1 /*
2 * reserved comment block
3 * DO NOT REMOVE OR ALTER!
4 */
5 /**
6 * Licensed to the Apache Software Foundation (ASF) under one
7 * or more contributor license agreements. See the NOTICE file
8 * distributed with this work for additional information
9 * regarding copyright ownership. The ASF licenses this file
10 * to you under the Apache License, Version 2.0 (the
11 * "License"); you may not use this file except in compliance
12 * with the License. You may obtain a copy of the License at
13 *
14 * http://www.apache.org/licenses/LICENSE-2.0
15 *
16 * Unless required by applicable law or agreed to in writing,
17 * software distributed under the License is distributed on an
18 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
19 * KIND, either express or implied. See the License for the
20 * specific language governing permissions and limitations
21 * under the License.
22 */
23 package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
24
25 import java.security.PublicKey;
26 import java.security.cert.Certificate;
27 import java.security.cert.X509Certificate;
28 import java.util.Iterator;
29
30
31 import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
32 import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SKI;
33 import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException;
34 import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
35 import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
36 import com.sun.org.apache.xml.internal.security.utils.Constants;
37 import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
38 import org.w3c.dom.Element;
39
40 public class X509SKIResolver extends KeyResolverSpi {
41
42 /** {@link org.apache.commons.logging} logging facility */
43 private static java.util.logging.Logger log =
44 java.util.logging.Logger.getLogger(X509SKIResolver.class.getName());
45
46
47 /**
48 * Method engineResolvePublicKey
49 *
50 * @param element
51 * @param baseURI
52 * @param storage
53 * @return null if no {@link PublicKey} could be obtained
54 * @throws KeyResolverException
55 */
56 public PublicKey engineLookupAndResolvePublicKey(
57 Element element, String baseURI, StorageResolver storage
58 ) throws KeyResolverException {
59
60 X509Certificate cert =
61 this.engineLookupResolveX509Certificate(element, baseURI, storage);
62
63 if (cert != null) {
64 return cert.getPublicKey();
65 }
66
67 return null;
68 }
69
70 /**
71 * Method engineResolveX509Certificate
72 * @inheritDoc
73 * @param element
74 * @param baseURI
75 * @param storage
76 *
77 * @throws KeyResolverException
78 */
79 public X509Certificate engineLookupResolveX509Certificate(
80 Element element, String baseURI, StorageResolver storage
81 ) throws KeyResolverException {
82 if (log.isLoggable(java.util.logging.Level.FINE)) {
83 log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
84 }
85 if (!XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_X509DATA)) {
86 if (log.isLoggable(java.util.logging.Level.FINE)) {
87 log.log(java.util.logging.Level.FINE, "I can't");
88 }
89 return null;
90 }
91 /** Field _x509childObject[] */
92 XMLX509SKI x509childObject[] = null;
93
94 Element x509childNodes[] = null;
95 x509childNodes = XMLUtils.selectDsNodes(element.getFirstChild(), Constants._TAG_X509SKI);
96
97 if (!((x509childNodes != null) && (x509childNodes.length > 0))) {
98 if (log.isLoggable(java.util.logging.Level.FINE)) {
99 log.log(java.util.logging.Level.FINE, "I can't");
100 }
101 return null;
102 }
103 try {
104 if (storage == null) {
105 Object exArgs[] = { Constants._TAG_X509SKI };
106 KeyResolverException ex =
107 new KeyResolverException("KeyResolver.needStorageResolver", exArgs);
108
109 if (log.isLoggable(java.util.logging.Level.FINE)) {
110 log.log(java.util.logging.Level.FINE, "", ex);
111 }
112
113 throw ex;
114 }
115
116 x509childObject = new XMLX509SKI[x509childNodes.length];
117
118 for (int i = 0; i < x509childNodes.length; i++) {
119 x509childObject[i] = new XMLX509SKI(x509childNodes[i], baseURI);
120 }
121
122 Iterator<Certificate> storageIterator = storage.getIterator();
123 while (storageIterator.hasNext()) {
124 X509Certificate cert = (X509Certificate)storageIterator.next();
125 XMLX509SKI certSKI = new XMLX509SKI(element.getOwnerDocument(), cert);
126
127 for (int i = 0; i < x509childObject.length; i++) {
128 if (certSKI.equals(x509childObject[i])) {
129 if (log.isLoggable(java.util.logging.Level.FINE)) {
130 log.log(java.util.logging.Level.FINE, "Return PublicKey from " + cert.getSubjectX500Principal().getName());
131 }
132
133 return cert;
134 }
135 }
136 }
137 } catch (XMLSecurityException ex) {
138 throw new KeyResolverException("empty", ex);
139 }
140
141 return null;
142 }
143
144 /**
145 * Method engineResolveSecretKey
146 * @inheritDoc
147 * @param element
148 * @param baseURI
149 * @param storage
150 *
151 */
152 public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
153 Element element, String baseURI, StorageResolver storage
154 ) {
155 return null;
156 }
157 }