1/* 2 * reserved comment block 3 * DO NOT REMOVE OR ALTER! 4 */ 5/** 6 * Licensed to the Apache Software Foundation (ASF) under one 7 * or more contributor license agreements. See the NOTICE file 8 * distributed with this work for additional information 9 * regarding copyright ownership. The ASF licenses this file 10 * to you under the Apache License, Version 2.0 (the 11 * "License"); you may not use this file except in compliance 12 * with the License. You may obtain a copy of the License at 13 * 14 * http://www.apache.org/licenses/LICENSE-2.0 15 * 16 * Unless required by applicable law or agreed to in writing, 17 * software distributed under the License is distributed on an 18 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 19 * KIND, either express or implied. See the License for the 20 * specific language governing permissions and limitations 21 * under the License. 22 */ 23package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations; 24 25import java.security.PublicKey; 26import java.security.cert.Certificate; 27import java.security.cert.X509Certificate; 28import java.util.Iterator; 29 30 31import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; 32import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SubjectName; 33import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException; 34import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi; 35import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver; 36import com.sun.org.apache.xml.internal.security.utils.Constants; 37import com.sun.org.apache.xml.internal.security.utils.XMLUtils; 38import org.w3c.dom.Element; 39 40public class X509SubjectNameResolver extends KeyResolverSpi { 41 42 /** {@link org.apache.commons.logging} logging facility */ 43 private static java.util.logging.Logger log = 44 java.util.logging.Logger.getLogger(X509SubjectNameResolver.class.getName()); 45 46 47 /** 48 * Method engineResolvePublicKey 49 * 50 * @param element 51 * @param BaseURI 52 * @param storage 53 * @return null if no {@link PublicKey} could be obtained 54 * @throws KeyResolverException 55 */ 56 public PublicKey engineLookupAndResolvePublicKey( 57 Element element, String baseURI, StorageResolver storage 58 ) throws KeyResolverException { 59 60 X509Certificate cert = 61 this.engineLookupResolveX509Certificate(element, baseURI, storage); 62 63 if (cert != null) { 64 return cert.getPublicKey(); 65 } 66 67 return null; 68 } 69 70 /** 71 * Method engineResolveX509Certificate 72 * @inheritDoc 73 * @param element 74 * @param baseURI 75 * @param storage 76 * 77 * @throws KeyResolverException 78 */ 79 public X509Certificate engineLookupResolveX509Certificate( 80 Element element, String baseURI, StorageResolver storage 81 ) throws KeyResolverException { 82 if (log.isLoggable(java.util.logging.Level.FINE)) { 83 log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?"); 84 } 85 Element[] x509childNodes = null; 86 XMLX509SubjectName x509childObject[] = null; 87 88 if (!XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_X509DATA)) { 89 if (log.isLoggable(java.util.logging.Level.FINE)) { 90 log.log(java.util.logging.Level.FINE, "I can't"); 91 } 92 return null; 93 } 94 x509childNodes = 95 XMLUtils.selectDsNodes(element.getFirstChild(), Constants._TAG_X509SUBJECTNAME); 96 97 if (!((x509childNodes != null) 98 && (x509childNodes.length > 0))) { 99 if (log.isLoggable(java.util.logging.Level.FINE)) { 100 log.log(java.util.logging.Level.FINE, "I can't"); 101 } 102 return null; 103 } 104 105 try { 106 if (storage == null) { 107 Object exArgs[] = { Constants._TAG_X509SUBJECTNAME }; 108 KeyResolverException ex = 109 new KeyResolverException("KeyResolver.needStorageResolver", exArgs); 110 111 if (log.isLoggable(java.util.logging.Level.FINE)) { 112 log.log(java.util.logging.Level.FINE, "", ex); 113 } 114 115 throw ex; 116 } 117 118 x509childObject = new XMLX509SubjectName[x509childNodes.length]; 119 120 for (int i = 0; i < x509childNodes.length; i++) { 121 x509childObject[i] = new XMLX509SubjectName(x509childNodes[i], baseURI); 122 } 123 124 Iterator<Certificate> storageIterator = storage.getIterator(); 125 while (storageIterator.hasNext()) { 126 X509Certificate cert = (X509Certificate)storageIterator.next(); 127 XMLX509SubjectName certSN = 128 new XMLX509SubjectName(element.getOwnerDocument(), cert); 129 130 if (log.isLoggable(java.util.logging.Level.FINE)) { 131 log.log(java.util.logging.Level.FINE, "Found Certificate SN: " + certSN.getSubjectName()); 132 } 133 134 for (int i = 0; i < x509childObject.length; i++) { 135 if (log.isLoggable(java.util.logging.Level.FINE)) { 136 log.log(java.util.logging.Level.FINE, "Found Element SN: " 137 + x509childObject[i].getSubjectName()); 138 } 139 140 if (certSN.equals(x509childObject[i])) { 141 if (log.isLoggable(java.util.logging.Level.FINE)) { 142 log.log(java.util.logging.Level.FINE, "match !!! "); 143 } 144 145 return cert; 146 } 147 if (log.isLoggable(java.util.logging.Level.FINE)) { 148 log.log(java.util.logging.Level.FINE, "no match..."); 149 } 150 } 151 } 152 153 return null; 154 } catch (XMLSecurityException ex) { 155 if (log.isLoggable(java.util.logging.Level.FINE)) { 156 log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); 157 } 158 159 throw new KeyResolverException("generic.EmptyMessage", ex); 160 } 161 } 162 163 /** 164 * Method engineResolveSecretKey 165 * @inheritDoc 166 * @param element 167 * @param baseURI 168 * @param storage 169 * 170 */ 171 public javax.crypto.SecretKey engineLookupAndResolveSecretKey( 172 Element element, String baseURI, StorageResolver storage 173 ) { 174 return null; 175 } 176} 177