001: /*
002: * $Id: SignaturePolicy.java,v 1.6 2007/03/27 10:46:03 ashutoshshahi Exp $
003: */
004:
005: /*
006: * The contents of this file are subject to the terms
007: * of the Common Development and Distribution License
008: * (the License). You may not use this file except in
009: * compliance with the License.
010: *
011: * You can obtain a copy of the license at
012: * https://glassfish.dev.java.net/public/CDDLv1.0.html.
013: * See the License for the specific language governing
014: * permissions and limitations under the License.
015: *
016: * When distributing Covered Code, include this CDDL
017: * Header Notice in each file and include the License file
018: * at https://glassfish.dev.java.net/public/CDDLv1.0.html.
019: * If applicable, add the following below the CDDL Header,
020: * with the fields enclosed by brackets [] replaced by
021: * you own identifying information:
022: * "Portions Copyrighted [year] [name of copyright owner]"
023: *
024: * Copyright 2006 Sun Microsystems Inc. All Rights Reserved
025: */
026:
027: package com.sun.xml.wss.impl.policy.mls;
028:
029: import com.sun.xml.wss.impl.MessageConstants;
030: import java.util.Iterator;
031: import java.util.ArrayList;
032:
033: import com.sun.xml.wss.impl.policy.MLSPolicy;
034: import com.sun.xml.wss.impl.PolicyTypeUtil;
035:
036: import javax.xml.crypto.dsig.DigestMethod;
037:
038: /**
039: * Objects of this class represent a policy for Signing parts of a SOAP Message. The
040: * Message Parts to be signed and the Canonicalization Algorithm to be used for the ds:SignedInfo are
041: * captured as FeatureBindings of this Policy. The exact Key to be used is to be represented
042: * as a distinct KeyBinding for this policy instance.
043: * The SignatureMethod for the signature is obtained as the keyAlgorithm
044: * on the corresponding KeyBinding associated with this SignaturePolicy
045: *
046: * Allowed KeyBindings for a SignaturePolicy include the following :
047: * <UL>
048: * <LI>AuthenticationTokenPolicy.X509CertificateBinding
049: * <LI>AuthenticationTokenPolicy.SAMLAssertionBinding
050: * <LI>SymmetricKeyBinding
051: * </UL>
052: */
053: public class SignaturePolicy extends WSSKeyBindingExtension {
054:
055: /*
056: * Feature Bindings
057: *
058: * (1) SignaturePolicy.FeatureBinding
059: *
060: * Key Bindings
061: *
062: * (1) X509KeyBinding
063: * (2) SymmetricKeyBinding
064: * (3) SAMLAssertionBinding
065: */
066:
067: /**
068: *Default constructor
069: */
070: public SignaturePolicy() {
071: setPolicyIdentifier(PolicyTypeUtil.SIGNATURE_POLICY_TYPE);
072: this ._featureBinding = new FeatureBinding();
073: }
074:
075: /**
076: * clone operator
077: * @return a clone of this SignaturePolicy
078: */
079: public Object clone() {
080: SignaturePolicy policy = new SignaturePolicy();
081:
082: try {
083: WSSPolicy fBinding = (WSSPolicy) getFeatureBinding();
084: WSSPolicy kBinding = (WSSPolicy) getKeyBinding();
085:
086: if (fBinding != null)
087: policy.setFeatureBinding((MLSPolicy) fBinding.clone());
088:
089: if (kBinding != null)
090: policy.setKeyBinding((MLSPolicy) kBinding.clone());
091: } catch (Exception e) {
092: }
093:
094: return policy;
095: }
096:
097: /**
098: * Equals operator
099: * @param policy <code>WSSPolicy</code> to be compared for equality
100: * @return true if the policy is equal to this policy
101: */
102: public boolean equals(WSSPolicy policy) {
103: boolean _assert = false;
104:
105: try {
106: return equalsIgnoreTargets(policy);
107: //TODO :: Uncomment;
108: /*SignaturePolicy sPolicy = (SignaturePolicy) policy;
109:
110: _assert = ((WSSPolicy) getFeatureBinding()).equals(
111: (WSSPolicy) sPolicy.getFeatureBinding()) &&
112: getKeyBinding().equals((WSSPolicy) sPolicy.getKeyBinding());*/
113: } catch (Exception cce) {
114: }
115:
116: return _assert;
117: }
118:
119: /*
120: * Equality comparision ignoring the Targets
121: * @param policy the policy to be compared for equality
122: * @return true if the argument policy is equal to this
123: */
124: public boolean equalsIgnoreTargets(WSSPolicy policy) {
125: boolean _assert = false;
126:
127: try {
128: if (!(PolicyTypeUtil.signaturePolicy(policy)))
129: return false;
130: SignaturePolicy sPolicy = (SignaturePolicy) policy;
131: _assert = ((WSSPolicy) getFeatureBinding())
132: .equalsIgnoreTargets((WSSPolicy) sPolicy
133: .getFeatureBinding());
134: //TODO : Un comment later;
135: //&& getKeyBinding().equals((WSSPolicy) sPolicy.getKeyBinding());
136: } catch (Exception cce) {
137: }
138:
139: return _assert;
140: }
141:
142: /**
143: * @return the type of the policy
144: */
145: public String getType() {
146: return PolicyTypeUtil.SIGNATURE_POLICY_TYPE;
147: }
148:
149: /**
150: * A class representing FeatureBindings for a SignaturePolicy
151: * The FeatureBinding would contain information about the MessageParts
152: * to be Signed, and the CanonicalizationMethod.
153: * The SignatureMethod for the signature is obtained as the keyAlgorithm
154: * on the corresponding KeyBinding associated with this SignaturePolicy
155: */
156: public static class FeatureBinding extends WSSPolicy {
157:
158: /*
159: * Feature Bindings
160: *
161: * (1) SignaturePolicy
162: * (2) EncryptionPolicy
163: * (3) AuthenticationTokenPolicy
164: *
165: * Key Bindings
166: *
167: * (1) X509KeyBinding
168: * (2) SymmetricKeyBinding
169: * (3) SAMLAssertionBinding
170: */
171:
172: String _canonicalizationAlgorithm = "";
173:
174: private SignatureTarget timestamp = null;
175:
176: final ArrayList _targets = new ArrayList();
177:
178: private boolean isEndorsingSignature = false;
179:
180: private boolean isPrimarySignature = false;
181:
182: private boolean disableInclusivePrefix = false;
183:
184: /**
185: * Default constructor
186: */
187: public FeatureBinding() {
188: setPolicyIdentifier(PolicyTypeUtil.SIGNATURE_POLICY_FEATUREBINDING_TYPE);
189: }
190:
191: /**
192: * Constructor
193: * @param canonicalization algorithm
194: */
195: public FeatureBinding(String canonicalization) {
196: this ();
197:
198: this ._canonicalizationAlgorithm = canonicalization;
199: }
200:
201: /**
202: * @return Canonicalization Algorithm for the ds:SignedInfo
203: */
204: public String getCanonicalizationAlgorithm() {
205: return _canonicalizationAlgorithm;
206: }
207:
208: /**
209: * set the Canonicalization Algorithm for the ds:SignedInfo
210: * @param canonicalization Canonicalization Algorithm
211: */
212: public void setCanonicalizationAlgorithm(String canonicalization) {
213: if (isReadOnly()) {
214: throw new RuntimeException(
215: "Can not set CanonicalizationAlgorithm : Policy is ReadOnly");
216: }
217:
218: if (isBSP()
219: && canonicalization != MessageConstants.TRANSFORM_C14N_EXCL_OMIT_COMMENTS) {
220: throw new RuntimeException(
221: "Does not meet BSP requirement: 5404. C14n algorithm must be exc-c14n");
222: }
223: this ._canonicalizationAlgorithm = canonicalization;
224: }
225:
226: /*
227: * @return true if a Timestamp Reference is to be included in the Signature
228: */
229: public boolean includeTimestamp() {
230: return timestamp != null ? true : false;
231: }
232:
233: /*
234: * indicate whether to include a Timestamp Reference in the Signature
235: * @param includeTimestamp
236: */
237: public void includeTimestamp(boolean include) {
238: if (isReadOnly()) {
239: throw new RuntimeException(
240: "Can not set includeTimestamp Flag : Policy is ReadOnly");
241: }
242:
243: if (include) {
244: if (timestamp == null) {
245: timestamp = new SignatureTarget();
246: timestamp.setType("qname");
247: timestamp
248: .setValue(MessageConstants.TIMESTAMP_QNAME);
249: timestamp.setDigestAlgorithm(DigestMethod.SHA1);
250: _targets.add(0, timestamp);
251: }
252: } else {
253: if (timestamp != null) {
254: int idx = _targets.indexOf(timestamp);
255: _targets.remove(idx);
256: timestamp = null;
257: }
258: }
259: }
260:
261: public void isEndorsingSignature(boolean isEndorsingSignature) {
262: this .isEndorsingSignature = isEndorsingSignature;
263: }
264:
265: public boolean isEndorsingSignature() {
266: return this .isEndorsingSignature;
267: }
268:
269: public void isPrimarySignature(boolean isPrimarySignature) {
270: this .isPrimarySignature = isPrimarySignature;
271: }
272:
273: public boolean isPrimarySignature() {
274: return this .isPrimarySignature;
275: }
276:
277: public boolean getDisableInclusivePrefix() {
278: return this .disableInclusivePrefix;
279: }
280:
281: public void setDisbaleInclusivePrefix(
282: boolean disableInclusivePrefix) {
283: this .disableInclusivePrefix = disableInclusivePrefix;
284: }
285:
286: /**
287: * @return collection of target bindings
288: */
289: public ArrayList getTargetBindings() {
290: return _targets;
291: }
292:
293: /**
294: * Add target to the list of targets for this FeatureBinding
295: * @param target SignatureTarget
296: */
297: public void addTargetBinding(SignatureTarget target) {
298:
299: if (isReadOnly()) {
300: throw new RuntimeException(
301: "Can not add Target : Policy is ReadOnly");
302: }
303: _targets.add(target);
304: }
305:
306: /*
307: * Add target to the list of targets for this FeatureBinding
308: * @param target Target to be added
309: */
310: public void addTargetBinding(Target target) {
311: addTargetBinding(new SignatureTarget(target));
312: //if ( isReadOnly()) {
313: // throw new RuntimeException("Can not add Target : Policy is ReadOnly");
314: //}
315:
316: //_targets.add(new SignatureTarget(target));
317: }
318:
319: /**
320: * @param targets ArrayList of targets to be removed
321: */
322: public void removeTargetBindings(ArrayList targets) {
323: if (isReadOnly()) {
324: throw new RuntimeException(
325: "Can not remove Target : Policy is ReadOnly");
326: }
327:
328: _targets.removeAll(targets);
329: }
330:
331: /**
332: * Equals operator
333: * @param binding <code>WSSPolicy</code> to be compared for equality
334: * @return true if the binding is equal to this policy
335: */
336: public boolean equals(WSSPolicy binding) {
337:
338: try {
339: if (!PolicyTypeUtil
340: .signaturePolicyFeatureBinding(binding))
341: return false;
342: FeatureBinding policy = (FeatureBinding) binding;
343:
344: boolean b1 = _canonicalizationAlgorithm.equals("") ? true
345: : _canonicalizationAlgorithm.equals(policy
346: .getCanonicalizationAlgorithm());
347: if (!b1)
348: return false;
349:
350: boolean b2 = _targets
351: .equals(policy.getTargetBindings());
352: if (!b2)
353: return false;
354:
355: } catch (Exception e) {
356: }
357:
358: return true;
359: }
360:
361: /*
362: * Equality comparision ignoring the Targets
363: * @param binding the binding to be compared for equality
364: * @return true if the argument binding is equal to this
365: */
366: public boolean equalsIgnoreTargets(WSSPolicy binding) {
367:
368: boolean assrt = false;
369:
370: if (!PolicyTypeUtil.signaturePolicyFeatureBinding(binding)) {
371: return false;
372: }
373:
374: try {
375: FeatureBinding policy = (FeatureBinding) binding;
376: assrt = _canonicalizationAlgorithm.equals(policy
377: .getCanonicalizationAlgorithm());
378: } catch (Exception e) {
379: }
380:
381: return assrt;
382: }
383:
384: /**
385: * @return a clone of this SignaturePolicy.FeatureBinding
386: */
387: public Object clone() {
388: FeatureBinding binding = new FeatureBinding();
389:
390: try {
391: WSSPolicy kBinding = (WSSPolicy) getKeyBinding();
392: WSSPolicy fBinding = (WSSPolicy) getFeatureBinding();
393:
394: if (fBinding != null)
395: binding.setFeatureBinding((MLSPolicy) fBinding
396: .clone());
397:
398: if (kBinding != null)
399: binding.setKeyBinding((MLSPolicy) kBinding.clone());
400:
401: binding
402: .setCanonicalizationAlgorithm(getCanonicalizationAlgorithm());
403:
404: Iterator i = getTargetBindings().iterator();
405: while (i.hasNext()) {
406: SignatureTarget target = (SignatureTarget) i.next();
407: binding.addTargetBinding((SignatureTarget) target
408: .clone());
409: }
410: } catch (Exception e) {
411: }
412:
413: return binding;
414: }
415:
416: /**
417: * @return the type of the policy
418: */
419: public String getType() {
420: return PolicyTypeUtil.SIGNATURE_POLICY_FEATUREBINDING_TYPE;
421: }
422:
423: }
424: }
|