001: /*
002: * The contents of this file are subject to the terms
003: * of the Common Development and Distribution License
004: * (the License). You may not use this file except in
005: * compliance with the License.
006: *
007: * You can obtain a copy of the license at
008: * https://glassfish.dev.java.net/public/CDDLv1.0.html.
009: * See the License for the specific language governing
010: * permissions and limitations under the License.
011: *
012: * When distributing Covered Code, include this CDDL
013: * Header Notice in each file and include the License file
014: * at https://glassfish.dev.java.net/public/CDDLv1.0.html.
015: * If applicable, add the following below the CDDL Header,
016: * with the fields enclosed by brackets [] replaced by
017: * you own identifying information:
018: * "Portions Copyrighted [year] [name of copyright owner]"
019: *
020: * Copyright 2006 Sun Microsystems Inc. All Rights Reserved
021: */
022:
023: package com.sun.xml.ws.security.opt.impl.message;
024:
025: import com.sun.xml.ws.message.jaxb.JAXBHeader;
026: import com.sun.xml.ws.security.opt.api.SecurityElement;
027: import com.sun.xml.ws.security.opt.api.SecurityHeaderElement;
028: import com.sun.xml.ws.security.opt.impl.dsig.SignedMessageHeader;
029: import com.sun.xml.ws.security.opt.impl.outgoing.SecurityHeader;
030: import com.sun.xml.ws.security.opt.impl.util.JAXBUtil;
031: import com.sun.xml.ws.security.opt.impl.util.NamespaceContextEx;
032: import com.sun.xml.ws.security.opt.impl.util.WSSElementFactory;
033: import com.sun.xml.ws.security.opt.impl.crypto.JAXBDataImpl;
034: import com.sun.xml.ws.security.opt.impl.crypto.SSBData;
035: import com.sun.xml.ws.security.opt.impl.crypto.SSEData;
036: import com.sun.xml.ws.security.opt.impl.crypto.StreamHeaderData;
037: import com.sun.xml.ws.security.opt.impl.util.WSSNSPrefixWrapper;
038: import com.sun.xml.wss.XWSSecurityException;
039: import com.sun.xml.ws.security.opt.crypto.dsig.keyinfo.KeyInfo;
040: import com.sun.xml.wss.impl.MessageConstants;
041: import com.sun.xml.wss.impl.misc.SecurityUtil;
042: import com.sun.xml.wss.impl.policy.mls.EncryptionPolicy;
043: import com.sun.xml.wss.impl.policy.mls.EncryptionPolicy.FeatureBinding;
044: import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
045: import com.sun.xml.wss.impl.policy.mls.Target;
046:
047: import java.security.Key;
048: import java.util.ArrayList;
049: import java.util.HashMap;
050: import java.util.Iterator;
051: import java.util.List;
052: import javax.xml.crypto.Data;
053: import javax.xml.namespace.QName;
054:
055: import com.sun.xml.ws.api.SOAPVersion;
056:
057: /**
058: *
059: * @author K.Venugopal@sun.com
060: */
061: public class ETHandler {
062: private WSSElementFactory wsf = null;
063: private HashMap props = new HashMap();
064:
065: /** Creates a new instance of MessageETHandler */
066: public ETHandler(SOAPVersion soapVersion) {
067: wsf = new WSSElementFactory(soapVersion);
068: if (soapVersion == SOAPVersion.SOAP_11) {
069: props.put("com.sun.xml.bind.namespacePrefixMapper",
070: new WSSNSPrefixWrapper(JAXBUtil.prefixMapper11));
071: } else {
072: props.put("com.sun.xml.bind.namespacePrefixMapper",
073: new WSSNSPrefixWrapper(JAXBUtil.prefixMapper12));
074: }
075: }
076:
077: public List buildEDList(EncryptionPolicy policy,
078: final Target target, JAXBFilterProcessingContext context,
079: Key key, KeyInfo ki) throws XWSSecurityException {
080:
081: SecuredMessage message = context.getSecuredMessage();
082: ArrayList edList = new ArrayList();
083: if (target.getType() == Target.TARGET_TYPE_VALUE_QNAME) {
084: QName name = target.getQName();
085: if (name == Target.BODY_QNAME) {
086: Object obj = message.getBody();
087: String dataEncAlg = SecurityUtil
088: .getDataEncryptionAlgo(context);
089: if (dataEncAlg.length() == 0) {
090: if (context.getAlgorithmSuite() != null) {
091: dataEncAlg = context.getAlgorithmSuite()
092: .getEncryptionAlgorithm();
093: }
094: }
095: Data data = null;
096: if (obj instanceof SOAPBody) {
097: data = new SSBData((SOAPBody) obj, true, context
098: .getNamespaceContext());
099: SecurityHeaderElement ed = (SecurityHeaderElement) wsf
100: .createEncryptedData(context.generateID(),
101: data, dataEncAlg, ki, key, true);
102: edList.add(ed);
103: SOAPBody sb = (SOAPBody) message.getBody();
104: SOAPBody nsb = new SOAPBody(ed, context
105: .getSOAPVersion());
106: nsb.setId(sb.getId());
107: message.replaceBody(nsb);
108: } else if (obj instanceof SecurityElement) {
109: data = new SSEData((SecurityElement) obj, true,
110: context.getNamespaceContext(), props);
111: SecurityHeaderElement ed = (SecurityHeaderElement) wsf
112: .createEncryptedData(context.generateID(),
113: data, dataEncAlg, ki, key, true);
114: edList.add(ed);
115: SOAPBody nsb = new SOAPBody(ed, context
116: .getSOAPVersion());
117: nsb.setId(((SecurityElement) obj).getId());
118: message.replaceBody(nsb);
119: }
120: return edList;
121: }
122:
123: // Look for Id or wsu:Id attribute in all elements
124: java.util.Iterator headers = null;
125: if (name
126: .getNamespaceURI()
127: .equals(
128: MessageConstants.ADDRESSING_MEMBER_SUBMISSION_NAMESPACE)
129: || name.getNamespaceURI().equals(
130: MessageConstants.ADDRESSING_W3C_NAMESPACE)) {
131: if (!"".equals(name.getLocalPart()))
132: headers = message.getHeaders(name.getLocalPart(),
133: null);
134: else {
135: headers = message
136: .getHeaders(MessageConstants.ADDRESSING_MEMBER_SUBMISSION_NAMESPACE);
137: if (!headers.hasNext())
138: headers = message
139: .getHeaders(MessageConstants.ADDRESSING_W3C_NAMESPACE);
140: }
141: } else {
142: if (!"".equals(name.getLocalPart()))
143: headers = message.getHeaders(name.getLocalPart(),
144: name.getNamespaceURI());
145: else
146: headers = message
147: .getHeaders(name.getNamespaceURI());
148: }
149:
150: while (headers.hasNext()) {
151: Object header = headers.next();
152: SecurityHeaderElement ed = toMessageHeader(policy,
153: target, context, key, header, ki, true);
154: edList.add(ed);
155: }
156:
157: if (!edList.isEmpty()) {
158: return edList;
159: }
160: SecurityHeader sh = context.getSecurityHeader();
161:
162: Iterator itr = sh.getHeaders(name.getLocalPart(), name
163: .getNamespaceURI());
164: while (itr.hasNext()) {
165: SecurityHeaderElement hdr = (SecurityHeaderElement) itr
166: .next();
167: if (hdr != null) {
168: SecurityHeaderElement ed = toMessageHeader(policy,
169: target, context, key, hdr, ki, false);
170: edList.add(ed);
171: }
172: }
173: return edList;
174: } else if (target.getType() == Target.TARGET_TYPE_VALUE_URI) {
175:
176: SecurityHeaderElement se = handleURI(policy, target,
177: context, key, ki);
178: edList.add(se);
179: return edList;
180: //TODO
181: // throw new UnsupportedOperationException("Target Type "+target.getType() +" is not supported by EncryptionProcessor");
182: }
183: throw new UnsupportedOperationException("Target Type "
184: + target.getType()
185: + " is not supported by EncryptionProcessor");
186:
187: }
188:
189: protected SecurityHeaderElement handleURI(EncryptionPolicy policy,
190: Target target, JAXBFilterProcessingContext context,
191: Key key, KeyInfo ki) throws XWSSecurityException {
192: String dataEncAlg = SecurityUtil.getDataEncryptionAlgo(context);
193: boolean contentOnly = target.getContentOnly();
194: Object header = context.getSecurityHeader().getChildElement(
195: target.getValue());
196: if (header != null) {
197: Data data = toData(header, contentOnly, context);
198: SecurityHeaderElement ed = (SecurityHeaderElement) wsf
199: .createEncryptedData(context.generateID(), data,
200: dataEncAlg, ki, key, target
201: .getContentOnly());
202: context.getSecurityHeader().replace(
203: (SecurityHeaderElement) header, ed);
204: return ed;
205: } else {
206: header = context.getSecuredMessage().getHeader(
207: target.getValue());
208: return toMessageHeader(policy, target, context, key,
209: header, ki, true);
210: }
211: }
212:
213: protected SecurityHeaderElement toMessageHeader(
214: EncryptionPolicy policy, Target target,
215: JAXBFilterProcessingContext context, Key key,
216: Object header, KeyInfo ki, boolean isEncryptedHeaders)
217: throws XWSSecurityException {
218: SecuredMessage message = context.getSecuredMessage();
219: String dataEncAlg = SecurityUtil.getDataEncryptionAlgo(context);
220: boolean contentOnly = target.getContentOnly();
221:
222: boolean encHeaderContent = context.getEncHeaderContent();
223: if (encHeaderContent
224: && !"true"
225: .equals(context
226: .getExtraneousProperty("EnableWSS11PolicySender"))) {
227: contentOnly = true;
228: }
229:
230: Data data = toData(header, contentOnly, context);
231: SecurityHeaderElement ed = null;
232:
233: if (contentOnly) {
234: ed = (SecurityHeaderElement) wsf.createEncryptedData(
235: context.generateID(), data, dataEncAlg, ki, key,
236: contentOnly);
237: if (header instanceof com.sun.xml.ws.security.opt.impl.message.Header) {
238: throw new XWSSecurityException(
239: "Implementation does not support encrypting content which is already encrypted ");
240: } else if (header instanceof SignedMessageHeader) {
241: EncryptedSignedMessageHeader encHdr = new EncryptedSignedMessageHeader(
242: (SignedMessageHeader) header, ed);
243: message.replaceHeader(header, encHdr);
244: } else {
245: com.sun.xml.ws.security.opt.impl.message.Header hdr = new com.sun.xml.ws.security.opt.impl.message.Header(
246: (com.sun.xml.ws.api.message.Header) header, ed);
247: message.replaceHeader(header, hdr);
248: }
249:
250: } else {
251: if (isEncryptedHeaders
252: && "true"
253: .equals(context
254: .getExtraneousProperty("EnableWSS11PolicySender"))) {
255: ed = (SecurityHeaderElement) wsf.createEncryptedHeader(
256: context.generateID(), context.generateID(),
257: data, dataEncAlg, ki, key, contentOnly);
258: ((NamespaceContextEx) context.getNamespaceContext())
259: .addWSS11NS();
260: } else {
261: ed = (SecurityHeaderElement) wsf.createEncryptedData(
262: context.generateID(), data, dataEncAlg, ki,
263: key, contentOnly);
264: }
265: if (!message.replaceHeader(header, ed)) {
266: context.getSecurityHeader().replace(
267: (SecurityHeaderElement) header, ed);
268: }
269: }
270: return ed;
271: }
272:
273: protected Data toData(Object header, boolean contentOnly,
274: JAXBFilterProcessingContext context)
275: throws XWSSecurityException {
276: if (header instanceof SecurityElement) {
277: return new SSEData((SecurityElement) header, contentOnly,
278: context.getNamespaceContext(), props);
279: }
280: if (header instanceof JAXBHeader) {
281: return new JAXBDataImpl(
282: (com.sun.xml.ws.api.message.Header) header,
283: contentOnly, context.getNamespaceContext());
284: } else if (header instanceof com.sun.xml.ws.api.message.Header) {
285: return new StreamHeaderData(
286: (com.sun.xml.ws.api.message.Header) header,
287: contentOnly, context.getNamespaceContext());
288: } else {
289: throw new XWSSecurityException("Unsupported Header type");
290: }
291: }
292: }
|