1 /* 2 * reserved comment block 3 * DO NOT REMOVE OR ALTER! 4 */ 5 /** 6 * Licensed to the Apache Software Foundation (ASF) under one 7 * or more contributor license agreements. See the NOTICE file 8 * distributed with this work for additional information 9 * regarding copyright ownership. The ASF licenses this file 10 * to you under the Apache License, Version 2.0 (the 11 * "License"); you may not use this file except in compliance 12 * with the License. You may obtain a copy of the License at 13 * 14 * http://www.apache.org/licenses/LICENSE-2.0 15 * 16 * Unless required by applicable law or agreed to in writing, 17 * software distributed under the License is distributed on an 18 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 19 * KIND, either express or implied. See the License for the 20 * specific language governing permissions and limitations 21 * under the License. 22 */ 23 package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations; 24 25 import java.security.PublicKey; 26 import java.security.cert.Certificate; 27 import java.security.cert.X509Certificate; 28 import java.util.Iterator; 29 30 import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; 31 import com.sun.org.apache.xml.internal.security.keys.content.X509Data; 32 import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509IssuerSerial; 33 import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException; 34 import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi; 35 import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver; 36 import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; 37 import com.sun.org.apache.xml.internal.security.utils.Constants; 38 import org.w3c.dom.Element; 39 40 public class X509IssuerSerialResolver extends KeyResolverSpi { 41 42 /** {@link org.apache.commons.logging} logging facility */ 43 private static java.util.logging.Logger log = 44 java.util.logging.Logger.getLogger(X509IssuerSerialResolver.class.getName()); 45 46 47 /** @inheritDoc */ 48 public PublicKey engineLookupAndResolvePublicKey( 49 Element element, String baseURI, StorageResolver storage 50 ) throws KeyResolverException { 51 52 X509Certificate cert = 53 this.engineLookupResolveX509Certificate(element, baseURI, storage); 54 55 if (cert != null) { 56 return cert.getPublicKey(); 57 } 58 59 return null; 60 } 61 62 /** @inheritDoc */ 63 public X509Certificate engineLookupResolveX509Certificate( 64 Element element, String baseURI, StorageResolver storage 65 ) throws KeyResolverException { 66 if (log.isLoggable(java.util.logging.Level.FINE)) { 67 log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?"); 68 } 69 70 X509Data x509data = null; 71 try { 72 x509data = new X509Data(element, baseURI); 73 } catch (XMLSignatureException ex) { 74 if (log.isLoggable(java.util.logging.Level.FINE)) { 75 log.log(java.util.logging.Level.FINE, "I can't"); 76 } 77 return null; 78 } catch (XMLSecurityException ex) { 79 if (log.isLoggable(java.util.logging.Level.FINE)) { 80 log.log(java.util.logging.Level.FINE, "I can't"); 81 } 82 return null; 83 } 84 85 if (!x509data.containsIssuerSerial()) { 86 return null; 87 } 88 try { 89 if (storage == null) { 90 Object exArgs[] = { Constants._TAG_X509ISSUERSERIAL }; 91 KeyResolverException ex = 92 new KeyResolverException("KeyResolver.needStorageResolver", exArgs); 93 94 if (log.isLoggable(java.util.logging.Level.FINE)) { 95 log.log(java.util.logging.Level.FINE, "", ex); 96 } 97 throw ex; 98 } 99 100 int noOfISS = x509data.lengthIssuerSerial(); 101 102 Iterator<Certificate> storageIterator = storage.getIterator(); 103 while (storageIterator.hasNext()) { 104 X509Certificate cert = (X509Certificate)storageIterator.next(); 105 XMLX509IssuerSerial certSerial = new XMLX509IssuerSerial(element.getOwnerDocument(), cert); 106 107 if (log.isLoggable(java.util.logging.Level.FINE)) { 108 log.log(java.util.logging.Level.FINE, "Found Certificate Issuer: " + certSerial.getIssuerName()); 109 log.log(java.util.logging.Level.FINE, "Found Certificate Serial: " + certSerial.getSerialNumber().toString()); 110 } 111 112 for (int i = 0; i < noOfISS; i++) { 113 XMLX509IssuerSerial xmliss = x509data.itemIssuerSerial(i); 114 115 if (log.isLoggable(java.util.logging.Level.FINE)) { 116 log.log(java.util.logging.Level.FINE, "Found Element Issuer: " 117 + xmliss.getIssuerName()); 118 log.log(java.util.logging.Level.FINE, "Found Element Serial: " 119 + xmliss.getSerialNumber().toString()); 120 } 121 122 if (certSerial.equals(xmliss)) { 123 if (log.isLoggable(java.util.logging.Level.FINE)) { 124 log.log(java.util.logging.Level.FINE, "match !!! "); 125 } 126 return cert; 127 } 128 if (log.isLoggable(java.util.logging.Level.FINE)) { 129 log.log(java.util.logging.Level.FINE, "no match..."); 130 } 131 } 132 } 133 134 return null; 135 } catch (XMLSecurityException ex) { 136 if (log.isLoggable(java.util.logging.Level.FINE)) { 137 log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); 138 } 139 140 throw new KeyResolverException("generic.EmptyMessage", ex); 141 } 142 } 143 144 /** @inheritDoc */ 145 public javax.crypto.SecretKey engineLookupAndResolveSecretKey( 146 Element element, String baseURI, StorageResolver storage 147 ) { 148 return null; 149 } 150 }