| Methods Summary |
|---|
| private byte[] | computeKey(com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse rstr, com.sun.xml.ws.security.trust.elements.RequestedProofToken proofToken, com.sun.xml.ws.security.trust.elements.RequestSecurityToken rst)
// get ComputeKey algorithm URI, client entropy, server entropy and compute
// the SecretKey
final URI computedKey = proofToken.getComputedKey();
final Entropy clientEntropy = rst.getEntropy();
final Entropy serverEntropy = rstr.getEntropy();
final BinarySecret clientBS = clientEntropy.getBinarySecret();
final BinarySecret serverBS = serverEntropy.getBinarySecret();
byte [] clientEntr = null;
byte [] serverEntr = null;
if(clientBS!=null){
clientEntr = clientBS.getRawValue();
}
if(serverBS!=null){
serverEntr = serverBS.getRawValue();
}
byte[] key = null;
int keySize = (int)rstr.getKeySize();
if(keySize == 0){
keySize = (int)rst.getKeySize();//get it from the request
}
if(keySize == 0){
keySize = DEFAULT_KEY_SIZE;//key size is in bits
}
if (log.isLoggable(Level.FINE)) {
log.log(Level.FINE,
LogStringsMessages.WSSC_0005_COMPUTED_KEYSIZE(keySize, DEFAULT_KEY_SIZE));
}
if(computedKey.toString().equals(WSTrustConstants.CK_PSHA1)){
try {
key = SecurityUtil.P_SHA1(clientEntr,serverEntr, keySize/8);
} catch (Exception ex) {
log.log(Level.SEVERE,
LogStringsMessages.WSSC_0006_UNABLETOEXTRACT_KEY(), ex);
throw new WSSecureConversationException(LogStringsMessages.WSSC_0006_UNABLETOEXTRACT_KEY(), ex);
}
} else {
log.log(Level.SEVERE,
LogStringsMessages.WSSC_0026_UNSUPPORTED_COMPUTED_KEY(computedKey));
throw new WSSecureConversationException(LogStringsMessages.WSSC_0026_UNSUPPORTED_COMPUTED_KEY_E(computedKey));
}
return key;
|
| public boolean | containsChallenge(com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse rstr)Contains Challenge
return false;
|
| public com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse | createRSTRForClientInitiatedIssuedTokenContext(com.sun.xml.ws.policy.impl.bindings.AppliesTo scopes, com.sun.xml.ws.security.IssuedTokenContext context)Create an RSTR for a client initiated IssuedTokenContext establishment,
for example a Client Initiated WS-SecureConversation context.
final WSSCElementFactory eleFac = WSSCElementFactory.newInstance();
final byte[] secret = WSTrustUtil.generateRandomSecret(DEFAULT_KEY_SIZE);
final BinarySecret binarySecret = eleFac.createBinarySecret(secret, BinarySecret.SYMMETRIC_KEY_TYPE);
final RequestedProofToken proofToken = eleFac.createRequestedProofToken();
proofToken.setProofTokenType(RequestedProofToken.BINARY_SECRET_TYPE);
proofToken.setBinarySecret(binarySecret);
final SecurityContextToken token = WSTrustUtil.createSecurityContextToken(eleFac);
final RequestedSecurityToken rst = eleFac.createRequestedSecurityToken(token);
final RequestSecurityTokenResponse rstr = eleFac.createRSTR();
rstr.setAppliesTo(scopes);
rstr.setRequestedSecurityToken(rst);
rstr.setRequestedProofToken(proofToken);
context.setSecurityToken(token);
context.setProofKey(secret);
if (log.isLoggable(Level.FINE)) {
log.log(Level.FINE,
LogStringsMessages.WSSC_0007_CREATED_RSTR(rstr.toString()));
}
return rstr;
|
| public java.net.URI | getComputedKeyAlgorithmFromProofToken(com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse rstr)Return the <wst:ComputedKey> URI if any inside the RSTR, null otherwise
return null;
|
| private byte[] | getKey(com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse rstr, com.sun.xml.ws.security.trust.elements.RequestedProofToken proofToken, com.sun.xml.ws.security.trust.elements.RequestSecurityToken rst)
byte[] key = null;
if (proofToken != null){
final String proofTokenType = proofToken.getProofTokenType();
if (RequestedProofToken.COMPUTED_KEY_TYPE.equals(proofTokenType)){
key = computeKey(rstr, proofToken, rst);
} else if (RequestedProofToken.TOKEN_REF_TYPE.equals(proofTokenType)){
//ToDo
throw new UnsupportedOperationException("To Do");
} else if (RequestedProofToken.ENCRYPTED_KEY_TYPE.equals(proofTokenType)){
//ToDo
throw new UnsupportedOperationException("To Do");
} else if (RequestedProofToken.BINARY_SECRET_TYPE.equals(proofTokenType)){
final BinarySecret binarySecret = proofToken.getBinarySecret();
key = binarySecret.getRawValue();
} else{
log.log(Level.SEVERE,
LogStringsMessages.WSSC_0003_INVALID_PROOFTOKEN(proofTokenType));
throw new WSSecureConversationException(LogStringsMessages.WSSC_0003_INVALID_PROOFTOKEN(proofTokenType));
}
}
return key;
|
| public void | handleRSTR(com.sun.xml.ws.security.trust.elements.RequestSecurityToken rst, com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse rstr, com.sun.xml.ws.security.IssuedTokenContext context)Handle an RSTR returned by the Issuer and update Token information into the
IssuedTokenContext.
if (rst.getRequestType().toString().equals(WSTrustConstants.ISSUE_REQUEST)){
// ToDo
//final AppliesTo requestAppliesTo = rst.getAppliesTo();
//final AppliesTo responseAppliesTo = rstr.getAppliesTo();
final RequestedSecurityToken securityToken = rstr.getRequestedSecurityToken();
// Requested References
final RequestedAttachedReference attachedRef = rstr.getRequestedAttachedReference();
final RequestedUnattachedReference unattachedRef = rstr.getRequestedUnattachedReference();
// RequestedProofToken
final RequestedProofToken proofToken = rstr.getRequestedProofToken();
// Obtain the secret key for the context
final byte[] key = getKey(rstr, proofToken, rst);
if(key != null){
context.setProofKey(key);
}
//get the creation time and expires time and set it in the context
setLifetime(rstr, context);
if(securityToken == null && proofToken == null){
log.log(Level.SEVERE,
LogStringsMessages.WSSC_0002_NULL_TOKEN());
throw new WSSecureConversationException(LogStringsMessages.WSSC_0002_NULL_TOKEN());
}
if (securityToken != null){
context.setSecurityToken(securityToken.getToken());
}
if(attachedRef != null){
context.setAttachedSecurityTokenReference(attachedRef.getSTR());
}
if (unattachedRef != null){
context.setUnAttachedSecurityTokenReference(unattachedRef.getSTR());
}
}else if (rst.getRequestType().toString().equals(WSTrustConstants.CANCEL_REQUEST)){
// Check if the rstr contains the RequestTedTokenCancelled element
// if yes cleanup the IssuedTokenContext accordingly
final RequestedTokenCancelled cancelled = rstr.getRequestedTokenCancelled();
if(cancelled!=null){
context.setSecurityToken(null);
context.setProofKey(null);
}
}
|
| public com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse | handleRSTRForNegotiatedExchange(com.sun.xml.ws.security.trust.elements.RequestSecurityToken rst, com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse rstr, com.sun.xml.ws.security.IssuedTokenContext context)Handle an RSTR returned by the Issuer and Respond to the Challenge
return null;
|
| private void | setLifetime(com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse rstr, com.sun.xml.ws.security.IssuedTokenContext context)
// Get Created and Expires from Lifetime
try{
final Lifetime lifetime = rstr.getLifetime();
final AttributedDateTime created = lifetime.getCreated();
final AttributedDateTime expires = lifetime.getExpires();
synchronized (calendarFormatter){
final Date dateCreated = calendarFormatter.parse(created.getValue());
final Date dateExpires = calendarFormatter.parse(expires.getValue());
// populate the IssuedTokenContext
context.setCreationTime(dateCreated);
context.setExpirationTime(dateExpires);
}
}catch(ParseException ex){
log.log(Level.SEVERE,
LogStringsMessages.WSSC_0004_PARSE_EXCEPTION(), ex);
throw new WSSecureConversationException(LogStringsMessages.WSSC_0004_PARSE_EXCEPTION(), ex);
}
|
