Fixing backmerge
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2c2a1971 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2c2a1971 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2c2a1971 Branch: refs/heads/3.0.x-fixes Commit: 2c2a1971e781b874ddcb1b73ccccea627b919fa3 Parents: 3ed5a43 Author: Colm O hEigeartaigh <[email protected]> Authored: Tue Jul 7 18:18:27 2015 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Tue Jul 7 18:18:27 2015 +0100 ---------------------------------------------------------------------- .../ws/security/wss4j/CryptoCoverageUtil.java | 76 -------------------- 1 file changed, 76 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/2c2a1971/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java index d490a4c..412f7f8 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java @@ -22,7 +22,6 @@ package org.apache.cxf.ws.security.wss4j; import java.util.Arrays; import java.util.Collection; -import java.util.Iterator; import java.util.LinkedList; import java.util.List; import java.util.Map; @@ -64,39 +63,12 @@ public final class CryptoCoverageUtil { * * @param signedRefs references to the signed content in the message * @param encryptedRefs references to the encrypted content in the message - * - * TODO Replace the isSignedEncryptionRef when we pick up WSS4J 2.0.5, and directly - * check the encrypted Element instead of the WSDataRef (as per master code) */ public static void reconcileEncryptedSignedRefs(final Collection<WSDataRef> signedRefs, final Collection<WSDataRef> encryptedRefs) { final List<WSDataRef> encryptedSignedRefs = new LinkedList<WSDataRef>(); -<<<<<<< HEAD - for (WSDataRef encryptedRef : encryptedRefs) { - final Iterator<WSDataRef> signedRefsIt = signedRefs.iterator(); - while (signedRefsIt.hasNext()) { - final WSDataRef signedRef = signedRefsIt.next(); - - if (isSignedEncryptionRef(encryptedRef, signedRef)) { - - final WSDataRef encryptedSignedRef = new WSDataRef(); - encryptedSignedRef.setWsuId(signedRef.getWsuId()); - - encryptedSignedRef.setContent(false); - encryptedSignedRef.setName(encryptedRef.getName()); - encryptedSignedRef.setProtectedElement(encryptedRef - .getProtectedElement()); - // This value is the ID of the encrypted element, not - // the value of the ID in the decrypted content - // (WSS4J 1.5.8). Therefore, passing it along does - // not provide much value. - //encryptedSignedRef.setWsuId(encryptedRef.getWsuId()); - encryptedSignedRef.setXpath(encryptedRef.getXpath()); - - encryptedSignedRefs.add(encryptedSignedRef); -======= for (WSDataRef signedRef : signedRefs) { Element protectedElement = signedRef.getProtectedElement(); if (protectedElement != null @@ -122,7 +94,6 @@ public final class CryptoCoverageUtil { encryptedSignedRefs.add(encryptedSignedRef); break; } ->>>>>>> 4ddc8d5... An efficiency improvement when reconciling encrypted and signed refs } } } @@ -381,53 +352,6 @@ public final class CryptoCoverageUtil { } } - /** - * Determines if {@code signedRef} points to the encrypted content represented by - * {@code encryptedRef} using the following algorithm. - * - * <ol> - * <li>Check that the signed content is an XML Encryption element.</li> - * <li>Check that the reference Ids of the signed content and encrypted content - * (not the decrypted version of the encrypted content) match. Check that the - * reference Id of the signed content matches the reference Id of the encrypted - * content prepended with a #. - * <li>Check for other Id attributes on the signed element that may match the - * referenced identifier for the encrypted content. This is a workaround for - * WSS-242.</li> - * </ol> - * - * @param encryptedRef the ref representing the encrpted content - * @param signedRef the ref representing the signed content - */ - private static boolean isSignedEncryptionRef(WSDataRef encryptedRef, WSDataRef signedRef) { - - // Don't even bother if the signed element wasn't an XML Enc element. - if (!WSConstants.ENC_NS.equals(signedRef.getProtectedElement() - .getNamespaceURI())) { - return false; - } - - if (signedRef.getWsuId().equals(encryptedRef.getWsuId()) - || signedRef.getWsuId().equals("#" + encryptedRef.getWsuId())) { - return true; - } - - // There should be no other Ids on an EncryptedData or EncryptedKey element; - // however, WSS4J will happily add them on the outbound side. See WSS-242. - // The following code looks for the specific behavior that exists in - // 1.5.8 and earlier version. - - String wsuId = signedRef.getProtectedElement().getAttributeNS( - WSConstants.WSU_NS, "Id"); - - if (signedRef.getWsuId().equals(wsuId) - || signedRef.getWsuId().equals("#" + wsuId)) { - return true; - } - - return false; - } - private static boolean matchElement(Collection<WSDataRef> refs, CoverageType type, CoverageScope scope, Element el) { final boolean content;
