001: /*
002: * The contents of this file are subject to the terms
003: * of the Common Development and Distribution License
004: * (the License). You may not use this file except in
005: * compliance with the License.
006: *
007: * You can obtain a copy of the license at
008: * https://glassfish.dev.java.net/public/CDDLv1.0.html.
009: * See the License for the specific language governing
010: * permissions and limitations under the License.
011: *
012: * When distributing Covered Code, include this CDDL
013: * Header Notice in each file and include the License file
014: * at https://glassfish.dev.java.net/public/CDDLv1.0.html.
015: * If applicable, add the following below the CDDL Header,
016: * with the fields enclosed by brackets [] replaced by
017: * you own identifying information:
018: * "Portions Copyrighted [year] [name of copyright owner]"
019: *
020: * Copyright 2006 Sun Microsystems Inc. All Rights Reserved
021: */
022:
023: package com.sun.xml.ws.security.opt.impl.keyinfo;
024:
025: import com.sun.xml.ws.security.opt.api.SecurityElement;
026: import com.sun.xml.ws.security.opt.api.SecurityHeaderElement;
027: import com.sun.xml.ws.security.opt.api.keyinfo.BinarySecurityToken;
028: import com.sun.xml.ws.security.opt.api.keyinfo.Token;
029: import com.sun.xml.ws.security.opt.api.reference.Reference;
030: import com.sun.xml.ws.security.opt.impl.crypto.SSEData;
031: import com.sun.xml.ws.security.opt.impl.outgoing.SecurityHeader;
032: import com.sun.xml.ws.security.opt.impl.reference.DirectReference;
033: import com.sun.xml.ws.security.opt.impl.reference.KeyIdentifier;
034: import com.sun.xml.ws.security.opt.impl.util.WSSElementFactory;
035: import com.sun.xml.wss.XWSSecurityException;
036: import com.sun.xml.ws.security.opt.crypto.dsig.keyinfo.KeyInfo;
037: import com.sun.xml.ws.security.opt.crypto.dsig.keyinfo.KeyName;
038: import com.sun.xml.wss.impl.MessageConstants;
039: import com.sun.xml.wss.impl.policy.mls.AuthenticationTokenPolicy;
040: import com.sun.xml.wss.impl.policy.mls.SignaturePolicy;
041: import com.sun.xml.wss.impl.policy.mls.WSSPolicy;
042: import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
043: import com.sun.xml.wss.logging.LogDomainConstants;
044: import com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages;
045: import java.security.cert.CertificateEncodingException;
046: import java.security.cert.X509Certificate;
047: import java.util.logging.Level;
048: import java.util.logging.Logger;
049: import javax.xml.crypto.Data;
050:
051: /**
052: *
053: * @author K.Venugopal@sun.com
054: */
055: public abstract class TokenBuilder implements
056: com.sun.xml.ws.security.opt.api.keyinfo.TokenBuilder {
057:
058: protected static final Logger logger = Logger.getLogger(
059: LogDomainConstants.IMPL_OPT_TOKEN_DOMAIN,
060: LogDomainConstants.IMPL_OPT_TOKEN_DOMAIN_BUNDLE);
061:
062: protected JAXBFilterProcessingContext context = null;
063: protected SecurityHeader securityHeader = null;
064: protected WSSElementFactory elementFactory = null;
065:
066: protected KeyInfo keyInfo = null;
067:
068: /** Creates a new instance of TokenBuilder */
069: public TokenBuilder(JAXBFilterProcessingContext context) {
070: this .context = context;
071: this .securityHeader = context.getSecurityHeader();
072: this .elementFactory = new WSSElementFactory(context
073: .getSOAPVersion());
074: }
075:
076: protected BinarySecurityToken createBinarySecurityToken(
077: AuthenticationTokenPolicy.X509CertificateBinding binding,
078: X509Certificate x509Cert) throws XWSSecurityException {
079: if (binding.INCLUDE_NEVER.equals(binding.getIncludeToken()))
080: return null;
081: String id = getID(binding);
082:
083: if (logger.isLoggable(Level.FINEST)) {
084: logger.log(Level.FINEST, "X509 Token id: " + id);
085: }
086:
087: Token token = (Token) securityHeader.getChildElement(id);
088: if (token != null) {
089: if (token instanceof BinarySecurityToken) {
090: return (BinarySecurityToken) token;
091: }
092: throw new XWSSecurityException(
093: "Found two tokens with same Id attribute");
094: }
095: BinarySecurityToken bst;
096: try {
097: bst = elementFactory.createBinarySecurityToken(id, x509Cert
098: .getEncoded());
099: } catch (CertificateEncodingException ex) {
100: logger.log(Level.SEVERE, LogStringsMessages
101: .WSS_1801_BST_CREATION_FAILED());
102: throw new XWSSecurityException(
103: "Error occured while constructing BinarySecurityToken",
104: ex);
105: }
106: context.getSecurityHeader().add((SecurityHeaderElement) bst);
107: return bst;
108: }
109:
110: protected SecurityTokenReference buildSTR(String strId,
111: Reference ref) {
112: SecurityTokenReference str = elementFactory
113: .createSecurityTokenReference(ref);
114: if (context.getSecurityPolicy() instanceof SignaturePolicy)
115: ((SecurityElement) str).setId(strId);
116: Data data = new SSEData((SecurityElement) str, false, context
117: .getNamespaceContext());
118: context.getElementCache().put(strId, data);
119: return str;
120: }
121:
122: protected SecurityTokenReference buildSTR(Reference ref) {
123: SecurityTokenReference str = elementFactory
124: .createSecurityTokenReference(ref);
125: return str;
126: }
127:
128: protected KeyInfo buildKeyInfo(Reference ref, String strId) {
129: keyInfo = elementFactory.createKeyInfo(buildSTR(strId, ref));
130: return keyInfo;
131: }
132:
133: protected KeyInfo buildKeyInfo(
134: com.sun.xml.ws.security.opt.impl.keyinfo.SecurityTokenReference str) {
135: keyInfo = elementFactory.createKeyInfo(str);
136: return keyInfo;
137: }
138:
139: protected KeyInfo buildKIWithKeyName(String name) {
140: KeyName kn = new KeyName();
141: kn.setKeyName(name);
142: keyInfo = elementFactory.createKeyInfo(kn);
143: return keyInfo;
144: }
145:
146: protected DirectReference buildDirectReference(String id,
147: String valueType) {
148: DirectReference dr = elementFactory.createDirectReference();
149: dr.setURI("#" + id);
150: if (valueType != null) {
151: dr.setValueType(valueType);
152: }
153: return dr;
154: }
155:
156: protected KeyIdentifier buildKeyInfoWithKI(
157: AuthenticationTokenPolicy.X509CertificateBinding binding,
158: String refType) throws XWSSecurityException {
159: KeyIdentifier keyIdentifier = elementFactory
160: .createKeyIdentifier();
161: //keyIdentifier.setValue(binding.getCertificateIdentifier());
162: keyIdentifier.setValueType(refType);
163: keyIdentifier
164: .updateReferenceValue(binding.getX509Certificate());
165: keyIdentifier
166: .setEncodingType(MessageConstants.BASE64_ENCODING_NS);
167: if (keyIdentifier.getValue() == null
168: || keyIdentifier.getValue().length() == 0) {
169: logger.log(Level.SEVERE, LogStringsMessages
170: .WSS_1852_KEY_IDENTIFIER_EMPTY());
171: throw new XWSSecurityException(LogStringsMessages
172: .WSS_1852_KEY_IDENTIFIER_EMPTY());
173: }
174: buildKeyInfo(keyIdentifier, binding.getSTRID());
175: return keyIdentifier;
176: }
177:
178: protected KeyIdentifier buildKeyInfoWithEKSHA1(String ekSHA1Ref) {
179: KeyIdentifier keyIdentifier = elementFactory
180: .createKeyIdentifier();
181: keyIdentifier
182: .setValueType(MessageConstants.EncryptedKeyIdentifier_NS);
183: keyIdentifier
184: .setEncodingType(MessageConstants.BASE64_ENCODING_NS);
185: keyIdentifier.setReferenceValue(ekSHA1Ref);
186: buildKeyInfo(keyIdentifier, null);
187: return keyIdentifier;
188: }
189:
190: protected String getID(WSSPolicy policy) {
191: String id = policy.getUUID();
192: if (id == null || id.length() == 0) {
193: return context.generateID();
194: }
195: return id;
196: }
197:
198: public javax.xml.crypto.dsig.keyinfo.KeyInfo getKeyInfo() {
199: return keyInfo;
200: }
201:
202: }
|