1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.wss4j.common.token;
21
22 import org.apache.wss4j.common.WSS4JConstants;
23 import org.apache.wss4j.common.bsp.BSPEnforcer;
24 import org.apache.wss4j.common.bsp.BSPRule;
25 import org.apache.wss4j.common.crypto.Crypto;
26 import org.apache.wss4j.common.ext.WSSecurityException;
27 import org.w3c.dom.Document;
28 import org.w3c.dom.Element;
29
30 import java.security.cert.X509Certificate;
31
32
33
34
35 public class PKIPathSecurity extends BinarySecurity {
36 public static final String PKI_TYPE = WSS4JConstants.X509TOKEN_NS + "#X509PKIPathv1";
37
38
39
40
41
42
43
44
45 public PKIPathSecurity(Element elem, BSPEnforcer bspEnforcer) throws WSSecurityException {
46 super(elem, bspEnforcer);
47 if (!PKI_TYPE.equals(getValueType())) {
48 bspEnforcer.handleBSPRule(BSPRule.R5214);
49 }
50 }
51
52
53
54
55 public PKIPathSecurity(Document doc) {
56 super(doc);
57 setValueType(PKI_TYPE);
58 }
59
60
61
62
63
64
65
66
67 public X509Certificate[] getX509Certificates(Crypto crypto)
68 throws WSSecurityException {
69 byte[] data = getToken();
70 if (data == null) {
71 return new X509Certificate[0];
72 }
73 if (crypto == null) {
74 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noSigCryptoFile");
75 }
76 return crypto.getCertificatesFromBytes(data);
77 }
78
79
80
81
82
83
84
85
86 public void setX509Certificates(
87 X509Certificate[] certs,
88 Crypto crypto
89 ) throws WSSecurityException {
90 if (certs == null) {
91 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCert");
92 }
93 byte[] data = crypto.getBytesFromCertificates(certs);
94 setToken(data);
95 }
96
97 public static String getType() {
98 return PKI_TYPE;
99 }
100 }