Author: dkulp
Date: Tue Mar 3 03:14:52 2009
New Revision: 749521
URL: http://svn.apache.org/viewvc?rev=749521&view=rev
Log:
Add some NPE checks
Support custom settings for KeyIdentifier properies set in
SecurityTokenReference
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/WSConstants.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/token/SecurityTokenReference.java
webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedDataProcessor.java
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/WSConstants.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/WSConstants.java?rev=749521&r1=749520&r2=749521&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/WSConstants.java
(original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/WSConstants.java Tue Mar
3 03:14:52 2009
@@ -394,6 +394,7 @@
*/
public static final int CUSTOM_SYMM_SIGNING_DIRECT = 11;
+ public static final int CUSTOM_KEY_IDENTIFIER = 12;
public static final String ENCRYPTED_HEADER = "EncryptedHeader";
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java?rev=749521&r1=749520&r2=749521&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java
Tue Mar 3 03:14:52 2009
@@ -297,7 +297,8 @@
if (keyIdentifierType != WSConstants.UT_SIGNING
&& keyIdentifierType != WSConstants.CUSTOM_SYMM_SIGNING
&& keyIdentifierType != WSConstants.CUSTOM_SYMM_SIGNING_DIRECT
- && keyIdentifierType != WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER)
{
+ && keyIdentifierType != WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER
+ && keyIdentifierType != WSConstants.CUSTOM_KEY_IDENTIFIER) {
certs = crypto.getCertificates(user);
if (certs == null || certs.length <= 0) {
throw new WSSecurityException(
@@ -438,6 +439,10 @@
refCustd.setURI(this.customTokenId);
secRef.setReference(refCustd);
break;
+ case WSConstants.CUSTOM_KEY_IDENTIFIER:
+ secRef.setKeyIdentifier(customTokenValueType, customTokenId);
+ break;
+
default:
throw new WSSecurityException(WSSecurityException.FAILURE,
"unsupportedKeyId");
}
@@ -667,6 +672,7 @@
if (keyIdentifierType == WSConstants.UT_SIGNING ||
keyIdentifierType == WSConstants.CUSTOM_SYMM_SIGNING ||
keyIdentifierType ==
WSConstants.CUSTOM_SYMM_SIGNING_DIRECT ||
+ keyIdentifierType == WSConstants.CUSTOM_KEY_IDENTIFIER ||
keyIdentifierType ==
WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER) {
sig.sign(sig.createSecretKey(secretKey));
} else {
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/message/token/SecurityTokenReference.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/token/SecurityTokenReference.java?rev=749521&r1=749520&r2=749521&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/message/token/SecurityTokenReference.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/message/token/SecurityTokenReference.java
Tue Mar 3 03:14:52 2009
@@ -246,7 +246,7 @@
}
Text text = doc.createTextNode(Base64.encode(data));
- createKeyIdentifier(doc, X509Security.X509_V3_TYPE, text);
+ createKeyIdentifier(doc, X509Security.X509_V3_TYPE, text, true);
}
/**
@@ -275,7 +275,7 @@
byte data[] = crypto.getSKIBytesFromCert(cert);
org.w3c.dom.Text text = doc.createTextNode(Base64.encode(data));
- createKeyIdentifier(doc, SKI_URI, text);
+ createKeyIdentifier(doc, SKI_URI, text, true);
}
/**
@@ -309,25 +309,31 @@
byte[] data = sha.digest();
org.w3c.dom.Text text = doc.createTextNode(Base64.encode(data));
- createKeyIdentifier(doc, THUMB_URI, text);
+ createKeyIdentifier(doc, THUMB_URI, text, true);
}
public void setKeyIdentifierEncKeySHA1(String value) throws
WSSecurityException {
Document doc = this.element.getOwnerDocument();
org.w3c.dom.Text text = doc.createTextNode(value);
- createKeyIdentifier(doc, ENC_KEY_SHA1_URI, text);
+ createKeyIdentifier(doc, ENC_KEY_SHA1_URI, text, true);
}
public void setSAMLKeyIdentifier(String keyIdVal) throws
WSSecurityException {
Document doc = this.element.getOwnerDocument();
- createKeyIdentifier(doc, SAML_ID_URI, doc.createTextNode(keyIdVal));
+ createKeyIdentifier(doc, SAML_ID_URI, doc.createTextNode(keyIdVal),
false);
+ }
+ public void setKeyIdentifier(String valueType, String keyIdVal) throws
WSSecurityException {
+ Document doc = this.element.getOwnerDocument();
+ createKeyIdentifier(doc, valueType, doc.createTextNode(keyIdVal),
false);
}
- private void createKeyIdentifier(Document doc, String uri, Node node) {
+ private void createKeyIdentifier(Document doc, String uri, Node node,
boolean base64) {
Element keyId = doc.createElementNS(WSConstants.WSSE_NS,
"wsse:KeyIdentifier");
keyId.setAttributeNS(null, "ValueType", uri);
- keyId.setAttributeNS(null, "EncodingType",
BinarySecurity.BASE64_ENCODING);
+ if (base64) {
+ keyId.setAttributeNS(null, "EncodingType",
BinarySecurity.BASE64_ENCODING);
+ }
keyId.appendChild(node);
Element elem = getFirstElement();
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedDataProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedDataProcessor.java?rev=749521&r1=749520&r2=749521&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedDataProcessor.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedDataProcessor.java
Tue Mar 3 03:14:52 2009
@@ -93,6 +93,7 @@
}
Node previousSibling = elem.getPreviousSibling();
+ Node parent = elem.getParentNode();
try {
xmlCipher.doFinal(elem.getOwnerDocument(), elem, false);
} catch (Exception e) {
@@ -102,13 +103,20 @@
}
// Get hold of the plain text element
- Element decryptedElem = (Element)previousSibling.getNextSibling();
+ Element decryptedElem;
+ if (previousSibling == null) {
+ decryptedElem = (Element)parent.getFirstChild();
+ } else {
+ decryptedElem = (Element)previousSibling.getNextSibling();
+ }
QName el = new QName(decryptedElem.getNamespaceURI(),
decryptedElem.getLocalName());
- Processor proc = config.getProcessor(el);
- proc.handleToken(
- decryptedElem, crypto, decCrypto, cb, wsDocInfo, returnResults,
config
- );
- wsDocInfo.setProcessor(proc);
+ if (config != null) {
+ Processor proc = config.getProcessor(el);
+ proc.handleToken(
+ decryptedElem, crypto, decCrypto, cb, wsDocInfo,
returnResults, config
+ );
+ wsDocInfo.setProcessor(proc);
+ }
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
