This is an automated email from the ASF dual-hosted git repository.
billblough pushed a commit to branch RAMPART-287
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-rampart.git
commit 7eb53caa19a037d52a9f032d4c9823b9cfbc64e8
Merge: c25bef8 df5ff7f
Author: Andreas Veithen <veit...@apache.org>
AuthorDate: Sun Jan 29 18:16:17 2017 +0000
RAMPART-287: Apply patch provided by Suresh Attanayake.
.../rampart/builder/AsymmetricBindingBuilder.java | 74 +++++++++++-----------
.../org/apache/rampart/builder/BindingBuilder.java | 4 +-
2 files changed, 39 insertions(+), 39 deletions(-)
diff --cc
modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
index 0572cd6,0572cd6..2708a99
---
a/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
+++
b/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
@@@ -284,8 -284,8 +284,8 @@@ public class AsymmetricBindingBuilder e
+", Signature tool :" + (t2 - t1) );
}
-- // Check for signature protection
-- if (rpd.isSignatureProtection() && this.mainSigId != null) {
++ // Check for signature protection and encrypted supporting tokens
++ if (rpd.isSignatureProtection() && this.mainSigId != null ||
!encryptedTokensIdList.isEmpty()) {
long t3 = 0, t4 = 0;
if(tlog.isDebugEnabled()){
t3 = System.currentTimeMillis();
@@@ -293,9 -293,9 +293,10 @@@
List<WSEncryptionPart> secondEncrParts = new
ArrayList<WSEncryptionPart>();
-- // Now encrypt the signature using the above token
-- secondEncrParts.add(new WSEncryptionPart(this.mainSigId,
-- "Element"));
++ if (rpd.isSignatureProtection() &&
this.mainSigId != null) {
++ // Now encrypt the signature using the
above token
++ secondEncrParts.add(new
WSEncryptionPart(this.mainSigId, "Element"));
++ }
if(rmd.isInitiator()) {
for (String anEncryptedTokensIdList :
encryptedTokensIdList) {
@@@ -303,38 -303,38 +304,37 @@@
}
}
-- Element secondRefList = null;
--
-- if (encryptionToken.isDerivedKeys()) {
-- try {
--
-- secondRefList = dkEncr.encryptForExternalRef(null,
-- secondEncrParts);
-- RampartUtil.insertSiblingAfter(rmd, encrDKTokenElem,
-- secondRefList);
--
-- } catch (WSSecurityException e) {
-- throw new
RampartException("errorCreatingEncryptedKey",
-- e);
-- }
-- } else {
-- try {
-- // Encrypt, get hold of the ref list and add it
-- secondRefList = encr.encryptForExternalRef(null,
-- secondEncrParts);
--
-- // Insert the ref list after the encrypted key elem
-- this.setInsertionLocation(RampartUtil
-- .insertSiblingAfter(rmd, encrTokenElement,
-- secondRefList));
-- } catch (WSSecurityException e) {
-- throw new RampartException("errorInEncryption", e);
-- }
-- }
-- if(tlog.isDebugEnabled()){
-- t4 = System.currentTimeMillis();
-- tlog.debug("Signature protection took :" + (t4 - t3));
-- }
++ if (!secondEncrParts.isEmpty()) {
++
++ Element secondRefList = null;
++
++ if (encryptionToken.isDerivedKeys()) {
++ try {
++
++ secondRefList =
dkEncr.encryptForExternalRef(null, secondEncrParts);
++
RampartUtil.insertSiblingAfter(rmd, encrDKTokenElem, secondRefList);
++
++ } catch (WSSecurityException e)
{
++ throw new
RampartException("errorCreatingEncryptedKey", e);
++ }
++ } else {
++ try {
++ // Encrypt, get hold of
the ref list and add it
++ secondRefList =
encr.encryptForRef(null, secondEncrParts);
++
++ // Insert the ref list
after the encrypted key elem
++
this.setInsertionLocation(RampartUtil.insertSiblingAfter(rmd,
++
encrTokenElement, secondRefList));
++ } catch (WSSecurityException e)
{
++ throw new
RampartException("errorInEncryption", e);
++ }
++ }
++
++ if (tlog.isDebugEnabled()) {
++ t4 = System.currentTimeMillis();
++ tlog.debug("Signature
protection took :" + (t4 - t3));
++ }
++ }
}
}
diff --cc
modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
index 6dc753c,6dc753c..5f18311
---
a/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
+++
b/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
@@@ -227,8 -227,8 +227,8 @@@ public abstract class BindingBuilder
RampartUtil.setEncryptionUser(rmd, encrKey);
//TODO we do not need to pass keysize as it is taken from
algorithm it self - verify
--
encrKey.setKeyEncAlgo(rpd.getAlgorithmSuite().getAsymmetricKeyWrap());
--
++
encrKey.setKeyEncAlgo(rpd.getAlgorithmSuite().getAsymmetricKeyWrap());
++
encrKey.setSymmetricEncAlgorithm(rpd.getAlgorithmSuite().getEncryption());
encrKey.prepare(doc,
RampartUtil.getEncryptionCrypto(rpd.getRampartConfig(),
rmd.getCustomClassLoader()));
return encrKey;
