You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2012/08/29 10:38:03 UTC
svn commit: r1378477 - in /camel/branches/camel-2.10.x: ./
camel-core/src/main/java/org/apache/camel/builder/
camel-core/src/main/java/org/apache/camel/model/dataformat/
components/camel-xmlsecurity/src/main/java/org/apache/camel/dataformat/xmlsecurity...
Author: davsclaus
Date: Wed Aug 29 08:38:02 2012
New Revision: 1378477
URL: http://svn.apache.org/viewvc?rev=1378477&view=rev
Log:
CAMEL-5545: Support key password for private key access in XMLSecurity. Thanks to Rich Newcomb for the patch.
Added:
camel/branches/camel-2.10.x/components/camel-xmlsecurity/src/test/java/org/apache/camel/dataformat/xmlsecurity/SpringXmlSecurityDataFormatWithKeyPasswordTest.java
- copied unchanged from r1378476, camel/trunk/components/camel-xmlsecurity/src/test/java/org/apache/camel/dataformat/xmlsecurity/SpringXmlSecurityDataFormatWithKeyPasswordTest.java
camel/branches/camel-2.10.x/components/camel-xmlsecurity/src/test/resources/org/apache/camel/dataformat/xmlsecurity/SpringXmlSecurityDataFormatWithKeyPasswordTest-context.xml
- copied unchanged from r1378476, camel/trunk/components/camel-xmlsecurity/src/test/resources/org/apache/camel/dataformat/xmlsecurity/SpringXmlSecurityDataFormatWithKeyPasswordTest-context.xml
camel/branches/camel-2.10.x/components/camel-xmlsecurity/src/test/resources/recipient-with-key-pass.ks
- copied unchanged from r1378476, camel/trunk/components/camel-xmlsecurity/src/test/resources/recipient-with-key-pass.ks
Modified:
camel/branches/camel-2.10.x/ (props changed)
camel/branches/camel-2.10.x/camel-core/src/main/java/org/apache/camel/builder/DataFormatClause.java
camel/branches/camel-2.10.x/camel-core/src/main/java/org/apache/camel/model/dataformat/XMLSecurityDataFormat.java
camel/branches/camel-2.10.x/components/camel-xmlsecurity/src/main/java/org/apache/camel/dataformat/xmlsecurity/XMLSecurityDataFormat.java
camel/branches/camel-2.10.x/components/camel-xmlsecurity/src/test/java/org/apache/camel/dataformat/xmlsecurity/XMLSecurityDataFormatTest.java
Propchange: camel/branches/camel-2.10.x/
------------------------------------------------------------------------------
Merged /camel/trunk:r1378476
Propchange: camel/branches/camel-2.10.x/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified: camel/branches/camel-2.10.x/camel-core/src/main/java/org/apache/camel/builder/DataFormatClause.java
URL: http://svn.apache.org/viewvc/camel/branches/camel-2.10.x/camel-core/src/main/java/org/apache/camel/builder/DataFormatClause.java?rev=1378477&r1=1378476&r2=1378477&view=diff
==============================================================================
--- camel/branches/camel-2.10.x/camel-core/src/main/java/org/apache/camel/builder/DataFormatClause.java (original)
+++ camel/branches/camel-2.10.x/camel-core/src/main/java/org/apache/camel/builder/DataFormatClause.java Wed Aug 29 08:38:02 2012
@@ -516,6 +516,16 @@ public class DataFormatClause<T extends
* Uses the XML Security data format
*/
public T secureXML(String secureTag, boolean secureTagContents, String recipientKeyAlias, String xmlCipherAlgorithm,
+ String keyCipherAlgorithm, String keyOrTrustStoreParametersId, String keyPassword) {
+ XMLSecurityDataFormat xsdf = new XMLSecurityDataFormat(secureTag, secureTagContents, recipientKeyAlias, xmlCipherAlgorithm,
+ keyCipherAlgorithm, keyOrTrustStoreParametersId, keyPassword);
+ return dataFormat(xsdf);
+ }
+
+ /**
+ * Uses the XML Security data format
+ */
+ public T secureXML(String secureTag, boolean secureTagContents, String recipientKeyAlias, String xmlCipherAlgorithm,
String keyCipherAlgorithm, KeyStoreParameters keyOrTrustStoreParameters) {
XMLSecurityDataFormat xsdf = new XMLSecurityDataFormat(secureTag, secureTagContents, recipientKeyAlias, xmlCipherAlgorithm,
keyCipherAlgorithm, keyOrTrustStoreParameters);
@@ -525,6 +535,16 @@ public class DataFormatClause<T extends
/**
* Uses the XML Security data format
*/
+ public T secureXML(String secureTag, boolean secureTagContents, String recipientKeyAlias, String xmlCipherAlgorithm,
+ String keyCipherAlgorithm, KeyStoreParameters keyOrTrustStoreParameters, String keyPassword) {
+ XMLSecurityDataFormat xsdf = new XMLSecurityDataFormat(secureTag, secureTagContents, recipientKeyAlias, xmlCipherAlgorithm,
+ keyCipherAlgorithm, keyOrTrustStoreParameters, keyPassword);
+ return dataFormat(xsdf);
+ }
+
+ /**
+ * Uses the XML Security data format
+ */
public T secureXML(String secureTag, Map<String, String> namespaces, boolean secureTagContents, String recipientKeyAlias,
String xmlCipherAlgorithm, String keyCipherAlgorithm, String keyOrTrustStoreParametersId) {
XMLSecurityDataFormat xsdf = new XMLSecurityDataFormat(secureTag, namespaces, secureTagContents, recipientKeyAlias, xmlCipherAlgorithm,
@@ -536,6 +556,16 @@ public class DataFormatClause<T extends
* Uses the XML Security data format
*/
public T secureXML(String secureTag, Map<String, String> namespaces, boolean secureTagContents, String recipientKeyAlias,
+ String xmlCipherAlgorithm, String keyCipherAlgorithm, String keyOrTrustStoreParametersId, String keyPassword) {
+ XMLSecurityDataFormat xsdf = new XMLSecurityDataFormat(secureTag, namespaces, secureTagContents, recipientKeyAlias, xmlCipherAlgorithm,
+ keyCipherAlgorithm, keyOrTrustStoreParametersId, keyPassword);
+ return dataFormat(xsdf);
+ }
+
+ /**
+ * Uses the XML Security data format
+ */
+ public T secureXML(String secureTag, Map<String, String> namespaces, boolean secureTagContents, String recipientKeyAlias,
String xmlCipherAlgorithm, String keyCipherAlgorithm, KeyStoreParameters keyOrTrustStoreParameters) {
XMLSecurityDataFormat xsdf = new XMLSecurityDataFormat(secureTag, namespaces, secureTagContents, recipientKeyAlias, xmlCipherAlgorithm,
keyCipherAlgorithm, keyOrTrustStoreParameters);
@@ -543,6 +573,16 @@ public class DataFormatClause<T extends
}
/**
+ * Uses the XML Security data format
+ */
+ public T secureXML(String secureTag, Map<String, String> namespaces, boolean secureTagContents, String recipientKeyAlias,
+ String xmlCipherAlgorithm, String keyCipherAlgorithm, KeyStoreParameters keyOrTrustStoreParameters, String keyPassword) {
+ XMLSecurityDataFormat xsdf = new XMLSecurityDataFormat(secureTag, namespaces, secureTagContents, recipientKeyAlias, xmlCipherAlgorithm,
+ keyCipherAlgorithm, keyOrTrustStoreParameters, keyPassword);
+ return dataFormat(xsdf);
+ }
+
+ /**
* Uses the xmlBeans data format
*/
public T xmlBeans() {
Modified: camel/branches/camel-2.10.x/camel-core/src/main/java/org/apache/camel/model/dataformat/XMLSecurityDataFormat.java
URL: http://svn.apache.org/viewvc/camel/branches/camel-2.10.x/camel-core/src/main/java/org/apache/camel/model/dataformat/XMLSecurityDataFormat.java?rev=1378477&r1=1378476&r2=1378477&view=diff
==============================================================================
--- camel/branches/camel-2.10.x/camel-core/src/main/java/org/apache/camel/model/dataformat/XMLSecurityDataFormat.java (original)
+++ camel/branches/camel-2.10.x/camel-core/src/main/java/org/apache/camel/model/dataformat/XMLSecurityDataFormat.java Wed Aug 29 08:38:02 2012
@@ -53,6 +53,8 @@ public class XMLSecurityDataFormat exten
private String recipientKeyAlias;
@XmlAttribute
private String keyOrTrustStoreParametersId;
+ @XmlAttribute
+ private String keyPassword;
@XmlTransient
private KeyStoreParameters keyOrTrustStoreParameters;
@@ -133,6 +135,26 @@ public class XMLSecurityDataFormat exten
this.setKeyCipherAlgorithm(keyCipherAlgorithm);
this.setKeyOrTrustStoreParameters(keyOrTrustStoreParameters);
}
+
+ public XMLSecurityDataFormat(String secureTag, boolean secureTagContents, String recipientKeyAlias,
+ String xmlCipherAlgorithm, String keyCipherAlgorithm, String keyOrTrustStoreParametersId, String keyPassword) {
+ this(secureTag, secureTagContents);
+ this.setRecipientKeyAlias(recipientKeyAlias);
+ this.setXmlCipherAlgorithm(xmlCipherAlgorithm);
+ this.setKeyCipherAlgorithm(keyCipherAlgorithm);
+ this.setKeyOrTrustStoreParametersId(keyOrTrustStoreParametersId);
+ this.setKeyPassword(keyPassword);
+ }
+
+ public XMLSecurityDataFormat(String secureTag, boolean secureTagContents, String recipientKeyAlias,
+ String xmlCipherAlgorithm, String keyCipherAlgorithm, KeyStoreParameters keyOrTrustStoreParameters, String keyPassword) {
+ this(secureTag, secureTagContents);
+ this.setRecipientKeyAlias(recipientKeyAlias);
+ this.setXmlCipherAlgorithm(xmlCipherAlgorithm);
+ this.setKeyCipherAlgorithm(keyCipherAlgorithm);
+ this.setKeyOrTrustStoreParameters(keyOrTrustStoreParameters);
+ this.setKeyPassword(keyPassword);
+ }
/**
* @deprecated use {{@link #XMLSecurityDataFormat(String, Map, boolean, String, String, String, String)} or
@@ -167,6 +189,29 @@ public class XMLSecurityDataFormat exten
this.setNamespaces(namespaces);
this.setKeyOrTrustStoreParameters(keyOrTrustStoreParameters);
}
+
+ public XMLSecurityDataFormat(String secureTag, Map<String, String> namespaces, boolean secureTagContents, String recipientKeyAlias,
+ String xmlCipherAlgorithm, String keyCipherAlgorithm, String keyOrTrustStoreParametersId, String keyPassword) {
+ this(secureTag, secureTagContents);
+ this.setRecipientKeyAlias(recipientKeyAlias);
+ this.setXmlCipherAlgorithm(xmlCipherAlgorithm);
+ this.setKeyCipherAlgorithm(keyCipherAlgorithm);
+ this.setNamespaces(namespaces);
+ this.setKeyOrTrustStoreParametersId(keyOrTrustStoreParametersId);
+ this.setKeyPassword(keyPassword);
+ }
+
+ public XMLSecurityDataFormat(String secureTag, Map<String, String> namespaces, boolean secureTagContents, String recipientKeyAlias,
+ String xmlCipherAlgorithm, String keyCipherAlgorithm, KeyStoreParameters keyOrTrustStoreParameters, String keyPassword) {
+ this(secureTag, secureTagContents);
+ this.setRecipientKeyAlias(recipientKeyAlias);
+ this.setXmlCipherAlgorithm(xmlCipherAlgorithm);
+ this.setKeyCipherAlgorithm(keyCipherAlgorithm);
+ this.setNamespaces(namespaces);
+ this.setKeyOrTrustStoreParameters(keyOrTrustStoreParameters);
+ this.setKeyPassword(keyPassword);
+ }
+
@Override
protected void configureDataFormat(DataFormat dataFormat) {
@@ -203,6 +248,9 @@ public class XMLSecurityDataFormat exten
if (namespaces != null) {
setProperty(dataFormat, "namespaces", this.namespaces);
}
+ if (keyPassword != null) {
+ setProperty(dataFormat, "keyPassword", this.getKeyPassword());
+ }
}
public String getXmlCipherAlgorithm() {
@@ -267,7 +315,14 @@ public class XMLSecurityDataFormat exten
private void setKeyOrTrustStoreParameters(KeyStoreParameters keyOrTrustStoreParameters) {
this.keyOrTrustStoreParameters = keyOrTrustStoreParameters;
-
+ }
+
+ private String getKeyPassword() {
+ return this.keyPassword;
+ }
+
+ private void setKeyPassword(String keyPassword) {
+ this.keyPassword = keyPassword;
}
@Override
Modified: camel/branches/camel-2.10.x/components/camel-xmlsecurity/src/main/java/org/apache/camel/dataformat/xmlsecurity/XMLSecurityDataFormat.java
URL: http://svn.apache.org/viewvc/camel/branches/camel-2.10.x/components/camel-xmlsecurity/src/main/java/org/apache/camel/dataformat/xmlsecurity/XMLSecurityDataFormat.java?rev=1378477&r1=1378476&r2=1378477&view=diff
==============================================================================
--- camel/branches/camel-2.10.x/components/camel-xmlsecurity/src/main/java/org/apache/camel/dataformat/xmlsecurity/XMLSecurityDataFormat.java (original)
+++ camel/branches/camel-2.10.x/components/camel-xmlsecurity/src/main/java/org/apache/camel/dataformat/xmlsecurity/XMLSecurityDataFormat.java Wed Aug 29 08:38:02 2012
@@ -110,6 +110,7 @@ public class XMLSecurityDataFormat imple
private String keyStorePassword;
private String trustStorePassword;
private String recipientKeyAlias;
+ private String keyPassword;
private KeyStoreParameters keyOrTrustStoreParameters;
private String keyOrTrustStoreParametersId;
@@ -203,7 +204,19 @@ public class XMLSecurityDataFormat imple
this.setKeyCipherAlgorithm(keyCipherAlgorithm);
this.setKeyOrTrustStoreParametersId(keyOrTrustStoreParametersId);
}
-
+
+ public XMLSecurityDataFormat(String secureTag, boolean secureTagContents, String recipientKeyAlias,
+ String xmlCipherAlgorithm, String keyCipherAlgorithm, String keyOrTrustStoreParametersId, String keyPassword) {
+ this();
+ this.setSecureTag(secureTag);
+ this.setSecureTagContents(secureTagContents);
+ this.setXmlCipherAlgorithm(xmlCipherAlgorithm);
+ this.setRecipientKeyAlias(recipientKeyAlias);
+ this.setKeyCipherAlgorithm(keyCipherAlgorithm);
+ this.setKeyOrTrustStoreParametersId(keyOrTrustStoreParametersId);
+ this.setKeyPassword(keyPassword);
+ }
+
public XMLSecurityDataFormat(String secureTag, Map<String, String> namespaces, boolean secureTagContents, String recipientKeyAlias,
String xmlCipherAlgorithm, String keyCipherAlgorithm, String keyOrTrustStoreParametersId) {
this();
@@ -217,7 +230,22 @@ public class XMLSecurityDataFormat imple
this.keyOrTrustStoreParametersId = keyOrTrustStoreParametersId;
}
}
-
+
+ public XMLSecurityDataFormat(String secureTag, Map<String, String> namespaces, boolean secureTagContents, String recipientKeyAlias,
+ String xmlCipherAlgorithm, String keyCipherAlgorithm, String keyOrTrustStoreParametersId, String keyPassword) {
+ this();
+ this.setSecureTag(secureTag);
+ this.setSecureTagContents(secureTagContents);
+ this.setXmlCipherAlgorithm(xmlCipherAlgorithm);
+ this.setRecipientKeyAlias(recipientKeyAlias);
+ this.setKeyCipherAlgorithm(keyCipherAlgorithm);
+ this.setNamespaces(namespaces);
+ if (null != keyOrTrustStoreParametersId && !keyOrTrustStoreParametersId.equals("")) {
+ this.keyOrTrustStoreParametersId = keyOrTrustStoreParametersId;
+ }
+ this.setKeyPassword(keyPassword);
+ }
+
public XMLSecurityDataFormat(String secureTag, boolean secureTagContents, String recipientKeyAlias,
String xmlCipherAlgorithm, String keyCipherAlgorithm, KeyStoreParameters keyOrTrustStoreParameters) {
this();
@@ -229,6 +257,18 @@ public class XMLSecurityDataFormat imple
this.setKeyOrTrustStoreParameters(keyOrTrustStoreParameters);
}
+ public XMLSecurityDataFormat(String secureTag, boolean secureTagContents, String recipientKeyAlias,
+ String xmlCipherAlgorithm, String keyCipherAlgorithm, KeyStoreParameters keyOrTrustStoreParameters, String keyPassword) {
+ this();
+ this.setSecureTag(secureTag);
+ this.setSecureTagContents(secureTagContents);
+ this.setXmlCipherAlgorithm(xmlCipherAlgorithm);
+ this.setRecipientKeyAlias(recipientKeyAlias);
+ this.setKeyCipherAlgorithm(keyCipherAlgorithm);
+ this.setKeyOrTrustStoreParameters(keyOrTrustStoreParameters);
+ this.setKeyPassword(keyPassword);
+ }
+
public XMLSecurityDataFormat(String secureTag, Map<String, String> namespaces, boolean secureTagContents, String recipientKeyAlias,
String xmlCipherAlgorithm, String keyCipherAlgorithm, KeyStoreParameters keyOrTrustStoreParameters) {
this();
@@ -240,6 +280,19 @@ public class XMLSecurityDataFormat imple
this.setNamespaces(namespaces);
this.setKeyOrTrustStoreParameters(keyOrTrustStoreParameters);
}
+
+ public XMLSecurityDataFormat(String secureTag, Map<String, String> namespaces, boolean secureTagContents, String recipientKeyAlias,
+ String xmlCipherAlgorithm, String keyCipherAlgorithm, KeyStoreParameters keyOrTrustStoreParameters, String keyPassword) {
+ this();
+ this.setSecureTag(secureTag);
+ this.setSecureTagContents(secureTagContents);
+ this.setXmlCipherAlgorithm(xmlCipherAlgorithm);
+ this.setRecipientKeyAlias(recipientKeyAlias);
+ this.setKeyCipherAlgorithm(keyCipherAlgorithm);
+ this.setNamespaces(namespaces);
+ this.setKeyOrTrustStoreParameters(keyOrTrustStoreParameters);
+ this.setKeyPassword(keyPassword);
+ }
@Override
public void setCamelContext(CamelContext camelContext) {
@@ -477,7 +530,8 @@ public class XMLSecurityDataFormat imple
throw new IllegalStateException("A key store must be defined for asymmetric key decryption.");
}
- Key keyEncryptionKey = getPrivateKey(this.keyStore, this.recipientKeyAlias, this.keyStorePassword);
+ Key keyEncryptionKey = getPrivateKey(this.keyStore, this.recipientKeyAlias,
+ this.keyPassword != null ? this.keyPassword : this.keyStorePassword);
return decode(exchange, encodedDocument, keyEncryptionKey);
}
@@ -773,4 +827,8 @@ public class XMLSecurityDataFormat imple
public void setNamespaces(Map<String, String> namespaces) {
getNamespaceContext().setNamespaces(namespaces);
}
+
+ public void setKeyPassword(String keyPassword) {
+ this.keyPassword = keyPassword;
+ }
}
Modified: camel/branches/camel-2.10.x/components/camel-xmlsecurity/src/test/java/org/apache/camel/dataformat/xmlsecurity/XMLSecurityDataFormatTest.java
URL: http://svn.apache.org/viewvc/camel/branches/camel-2.10.x/components/camel-xmlsecurity/src/test/java/org/apache/camel/dataformat/xmlsecurity/XMLSecurityDataFormatTest.java?rev=1378477&r1=1378476&r2=1378477&view=diff
==============================================================================
--- camel/branches/camel-2.10.x/components/camel-xmlsecurity/src/test/java/org/apache/camel/dataformat/xmlsecurity/XMLSecurityDataFormatTest.java (original)
+++ camel/branches/camel-2.10.x/components/camel-xmlsecurity/src/test/java/org/apache/camel/dataformat/xmlsecurity/XMLSecurityDataFormatTest.java Wed Aug 29 08:38:02 2012
@@ -302,6 +302,27 @@ public class XMLSecurityDataFormatTest e
});
xmlsecTestHelper.testDecryption(context);
}
+
+ @Test
+ public void testFullPayloadAsymmetricKeyDecryptionWithKeyPassword() throws Exception {
+
+ final KeyStoreParameters tsParameters = new KeyStoreParameters();
+ tsParameters.setPassword("password");
+ tsParameters.setResource("sender.ts");
+
+ final KeyStoreParameters ksParameters = new KeyStoreParameters();
+ ksParameters.setPassword("password");
+ ksParameters.setResource("recipient-with-key-pass.ks");
+
+ context.addRoutes(new RouteBuilder() {
+ public void configure() {
+ from("direct:start")
+ .marshal().secureXML("", true, "recipient", testCypherAlgorithm, XMLCipher.RSA_v1dot5, tsParameters).to("mock:encrypted")
+ .unmarshal().secureXML("", true, "recipient", testCypherAlgorithm, XMLCipher.RSA_v1dot5, ksParameters, "keyPassword").to("mock:decrypted");
+ }
+ });
+ xmlsecTestHelper.testDecryption(context);
+ }
@Test
public void testPartialPayloadAsymmetricKeyDecryption() throws Exception {