cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/3] cxf git commit: Some refactoring due to WSS-549
Date Tue, 04 Aug 2015 11:16:33 GMT
Some refactoring due to WSS-549

Conflicts:
	rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/755a1a5c
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/755a1a5c
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/755a1a5c

Branch: refs/heads/3.0.x-fixes
Commit: 755a1a5cac5ebc32d1cdd5df795aff6e9b9de6c5
Parents: e0157c4
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue Aug 4 12:00:46 2015 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue Aug 4 12:01:43 2015 +0100

----------------------------------------------------------------------
 .../AsymmetricBindingHandler.java               | 59 ++++++++++++++++++--
 .../policyhandlers/SymmetricBindingHandler.java | 11 +++-
 2 files changed, 63 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/755a1a5c/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
index 3a5edea..7fa6873 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
@@ -416,7 +416,9 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
             try {
                 Element secondRefList = 
                     ((WSSecDKEncrypt)encrBase).encryptForExternalRef(null, secondEncrParts);
-                ((WSSecDKEncrypt)encrBase).addExternalRefElement(secondRefList, secHeader);
+                if (secondRefList != null) {
+                    ((WSSecDKEncrypt)encrBase).addExternalRefElement(secondRefList, secHeader);
+                }
 
             } catch (WSSecurityException ex) {
                 LOG.log(Level.FINE, ex.getMessage(), ex);
@@ -452,6 +454,7 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
             assertPolicy(encrToken);
             AlgorithmSuite algorithmSuite = abinding.getAlgorithmSuite();
             if (encrToken.getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
+<<<<<<< HEAD
                 try {
                     WSSecDKEncrypt dkEncr = new WSSecDKEncrypt(wssConfig);
                     dkEncr.setAttachmentCallbackHandler(new AttachmentCallbackHandler(message));
@@ -481,6 +484,9 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
                     LOG.log(Level.FINE, e.getMessage(), e);
                     policyNotAsserted(recToken, e);
                 }
+=======
+                return doEncryptionDerived(recToken, encrToken, encrParts, algorithmSuite);
+>>>>>>> 5048d0b... Some refactoring due to WSS-549
             } else {
                 try {
                     WSSecEncrypt encr = new WSSecEncrypt(wssConfig);
@@ -535,7 +541,9 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
                     //Encrypt, get hold of the ref list and add it
                     if (externalRef) {
                         Element refList = encr.encryptForRef(null, encrParts);
-                        insertBeforeBottomUp(refList);
+                        if (refList != null) {
+                            insertBeforeBottomUp(refList);
+                        }
                         if (attachments != null) {
                             for (Element attachment : attachments) {
                                 this.insertBeforeBottomUp(attachment);
@@ -547,7 +555,9 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
                         this.addEncryptedKeyElement(encryptedKeyElement);
                         
                         // Add internal refs
-                        encryptedKeyElement.appendChild(refList);
+                        if (refList != null) {
+                            encryptedKeyElement.appendChild(refList);
+                        }
                         if (attachments != null) {
                             for (Element attachment : attachments) {
                                 this.addEncryptedKeyElement(attachment);
@@ -568,7 +578,48 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder
{
             }
         }
         return null;
-    }    
+    }
+    
+    private WSSecBase doEncryptionDerived(AbstractTokenWrapper recToken,
+                                     AbstractToken encrToken,
+                                     List<WSEncryptionPart> encrParts,
+                                     AlgorithmSuite algorithmSuite) {
+        try {
+            WSSecDKEncrypt dkEncr = new WSSecDKEncrypt();
+            dkEncr.setIdAllocator(wssConfig.getIdAllocator());
+            dkEncr.setCallbackLookup(callbackLookup);
+            dkEncr.setAttachmentCallbackHandler(new AttachmentCallbackHandler(message));
+            dkEncr.setStoreBytesInAttachment(storeBytesInAttachment);
+            if (recToken.getToken().getVersion() == SPConstants.SPVersion.SP11) {
+                dkEncr.setWscVersion(ConversationConstants.VERSION_05_02);
+            }
+
+            if (encrKey == null) {
+                setupEncryptedKey(recToken, encrToken);
+            }
+
+            dkEncr.setExternalKey(this.encryptedKeyValue, this.encryptedKeyId);
+            dkEncr.getParts().addAll(encrParts);
+            dkEncr.setCustomValueType(WSConstants.SOAPMESSAGE_NS11 + "#"
+                + WSConstants.ENC_KEY_VALUE_TYPE);
+            AlgorithmSuiteType algType = algorithmSuite.getAlgorithmSuiteType();
+            dkEncr.setSymmetricEncAlgorithm(algType.getEncryption());
+            dkEncr.setDerivedKeyLength(algType.getEncryptionDerivedKeyLength() / 8);
+            dkEncr.prepare(saaj.getSOAPPart());
+
+            addDerivedKeyElement(dkEncr.getdktElement());
+            Element refList = dkEncr.encryptForExternalRef(null, encrParts);
+            if (refList != null) {
+                insertBeforeBottomUp(refList);
+            }
+            return dkEncr;
+        } catch (Exception e) {
+            LOG.log(Level.FINE, e.getMessage(), e);
+            unassertPolicy(recToken, e);
+        }
+        
+        return null;
+    }
     
     private void assertUnusedTokens(AbstractTokenWrapper wrapper) {
         if (wrapper == null) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/755a1a5c/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
index 451e2d2..9437a59 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
@@ -248,10 +248,11 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder
{
                         && !secondEncrParts.isEmpty()) {
                         secondRefList = ((WSSecDKEncrypt)encr).encryptForExternalRef(null,

                                 secondEncrParts);
-                        this.addDerivedKeyElement(secondRefList);
                     } else if (!secondEncrParts.isEmpty()) {
                         //Encrypt, get hold of the ref list and add it
                         secondRefList = ((WSSecEncrypt)encr).encryptForRef(null, secondEncrParts);
+                    }
+                    if (secondRefList != null) {
                         this.addDerivedKeyElement(secondRefList);
                     }
                 }
@@ -605,14 +606,18 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder
{
     
     private void addAttachmentsForEncryption(boolean atEnd, Element refList, List<Element>
attachments) {
         if (atEnd) {
-            this.insertBeforeBottomUp(refList);
+            if (refList != null) {
+                this.insertBeforeBottomUp(refList);
+            }
             if (attachments != null) {
                 for (Element attachment : attachments) {
                     this.insertBeforeBottomUp(attachment);
                 }
             }
         } else {
-            this.addDerivedKeyElement(refList);
+            if (refList != null) {
+                this.addDerivedKeyElement(refList);
+            }
             if (attachments != null) {
                 for (Element attachment : attachments) {
                     this.addDerivedKeyElement(attachment);


Mime
View raw message