Modified: webservices/wss4j/trunk/src/org/apache/ws/security/saml/WSSecSignatureSAML.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/saml/WSSecSignatureSAML.java?rev=806549&r1=806548&r2=806549&view=diff ============================================================================== --- webservices/wss4j/trunk/src/org/apache/ws/security/saml/WSSecSignatureSAML.java (original) +++ webservices/wss4j/trunk/src/org/apache/ws/security/saml/WSSecSignatureSAML.java Fri Aug 21 13:43:42 2009 @@ -27,26 +27,13 @@ import org.apache.ws.security.WSEncryptionPart; import org.apache.ws.security.WSSecurityException; import org.apache.ws.security.components.crypto.Crypto; -import org.apache.ws.security.message.EnvelopeIdResolver; import org.apache.ws.security.message.WSSecHeader; import org.apache.ws.security.message.WSSecSignature; import org.apache.ws.security.message.token.Reference; import org.apache.ws.security.message.token.SecurityTokenReference; import org.apache.ws.security.message.token.X509Security; -import org.apache.ws.security.transform.STRTransform; import org.apache.ws.security.util.WSSecurityUtil; -import org.apache.xml.security.algorithms.SignatureAlgorithm; -import org.apache.xml.security.exceptions.XMLSecurityException; -import org.apache.xml.security.keys.KeyInfo; -import org.apache.xml.security.keys.content.X509Data; -import org.apache.xml.security.keys.content.x509.XMLX509Certificate; -import org.apache.xml.security.signature.XMLSignature; -import org.apache.xml.security.signature.XMLSignatureException; -import org.apache.xml.security.transforms.TransformationException; -import org.apache.xml.security.transforms.Transforms; -import org.apache.xml.security.transforms.params.InclusiveNamespaces; -import org.apache.xml.security.utils.Constants; -import org.apache.xml.security.utils.XMLUtils; + import org.opensaml.SAMLAssertion; import org.opensaml.SAMLException; import org.opensaml.SAMLObject; @@ -58,14 +45,25 @@ import java.security.cert.X509Certificate; import java.util.Iterator; import java.util.List; -import java.util.Set; import java.util.Vector; +import javax.xml.crypto.XMLStructure; +import javax.xml.crypto.dom.DOMStructure; +import javax.xml.crypto.dsig.SignatureMethod; +import javax.xml.crypto.dsig.SignedInfo; +import javax.xml.crypto.dsig.XMLSignContext; +import javax.xml.crypto.dsig.XMLSignatureFactory; +import javax.xml.crypto.dsig.dom.DOMSignContext; +import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory; +import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec; +import javax.xml.crypto.dsig.spec.ExcC14NParameterSpec; + public class WSSecSignatureSAML extends WSSecSignature { private static Log log = LogFactory.getLog(WSSecSignatureSAML.class.getName()); private boolean senderVouches = false; private SecurityTokenReference secRefSaml = null; + private String secRefID = null; private Element samlToken = null; private Crypto userCrypto = null; private Crypto issuerCrypto = null; @@ -117,15 +115,29 @@ WSEncryptionPart encP = new WSEncryptionPart(WSConstants.ELEM_BODY, soapNamespace, "Content"); parts.add(encP); + } else { + for (int i = 0; i < parts.size(); i++) { + WSEncryptionPart part = (WSEncryptionPart)parts.get(i); + if ("STRTransform".equals(part.getName()) && part.getId() == null) { + part.setId(strUri); + } + } } - addReferencesToSign(parts, secHeader); - + // - // The order to prepend is: - signature Element - BinarySecurityToken - // (depends on mode) - SecurityTokenRefrence (depends on mode) - SAML - // token + // Add the STRTransform for the SecurityTokenReference to the SAML assertion + // if it exists // - prependToHeader(secHeader); + if (secRefID != null) { + WSEncryptionPart encP = + new WSEncryptionPart("STRTransform", soapNamespace, "Content"); + encP.setId(secRefID); + parts.add(encP); + } + + List referenceList = addReferencesToSign(parts, secHeader); + + prependSAMLElementsToHeader(secHeader); // // if we have a BST prepend it in front of the Signature according to @@ -134,10 +146,8 @@ if (bstToken != null) { prependBSTElementToHeader(secHeader); } - - prependSAMLElementsToHeader(secHeader); - - computeSignature(); + + computeSignature(referenceList, secHeader, samlToken); return doc; } @@ -184,6 +194,9 @@ document = doc; issuerKeyName = iKeyName; issuerKeyPW = iKeyPW; + + keyInfoFactory = KeyInfoFactory.getInstance("DOM"); + signatureFactory = XMLSignatureFactory.getInstance("DOM"); // // Get some information about the SAML token content. This controls how @@ -245,11 +258,12 @@ } Element e = samlSubj.getKeyInfo(); try { - KeyInfo ki = new KeyInfo(e, null); + org.apache.xml.security.keys.KeyInfo ki = + new org.apache.xml.security.keys.KeyInfo(e, null); if (ki.containsX509Data()) { - X509Data data = ki.itemX509Data(0); - XMLX509Certificate certElem = null; + org.apache.xml.security.keys.content.X509Data data = ki.itemX509Data(0); + org.apache.xml.security.keys.content.x509.XMLX509Certificate certElem = null; if (data != null && data.containsCertificate()) { certElem = data.itemCertificate(0); } @@ -261,7 +275,7 @@ } // TODO: get alias name for cert, check against username set by // caller - } catch (XMLSecurityException e3) { + } catch (Exception e3) { throw new WSSecurityException( WSSecurityException.FAILURE, "invalidSAMLsecurity", @@ -282,9 +296,9 @@ String pubKeyAlgo = certs[0].getPublicKey().getAlgorithm(); log.debug("automatic sig algo detection: " + pubKeyAlgo); if (pubKeyAlgo.equalsIgnoreCase("DSA")) { - sigAlgo = XMLSignature.ALGO_ID_SIGNATURE_DSA; + sigAlgo = WSConstants.DSA; } else if (pubKeyAlgo.equalsIgnoreCase("RSA")) { - sigAlgo = XMLSignature.ALGO_ID_SIGNATURE_RSA; + sigAlgo = WSConstants.RSA; } else { throw new WSSecurityException( WSSecurityException.FAILURE, @@ -296,52 +310,26 @@ } } sig = null; - if (canonAlgo.equals(WSConstants.C14N_EXCL_OMIT_COMMENTS)) { - Element canonElem = - XMLUtils.createElementInSignatureSpace(doc, Constants._TAG_CANONICALIZATIONMETHOD); - - canonElem.setAttribute(Constants._ATT_ALGORITHM, canonAlgo); - - if (wssConfig.isWsiBSPCompliant()) { - Set prefixes = getInclusivePrefixes(secHeader.getSecurityHeader(), false); - - InclusiveNamespaces inclusiveNamespaces = - new InclusiveNamespaces(doc, prefixes); - - canonElem.appendChild(inclusiveNamespaces.getElement()); - } - try { - SignatureAlgorithm signatureAlgorithm = new SignatureAlgorithm(doc, sigAlgo); - sig = new XMLSignature(doc, null, signatureAlgorithm.getElement(), canonElem); - } catch (XMLSecurityException e) { - log.error("", e); - throw new WSSecurityException( - WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, e - ); - } - } else { - try { - sig = new XMLSignature(doc, null, sigAlgo, canonAlgo); - } catch (XMLSecurityException e) { - log.error("", e); - throw new WSSecurityException( - WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, e - ); - } + + try { + C14NMethodParameterSpec c14nSpec = null; + if (wssConfig.isWsiBSPCompliant() && canonAlgo.equals(WSConstants.C14N_EXCL_OMIT_COMMENTS)) { + List prefixes = getInclusivePrefixes(secHeader.getSecurityHeader(), false); + c14nSpec = new ExcC14NParameterSpec(prefixes); + } + + c14nMethod = signatureFactory.newCanonicalizationMethod(canonAlgo, c14nSpec); + } catch (Exception ex) { + log.error("", ex); + throw new WSSecurityException( + WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, ex + ); } - sig.addResourceResolver(EnvelopeIdResolver.getInstance()); - String sigUri = wssConfig.getIdAllocator().createId("Signature-", sig); - sig.setId(sigUri); - - keyInfo = sig.getKeyInfo(); keyInfoUri = wssConfig.getIdAllocator().createSecureId("KeyId-", keyInfo); - keyInfo.setId(keyInfoUri); - secRef = new SecurityTokenReference(doc); strUri = wssConfig.getIdAllocator().createSecureId("STRId-", secRef); secRef.setID(strUri); - certUri = wssConfig.getIdAllocator().createSecureId("CertId-", certs[0]); // @@ -352,13 +340,11 @@ // created STR to the signature and use STR Transform during the // signature // - Transforms transforms = null; try { if (senderVouches) { secRefSaml = new SecurityTokenReference(doc); - String strSamlUri = - wssConfig.getIdAllocator().createSecureId("STRSAMLId-", secRefSaml); - secRefSaml.setID(strSamlUri); + secRefID = wssConfig.getIdAllocator().createSecureId("STRSAMLId-", secRefSaml); + secRefSaml.setID(secRefID); if (WSConstants.X509_KEY_IDENTIFIER == keyIdentifierType) { Element keyId = doc.createElementNS(WSConstants.WSSE_NS, "wsse:KeyIdentifier"); @@ -374,19 +360,10 @@ ref.setValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE); secRefSaml.setReference(ref); } - - Element ctx = createSTRParameter(doc); - transforms = new Transforms(doc); - transforms.addTransform(STRTransform.TRANSFORM_URI, ctx); - sig.addDocument("#" + strSamlUri, transforms); } - } catch (TransformationException e1) { + } catch (Exception ex) { throw new WSSecurityException( - WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, e1 - ); - } catch (XMLSignatureException e1) { - throw new WSSecurityException( - WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, e1 + WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, ex ); } @@ -433,12 +410,11 @@ throw new WSSecurityException(WSSecurityException.FAILURE, "unsupportedKeyId"); } } - keyInfo.addUnknownElement(secRef.getElement()); - - Element keyInfoElement = keyInfo.getElement(); - keyInfoElement.setAttributeNS( - WSConstants.XMLNS_NS, "xmlns:" + WSConstants.SIG_PREFIX, WSConstants.SIG_NS - ); + XMLStructure structure = new DOMStructure(secRef.getElement()); + keyInfo = + keyInfoFactory.newKeyInfo( + java.util.Collections.singletonList(structure), keyInfoUri + ); try { samlToken = (Element) assertion.toDOM(doc); @@ -473,152 +449,71 @@ WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), samlToken); } - /** - * This method adds references to the Signature. - * - * The added references are signed when calling - * <code>computeSignature()</code>. This method can be called several - * times to add references as required. <code>addReferencesToSign()</code> - * can be called anytime after <code>prepare</code>. - * - * @param references - * A list containing <code>WSEncryptionPart</code> objects - * that define the parts to sign. - * @param secHeader - * Used to compute namespaces to be inserted by - * InclusiveNamespaces to be WSI compliant. - * @throws WSSecurityException - */ - public void addReferencesToSign(List references, WSSecHeader secHeader) - throws WSSecurityException { - Transforms transforms = null; - - Element envelope = document.getDocumentElement(); - for (int part = 0; part < parts.size(); part++) { - WSEncryptionPart encPart = (WSEncryptionPart) references.get(part); - - String idToSign = encPart.getId(); - - String elemName = encPart.getName(); - String nmSpace = encPart.getNamespace(); - - // - // Set up the elements to sign. There are two reserved element - // names: "Token" and "STRTransform" "Token": Setup the Signature to - // either sign the information that points to the security token or - // the token itself. If its a direct reference sign the token, - // otherwise sign the KeyInfo Element. "STRTransform": Setup the - // ds:Reference to use STR Transform - // - transforms = new Transforms(document); - try { - if (idToSign != null) { - Element toSignById = - WSSecurityUtil.findElementById( - document.getDocumentElement(), idToSign, WSConstants.WSU_NS, false - ); - if (toSignById == null) { - toSignById = - WSSecurityUtil.findElementById( - document.getDocumentElement(), idToSign, null, false - ); - } - transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS); - if (wssConfig.isWsiBSPCompliant()) { - transforms.item(0).getElement().appendChild( - new InclusiveNamespaces( - document, - getInclusivePrefixes(toSignById) - ).getElement()); - } - sig.addDocument("#" + idToSign, transforms); - } else if (elemName.equals("Token")) { - transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS); - if (keyIdentifierType == WSConstants.BST_DIRECT_REFERENCE) { - if (wssConfig.isWsiBSPCompliant()) { - transforms.item(0).getElement().appendChild( - new InclusiveNamespaces( - document, - getInclusivePrefixes(secHeader.getSecurityHeader()) - ).getElement()); - } - sig.addDocument("#" + certUri, transforms); - } else { - if (wssConfig.isWsiBSPCompliant()) { - transforms.item(0).getElement().appendChild( - new InclusiveNamespaces( - document, - getInclusivePrefixes(keyInfo.getElement()) - ).getElement()); - } - sig.addDocument("#" + keyInfoUri, transforms); - } - } else if (elemName.equals("STRTransform")) { // STRTransform - Element ctx = createSTRParameter(document); - transforms.addTransform(STRTransform.TRANSFORM_URI, ctx); - sig.addDocument("#" + strUri, transforms); - } else { - Element body = - (Element) WSSecurityUtil.findElement(envelope, elemName, nmSpace); - if (body == null) { - throw new WSSecurityException( - WSSecurityException.FAILURE, "noEncElement", - new Object[] { nmSpace + ", " + elemName } - ); - } - transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS); - if (wssConfig.isWsiBSPCompliant()) { - transforms.item(0).getElement().appendChild( - new InclusiveNamespaces( - document, - getInclusivePrefixes(body) - ).getElement()); - } - sig.addDocument("#" + setWsuId(body), transforms); - } - } catch (TransformationException e1) { - throw new WSSecurityException( - WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, e1 - ); - } catch (XMLSignatureException e1) { - throw new WSSecurityException( - WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, e1 - ); - } - } - } - + /** * Compute the Signature over the references. * * After references are set this method computes the Signature for them. - * This method can be called anytime after the references were set. See + * This method can be called any time after the references were set. See * <code>addReferencesToSign()</code>. * * @throws WSSecurityException */ - public void computeSignature() throws WSSecurityException { + public void computeSignature(List referenceList, WSSecHeader secHeader, Element assertion) + throws WSSecurityException { boolean remove = WSDocInfoStore.store(wsDocInfo); - try { + java.security.Key key; if (senderVouches) { - sig.sign(issuerCrypto.getPrivateKey(issuerKeyName, issuerKeyPW)); + key = issuerCrypto.getPrivateKey(issuerKeyName, issuerKeyPW); } else { - sig.sign(userCrypto.getPrivateKey(user, password)); + key = userCrypto.getPrivateKey(user, password); } - signatureValue = sig.getSignatureValue(); - } catch (XMLSignatureException e1) { - throw new WSSecurityException( - WSSecurityException.FAILED_SIGNATURE, null, null, e1 - ); - } catch (Exception e1) { + SignatureMethod signatureMethod = + signatureFactory.newSignatureMethod(sigAlgo, null); + SignedInfo signedInfo = + signatureFactory.newSignedInfo(c14nMethod, signatureMethod, referenceList); + + sig = signatureFactory.newXMLSignature( + signedInfo, + keyInfo, + null, + wssConfig.getIdAllocator().createId("SIG-", null), + null); + + org.w3c.dom.Element securityHeaderElement = secHeader.getSecurityHeader(); + // + // Prepend the signature element to the security header (after the assertion) + // + XMLSignContext signContext = null; + if (assertion != null && assertion.getNextSibling() != null) { + signContext = + new DOMSignContext(key, securityHeaderElement, assertion.getNextSibling()); + } else { + signContext = new DOMSignContext(key, securityHeaderElement); + } + signContext.putNamespacePrefix(WSConstants.SIG_NS, WSConstants.SIG_PREFIX); + if (WSConstants.C14N_EXCL_OMIT_COMMENTS.equals(canonAlgo)) { + signContext.putNamespacePrefix( + WSConstants.C14N_EXCL_OMIT_COMMENTS, + WSConstants.C14N_EXCL_OMIT_COMMENTS_PREFIX + ); + } + sig.sign(signContext); + + signatureValue = sig.getSignatureValue().getValue(); + } catch (Exception ex) { + log.error(ex); throw new WSSecurityException( - WSSecurityException.FAILED_SIGNATURE, null, null, e1 + WSSecurityException.FAILED_SIGNATURE, null, null, ex ); } finally { if (remove) { WSDocInfoStore.delete(wsDocInfo); } } + } + + }
Added: webservices/wss4j/trunk/src/org/apache/ws/security/transform/STRApacheTransform.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/transform/STRApacheTransform.java?rev=806549&view=auto ============================================================================== --- webservices/wss4j/trunk/src/org/apache/ws/security/transform/STRApacheTransform.java (added) +++ webservices/wss4j/trunk/src/org/apache/ws/security/transform/STRApacheTransform.java Fri Aug 21 13:43:42 2009 @@ -0,0 +1,65 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ws.security.transform; + +import org.jcp.xml.dsig.internal.dom.ApacheTransform; +import org.jcp.xml.dsig.internal.dom.DOMUtils; + +import org.w3c.dom.Element; + +import java.security.InvalidAlgorithmParameterException; + +import javax.xml.crypto.MarshalException; +import javax.xml.crypto.XMLCryptoContext; +import javax.xml.crypto.XMLStructure; +import javax.xml.crypto.dsig.spec.TransformParameterSpec; + + +/** + * Class STRApacheTransform. + */ +public class STRApacheTransform extends ApacheTransform { + + public static final String TRANSFORM_URI = + "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform";; + + private Element elem; + + public void init(TransformParameterSpec params) + throws InvalidAlgorithmParameterException { + + this.params = params; + } + + public void init(XMLStructure parent, XMLCryptoContext context) + throws InvalidAlgorithmParameterException { + + super.init(parent, context); + elem = transformElem; + } + + public void marshalParams(XMLStructure parent, XMLCryptoContext context) + throws MarshalException { + + super.marshalParams(parent, context); + DOMUtils.appendChild(transformElem, elem); + } + +} Propchange: webservices/wss4j/trunk/src/org/apache/ws/security/transform/STRApacheTransform.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: webservices/wss4j/trunk/src/org/apache/ws/security/transform/STRApacheTransform.java ------------------------------------------------------------------------------ svn:keywords = Rev Date Modified: webservices/wss4j/trunk/src/org/apache/ws/security/transform/STRTransform.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/transform/STRTransform.java?rev=806549&r1=806548&r2=806549&view=diff ============================================================================== --- webservices/wss4j/trunk/src/org/apache/ws/security/transform/STRTransform.java (original) +++ webservices/wss4j/trunk/src/org/apache/ws/security/transform/STRTransform.java Fri Aug 21 13:43:42 2009 @@ -46,6 +46,7 @@ import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; + /** * Class STRTransform * @@ -87,6 +88,7 @@ protected String engineGetURI() { return STRTransform.TRANSFORM_URI; } + /** * Method enginePerformTransform @@ -198,7 +200,7 @@ // // Alert: Hacks ahead According to WSS spec an Apex node must - // contain a default namespace. If none is availabe in the first + // contain a default namespace. If none is available in the first // node of the c14n output (this is the apex element) then we do // some editing to insert an empty default namespace // @@ -234,7 +236,13 @@ log.debug("last result: "); log.debug(bf1); } - return new XMLSignatureInput(bf1.getBytes()); + XMLSignatureInput output = new XMLSignatureInput(bf1.getBytes()); + // + // HACK-2 - Need to fool the ApacheTransform class that this XMLSignatureInput + // returns a node-set + // + output.setNodeSet(true); + return output; } // End of HACK catch (WSSecurityException ex) { @@ -324,7 +332,7 @@ String prefix = WSSecurityUtil.setNamespace(secRefE, WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX); Element elem = doc.createElementNS(WSConstants.WSSE_NS, prefix + ":BinarySecurityToken"); - elem.setAttribute("ValueType", X509Security.X509_V3_TYPE); + elem.setAttributeNS(null, "ValueType", X509Security.X509_V3_TYPE); Text certText = doc.createTextNode(Base64.encode(data)); // no line wrap elem.appendChild(certText); return elem; Modified: webservices/wss4j/trunk/src/org/apache/ws/security/util/WSSecurityUtil.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/util/WSSecurityUtil.java?rev=806549&r1=806548&r2=806549&view=diff ============================================================================== --- webservices/wss4j/trunk/src/org/apache/ws/security/util/WSSecurityUtil.java (original) +++ webservices/wss4j/trunk/src/org/apache/ws/security/util/WSSecurityUtil.java Fri Aug 21 13:43:42 2009 @@ -31,7 +31,6 @@ import org.apache.ws.security.WSSConfig; import org.apache.ws.security.handler.WSHandlerConstants; import org.apache.xml.security.algorithms.JCEMapper; -import org.apache.xml.security.signature.XMLSignature; import org.w3c.dom.Attr; import org.w3c.dom.Document; import org.w3c.dom.Element; @@ -149,18 +148,18 @@ /** * Gets a direct child with specified localname and namespace. <p/> * - * @param fNode the node where to start the search + * @param parentNode the node where to start the search * @param localName local name of the child to get * @param namespace the namespace of the child to get * @return the node or <code>null</code> if not such node found */ public static Element getDirectChildElement( - Node fNode, + Node parentNode, String localName, String namespace ) { for ( - Node currentChild = fNode.getFirstChild(); + Node currentChild = parentNode.getFirstChild(); currentChild != null; currentChild = currentChild.getNextSibling() ) { @@ -950,15 +949,15 @@ return 24; } else if (algorithm.equals(WSConstants.AES_256)) { return 32; - } else if (XMLSignature.ALGO_ID_MAC_HMAC_SHA1.equals(algorithm)) { + } else if (WSConstants.HMAC_SHA1.equals(algorithm)) { return 20; - } else if (XMLSignature.ALGO_ID_MAC_HMAC_SHA256.equals(algorithm)) { + } else if (WSConstants.HMAC_SHA256.equals(algorithm)) { return 32; - } else if (XMLSignature.ALGO_ID_MAC_HMAC_SHA384.equals(algorithm)) { + } else if (WSConstants.HMAC_SHA384.equals(algorithm)) { return 48; - } else if (XMLSignature.ALGO_ID_MAC_HMAC_SHA512.equals(algorithm)) { + } else if (WSConstants.HMAC_SHA512.equals(algorithm)) { return 64; - } else if (XMLSignature.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5.equals(algorithm)) { + } else if (WSConstants.HMAC_MD5.equals(algorithm)) { return 16; } else { throw new WSSecurityException( Modified: webservices/wss4j/trunk/test/wssec/TestWSSecurityNew6.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/wssec/TestWSSecurityNew6.java?rev=806549&r1=806548&r2=806549&view=diff ============================================================================== --- webservices/wss4j/trunk/test/wssec/TestWSSecurityNew6.java (original) +++ webservices/wss4j/trunk/test/wssec/TestWSSecurityNew6.java Fri Aug 21 13:43:42 2009 @@ -104,8 +104,22 @@ secHeader.insertSecurityHeader(doc); Document encryptedDoc = encrypt.build(doc, crypto, secHeader); + + if (LOG.isDebugEnabled()) { + LOG.debug("After Encryption...."); + String outputString = + org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc); + LOG.debug(outputString); + } + Document encryptedSignedDoc = sign.build(encryptedDoc, crypto, secHeader); - LOG.info("After Encryption...."); + + if (LOG.isDebugEnabled()) { + LOG.debug("After Signing...."); + String outputString = + org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedSignedDoc); + LOG.debug(outputString); + } verify(encryptedSignedDoc); } --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
