You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2011/10/11 20:03:15 UTC
svn commit: r1181995 [21/26] - in /webservices/wss4j/branches/swssf: ./
cxf-integration/ cxf-integration/src/main/java/org/swssf/cxfIntegration/
cxf-integration/src/main/java/org/swssf/cxfIntegration/interceptor/
cxf-integration/src/main/java/org/swssf...
Copied: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/XMLSecurityUtils.java (from r1179730, webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Utils.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/XMLSecurityUtils.java?p2=webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/XMLSecurityUtils.java&p1=webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Utils.java&r1=1179730&r2=1181995&rev=1181995&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Utils.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/XMLSecurityUtils.java Tue Oct 11 18:03:00 2011
@@ -16,10 +16,9 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.swssf.ext;
+package org.swssf.xmlsec.ext;
-import org.apache.commons.codec.binary.Base64;
-import org.swssf.config.TransformerAlgorithmMapper;
+import org.swssf.xmlsec.config.TransformerAlgorithmMapper;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
@@ -31,11 +30,8 @@ import javax.xml.stream.events.StartElem
import javax.xml.stream.events.XMLEvent;
import java.io.IOException;
import java.io.OutputStream;
-import java.io.UnsupportedEncodingException;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
import java.util.Deque;
import java.util.Iterator;
import java.util.LinkedList;
@@ -45,9 +41,9 @@ import java.util.List;
* @author $Author$
* @version $Revision$ $Date$
*/
-public class Utils {
+public class XMLSecurityUtils {
- private Utils() {
+ protected XMLSecurityUtils() {
}
/**
@@ -63,6 +59,10 @@ public class Utils {
return reference;
}
+ public static Attribute getReferenceIDAttribute(StartElement startElement) {
+ return startElement.getAttributeByName(XMLSecurityConstants.ATT_NULL_Id);
+ }
+
/**
* Returns the XMLEvent type in String form
*
@@ -103,36 +103,36 @@ public class Utils {
*
* @param callbackHandler
* @param callback
- * @throws WSSecurityException if the callback couldn't be executed
+ * @throws XMLSecurityException if the callback couldn't be executed
*/
- public static void doPasswordCallback(CallbackHandler callbackHandler, Callback callback) throws WSSecurityException {
+ public static void doPasswordCallback(CallbackHandler callbackHandler, Callback callback) throws XMLSecurityException {
if (callbackHandler == null) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCallback");
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILURE, "noCallback");
}
try {
callbackHandler.handle(new Callback[]{callback});
} catch (IOException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noPassword", e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILURE, "noPassword", e);
} catch (UnsupportedCallbackException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noPassword", e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILURE, "noPassword", e);
}
}
/**
* Try to get the secret key from a CallbackHandler implementation
*
- * @param cb a CallbackHandler implementation
+ * @param callbackHandler a CallbackHandler implementation
* @return An array of bytes corresponding to the secret key (can be null)
- * @throws WSSecurityException
+ * @throws XMLSecurityException
*/
- public static void doSecretKeyCallback(CallbackHandler callbackHandler, Callback callback, String id) throws WSSecurityException {
+ public static void doSecretKeyCallback(CallbackHandler callbackHandler, Callback callback, String id) throws XMLSecurityException {
if (callbackHandler != null) {
try {
callbackHandler.handle(new Callback[]{callback});
} catch (IOException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noPassword", e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILURE, "noPassword", e);
} catch (UnsupportedCallbackException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noPassword", e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILURE, "noPassword", e);
}
}
}
@@ -141,32 +141,6 @@ public class Utils {
return Thread.currentThread().getContextClassLoader().loadClass(className);
}
- public static String doPasswordDigest(byte[] nonce, String created, String password) throws WSSecurityException {
- try {
- byte[] b1 = nonce != null ? nonce : new byte[0];
- byte[] b2 = created != null ? created.getBytes("UTF-8") : new byte[0];
- byte[] b3 = password.getBytes("UTF-8");
- byte[] b4 = new byte[b1.length + b2.length + b3.length];
- int offset = 0;
- System.arraycopy(b1, 0, b4, offset, b1.length);
- offset += b1.length;
-
- System.arraycopy(b2, 0, b4, offset, b2.length);
- offset += b2.length;
-
- System.arraycopy(b3, 0, b4, offset, b3.length);
-
- MessageDigest sha = MessageDigest.getInstance("SHA-1");
- sha.reset();
- sha.update(b4);
- return new String(Base64.encodeBase64(sha.digest()));
- } catch (NoSuchAlgorithmException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noSHA1availabe", e);
- } catch (UnsupportedEncodingException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
- }
- }
-
@SuppressWarnings("unchecked")
public static XMLEvent createXMLEventNS(XMLEvent xmlEvent, Deque<List<ComparableNamespace>> nsStack, Deque<List<ComparableAttribute>> attrStack) {
if (xmlEvent.isStartElement()) {
@@ -237,32 +211,7 @@ public class Utils {
return xmlEvent;
}
- public static boolean isResponsibleActorOrRole(StartElement startElement, String soapVersionNamespace, String responsibleActor) {
- QName actorRole;
- if (Constants.NS_SOAP11.equals(soapVersionNamespace)) {
- actorRole = Constants.ATT_soap11_Actor;
- } else {
- actorRole = Constants.ATT_soap12_Role;
- }
-
- String actor = null;
- @SuppressWarnings("unchecked")
- Iterator<Attribute> attributeIterator = startElement.getAttributes();
- while (attributeIterator.hasNext()) {
- Attribute next = attributeIterator.next();
- if (actorRole.equals(next.getName())) {
- actor = next.getValue();
- }
- }
-
- if (responsibleActor == null) {
- return actor == null;
- } else {
- return responsibleActor.equals(actor);
- }
- }
-
- public static Transformer getTransformer(Object methodParameter1, Object methodParameter2, String algorithm) throws WSSecurityException, InstantiationException, IllegalAccessException, InvocationTargetException, NoSuchMethodException {
+ public static Transformer getTransformer(Object methodParameter1, Object methodParameter2, String algorithm) throws XMLSecurityException, InstantiationException, IllegalAccessException, InvocationTargetException, NoSuchMethodException {
Class<Transformer> transformerClass = TransformerAlgorithmMapper.getTransformerClass(algorithm);
Transformer childTransformer;
try {
Copied: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/DocumentContextImpl.java (from r1179730, webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/DocumentContextImpl.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/DocumentContextImpl.java?p2=webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/DocumentContextImpl.java&p1=webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/DocumentContextImpl.java&r1=1179730&r2=1181995&rev=1181995&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/DocumentContextImpl.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/DocumentContextImpl.java Tue Oct 11 18:03:00 2011
@@ -16,10 +16,9 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.swssf.impl;
+package org.swssf.xmlsec.impl;
-import org.swssf.ext.Constants;
-import org.swssf.ext.DocumentContext;
+import org.swssf.xmlsec.ext.DocumentContext;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamConstants;
@@ -46,21 +45,12 @@ public class DocumentContextImpl impleme
this.encoding = encoding;
}
- public String getSOAPMessageVersionNamespace() {
- if (path.size() >= 1 && path.get(0).equals(Constants.TAG_soap11_Envelope)) {
- return Constants.NS_SOAP11;
- } else if (path.size() >= 1 && path.get(0).equals(Constants.TAG_soap12_Envelope)) {
- return Constants.NS_SOAP12;
- }
- return null;
- }
-
public void addPathElement(QName qName) {
- path.add(qName);
+ getPath().add(qName);
}
public QName removePathElement() {
- return path.remove(path.size() - 1);
+ return getPath().remove(getPath().size() - 1);
}
protected void setPath(List<QName> path) {
@@ -73,48 +63,34 @@ public class DocumentContextImpl impleme
public QName getParentElement(int eventType) {
if (eventType == XMLStreamConstants.START_ELEMENT || eventType == XMLStreamConstants.END_ELEMENT) {
- if (path.size() >= 2) {
- return path.get(path.size() - 2);
+ if (getPath().size() >= 2) {
+ return getPath().get(getPath().size() - 2);
} else {
return nullElement;
}
} else {
- if (path.size() >= 1) {
- return path.get(path.size() - 1);
+ if (getPath().size() >= 1) {
+ return getPath().get(getPath().size() - 1);
} else {
return nullElement;
}
}
}
- public boolean isInSOAPHeader() {
- return (path.size() > 1
- && path.get(1).getLocalPart().equals(Constants.TAG_soap_Header_LocalName)
- && path.get(0).getNamespaceURI().equals(path.get(1).getNamespaceURI()));
- }
-
- public boolean isInSOAPBody() {
- return (path.size() > 1
- && path.get(1).getLocalPart().equals(Constants.TAG_soap_Body_LocalName)
- && path.get(0).getNamespaceURI().equals(path.get(1).getNamespaceURI()));
- }
-
public int getDocumentLevel() {
- return path.size();
+ return getPath().size();
}
- private boolean inSecurityHeader = false;
+ private int actualEncryptedContentCounter = 0;
- public boolean isInSecurityHeader() {
- return inSecurityHeader;
+ protected int getActualEncryptedContentCounter() {
+ return actualEncryptedContentCounter;
}
- public void setInSecurityHeader(boolean inSecurityHeader) {
- this.inSecurityHeader = inSecurityHeader;
+ protected void setActualEncryptedContentCounter(int actualEncryptedContentCounter) {
+ this.actualEncryptedContentCounter = actualEncryptedContentCounter;
}
- private int actualEncryptedContentCounter = 0;
-
public synchronized void setIsInEncryptedContent() {
this.actualEncryptedContentCounter++;
}
@@ -129,6 +105,14 @@ public class DocumentContextImpl impleme
private int actualSignedContentCounter = 0;
+ protected int getActualSignedContentCounter() {
+ return actualSignedContentCounter;
+ }
+
+ protected void setActualSignedContentCounter(int actualSignedContentCounter) {
+ this.actualSignedContentCounter = actualSignedContentCounter;
+ }
+
public synchronized void setIsInSignedContent() {
this.actualSignedContentCounter++;
}
@@ -146,10 +130,9 @@ public class DocumentContextImpl impleme
super.clone();
DocumentContextImpl documentContext = new DocumentContextImpl();
List<QName> subPath = new ArrayList<QName>();
- subPath.addAll(this.path);
+ subPath.addAll(this.getPath());
documentContext.setEncoding(this.encoding);
documentContext.setPath(subPath);
- documentContext.setInSecurityHeader(isInSecurityHeader());
documentContext.actualEncryptedContentCounter = this.actualEncryptedContentCounter;
documentContext.actualSignedContentCounter = this.actualSignedContentCounter;
return documentContext;
Copied: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/EncryptionPartDef.java (from r1179730, webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/EncryptionPartDef.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/EncryptionPartDef.java?p2=webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/EncryptionPartDef.java&p1=webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/EncryptionPartDef.java&r1=1179730&r2=1181995&rev=1181995&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/EncryptionPartDef.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/EncryptionPartDef.java Tue Oct 11 18:03:00 2011
@@ -16,9 +16,9 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.swssf.impl;
+package org.swssf.xmlsec.impl;
-import org.swssf.ext.SecurePart;
+import org.swssf.xmlsec.ext.SecurePart;
import java.security.Key;
Copied: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/InputProcessorChainImpl.java (from r1179730, webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/InputProcessorChainImpl.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/InputProcessorChainImpl.java?p2=webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/InputProcessorChainImpl.java&p1=webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/InputProcessorChainImpl.java&r1=1179730&r2=1181995&rev=1181995&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/InputProcessorChainImpl.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/InputProcessorChainImpl.java Tue Oct 11 18:03:00 2011
@@ -16,11 +16,11 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.swssf.impl;
+package org.swssf.xmlsec.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.swssf.ext.*;
+import org.swssf.xmlsec.ext.*;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.events.XMLEvent;
@@ -95,7 +95,7 @@ public class InputProcessorChainImpl imp
int startPhaseIdx = 0;
int endPhaseIdx = inputProcessors.size();
- Constants.Phase targetPhase = newInputProcessor.getPhase();
+ XMLSecurityConstants.Phase targetPhase = newInputProcessor.getPhase();
for (int i = inputProcessors.size() - 1; i >= 0; i--) {
InputProcessor inputProcessor = inputProcessors.get(i);
@@ -188,26 +188,26 @@ public class InputProcessorChainImpl imp
return this.inputProcessors;
}
- public XMLEvent processHeaderEvent() throws XMLStreamException, WSSecurityException {
+ public XMLEvent processHeaderEvent() throws XMLStreamException, XMLSecurityException {
return inputProcessors.get(getPosAndIncrement()).processNextHeaderEvent(this);
}
- public XMLEvent processEvent() throws XMLStreamException, WSSecurityException {
+ public XMLEvent processEvent() throws XMLStreamException, XMLSecurityException {
return inputProcessors.get(getPosAndIncrement()).processNextEvent(this);
}
- public void doFinal() throws XMLStreamException, WSSecurityException {
+ public void doFinal() throws XMLStreamException, XMLSecurityException {
inputProcessors.get(getPosAndIncrement()).doFinal(this);
}
- public InputProcessorChain createSubChain(InputProcessor inputProcessor) throws XMLStreamException, WSSecurityException {
+ public InputProcessorChain createSubChain(InputProcessor inputProcessor) throws XMLStreamException, XMLSecurityException {
//we don't clone the processor-list to get updates in the sublist too!
InputProcessorChainImpl inputProcessorChain = null;
try {
inputProcessorChain = new InputProcessorChainImpl(securityContext, documentContext.clone(),
inputProcessors.indexOf(inputProcessor) + 1);
} catch (CloneNotSupportedException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILURE, e);
}
inputProcessorChain.setInputProcessors(new ArrayList<InputProcessor>(this.inputProcessors));
return inputProcessorChain;
Copied: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/OutputProcessorChainImpl.java (from r1179730, webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/OutputProcessorChainImpl.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/OutputProcessorChainImpl.java?p2=webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/OutputProcessorChainImpl.java&p1=webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/OutputProcessorChainImpl.java&r1=1179730&r2=1181995&rev=1181995&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/OutputProcessorChainImpl.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/OutputProcessorChainImpl.java Tue Oct 11 18:03:00 2011
@@ -16,11 +16,11 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.swssf.impl;
+package org.swssf.xmlsec.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.swssf.ext.*;
+import org.swssf.xmlsec.ext.*;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.events.XMLEvent;
@@ -115,7 +115,7 @@ public class OutputProcessorChainImpl im
int startPhaseIdx = 0;
int endPhaseIdx = outputProcessors.size();
int idxToInsert = endPhaseIdx;
- Constants.Phase targetPhase = newOutputProcessor.getPhase();
+ XMLSecurityConstants.Phase targetPhase = newOutputProcessor.getPhase();
for (int i = outputProcessors.size() - 1; i >= 0; i--) {
OutputProcessor outputProcessor = outputProcessors.get(i);
@@ -211,9 +211,9 @@ public class OutputProcessorChainImpl im
return this.outputProcessors;
}
- public void processEvent(XMLEvent xmlEvent) throws XMLStreamException, WSSecurityException {
+ public void processEvent(XMLEvent xmlEvent) throws XMLStreamException, XMLSecurityException {
if (this.curPos == this.startPos) {
- xmlEvent = Utils.createXMLEventNS(xmlEvent, nsStack, attrStack);
+ xmlEvent = XMLSecurityUtils.createXMLEventNS(xmlEvent, nsStack, attrStack);
if (xmlEvent.isStartElement()) {
getDocumentContext().addPathElement(xmlEvent.asStartElement().getName());
} else if (xmlEvent.isEndElement()) {
@@ -223,18 +223,18 @@ public class OutputProcessorChainImpl im
outputProcessors.get(getPosAndIncrement()).processNextEvent(xmlEvent, this);
}
- public void doFinal() throws XMLStreamException, WSSecurityException {
+ public void doFinal() throws XMLStreamException, XMLSecurityException {
outputProcessors.get(getPosAndIncrement()).doFinal(this);
}
- public OutputProcessorChain createSubChain(OutputProcessor outputProcessor) throws XMLStreamException, WSSecurityException {
+ public OutputProcessorChain createSubChain(OutputProcessor outputProcessor) throws XMLStreamException, XMLSecurityException {
//we don't clone the processor-list to get updates in the sublist too!
OutputProcessorChainImpl outputProcessorChain = null;
try {
outputProcessorChain = new OutputProcessorChainImpl(securityContext, documentContext.clone(),
outputProcessors.indexOf(outputProcessor) + 1);
} catch (CloneNotSupportedException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILURE, e);
}
outputProcessorChain.setOutputProcessors(this.outputProcessors);
outputProcessorChain.setNsStack(getNsStack());
Copied: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/SecurityContextImpl.java (from r1179730, webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContextImpl.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/SecurityContextImpl.java?p2=webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/SecurityContextImpl.java&p1=webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContextImpl.java&r1=1179730&r2=1181995&rev=1181995&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContextImpl.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/SecurityContextImpl.java Tue Oct 11 18:03:00 2011
@@ -16,10 +16,10 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.swssf.ext;
+package org.swssf.xmlsec.impl;
-import org.swssf.securityEvent.SecurityEvent;
-import org.swssf.securityEvent.SecurityEventListener;
+import org.swssf.xmlsec.ext.SecurityContext;
+import org.swssf.xmlsec.ext.SecurityTokenProvider;
import java.util.*;
@@ -33,8 +33,6 @@ public class SecurityContextImpl impleme
private Map<String, SecurityTokenProvider> secretTokenProviders = new HashMap<String, SecurityTokenProvider>();
- private SecurityEventListener securityEventListener;
-
@SuppressWarnings("unchecked")
private Map content = Collections.synchronizedMap(new HashMap());
@@ -91,14 +89,4 @@ public class SecurityContextImpl impleme
public SecurityTokenProvider getSecurityTokenProvider(String id) {
return secretTokenProviders.get(id);
}
-
- public void setSecurityEventListener(SecurityEventListener securityEventListener) {
- this.securityEventListener = securityEventListener;
- }
-
- public synchronized void registerSecurityEvent(SecurityEvent securityEvent) throws WSSecurityException {
- if (securityEventListener != null) {
- securityEventListener.registerSecurityEvent(securityEvent);
- }
- }
}
Propchange: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/SecurityContextImpl.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Copied: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/SignaturePartDef.java (from r1179730, webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/SignaturePartDef.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/SignaturePartDef.java?p2=webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/SignaturePartDef.java&p1=webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/SignaturePartDef.java&r1=1179730&r2=1181995&rev=1181995&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/SignaturePartDef.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/SignaturePartDef.java Tue Oct 11 18:03:00 2011
@@ -16,7 +16,7 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.swssf.impl;
+package org.swssf.xmlsec.impl;
/**
* SignaturePartDef holds information about parts to be signed
Copied: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/XMLSecurityStreamReader.java (from r1179730, webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/XMLSecurityStreamReader.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/XMLSecurityStreamReader.java?p2=webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/XMLSecurityStreamReader.java&p1=webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/XMLSecurityStreamReader.java&r1=1179730&r2=1181995&rev=1181995&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/XMLSecurityStreamReader.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/XMLSecurityStreamReader.java Tue Oct 11 18:03:00 2011
@@ -16,11 +16,11 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.swssf.impl;
+package org.swssf.xmlsec.impl;
-import org.swssf.ext.InputProcessorChain;
-import org.swssf.ext.SecurityProperties;
-import org.swssf.ext.WSSecurityException;
+import org.swssf.xmlsec.ext.InputProcessorChain;
+import org.swssf.xmlsec.ext.XMLSecurityException;
+import org.swssf.xmlsec.ext.XMLSecurityProperties;
import javax.xml.namespace.NamespaceContext;
import javax.xml.namespace.QName;
@@ -37,7 +37,7 @@ import java.util.Iterator;
*/
public class XMLSecurityStreamReader implements XMLStreamReader {
- private SecurityProperties securityProperties;
+ private XMLSecurityProperties securityProperties;
private InputProcessorChain inputProcessorChain;
private XMLEvent currentEvent;
@@ -45,7 +45,7 @@ public class XMLSecurityStreamReader imp
private static final String ERR_STATE_NOT_STELEM = "Current state not START_ELEMENT";
private static final String ERR_STATE_NOT_PI = "Current state not PROCESSING_INSTRUCTION";
- public XMLSecurityStreamReader(InputProcessorChain inputProcessorChain, SecurityProperties securityProperties) {
+ public XMLSecurityStreamReader(InputProcessorChain inputProcessorChain, XMLSecurityProperties securityProperties) {
this.inputProcessorChain = inputProcessorChain;
this.securityProperties = securityProperties;
}
@@ -65,7 +65,7 @@ public class XMLSecurityStreamReader imp
&& securityProperties.isSkipDocumentEvents()) {
currentEvent = inputProcessorChain.processEvent();
}
- } catch (WSSecurityException e) {
+ } catch (XMLSecurityException e) {
throw new XMLStreamException(e);
}
return getCurrentEvent().getEventType();
@@ -175,7 +175,7 @@ public class XMLSecurityStreamReader imp
try {
inputProcessorChain.reset();
inputProcessorChain.doFinal();
- } catch (WSSecurityException e) {
+ } catch (XMLSecurityException e) {
throw new XMLStreamException(e);
}
}
Copied: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/XMLSecurityStreamWriter.java (from r1179730, webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/XMLSecurityStreamWriter.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/XMLSecurityStreamWriter.java?p2=webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/XMLSecurityStreamWriter.java&p1=webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/XMLSecurityStreamWriter.java&r1=1179730&r2=1181995&rev=1181995&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/XMLSecurityStreamWriter.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/XMLSecurityStreamWriter.java Tue Oct 11 18:03:00 2011
@@ -16,10 +16,10 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.swssf.impl;
+package org.swssf.xmlsec.impl;
-import org.swssf.ext.OutputProcessorChain;
-import org.swssf.ext.WSSecurityException;
+import org.swssf.xmlsec.ext.OutputProcessorChain;
+import org.swssf.xmlsec.ext.XMLSecurityException;
import javax.xml.namespace.NamespaceContext;
import javax.xml.namespace.QName;
@@ -52,7 +52,7 @@ public class XMLSecurityStreamWriter imp
try {
outputProcessorChain.reset();
outputProcessorChain.processEvent(xmlEvent);
- } catch (WSSecurityException e) {
+ } catch (XMLSecurityException e) {
throw new XMLStreamException(e);
}
}
@@ -144,7 +144,7 @@ public class XMLSecurityStreamWriter imp
try {
outputProcessorChain.reset();
outputProcessorChain.doFinal();
- } catch (WSSecurityException e) {
+ } catch (XMLSecurityException e) {
throw new XMLStreamException(e);
}
}
Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/HMACSignatureAlgorithm.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/HMACSignatureAlgorithm.java?rev=1181995&r1=1179730&r2=1181995&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/HMACSignatureAlgorithm.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/HMACSignatureAlgorithm.java Tue Oct 11 18:03:00 2011
@@ -16,9 +16,9 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.swssf.impl.algorithms;
+package org.swssf.xmlsec.impl.algorithms;
-import org.swssf.ext.WSSecurityException;
+import org.swssf.xmlsec.ext.XMLSecurityException;
import org.xmlsecurity.ns.configuration.AlgorithmType;
import javax.crypto.Mac;
@@ -39,61 +39,61 @@ public class HMACSignatureAlgorithm impl
mac = Mac.getInstance(algorithmType.getJCEName(), algorithmType.getJCEProvider());
}
- public void engineUpdate(byte[] input) throws WSSecurityException {
+ public void engineUpdate(byte[] input) throws XMLSecurityException {
mac.update(input);
}
- public void engineUpdate(byte input) throws WSSecurityException {
+ public void engineUpdate(byte input) throws XMLSecurityException {
mac.update(input);
}
- public void engineUpdate(byte[] buf, int offset, int len) throws WSSecurityException {
+ public void engineUpdate(byte[] buf, int offset, int len) throws XMLSecurityException {
mac.update(buf, offset, len);
}
- public void engineInitSign(Key signingKey) throws WSSecurityException {
+ public void engineInitSign(Key signingKey) throws XMLSecurityException {
try {
mac.init(signingKey);
} catch (InvalidKeyException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE, e);
}
}
- public void engineInitSign(Key signingKey, SecureRandom secureRandom) throws WSSecurityException {
+ public void engineInitSign(Key signingKey, SecureRandom secureRandom) throws XMLSecurityException {
try {
mac.init(signingKey);
} catch (InvalidKeyException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE, e);
}
}
- public void engineInitSign(Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) throws WSSecurityException {
+ public void engineInitSign(Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) throws XMLSecurityException {
try {
mac.init(signingKey, algorithmParameterSpec);
} catch (InvalidKeyException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE, e);
} catch (InvalidAlgorithmParameterException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE, e);
}
}
- public byte[] engineSign() throws WSSecurityException {
+ public byte[] engineSign() throws XMLSecurityException {
return mac.doFinal();
}
- public void engineInitVerify(Key verificationKey) throws WSSecurityException {
+ public void engineInitVerify(Key verificationKey) throws XMLSecurityException {
try {
mac.init(verificationKey);
} catch (InvalidKeyException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_CHECK, e);
}
}
- public boolean engineVerify(byte[] signature) throws WSSecurityException {
+ public boolean engineVerify(byte[] signature) throws XMLSecurityException {
byte[] completeResult = mac.doFinal();
return MessageDigest.isEqual(completeResult, signature);
}
- public void engineSetParameter(AlgorithmParameterSpec params) throws WSSecurityException {
+ public void engineSetParameter(AlgorithmParameterSpec params) throws XMLSecurityException {
}
}
Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/PKISignatureAlgorithm.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/PKISignatureAlgorithm.java?rev=1181995&r1=1179730&r2=1181995&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/PKISignatureAlgorithm.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/PKISignatureAlgorithm.java Tue Oct 11 18:03:00 2011
@@ -16,9 +16,9 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.swssf.impl.algorithms;
+package org.swssf.xmlsec.impl.algorithms;
-import org.swssf.ext.WSSecurityException;
+import org.swssf.xmlsec.ext.XMLSecurityException;
import org.xmlsecurity.ns.configuration.AlgorithmType;
import java.security.*;
@@ -38,83 +38,83 @@ public class PKISignatureAlgorithm imple
signature = Signature.getInstance(algorithmType.getJCEName(), algorithmType.getJCEProvider());
}
- public void engineUpdate(byte[] input) throws WSSecurityException {
+ public void engineUpdate(byte[] input) throws XMLSecurityException {
try {
signature.update(input);
} catch (SignatureException e) {
- throw new WSSecurityException(e.getMessage(), e);
+ throw new XMLSecurityException(e.getMessage(), e);
}
}
- public void engineUpdate(byte input) throws WSSecurityException {
+ public void engineUpdate(byte input) throws XMLSecurityException {
try {
signature.update(input);
} catch (SignatureException e) {
- throw new WSSecurityException(e.getMessage(), e);
+ throw new XMLSecurityException(e.getMessage(), e);
}
}
- public void engineUpdate(byte[] buf, int offset, int len) throws WSSecurityException {
+ public void engineUpdate(byte[] buf, int offset, int len) throws XMLSecurityException {
try {
signature.update(buf, offset, len);
} catch (SignatureException e) {
- throw new WSSecurityException(e.getMessage(), e);
+ throw new XMLSecurityException(e.getMessage(), e);
}
}
- public void engineInitSign(Key signingKey) throws WSSecurityException {
+ public void engineInitSign(Key signingKey) throws XMLSecurityException {
try {
signature.initSign((PrivateKey) signingKey);
} catch (InvalidKeyException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE, e);
}
}
- public void engineInitSign(Key signingKey, SecureRandom secureRandom) throws WSSecurityException {
+ public void engineInitSign(Key signingKey, SecureRandom secureRandom) throws XMLSecurityException {
try {
signature.initSign((PrivateKey) signingKey, secureRandom);
} catch (InvalidKeyException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE, e);
}
}
- public void engineInitSign(Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) throws WSSecurityException {
+ public void engineInitSign(Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) throws XMLSecurityException {
try {
signature.initSign((PrivateKey) signingKey);
} catch (InvalidKeyException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE, e);
}
}
- public byte[] engineSign() throws WSSecurityException {
+ public byte[] engineSign() throws XMLSecurityException {
try {
return signature.sign();
} catch (SignatureException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE, e);
}
}
- public void engineInitVerify(Key verificationKey) throws WSSecurityException {
+ public void engineInitVerify(Key verificationKey) throws XMLSecurityException {
try {
signature.initVerify((PublicKey) verificationKey);
} catch (InvalidKeyException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_CHECK, e);
}
}
- public boolean engineVerify(byte[] signature) throws WSSecurityException {
+ public boolean engineVerify(byte[] signature) throws XMLSecurityException {
try {
return this.signature.verify(signature);
} catch (SignatureException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_CHECK, e);
}
}
- public void engineSetParameter(AlgorithmParameterSpec params) throws WSSecurityException {
+ public void engineSetParameter(AlgorithmParameterSpec params) throws XMLSecurityException {
try {
signature.setParameter(params);
} catch (InvalidAlgorithmParameterException e) {
- throw new WSSecurityException(e.getMessage(), e);
+ throw new XMLSecurityException(e.getMessage(), e);
}
}
}
Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/SignatureAlgorithm.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/SignatureAlgorithm.java?rev=1181995&r1=1179730&r2=1181995&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/SignatureAlgorithm.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/SignatureAlgorithm.java Tue Oct 11 18:03:00 2011
@@ -16,9 +16,9 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.swssf.impl.algorithms;
+package org.swssf.xmlsec.impl.algorithms;
-import org.swssf.ext.WSSecurityException;
+import org.swssf.xmlsec.ext.XMLSecurityException;
import java.security.Key;
import java.security.SecureRandom;
@@ -30,23 +30,23 @@ import java.security.spec.AlgorithmParam
*/
public interface SignatureAlgorithm {
- public void engineUpdate(byte[] input) throws WSSecurityException;
+ public void engineUpdate(byte[] input) throws XMLSecurityException;
- public void engineUpdate(byte input) throws WSSecurityException;
+ public void engineUpdate(byte input) throws XMLSecurityException;
- public void engineUpdate(byte buf[], int offset, int len) throws WSSecurityException;
+ public void engineUpdate(byte buf[], int offset, int len) throws XMLSecurityException;
- public void engineInitSign(Key signingKey) throws WSSecurityException;
+ public void engineInitSign(Key signingKey) throws XMLSecurityException;
- public void engineInitSign(Key signingKey, SecureRandom secureRandom) throws WSSecurityException;
+ public void engineInitSign(Key signingKey, SecureRandom secureRandom) throws XMLSecurityException;
- public void engineInitSign(Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) throws WSSecurityException;
+ public void engineInitSign(Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) throws XMLSecurityException;
- public byte[] engineSign() throws WSSecurityException;
+ public byte[] engineSign() throws XMLSecurityException;
- public void engineInitVerify(Key verificationKey) throws WSSecurityException;
+ public void engineInitVerify(Key verificationKey) throws XMLSecurityException;
- public boolean engineVerify(byte[] signature) throws WSSecurityException;
+ public boolean engineVerify(byte[] signature) throws XMLSecurityException;
- public void engineSetParameter(AlgorithmParameterSpec params) throws WSSecurityException;
+ public void engineSetParameter(AlgorithmParameterSpec params) throws XMLSecurityException;
}
Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/SignatureAlgorithmFactory.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/SignatureAlgorithmFactory.java?rev=1181995&r1=1179730&r2=1181995&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/SignatureAlgorithmFactory.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/algorithms/SignatureAlgorithmFactory.java Tue Oct 11 18:03:00 2011
@@ -16,10 +16,10 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.swssf.impl.algorithms;
+package org.swssf.xmlsec.impl.algorithms;
-import org.swssf.config.JCEAlgorithmMapper;
-import org.swssf.ext.WSSecurityException;
+import org.swssf.xmlsec.config.JCEAlgorithmMapper;
+import org.swssf.xmlsec.ext.XMLSecurityException;
import org.xmlsecurity.ns.configuration.AlgorithmType;
import java.security.NoSuchAlgorithmException;
@@ -43,10 +43,10 @@ public class SignatureAlgorithmFactory {
return instance;
}
- public SignatureAlgorithm getSignatureAlgorithm(String algoURI) throws WSSecurityException, NoSuchProviderException, NoSuchAlgorithmException {
+ public SignatureAlgorithm getSignatureAlgorithm(String algoURI) throws XMLSecurityException, NoSuchProviderException, NoSuchAlgorithmException {
AlgorithmType algorithmType = JCEAlgorithmMapper.getAlgorithmMapping(algoURI);
if (algorithmType == null) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unknownSignatureAlgorithm", algoURI);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unknownSignatureAlgorithm", algoURI);
}
String algorithmClass = algorithmType.getAlgorithmClass();
if ("MAC".equalsIgnoreCase(algorithmClass)) {
Copied: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractDecryptInputProcessor.java (from r1179730, webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/processor/input/DecryptInputProcessor.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractDecryptInputProcessor.java?p2=webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractDecryptInputProcessor.java&p1=webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/processor/input/DecryptInputProcessor.java&r1=1179730&r2=1181995&rev=1181995&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/processor/input/DecryptInputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractDecryptInputProcessor.java Tue Oct 11 18:03:00 2011
@@ -16,18 +16,14 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.swssf.impl.processor.input;
+package org.swssf.xmlsec.impl.processor.input;
import org.apache.commons.codec.binary.Base64OutputStream;
-import org.swssf.config.JCEAlgorithmMapper;
-import org.swssf.ext.*;
-import org.swssf.impl.securityToken.SecurityTokenFactory;
-import org.swssf.impl.util.IVSplittingOutputStream;
-import org.swssf.impl.util.ReplaceableOuputStream;
-import org.swssf.securityEvent.ContentEncryptedElementSecurityEvent;
-import org.swssf.securityEvent.EncryptedElementSecurityEvent;
-import org.swssf.securityEvent.EncryptedPartSecurityEvent;
-import org.swssf.securityEvent.SecurityEvent;
+import org.swssf.xmlsec.config.JCEAlgorithmMapper;
+import org.swssf.xmlsec.ext.*;
+import org.swssf.xmlsec.impl.securityToken.SecurityTokenFactory;
+import org.swssf.xmlsec.impl.util.IVSplittingOutputStream;
+import org.swssf.xmlsec.impl.util.ReplaceableOuputStream;
import org.w3._2000._09.xmldsig_.KeyInfoType;
import org.w3._2001._04.xmlenc_.EncryptedDataType;
import org.w3._2001._04.xmlenc_.ReferenceList;
@@ -57,7 +53,7 @@ import java.util.*;
* @author $Author$
* @version $Revision$ $Date$
*/
-public class DecryptInputProcessor extends AbstractInputProcessor {
+public abstract class AbstractDecryptInputProcessor extends AbstractInputProcessor {
private ReferenceList referenceList;
private KeyInfoType keyInfoType;
@@ -68,12 +64,12 @@ public class DecryptInputProcessor exten
private ArrayDeque<XMLEvent> tmpXmlEventList = new ArrayDeque<XMLEvent>();
- public DecryptInputProcessor(ReferenceList referenceList, SecurityProperties securityProperties) {
+ public AbstractDecryptInputProcessor(ReferenceList referenceList, XMLSecurityProperties securityProperties) {
super(securityProperties);
this.referenceList = referenceList;
}
- public DecryptInputProcessor(KeyInfoType keyInfoType, ReferenceList referenceList, SecurityProperties securityProperties) {
+ public AbstractDecryptInputProcessor(KeyInfoType keyInfoType, ReferenceList referenceList, XMLSecurityProperties securityProperties) {
super(securityProperties);
this.keyInfoType = keyInfoType;
this.referenceList = referenceList;
@@ -96,17 +92,16 @@ public class DecryptInputProcessor exten
*/
@Override
- public XMLEvent processNextHeaderEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, WSSecurityException {
+ public XMLEvent processNextHeaderEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
return processEvent(inputProcessorChain, true);
- //return xmlEvent;
}
@Override
- public XMLEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, WSSecurityException {
+ public XMLEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
return processEvent(inputProcessorChain, false);
}
- private XMLEvent processEvent(InputProcessorChain inputProcessorChain, boolean isSecurityHeaderEvent) throws XMLStreamException, WSSecurityException {
+ private XMLEvent processEvent(InputProcessorChain inputProcessorChain, boolean isSecurityHeaderEvent) throws XMLStreamException, XMLSecurityException {
if (!tmpXmlEventList.isEmpty()) {
XMLEvent xmlEvent = tmpXmlEventList.pollLast();
@@ -127,7 +122,7 @@ public class DecryptInputProcessor exten
//buffer the events until the EncryptedData Element appears and discard it if we found the reference inside it
//otherwise replay it
- if (startElement.getName().equals(Constants.TAG_wsse11_EncryptedHeader)) {
+ if (startElement.getName().equals(XMLSecurityConstants.TAG_wsse11_EncryptedHeader)) {
InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this);
do {
@@ -140,7 +135,7 @@ public class DecryptInputProcessor exten
xmlEvent = subInputProcessorChain.processEvent();
}
}
- while (!(xmlEvent.isStartElement() && xmlEvent.asStartElement().getName().equals(Constants.TAG_xenc_EncryptedData)));
+ while (!(xmlEvent.isStartElement() && xmlEvent.asStartElement().getName().equals(XMLSecurityConstants.TAG_xenc_EncryptedData)));
tmpXmlEventList.push(xmlEvent);
startElement = xmlEvent.asStartElement();
@@ -149,145 +144,119 @@ public class DecryptInputProcessor exten
}
//check if the current start-element has the name EncryptedData and an Id attribute
- if (startElement.getName().equals(Constants.TAG_xenc_EncryptedData)) {
- Attribute refId = startElement.getAttributeByName(Constants.ATT_NULL_Id);
- if (refId != null) {
- //exists the id in the referenceList?
- List<ReferenceType> references = referenceList.getDataReferenceOrKeyReference();
- Iterator<ReferenceType> referenceTypeIterator = references.iterator();
- while (referenceTypeIterator.hasNext()) {
- ReferenceType referenceType = referenceTypeIterator.next();
- if (refId.getValue().equals(referenceType.getURI())) {
- logger.debug("Found encryption reference: " + refId.getValue() + " on element" + startElement.getName());
- //duplicate id's are forbidden
- if (referenceType.isProcessed()) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, "duplicateId");
- }
-
- XMLEventNS xmlEventNS = (XMLEventNS) xmlEvent;
- List<ComparableNamespace>[] comparableNamespaceList;
- List<ComparableAttribute>[] comparableAttributeList;
-
- if (encryptedHeader) {
- tmpXmlEventList.clear();
- inputProcessorChain.getDocumentContext().removePathElement();
-
- comparableNamespaceList = Arrays.copyOfRange(xmlEventNS.getNamespaceList(), 2, xmlEventNS.getNamespaceList().length);
- comparableAttributeList = Arrays.copyOfRange(xmlEventNS.getAttributeList(), 2, xmlEventNS.getNamespaceList().length);
- } else {
- comparableNamespaceList = Arrays.copyOfRange(xmlEventNS.getNamespaceList(), 1, xmlEventNS.getNamespaceList().length);
- comparableAttributeList = Arrays.copyOfRange(xmlEventNS.getAttributeList(), 1, xmlEventNS.getNamespaceList().length);
- }
+ if (startElement.getName().equals(XMLSecurityConstants.TAG_xenc_EncryptedData)) {
+ ReferenceType referenceType = matchesReferenceId(startElement);
+ if (referenceType != null) {
+ //duplicate id's are forbidden
+ if (referenceType.isProcessed()) {
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_CHECK, "duplicateId");
+ }
- EncryptedDataType currentEncryptedDataType = new EncryptedDataType(startElement);
+ XMLEventNS xmlEventNS = (XMLEventNS) xmlEvent;
+ List<ComparableNamespace>[] comparableNamespaceList;
+ List<ComparableAttribute>[] comparableAttributeList;
- referenceType.setProcessed(true);
- inputProcessorChain.getDocumentContext().setIsInEncryptedContent();
+ if (encryptedHeader) {
+ tmpXmlEventList.clear();
+ inputProcessorChain.getDocumentContext().removePathElement();
- //only fire here ContentEncryptedElementEvents
- //the other ones will be fired later, because we don't know the encrypted element name yet
- if (SecurePart.Modifier.Content.getModifier().equals(currentEncryptedDataType.getType())) {
- QName parentElement = inputProcessorChain.getDocumentContext().getParentElement(xmlEvent.getEventType());
- if (inputProcessorChain.getDocumentContext().getDocumentLevel() == 3
- && inputProcessorChain.getDocumentContext().isInSOAPBody()) {
- //soap:body content encryption counts as EncryptedPart
- EncryptedPartSecurityEvent encryptedPartSecurityEvent =
- new EncryptedPartSecurityEvent(SecurityEvent.Event.EncryptedPart, false);
- encryptedPartSecurityEvent.setElement(parentElement);
- inputProcessorChain.getSecurityContext().registerSecurityEvent(encryptedPartSecurityEvent);
- } else {
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent =
- new ContentEncryptedElementSecurityEvent(SecurityEvent.Event.ContentEncrypted, false);
- contentEncryptedElementSecurityEvent.setElement(parentElement);
- inputProcessorChain.getSecurityContext().registerSecurityEvent(contentEncryptedElementSecurityEvent);
- }
- }
+ comparableNamespaceList = Arrays.copyOfRange(xmlEventNS.getNamespaceList(), 2, xmlEventNS.getNamespaceList().length);
+ comparableAttributeList = Arrays.copyOfRange(xmlEventNS.getAttributeList(), 2, xmlEventNS.getNamespaceList().length);
+ } else {
+ comparableNamespaceList = Arrays.copyOfRange(xmlEventNS.getNamespaceList(), 1, xmlEventNS.getNamespaceList().length);
+ comparableAttributeList = Arrays.copyOfRange(xmlEventNS.getAttributeList(), 1, xmlEventNS.getNamespaceList().length);
+ }
- //the following logic reads the encryptedData structure and doesn't pass them further
- //through the chain
- InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this);
-
- XMLEvent encryptedDataXMLEvent;
- do {
- subInputProcessorChain.reset();
- if (isSecurityHeaderEvent) {
- encryptedDataXMLEvent = subInputProcessorChain.processHeaderEvent();
- } else {
- encryptedDataXMLEvent = subInputProcessorChain.processEvent();
- }
-
- //todo this self made parsing is ugly as hell. An idea would be to use JAXB with a custom WS-Security schema.
- //todo the schema would have only the declared the elements which we are supporting.
- try {
- currentEncryptedDataType.parseXMLEvent(encryptedDataXMLEvent);
- } catch (ParseException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, e);
- }
- }
- while (!(encryptedDataXMLEvent.isStartElement() && encryptedDataXMLEvent.asStartElement().getName().equals(Constants.TAG_xenc_CipherValue)));
+ EncryptedDataType currentEncryptedDataType = newEncryptedDataType(startElement);
- try {
- currentEncryptedDataType.validate();
- } catch (ParseException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, e);
- }
+ referenceType.setProcessed(true);
+ inputProcessorChain.getDocumentContext().setIsInEncryptedContent();
- KeyInfoType keyInfoType;
- if (this.keyInfoType != null) {
- keyInfoType = this.keyInfoType;
- } else {
- keyInfoType = currentEncryptedDataType.getKeyInfo();
- }
+ //only fire here ContentEncryptedElementEvents
+ //the other ones will be fired later, because we don't know the encrypted element name yet
+ if (SecurePart.Modifier.Content.getModifier().equals(currentEncryptedDataType.getType())) {
+ encryptedContentEvent(inputProcessorChain, xmlEvent);
+ }
- //create a new Thread for streaming decryption
- DecryptionThread decryptionThread = new DecryptionThread(subInputProcessorChain, isSecurityHeaderEvent,
- currentEncryptedDataType, keyInfoType, xmlEventNS);
-
- Thread receiverThread = new Thread(decryptionThread);
- receiverThread.setName("decrypting thread");
-
- DecryptedEventReaderInputProcessor decryptedEventReaderInputProcessor =
- new DecryptedEventReaderInputProcessor(getSecurityProperties(),
- SecurePart.Modifier.getModifier(currentEncryptedDataType.getType()),
- encryptedHeader, comparableNamespaceList, comparableAttributeList,
- this);
-
- //add the new created EventReader processor to the chain.
- inputProcessorChain.addProcessor(decryptedEventReaderInputProcessor);
-
- //when an exception in the decryption thread occurs, we want to forward them:
- receiverThread.setUncaughtExceptionHandler(decryptedEventReaderInputProcessor);
-
- //we have to start the thread before we call decryptionThread.getPipedInputStream().
- //Otherwise we will end in a deadlock, because the StAX reader expects already data.
- //@See some lines below:
- logger.debug("Starting decryption thread");
- receiverThread.start();
-
- inputProcessorChain.getDocumentContext().removePathElement();
-
- //spec says (4.2): "The cleartext octet sequence obtained in step 3 is interpreted as UTF-8 encoded character data."
- XMLEventReader xmlEventReader =
- inputProcessorChain.getSecurityContext().<XMLInputFactory>get(
- Constants.XMLINPUTFACTORY).createXMLEventReader(decryptionThread.getPipedInputStream(),
- "UTF-8");
-
- //forward to wrapper element
- XMLEvent tmpXmlEvent;
- do {
- tmpXmlEvent = xmlEventReader.nextEvent();
- }
- while (!(tmpXmlEvent.isStartElement() && tmpXmlEvent.asStartElement().getName().equals(wrapperElementName)));
+ //the following logic reads the encryptedData structure and doesn't pass them further
+ //through the chain
+ InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this);
- decryptedEventReaderInputProcessor.setXmlEventReader(xmlEventReader);
+ XMLEvent encryptedDataXMLEvent;
+ do {
+ subInputProcessorChain.reset();
+ if (isSecurityHeaderEvent) {
+ encryptedDataXMLEvent = subInputProcessorChain.processHeaderEvent();
+ } else {
+ encryptedDataXMLEvent = subInputProcessorChain.processEvent();
+ }
- if (isSecurityHeaderEvent) {
- return decryptedEventReaderInputProcessor.processNextHeaderEvent(inputProcessorChain);
- } else {
- return decryptedEventReaderInputProcessor.processNextEvent(inputProcessorChain);
- }
+ //todo this self made parsing is ugly as hell. An idea would be to use JAXB with a custom WS-Security schema.
+ //todo the schema would have only the declared the elements which we are supporting.
+ try {
+ currentEncryptedDataType.parseXMLEvent(encryptedDataXMLEvent);
+ } catch (ParseException e) {
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.INVALID_SECURITY, e);
}
}
+ while (!(encryptedDataXMLEvent.isStartElement() && encryptedDataXMLEvent.asStartElement().getName().equals(XMLSecurityConstants.TAG_xenc_CipherValue)));
+
+ try {
+ currentEncryptedDataType.validate();
+ } catch (ParseException e) {
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.INVALID_SECURITY, e);
+ }
+
+ KeyInfoType keyInfoType;
+ if (this.keyInfoType != null) {
+ keyInfoType = this.keyInfoType;
+ } else {
+ keyInfoType = currentEncryptedDataType.getKeyInfo();
+ }
+
+ //create a new Thread for streaming decryption
+ DecryptionThread decryptionThread = new DecryptionThread(subInputProcessorChain, isSecurityHeaderEvent,
+ currentEncryptedDataType, keyInfoType, xmlEventNS);
+
+ Thread receiverThread = new Thread(decryptionThread);
+ receiverThread.setName("decrypting thread");
+
+ AbstractDecryptedEventReaderInputProcessor decryptedEventReaderInputProcessor = newDecryptedEventReaderInputProccessor(encryptedHeader, comparableNamespaceList, comparableAttributeList, currentEncryptedDataType);
+
+ //add the new created EventReader processor to the chain.
+ inputProcessorChain.addProcessor(decryptedEventReaderInputProcessor);
+
+ //when an exception in the decryption thread occurs, we want to forward them:
+ receiverThread.setUncaughtExceptionHandler(decryptedEventReaderInputProcessor);
+
+ //we have to start the thread before we call decryptionThread.getPipedInputStream().
+ //Otherwise we will end in a deadlock, because the StAX reader expects already data.
+ //@See some lines below:
+ logger.debug("Starting decryption thread");
+ receiverThread.start();
+
+ inputProcessorChain.getDocumentContext().removePathElement();
+
+ //spec says (4.2): "The cleartext octet sequence obtained in step 3 is interpreted as UTF-8 encoded character data."
+ XMLEventReader xmlEventReader =
+ inputProcessorChain.getSecurityContext().<XMLInputFactory>get(
+ XMLSecurityConstants.XMLINPUTFACTORY).createXMLEventReader(decryptionThread.getPipedInputStream(),
+ "UTF-8");
+
+ //forward to wrapper element
+ XMLEvent tmpXmlEvent;
+ do {
+ tmpXmlEvent = xmlEventReader.nextEvent();
+ }
+ while (!(tmpXmlEvent.isStartElement() && tmpXmlEvent.asStartElement().getName().equals(wrapperElementName)));
+
+ decryptedEventReaderInputProcessor.setXmlEventReader(xmlEventReader);
+
+ if (isSecurityHeaderEvent) {
+ return decryptedEventReaderInputProcessor.processNextHeaderEvent(inputProcessorChain);
+ } else {
+ return decryptedEventReaderInputProcessor.processNextEvent(inputProcessorChain);
+ }
}
}
}
@@ -305,15 +274,41 @@ public class DecryptInputProcessor exten
return xmlEvent;
}
+ protected abstract AbstractDecryptedEventReaderInputProcessor newDecryptedEventReaderInputProccessor(
+ boolean encryptedHeader, List<ComparableNamespace>[] comparableNamespaceList,
+ List<ComparableAttribute>[] comparableAttributeList, EncryptedDataType currentEncryptedDataType);
+
+ protected abstract EncryptedDataType newEncryptedDataType(StartElement startElement);
+
+ protected abstract void encryptedContentEvent(InputProcessorChain inputProcessorChain, XMLEvent xmlEvent) throws XMLSecurityException;
+
+ protected ReferenceType matchesReferenceId(StartElement startElement) {
+
+ Attribute refId = getReferenceIDAttribute(startElement);
+ if (refId != null) {
+ //exists the id in the referenceList?
+ List<ReferenceType> references = referenceList.getDataReferenceOrKeyReference();
+ Iterator<ReferenceType> referenceTypeIterator = references.iterator();
+ while (referenceTypeIterator.hasNext()) {
+ ReferenceType referenceType = referenceTypeIterator.next();
+ if (refId.getValue().equals(referenceType.getURI())) {
+ logger.debug("Found encryption reference: " + refId.getValue() + " on element" + startElement.getName());
+ return referenceType;
+ }
+ }
+ }
+ return null;
+ }
+
@Override
- public void doFinal(InputProcessorChain inputProcessorChain) throws XMLStreamException, WSSecurityException {
+ public void doFinal(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
//here we check if all references where processed.
List<ReferenceType> references = referenceList.getDataReferenceOrKeyReference();
Iterator<ReferenceType> referenceTypeIterator = references.iterator();
while (referenceTypeIterator.hasNext()) {
ReferenceType referenceType = referenceTypeIterator.next();
if (!referenceType.isProcessed()) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, "unprocessedEncryptionReferences");
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_CHECK, "unprocessedEncryptionReferences");
}
}
inputProcessorChain.doFinal();
@@ -323,7 +318,7 @@ public class DecryptInputProcessor exten
* The DecryptedEventReaderInputProcessor reads the decrypted stream with a StAX reader and
* forwards the generated XMLEvents
*/
- class DecryptedEventReaderInputProcessor extends AbstractInputProcessor implements Thread.UncaughtExceptionHandler {
+ public abstract class AbstractDecryptedEventReaderInputProcessor extends AbstractInputProcessor implements Thread.UncaughtExceptionHandler {
private XMLEventReader xmlEventReader;
private Deque<List<ComparableNamespace>> nsStack = new ArrayDeque<List<ComparableNamespace>>(10);
@@ -334,11 +329,11 @@ public class DecryptInputProcessor exten
private boolean rootElementProcessed;
- DecryptedEventReaderInputProcessor(
- SecurityProperties securityProperties, SecurePart.Modifier encryptionModifier,
+ public AbstractDecryptedEventReaderInputProcessor(
+ XMLSecurityProperties securityProperties, SecurePart.Modifier encryptionModifier,
boolean encryptedHeader, List<ComparableNamespace>[] namespaceList,
List<ComparableAttribute>[] attributeList,
- DecryptInputProcessor decryptInputProcessor
+ AbstractDecryptInputProcessor decryptInputProcessor
) {
super(securityProperties);
getAfterProcessors().add(decryptInputProcessor);
@@ -360,16 +355,16 @@ public class DecryptInputProcessor exten
}
@Override
- public XMLEvent processNextHeaderEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, WSSecurityException {
+ public XMLEvent processNextHeaderEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
return processEvent(inputProcessorChain, true);
}
@Override
- public XMLEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, WSSecurityException {
+ public XMLEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
return processEvent(inputProcessorChain, false);
}
- private XMLEvent processEvent(InputProcessorChain inputProcessorChain, boolean headerEvent) throws XMLStreamException, WSSecurityException {
+ private XMLEvent processEvent(InputProcessorChain inputProcessorChain, boolean headerEvent) throws XMLStreamException, XMLSecurityException {
//did a execption occur during decryption in the decryption thread?
testAndThrowUncaughtException();
//here we request the next XMLEvent from the decryption thread
@@ -382,20 +377,7 @@ public class DecryptInputProcessor exten
inputProcessorChain.getDocumentContext().addPathElement(xmlEvent.asStartElement().getName());
if (!rootElementProcessed) {
- //fire a SecurityEvent:
- if (inputProcessorChain.getDocumentContext().getDocumentLevel() == 3
- && inputProcessorChain.getDocumentContext().isInSOAPHeader()) {
- EncryptedPartSecurityEvent encryptedPartSecurityEvent =
- new EncryptedPartSecurityEvent(SecurityEvent.Event.EncryptedPart, false);
- encryptedPartSecurityEvent.setElement(xmlEvent.asStartElement().getName());
- inputProcessorChain.getSecurityContext().registerSecurityEvent(encryptedPartSecurityEvent);
- } else {
- EncryptedElementSecurityEvent encryptedElementSecurityEvent =
- new EncryptedElementSecurityEvent(SecurityEvent.Event.EncryptedElement, false);
- encryptedElementSecurityEvent.setElement(xmlEvent.asStartElement().getName());
- inputProcessorChain.getSecurityContext().registerSecurityEvent(encryptedElementSecurityEvent);
- }
-
+ encryptedElementEvent(inputProcessorChain, xmlEvent);
rootElementProcessed = true;
}
@@ -408,13 +390,13 @@ public class DecryptInputProcessor exten
//skip EncryptedHeader Element when we processed it.
QName endElement;
if (encryptedHeader) {
- subInputProcessorChain.getDocumentContext().addPathElement(Constants.TAG_wsse11_EncryptedHeader);
- endElement = Constants.TAG_wsse11_EncryptedHeader;
+ subInputProcessorChain.getDocumentContext().addPathElement(XMLSecurityConstants.TAG_wsse11_EncryptedHeader);
+ endElement = XMLSecurityConstants.TAG_wsse11_EncryptedHeader;
} else {
- endElement = Constants.TAG_xenc_EncryptedData;
+ endElement = XMLSecurityConstants.TAG_xenc_EncryptedData;
}
- subInputProcessorChain.getDocumentContext().addPathElement(Constants.TAG_xenc_EncryptedData);
- subInputProcessorChain.getDocumentContext().addPathElement(Constants.TAG_xenc_CipherData);
+ subInputProcessorChain.getDocumentContext().addPathElement(XMLSecurityConstants.TAG_xenc_EncryptedData);
+ subInputProcessorChain.getDocumentContext().addPathElement(XMLSecurityConstants.TAG_xenc_CipherData);
//read and discard XMLEvents until the EncryptedData structure
XMLEvent endEvent;
@@ -448,11 +430,13 @@ public class DecryptInputProcessor exten
}
if (!(xmlEvent instanceof XMLEventNS)) {
- xmlEvent = Utils.createXMLEventNS(xmlEvent, nsStack, attrStack);
+ xmlEvent = XMLSecurityUtils.createXMLEventNS(xmlEvent, nsStack, attrStack);
}
return xmlEvent;
}
+ protected abstract void encryptedElementEvent(InputProcessorChain inputProcessorChain, XMLEvent xmlEvent) throws XMLSecurityException;
+
private Throwable thrownException;
public void uncaughtException(Thread t, Throwable e) {
@@ -461,8 +445,8 @@ public class DecryptInputProcessor exten
private void testAndThrowUncaughtException() throws XMLStreamException {
if (this.thrownException != null) {
- if (this.thrownException instanceof UncheckedWSSecurityException) {
- UncheckedWSSecurityException uxse = (UncheckedWSSecurityException) this.thrownException;
+ if (this.thrownException instanceof UncheckedXMLSecurityException) {
+ UncheckedXMLSecurityException uxse = (UncheckedXMLSecurityException) this.thrownException;
throw new XMLStreamException(uxse.getCause());
} else {
throw new XMLStreamException(this.thrownException.getCause());
@@ -484,8 +468,8 @@ public class DecryptInputProcessor exten
private Cipher symmetricCipher;
private Key secretKey;
- public DecryptionThread(InputProcessorChain inputProcessorChain, boolean header,
- EncryptedDataType encryptedDataType, KeyInfoType keyInfoType, XMLEventNS startXMLElement) throws XMLStreamException, WSSecurityException {
+ protected DecryptionThread(InputProcessorChain inputProcessorChain, boolean header,
+ EncryptedDataType encryptedDataType, KeyInfoType keyInfoType, XMLEventNS startXMLElement) throws XMLStreamException, XMLSecurityException {
this.inputProcessorChain = inputProcessorChain;
this.header = header;
@@ -498,30 +482,30 @@ public class DecryptInputProcessor exten
keyInfoType, getSecurityProperties().getDecryptionCrypto(),
getSecurityProperties().getCallbackHandler(), inputProcessorChain.getSecurityContext(), this);
- secretKey = securityToken.getSecretKey(algorithmURI, Constants.KeyUsage.Enc);
+ setSecretKey(securityToken.getSecretKey(algorithmURI, XMLSecurityConstants.Enc));
try {
AlgorithmType syncEncAlgo = JCEAlgorithmMapper.getAlgorithmMapping(algorithmURI);
- symmetricCipher = Cipher.getInstance(syncEncAlgo.getJCEName(), syncEncAlgo.getJCEProvider());
+ setSymmetricCipher(Cipher.getInstance(syncEncAlgo.getJCEName(), syncEncAlgo.getJCEProvider()));
//we have to defer the initialization of the cipher until we can extract the IV...
} catch (NoSuchAlgorithmException e) {
- throw new WSSecurityException(
- WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unsupportedKeyTransp",
+ throw new XMLSecurityException(
+ XMLSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unsupportedKeyTransp",
e, "No such algorithm: " + algorithmURI
);
} catch (NoSuchPaddingException e) {
- throw new WSSecurityException(
- WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unsupportedKeyTransp",
+ throw new XMLSecurityException(
+ XMLSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unsupportedKeyTransp",
e, "No such padding: " + algorithmURI
);
} catch (NoSuchProviderException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noSecProvider", e);
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILURE, "noSecProvider", e);
}
//fire an AlgorithmSuiteSecurityEvent
/*AlgorithmSuiteSecurityEvent algorithmSuiteSecurityEvent = new AlgorithmSuiteSecurityEvent(SecurityEvent.Event.AlgorithmSuite);
algorithmSuiteSecurityEvent.setAlgorithmURI(algorithmURI);
- algorithmSuiteSecurityEvent.setKeyUsage(Constants.KeyUsage.Enc);
+ algorithmSuiteSecurityEvent.setKeyUsage(XMLSecurityConstants.KeyUsage.Enc);
inputProcessorChain.getSecurityContext().registerSecurityEvent(algorithmSuiteSecurityEvent);*/
//prepare the piped streams and connect them:
@@ -538,7 +522,7 @@ public class DecryptInputProcessor exten
return pipedInputStream;
}
- private XMLEvent processNextEvent() throws WSSecurityException, XMLStreamException {
+ private XMLEvent processNextEvent() throws XMLSecurityException, XMLStreamException {
inputProcessorChain.reset();
if (header) {
return inputProcessorChain.processHeaderEvent();
@@ -620,8 +604,8 @@ public class DecryptInputProcessor exten
//just calling flush here, seems to be fine
out.flush();
}
- }, symmetricCipher),
- symmetricCipher, secretKey);
+ }, getSymmetricCipher()),
+ getSymmetricCipher(), getSecretKey());
//buffering seems not to help
//bufferedOutputStream = new BufferedOutputStream(new Base64OutputStream(ivSplittingOutputStream, false), 8192 * 5);
ReplaceableOuputStream replaceableOuputStream = new ReplaceableOuputStream(ivSplittingOutputStream);
@@ -643,7 +627,7 @@ public class DecryptInputProcessor exten
decryptOutputStream.write(xmlEvent.asCharacters().getData().getBytes(inputProcessorChain.getDocumentContext().getEncoding()));
break;
default:
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, "unexpectedXMLEvent", Utils.getXMLEventAsString(xmlEvent));
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_CHECK, "unexpectedXMLEvent", XMLSecurityUtils.getXMLEventAsString(xmlEvent));
}
}
@@ -662,8 +646,24 @@ public class DecryptInputProcessor exten
logger.debug("Decryption thread finished");
} catch (Exception e) {
- throw new UncheckedWSSecurityException(e);
+ throw new UncheckedXMLSecurityException(e);
}
}
+
+ protected Cipher getSymmetricCipher() {
+ return symmetricCipher;
+ }
+
+ protected void setSymmetricCipher(Cipher symmetricCipher) {
+ this.symmetricCipher = symmetricCipher;
+ }
+
+ protected Key getSecretKey() {
+ return secretKey;
+ }
+
+ protected void setSecretKey(Key secretKey) {
+ this.secretKey = secretKey;
+ }
}
}