ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1241505 - in /webservices/wss4j/branches/swssf: streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/ streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/ streaming-xml-security/src/main/java/org/swssf...
Date Tue, 07 Feb 2012 16:03:25 GMT
Author: coheigea
Date: Tue Feb  7 16:03:25 2012
New Revision: 1241505

URL: http://svn.apache.org/viewvc?rev=1241505&view=rev
Log:
Reverting some unintended commits

Modified:
    webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/DecryptInputProcessor.java
    webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptOutputProcessor.java
    webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractDecryptInputProcessor.java

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/DecryptInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/DecryptInputProcessor.java?rev=1241505&r1=1241504&r2=1241505&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/DecryptInputProcessor.java
(original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/DecryptInputProcessor.java
Tue Feb  7 16:03:25 2012
@@ -18,11 +18,6 @@
  */
 package org.swssf.wss.impl.processor.input;
 
-import java.util.List;
-
-import javax.xml.namespace.QName;
-import javax.xml.stream.events.XMLEvent;
-
 import org.swssf.binding.xmldsig.KeyInfoType;
 import org.swssf.binding.xmlenc.EncryptedDataType;
 import org.swssf.binding.xmlenc.ReferenceList;
@@ -34,16 +29,12 @@ import org.swssf.wss.securityEvent.Conte
 import org.swssf.wss.securityEvent.EncryptedElementSecurityEvent;
 import org.swssf.wss.securityEvent.EncryptedPartSecurityEvent;
 import org.swssf.wss.securityEvent.TokenSecurityEvent;
-import org.swssf.xmlsec.ext.ComparableAttribute;
-import org.swssf.xmlsec.ext.ComparableNamespace;
-import org.swssf.xmlsec.ext.InputProcessorChain;
-import org.swssf.xmlsec.ext.SecurePart;
-import org.swssf.xmlsec.ext.SecurityContext;
-import org.swssf.xmlsec.ext.SecurityToken;
-import org.swssf.xmlsec.ext.XMLSecurityException;
-import org.swssf.xmlsec.ext.XMLSecurityProperties;
+import org.swssf.xmlsec.ext.*;
 import org.swssf.xmlsec.impl.processor.input.AbstractDecryptInputProcessor;
-import org.swssf.xmlsec.impl.securityToken.SecurityTokenFactory;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.events.XMLEvent;
+import java.util.List;
 
 /**
  * Processor for decryption of EncryptedData XML structures
@@ -91,15 +82,6 @@ public class DecryptInputProcessor exten
                 this,
                 securityToken);
     }
-    
-    @Override
-    protected SecurityToken findSecurityToken(
-            KeyInfoType keyInfoType, XMLSecurityProperties securityProperties,
-            SecurityContext securityContext, Object processor) throws XMLSecurityException
{
-        return SecurityTokenFactory.newInstance().getSecurityToken(
-                keyInfoType, getSecurityProperties().getDecryptionCrypto(),
-                getSecurityProperties().getCallbackHandler(), securityContext, processor);
-    }
 
     @Override
     protected void handleSecurityToken(

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptOutputProcessor.java?rev=1241505&r1=1241504&r2=1241505&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptOutputProcessor.java
(original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptOutputProcessor.java
Tue Feb  7 16:03:25 2012
@@ -18,27 +18,26 @@
  */
 package org.swssf.wss.impl.processor.output;
 
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
+import org.swssf.wss.ext.WSSConstants;
+import org.swssf.wss.ext.WSSDocumentContext;
+import org.swssf.wss.ext.WSSSecurityProperties;
+import org.swssf.xmlsec.ext.*;
+import org.swssf.xmlsec.impl.EncryptionPartDef;
+import org.swssf.xmlsec.impl.processor.output.AbstractEncryptOutputProcessor;
 
 import javax.crypto.NoSuchPaddingException;
 import javax.xml.namespace.QName;
 import javax.xml.stream.XMLStreamException;
 import javax.xml.stream.events.Attribute;
 import javax.xml.stream.events.StartElement;
-
-import org.swssf.wss.ext.WSSConstants;
-import org.swssf.wss.ext.WSSDocumentContext;
-import org.swssf.wss.ext.WSSSecurityProperties;
-import org.swssf.xmlsec.ext.OutputProcessorChain;
-import org.swssf.xmlsec.ext.XMLSecurityConstants;
-import org.swssf.xmlsec.ext.XMLSecurityException;
-import org.swssf.xmlsec.impl.EncryptionPartDef;
-import org.swssf.xmlsec.impl.processor.output.XMLEncryptOutputProcessor;
+import javax.xml.stream.events.XMLEvent;
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.UUID;
 
 /**
  * Processor to encrypt XML structures
@@ -46,37 +45,58 @@ import org.swssf.xmlsec.impl.processor.o
  * @author $Author$
  * @version $Revision$ $Date$
  */
-public class EncryptOutputProcessor extends XMLEncryptOutputProcessor {
+public class EncryptOutputProcessor extends AbstractEncryptOutputProcessor {
 
     public EncryptOutputProcessor(WSSSecurityProperties securityProperties, XMLSecurityConstants.Action
action) throws XMLSecurityException {
         super(securityProperties, action);
     }
-    
-    /**
-     * Return InternalEncryptionOutputProcessor, which writes out a SecurityTokenReference
in the KeyInfo
-     * of the EncryptedData
-     */
+
     @Override
-    protected AbstractInternalEncryptionOutputProcessor createInternalEncryptionOutputProcessor(
-        EncryptionPartDef encryptionPartDef,
-        StartElement startElement,
-        OutputProcessorChain outputProcessorChain
-    ) throws XMLStreamException, XMLSecurityException {
-        try {
-            return new InternalEncryptionOutputProcessor((WSSSecurityProperties)getSecurityProperties(),
+    public void processEvent(XMLEvent xmlEvent, OutputProcessorChain outputProcessorChain)
throws XMLStreamException, XMLSecurityException {
+
+        if (xmlEvent.isStartElement()) {
+            StartElement startElement = xmlEvent.asStartElement();
+
+            //avoid double encryption when child elements matches too
+            if (getActiveInternalEncryptionOutputProcessor() == null) {
+                SecurePart securePart = securePartMatches(startElement, outputProcessorChain,
securityProperties.getEncryptionSecureParts());
+                if (securePart != null) {
+                    logger.debug("Matched securePart for encryption");
+                    InternalEncryptionOutputProcessor internalEncryptionOutputProcessor =
null;
+                    try {
+                        String tokenId = outputProcessorChain.getSecurityContext().get(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
+                        SecurityTokenProvider securityTokenProvider = outputProcessorChain.getSecurityContext().getSecurityTokenProvider(tokenId);
+                        EncryptionPartDef encryptionPartDef = new EncryptionPartDef();
+                        encryptionPartDef.setModifier(securePart.getModifier());
+                        encryptionPartDef.setEncRefId("ED-" + UUID.randomUUID().toString());
+                        encryptionPartDef.setKeyId(securityTokenProvider.getId());
+                        encryptionPartDef.setSymmetricKey(securityTokenProvider.getSecurityToken(null).getSecretKey(getSecurityProperties().getEncryptionSymAlgorithm(),
null));
+                        outputProcessorChain.getSecurityContext().putAsList(EncryptionPartDef.class,
encryptionPartDef);
+                        internalEncryptionOutputProcessor =
+                                new InternalEncryptionOutputProcessor(
+                                        ((WSSSecurityProperties) getSecurityProperties()),
                                         getAction(),
                                         encryptionPartDef,
                                         startElement,
-                                        outputProcessorChain.getDocumentContext().getEncoding());
-        } catch (NoSuchAlgorithmException e) {
-            throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_ENCRYPTION,
e);
-        } catch (NoSuchPaddingException e) {
-            throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_ENCRYPTION,
e);
-        } catch (InvalidKeyException e) {
-            throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_ENCRYPTION,
e);
-        } catch (IOException e) {
-            throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_ENCRYPTION,
e);
+                                        outputProcessorChain.getDocumentContext().getEncoding()
+                                );
+                    } catch (NoSuchAlgorithmException e) {
+                        throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_ENCRYPTION,
e);
+                    } catch (NoSuchPaddingException e) {
+                        throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_ENCRYPTION,
e);
+                    } catch (InvalidKeyException e) {
+                        throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_ENCRYPTION,
e);
+                    } catch (IOException e) {
+                        throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_ENCRYPTION,
e);
+                    }
+
+                    setActiveInternalEncryptionOutputProcessor(internalEncryptionOutputProcessor);
+                    outputProcessorChain.addProcessor(internalEncryptionOutputProcessor);
+                }
+            }
         }
+
+        outputProcessorChain.processEvent(xmlEvent);
     }
 
     /**

Modified: webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractDecryptInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractDecryptInputProcessor.java?rev=1241505&r1=1241504&r2=1241505&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractDecryptInputProcessor.java
(original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractDecryptInputProcessor.java
Tue Feb  7 16:03:25 2012
@@ -18,24 +18,18 @@
  */
 package org.swssf.xmlsec.impl.processor.input;
 
-import java.io.BufferedWriter;
-import java.io.FilterOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.io.OutputStreamWriter;
-import java.io.PipedInputStream;
-import java.io.PipedOutputStream;
-import java.security.Key;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.util.ArrayDeque;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Deque;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.UUID;
+import org.apache.commons.codec.binary.Base64OutputStream;
+import org.swssf.binding.xmldsig.KeyInfoType;
+import org.swssf.binding.xmlenc.EncryptedDataType;
+import org.swssf.binding.xmlenc.ReferenceList;
+import org.swssf.binding.xmlenc.ReferenceType;
+import org.swssf.xmlsec.config.JCEAlgorithmMapper;
+import org.swssf.xmlsec.ext.*;
+import org.swssf.xmlsec.impl.XMLSecurityEventReader;
+import org.swssf.xmlsec.impl.securityToken.SecurityTokenFactory;
+import org.swssf.xmlsec.impl.util.IVSplittingOutputStream;
+import org.swssf.xmlsec.impl.util.ReplaceableOuputStream;
+import org.xmlsecurity.ns.configuration.AlgorithmType;
 
 import javax.crypto.Cipher;
 import javax.crypto.CipherOutputStream;
@@ -51,30 +45,11 @@ import javax.xml.stream.XMLStreamExcepti
 import javax.xml.stream.events.Attribute;
 import javax.xml.stream.events.StartElement;
 import javax.xml.stream.events.XMLEvent;
-
-import org.apache.commons.codec.binary.Base64OutputStream;
-import org.swssf.binding.xmldsig.KeyInfoType;
-import org.swssf.binding.xmlenc.EncryptedDataType;
-import org.swssf.binding.xmlenc.ReferenceList;
-import org.swssf.binding.xmlenc.ReferenceType;
-import org.swssf.xmlsec.config.JCEAlgorithmMapper;
-import org.swssf.xmlsec.ext.AbstractInputProcessor;
-import org.swssf.xmlsec.ext.ComparableAttribute;
-import org.swssf.xmlsec.ext.ComparableNamespace;
-import org.swssf.xmlsec.ext.InputProcessorChain;
-import org.swssf.xmlsec.ext.SecurePart;
-import org.swssf.xmlsec.ext.SecurityContext;
-import org.swssf.xmlsec.ext.SecurityToken;
-import org.swssf.xmlsec.ext.UncheckedXMLSecurityException;
-import org.swssf.xmlsec.ext.XMLEventNS;
-import org.swssf.xmlsec.ext.XMLSecurityConstants;
-import org.swssf.xmlsec.ext.XMLSecurityException;
-import org.swssf.xmlsec.ext.XMLSecurityProperties;
-import org.swssf.xmlsec.ext.XMLSecurityUtils;
-import org.swssf.xmlsec.impl.XMLSecurityEventReader;
-import org.swssf.xmlsec.impl.util.IVSplittingOutputStream;
-import org.swssf.xmlsec.impl.util.ReplaceableOuputStream;
-import org.xmlsecurity.ns.configuration.AlgorithmType;
+import java.io.*;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.util.*;
 
 /**
  * Processor for decryption of EncryptedData XML structures
@@ -94,10 +69,6 @@ public abstract class AbstractDecryptInp
 
     private ArrayDeque<XMLEvent> tmpXmlEventList = new ArrayDeque<XMLEvent>();
 
-    public AbstractDecryptInputProcessor(XMLSecurityProperties securityProperties) {
-        super(securityProperties);
-    }
-    
     public AbstractDecryptInputProcessor(ReferenceList referenceList, XMLSecurityProperties
securityProperties) {
         super(securityProperties);
         this.referenceList = referenceList;
@@ -181,7 +152,7 @@ public abstract class AbstractDecryptInp
             //check if the current start-element has the name EncryptedData and an Id attribute
             if (startElement.getName().equals(XMLSecurityConstants.TAG_xenc_EncryptedData))
{
                 ReferenceType referenceType = matchesReferenceId(startElement);
-                if (referenceType != null || referenceList == null) {
+                if (referenceType != null) {
                     //duplicate id's are forbidden
                     if (processedReferences.contains(referenceType)) {
                         throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_CHECK,
"duplicateId");
@@ -255,15 +226,11 @@ public abstract class AbstractDecryptInp
                     final String algorithmURI = encryptedDataType.getEncryptionMethod().getAlgorithm();
 
                     //retrieve the securityToken which must be used for decryption
-                    SecurityToken securityToken = 
-                            findSecurityToken(keyInfoType, getSecurityProperties(), 
-                                    inputProcessorChain.getSecurityContext(), this);
-                    if (securityToken != null) {
-                        handleSecurityToken(
-                            securityToken, inputProcessorChain.getSecurityContext(), encryptedDataType
-                        );
-                    }
-                    
+                    SecurityToken securityToken = SecurityTokenFactory.newInstance().getSecurityToken(
+                            keyInfoType, getSecurityProperties().getDecryptionCrypto(),
+                            getSecurityProperties().getCallbackHandler(), inputProcessorChain.getSecurityContext(),
this);
+
+                    handleSecurityToken(securityToken, inputProcessorChain.getSecurityContext(),
encryptedDataType);
                     //only fire here ContentEncryptedElementEvents
                     //the other ones will be fired later, because we don't know the encrypted
element name yet
                     if (SecurePart.Modifier.Content.getModifier().equals(encryptedDataType.getType()))
{
@@ -356,10 +323,6 @@ public abstract class AbstractDecryptInp
             boolean encryptedHeader, List<ComparableNamespace>[] comparableNamespaceList,
             List<ComparableAttribute>[] comparableAttributeList, EncryptedDataType
currentEncryptedDataType, SecurityToken securityToken);
 
-    protected abstract SecurityToken findSecurityToken(
-            KeyInfoType keyInfoType, XMLSecurityProperties securityProperties,
-            SecurityContext securityContext, Object processor) throws XMLSecurityException;
-    
     protected abstract void handleSecurityToken(
             SecurityToken securityToken, SecurityContext securityContext, EncryptedDataType
encryptedDataType) throws XMLSecurityException;
 
@@ -387,14 +350,12 @@ public abstract class AbstractDecryptInp
     @Override
     public void doFinal(InputProcessorChain inputProcessorChain) throws XMLStreamException,
XMLSecurityException {
         //here we check if all references where processed.
-        if (referenceList != null) {
-            List<JAXBElement<ReferenceType>> references = referenceList.getDataReferenceOrKeyReference();
-            Iterator<JAXBElement<ReferenceType>> referenceTypeIterator = references.iterator();
-            while (referenceTypeIterator.hasNext()) {
-                ReferenceType referenceType = referenceTypeIterator.next().getValue();
-                if (!processedReferences.contains(referenceType)) {
-                    throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_CHECK,
"unprocessedEncryptionReferences");
-                }
+        List<JAXBElement<ReferenceType>> references = referenceList.getDataReferenceOrKeyReference();
+        Iterator<JAXBElement<ReferenceType>> referenceTypeIterator = references.iterator();
+        while (referenceTypeIterator.hasNext()) {
+            ReferenceType referenceType = referenceTypeIterator.next().getValue();
+            if (!processedReferences.contains(referenceType)) {
+                throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_CHECK,
"unprocessedEncryptionReferences");
             }
         }
         inputProcessorChain.doFinal();



Mime
View raw message