cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1504072 - in /cxf/trunk: services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/ systests/ws-security/src/test/java/org/apache/cxf/systest/ws/xkms/ systests/ws-security/src/test/resources/certs/xkms/trusted_cas/
Date Wed, 17 Jul 2013 10:51:33 GMT
Author: coheigea
Date: Wed Jul 17 10:51:32 2013
New Revision: 1504072

URL: http://svn.apache.org/r1504072
Log:
Re-enabling Asymmetric XKMS test

Added:
    cxf/trunk/systests/ws-security/src/test/resources/certs/xkms/trusted_cas/
    cxf/trunk/systests/ws-security/src/test/resources/certs/xkms/trusted_cas/cxfca.crt
Modified:
    cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java
    cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/xkms/XKMSTest.java

Modified: cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java?rev=1504072&r1=1504071&r2=1504072&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java
(original)
+++ cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java
Wed Jul 17 10:51:32 2013
@@ -96,18 +96,19 @@ public class XkmsCryptoProvider extends 
     }
 
     @Override
-    public boolean verifyTrust(X509Certificate[] certs, boolean enableRevocation)
+    public void verifyTrust(X509Certificate[] certs, boolean enableRevocation)
         throws WSSecurityException {
-        if (certs == null) {
-            return false;
+        if (certs != null) {
+            LOG.fine(String.format("Verifying certificate id: %s", certs[0].getSubjectDN()));
+        }
+        if (certs == null || !xkmsInvoker.validateCertificate(certs[0])) {
+            throw new CryptoProviderException("The given certificate is not valid");
         }
-        LOG.fine(String.format("Verifying certificate id: %s", certs[0].getSubjectDN()));
-        return xkmsInvoker.validateCertificate(certs[0]);
     }
 
     @Override
-    public boolean verifyTrust(PublicKey publicKey) throws WSSecurityException {
-        return false;
+    public void verifyTrust(PublicKey publicKey) throws WSSecurityException {
+        throw new CryptoProviderException("PublicKeys cannot be verified");
     }
 
     private void assertDefaultCryptoProvider() {

Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/xkms/XKMSTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/xkms/XKMSTest.java?rev=1504072&r1=1504071&r2=1504072&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/xkms/XKMSTest.java
(original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/xkms/XKMSTest.java
Wed Jul 17 10:51:32 2013
@@ -94,10 +94,10 @@ public class XKMSTest extends AbstractBu
         bus.shutdown(true);
     }
     
-    // TODO The client uses XKMS to locate the public key of the service with which to encrypt
-    // the message.
+    // The client uses XKMS to locate the public key of the service with which to encrypt
+    // the message. Then the client uses XKMS to both locate + validate the signing cert
+    // on processing the service response
     @org.junit.Test
-    @org.junit.Ignore
     public void testAsymmetricBinding() throws Exception {
 
         SpringBusFactory bf = new SpringBusFactory();

Added: cxf/trunk/systests/ws-security/src/test/resources/certs/xkms/trusted_cas/cxfca.crt
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/certs/xkms/trusted_cas/cxfca.crt?rev=1504072&view=auto
==============================================================================
Files cxf/trunk/systests/ws-security/src/test/resources/certs/xkms/trusted_cas/cxfca.crt (added)
and cxf/trunk/systests/ws-security/src/test/resources/certs/xkms/trusted_cas/cxfca.crt Wed
Jul 17 10:51:32 2013 differ



Mime
View raw message