You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2015/03/24 15:37:01 UTC
svn commit: r1668911 [1/3] - in /webservices/wss4j/trunk: integration/
integration/src/test/java/org/apache/wss4j/integration/test/kerberos/
ws-security-common/src/main/java/org/apache/wss4j/common/
ws-security-common/src/main/java/org/apache/wss4j/com...
Author: coheigea
Date: Tue Mar 24 14:37:00 2015
New Revision: 1668911
URL: http://svn.apache.org/r1668911
Log:
Renaming integration module + moving some code from dom to common
Added:
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/WSS4JConstants.java
- copied, changed from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSConstants.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/bsp/BSPEnforcer.java
- copied, changed from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/bsp/BSPEnforcer.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/BinarySecurity.java
- copied, changed from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/BinarySecurity.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/PKIPathSecurity.java
- copied, changed from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/PKIPathSecurity.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/Reference.java
- copied, changed from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Reference.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/SecurityTokenReference.java
- copied, changed from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityTokenReference.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/TokenElementCallback.java
- copied, changed from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/TokenElementCallback.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/X509Security.java
- copied, changed from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/X509Security.java
Removed:
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/bsp/BSPEnforcer.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/BinarySecurity.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/PKIPathSecurity.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Reference.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityTokenReference.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/TokenElementCallback.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/X509Security.java
Modified:
webservices/wss4j/trunk/integration/pom.xml
webservices/wss4j/trunk/integration/src/test/java/org/apache/wss4j/integration/test/kerberos/KerberosTest.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509Data.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509IssuerSerial.java
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/KeyUtils.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSConstants.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSSecurityEngineResult.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/KerberosSecurity.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/BinarySecurityTokenProcessor.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/ReferenceListProcessor.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSSAMLKeyInfoProcessor.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/DerivedKeyTokenSTRParser.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/EncryptedKeySTRParser.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/STRParserUtil.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SecurityTokenRefSTRParser.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SignatureSTRParser.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/transform/STRTransform.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/transform/STRTransformUtil.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/Credential.java
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/KerberosTokenValidator.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SecretKeyCallbackHandler.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/SecurityActionTokenTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/DerivedKeyTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionAlgorithmSuiteTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureAlgorithmSuiteTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignedBSTTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SymmetricSignatureTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/TimestampTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTDerivedKeyTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BSTKerberosTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BinarySecurityTokenTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/DerivedKeyTokenTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/ReferenceTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/SecurityTokenReferenceTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/PrincipalTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenDerivedTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/validate/ValidatorTest.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/DerivedKeyTokenTest.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/saml/SAMLTokenTest.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/saml/SamlTokenDerivedTest.java
webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/utils/SecretKeyCallbackHandler.java
Modified: webservices/wss4j/trunk/integration/pom.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/integration/pom.xml?rev=1668911&r1=1668910&r2=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/integration/pom.xml (original)
+++ webservices/wss4j/trunk/integration/pom.xml Tue Mar 24 14:37:00 2015
@@ -25,7 +25,7 @@
<relativePath>../parent/pom.xml</relativePath>
<version>2.1.0-SNAPSHOT</version>
</parent>
- <artifactId>integration</artifactId>
+ <artifactId>wss4j-integration</artifactId>
<name>Apache WSS4J WS-Security Integration</name>
<build>
Modified: webservices/wss4j/trunk/integration/src/test/java/org/apache/wss4j/integration/test/kerberos/KerberosTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/integration/src/test/java/org/apache/wss4j/integration/test/kerberos/KerberosTest.java?rev=1668911&r1=1668910&r2=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/integration/src/test/java/org/apache/wss4j/integration/test/kerberos/KerberosTest.java (original)
+++ webservices/wss4j/trunk/integration/src/test/java/org/apache/wss4j/integration/test/kerberos/KerberosTest.java Tue Mar 24 14:37:00 2015
@@ -57,6 +57,8 @@ import org.apache.directory.server.core.
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.kerberos.KerberosContextAndServiceNameCallback;
import org.apache.wss4j.common.spnego.SpnegoTokenContext;
+import org.apache.wss4j.common.token.BinarySecurity;
+import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSSConfig;
@@ -66,7 +68,6 @@ import org.apache.wss4j.dom.common.Secur
import org.apache.wss4j.dom.message.WSSecEncrypt;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecSignature;
-import org.apache.wss4j.dom.message.token.BinarySecurity;
import org.apache.wss4j.dom.message.token.KerberosSecurity;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.wss4j.dom.validate.KerberosTokenValidator;
@@ -467,7 +468,7 @@ public class KerberosTest extends Abstra
byte[] keyData = secretKey.getEncoded();
sign.setSecretKey(keyData);
- byte[] digestBytes = WSSecurityUtil.generateDigest(bst.getToken());
+ byte[] digestBytes = KeyUtils.generateDigest(bst.getToken());
sign.setCustomTokenId(Base64.encode(digestBytes));
Document signedDoc = sign.build(doc, null, secHeader);
@@ -688,7 +689,7 @@ public class KerberosTest extends Abstra
builder.setEncryptSymmKey(false);
builder.setCustomReferenceValue(WSConstants.WSS_KRB_KI_VALUE_TYPE);
- byte[] digestBytes = WSSecurityUtil.generateDigest(bst.getToken());
+ byte[] digestBytes = KeyUtils.generateDigest(bst.getToken());
builder.setEncKeyId(Base64.encode(digestBytes));
Document encryptedDoc = builder.build(doc, null, secHeader);
@@ -937,7 +938,7 @@ public class KerberosTest extends Abstra
byte[] keyData = secretKey.getEncoded();
sign.setSecretKey(keyData);
- byte[] digestBytes = WSSecurityUtil.generateDigest(bst.getToken());
+ byte[] digestBytes = KeyUtils.generateDigest(bst.getToken());
sign.setCustomTokenId(Base64.encode(digestBytes));
sign.build(doc, null, secHeader);
@@ -1199,7 +1200,7 @@ public class KerberosTest extends Abstra
builder.setEncryptSymmKey(false);
builder.setCustomReferenceValue(WSConstants.WSS_KRB_KI_VALUE_TYPE);
- byte[] digestBytes = WSSecurityUtil.generateDigest(bst.getToken());
+ byte[] digestBytes = KeyUtils.generateDigest(bst.getToken());
builder.setEncKeyId(Base64.encode(digestBytes));
builder.build(doc, null, secHeader);
Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/WSS4JConstants.java (from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSConstants.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/WSS4JConstants.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/WSS4JConstants.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSConstants.java&r1=1668656&r2=1668911&rev=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSConstants.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/WSS4JConstants.java Tue Mar 24 14:37:00 2015
@@ -16,19 +16,15 @@
* specific language governing permissions and limitations
* under the License.
*/
-
-package org.apache.wss4j.dom;
-
-import javax.xml.namespace.QName;
+package org.apache.wss4j.common;
/**
- * Constants in WS-Security spec.
*/
-public final class WSConstants {
-
- /*
- * Standard constants used in WSS4J
- */
+public class WSS4JConstants {
+
+ protected WSS4JConstants() {
+ // complete
+ }
//
// Namespaces
@@ -231,59 +227,6 @@ public final class WSConstants {
public static final String ENC11_PREFIX = "xenc11";
public static final String C14N_EXCL_OMIT_COMMENTS_PREFIX = "ec";
-
- //
- // Fault codes defined in the WSS 1.1 spec under section 12, Error handling
- //
-
- /**
- * An unsupported token was provided
- */
- public static final QName UNSUPPORTED_SECURITY_TOKEN =
- new QName(WSSE_NS, "UnsupportedSecurityToken");
-
- /**
- * An unsupported signature or encryption algorithm was used
- */
- public static final QName UNSUPPORTED_ALGORITHM =
- new QName(WSSE_NS, "UnsupportedAlgorithm");
-
- /**
- * An error was discovered processing the <Security> header
- */
- public static final QName INVALID_SECURITY =
- new QName (WSSE_NS, "InvalidSecurity");
-
- /**
- * An invalid security token was provided
- */
- public static final QName INVALID_SECURITY_TOKEN =
- new QName (WSSE_NS, "InvalidSecurityToken");
-
- /**
- * The security token could not be authenticated or authorized
- */
- public static final QName FAILED_AUTHENTICATION =
- new QName (WSSE_NS, "FailedAuthentication");
-
- /**
- * The signature or decryption was invalid
- */
- public static final QName FAILED_CHECK =
- new QName (WSSE_NS, "FailedCheck");
-
- /**
- * Referenced security token could not be retrieved
- */
- public static final QName SECURITY_TOKEN_UNAVAILABLE =
- new QName (WSSE_NS, "SecurityTokenUnavailable");
-
- /**
- * The message has expired
- */
- public static final QName MESSAGE_EXPIRED =
- new QName (WSSE_NS, "MessageExpired");
-
//
// Kerberos ValueTypes
//
@@ -309,194 +252,10 @@ public final class WSConstants {
public static final String PASSWORD_TEXT = USERNAMETOKEN_NS + "#PasswordText";
public static final String WSS_USERNAME_TOKEN_VALUE_TYPE =
USERNAMETOKEN_NS + "#" + USERNAME_TOKEN_LN;
+ public static final String BASE64_ENCODING = SOAPMESSAGE_NS + "#Base64Binary";
public static final String[] URIS_SOAP_ENV = {
URI_SOAP11_ENV,
URI_SOAP12_ENV,
};
-
- /*
- * Constants used to configure WSS4J
- */
-
- /**
- * Sets the {@link
- * org.apache.wss4j.dom.message.WSSecSignature#build(Document, Crypto, WSSecHeader)
- * } method to send the signing certificate as a <code>BinarySecurityToken</code>.
- * <p/>
- * The signing method takes the signing certificate, converts it to a
- * <code>BinarySecurityToken</code>, puts it in the security header,
- * and inserts a <code>Reference</code> to the binary security token
- * into the <code>wsse:SecurityReferenceToken</code>. Thus the whole
- * signing certificate is transfered to the receiver.
- * The X509 profile recommends to use {@link #ISSUER_SERIAL} instead
- * of sending the whole certificate.
- * <p/>
- * Please refer to WS Security specification X509 1.1 profile, chapter 3.3.2
- * and to WS Security SOAP Message security 1.1 specification, chapter 7.2
- * <p/>
- * Note: only local references to BinarySecurityToken are supported
- */
- public static final int BST_DIRECT_REFERENCE = 1;
-
- /**
- * Sets the {@link
- * org.apache.wss4j.dom.message.WSSecSignature#build(Document, Crypto, WSSecHeader)
- * } or the {@link
- * org.apache.wss4j.dom.message.WSSecEncrypt#build(Document, Crypto, WSSecHeader)
- * } method to send the issuer name and the serial number of a certificate to
- * the receiver.
- * <p/>
- * In contrast to {@link #BST_DIRECT_REFERENCE} only the issuer name
- * and the serial number of the signing certificate are sent to the
- * receiver. This reduces the amount of data being sent. The encryption
- * method uses the public key associated with this certificate to encrypt
- * the symmetric key used to encrypt data.
- * <p/>
- * Please refer to WS Security specification X509 1.1 profile, chapter 3.3.3
- */
- public static final int ISSUER_SERIAL = 2;
-
- /**
- * Sets the {@link
- * org.apache.wss4j.dom.message.WSSecSignature#build(Document, Crypto, WSSecHeader)
- * } or the {@link
- * org.apache.wss4j.dom.message.WSSecEncrypt#build(Document, Crypto, WSSecHeader)
- * }method to send the certificate used to encrypt the symmetric key.
- * <p/>
- * The encryption method uses the public key associated with this certificate
- * to encrypt the symmetric key used to encrypt data. The certificate is
- * converted into a <code>KeyIdentifier</code> token and sent to the receiver.
- * Thus the complete certificate data is transfered to receiver.
- * The X509 profile recommends to use {@link #ISSUER_SERIAL} instead
- * of sending the whole certificate.
- * <p/>
- * Please refer to WS Security SOAP Message security 1.1 specification,
- * chapter 7.3. Note that this is a NON-STANDARD method. The standard way to refer to
- * an X.509 Certificate via a KeyIdentifier is to use {@link #SKI_KEY_IDENTIFIER}
- */
- public static final int X509_KEY_IDENTIFIER = 3;
-
- /**
- * Sets the {@link
- * org.apache.wss4j.dom.message.WSSecSignature#build(Document, Crypto, WSSecHeader)
- * } method to send a <code>SubjectKeyIdentifier</code> to identify
- * the signing certificate.
- * <p/>
- * Refer to WS Security specification X509 1.1 profile, chapter 3.3.1
- */
- public static final int SKI_KEY_IDENTIFIER = 4;
-
- /**
- * Embeds a keyinfo/key name into the EncryptedData element.
- * <p/>
- */
- @Deprecated
- public static final int EMBEDDED_KEYNAME = 5;
-
- /**
- * Embeds a keyinfo/wsse:SecurityTokenReference into EncryptedData element.
- */
- @Deprecated
- public static final int EMBED_SECURITY_TOKEN_REF = 6;
-
- /**
- * <code>UT_SIGNING</code> is used internally only to set a specific Signature
- * behavior.
- *
- * The signing token is constructed from values in the UsernameToken according
- * to WS-Trust specification.
- */
- public static final int UT_SIGNING = 7;
-
- /**
- * <code>THUMPRINT_IDENTIFIER</code> is used to set the specific key identifier
- * ThumbprintSHA1.
- *
- * This identifier uses the SHA-1 digest of a security token to
- * identify the security token. Please refer to chapter 7.2 of the OASIS WSS 1.1
- * specification.
- *
- */
- public static final int THUMBPRINT_IDENTIFIER = 8;
-
- /**
- * <code>CUSTOM_SYMM_SIGNING</code> is used internally only to set a
- * specific Signature behavior.
- *
- * The signing key, reference id and value type are set externally.
- */
- public static final int CUSTOM_SYMM_SIGNING = 9;
-
- /**
- * <code>ENCRYPTED_KEY_SHA1_IDENTIFIER</code> is used to set the specific key identifier
- * EncryptedKeySHA1.
- *
- * This identifier uses the SHA-1 digest of a security token to
- * identify the security token. Please refer to chapter 7.3 of the OASIS WSS 1.1
- * specification.
- */
- public static final int ENCRYPTED_KEY_SHA1_IDENTIFIER = 10;
-
- /**
- * <code>CUSTOM_SYMM_SIGNING_DIRECT</code> is used internally only to set a
- * specific Signature behavior.
- *
- * The signing key, reference id and value type are set externally.
- */
- public static final int CUSTOM_SYMM_SIGNING_DIRECT = 11;
-
- /**
- * <code>CUSTOM_KEY_IDENTIFIER</code> is used to set a KeyIdentifier to
- * a particular ID
- *
- * The reference id and value type are set externally.
- */
- public static final int CUSTOM_KEY_IDENTIFIER = 12;
-
- /**
- * <code>KEY_VALUE</code> is used to set a ds:KeyInfo/ds:KeyValue element to refer to
- * either an RSA or DSA public key.
- */
- public static final int KEY_VALUE = 13;
-
- /**
- * <code>ENDPOINT_KEY_IDENTIFIER</code> is used to specify service endpoint as public key
- * identifier.
- *
- * Constant is useful in case of symmetric holder of key, where token service can determine
- * target service public key to encrypt shared secret.
- */
- public static final int ENDPOINT_KEY_IDENTIFIER = 14;
-
- /*
- * The following values are bits that can be combined to for a set.
- * Be careful when selecting new values.
- */
- public static final int NO_SECURITY = 0;
- public static final int UT = 0x1; // perform UsernameToken
- public static final int SIGN = 0x2; // Perform Signature
- public static final int ENCR = 0x4; // Perform Encryption
-
- public static final int ST_UNSIGNED = 0x8; // perform SAMLToken unsigned
- public static final int ST_SIGNED = 0x10; // perform SAMLToken signed
-
- public static final int TS = 0x20; // insert Timestamp
- public static final int UT_SIGN = 0x40; // perform signature with UT secret key
- public static final int SC = 0x80; // this is a SignatureConfirmation
-
- public static final int NO_SERIALIZE = 0x100;
- public static final int SERIALIZE = 0x200;
- public static final int SCT = 0x400; //SecurityContextToken
- public static final int DKT = 0x800; //DerivedKeyToken
- public static final int BST = 0x1000; //BinarySecurityToken
- public static final int UT_NOPASSWORD = 0x2000; // perform UsernameToken
- public static final int CUSTOM_TOKEN = 0x4000; // perform a Custom Token action
- public static final int DKT_SIGN = 0x8000; // Perform Signature with a Derived Key
- public static final int DKT_ENCR = 0x10000; // Perform Encryption with a Derived Key
-
- private WSConstants() {
- // Complete
- }
-
-}
+}
\ No newline at end of file
Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/bsp/BSPEnforcer.java (from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/bsp/BSPEnforcer.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/bsp/BSPEnforcer.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/bsp/BSPEnforcer.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/bsp/BSPEnforcer.java&r1=1668656&r2=1668911&rev=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/bsp/BSPEnforcer.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/bsp/BSPEnforcer.java Tue Mar 24 14:37:00 2015
@@ -16,13 +16,12 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.apache.wss4j.dom.bsp;
+package org.apache.wss4j.common.bsp;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
-import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.ext.WSSecurityException;
/**
Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/BinarySecurity.java (from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/BinarySecurity.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/BinarySecurity.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/BinarySecurity.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/BinarySecurity.java&r1=1668656&r2=1668911&rev=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/BinarySecurity.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/BinarySecurity.java Tue Mar 24 14:37:00 2015
@@ -17,17 +17,17 @@
* under the License.
*/
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.token;
import java.io.IOException;
import java.util.Arrays;
-import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.common.WSS4JConstants;
+import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.DOM2Writer;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.bsp.BSPEnforcer;
import org.apache.xml.security.utils.Base64;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -42,9 +42,8 @@ import javax.xml.namespace.QName;
* Binary Security Token.
*/
public class BinarySecurity {
- public static final QName TOKEN_BST = new QName(WSConstants.WSSE_NS, "BinarySecurityToken");
- public static final QName TOKEN_KI = new QName(WSConstants.WSSE_NS, "KeyIdentifier");
- public static final String BASE64_ENCODING = WSConstants.SOAPMESSAGE_NS + "#Base64Binary";
+ public static final QName TOKEN_BST = new QName(WSS4JConstants.WSSE_NS, "BinarySecurityToken");
+ public static final QName TOKEN_KI = new QName(WSS4JConstants.WSSE_NS, "KeyIdentifier");
private static final org.slf4j.Logger LOG =
org.slf4j.LoggerFactory.getLogger(BinarySecurity.class);
@@ -69,7 +68,7 @@ public class BinarySecurity {
bspEnforcer.handleBSPRule(BSPRule.R3029);
}
- if (!BASE64_ENCODING.equals(encoding)) {
+ if (!WSS4JConstants.BASE64_ENCODING.equals(encoding)) {
bspEnforcer.handleBSPRule(BSPRule.R3030);
}
@@ -85,8 +84,8 @@ public class BinarySecurity {
* @param doc
*/
public BinarySecurity(Document doc) {
- element = doc.createElementNS(WSConstants.WSSE_NS, "wsse:BinarySecurityToken");
- setEncodingType(BASE64_ENCODING);
+ element = doc.createElementNS(WSS4JConstants.WSSE_NS, "wsse:BinarySecurityToken");
+ setEncodingType(WSS4JConstants.BASE64_ENCODING);
element.appendChild(doc.createTextNode(""));
}
@@ -121,7 +120,7 @@ public class BinarySecurity {
* efficiency purposes.
*/
public void addWSSENamespace() {
- XMLUtils.setNamespace(element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
+ XMLUtils.setNamespace(element, WSS4JConstants.WSSE_NS, WSS4JConstants.WSSE_PREFIX);
}
/**
@@ -129,7 +128,7 @@ public class BinarySecurity {
* efficiency purposes.
*/
public void addWSUNamespace() {
- XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ XMLUtils.setNamespace(element, WSS4JConstants.WSU_NS, WSS4JConstants.WSU_PREFIX);
}
/**
@@ -230,7 +229,7 @@ public class BinarySecurity {
* @return the WSU ID of this element
*/
public String getID() {
- return element.getAttributeNS(WSConstants.WSU_NS, "Id");
+ return element.getAttributeNS(WSS4JConstants.WSU_NS, "Id");
}
/**
@@ -239,7 +238,7 @@ public class BinarySecurity {
* @param id
*/
public void setID(String id) {
- element.setAttributeNS(WSConstants.WSU_NS, WSConstants.WSU_PREFIX + ":Id", id);
+ element.setAttributeNS(WSS4JConstants.WSU_NS, WSS4JConstants.WSU_PREFIX + ":Id", id);
}
/**
Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509Data.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509Data.java?rev=1668911&r1=1668910&r2=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509Data.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509Data.java Tue Mar 24 14:37:00 2015
@@ -19,10 +19,10 @@
package org.apache.wss4j.common.token;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.DOM2Writer;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.xml.security.utils.Constants;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -43,7 +43,7 @@ public final class DOMX509Data {
//
Element issuerSerialElement =
XMLUtils.getDirectChildElement(
- element, "X509IssuerSerial", Constants.SignatureSpecNS
+ element, "X509IssuerSerial", WSS4JConstants.SIG_NS
);
x509IssuerSerial = new DOMX509IssuerSerial(issuerSerialElement);
}
@@ -53,7 +53,7 @@ public final class DOMX509Data {
*/
public DOMX509Data(Document doc, DOMX509IssuerSerial domIssuerSerial) {
element =
- doc.createElementNS(Constants.SignatureSpecNS, "ds:X509Data");
+ doc.createElementNS(WSS4JConstants.SIG_NS, "ds:X509Data");
element.appendChild(domIssuerSerial.getElement());
}
Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509IssuerSerial.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509IssuerSerial.java?rev=1668911&r1=1668910&r2=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509IssuerSerial.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/DOMX509IssuerSerial.java Tue Mar 24 14:37:00 2015
@@ -19,9 +19,9 @@
package org.apache.wss4j.common.token;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.util.DOM2Writer;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.xml.security.utils.Constants;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -44,11 +44,11 @@ public final class DOMX509IssuerSerial {
element = issuerSerialElement;
Element issuerNameElement =
- XMLUtils.getDirectChildElement(element, "X509IssuerName", Constants.SignatureSpecNS);
+ XMLUtils.getDirectChildElement(element, "X509IssuerName", WSS4JConstants.SIG_NS);
issuer = XMLUtils.getElementText(issuerNameElement);
Element serialNumberElement =
- XMLUtils.getDirectChildElement(element, "X509SerialNumber", Constants.SignatureSpecNS);
+ XMLUtils.getDirectChildElement(element, "X509SerialNumber", WSS4JConstants.SIG_NS);
String serialNumberStr = XMLUtils.getElementText(serialNumberElement);
if (serialNumberStr != null) {
@@ -73,15 +73,15 @@ public final class DOMX509IssuerSerial {
this.serialNumber = serialNumber;
element =
- doc.createElementNS(Constants.SignatureSpecNS, "ds:X509IssuerSerial");
+ doc.createElementNS(WSS4JConstants.SIG_NS, "ds:X509IssuerSerial");
Element issuerNameElement =
- doc.createElementNS(Constants.SignatureSpecNS, "ds:X509IssuerName");
+ doc.createElementNS(WSS4JConstants.SIG_NS, "ds:X509IssuerName");
issuerNameElement.appendChild(doc.createTextNode(this.issuer));
element.appendChild(issuerNameElement);
Element serialNumberElement =
- doc.createElementNS(Constants.SignatureSpecNS, "ds:X509SerialNumber");
+ doc.createElementNS(WSS4JConstants.SIG_NS, "ds:X509SerialNumber");
serialNumberElement.appendChild(doc.createTextNode(serialNumber.toString()));
element.appendChild(serialNumberElement);
}
Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/PKIPathSecurity.java (from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/PKIPathSecurity.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/PKIPathSecurity.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/PKIPathSecurity.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/PKIPathSecurity.java&r1=1668656&r2=1668911&rev=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/PKIPathSecurity.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/PKIPathSecurity.java Tue Mar 24 14:37:00 2015
@@ -17,10 +17,10 @@
* under the License.
*/
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.token;
-import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.bsp.BSPEnforcer;
+import org.apache.wss4j.common.WSS4JConstants;
+import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.ext.WSSecurityException;
@@ -33,7 +33,7 @@ import java.security.cert.X509Certificat
* PKIPath Security Token.
*/
public class PKIPathSecurity extends BinarySecurity {
- public static final String PKI_TYPE = WSConstants.X509TOKEN_NS + "#X509PKIPathv1";
+ public static final String PKI_TYPE = WSS4JConstants.X509TOKEN_NS + "#X509PKIPathv1";
/**
* Constructor.
Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/Reference.java (from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Reference.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/Reference.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/Reference.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Reference.java&r1=1668656&r2=1668911&rev=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Reference.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/Reference.java Tue Mar 24 14:37:00 2015
@@ -17,11 +17,11 @@
* under the License.
*/
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.token;
import javax.xml.namespace.QName;
-import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.DOM2Writer;
import org.apache.wss4j.common.util.XMLUtils;
@@ -32,7 +32,7 @@ import org.w3c.dom.Element;
* Reference.
*/
public class Reference {
- public static final QName TOKEN = new QName(WSConstants.WSSE_NS, "Reference");
+ public static final QName TOKEN = new QName(WSS4JConstants.WSSE_NS, "Reference");
private Element element;
/**
@@ -68,7 +68,7 @@ public class Reference {
* @param doc
*/
public Reference(Document doc) {
- element = doc.createElementNS(WSConstants.WSSE_NS, "wsse:Reference");
+ element = doc.createElementNS(WSS4JConstants.WSSE_NS, "wsse:Reference");
}
/**
@@ -76,7 +76,7 @@ public class Reference {
* efficiency purposes, as the reference is embedded in a wsse:SecurityTokenReference.
*/
public void addWSSENamespace() {
- XMLUtils.setNamespace(this.element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
+ XMLUtils.setNamespace(this.element, WSS4JConstants.WSSE_NS, WSS4JConstants.WSSE_PREFIX);
}
/**
Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/SecurityTokenReference.java (from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityTokenReference.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/SecurityTokenReference.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/SecurityTokenReference.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityTokenReference.java&r1=1668656&r2=1668911&rev=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityTokenReference.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/SecurityTokenReference.java Tue Mar 24 14:37:00 2015
@@ -17,38 +17,32 @@
* under the License.
*/
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.token;
-import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSDocInfo;
+import java.math.BigInteger;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+
+import javax.xml.namespace.QName;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.Text;
+
+import org.apache.wss4j.common.WSS4JConstants;
+import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoType;
import org.apache.wss4j.common.crypto.Merlin;
-import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.common.token.DOMX509IssuerSerial;
import org.apache.wss4j.common.util.DOM2Writer;
+import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.bsp.BSPEnforcer;
-import org.apache.wss4j.dom.message.CallbackLookup;
-import org.apache.wss4j.dom.message.DOMCallbackLookup;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.xml.security.exceptions.Base64DecodingException;
import org.apache.xml.security.utils.Base64;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.Text;
-
-import javax.xml.namespace.QName;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-
-import java.math.BigInteger;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
/**
* Security Token Reference.
@@ -56,13 +50,15 @@ import java.util.Arrays;
public class SecurityTokenReference {
public static final String SECURITY_TOKEN_REFERENCE = "SecurityTokenReference";
public static final QName STR_QNAME =
- new QName(WSConstants.WSSE_NS, SECURITY_TOKEN_REFERENCE);
+ new QName(WSS4JConstants.WSSE_NS, SECURITY_TOKEN_REFERENCE);
public static final String SKI_URI =
- WSConstants.X509TOKEN_NS + "#X509SubjectKeyIdentifier";
+ WSS4JConstants.X509TOKEN_NS + "#X509SubjectKeyIdentifier";
public static final String THUMB_URI =
- WSConstants.SOAPMESSAGE_NS11 + "#" + WSConstants.THUMBPRINT;
+ WSS4JConstants.SOAPMESSAGE_NS11 + "#" + WSS4JConstants.THUMBPRINT;
public static final String ENC_KEY_SHA1_URI =
- WSConstants.SOAPMESSAGE_NS11 + "#" + WSConstants.ENC_KEY_SHA1_URI;
+ WSS4JConstants.SOAPMESSAGE_NS11 + "#" + WSS4JConstants.ENC_KEY_SHA1_URI;
+ public static final String X509_V3_TYPE = WSS4JConstants.X509TOKEN_NS + "#X509v3";
+
private static final org.slf4j.Logger LOG =
org.slf4j.LoggerFactory.getLogger(SecurityTokenReference.class);
@@ -91,7 +87,7 @@ public class SecurityTokenReference {
Node node = element.getFirstChild();
while (node != null) {
if (Node.ELEMENT_NODE == node.getNodeType()
- && WSConstants.WSSE_NS.equals(node.getNamespaceURI())
+ && WSS4JConstants.WSSE_NS.equals(node.getNamespaceURI())
&& "Reference".equals(node.getLocalName())) {
reference = new Reference((Element)node);
break;
@@ -107,7 +103,7 @@ public class SecurityTokenReference {
* @param doc The Document
*/
public SecurityTokenReference(Document doc) {
- element = doc.createElementNS(WSConstants.WSSE_NS, "wsse:SecurityTokenReference");
+ element = doc.createElementNS(WSS4JConstants.WSSE_NS, "wsse:SecurityTokenReference");
}
/**
@@ -115,7 +111,7 @@ public class SecurityTokenReference {
* efficiency purposes.
*/
public void addWSSENamespace() {
- XMLUtils.setNamespace(element, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
+ XMLUtils.setNamespace(element, WSS4JConstants.WSSE_NS, WSS4JConstants.WSSE_PREFIX);
}
/**
@@ -123,7 +119,7 @@ public class SecurityTokenReference {
* efficiency purposes.
*/
public void addWSUNamespace() {
- XMLUtils.setNamespace(element, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+ XMLUtils.setNamespace(element, WSS4JConstants.WSU_NS, WSS4JConstants.WSU_PREFIX);
}
/**
@@ -132,10 +128,10 @@ public class SecurityTokenReference {
*/
public void addTokenType(String tokenType) {
if (tokenType != null) {
- XMLUtils.setNamespace(element, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
+ XMLUtils.setNamespace(element, WSS4JConstants.WSSE11_NS, WSS4JConstants.WSSE11_PREFIX);
element.setAttributeNS(
- WSConstants.WSSE11_NS,
- WSConstants.WSSE11_PREFIX + ":" + WSConstants.TOKEN_TYPE,
+ WSS4JConstants.WSSE11_NS,
+ WSS4JConstants.WSSE11_PREFIX + ":" + WSS4JConstants.TOKEN_TYPE,
tokenType
);
}
@@ -147,7 +143,7 @@ public class SecurityTokenReference {
*/
public String getTokenType() {
return element.getAttributeNS(
- WSConstants.WSSE11_NS, WSConstants.TOKEN_TYPE
+ WSS4JConstants.WSSE11_NS, WSS4JConstants.TOKEN_TYPE
);
}
@@ -178,150 +174,6 @@ public class SecurityTokenReference {
}
/**
- * Gets the signing token element, which may be a <code>BinarySecurityToken
- * </code> or a SAML token.
- *
- * The method gets the URI attribute of the {@link Reference} contained in
- * the {@link SecurityTokenReference} and tries to find the referenced
- * Element in the document. Alternatively, it gets the value of the KeyIdentifier
- * contained in the {@link SecurityTokenReference} and tries to find the referenced
- * Element in the document.
- *
- * @param doc the document that contains the binary security token
- * element. This could be different from the document
- * that contains the SecurityTokenReference (STR). See
- * STRTransform.derefenceBST() method
- * @param docInfo A WSDocInfo object containing previous results
- * @param cb A CallbackHandler object to obtain tokens that are not in the message
- * @return Element containing the signing token, must be a BinarySecurityToken
- * @throws WSSecurityException if the referenced element is not found.
- */
- public Element getTokenElement(
- Document doc, WSDocInfo docInfo, CallbackHandler cb
- ) throws WSSecurityException {
- Reference ref = getReference();
- String uri = null;
- String valueType = null;
- if (ref != null) {
- uri = ref.getURI();
- valueType = ref.getValueType();
- } else {
- uri = getKeyIdentifierValue();
- valueType = getKeyIdentifierValueType();
- }
- if (LOG.isDebugEnabled()) {
- LOG.debug("Token reference uri: " + uri);
- LOG.debug("Token reference ValueType: " + valueType);
- }
-
- if (uri == null) {
- throw new WSSecurityException(
- WSSecurityException.ErrorCode.INVALID_SECURITY, "badReferenceURI"
- );
- }
-
- Element tokElement =
- findProcessedTokenElement(doc, docInfo, cb, uri, valueType);
- if (tokElement == null) {
- tokElement = findUnprocessedTokenElement(doc, docInfo, cb, uri, valueType);
- }
-
- if (tokElement == null) {
- throw new WSSecurityException(
- WSSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE,
- "noToken", uri);
- }
- return tokElement;
- }
-
- /**
- * Find a token that has not been processed already - in other words, it searches for
- * the element, rather than trying to access previous results to find the element
- * @param doc Parent Document
- * @param docInfo WSDocInfo instance
- * @param cb CallbackHandler instance
- * @param uri URI of the element
- * @param type Type of the element
- * @return A DOM element
- * @throws WSSecurityException
- */
- public Element findUnprocessedTokenElement(
- Document doc,
- WSDocInfo docInfo,
- CallbackHandler cb,
- String uri,
- String type
- ) throws WSSecurityException {
- String id = XMLUtils.getIDFromReference(uri);
- //
- // Delegate finding the element to the CallbackLookup instance
- //
- CallbackLookup callbackLookup = null;
- if (docInfo != null) {
- callbackLookup = docInfo.getCallbackLookup();
- }
- if (callbackLookup == null) {
- callbackLookup = new DOMCallbackLookup(doc);
- }
- return callbackLookup.getElement(id, type, true);
- }
-
- /**
- * Find a token that has been processed already - in other words, it access previous
- * results to find the element, rather than conducting a general search
- * @param doc Parent Document
- * @param docInfo WSDocInfo instance
- * @param cb CallbackHandler instance
- * @param uri URI of the element
- * @param type Type of the element
- * @return A DOM element
- * @throws WSSecurityException
- */
- public Element findProcessedTokenElement(
- Document doc,
- WSDocInfo docInfo,
- CallbackHandler cb,
- String uri,
- String type
- ) throws WSSecurityException {
- String id = XMLUtils.getIDFromReference(uri);
- //
- // Try to find it from the WSDocInfo instance first
- //
- if (docInfo != null) {
- Element token = docInfo.getTokenElement(id);
- if (token != null) {
- return token;
- }
- }
-
- //
- // Try to find a custom token
- //
- if (cb != null && (WSConstants.WSC_SCT.equals(type)
- || WSConstants.WSC_SCT_05_12.equals(type)
- || WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(type)
- || WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(type)
- || KerberosSecurity.isKerberosToken(type))) {
- //try to find a custom token
- WSPasswordCallback pwcb =
- new WSPasswordCallback(id, WSPasswordCallback.CUSTOM_TOKEN);
- try {
- cb.handle(new Callback[]{pwcb});
- Element assertionElem = pwcb.getCustomToken();
- if (assertionElem != null) {
- return (Element)doc.importNode(assertionElem, true);
- }
- } catch (Exception e) {
- LOG.debug(e.getMessage(), e);
- // Consume this failure
- }
- }
- return null;
- }
-
-
- /**
* Sets the KeyIdentifier Element as a X509 certificate.
* Takes a X509 certificate, converts its data into base 64 and inserts
* it into a <code>wsse:KeyIdentifier</code> element, which is placed
@@ -342,7 +194,7 @@ public class SecurityTokenReference {
}
Text text = doc.createTextNode(Base64.encode(data));
- createKeyIdentifier(doc, X509Security.X509_V3_TYPE, text, true);
+ createKeyIdentifier(doc, X509_V3_TYPE, text, true);
}
/**
@@ -398,7 +250,7 @@ public class SecurityTokenReference {
);
}
try {
- byte[] encodedBytes = WSSecurityUtil.generateDigest(encodedCert);
+ byte[] encodedBytes = KeyUtils.generateDigest(encodedCert);
Text text = doc.createTextNode(Base64.encode(encodedBytes));
createKeyIdentifier(doc, THUMB_URI, text, true);
} catch (WSSecurityException e1) {
@@ -425,10 +277,10 @@ public class SecurityTokenReference {
}
private void createKeyIdentifier(Document doc, String uri, Node node, boolean base64) {
- Element keyId = doc.createElementNS(WSConstants.WSSE_NS, "wsse:KeyIdentifier");
+ Element keyId = doc.createElementNS(WSS4JConstants.WSSE_NS, "wsse:KeyIdentifier");
keyId.setAttributeNS(null, "ValueType", uri);
if (base64) {
- keyId.setAttributeNS(null, "EncodingType", BinarySecurity.BASE64_ENCODING);
+ keyId.setAttributeNS(null, "EncodingType", WSS4JConstants.BASE64_ENCODING);
}
keyId.appendChild(node);
@@ -471,7 +323,7 @@ public class SecurityTokenReference {
Element elem = getFirstElement();
String value = elem.getAttributeNS(null, "ValueType");
- if (X509Security.X509_V3_TYPE.equals(value)) {
+ if (X509_V3_TYPE.equals(value)) {
X509Security token = new X509Security(elem, new BSPEnforcer(true));
X509Certificate cert = token.getX509Certificate(crypto);
return new X509Certificate[]{cert};
@@ -607,10 +459,10 @@ public class SecurityTokenReference {
if (elem == null) {
return null;
}
- if (WSConstants.X509_DATA_LN.equals(elem.getLocalName())) {
+ if (WSS4JConstants.X509_DATA_LN.equals(elem.getLocalName())) {
elem =
XMLUtils.findElement(
- elem, WSConstants.X509_ISSUER_SERIAL_LN, WSConstants.SIG_NS
+ elem, WSS4JConstants.X509_ISSUER_SERIAL_LN, WSS4JConstants.SIG_NS
);
}
issuerSerial = new DOMX509IssuerSerial(elem);
@@ -625,7 +477,7 @@ public class SecurityTokenReference {
* a <code>wsse:Reference</code> element
*/
public boolean containsReference() {
- return containsElement(WSConstants.WSSE_NS, "Reference");
+ return containsElement(WSS4JConstants.WSSE_NS, "Reference");
}
/**
@@ -635,7 +487,7 @@ public class SecurityTokenReference {
* a <code>ds:IssuerSerial</code> element
*/
public boolean containsX509IssuerSerial() {
- return containsElement(WSConstants.SIG_NS, WSConstants.X509_ISSUER_SERIAL_LN);
+ return containsElement(WSS4JConstants.SIG_NS, WSS4JConstants.X509_ISSUER_SERIAL_LN);
}
/**
@@ -645,7 +497,7 @@ public class SecurityTokenReference {
* a <code>ds:X509Data</code> element
*/
public boolean containsX509Data() {
- return containsElement(WSConstants.SIG_NS, WSConstants.X509_DATA_LN);
+ return containsElement(WSS4JConstants.SIG_NS, WSS4JConstants.X509_DATA_LN);
}
/**
@@ -655,7 +507,7 @@ public class SecurityTokenReference {
* a <code>wsse:KeyIdentifier</code> element
*/
public boolean containsKeyIdentifier() {
- return containsElement(WSConstants.WSSE_NS, "KeyIdentifier");
+ return containsElement(WSS4JConstants.WSSE_NS, "KeyIdentifier");
}
private boolean containsElement(String namespace, String localname) {
@@ -691,7 +543,7 @@ public class SecurityTokenReference {
* @param id
*/
public void setID(String id) {
- element.setAttributeNS(WSConstants.WSU_NS, WSConstants.WSU_PREFIX + ":Id", id);
+ element.setAttributeNS(WSS4JConstants.WSU_NS, WSS4JConstants.WSU_PREFIX + ":Id", id);
}
/**
@@ -699,7 +551,7 @@ public class SecurityTokenReference {
* @return the wsu ID of the element
*/
public String getID() {
- return element.getAttributeNS(WSConstants.WSU_NS, "Id");
+ return element.getAttributeNS(WSS4JConstants.WSU_NS, "Id");
}
/**
@@ -731,7 +583,7 @@ public class SecurityTokenReference {
bspEnforcer.handleBSPRule(BSPRule.R3061);
}
if ("KeyIdentifier".equals(child.getLocalName())
- && WSConstants.WSSE_NS.equals(child.getNamespaceURI())) {
+ && WSS4JConstants.WSSE_NS.equals(child.getNamespaceURI())) {
String valueType = getKeyIdentifierValueType();
// ValueType cannot be null
@@ -740,13 +592,13 @@ public class SecurityTokenReference {
}
String encodingType = getFirstElement().getAttributeNS(null, "EncodingType");
// Encoding Type must be equal to Base64Binary if it's specified
- if (!"".equals(encodingType) && !BinarySecurity.BASE64_ENCODING.equals(encodingType)) {
+ if (!"".equals(encodingType) && !WSS4JConstants.BASE64_ENCODING.equals(encodingType)) {
bspEnforcer.handleBSPRule(BSPRule.R3071);
}
// Encoding type must be specified other than for a SAML Assertion
- if (!WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(valueType)
- && !WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(valueType)
+ if (!WSS4JConstants.WSS_SAML_KI_VALUE_TYPE.equals(valueType)
+ && !WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE.equals(valueType)
&& (encodingType == null || "".equals(encodingType))) {
bspEnforcer.handleBSPRule(BSPRule.R3070);
}
@@ -758,7 +610,7 @@ public class SecurityTokenReference {
result++;
// We cannot have a SecurityTokenReference child element
if ("SecurityTokenReference".equals(node.getLocalName())
- && WSConstants.WSSE_NS.equals(node.getNamespaceURI())) {
+ && WSS4JConstants.WSSE_NS.equals(node.getNamespaceURI())) {
bspEnforcer.handleBSPRule(BSPRule.R3056);
}
}
Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/TokenElementCallback.java (from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/TokenElementCallback.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/TokenElementCallback.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/TokenElementCallback.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/TokenElementCallback.java&r1=1668656&r2=1668911&rev=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/TokenElementCallback.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/TokenElementCallback.java Tue Mar 24 14:37:00 2015
@@ -17,7 +17,7 @@
* under the License.
*/
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.token;
import org.w3c.dom.Element;
Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/X509Security.java (from r1668656, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/X509Security.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/X509Security.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/X509Security.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/X509Security.java&r1=1668656&r2=1668911&rev=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/X509Security.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/token/X509Security.java Tue Mar 24 14:37:00 2015
@@ -17,10 +17,10 @@
* under the License.
*/
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.token;
-import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.bsp.BSPEnforcer;
+import org.apache.wss4j.common.WSS4JConstants;
+import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.Merlin;
@@ -39,7 +39,7 @@ import java.security.cert.X509Certificat
*/
public class X509Security extends BinarySecurity {
- public static final String X509_V3_TYPE = WSConstants.X509TOKEN_NS + "#X509v3";
+ public static final String X509_V3_TYPE = WSS4JConstants.X509TOKEN_NS + "#X509v3";
/*
* Stores the associated X.509 Certificate. This saves numerous
Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/KeyUtils.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/KeyUtils.java?rev=1668911&r1=1668910&r2=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/KeyUtils.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/KeyUtils.java Tue Mar 24 14:37:00 2015
@@ -19,6 +19,7 @@
package org.apache.wss4j.common.util;
+import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
@@ -36,6 +37,11 @@ public final class KeyUtils {
org.slf4j.LoggerFactory.getLogger(KeyUtils.class);
private static final int MAX_SYMMETRIC_KEY_SIZE = 1024;
+ /**
+ * A cached MessageDigest object
+ */
+ private static MessageDigest digest;
+
private KeyUtils() {
// complete
}
@@ -143,4 +149,24 @@ public final class KeyUtils {
}
}
}
+
+ /**
+ * Generate a (SHA1) digest of the input bytes. The MessageDigest instance that backs this
+ * method is cached for efficiency.
+ * @param inputBytes the bytes to digest
+ * @return the digest of the input bytes
+ * @throws WSSecurityException
+ */
+ public static synchronized byte[] generateDigest(byte[] inputBytes) throws WSSecurityException {
+ try {
+ if (digest == null) {
+ digest = MessageDigest.getInstance("SHA-1");
+ }
+ return digest.digest(inputBytes);
+ } catch (Exception e) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "empty", e,
+ "Error in generating digest"
+ );
+ }
+ }
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSConstants.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSConstants.java?rev=1668911&r1=1668910&r2=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSConstants.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSConstants.java Tue Mar 24 14:37:00 2015
@@ -21,216 +21,12 @@ package org.apache.wss4j.dom;
import javax.xml.namespace.QName;
+import org.apache.wss4j.common.WSS4JConstants;
+
/**
* Constants in WS-Security spec.
*/
-public final class WSConstants {
-
- /*
- * Standard constants used in WSS4J
- */
-
- //
- // Namespaces
- //
- public static final String WSSE_NS =
- "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
- public static final String WSSE11_NS =
- "http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd";
- public static final String WSU_NS =
- "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
-
- public static final String SOAPMESSAGE_NS =
- "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0";
- public static final String SOAPMESSAGE_NS11 =
- "http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1";
- public static final String USERNAMETOKEN_NS =
- "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0";
- public static final String X509TOKEN_NS =
- "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0";
- public static final String SAMLTOKEN_NS =
- "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0";
- public static final String SAMLTOKEN_NS11 =
- "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1";
- public static final String KERBEROS_NS11 =
- "http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1";
-
- public static final String SIG_NS = "http://www.w3.org/2000/09/xmldsig#";
- public static final String ENC_NS = "http://www.w3.org/2001/04/xmlenc#";
- public static final String ENC11_NS = "http://www.w3.org/2009/xmlenc11#";
- public static final String XMLNS_NS = "http://www.w3.org/2000/xmlns/";
- public static final String XML_NS = "http://www.w3.org/XML/1998/namespace";
-
- public static final String SAML_NS = "urn:oasis:names:tc:SAML:1.0:assertion";
- public static final String SAMLP_NS = "urn:oasis:names:tc:SAML:1.0:protocol";
- public static final String SAML2_NS = "urn:oasis:names:tc:SAML:2.0:assertion";
- public static final String SAMLP2_NS = "urn:oasis:names:tc:SAML:2.0:protocol";
-
- public static final String URI_SOAP11_ENV =
- "http://schemas.xmlsoap.org/soap/envelope/";
- public static final String URI_SOAP12_ENV =
- "http://www.w3.org/2003/05/soap-envelope";
- public static final String URI_SOAP11_NEXT_ACTOR =
- "http://schemas.xmlsoap.org/soap/actor/next";
- public static final String URI_SOAP12_NEXT_ROLE =
- "http://www.w3.org/2003/05/soap-envelope/role/next";
- public static final String URI_SOAP12_NONE_ROLE =
- "http://www.w3.org/2003/05/soap-envelope/role/none";
- public static final String URI_SOAP12_ULTIMATE_ROLE =
- "http://www.w3.org/2003/05/soap-envelope/role/ultimateReceiver";
-
- public static final String C14N_OMIT_COMMENTS =
- "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
- public static final String C14N_WITH_COMMENTS =
- "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments";
- public static final String C14N_EXCL_OMIT_COMMENTS =
- "http://www.w3.org/2001/10/xml-exc-c14n#";
- public static final String C14N_EXCL_WITH_COMMENTS =
- "http://www.w3.org/2001/10/xml-exc-c14n#WithComments";
-
- public static final String NS_XMLDSIG_FILTER2 =
- "http://www.w3.org/2002/06/xmldsig-filter2";
- public static final String NS_XMLDSIG_ENVELOPED_SIGNATURE =
- SIG_NS + "enveloped-signature";
- public static final String SWA_ATTACHMENT_CONTENT_SIG_TRANS =
- "http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Content-Signature-Transform";
- public static final String SWA_ATTACHMENT_COMPLETE_SIG_TRANS =
- "http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Complete-Signature-Transform";
- public static final String SWA_ATTACHMENT_CIPHERTEXT_TRANS =
- "http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Ciphertext-Transform";
- public static final String SWA_ATTACHMENT_ENCRYPTED_DATA_TYPE_CONTENT_ONLY =
- "http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Content-Only";
- public static final String SWA_ATTACHMENT_ENCRYPTED_DATA_TYPE_COMPLETE =
- "http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Complete";
-
- public static final String KEYTRANSPORT_RSA15 =
- "http://www.w3.org/2001/04/xmlenc#rsa-1_5";
- public static final String KEYTRANSPORT_RSAOEP =
- "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p";
- public static final String KEYTRANSPORT_RSAOEP_XENC11 =
- "http://www.w3.org/2009/xmlenc11#rsa-oaep";
- public static final String TRIPLE_DES =
- "http://www.w3.org/2001/04/xmlenc#tripledes-cbc";
- public static final String AES_128 =
- "http://www.w3.org/2001/04/xmlenc#aes128-cbc";
- public static final String AES_256 =
- "http://www.w3.org/2001/04/xmlenc#aes256-cbc";
- public static final String AES_192 =
- "http://www.w3.org/2001/04/xmlenc#aes192-cbc";
- public static final String AES_128_GCM =
- "http://www.w3.org/2009/xmlenc11#aes128-gcm";
- public static final String AES_192_GCM =
- "http://www.w3.org/2009/xmlenc11#aes192-gcm";
- public static final String AES_256_GCM =
- "http://www.w3.org/2009/xmlenc11#aes256-gcm";
- public static final String DSA =
- "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
- public static final String RSA =
- "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
- public static final String RSA_SHA1 =
- "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
- public static final String SHA1 =
- "http://www.w3.org/2000/09/xmldsig#sha1";
- public static final String SHA256 =
- "http://www.w3.org/2001/04/xmlenc#sha256";
- public static final String SHA384 =
- "http://www.w3.org/2001/04/xmldsig-more#sha384";
- public static final String SHA512 =
- "http://www.w3.org/2001/04/xmlenc#sha512";
- public static final String HMAC_SHA1 =
- "http://www.w3.org/2000/09/xmldsig#hmac-sha1";
- public static final String HMAC_SHA256 =
- "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256";
- public static final String HMAC_SHA384 =
- "http://www.w3.org/2001/04/xmldsig-more#hmac-sha384";
- public static final String HMAC_SHA512 =
- "http://www.w3.org/2001/04/xmldsig-more#hmac-sha512";
- public static final String HMAC_MD5 =
- "http://www.w3.org/2001/04/xmldsig-more#hmac-md5";
-
- public static final String MGF_SHA1 = "http://www.w3.org/2009/xmlenc11#mgf1sha1";
- public static final String MGF_SHA224 = "http://www.w3.org/2009/xmlenc11#mgf1sha224";
- public static final String MGF_SHA256 = "http://www.w3.org/2009/xmlenc11#mgf1sha256";
- public static final String MGF_SHA384 = "http://www.w3.org/2009/xmlenc11#mgf1sha384";
- public static final String MGF_SHA512 = "http://www.w3.org/2009/xmlenc11#mgf1sha512";
-
- public static final String WST_NS = "http://schemas.xmlsoap.org/ws/2005/02/trust";
- /**
- * WS-Trust 1.3 namespace
- */
- public static final String WST_NS_05_12 = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
- /**
- * WS-Trust 1.4 namespace
- */
- public static final String WST_NS_08_02 = "http://docs.oasis-open.org/ws-sx/ws-trust/200802";
-
- public static final String WSC_SCT = "http://schemas.xmlsoap.org/ws/2005/02/sc/sct";
-
- public static final String WSC_SCT_05_12 =
- "http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/sct";
-
- //
- // Localnames
- //
- public static final String WSSE_LN = "Security";
- public static final String THUMBPRINT ="ThumbprintSHA1";
- public static final String SAML_ASSERTION_ID = "SAMLAssertionID";
- public static final String SAML2_ASSERTION_ID = "SAMLID";
- public static final String ENC_KEY_VALUE_TYPE = "EncryptedKey";
- public static final String ENC_KEY_SHA1_URI = "EncryptedKeySHA1";
- public static final String SIG_LN = "Signature";
- public static final String SIG_INFO_LN = "SignedInfo";
- public static final String ENC_KEY_LN = "EncryptedKey";
- public static final String ENC_DATA_LN = "EncryptedData";
- public static final String REF_LIST_LN = "ReferenceList";
- public static final String REF_LN = "Reference";
- public static final String USERNAME_TOKEN_LN = "UsernameToken";
- public static final String BINARY_TOKEN_LN = "BinarySecurityToken";
- public static final String TIMESTAMP_TOKEN_LN = "Timestamp";
- public static final String USERNAME_LN = "Username";
- public static final String PASSWORD_LN = "Password";
- public static final String PASSWORD_TYPE_ATTR = "Type";
- public static final String NONCE_LN = "Nonce";
- public static final String CREATED_LN = "Created";
- public static final String EXPIRES_LN = "Expires";
- public static final String SIGNATURE_CONFIRMATION_LN = "SignatureConfirmation";
- public static final String SALT_LN = "Salt";
- public static final String ITERATION_LN = "Iteration";
- public static final String ASSERTION_LN = "Assertion";
- public static final String ENCRYPED_ASSERTION_LN = "EncryptedAssertion";
- public static final String PW_DIGEST = "PasswordDigest";
- public static final String PW_TEXT = "PasswordText";
- public static final String PW_NONE = "PasswordNone";
- public static final String ENCRYPTED_HEADER = "EncryptedHeader";
- public static final String X509_ISSUER_SERIAL_LN = "X509IssuerSerial";
- public static final String X509_ISSUER_NAME_LN = "X509IssuerName";
- public static final String X509_SERIAL_NUMBER_LN = "X509SerialNumber";
- public static final String X509_DATA_LN = "X509Data";
- public static final String X509_CERT_LN = "X509Certificate";
- public static final String KEYINFO_LN = "KeyInfo";
- public static final String KEYVALUE_LN = "KeyValue";
- public static final String TOKEN_TYPE = "TokenType";
-
- public static final String ELEM_ENVELOPE = "Envelope";
- public static final String ELEM_HEADER = "Header";
- public static final String ELEM_BODY = "Body";
- public static final String ATTR_MUST_UNDERSTAND = "mustUnderstand";
- public static final String ATTR_ACTOR = "actor";
- public static final String ATTR_ROLE = "role";
- public static final String NULL_NS = "Null";
-
- //
- // Prefixes
- //
- public static final String WSSE_PREFIX = "wsse";
- public static final String WSSE11_PREFIX = "wsse11";
- public static final String WSU_PREFIX = "wsu";
- public static final String DEFAULT_SOAP_PREFIX = "soapenv";
- public static final String SIG_PREFIX = "ds";
- public static final String ENC_PREFIX = "xenc";
- public static final String ENC11_PREFIX = "xenc11";
- public static final String C14N_EXCL_OMIT_COMMENTS_PREFIX = "ec";
-
+public final class WSConstants extends WSS4JConstants {
//
// Fault codes defined in the WSS 1.1 spec under section 12, Error handling
@@ -284,37 +80,6 @@ public final class WSConstants {
public static final QName MESSAGE_EXPIRED =
new QName (WSSE_NS, "MessageExpired");
- //
- // Kerberos ValueTypes
- //
- public static final String WSS_KRB_V5_AP_REQ = KERBEROS_NS11 + "#Kerberosv5_AP_REQ";
- public static final String WSS_GSS_KRB_V5_AP_REQ = KERBEROS_NS11 + "#GSS_Kerberosv5_AP_REQ";
- public static final String WSS_KRB_V5_AP_REQ1510 = KERBEROS_NS11 + "#Kerberosv5_AP_REQ1510";
- public static final String WSS_GSS_KRB_V5_AP_REQ1510 =
- KERBEROS_NS11 + "#GSS_Kerberosv5_AP_REQ1510";
- public static final String WSS_KRB_V5_AP_REQ4120 = KERBEROS_NS11 + "#Kerberosv5_AP_REQ4120";
- public static final String WSS_GSS_KRB_V5_AP_REQ4120 =
- KERBEROS_NS11 + "#GSS_Kerberosv5_AP_REQ4120";
- public static final String WSS_KRB_KI_VALUE_TYPE = KERBEROS_NS11 + "#Kerberosv5APREQSHA1";
-
- //
- // Misc
- //
- public static final String WSS_SAML_KI_VALUE_TYPE = SAMLTOKEN_NS + "#" + SAML_ASSERTION_ID;
- public static final String WSS_SAML2_KI_VALUE_TYPE = SAMLTOKEN_NS11 + "#" + SAML2_ASSERTION_ID;
- public static final String WSS_SAML_TOKEN_TYPE = SAMLTOKEN_NS11 + "#SAMLV1.1";
- public static final String WSS_SAML2_TOKEN_TYPE = SAMLTOKEN_NS11 + "#SAMLV2.0";
- public static final String WSS_ENC_KEY_VALUE_TYPE = SOAPMESSAGE_NS11 + "#" + ENC_KEY_VALUE_TYPE;
- public static final String PASSWORD_DIGEST = USERNAMETOKEN_NS + "#PasswordDigest";
- public static final String PASSWORD_TEXT = USERNAMETOKEN_NS + "#PasswordText";
- public static final String WSS_USERNAME_TOKEN_VALUE_TYPE =
- USERNAMETOKEN_NS + "#" + USERNAME_TOKEN_LN;
-
- public static final String[] URIS_SOAP_ENV = {
- URI_SOAP11_ENV,
- URI_SOAP12_ENV,
- };
-
/*
* Constants used to configure WSS4J
*/
@@ -496,7 +261,7 @@ public final class WSConstants {
public static final int DKT_ENCR = 0x10000; // Perform Encryption with a Derived Key
private WSConstants() {
- // Complete
+ super();
}
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSSecurityEngineResult.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSSecurityEngineResult.java?rev=1668911&r1=1668910&r2=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSSecurityEngineResult.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSSecurityEngineResult.java Tue Mar 24 14:37:00 2015
@@ -20,7 +20,7 @@
package org.apache.wss4j.dom;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
-import org.apache.wss4j.dom.message.token.BinarySecurity;
+import org.apache.wss4j.common.token.BinarySecurity;
import org.apache.wss4j.dom.message.token.SecurityContextToken;
import org.apache.wss4j.dom.message.token.SignatureConfirmation;
import org.apache.wss4j.dom.message.token.Timestamp;
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java?rev=1668911&r1=1668910&r2=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java Tue Mar 24 14:37:00 2015
@@ -32,6 +32,7 @@ import javax.xml.namespace.QName;
import org.apache.wss4j.common.EncryptionActionToken;
import org.apache.wss4j.common.SignatureActionToken;
+import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.cache.ReplayCache;
import org.apache.wss4j.common.cache.ReplayCacheFactory;
@@ -42,7 +43,6 @@ import org.apache.wss4j.common.ext.WSSec
import org.apache.wss4j.dom.SOAPConstants;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSSConfig;
-import org.apache.wss4j.dom.bsp.BSPEnforcer;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.token.UsernameToken;
import org.apache.wss4j.dom.util.WSSecurityUtil;
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java?rev=1668911&r1=1668910&r2=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java Tue Mar 24 14:37:00 2015
@@ -19,24 +19,24 @@
package org.apache.wss4j.dom.message;
-import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSSConfig;
+import java.util.List;
+
+import javax.crypto.SecretKey;
+
import org.apache.wss4j.common.WSEncryptionPart;
+import org.apache.wss4j.common.derivedKey.ConversationConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.token.Reference;
+import org.apache.wss4j.common.token.SecurityTokenReference;
import org.apache.wss4j.common.util.KeyUtils;
-import org.apache.wss4j.common.derivedKey.ConversationConstants;
-import org.apache.wss4j.dom.message.token.Reference;
-import org.apache.wss4j.dom.message.token.SecurityTokenReference;
+import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.xml.security.keys.KeyInfo;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
-import javax.crypto.SecretKey;
-
-import java.util.List;
-
/**
* Encrypts and signs parts of a message with derived keys derived from a
* symmetric key. This symmetric key will be included as an EncryptedKey
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java?rev=1668911&r1=1668910&r2=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java Tue Mar 24 14:37:00 2015
@@ -19,21 +19,6 @@
package org.apache.wss4j.dom.message;
-import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSDocInfo;
-import org.apache.wss4j.dom.WSSConfig;
-import org.apache.wss4j.common.WSEncryptionPart;
-import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.common.util.KeyUtils;
-import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.common.derivedKey.ConversationConstants;
-import org.apache.wss4j.dom.message.token.Reference;
-import org.apache.wss4j.dom.message.token.SecurityTokenReference;
-import org.apache.wss4j.dom.transform.STRTransform;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-
import java.security.NoSuchProviderException;
import java.util.List;
@@ -42,15 +27,30 @@ import javax.xml.crypto.dom.DOMStructure
import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.SignedInfo;
+import javax.xml.crypto.dsig.XMLSignContext;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
-import javax.xml.crypto.dsig.XMLSignContext;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.ExcC14NParameterSpec;
+import org.apache.wss4j.common.WSEncryptionPart;
+import org.apache.wss4j.common.derivedKey.ConversationConstants;
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.token.Reference;
+import org.apache.wss4j.common.token.SecurityTokenReference;
+import org.apache.wss4j.common.util.KeyUtils;
+import org.apache.wss4j.common.util.XMLUtils;
+import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.dom.WSDocInfo;
+import org.apache.wss4j.dom.WSSConfig;
+import org.apache.wss4j.dom.transform.STRTransform;
+import org.apache.wss4j.dom.util.WSSecurityUtil;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
/**
* Builder to sign with derived keys
*/
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java?rev=1668911&r1=1668910&r2=1668911&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java Tue Mar 24 14:37:00 2015
@@ -22,6 +22,8 @@ package org.apache.wss4j.dom.message;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.token.Reference;
+import org.apache.wss4j.common.token.SecurityTokenReference;
import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoType;
@@ -30,8 +32,6 @@ import org.apache.wss4j.common.derivedKe
import org.apache.wss4j.common.derivedKey.DerivationAlgorithm;
import org.apache.wss4j.dom.message.token.DerivedKeyToken;
import org.apache.wss4j.dom.message.token.KerberosSecurity;
-import org.apache.wss4j.dom.message.token.Reference;
-import org.apache.wss4j.dom.message.token.SecurityTokenReference;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.xml.security.utils.Base64;
import org.w3c.dom.Document;