1 /*
   2  * reserved comment block
   3  * DO NOT REMOVE OR ALTER!
   4  */
   5 /**
   6  * Licensed to the Apache Software Foundation (ASF) under one
   7  * or more contributor license agreements. See the NOTICE file
   8  * distributed with this work for additional information
   9  * regarding copyright ownership. The ASF licenses this file
  10  * to you under the Apache License, Version 2.0 (the
  11  * "License"); you may not use this file except in compliance
  12  * with the License. You may obtain a copy of the License at
  13  *
  14  * http://www.apache.org/licenses/LICENSE-2.0
  15  *
  16  * Unless required by applicable law or agreed to in writing,
  17  * software distributed under the License is distributed on an
  18  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  19  * KIND, either express or implied. See the License for the
  20  * specific language governing permissions and limitations
  21  * under the License.
  22  */
  23 package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
  24 
  25 import java.security.PublicKey;
  26 import java.security.cert.Certificate;
  27 import java.security.cert.X509Certificate;
  28 import java.util.Iterator;
  29 
  30 import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
  31 import com.sun.org.apache.xml.internal.security.keys.content.X509Data;
  32 import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509IssuerSerial;
  33 import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException;
  34 import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
  35 import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
  36 import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
  37 import com.sun.org.apache.xml.internal.security.utils.Constants;
  38 import org.w3c.dom.Element;
  39 
  40 public class X509IssuerSerialResolver extends KeyResolverSpi {
  41 
  42     /** {@link org.apache.commons.logging} logging facility */
  43     private static java.util.logging.Logger log = 
  44         java.util.logging.Logger.getLogger(X509IssuerSerialResolver.class.getName());
  45 
  46 
  47     /** @inheritDoc */
  48     public PublicKey engineLookupAndResolvePublicKey(
  49         Element element, String baseURI, StorageResolver storage
  50     ) throws KeyResolverException {
  51 
  52         X509Certificate cert = 
  53             this.engineLookupResolveX509Certificate(element, baseURI, storage);
  54 
  55         if (cert != null) {
  56             return cert.getPublicKey();
  57         }
  58 
  59         return null;
  60     }
  61 
  62     /** @inheritDoc */
  63     public X509Certificate engineLookupResolveX509Certificate(
  64         Element element, String baseURI, StorageResolver storage
  65     ) throws KeyResolverException {
  66         if (log.isLoggable(java.util.logging.Level.FINE)) {
  67             log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
  68         }
  69 
  70         X509Data x509data = null;
  71         try {
  72             x509data = new X509Data(element, baseURI);
  73         } catch (XMLSignatureException ex) {
  74             if (log.isLoggable(java.util.logging.Level.FINE)) {
  75                 log.log(java.util.logging.Level.FINE, "I can't");
  76             }
  77             return null;
  78         } catch (XMLSecurityException ex) {
  79             if (log.isLoggable(java.util.logging.Level.FINE)) {
  80                 log.log(java.util.logging.Level.FINE, "I can't");
  81             }
  82             return null;
  83         }
  84 
  85         if (!x509data.containsIssuerSerial()) {
  86             return null;
  87         }
  88         try {
  89             if (storage == null) {
  90                 Object exArgs[] = { Constants._TAG_X509ISSUERSERIAL };
  91                 KeyResolverException ex =
  92                     new KeyResolverException("KeyResolver.needStorageResolver", exArgs);
  93 
  94                 if (log.isLoggable(java.util.logging.Level.FINE)) {
  95                     log.log(java.util.logging.Level.FINE, "", ex);
  96                 }
  97                 throw ex;
  98             }
  99 
 100             int noOfISS = x509data.lengthIssuerSerial();
 101 
 102             Iterator<Certificate> storageIterator = storage.getIterator();
 103             while (storageIterator.hasNext()) {
 104                 X509Certificate cert = (X509Certificate)storageIterator.next();
 105                 XMLX509IssuerSerial certSerial = new XMLX509IssuerSerial(element.getOwnerDocument(), cert);
 106 
 107                 if (log.isLoggable(java.util.logging.Level.FINE)) {
 108                     log.log(java.util.logging.Level.FINE, "Found Certificate Issuer: " + certSerial.getIssuerName());
 109                     log.log(java.util.logging.Level.FINE, "Found Certificate Serial: " + certSerial.getSerialNumber().toString());
 110                 }
 111 
 112                 for (int i = 0; i < noOfISS; i++) {
 113                     XMLX509IssuerSerial xmliss = x509data.itemIssuerSerial(i);
 114 
 115                     if (log.isLoggable(java.util.logging.Level.FINE)) {
 116                         log.log(java.util.logging.Level.FINE, "Found Element Issuer:     "
 117                                   + xmliss.getIssuerName());
 118                         log.log(java.util.logging.Level.FINE, "Found Element Serial:     "
 119                                   + xmliss.getSerialNumber().toString());
 120                     }
 121 
 122                     if (certSerial.equals(xmliss)) {
 123                         if (log.isLoggable(java.util.logging.Level.FINE)) {
 124                             log.log(java.util.logging.Level.FINE, "match !!! ");
 125                         }
 126                         return cert;
 127                     }
 128                     if (log.isLoggable(java.util.logging.Level.FINE)) {
 129                         log.log(java.util.logging.Level.FINE, "no match...");
 130                     }
 131                 }
 132             }
 133 
 134             return null;
 135         } catch (XMLSecurityException ex) {
 136             if (log.isLoggable(java.util.logging.Level.FINE)) {
 137                 log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
 138             }
 139 
 140             throw new KeyResolverException("generic.EmptyMessage", ex);
 141         }
 142     }
 143 
 144     /** @inheritDoc */
 145     public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
 146         Element element, String baseURI, StorageResolver storage
 147     ) {
 148         return null;
 149     }
 150 }