Hello,
I'm using ws4j for decryption and actually I cant recover actor & results from SecurityHeader because i have an error in this line of code :
WSHandlerResult hResult = (WSHandlerResult)results.get(i);
The error is like in subject mail : Class cast exception in : WSHandlerResult hResult = (WSHandlerResult)results.get(i);
My environment is jdk 1.5 and ws4j-1.5.0
The properties file for crypto.properties is :
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.alias=trustedx (safelayer - class 1 root ca demo)
org.apache.ws.security.crypto.merlin.keystore.password=demodemo
org.apache.ws.security.crypto.merlin.file=keystore/trustedx.jks
And the code used is :
package com.safelayer.trustedx.encryption.prova;
import org.apache.axis.Message;
import org.apache.axis.MessageContext;
import org.apache.axis.client.AxisClient;
import org.apache.axis.configuration.NullProvider;
import org.apache.axis.message.SOAPEnvelope;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.message.WSSignEnvelope;
import org.apache.ws.security.message.WSEncryptBody;
import org.apache.ws.security.WSSecurityEngine;
import org.apache.ws.security.WSConstants;
import org.w3c.dom.Document;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.util.Vector;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPMessage;
import javax.xml.transform.dom.DOMSource;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.xml.security.c14n.Canonicalizer;
import com.safelayer.trustedx.encryption.utils.HttpUtils;
import com.safelayer.trustedx.encryption.utils.dataTypeUtils;
public class WSSecuritySample
{
private static final String soapMsg = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>"
+" <SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://www.w3.org/2003/05/soap-envelope\"\n"
+" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\"\n"
+" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">\n"
+" <SOAP-ENV:Body>\n"
+" <sayHello xmlns=\"http://www.safelayer.com/TWS/\">\n"
+" <value xmlns=\"\">Hello world!</value>\n"
+" </sayHello>\n"
+" </SOAP-ENV:Body>\n"
+"</SOAP-ENV:Envelope>\n";
private static final WSSecurityEngine secEngine = new WSSecurityEngine();
private static final Crypto crypto = CryptoFactory.getInstance("cryptoSKI.properties");
//static final Crypto crypto = CryptoFactory.getInstance();
private AxisClient engine = null;
private MessageContext msgContext = null;
public static void main(String[] args)
{
try
{
WSSecuritySample app = new WSSecuritySample();
Message axisMessage = app.getAxisMessage(soapMsg);
SOAPEnvelope unsignedEnvelope = axisMessage.getSOAPEnvelope();
Message Msg = app.encryptSOAPEnvelope(unsignedEnvelope);
System.out.println(Msg.getSOAPPartAsString());
Document decrypted = app.decrypt(Msg);
////////////////////////////////
dataTypeUtils dtu = new dataTypeUtils();
byte[] docBytes = dtu.doc2bytes(decrypted);
System.out.println("\n Decrypted XML :\n null?"+new String(docBytes)+"\n------");
////////////////////////////////
}
catch (Exception e)
{
e.printStackTrace();
}
}
public WSSecuritySample()
{
engine = new AxisClient(new NullProvider());
msgContext = new MessageContext(engine);
}
private Message getAxisMessage(String unsignedEnvelope)
{
InputStream inStream =
new ByteArrayInputStream(unsignedEnvelope.getBytes());
Message axisMessage = new Message(inStream);
axisMessage.setMessageContext(msgContext);
return axisMessage;
}
public Message signSOAPEnvelope(SOAPEnvelope unsignedEnvelope)
throws Exception
{
WSSignEnvelope signer = new WSSignEnvelope(" ");
String alias = "trustedx (safelayer - class 1 root ca demo)";
String password = "demodemo";
signer.setUserInfo(alias, password);
Document doc = unsignedEnvelope.getAsDocument();
Document signedDoc = signer.build(doc, crypto);
HttpUtils hu = new HttpUtils();
Message signedSOAPMsg = (org.apache.axis.Message)hu.toSOAPMessage(signedDoc);
return signedSOAPMsg;
}
@SuppressWarnings("deprecation")
public Message encryptSOAPEnvelope(SOAPEnvelope unsignedEnvelope)
throws Exception
{
WSEncryptBody encrypt = new WSEncryptBody();
String alias = "trustedx (safelayer - class 1 root ca demo)";
String password = "demodemo";
encrypt.setUserInfo(alias, password);
Document doc = unsignedEnvelope.getAsDocument();
Document encryptedDoc = encrypt.build(doc, crypto);
HttpUtils hu = new HttpUtils();
Message encryptedSOAPMsg = (Message)hu.toSOAPMessage(encryptedDoc);
return encryptedSOAPMsg;
}
@SuppressWarnings("deprecation")
public Message signEncryptSOAPEnvelope(SOAPEnvelope unsignedEnvelope, String alias_sign, String password_sign, String alias_enc, String password_enc) throws Exception
{
Document doc = unsignedEnvelope.getAsDocument();
WSSignEnvelope signer = new WSSignEnvelope();
signer.setUserInfo(alias_sign, password_sign);
signer.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
Document signedDoc = signer.build(doc, crypto);
WSEncryptBody encrypt = new WSEncryptBody("trustedx (safelayer - class 1 root ca demo)");
encrypt.setUserInfo(alias_enc, password_enc);
Document encryptedDoc = encrypt.build(signedDoc, crypto);
HttpUtils hu = new HttpUtils();
Message encryptedMsg = (Message)hu.toSOAPMessage(encryptedDoc);
return encryptedMsg;
}
public Document decrypt(Message responseEnvelope) throws Exception{
Document envelope = responseEnvelope.getSOAPEnvelope().getAsDocument();
WSSecurityEngine secEngine = WSSecurityEngine.getInstance();
Crypto crypto = CryptoFactory.getInstance("cryptoSKI.properties");
// javax.security.auth.callback.CallbackHandler
// please refer to the tests for examples of callback handlers
PWCallback cb = new PWCallback();
Vector results = secEngine.processSecurityHeader(envelope, null, cb, crypto);
for (int i = 0; i < results.size(); i++) {
WSHandlerResult hResult = (WSHandlerResult)results.get(i);
String actor = hResult.getActor();
Vector hResults = hResult.getResults();
for (int j = 0; j < hResults.size(); j++) {
WSSecurityEngineResult eResult = (WSSecurityEngineResult)hResults.get(j);
// Note: an encryption action does not have an associated principal
// only Signature and UsernameToken actions return a principal
if (eResult.getAction() != WSConstants.ENCR) {
System.out.println(eResult.getPrincipal().getName());
}
}
}
return envelope;
}
}
ublic class PWCallback implements CallbackHandler {
/**
* @see javax.security.auth.callback.CallbackHandler#handle(javax.security.auth.callback.Callback[])
*/
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof WSPasswordCallback) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
// set the password given a username
if ("trustedx (safelayer - class 1 root ca demo)".equals(pc.getIdentifer())) {
pc.setPassword("demodemo");
}
} else {
throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback");
}
}
}
}
Thanks in advance.
David ComÃn Roig
[EMAIL PROTECTED]
Safelayer Secure Communications S.A.
Edif. World Trade Center (S-4)
Moll de Barcelona s/n
08039 Barcelona (Spain)
Phone: +34 93 508 80 90
Fax: +34 93 508 80 91
http://www.safelayer.com
This email has been digitally signed. You can verify its authenticity by installing Safelayer's Root Certificate:
http://ca.safelayer.com/install_root.html
IMPORTANT NOTICE: This communication contains information which is confidential and may also be privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s) please note that any form of distribution, copying or use of this communication or the information in it is strictly prohibited and may be unlawful. If you have received this communication in error please return it to the sender. The opinions expressed within this communication are not necessarily those expressed by Safelayer Secure Communications.
