View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.wss4j.stax.impl.securityToken;
20  
21  import org.apache.wss4j.common.crypto.Crypto;
22  import org.apache.wss4j.common.crypto.CryptoType;
23  import org.apache.wss4j.common.ext.WSSecurityException;
24  import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
25  import org.apache.wss4j.stax.ext.WSSSecurityProperties;
26  import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
27  import org.apache.xml.security.exceptions.XMLSecurityException;
28  
29  import javax.security.auth.callback.CallbackHandler;
30  import java.security.cert.X509Certificate;
31  
32  public class X509SKISecurityTokenImpl extends X509SecurityTokenImpl {
33  
34      private String alias;
35      private final byte[] binaryContent;
36  
37      X509SKISecurityTokenImpl(
38              WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
39              byte[] binaryContent, String id, WSSSecurityProperties securityProperties) {
40  
41          super(WSSecurityTokenConstants.X509V3Token, wsInboundSecurityContext, crypto, callbackHandler, id,
42                  WSSecurityTokenConstants.KeyIdentifier_SkiKeyIdentifier, securityProperties, false);
43          this.binaryContent = binaryContent;
44      }
45  
46      @Override
47      protected String getAlias() throws XMLSecurityException {
48          if (this.alias == null) {
49              CryptoType cryptoType = new CryptoType(CryptoType.TYPE.SKI_BYTES);
50              cryptoType.setBytes(binaryContent);
51              X509Certificate[] certs = null;
52              if (getCrypto() != null) {
53                  certs = getCrypto().getX509Certificates(cryptoType);
54              }
55              if (certs == null || certs.length == 0) {
56                  throw new WSSecurityException(WSSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE);
57              }
58              super.setX509Certificates(new X509Certificate[]{certs[0]});
59              this.alias = getCrypto().getX509Identifier(certs[0]);
60          }
61          return this.alias;
62      }
63  }