From commits-return-51808-archive-asf-public=cust-asf.ponee.io@cxf.apache.org Mon Jun 17 11:21:43 2019 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [207.244.88.153]) by mx-eu-01.ponee.io (Postfix) with SMTP id AC37318062B for ; Mon, 17 Jun 2019 13:21:43 +0200 (CEST) Received: (qmail 75552 invoked by uid 500); 17 Jun 2019 11:21:40 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 75524 invoked by uid 99); 17 Jun 2019 11:21:39 -0000 Received: from ec2-52-202-80-70.compute-1.amazonaws.com (HELO gitbox.apache.org) (52.202.80.70) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 17 Jun 2019 11:21:39 +0000 Received: by gitbox.apache.org (ASF Mail Server at gitbox.apache.org, from userid 33) id C1B0A87AD9; Mon, 17 Jun 2019 11:21:39 +0000 (UTC) Date: Mon, 17 Jun 2019 11:21:40 +0000 To: "commits@cxf.apache.org" Subject: [cxf] 02/09: WSSecEncryptedKey.getEphemeralKey() is removed in WSS4J MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit From: coheigea@apache.org In-Reply-To: <156077049863.18426.15450253584960457237@gitbox.apache.org> References: <156077049863.18426.15450253584960457237@gitbox.apache.org> X-Git-Host: gitbox.apache.org X-Git-Repo: cxf X-Git-Refname: refs/heads/wss4j_2.3.0 X-Git-Reftype: branch X-Git-Rev: 0fb54eada9a9439d55b8875a23e11dca7886b81c X-Git-NotificationType: diff X-Git-Multimail-Version: 1.5.dev Auto-Submitted: auto-generated Message-Id: <20190617112139.C1B0A87AD9@gitbox.apache.org> This is an automated email from the ASF dual-hosted git repository. coheigea pushed a commit to branch wss4j_2.3.0 in repository https://gitbox.apache.org/repos/asf/cxf.git commit 0fb54eada9a9439d55b8875a23e11dca7886b81c Author: Colm O hEigeartaigh AuthorDate: Mon Jan 28 12:00:06 2019 +0000 WSSecEncryptedKey.getEphemeralKey() is removed in WSS4J --- .../cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java | 2 +- .../ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java | 2 +- .../ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java | 4 ++-- .../ws/security/wss4j/policyhandlers/TransportBindingHandler.java | 2 +- .../cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java | 6 ------ .../test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java | 2 +- 6 files changed, 6 insertions(+), 12 deletions(-) diff --git a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java index f5f051c..35d3deb 100644 --- a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java +++ b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java @@ -213,7 +213,7 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler { encrKey.setKeyIdentifierType(WSConstants.ISSUER_SERIAL); encrKey.setUseThisCert(certs[0]); encrKey.prepare(null); - ephemeralKey = encrKey.getEphemeralKey(); + ephemeralKey = encrKey.getSymmetricKey().getEncoded(); Element encryptedKeyElement = encrKey.getEncryptedKeyElement(); // Append the EncryptedKey to a KeyInfo element diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java index df31bc7..40d6ee4 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java @@ -806,7 +806,7 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder { // Add the EncryptedKey this.addEncryptedKeyElement(encrKey.getEncryptedKeyElement()); - encryptedKeyValue = encrKey.getEphemeralKey(); + encryptedKeyValue = encrKey.getSymmetricKey().getEncoded(); encryptedKeyId = encrKey.getId(); } diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java index cc37da2..e56fc39 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java @@ -551,6 +551,7 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder { encr.setCustomReferenceValue(encrTok.getTokenType()); } encr.setEncKeyId(encrTokId); + encr.setSymmetricEncAlgorithm(algorithmSuite.getAlgorithmSuiteType().getEncryption()); encr.setEphemeralKey(encrTok.getSecret()); Crypto crypto = getEncryptionCrypto(); if (crypto != null) { @@ -558,7 +559,6 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder { } encr.setEncryptSymmKey(false); - encr.setSymmetricEncAlgorithm(algorithmSuite.getAlgorithmSuiteType().getEncryption()); encr.setMGFAlgorithm(algorithmSuite.getAlgorithmSuiteType().getMGFAlgo()); encr.setDigestAlgorithm(algorithmSuite.getAlgorithmSuiteType().getEncryptionDigest()); @@ -917,7 +917,7 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder { WSSecEncryptedKey encrKey = this.getEncryptedKeyBuilder(sigToken); assertTokenWrapper(wrapper); String id = encrKey.getId(); - byte[] secret = encrKey.getEphemeralKey(); + byte[] secret = encrKey.getSymmetricKey().getEncoded(); Instant created = Instant.now(); Instant expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L); diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java index 3a1b7c4..208d391 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java @@ -383,7 +383,7 @@ public class TransportBindingHandler extends AbstractBindingBuilder { AlgorithmSuiteType algType = binding.getAlgorithmSuite().getAlgorithmSuiteType(); dkSig.setDerivedKeyLength(algType.getSignatureDerivedKeyLength() / 8); - dkSig.setExternalKey(encrKey.getEphemeralKey(), encrKey.getId()); + dkSig.setExternalKey(encrKey.getSymmetricKey().getEncoded(), encrKey.getId()); dkSig.prepare(); diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java index 750aa90..0e54cf2 100644 --- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java +++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java @@ -59,7 +59,6 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler { protected X509Certificate[] certs; protected Statement statement = Statement.AUTHN; protected CERT_IDENTIFIER certIdentifier = CERT_IDENTIFIER.X509_CERT; - protected byte[] ephemeralKey; protected boolean multiValue = true; public void setConfirmationMethod(String confMethod) { @@ -78,10 +77,6 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler { this.certs = certs; } - public byte[] getEphemeralKey() { - return ephemeralKey; - } - /** * Note that the SubjectBean parameter should be null for SAML2.0 */ @@ -176,7 +171,6 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler { encrKey.setKeyIdentifierType(WSConstants.X509_KEY_IDENTIFIER); encrKey.setUseThisCert(certs[0]); encrKey.prepare(null); - ephemeralKey = encrKey.getEphemeralKey(); Element encryptedKeyElement = encrKey.getEncryptedKeyElement(); // Append the EncryptedKey to a KeyInfo element diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java index 0a31958..4dc76c8 100644 --- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java +++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java @@ -841,7 +841,7 @@ public class IssueSamlUnitTest { builder.prepare(stsProperties.getSignatureCrypto()); Element encryptedKeyElement = builder.getEncryptedKeyElement(); - byte[] secret = builder.getEphemeralKey(); + byte[] secret = builder.getSymmetricKey().getEncoded(); EntropyType entropyType = new EntropyType(); entropyType.getAny().add(encryptedKeyElement);