SWS-307

Author: poutsma

security/src/main/java/org/springframework/ws/soap/security/wss4j/callback/KeyStoreCallbackHandler.java

@@ -18,6 +18,7 @@
 
 import java.io.IOException;
 import java.security.GeneralSecurityException;
+import java.security.Key;
 import java.security.KeyStore;
 import javax.crypto.SecretKey;
 import javax.security.auth.callback.UnsupportedCallbackException;
@@ -51,7 +52,7 @@ public void setKeyStore(KeyStore keyStore) {
     }
 
     /**
-     * Sets the password used to retrieve private keys from the keystore. This property is required for decription based
+     * Sets the password used to retrieve private keys from the keystore. This property is required for decryption based
      * on private keys, and signing.
      */
     public void setPrivateKeyPassword(String privateKeyPassword) {
@@ -61,7 +62,7 @@ public void setPrivateKeyPassword(String privateKeyPassword) {
     }
 
     /**
-     * Sets the password used to retrieve keys from the symmetric keystore. If this property is not set, it default to
+     * Sets the password used to retrieve keys from the symmetric keystore. If this property is not set, it defaults to
      * the private key password.
      *
      * @see #setPrivateKeyPassword(String)
@@ -88,15 +89,12 @@ protected void handleDecrypt(WSPasswordCallback callback) throws IOException, Un
     protected void handleKeyName(WSPasswordCallback callback) throws IOException, UnsupportedCallbackException {
         try {
             String identifier = callback.getIdentifer();
-            KeyStore.PasswordProtection protection = new KeyStore.PasswordProtection(symmetricKeyPassword);
-            KeyStore.Entry entry = keyStore.getEntry(identifier, protection);
-            if (entry instanceof KeyStore.SecretKeyEntry) {
-                KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) entry;
-                SecretKey secretKey = secretKeyEntry.getSecretKey();
-                callback.setKey(secretKey.getEncoded());
+            Key key = keyStore.getKey(identifier, symmetricKeyPassword);
+            if (key instanceof SecretKey) {
+                callback.setKey(key.getEncoded());
             }
             else {
-                throw new WSSecurityException("Key entry [" + entry + "] is not a javax.crypto.SecretKey");
+                throw new WSSecurityException("Key [" + key + "] is not a javax.crypto.SecretKey");
             }
         }
         catch (GeneralSecurityException ex) {

security/src/test/java/org/springframework/ws/soap/security/wss4j/callback/KeyStoreCallbackHandlerTest.java

@@ -0,0 +1,52 @@
+/*
+ * Copyright ${YEAR} the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.ws.soap.security.wss4j.callback;
+
+import java.security.KeyStore;
+
+import junit.framework.TestCase;
+import org.apache.ws.security.WSPasswordCallback;
+
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.ws.soap.security.support.KeyStoreFactoryBean;
+
+public class KeyStoreCallbackHandlerTest extends TestCase {
+
+    private KeyStoreCallbackHandler callbackHandler;
+
+    private WSPasswordCallback callback;
+
+    protected void setUp() throws Exception {
+        callbackHandler = new KeyStoreCallbackHandler();
+        callback = new WSPasswordCallback("secretkey", WSPasswordCallback.KEY_NAME);
+
+        KeyStoreFactoryBean factory = new KeyStoreFactoryBean();
+        factory.setLocation(new ClassPathResource("private.jks"));
+        factory.setPassword("123456");
+        factory.setType("JCEKS");
+        factory.afterPropertiesSet();
+        KeyStore keyStore = (KeyStore) factory.getObject();
+        callbackHandler.setKeyStore(keyStore);
+        callbackHandler.setSymmetricKeyPassword("123456");
+    }
+
+    public void testHandleKeyName() throws Exception {
+        callbackHandler.handleInternal(callback);
+        assertNotNull("symmetric key must not be null", callback.getKey());
+    }
+
+}