📄 wssecurity.java
字号:
ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
return (X509Certificate)cf.generateCertificate(bais);
}
}
private DOMWriteCursor certToSecurityToken(X509Certificate cert, DOMWriteCursor c, boolean insertBefore)
throws GeneralSecurityException
{
if(insertBefore)
c = c.addBefore("http://schemas.xmlsoap.org/ws/2002/07/secext", "wsse", "BinarySecurityToken");
else
c = c.addUnder("http://schemas.xmlsoap.org/ws/2002/07/secext", "wsse", "BinarySecurityToken");
setBinaryValue(c, cert.getEncoded());
return c;
}
private void setBinaryValue(DOMWriteCursor c, byte value[])
{
c.setAttribute("ValueType", X509_QNAME.toString());
c.setAttribute("EncodingType", BASE64_QNAME.toString());
c.setText(Base64.encode(value));
}
private byte[] getBinaryValue(DOMCursor c)
{
String encodingType = c.getAttribute("EncodingType");
if(encodingType == null)
return null;
QName qname = c.getQNameInContext(encodingType);
if(BASE64_QNAME.equals(qname))
return Base64.decode(c.getText());
if(HEX_QNAME.equals(qname))
return (new BigInteger(c.getText(), 16)).toByteArray();
else
return null;
}
private KeyInfo certToKeyInfo(DOMCursor c, X509Certificate cert)
throws XmlMessageException
{
if(cert == null)
{
throw isInvalid(c);
} else
{
KeyInfo ki = new KeyInfo();
ki.setCertificate(cert);
return ki;
}
}
private KeyInfo verifierToKeyInfo(Verifier verifier)
throws TrustVerificationException, GeneralSecurityException
{
try
{
KeyInfo keyInfo = new KeyInfo();
X509Certificate chain[] = verifier.getCertificateChain();
if(chain != null && chain.length > 0)
{
keyInfo.setCertificateChain(chain);
} else
{
java.security.PublicKey key = verifier.getVerifyingKey();
if(key != null)
keyInfo.setKeyValue(key);
else
return null;
}
return keyInfo;
}
catch(XPathException e)
{
throw new InternalRuntimeException(e);
}
}
private String insertKeyInfo(DOMWriteCursor c, KeyInfo keyInfo)
throws GeneralSecurityException
{
boolean insertBefore = moveToInsertPosition(c);
XPath relativeLoc = c.createXPath();
X509Certificate certs[] = keyInfo.getCertificateChain();
if(certs.length == 1)
{
c = certToSecurityToken(certs[0], c, insertBefore);
return makeID(c);
}
c = keyInfo.toXML(c, insertBefore);
if(c != null)
return makeID(c);
else
return null;
}
private String makeBodyID(DOMWriteCursor c)
{
c = c.cloneWriteCursor();
moveToBody(c);
return makeID(c, "http://schemas.xmlsoap.org/ws/2002/07/utility", "wsu");
}
private String makeID(DOMWriteCursor c)
{
return makeID(c, null, null);
}
private String makeID(DOMWriteCursor c, String nsURI, String nsPrefix)
{
String id = c.getAttribute("Id");
if(id == null)
{
id = c.getAttribute("http://schemas.xmlsoap.org/ws/2002/07/utility", "Id");
if(id == null)
{
id = "wsse-" + UUID.generate();
c.setAttribute(nsURI, nsPrefix, "Id", id);
}
}
return id;
}
private XmlMessageException notSupported(DOMCursor c)
{
return isInvalid(c, "XML security element not supported");
}
private XmlMessageException isInvalid(DOMCursor c)
{
return isInvalid(c, "XML security element is invalid");
}
private XmlMessageException isInvalid(DOMCursor c, String msg)
{
return new XmlMessageException(msg + ' ' + c);
}
private XmlMessageException cannotProcess(DOMCursor c, Throwable e)
{
return cannotProcess(c.createXPath(), e);
}
private XmlMessageException cannotProcess(XPath xpath, Throwable e)
{
return new XmlMessageException("Error processing XML security element, see cause exception " + xpath.getXPath(), e);
}
private XPath getSigLocation()
{
return new XPath(getSecurityExpr() + "/ds:Signature", NS_MAPPINGS);
}
private XPath getSecurityXPath()
{
return new XPath(getSecurityExpr(), NS_MAPPINGS);
}
private String getSecurityExpr()
{
return "/s:Envelope/s:Header/wsse:Security[" + (soapActor == null ? "not(@s:actor)]" : "@s:actor='" + soapActor + "']");
}
private void moveToBody(DOMCursor c)
{
c.moveToTop();
if(!c.moveToChild(SOAP_URI, "Body"))
throw new IllegalStateException("No SOAP Body element");
else
return;
}
private void addAndMoveToSoapHeader(DOMWriteCursor c)
{
c.moveToTop();
if(c.moveToChild(1))
{
if(!c.atElement(SOAP_URI, "Header"))
{
c.addBefore(SOAP_URI, SOAP_PREFIX, "Header");
c.moveToSibling(-1);
}
} else
{
c.addUnder(SOAP_URI, SOAP_PREFIX, "Header");
c.moveToChild(-1);
}
}
private boolean moveToInsertPosition(DOMWriteCursor c)
{
boolean insertBefore = false;
XPath relativeLoc = getSecurityXPath();
if(c.moveToXPath(relativeLoc))
{
if(c.moveToChild(1))
insertBefore = true;
} else
{
addAndMoveToSoapHeader(c);
if(c.moveToChild(1))
{
c.addBefore("http://schemas.xmlsoap.org/ws/2002/07/secext", "wsse", "Security");
c.moveToSibling(-1);
} else
{
c.addUnder("http://schemas.xmlsoap.org/ws/2002/07/secext", "wsse", "Security");
c.moveToChild(-1);
}
c.setAttribute(SOAP_URI, SOAP_PREFIX, "mustUnderstand", "1");
if(soapActor != null)
c.setAttribute(SOAP_URI, SOAP_PREFIX, "actor", soapActor);
}
return insertBefore;
}
private void addEnvelope(Document message)
{
SOAPMessage unused = new SOAPMessage(message);
}
private void checkEnvelope(DOMCursor c)
throws XmlMessageException
{
c.moveToTop();
if(!c.atElement(SOAP_URI, "Envelope"))
throw new XmlMessageException("Missing SOAP envelope");
else
return;
}
private byte[] sha1(byte data[])
throws GeneralSecurityException
{
MessageDigest md = MessageDigest.getInstance("SHA1");
return md.digest(data);
}
static
{
WSSE_URI = "http://schemas.xmlsoap.org/ws/2002/07/secext";
WSSE_PREFIX = "wsse";
WSU_URI = "http://schemas.xmlsoap.org/ws/2002/07/utility";
WSU_PREFIX = "wsu";
SOAP_URI = Namespaces.SOAPENV.getUri();
SOAP_PREFIX = Namespaces.SOAPENV.getPrefix();
XMLSIG_URI = Namespaces.XMLSIG.getUri();
XMLSIG_PREFIX = Namespaces.XMLSIG.getPrefix();
XMLENC_URI = Namespaces.XMLENC.getUri();
XMLENC_PREFIX = Namespaces.XMLENC.getPrefix();
SOAP_ENVELOPE = "Envelope";
SOAP_HEADER = "Header";
SOAP_BODY = "Body";
SOAP_FAULT = "Fault";
USE_WSU_FOR_SECURITY_TOKEN_ID = false;
NS_MAPPINGS = new HashMap();
NS_MAPPINGS.put(SOAP_PREFIX, SOAP_URI);
NS_MAPPINGS.put("wsse", "http://schemas.xmlsoap.org/ws/2002/07/secext");
NS_MAPPINGS.put("wsu", "http://schemas.xmlsoap.org/ws/2002/07/utility");
NS_MAPPINGS.put(XMLSIG_PREFIX, XMLSIG_URI);
}
public MessageSecurity cloneMessageSecurity() {
// TODO Auto-generated method stub
return null;
}
public String getMessageNamespace(Document arg0) {
// TODO Auto-generated method stub
return null;
}
public String getPreferredNamespace() {
// TODO Auto-generated method stub
return null;
}
public String[] getSupportedNamespaces() {
// TODO Auto-generated method stub
return null;
}
public void setPreferredNamespace(String arg0) {
// TODO Auto-generated method stub
}
public MessageValidity[] verify(Document message, TrustVerifier trustVerifier,
VerifyingKey verifyingKey, KeyResolver arg3)
throws GeneralSecurityException, XmlMessageException {
// TODO Auto-generated method stub
return this.verify(message, trustVerifier, verifyingKey);
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -