if (!compare(getAlgorithm(), token.getAlgorithm())) { return false; if (!getSecurityTokenReference().equals(token.getSecurityTokenReference())) { return false; return false; if (!compare(getProperties(), token.getProperties())) { return false; if (getGeneration() != token.getGeneration()) { return false; if (getOffset() != token.getOffset()) { return false; if (getLength() != token.getLength()) { return false; if (!compare(getLabel(), token.getLabel())) { return false; if (!compare(getNonce(), token.getNonce())) { return false;
public Element getdktElement() { return dkt.getElement(); }
/** * Returns the label of the derived key token * * @return Label of the derived key token */ public String getLabel() { if (elementLabel != null) { return getFirstNode(elementLabel).getData(); } return null; }
DerivedKeyToken dkt = new DerivedKeyToken(elem, data.getWssConfig().isWsiBSPCompliant()); AlgorithmSuiteValidator(algorithmSuite); algorithmSuiteValidator.checkDerivedKeyAlgorithm( dkt.getAlgorithm() ); Element secRefElement = dkt.getSecurityTokenReferenceElement(); if (secRefElement != null) { STRParser strParser = new DerivedKeyTokenSTRParser(); String tempNonce = dkt.getNonce(); if (tempNonce == null) { throw new WSSecurityException("Missing wsc:Nonce value"); int length = dkt.getLength(); byte[] keyBytes = dkt.deriveKey(length, secret); WSSecurityEngineResult result = new WSSecurityEngineResult(WSConstants.DKT, null, keyBytes, null); wsDocInfo.addTokenElement(elem); String tokenId = dkt.getID(); if (!"".equals(tokenId)) { result.put(WSSecurityEngineResult.TAG_ID, tokenId); result.put(WSSecurityEngineResult.TAG_TOKEN_ELEMENT, dkt.getElement()); wsDocInfo.addResult(result); return java.util.Collections.singletonList(result);
/** * Create a WSDerivedKeyTokenPrincipal from this DerivedKeyToken object */ public Principal createPrincipal() throws WSSecurityException { WSDerivedKeyTokenPrincipal principal = new WSDerivedKeyTokenPrincipal(getID()); principal.setNonce(getNonce()); principal.setLabel(getLabel()); principal.setLength(getLength()); principal.setOffset(getOffset()); principal.setAlgorithm(getAlgorithm()); String basetokenId = null; SecurityTokenReference securityTokenReference = getSecurityTokenReference(); if (securityTokenReference.containsReference()) { basetokenId = securityTokenReference.getReference().getURI(); if (basetokenId.charAt(0) == '#') { basetokenId = basetokenId.substring(1); } } else { // KeyIdentifier basetokenId = securityTokenReference.getKeyIdentifierValue(); } principal.setBasetokenId(basetokenId); return principal; }
dkt = new DerivedKeyToken(wscVersion, document); dktId = getWsConfig().getIdAllocator().createId("DK-", dkt); dkt.setOffset(offset); dkt.setLength(length); dkt.setNonce(Base64.encode(nonce)); dkt.setID(dktId); dkt.setSecurityTokenReference(secRef); } else { dkt.setSecurityTokenReference(strElem);
DerivationAlgorithm algo = AlgoFactory.getInstance(getAlgorithm()); byte[] labelBytes = null; String label = getLabel(); if (label == null || label.length() == 0) { labelBytes = byte[] nonce = Base64.decode(getNonce()); byte[] seed = new byte[labelBytes.length + nonce.length]; System.arraycopy(labelBytes, 0, seed, 0, labelBytes.length); length = getLength(); return algo.createKey(secret, seed, getOffset(), length);
DerivedKeyToken dkt = (DerivedKeyToken)result.get(WSSecurityEngineResult.TAG_DERIVED_KEY_TOKEN); int keyLength = dkt.getLength(); if (keyLength <= 0) { String algorithm = (String)parameters.get(SIGNATURE_METHOD); secretKey = dkt.deriveKey(keyLength, secret); principal = dkt.createPrincipal(); ((WSDerivedKeyTokenPrincipal)principal).setSecret(secret); } else if (WSConstants.ST_UNSIGNED == action || WSConstants.ST_SIGNED == action) {
/** * If there are other types of properties other than Name, Label and Nonce * This is provided for extensibility purposes * * @param properties The properties and values in a Map */ public void setProperties(Map<String, String> properties) { for (String key : properties.keySet()) { String propertyName = properties.get(key); //Get the property name //Check whether this property is already there //If so change the value Element node = WSSecurityUtil.findElement(elementProperties, propertyName, ns); if (node != null) { //If the node is not null Text node1 = getFirstNode(node); node1.setData(properties.get(propertyName)); } else { addProperty(propertyName, properties.get(propertyName)); } } }
(byte[])result.get(WSSecurityEngineResult.TAG_SECRET); String algorithm = (String)parameters.get(SIGNATURE_METHOD); secretKey = dkt.deriveKey(WSSecurityUtil.getKeyLength(algorithm), secret); principal = dkt.createPrincipal(); } else if (WSConstants.ST_UNSIGNED == action || WSConstants.ST_SIGNED == action) { AssertionWrapper assertion =
DerivedKeyToken dkt = new DerivedKeyToken(elem, data.getWssConfig().isWsiBSPCompliant()); AlgorithmSuiteValidator(algorithmSuite); algorithmSuiteValidator.checkDerivedKeyAlgorithm( dkt.getAlgorithm() ); Element secRefElement = dkt.getSecurityTokenReferenceElement(); if (secRefElement != null) { STRParser strParser = new DerivedKeyTokenSTRParser(); String tempNonce = dkt.getNonce(); if (tempNonce == null) { throw new WSSecurityException("Missing wsc:Nonce value"); int length = dkt.getLength(); byte[] keyBytes = dkt.deriveKey(length, secret); WSSecurityEngineResult result = new WSSecurityEngineResult(WSConstants.DKT, null, keyBytes, null); wsDocInfo.addTokenElement(elem); String tokenId = dkt.getID(); if (!"".equals(tokenId)) { result.put(WSSecurityEngineResult.TAG_ID, tokenId); result.put(WSSecurityEngineResult.TAG_TOKEN_ELEMENT, dkt.getElement()); wsDocInfo.addResult(result); return java.util.Collections.singletonList(result);
/** * Create a WSDerivedKeyTokenPrincipal from this DerivedKeyToken object */ public Principal createPrincipal() throws WSSecurityException { WSDerivedKeyTokenPrincipal principal = new WSDerivedKeyTokenPrincipal(getID()); principal.setNonce(getNonce()); principal.setLabel(getLabel()); principal.setLength(getLength()); principal.setOffset(getOffset()); principal.setAlgorithm(getAlgorithm()); String basetokenId = null; SecurityTokenReference securityTokenReference = getSecurityTokenReference(); if (securityTokenReference.containsReference()) { basetokenId = securityTokenReference.getReference().getURI(); if (basetokenId.charAt(0) == '#') { basetokenId = basetokenId.substring(1); } } else { // KeyIdentifier basetokenId = securityTokenReference.getKeyIdentifierValue(); } principal.setBasetokenId(basetokenId); return principal; }
dkt = new DerivedKeyToken(wscVersion, document); dktId = getWsConfig().getIdAllocator().createId("DK-", dkt); dkt.setOffset(offset); dkt.setLength(length); dkt.setNonce(Base64.encode(nonce)); dkt.setID(dktId); dkt.setSecurityTokenReference(secRef); } else { dkt.setSecurityTokenReference(strElem);
DerivationAlgorithm algo = AlgoFactory.getInstance(getAlgorithm()); byte[] labelBytes = null; String label = getLabel(); if (label == null || label.length() == 0) { labelBytes = byte[] nonce = Base64.decode(getNonce()); byte[] seed = new byte[labelBytes.length + nonce.length]; System.arraycopy(labelBytes, 0, seed, 0, labelBytes.length); length = getLength(); return algo.createKey(secret, seed, getOffset(), length);
DerivedKeyToken dkt = (DerivedKeyToken)result.get(WSSecurityEngineResult.TAG_DERIVED_KEY_TOKEN); int keyLength = dkt.getLength(); if (keyLength <= 0) { String algorithm = (String)parameters.get(SIGNATURE_METHOD); secretKey = dkt.deriveKey(keyLength, secret); principal = dkt.createPrincipal(); ((WSDerivedKeyTokenPrincipal)principal).setSecret(secret); } else if (WSConstants.ST_UNSIGNED == action || WSConstants.ST_SIGNED == action) {
/** * If there are other types of properties other than Name, Label and Nonce * This is provided for extensibility purposes * * @param properties The properties and values in a Map */ public void setProperties(Map<String, String> properties) { for (String key : properties.keySet()) { String propertyName = properties.get(key); //Get the property name //Check whether this property is already there //If so change the value Element node = WSSecurityUtil.findElement(elementProperties, propertyName, ns); if (node != null) { //If the node is not null Text node1 = getFirstNode(node); node1.setData(properties.get(propertyName)); } else { addProperty(propertyName, properties.get(propertyName)); } } }
(byte[])result.get(WSSecurityEngineResult.TAG_SECRET); String algorithm = (String)parameters.get(SIGNATURE_METHOD); secretKey = dkt.deriveKey(WSSecurityUtil.getKeyLength(algorithm), secret); principal = dkt.createPrincipal(); } else if (WSConstants.ST_UNSIGNED == action || WSConstants.ST_SIGNED == action) { AssertionWrapper assertion =
if (!compare(getAlgorithm(), token.getAlgorithm())) { return false; if (!getSecurityTokenReference().equals(token.getSecurityTokenReference())) { return false; return false; if (!compare(getProperties(), token.getProperties())) { return false; if (getGeneration() != token.getGeneration()) { return false; if (getOffset() != token.getOffset()) { return false; if (getLength() != token.getLength()) { return false; if (!compare(getLabel(), token.getLabel())) { return false; if (!compare(getNonce(), token.getNonce())) { return false;
/** * Return the nonce of the derived key token * * @return Nonce of the derived key token */ public String getNonce() { if (elementNonce != null) { return getFirstNode(elementNonce).getData(); } return null; }
public Element getdktElement() { return dkt.getElement(); }