01: /****************************************************************
02: * Licensed to the Apache Software Foundation (ASF) under one *
03: * or more contributor license agreements. See the NOTICE file *
04: * distributed with this work for additional information *
05: * regarding copyright ownership. The ASF licenses this file *
06: * to you under the Apache License, Version 2.0 (the *
07: * "License"); you may not use this file except in compliance *
08: * with the License. You may obtain a copy of the License at *
09: * *
10: * http://www.apache.org/licenses/LICENSE-2.0 *
11: * *
12: * Unless required by applicable law or agreed to in writing, *
13: * software distributed under the License is distributed on an *
14: * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY *
15: * KIND, either express or implied. See the License for the *
16: * specific language governing permissions and limitations *
17: * under the License. *
18: ****************************************************************/package org.apache.james.transport.matchers.smime;
19:
20: import java.security.Principal;
21: import java.security.cert.X509Certificate;
22: import java.util.Collection;
23: import java.util.Collections;
24: import java.util.Iterator;
25: import java.util.List;
26:
27: import javax.mail.MessagingException;
28:
29: import org.apache.mailet.GenericMatcher;
30: import org.apache.mailet.Mail;
31:
32: /**
33: * <p>
34: * Checks if the subject of a X509Certificate contains the supplied string. The
35: * certificate is read from the specified mail attribute.
36: * </p><p>
37: * If the specified attribute contains more than one certificate the matcher matches if at
38: * least one of the certificates contains the given string.
39: * </p>
40: * <p>
41: * Configuration string:
42: * <ul>
43: * <li>mailAttribute;string</li>
44: * </ul>
45: *
46: */
47: public class IsX509CertificateSubject extends GenericMatcher {
48: protected String sourceAttribute;
49: protected String check;
50:
51: public void init() throws MessagingException {
52: String condition = getCondition();
53: if (condition == null || condition.indexOf(";") == -1)
54: throw new MessagingException(
55: "Invalid matcher configuration: " + condition);
56:
57: int pos = condition.indexOf(";");
58: sourceAttribute = condition.substring(0, pos).trim();
59: check = condition.substring(pos + 1, condition.length());
60: }
61:
62: public Collection match(Mail mail) throws MessagingException {
63: List certificates;
64:
65: Object obj = mail.getAttribute(sourceAttribute);
66: if (obj != null) {
67: if (obj instanceof X509Certificate) {
68: certificates = Collections.singletonList(obj);
69: } else {
70: certificates = (List) obj;
71: }
72:
73: boolean valid = false;
74:
75: for (Iterator iter = certificates.iterator(); iter
76: .hasNext();) {
77: X509Certificate cert = (X509Certificate) iter.next();
78:
79: // Here I should use the method getSubjectX500Principal, but
80: // that would break the compatibility with jdk13.
81: Principal prin = cert.getSubjectDN();
82: // TODO: Maybe here a more strong check should be done ...
83: if ((prin.toString().indexOf(check)) > 0) {
84: valid = true;
85: }
86: }
87:
88: if (valid) {
89: return mail.getRecipients();
90: } else {
91: return null;
92: }
93: } else {
94: return null;
95: }
96: }
97:
98: }
|