001: /*
002: * TokenProcessor.java
003: *
004: * Created on September 8, 2006, 10:44 AM
005: *
006: * The contents of this file are subject to the terms
007: * of the Common Development and Distribution License
008: * (the License). You may not use this file except in
009: * compliance with the License.
010: *
011: * You can obtain a copy of the license at
012: * https://glassfish.dev.java.net/public/CDDLv1.0.html.
013: * See the License for the specific language governing
014: * permissions and limitations under the License.
015: *
016: * When distributing Covered Code, include this CDDL
017: * Header Notice in each file and include the License file
018: * at https://glassfish.dev.java.net/public/CDDLv1.0.html.
019: * If applicable, add the following below the CDDL Header,
020: * with the fields enclosed by brackets [] replaced by
021: * you own identifying information:
022: * "Portions Copyrighted [year] [name of copyright owner]"
023: *
024: * Copyright 2006 Sun Microsystems Inc. All Rights Reserved
025: */
026:
027: package com.sun.xml.ws.security.opt.impl.dsig;
028:
029: import com.sun.org.apache.xml.internal.security.encryption.XMLCipher;
030: import com.sun.xml.ws.security.opt.api.keyinfo.BuilderResult;
031: import com.sun.xml.ws.security.opt.api.keyinfo.TokenBuilder;
032: import com.sun.xml.ws.security.opt.impl.keyinfo.DerivedKeyTokenBuilder;
033: import com.sun.xml.ws.security.opt.impl.keyinfo.IssuedTokenBuilder;
034: import com.sun.xml.ws.security.opt.impl.keyinfo.SCTBuilder;
035: import com.sun.xml.ws.security.opt.impl.keyinfo.SamlTokenBuilder;
036: import com.sun.xml.ws.security.opt.impl.keyinfo.SymmetricTokenBuilder;
037: import com.sun.xml.ws.security.opt.impl.keyinfo.X509TokenBuilder;
038: import com.sun.xml.ws.security.opt.impl.util.NamespaceContextEx;
039: import com.sun.xml.wss.impl.policy.mls.AuthenticationTokenPolicy;
040: import com.sun.xml.wss.impl.policy.mls.IssuedTokenKeyBinding;
041: import com.sun.xml.wss.impl.policy.mls.SecureConversationTokenKeyBinding;
042: import com.sun.xml.wss.impl.policy.mls.SignaturePolicy;
043: import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
044: import com.sun.xml.wss.impl.policy.mls.WSSPolicy;
045: import com.sun.xml.wss.XWSSecurityException;
046: import com.sun.xml.wss.impl.PolicyTypeUtil;
047: import com.sun.xml.wss.impl.policy.mls.PrivateKeyBinding;
048: import com.sun.xml.wss.impl.policy.mls.SymmetricKeyBinding;
049: import com.sun.xml.wss.impl.policy.mls.DerivedTokenKeyBinding;
050: import com.sun.xml.ws.security.opt.crypto.dsig.keyinfo.KeyInfo;
051: import com.sun.xml.wss.impl.MessageConstants;
052: import com.sun.xml.wss.impl.AlgorithmSuite;
053: import com.sun.xml.wss.logging.LogDomainConstants;
054: import com.sun.xml.wss.logging.impl.opt.signature.LogStringsMessages;
055: import java.security.Key;
056: import java.util.logging.Level;
057: import java.util.logging.Logger;
058:
059: /**
060: *
061: * TokenProcessor for Signature. Looks at the keyBinding and
062: * polulates BuilderResult with appropriate key and KeyInfo
063: * @author Ashutosh.Shahi@sun.com
064: */
065:
066: public class TokenProcessor {
067:
068: private static final Logger logger = Logger.getLogger(
069: LogDomainConstants.IMPL_OPT_SIGNATURE_DOMAIN,
070: LogDomainConstants.IMPL_OPT_SIGNATURE_DOMAIN_BUNDLE);
071:
072: private Key signingKey = null;
073: //private KeyInfo siKI = null;
074: private TokenBuilder builder = null;
075: private WSSPolicy keyBinding = null;
076: //private SignaturePolicy sp = null;
077: private JAXBFilterProcessingContext context = null;
078:
079: /**
080: * Creates a new instance of TokenProcessor
081: * @param sp SignaturePolicy
082: * @param context the ProcessingContext
083: */
084: public TokenProcessor(SignaturePolicy sp,
085: JAXBFilterProcessingContext context) {
086: //this.sp = sp;
087: this .context = context;
088: this .keyBinding = (WSSPolicy) sp.getKeyBinding();
089: }
090:
091: /**
092: * process the keyBinding and populate BuilderResult with appropriate key and KeyInfo
093: * @return <CODE>BuilderResult</CODE> populated with appropriate values
094: * @throws com.sun.xml.wss.XWSSecurityException
095: */
096: public BuilderResult process() throws XWSSecurityException {
097:
098: String keyEncAlgo = XMLCipher.RSA_v1dot5; //<--Harcoding of Algo
099: String dataEncAlgo = MessageConstants.TRIPLE_DES_BLOCK_ENCRYPTION;
100:
101: AlgorithmSuite algSuite = context.getAlgorithmSuite();
102: String tmp = null;
103: if (algSuite != null) {
104: tmp = algSuite.getAsymmetricKeyAlgorithm();
105: }
106: if (tmp != null && !"".equals(tmp)) {
107: keyEncAlgo = tmp;
108: }
109: if (algSuite != null) {
110: tmp = algSuite.getEncryptionAlgorithm();
111: }
112: if (tmp != null && !"".equals(tmp)) {
113: dataEncAlgo = tmp;
114: }
115:
116: if (PolicyTypeUtil.usernameTokenPolicy(keyBinding)) {
117: logger.log(Level.SEVERE, LogStringsMessages
118: .WSS_1702_UNSUPPORTED_USERNAMETOKEN_KEYBINDING());
119: throw new XWSSecurityException(
120: "UsernameToken as KeyBinding for SignaturePolicy is Not Yet Supported");
121: } else if (PolicyTypeUtil.x509CertificateBinding(keyBinding)) {
122: AuthenticationTokenPolicy.X509CertificateBinding certificateBinding = null;
123: if (context.getX509CertificateBinding() != null) {
124: certificateBinding = context
125: .getX509CertificateBinding();
126: context.setX509CertificateBinding(null);
127: } else {
128: certificateBinding = (AuthenticationTokenPolicy.X509CertificateBinding) keyBinding;
129: }
130:
131: PrivateKeyBinding privKBinding = (PrivateKeyBinding) certificateBinding
132: .getKeyBinding();
133: signingKey = privKBinding.getPrivateKey();
134:
135: builder = new X509TokenBuilder(context, certificateBinding);
136: BuilderResult xtbResult = builder.process();
137:
138: xtbResult.setDataProtectionKey(signingKey);
139: return xtbResult;
140: } else if (PolicyTypeUtil.symmetricKeyBinding(keyBinding)) {
141: SymmetricKeyBinding skb = null;
142: if (context.getSymmetricKeyBinding() != null) {
143: skb = context.getSymmetricKeyBinding();
144: context.setSymmetricKeyBinding(null);
145: } else {
146: skb = (SymmetricKeyBinding) keyBinding;
147: }
148:
149: builder = new SymmetricTokenBuilder(skb, context,
150: dataEncAlgo, keyEncAlgo);
151: BuilderResult skbResult = builder.process();
152: return skbResult;
153: } else if (PolicyTypeUtil.derivedTokenKeyBinding(keyBinding)) {
154: DerivedTokenKeyBinding dtk = (DerivedTokenKeyBinding) keyBinding;
155: ((NamespaceContextEx) context.getNamespaceContext())
156: .addSCNS();
157: builder = new DerivedKeyTokenBuilder(context, dtk);
158: BuilderResult dtkResult = builder.process();
159: return dtkResult;
160: } else if (PolicyTypeUtil.issuedTokenKeyBinding(keyBinding)) {
161: IssuedTokenBuilder itb = new IssuedTokenBuilder(context,
162: (IssuedTokenKeyBinding) keyBinding);
163: BuilderResult itbResult = itb.process();
164: return itbResult;
165: } else if (PolicyTypeUtil
166: .secureConversationTokenKeyBinding(keyBinding)) {
167: ((NamespaceContextEx) context.getNamespaceContext())
168: .addSCNS();
169: SCTBuilder builder = new SCTBuilder(context,
170: (SecureConversationTokenKeyBinding) keyBinding);
171: BuilderResult sctResult = builder.process();
172: return sctResult;
173: } else if (PolicyTypeUtil.samlTokenPolicy(keyBinding)) {
174: ((NamespaceContextEx) context.getNamespaceContext())
175: .addSAMLNS();
176: SamlTokenBuilder stb = new SamlTokenBuilder(
177: context,
178: (AuthenticationTokenPolicy.SAMLAssertionBinding) keyBinding,
179: true);
180: return stb.process();
181: } else {
182: logger
183: .log(
184: Level.SEVERE,
185: LogStringsMessages
186: .WSS_1703_UNSUPPORTED_KEYBINDING_SIGNATUREPOLICY(keyBinding));
187: throw new UnsupportedOperationException(
188: "Unsupported Key Binding" + keyBinding);
189:
190: }
191: }
192:
193: }
|