientCache != null) {
+ XKMSCacheToken cachedToken = xkmsClientCache.get(key);
+ if (cachedToken != null && cachedToken.getX509Certificate() != null) {
+ return new X509Certificate[] {cachedToken.getX509Certificate()};
+ }
+ }
+ // Now ask the XKMS Service
+ X509Certificate certificate = xkmsInvoker.getCertificateForIssuerSerial(cryptoType
+ .getIssuer(), cryptoType.getSerial());
+
+ // Store in the cache
+ if (certificate != null && xkmsClientCache != null) {
+ XKMSCacheToken cacheToken = new XKMSCacheToken(certificate);
+ xkmsClientCache.put(key, cacheToken);
+ // Store it using the Subject DN as well
+ xkmsClientCache.put(certificate.getSubjectX500Principal().getName(), cacheToken);
+ }
+ return new X509Certificate[] {
+ certificate
+ };
+ }
+ throw new IllegalArgumentException("Unsupported type " + type);
+ }
+
+ private X509Certificate[] getX509CertificatesFromXKMS(CryptoType cryptoType) {
+ Applications appId = null;
+ boolean isServiceName = isServiceName(cryptoType);
+ if (!isServiceName) {
+ X509Certificate[] localCerts = getCertificateLocally(cryptoType);
+ if (localCerts != null) {
+ return localCerts;
+ }
+ appId = Applications.PKIX;
+ } else {
+ appId = Applications.SERVICE_SOAP;
+ }
+ return getX509CertificatesFromXKMS(appId, cryptoType.getAlias());
+ }
+
+ private X509Certificate[] getX509CertificatesFromXKMS(Applications application, String id) {
+ LOG.fine(String.format("Getting public certificate from XKMS for application:%s; id: %s",
+ application, id));
+ if (id == null) {
+ throw new CryptoProviderException("Id is not specified for certificate request");
+ }
+
+ // Try local cache first
+ if (xkmsClientCache != null) {
+ XKMSCacheToken cachedToken = xkmsClientCache.get(id.toLowerCase());
+ if (cachedToken != null && cachedToken.getX509Certificate() != null) {
+ return new X509Certificate[] {cachedToken.getX509Certificate()};
+ }
+ }
+
+ // Now ask the XKMS Service
+ X509Certificate cert = xkmsInvoker.getCertificateForId(application, id);
+
+ // Store in the cache
+ if (cert != null && xkmsClientCache != null) {
+ XKMSCacheToken cacheToken = new XKMSCacheToken(cert);
+ xkmsClientCache.put(id.toLowerCase(), cacheToken);
+ // Store it using IssuerSerial as well
+ String key = getKeyForIssuerSerial(cert.getIssuerX500Principal().getName(),
+ cert.getSerialNumber());
+ xkmsClientCache.put(key, cacheToken);
+ }
+
+ return new X509Certificate[] {
+ cert
+ };
+ }
+
+ /**
+ * Try to get certificate locally
+ *
+ * @param cryptoType
+ * @return if found certificate otherwise null returned
+ */
+ private X509Certificate[] getCertificateLocally(CryptoType cryptoType) {
+ X509Certificate[] localCerts = null;
+ try {
+ localCerts = defaultCrypto.getX509Certificates(cryptoType);
+ } catch (Exception e) {
+ LOG.info("Certificate is not found in local keystore and will be requested from XKMS: "
+ + cryptoType.getAlias());
+ }
+ return localCerts;
+ }
+
+ /**
+ * Service Aliases contain namespace
+ *
+ * @param cryptoType
+ * @return
+ */
+ private boolean isServiceName(CryptoType cryptoType) {
+ return cryptoType.getAlias().contains("{");
+ }
+
+ private String getKeyForIssuerSerial(String issuer, BigInteger serial) {
+ return issuer + "-" + serial.toString(16);
+ }
+
+}
Added: cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProviderFactory.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProviderFactory.java?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProviderFactory.java (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProviderFactory.java Sat Aug 10 07:52:35 2013
@@ -0,0 +1,51 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.crypto;
+
+import java.util.Properties;
+
+import org.apache.cxf.message.Message;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.components.crypto.CryptoFactory;
+import org.w3._2002._03.xkms_wsdl.XKMSPortType;
+
+public class XkmsCryptoProviderFactory implements CryptoProviderFactory {
+
+ private final XKMSPortType xkmsConsumer;
+
+ public XkmsCryptoProviderFactory(XKMSPortType xkmsConsumer) {
+ this.xkmsConsumer = xkmsConsumer;
+ }
+
+ public Crypto create(Message message) {
+ Properties keystoreProps = CryptoProviderUtils
+ .loadKeystoreProperties(message,
+ SecurityConstants.SIGNATURE_PROPERTIES);
+ try {
+ Crypto defaultCrypto = CryptoFactory.getInstance(keystoreProps);
+ return new XkmsCryptoProvider(xkmsConsumer, defaultCrypto);
+ } catch (WSSecurityException e) {
+ throw new CryptoProviderException("Cannot instantiate crypto factory: "
+ + e.getMessage(), e);
+ }
+ }
+}
Added: cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/resources/OSGI-INF/blueprint/beans.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/resources/OSGI-INF/blueprint/beans.xml?rev=1512574&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/resources/OSGI-INF/blueprint/beans.xml (added)
+++ cxf/branches/2.7.x-fixes/services/xkms/xkms-client/src/main/resources/OSGI-INF/blueprint/beans.xml Sat Aug 10 07:52:35 2013
@@ -0,0 +1,62 @@
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cxf="http://cxf.apache.org/blueprint/core"
+ xmlns:jaxws="http://cxf.apache.org/blueprint/jaxws"
+ xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.0.0"
+ xmlns:ext="http://www.osgi.org/xmlns/blueprint-ext/v1.1.0"
+ xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
+ http://www.osgi.org/xmlns/blueprint-ext/v1.1.0 https://svn.apache.org/repos/asf/aries/tags/blueprint-0.3.1/blueprint-core/src/main/resources/org/apache/aries/blueprint/ext/blueprint-ext.xsd
+ http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.0.0 http://aries.apache.org/schemas/blueprint-cm/blueprint-cm-1.0.0.xsd
+ http://cxf.apache.org/blueprint/jaxws http://cxf.apache.org/schemas/blueprint/jaxws.xsd
+ http://cxf.apache.org/blueprint/core http://cxf.apache.org/schemas/blueprint/core.xsd
+">
+
+ <cm:property-placeholder persistent-id="org.apache.cxf.xkms.client">
+ <cm:default-properties>
+ <cm:property name="xkms.endpoint"
+ value="http://localhost:8040/cxf/XKMS/" />
+ </cm:default-properties>
+ </cm:property-placeholder>
+
+ <bean id="additionalClasses"
+ class="org.apache.cxf.xkms.model.extensions.AdditionalClassesFactory" />
+
+ <jaxws:client id="xkmsClient" xmlns:serviceNamespace="http://www.w3.org/2002/03/xkms#wsdl"
+ serviceClass="org.w3._2002._03.xkms_wsdl.XKMSPortType"
+ serviceName="serviceNamespace:XKMSService" endpointName="serviceNamespace:XKMSPort"
+ address="${xkms.endpoint}">
+ <jaxws:properties>
+ <entry key="jaxb.additionalContextClasses">
+ <bean class="java.lang.Object" factory-ref="additionalClasses"
+ factory-method="create" />
+ </entry>
+ </jaxws:properties>
+ </jaxws:client>
+
+ <service ref="xkmsClient" interface="org.w3._2002._03.xkms_wsdl.XKMSPortType" />
+
+ <bean id="xkmsCryptoProviderFactory"
+ class="org.apache.cxf.xkms.crypto.XkmsCryptoProviderFactory">
+ <argument ref="xkmsClient" />
+ </bean>
+
+ <service ref="xkmsCryptoProviderFactory" interface="org.apache.cxf.xkms.crypto.CryptoProviderFactory" />
+
+</blueprint>