/** * Advance the current position by the given number of bytes. * * @param length the number of bytes to skip. * @throws WSSecurityException if length is negative. */ public void skip(int length) throws WSSecurityException { if (length < 0) { throw new WSSecurityException( WSSecurityException.UNSUPPORTED_SECURITY_TOKEN, "noSKIHandling", new Object[] { "Unsupported DER format" } ); } pos += length; }
/** * Constructor. * <p/> * * @param errorCode * @param msgId * @param args */ public WSSecurityException(int errorCode, String msgId, Object[] args) { super(getMessage(errorCode, msgId, args)); this.errorCode = errorCode; }
/** * Prepends the SAML Assertion to the elements already in the * Security header. * * The method can be called any time after <code>prepare()</code>. * This allows to insert the SAML assertion at any position in the * Security header. * * @param secHeader * The security header that holds the Signature element. */ public void prependToHeader(WSSecHeader secHeader) { try { Element element = getElement(); if (element != null) { WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), element); } } catch (WSSecurityException ex) { throw new RuntimeException(ex.toString(), ex); } }
faultCode = ((WSSecurityException)e).getFaultCode();
/** * Prepends the SAML Assertion to the elements already in the * Security header. * * The method can be called any time after <code>prepare()</code>. * This allows to insert the SAML assertion at any position in the * Security header. * * @param secHeader * The security header that holds the Signature element. */ public void prependToHeader(WSSecHeader secHeader) { try { Element element = getElement(); if (element != null) { WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), element); } } catch (WSSecurityException ex) { throw new RuntimeException(ex.toString(), ex); } }
/** * Advance the current position by the given number of bytes. * * @param length the number of bytes to skip. * @throws WSSecurityException if length is negative. */ public void skip(int length) throws WSSecurityException { if (length < 0) { throw new WSSecurityException( WSSecurityException.UNSUPPORTED_SECURITY_TOKEN, "noSKIHandling", new Object[] { "Unsupported DER format" } ); } pos += length; }
/** * Constructor. * <p/> * * @param errorCode * @param msgId * @param args * @param exception */ public WSSecurityException(int errorCode, String msgId, Object[] args, Throwable exception) { super(getMessage(errorCode, msgId, args), exception); this.errorCode = errorCode; }
/** * Test if the byte at the current position matches the given value. * * @param val the value to test for a match with the current byte. * @return true if the byte at the current position matches the given value. * @throws WSSecurityException if the current position is at the end of * the array. */ public boolean test(byte val) throws WSSecurityException { if (pos >= arr.length) { throw new WSSecurityException( WSSecurityException.UNSUPPORTED_SECURITY_TOKEN, "noSKIHandling", new Object[] { "Invalid DER format" } ); } return (arr[pos] == val); }
/** * Constructor. * <p/> * * @param errorCode * @param msgId * @param args */ public WSSecurityException(int errorCode, String msgId, Object[] args) { super(getMessage(errorCode, msgId, args)); this.errorCode = errorCode; }
/** * Test if the byte at the current position matches the given value. * * @param val the value to test for a match with the current byte. * @return true if the byte at the current position matches the given value. * @throws WSSecurityException if the current position is at the end of * the array. */ public boolean test(byte val) throws WSSecurityException { if (pos >= arr.length) { throw new WSSecurityException( WSSecurityException.UNSUPPORTED_SECURITY_TOKEN, "noSKIHandling", new Object[] { "Invalid DER format" } ); } return (arr[pos] == val); }
/** * Constructor. * <p/> * * @param errorCode * @param msgId * @param args * @param exception */ public WSSecurityException(int errorCode, String msgId, Object[] args, Throwable exception) { super(getMessage(errorCode, msgId, args), exception); this.errorCode = errorCode; }
/** * Validate the certificates by checking the validity of each cert * @throws WSSecurityException */ protected void validateCertificates(X509Certificate[] certificates) throws WSSecurityException { try { for (int i = 0; i < certificates.length; i++) { certificates[i].checkValidity(); } } catch (CertificateExpiredException e) { throw new WSSecurityException( WSSecurityException.FAILED_CHECK, "invalidCert", null, e ); } catch (CertificateNotYetValidException e) { throw new WSSecurityException( WSSecurityException.FAILED_CHECK, "invalidCert", null, e ); } }
/** * This static method generates a 128 bit salt value as defined in WSS * Username Token Profile. * * @param useForMac If <code>true</code> define the Salt for use in a MAC * @return Returns the 128 bit salt value as byte array */ public static byte[] generateSalt(boolean useForMac) { byte[] saltValue = null; try { saltValue = WSSecurityUtil.generateNonce(16); } catch (WSSecurityException ex) { LOG.debug(ex.getMessage(), ex); return null; } if (useForMac) { saltValue[0] = 0x01; } else { saltValue[0] = 0x02; } return saltValue; }
/** * Validate the certificates by checking the validity of each cert * @throws WSSecurityException */ protected void validateCertificates(X509Certificate[] certificates) throws WSSecurityException { try { for (int i = 0; i < certificates.length; i++) { certificates[i].checkValidity(); } } catch (CertificateExpiredException e) { throw new WSSecurityException( WSSecurityException.FAILED_CHECK, "invalidCert", null, e ); } catch (CertificateNotYetValidException e) { throw new WSSecurityException( WSSecurityException.FAILED_CHECK, "invalidCert", null, e ); } }
/** * Creates and adds a Nonce element to this UsernameToken */ public void addNonce(Document doc) { if (elementNonce != null) { return; } byte[] nonceValue = null; try { nonceValue = WSSecurityUtil.generateNonce(16); } catch (WSSecurityException ex) { LOG.debug(ex.getMessage(), ex); return; } elementNonce = doc.createElementNS(WSConstants.WSSE_NS, "wsse:" + WSConstants.NONCE_LN); elementNonce.appendChild(doc.createTextNode(Base64.encode(nonceValue))); elementNonce.setAttributeNS(null, "EncodingType", BASE64_ENCODING); element.appendChild(elementNonce); }
/** * Generate a (SHA1) digest of the input bytes. The MessageDigest instance that backs this * method is cached for efficiency. * @param inputBytes the bytes to digest * @return the digest of the input bytes * @throws WSSecurityException */ public static synchronized byte[] generateDigest(byte[] inputBytes) throws WSSecurityException { try { if (digest == null) { digest = MessageDigest.getInstance("SHA-1"); } return digest.digest(inputBytes); } catch (Exception e) { throw new WSSecurityException( "Error in generating digest", e ); } }
/** * This static method generates a 128 bit salt value as defined in WSS * Username Token Profile. * * @param useForMac If <code>true</code> define the Salt for use in a MAC * @return Returns the 128 bit salt value as byte array */ public static byte[] generateSalt(boolean useForMac) { byte[] saltValue = null; try { saltValue = WSSecurityUtil.generateNonce(16); } catch (WSSecurityException ex) { LOG.debug(ex.getMessage(), ex); return null; } if (useForMac) { saltValue[0] = 0x01; } else { saltValue[0] = 0x02; } return saltValue; }
/** * Generate a (SHA1) digest of the input bytes. The MessageDigest instance that backs this * method is cached for efficiency. * @param inputBytes the bytes to digest * @return the digest of the input bytes * @throws WSSecurityException */ public static synchronized byte[] generateDigest(byte[] inputBytes) throws WSSecurityException { try { if (digest == null) { digest = MessageDigest.getInstance("SHA-1"); } return digest.digest(inputBytes); } catch (Exception e) { throw new WSSecurityException( "Error in generating digest", e ); } }
/** * Creates and adds a Nonce element to this UsernameToken */ public void addNonce(Document doc) { if (elementNonce != null) { return; } byte[] nonceValue = null; try { nonceValue = WSSecurityUtil.generateNonce(16); } catch (WSSecurityException ex) { LOG.debug(ex.getMessage(), ex); return; } elementNonce = doc.createElementNS(WSConstants.WSSE_NS, "wsse:" + WSConstants.NONCE_LN); elementNonce.appendChild(doc.createTextNode(Base64.encode(nonceValue))); elementNonce.setAttributeNS(null, "EncodingType", BASE64_ENCODING); element.appendChild(elementNonce); }
/** * Generate a nonce of the given length using the SHA1PRNG algorithm. The SecureRandom * instance that backs this method is cached for efficiency. * * @return a nonce of the given length * @throws WSSecurityException */ public static synchronized byte[] generateNonce(int length) throws WSSecurityException { try { if (random == null) { random = SecureRandom.getInstance("SHA1PRNG"); } byte[] temp = new byte[length]; random.nextBytes(temp); return temp; } catch (Exception ex) { throw new WSSecurityException( "Error in generating nonce of length " + length, ex ); } }