You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2019/06/17 11:21:40 UTC
[cxf] 02/09: WSSecEncryptedKey.getEphemeralKey() is removed in WSS4J
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch wss4j_2.3.0
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 0fb54eada9a9439d55b8875a23e11dca7886b81c
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Mon Jan 28 12:00:06 2019 +0000
WSSecEncryptedKey.getEphemeralKey() is removed in WSS4J
---
.../cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java | 2 +-
.../ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java | 2 +-
.../ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java | 4 ++--
.../ws/security/wss4j/policyhandlers/TransportBindingHandler.java | 2 +-
.../cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java | 6 ------
.../test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java | 2 +-
6 files changed, 6 insertions(+), 12 deletions(-)
diff --git a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java
index f5f051c..35d3deb 100644
--- a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java
+++ b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java
@@ -213,7 +213,7 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler {
encrKey.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
encrKey.setUseThisCert(certs[0]);
encrKey.prepare(null);
- ephemeralKey = encrKey.getEphemeralKey();
+ ephemeralKey = encrKey.getSymmetricKey().getEncoded();
Element encryptedKeyElement = encrKey.getEncryptedKeyElement();
// Append the EncryptedKey to a KeyInfo element
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
index df31bc7..40d6ee4 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
@@ -806,7 +806,7 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
// Add the EncryptedKey
this.addEncryptedKeyElement(encrKey.getEncryptedKeyElement());
- encryptedKeyValue = encrKey.getEphemeralKey();
+ encryptedKeyValue = encrKey.getSymmetricKey().getEncoded();
encryptedKeyId = encrKey.getId();
}
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
index cc37da2..e56fc39 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
@@ -551,6 +551,7 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
encr.setCustomReferenceValue(encrTok.getTokenType());
}
encr.setEncKeyId(encrTokId);
+ encr.setSymmetricEncAlgorithm(algorithmSuite.getAlgorithmSuiteType().getEncryption());
encr.setEphemeralKey(encrTok.getSecret());
Crypto crypto = getEncryptionCrypto();
if (crypto != null) {
@@ -558,7 +559,6 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
}
encr.setEncryptSymmKey(false);
- encr.setSymmetricEncAlgorithm(algorithmSuite.getAlgorithmSuiteType().getEncryption());
encr.setMGFAlgorithm(algorithmSuite.getAlgorithmSuiteType().getMGFAlgo());
encr.setDigestAlgorithm(algorithmSuite.getAlgorithmSuiteType().getEncryptionDigest());
@@ -917,7 +917,7 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
WSSecEncryptedKey encrKey = this.getEncryptedKeyBuilder(sigToken);
assertTokenWrapper(wrapper);
String id = encrKey.getId();
- byte[] secret = encrKey.getEphemeralKey();
+ byte[] secret = encrKey.getSymmetricKey().getEncoded();
Instant created = Instant.now();
Instant expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
index 3a1b7c4..208d391 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
@@ -383,7 +383,7 @@ public class TransportBindingHandler extends AbstractBindingBuilder {
AlgorithmSuiteType algType = binding.getAlgorithmSuite().getAlgorithmSuiteType();
dkSig.setDerivedKeyLength(algType.getSignatureDerivedKeyLength() / 8);
- dkSig.setExternalKey(encrKey.getEphemeralKey(), encrKey.getId());
+ dkSig.setExternalKey(encrKey.getSymmetricKey().getEncoded(), encrKey.getId());
dkSig.prepare();
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java
index 750aa90..0e54cf2 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java
@@ -59,7 +59,6 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler {
protected X509Certificate[] certs;
protected Statement statement = Statement.AUTHN;
protected CERT_IDENTIFIER certIdentifier = CERT_IDENTIFIER.X509_CERT;
- protected byte[] ephemeralKey;
protected boolean multiValue = true;
public void setConfirmationMethod(String confMethod) {
@@ -78,10 +77,6 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler {
this.certs = certs;
}
- public byte[] getEphemeralKey() {
- return ephemeralKey;
- }
-
/**
* Note that the SubjectBean parameter should be null for SAML2.0
*/
@@ -176,7 +171,6 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler {
encrKey.setKeyIdentifierType(WSConstants.X509_KEY_IDENTIFIER);
encrKey.setUseThisCert(certs[0]);
encrKey.prepare(null);
- ephemeralKey = encrKey.getEphemeralKey();
Element encryptedKeyElement = encrKey.getEncryptedKeyElement();
// Append the EncryptedKey to a KeyInfo element
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
index 0a31958..4dc76c8 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
@@ -841,7 +841,7 @@ public class IssueSamlUnitTest {
builder.prepare(stsProperties.getSignatureCrypto());
Element encryptedKeyElement = builder.getEncryptedKeyElement();
- byte[] secret = builder.getEphemeralKey();
+ byte[] secret = builder.getSymmetricKey().getEncoded();
EntropyType entropyType = new EntropyType();
entropyType.getAny().add(encryptedKeyElement);