[jbossws-commits] JBossWS SVN: r4923 - in stack/native/branches/asoldano/trunk/src/main: java/org/jboss/ws/extensions/security/element and 2 other directories.

Monday, 29 October 2007


Author: alessio.soldano(a)jboss.com
Date: 2007-10-29 12:52:50 -0400 (Mon, 29 Oct 2007)
New Revision: 4923

Modified:
  
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/EncodingOperation.java
  
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/EncryptionOperation.java
  
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/OperationDescription.java
  
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/SecurityEncoder.java
  
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/SendUsernameOperation.java
  
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/SignatureOperation.java
  
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/TimestampOperation.java
  
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java
  
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/element/EncryptedKey.java
  
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/metadata/wsse/Encrypt.java
  
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java
  
stack/native/branches/asoldano/trunk/src/main/resources/schema/jboss-ws-security_1_0.xsd
Log:
[JBWS-1874] Allow configuration of secret key wrap algorithm


Modified:
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/EncodingOperation.java
===================================================================
---
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/EncodingOperation.java	2007-10-29
16:40:18 UTC (rev 4922)
+++
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/EncodingOperation.java	2007-10-29
16:52:50 UTC (rev 4923)
@@ -36,5 +36,5 @@
  */
 public interface EncodingOperation extends Operation
 {
-   public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm) throws WSSecurityException;
+   public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm, String wrap) throws WSSecurityException;
 }

Modified:
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/EncryptionOperation.java
===================================================================
---
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/EncryptionOperation.java	2007-10-29
16:40:18 UTC (rev 4922)
+++
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/EncryptionOperation.java	2007-10-29
16:52:50 UTC (rev 4923)
@@ -128,7 +128,7 @@
       }
    }
 
-   public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm) throws WSSecurityException
+   public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm, String wrap) throws WSSecurityException
    {
       if (! algorithms.containsKey(algorithm))
          algorithm = DEFAULT_ALGORITHM;
@@ -169,7 +169,7 @@
          header.addToken(token);
       }
 
-      EncryptedKey eKey = new EncryptedKey(message, secretKey, token, list);
+      EncryptedKey eKey = new EncryptedKey(message, secretKey, token, list, wrap);
       header.addSecurityProcess(eKey);
    }
    

Modified:
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/OperationDescription.java
===================================================================
---
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/OperationDescription.java	2007-10-29
16:40:18 UTC (rev 4922)
+++
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/OperationDescription.java	2007-10-29
16:52:50 UTC (rev 4923)
@@ -39,14 +39,17 @@
    private String credential;
 
    private String algorithm;
+   
+   private String keyWrapAlgorithm;
 
-   public OperationDescription(Class<? extends T> operation, List<Target>
targets, String certicateAlias, String credential, String algorithm)
+   public OperationDescription(Class<? extends T> operation, List<Target>
targets, String certicateAlias, String credential, String algorithm, String
keyWrapAlgorithm)
    {
       this.operation = operation;
       this.targets = targets;
       this.certificateAlias = certicateAlias;
       this.credential = credential;
       this.algorithm = algorithm;
+      this.keyWrapAlgorithm = keyWrapAlgorithm;
    }
 
    public Class<? extends T> getOperation()
@@ -102,4 +105,14 @@
       this.algorithm = algorithm;
    }
 
+   public String getKeyWrapAlgorithm()
+   {
+      return keyWrapAlgorithm;
+   }
+
+   public void setKeyWrapAlgorithm(String keyWrapAlgorithm)
+   {
+      this.keyWrapAlgorithm = keyWrapAlgorithm;
+   }
+
 }

Modified:
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/SecurityEncoder.java
===================================================================
---
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/SecurityEncoder.java	2007-10-29
16:40:18 UTC (rev 4922)
+++
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/SecurityEncoder.java	2007-10-29
16:52:50 UTC (rev 4923)
@@ -80,7 +80,7 @@
             throw new WSSecurityException("Error constructing operation: " +
op.getOperation());
          }
 
-         operation.process(message, op.getTargets(), op.getCertificateAlias(),
op.getCredential(), op.getAlgorithm());
+         operation.process(message, op.getTargets(), op.getCertificateAlias(),
op.getCredential(), op.getAlgorithm(), op.getKeyWrapAlgorithm());
       }
       attachHeader(header, message);
    }

Modified:
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/SendUsernameOperation.java
===================================================================
---
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/SendUsernameOperation.java	2007-10-29
16:40:18 UTC (rev 4922)
+++
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/SendUsernameOperation.java	2007-10-29
16:52:50 UTC (rev 4923)
@@ -40,7 +40,7 @@
       this.store = store;
    }
 
-   public void process(Document message, List<Target> targets, String username,
String credential, String algorithm) throws WSSecurityException
+   public void process(Document message, List<Target> targets, String username,
String credential, String algorithm, String keyWrapAlgorithm) throws WSSecurityException
    {
       header.addToken(new UsernameToken(username, credential, message));
    }

Modified:
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/SignatureOperation.java
===================================================================
---
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/SignatureOperation.java	2007-10-29
16:40:18 UTC (rev 4922)
+++
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/SignatureOperation.java	2007-10-29
16:52:50 UTC (rev 4923)
@@ -120,7 +120,7 @@
       }
    }
 
-   public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm) throws WSSecurityException
+   public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm, String keyWrapAlgorithm) throws WSSecurityException
    {
       Element envelope = message.getDocumentElement();
       XMLSignature sig;

Modified:
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/TimestampOperation.java
===================================================================
---
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/TimestampOperation.java	2007-10-29
16:40:18 UTC (rev 4922)
+++
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/TimestampOperation.java	2007-10-29
16:52:50 UTC (rev 4923)
@@ -40,7 +40,7 @@
       this.store = store;
    }
 
-   public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm) throws WSSecurityException
+   public void process(Document message, List<Target> targets, String alias, String
credential, String algorithm, String keyWrapAlgorithm) throws WSSecurityException
    {
       Integer ttl = null;
 

Modified:
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java
===================================================================
---
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java	2007-10-29
16:40:18 UTC (rev 4922)
+++
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java	2007-10-29
16:52:50 UTC (rev 4923)
@@ -208,20 +208,20 @@
       ArrayList<OperationDescription<RequireOperation>> operations = new
ArrayList<OperationDescription<RequireOperation>>();
       RequireTimestamp requireTimestamp = requires.getRequireTimestamp();
       if (requireTimestamp != null)
-         operations.add(new
OperationDescription<RequireOperation>(RequireTimestampOperation.class, null,
requireTimestamp.getMaxAge(), null, null));
+         operations.add(new
OperationDescription<RequireOperation>(RequireTimestampOperation.class, null,
requireTimestamp.getMaxAge(), null, null, null));
 
       RequireSignature requireSignature = requires.getRequireSignature();
       if (requireSignature != null)
       {
          List<Target> targets = convertTargets(requireSignature.getTargets());
-         operations.add(new
OperationDescription<RequireOperation>(RequireSignatureOperation.class, targets,
null, null, null));
+         operations.add(new
OperationDescription<RequireOperation>(RequireSignatureOperation.class, targets,
null, null, null, null));
       }
 
       RequireEncryption requireEncryption = requires.getRequireEncryption();
       if (requireEncryption != null)
       {
          List<Target> targets = convertTargets(requireEncryption.getTargets());
-         operations.add(new
OperationDescription<RequireOperation>(RequireEncryptionOperation.class, targets,
null, null, null));
+         operations.add(new
OperationDescription<RequireOperation>(RequireEncryptionOperation.class, targets,
null, null, null, null));
       }
 
       return operations;
@@ -251,7 +251,7 @@
       Timestamp timestamp = opConfig.getTimestamp();
       if (timestamp != null)
       {
-         operations.add(new
OperationDescription<EncodingOperation>(TimestampOperation.class, null, null,
timestamp.getTtl(), null));
+         operations.add(new
OperationDescription<EncodingOperation>(TimestampOperation.class, null, null,
timestamp.getTtl(), null, null));
       }
 
       if (opConfig.getUsername() != null)
@@ -267,7 +267,7 @@
 
          if (user != null && pass != null)
          {
-            operations.add(new
OperationDescription<EncodingOperation>(SendUsernameOperation.class, null,
user.toString(), pass.toString(), null));
+            operations.add(new
OperationDescription<EncodingOperation>(SendUsernameOperation.class, null,
user.toString(), pass.toString(), null, null));
             ctx.put(StubExt.PROPERTY_AUTH_TYPE, StubExt.PROPERTY_AUTH_TYPE_WSSE);
          }
       }
@@ -279,20 +279,20 @@
          if (sign.isIncludeTimestamp())
          {
             if (timestamp == null)
-               operations.add(new
OperationDescription<EncodingOperation>(TimestampOperation.class, null, null, null,
null));
+               operations.add(new
OperationDescription<EncodingOperation>(TimestampOperation.class, null, null, null,
null, null));
 
             if (targets != null && targets.size() > 0)
                targets.add(new WsuIdTarget("timestamp"));
          }
 
-         operations.add(new
OperationDescription<EncodingOperation>(SignatureOperation.class, targets,
sign.getAlias(), null, null));
+         operations.add(new
OperationDescription<EncodingOperation>(SignatureOperation.class, targets,
sign.getAlias(), null, null, null));
       }
 
       Encrypt encrypt = opConfig.getEncrypt();
       if (encrypt != null)
       {
          List<Target> targets = convertTargets(encrypt.getTargets());
-         operations.add(new
OperationDescription<EncodingOperation>(EncryptionOperation.class, targets,
encrypt.getAlias(), null, encrypt.getAlgorithm()));
+         operations.add(new
OperationDescription<EncodingOperation>(EncryptionOperation.class, targets,
encrypt.getAlias(), null, encrypt.getAlgorithm(), encrypt.getWrap()));
       }
 
       if (operations.size() == 0)

Modified:
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/element/EncryptedKey.java
===================================================================
---
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/element/EncryptedKey.java	2007-10-29
16:40:18 UTC (rev 4922)
+++
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/extensions/security/element/EncryptedKey.java	2007-10-29
16:52:50 UTC (rev 4923)
@@ -22,6 +22,7 @@
 package org.jboss.ws.extensions.security.element;
 
 import java.security.PrivateKey;
+import java.util.HashMap;
 
 import javax.crypto.SecretKey;
 
@@ -51,20 +52,34 @@
    private X509Token token;
 
    private ReferenceList list;
+   
+   private String wrapAlgorithm;
 
    private Element cachedElement;
+   
+   private static HashMap<String, String> keyWrapAlgorithms;
+   private static final String DEFAULT_ALGORITHM = "rsa_15";
+   static
+   {
+      keyWrapAlgorithms = new HashMap<String, String>(2);
+      keyWrapAlgorithms.put("rsa_15", XMLCipher.RSA_v1dot5);
+      keyWrapAlgorithms.put("rsa_oaep", XMLCipher.RSA_OAEP);
+   }
 
-   public EncryptedKey(Document document, SecretKey secretKey, X509Token token)
+   public EncryptedKey(Document document, SecretKey secretKey, X509Token token, String
wrap)
    {
-      this(document, secretKey, token, new ReferenceList());
+      this(document, secretKey, token, new ReferenceList(), wrap);
    }
 
-   public EncryptedKey(Document document, SecretKey secretKey, X509Token token,
ReferenceList list)
+   public EncryptedKey(Document document, SecretKey secretKey, X509Token token,
ReferenceList list, String wrap)
    {
       this.document = document;
       this.secretKey = secretKey;
       this.token = token;
       this.list = list;
+      this.wrapAlgorithm = keyWrapAlgorithms.get(wrap);
+      if (wrapAlgorithm ==null)
+         wrapAlgorithm = keyWrapAlgorithms.get(DEFAULT_ALGORITHM);
    }
 
    public EncryptedKey(Element element, KeyResolver resolver) throws WSSecurityException
@@ -154,7 +169,7 @@
 
       try
       {
-         cipher = XMLCipher.getInstance(XMLCipher.RSA_v1dot5);
+         cipher = XMLCipher.getInstance(wrapAlgorithm);
          cipher.init(XMLCipher.WRAP_MODE, token.getCert().getPublicKey());
          key = cipher.encryptKey(document, secretKey);
       }

Modified:
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/metadata/wsse/Encrypt.java
===================================================================
---
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/metadata/wsse/Encrypt.java	2007-10-29
16:40:18 UTC (rev 4922)
+++
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/metadata/wsse/Encrypt.java	2007-10-29
16:52:50 UTC (rev 4923)
@@ -37,12 +37,14 @@
    private String type;
    private String alias;
    private String algorithm;
+   private String keyWrapAlgorithm;
 
-   public Encrypt(String type, String alias, String algorithm)
+   public Encrypt(String type, String alias, String algorithm, String wrap)
    {
       this.type = type;
       this.alias = alias;
       this.algorithm = algorithm;
+      this.keyWrapAlgorithm = wrap;
    }
 
    public String getAlias()
@@ -74,4 +76,14 @@
    {
       this.algorithm = algorithm;
    }
+
+   public String getWrap()
+   {
+      return keyWrapAlgorithm;
+   }
+
+   public void setWrap(String wrap)
+   {
+      this.keyWrapAlgorithm = wrap;
+   }
 }
\ No newline at end of file

Modified:
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java
===================================================================
---
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java	2007-10-29
16:40:18 UTC (rev 4922)
+++
stack/native/branches/asoldano/trunk/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java	2007-10-29
16:52:50 UTC (rev 4923)
@@ -232,7 +232,7 @@
       }
       else if ("encrypt".equals(localName))
       {
-         return new Encrypt(attrs.getValue("", "type"),
attrs.getValue("", "alias"), attrs.getValue("",
"algorithm"));
+         return new Encrypt(attrs.getValue("", "type"),
attrs.getValue("", "alias"), attrs.getValue("",
"algorithm"), attrs.getValue("", "keyWrapAlgorithm"));
       }
       else if ("timestamp".equals(localName))
       {

Modified:
stack/native/branches/asoldano/trunk/src/main/resources/schema/jboss-ws-security_1_0.xsd
===================================================================
---
stack/native/branches/asoldano/trunk/src/main/resources/schema/jboss-ws-security_1_0.xsd	2007-10-29
16:40:18 UTC (rev 4922)
+++
stack/native/branches/asoldano/trunk/src/main/resources/schema/jboss-ws-security_1_0.xsd	2007-10-29
16:52:50 UTC (rev 4923)
@@ -183,6 +183,17 @@
         </xs:restriction>
       </xs:simpleType>
     </xs:attribute>
+    <xs:attribute name="keyWrapAlgorithm">
+      <xs:annotation>
+        <xs:documentation>The algorithm to use to encrypt the symmetric secret key.
 If not specified rsa_15 will be used.</xs:documentation>
+      </xs:annotation>
+      <xs:simpleType>
+        <xs:restriction base="xs:string">
+          <xs:enumeration value="rsa_15"/>
+          <xs:enumeration value="rsa_oaep"/>
+        </xs:restriction>
+      </xs:simpleType>
+    </xs:attribute>
   </xs:complexType>
   <xs:complexType name="signType">
     <xs:sequence>


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jbossws-commits] JBossWS SVN: r4923 - in stack/native/branches/asoldano/trunk/src/main: java/org/jboss/ws/extensions/security/element and 2 other directories.