Author: werner
Date: Sat Sep 20 04:34:55 2008
New Revision: 697352
URL: http://svn.apache.org/viewvc?rev=697352&view=rev
Log:
A small update to enable the different digest algorithms. Currently SHA-1 is
being phased out, SHA256 is the replacement.
By default the SHA-1 WSSecSignature uses SHA-1.
Refer to TestWSSecurityNew18.java how to use this extension.
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java?rev=697352&r1=697351&r2=697352&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java
Sat Sep 20 04:34:55 2008
@@ -116,6 +116,8 @@
private String customTokenValueType;
private String customTokenId;
+
+ private String digestAlgo = "http://www.w3.org/2000/09/xmldsig#sha1";;
/**
* Constructor.
@@ -200,6 +202,23 @@
return canonAlgo;
}
+ /**
+ * @return the digestAlgo
+ */
+ public String getDigestAlgo() {
+ return digestAlgo;
+ }
+
+ /**
+ * Set the string that defines which digest algorithm to use
+ *
+ * @param digestAlgo the digestAlgo to set
+ */
+ public void setDigestAlgo(String digestAlgo) {
+ this.digestAlgo = digestAlgo;
+ }
+
+
/**
* @param usernameToken
* The usernameToken to set.
@@ -492,7 +511,7 @@
getInclusivePrefixes(toSignById))
.getElement());
}
- sig.addDocument("#" + idToSign,
transforms);
+ sig.addDocument("#" + idToSign,
transforms, digestAlgo);
} else if (elemName.equals("Token")) {
transforms
.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
@@ -507,7 +526,7 @@
getInclusivePrefixes(secHeader.getSecurityHeader()))
.getElement());
}
- sig.addDocument("#" + certUri,
transforms);
+ sig.addDocument("#" + certUri,
transforms, digestAlgo);
} else {
if
(wssConfig.isWsiBSPCompliant()) {
transforms.item(0).getElement().appendChild(
@@ -516,13 +535,13 @@
.getElement()))
.getElement());
}
- sig.addDocument("#" +
keyInfoUri, transforms);
+ sig.addDocument("#" +
keyInfoUri, transforms, digestAlgo);
}
} else if (elemName.equals("STRTransform")) {
// STRTransform
Element ctx =
createSTRParameter(document);
transforms.addTransform(
STRTransform.implementedTransformURI, ctx);
- sig.addDocument("#" + strUri,
transforms);
+ sig.addDocument("#" + strUri,
transforms, digestAlgo);
} else if (elemName.equals("Assertion")) { //
Assertion
String id = null;
@@ -546,7 +565,7 @@
String prefix =
WSSecurityUtil.setNamespace(body,
WSConstants.WSU_NS,
WSConstants.WSU_PREFIX);
body.setAttributeNS(WSConstants.WSU_NS,
prefix + ":Id", id);
- sig.addDocument("#" + id, transforms);
+ sig.addDocument("#" + id, transforms,
digestAlgo);
} else {
Element body = (Element)
WSSecurityUtil.findElement(
@@ -564,7 +583,7 @@
getInclusivePrefixes(body))
.getElement());
}
- sig.addDocument("#" + setWsuId(body),
transforms);
+ sig.addDocument("#" + setWsuId(body),
transforms, digestAlgo);
}
} catch (TransformationException e1) {
throw new WSSecurityException(
@@ -837,5 +856,4 @@
this.encrKeySha1value = encrKeySha1value;
}
-
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
