You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by di...@apache.org on 2004/11/12 15:03:16 UTC
cvs commit: ws-fx/wss4j/src/org/apache/ws/security/util WSSecurityUtil.java
dims 2004/11/12 06:03:16
Modified: wss4j/src/org/apache/ws/security/conversation
ConversationEngine.java
wss4j/lib xmlsec.jar
wss4j/src/org/apache/ws/security/message/token
SecurityTokenReference.java
wss4j/src/org/apache/ws/security/transform STRTransform.java
wss4j/src/org/apache/ws/security WSSecurityEngine.java
wss4j/src/org/apache/ws/security/util WSSecurityUtil.java
Added: wss4j/lib jce-jdk13-125.jar
Removed: wss4j/lib jce-jdk13-123.jar
Log:
Started trying to fix Gump Failure (http://brutus.apache.org/gump/public/wss4j/wss4j/gump_work/build_wss4j_wss4j.html) and ended up updating to latest BouncyCastle and XML-Security...
Revision Changes Path
1.7 +10 -3 ws-fx/wss4j/src/org/apache/ws/security/conversation/ConversationEngine.java
Index: ConversationEngine.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/src/org/apache/ws/security/conversation/ConversationEngine.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- ConversationEngine.java 16 Oct 2004 08:02:50 -0000 1.6
+++ ConversationEngine.java 12 Nov 2004 14:03:15 -0000 1.7
@@ -95,6 +95,16 @@
private boolean doDebug = false;
+ static {
+ org.apache.xml.security.Init.init();
+ String Id = "BC";
+ if (java.security.Security.getProvider(Id) == null) {
+ log.debug("The provider " + Id
+ + " had to be added to the java.security.Security");
+ java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
+ }
+ }
+
/**
* <code>wsc:DerivedKeyToken</code> as defined in WS Secure Conversation specification.
*/
@@ -389,10 +399,7 @@
throw new ConversationException("noXMLSig");
} catch (XMLSecurityException e2) {
throw new ConversationException("noXMLSig");
- } catch (IOException e2) {
- throw new ConversationException("noXMLSig");
}
-
String sigMethodURI = sig.getSignedInfo().getSignatureMethodURI();
//verifying the sinature
if (sigMethodURI.equals(XMLSignature.ALGO_ID_MAC_HMAC_SHA1)) {
1.6 +1572 -1669ws-fx/wss4j/lib/xmlsec.jar
<<Binary file>>
1.1 ws-fx/wss4j/lib/jce-jdk13-125.jar
<<Binary file>>
1.19 +3 -11 ws-fx/wss4j/src/org/apache/ws/security/message/token/SecurityTokenReference.java
Index: SecurityTokenReference.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/src/org/apache/ws/security/message/token/SecurityTokenReference.java,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- SecurityTokenReference.java 16 Oct 2004 08:15:27 -0000 1.18
+++ SecurityTokenReference.java 12 Nov 2004 14:03:16 -0000 1.19
@@ -151,7 +151,7 @@
* that contains the SecurityTokenReference (STR). See
* STRTransform.derefenceBST() method
* @return Element containing the signing token, must be a BinarySecurityToken
- * @throws Exception When either no <code>Reference</code> element, or the found
+ * @throws WSSecurityException When either no <code>Reference</code> element, or the found
* reference contains no URI, or the referenced signing not found.
*/
public Element getTokenElement(Document doc, WSDocInfo docInfo)
@@ -414,16 +414,8 @@
return null;
}
}
- String alias = null;
- try {
- alias =
- crypto.getAliasForX509Cert(issuerSerial.getIssuerName(),
- issuerSerial.getSerialNumber());
- } catch (XMLSecurityException e) {
- throw new WSSecurityException(WSSecurityException.SECURITY_TOKEN_UNAVAILABLE,
- "noToken",
- new Object[]{"Issuer/Serial data unavailabe"});
- }
+ String alias = crypto.getAliasForX509Cert(issuerSerial.getIssuerName(),
+ issuerSerial.getSerialNumber());
if (doDebug) {
log.info("X509IssuerSerial alias: " + alias);
}
1.20 +8 -2 ws-fx/wss4j/src/org/apache/ws/security/transform/STRTransform.java
Index: STRTransform.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/src/org/apache/ws/security/transform/STRTransform.java,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- STRTransform.java 9 Aug 2004 17:53:45 -0000 1.19
+++ STRTransform.java 12 Nov 2004 14:03:16 -0000 1.20
@@ -33,6 +33,7 @@
import org.apache.xml.security.signature.XMLSignatureInput;
import org.apache.xml.security.transforms.TransformSpi;
import org.apache.xml.security.utils.Base64;
+import org.apache.xml.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -145,8 +146,13 @@
String canonAlgo = null;
if (this._transformObject.length(WSConstants.WSSE_NS,
"TransformationParameters") == 1) {
- Element tmpE = this._transformObject.getChildElementLocalName(0, WSConstants.WSSE_NS, "TransformationParameters");
- Element canonElem = (Element) WSSecurityUtil.getDirectChild(tmpE, "CanonicalizationMethod", WSConstants.SIG_NS);
+ Element tmpE = XMLUtils.selectNode(this._transformObject.getElement().getFirstChild(),
+ WSConstants.WSSE_NS,
+ "TransformationParameters",
+ 0);
+ Element canonElem = (Element) WSSecurityUtil.getDirectChild(tmpE,
+ "CanonicalizationMethod",
+ WSConstants.SIG_NS);
canonAlgo = canonElem.getAttribute("Algorithm");
if (doDebug) {
log.debug("CanonAlgo: " + canonAlgo);
1.41 +5 -19 ws-fx/wss4j/src/org/apache/ws/security/WSSecurityEngine.java
Index: WSSecurityEngine.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/src/org/apache/ws/security/WSSecurityEngine.java,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -r1.40 -r1.41
--- WSSecurityEngine.java 1 Nov 2004 10:40:21 -0000 1.40
+++ WSSecurityEngine.java 12 Nov 2004 14:03:16 -0000 1.41
@@ -311,8 +311,6 @@
NodeList list = securityHeader.getChildNodes();
int len = list.getLength();
Node elem;
- String localName = null;
- String namespace = null;
Principal lastPrincipalFound = null;
if (tlog.isDebugEnabled()) {
t1 = System.currentTimeMillis();
@@ -457,7 +455,7 @@
* @return the subject principal of the validated X509 certificate (the
* authenticated subject). The calling function may use this
* principal for further authentication or authorization.
- * @throws Exception
+ * @throws WSSecurityException
*/
protected Principal verifyXMLSignature(Element elem,
Crypto crypto,
@@ -481,10 +479,7 @@
} catch (XMLSecurityException e2) {
throw new WSSecurityException(WSSecurityException.FAILED_CHECK,
"noXMLSig");
- } catch (IOException e2) {
- throw new WSSecurityException(WSSecurityException.FAILED_CHECK,
- "noXMLSig");
- }
+ }
sig.addResourceResolver(EnvelopeIdResolver.getInstance(wssConfig));
@@ -927,8 +922,6 @@
}
// need to have it to find the encryped data elements in the envelope
Document doc = xencEncryptedKey.getOwnerDocument();
- Element envelope = doc.getDocumentElement();
- Element nsContext = WSSecurityUtil.createNamespaceContext(wssConfig, doc);
// lookup xenc:EncryptionMethod, get the Algorithm attribute to determine
// how the key was encrypted. Then check if we support the algorithm
@@ -1144,7 +1137,6 @@
* Now lookup the references that are encrypted with this key
*/
String dataRefURI = null;
- String keyRefURI = null;
Element refList = (Element) WSSecurityUtil.getDirectChild((Node) xencEncryptedKey,
"ReferenceList", WSConstants.ENC_NS);
if (refList != null) {
@@ -1159,9 +1151,7 @@
if (tmpE.getLocalName().equals("DataReference")) {
dataRefURI = ((Element) tmpE).getAttribute("URI");
decryptDataRef(doc, dataRefURI, decryptedBytes);
- } else if (tmpE.getLocalName().equals("KeyReference")) {
- keyRefURI = ((Element) tmpE).getAttribute("URI");
- }
+ }
}
}
@@ -1246,8 +1236,6 @@
if (tmpE.getLocalName().equals("DataReference")) {
String dataRefURI = ((Element) tmpE).getAttribute("URI");
decryptDataRefEmbedded(doc, dataRefURI, cb);
- } else if (tmpE.getLocalName().equals("KeyReference")) {
- String keyRefURI = ((Element) tmpE).getAttribute("URI");
}
}
}
@@ -1388,12 +1376,10 @@
}
/**
- * Put description here.
- * <p/>
- *
+ * Method getDecodedBase64EncodedData
* @param element
* @return
- * @throws Exception
+ * @throws WSSecurityException
*/
public static byte[] getDecodedBase64EncodedData(Element element) throws WSSecurityException {
StringBuffer sb = new StringBuffer();
1.24 +2 -11 ws-fx/wss4j/src/org/apache/ws/security/util/WSSecurityUtil.java
Index: WSSecurityUtil.java
===================================================================
RCS file: /home/cvs/ws-fx/wss4j/src/org/apache/ws/security/util/WSSecurityUtil.java,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- WSSecurityUtil.java 31 Oct 2004 08:10:17 -0000 1.23
+++ WSSecurityUtil.java 12 Nov 2004 14:03:16 -0000 1.24
@@ -751,17 +751,8 @@
}
public static SecretKey prepareSecretKey(String symEncAlgo,
- byte[] rawKey)
- throws WSSecurityException {
-
- JCEMapper.ProviderIdClass providerID = JCEMapper.translateURItoJCEID(symEncAlgo);
- if (providerID == null) {
- throw new WSSecurityException(WSSecurityException.UNSUPPORTED_ALGORITHM,
- "unsupportedSymKey",
- new Object[]{"No provider for: " + symEncAlgo});
- }
-
- SecretKeySpec keySpec = new SecretKeySpec(rawKey, JCEMapper.getJCEKeyAlgorithmFromURI(symEncAlgo, providerID.getProviderId()));
+ byte[] rawKey) {
+ SecretKeySpec keySpec = new SecretKeySpec(rawKey, JCEMapper.getJCEKeyAlgorithmFromURI(symEncAlgo));
return (SecretKey) keySpec;
}