use of org.apache.wss4j.policy.model.EncryptionToken in project cxf by apache.
the class AbstractBindingPolicyValidator method checkDerivedKeys.
/**
* Check the derived key requirement.
*/
protected boolean checkDerivedKeys(AbstractTokenWrapper tokenWrapper, boolean hasDerivedKeys, List<WSSecurityEngineResult> signedResults, List<WSSecurityEngineResult> encryptedResults) {
AbstractToken token = tokenWrapper.getToken();
boolean isDerivedKeys = token.getDerivedKeys() == DerivedKeys.RequireDerivedKeys;
// If derived keys are not required then just return
if (!(token instanceof X509Token && isDerivedKeys)) {
return true;
}
if (tokenWrapper instanceof EncryptionToken && !hasDerivedKeys && !encryptedResults.isEmpty()) {
return false;
} else if (tokenWrapper instanceof SignatureToken && !hasDerivedKeys && !signedResults.isEmpty()) {
return false;
} else if (tokenWrapper instanceof ProtectionToken && !hasDerivedKeys && !(signedResults.isEmpty() || encryptedResults.isEmpty())) {
return false;
}
return true;
}
Aggregations