View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  
20  package org.apache.wss4j.common.token;
21  
22  import org.apache.wss4j.common.WSS4JConstants;
23  import org.apache.wss4j.common.bsp.BSPEnforcer;
24  import org.apache.wss4j.common.bsp.BSPRule;
25  import org.apache.wss4j.common.crypto.Crypto;
26  import org.apache.wss4j.common.ext.WSSecurityException;
27  import org.w3c.dom.Document;
28  import org.w3c.dom.Element;
29  
30  import java.security.cert.X509Certificate;
31  
32  /**
33   * PKIPath Security Token.
34   */
35  public class PKIPathSecurity extends BinarySecurity {
36      public static final String PKI_TYPE = WSS4JConstants.X509TOKEN_NS + "#X509PKIPathv1";
37  
38      /**
39       * Constructor.
40       *
41       * @param elem The PKIPath element to process
42       * @param bspEnforcer a BSPEnforcer instance to enforce BSP rules
43       * @throws WSSecurityException
44       */
45      public PKIPathSecurity(Element elem, BSPEnforcer bspEnforcer) throws WSSecurityException {
46          super(elem, bspEnforcer);
47          if (!PKI_TYPE.equals(getValueType())) {
48              bspEnforcer.handleBSPRule(BSPRule.R5214);
49          }
50      }
51  
52      /**
53       * Constructor.
54       */
55      public PKIPathSecurity(Document doc) {
56          super(doc);
57          setValueType(PKI_TYPE);
58      }
59  
60      /**
61       * get the X509Certificate array.
62       *
63       * @param crypto
64       * @return array of certificates
65       * @throws WSSecurityException
66       */
67      public X509Certificate[] getX509Certificates(Crypto crypto)
68          throws WSSecurityException {
69          byte[] data = getToken();
70          if (data == null) {
71              return new X509Certificate[0];
72          }
73          if (crypto == null) {
74              throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noSigCryptoFile");
75          }
76          return crypto.getCertificatesFromBytes(data);
77      }
78  
79      /**
80       * set the X509Certificate array.
81       *
82       * @param certs
83       * @param crypto
84       * @throws WSSecurityException
85       */
86      public void setX509Certificates(
87          X509Certificate[] certs,
88          Crypto crypto
89      ) throws WSSecurityException {
90          if (certs == null) {
91              throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCert");
92          }
93          byte[] data = crypto.getBytesFromCertificates(certs);
94          setToken(data);
95      }
96  
97      public static String getType() {
98          return PKI_TYPE;
99      }
100 }