cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1099500 - /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
Date Wed, 04 May 2011 16:05:43 GMT
Author: coheigea
Date: Wed May  4 16:05:43 2011
New Revision: 1099500

URL: http://svn.apache.org/viewvc?rev=1099500&view=rev
Log:
[CXF-3842] - Pass checkstyle.

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java?rev=1099500&r1=1099499&r2=1099500&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
Wed May  4 16:05:43 2011
@@ -333,8 +333,6 @@ public class TransportBindingHandler ext
                                           SignedEncryptedParts signdParts,
                                           TokenWrapper wrapper,
                                           SecurityToken securityTok) throws Exception {
-        Document doc = saaj.getSOAPPart();
-        
         //Get the issued token
         SecurityToken secTok = securityTok;
         if (secTok == null) {
@@ -387,104 +385,124 @@ public class TransportBindingHandler ext
             }
         }
         
-        //check for derived keys
-        AlgorithmSuite algorithmSuite = tbinding.getAlgorithmSuite();
         if (token.isDerivedKeys()) {
-            //Do Signature with derived keys
-            WSSecDKSign dkSign = new WSSecDKSign(wssConfig);
-          
-            //Setting the AttachedReference or the UnattachedReference according to the flag
-            Element ref;
-            if (tokenIncluded) {
-                ref = secTok.getAttachedReference();
-            } else {
-                ref = secTok.getUnattachedReference();
-            }
-          
-            if (ref != null) {
-                dkSign.setExternalKey(secTok.getSecret(), cloneElement(ref));
-            } else {
-                dkSign.setExternalKey(secTok.getSecret(), secTok.getId());
-            }
-          
-            // Set the algo info
-            dkSign.setSignatureAlgorithm(algorithmSuite.getSymmetricSignature());
-            dkSign.setDerivedKeyLength(algorithmSuite.getSignatureDerivedKeyLength() / 8);
-            if (token.getSPConstants() == SP12Constants.INSTANCE) {
-                dkSign.setWscVersion(ConversationConstants.VERSION_05_12);
-            }
-            dkSign.prepare(doc, secHeader);
-          
-            addDerivedKeyElement(dkSign.getdktElement());
-          
-            dkSign.setParts(sigParts);
-            List<Reference> referenceList = dkSign.addReferencesToSign(sigParts, secHeader);
-          
-            //Do signature
-            dkSign.computeSignature(referenceList, false, null);
-          
-            return dkSign.getSignatureValue();
+            return doDerivedKeySignature(tokenIncluded, secTok, token, sigParts);
+        } else {
+            return doSignature(tokenIncluded, secTok, token, wrapper, sigParts);
+        }
+    }
+    
+    private byte[] doDerivedKeySignature(
+        boolean tokenIncluded,
+        SecurityToken secTok,
+        Token token,
+        List<WSEncryptionPart> sigParts
+    ) throws Exception {
+        //Do Signature with derived keys
+        WSSecDKSign dkSign = new WSSecDKSign(wssConfig);
+        AlgorithmSuite algorithmSuite = tbinding.getAlgorithmSuite();
+
+        //Setting the AttachedReference or the UnattachedReference according to the flag
+        Element ref;
+        if (tokenIncluded) {
+            ref = secTok.getAttachedReference();
+        } else {
+            ref = secTok.getUnattachedReference();
+        }
+
+        if (ref != null) {
+            dkSign.setExternalKey(secTok.getSecret(), cloneElement(ref));
         } else {
-            WSSecSignature sig = new WSSecSignature(wssConfig);
-            if (secTok.getTokenType() == null) {
+            dkSign.setExternalKey(secTok.getSecret(), secTok.getId());
+        }
+
+        // Set the algo info
+        dkSign.setSignatureAlgorithm(algorithmSuite.getSymmetricSignature());
+        dkSign.setDerivedKeyLength(algorithmSuite.getSignatureDerivedKeyLength() / 8);
+        if (token.getSPConstants() == SP12Constants.INSTANCE) {
+            dkSign.setWscVersion(ConversationConstants.VERSION_05_12);
+        }
+        Document doc = saaj.getSOAPPart();
+        dkSign.prepare(doc, secHeader);
+
+        addDerivedKeyElement(dkSign.getdktElement());
+
+        dkSign.setParts(sigParts);
+        List<Reference> referenceList = dkSign.addReferencesToSign(sigParts, secHeader);
+
+        //Do signature
+        dkSign.computeSignature(referenceList, false, null);
+
+        return dkSign.getSignatureValue();
+    }
+    
+    private byte[] doSignature(
+        boolean tokenIncluded,
+        SecurityToken secTok,
+        Token token,
+        TokenWrapper wrapper,
+        List<WSEncryptionPart> sigParts
+    ) throws Exception {
+        WSSecSignature sig = new WSSecSignature(wssConfig);
+        if (secTok.getTokenType() == null) {
+            sig.setCustomTokenId(secTok.getId());
+            sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
+            sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+        } else {
+            String id = secTok.getWsuId();
+            if (id == null) {
                 sig.setCustomTokenId(secTok.getId());
+                sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING_DIRECT);
+            } else {
+                sig.setCustomTokenId(secTok.getWsuId());
+                sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
+            }
+            String tokenType = secTok.getTokenType();
+            if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)) {
                 sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
                 sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+            } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)) {
+                sig.setCustomTokenValueType(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
+                sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
             } else {
-                String id = secTok.getWsuId();
-                if (id == null) {
-                    sig.setCustomTokenId(secTok.getId());
-                    sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING_DIRECT);
-                } else {
-                    sig.setCustomTokenId(secTok.getWsuId());
-                    sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
-                }
-                String tokenType = secTok.getTokenType();
-                if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)) {
-                    sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
-                    sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
-                } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)) {
-                    sig.setCustomTokenValueType(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
-                    sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
-                } else {
-                    sig.setCustomTokenValueType(tokenType);
-                }
+                sig.setCustomTokenValueType(tokenType);
             }
-            Crypto crypto = null;
-            if (secTok.getSecret() == null) {
-                sig.setX509Certificate(secTok.getX509Certificate());
-                
-                crypto = secTok.getCrypto();
-                String uname = crypto.getX509Identifier(secTok.getX509Certificate());
-                String password = getPassword(uname, token, WSPasswordCallback.SIGNATURE);
-                if (password == null) {
-                    password = "";
-                }
-                sig.setUserInfo(uname, password);
-                sig.setSignatureAlgorithm(binding.getAlgorithmSuite().getAsymmetricSignature());
-            } else {
-                crypto = getSignatureCrypto(wrapper);
-                sig.setSecretKey(secTok.getSecret());
-                sig.setSignatureAlgorithm(binding.getAlgorithmSuite().getSymmetricSignature());
+        }
+        Crypto crypto = null;
+        if (secTok.getSecret() == null) {
+            sig.setX509Certificate(secTok.getX509Certificate());
+
+            crypto = secTok.getCrypto();
+            String uname = crypto.getX509Identifier(secTok.getX509Certificate());
+            String password = getPassword(uname, token, WSPasswordCallback.SIGNATURE);
+            if (password == null) {
+                password = "";
             }
-            sig.setSigCanonicalization(binding.getAlgorithmSuite().getInclusiveC14n());
+            sig.setUserInfo(uname, password);
+            sig.setSignatureAlgorithm(binding.getAlgorithmSuite().getAsymmetricSignature());
+        } else {
+            crypto = getSignatureCrypto(wrapper);
+            sig.setSecretKey(secTok.getSecret());
+            sig.setSignatureAlgorithm(binding.getAlgorithmSuite().getSymmetricSignature());
+        }
+        sig.setSigCanonicalization(binding.getAlgorithmSuite().getInclusiveC14n());
 
-            sig.prepare(doc, crypto, secHeader);
+        Document doc = saaj.getSOAPPart();
+        sig.prepare(doc, crypto, secHeader);
 
-            sig.setParts(sigParts);
-            List<Reference> referenceList = sig.addReferencesToSign(sigParts, secHeader);
+        sig.setParts(sigParts);
+        List<Reference> referenceList = sig.addReferencesToSign(sigParts, secHeader);
 
-            //Do signature
-            if (bottomUpElement == null) {
-                sig.computeSignature(referenceList, false, null);
-            } else {
-                sig.computeSignature(referenceList, true, bottomUpElement);
-            }
-            bottomUpElement = sig.getSignatureElement();
-            mainSigId = sig.getId();
-        
-            return sig.getSignatureValue();
+        //Do signature
+        if (bottomUpElement == null) {
+            sig.computeSignature(referenceList, false, null);
+        } else {
+            sig.computeSignature(referenceList, true, bottomUpElement);
         }
+        bottomUpElement = sig.getSignatureElement();
+        mainSigId = sig.getId();
+
+        return sig.getSignatureValue();
     }
 
 



Mime
View raw message