Examples of org.apache.wss4j.dom.WSDataRef

org.apache.wss4j.dom.WSDataRef

        if (dataRefURIs == null || dataRefURIs.isEmpty()) {
            return null;
        }
        List<WSDataRef> dataRefs = new ArrayList<WSDataRef>();
        for (String dataRefURI : dataRefURIs) {
            WSDataRef dataRef = 
                decryptDataRef(doc, dataRefURI, docInfo, decryptedBytes, data);
            dataRefs.add(dataRef);
        }
        return dataRefs;
    }

View Full Code Here

                }
                if (se == null) {
                    throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
                }
                
                WSDataRef ref = new WSDataRef();
                ref.setWsuId(uri);
                ref.setProtectedElement(se);
                ref.setAlgorithm(signedInfo.getSignatureMethod().getAlgorithm());
                ref.setDigestAlgorithm(siRef.getDigestMethod().getAlgorithm());
                ref.setAttachment(attachment);
                
                // Set the Transform algorithms as well
                @SuppressWarnings("unchecked")
                List<Transform> transforms = (List<Transform>)siRef.getTransforms();
                List<String> transformAlgorithms = new ArrayList<String>(transforms.size());
                for (Transform transform : transforms) {
                    transformAlgorithms.add(transform.getAlgorithm());
                }
                ref.setTransformAlgorithms(transformAlgorithms);
                
                ref.setXpath(ReferenceListProcessor.getXPath(se));
                protectedRefs.add(ref);
            }
        }
        return protectedRefs;
    }

View Full Code Here

        if (dataRefURIs == null || dataRefURIs.isEmpty()) {
            return null;
        }
        List<WSDataRef> dataRefs = new ArrayList<WSDataRef>();
        for (String dataRefURI : dataRefURIs) {
            WSDataRef dataRef = 
                decryptDataRef(doc, dataRefURI, docInfo, decryptedBytes, data);
            dataRefs.add(dataRef);
        }
        return dataRefs;
    }

View Full Code Here


        LOG.debug("Checking required elements are in the signature...");
        for (int i = 0; i < requiredIDs.length; i++) {
            boolean found = false;
            for (int j = 0; j < signedElemsRefList.size(); j++) {
                WSDataRef dataRef = signedElemsRefList.get(j);
                String wsuId = dataRef.getWsuId();
                if (wsuId.charAt(0) == '#') {
                    wsuId = wsuId.substring(1);
                }
                if (wsuId.equals(requiredIDs[i])) {
                    found = true;

View Full Code Here

                if (dataRefURI.charAt(0) == '#') {
                    dataRefURI = dataRefURI.substring(1);
                }
                
                if (wsDocInfo.getResultByTag(WSConstants.ENCR, dataRefURI) == null) {
                    WSDataRef dataRef = 
                        decryptDataRefEmbedded(
                            elem.getOwnerDocument(), dataRefURI, data, wsDocInfo, asymBinding);
                    dataRefs.add(dataRef);
                }
            }

View Full Code Here

        SecretKey symmetricKey,
        String symEncAlgo,
        RequestData requestData
    ) throws WSSecurityException {


        WSDataRef dataRef = new WSDataRef();
        dataRef.setWsuId(dataRefURI);
        dataRef.setAlgorithm(symEncAlgo);


        String typeStr = encData.getAttribute("Type");
        if (typeStr != null &&
            (WSConstants.SWA_ATTACHMENT_ENCRYPTED_DATA_TYPE_CONTENT_ONLY.equals(typeStr) ||
            WSConstants.SWA_ATTACHMENT_ENCRYPTED_DATA_TYPE_COMPLETE.equals(typeStr))) {


            try {
                Element cipherData = WSSecurityUtil.getDirectChildElement(encData, "CipherData", WSConstants.ENC_NS);
                if (cipherData == null) {
                    throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
                }
                Element cipherReference = WSSecurityUtil.getDirectChildElement(cipherData, "CipherReference", WSConstants.ENC_NS);
                if (cipherReference == null) {
                    throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
                }
                String uri = cipherReference.getAttributeNS(null, "URI");
                if (uri == null || uri.length() < 5) {
                    throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
                }
                if (!uri.startsWith("cid:")) {
                    throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
                }
                dataRef.setWsuId(uri);
                dataRef.setAttachment(true);


                CallbackHandler attachmentCallbackHandler = requestData.getAttachmentCallbackHandler();
                if (attachmentCallbackHandler == null) {
                    throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
                }


                final String attachmentId = uri.substring(4);


                AttachmentRequestCallback attachmentRequestCallback = new AttachmentRequestCallback();
                attachmentRequestCallback.setAttachmentId(attachmentId);


                attachmentCallbackHandler.handle(new Callback[]{attachmentRequestCallback});
                List<Attachment> attachments = attachmentRequestCallback.getAttachments();
                if (attachments == null || attachments.isEmpty() || !attachmentId.equals(attachments.get(0).getId())) {
                    throw new WSSecurityException(
                            WSSecurityException.ErrorCode.INVALID_SECURITY,
                            "empty", "Attachment not found"
                    );
                }
                Attachment attachment = attachments.get(0);


                final String encAlgo = X509Util.getEncAlgo(encData);
                final String jceAlgorithm =
                        JCEMapper.translateURItoJCEID(encAlgo);
                final Cipher cipher = Cipher.getInstance(jceAlgorithm);


                InputStream attachmentInputStream =
                        AttachmentUtils.setupAttachmentDecryptionStream(
                                encAlgo, cipher, symmetricKey, attachment.getSourceStream());


                Attachment resultAttachment = new Attachment();
                resultAttachment.setId(attachment.getId());
                resultAttachment.setMimeType(encData.getAttributeNS(null, "MimeType"));
                resultAttachment.setSourceStream(attachmentInputStream);
                resultAttachment.addHeaders(attachment.getHeaders());


                if (WSConstants.SWA_ATTACHMENT_ENCRYPTED_DATA_TYPE_COMPLETE.equals(typeStr)) {
                    AttachmentUtils.readAndReplaceEncryptedAttachmentHeaders(
                            resultAttachment.getHeaders(), attachmentInputStream);
                }


                AttachmentResultCallback attachmentResultCallback = new AttachmentResultCallback();
                attachmentResultCallback.setAttachment(resultAttachment);
                attachmentResultCallback.setAttachmentId(resultAttachment.getId());
                attachmentCallbackHandler.handle(new Callback[]{attachmentResultCallback});


            } catch (UnsupportedCallbackException e) {
                throw new WSSecurityException(
                        WSSecurityException.ErrorCode.FAILED_CHECK, e);
            } catch (IOException e) {
                throw new WSSecurityException(
                        WSSecurityException.ErrorCode.FAILED_CHECK, e);
            } catch (NoSuchAlgorithmException e) {
                throw new WSSecurityException(
                        WSSecurityException.ErrorCode.FAILED_CHECK, e);
            } catch (NoSuchPaddingException e) {
                throw new WSSecurityException(
                        WSSecurityException.ErrorCode.FAILED_CHECK, e);
            }


            dataRef.setContent(true);
            // Remove this EncryptedData from the security header to avoid processing it again
            encData.getParentNode().removeChild(encData);
            
            return dataRef;
        }


        boolean content = X509Util.isContent(encData);
        dataRef.setContent(content);
        
        Node parent = encData.getParentNode();
        Node previousSibling = encData.getPreviousSibling();
        if (content) {
            encData = (Element) encData.getParentNode();
            parent = encData.getParentNode();
        }


        XMLCipher xmlCipher = null;
        try {
            xmlCipher = XMLCipher.getInstance(symEncAlgo);
            xmlCipher.setSecureValidation(true);
            xmlCipher.init(XMLCipher.DECRYPT_MODE, symmetricKey);
        } catch (XMLEncryptionException ex) {
            throw new WSSecurityException(
                    WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, ex
            );
        }
        
        try {
            xmlCipher.doFinal(doc, encData, content);
        } catch (Exception ex) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, ex);
        }
        
        if (parent.getLocalName().equals(WSConstants.ENCRYPTED_HEADER)
            && parent.getNamespaceURI().equals(WSConstants.WSSE11_NS)
            || parent.getLocalName().equals(WSConstants.ENCRYPED_ASSERTION_LN)
            && parent.getNamespaceURI().equals(WSConstants.SAML2_NS)) {
                
            Node decryptedHeader = parent.getFirstChild();
            Node soapHeader = parent.getParentNode();
            soapHeader.replaceChild(decryptedHeader, parent);


            dataRef.setProtectedElement((Element)decryptedHeader);
            dataRef.setXpath(getXPath(decryptedHeader));
        } else if (content) {
            dataRef.setProtectedElement(encData);
            dataRef.setXpath(getXPath(encData));
        } else {
            Node decryptedNode;
            if (previousSibling == null) {
                decryptedNode = parent.getFirstChild();
            } else {
                decryptedNode = previousSibling.getNextSibling();
            }
            if (decryptedNode != null && Node.ELEMENT_NODE == decryptedNode.getNodeType()) {
                dataRef.setProtectedElement((Element)decryptedNode);
            }
            dataRef.setXpath(getXPath(decryptedNode));
        }
        
        return dataRef;
    }

View Full Code Here

            }
            algorithmSuiteValidator.checkSymmetricKeyLength(key.getEncoded().length);
            algorithmSuiteValidator.checkSymmetricEncryptionAlgorithm(symEncAlgo);
        }


        WSDataRef dataRef = ReferenceListProcessor.decryptEncryptedData(
                elem.getOwnerDocument(), encryptedDataId, elem, key, symEncAlgo, request);


        WSSecurityEngineResult result =
                new WSSecurityEngineResult(WSConstants.ENCR, Collections.singletonList(dataRef));
        result.put(WSSecurityEngineResult.TAG_ID, encryptedDataId);
        wsDocInfo.addResult(result);
        wsDocInfo.addTokenElement(elem);
        
        List<WSSecurityEngineResult> completeResults = 
            new ArrayList<WSSecurityEngineResult>();
        completeResults.addAll(encrKeyResults);
        completeResults.add(result);
        
        WSSConfig wssConfig = request.getWssConfig();
        if (wssConfig != null) {
            // Get hold of the plain text element
            Element decryptedElem = dataRef.getProtectedElement();
            if (decryptedElem != null) { //is null if we processed an attachment
                QName el = new QName(decryptedElem.getNamespaceURI(), decryptedElem.getLocalName());
                Processor proc = request.getWssConfig().getProcessor(el);
                if (proc != null) {
                    if (LOG.isDebugEnabled()) {

View Full Code Here

        assertTrue(actionResult != null);
        assertFalse(actionResult.isEmpty());
        final List<WSDataRef> refs =
            (List<WSDataRef>) actionResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
        
        WSDataRef wsDataRef = refs.get(0);
        String xpath = wsDataRef.getXpath();
        assertEquals("/soapenv:Envelope/soapenv:Header/foo:foobar", xpath);
        assertEquals(WSConstants.RSA_SHA1, wsDataRef.getAlgorithm());
        assertNotNull(wsDataRef.getDigestValue());
        assertTrue(wsDataRef.getDigestValue().length > 0);
        
        assertEquals(WSConstants.SHA1, wsDataRef.getDigestAlgorithm());
        
        String sigMethod = (String)actionResult.get(WSSecurityEngineResult.TAG_SIGNATURE_METHOD);
        assertEquals(WSConstants.RSA_SHA1, sigMethod);
        
        String c14nMethod = 
            (String)actionResult.get(WSSecurityEngineResult.TAG_CANONICALIZATION_METHOD);
        assertEquals(WSConstants.C14N_EXCL_OMIT_COMMENTS, c14nMethod);
        
        List<String> transformAlgorithms = wsDataRef.getTransformAlgorithms();
        assertTrue(transformAlgorithms.size() == 1);
        assertTrue(WSConstants.C14N_EXCL_OMIT_COMMENTS.equals(transformAlgorithms.get(0)));
    }

View Full Code Here

        assertTrue(signActionResult != null);
        assertFalse(signActionResult.isEmpty());
        final List<WSDataRef> refs =
            (List<WSDataRef>) signActionResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
        
        WSDataRef wsDataRef = refs.get(0);
        String xpath = wsDataRef.getXpath();
        assertEquals("/soapenv:Envelope/soapenv:Header/wsse:Security/saml1:Assertion", xpath);
    }

View Full Code Here

                }
                if (se == null) {
                    throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
                }
                
                WSDataRef ref = new WSDataRef();
                ref.setWsuId(uri);
                ref.setProtectedElement(se);
                ref.setAlgorithm(signedInfo.getSignatureMethod().getAlgorithm());
                ref.setDigestAlgorithm(siRef.getDigestMethod().getAlgorithm());
                ref.setDigestValue(siRef.getDigestValue());
                ref.setAttachment(attachment);
                
                // Set the Transform algorithms as well
                @SuppressWarnings("unchecked")
                List<Transform> transforms = (List<Transform>)siRef.getTransforms();
                List<String> transformAlgorithms = new ArrayList<String>(transforms.size());
                for (Transform transform : transforms) {
                    transformAlgorithms.add(transform.getAlgorithm());
                }
                ref.setTransformAlgorithms(transformAlgorithms);
                
                ref.setXpath(ReferenceListProcessor.getXPath(se));
                protectedRefs.add(ref);
            }
        }
        return protectedRefs;
    }

View Full Code Here

0 1 2 3 4 5 6

TOP

Related Classes of org.apache.wss4j.dom.WSDataRef

org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil

org.apache.wss4j.dom.message.EncryptionGCMTest

org.apache.wss4j.dom.message.EncryptionPartsTest

org.apache.wss4j.dom.message.EncryptionTest

org.apache.wss4j.dom.message.SignaturePartsTest

org.apache.wss4j.dom.processor.EncryptedDataProcessor

org.apache.wss4j.dom.processor.EncryptedKeyDataRefTest

org.apache.wss4j.dom.processor.EncryptedKeyProcessor

org.apache.wss4j.dom.processor.ReferenceListDataRefTest

org.apache.wss4j.dom.processor.ReferenceListProcessor

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.