svn commit: r1687264 - in /webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom: action/EncryptionAction.java processor/EncryptedKeyProcessor.java

Wed, 24 Jun 2015 06:32:17 -0700 

Author: coheigea
Date: Wed Jun 24 13:31:17 2015
New Revision: 1687264

URL: http://svn.apache.org/r1687264
Log:
Some refactoring of previous commits


Conflicts:
        
ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java

Modified:
    
webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionAction.java
    
webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java

Modified: 
webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionAction.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionAction.java?rev=1687264&r1=1687263&r2=1687264&view=diff
==============================================================================
--- 
webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionAction.java
 (original)
+++ 
webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionAction.java
 Wed Jun 24 13:31:17 2015
@@ -21,9 +21,9 @@ package org.apache.wss4j.dom.action;
 
 import java.security.cert.X509Certificate;
 
+import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 
-import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.common.EncryptionActionToken;
 import org.apache.wss4j.common.SecurityActionToken;
 import org.apache.wss4j.common.crypto.Crypto;
@@ -93,10 +93,19 @@ public class EncryptionAction implements
             || !encryptionToken.isEncSymmetricEncryptionKey() && ephemeralKey 
== null) {
             CallbackHandler callbackHandler = 
                 handler.getPasswordCallbackHandler(reqData);
-            WSPasswordCallback passwordCallback = 
-                handler.getPasswordCB(encryptionToken.getUser(), 
WSConstants.ENCR, callbackHandler, reqData);
-            ephemeralKey = passwordCallback.getKey();
-            byte[] encryptedKey = passwordCallback.getEncryptedSecret();
+            // Get secret key for encryption from a CallbackHandler
+            WSPasswordCallback pwcb = 
+                new WSPasswordCallback(encryptionToken.getUser(), 
WSPasswordCallback.SECRET_KEY);
+            pwcb.setAlgorithm(wsEncrypt.getSymmetricEncAlgorithm());
+            try {
+                callbackHandler.handle(new Callback[] {pwcb});
+            } catch (Exception e) {
+                throw new 
WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e,
+                        "empty", new Object[] {"WSHandler: password callback 
failed"});
+            }
+            
+            ephemeralKey = pwcb.getKey();
+            byte[] encryptedKey = pwcb.getEncryptedSecret();
             wsEncrypt.setEncryptedEphemeralKey(encryptedKey);
         }
         wsEncrypt.setEphemeralKey(ephemeralKey);

Modified: 
webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java?rev=1687264&r1=1687263&r2=1687264&view=diff
==============================================================================
--- 
webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
 (original)
+++ 
webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
 Wed Jun 24 13:31:17 2015
@@ -173,9 +173,42 @@ public class EncryptedKeyProcessor imple
         
         Cipher cipher = null;
         if (symmetricKeyWrap) {
+            // See if we have a KeyName
+            String keyName = "";
+            Element keyInfo = 
+                WSSecurityUtil.getDirectChildElement(
+                    elem, "KeyInfo", WSConstants.SIG_NS
+                );
+            if (keyInfo != null) {
+                Element keyNmElem = 
+                    WSSecurityUtil.getDirectChildElement(
+                        keyInfo, "KeyName", WSConstants.SIG_NS
+                    );
+                if (keyNmElem != null) {
+                    Node node = keyNmElem.getFirstChild();
+                    StringBuilder builder = new StringBuilder();
+                    while (node != null) {
+                        if (Node.TEXT_NODE == node.getNodeType()) {
+                            builder.append(((Text)node).getData());
+                        }
+                        node = node.getNextSibling();
+                    }
+                    keyName = builder.toString();
+                }
+            }
+            
             // Get secret key for decryption from a CallbackHandler
-            WSPasswordCallback pwcb = new WSPasswordCallback("", 
WSPasswordCallback.SECRET_KEY);
+            WSPasswordCallback pwcb = new WSPasswordCallback(keyName, 
WSPasswordCallback.SECRET_KEY);
             pwcb.setEncryptedSecret(encryptedEphemeralKey);
+            
+            // Get the (first) encryption algorithm
+            if (!dataRefURIs.isEmpty()) {
+                String uri = dataRefURIs.iterator().next();
+                Element ee = 
+                    
EncryptionUtils.findEncryptedDataElement(elem.getOwnerDocument(), wsDocInfo, 
uri);
+                String algorithmURI = X509Util.getEncAlgo(ee);
+                pwcb.setAlgorithm(algorithmURI);
+            }
             try {
                 data.getCallbackHandler().handle(new Callback[] {pwcb});
             } catch (Exception e) {

Reply via email to