You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2012/07/04 19:58:01 UTC
svn commit: r1357352 - in
/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss:
ext/WSSUtils.java impl/processor/output/EncryptEndingOutputProcessor.java
impl/processor/output/WSSSignatureEndingOutputProcessor.java
Author: giger
Date: Wed Jul 4 17:58:01 2012
New Revision: 1357352
URL: http://svn.apache.org/viewvc?rev=1357352&view=rev
Log:
adapt changes from xmlsec in r1357350.
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/WSSUtils.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptEndingOutputProcessor.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureEndingOutputProcessor.java
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/WSSUtils.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/WSSUtils.java?rev=1357352&r1=1357351&r2=1357352&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/WSSUtils.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/WSSUtils.java Wed Jul 4 17:58:01 2012
@@ -19,17 +19,15 @@
package org.swssf.wss.ext;
import org.apache.commons.codec.binary.Base64;
-import org.swssf.wss.securityEvent.*;
import org.apache.xml.security.stax.crypto.Merlin;
import org.apache.xml.security.stax.ext.*;
import org.apache.xml.security.stax.ext.stax.XMLSecAttribute;
-import org.apache.xml.security.stax.ext.stax.XMLSecEndElement;
import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
import org.apache.xml.security.stax.impl.algorithms.ECDSAUtils;
+import org.swssf.wss.securityEvent.*;
import javax.xml.namespace.QName;
-import javax.xml.stream.XMLStreamConstants;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.events.Attribute;
import java.io.UnsupportedEncodingException;
@@ -45,7 +43,10 @@ import java.security.cert.X509Certificat
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Iterator;
+import java.util.List;
/**
* @author $Author$
@@ -162,121 +163,6 @@ public class WSSUtils extends XMLSecurit
}
}
- public static void flushBufferAndCallbackAfterTokenID(OutputProcessorChain outputProcessorChain,
- AbstractBufferingOutputProcessor abstractBufferingOutputProcessor,
- Deque<XMLSecEvent> xmlSecEventDeque)
- throws XMLStreamException, XMLSecurityException {
-
- final String actor = ((WSSSecurityProperties) abstractBufferingOutputProcessor.getSecurityProperties()).getActor();
-
- //loop until we reach our security header and set flag
- final Iterator<XMLSecEvent> xmlSecEventIterator = xmlSecEventDeque.descendingIterator();
- loop:
- while (xmlSecEventIterator.hasNext()) {
- XMLSecEvent xmlSecEvent = xmlSecEventIterator.next();
- switch (xmlSecEvent.getEventType()) {
- case XMLStreamConstants.START_ELEMENT:
- XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
- if (xmlSecStartElement.getName().equals(WSSConstants.TAG_wsse_Security)
- && isResponsibleActorOrRole(
- xmlSecStartElement, actor)) {
- outputProcessorChain.reset();
- outputProcessorChain.processEvent(xmlSecEvent);
- break loop;
- }
- break;
- }
- outputProcessorChain.reset();
- outputProcessorChain.processEvent(xmlSecEvent);
- }
-
- final String appendAfterThisTokenId = abstractBufferingOutputProcessor.getAppendAfterThisTokenId();
- //append current header
- if (appendAfterThisTokenId == null) {
- abstractBufferingOutputProcessor.processHeaderEvent(outputProcessorChain);
- } else {
- //we have a dependent token. so we have to append the current header after the token
- QName matchingElementName = null;
-
- loop:
- while (xmlSecEventIterator.hasNext()) {
- XMLSecEvent xmlSecEvent = xmlSecEventIterator.next();
-
- outputProcessorChain.reset();
- outputProcessorChain.processEvent(xmlSecEvent);
- switch (xmlSecEvent.getEventType()) {
- //search for an element with a matching wsu:Id. this is our token
- case XMLStreamConstants.START_ELEMENT:
- XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
- List<XMLSecAttribute> xmlSecAttributes = xmlSecStartElement.getOnElementDeclaredAttributes();
- for (int i = 0; i < xmlSecAttributes.size(); i++) {
- XMLSecAttribute xmlSecAttribute = xmlSecAttributes.get(i);
- final QName attributeName = xmlSecAttribute.getName();
- final String attributeValue = xmlSecAttribute.getValue();
- if ((WSSConstants.ATT_wsu_Id.equals(attributeName)
- || WSSConstants.ATT_NULL_Id.equals(attributeName)
- || WSSConstants.ATT_NULL_AssertionID.equals(attributeName)
- || WSSConstants.ATT_NULL_ID.equals(attributeName))
- && appendAfterThisTokenId.equals(attributeValue)) {
- matchingElementName = xmlSecStartElement.getName();
- break loop;
- }
- }
- break;
- }
- }
- //we found the token and...
- int level = 0;
- loop:
- while (xmlSecEventIterator.hasNext()) {
- XMLSecEvent xmlSecEvent = xmlSecEventIterator.next();
-
- outputProcessorChain.reset();
- outputProcessorChain.processEvent(xmlSecEvent);
-
- //...loop until we reach the token end element
- switch (xmlSecEvent.getEventType()) {
- case XMLStreamConstants.START_ELEMENT:
- level++;
- break;
- case XMLStreamConstants.END_ELEMENT:
- XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
- if (level == 0 && xmlSecEndElement.getName().equals(matchingElementName)) {
- //output now the current header
- abstractBufferingOutputProcessor.processHeaderEvent(outputProcessorChain);
- break loop;
- }
- level--;
- break;
- }
- }
- }
- //loop until our security header end element and unset the flag
- loop:
- while (xmlSecEventIterator.hasNext()) {
- XMLSecEvent xmlSecEvent = xmlSecEventIterator.next();
- switch (xmlSecEvent.getEventType()) {
- case XMLStreamConstants.END_ELEMENT:
- XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
- if (xmlSecEndElement.getName().equals(WSSConstants.TAG_wsse_Security)) {
- outputProcessorChain.reset();
- outputProcessorChain.processEvent(xmlSecEvent);
- break loop;
- }
- break;
- }
- outputProcessorChain.reset();
- outputProcessorChain.processEvent(xmlSecEvent);
- }
- //loop through the rest of the document
- while (xmlSecEventIterator.hasNext()) {
- XMLSecEvent xmlSecEvent = xmlSecEventIterator.next();
- outputProcessorChain.reset();
- outputProcessorChain.processEvent(xmlSecEvent);
- }
- outputProcessorChain.reset();
- }
-
public static void createBinarySecurityTokenStructure(AbstractOutputProcessor abstractOutputProcessor,
OutputProcessorChain outputProcessorChain,
String referenceId, X509Certificate[] x509Certificates,
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptEndingOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptEndingOutputProcessor.java?rev=1357352&r1=1357351&r2=1357352&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptEndingOutputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptEndingOutputProcessor.java Wed Jul 4 17:58:01 2012
@@ -18,13 +18,22 @@
*/
package org.swssf.wss.impl.processor.output;
-import org.swssf.wss.ext.WSSConstants;
-import org.swssf.wss.ext.WSSUtils;
import org.apache.xml.security.stax.ext.OutputProcessorChain;
import org.apache.xml.security.stax.ext.XMLSecurityException;
+import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
+import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
import org.apache.xml.security.stax.impl.processor.output.AbstractEncryptEndingOutputProcessor;
+import org.swssf.wss.ext.WSSConstants;
+import org.swssf.wss.ext.WSSSecurityProperties;
+import org.swssf.wss.ext.WSSUtils;
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamConstants;
import javax.xml.stream.XMLStreamException;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.List;
/**
* Processor buffers encrypted XMLEvents and forwards them when final is called
@@ -34,6 +43,17 @@ import javax.xml.stream.XMLStreamExcepti
*/
public class EncryptEndingOutputProcessor extends AbstractEncryptEndingOutputProcessor {
+ private static final List<QName> appendAfterOneOfThisAttributes;
+
+ static {
+ List<QName> list = new ArrayList<QName>(5);
+ list.add(WSSConstants.ATT_wsu_Id);
+ list.add(WSSConstants.ATT_NULL_Id);
+ list.add(WSSConstants.ATT_NULL_AssertionID);
+ list.add(WSSConstants.ATT_NULL_ID);
+ appendAfterOneOfThisAttributes = Collections.unmodifiableList(list);
+ }
+
public EncryptEndingOutputProcessor() throws XMLSecurityException {
super();
this.addAfterProcessor(EncryptOutputProcessor.class.getName());
@@ -48,13 +68,36 @@ public class EncryptEndingOutputProcesso
}
}
+ protected List<QName> getAppendAfterOneOfThisAttributes() {
+ return appendAfterOneOfThisAttributes;
+ }
+
@Override
- public void doFinal(OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
- OutputProcessorChain subOutputProcessorChain = outputProcessorChain.createSubChain(this);
- WSSUtils.flushBufferAndCallbackAfterTokenID(subOutputProcessorChain, this, getXmlSecEventBuffer());
- //call final on the rest of the chain
- subOutputProcessorChain.doFinal();
- //this processor is now finished and we can remove it now
- subOutputProcessorChain.removeProcessor(this);
+ public void flushBufferAndCallbackAfterTokenID(OutputProcessorChain outputProcessorChain,
+ Iterator<XMLSecEvent> xmlSecEventIterator)
+ throws XMLStreamException, XMLSecurityException {
+
+ final String actor = ((WSSSecurityProperties) getSecurityProperties()).getActor();
+
+ //loop until we reach our security header
+ loop:
+ while (xmlSecEventIterator.hasNext()) {
+ XMLSecEvent xmlSecEvent = xmlSecEventIterator.next();
+ switch (xmlSecEvent.getEventType()) {
+ case XMLStreamConstants.START_ELEMENT:
+ XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
+ if (xmlSecStartElement.getName().equals(WSSConstants.TAG_wsse_Security)
+ && WSSUtils.isResponsibleActorOrRole(
+ xmlSecStartElement, actor)) {
+ outputProcessorChain.reset();
+ outputProcessorChain.processEvent(xmlSecEvent);
+ break loop;
+ }
+ break;
+ }
+ outputProcessorChain.reset();
+ outputProcessorChain.processEvent(xmlSecEvent);
+ }
+ super.flushBufferAndCallbackAfterTokenID(outputProcessorChain, xmlSecEventIterator);
}
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureEndingOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureEndingOutputProcessor.java?rev=1357352&r1=1357351&r2=1357352&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureEndingOutputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/WSSSignatureEndingOutputProcessor.java Wed Jul 4 17:58:01 2012
@@ -18,23 +18,29 @@
*/
package org.swssf.wss.impl.processor.output;
-import org.swssf.wss.ext.WSSConstants;
-import org.swssf.wss.ext.WSSSecurityProperties;
-import org.swssf.wss.ext.WSSUtils;
-import org.swssf.wss.ext.WSSecurityContext;
-import org.swssf.wss.securityEvent.SignatureValueSecurityEvent;
import org.apache.xml.security.stax.ext.OutputProcessorChain;
import org.apache.xml.security.stax.ext.SecurityToken;
import org.apache.xml.security.stax.ext.XMLSecurityException;
import org.apache.xml.security.stax.ext.stax.XMLSecAttribute;
+import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
+import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
import org.apache.xml.security.stax.impl.SignaturePartDef;
import org.apache.xml.security.stax.impl.algorithms.SignatureAlgorithm;
import org.apache.xml.security.stax.impl.processor.output.AbstractSignatureEndingOutputProcessor;
import org.apache.xml.security.stax.impl.util.IDGenerator;
+import org.swssf.wss.ext.WSSConstants;
+import org.swssf.wss.ext.WSSSecurityProperties;
+import org.swssf.wss.ext.WSSUtils;
+import org.swssf.wss.ext.WSSecurityContext;
+import org.swssf.wss.securityEvent.SignatureValueSecurityEvent;
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamConstants;
import javax.xml.stream.XMLStreamException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Iterator;
import java.util.List;
/**
@@ -43,6 +49,17 @@ import java.util.List;
*/
public class WSSSignatureEndingOutputProcessor extends AbstractSignatureEndingOutputProcessor {
+ private static final List<QName> appendAfterOneOfThisAttributes;
+
+ static {
+ List<QName> list = new ArrayList<QName>(5);
+ list.add(WSSConstants.ATT_wsu_Id);
+ list.add(WSSConstants.ATT_NULL_Id);
+ list.add(WSSConstants.ATT_NULL_AssertionID);
+ list.add(WSSConstants.ATT_NULL_ID);
+ appendAfterOneOfThisAttributes = Collections.unmodifiableList(list);
+ }
+
private SignedInfoProcessor signedInfoProcessor = null;
public WSSSignatureEndingOutputProcessor(WSSSignatureOutputProcessor signatureOutputProcessor) throws XMLSecurityException {
@@ -52,17 +69,6 @@ public class WSSSignatureEndingOutputPro
}
@Override
- public void doFinal(OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
- setAppendAfterThisTokenId(outputProcessorChain.getSecurityContext().<String>get(WSSConstants.PROP_APPEND_SIGNATURE_ON_THIS_ID));
- OutputProcessorChain subOutputProcessorChain = outputProcessorChain.createSubChain(this);
- WSSUtils.flushBufferAndCallbackAfterTokenID(subOutputProcessorChain, this, getXmlSecEventBuffer());
- //call final on the rest of the chain
- subOutputProcessorChain.doFinal();
- //this processor is now finished and we can remove it now
- subOutputProcessorChain.removeProcessor(this);
- }
-
- @Override
protected SignedInfoProcessor newSignedInfoProcessor(SignatureAlgorithm signatureAlgorithm, OutputProcessorChain outputProcessorChain) throws XMLSecurityException {
this.signedInfoProcessor = new SignedInfoProcessor(signatureAlgorithm);
this.signedInfoProcessor.setXMLSecurityProperties(getSecurityProperties());
@@ -155,4 +161,37 @@ public class WSSSignatureEndingOutputPro
createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_dsig_Transform);
}
}
+
+ protected List<QName> getAppendAfterOneOfThisAttributes() {
+ return appendAfterOneOfThisAttributes;
+ }
+
+ @Override
+ public void flushBufferAndCallbackAfterTokenID(OutputProcessorChain outputProcessorChain,
+ Iterator<XMLSecEvent> xmlSecEventIterator)
+ throws XMLStreamException, XMLSecurityException {
+
+ final String actor = ((WSSSecurityProperties) getSecurityProperties()).getActor();
+
+ //loop until we reach our security header
+ loop:
+ while (xmlSecEventIterator.hasNext()) {
+ XMLSecEvent xmlSecEvent = xmlSecEventIterator.next();
+ switch (xmlSecEvent.getEventType()) {
+ case XMLStreamConstants.START_ELEMENT:
+ XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
+ if (xmlSecStartElement.getName().equals(WSSConstants.TAG_wsse_Security)
+ && WSSUtils.isResponsibleActorOrRole(
+ xmlSecStartElement, actor)) {
+ outputProcessorChain.reset();
+ outputProcessorChain.processEvent(xmlSecEvent);
+ break loop;
+ }
+ break;
+ }
+ outputProcessorChain.reset();
+ outputProcessorChain.processEvent(xmlSecEvent);
+ }
+ super.flushBufferAndCallbackAfterTokenID(outputProcessorChain, xmlSecEventIterator);
+ }
}