You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2012/07/18 11:18:05 UTC
svn commit: r1362825 -
/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenFactoryImpl.java
Author: coheigea
Date: Wed Jul 18 09:18:05 2012
New Revision: 1362825
URL: http://svn.apache.org/viewvc?rev=1362825&view=rev
Log:
Add PublicKey trust verification
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenFactoryImpl.java
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenFactoryImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenFactoryImpl.java?rev=1362825&r1=1362824&r2=1362825&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenFactoryImpl.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenFactoryImpl.java Wed Jul 18 09:18:05 2012
@@ -193,7 +193,7 @@ public class SecurityTokenFactoryImpl ex
}
}
- public static SecurityToken getSecurityToken(KeyValueType keyValueType, Crypto crypto,
+ public static SecurityToken getSecurityToken(KeyValueType keyValueType, final Crypto crypto,
final CallbackHandler callbackHandler, SecurityContext securityContext)
throws XMLSecurityException {
@@ -201,19 +201,34 @@ public class SecurityTokenFactoryImpl ex
= XMLSecurityUtils.getQNameType(keyValueType.getContent(), WSSConstants.TAG_dsig_RSAKeyValue);
if (rsaKeyValueType != null) {
return new RsaKeyValueSecurityToken(rsaKeyValueType, (WSSecurityContext) securityContext,
- callbackHandler, WSSConstants.WSSKeyIdentifierType.KEY_VALUE);
+ callbackHandler, WSSConstants.WSSKeyIdentifierType.KEY_VALUE) {
+ @Override
+ public void verify() throws XMLSecurityException {
+ crypto.verifyTrust(getPubKey("", null));
+ }
+ };
}
final DSAKeyValueType dsaKeyValueType
= XMLSecurityUtils.getQNameType(keyValueType.getContent(), WSSConstants.TAG_dsig_DSAKeyValue);
if (dsaKeyValueType != null) {
return new DsaKeyValueSecurityToken(dsaKeyValueType, (WSSecurityContext) securityContext,
- callbackHandler, WSSConstants.WSSKeyIdentifierType.KEY_VALUE);
+ callbackHandler, WSSConstants.WSSKeyIdentifierType.KEY_VALUE) {
+ @Override
+ public void verify() throws XMLSecurityException {
+ crypto.verifyTrust(getPubKey("", null));
+ }
+ };
}
final ECKeyValueType ecKeyValueType
= XMLSecurityUtils.getQNameType(keyValueType.getContent(), WSSConstants.TAG_dsig11_ECKeyValue);
if (ecKeyValueType != null) {
return new ECKeyValueSecurityToken(ecKeyValueType, (WSSecurityContext) securityContext,
- callbackHandler, WSSConstants.WSSKeyIdentifierType.KEY_VALUE);
+ callbackHandler, WSSConstants.WSSKeyIdentifierType.KEY_VALUE) {
+ @Override
+ public void verify() throws XMLSecurityException {
+ crypto.verifyTrust(getPubKey("", null));
+ }
+ };
}
throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "unsupportedKeyInfo");
}