1 /*
2 * reserved comment block
3 * DO NOT REMOVE OR ALTER!
4 */
5 /**
6 * Licensed to the Apache Software Foundation (ASF) under one
7 * or more contributor license agreements. See the NOTICE file
8 * distributed with this work for additional information
9 * regarding copyright ownership. The ASF licenses this file
10 * to you under the Apache License, Version 2.0 (the
11 * "License"); you may not use this file except in compliance
12 * with the License. You may obtain a copy of the License at
13 *
14 * http://www.apache.org/licenses/LICENSE-2.0
15 *
16 * Unless required by applicable law or agreed to in writing,
17 * software distributed under the License is distributed on an
18 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
19 * KIND, either express or implied. See the License for the
20 * specific language governing permissions and limitations
21 * under the License.
22 */
23 package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
24
25 import java.security.PublicKey;
26 import java.security.cert.Certificate;
27 import java.security.cert.X509Certificate;
28 import java.util.Iterator;
29
30
31 import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
32 import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SubjectName;
33 import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException;
34 import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
35 import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
36 import com.sun.org.apache.xml.internal.security.utils.Constants;
37 import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
38 import org.w3c.dom.Element;
39
40 public class X509SubjectNameResolver extends KeyResolverSpi {
41
42 /** {@link org.apache.commons.logging} logging facility */
43 private static java.util.logging.Logger log =
44 java.util.logging.Logger.getLogger(X509SubjectNameResolver.class.getName());
45
46
47 /**
48 * Method engineResolvePublicKey
49 *
50 * @param element
51 * @param BaseURI
52 * @param storage
53 * @return null if no {@link PublicKey} could be obtained
54 * @throws KeyResolverException
55 */
56 public PublicKey engineLookupAndResolvePublicKey(
57 Element element, String baseURI, StorageResolver storage
58 ) throws KeyResolverException {
59
60 X509Certificate cert =
61 this.engineLookupResolveX509Certificate(element, baseURI, storage);
62
63 if (cert != null) {
64 return cert.getPublicKey();
65 }
66
67 return null;
68 }
69
70 /**
71 * Method engineResolveX509Certificate
72 * @inheritDoc
73 * @param element
74 * @param baseURI
75 * @param storage
76 *
77 * @throws KeyResolverException
78 */
79 public X509Certificate engineLookupResolveX509Certificate(
80 Element element, String baseURI, StorageResolver storage
81 ) throws KeyResolverException {
82 if (log.isLoggable(java.util.logging.Level.FINE)) {
83 log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
84 }
85 Element[] x509childNodes = null;
86 XMLX509SubjectName x509childObject[] = null;
87
88 if (!XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_X509DATA)) {
89 if (log.isLoggable(java.util.logging.Level.FINE)) {
90 log.log(java.util.logging.Level.FINE, "I can't");
91 }
92 return null;
93 }
94 x509childNodes =
95 XMLUtils.selectDsNodes(element.getFirstChild(), Constants._TAG_X509SUBJECTNAME);
96
97 if (!((x509childNodes != null)
98 && (x509childNodes.length > 0))) {
99 if (log.isLoggable(java.util.logging.Level.FINE)) {
100 log.log(java.util.logging.Level.FINE, "I can't");
101 }
102 return null;
103 }
104
105 try {
106 if (storage == null) {
107 Object exArgs[] = { Constants._TAG_X509SUBJECTNAME };
108 KeyResolverException ex =
109 new KeyResolverException("KeyResolver.needStorageResolver", exArgs);
110
111 if (log.isLoggable(java.util.logging.Level.FINE)) {
112 log.log(java.util.logging.Level.FINE, "", ex);
113 }
114
115 throw ex;
116 }
117
118 x509childObject = new XMLX509SubjectName[x509childNodes.length];
119
120 for (int i = 0; i < x509childNodes.length; i++) {
121 x509childObject[i] = new XMLX509SubjectName(x509childNodes[i], baseURI);
122 }
123
124 Iterator<Certificate> storageIterator = storage.getIterator();
125 while (storageIterator.hasNext()) {
126 X509Certificate cert = (X509Certificate)storageIterator.next();
127 XMLX509SubjectName certSN =
128 new XMLX509SubjectName(element.getOwnerDocument(), cert);
129
130 if (log.isLoggable(java.util.logging.Level.FINE)) {
131 log.log(java.util.logging.Level.FINE, "Found Certificate SN: " + certSN.getSubjectName());
132 }
133
134 for (int i = 0; i < x509childObject.length; i++) {
135 if (log.isLoggable(java.util.logging.Level.FINE)) {
136 log.log(java.util.logging.Level.FINE, "Found Element SN: "
137 + x509childObject[i].getSubjectName());
138 }
139
140 if (certSN.equals(x509childObject[i])) {
141 if (log.isLoggable(java.util.logging.Level.FINE)) {
142 log.log(java.util.logging.Level.FINE, "match !!! ");
143 }
144
145 return cert;
146 }
147 if (log.isLoggable(java.util.logging.Level.FINE)) {
148 log.log(java.util.logging.Level.FINE, "no match...");
149 }
150 }
151 }
152
153 return null;
154 } catch (XMLSecurityException ex) {
155 if (log.isLoggable(java.util.logging.Level.FINE)) {
156 log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
157 }
158
159 throw new KeyResolverException("generic.EmptyMessage", ex);
160 }
161 }
162
163 /**
164 * Method engineResolveSecretKey
165 * @inheritDoc
166 * @param element
167 * @param baseURI
168 * @param storage
169 *
170 */
171 public javax.crypto.SecretKey engineLookupAndResolveSecretKey(
172 Element element, String baseURI, StorageResolver storage
173 ) {
174 return null;
175 }
176 }