You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2012/07/23 11:23:50 UTC
svn commit: r1364553 - in /webservices/wss4j/branches/swssf:
streaming-ws-policy/src/test/java/org/swssf/policy/test/
streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/
Author: giger
Date: Mon Jul 23 09:23:49 2012
New Revision: 1364553
URL: http://svn.apache.org/viewvc?rev=1364553&view=rev
Log:
adapt changes from r1364413 in santuario
Modified:
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AsymmetricBindingIntegrationTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingIntegrationTest.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureEndingOutputProcessor.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureOutputProcessor.java
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AsymmetricBindingIntegrationTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AsymmetricBindingIntegrationTest.java?rev=1364553&r1=1364552&r2=1364553&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AsymmetricBindingIntegrationTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AsymmetricBindingIntegrationTest.java Mon Jul 23 09:23:49 2012
@@ -1185,8 +1185,8 @@ public class AsymmetricBindingIntegratio
outSecurityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
outSecurityProperties.setSignatureDigestAlgorithm("http://www.w3.org/2001/04/xmldsig-more#rsa-md5");
- outSecurityProperties.addSignaturePart(new SecurePart(WSSConstants.TAG_wsu_Timestamp, SecurePart.Modifier.Element, WSSConstants.NS_C14N_EXCL, "http://www.w3.org/2001/04/xmldsig-more#md5"));
- outSecurityProperties.addSignaturePart(new SecurePart(WSSConstants.TAG_soap11_Body, SecurePart.Modifier.Element, WSSConstants.NS_C14N_EXCL, "http://www.w3.org/2001/04/xmldsig-more#md5"));
+ outSecurityProperties.addSignaturePart(new SecurePart(WSSConstants.TAG_wsu_Timestamp, SecurePart.Modifier.Element, new String[]{WSSConstants.NS_C14N_EXCL}, "http://www.w3.org/2001/04/xmldsig-more#md5"));
+ outSecurityProperties.addSignaturePart(new SecurePart(WSSConstants.TAG_soap11_Body, SecurePart.Modifier.Element, new String[]{WSSConstants.NS_C14N_EXCL}, "http://www.w3.org/2001/04/xmldsig-more#md5"));
outSecurityProperties.addEncryptionPart(new SecurePart(WSSConstants.TAG_wsu_Created, SecurePart.Modifier.Element));
outSecurityProperties.addEncryptionPart(new SecurePart(WSSConstants.TAG_wsu_Expires, SecurePart.Modifier.Content));
outSecurityProperties.addEncryptionPart(new SecurePart(WSSConstants.TAG_soap11_Body, SecurePart.Modifier.Content));
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingIntegrationTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingIntegrationTest.java?rev=1364553&r1=1364552&r2=1364553&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingIntegrationTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingIntegrationTest.java Mon Jul 23 09:23:49 2012
@@ -1136,8 +1136,8 @@ public class TransportBindingIntegration
outSecurityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
outSecurityProperties.setSignatureDigestAlgorithm("http://www.w3.org/2001/04/xmldsig-more#rsa-md5");
- outSecurityProperties.addSignaturePart(new SecurePart(new QName(WSSConstants.TAG_wsu_Timestamp.getNamespaceURI(), WSSConstants.TAG_wsu_Timestamp.getLocalPart()), SecurePart.Modifier.Element, WSSConstants.NS_C14N_EXCL, "http://www.w3.org/2001/04/xmldsig-more#md5"));
- outSecurityProperties.addSignaturePart(new SecurePart(WSSConstants.TAG_soap12_Body, SecurePart.Modifier.Element, WSSConstants.NS_C14N_EXCL, "http://www.w3.org/2001/04/xmldsig-more#md5"));
+ outSecurityProperties.addSignaturePart(new SecurePart(new QName(WSSConstants.TAG_wsu_Timestamp.getNamespaceURI(), WSSConstants.TAG_wsu_Timestamp.getLocalPart()), SecurePart.Modifier.Element, new String[]{WSSConstants.NS_C14N_EXCL}, "http://www.w3.org/2001/04/xmldsig-more#md5"));
+ outSecurityProperties.addSignaturePart(new SecurePart(WSSConstants.TAG_soap12_Body, SecurePart.Modifier.Element, new String[]{WSSConstants.NS_C14N_EXCL}, "http://www.w3.org/2001/04/xmldsig-more#md5"));
outSecurityProperties.addEncryptionPart(new SecurePart(new QName(WSSConstants.TAG_wsu_Created.getNamespaceURI(), WSSConstants.TAG_wsu_Created.getLocalPart()), SecurePart.Modifier.Element));
outSecurityProperties.addEncryptionPart(new SecurePart(new QName(WSSConstants.TAG_wsu_Expires.getNamespaceURI(), WSSConstants.TAG_wsu_Expires.getLocalPart()), SecurePart.Modifier.Content));
outSecurityProperties.addEncryptionPart(new SecurePart(WSSConstants.TAG_soap12_Body, SecurePart.Modifier.Content));
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureEndingOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureEndingOutputProcessor.java?rev=1364553&r1=1364552&r2=1364553&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureEndingOutputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureEndingOutputProcessor.java Mon Jul 23 09:23:49 2012
@@ -143,25 +143,33 @@ public class WSSSignatureEndingOutputPro
}
protected void createTransformsStructureForSignature(OutputProcessorChain subOutputProcessorChain, SignaturePartDef signaturePartDef) throws XMLStreamException, XMLSecurityException {
- if (signaturePartDef.getTransformAlgo() != null) {
+ String[] transforms = signaturePartDef.getTransforms();
+ if (transforms != null && transforms.length > 0) {
createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transforms, false, null);
- List<XMLSecAttribute> attributes = new ArrayList<XMLSecAttribute>(1);
- attributes.add(createAttribute(WSSConstants.ATT_NULL_Algorithm, signaturePartDef.getTransformAlgo()));
- createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transform, false, attributes);
- createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_wsse_TransformationParameters, false, null);
- attributes = new ArrayList<XMLSecAttribute>(1);
- attributes.add(createAttribute(WSSConstants.ATT_NULL_Algorithm, signaturePartDef.getC14nAlgo()));
- createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_CanonicalizationMethod, false, attributes);
- createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_CanonicalizationMethod);
- createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_wsse_TransformationParameters);
- createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transform);
- createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transforms);
- } else if (signaturePartDef.getC14nAlgo() != null) {
- createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transforms, false, null);
- List<XMLSecAttribute> attributes = new ArrayList<XMLSecAttribute>(1);
- attributes.add(createAttribute(WSSConstants.ATT_NULL_Algorithm, signaturePartDef.getC14nAlgo()));
- createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transform, false, attributes);
- createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transform);
+
+ if (WSSConstants.SOAPMESSAGE_NS10_STRTransform.equals(transforms[0])) {
+ List<XMLSecAttribute> attributes = new ArrayList<XMLSecAttribute>(1);
+ attributes.add(createAttribute(WSSConstants.ATT_NULL_Algorithm, transforms[0]));
+ createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transform, false, attributes);
+ if (transforms.length >= 2) {
+ createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_wsse_TransformationParameters, false, null);
+ attributes = new ArrayList<XMLSecAttribute>(1);
+ attributes.add(createAttribute(WSSConstants.ATT_NULL_Algorithm, transforms[1]));
+ createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_CanonicalizationMethod, false, attributes);
+ createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_CanonicalizationMethod);
+ createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_wsse_TransformationParameters);
+ }
+ createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transform);
+ } else {
+ for (int i = 0; i < transforms.length; i++) {
+ String transform = transforms[i];
+
+ List<XMLSecAttribute> attributes = new ArrayList<XMLSecAttribute>(1);
+ attributes.add(createAttribute(WSSConstants.ATT_NULL_Algorithm, transform));
+ createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transform, false, attributes);
+ createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transform);
+ }
+ }
createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transforms);
}
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureOutputProcessor.java?rev=1364553&r1=1364552&r2=1364553&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureOutputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureOutputProcessor.java Mon Jul 23 09:23:49 2012
@@ -20,12 +20,11 @@ package org.swssf.wss.impl.processor.out
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.xml.security.stax.ext.*;
+import org.apache.xml.security.stax.impl.transformer.TransformIdentity;
import org.swssf.wss.ext.WSSConstants;
import org.swssf.wss.ext.WSSUtils;
import org.swssf.wss.ext.WSSecurityException;
-import org.apache.xml.security.stax.ext.OutputProcessorChain;
-import org.apache.xml.security.stax.ext.SecurePart;
-import org.apache.xml.security.stax.ext.XMLSecurityException;
import org.apache.xml.security.stax.ext.stax.XMLSecAttribute;
import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
@@ -33,9 +32,12 @@ import org.apache.xml.security.stax.impl
import org.apache.xml.security.stax.impl.processor.output.AbstractSignatureOutputProcessor;
import org.apache.xml.security.stax.impl.util.IDGenerator;
+import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamConstants;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.events.Attribute;
+import java.io.OutputStream;
+import java.lang.reflect.InvocationTargetException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.ArrayList;
@@ -77,7 +79,7 @@ public class WSSSignatureOutputProcessor
InternalSignatureOutputProcessor internalSignatureOutputProcessor;
try {
SignaturePartDef signaturePartDef = new SignaturePartDef();
- signaturePartDef.setC14nAlgo(securePart.getC14nMethod());
+ signaturePartDef.setTransforms(securePart.getTransforms());
String digestMethod = securePart.getDigestMethod();
if (digestMethod == null) {
digestMethod = getSecurityProperties().getSignatureDigestAlgorithm();
@@ -99,15 +101,18 @@ public class WSSSignatureOutputProcessor
} else {
if (WSSConstants.SOAPMESSAGE_NS10_STRTransform.equals(securePart.getName().getLocalPart())) {
signaturePartDef.setSigRefId(securePart.getIdToReference());
- signaturePartDef.setTransformAlgo(WSSConstants.SOAPMESSAGE_NS10_STRTransform);
- signaturePartDef.setC14nAlgo(WSSConstants.NS_C14N_EXCL);
+ String[] transforms = new String[]{
+ WSSConstants.SOAPMESSAGE_NS10_STRTransform,
+ WSSConstants.NS_C14N_EXCL
+ };
+ signaturePartDef.setTransforms(transforms);
} else {
signaturePartDef.setSigRefId(securePart.getIdToSign());
}
}
getSignaturePartDefList().add(signaturePartDef);
- internalSignatureOutputProcessor = new InternalSignatureOutputProcessor(signaturePartDef, xmlSecStartElement.getName());
+ internalSignatureOutputProcessor = new InternalWSSSignatureOutputProcessor(signaturePartDef, xmlSecStartElement.getName());
internalSignatureOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
internalSignatureOutputProcessor.setAction(getAction());
internalSignatureOutputProcessor.addAfterProcessor(WSSSignatureOutputProcessor.class.getName());
@@ -173,4 +178,42 @@ public class WSSSignatureOutputProcessor
}
return securePart;
}
+
+ class InternalWSSSignatureOutputProcessor extends InternalSignatureOutputProcessor {
+
+ public InternalWSSSignatureOutputProcessor(SignaturePartDef signaturePartDef, QName startElement) throws XMLSecurityException, NoSuchProviderException, NoSuchAlgorithmException {
+ super(signaturePartDef, startElement);
+ }
+
+ @Override
+ protected Transformer buildTransformerChain(OutputStream outputStream, String[] transforms)
+ throws XMLSecurityException, NoSuchMethodException, InstantiationException,
+ IllegalAccessException, InvocationTargetException {
+
+ if (transforms == null || transforms.length == 0) {
+ Transformer transformer = new TransformIdentity();
+ transformer.setOutputStream(outputStream);
+ return transformer;
+ }
+
+ List<String> inclusiveNamespacesPrefixes = new ArrayList<String>();
+ if (WSSConstants.SOAPMESSAGE_NS10_STRTransform.equals(transforms[0])) {
+ inclusiveNamespacesPrefixes.add("#default");
+ }
+
+ Transformer parentTransformer = null;
+ for (int i = transforms.length - 1; i >= 0; i--) {
+ String transform = transforms[i];
+
+ if (parentTransformer != null) {
+ parentTransformer = XMLSecurityUtils.getTransformer(
+ parentTransformer, null, transform, XMLSecurityConstants.DIRECTION.OUT);
+ } else {
+ parentTransformer = XMLSecurityUtils.getTransformer(
+ inclusiveNamespacesPrefixes, outputStream, transform, XMLSecurityConstants.DIRECTION.OUT);
+ }
+ }
+ return parentTransformer;
+ }
+ }
}