Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
None
-
None
-
None
Description
The UsernameToken profile 1.1 provides for using UsernameTokens for key derivation (section 4: Key Derivation). We currently have some limited support in UsernameToken.java for generating and parsing UsernameTokens with derived keys, but no tests.
The attached patch contains the following improvements:
1) Two bugs in processing a Username Token in UsernameToken.java with a derived key are fixed + some cleanup to the code.
2) WSSecUsernameToken.java is extended to wrap the key derivation functionality of UsernameToken.java.
3) A unit test is added for UsernameToken.java, as well as two tests which use a derived key from a username token for encryption and signing purposes.
The processing of a UsernameToken with derived keys is left for a future release.