📄 wssecurity.java
字号:
// Decompiled by Jad v1.5.7g. Copyright 2000 Pavel Kouznetsov.
// Jad home page: http://www.geocities.com/SiliconValley/Bridge/8617/jad.html
// Decompiler options: packimports(3) fieldsfirst ansi
// Source File Name: WSSecurity.java
package com.koalii.sdxp.ws.WSAxis;
import com.verisign.datatypes.*;
import com.verisign.domutil.DOMCursor;
import com.verisign.domutil.DOMWriteCursor;
import com.verisign.messaging.*;
import com.verisign.util.InternalRuntimeException;
import com.verisign.util.Namespaces;
import com.verisign.uuid.UUID;
import com.verisign.xmlenc.*;
import com.verisign.xmlsig.*;
import com.verisign.xmlsig.Signer;
import com.verisign.xpath.XPath;
import com.verisign.xpath.XPathException;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.*;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.X509EncodedKeySpec;
import java.util.*;
import org.w3c.dom.Document;
import org.xmltrustcenter.verifier.TrustVerificationException;
import org.xmltrustcenter.verifier.TrustVerifier;
// Referenced classes of package com.verisign.messaging:
// MessageValidity, XmlMessageException, SOAPMessage, MessageSecurity
public class WSSecurity
implements MessageSecurity
{
private static String WSSE_URI = "http://schemas.xmlsoap.org/ws/2002/07/secext";
private static String WSSE_PREFIX = "wsse";
private static String WSU_URI = "http://schemas.xmlsoap.org/ws/2002/07/utility";
private static String WSU_PREFIX = "wsu";
private static final String SOAP_URI;
private static final String SOAP_PREFIX;
private static final String XMLSIG_URI;
private static final String XMLSIG_PREFIX;
private static final String XMLENC_URI;
private static final String XMLENC_PREFIX;
private static String SOAP_ENVELOPE = "Envelope";
private static String SOAP_HEADER = "Header";
private static String SOAP_BODY = "Body";
private static String SOAP_FAULT = "Fault";
private static boolean USE_WSU_FOR_SECURITY_TOKEN_ID = false;
private static final Map NS_MAPPINGS;
private static final QName X509_QNAME = new QName("http://schemas.xmlsoap.org/ws/2002/07/secext", "wsse", "X509v3");
private static final QName BASE64_QNAME = new QName("http://schemas.xmlsoap.org/ws/2002/07/secext", "wsse", "Base64Binary");
private static final QName HEX_QNAME = new QName("http://schemas.xmlsoap.org/ws/2002/07/secext", "wsse", "HexBinary");
private String soapActor;
private long validityMillis;
private boolean signBeforeEncrypt;
public WSSecurity()
{
signBeforeEncrypt = true;
}
public void setSOAPActor(String soapActor)
{
this.soapActor = soapActor;
}
public String getSOAPActor()
{
return soapActor;
}
public void setSignBeforeEncrypt(boolean signBeforeEncrypt)
{
this.signBeforeEncrypt = signBeforeEncrypt;
}
public boolean getSignBeforeEncrypt()
{
return signBeforeEncrypt;
}
public long getValidityInterval()
{
return validityMillis;
}
public void setValidityInterval(long validityMillis)
{
this.validityMillis = validityMillis;
}
public XPath getSigningLocation()
{
return null;
}
public void setSigningLocation(XPath signingLocation)
{
if(signingLocation != null)
throw new IllegalArgumentException("explicit signing locations are not currently supported");
else
return;
}
public boolean getSigningLocationInsertBefore()
{
return false;
}
public void setSigningLocationInsertBefore(boolean flag)
{
}
public void setUseExclusiveCanonicalization(boolean useExclusiveC14N)
{
if(!useExclusiveC14N)
throw new IllegalArgumentException("only useExclusiveC14N=true is currently supported");
else
return;
}
public boolean getUseExclusiveCanonicalization()
{
return true;
}
public XPath[] getVerifyingLocations()
{
return null;
}
public void setVerifyingLocations(XPath verifyingLocations[])
{
if(verifyingLocations != null && verifyingLocations.length > 0)
throw new IllegalArgumentException("explicit verifying locations are not currently supported");
else
return;
}
public void sign(Document message, SigningKey signingKey, KeyInfo keyInfo)
throws GeneralSecurityException
{
addEnvelope(message);
if(signingKey == null)
return;
DOMWriteCursor c = new DOMWriteCursor(message);
boolean insertBefore = moveToInsertPosition(c);
XPath relativeLoc = c.createXPath();
String timestampIDs[] = addTimestamps(c);
Signer signer = new Signer(c.getDocument(), signingKey);
signer.useExclusiveCanonicalizer(Collections.EMPTY_LIST);
signer.addReference(XPath.fromID(makeBodyID(c)));
if(timestampIDs[0] != null)
signer.addReference(XPath.fromID(timestampIDs[0]));
if(timestampIDs[1] != null)
signer.addReference(XPath.fromID(timestampIDs[1]));
try
{
signer.signInPlace(relativeLoc, insertBefore);
}
catch(XPathException e)
{
throw new InternalRuntimeException(e);
}
if(keyInfo != null)
{
String keyInfoID = insertKeyInfo(c, keyInfo);
if(keyInfoID != null)
{
moveToInsertPosition(c);
c.moveToSibling(1);
c = c.addUnder(XMLSIG_URI, XMLSIG_PREFIX, "KeyInfo");
c = c.addUnder("http://schemas.xmlsoap.org/ws/2002/07/secext", "wsse", "SecurityTokenReference");
c = c.addUnder("http://schemas.xmlsoap.org/ws/2002/07/secext", "wsse", "Reference");
c.setAttribute("URI", "#" + keyInfoID);
}
}
}
public void encrypt(Document message, Key dataEncryptionKey, AlgorithmType dataEncryptionAlgorithm, Key keyEncryptionKey, AlgorithmType keyEncryptionAlgorithm, KeyInfo keyInfo)
throws GeneralSecurityException
{
addEnvelope(message);
if(dataEncryptionKey == null)
return;
DOMWriteCursor c = new DOMWriteCursor(message);
if(dataEncryptionAlgorithm == null)
dataEncryptionAlgorithm = AlgorithmType.TRIPLEDES;
if(keyEncryptionAlgorithm == null)
keyEncryptionAlgorithm = AlgorithmType.RSA1_5;
XPath bodyLoc = XPath.fromID(makeBodyID(c));
boolean insertRefListBefore;
Encryptor encryptor;
if(keyEncryptionKey != null)
{
boolean insertBefore = moveToInsertPosition(c);
encryptor = new Encryptor(c.getDocument(), keyEncryptionKey, keyEncryptionAlgorithm);
try
{
encryptor.encryptKeyInPlace(dataEncryptionKey, c.createXPath(), insertBefore);
}
catch(XPathException e)
{
throw new InternalRuntimeException(e);
}
moveToInsertPosition(c);
if(keyInfo != null)
{
X509Certificate cert = keyInfo.getCertificate();
if(cert != null)
{
byte spki[] = cert.getExtensionValue("2.5.29.14");
if(spki != null)
{
byte temp[] = new byte[spki.length - 4];
System.arraycopy(spki, 4, temp, 0, temp.length);
spki = temp;
DOMWriteCursor c2 = c.cloneWriteCursor();
if(!c2.moveToChild(XMLENC_URI, "CipherData"))
throw isInvalid(c2);
c2 = c2.addBefore(XMLSIG_URI, XMLSIG_PREFIX, "KeyInfo");
c2 = c2.addUnder("http://schemas.xmlsoap.org/ws/2002/07/secext", "wsse", "SecurityTokenReference");
c2 = c2.addUnder("http://schemas.xmlsoap.org/ws/2002/07/secext", "wsse", "KeyIdentifier");
setBinaryValue(c2, spki);
}
}
}
insertRefListBefore = false;
} else
{
insertRefListBefore = moveToInsertPosition(c);
}
DOMWriteCursor refList = insertRefListBefore ? c.addBefore(XMLENC_URI, XMLENC_PREFIX, "ReferenceList") : c.addUnder(XMLENC_URI, XMLENC_PREFIX, "ReferenceList");
encryptor = new Encryptor(c.getDocument(), dataEncryptionKey, dataEncryptionAlgorithm);
try
{
encryptor.setContentEncryption(true);
encryptor.encryptInPlace(bodyLoc);
}
catch(XPathException e)
{
throw new InternalRuntimeException(e);
}
moveToBody(c);
c.moveToChild(1);
String encID = makeID(c);
c = refList.addUnder(XMLENC_URI, XMLENC_PREFIX, "DataReference");
c.setAttribute("URI", "#" + encID);
}
public void signAndEncrypt(Document message, SigningKey signingKey, KeyInfo signingKeyInfo, Key dataEncryptionKey, AlgorithmType dataEncryptionAlgorithm, Key keyEncryptionKey, AlgorithmType keyEncryptionAlgorithm,
KeyInfo encryptingKeyInfo)
throws GeneralSecurityException
{
if(signBeforeEncrypt)
{
sign(message, signingKey, signingKeyInfo);
encrypt(message, dataEncryptionKey, dataEncryptionAlgorithm, keyEncryptionKey, keyEncryptionAlgorithm, encryptingKeyInfo);
} else
{
encrypt(message, dataEncryptionKey, dataEncryptionAlgorithm, keyEncryptionKey, keyEncryptionAlgorithm, encryptingKeyInfo);
sign(message, signingKey, signingKeyInfo);
}
}
public MessageValidity[] verify(Document message, TrustVerifier trustVerifier, VerifyingKey verifyingKey)
throws SignatureException, TrustVerificationException, GeneralSecurityException, XmlMessageException
{
return verifyAndDecrypt(message, trustVerifier, verifyingKey, null, null);
}
public void decrypt(Document message, Key decryptionKey, KeyResolver keyResolver)
throws GeneralSecurityException, XmlMessageException
{
try
{
verifyAndDecrypt(message, null, null, decryptionKey, keyResolver);
}
catch(TrustVerificationException e)
{
throw new InternalRuntimeException(e);
}
}
public MessageValidity[] verifyAndDecrypt(Document message, TrustVerifier trustVerifier, VerifyingKey verifyingKey, Key decryptionKey, KeyResolver keyResolver)
throws SignatureException, TrustVerificationException, GeneralSecurityException, XmlMessageException
{
DOMCursor c = new DOMCursor(message);
checkEnvelope(c);
if(!c.moveToXPath(getSecurityXPath()))
return new MessageValidity[0];
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -