You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2020/03/03 11:04:41 UTC
[ws-wss4j] branch master updated: Consolidating some code for
storing bytes in attachments
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ws-wss4j.git
The following commit(s) were added to refs/heads/master by this push:
new ea8a294 Consolidating some code for storing bytes in attachments
ea8a294 is described below
commit ea8a294d288836e43f73c53a170d9c0bd10ed995
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Tue Mar 3 11:03:59 2020 +0000
Consolidating some code for storing bytes in attachments
---
.../apache/wss4j/common/token/BinarySecurity.java | 43 ++++------------------
.../apache/wss4j/common/util/AttachmentUtils.java | 38 +++++++++++++++++++
.../org/apache/wss4j/dom/message/Encryptor.java | 2 +-
.../wss4j/dom/message/WSSecEncryptedKey.java | 3 +-
.../apache/wss4j/dom/message/WSSecSignature.java | 3 +-
.../org/apache/wss4j/dom/util/WSSecurityUtil.java | 41 ---------------------
6 files changed, 50 insertions(+), 80 deletions(-)
diff --git a/ws-security-common/src/main/java/org/apache/wss4j/common/token/BinarySecurity.java b/ws-security-common/src/main/java/org/apache/wss4j/common/token/BinarySecurity.java
index 5aacd86..c4a6448 100644
--- a/ws-security-common/src/main/java/org/apache/wss4j/common/token/BinarySecurity.java
+++ b/ws-security-common/src/main/java/org/apache/wss4j/common/token/BinarySecurity.java
@@ -19,20 +19,19 @@
package org.apache.wss4j.common.token;
-import java.io.ByteArrayInputStream;
import java.io.IOException;
-import java.io.UnsupportedEncodingException;
-import java.net.URLEncoder;
-import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.UUID;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.xml.namespace.QName;
+
import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.bsp.BSPRule;
-import org.apache.wss4j.common.ext.Attachment;
-import org.apache.wss4j.common.ext.AttachmentResultCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.AttachmentUtils;
import org.apache.wss4j.common.util.DOM2Writer;
import org.apache.wss4j.common.util.XMLUtils;
import org.w3c.dom.Document;
@@ -40,11 +39,6 @@ import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.Text;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.UnsupportedCallbackException;
-import javax.xml.namespace.QName;
-
/**
* Binary Security Token.
*/
@@ -215,32 +209,9 @@ public class BinarySecurity {
throw new IllegalArgumentException("data == null");
}
if (storeBytesInAttachment && attachmentCallbackHandler != null) {
- Document document = element.getOwnerDocument();
final String attachmentId = "_" + UUID.randomUUID().toString();
-
- element.setAttributeNS(XMLUtils.XMLNS_NS, "xmlns:xop", WSS4JConstants.XOP_NS);
- Element xopInclude =
- document.createElementNS(WSS4JConstants.XOP_NS, "xop:Include");
- try {
- xopInclude.setAttributeNS(null, "href", "cid:" + URLEncoder.encode(attachmentId, StandardCharsets.UTF_8.name()));
- } catch (UnsupportedEncodingException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
- }
- element.appendChild(xopInclude);
-
- Attachment resultAttachment = new Attachment();
- resultAttachment.setId(attachmentId);
- resultAttachment.setMimeType("application/ciphervalue");
- resultAttachment.setSourceStream(new ByteArrayInputStream(data));
-
- AttachmentResultCallback attachmentResultCallback = new AttachmentResultCallback();
- attachmentResultCallback.setAttachmentId(attachmentId);
- attachmentResultCallback.setAttachment(resultAttachment);
- try {
- attachmentCallbackHandler.handle(new Callback[]{attachmentResultCallback});
- } catch (Exception e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
- }
+ AttachmentUtils.storeBytesInAttachment(element, element.getOwnerDocument(), attachmentId,
+ data, attachmentCallbackHandler);
} else {
Text node = getFirstNode();
node.setData(org.apache.xml.security.utils.XMLUtils.encodeToString(data));
diff --git a/ws-security-common/src/main/java/org/apache/wss4j/common/util/AttachmentUtils.java b/ws-security-common/src/main/java/org/apache/wss4j/common/util/AttachmentUtils.java
index c2affda..e6125c1 100644
--- a/ws-security-common/src/main/java/org/apache/wss4j/common/util/AttachmentUtils.java
+++ b/ws-security-common/src/main/java/org/apache/wss4j/common/util/AttachmentUtils.java
@@ -18,13 +18,17 @@
*/
package org.apache.wss4j.common.util;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.ext.Attachment;
import org.apache.wss4j.common.ext.AttachmentRequestCallback;
+import org.apache.wss4j.common.ext.AttachmentResultCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.xml.security.algorithms.JCEMapper;
import org.apache.xml.security.encryption.XMLCipherUtil;
import org.apache.xml.security.stax.impl.util.MultiInputStream;
import org.apache.xml.security.utils.JavaUtils;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
@@ -35,6 +39,7 @@ import javax.security.auth.callback.UnsupportedCallbackException;
import java.io.*;
import java.net.URLDecoder;
+import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
@@ -650,4 +655,37 @@ public final class AttachmentUtils {
);
}
}
+
+ public static void storeBytesInAttachment(
+ Element parentElement,
+ Document doc,
+ String attachmentId,
+ byte[] bytes,
+ CallbackHandler attachmentCallbackHandler
+ ) throws WSSecurityException {
+ parentElement.setAttributeNS(XMLUtils.XMLNS_NS, "xmlns:xop", WSS4JConstants.XOP_NS);
+ Element xopInclude =
+ doc.createElementNS(WSS4JConstants.XOP_NS, "xop:Include");
+ try {
+ xopInclude.setAttributeNS(null, "href", "cid:" + URLEncoder.encode(attachmentId, StandardCharsets.UTF_8.name()));
+ } catch (UnsupportedEncodingException e) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
+ }
+ parentElement.appendChild(xopInclude);
+
+ Attachment resultAttachment = new Attachment();
+ resultAttachment.setId(attachmentId);
+ resultAttachment.setMimeType("application/ciphervalue");
+ resultAttachment.setSourceStream(new ByteArrayInputStream(bytes));
+
+ AttachmentResultCallback attachmentResultCallback = new AttachmentResultCallback();
+ attachmentResultCallback.setAttachmentId(attachmentId);
+ attachmentResultCallback.setAttachment(resultAttachment);
+ try {
+ attachmentCallbackHandler.handle(new Callback[]{attachmentResultCallback});
+ } catch (Exception e) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
+ }
+
+ }
}
diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java
index 48f2de4..eb41356 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java
+++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java
@@ -320,7 +320,7 @@ public class Encryptor {
elementToEncrypt.getParentNode().replaceChild(encryptedData, elementToEncrypt);
}
- WSSecurityUtil.storeBytesInAttachment(cipherValue, doc, attachmentId,
+ AttachmentUtils.storeBytesInAttachment(cipherValue, doc, attachmentId,
finalEncryptedBytes, attachmentCallbackHandler);
return encEncryptedDataId;
diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java
index eb10062..55a0ce2 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java
+++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java
@@ -49,6 +49,7 @@ import org.apache.wss4j.common.token.DOMX509IssuerSerial;
import org.apache.wss4j.common.token.Reference;
import org.apache.wss4j.common.token.SecurityTokenReference;
import org.apache.wss4j.common.token.X509Security;
+import org.apache.wss4j.common.util.AttachmentUtils;
import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.util.WSSecurityUtil;
@@ -221,7 +222,7 @@ public class WSSecEncryptedKey extends WSSecBase {
Element xencCipherValue = createCipherValue(getDocument(), encryptedKeyElement);
if (storeBytesInAttachment) {
final String attachmentId = getIdAllocator().createId("", getDocument());
- WSSecurityUtil.storeBytesInAttachment(xencCipherValue, getDocument(), attachmentId,
+ AttachmentUtils.storeBytesInAttachment(xencCipherValue, getDocument(), attachmentId,
encryptedEphemeralKey, attachmentCallbackHandler);
} else {
Text keyText =
diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
index 60c1f25..90d3a39 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
+++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
@@ -57,6 +57,7 @@ import org.apache.wss4j.common.token.PKIPathSecurity;
import org.apache.wss4j.common.token.Reference;
import org.apache.wss4j.common.token.SecurityTokenReference;
import org.apache.wss4j.common.token.X509Security;
+import org.apache.wss4j.common.util.AttachmentUtils;
import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
@@ -476,7 +477,7 @@ public class WSSecSignature extends WSSecSignatureBase {
}
final String attachmentId = getIdAllocator().createId("", getDocument());
- WSSecurityUtil.storeBytesInAttachment(bstToken, getDocument(), attachmentId,
+ AttachmentUtils.storeBytesInAttachment(bstToken, getDocument(), attachmentId,
certBytes, attachmentCallbackHandler);
getWsDocInfo().addTokenElement(bstToken, false);
} else {
diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
index 28876bb..9bb281f 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
+++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
@@ -26,8 +26,6 @@ import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.callback.CallbackLookup;
import org.apache.wss4j.dom.engine.WSSConfig;
import org.apache.wss4j.common.WSEncryptionPart;
-import org.apache.wss4j.common.ext.Attachment;
-import org.apache.wss4j.common.ext.AttachmentResultCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.AttachmentUtils;
import org.apache.wss4j.common.util.XMLUtils;
@@ -43,13 +41,9 @@ import org.w3c.dom.Text;
//import com.sun.xml.internal.messaging.saaj.soap.SOAPDocumentImpl;
-import java.io.ByteArrayInputStream;
-import java.io.UnsupportedEncodingException;
import java.lang.reflect.AccessibleObject;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
-import java.net.URLEncoder;
-import java.nio.charset.StandardCharsets;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
@@ -58,7 +52,6 @@ import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
-import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
@@ -730,38 +723,4 @@ public final class WSSecurityUtil {
return AttachmentUtils.getAttachmentId(xopUri);
}
- public static void storeBytesInAttachment(
- Element parentElement,
- Document doc,
- String attachmentId,
- byte[] bytes,
- CallbackHandler attachmentCallbackHandler
- ) throws WSSecurityException {
- parentElement.setAttributeNS(XMLUtils.XMLNS_NS, "xmlns:xop", WSConstants.XOP_NS);
- Element xopInclude =
- doc.createElementNS(WSConstants.XOP_NS, "xop:Include");
- try {
- xopInclude.setAttributeNS(null, "href", "cid:" + URLEncoder.encode(attachmentId, StandardCharsets.UTF_8.name()));
- } catch (UnsupportedEncodingException e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
- }
- parentElement.appendChild(xopInclude);
-
- Attachment resultAttachment = new Attachment();
- resultAttachment.setId(attachmentId);
- resultAttachment.setMimeType("application/ciphervalue");
- resultAttachment.setSourceStream(new ByteArrayInputStream(bytes));
-
- AttachmentResultCallback attachmentResultCallback = new AttachmentResultCallback();
- attachmentResultCallback.setAttachmentId(attachmentId);
- attachmentResultCallback.setAttachment(resultAttachment);
- try {
- attachmentCallbackHandler.handle(new Callback[]{attachmentResultCallback});
- } catch (Exception e) {
- throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
- }
-
- }
-
-
}