View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.wss4j.stax.impl.securityToken;
20  
21  import java.security.Key;
22  import java.security.Principal;
23  import java.security.PublicKey;
24  
25  import javax.security.auth.Subject;
26  import javax.security.auth.callback.CallbackHandler;
27  
28  import org.apache.wss4j.common.crypto.Crypto;
29  import org.apache.wss4j.common.ext.WSSecurityException;
30  import org.apache.wss4j.common.principal.PublicKeyPrincipalImpl;
31  import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
32  import org.apache.wss4j.stax.ext.WSSSecurityProperties;
33  import org.apache.wss4j.stax.securityToken.RsaKeyValueSecurityToken;
34  import org.apache.xml.security.binding.xmldsig.RSAKeyValueType;
35  import org.apache.xml.security.exceptions.XMLSecurityException;
36  import org.apache.xml.security.stax.ext.XMLSecurityConstants;
37  
38  public class RsaKeyValueSecurityTokenImpl
39          extends org.apache.xml.security.stax.impl.securityToken.RsaKeyValueSecurityToken
40          implements RsaKeyValueSecurityToken {
41  
42      private CallbackHandler callbackHandler;
43      private Crypto crypto;
44      private WSSSecurityProperties securityProperties;
45      private Principal principal;
46  
47      public RsaKeyValueSecurityTokenImpl(
48              RSAKeyValueType rsaKeyValueType, WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto,
49              CallbackHandler callbackHandler, WSSSecurityProperties securityProperties) {
50          super(rsaKeyValueType, wsInboundSecurityContext);
51          this.crypto = crypto;
52          this.callbackHandler = callbackHandler;
53          this.securityProperties = securityProperties;
54      }
55  
56      @Override
57      public void verify() throws XMLSecurityException {
58          crypto.verifyTrust(getPublicKey());
59      }
60  
61      @Override
62      public Subject getSubject() throws WSSecurityException {
63          return null;
64      }
65  
66      @Override
67      public Key getKey(String algorithmURI, XMLSecurityConstants.AlgorithmUsage algorithmUsage,
68                        String correlationID) throws XMLSecurityException {
69          PublicKey publicKey = getPublicKey();
70  
71          try {
72              return crypto.getPrivateKey(publicKey, callbackHandler);
73          } catch (WSSecurityException ex) {
74              // Check to see if we are decrypting rather than signature verification
75              Crypto decCrypto = securityProperties.getDecryptionCrypto();
76              if (decCrypto != null && decCrypto != crypto) {
77                  return decCrypto.getPrivateKey(publicKey, callbackHandler);
78              }
79              throw ex;
80          }
81      }
82  
83      @Override
84      public Principal getPrincipal() throws WSSecurityException {
85          if (this.principal == null) {
86              try {
87                  this.principal = new PublicKeyPrincipalImpl(getPublicKey());
88              } catch (XMLSecurityException e) {
89                  throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, e);
90              }
91          }
92          return this.principal;
93      }
94  }