cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: Some refactoring due to WSS-549
Date Tue, 04 Aug 2015 11:01:10 GMT
Repository: cxf
Updated Branches:
  refs/heads/master e89913007 -> 5048d0b5a


Some refactoring due to WSS-549


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5048d0b5
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5048d0b5
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5048d0b5

Branch: refs/heads/master
Commit: 5048d0b5a92cceb98fc46424d758b40107b47345
Parents: e899130
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue Aug 4 12:00:46 2015 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue Aug 4 12:00:46 2015 +0100

----------------------------------------------------------------------
 .../AsymmetricBindingHandler.java               | 87 ++++++++++++--------
 .../policyhandlers/SymmetricBindingHandler.java | 11 ++-
 2 files changed, 60 insertions(+), 38 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/5048d0b5/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
index 01d7de3..dba4cff 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
@@ -416,7 +416,9 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
             try {
                 Element secondRefList = 
                     ((WSSecDKEncrypt)encrBase).encryptForExternalRef(null, secondEncrParts);
-                ((WSSecDKEncrypt)encrBase).addExternalRefElement(secondRefList, secHeader);
+                if (secondRefList != null) {
+                    ((WSSecDKEncrypt)encrBase).addExternalRefElement(secondRefList, secHeader);
+                }
 
             } catch (WSSecurityException ex) {
                 LOG.log(Level.FINE, ex.getMessage(), ex);
@@ -452,37 +454,7 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder
{
             assertPolicy(encrToken);
             AlgorithmSuite algorithmSuite = abinding.getAlgorithmSuite();
             if (encrToken.getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
-                try {
-                    WSSecDKEncrypt dkEncr = new WSSecDKEncrypt();
-                    dkEncr.setIdAllocator(wssConfig.getIdAllocator());
-                    dkEncr.setCallbackLookup(callbackLookup);
-                    dkEncr.setAttachmentCallbackHandler(new AttachmentCallbackHandler(message));
-                    dkEncr.setStoreBytesInAttachment(storeBytesInAttachment);
-                    if (recToken.getToken().getVersion() == SPConstants.SPVersion.SP11) {
-                        dkEncr.setWscVersion(ConversationConstants.VERSION_05_02);
-                    }
-                    
-                    if (encrKey == null) {
-                        setupEncryptedKey(recToken, encrToken);
-                    }
-                    
-                    dkEncr.setExternalKey(this.encryptedKeyValue, this.encryptedKeyId);
-                    dkEncr.getParts().addAll(encrParts);
-                    dkEncr.setCustomValueType(WSConstants.SOAPMESSAGE_NS11 + "#"
-                            + WSConstants.ENC_KEY_VALUE_TYPE);
-                    AlgorithmSuiteType algType = algorithmSuite.getAlgorithmSuiteType();
-                    dkEncr.setSymmetricEncAlgorithm(algType.getEncryption());
-                    dkEncr.setDerivedKeyLength(algType.getEncryptionDerivedKeyLength() /
8);
-                    dkEncr.prepare(saaj.getSOAPPart());
-                    
-                    addDerivedKeyElement(dkEncr.getdktElement());
-                    Element refList = dkEncr.encryptForExternalRef(null, encrParts);
-                    insertBeforeBottomUp(refList);
-                    return dkEncr;
-                } catch (Exception e) {
-                    LOG.log(Level.FINE, e.getMessage(), e);
-                    unassertPolicy(recToken, e);
-                }
+                return doEncryptionDerived(recToken, encrToken, encrParts, algorithmSuite);
             } else {
                 try {
                     WSSecEncrypt encr = new WSSecEncrypt();
@@ -539,7 +511,9 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
                     //Encrypt, get hold of the ref list and add it
                     if (externalRef) {
                         Element refList = encr.encryptForRef(null, encrParts);
-                        insertBeforeBottomUp(refList);
+                        if (refList != null) {
+                            insertBeforeBottomUp(refList);
+                        }
                         if (attachments != null) {
                             for (Element attachment : attachments) {
                                 this.insertBeforeBottomUp(attachment);
@@ -551,7 +525,9 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
                         this.addEncryptedKeyElement(encryptedKeyElement);
                         
                         // Add internal refs
-                        encryptedKeyElement.appendChild(refList);
+                        if (refList != null) {
+                            encryptedKeyElement.appendChild(refList);
+                        }
                         if (attachments != null) {
                             for (Element attachment : attachments) {
                                 this.addEncryptedKeyElement(attachment);
@@ -572,7 +548,48 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder
{
             }
         }
         return null;
-    }    
+    }
+    
+    private WSSecBase doEncryptionDerived(AbstractTokenWrapper recToken,
+                                     AbstractToken encrToken,
+                                     List<WSEncryptionPart> encrParts,
+                                     AlgorithmSuite algorithmSuite) {
+        try {
+            WSSecDKEncrypt dkEncr = new WSSecDKEncrypt();
+            dkEncr.setIdAllocator(wssConfig.getIdAllocator());
+            dkEncr.setCallbackLookup(callbackLookup);
+            dkEncr.setAttachmentCallbackHandler(new AttachmentCallbackHandler(message));
+            dkEncr.setStoreBytesInAttachment(storeBytesInAttachment);
+            if (recToken.getToken().getVersion() == SPConstants.SPVersion.SP11) {
+                dkEncr.setWscVersion(ConversationConstants.VERSION_05_02);
+            }
+
+            if (encrKey == null) {
+                setupEncryptedKey(recToken, encrToken);
+            }
+
+            dkEncr.setExternalKey(this.encryptedKeyValue, this.encryptedKeyId);
+            dkEncr.getParts().addAll(encrParts);
+            dkEncr.setCustomValueType(WSConstants.SOAPMESSAGE_NS11 + "#"
+                + WSConstants.ENC_KEY_VALUE_TYPE);
+            AlgorithmSuiteType algType = algorithmSuite.getAlgorithmSuiteType();
+            dkEncr.setSymmetricEncAlgorithm(algType.getEncryption());
+            dkEncr.setDerivedKeyLength(algType.getEncryptionDerivedKeyLength() / 8);
+            dkEncr.prepare(saaj.getSOAPPart());
+
+            addDerivedKeyElement(dkEncr.getdktElement());
+            Element refList = dkEncr.encryptForExternalRef(null, encrParts);
+            if (refList != null) {
+                insertBeforeBottomUp(refList);
+            }
+            return dkEncr;
+        } catch (Exception e) {
+            LOG.log(Level.FINE, e.getMessage(), e);
+            unassertPolicy(recToken, e);
+        }
+        
+        return null;
+    }
     
     private void assertUnusedTokens(AbstractTokenWrapper wrapper) {
         if (wrapper == null) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/5048d0b5/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
index 0aba026..5eb83fe 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
@@ -250,10 +250,11 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder
{
                         && !secondEncrParts.isEmpty()) {
                         secondRefList = ((WSSecDKEncrypt)encr).encryptForExternalRef(null,

                                 secondEncrParts);
-                        this.addDerivedKeyElement(secondRefList);
                     } else if (!secondEncrParts.isEmpty()) {
                         //Encrypt, get hold of the ref list and add it
                         secondRefList = ((WSSecEncrypt)encr).encryptForRef(null, secondEncrParts);
+                    }
+                    if (secondRefList != null) {
                         this.addDerivedKeyElement(secondRefList);
                     }
                 }
@@ -612,14 +613,18 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder
{
     
     private void addAttachmentsForEncryption(boolean atEnd, Element refList, List<Element>
attachments) {
         if (atEnd) {
-            this.insertBeforeBottomUp(refList);
+            if (refList != null) {
+                this.insertBeforeBottomUp(refList);
+            }
             if (attachments != null) {
                 for (Element attachment : attachments) {
                     this.insertBeforeBottomUp(attachment);
                 }
             }
         } else {
-            this.addDerivedKeyElement(refList);
+            if (refList != null) {
+                this.addDerivedKeyElement(refList);
+            }
             if (attachments != null) {
                 for (Element attachment : attachments) {
                     this.addDerivedKeyElement(attachment);


Mime
View raw message