Example 1 with SecurityTokenProvider
use of org.apache.xml.security.stax.securityToken.SecurityTokenProvider in project cxf by apache.
the class AbstractStaxBindingHandler method addKerberosToken.
protected SecurePart addKerberosToken(KerberosToken token, boolean signed, boolean endorsing, boolean encrypting) throws WSSecurityException {
assertToken(token);
IncludeTokenType includeToken = token.getIncludeTokenType();
if (!isTokenRequired(includeToken)) {
return null;
}
final SecurityToken secToken = getSecurityToken();
if (secToken == null) {
unassertPolicy(token, "Could not find KerberosToken");
}
// Convert to WSS4J token
final KerberosClientSecurityToken wss4jToken = new KerberosClientSecurityToken(secToken.getData(), secToken.getKey(), secToken.getId()) {
@Override
public Key getSecretKey(String algorithmURI) throws XMLSecurityException {
if (secToken.getSecret() != null && algorithmURI != null && !"".equals(algorithmURI)) {
return KeyUtils.prepareSecretKey(algorithmURI, secToken.getSecret());
}
return secToken.getKey();
}
};
wss4jToken.setSha1Identifier(secToken.getSHA1());
final SecurityTokenProvider<OutboundSecurityToken> kerberosSecurityTokenProvider = new SecurityTokenProvider<OutboundSecurityToken>() {
@Override
public OutboundSecurityToken getSecurityToken() throws WSSecurityException {
return wss4jToken;
}
@Override
public String getId() {
return wss4jToken.getId();
}
};
outboundSecurityContext.registerSecurityTokenProvider(kerberosSecurityTokenProvider.getId(), kerberosSecurityTokenProvider);
outboundSecurityContext.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_KERBEROS, kerberosSecurityTokenProvider.getId());
if (encrypting) {
outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION, kerberosSecurityTokenProvider.getId());
}
if (endorsing) {
outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE, kerberosSecurityTokenProvider.getId());
}
// Action
properties.addAction(WSSConstants.KERBEROS_TOKEN);
/*
if (endorsing) {
String action = (String)config.get(ConfigurationConstants.ACTION);
config.put(ConfigurationConstants.ACTION,
ConfigurationConstants.SIGNATURE_WITH_KERBEROS_TOKEN + " " + action);
// config.put(ConfigurationConstants.SIG_KEY_ID, "DirectReference");
}
*/
SecurePart securePart = new SecurePart(WSSConstants.TAG_WSSE_BINARY_SECURITY_TOKEN, Modifier.Element);
securePart.setIdToSign(wss4jToken.getId());
return securePart;
}
Also used :
GenericOutboundSecurityToken(org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken)
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
KerberosClientSecurityToken(org.apache.wss4j.stax.impl.securityToken.KerberosClientSecurityToken)
OutboundSecurityToken(org.apache.xml.security.stax.securityToken.OutboundSecurityToken)
SecurePart(org.apache.xml.security.stax.ext.SecurePart)
GenericOutboundSecurityToken(org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken)
OutboundSecurityToken(org.apache.xml.security.stax.securityToken.OutboundSecurityToken)
IncludeTokenType(org.apache.wss4j.policy.SPConstants.IncludeTokenType)
KerberosClientSecurityToken(org.apache.wss4j.stax.impl.securityToken.KerberosClientSecurityToken)
SecurityTokenProvider(org.apache.xml.security.stax.securityToken.SecurityTokenProvider)
Example 2 with SecurityTokenProvider
use of org.apache.xml.security.stax.securityToken.SecurityTokenProvider in project cxf by apache.
the class AbstractStaxBindingHandler method storeSecurityToken.
protected void storeSecurityToken(AbstractToken policyToken, SecurityToken tok) {
SecurityTokenConstants.TokenType tokenType = WSSecurityTokenConstants.EncryptedKeyToken;
if (tok.getTokenType() != null) {
if (tok.getTokenType().startsWith(WSSConstants.NS_KERBEROS11_TOKEN_PROFILE)) {
tokenType = WSSecurityTokenConstants.KERBEROS_TOKEN;
} else if (tok.getTokenType().startsWith(WSSConstants.NS_SAML10_TOKEN_PROFILE) || tok.getTokenType().startsWith(WSSConstants.NS_SAML11_TOKEN_PROFILE)) {
tokenType = WSSecurityTokenConstants.SAML_11_TOKEN;
} else if (tok.getTokenType().startsWith(WSSConstants.NS_WSC_05_02) || tok.getTokenType().startsWith(WSSConstants.NS_WSC_05_12)) {
tokenType = WSSecurityTokenConstants.SECURE_CONVERSATION_TOKEN;
}
}
final Key key = tok.getKey();
final byte[] secret = tok.getSecret();
final X509Certificate[] certs = new X509Certificate[1];
if (tok.getX509Certificate() != null) {
certs[0] = tok.getX509Certificate();
}
final GenericOutboundSecurityToken encryptedKeySecurityToken = new GenericOutboundSecurityToken(tok.getId(), tokenType, key, certs) {
@Override
public Key getSecretKey(String algorithmURI) throws XMLSecurityException {
if (secret != null && algorithmURI != null && !"".equals(algorithmURI)) {
return KeyUtils.prepareSecretKey(algorithmURI, secret);
}
if (key != null) {
return key;
}
if (secret != null) {
String jceAlg = JCEMapper.getJCEKeyAlgorithmFromURI(algorithmURI);
if (jceAlg == null || "".equals(jceAlg)) {
jceAlg = "HmacSHA1";
}
return new SecretKeySpec(secret, jceAlg);
}
return super.getSecretKey(algorithmURI);
}
};
// Store a DOM Element reference if it exists
Element ref;
if (isTokenRequired(policyToken.getIncludeTokenType())) {
ref = tok.getAttachedReference();
} else {
ref = tok.getUnattachedReference();
}
if (ref != null && policyToken instanceof IssuedToken) {
encryptedKeySecurityToken.setCustomTokenReference(ref);
}
final SecurityTokenProvider<OutboundSecurityToken> encryptedKeySecurityTokenProvider = new SecurityTokenProvider<OutboundSecurityToken>() {
@Override
public OutboundSecurityToken getSecurityToken() throws XMLSecurityException {
return encryptedKeySecurityToken;
}
@Override
public String getId() {
return encryptedKeySecurityToken.getId();
}
};
encryptedKeySecurityToken.setSha1Identifier(tok.getSHA1());
outboundSecurityContext.registerSecurityTokenProvider(encryptedKeySecurityTokenProvider.getId(), encryptedKeySecurityTokenProvider);
outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION, encryptedKeySecurityTokenProvider.getId());
outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE, encryptedKeySecurityTokenProvider.getId());
outboundSecurityContext.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_CUSTOM_TOKEN, encryptedKeySecurityTokenProvider.getId());
}
Also used :
Element(org.w3c.dom.Element)
IssuedToken(org.apache.wss4j.policy.model.IssuedToken)
SecurityTokenConstants(org.apache.xml.security.stax.securityToken.SecurityTokenConstants)
WSSecurityTokenConstants(org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants)
X509Certificate(java.security.cert.X509Certificate)
GenericOutboundSecurityToken(org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken)
GenericOutboundSecurityToken(org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken)
OutboundSecurityToken(org.apache.xml.security.stax.securityToken.OutboundSecurityToken)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
Key(java.security.Key)
SecurityTokenProvider(org.apache.xml.security.stax.securityToken.SecurityTokenProvider)
Example 3 with SecurityTokenProvider
use of org.apache.xml.security.stax.securityToken.SecurityTokenProvider in project santuario-java by apache.
the class XMLEncryptedKeyInputHandler method handle.
public void handle(final InputProcessorChain inputProcessorChain, final EncryptedKeyType encryptedKeyType, final XMLSecEvent responsibleXMLSecStartXMLEvent, final XMLSecurityProperties securityProperties) throws XMLSecurityException {
if (encryptedKeyType.getEncryptionMethod() == null) {
throw new XMLSecurityException("stax.encryption.noEncAlgo");
}
if (encryptedKeyType.getId() == null) {
encryptedKeyType.setId(IDGenerator.generateID(null));
}
final InboundSecurityContext inboundSecurityContext = inputProcessorChain.getSecurityContext();
final SecurityTokenProvider<InboundSecurityToken> securityTokenProvider = new SecurityTokenProvider<InboundSecurityToken>() {
private AbstractInboundSecurityToken securityToken;
@Override
public InboundSecurityToken getSecurityToken() throws XMLSecurityException {
if (this.securityToken != null) {
return this.securityToken;
}
this.securityToken = new AbstractInboundSecurityToken(inboundSecurityContext, encryptedKeyType.getId(), SecurityTokenConstants.KeyIdentifier_EncryptedKey, true) {
private byte[] decryptedKey;
@Override
public Key getKey(String algorithmURI, XMLSecurityConstants.AlgorithmUsage algorithmUsage, String correlationID) throws XMLSecurityException {
Key key = getSecretKey().get(algorithmURI);
if (key != null) {
return key;
}
String algoFamily = JCEAlgorithmMapper.getJCEKeyAlgorithmFromURI(algorithmURI);
key = new SecretKeySpec(getSecret(this, correlationID, algorithmURI), algoFamily);
setSecretKey(algorithmURI, key);
return key;
}
@Override
public InboundSecurityToken getKeyWrappingToken() throws XMLSecurityException {
return getWrappingSecurityToken(this);
}
@Override
public SecurityTokenConstants.TokenType getTokenType() {
return SecurityTokenConstants.EncryptedKeyToken;
}
private InboundSecurityToken wrappingSecurityToken;
private InboundSecurityToken getWrappingSecurityToken(InboundSecurityToken wrappedSecurityToken) throws XMLSecurityException {
if (wrappingSecurityToken != null) {
return this.wrappingSecurityToken;
}
KeyInfoType keyInfoType = encryptedKeyType.getKeyInfo();
this.wrappingSecurityToken = SecurityTokenFactory.getInstance().getSecurityToken(keyInfoType, SecurityTokenConstants.KeyUsage_Decryption, securityProperties, inboundSecurityContext);
this.wrappingSecurityToken.addWrappedToken(wrappedSecurityToken);
return this.wrappingSecurityToken;
}
private byte[] getSecret(InboundSecurityToken wrappedSecurityToken, String correlationID, String symmetricAlgorithmURI) throws XMLSecurityException {
if (this.decryptedKey != null) {
return this.decryptedKey;
}
String algorithmURI = encryptedKeyType.getEncryptionMethod().getAlgorithm();
if (algorithmURI == null) {
throw new XMLSecurityException("stax.encryption.noEncAlgo");
}
String jceName = JCEAlgorithmMapper.translateURItoJCEID(algorithmURI);
String jceProvider = JCEAlgorithmMapper.getJCEProviderFromURI(algorithmURI);
if (jceName == null) {
throw new XMLSecurityException("algorithms.NoSuchMap", new Object[] { algorithmURI });
}
final InboundSecurityToken wrappingSecurityToken = getWrappingSecurityToken(wrappedSecurityToken);
Cipher cipher;
try {
XMLSecurityConstants.AlgorithmUsage algorithmUsage;
if (wrappingSecurityToken.isAsymmetric()) {
algorithmUsage = XMLSecurityConstants.Asym_Key_Wrap;
} else {
algorithmUsage = XMLSecurityConstants.Sym_Key_Wrap;
}
if (jceProvider == null) {
cipher = Cipher.getInstance(jceName);
} else {
cipher = Cipher.getInstance(jceName, jceProvider);
}
if (XMLSecurityConstants.NS_XENC11_RSAOAEP.equals(algorithmURI) || XMLSecurityConstants.NS_XENC_RSAOAEPMGF1P.equals(algorithmURI)) {
final DigestMethodType digestMethodType = XMLSecurityUtils.getQNameType(encryptedKeyType.getEncryptionMethod().getContent(), XMLSecurityConstants.TAG_dsig_DigestMethod);
String jceDigestAlgorithm = "SHA-1";
if (digestMethodType != null) {
AlgorithmSuiteSecurityEvent algorithmSuiteSecurityEvent = new AlgorithmSuiteSecurityEvent();
algorithmSuiteSecurityEvent.setAlgorithmURI(digestMethodType.getAlgorithm());
algorithmSuiteSecurityEvent.setAlgorithmUsage(XMLSecurityConstants.EncDig);
algorithmSuiteSecurityEvent.setCorrelationID(correlationID);
inboundSecurityContext.registerSecurityEvent(algorithmSuiteSecurityEvent);
jceDigestAlgorithm = JCEAlgorithmMapper.translateURItoJCEID(digestMethodType.getAlgorithm());
}
PSource.PSpecified pSource = PSource.PSpecified.DEFAULT;
final byte[] oaepParams = XMLSecurityUtils.getQNameType(encryptedKeyType.getEncryptionMethod().getContent(), XMLSecurityConstants.TAG_xenc_OAEPparams);
if (oaepParams != null) {
pSource = new PSource.PSpecified(oaepParams);
}
MGF1ParameterSpec mgfParameterSpec = new MGF1ParameterSpec("SHA-1");
final MGFType mgfType = XMLSecurityUtils.getQNameType(encryptedKeyType.getEncryptionMethod().getContent(), XMLSecurityConstants.TAG_xenc11_MGF);
if (mgfType != null) {
String jceMGFAlgorithm = JCEAlgorithmMapper.translateURItoJCEID(mgfType.getAlgorithm());
mgfParameterSpec = new MGF1ParameterSpec(jceMGFAlgorithm);
}
OAEPParameterSpec oaepParameterSpec = new OAEPParameterSpec(jceDigestAlgorithm, "MGF1", mgfParameterSpec, pSource);
cipher.init(Cipher.UNWRAP_MODE, wrappingSecurityToken.getSecretKey(algorithmURI, algorithmUsage, correlationID), oaepParameterSpec);
} else {
cipher.init(Cipher.UNWRAP_MODE, wrappingSecurityToken.getSecretKey(algorithmURI, algorithmUsage, correlationID));
}
if (encryptedKeyType.getCipherData() == null || encryptedKeyType.getCipherData().getCipherValue() == null) {
throw new XMLSecurityException("stax.encryption.noCipherValue");
}
} catch (NoSuchPaddingException e) {
throw new XMLSecurityException(e);
} catch (NoSuchAlgorithmException e) {
throw new XMLSecurityException(e);
} catch (InvalidAlgorithmParameterException e) {
throw new XMLSecurityException(e);
} catch (InvalidKeyException e) {
throw new XMLSecurityException(e);
} catch (NoSuchProviderException e) {
throw new XMLSecurityException(e);
}
byte[] sha1Bytes = generateDigest(encryptedKeyType.getCipherData().getCipherValue());
String sha1Identifier = Base64.getMimeEncoder().encodeToString(sha1Bytes);
super.setSha1Identifier(sha1Identifier);
try {
Key key = cipher.unwrap(encryptedKeyType.getCipherData().getCipherValue(), jceName, Cipher.SECRET_KEY);
return this.decryptedKey = key.getEncoded();
} catch (IllegalStateException e) {
throw new XMLSecurityException(e);
} catch (Exception e) {
LOG.warn("Unwrapping of the encrypted key failed with error: " + e.getMessage() + ". " + "Generating a faked one to mitigate timing attacks.");
int keyLength = JCEAlgorithmMapper.getKeyLengthFromURI(symmetricAlgorithmURI);
this.decryptedKey = XMLSecurityConstants.generateBytes(keyLength / 8);
return this.decryptedKey;
}
}
};
this.securityToken.setElementPath(responsibleXMLSecStartXMLEvent.getElementPath());
this.securityToken.setXMLSecEvent(responsibleXMLSecStartXMLEvent);
return this.securityToken;
}
@Override
public String getId() {
return encryptedKeyType.getId();
}
};
// register the key token for decryption:
inboundSecurityContext.registerSecurityTokenProvider(encryptedKeyType.getId(), securityTokenProvider);
// fire a tokenSecurityEvent
EncryptedKeyTokenSecurityEvent tokenSecurityEvent = new EncryptedKeyTokenSecurityEvent();
tokenSecurityEvent.setSecurityToken(securityTokenProvider.getSecurityToken());
tokenSecurityEvent.setCorrelationID(encryptedKeyType.getId());
inboundSecurityContext.registerSecurityEvent(tokenSecurityEvent);
// if this EncryptedKey structure contains a reference list, delegate it to a subclass
if (encryptedKeyType.getReferenceList() != null) {
handleReferenceList(inputProcessorChain, encryptedKeyType, securityProperties);
}
}
Also used :
AlgorithmSuiteSecurityEvent(org.apache.xml.security.stax.securityEvent.AlgorithmSuiteSecurityEvent)
EncryptedKeyTokenSecurityEvent(org.apache.xml.security.stax.securityEvent.EncryptedKeyTokenSecurityEvent)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
AbstractInboundSecurityToken(org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken)
NoSuchPaddingException(javax.crypto.NoSuchPaddingException)
DigestMethodType(org.apache.xml.security.binding.xmldsig.DigestMethodType)
MGFType(org.apache.xml.security.binding.xmlenc11.MGFType)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
NoSuchPaddingException(javax.crypto.NoSuchPaddingException)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
KeyInfoType(org.apache.xml.security.binding.xmldsig.KeyInfoType)
OAEPParameterSpec(javax.crypto.spec.OAEPParameterSpec)
AbstractInboundSecurityToken(org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken)
InboundSecurityToken(org.apache.xml.security.stax.securityToken.InboundSecurityToken)
Cipher(javax.crypto.Cipher)
SecurityTokenProvider(org.apache.xml.security.stax.securityToken.SecurityTokenProvider)
MGF1ParameterSpec(java.security.spec.MGF1ParameterSpec)
Example 4 with SecurityTokenProvider
use of org.apache.xml.security.stax.securityToken.SecurityTokenProvider in project santuario-java by apache.
the class OutboundXMLSec method configureSignatureKeys.
private void configureSignatureKeys(final OutboundSecurityContextImpl outboundSecurityContext) throws XMLSecurityException {
Key key = securityProperties.getSignatureKey();
X509Certificate[] x509Certificates = securityProperties.getSignatureCerts();
if (key instanceof PrivateKey && (x509Certificates == null || x509Certificates.length == 0) && securityProperties.getSignatureVerificationKey() == null) {
throw new XMLSecurityException("stax.signature.publicKeyOrCertificateMissing");
}
final String securityTokenid = IDGenerator.generateID("SIG");
final OutboundSecurityToken securityToken = new GenericOutboundSecurityToken(securityTokenid, SecurityTokenConstants.DefaultToken, key, x509Certificates);
if (securityProperties.getSignatureVerificationKey() instanceof PublicKey) {
((GenericOutboundSecurityToken) securityToken).setPublicKey((PublicKey) securityProperties.getSignatureVerificationKey());
}
final SecurityTokenProvider<OutboundSecurityToken> securityTokenProvider = new SecurityTokenProvider<OutboundSecurityToken>() {
@Override
public OutboundSecurityToken getSecurityToken() throws XMLSecurityException {
return securityToken;
}
@Override
public String getId() {
return securityTokenid;
}
};
outboundSecurityContext.registerSecurityTokenProvider(securityTokenid, securityTokenProvider);
outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE, securityTokenid);
}
Also used :
GenericOutboundSecurityToken(org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken)
PrivateKey(java.security.PrivateKey)
OutboundSecurityToken(org.apache.xml.security.stax.securityToken.OutboundSecurityToken)
GenericOutboundSecurityToken(org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken)
PublicKey(java.security.PublicKey)
PublicKey(java.security.PublicKey)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
X509Certificate(java.security.cert.X509Certificate)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
SecurityTokenProvider(org.apache.xml.security.stax.securityToken.SecurityTokenProvider)
Example 5 with SecurityTokenProvider
use of org.apache.xml.security.stax.securityToken.SecurityTokenProvider in project santuario-java by apache.
the class OutboundXMLSec method configureEncryptionKeys.
private void configureEncryptionKeys(final OutboundSecurityContextImpl outboundSecurityContext) throws XMLSecurityException {
// Sort out transport keys / key wrapping keys first.
Key transportKey = securityProperties.getEncryptionTransportKey();
X509Certificate transportCert = securityProperties.getEncryptionUseThisCertificate();
X509Certificate[] transportCerts = null;
if (transportCert != null) {
transportCerts = new X509Certificate[] { transportCert };
}
final OutboundSecurityToken transportSecurityToken = new GenericOutboundSecurityToken(IDGenerator.generateID(null), SecurityTokenConstants.DefaultToken, transportKey, transportCerts);
// Now sort out the session key
Key key = securityProperties.getEncryptionKey();
if (key == null) {
if (transportCert == null && transportKey == null) {
throw new XMLSecurityException("stax.encryption.encryptionKeyMissing");
}
// If none is configured then generate one
String keyAlgorithm = JCEAlgorithmMapper.getJCEKeyAlgorithmFromURI(securityProperties.getEncryptionSymAlgorithm());
KeyGenerator keyGen;
try {
keyGen = KeyGenerator.getInstance(keyAlgorithm);
} catch (NoSuchAlgorithmException e) {
throw new XMLSecurityException(e);
}
// whereas bouncy castle expects the block size of 128 or 192 bits
if (keyAlgorithm.contains("AES")) {
int keyLength = JCEAlgorithmMapper.getKeyLengthFromURI(securityProperties.getEncryptionSymAlgorithm());
keyGen.init(keyLength);
}
key = keyGen.generateKey();
}
final String securityTokenid = IDGenerator.generateID(null);
final GenericOutboundSecurityToken securityToken = new GenericOutboundSecurityToken(securityTokenid, SecurityTokenConstants.DefaultToken, key);
securityToken.setKeyWrappingToken(transportSecurityToken);
final SecurityTokenProvider<OutboundSecurityToken> securityTokenProvider = new SecurityTokenProvider<OutboundSecurityToken>() {
@Override
public OutboundSecurityToken getSecurityToken() throws XMLSecurityException {
return securityToken;
}
@Override
public String getId() {
return securityTokenid;
}
};
outboundSecurityContext.registerSecurityTokenProvider(securityTokenid, securityTokenProvider);
outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION, securityTokenid);
}
Also used :
GenericOutboundSecurityToken(org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken)
OutboundSecurityToken(org.apache.xml.security.stax.securityToken.OutboundSecurityToken)
GenericOutboundSecurityToken(org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
KeyGenerator(javax.crypto.KeyGenerator)
PublicKey(java.security.PublicKey)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
X509Certificate(java.security.cert.X509Certificate)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
SecurityTokenProvider(org.apache.xml.security.stax.securityToken.SecurityTokenProvider)
Aggregations
SecurityTokenProvider (org.apache.xml.security.stax.securityToken.SecurityTokenProvider)5
GenericOutboundSecurityToken (org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken)4
OutboundSecurityToken (org.apache.xml.security.stax.securityToken.OutboundSecurityToken)4
Key (java.security.Key)3
X509Certificate (java.security.cert.X509Certificate)3
XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)3
PrivateKey (java.security.PrivateKey)2
PublicKey (java.security.PublicKey)2
SecretKeySpec (javax.crypto.spec.SecretKeySpec)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
MGF1ParameterSpec (java.security.spec.MGF1ParameterSpec)1
Cipher (javax.crypto.Cipher)1
KeyGenerator (javax.crypto.KeyGenerator)1
NoSuchPaddingException (javax.crypto.NoSuchPaddingException)1
OAEPParameterSpec (javax.crypto.spec.OAEPParameterSpec)1
SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)1
IncludeTokenType (org.apache.wss4j.policy.SPConstants.IncludeTokenType)1
IssuedToken (org.apache.wss4j.policy.model.IssuedToken)1
KerberosClientSecurityToken (org.apache.wss4j.stax.impl.securityToken.KerberosClientSecurityToken)1
WSSecurityTokenConstants (org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants)1
