Some refactoring due to WSS-549
Conflicts:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/755a1a5c
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/755a1a5c
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/755a1a5c
Branch: refs/heads/3.0.x-fixes
Commit: 755a1a5cac5ebc32d1cdd5df795aff6e9b9de6c5
Parents: e0157c4
Author: Colm O hEigeartaigh <[email protected]>
Authored: Tue Aug 4 12:00:46 2015 +0100
Committer: Colm O hEigeartaigh <[email protected]>
Committed: Tue Aug 4 12:01:43 2015 +0100
----------------------------------------------------------------------
.../AsymmetricBindingHandler.java | 59 ++++++++++++++++++--
.../policyhandlers/SymmetricBindingHandler.java | 11 +++-
2 files changed, 63 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/755a1a5c/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
index 3a5edea..7fa6873 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
@@ -416,7 +416,9 @@ public class AsymmetricBindingHandler extends
AbstractBindingBuilder {
try {
Element secondRefList =
((WSSecDKEncrypt)encrBase).encryptForExternalRef(null,
secondEncrParts);
-
((WSSecDKEncrypt)encrBase).addExternalRefElement(secondRefList, secHeader);
+ if (secondRefList != null) {
+
((WSSecDKEncrypt)encrBase).addExternalRefElement(secondRefList, secHeader);
+ }
} catch (WSSecurityException ex) {
LOG.log(Level.FINE, ex.getMessage(), ex);
@@ -452,6 +454,7 @@ public class AsymmetricBindingHandler extends
AbstractBindingBuilder {
assertPolicy(encrToken);
AlgorithmSuite algorithmSuite = abinding.getAlgorithmSuite();
if (encrToken.getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
+<<<<<<< HEAD
try {
WSSecDKEncrypt dkEncr = new WSSecDKEncrypt(wssConfig);
dkEncr.setAttachmentCallbackHandler(new
AttachmentCallbackHandler(message));
@@ -481,6 +484,9 @@ public class AsymmetricBindingHandler extends
AbstractBindingBuilder {
LOG.log(Level.FINE, e.getMessage(), e);
policyNotAsserted(recToken, e);
}
+=======
+ return doEncryptionDerived(recToken, encrToken, encrParts,
algorithmSuite);
+>>>>>>> 5048d0b... Some refactoring due to WSS-549
} else {
try {
WSSecEncrypt encr = new WSSecEncrypt(wssConfig);
@@ -535,7 +541,9 @@ public class AsymmetricBindingHandler extends
AbstractBindingBuilder {
//Encrypt, get hold of the ref list and add it
if (externalRef) {
Element refList = encr.encryptForRef(null, encrParts);
- insertBeforeBottomUp(refList);
+ if (refList != null) {
+ insertBeforeBottomUp(refList);
+ }
if (attachments != null) {
for (Element attachment : attachments) {
this.insertBeforeBottomUp(attachment);
@@ -547,7 +555,9 @@ public class AsymmetricBindingHandler extends
AbstractBindingBuilder {
this.addEncryptedKeyElement(encryptedKeyElement);
// Add internal refs
- encryptedKeyElement.appendChild(refList);
+ if (refList != null) {
+ encryptedKeyElement.appendChild(refList);
+ }
if (attachments != null) {
for (Element attachment : attachments) {
this.addEncryptedKeyElement(attachment);
@@ -568,7 +578,48 @@ public class AsymmetricBindingHandler extends
AbstractBindingBuilder {
}
}
return null;
- }
+ }
+
+ private WSSecBase doEncryptionDerived(AbstractTokenWrapper recToken,
+ AbstractToken encrToken,
+ List<WSEncryptionPart> encrParts,
+ AlgorithmSuite algorithmSuite) {
+ try {
+ WSSecDKEncrypt dkEncr = new WSSecDKEncrypt();
+ dkEncr.setIdAllocator(wssConfig.getIdAllocator());
+ dkEncr.setCallbackLookup(callbackLookup);
+ dkEncr.setAttachmentCallbackHandler(new
AttachmentCallbackHandler(message));
+ dkEncr.setStoreBytesInAttachment(storeBytesInAttachment);
+ if (recToken.getToken().getVersion() ==
SPConstants.SPVersion.SP11) {
+ dkEncr.setWscVersion(ConversationConstants.VERSION_05_02);
+ }
+
+ if (encrKey == null) {
+ setupEncryptedKey(recToken, encrToken);
+ }
+
+ dkEncr.setExternalKey(this.encryptedKeyValue, this.encryptedKeyId);
+ dkEncr.getParts().addAll(encrParts);
+ dkEncr.setCustomValueType(WSConstants.SOAPMESSAGE_NS11 + "#"
+ + WSConstants.ENC_KEY_VALUE_TYPE);
+ AlgorithmSuiteType algType =
algorithmSuite.getAlgorithmSuiteType();
+ dkEncr.setSymmetricEncAlgorithm(algType.getEncryption());
+ dkEncr.setDerivedKeyLength(algType.getEncryptionDerivedKeyLength()
/ 8);
+ dkEncr.prepare(saaj.getSOAPPart());
+
+ addDerivedKeyElement(dkEncr.getdktElement());
+ Element refList = dkEncr.encryptForExternalRef(null, encrParts);
+ if (refList != null) {
+ insertBeforeBottomUp(refList);
+ }
+ return dkEncr;
+ } catch (Exception e) {
+ LOG.log(Level.FINE, e.getMessage(), e);
+ unassertPolicy(recToken, e);
+ }
+
+ return null;
+ }
private void assertUnusedTokens(AbstractTokenWrapper wrapper) {
if (wrapper == null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/755a1a5c/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
index 451e2d2..9437a59 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
@@ -248,10 +248,11 @@ public class SymmetricBindingHandler extends
AbstractBindingBuilder {
&& !secondEncrParts.isEmpty()) {
secondRefList =
((WSSecDKEncrypt)encr).encryptForExternalRef(null,
secondEncrParts);
- this.addDerivedKeyElement(secondRefList);
} else if (!secondEncrParts.isEmpty()) {
//Encrypt, get hold of the ref list and add it
secondRefList =
((WSSecEncrypt)encr).encryptForRef(null, secondEncrParts);
+ }
+ if (secondRefList != null) {
this.addDerivedKeyElement(secondRefList);
}
}
@@ -605,14 +606,18 @@ public class SymmetricBindingHandler extends
AbstractBindingBuilder {
private void addAttachmentsForEncryption(boolean atEnd, Element refList,
List<Element> attachments) {
if (atEnd) {
- this.insertBeforeBottomUp(refList);
+ if (refList != null) {
+ this.insertBeforeBottomUp(refList);
+ }
if (attachments != null) {
for (Element attachment : attachments) {
this.insertBeforeBottomUp(attachment);
}
}
} else {
- this.addDerivedKeyElement(refList);
+ if (refList != null) {
+ this.addDerivedKeyElement(refList);
+ }
if (attachments != null) {
for (Element attachment : attachments) {
this.addDerivedKeyElement(attachment);
