Examples of DerivedKeyToken

com.sun.xml.ws.security.DerivedKeyToken
DerivedKeyToken Interface TODO: This defintion is incomplete. Currently it has only those members which are required for the Trust Interop Scenarios
com.sun.xml.ws.security.opt.impl.incoming.DerivedKeyToken
@author Ashutosh.Shahi@sun.com
org.apache.ws.sandbox.security.conversation.message.token.DerivedKeyToken
@author Ruchith Fernando @version 1.0
org.apache.ws.security.message.token.DerivedKeyToken
@author Ruchith Fernando @version 1.0
org.apache.wss4j.dom.message.token.DerivedKeyToken
... ... ... ... ... ... ...

Examples of com.sun.xml.ws.security.DerivedKeyToken

                if(sendEKSHA1){
                    String ekSha1Ref = getEKSHA1Ref(context);
                    //Construct a derivedKeyToken to be used
                    originalKey = skb.getSecretKey();
                    byte[] secret = originalKey.getEncoded();
                    DerivedKeyToken dkt = new DerivedKeyTokenImpl(offset, length, secret);
                    String dktId = secureMessage.generateId();
                    String nonce = Base64.encode(dkt.getNonce());
                    //get the symmetric key for encryption key from derivedkeyToken
                    try{
                        String jceAlgo = SecurityUtil.getSecretKeyAlgorithm(algorithm);
                        _symmetricKey = dkt.generateSymmetricKey(jceAlgo);
                    } catch(Exception e){
                        log.log(Level.SEVERE, "WSS1216.unableto.get.symmetrickey.Encryption");
                        throw new XWSSecurityException(e);
                    }
                    //STR for DerivedKeyToken
                    SecurityTokenReference tokenRef = new SecurityTokenReference(secureMessage.getSOAPPart());
                    EncryptedKeySHA1Identifier refElem = new EncryptedKeySHA1Identifier(secureMessage.getSOAPPart());
                    refElem.setReferenceValue(ekSha1Ref);
                    tokenRef.setReference(refElem);
                    
                    //set the wsse11:TokenType attribute as required by WSS 1.1
                    //TODO: uncomment this once MS is ready to accpet this
                    //tokenRef.setTokenType(MessageConstants.EncryptedKey_NS);
                    
                    dktHeadrBlock =
                            new DerivedKeyTokenHeaderBlock(_secHeader.getOwnerDocument(), tokenRef, nonce, dkt.getOffset(), dkt.getLength() ,dktId);
                    
                    //Construct the STR for Encryption
                    DirectReference reference = new DirectReference();
                    reference.setURI("#"+dktId);
                    ekTokenRef = new SecurityTokenReference(secureMessage.getSOAPPart());
                    ekTokenRef.setReference(reference);
                } else if(wss11Sender || wss10){
                    dktSender = true;
                    originalKey = skb.getSecretKey();
                    if ( context.getX509CertificateBinding() != null ) {
                        certificateBinding = context.getX509CertificateBinding();
                        context.setX509CertificateBinding(null);
                        _x509Cert = certificateBinding.getX509Certificate();
                    }
                    _x509Cert = certificateBinding.getX509Certificate();
                    referenceType =  certificateBinding.getReferenceType();
                    keyInfoStrategy = KeyInfoStrategy.getInstance(referenceType);
                    _exportCertificate = true;
                    keyInfoStrategy.setCertificate(_x509Cert);
                    x509TokenId = certificateBinding.getUUID();
                    if(x509TokenId == null || x509TokenId.equals("")){
                        x509TokenId = secureMsg.generateId();
                    }
                    
                    if(log.isLoggable(Level.FINEST)){
                        log.log(Level.FINEST, "Certificate was "+_x509Cert);
                        log.log(Level.FINEST, "BinaryToken ID "+x509TokenId);
                    }
                    
                    
                    HashMap tokenCache = context.getTokenCache();
                    HashMap insertedX509Cache = context.getInsertedX509Cache();
                    
                    SecurityUtil.checkIncludeTokenPolicy(context, certificateBinding, x509TokenId);
                    
                    // ReferenceType adjustment in checkIncludeTokenPolicy is also currently
                    // causing an insertion of the X509 into the Message
                    X509SecurityToken insertedx509 =
                            (X509SecurityToken)context.getInsertedX509Cache().get(x509TokenId);
                    
                    // this one is used to determine if the whole BST + EK + DKT(opt)
                    // has been inserted by another filter such as Encryption running before
                    X509SecurityToken token = (X509SecurityToken)tokenCache.get(x509TokenId);
                    if(token == null){
                        if (insertedx509 != null) {
                            token = insertedx509;
                            tokenCache.put(x509TokenId, insertedx509);
                        } else {
                            String valueType = certificateBinding.getValueType();
                            if(valueType==null||valueType.equals("")){
                                //default valueType for X509 as v3
                                valueType = MessageConstants.X509v3_NS;
                            }
                            token = new X509SecurityToken(secureMsg.getSOAPPart(),_x509Cert,x509TokenId, valueType);
                            tokenCache.put(x509TokenId, token);
                        }
                        context.setCurrentSecret(originalKey);
                        //Store SymmetricKey generated in ProcessingContext
                        context.setExtraneousProperty("SecretKey", originalKey);
                    } else{
                        skbX509TokenInserted = true;
                        originalKey = context.getCurrentSecret();
                    }
                    //
                    if(insertedx509 == null){
                        if(MessageConstants.DIRECT_REFERENCE_TYPE.equals(referenceType)){
                            secureMsg.findOrCreateSecurityHeader().insertHeaderBlock(token);
                            insertedX509Cache.put(x509TokenId, token);
                            x509TokenElement = secureMsg.findOrCreateSecurityHeader().getNextSiblingOfTimestamp();
                        }
                    } else{
                        //x509TokenElement = secureMsg.getElementByWsuId(x509TokenId);
                        x509TokenElement = insertedx509;
                    }
                    //}
                    
                    //Construct a derivedKeyToken to be used
                    byte[] secret = originalKey.getEncoded();
                    DerivedKeyToken dkt = new DerivedKeyTokenImpl(offset, length, secret);
                    String dktId = secureMessage.generateId();
                    String nonce = Base64.encode(dkt.getNonce());
                    //get the symmetric key for encryption key from derivedkeyToken
                    try{
                        String jceAlgo = SecurityUtil.getSecretKeyAlgorithm(algorithm);
                        _symmetricKey = dkt.generateSymmetricKey(jceAlgo);
                    } catch(Exception e){
                        log.log(Level.SEVERE, "WSS1216.unableto.get.symmetrickey.Encryption");
                        throw new XWSSecurityException(e);
                    }
                    
                    //STR for DerivedKeyToken
                    SecurityTokenReference tokenRef = new SecurityTokenReference(secureMessage.getSOAPPart());
                    DirectReference reference = new DirectReference();
                    //TODO: PLUGFEST Commeting for now as Microsoft setting the EncryptedKey type on reference valueType
                    //tokenRef.setTokenType(MessageConstants.EncryptedKey_NS);
                    //set id of encrypted key in STR of DKT
                    insertedEkId = (String)ekCache.get(x509TokenId);
                    if(insertedEkId == null)
                        insertedEkId = ekId;
                    reference.setURI("#"+insertedEkId);
                    reference.setValueType(MessageConstants.EncryptedKey_NS);
                    tokenRef.setReference(reference);
                    dktHeadrBlock =
                            new DerivedKeyTokenHeaderBlock(_secHeader.getOwnerDocument(), tokenRef, nonce, dkt.getOffset(), dkt.getLength(), dktId);
                    
                    //Construct the STR for Encryption
                    DirectReference refEnc = new DirectReference();
                    refEnc.setURI("#"+dktId);
                    ekTokenRef = new SecurityTokenReference(secureMessage.getSOAPPart());
                    ekTokenRef.setReference(refEnc);
                }
            } else if (PolicyTypeUtil.secureConversationTokenKeyBinding(originalKeyBinding)) {
                
                sctWithDKT = true;
                
                SecureConversationTokenKeyBinding sctBinding = (SecureConversationTokenKeyBinding)originalKeyBinding;
                //String sctPolicyId = sctBinding.getPolicyToken().getTokenId();
                String sctPolicyId = sctBinding.getUUID();
                //Look for SCT in TokenCache
                HashMap tokCache = context.getTokenCache();
                sct = (SecurityContextTokenImpl)tokCache.get(sctPolicyId);
                
                IssuedTokenContext ictx = context.getSecureConversationContext();
                
                if (sct == null) {
                    SecurityContextToken sct1 =(SecurityContextToken)ictx.getSecurityToken();
                    if (sct1 == null) {
                        log.log(Level.SEVERE, "WSS1221.null.SecureConversationToken");
                        throw new XWSSecurityException("SecureConversation Token not Found");
                    }
                    
                    sct = new SecurityContextTokenImpl(
                            secureMessage.getSOAPPart(), sct1.getIdentifier().toString(), sct1.getInstance(), sct1.getWsuId(), sct1.getExtElements());
                    // put back in token cache
                    tokCache.put(sctPolicyId, sct);
                } else {
                    sctTokenInserted = true;
                    // record the element
                    sctElement = secureMessage.getElementByWsuId(sct.getWsuId());
                }
                
                String sctWsuId = sct.getWsuId();
                if (sctWsuId == null) {
                    sct.setId(secureMessage.generateId());
                }
                sctWsuId = sct.getWsuId();
                
                byte[] secret =  context.getSecureConversationContext().getProofKey();
                DerivedKeyToken dkt = new DerivedKeyTokenImpl(offset, length, secret);
                String dktId = secureMessage.generateId();
                String nonce = Base64.encode(dkt.getNonce());
                //get the symmetric key for encryption key from derivedkeyToken
                try{
                    _symmetricKey = dkt.generateSymmetricKey(SecurityUtil.getSecretKeyAlgorithm(dataEncAlgo));
                } catch(Exception e){
                    log.log(Level.SEVERE, "WSS1216.unableto.get.symmetrickey.Encryption");
                    throw new XWSSecurityException(e);
                }
                //STR for DerivedKeyToken
                SecurityTokenReference secRef = new SecurityTokenReference(secureMessage.getSOAPPart());
                DirectReference reference = new DirectReference();
                if (SecureConversationTokenKeyBinding.INCLUDE_ALWAYS_TO_RECIPIENT.equals(sctBinding.getIncludeToken()) ||
                        SecureConversationTokenKeyBinding.INCLUDE_ALWAYS.equals(sctBinding.getIncludeToken())) {
                    
                    reference.setURI("#" + sctWsuId);
                } else {
                    includeSCT = false;
                    reference.setSCTURI(sct.getIdentifier().toString(), sct.getInstance());
                }
                secRef.setReference(reference);
                dktHeadrBlock =
                        new DerivedKeyTokenHeaderBlock(_secHeader.getOwnerDocument(), secRef, nonce, dkt.getOffset(), dkt.getLength(),dktId);
                
                //Construct the STR for Encryption
                DirectReference refEnc = new DirectReference();
                refEnc.setURI("#"+dktId);
                dktSctTokenRef = new SecurityTokenReference(secureMessage.getSOAPPart());
                dktSctTokenRef.setReference(refEnc);
                
            } else if (PolicyTypeUtil.issuedTokenKeyBinding(originalKeyBinding)) {
                
                issuedWithDKT = true;
                
                IssuedTokenContext trustContext =  context.getTrustContext();
                DerivedKeyToken dkt = new DerivedKeyTokenImpl(offset, length, trustContext.getProofKey());
                String dktId = secureMessage.generateId();
                String nonce = Base64.encode(dkt.getNonce());
                
                //get the symmetric key for encryption
                Key origKey = null;
                try{
                    origKey = new SecretKeySpec(trustContext.getProofKey(), SecurityUtil.getSecretKeyAlgorithm(dataEncAlgo));
                } catch(Exception e){
                    log.log(Level.SEVERE, "WSS1216.unableto.get.symmetrickey.Encryption");
                    throw new XWSSecurityException(e);
                }
                
                
                //get the symmetric key for encryption key from derivedkeyToken
                try{
                    _symmetricKey = dkt.generateSymmetricKey(SecurityUtil.getSecretKeyAlgorithm(dataEncAlgo));
                } catch(Exception e){
                    log.log(Level.SEVERE, "WSS1216.unableto.get.symmetrickey.Encryption");
                    throw new XWSSecurityException(e);
                }
                
                //Get the IssuedToken and insert it into the message
                GenericToken issuedToken = (GenericToken)trustContext.getSecurityToken();
                
                // check if the token is already present
                IssuedTokenKeyBinding ikb = (IssuedTokenKeyBinding)originalKeyBinding;
                //String ikbPolicyId = ikb.getPolicyToken().getTokenId();
                String ikbPolicyId = ikb.getUUID();
                //Look for TrustToken in TokenCache
                HashMap tokCache = context.getTokenCache();
                Object tok = tokCache.get(ikbPolicyId);
                
                SecurityTokenReference str = null;
                Element strElem = null;
                String tokenVersion = ikb.getIncludeToken();
                includeIST = (IssuedTokenKeyBinding.INCLUDE_ALWAYS_TO_RECIPIENT.equals(tokenVersion) ||
                          IssuedTokenKeyBinding.INCLUDE_ALWAYS.equals(tokenVersion) ||
                          IssuedTokenKeyBinding.INCLUDE_ALWAYS_VER2.equals(tokenVersion) ||
                          IssuedTokenKeyBinding.INCLUDE_ALWAYS_TO_RECIPIENT_VER2.equals(tokenVersion)
                          );
                
                if (includeIST && (issuedToken == null)) {
                    log.log(Level.SEVERE, "WSS1217.null.IssueToken");
                    throw new XWSSecurityException("Issued Token to be inserted into the Message was Null");
                }
                
                if (issuedToken != null) {
                    // treat the token as an Opaque entity and just insert the token into message
                    Element elem = (Element)issuedToken.getTokenValue();
                    //TODO: remove these expensive conversions DOM Imports
                    if (tok == null) {
                        issuedTokenElement = XMLUtil.convertToSoapElement(secureMessage.getSOAPPart(), elem);
                        //Temp FIX for Issue#26: We need an Id to cache and MS not sending Id in some cases
                        String tokId = issuedTokenElement.getAttribute("Id");
                        if ("".equals(tokId) &&
                                MessageConstants.ENCRYPTED_DATA_LNAME.equals(issuedTokenElement.getLocalName())) {
                            issuedTokenElement.setAttribute("Id", secureMessage.generateId());
                        }
                        tokCache.put(ikbPolicyId, issuedTokenElement);
                    } else {
                        issuedTokenInserted = true;
                        // it will be SOAPElement retrieve its wsuId attr
                        String wsuId = SecurityUtil.getWsuIdOrId((Element)tok);
                        issuedTokenElementFromMsg = secureMessage.getElementById(wsuId);
                        if (issuedTokenElementFromMsg == null) {
                            log.log(Level.SEVERE, "WSS1218.unableto.locate.IssueToken.Message");
                            throw new XWSSecurityException("Could not locate Issued Token in Message");
                        }
                    }
                }
                
                if (includeIST) {
                    if (trustContext.getAttachedSecurityTokenReference() != null) {
                        strElem = (Element)trustContext.getAttachedSecurityTokenReference().getTokenValue();
                    } else {
                        log.log(Level.SEVERE, "WSS1219.unableto.refer.Attached.IssueToken");
                        throw new XWSSecurityException("Cannot determine how to reference the Attached Issued Token in the Message");
                    }
                } else {
                    //Trust Issued Token should not be in message at all, so use an external reference
                    if (trustContext.getUnAttachedSecurityTokenReference() != null) {
                        strElem = (Element)trustContext.getUnAttachedSecurityTokenReference().getTokenValue();
                    } else {
                        log.log(Level.SEVERE, "WSS1220.unableto.refer.Un-Attached.IssueToken");
                        throw new XWSSecurityException("Cannot determine how to reference the Un-Attached Issued Token in the Message");
                    }
                }
                
                //TODO: remove these expensive conversions
                Element imported = (Element)secureMessage.getSOAPPart().importNode(strElem,true);
                str = new SecurityTokenReference(
                        XMLUtil.convertToSoapElement(secureMessage.getSOAPPart(), (Element)imported.cloneNode(true)), false);
                
                if (origKey != null) {
                    SecurityUtil.updateSamlVsKeyCache(str, context, origKey);
                }
                
                dktHeadrBlock =
                        new DerivedKeyTokenHeaderBlock(_secHeader.getOwnerDocument(), str, nonce, dkt.getOffset(), dkt.getLength(),dktId);
                //Construct the STR for Encryption
                DirectReference refEnc = new DirectReference();
                refEnc.setURI("#"+dktId);
                dktIssuedTokenRef = new SecurityTokenReference(secureMessage.getSOAPPart());
                dktIssuedTokenRef.setReference(refEnc);

View Full Code Here

Examples of com.sun.xml.ws.security.DerivedKeyToken

                    }else{
                        originalKey = skb.getSecretKey();
                        context.setCurrentSecret(originalKey);
                    }
                    byte[] secret = originalKey.getEncoded();
                    DerivedKeyToken dkt = new DerivedKeyTokenImpl(offset, length, secret);
                    //get the signing key for signature from derivedkeyToken
                    signingKey = dkt.generateSymmetricKey(jceAlgo);
                    
                    Node[] nxtSiblingContainer = new Node[1];
                    keyInfo = prepareForSymmetricKeySignature(context, keyBinding, originalKey, signaturePolicy, nxtSiblingContainer, null, dkt);
                    nextSibling = nxtSiblingContainer[0];
                    
                } else if ( PolicyTypeUtil.issuedTokenKeyBinding(originalKeyBinding)) {
                    byte[] prfKey = context.getTrustContext().getProofKey();
                    if (prfKey == null) {
                        //handle Asymmetric Issued Token
                        X509Certificate cert =
                                context.getTrustContext().getRequestorCertificate();
                        if (cert == null){
                            logger.log(Level.SEVERE, LogStringsMessages.WSS_1328_ILLEGAL_CERTIFICATE_KEY_NULL());
                            throw new XWSSecurityException(
                                    "Requestor Certificate and Proof Key are both null for Issued Token");
                        }
                        signingKey = context.getSecurityEnvironment().
                                getPrivateKey(context.getExtraneousProperties(), cert);
                        
                        //Get the IssuedToken and insert it into the message
                        GenericToken issuedToken =
                                (GenericToken)context.getTrustContext().getSecurityToken();
                        Element elem = (Element)issuedToken.getTokenValue();
                        SOAPElement tokenElem =
                                XMLUtil.convertToSoapElement(secureMessage.getSOAPPart(), elem);
                        //FIX for Issue 26: We need an Id to cache and MS is not setting in
                        //some cases
                        String tokId = tokenElem.getAttribute("Id");
                        if ("".equals(tokId) &&
                                MessageConstants.ENCRYPTED_DATA_LNAME.equals(
                                tokenElem.getLocalName())) {
                            tokenElem.setAttribute("Id", secureMessage.generateId());
                        }
                        context.getTokenCache().put(keyBinding.getUUID(), tokenElem);
                        IssuedTokenKeyBinding ikb = (IssuedTokenKeyBinding)originalKeyBinding;
                        String iTokenType = ikb.getIncludeToken();
                        boolean includeToken =  (ikb.INCLUDE_ALWAYS_TO_RECIPIENT.equals(iTokenType) ||
                                                 ikb.INCLUDE_ALWAYS.equals(iTokenType) ||
                                                 ikb.INCLUDE_ALWAYS_VER2.equals(iTokenType) ||
                                                 ikb.INCLUDE_ALWAYS_TO_RECIPIENT_VER2.equals(iTokenType)
                                                );
                        Element strElem = null;
                        
                        if (includeToken) {
                            strElem =(Element)context.getTrustContext().
                                    getAttachedSecurityTokenReference().getTokenValue();
                        }else  {
                            strElem = (Element)context.getTrustContext().
                                    getUnAttachedSecurityTokenReference().getTokenValue();
                        }
                        //TODO: remove these expensive conversions
                        Element imported = (Element)
                        secureMessage.getSOAPPart().importNode(strElem,true);
                        SecurityTokenReference str = new SecurityTokenReference(
                                XMLUtil.convertToSoapElement(secureMessage.getSOAPPart(),
                                (Element)imported.cloneNode(true)), false);
                        
                        if (tokenElem != null) {
                            if(includeToken) {
                                secureMessage.findOrCreateSecurityHeader().
                                        insertHeaderBlockElement(tokenElem);
                                nextSibling = tokenElem.getNextSibling();
                                
                            } else {
                                nextSibling =  null;
                            }
                            context.setIssuedSAMLToken(tokenElem);
                        }
                        keyInfo = dsigHelper.constructKeyInfo(signaturePolicy,str);
                        SecurityUtil.updateSamlVsKeyCache(str, context, cert.getPublicKey());
                    } else {
                        DerivedKeyToken dkt = new DerivedKeyTokenImpl(offset, length, prfKey);
                        signingKey = dkt.generateSymmetricKey(jceAlgo);
                        Node[] nxtSiblingContainer = new Node[1];
                        //NOTE: passing the proofKey here as original key
                        String secretKeyAlg = "AES";
                        if (algSuite != null) {
                            secretKeyAlg = SecurityUtil.getSecretKeyAlgorithm(algSuite.getEncryptionAlgorithm());
                        }
                        Key originalKey = new SecretKeySpec(prfKey, secretKeyAlg);
                        keyInfo = prepareForSymmetricKeySignature(
                                context, keyBinding, originalKey, signaturePolicy, nxtSiblingContainer, null, dkt);
                        nextSibling = nxtSiblingContainer[0];
                    }
                } else if (PolicyTypeUtil.secureConversationTokenKeyBinding(originalKeyBinding)) {
                    
                    DerivedKeyToken dkt = new DerivedKeyTokenImpl(offset, length, context.getSecureConversationContext().getProofKey());
                    //get the signing key for signature from derivedkeyToken
                    signingKey = dkt.generateSymmetricKey(jceAlgo);
                    Node[] nxtSiblingContainer = new Node[1];
                    keyInfo = prepareForSymmetricKeySignature(context, keyBinding, null, signaturePolicy, nxtSiblingContainer, null, dkt);
                    nextSibling = nxtSiblingContainer[0];
                }

View Full Code Here

Examples of com.sun.xml.ws.security.DerivedKeyToken

        }
        long length = token.getLength();
        long offset = token.getOffset();
        byte[] nonce = token.getNonce();
        String label = token.getLabel();
        DerivedKeyToken dkt = new DerivedKeyTokenImpl(offset, length, secret, nonce, label);
        String jceAlgo = SecurityUtil.getSecretKeyAlgorithm(dataEncAlgo);
        
        Key returnKey = null;
        try {
            returnKey = dkt.generateSymmetricKey(jceAlgo);
        } catch (InvalidKeyException ex) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_0247_FAILED_RESOLVE_DERIVED_KEY_TOKEN());
            throw new XWSSecurityException(ex);
        } catch (UnsupportedEncodingException ex) {
            log.log(Level.SEVERE,  LogStringsMessages.WSS_0247_FAILED_RESOLVE_DERIVED_KEY_TOKEN());

View Full Code Here

Examples of com.sun.xml.ws.security.opt.impl.incoming.DerivedKeyToken

                        context.getSecurityContext().getProcessedSecurityHeaders().add(ut);
                        context.getInferredSecurityPolicy().append(ut.getPolicy());
                        return ut;
                    }
                    case DERIVED_KEY_ELEMENT:{
                        DerivedKeyToken dkt = new DerivedKeyToken(message, context, (HashMap) currentParentNS);
                        context.getSecurityContext().getProcessedSecurityHeaders().add(dkt);
                        return dkt;
                        
                    }
                    case SIGNATURE_CONFIRMATION_ELEMENT:{

View Full Code Here

Examples of org.apache.ws.sandbox.security.conversation.message.token.DerivedKeyToken

                        ref.getURI());
                if (ele == null) {
                    throw new ConversationException("Cannot find  referenced Derived Key");
                }
                String uuid = null;
                DerivedKeyToken dkToken = null;
                try {
                    dkToken = new DerivedKeyToken(ele);  //Cover the 'Element' into 'DerivedKeyToken' object
                    if (dkToken.getSecuityTokenReference() == null) {
                        //if dkToken doesn't have a STR find a SecurityContextToken in the SOAP Envelope
                        SecurityContextToken secContextTk =
                            ConversationUtil.getSCT(dkToken);
                        uuid = secContextTk.getIdentifier();
                        log.debug(
                            "ConversationEngine :: The uuid is found " + uuid);
                        DerivedKeyInfo dkInfo = new DerivedKeyInfo(dkToken);
                        dkcbHandler.addDerivedKey(uuid, dkInfo);
                    } else { ///i.e. dkToken has a STR
                        SecurityTokenReference str2Base =
                            dkToken.getSecuityTokenReference();
                        if (str2Base.containsReference()) {
                            Reference ref2Base = str2Base.getReference();


                            if (ref2Base
                                .getValueType()
                                .equals("http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertionID")) {
                                /* ok now I have a SAML token. What should I do ?
                                 * -Decrypt the secret.
                                 * -create tempUUID
                                 * -add the scTInfo into dkcbHandler
                                 * -add the derived key token to dkcbHandler.
                                 */
                               uuid = ref2Base.getURI();
                            if(dkcbHandler.getSession(uuid)==null){
                        byte[] key = handleSAML(ref2Base.getElement().getOwnerDocument(), uuid);
                   System.out.println("I am here :-)");
                   SecurityContextInfo sctInfo = new SecurityContextInfo(
                                     uuid,
                                     key,
                                     1);
                   dkcbHandler.addSecurtiyContext(
                                     uuid,
                                     sctInfo);
                 }
                  DerivedKeyInfo dkInfo = new DerivedKeyInfo(dkToken);
                  dkcbHandler.addDerivedKey(uuid, dkInfo);
                            }






                            //TODO :: Add other tokens else if
                        } else if(str2Base.containsKeyIdentifier()){
                          Element elem = str2Base.getFirstElement();
                          //.getKeyIdentifier()System.out.println("KeyIdentifier :: He ehee ........");
              String value = elem.getAttribute("ValueType");
              if("http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertionID".equals(value)){
                uuid = ((Text)elem.getChildNodes().item(0)).getNodeValue();
                if(dkcbHandler.getSession(uuid)==null){
                     byte[] key = handleSAML(elem.getOwnerDocument(), uuid);
                     System.out.println("UUID of SAML is"+uuid);
                     SecurityContextInfo sctInfo = new SecurityContextInfo(
                                                     uuid,
                                                     key,
                                                     1);
                     dkcbHandler.addSecurtiyContext(uuid,sctInfo);
                }
                DerivedKeyInfo dkInfo = new DerivedKeyInfo(dkToken);
                dkcbHandler.addDerivedKey(uuid, dkInfo);
              }


                        }else{
                            throw new ConversationException("Cannot handle this type of security token reference: " + dkToken.getSecuityTokenReference().getReference().getValueType());
                        }
                    } //////end :if dkToken has a STR
                    //TODO :: Ask ruchith to throw correct exception
                } catch (WSSecurityException e2) {
                    e2.printStackTrace();
                } catch (ConversationException e2) {
                    e2.printStackTrace();
                }


                String identifier =
                    ConversationUtil.generateIdentifier(uuid, dkToken.getID());
                WSPasswordCallback pwCb =
                    new WSPasswordCallback(
                        identifier,
                        WSPasswordCallback.UNKNOWN);
                Callback[] callbacks = new Callback[1];

View Full Code Here

Examples of org.apache.ws.sandbox.security.conversation.message.token.DerivedKeyToken

            /* check token type: We support Derivedkey tokens now.
             * We will support security context tokens.
             */
            QName el = new QName(token.getNamespaceURI(), token.getLocalName());
            if (el.equals(DERIVEDKEY_TOKEN)) {
                DerivedKeyToken dkToken = new DerivedKeyToken(token);
                DerivedKeyInfo dkInfo = null;


        String uuid = null;


                try {
          if (dkToken.getSecuityTokenReference() == null) {
            //if dkToken doesn't have a STR
            SecurityContextToken secContextTk =
              ConversationUtil.getSCT(dkToken);
            uuid = secContextTk.getIdentifier();
            log.debug(
              "ConversationEngine :: The uuid is found " + uuid);
            dkInfo = new DerivedKeyInfo(dkToken);
            dkcbHandler.addDerivedKey(uuid, dkInfo);
          } else { ///i.e. dkToken has a STR
            SecurityTokenReference str2Base =
              dkToken.getSecuityTokenReference();
            if (str2Base.containsReference()) {
              Reference ref2Base = str2Base.getReference();
                          //TODO:: Find where can I find the constants.
              if (ref2Base
                .getValueType()
                .equals("http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertionID")) {
                /* ok now I have a SAML token. What should I do ?
                 * -Decrypt the secret.
                 * -create tempUUID
                 * -add the scTInfo into dkcbHandler
                 * -add the derived key token to dkcbHandler.
                 */
                uuid = ref2Base.getURI();
                if(dkcbHandler.getSession(uuid)==null){
                  byte[] key = handleSAML(docSig, uuid);
                  System.out.println("I am here :-)");
                  SecurityContextInfo sctInfo =
                  new SecurityContextInfo(
                    uuid,
                    key,
                    1);
                  dkcbHandler.addSecurtiyContext(
                    uuid,
                  sctInfo);
                }
                  dkInfo = new DerivedKeyInfo(dkToken);
                  dkcbHandler.addDerivedKey(uuid, dkInfo);
                }
            } else if(str2Base.containsKeyIdentifier()){
                          Element elem = str2Base.getFirstElement();
                          //.getKeyIdentifier()System.out.println("KeyIdentifier :: He ehee ........");
                          String value = elem.getAttribute("ValueType");
                if("http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertionID".equals(value)){
                  uuid = ((Text)elem.getChildNodes().item(0)).getNodeValue();
                  if(dkcbHandler.getSession(uuid)==null){
                     byte[] key = handleSAML(elem.getOwnerDocument(), uuid);
                     System.out.println("UUID of SAML is"+uuid);
                     SecurityContextInfo sctInfo = new SecurityContextInfo(uuid,key,1);
                     dkcbHandler.addSecurtiyContext(uuid,sctInfo);
                  }
                dkInfo = new DerivedKeyInfo(dkToken);
                dkcbHandler.addDerivedKey(uuid, dkInfo);
                }


            } else {
              throw new ConversationException("Don't know how to process here");
            }


          }
                //String uuid = "aNewUuid";
                String dkId = dkToken.getID();
                userName = ConversationUtil.generateIdentifier(uuid, dkId);
                convResult =
                    new ConvEngineResult(ConvEngineResult.SIGN_DERIVED_KEY);
                    dkcbHandler.addDerivedKey(uuid, dkInfo);
                    log.debug(

View Full Code Here

Examples of org.apache.ws.sandbox.security.conversation.message.token.DerivedKeyToken

        WSSecurityUtil.setNamespace(stRef.getElement(),
                WSConstants.WSSE_NS,
                WSConstants.WSSE_PREFIX);


        // step 2 :Create the DerriveToken
        DerivedKeyToken dtoken = new DerivedKeyToken(doc);
    if(stRef2Base != null){
      dtoken.setSecuityTokenReference(doc, stRef2Base);
    }
        dtoken.setLabel(doc, "WS-SecureConversationWS-SecureConversation");
        dtoken.setNonce(doc, ConversationUtil.generateNonce(128));
        dtoken.setID(genID);
    //System.out.println("Fix me here ....");
    
    if(keyLen!=-1){
       dtoken.setLength(doc,keyLen);
    }
        
        //step 3 :add the derived key token infomation into the dkcbHandler
        DerivedKeyInfo dkInfo = null;
        try {

View Full Code Here

Examples of org.apache.ws.sandbox.security.conversation.message.token.DerivedKeyToken

        WSSecurityUtil.setNamespace(stRef.getElement(),
                WSConstants.WSSE_NS,
                WSConstants.WSSE_PREFIX);


        // step 2 :Create the DerriveToken
        DerivedKeyToken dtoken = new DerivedKeyToken(doc);
    if(stRef2Base != null){
      dtoken.setSecuityTokenReference(doc, stRef2Base);
    }
        dtoken.setLabel(doc, "WS-SecureConversationWS-SecureConversation");
        dtoken.setNonce(doc, ConversationUtil.generateNonce(128));
        dtoken.setID(genID);
    //System.out.println("Fix me here ....");
    
    if(keyLen!=-1){
       dtoken.setLength(doc,keyLen);
    }
        
        //step 3 :add the derived key token infomation into the dkcbHandler
        DerivedKeyInfo dkInfo = null;
        try {

View Full Code Here

Examples of org.apache.ws.sandbox.security.conversation.message.token.DerivedKeyToken

                        ref.getURI());
                if (ele == null) {
                    throw new ConversationException("Cannot find  referenced Derived Key");
                }
                String uuid = null;
                DerivedKeyToken dkToken = null;
                try {
                    dkToken = new DerivedKeyToken(ele);  //Cover the 'Element' into 'DerivedKeyToken' object
                    if (dkToken.getSecuityTokenReference() == null) {
                        //if dkToken doesn't have a STR find a SecurityContextToken in the SOAP Envelope
                        SecurityContextToken secContextTk =
                            ConversationUtil.getSCT(dkToken);
                        uuid = secContextTk.getIdentifier();
                        log.debug(
                            "ConversationEngine :: The uuid is found " + uuid);
                        DerivedKeyInfo dkInfo = new DerivedKeyInfo(dkToken);
                        dkcbHandler.addDerivedKey(uuid, dkInfo);
                    } else { ///i.e. dkToken has a STR
                        SecurityTokenReference str2Base =
                            dkToken.getSecuityTokenReference();
                        if (str2Base.containsReference()) {
                            Reference ref2Base = str2Base.getReference();


                            if (ref2Base
                                .getValueType()
                                .equals("http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertionID")) {
                                /* ok now I have a SAML token. What should I do ?
                                 * -Decrypt the secret.
                                 * -create tempUUID
                                 * -add the scTInfo into dkcbHandler
                                 * -add the derived key token to dkcbHandler.
                                 */
                               uuid = ref2Base.getURI();
                            if(dkcbHandler.getSession(uuid)==null){
                        byte[] key = handleSAML(ref2Base.getElement().getOwnerDocument(), uuid);
                   System.out.println("I am here :-)");
                   SecurityContextInfo sctInfo = new SecurityContextInfo(
                                     uuid,
                                     key,
                                     1);
                   dkcbHandler.addSecurtiyContext(
                                     uuid,
                                     sctInfo);
                 }
                  DerivedKeyInfo dkInfo = new DerivedKeyInfo(dkToken);
                  dkcbHandler.addDerivedKey(uuid, dkInfo);
                            }






                            //TODO :: Add other tokens else if
                        } else if(str2Base.containsKeyIdentifier()){
                          Element elem = str2Base.getFirstElement();
                          //.getKeyIdentifier()System.out.println("KeyIdentifier :: He ehee ........");
              String value = elem.getAttribute("ValueType");
              if("http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertionID".equals(value)){
                uuid = ((Text)elem.getChildNodes().item(0)).getNodeValue();
                if(dkcbHandler.getSession(uuid)==null){
                     byte[] key = handleSAML(elem.getOwnerDocument(), uuid);
                     System.out.println("UUID of SAML is"+uuid);
                     SecurityContextInfo sctInfo = new SecurityContextInfo(
                                                     uuid,
                                                     key,
                                                     1);
                     dkcbHandler.addSecurtiyContext(uuid,sctInfo);
                }
                DerivedKeyInfo dkInfo = new DerivedKeyInfo(dkToken);
                dkcbHandler.addDerivedKey(uuid, dkInfo);
              }


                        }else{
                            throw new ConversationException("Cannot handle this type of security token reference: " + dkToken.getSecuityTokenReference().getReference().getValueType());
                        }
                    } //////end :if dkToken has a STR
                    //TODO :: Ask ruchith to throw correct exception
                } catch (WSSecurityException e2) {
                    e2.printStackTrace();
                } catch (ConversationException e2) {
                    e2.printStackTrace();
                }


                String identifier =
                    ConversationUtil.generateIdentifier(uuid, dkToken.getID());
                WSPasswordCallback pwCb =
                    new WSPasswordCallback(
                        identifier,
                        WSPasswordCallback.UNKNOWN);
                Callback[] callbacks = new Callback[1];

View Full Code Here

Examples of org.apache.ws.sandbox.security.conversation.message.token.DerivedKeyToken

            /* check token type: We support Derivedkey tokens now.
             * We will support security context tokens.
             */
            QName el = new QName(token.getNamespaceURI(), token.getLocalName());
            if (el.equals(DERIVEDKEY_TOKEN)) {
                DerivedKeyToken dkToken = new DerivedKeyToken(token);
                DerivedKeyInfo dkInfo = null;


        String uuid = null;


                try {
          if (dkToken.getSecuityTokenReference() == null) {
            //if dkToken doesn't have a STR
            SecurityContextToken secContextTk =
              ConversationUtil.getSCT(dkToken);
            uuid = secContextTk.getIdentifier();
            log.debug(
              "ConversationEngine :: The uuid is found " + uuid);
            dkInfo = new DerivedKeyInfo(dkToken);
            dkcbHandler.addDerivedKey(uuid, dkInfo);
          } else { ///i.e. dkToken has a STR
            SecurityTokenReference str2Base =
              dkToken.getSecuityTokenReference();
            if (str2Base.containsReference()) {
              Reference ref2Base = str2Base.getReference();
                          //TODO:: Find where can I find the constants.
              if (ref2Base
                .getValueType()
                .equals("http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertionID")) {
                /* ok now I have a SAML token. What should I do ?
                 * -Decrypt the secret.
                 * -create tempUUID
                 * -add the scTInfo into dkcbHandler
                 * -add the derived key token to dkcbHandler.
                 */
                uuid = ref2Base.getURI();
                if(dkcbHandler.getSession(uuid)==null){
                  byte[] key = handleSAML(docSig, uuid);
                  System.out.println("I am here :-)");
                  SecurityContextInfo sctInfo =
                  new SecurityContextInfo(
                    uuid,
                    key,
                    1);
                  dkcbHandler.addSecurtiyContext(
                    uuid,
                  sctInfo);
                }
                  dkInfo = new DerivedKeyInfo(dkToken);
                  dkcbHandler.addDerivedKey(uuid, dkInfo);
                }
            } else if(str2Base.containsKeyIdentifier()){
                          Element elem = str2Base.getFirstElement();
                          //.getKeyIdentifier()System.out.println("KeyIdentifier :: He ehee ........");
                          String value = elem.getAttribute("ValueType");
                if("http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertionID".equals(value)){
                  uuid = ((Text)elem.getChildNodes().item(0)).getNodeValue();
                  if(dkcbHandler.getSession(uuid)==null){
                     byte[] key = handleSAML(elem.getOwnerDocument(), uuid);
                     System.out.println("UUID of SAML is"+uuid);
                     SecurityContextInfo sctInfo = new SecurityContextInfo(uuid,key,1);
                     dkcbHandler.addSecurtiyContext(uuid,sctInfo);
                  }
                dkInfo = new DerivedKeyInfo(dkToken);
                dkcbHandler.addDerivedKey(uuid, dkInfo);
                }


            } else {
              throw new ConversationException("Don't know how to process here");
            }


          }
                //String uuid = "aNewUuid";
                String dkId = dkToken.getID();
                userName = ConversationUtil.generateIdentifier(uuid, dkId);
                convResult =
                    new ConvEngineResult(ConvEngineResult.SIGN_DERIVED_KEY);
                    dkcbHandler.addDerivedKey(uuid, dkInfo);
                    log.debug(

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.