PKIPathSecurity xref

View Javadoc

1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  
20  package org.apache.ws.security.message.token;
21  
22  import org.apache.ws.security.WSConstants;
23  import org.apache.ws.security.WSSecurityException;
24  import org.apache.ws.security.components.crypto.Crypto;
25  import org.w3c.dom.Document;
26  import org.w3c.dom.Element;
27  
28  import java.security.cert.X509Certificate;
29  
30  /**
31   * PKIPath Security Token.
32   *
33   * @author Davanum Srinivas (dims@yahoo.com).
34   */
35  public class PKIPathSecurity extends BinarySecurity {
36      public static final String PKI_TYPE = WSConstants.X509TOKEN_NS + "#X509PKIPathv1";
37  
38      /**
39       * Constructor.
40       *
41       * @param elem The PKIPath element to process
42       * @throws WSSecurityException
43       */
44      public PKIPathSecurity(Element elem) throws WSSecurityException {
45          this(elem, true);
46      }
47      
48      /**
49       * Constructor.
50       * 
51       * @param elem The PKIPath element to process
52       * @param bspCompliant Whether the token is processed according to the BSP spec
53       * @throws WSSecurityException
54       */
55      public PKIPathSecurity(Element elem, boolean bspCompliant) throws WSSecurityException {
56          super(elem, bspCompliant);
57          if (bspCompliant && !PKI_TYPE.equals(getValueType())) {
58              throw new WSSecurityException(
59                  WSSecurityException.INVALID_SECURITY_TOKEN,
60                  "invalidValueType",
61                  new Object[]{PKI_TYPE, getValueType()}
62              );
63          }
64      }
65  
66      /**
67       * Constructor.
68       */
69      public PKIPathSecurity(Document doc) {
70          super(doc);
71          setValueType(PKI_TYPE);
72      }
73  
74      /**
75       * get the X509Certificate array.
76       *
77       * @param crypto
78       * @return array of certificates 
79       * @throws WSSecurityException
80       */
81      public X509Certificate[] getX509Certificates(Crypto crypto)
82          throws WSSecurityException {
83          byte[] data = getToken();
84          if (data == null) {
85              return null;
86          }
87          if (crypto == null) {
88              throw new WSSecurityException(WSSecurityException.FAILURE, "noSigCryptoFile");
89          }
90          return crypto.getCertificatesFromBytes(data);
91      }
92  
93      /**
94       * set the X509Certificate array.
95       *
96       * @param certs
97       * @param crypto
98       * @throws WSSecurityException
99       */
100     public void setX509Certificates(
101         X509Certificate[] certs,
102         Crypto crypto
103     ) throws WSSecurityException {
104         if (certs == null) {
105             throw new WSSecurityException(WSSecurityException.FAILURE, "noCert");
106         }
107         byte[] data = crypto.getBytesFromCertificates(certs);
108         setToken(data);
109     }
110 
111     public static String getType() {
112         return PKI_TYPE;
113     }
114 }