author | weijun |
Tue, 19 Jun 2018 08:06:35 +0800 | |
changeset 50614 | 3810c9a2efa1 |
parent 47216 | 71c04702a3d5 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
2 |
* reserved comment block |
|
3 |
* DO NOT REMOVE OR ALTER! |
|
4 |
*/ |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
5 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
6 |
* Licensed to the Apache Software Foundation (ASF) under one |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
7 |
* or more contributor license agreements. See the NOTICE file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
8 |
* distributed with this work for additional information |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
9 |
* regarding copyright ownership. The ASF licenses this file |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
10 |
* to you under the Apache License, Version 2.0 (the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
11 |
* "License"); you may not use this file except in compliance |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
12 |
* with the License. You may obtain a copy of the License at |
2 | 13 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
14 |
* http://www.apache.org/licenses/LICENSE-2.0 |
2 | 15 |
* |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
16 |
* Unless required by applicable law or agreed to in writing, |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
17 |
* software distributed under the License is distributed on an |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
18 |
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
19 |
* KIND, either express or implied. See the License for the |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
20 |
* specific language governing permissions and limitations |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
21 |
* under the License. |
2 | 22 |
*/ |
23 |
package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations; |
|
24 |
||
25 |
import java.security.PublicKey; |
|
26 |
import java.security.cert.X509Certificate; |
|
27 |
||
28 |
import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; |
|
29 |
import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate; |
|
30 |
import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException; |
|
31 |
import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi; |
|
32 |
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver; |
|
33 |
import com.sun.org.apache.xml.internal.security.utils.Constants; |
|
34 |
import com.sun.org.apache.xml.internal.security.utils.XMLUtils; |
|
35 |
import org.w3c.dom.Element; |
|
36 |
||
37 |
/** |
|
38 |
* Resolves Certificates which are directly contained inside a |
|
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
39 |
* {@code ds:X509Certificate} Element. |
2 | 40 |
* |
41 |
*/ |
|
42 |
public class X509CertificateResolver extends KeyResolverSpi { |
|
43 |
||
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
44 |
private static final com.sun.org.slf4j.internal.Logger LOG = |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
45 |
com.sun.org.slf4j.internal.LoggerFactory.getLogger(X509CertificateResolver.class); |
2 | 46 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
47 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
48 |
* Method engineResolvePublicKey |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
49 |
* {@inheritDoc} |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
50 |
* @param element |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
51 |
* @param baseURI |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
52 |
* @param storage |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
53 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
54 |
* @throws KeyResolverException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
55 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
56 |
public PublicKey engineLookupAndResolvePublicKey( |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
57 |
Element element, String baseURI, StorageResolver storage |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
58 |
) throws KeyResolverException { |
2 | 59 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
60 |
X509Certificate cert = |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
61 |
this.engineLookupResolveX509Certificate(element, baseURI, storage); |
2 | 62 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
63 |
if (cert != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
64 |
return cert.getPublicKey(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
65 |
} |
2 | 66 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
67 |
return null; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
68 |
} |
2 | 69 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
70 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
71 |
* Method engineResolveX509Certificate |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
72 |
* {@inheritDoc} |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
73 |
* @param element |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
74 |
* @param baseURI |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
75 |
* @param storage |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
76 |
* |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
77 |
* @throws KeyResolverException |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
78 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
79 |
public X509Certificate engineLookupResolveX509Certificate( |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
80 |
Element element, String baseURI, StorageResolver storage |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
81 |
) throws KeyResolverException { |
2 | 82 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
83 |
try { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
84 |
Element[] els = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
85 |
XMLUtils.selectDsNodes(element.getFirstChild(), Constants._TAG_X509CERTIFICATE); |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
86 |
if (els == null || els.length == 0) { |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
87 |
Element el = |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
88 |
XMLUtils.selectDsNode(element.getFirstChild(), Constants._TAG_X509DATA, 0); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
89 |
if (el != null) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
90 |
return engineLookupResolveX509Certificate(el, baseURI, storage); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
91 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
92 |
return null; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
93 |
} |
2 | 94 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
95 |
// populate Object array |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
96 |
for (int i = 0; i < els.length; i++) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
97 |
XMLX509Certificate xmlCert = new XMLX509Certificate(els[i], baseURI); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
98 |
X509Certificate cert = xmlCert.getX509Certificate(); |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
99 |
if (cert != null) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
100 |
return cert; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
101 |
} |
2 | 102 |
} |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
103 |
return null; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
104 |
} catch (XMLSecurityException ex) { |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
105 |
LOG.debug("Security Exception", ex); |
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
106 |
throw new KeyResolverException(ex); |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
107 |
} |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
108 |
} |
2 | 109 |
|
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
110 |
/** |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
111 |
* Method engineResolveSecretKey |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
112 |
* {@inheritDoc} |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
113 |
* @param element |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
114 |
* @param baseURI |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
115 |
* @param storage |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
116 |
*/ |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
117 |
public javax.crypto.SecretKey engineLookupAndResolveSecretKey( |
50614
3810c9a2efa1
8177334: Update xmldsig implementation to Apache Santuario 2.1.1
weijun
parents:
47216
diff
changeset
|
118 |
Element element, String baseURI, StorageResolver storage |
18780
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
119 |
) { |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
120 |
return null; |
f47b920867e7
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
mullan
parents:
1337
diff
changeset
|
121 |
} |
2 | 122 |
} |