if (WSTrustConstants.KEY_TYPE_SYMMETRIC.equalsIgnoreCase(keyType.toString()))
{
// symmetric key case: if client entropy is found, compute a key. If not, generate a new key.
requestedProofToken = new RequestedProofTokenType();
ObjectFactory objFactory = new ObjectFactory();
byte[] clientSecret = null;
EntropyType clientEntropy = request.getEntropy();
if (clientEntropy != null)
clientSecret = WSTrustUtil.getBinarySecret(clientEntropy);
byte[] serverSecret = WSTrustUtil.createRandomSecret((int) keySize / 8);
BinarySecretType serverBinarySecret = new BinarySecretType();
serverBinarySecret.setType(WSTrustConstants.BS_TYPE_NONCE);
serverBinarySecret.setValue(serverSecret);
serverEntropy = new EntropyType();
serverEntropy.getAny().add(objFactory.createBinarySecret(serverBinarySecret));
if (clientSecret != null && clientSecret.length != 0)
{
// client secret has been specified - combine it with the sts secret.
requestedProofToken.setAny(objFactory.createComputedKey(WSTrustConstants.CK_PSHA1));
byte[] combinedSecret = null;
try
{
combinedSecret = WSTrustUtil.P_SHA1(clientSecret, serverSecret, (int) keySize / 8);
}
catch (Exception e)
{
throw new WSTrustException("Error generating combined secret key", e);
}
requestContext.setProofTokenInfo(WSTrustUtil.createKeyInfo(combinedSecret, providerPublicKey,
keyWrapAlgo));
}
else
{
// client secret has not been specified - use the sts secret only.
requestedProofToken.setAny(objFactory.createBinarySecret(serverBinarySecret));
requestContext
.setProofTokenInfo(WSTrustUtil.createKeyInfo(serverSecret, providerPublicKey, keyWrapAlgo));
}
}
else if (WSTrustConstants.KEY_TYPE_PUBLIC.equalsIgnoreCase(keyType.toString()))