You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2016/01/11 13:13:27 UTC
svn commit: r1724014 - in /webservices/wss4j/branches/2_1_x-fixes:
ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/
ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/
Author: coheigea
Date: Mon Jan 11 12:13:26 2016
New Revision: 1724014
URL: http://svn.apache.org/viewvc?rev=1724014&view=rev
Log:
Update KeyValue tokens to be able to get the private key
Modified:
webservices/wss4j/branches/2_1_x-fixes/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/AbstractPolicyTestBase.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/DsaKeyValueSecurityTokenImpl.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/ECKeyValueSecurityTokenImpl.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/RsaKeyValueSecurityTokenImpl.java
webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.java
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/AbstractPolicyTestBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/AbstractPolicyTestBase.java?rev=1724014&r1=1724013&r2=1724014&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/AbstractPolicyTestBase.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/AbstractPolicyTestBase.java Mon Jan 11 12:13:26 2016
@@ -166,17 +166,17 @@ public class AbstractPolicyTestBase exte
}
public RsaKeyValueSecurityTokenImpl getRsaKeyValueSecurityToken() throws Exception {
- return new RsaKeyValueSecurityTokenImpl(null, null, null);
+ return new RsaKeyValueSecurityTokenImpl(null, null, null, null, null);
}
public DsaKeyValueSecurityTokenImpl getDsaKeyValueSecurityToken() throws Exception {
- return new DsaKeyValueSecurityTokenImpl(null, null, null);
+ return new DsaKeyValueSecurityTokenImpl(null, null, null, null, null);
}
public ECKeyValueSecurityTokenImpl getECKeyValueSecurityToken() throws Exception {
ECKeyValueType ecKeyValueType = new ECKeyValueType();
ecKeyValueType.setNamedCurve(new NamedCurveType());
- return new ECKeyValueSecurityTokenImpl(ecKeyValueType, null, null);
+ return new ECKeyValueSecurityTokenImpl(ecKeyValueType, null, null, null, null);
}
protected String loadResourceAsString(String resource, Charset encoding) throws IOException {
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/DsaKeyValueSecurityTokenImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/DsaKeyValueSecurityTokenImpl.java?rev=1724014&r1=1724013&r2=1724014&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/DsaKeyValueSecurityTokenImpl.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/DsaKeyValueSecurityTokenImpl.java Mon Jan 11 12:13:26 2016
@@ -18,29 +18,39 @@
*/
package org.apache.wss4j.stax.impl.securityToken;
+import java.security.Key;
import java.security.Principal;
+import java.security.PublicKey;
import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.principal.PublicKeyPrincipalImpl;
import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
+import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.securityToken.DsaKeyValueSecurityToken;
import org.apache.xml.security.binding.xmldsig.DSAKeyValueType;
import org.apache.xml.security.exceptions.XMLSecurityException;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
public class DsaKeyValueSecurityTokenImpl
extends org.apache.xml.security.stax.impl.securityToken.DsaKeyValueSecurityToken
implements DsaKeyValueSecurityToken {
+ private CallbackHandler callbackHandler;
private Crypto crypto;
+ private WSSSecurityProperties securityProperties;
private Principal principal;
public DsaKeyValueSecurityTokenImpl(
- DSAKeyValueType dsaKeyValueType, WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto) {
+ DSAKeyValueType dsaKeyValueType, WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto,
+ CallbackHandler callbackHandler, WSSSecurityProperties securityProperties) {
super(dsaKeyValueType, wsInboundSecurityContext);
this.crypto = crypto;
+ this.callbackHandler = callbackHandler;
+ this.securityProperties = securityProperties;
}
@Override
@@ -52,6 +62,23 @@ public class DsaKeyValueSecurityTokenImp
public Subject getSubject() throws WSSecurityException {
return null;
}
+
+ @Override
+ public Key getKey(String algorithmURI, XMLSecurityConstants.AlgorithmUsage algorithmUsage,
+ String correlationID) throws XMLSecurityException {
+ PublicKey publicKey = getPublicKey();
+
+ try {
+ return crypto.getPrivateKey(publicKey, callbackHandler);
+ } catch (WSSecurityException ex) {
+ // Check to see if we are decrypting rather than signature verification
+ Crypto decCrypto = securityProperties.getDecryptionCrypto();
+ if (decCrypto != null && decCrypto != crypto) {
+ return decCrypto.getPrivateKey(publicKey, callbackHandler);
+ }
+ throw ex;
+ }
+ }
@Override
public Principal getPrincipal() throws WSSecurityException {
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/ECKeyValueSecurityTokenImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/ECKeyValueSecurityTokenImpl.java?rev=1724014&r1=1724013&r2=1724014&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/ECKeyValueSecurityTokenImpl.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/ECKeyValueSecurityTokenImpl.java Mon Jan 11 12:13:26 2016
@@ -18,30 +18,40 @@
*/
package org.apache.wss4j.stax.impl.securityToken;
+import java.security.Key;
import java.security.Principal;
+import java.security.PublicKey;
import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.principal.PublicKeyPrincipalImpl;
import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
+import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.securityToken.ECKeyValueSecurityToken;
import org.apache.xml.security.binding.xmldsig11.ECKeyValueType;
import org.apache.xml.security.exceptions.XMLSecurityException;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
public class ECKeyValueSecurityTokenImpl
extends org.apache.xml.security.stax.impl.securityToken.ECKeyValueSecurityToken
implements ECKeyValueSecurityToken {
+ private CallbackHandler callbackHandler;
private Crypto crypto;
+ private WSSSecurityProperties securityProperties;
private Principal principal;
public ECKeyValueSecurityTokenImpl(
- ECKeyValueType ecKeyValueType, WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto)
+ ECKeyValueType ecKeyValueType, WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto,
+ CallbackHandler callbackHandler, WSSSecurityProperties securityProperties)
throws XMLSecurityException {
super(ecKeyValueType, wsInboundSecurityContext);
this.crypto = crypto;
+ this.callbackHandler = callbackHandler;
+ this.securityProperties = securityProperties;
}
@Override
@@ -53,6 +63,23 @@ public class ECKeyValueSecurityTokenImpl
public Subject getSubject() throws WSSecurityException {
return null;
}
+
+ @Override
+ public Key getKey(String algorithmURI, XMLSecurityConstants.AlgorithmUsage algorithmUsage,
+ String correlationID) throws XMLSecurityException {
+ PublicKey publicKey = getPublicKey();
+
+ try {
+ return crypto.getPrivateKey(publicKey, callbackHandler);
+ } catch (WSSecurityException ex) {
+ // Check to see if we are decrypting rather than signature verification
+ Crypto decCrypto = securityProperties.getDecryptionCrypto();
+ if (decCrypto != null && decCrypto != crypto) {
+ return decCrypto.getPrivateKey(publicKey, callbackHandler);
+ }
+ throw ex;
+ }
+ }
@Override
public Principal getPrincipal() throws WSSecurityException {
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/RsaKeyValueSecurityTokenImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/RsaKeyValueSecurityTokenImpl.java?rev=1724014&r1=1724013&r2=1724014&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/RsaKeyValueSecurityTokenImpl.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/RsaKeyValueSecurityTokenImpl.java Mon Jan 11 12:13:26 2016
@@ -18,29 +18,39 @@
*/
package org.apache.wss4j.stax.impl.securityToken;
+import java.security.Key;
import java.security.Principal;
+import java.security.PublicKey;
import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.principal.PublicKeyPrincipalImpl;
import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
+import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.securityToken.RsaKeyValueSecurityToken;
import org.apache.xml.security.binding.xmldsig.RSAKeyValueType;
import org.apache.xml.security.exceptions.XMLSecurityException;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
public class RsaKeyValueSecurityTokenImpl
extends org.apache.xml.security.stax.impl.securityToken.RsaKeyValueSecurityToken
implements RsaKeyValueSecurityToken {
+ private CallbackHandler callbackHandler;
private Crypto crypto;
+ private WSSSecurityProperties securityProperties;
private Principal principal;
public RsaKeyValueSecurityTokenImpl(
- RSAKeyValueType rsaKeyValueType, WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto) {
+ RSAKeyValueType rsaKeyValueType, WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto,
+ CallbackHandler callbackHandler, WSSSecurityProperties securityProperties) {
super(rsaKeyValueType, wsInboundSecurityContext);
this.crypto = crypto;
+ this.callbackHandler = callbackHandler;
+ this.securityProperties = securityProperties;
}
@Override
@@ -52,6 +62,23 @@ public class RsaKeyValueSecurityTokenImp
public Subject getSubject() throws WSSecurityException {
return null;
}
+
+ @Override
+ public Key getKey(String algorithmURI, XMLSecurityConstants.AlgorithmUsage algorithmUsage,
+ String correlationID) throws XMLSecurityException {
+ PublicKey publicKey = getPublicKey();
+
+ try {
+ return crypto.getPrivateKey(publicKey, callbackHandler);
+ } catch (WSSecurityException ex) {
+ // Check to see if we are decrypting rather than signature verification
+ Crypto decCrypto = securityProperties.getDecryptionCrypto();
+ if (decCrypto != null && decCrypto != crypto) {
+ return decCrypto.getPrivateKey(publicKey, callbackHandler);
+ }
+ throw ex;
+ }
+ }
@Override
public Principal getPrincipal() throws WSSecurityException {
Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.java?rev=1724014&r1=1724013&r2=1724014&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.java (original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.java Mon Jan 11 12:13:26 2016
@@ -97,7 +97,8 @@ public class SecurityTokenFactoryImpl ex
final KeyValueType keyValueType
= XMLSecurityUtils.getQNameType(keyInfoType.getContent(), WSSConstants.TAG_dsig_KeyValue);
if (keyValueType != null) {
- return getSecurityToken(keyValueType, crypto, ((WSSSecurityProperties)securityProperties).getCallbackHandler(), inboundSecurityContext);
+ return getSecurityToken(keyValueType, crypto, ((WSSSecurityProperties)securityProperties).getCallbackHandler(), inboundSecurityContext,
+ ((WSSSecurityProperties)securityProperties));
}
} else if (crypto != null && crypto.getDefaultX509Identifier() != null) {
@@ -406,25 +407,29 @@ public class SecurityTokenFactoryImpl ex
}
public static InboundSecurityToken getSecurityToken(KeyValueType keyValueType, final Crypto crypto,
- final CallbackHandler callbackHandler, SecurityContext securityContext)
+ final CallbackHandler callbackHandler, SecurityContext securityContext,
+ WSSSecurityProperties securityProperties)
throws XMLSecurityException {
final RSAKeyValueType rsaKeyValueType
= XMLSecurityUtils.getQNameType(keyValueType.getContent(), WSSConstants.TAG_dsig_RSAKeyValue);
if (rsaKeyValueType != null) {
- return new RsaKeyValueSecurityTokenImpl(rsaKeyValueType, (WSInboundSecurityContext) securityContext, crypto);
+ return new RsaKeyValueSecurityTokenImpl(rsaKeyValueType, (WSInboundSecurityContext) securityContext, crypto,
+ callbackHandler, securityProperties);
}
final DSAKeyValueType dsaKeyValueType
= XMLSecurityUtils.getQNameType(keyValueType.getContent(), WSSConstants.TAG_dsig_DSAKeyValue);
if (dsaKeyValueType != null) {
- return new DsaKeyValueSecurityTokenImpl(dsaKeyValueType, (WSInboundSecurityContext) securityContext, crypto);
+ return new DsaKeyValueSecurityTokenImpl(dsaKeyValueType, (WSInboundSecurityContext) securityContext, crypto,
+ callbackHandler, securityProperties);
}
final ECKeyValueType ecKeyValueType
= XMLSecurityUtils.getQNameType(keyValueType.getContent(), WSSConstants.TAG_dsig11_ECKeyValue);
if (ecKeyValueType != null) {
- return new ECKeyValueSecurityTokenImpl(ecKeyValueType, (WSInboundSecurityContext) securityContext, crypto);
+ return new ECKeyValueSecurityTokenImpl(ecKeyValueType, (WSInboundSecurityContext) securityContext, crypto,
+ callbackHandler, securityProperties);
}
throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "unsupportedKeyInfo");
}