Author: coheigea
Date: Tue Dec 14 13:06:24 2010
New Revision: 1049075
URL: http://svn.apache.org/viewvc?rev=1049075&view=rev
Log:
[WSS-259] - Some changes to element location for signature/encryption
- Added a new element location method which tries the SOAP body first, before
searching for the wsu:Id/Id. WSSecEncrypt and the EnvelopeIdResolver now use
this.
- Avoided searching for an element in the non InclusivePrefix case in
WSSecSignature
- Made EnvelopeIdResolver non-static for security reasons
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/DOMURIDereferencer.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/EnvelopeIdResolver.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecSignatureBase.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityTokenReference.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/ReferenceListProcessor.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/SignatureProcessor.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/util/WSSecurityUtil.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SecurityContextTokenTest.java
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/DOMURIDereferencer.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/DOMURIDereferencer.java?rev=1049075&r1=1049074&r2=1049075&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/DOMURIDereferencer.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/DOMURIDereferencer.java
Tue Dec 14 13:06:24 2010
@@ -92,8 +92,7 @@ public class DOMURIDereferencer implemen
// Try to resolve the element directly using the
EnvelopeIdResolver first
//
XMLSignatureInput in = null;
- EnvelopeIdResolver envelopeResolver =
- (EnvelopeIdResolver)EnvelopeIdResolver.getInstance();
+ EnvelopeIdResolver envelopeResolver = new EnvelopeIdResolver();
if (envelopeResolver.engineCanResolve(uriAttr, baseURI)) {
envelopeResolver.setWsDocInfo(wsDocInfo);
in = envelopeResolver.engineResolve(uriAttr, baseURI);
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/EnvelopeIdResolver.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/EnvelopeIdResolver.java?rev=1049075&r1=1049074&r2=1049075&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/EnvelopeIdResolver.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/EnvelopeIdResolver.java
Tue Dec 14 13:06:24 2010
@@ -21,15 +21,13 @@ package org.apache.ws.security.message;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSDocInfo;
+import org.apache.ws.security.WSEncryptionPart;
import org.apache.ws.security.util.WSSecurityUtil;
import org.apache.xml.security.signature.XMLSignatureInput;
import org.apache.xml.security.utils.resolver.ResourceResolverException;
import org.apache.xml.security.utils.resolver.ResourceResolverSpi;
-import org.apache.xml.utils.URI;
import org.w3c.dom.Attr;
-import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
@@ -43,29 +41,11 @@ public class EnvelopeIdResolver extends
private static Log log =
LogFactory.getLog(EnvelopeIdResolver.class.getName());
- private static EnvelopeIdResolver resolver = null;
-
private boolean doDebug = false;
private WSDocInfo wsDocInfo;
/**
- * Singleton instance of the resolver.
- * <p/>
- *
- * @return TODO
- */
- public synchronized static ResourceResolverSpi getInstance() {
- if (resolver == null) {
- resolver = new EnvelopeIdResolver();
- }
- return resolver;
- }
-
- private EnvelopeIdResolver() {
- }
-
- /**
* @param docInfo The WSDocInfo object to be used for resolving elements
*/
public void setWsDocInfo(WSDocInfo docInfo) {
@@ -87,76 +67,33 @@ public class EnvelopeIdResolver extends
doDebug = log.isDebugEnabled();
String uriNodeValue = uri.getNodeValue();
-
if (doDebug) {
log.debug("enter engineResolve, look for: " + uriNodeValue);
}
- Document doc = uri.getOwnerDocument();
-
- /*
- * URI="#chapter1"
- * Identifies a node-set containing the element with ID attribute
- * value 'chapter1' of the XML resource containing the signature.
- * XML Signature (and its applications) modify this node-set to
- * include the element plus all descendants including namespaces and
- * attributes -- but not comments.
- */
-
- /*
- * First check to see if the element that we require is a
SecurityTokenReference, or a
- * previously processed Security Token that is stored in WSDocInfo.
- */
+ //
+ // First check to see if the element that we require is a
SecurityTokenReference, or a
+ // previously processed Security Token that is stored in WSDocInfo.
+ //
String id = uriNodeValue.substring(1);
Element selectedElem = null;
if (wsDocInfo != null) {
selectedElem = wsDocInfo.getTokenElement(id);
}
- /*
- * Then lookup the SOAP Body element (processed by default) and
- * check if it contains a matching Id
- */
if (selectedElem == null) {
- selectedElem = WSSecurityUtil.findBodyElement(doc);
+ WSEncryptionPart part = new WSEncryptionPart(id);
+ selectedElem = WSSecurityUtil.findElement(part,
uri.getOwnerDocument(), true);
if (selectedElem == null) {
throw new ResourceResolverException("generic.EmptyMessage",
- new Object[]{"Body element not found"},
+ new Object[]{"Id: " + id + " not found"},
uri,
BaseURI);
}
- String cId = selectedElem.getAttributeNS(WSConstants.WSU_NS, "Id");
-
- /*
- * If Body Id match fails, look for a generic Id (without a
namespace)
- * that matches the URI. If that lookup fails, try to get a
namespace
- * qualified Id that matches the URI.
- */
- if (!id.equals(cId)) {
- cId = null;
-
- if ((selectedElem = WSSecurityUtil.getElementByWsuId(doc,
uriNodeValue)) != null) {
- cId = selectedElem.getAttributeNS(WSConstants.WSU_NS,
"Id");
- } else if ((selectedElem =
WSSecurityUtil.getElementByGenId(doc, uriNodeValue)) != null) {
- cId = selectedElem.getAttribute("Id");
- }
- if (cId == null) {
- throw new ResourceResolverException("generic.EmptyMessage",
- new Object[]{"Id: " + id + " not found"},
- uri,
- BaseURI);
- }
- }
}
XMLSignatureInput result = new XMLSignatureInput(selectedElem);
result.setMIMEType("text/xml");
- try {
- URI uriNew = new URI(new URI(BaseURI), uri.getNodeValue());
- result.setSourceURI(uriNew.toString());
- } catch (URI.MalformedURIException ex) {
- result.setSourceURI(BaseURI);
- }
if (doDebug) {
log.debug("exit engineResolve, result: " + result);
}
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java?rev=1049075&r1=1049074&r2=1049075&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
Tue Dec 14 13:06:24 2010
@@ -412,40 +412,19 @@ public class WSSecEncrypt extends WSSecE
List<String> encDataRef = new ArrayList<String>();
for (int part = 0; part < references.size(); part++) {
WSEncryptionPart encPart = references.get(part);
-
- String idToEnc = encPart.getId();
- String elemName = encPart.getName();
- String nmSpace = encPart.getNamespace();
- String modifier = encPart.getEncModifier();
//
// Get the data to encrypt.
//
- Element elementToEncrypt = null;
- if (idToEnc != null) {
- elementToEncrypt =
- WSSecurityUtil.findElementById(
- doc.getDocumentElement(), idToEnc, WSConstants.WSU_NS,
false
- );
- if (elementToEncrypt == null) {
- elementToEncrypt =
- WSSecurityUtil.findElementById(
- doc.getDocumentElement(), idToEnc, null, false
- );
- }
- } else {
- elementToEncrypt =
- (Element) WSSecurityUtil.findElement(
- doc.getDocumentElement(), elemName, nmSpace
- );
- }
+ Element elementToEncrypt = WSSecurityUtil.findElement(encPart,
doc, false);
if (elementToEncrypt == null) {
throw new WSSecurityException(
WSSecurityException.FAILURE,
"noEncElement",
- new Object[] {"{" + nmSpace + "}" + elemName}
+ new Object[] {"{" + encPart.getNamespace() + "}" +
encPart.getName()}
);
}
+ String modifier = encPart.getEncModifier();
boolean content = modifier.equals("Content") ? true : false;
//
// Encrypt data, and set necessary attributes in xenc:EncryptedData
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecSignatureBase.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecSignatureBase.java?rev=1049075&r1=1049074&r2=1049075&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecSignatureBase.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecSignatureBase.java
Tue Dec 14 13:06:24 2010
@@ -95,46 +95,31 @@ public class WSSecSignatureBase extends
// names: "STRTransform": Setup the ds:Reference to use STR
Transform
//
try {
- if (idToSign != null && !"STRTransform".equals(elemName)) {
- Element toSignById =
- WSSecurityUtil.findElementById(
- envelope, idToSign, WSConstants.WSU_NS, false
- );
- if (toSignById == null) {
- toSignById =
- WSSecurityUtil.findElementById(
- envelope, idToSign, null, false
+ if (idToSign != null) {
+ Transform transform = null;
+ if ("STRTransform".equals(elemName)) {
+ Element ctx = createSTRParameter(doc);
+
+ XMLStructure structure = new DOMStructure(ctx);
+ transform =
+ signatureFactory.newTransform(
+ STRTransform.TRANSFORM_URI,
+ structure
+ );
+ } else {
+ TransformParameterSpec transformSpec = null;
+ if (wssConfig.isWsiBSPCompliant()) {
+ Element toSignById =
+ WSSecurityUtil.findElementById(envelope,
idToSign, false);
+ List<String> prefixes =
getInclusivePrefixes(toSignById);
+ transformSpec = new ExcC14NParameterSpec(prefixes);
+ }
+ transform =
+ signatureFactory.newTransform(
+ WSConstants.C14N_EXCL_OMIT_COMMENTS,
+ transformSpec
);
}
- TransformParameterSpec transformSpec = null;
- if (wssConfig.isWsiBSPCompliant()) {
- List<String> prefixes =
getInclusivePrefixes(toSignById);
- transformSpec = new ExcC14NParameterSpec(prefixes);
- }
- Transform transform =
- signatureFactory.newTransform(
- WSConstants.C14N_EXCL_OMIT_COMMENTS,
- transformSpec
- );
- javax.xml.crypto.dsig.Reference reference =
- signatureFactory.newReference(
- "#" + idToSign,
- digestMethod,
- Collections.singletonList(transform),
- null,
- null
- );
- referenceList.add(reference);
- } else if (idToSign != null &&
elemName.equals("STRTransform")) {
- Element ctx = createSTRParameter(doc);
-
- XMLStructure structure = new DOMStructure(ctx);
- Transform transform =
- signatureFactory.newTransform(
- STRTransform.TRANSFORM_URI,
- structure
- );
-
javax.xml.crypto.dsig.Reference reference =
signatureFactory.newReference(
"#" + idToSign,
@@ -147,7 +132,7 @@ public class WSSecSignatureBase extends
} else {
String nmSpace = encPart.getNamespace();
Element elementToSign =
- (Element)WSSecurityUtil.findElement(envelope,
elemName, nmSpace);
+ WSSecurityUtil.findElement(encPart, doc, false);
if (elementToSign == null) {
throw new WSSecurityException(
WSSecurityException.FAILURE,
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityTokenReference.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityTokenReference.java?rev=1049075&r1=1049074&r2=1049075&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityTokenReference.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityTokenReference.java
Tue Dec 14 13:06:24 2010
@@ -284,12 +284,7 @@ public class SecurityTokenReference {
//
// Finally try to find the element by its (wsu) Id
//
- Element tokElement = WSSecurityUtil.getElementByWsuId(doc, uri);
- if (tokElement == null) {
- tokElement = WSSecurityUtil.getElementByGenId(doc, uri);
- }
-
- return tokElement;
+ return WSSecurityUtil.findElementById(doc.getDocumentElement(), uri,
true);
}
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/ReferenceListProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/ReferenceListProcessor.java?rev=1049075&r1=1049074&r2=1049075&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/ReferenceListProcessor.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/ReferenceListProcessor.java
Tue Dec 14 13:06:24 2010
@@ -179,10 +179,8 @@ public class ReferenceListProcessor impl
Document doc,
String dataRefURI
) throws WSSecurityException {
- Element encryptedDataElement = WSSecurityUtil.getElementByGenId(doc,
dataRefURI);
- if (encryptedDataElement == null) {
- encryptedDataElement = WSSecurityUtil.getElementByWsuId(doc,
dataRefURI);
- }
+ Element encryptedDataElement =
+ WSSecurityUtil.findElementById(doc.getDocumentElement(),
dataRefURI, true);
if (encryptedDataElement == null) {
throw new WSSecurityException(
WSSecurityException.INVALID_SECURITY, "dataRef", new Object[]
{dataRefURI}
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/SignatureProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/SignatureProcessor.java?rev=1049075&r1=1049074&r2=1049075&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/SignatureProcessor.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/SignatureProcessor.java
Tue Dec 14 13:06:24 2010
@@ -880,10 +880,10 @@ public class SignatureProcessor implemen
}
if (se == null) {
- se = WSSecurityUtil.getElementByWsuId(doc, uri);
- }
- if (se == null) {
- se = WSSecurityUtil.getElementByGenId(doc, uri);
+ se =
+ WSSecurityUtil.findElementById(
+ doc.getDocumentElement(), uri, false
+ );
}
if (se == null) {
throw new
WSSecurityException(WSSecurityException.FAILED_CHECK);
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/util/WSSecurityUtil.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/util/WSSecurityUtil.java?rev=1049075&r1=1049074&r2=1049075&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/util/WSSecurityUtil.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/util/WSSecurityUtil.java
Tue Dec 14 13:06:24 2010
@@ -26,6 +26,7 @@ import org.apache.ws.security.SOAP12Cons
import org.apache.ws.security.SOAPConstants;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSDataRef;
+import org.apache.ws.security.WSEncryptionPart;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.WSSConfig;
@@ -213,14 +214,49 @@ public class WSSecurityUtil {
//
Element docElement = doc.getDocumentElement();
String ns = docElement.getNamespaceURI();
- String bodyNamespace = WSConstants.URI_SOAP11_ENV;
- if (WSConstants.URI_SOAP12_ENV.equals(ns)) {
- bodyNamespace = ns;
+ return getDirectChildElement(docElement, WSConstants.ELEM_BODY, ns);
+ }
+
+
+ /**
+ * Find the DOM Element in the SOAP Envelope that is referenced by the
+ * WSEncryptionPart argument. The "Id" is used before the Element
localname/namespace.
+ *
+ * @param part The WSEncryptionPart object corresponding to the DOM
Element we want
+ * @param doc The owning document
+ * @param checkMultipleElements Whether to check for multiple elements or
not
+ * @return the DOM Element in the SOAP Envelope that is found
+ */
+ public static Element findElement(
+ WSEncryptionPart part, Document doc, boolean checkMultipleElements
+ ) {
+ String id = part.getId();
+ String elemName = part.getName();
+ String nmSpace = part.getNamespace();
+
+ // Try to find the SOAP body first
+ Element bodyElement = WSSecurityUtil.findBodyElement(doc);
+ if (bodyElement != null) {
+ if (id != null) {
+ String cId = bodyElement.getAttributeNS(WSConstants.WSU_NS,
"Id");
+ if (cId.equals(id)) {
+ return bodyElement;
+ }
+ } else {
+ if (WSConstants.ELEM_BODY.equals(elemName) &&
+ bodyElement.getNamespaceURI().equals(nmSpace)) {
+ return bodyElement;
+ }
+ }
}
- return getDirectChildElement(docElement, WSConstants.ELEM_BODY,
bodyNamespace);
+ if (id != null) {
+ return WSSecurityUtil.findElementById(doc.getDocumentElement(),
id, checkMultipleElements);
+ } else {
+ return
+ (Element) WSSecurityUtil.findElement(doc.getDocumentElement(),
elemName, nmSpace);
+ }
}
-
/**
* Returns the first element that matches <code>name</code> and
@@ -344,9 +380,9 @@ public class WSSecurityUtil {
/**
* Returns the single element that contains an Id with value
- * <code>uri</code> and <code>namespace</code>. <p/> This is a
- * replacement for a XPath Id lookup with the given namespace. It's
somewhat
- * faster than XPath, and we do not deal with prefixes, just with the real
+ * <code>uri</code> and <code>namespace</code>. The Id can be either a
wsu:Id or an Id
+ * with no namespace. This is a replacement for a XPath Id lookup with the
given namespace.
+ * It's somewhat faster than XPath, and we do not deal with prefixes, just
with the real
* namespace URI
*
* If checkMultipleElements is true and there are multiple elements, we
log a
@@ -354,14 +390,13 @@ public class WSSecurityUtil {
*
* @param startNode Where to start the search
* @param value Value of the Id attribute
- * @param namespace Namespace URI of the Id
* @param checkMultipleElements If true then go through the entire tree
and return
* null if there are multiple elements with the same Id
* @return The found element if there was exactly one match, or
* <code>null</code> otherwise
*/
public static Element findElementById(
- Node startNode, String value, String namespace, boolean
checkMultipleElements
+ Node startNode, String value, boolean checkMultipleElements
) {
//
// Replace the formerly recursive implementation with a
depth-first-loop lookup
@@ -369,13 +404,18 @@ public class WSSecurityUtil {
Node startParent = startNode.getParentNode();
Node processedNode = null;
Element foundElement = null;
+ String id = getIDFromReference(value);
while (startNode != null) {
// start node processing at this point
if (startNode.getNodeType() == Node.ELEMENT_NODE) {
Element se = (Element) startNode;
- String attributeNS = se.getAttributeNS(namespace, "Id");
- if (!"".equals(attributeNS) && value.equals(attributeNS)) {
+ // Try the wsu:Id first
+ String attributeNS = se.getAttributeNS(WSConstants.WSU_NS,
"Id");
+ if ("".equals(attributeNS) || !id.equals(attributeNS)) {
+ attributeNS = se.getAttributeNS(null, "Id");
+ }
+ if (!"".equals(attributeNS) && id.equals(attributeNS)) {
if (!checkMultipleElements) {
return se;
} else if (foundElement == null) {
@@ -526,40 +566,6 @@ public class WSSecurityUtil {
return prefix + ":" + qname.getLocalPart();
}
- /* up to here */
-
- /**
- * Search for an element given its wsu:id. <p/>
- *
- * @param doc the DOM document (SOAP request)
- * @param id the Id of the element
- * @return the found element or null if no element with the Id exists
- */
- public static Element getElementByWsuId(Document doc, String id) {
- return getElementByWsuId(doc, id, true);
- }
-
- /**
- * Search for an element given its wsu:id. <p/>
- *
- * @param doc the DOM document (SOAP request)
- * @param id the Id of the element
- * @param checkMultipleElements If true then returns null if there are
multiple
- * elements with the same id
- * @return the found element or null if no element with the Id exists
- */
- public static Element getElementByWsuId(
- Document doc, String id, boolean checkMultipleElements
- ) {
- if (id == null) {
- return null;
- }
- id = getIDFromReference(id);
- return WSSecurityUtil.findElementById(
- doc.getDocumentElement(), id, WSConstants.WSU_NS,
checkMultipleElements
- );
- }
-
/**
* Turn a reference (eg "#5") into an ID (eg "5").
*
@@ -579,39 +585,6 @@ public class WSSecurityUtil {
}
/**
- * Search for an element given its generic id. <p/>
- *
- * @param doc the DOM document (SOAP request)
- * @param id the Id of the element
- * @return the found element or null if no element with the Id exists
- */
- public static Element getElementByGenId(Document doc, String id) {
- return getElementByGenId(doc, id, true);
- }
-
- /**
- * Search for an element given its generic id. <p/>
- *
- * @param doc the DOM document (SOAP request)
- * @param id the Id of the element
- * @param checkMultipleElements If true then returns null if there are
multiple
- * elements with the same id
- *
- * @return the found element or null if no element with the Id exists
- */
- public static Element getElementByGenId(
- Document doc, String id, boolean checkMultipleElements
- ) {
- if (id == null) {
- return null;
- }
- id = getIDFromReference(id);
- return WSSecurityUtil.findElementById(
- doc.getDocumentElement(), id, null, checkMultipleElements
- );
- }
-
- /**
* create a new element in the same namespace <p/>
*
* @param parent for the new element
Modified:
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SecurityContextTokenTest.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SecurityContextTokenTest.java?rev=1049075&r1=1049074&r2=1049075&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SecurityContextTokenTest.java
(original)
+++
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SecurityContextTokenTest.java
Tue Dec 14 13:06:24 2010
@@ -19,8 +19,6 @@
package org.apache.ws.security.message;
-import java.security.SecureRandom;
-
import javax.xml.crypto.dsig.SignatureMethod;
import org.apache.commons.logging.Log;
@@ -32,6 +30,7 @@ import org.apache.ws.security.common.SOA
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.conversation.ConversationConstants;
+import org.apache.ws.security.util.WSSecurityUtil;
import org.w3c.dom.Document;
/**
@@ -94,9 +93,7 @@ public class SecurityContextTokenTest ex
WSSecSecurityContextToken sctBuilder = new
WSSecSecurityContextToken();
sctBuilder.prepare(doc, crypto);
- SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
- byte[] tempSecret = new byte[16];
- random.nextBytes(tempSecret);
+ byte[] tempSecret = WSSecurityUtil.generateNonce(16);
// Store the secret
callbackHandler.addSecretKey(sctBuilder.getIdentifier(),
tempSecret);
@@ -133,9 +130,7 @@ public class SecurityContextTokenTest ex
WSSecSecurityContextToken sctBuilder = new
WSSecSecurityContextToken();
sctBuilder.prepare(doc, crypto);
- SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
- byte[] tempSecret = new byte[16];
- random.nextBytes(tempSecret);
+ byte[] tempSecret = WSSecurityUtil.generateNonce(16);
// Store the secret
callbackHandler.addSecretKey(sctBuilder.getIdentifier(),
tempSecret);
@@ -176,9 +171,7 @@ public class SecurityContextTokenTest ex
WSSecSecurityContextToken sctBuilder = new
WSSecSecurityContextToken();
sctBuilder.prepare(doc, crypto);
- SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
- byte[] tempSecret = new byte[16];
- random.nextBytes(tempSecret);
+ byte[] tempSecret = WSSecurityUtil.generateNonce(16);
// Store the secret
callbackHandler.addSecretKey(sctBuilder.getIdentifier(),
tempSecret);
@@ -216,9 +209,7 @@ public class SecurityContextTokenTest ex
WSSecSecurityContextToken sctBuilder = new
WSSecSecurityContextToken();
sctBuilder.prepare(doc, crypto);
- SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
- byte[] tempSecret = new byte[16];
- random.nextBytes(tempSecret);
+ byte[] tempSecret = WSSecurityUtil.generateNonce(16);
// Store the secret
callbackHandler.addSecretKey(sctBuilder.getIdentifier(),
tempSecret);
@@ -261,9 +252,7 @@ public class SecurityContextTokenTest ex
WSSecSecurityContextToken sctBuilder = new
WSSecSecurityContextToken();
sctBuilder.prepare(doc, crypto);
- SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
- byte[] tempSecret = new byte[16];
- random.nextBytes(tempSecret);
+ byte[] tempSecret = WSSecurityUtil.generateNonce(16);
// Store the secret
callbackHandler.addSecretKey(sctBuilder.getIdentifier(),
tempSecret);
@@ -311,9 +300,7 @@ public class SecurityContextTokenTest ex
WSSecSecurityContextToken sctBuilder = new
WSSecSecurityContextToken();
sctBuilder.prepare(doc, crypto);
- SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
- byte[] tempSecret = new byte[16];
- random.nextBytes(tempSecret);
+ byte[] tempSecret = WSSecurityUtil.generateNonce(16);
// Store the secret
callbackHandler.addSecretKey(sctBuilder.getIdentifier(),
tempSecret);
