001: /*
002: * $Id: X509SecurityToken.java,v 1.6 2007/01/08 09:28:46 ashutoshshahi Exp $
003: */
004:
005: /*
006: * The contents of this file are subject to the terms
007: * of the Common Development and Distribution License
008: * (the License). You may not use this file except in
009: * compliance with the License.
010: *
011: * You can obtain a copy of the license at
012: * https://glassfish.dev.java.net/public/CDDLv1.0.html.
013: * See the License for the specific language governing
014: * permissions and limitations under the License.
015: *
016: * When distributing Covered Code, include this CDDL
017: * Header Notice in each file and include the License file
018: * at https://glassfish.dev.java.net/public/CDDLv1.0.html.
019: * If applicable, add the following below the CDDL Header,
020: * with the fields enclosed by brackets [] replaced by
021: * you own identifying information:
022: * "Portions Copyrighted [year] [name of copyright owner]"
023: *
024: * Copyright 2006 Sun Microsystems Inc. All Rights Reserved
025: */
026: package com.sun.xml.wss.core;
027:
028: import java.io.ByteArrayInputStream;
029: import java.security.cert.CertificateEncodingException;
030: import java.security.cert.CertificateFactory;
031: import java.security.cert.X509Certificate;
032: import java.util.logging.Level;
033: import java.util.logging.Logger;
034:
035: import javax.xml.soap.SOAPElement;
036:
037: import org.w3c.dom.Document;
038:
039: import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
040: import com.sun.xml.wss.impl.misc.Base64;
041: import com.sun.xml.wss.logging.LogDomainConstants;
042: import com.sun.xml.wss.impl.MessageConstants;
043: import com.sun.xml.wss.impl.SecurityTokenException;
044: import com.sun.xml.wss.impl.XMLUtil;
045: import com.sun.xml.wss.XWSSecurityException;
046: import com.sun.xml.wss.impl.misc.SecurityHeaderBlockImpl;
047:
048: import com.sun.xml.ws.security.Token;
049:
050: /**
051: * An X509 v3 certificate BinarySecurityToken.
052: *
053: * @author Manveen Kaur
054: * @author Edwin Goei
055: */
056: public class X509SecurityToken extends BinarySecurityToken implements
057: Token {
058:
059: private static Logger log = Logger.getLogger(
060: LogDomainConstants.WSS_API_DOMAIN,
061: LogDomainConstants.WSS_API_DOMAIN_BUNDLE);
062:
063: private X509Certificate cert;
064:
065: public X509SecurityToken(Document document, X509Certificate cert,
066: String wsuId, String valueType)
067: throws SecurityTokenException {
068:
069: super (document, wsuId, valueType);
070: this .cert = cert;
071: //checkCertVersion();
072: }
073:
074: public X509SecurityToken(Document document, X509Certificate cert)
075: throws SecurityTokenException {
076: super (document, null, MessageConstants.X509v3_NS);
077: this .cert = cert;
078: //checkCertVersion();
079: }
080:
081: public X509SecurityToken(Document document, X509Certificate cert,
082: String valueType) throws SecurityTokenException {
083: super (document, null, valueType);
084:
085: this .cert = cert;
086: //checkCertVersion();
087: }
088:
089: public X509SecurityToken(SOAPElement tokenElement, boolean isBSP)
090: throws XWSSecurityException {
091: super (tokenElement, isBSP);
092: if (!(tokenElement.getLocalName().equals(
093: MessageConstants.WSSE_BINARY_SECURITY_TOKEN_LNAME) && XMLUtil
094: .inWsseNS(tokenElement))) {
095: log.log(Level.SEVERE,
096: "WSS0391.error.creating.X509SecurityToken",
097: tokenElement.getTagName());
098: throw new XWSSecurityException(
099: "BinarySecurityToken expected, found "
100: + tokenElement.getTagName());
101: }
102: }
103:
104: public X509SecurityToken(SOAPElement tokenElement)
105: throws XWSSecurityException {
106: this (tokenElement, false);
107: }
108:
109: public X509Certificate getCertificate() throws XWSSecurityException {
110:
111: if (cert == null) {
112:
113: byte[] data;
114: String encodedData = XMLUtil.getFullTextFromChildren(this );
115: try {
116: data = Base64.decode(encodedData);
117: } catch (Base64DecodingException bde) {
118: log.log(Level.SEVERE, "WSS0301.unableto.decode.data");
119: throw new SecurityTokenException(
120: "Unable to decode data", bde);
121: }
122: try {
123: CertificateFactory certFact = CertificateFactory
124: .getInstance("X.509");
125: cert = (X509Certificate) certFact
126: .generateCertificate(new ByteArrayInputStream(
127: data));
128: } catch (Exception e) {
129: log.log(Level.SEVERE,
130: "WSS0302.unableto.create.x509cert");
131: throw new XWSSecurityException(
132: "Unable to create X509Certificate from data");
133: }
134: }
135: //checkCertVersion();
136: return cert;
137: }
138:
139: public static SecurityHeaderBlock fromSoapElement(
140: SOAPElement element) throws XWSSecurityException {
141: return SecurityHeaderBlockImpl.fromSoapElement(element,
142: X509SecurityToken.class);
143: }
144:
145: public String getTextValue() throws XWSSecurityException {
146:
147: if (encodedText == null) {
148: byte[] rawBytes;
149: try {
150: rawBytes = cert.getEncoded();
151: setRawValue(rawBytes);
152: } catch (CertificateEncodingException e) {
153: log.log(Level.SEVERE,
154: "WSS0303.unableto.get.encoded.x509cert");
155: throw new XWSSecurityException(
156: "Unable to get encoded representation of X509Certificate",
157: e);
158: }
159: }
160: return encodedText;
161: }
162:
163: private void checkCertVersion() throws SecurityTokenException {
164: if (cert.getVersion() != 3 || cert.getVersion() != 1) {
165: log.log(Level.SEVERE, "WSS0392.invalid.X509cert.version",
166: Integer.toString(cert.getVersion()));
167: throw new SecurityTokenException(
168: "Expected Version 1 or 3 Certificate, found Version "
169: + cert.getVersion());
170: }
171: }
172:
173: // Token interface methods
174: public String getType() {
175: return MessageConstants.X509_TOKEN_NS;
176: }
177:
178: public Object getTokenValue() {
179: try {
180: return getCertificate();
181: } catch (XWSSecurityException ex) {
182: throw new RuntimeException(ex);
183: }
184: }
185: }
|