1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.stax.impl.securityToken;
20
21 import java.security.cert.X509Certificate;
22
23 import javax.security.auth.callback.CallbackHandler;
24
25 import org.apache.wss4j.common.crypto.Crypto;
26 import org.apache.wss4j.common.crypto.CryptoType;
27 import org.apache.wss4j.common.ext.WSSecurityException;
28 import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
29 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
30 import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
31 import org.apache.xml.security.binding.xmldsig.X509IssuerSerialType;
32 import org.apache.xml.security.exceptions.XMLSecurityException;
33
34 public class X509IssuerSerialTokenImpl extends X509SecurityTokenImpl {
35
36 private String alias;
37 private final X509IssuerSerialType x509IssuerSerialType;
38
39 X509IssuerSerialTokenImpl(
40 WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
41 X509IssuerSerialType x509IssuerSerialType, String id, WSSSecurityProperties securityProperties)
42 throws XMLSecurityException {
43
44 super(WSSecurityTokenConstants.X509V3Token, wsInboundSecurityContext, crypto, callbackHandler, id,
45 WSSecurityTokenConstants.KeyIdentifier_IssuerSerial, securityProperties, false);
46
47 if (x509IssuerSerialType.getX509IssuerName() == null
48 || x509IssuerSerialType.getX509SerialNumber() == null) {
49 throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "noKeyinfo");
50 }
51 this.x509IssuerSerialType = x509IssuerSerialType;
52 }
53
54 @Override
55 protected String getAlias() throws XMLSecurityException {
56 if (this.alias == null) {
57 CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ISSUER_SERIAL);
58 cryptoType.setIssuerSerial(
59 x509IssuerSerialType.getX509IssuerName(), x509IssuerSerialType.getX509SerialNumber()
60 );
61 X509Certificate[] certs = null;
62 if (getCrypto() != null) {
63 certs = getCrypto().getX509Certificates(cryptoType);
64 setX509Certificates(certs);
65 }
66 if (certs == null || certs.length == 0) {
67 throw new WSSecurityException(WSSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE);
68 }
69 super.setX509Certificates(new X509Certificate[]{certs[0]});
70 return this.alias = getCrypto().getX509Identifier(certs[0]);
71 }
72 return this.alias;
73 }
74 }