cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [cxf] 02/09: WSSecEncryptedKey.getEphemeralKey() is removed in WSS4J
Date Mon, 17 Jun 2019 11:21:40 GMT
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch wss4j_2.3.0
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit 0fb54eada9a9439d55b8875a23e11dca7886b81c
Author: Colm O hEigeartaigh <coheigea@apache.org>
AuthorDate: Mon Jan 28 12:00:06 2019 +0000

    WSSecEncryptedKey.getEphemeralKey() is removed in WSS4J
---
 .../cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java       | 2 +-
 .../ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java  | 2 +-
 .../ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java   | 4 ++--
 .../ws/security/wss4j/policyhandlers/TransportBindingHandler.java   | 2 +-
 .../cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java     | 6 ------
 .../test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java   | 2 +-
 6 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java
b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java
index f5f051c..35d3deb 100644
--- a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java
+++ b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java
@@ -213,7 +213,7 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler
{
             encrKey.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
             encrKey.setUseThisCert(certs[0]);
             encrKey.prepare(null);
-            ephemeralKey = encrKey.getEphemeralKey();
+            ephemeralKey = encrKey.getSymmetricKey().getEncoded();
             Element encryptedKeyElement = encrKey.getEncryptedKeyElement();
 
             // Append the EncryptedKey to a KeyInfo element
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
index df31bc7..40d6ee4 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
@@ -806,7 +806,7 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
 
         // Add the EncryptedKey
         this.addEncryptedKeyElement(encrKey.getEncryptedKeyElement());
-        encryptedKeyValue = encrKey.getEphemeralKey();
+        encryptedKeyValue = encrKey.getSymmetricKey().getEncoded();
         encryptedKeyId = encrKey.getId();
     }
 
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
index cc37da2..e56fc39 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
@@ -551,6 +551,7 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
                     encr.setCustomReferenceValue(encrTok.getTokenType());
                 }
                 encr.setEncKeyId(encrTokId);
+                encr.setSymmetricEncAlgorithm(algorithmSuite.getAlgorithmSuiteType().getEncryption());
                 encr.setEphemeralKey(encrTok.getSecret());
                 Crypto crypto = getEncryptionCrypto();
                 if (crypto != null) {
@@ -558,7 +559,6 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
                 }
 
                 encr.setEncryptSymmKey(false);
-                encr.setSymmetricEncAlgorithm(algorithmSuite.getAlgorithmSuiteType().getEncryption());
                 encr.setMGFAlgorithm(algorithmSuite.getAlgorithmSuiteType().getMGFAlgo());
                 encr.setDigestAlgorithm(algorithmSuite.getAlgorithmSuiteType().getEncryptionDigest());
 
@@ -917,7 +917,7 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
         WSSecEncryptedKey encrKey = this.getEncryptedKeyBuilder(sigToken);
         assertTokenWrapper(wrapper);
         String id = encrKey.getId();
-        byte[] secret = encrKey.getEphemeralKey();
+        byte[] secret = encrKey.getSymmetricKey().getEncoded();
 
         Instant created = Instant.now();
         Instant expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message)
/ 1000L);
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
index 3a1b7c4..208d391 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
@@ -383,7 +383,7 @@ public class TransportBindingHandler extends AbstractBindingBuilder {
             AlgorithmSuiteType algType = binding.getAlgorithmSuite().getAlgorithmSuiteType();
             dkSig.setDerivedKeyLength(algType.getSignatureDerivedKeyLength() / 8);
 
-            dkSig.setExternalKey(encrKey.getEphemeralKey(), encrKey.getId());
+            dkSig.setExternalKey(encrKey.getSymmetricKey().getEncoded(), encrKey.getId());
 
             dkSig.prepare();
 
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java
b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java
index 750aa90..0e54cf2 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java
@@ -59,7 +59,6 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler
{
     protected X509Certificate[] certs;
     protected Statement statement = Statement.AUTHN;
     protected CERT_IDENTIFIER certIdentifier = CERT_IDENTIFIER.X509_CERT;
-    protected byte[] ephemeralKey;
     protected boolean multiValue = true;
 
     public void setConfirmationMethod(String confMethod) {
@@ -78,10 +77,6 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler
{
         this.certs = certs;
     }
 
-    public byte[] getEphemeralKey() {
-        return ephemeralKey;
-    }
-
     /**
      * Note that the SubjectBean parameter should be null for SAML2.0
      */
@@ -176,7 +171,6 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler
{
             encrKey.setKeyIdentifierType(WSConstants.X509_KEY_IDENTIFIER);
             encrKey.setUseThisCert(certs[0]);
             encrKey.prepare(null);
-            ephemeralKey = encrKey.getEphemeralKey();
             Element encryptedKeyElement = encrKey.getEncryptedKeyElement();
 
             // Append the EncryptedKey to a KeyInfo element
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
index 0a31958..4dc76c8 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
@@ -841,7 +841,7 @@ public class IssueSamlUnitTest {
 
         builder.prepare(stsProperties.getSignatureCrypto());
         Element encryptedKeyElement = builder.getEncryptedKeyElement();
-        byte[] secret = builder.getEphemeralKey();
+        byte[] secret = builder.getSymmetricKey().getEncoded();
 
         EntropyType entropyType = new EntropyType();
         entropyType.getAny().add(encryptedKeyElement);


Mime
View raw message