View Javadoc

1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  
20  package org.apache.ws.security.processor;
21  
22  import org.apache.ws.security.WSConstants;
23  import org.apache.ws.security.WSPasswordCallback;
24  import org.apache.ws.security.WSSecurityException;
25  import org.apache.ws.security.util.WSSecurityUtil;
26  import org.w3c.dom.Element;
27  import org.w3c.dom.Node;
28  import org.w3c.dom.Text;
29  
30  import javax.crypto.SecretKey;
31  import javax.security.auth.callback.Callback;
32  import javax.security.auth.callback.CallbackHandler;
33  import javax.security.auth.callback.UnsupportedCallbackException;
34  import java.io.IOException;
35  
36  public final class X509Util {
37      private static org.apache.commons.logging.Log log = 
38          org.apache.commons.logging.LogFactory.getLog(X509Util.class);
39      
40      private X509Util() {
41          // Complete
42      }
43  
44      public static boolean isContent(Node encBodyData) {
45          if (encBodyData != null) {
46              String typeStr = ((Element)encBodyData).getAttribute("Type");
47              if (typeStr != null) {
48                   return typeStr.equals(WSConstants.ENC_NS + "Content");
49              }
50          }
51          return true;
52      }
53  
54      public static String getEncAlgo(Node encBodyData) throws WSSecurityException {
55          Element tmpE = 
56              WSSecurityUtil.getDirectChildElement(
57                  encBodyData, "EncryptionMethod", WSConstants.ENC_NS
58              );
59          String symEncAlgo = null;
60          if (tmpE != null) {
61              symEncAlgo = tmpE.getAttribute("Algorithm");
62              if (symEncAlgo == null || "".equals(symEncAlgo)) {
63                  throw new WSSecurityException(
64                      WSSecurityException.UNSUPPORTED_ALGORITHM, "noEncAlgo"
65                  );
66              }
67          }
68          if (log.isDebugEnabled()) {
69              log.debug("Sym Enc Algo: " + symEncAlgo);
70          }
71          return symEncAlgo;
72      }
73  
74      protected static SecretKey getSharedKey(
75          Element keyInfoElem,
76          String algorithm,
77          CallbackHandler cb
78      ) throws WSSecurityException {
79          String keyName = null;
80          Element keyNmElem = 
81              WSSecurityUtil.getDirectChildElement(
82                  keyInfoElem, "KeyName", WSConstants.SIG_NS
83              );
84          if (keyNmElem != null) {
85              
86              Node node = keyNmElem.getFirstChild();
87              StringBuilder builder = new StringBuilder();
88              while (node != null) {
89                  if (Node.TEXT_NODE == node.getNodeType()) {
90                      builder.append(((Text)node).getData());
91                  }
92                  node = node.getNextSibling();
93              }
94              keyName = builder.toString();
95          }
96          if (keyName == null || keyName.length() <= 0) {
97              throw new WSSecurityException(WSSecurityException.INVALID_SECURITY, "noKeyname");
98          }
99          WSPasswordCallback pwCb = new WSPasswordCallback(keyName, WSPasswordCallback.SECRET_KEY);
100         try {
101             cb.handle(new Callback[]{pwCb});
102         } catch (IOException e) {
103             throw new WSSecurityException(
104                 WSSecurityException.FAILURE,
105                 "noPassword",
106                 new Object[]{keyName}, 
107                 e
108             );
109         } catch (UnsupportedCallbackException e) {
110             throw new WSSecurityException(
111                 WSSecurityException.FAILURE,
112                 "noPassword",
113                 new Object[]{keyName}, 
114                 e
115             );
116         }
117         byte[] decryptedData = pwCb.getKey();
118         if (decryptedData == null) {
119             throw new WSSecurityException(
120                 WSSecurityException.FAILURE,
121                 "noPassword",
122                 new Object[]{keyName}
123             );
124         }
125         return WSSecurityUtil.prepareSecretKey(algorithm, decryptedData);
126     }
127 
128 }