You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2011/05/16 15:43:16 UTC
svn commit: r1103733 - in
/webservices/wss4j/trunk/src/main/java/org/apache/ws/security:
WSDerivedKeyTokenPrincipal.java str/SignatureSTRParser.java
Author: coheigea
Date: Mon May 16 13:43:15 2011
New Revision: 1103733
URL: http://svn.apache.org/viewvc?rev=1103733&view=rev
Log:
Store the original derived key in the principal when processing a signature
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSDerivedKeyTokenPrincipal.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java
Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSDerivedKeyTokenPrincipal.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSDerivedKeyTokenPrincipal.java?rev=1103733&r1=1103732&r2=1103733&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSDerivedKeyTokenPrincipal.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSDerivedKeyTokenPrincipal.java Mon May 16 13:43:15 2011
@@ -37,6 +37,7 @@ public class WSDerivedKeyTokenPrincipal
private int length;
private int offset;
private String basetokenId;
+ private byte[] secret;
public String getLabel() {
return label;
@@ -45,6 +46,14 @@ public class WSDerivedKeyTokenPrincipal
public void setLabel(String label) {
this.label = label;
}
+
+ public byte[] getSecret() {
+ return secret;
+ }
+
+ public void setSecret(byte[] secret) {
+ this.secret = secret;
+ }
public int getLength() {
return length;
Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java?rev=1103733&r1=1103732&r2=1103733&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java Mon May 16 13:43:15 2011
@@ -21,6 +21,7 @@ package org.apache.ws.security.str;
import org.apache.ws.security.CustomTokenPrincipal;
import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSDerivedKeyTokenPrincipal;
import org.apache.ws.security.WSDocInfo;
import org.apache.ws.security.WSPasswordCallback;
import org.apache.ws.security.WSSecurityEngine;
@@ -226,6 +227,7 @@ public class SignatureSTRParser implemen
byte[] secret = (byte[])result.get(WSSecurityEngineResult.TAG_SECRET);
secretKey = dkt.deriveKey(keyLength, secret);
principal = dkt.createPrincipal();
+ ((WSDerivedKeyTokenPrincipal)principal).setSecret(secret);
} else if (WSConstants.ST_UNSIGNED == action || WSConstants.ST_SIGNED == action) {
AssertionWrapper assertion =
(AssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);