You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2011/12/06 11:24:32 UTC
svn commit: r1210847 [41/42] - in /webservices/wss4j/site: ./ apidocs/
apidocs/org/apache/ws/security/ apidocs/org/apache/ws/security/action/
apidocs/org/apache/ws/security/action/class-use/
apidocs/org/apache/ws/security/class-use/ apidocs/org/apache/...
Modified: webservices/wss4j/site/xref/org/apache/ws/security/util/WSSecurityUtil.html
URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref/org/apache/ws/security/util/WSSecurityUtil.html?rev=1210847&r1=1210846&r2=1210847&view=diff
==============================================================================
--- webservices/wss4j/site/xref/org/apache/ws/security/util/WSSecurityUtil.html (original)
+++ webservices/wss4j/site/xref/org/apache/ws/security/util/WSSecurityUtil.html Tue Dec 6 10:23:54 2011
@@ -772,470 +772,490 @@
<a name="762" href="#762">762</a> <em class="jxr_javadoccomment"> * Convert the raw key bytes into a SecretKey object of type symEncAlgo.</em>
<a name="763" href="#763">763</a> <em class="jxr_javadoccomment"> */</em>
<a name="764" href="#764">764</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> SecretKey prepareSecretKey(String symEncAlgo, byte[] rawKey) {
-<a name="765" href="#765">765</a> SecretKeySpec keySpec =
-<a name="766" href="#766">766</a> <strong class="jxr_keyword">new</strong> SecretKeySpec(rawKey, JCEMapper.getJCEKeyAlgorithmFromURI(symEncAlgo));
-<a name="767" href="#767">767</a> <strong class="jxr_keyword">return</strong> (SecretKey) keySpec;
-<a name="768" href="#768">768</a> }
-<a name="769" href="#769">769</a>
-<a name="770" href="#770">770</a>
-<a name="771" href="#771">771</a> <em class="jxr_javadoccomment">/**</em>
-<a name="772" href="#772">772</a> <em class="jxr_javadoccomment"> * Translate the "cipherAlgo" URI to a JCE ID, and return a javax.crypto.Cipher instance</em>
-<a name="773" href="#773">773</a> <em class="jxr_javadoccomment"> * of this type. </em>
-<a name="774" href="#774">774</a> <em class="jxr_javadoccomment"> */</em>
-<a name="775" href="#775">775</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> Cipher getCipherInstance(String cipherAlgo)
-<a name="776" href="#776">776</a> <strong class="jxr_keyword">throws</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a> {
-<a name="777" href="#777">777</a> <strong class="jxr_keyword">try</strong> {
-<a name="778" href="#778">778</a> String keyAlgorithm = JCEMapper.translateURItoJCEID(cipherAlgo);
-<a name="779" href="#779">779</a> <strong class="jxr_keyword">return</strong> Cipher.getInstance(keyAlgorithm);
-<a name="780" href="#780">780</a> } <strong class="jxr_keyword">catch</strong> (NoSuchPaddingException ex) {
-<a name="781" href="#781">781</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
-<a name="782" href="#782">782</a> WSSecurityException.UNSUPPORTED_ALGORITHM, <span class="jxr_string">"unsupportedKeyTransp"</span>,
-<a name="783" href="#783">783</a> <strong class="jxr_keyword">new</strong> Object[] { <span class="jxr_string">"No such padding: "</span> + cipherAlgo }, ex
-<a name="784" href="#784">784</a> );
-<a name="785" href="#785">785</a> } <strong class="jxr_keyword">catch</strong> (NoSuchAlgorithmException ex) {
-<a name="786" href="#786">786</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
-<a name="787" href="#787">787</a> WSSecurityException.UNSUPPORTED_ALGORITHM, <span class="jxr_string">"unsupportedKeyTransp"</span>,
-<a name="788" href="#788">788</a> <strong class="jxr_keyword">new</strong> Object[] { <span class="jxr_string">"No such algorithm: "</span> + cipherAlgo }, ex
-<a name="789" href="#789">789</a> );
-<a name="790" href="#790">790</a> }
-<a name="791" href="#791">791</a> }
-<a name="792" href="#792">792</a>
-<a name="793" href="#793">793</a>
-<a name="794" href="#794">794</a> <em class="jxr_javadoccomment">/**</em>
-<a name="795" href="#795">795</a> <em class="jxr_javadoccomment"> * Fetch the result of a given action from a given result list</em>
-<a name="796" href="#796">796</a> <em class="jxr_javadoccomment"> * </em>
-<a name="797" href="#797">797</a> <em class="jxr_javadoccomment"> * @param resultList The result list to fetch an action from</em>
-<a name="798" href="#798">798</a> <em class="jxr_javadoccomment"> * @param action The action to fetch</em>
-<a name="799" href="#799">799</a> <em class="jxr_javadoccomment"> * @return The last result fetched from the result list, null if the result</em>
-<a name="800" href="#800">800</a> <em class="jxr_javadoccomment"> * could not be found</em>
-<a name="801" href="#801">801</a> <em class="jxr_javadoccomment"> */</em>
-<a name="802" href="#802">802</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <a href="../../../../../org/apache/ws/security/WSSecurityEngineResult.html">WSSecurityEngineResult</a> fetchActionResult(
-<a name="803" href="#803">803</a> List<WSSecurityEngineResult> resultList,
-<a name="804" href="#804">804</a> <strong class="jxr_keyword">int</strong> action
-<a name="805" href="#805">805</a> ) {
-<a name="806" href="#806">806</a> <a href="../../../../../org/apache/ws/security/WSSecurityEngineResult.html">WSSecurityEngineResult</a> returnResult = <strong class="jxr_keyword">null</strong>;
-<a name="807" href="#807">807</a>
-<a name="808" href="#808">808</a> <strong class="jxr_keyword">for</strong> (WSSecurityEngineResult result : resultList) {
-<a name="809" href="#809">809</a> <em class="jxr_comment">//</em>
-<a name="810" href="#810">810</a> <em class="jxr_comment">// Check the result of every action whether it matches the given action</em>
-<a name="811" href="#811">811</a> <em class="jxr_comment">//</em>
-<a name="812" href="#812">812</a> <strong class="jxr_keyword">int</strong> resultAction =
-<a name="813" href="#813">813</a> ((java.lang.Integer)result.get(WSSecurityEngineResult.TAG_ACTION)).intValue();
-<a name="814" href="#814">814</a> <strong class="jxr_keyword">if</strong> (resultAction == action) {
-<a name="815" href="#815">815</a> returnResult = result;
-<a name="816" href="#816">816</a> }
-<a name="817" href="#817">817</a> }
-<a name="818" href="#818">818</a>
-<a name="819" href="#819">819</a> <strong class="jxr_keyword">return</strong> returnResult;
-<a name="820" href="#820">820</a> }
-<a name="821" href="#821">821</a>
-<a name="822" href="#822">822</a>
-<a name="823" href="#823">823</a> <em class="jxr_javadoccomment">/**</em>
-<a name="824" href="#824">824</a> <em class="jxr_javadoccomment"> * Fetch the result of a given action from a given result list.</em>
-<a name="825" href="#825">825</a> <em class="jxr_javadoccomment"> * </em>
-<a name="826" href="#826">826</a> <em class="jxr_javadoccomment"> * @param resultList The result list to fetch an action from</em>
-<a name="827" href="#827">827</a> <em class="jxr_javadoccomment"> * @param action The action to fetch</em>
-<a name="828" href="#828">828</a> <em class="jxr_javadoccomment"> * @param actionResultList where to store the found results data for the action</em>
-<a name="829" href="#829">829</a> <em class="jxr_javadoccomment"> * @return The result fetched from the result list, null if the result</em>
-<a name="830" href="#830">830</a> <em class="jxr_javadoccomment"> * could not be found</em>
-<a name="831" href="#831">831</a> <em class="jxr_javadoccomment"> */</em>
-<a name="832" href="#832">832</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> List<WSSecurityEngineResult> fetchAllActionResults(
-<a name="833" href="#833">833</a> List<WSSecurityEngineResult> resultList,
-<a name="834" href="#834">834</a> <strong class="jxr_keyword">int</strong> action,
-<a name="835" href="#835">835</a> List<WSSecurityEngineResult> actionResultList
-<a name="836" href="#836">836</a> ) {
-<a name="837" href="#837">837</a> <strong class="jxr_keyword">for</strong> (WSSecurityEngineResult result : resultList) {
-<a name="838" href="#838">838</a> <em class="jxr_comment">//</em>
-<a name="839" href="#839">839</a> <em class="jxr_comment">// Check the result of every action whether it matches the given action</em>
-<a name="840" href="#840">840</a> <em class="jxr_comment">//</em>
-<a name="841" href="#841">841</a> <strong class="jxr_keyword">int</strong> resultAction =
-<a name="842" href="#842">842</a> ((java.lang.Integer)result.get(WSSecurityEngineResult.TAG_ACTION)).intValue();
-<a name="843" href="#843">843</a> <strong class="jxr_keyword">if</strong> (resultAction == action) {
-<a name="844" href="#844">844</a> actionResultList.add(result);
-<a name="845" href="#845">845</a> }
-<a name="846" href="#846">846</a> }
-<a name="847" href="#847">847</a> <strong class="jxr_keyword">return</strong> actionResultList;
-<a name="848" href="#848">848</a> }
-<a name="849" href="#849">849</a>
-<a name="850" href="#850">850</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">int</strong> decodeAction(
-<a name="851" href="#851">851</a> String action,
-<a name="852" href="#852">852</a> List<Integer> actions
-<a name="853" href="#853">853</a> ) <strong class="jxr_keyword">throws</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a> {
-<a name="854" href="#854">854</a>
-<a name="855" href="#855">855</a> <strong class="jxr_keyword">int</strong> doAction = 0;
-<a name="856" href="#856">856</a> <strong class="jxr_keyword">if</strong> (action == <strong class="jxr_keyword">null</strong>) {
-<a name="857" href="#857">857</a> <strong class="jxr_keyword">return</strong> doAction;
-<a name="858" href="#858">858</a> }
-<a name="859" href="#859">859</a> String single[] = StringUtil.split(action, ' ');
-<a name="860" href="#860">860</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = 0; i < single.length; i++) {
-<a name="861" href="#861">861</a> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.NO_SECURITY)) {
-<a name="862" href="#862">862</a> doAction = WSConstants.NO_SECURITY;
-<a name="863" href="#863">863</a> <strong class="jxr_keyword">return</strong> doAction;
-<a name="864" href="#864">864</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.USERNAME_TOKEN)) {
-<a name="865" href="#865">865</a> doAction |= WSConstants.UT;
-<a name="866" href="#866">866</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.UT));
-<a name="867" href="#867">867</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SIGNATURE)) {
-<a name="868" href="#868">868</a> doAction |= WSConstants.SIGN;
-<a name="869" href="#869">869</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.SIGN));
-<a name="870" href="#870">870</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.ENCRYPT)) {
-<a name="871" href="#871">871</a> doAction |= WSConstants.ENCR;
-<a name="872" href="#872">872</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.ENCR));
-<a name="873" href="#873">873</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SAML_TOKEN_UNSIGNED)) {
-<a name="874" href="#874">874</a> doAction |= WSConstants.ST_UNSIGNED;
-<a name="875" href="#875">875</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.ST_UNSIGNED));
-<a name="876" href="#876">876</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SAML_TOKEN_SIGNED)) {
-<a name="877" href="#877">877</a> doAction |= WSConstants.ST_SIGNED;
-<a name="878" href="#878">878</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.ST_SIGNED));
-<a name="879" href="#879">879</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.TIMESTAMP)) {
-<a name="880" href="#880">880</a> doAction |= WSConstants.TS;
-<a name="881" href="#881">881</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.TS));
-<a name="882" href="#882">882</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SIGN_WITH_UT_KEY)) {
-<a name="883" href="#883">883</a> doAction |= WSConstants.UT_SIGN;
-<a name="884" href="#884">884</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.UT_SIGN));
-<a name="885" href="#885">885</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.ENABLE_SIGNATURE_CONFIRMATION)) {
-<a name="886" href="#886">886</a> doAction |= WSConstants.SC;
-<a name="887" href="#887">887</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.SC));
-<a name="888" href="#888">888</a> } <strong class="jxr_keyword">else</strong> {
-<a name="889" href="#889">889</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
-<a name="890" href="#890">890</a> <span class="jxr_string">"Unknown action defined: "</span> + single[i]
-<a name="891" href="#891">891</a> );
-<a name="892" href="#892">892</a> }
-<a name="893" href="#893">893</a> }
-<a name="894" href="#894">894</a> <strong class="jxr_keyword">return</strong> doAction;
-<a name="895" href="#895">895</a> }
-<a name="896" href="#896">896</a>
-<a name="897" href="#897">897</a>
-<a name="898" href="#898">898</a> <em class="jxr_javadoccomment">/**</em>
-<a name="899" href="#899">899</a> <em class="jxr_javadoccomment"> * Decode an action String. This method should only be called on the outbound side.</em>
-<a name="900" href="#900">900</a> <em class="jxr_javadoccomment"> * @param action The initial String of actions to perform</em>
-<a name="901" href="#901">901</a> <em class="jxr_javadoccomment"> * @param actions The list of created actions that will be performed</em>
-<a name="902" href="#902">902</a> <em class="jxr_javadoccomment"> * @param wssConfig This object holds the list of custom actions to be performed.</em>
-<a name="903" href="#903">903</a> <em class="jxr_javadoccomment"> * @return The or'd integer of all the actions (apart from the custom actions)</em>
-<a name="904" href="#904">904</a> <em class="jxr_javadoccomment"> * @throws WSSecurityException</em>
-<a name="905" href="#905">905</a> <em class="jxr_javadoccomment"> */</em>
-<a name="906" href="#906">906</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">int</strong> decodeAction(
-<a name="907" href="#907">907</a> String action,
-<a name="908" href="#908">908</a> List<Integer> actions,
-<a name="909" href="#909">909</a> <a href="../../../../../org/apache/ws/security/WSSConfig.html">WSSConfig</a> wssConfig
-<a name="910" href="#910">910</a> ) <strong class="jxr_keyword">throws</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a> {
-<a name="911" href="#911">911</a>
-<a name="912" href="#912">912</a> <strong class="jxr_keyword">int</strong> doAction = 0;
-<a name="913" href="#913">913</a> <strong class="jxr_keyword">if</strong> (action == <strong class="jxr_keyword">null</strong>) {
-<a name="914" href="#914">914</a> <strong class="jxr_keyword">return</strong> doAction;
-<a name="915" href="#915">915</a> }
-<a name="916" href="#916">916</a> String single[] = StringUtil.split(action, ' ');
-<a name="917" href="#917">917</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = 0; i < single.length; i++) {
-<a name="918" href="#918">918</a> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.NO_SECURITY)) {
-<a name="919" href="#919">919</a> doAction = WSConstants.NO_SECURITY;
-<a name="920" href="#920">920</a> <strong class="jxr_keyword">return</strong> doAction;
-<a name="921" href="#921">921</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.USERNAME_TOKEN)) {
-<a name="922" href="#922">922</a> doAction |= WSConstants.UT;
-<a name="923" href="#923">923</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.UT));
-<a name="924" href="#924">924</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SIGNATURE)) {
-<a name="925" href="#925">925</a> doAction |= WSConstants.SIGN;
-<a name="926" href="#926">926</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.SIGN));
-<a name="927" href="#927">927</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.ENCRYPT)) {
-<a name="928" href="#928">928</a> doAction |= WSConstants.ENCR;
-<a name="929" href="#929">929</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.ENCR));
-<a name="930" href="#930">930</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SAML_TOKEN_UNSIGNED)) {
-<a name="931" href="#931">931</a> doAction |= WSConstants.ST_UNSIGNED;
-<a name="932" href="#932">932</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.ST_UNSIGNED));
-<a name="933" href="#933">933</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SAML_TOKEN_SIGNED)) {
-<a name="934" href="#934">934</a> doAction |= WSConstants.ST_SIGNED;
-<a name="935" href="#935">935</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.ST_SIGNED));
-<a name="936" href="#936">936</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.TIMESTAMP)) {
-<a name="937" href="#937">937</a> doAction |= WSConstants.TS;
-<a name="938" href="#938">938</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.TS));
-<a name="939" href="#939">939</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SIGN_WITH_UT_KEY)) {
-<a name="940" href="#940">940</a> doAction |= WSConstants.UT_SIGN;
-<a name="941" href="#941">941</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.UT_SIGN));
-<a name="942" href="#942">942</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.ENABLE_SIGNATURE_CONFIRMATION)) {
-<a name="943" href="#943">943</a> doAction |= WSConstants.SC;
-<a name="944" href="#944">944</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.SC));
-<a name="945" href="#945">945</a> } <strong class="jxr_keyword">else</strong> {
-<a name="946" href="#946">946</a> <strong class="jxr_keyword">try</strong> {
-<a name="947" href="#947">947</a> <strong class="jxr_keyword">int</strong> parsedAction = Integer.parseInt(single[i]);
-<a name="948" href="#948">948</a> <strong class="jxr_keyword">if</strong> (wssConfig.getAction(parsedAction) == <strong class="jxr_keyword">null</strong>) {
-<a name="949" href="#949">949</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
-<a name="950" href="#950">950</a> <span class="jxr_string">"Unknown action defined: "</span> + single[i]
-<a name="951" href="#951">951</a> );
-<a name="952" href="#952">952</a> }
-<a name="953" href="#953">953</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(parsedAction));
-<a name="954" href="#954">954</a> } <strong class="jxr_keyword">catch</strong> (NumberFormatException ex) {
-<a name="955" href="#955">955</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
-<a name="956" href="#956">956</a> <span class="jxr_string">"Unknown action defined: "</span> + single[i]
-<a name="957" href="#957">957</a> );
-<a name="958" href="#958">958</a> }
-<a name="959" href="#959">959</a> }
-<a name="960" href="#960">960</a> }
-<a name="961" href="#961">961</a> <strong class="jxr_keyword">return</strong> doAction;
-<a name="962" href="#962">962</a> }
-<a name="963" href="#963">963</a>
-<a name="964" href="#964">964</a> <em class="jxr_javadoccomment">/**</em>
-<a name="965" href="#965">965</a> <em class="jxr_javadoccomment"> * Returns the length of the key in # of bytes</em>
-<a name="966" href="#966">966</a> <em class="jxr_javadoccomment"> * </em>
-<a name="967" href="#967">967</a> <em class="jxr_javadoccomment"> * @param algorithm</em>
-<a name="968" href="#968">968</a> <em class="jxr_javadoccomment"> * @return the key length</em>
-<a name="969" href="#969">969</a> <em class="jxr_javadoccomment"> */</em>
-<a name="970" href="#970">970</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">int</strong> getKeyLength(String algorithm) <strong class="jxr_keyword">throws</strong> WSSecurityException {
-<a name="971" href="#971">971</a> <strong class="jxr_keyword">if</strong> (algorithm.equals(WSConstants.TRIPLE_DES)) {
-<a name="972" href="#972">972</a> <strong class="jxr_keyword">return</strong> 24;
-<a name="973" href="#973">973</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (algorithm.equals(WSConstants.AES_128)) {
-<a name="974" href="#974">974</a> <strong class="jxr_keyword">return</strong> 16;
-<a name="975" href="#975">975</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (algorithm.equals(WSConstants.AES_192)) {
-<a name="976" href="#976">976</a> <strong class="jxr_keyword">return</strong> 24;
-<a name="977" href="#977">977</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (algorithm.equals(WSConstants.AES_256)) {
-<a name="978" href="#978">978</a> <strong class="jxr_keyword">return</strong> 32;
-<a name="979" href="#979">979</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (WSConstants.HMAC_SHA1.equals(algorithm)) {
-<a name="980" href="#980">980</a> <strong class="jxr_keyword">return</strong> 20;
-<a name="981" href="#981">981</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (WSConstants.HMAC_SHA256.equals(algorithm)) {
-<a name="982" href="#982">982</a> <strong class="jxr_keyword">return</strong> 32;
-<a name="983" href="#983">983</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (WSConstants.HMAC_SHA384.equals(algorithm)) {
-<a name="984" href="#984">984</a> <strong class="jxr_keyword">return</strong> 48;
-<a name="985" href="#985">985</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (WSConstants.HMAC_SHA512.equals(algorithm)) {
-<a name="986" href="#986">986</a> <strong class="jxr_keyword">return</strong> 64;
-<a name="987" href="#987">987</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (WSConstants.HMAC_MD5.equals(algorithm)) {
-<a name="988" href="#988">988</a> <strong class="jxr_keyword">return</strong> 16;
-<a name="989" href="#989">989</a> } <strong class="jxr_keyword">else</strong> {
-<a name="990" href="#990">990</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
-<a name="991" href="#991">991</a> WSSecurityException.UNSUPPORTED_ALGORITHM, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>
-<a name="992" href="#992">992</a> );
-<a name="993" href="#993">993</a> }
-<a name="994" href="#994">994</a> }
-<a name="995" href="#995">995</a>
-<a name="996" href="#996">996</a> <em class="jxr_javadoccomment">/**</em>
-<a name="997" href="#997">997</a> <em class="jxr_javadoccomment"> * Generate a nonce of the given length using the SHA1PRNG algorithm. The SecureRandom</em>
-<a name="998" href="#998">998</a> <em class="jxr_javadoccomment"> * instance that backs this method is cached for efficiency.</em>
-<a name="999" href="#999">999</a> <em class="jxr_javadoccomment"> * </em>
-<a name="1000" href="#1000">1000</a> <em class="jxr_javadoccomment"> * @return a nonce of the given length</em>
-<a name="1001" href="#1001">1001</a> <em class="jxr_javadoccomment"> * @throws WSSecurityException</em>
-<a name="1002" href="#1002">1002</a> <em class="jxr_javadoccomment"> */</em>
-<a name="1003" href="#1003">1003</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">synchronized</strong> byte[] generateNonce(<strong class="jxr_keyword">int</strong> length) <strong class="jxr_keyword">throws</strong> WSSecurityException {
-<a name="1004" href="#1004">1004</a> <strong class="jxr_keyword">try</strong> {
-<a name="1005" href="#1005">1005</a> <strong class="jxr_keyword">if</strong> (random == <strong class="jxr_keyword">null</strong>) {
-<a name="1006" href="#1006">1006</a> random = SecureRandom.getInstance(<span class="jxr_string">"SHA1PRNG"</span>);
-<a name="1007" href="#1007">1007</a> random.setSeed(System.nanoTime());
-<a name="1008" href="#1008">1008</a> }
-<a name="1009" href="#1009">1009</a> byte[] temp = <strong class="jxr_keyword">new</strong> byte[length];
-<a name="1010" href="#1010">1010</a> random.nextBytes(temp);
-<a name="1011" href="#1011">1011</a> <strong class="jxr_keyword">return</strong> temp;
-<a name="1012" href="#1012">1012</a> } <strong class="jxr_keyword">catch</strong> (Exception ex) {
-<a name="1013" href="#1013">1013</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
-<a name="1014" href="#1014">1014</a> <span class="jxr_string">"Error in generating nonce of length "</span> + length, ex
-<a name="1015" href="#1015">1015</a> );
-<a name="1016" href="#1016">1016</a> }
-<a name="1017" href="#1017">1017</a> }
-<a name="1018" href="#1018">1018</a>
-<a name="1019" href="#1019">1019</a> <em class="jxr_javadoccomment">/**</em>
-<a name="1020" href="#1020">1020</a> <em class="jxr_javadoccomment"> * Generate a (SHA1) digest of the input bytes. The MessageDigest instance that backs this</em>
-<a name="1021" href="#1021">1021</a> <em class="jxr_javadoccomment"> * method is cached for efficiency. </em>
-<a name="1022" href="#1022">1022</a> <em class="jxr_javadoccomment"> * @param inputBytes the bytes to digest</em>
-<a name="1023" href="#1023">1023</a> <em class="jxr_javadoccomment"> * @return the digest of the input bytes</em>
-<a name="1024" href="#1024">1024</a> <em class="jxr_javadoccomment"> * @throws WSSecurityException</em>
-<a name="1025" href="#1025">1025</a> <em class="jxr_javadoccomment"> */</em>
-<a name="1026" href="#1026">1026</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">synchronized</strong> byte[] generateDigest(byte[] inputBytes) <strong class="jxr_keyword">throws</strong> WSSecurityException {
-<a name="1027" href="#1027">1027</a> <strong class="jxr_keyword">try</strong> {
-<a name="1028" href="#1028">1028</a> <strong class="jxr_keyword">if</strong> (digest == <strong class="jxr_keyword">null</strong>) {
-<a name="1029" href="#1029">1029</a> digest = MessageDigest.getInstance(<span class="jxr_string">"SHA-1"</span>);
-<a name="1030" href="#1030">1030</a> }
-<a name="1031" href="#1031">1031</a> <strong class="jxr_keyword">return</strong> digest.digest(inputBytes);
-<a name="1032" href="#1032">1032</a> } <strong class="jxr_keyword">catch</strong> (Exception e) {
+<a name="765" href="#765">765</a> <em class="jxr_comment">// Do an additional check on the keysize required by the encryption algorithm</em>
+<a name="766" href="#766">766</a> <strong class="jxr_keyword">int</strong> size = 0;
+<a name="767" href="#767">767</a> <strong class="jxr_keyword">try</strong> {
+<a name="768" href="#768">768</a> size = JCEMapper.getKeyLengthFromURI(symEncAlgo) / 8;
+<a name="769" href="#769">769</a> } <strong class="jxr_keyword">catch</strong> (Exception e) {
+<a name="770" href="#770">770</a> <em class="jxr_comment">// ignore - some unknown (to JCEMapper) encryption algorithm</em>
+<a name="771" href="#771">771</a> <strong class="jxr_keyword">if</strong> (log.isDebugEnabled()) {
+<a name="772" href="#772">772</a> log.debug(e.getMessage());
+<a name="773" href="#773">773</a> }
+<a name="774" href="#774">774</a> }
+<a name="775" href="#775">775</a> String keyAlgorithm = JCEMapper.getJCEKeyAlgorithmFromURI(symEncAlgo);
+<a name="776" href="#776">776</a> SecretKeySpec keySpec;
+<a name="777" href="#777">777</a> <strong class="jxr_keyword">if</strong> (size > 0) {
+<a name="778" href="#778">778</a> keySpec =
+<a name="779" href="#779">779</a> <strong class="jxr_keyword">new</strong> SecretKeySpec(
+<a name="780" href="#780">780</a> rawKey, 0, ((rawKey.length > size) ? size : rawKey.length), keyAlgorithm
+<a name="781" href="#781">781</a> );
+<a name="782" href="#782">782</a> } <strong class="jxr_keyword">else</strong> {
+<a name="783" href="#783">783</a> keySpec = <strong class="jxr_keyword">new</strong> SecretKeySpec(rawKey, keyAlgorithm);
+<a name="784" href="#784">784</a> }
+<a name="785" href="#785">785</a> <strong class="jxr_keyword">return</strong> (SecretKey)keySpec;
+<a name="786" href="#786">786</a> }
+<a name="787" href="#787">787</a>
+<a name="788" href="#788">788</a>
+<a name="789" href="#789">789</a> <em class="jxr_javadoccomment">/**</em>
+<a name="790" href="#790">790</a> <em class="jxr_javadoccomment"> * Translate the "cipherAlgo" URI to a JCE ID, and return a javax.crypto.Cipher instance</em>
+<a name="791" href="#791">791</a> <em class="jxr_javadoccomment"> * of this type. </em>
+<a name="792" href="#792">792</a> <em class="jxr_javadoccomment"> */</em>
+<a name="793" href="#793">793</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> Cipher getCipherInstance(String cipherAlgo)
+<a name="794" href="#794">794</a> <strong class="jxr_keyword">throws</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a> {
+<a name="795" href="#795">795</a> <strong class="jxr_keyword">try</strong> {
+<a name="796" href="#796">796</a> String keyAlgorithm = JCEMapper.translateURItoJCEID(cipherAlgo);
+<a name="797" href="#797">797</a> <strong class="jxr_keyword">return</strong> Cipher.getInstance(keyAlgorithm);
+<a name="798" href="#798">798</a> } <strong class="jxr_keyword">catch</strong> (NoSuchPaddingException ex) {
+<a name="799" href="#799">799</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
+<a name="800" href="#800">800</a> WSSecurityException.UNSUPPORTED_ALGORITHM, <span class="jxr_string">"unsupportedKeyTransp"</span>,
+<a name="801" href="#801">801</a> <strong class="jxr_keyword">new</strong> Object[] { <span class="jxr_string">"No such padding: "</span> + cipherAlgo }, ex
+<a name="802" href="#802">802</a> );
+<a name="803" href="#803">803</a> } <strong class="jxr_keyword">catch</strong> (NoSuchAlgorithmException ex) {
+<a name="804" href="#804">804</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
+<a name="805" href="#805">805</a> WSSecurityException.UNSUPPORTED_ALGORITHM, <span class="jxr_string">"unsupportedKeyTransp"</span>,
+<a name="806" href="#806">806</a> <strong class="jxr_keyword">new</strong> Object[] { <span class="jxr_string">"No such algorithm: "</span> + cipherAlgo }, ex
+<a name="807" href="#807">807</a> );
+<a name="808" href="#808">808</a> }
+<a name="809" href="#809">809</a> }
+<a name="810" href="#810">810</a>
+<a name="811" href="#811">811</a>
+<a name="812" href="#812">812</a> <em class="jxr_javadoccomment">/**</em>
+<a name="813" href="#813">813</a> <em class="jxr_javadoccomment"> * Fetch the result of a given action from a given result list</em>
+<a name="814" href="#814">814</a> <em class="jxr_javadoccomment"> * </em>
+<a name="815" href="#815">815</a> <em class="jxr_javadoccomment"> * @param resultList The result list to fetch an action from</em>
+<a name="816" href="#816">816</a> <em class="jxr_javadoccomment"> * @param action The action to fetch</em>
+<a name="817" href="#817">817</a> <em class="jxr_javadoccomment"> * @return The last result fetched from the result list, null if the result</em>
+<a name="818" href="#818">818</a> <em class="jxr_javadoccomment"> * could not be found</em>
+<a name="819" href="#819">819</a> <em class="jxr_javadoccomment"> */</em>
+<a name="820" href="#820">820</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <a href="../../../../../org/apache/ws/security/WSSecurityEngineResult.html">WSSecurityEngineResult</a> fetchActionResult(
+<a name="821" href="#821">821</a> List<WSSecurityEngineResult> resultList,
+<a name="822" href="#822">822</a> <strong class="jxr_keyword">int</strong> action
+<a name="823" href="#823">823</a> ) {
+<a name="824" href="#824">824</a> <a href="../../../../../org/apache/ws/security/WSSecurityEngineResult.html">WSSecurityEngineResult</a> returnResult = <strong class="jxr_keyword">null</strong>;
+<a name="825" href="#825">825</a>
+<a name="826" href="#826">826</a> <strong class="jxr_keyword">for</strong> (WSSecurityEngineResult result : resultList) {
+<a name="827" href="#827">827</a> <em class="jxr_comment">//</em>
+<a name="828" href="#828">828</a> <em class="jxr_comment">// Check the result of every action whether it matches the given action</em>
+<a name="829" href="#829">829</a> <em class="jxr_comment">//</em>
+<a name="830" href="#830">830</a> <strong class="jxr_keyword">int</strong> resultAction =
+<a name="831" href="#831">831</a> ((java.lang.Integer)result.get(WSSecurityEngineResult.TAG_ACTION)).intValue();
+<a name="832" href="#832">832</a> <strong class="jxr_keyword">if</strong> (resultAction == action) {
+<a name="833" href="#833">833</a> returnResult = result;
+<a name="834" href="#834">834</a> }
+<a name="835" href="#835">835</a> }
+<a name="836" href="#836">836</a>
+<a name="837" href="#837">837</a> <strong class="jxr_keyword">return</strong> returnResult;
+<a name="838" href="#838">838</a> }
+<a name="839" href="#839">839</a>
+<a name="840" href="#840">840</a>
+<a name="841" href="#841">841</a> <em class="jxr_javadoccomment">/**</em>
+<a name="842" href="#842">842</a> <em class="jxr_javadoccomment"> * Fetch the result of a given action from a given result list.</em>
+<a name="843" href="#843">843</a> <em class="jxr_javadoccomment"> * </em>
+<a name="844" href="#844">844</a> <em class="jxr_javadoccomment"> * @param resultList The result list to fetch an action from</em>
+<a name="845" href="#845">845</a> <em class="jxr_javadoccomment"> * @param action The action to fetch</em>
+<a name="846" href="#846">846</a> <em class="jxr_javadoccomment"> * @param actionResultList where to store the found results data for the action</em>
+<a name="847" href="#847">847</a> <em class="jxr_javadoccomment"> * @return The result fetched from the result list, null if the result</em>
+<a name="848" href="#848">848</a> <em class="jxr_javadoccomment"> * could not be found</em>
+<a name="849" href="#849">849</a> <em class="jxr_javadoccomment"> */</em>
+<a name="850" href="#850">850</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> List<WSSecurityEngineResult> fetchAllActionResults(
+<a name="851" href="#851">851</a> List<WSSecurityEngineResult> resultList,
+<a name="852" href="#852">852</a> <strong class="jxr_keyword">int</strong> action,
+<a name="853" href="#853">853</a> List<WSSecurityEngineResult> actionResultList
+<a name="854" href="#854">854</a> ) {
+<a name="855" href="#855">855</a> <strong class="jxr_keyword">for</strong> (WSSecurityEngineResult result : resultList) {
+<a name="856" href="#856">856</a> <em class="jxr_comment">//</em>
+<a name="857" href="#857">857</a> <em class="jxr_comment">// Check the result of every action whether it matches the given action</em>
+<a name="858" href="#858">858</a> <em class="jxr_comment">//</em>
+<a name="859" href="#859">859</a> <strong class="jxr_keyword">int</strong> resultAction =
+<a name="860" href="#860">860</a> ((java.lang.Integer)result.get(WSSecurityEngineResult.TAG_ACTION)).intValue();
+<a name="861" href="#861">861</a> <strong class="jxr_keyword">if</strong> (resultAction == action) {
+<a name="862" href="#862">862</a> actionResultList.add(result);
+<a name="863" href="#863">863</a> }
+<a name="864" href="#864">864</a> }
+<a name="865" href="#865">865</a> <strong class="jxr_keyword">return</strong> actionResultList;
+<a name="866" href="#866">866</a> }
+<a name="867" href="#867">867</a>
+<a name="868" href="#868">868</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">int</strong> decodeAction(
+<a name="869" href="#869">869</a> String action,
+<a name="870" href="#870">870</a> List<Integer> actions
+<a name="871" href="#871">871</a> ) <strong class="jxr_keyword">throws</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a> {
+<a name="872" href="#872">872</a>
+<a name="873" href="#873">873</a> <strong class="jxr_keyword">int</strong> doAction = 0;
+<a name="874" href="#874">874</a> <strong class="jxr_keyword">if</strong> (action == <strong class="jxr_keyword">null</strong>) {
+<a name="875" href="#875">875</a> <strong class="jxr_keyword">return</strong> doAction;
+<a name="876" href="#876">876</a> }
+<a name="877" href="#877">877</a> String single[] = StringUtil.split(action, ' ');
+<a name="878" href="#878">878</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = 0; i < single.length; i++) {
+<a name="879" href="#879">879</a> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.NO_SECURITY)) {
+<a name="880" href="#880">880</a> doAction = WSConstants.NO_SECURITY;
+<a name="881" href="#881">881</a> <strong class="jxr_keyword">return</strong> doAction;
+<a name="882" href="#882">882</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.USERNAME_TOKEN)) {
+<a name="883" href="#883">883</a> doAction |= WSConstants.UT;
+<a name="884" href="#884">884</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.UT));
+<a name="885" href="#885">885</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.USERNAME_TOKEN_NO_PASSWORD)) {
+<a name="886" href="#886">886</a> doAction |= WSConstants.UT_NOPASSWORD;
+<a name="887" href="#887">887</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.UT_NOPASSWORD));
+<a name="888" href="#888">888</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SIGNATURE)) {
+<a name="889" href="#889">889</a> doAction |= WSConstants.SIGN;
+<a name="890" href="#890">890</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.SIGN));
+<a name="891" href="#891">891</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.ENCRYPT)) {
+<a name="892" href="#892">892</a> doAction |= WSConstants.ENCR;
+<a name="893" href="#893">893</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.ENCR));
+<a name="894" href="#894">894</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SAML_TOKEN_UNSIGNED)) {
+<a name="895" href="#895">895</a> doAction |= WSConstants.ST_UNSIGNED;
+<a name="896" href="#896">896</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.ST_UNSIGNED));
+<a name="897" href="#897">897</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SAML_TOKEN_SIGNED)) {
+<a name="898" href="#898">898</a> doAction |= WSConstants.ST_SIGNED;
+<a name="899" href="#899">899</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.ST_SIGNED));
+<a name="900" href="#900">900</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.TIMESTAMP)) {
+<a name="901" href="#901">901</a> doAction |= WSConstants.TS;
+<a name="902" href="#902">902</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.TS));
+<a name="903" href="#903">903</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SIGN_WITH_UT_KEY)) {
+<a name="904" href="#904">904</a> doAction |= WSConstants.UT_SIGN;
+<a name="905" href="#905">905</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.UT_SIGN));
+<a name="906" href="#906">906</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.ENABLE_SIGNATURE_CONFIRMATION)) {
+<a name="907" href="#907">907</a> doAction |= WSConstants.SC;
+<a name="908" href="#908">908</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.SC));
+<a name="909" href="#909">909</a> } <strong class="jxr_keyword">else</strong> {
+<a name="910" href="#910">910</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
+<a name="911" href="#911">911</a> <span class="jxr_string">"Unknown action defined: "</span> + single[i]
+<a name="912" href="#912">912</a> );
+<a name="913" href="#913">913</a> }
+<a name="914" href="#914">914</a> }
+<a name="915" href="#915">915</a> <strong class="jxr_keyword">return</strong> doAction;
+<a name="916" href="#916">916</a> }
+<a name="917" href="#917">917</a>
+<a name="918" href="#918">918</a>
+<a name="919" href="#919">919</a> <em class="jxr_javadoccomment">/**</em>
+<a name="920" href="#920">920</a> <em class="jxr_javadoccomment"> * Decode an action String. This method should only be called on the outbound side.</em>
+<a name="921" href="#921">921</a> <em class="jxr_javadoccomment"> * @param action The initial String of actions to perform</em>
+<a name="922" href="#922">922</a> <em class="jxr_javadoccomment"> * @param actions The list of created actions that will be performed</em>
+<a name="923" href="#923">923</a> <em class="jxr_javadoccomment"> * @param wssConfig This object holds the list of custom actions to be performed.</em>
+<a name="924" href="#924">924</a> <em class="jxr_javadoccomment"> * @return The or'd integer of all the actions (apart from the custom actions)</em>
+<a name="925" href="#925">925</a> <em class="jxr_javadoccomment"> * @throws WSSecurityException</em>
+<a name="926" href="#926">926</a> <em class="jxr_javadoccomment"> */</em>
+<a name="927" href="#927">927</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">int</strong> decodeAction(
+<a name="928" href="#928">928</a> String action,
+<a name="929" href="#929">929</a> List<Integer> actions,
+<a name="930" href="#930">930</a> <a href="../../../../../org/apache/ws/security/WSSConfig.html">WSSConfig</a> wssConfig
+<a name="931" href="#931">931</a> ) <strong class="jxr_keyword">throws</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a> {
+<a name="932" href="#932">932</a>
+<a name="933" href="#933">933</a> <strong class="jxr_keyword">int</strong> doAction = 0;
+<a name="934" href="#934">934</a> <strong class="jxr_keyword">if</strong> (action == <strong class="jxr_keyword">null</strong>) {
+<a name="935" href="#935">935</a> <strong class="jxr_keyword">return</strong> doAction;
+<a name="936" href="#936">936</a> }
+<a name="937" href="#937">937</a> String single[] = StringUtil.split(action, ' ');
+<a name="938" href="#938">938</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = 0; i < single.length; i++) {
+<a name="939" href="#939">939</a> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.NO_SECURITY)) {
+<a name="940" href="#940">940</a> doAction = WSConstants.NO_SECURITY;
+<a name="941" href="#941">941</a> <strong class="jxr_keyword">return</strong> doAction;
+<a name="942" href="#942">942</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.USERNAME_TOKEN)) {
+<a name="943" href="#943">943</a> doAction |= WSConstants.UT;
+<a name="944" href="#944">944</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.UT));
+<a name="945" href="#945">945</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SIGNATURE)) {
+<a name="946" href="#946">946</a> doAction |= WSConstants.SIGN;
+<a name="947" href="#947">947</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.SIGN));
+<a name="948" href="#948">948</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.ENCRYPT)) {
+<a name="949" href="#949">949</a> doAction |= WSConstants.ENCR;
+<a name="950" href="#950">950</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.ENCR));
+<a name="951" href="#951">951</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SAML_TOKEN_UNSIGNED)) {
+<a name="952" href="#952">952</a> doAction |= WSConstants.ST_UNSIGNED;
+<a name="953" href="#953">953</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.ST_UNSIGNED));
+<a name="954" href="#954">954</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SAML_TOKEN_SIGNED)) {
+<a name="955" href="#955">955</a> doAction |= WSConstants.ST_SIGNED;
+<a name="956" href="#956">956</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.ST_SIGNED));
+<a name="957" href="#957">957</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.TIMESTAMP)) {
+<a name="958" href="#958">958</a> doAction |= WSConstants.TS;
+<a name="959" href="#959">959</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.TS));
+<a name="960" href="#960">960</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.SIGN_WITH_UT_KEY)) {
+<a name="961" href="#961">961</a> doAction |= WSConstants.UT_SIGN;
+<a name="962" href="#962">962</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.UT_SIGN));
+<a name="963" href="#963">963</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (single[i].equals(WSHandlerConstants.ENABLE_SIGNATURE_CONFIRMATION)) {
+<a name="964" href="#964">964</a> doAction |= WSConstants.SC;
+<a name="965" href="#965">965</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(WSConstants.SC));
+<a name="966" href="#966">966</a> } <strong class="jxr_keyword">else</strong> {
+<a name="967" href="#967">967</a> <strong class="jxr_keyword">try</strong> {
+<a name="968" href="#968">968</a> <strong class="jxr_keyword">int</strong> parsedAction = Integer.parseInt(single[i]);
+<a name="969" href="#969">969</a> <strong class="jxr_keyword">if</strong> (wssConfig.getAction(parsedAction) == <strong class="jxr_keyword">null</strong>) {
+<a name="970" href="#970">970</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
+<a name="971" href="#971">971</a> <span class="jxr_string">"Unknown action defined: "</span> + single[i]
+<a name="972" href="#972">972</a> );
+<a name="973" href="#973">973</a> }
+<a name="974" href="#974">974</a> actions.add(<strong class="jxr_keyword">new</strong> Integer(parsedAction));
+<a name="975" href="#975">975</a> } <strong class="jxr_keyword">catch</strong> (NumberFormatException ex) {
+<a name="976" href="#976">976</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
+<a name="977" href="#977">977</a> <span class="jxr_string">"Unknown action defined: "</span> + single[i]
+<a name="978" href="#978">978</a> );
+<a name="979" href="#979">979</a> }
+<a name="980" href="#980">980</a> }
+<a name="981" href="#981">981</a> }
+<a name="982" href="#982">982</a> <strong class="jxr_keyword">return</strong> doAction;
+<a name="983" href="#983">983</a> }
+<a name="984" href="#984">984</a>
+<a name="985" href="#985">985</a> <em class="jxr_javadoccomment">/**</em>
+<a name="986" href="#986">986</a> <em class="jxr_javadoccomment"> * Returns the length of the key in # of bytes</em>
+<a name="987" href="#987">987</a> <em class="jxr_javadoccomment"> * </em>
+<a name="988" href="#988">988</a> <em class="jxr_javadoccomment"> * @param algorithm</em>
+<a name="989" href="#989">989</a> <em class="jxr_javadoccomment"> * @return the key length</em>
+<a name="990" href="#990">990</a> <em class="jxr_javadoccomment"> */</em>
+<a name="991" href="#991">991</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">int</strong> getKeyLength(String algorithm) <strong class="jxr_keyword">throws</strong> WSSecurityException {
+<a name="992" href="#992">992</a> <strong class="jxr_keyword">if</strong> (algorithm.equals(WSConstants.TRIPLE_DES)) {
+<a name="993" href="#993">993</a> <strong class="jxr_keyword">return</strong> 24;
+<a name="994" href="#994">994</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (algorithm.equals(WSConstants.AES_128)) {
+<a name="995" href="#995">995</a> <strong class="jxr_keyword">return</strong> 16;
+<a name="996" href="#996">996</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (algorithm.equals(WSConstants.AES_192)) {
+<a name="997" href="#997">997</a> <strong class="jxr_keyword">return</strong> 24;
+<a name="998" href="#998">998</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (algorithm.equals(WSConstants.AES_256)) {
+<a name="999" href="#999">999</a> <strong class="jxr_keyword">return</strong> 32;
+<a name="1000" href="#1000">1000</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (WSConstants.HMAC_SHA1.equals(algorithm)) {
+<a name="1001" href="#1001">1001</a> <strong class="jxr_keyword">return</strong> 20;
+<a name="1002" href="#1002">1002</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (WSConstants.HMAC_SHA256.equals(algorithm)) {
+<a name="1003" href="#1003">1003</a> <strong class="jxr_keyword">return</strong> 32;
+<a name="1004" href="#1004">1004</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (WSConstants.HMAC_SHA384.equals(algorithm)) {
+<a name="1005" href="#1005">1005</a> <strong class="jxr_keyword">return</strong> 48;
+<a name="1006" href="#1006">1006</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (WSConstants.HMAC_SHA512.equals(algorithm)) {
+<a name="1007" href="#1007">1007</a> <strong class="jxr_keyword">return</strong> 64;
+<a name="1008" href="#1008">1008</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (WSConstants.HMAC_MD5.equals(algorithm)) {
+<a name="1009" href="#1009">1009</a> <strong class="jxr_keyword">return</strong> 16;
+<a name="1010" href="#1010">1010</a> } <strong class="jxr_keyword">else</strong> {
+<a name="1011" href="#1011">1011</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
+<a name="1012" href="#1012">1012</a> WSSecurityException.UNSUPPORTED_ALGORITHM, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>
+<a name="1013" href="#1013">1013</a> );
+<a name="1014" href="#1014">1014</a> }
+<a name="1015" href="#1015">1015</a> }
+<a name="1016" href="#1016">1016</a>
+<a name="1017" href="#1017">1017</a> <em class="jxr_javadoccomment">/**</em>
+<a name="1018" href="#1018">1018</a> <em class="jxr_javadoccomment"> * Generate a nonce of the given length using the SHA1PRNG algorithm. The SecureRandom</em>
+<a name="1019" href="#1019">1019</a> <em class="jxr_javadoccomment"> * instance that backs this method is cached for efficiency.</em>
+<a name="1020" href="#1020">1020</a> <em class="jxr_javadoccomment"> * </em>
+<a name="1021" href="#1021">1021</a> <em class="jxr_javadoccomment"> * @return a nonce of the given length</em>
+<a name="1022" href="#1022">1022</a> <em class="jxr_javadoccomment"> * @throws WSSecurityException</em>
+<a name="1023" href="#1023">1023</a> <em class="jxr_javadoccomment"> */</em>
+<a name="1024" href="#1024">1024</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">synchronized</strong> byte[] generateNonce(<strong class="jxr_keyword">int</strong> length) <strong class="jxr_keyword">throws</strong> WSSecurityException {
+<a name="1025" href="#1025">1025</a> <strong class="jxr_keyword">try</strong> {
+<a name="1026" href="#1026">1026</a> <strong class="jxr_keyword">if</strong> (random == <strong class="jxr_keyword">null</strong>) {
+<a name="1027" href="#1027">1027</a> random = SecureRandom.getInstance(<span class="jxr_string">"SHA1PRNG"</span>);
+<a name="1028" href="#1028">1028</a> }
+<a name="1029" href="#1029">1029</a> byte[] temp = <strong class="jxr_keyword">new</strong> byte[length];
+<a name="1030" href="#1030">1030</a> random.nextBytes(temp);
+<a name="1031" href="#1031">1031</a> <strong class="jxr_keyword">return</strong> temp;
+<a name="1032" href="#1032">1032</a> } <strong class="jxr_keyword">catch</strong> (Exception ex) {
<a name="1033" href="#1033">1033</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
-<a name="1034" href="#1034">1034</a> <span class="jxr_string">"Error in generating digest"</span>, e
+<a name="1034" href="#1034">1034</a> <span class="jxr_string">"Error in generating nonce of length "</span> + length, ex
<a name="1035" href="#1035">1035</a> );
<a name="1036" href="#1036">1036</a> }
<a name="1037" href="#1037">1037</a> }
<a name="1038" href="#1038">1038</a>
<a name="1039" href="#1039">1039</a> <em class="jxr_javadoccomment">/**</em>
-<a name="1040" href="#1040">1040</a> <em class="jxr_javadoccomment"> * Check that all of the QName[] requiredParts are protected by a specified action in the</em>
-<a name="1041" href="#1041">1041</a> <em class="jxr_javadoccomment"> * results list.</em>
-<a name="1042" href="#1042">1042</a> <em class="jxr_javadoccomment"> * @param results The List of WSSecurityEngineResults from processing</em>
-<a name="1043" href="#1043">1043</a> <em class="jxr_javadoccomment"> * @param action The action that is required (e.g. WSConstants.SIGN)</em>
-<a name="1044" href="#1044">1044</a> <em class="jxr_javadoccomment"> * @param requiredParts An array of QNames that correspond to the required elements</em>
+<a name="1040" href="#1040">1040</a> <em class="jxr_javadoccomment"> * Generate a (SHA1) digest of the input bytes. The MessageDigest instance that backs this</em>
+<a name="1041" href="#1041">1041</a> <em class="jxr_javadoccomment"> * method is cached for efficiency. </em>
+<a name="1042" href="#1042">1042</a> <em class="jxr_javadoccomment"> * @param inputBytes the bytes to digest</em>
+<a name="1043" href="#1043">1043</a> <em class="jxr_javadoccomment"> * @return the digest of the input bytes</em>
+<a name="1044" href="#1044">1044</a> <em class="jxr_javadoccomment"> * @throws WSSecurityException</em>
<a name="1045" href="#1045">1045</a> <em class="jxr_javadoccomment"> */</em>
-<a name="1046" href="#1046">1046</a> @SuppressWarnings(<span class="jxr_string">"unchecked"</span>)
-<a name="1047" href="#1047">1047</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> checkAllElementsProtected(
-<a name="1048" href="#1048">1048</a> List<WSSecurityEngineResult> results,
-<a name="1049" href="#1049">1049</a> <strong class="jxr_keyword">int</strong> action,
-<a name="1050" href="#1050">1050</a> QName[] requiredParts
-<a name="1051" href="#1051">1051</a> ) <strong class="jxr_keyword">throws</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a> {
-<a name="1052" href="#1052">1052</a>
-<a name="1053" href="#1053">1053</a> <strong class="jxr_keyword">if</strong> (requiredParts != <strong class="jxr_keyword">null</strong>) {
-<a name="1054" href="#1054">1054</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = 0; i < requiredParts.length; i++) {
-<a name="1055" href="#1055">1055</a> QName requiredPart = requiredParts[i];
-<a name="1056" href="#1056">1056</a>
-<a name="1057" href="#1057">1057</a> <strong class="jxr_keyword">boolean</strong> found = false;
-<a name="1058" href="#1058">1058</a> <strong class="jxr_keyword">for</strong> (Iterator<WSSecurityEngineResult> iter = results.iterator();
-<a name="1059" href="#1059">1059</a> iter.hasNext() && !found;) {
-<a name="1060" href="#1060">1060</a> <a href="../../../../../org/apache/ws/security/WSSecurityEngineResult.html">WSSecurityEngineResult</a> result = iter.next();
-<a name="1061" href="#1061">1061</a> <strong class="jxr_keyword">int</strong> resultAction =
-<a name="1062" href="#1062">1062</a> ((java.lang.Integer)result.get(WSSecurityEngineResult.TAG_ACTION)).intValue();
-<a name="1063" href="#1063">1063</a> <strong class="jxr_keyword">if</strong> (resultAction != action) {
-<a name="1064" href="#1064">1064</a> <strong class="jxr_keyword">continue</strong>;
-<a name="1065" href="#1065">1065</a> }
-<a name="1066" href="#1066">1066</a> List<WSDataRef> refList =
-<a name="1067" href="#1067">1067</a> (List<WSDataRef>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
-<a name="1068" href="#1068">1068</a> <strong class="jxr_keyword">if</strong> (refList != <strong class="jxr_keyword">null</strong>) {
-<a name="1069" href="#1069">1069</a> <strong class="jxr_keyword">for</strong> (WSDataRef dataRef : refList) {
-<a name="1070" href="#1070">1070</a> <strong class="jxr_keyword">if</strong> (dataRef.getName().equals(requiredPart)) {
-<a name="1071" href="#1071">1071</a> found = <strong class="jxr_keyword">true</strong>;
-<a name="1072" href="#1072">1072</a> <strong class="jxr_keyword">break</strong>;
-<a name="1073" href="#1073">1073</a> }
-<a name="1074" href="#1074">1074</a> }
-<a name="1075" href="#1075">1075</a> }
-<a name="1076" href="#1076">1076</a> }
-<a name="1077" href="#1077">1077</a> <strong class="jxr_keyword">if</strong> (!found) {
-<a name="1078" href="#1078">1078</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
-<a name="1079" href="#1079">1079</a> WSSecurityException.FAILED_CHECK,
-<a name="1080" href="#1080">1080</a> <span class="jxr_string">"requiredElementNotProtected"</span>,
-<a name="1081" href="#1081">1081</a> <strong class="jxr_keyword">new</strong> Object[] {requiredPart}
-<a name="1082" href="#1082">1082</a> );
-<a name="1083" href="#1083">1083</a> }
-<a name="1084" href="#1084">1084</a> }
-<a name="1085" href="#1085">1085</a> log.debug(<span class="jxr_string">"All required elements are protected"</span>);
-<a name="1086" href="#1086">1086</a> }
-<a name="1087" href="#1087">1087</a> }
-<a name="1088" href="#1088">1088</a>
-<a name="1089" href="#1089">1089</a> <em class="jxr_javadoccomment">/**</em>
-<a name="1090" href="#1090">1090</a> <em class="jxr_javadoccomment"> * Ensure that this covers all required elements (identified by</em>
-<a name="1091" href="#1091">1091</a> <em class="jxr_javadoccomment"> * their wsu:Id attributes).</em>
-<a name="1092" href="#1092">1092</a> <em class="jxr_javadoccomment"> * </em>
-<a name="1093" href="#1093">1093</a> <em class="jxr_javadoccomment"> * @param resultItem the signature to check</em>
-<a name="1094" href="#1094">1094</a> <em class="jxr_javadoccomment"> * @param requiredIDs the list of wsu:Id values that must be covered</em>
-<a name="1095" href="#1095">1095</a> <em class="jxr_javadoccomment"> * @throws WSSecurityException if any required element is not included</em>
-<a name="1096" href="#1096">1096</a> <em class="jxr_javadoccomment"> */</em>
-<a name="1097" href="#1097">1097</a> @SuppressWarnings(<span class="jxr_string">"unchecked"</span>)
-<a name="1098" href="#1098">1098</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> checkSignsAllElements(
-<a name="1099" href="#1099">1099</a> <a href="../../../../../org/apache/ws/security/WSSecurityEngineResult.html">WSSecurityEngineResult</a> resultItem,
-<a name="1100" href="#1100">1100</a> String[] requiredIDs
-<a name="1101" href="#1101">1101</a> ) <strong class="jxr_keyword">throws</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a> {
-<a name="1102" href="#1102">1102</a> <strong class="jxr_keyword">int</strong> resultAction =
-<a name="1103" href="#1103">1103</a> ((java.lang.Integer)resultItem.get(WSSecurityEngineResult.TAG_ACTION)).intValue();
-<a name="1104" href="#1104">1104</a> <strong class="jxr_keyword">if</strong> (resultAction != WSConstants.SIGN) {
-<a name="1105" href="#1105">1105</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> IllegalArgumentException(<span class="jxr_string">"Not a SIGN result"</span>);
+<a name="1046" href="#1046">1046</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">synchronized</strong> byte[] generateDigest(byte[] inputBytes) <strong class="jxr_keyword">throws</strong> WSSecurityException {
+<a name="1047" href="#1047">1047</a> <strong class="jxr_keyword">try</strong> {
+<a name="1048" href="#1048">1048</a> <strong class="jxr_keyword">if</strong> (digest == <strong class="jxr_keyword">null</strong>) {
+<a name="1049" href="#1049">1049</a> digest = MessageDigest.getInstance(<span class="jxr_string">"SHA-1"</span>);
+<a name="1050" href="#1050">1050</a> }
+<a name="1051" href="#1051">1051</a> <strong class="jxr_keyword">return</strong> digest.digest(inputBytes);
+<a name="1052" href="#1052">1052</a> } <strong class="jxr_keyword">catch</strong> (Exception e) {
+<a name="1053" href="#1053">1053</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
+<a name="1054" href="#1054">1054</a> <span class="jxr_string">"Error in generating digest"</span>, e
+<a name="1055" href="#1055">1055</a> );
+<a name="1056" href="#1056">1056</a> }
+<a name="1057" href="#1057">1057</a> }
+<a name="1058" href="#1058">1058</a>
+<a name="1059" href="#1059">1059</a> <em class="jxr_javadoccomment">/**</em>
+<a name="1060" href="#1060">1060</a> <em class="jxr_javadoccomment"> * Check that all of the QName[] requiredParts are protected by a specified action in the</em>
+<a name="1061" href="#1061">1061</a> <em class="jxr_javadoccomment"> * results list.</em>
+<a name="1062" href="#1062">1062</a> <em class="jxr_javadoccomment"> * @param results The List of WSSecurityEngineResults from processing</em>
+<a name="1063" href="#1063">1063</a> <em class="jxr_javadoccomment"> * @param action The action that is required (e.g. WSConstants.SIGN)</em>
+<a name="1064" href="#1064">1064</a> <em class="jxr_javadoccomment"> * @param requiredParts An array of QNames that correspond to the required elements</em>
+<a name="1065" href="#1065">1065</a> <em class="jxr_javadoccomment"> */</em>
+<a name="1066" href="#1066">1066</a> @SuppressWarnings(<span class="jxr_string">"unchecked"</span>)
+<a name="1067" href="#1067">1067</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> checkAllElementsProtected(
+<a name="1068" href="#1068">1068</a> List<WSSecurityEngineResult> results,
+<a name="1069" href="#1069">1069</a> <strong class="jxr_keyword">int</strong> action,
+<a name="1070" href="#1070">1070</a> QName[] requiredParts
+<a name="1071" href="#1071">1071</a> ) <strong class="jxr_keyword">throws</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a> {
+<a name="1072" href="#1072">1072</a>
+<a name="1073" href="#1073">1073</a> <strong class="jxr_keyword">if</strong> (requiredParts != <strong class="jxr_keyword">null</strong>) {
+<a name="1074" href="#1074">1074</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = 0; i < requiredParts.length; i++) {
+<a name="1075" href="#1075">1075</a> QName requiredPart = requiredParts[i];
+<a name="1076" href="#1076">1076</a>
+<a name="1077" href="#1077">1077</a> <strong class="jxr_keyword">boolean</strong> found = false;
+<a name="1078" href="#1078">1078</a> <strong class="jxr_keyword">for</strong> (Iterator<WSSecurityEngineResult> iter = results.iterator();
+<a name="1079" href="#1079">1079</a> iter.hasNext() && !found;) {
+<a name="1080" href="#1080">1080</a> <a href="../../../../../org/apache/ws/security/WSSecurityEngineResult.html">WSSecurityEngineResult</a> result = iter.next();
+<a name="1081" href="#1081">1081</a> <strong class="jxr_keyword">int</strong> resultAction =
+<a name="1082" href="#1082">1082</a> ((java.lang.Integer)result.get(WSSecurityEngineResult.TAG_ACTION)).intValue();
+<a name="1083" href="#1083">1083</a> <strong class="jxr_keyword">if</strong> (resultAction != action) {
+<a name="1084" href="#1084">1084</a> <strong class="jxr_keyword">continue</strong>;
+<a name="1085" href="#1085">1085</a> }
+<a name="1086" href="#1086">1086</a> List<WSDataRef> refList =
+<a name="1087" href="#1087">1087</a> (List<WSDataRef>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
+<a name="1088" href="#1088">1088</a> <strong class="jxr_keyword">if</strong> (refList != <strong class="jxr_keyword">null</strong>) {
+<a name="1089" href="#1089">1089</a> <strong class="jxr_keyword">for</strong> (WSDataRef dataRef : refList) {
+<a name="1090" href="#1090">1090</a> <strong class="jxr_keyword">if</strong> (dataRef.getName().equals(requiredPart)) {
+<a name="1091" href="#1091">1091</a> found = <strong class="jxr_keyword">true</strong>;
+<a name="1092" href="#1092">1092</a> <strong class="jxr_keyword">break</strong>;
+<a name="1093" href="#1093">1093</a> }
+<a name="1094" href="#1094">1094</a> }
+<a name="1095" href="#1095">1095</a> }
+<a name="1096" href="#1096">1096</a> }
+<a name="1097" href="#1097">1097</a> <strong class="jxr_keyword">if</strong> (!found) {
+<a name="1098" href="#1098">1098</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
+<a name="1099" href="#1099">1099</a> WSSecurityException.FAILED_CHECK,
+<a name="1100" href="#1100">1100</a> <span class="jxr_string">"requiredElementNotProtected"</span>,
+<a name="1101" href="#1101">1101</a> <strong class="jxr_keyword">new</strong> Object[] {requiredPart}
+<a name="1102" href="#1102">1102</a> );
+<a name="1103" href="#1103">1103</a> }
+<a name="1104" href="#1104">1104</a> }
+<a name="1105" href="#1105">1105</a> log.debug(<span class="jxr_string">"All required elements are protected"</span>);
<a name="1106" href="#1106">1106</a> }
-<a name="1107" href="#1107">1107</a>
-<a name="1108" href="#1108">1108</a> List<WSDataRef> signedElemsRefList =
-<a name="1109" href="#1109">1109</a> (List<WSDataRef>)resultItem.get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
-<a name="1110" href="#1110">1110</a> <strong class="jxr_keyword">if</strong> (signedElemsRefList == <strong class="jxr_keyword">null</strong>) {
-<a name="1111" href="#1111">1111</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
-<a name="1112" href="#1112">1112</a> <span class="jxr_string">"WSSecurityEngineResult does not contain any references to signed elements"</span>
-<a name="1113" href="#1113">1113</a> );
-<a name="1114" href="#1114">1114</a> }
-<a name="1115" href="#1115">1115</a>
-<a name="1116" href="#1116">1116</a> log.debug(<span class="jxr_string">"Checking required elements are in the signature..."</span>);
-<a name="1117" href="#1117">1117</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = 0; i < requiredIDs.length; i++) {
-<a name="1118" href="#1118">1118</a> <strong class="jxr_keyword">boolean</strong> found = false;
-<a name="1119" href="#1119">1119</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> j = 0; j < signedElemsRefList.size(); j++) {
-<a name="1120" href="#1120">1120</a> <a href="../../../../../org/apache/ws/security/WSDataRef.html">WSDataRef</a> dataRef = (WSDataRef)signedElemsRefList.get(j);
-<a name="1121" href="#1121">1121</a> String wsuId = dataRef.getWsuId();
-<a name="1122" href="#1122">1122</a> <strong class="jxr_keyword">if</strong> (wsuId.charAt(0) == '#') {
-<a name="1123" href="#1123">1123</a> wsuId = wsuId.substring(1);
-<a name="1124" href="#1124">1124</a> }
-<a name="1125" href="#1125">1125</a> <strong class="jxr_keyword">if</strong> (wsuId.equals(requiredIDs[i])) {
-<a name="1126" href="#1126">1126</a> found = <strong class="jxr_keyword">true</strong>;
-<a name="1127" href="#1127">1127</a> }
-<a name="1128" href="#1128">1128</a> }
-<a name="1129" href="#1129">1129</a> <strong class="jxr_keyword">if</strong> (!found) {
-<a name="1130" href="#1130">1130</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
-<a name="1131" href="#1131">1131</a> WSSecurityException.FAILED_CHECK,
-<a name="1132" href="#1132">1132</a> <span class="jxr_string">"requiredElementNotSigned"</span>,
-<a name="1133" href="#1133">1133</a> <strong class="jxr_keyword">new</strong> Object[] {requiredIDs[i]}
-<a name="1134" href="#1134">1134</a> );
-<a name="1135" href="#1135">1135</a> }
-<a name="1136" href="#1136">1136</a> log.debug(<span class="jxr_string">"Element with ID "</span> + requiredIDs[i] + <span class="jxr_string">" was correctly signed"</span>);
-<a name="1137" href="#1137">1137</a> }
-<a name="1138" href="#1138">1138</a> log.debug(<span class="jxr_string">"All required elements are signed"</span>);
-<a name="1139" href="#1139">1139</a> }
-<a name="1140" href="#1140">1140</a>
-<a name="1141" href="#1141">1141</a>
-<a name="1142" href="#1142">1142</a> <em class="jxr_javadoccomment">/**</em>
-<a name="1143" href="#1143">1143</a> <em class="jxr_javadoccomment"> * @return a list of child Nodes</em>
-<a name="1144" href="#1144">1144</a> <em class="jxr_javadoccomment"> */</em>
-<a name="1145" href="#1145">1145</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> List<Node>
-<a name="1146" href="#1146">1146</a> listChildren(
-<a name="1147" href="#1147">1147</a> <strong class="jxr_keyword">final</strong> Node parent
-<a name="1148" href="#1148">1148</a> ) {
-<a name="1149" href="#1149">1149</a> <strong class="jxr_keyword">final</strong> List<Node> ret = <strong class="jxr_keyword">new</strong> ArrayList<Node>();
-<a name="1150" href="#1150">1150</a> <strong class="jxr_keyword">if</strong> (parent != <strong class="jxr_keyword">null</strong>) {
-<a name="1151" href="#1151">1151</a> Node node = parent.getFirstChild();
-<a name="1152" href="#1152">1152</a> <strong class="jxr_keyword">while</strong> (node != <strong class="jxr_keyword">null</strong>) {
-<a name="1153" href="#1153">1153</a> ret.add(node);
-<a name="1154" href="#1154">1154</a> node = node.getNextSibling();
+<a name="1107" href="#1107">1107</a> }
+<a name="1108" href="#1108">1108</a>
+<a name="1109" href="#1109">1109</a> <em class="jxr_javadoccomment">/**</em>
+<a name="1110" href="#1110">1110</a> <em class="jxr_javadoccomment"> * Ensure that this covers all required elements (identified by</em>
+<a name="1111" href="#1111">1111</a> <em class="jxr_javadoccomment"> * their wsu:Id attributes).</em>
+<a name="1112" href="#1112">1112</a> <em class="jxr_javadoccomment"> * </em>
+<a name="1113" href="#1113">1113</a> <em class="jxr_javadoccomment"> * @param resultItem the signature to check</em>
+<a name="1114" href="#1114">1114</a> <em class="jxr_javadoccomment"> * @param requiredIDs the list of wsu:Id values that must be covered</em>
+<a name="1115" href="#1115">1115</a> <em class="jxr_javadoccomment"> * @throws WSSecurityException if any required element is not included</em>
+<a name="1116" href="#1116">1116</a> <em class="jxr_javadoccomment"> */</em>
+<a name="1117" href="#1117">1117</a> @SuppressWarnings(<span class="jxr_string">"unchecked"</span>)
+<a name="1118" href="#1118">1118</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> checkSignsAllElements(
+<a name="1119" href="#1119">1119</a> <a href="../../../../../org/apache/ws/security/WSSecurityEngineResult.html">WSSecurityEngineResult</a> resultItem,
+<a name="1120" href="#1120">1120</a> String[] requiredIDs
+<a name="1121" href="#1121">1121</a> ) <strong class="jxr_keyword">throws</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a> {
+<a name="1122" href="#1122">1122</a> <strong class="jxr_keyword">int</strong> resultAction =
+<a name="1123" href="#1123">1123</a> ((java.lang.Integer)resultItem.get(WSSecurityEngineResult.TAG_ACTION)).intValue();
+<a name="1124" href="#1124">1124</a> <strong class="jxr_keyword">if</strong> (resultAction != WSConstants.SIGN) {
+<a name="1125" href="#1125">1125</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> IllegalArgumentException(<span class="jxr_string">"Not a SIGN result"</span>);
+<a name="1126" href="#1126">1126</a> }
+<a name="1127" href="#1127">1127</a>
+<a name="1128" href="#1128">1128</a> List<WSDataRef> signedElemsRefList =
+<a name="1129" href="#1129">1129</a> (List<WSDataRef>)resultItem.get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
+<a name="1130" href="#1130">1130</a> <strong class="jxr_keyword">if</strong> (signedElemsRefList == <strong class="jxr_keyword">null</strong>) {
+<a name="1131" href="#1131">1131</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
+<a name="1132" href="#1132">1132</a> <span class="jxr_string">"WSSecurityEngineResult does not contain any references to signed elements"</span>
+<a name="1133" href="#1133">1133</a> );
+<a name="1134" href="#1134">1134</a> }
+<a name="1135" href="#1135">1135</a>
+<a name="1136" href="#1136">1136</a> log.debug(<span class="jxr_string">"Checking required elements are in the signature..."</span>);
+<a name="1137" href="#1137">1137</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = 0; i < requiredIDs.length; i++) {
+<a name="1138" href="#1138">1138</a> <strong class="jxr_keyword">boolean</strong> found = false;
+<a name="1139" href="#1139">1139</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> j = 0; j < signedElemsRefList.size(); j++) {
+<a name="1140" href="#1140">1140</a> <a href="../../../../../org/apache/ws/security/WSDataRef.html">WSDataRef</a> dataRef = (WSDataRef)signedElemsRefList.get(j);
+<a name="1141" href="#1141">1141</a> String wsuId = dataRef.getWsuId();
+<a name="1142" href="#1142">1142</a> <strong class="jxr_keyword">if</strong> (wsuId.charAt(0) == '#') {
+<a name="1143" href="#1143">1143</a> wsuId = wsuId.substring(1);
+<a name="1144" href="#1144">1144</a> }
+<a name="1145" href="#1145">1145</a> <strong class="jxr_keyword">if</strong> (wsuId.equals(requiredIDs[i])) {
+<a name="1146" href="#1146">1146</a> found = <strong class="jxr_keyword">true</strong>;
+<a name="1147" href="#1147">1147</a> }
+<a name="1148" href="#1148">1148</a> }
+<a name="1149" href="#1149">1149</a> <strong class="jxr_keyword">if</strong> (!found) {
+<a name="1150" href="#1150">1150</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(
+<a name="1151" href="#1151">1151</a> WSSecurityException.FAILED_CHECK,
+<a name="1152" href="#1152">1152</a> <span class="jxr_string">"requiredElementNotSigned"</span>,
+<a name="1153" href="#1153">1153</a> <strong class="jxr_keyword">new</strong> Object[] {requiredIDs[i]}
+<a name="1154" href="#1154">1154</a> );
<a name="1155" href="#1155">1155</a> }
-<a name="1156" href="#1156">1156</a> }
-<a name="1157" href="#1157">1157</a> <strong class="jxr_keyword">return</strong> ret;
-<a name="1158" href="#1158">1158</a> }
-<a name="1159" href="#1159">1159</a>
-<a name="1160" href="#1160">1160</a> <em class="jxr_javadoccomment">/**</em>
-<a name="1161" href="#1161">1161</a> <em class="jxr_javadoccomment"> * @return a list of Nodes in b that are not in a </em>
-<a name="1162" href="#1162">1162</a> <em class="jxr_javadoccomment"> */</em>
-<a name="1163" href="#1163">1163</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> List<Node>
-<a name="1164" href="#1164">1164</a> newNodes(
-<a name="1165" href="#1165">1165</a> <strong class="jxr_keyword">final</strong> List<Node> a,
-<a name="1166" href="#1166">1166</a> <strong class="jxr_keyword">final</strong> List<Node> b
-<a name="1167" href="#1167">1167</a> ) {
-<a name="1168" href="#1168">1168</a> <strong class="jxr_keyword">if</strong> (a.size() == 0) {
-<a name="1169" href="#1169">1169</a> <strong class="jxr_keyword">return</strong> b;
-<a name="1170" href="#1170">1170</a> }
-<a name="1171" href="#1171">1171</a> <strong class="jxr_keyword">final</strong> List<Node> ret = <strong class="jxr_keyword">new</strong> ArrayList<Node>();
-<a name="1172" href="#1172">1172</a> <strong class="jxr_keyword">if</strong> (b.size() == 0) {
-<a name="1173" href="#1173">1173</a> <strong class="jxr_keyword">return</strong> ret;
-<a name="1174" href="#1174">1174</a> }
-<a name="1175" href="#1175">1175</a> <strong class="jxr_keyword">for</strong> (
-<a name="1176" href="#1176">1176</a> <strong class="jxr_keyword">final</strong> Iterator<Node> bpos = b.iterator();
-<a name="1177" href="#1177">1177</a> bpos.hasNext();
-<a name="1178" href="#1178">1178</a> ) {
-<a name="1179" href="#1179">1179</a> <strong class="jxr_keyword">final</strong> Node bnode = bpos.next();
-<a name="1180" href="#1180">1180</a> <strong class="jxr_keyword">final</strong> String bns = bnode.getNamespaceURI();
[... 144 lines stripped ...]