View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.wss4j.stax.impl.securityToken;
20  
21  import java.security.Key;
22  import java.security.Principal;
23  import java.security.PublicKey;
24  
25  import javax.security.auth.Subject;
26  import javax.security.auth.callback.CallbackHandler;
27  
28  import org.apache.wss4j.common.crypto.Crypto;
29  import org.apache.wss4j.common.ext.WSSecurityException;
30  import org.apache.wss4j.common.principal.PublicKeyPrincipalImpl;
31  import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
32  import org.apache.wss4j.stax.ext.WSSSecurityProperties;
33  import org.apache.wss4j.stax.securityToken.ECKeyValueSecurityToken;
34  import org.apache.xml.security.binding.xmldsig11.ECKeyValueType;
35  import org.apache.xml.security.exceptions.XMLSecurityException;
36  import org.apache.xml.security.stax.ext.XMLSecurityConstants;
37  
38  public class ECKeyValueSecurityTokenImpl
39          extends org.apache.xml.security.stax.impl.securityToken.ECKeyValueSecurityToken
40          implements ECKeyValueSecurityToken {
41  
42      private CallbackHandler callbackHandler;
43      private Crypto crypto;
44      private WSSSecurityProperties securityProperties;
45      private Principal principal;
46  
47      public ECKeyValueSecurityTokenImpl(
48              ECKeyValueType ecKeyValueType, WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto,
49              CallbackHandler callbackHandler, WSSSecurityProperties securityProperties)
50              throws XMLSecurityException {
51          super(ecKeyValueType, wsInboundSecurityContext);
52          this.crypto = crypto;
53          this.callbackHandler = callbackHandler;
54          this.securityProperties = securityProperties;
55      }
56  
57      @Override
58      public void verify() throws XMLSecurityException {
59          crypto.verifyTrust(getPublicKey());
60      }
61  
62      @Override
63      public Subject getSubject() throws WSSecurityException {
64          return null;
65      }
66  
67      @Override
68      public Key getKey(String algorithmURI, XMLSecurityConstants.AlgorithmUsage algorithmUsage,
69                        String correlationID) throws XMLSecurityException {
70          PublicKey publicKey = getPublicKey();
71  
72          try {
73              return crypto.getPrivateKey(publicKey, callbackHandler);
74          } catch (WSSecurityException ex) {
75              // Check to see if we are decrypting rather than signature verification
76              Crypto decCrypto = securityProperties.getDecryptionCrypto();
77              if (decCrypto != null && decCrypto != crypto) {
78                  return decCrypto.getPrivateKey(publicKey, callbackHandler);
79              }
80              throw ex;
81          }
82      }
83  
84      @Override
85      public Principal getPrincipal() throws WSSecurityException {
86          if (this.principal == null) {
87              try {
88                  this.principal = new PublicKeyPrincipalImpl(getPublicKey());
89              } catch (XMLSecurityException e) {
90                  throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, e);
91              }
92          }
93          return this.principal;
94      }
95  }