Examples with WSDerivedKeyTokenPrincipal org.apache.wss4j.common.principal.WSDerivedKeyTokenPrincipal used on opensource projects

Search in sources :

Example 1 with WSDerivedKeyTokenPrincipal

use of org.apache.wss4j.common.principal.WSDerivedKeyTokenPrincipal in project cxf by apache.

the class AlgorithmSuitePolicyValidator method checkKeyLengths.

/**
 * Check the key lengths of the secret and public keys.
 */
private boolean checkKeyLengths(WSSecurityEngineResult result, AlgorithmSuite algorithmPolicy, AssertionInfo ai, boolean signature) {
    PublicKey publicKey = (PublicKey) result.get(WSSecurityEngineResult.TAG_PUBLIC_KEY);
    if (publicKey != null && !checkPublicKeyLength(publicKey, algorithmPolicy, ai)) {
        return false;
    }
    X509Certificate x509Cert = (X509Certificate) result.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
    if (x509Cert != null && !checkPublicKeyLength(x509Cert.getPublicKey(), algorithmPolicy, ai)) {
        return false;
    }
    AlgorithmSuiteType algorithmSuiteType = algorithmPolicy.getAlgorithmSuiteType();
    byte[] secret = (byte[]) result.get(WSSecurityEngineResult.TAG_SECRET);
    if (signature) {
        Principal principal = (Principal) result.get(WSSecurityEngineResult.TAG_PRINCIPAL);
        if (principal instanceof WSDerivedKeyTokenPrincipal) {
            int requiredLength = algorithmSuiteType.getSignatureDerivedKeyLength();
            if (secret == null || secret.length != (requiredLength / 8)) {
                ai.setNotAsserted("The signature derived key length does not match the requirement");
                return false;
            }
        } else if (secret != null && (secret.length < (algorithmSuiteType.getMinimumSymmetricKeyLength() / 8) || secret.length > (algorithmSuiteType.getMaximumSymmetricKeyLength() / 8))) {
            ai.setNotAsserted("The symmetric key length does not match the requirement");
            return false;
        }
    } else if (secret != null && (secret.length < (algorithmSuiteType.getMinimumSymmetricKeyLength() / 8) || secret.length > (algorithmSuiteType.getMaximumSymmetricKeyLength() / 8))) {
        ai.setNotAsserted("The symmetric key length does not match the requirement");
        return false;
    }
    return true;
}
Also used : AlgorithmSuiteType(org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType) PublicKey(java.security.PublicKey) DSAPublicKey(java.security.interfaces.DSAPublicKey) RSAPublicKey(java.security.interfaces.RSAPublicKey) X509Certificate(java.security.cert.X509Certificate) WSDerivedKeyTokenPrincipal(org.apache.wss4j.common.principal.WSDerivedKeyTokenPrincipal) Principal(java.security.Principal) WSDerivedKeyTokenPrincipal(org.apache.wss4j.common.principal.WSDerivedKeyTokenPrincipal)

Aggregations

Principal (java.security.Principal)1 PublicKey (java.security.PublicKey)1 X509Certificate (java.security.cert.X509Certificate)1 DSAPublicKey (java.security.interfaces.DSAPublicKey)1 RSAPublicKey (java.security.interfaces.RSAPublicKey)1 WSDerivedKeyTokenPrincipal (org.apache.wss4j.common.principal.WSDerivedKeyTokenPrincipal)1 AlgorithmSuiteType (org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial