This is an automated email from the ASF dual-hosted git repository. coheigea pushed a commit to branch wss4j_2.3.0 in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 0fb54eada9a9439d55b8875a23e11dca7886b81c Author: Colm O hEigeartaigh <cohei...@apache.org> AuthorDate: Mon Jan 28 12:00:06 2019 +0000 WSSecEncryptedKey.getEphemeralKey() is removed in WSS4J --- .../cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java | 2 +- .../ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java | 2 +- .../ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java | 4 ++-- .../ws/security/wss4j/policyhandlers/TransportBindingHandler.java | 2 +- .../cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java | 6 ------ .../test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java | 2 +- 6 files changed, 6 insertions(+), 12 deletions(-) diff --git a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java index f5f051c..35d3deb 100644 --- a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java +++ b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/AbstractSAMLCallbackHandler.java @@ -213,7 +213,7 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler { encrKey.setKeyIdentifierType(WSConstants.ISSUER_SERIAL); encrKey.setUseThisCert(certs[0]); encrKey.prepare(null); - ephemeralKey = encrKey.getEphemeralKey(); + ephemeralKey = encrKey.getSymmetricKey().getEncoded(); Element encryptedKeyElement = encrKey.getEncryptedKeyElement(); // Append the EncryptedKey to a KeyInfo element diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java index df31bc7..40d6ee4 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java @@ -806,7 +806,7 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder { // Add the EncryptedKey this.addEncryptedKeyElement(encrKey.getEncryptedKeyElement()); - encryptedKeyValue = encrKey.getEphemeralKey(); + encryptedKeyValue = encrKey.getSymmetricKey().getEncoded(); encryptedKeyId = encrKey.getId(); } diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java index cc37da2..e56fc39 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java @@ -551,6 +551,7 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder { encr.setCustomReferenceValue(encrTok.getTokenType()); } encr.setEncKeyId(encrTokId); + encr.setSymmetricEncAlgorithm(algorithmSuite.getAlgorithmSuiteType().getEncryption()); encr.setEphemeralKey(encrTok.getSecret()); Crypto crypto = getEncryptionCrypto(); if (crypto != null) { @@ -558,7 +559,6 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder { } encr.setEncryptSymmKey(false); - encr.setSymmetricEncAlgorithm(algorithmSuite.getAlgorithmSuiteType().getEncryption()); encr.setMGFAlgorithm(algorithmSuite.getAlgorithmSuiteType().getMGFAlgo()); encr.setDigestAlgorithm(algorithmSuite.getAlgorithmSuiteType().getEncryptionDigest()); @@ -917,7 +917,7 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder { WSSecEncryptedKey encrKey = this.getEncryptedKeyBuilder(sigToken); assertTokenWrapper(wrapper); String id = encrKey.getId(); - byte[] secret = encrKey.getEphemeralKey(); + byte[] secret = encrKey.getSymmetricKey().getEncoded(); Instant created = Instant.now(); Instant expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L); diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java index 3a1b7c4..208d391 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java @@ -383,7 +383,7 @@ public class TransportBindingHandler extends AbstractBindingBuilder { AlgorithmSuiteType algType = binding.getAlgorithmSuite().getAlgorithmSuiteType(); dkSig.setDerivedKeyLength(algType.getSignatureDerivedKeyLength() / 8); - dkSig.setExternalKey(encrKey.getEphemeralKey(), encrKey.getId()); + dkSig.setExternalKey(encrKey.getSymmetricKey().getEncoded(), encrKey.getId()); dkSig.prepare(); diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java index 750aa90..0e54cf2 100644 --- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java +++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/AbstractSAMLCallbackHandler.java @@ -59,7 +59,6 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler { protected X509Certificate[] certs; protected Statement statement = Statement.AUTHN; protected CERT_IDENTIFIER certIdentifier = CERT_IDENTIFIER.X509_CERT; - protected byte[] ephemeralKey; protected boolean multiValue = true; public void setConfirmationMethod(String confMethod) { @@ -78,10 +77,6 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler { this.certs = certs; } - public byte[] getEphemeralKey() { - return ephemeralKey; - } - /** * Note that the SubjectBean parameter should be null for SAML2.0 */ @@ -176,7 +171,6 @@ public abstract class AbstractSAMLCallbackHandler implements CallbackHandler { encrKey.setKeyIdentifierType(WSConstants.X509_KEY_IDENTIFIER); encrKey.setUseThisCert(certs[0]); encrKey.prepare(null); - ephemeralKey = encrKey.getEphemeralKey(); Element encryptedKeyElement = encrKey.getEncryptedKeyElement(); // Append the EncryptedKey to a KeyInfo element diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java index 0a31958..4dc76c8 100644 --- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java +++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java @@ -841,7 +841,7 @@ public class IssueSamlUnitTest { builder.prepare(stsProperties.getSignatureCrypto()); Element encryptedKeyElement = builder.getEncryptedKeyElement(); - byte[] secret = builder.getEphemeralKey(); + byte[] secret = builder.getSymmetricKey().getEncoded(); EntropyType entropyType = new EntropyType(); entropyType.getAny().add(encryptedKeyElement);