Examples of org.jboss.ws.extensions.security.exception.WSSecurityException

• org.jboss.ws.extensions.security.exception.WSSecurityException
  @author Jason T. Greene

         {
            storeURL = storeFile.toURL();
         }
         catch (MalformedURLException e)
         {
            throw new WSSecurityException("Problems loading " + type + ": " + e.getMessage(), e);
         }
      }

      if (storeType == null)
         storeType = System.getProperty(property + "Type");
      if (storeType == null)
         storeType = "jks";

      KeyStore keyStore = null;
      InputStream stream = null;
      try
      {
         log.debug("loadStore: " + storeURL);
         stream = storeURL.openStream();
         if (stream == null)
            throw new WSSecurityException("Cannot load store from: " + storeURL);

         keyStore = KeyStore.getInstance(storeType);
         if (keyStore == null)
            throw new WSSecurityException("Cannot get keystore for type: " + storeType);

         String decryptedPassword = decryptPassword(storePassword);
         if (decryptedPassword == null)
            throw new WSSecurityException("Cannot decrypt store password");

         keyStore.load(stream, decryptedPassword.toCharArray());
      }
      catch (RuntimeException rte)
      {
         throw rte;
      }
      catch (WSSecurityException ex)
      {
         throw ex;
      }
      catch (Exception ex)
      {
         throw new WSSecurityException("Problems loading " + type + ": " + ex.getMessage(), ex);
      }
      finally
      {
         if (stream != null)
         {

         SignatureKeysAssociation.saveKey(signature.getPublicKey());
      }
      catch (XMLSignatureException e)
      {
         throw new WSSecurityException("An unexpected error occured while verifying signature", e);
      }
      finally
      {
         STRTransform.setSecurityStore(null);
      }

      SignedInfo info = xmlSig.getSignedInfo();
      int length = info.getLength();
      Collection<String> processed = new ArrayList<String>(length);
      try
      {
         for (int i = 0; i < length; i++)
         {
            String uri = info.item(i).getURI();
            if (uri != null && uri.length() > 1 && uri.charAt(0)=='#')
               processed.add(uri.substring(1));
         }
      }
      catch (XMLSecurityException e)
      {
         throw new WSSecurityException("Could not extract references", e);
      }

      return processed;
   }

         }
      }

      if (rejectCreated)
      {
         throw new WSSecurityException("Invalid timestamp, message claimed to be created after now");
      }

      boolean rejectExpires = expires != null && !now.before(expires);
      if (rejectExpires && timestampVerification != null && timestampVerification.getExpiresTolerance() > 0)
      {

      {
         sig = new XMLSignature(message, null, XMLSignature.ALGO_ID_SIGNATURE_RSA, Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
      }
      catch (XMLSecurityException e)
      {
         throw new WSSecurityException("Error building signature", e);
      }

      // For now we pass our resolver the root document because the signature element isn't attached
      // to the evelope yet (no wsse header). Perhaps we should do this differently
      sig.addResourceResolver(new WsuIdResolver(message, header.getElement()));
      PrivateKey key = store.getPrivateKey(alias);

      if (targets == null || targets.size() == 0)
      {
         // By default we sign the body element, and a timestamp if it is available
         String namespace = envelope.getNamespaceURI();
         processTarget(sig, message, new QNameTarget(new QName(namespace, "Body")));
         if (header.getTimestamp() != null)
            processTarget(sig, message, new WsuIdTarget("timestamp"));
      }
      else
      {
         for (Target target : targets)
            processTarget(sig, message, target);
      }

      try
      {
         sig.sign(key);
      }
      catch (XMLSignatureException e)
      {
         throw new WSSecurityException("Error signing message: " + e.getMessage(), e);
      }

      X509Certificate cert = store.getCertificate(alias);
      X509Token token = (X509Token) header.getSharedToken(cert);

         cipher = XMLCipher.getInstance();
         key = cipher.loadEncryptedKey(element);
      }
      catch (XMLSecurityException e)
      {
         throw new WSSecurityException("Could not parse encrypted key: " + e.getMessage(), e);
      }

      KeyInfo info = key.getKeyInfo();

      if (info == null)
         throw new WSSecurityException("EncryptedKey element did not contain KeyInfo");

      PrivateKey privateKey = resolver.resolvePrivateKey(info);

      // Locate the reference list. We have to manually parse this because xml security doesn't handle
      // shorthand xpointer references (URI="#fooid")

      Element referenceList = Util.findElement(element, Constants.XENC_REFERENCELIST, Constants.XML_ENCRYPTION_NS);
      if (referenceList == null)
         throw new WSSecurityException("Encrypted key did not contain a reference list");

      this.list = new ReferenceList(referenceList);

      // Now use the element list to determine the encryption alg
      String alg = getKeyAlgorithm(element);
      if (alg == null)
         throw new WSSecurityException("Could not determine encrypted key algorithm!");

      try
      {
         cipher.init(XMLCipher.UNWRAP_MODE, privateKey);
         this.secretKey = (SecretKey) cipher.decryptKey(key, alg);
      }
      catch (XMLSecurityException e)
      {
         throw new WSSecurityException("Could not parse encrypted key: " + e.getMessage(), e);
      }

      this.document = element.getOwnerDocument();
      this.token = new X509Token(resolver.resolveCertificate(info), this.document);
   }

         cipher.init(XMLCipher.WRAP_MODE, token.getCert().getPublicKey());
         key = cipher.encryptKey(document, secretKey);
      }
      catch (XMLSecurityException e)
      {
         throw new WSSecurityException("Error encrypting key: " + e.getMessage(), e);
      }

      SecurityTokenReference reference = new SecurityTokenReference(Reference.getReference(tokenRefType, document, token));
      KeyInfo keyInfo = new KeyInfo(document);
      keyInfo.addUnknownElement(reference.getElement());

         Collection<String> result = new ArrayList<String>(1);
         result.add(((WsuIdTarget)target).getId());
         return result;
      }

      throw new WSSecurityException("Unknown target");
   }

   {
      String valueType = element.getAttribute("ValueType");
      if (X509Token.TYPE.equals(valueType))
         return new X509Token(element);
      else
         throw new WSSecurityException("Unkown Binary Security Token!!!");
   }

   private Element getHeader(Document message) throws WSSecurityException
   {
      Element header = Util.findElement(message.getDocumentElement(), "Security", Constants.WSSE_NS);
      if (header == null)
         throw new WSSecurityException("Expected security header was not found");

      return header;
   }

      if (id != null && id.length() > 0)
         this.id = id;

      Element child = Util.getFirstChildElement(element);
      if (child == null || !Constants.WSU_NS.equals(child.getNamespaceURI()) || !"Created".equals(child.getLocalName()))
         throw new WSSecurityException("Created child expected in Timestamp element");

      this.created = SimpleTypeBindings.unmarshalDateTime(XMLUtils.getFullTextChildrenFromElement(child));

      child = Util.getNextSiblingElement(child);
      if (child == null)