001: /*
002: * The contents of this file are subject to the terms
003: * of the Common Development and Distribution License
004: * (the License). You may not use this file except in
005: * compliance with the License.
006: *
007: * You can obtain a copy of the license at
008: * https://glassfish.dev.java.net/public/CDDLv1.0.html.
009: * See the License for the specific language governing
010: * permissions and limitations under the License.
011: *
012: * When distributing Covered Code, include this CDDL
013: * Header Notice in each file and include the License file
014: * at https://glassfish.dev.java.net/public/CDDLv1.0.html.
015: * If applicable, add the following below the CDDL Header,
016: * with the fields enclosed by brackets [] replaced by
017: * you own identifying information:
018: * "Portions Copyrighted [year] [name of copyright owner]"
019: *
020: * Copyright 2006 Sun Microsystems Inc. All Rights Reserved
021: */
022:
023: package com.sun.xml.ws.security.opt.impl.keyinfo;
024:
025: import com.sun.xml.ws.security.opt.api.keyinfo.BinarySecurityToken;
026: import com.sun.xml.ws.security.opt.api.keyinfo.BuilderResult;
027: import com.sun.xml.ws.security.opt.api.reference.DirectReference;
028: import com.sun.xml.ws.security.opt.impl.crypto.OctectStreamData;
029: import com.sun.xml.ws.security.opt.impl.reference.KeyIdentifier;
030: import com.sun.xml.ws.security.opt.impl.reference.X509Data;
031: import com.sun.xml.ws.security.opt.impl.reference.X509IssuerSerial;
032: import com.sun.xml.wss.XWSSecurityException;
033: import com.sun.xml.wss.impl.MessageConstants;
034: import com.sun.xml.wss.impl.misc.SecurityUtil;
035: import com.sun.xml.wss.impl.policy.mls.AuthenticationTokenPolicy;
036: import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
037: import java.security.cert.CertificateEncodingException;
038: import java.security.cert.X509Certificate;
039: import java.util.logging.Level;
040: import com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages;
041:
042: /**
043: *
044: * @author K.Venugopal@sun.com
045: */
046: public class X509TokenBuilder extends TokenBuilder {
047:
048: AuthenticationTokenPolicy.X509CertificateBinding binding = null;
049:
050: /** Creates a new instance of X509TokenBuilder */
051: public X509TokenBuilder(JAXBFilterProcessingContext context,
052: AuthenticationTokenPolicy.X509CertificateBinding binding) {
053: super (context);
054: this .binding = binding;
055: }
056:
057: public BuilderResult process() throws XWSSecurityException {
058:
059: String x509id = binding.getUUID();
060: if (x509id == null || x509id.equals("")) {
061: x509id = context.generateID();
062: }
063: SecurityUtil.checkIncludeTokenPolicyOpt(context, binding,
064: x509id);
065:
066: String referenceType = binding.getReferenceType();
067: if (logger.isLoggable(Level.FINEST)) {
068: logger.log(Level.FINEST, LogStringsMessages
069: .WSS_1851_REFERENCETYPE_X_509_TOKEN(referenceType));
070: }
071: BuilderResult result = new BuilderResult();
072: if (referenceType.equals("Direct")) {
073: BinarySecurityToken bst = createBinarySecurityToken(
074: binding, binding.getX509Certificate());
075: if (bst == null) {
076: logger.log(Level.SEVERE, LogStringsMessages
077: .WSS_1802_WRONG_TOKENINCLUSION_POLICY());
078: throw new XWSSecurityException(LogStringsMessages
079: .WSS_1802_WRONG_TOKENINCLUSION_POLICY());
080: }
081: DirectReference dr = buildDirectReference(bst.getId(),
082: MessageConstants.X509v3_NS);
083: buildKeyInfo(dr, binding.getSTRID());
084: } else if (referenceType.equals("Identifier")) {
085: BinarySecurityToken bst = createBinarySecurityToken(
086: binding, binding.getX509Certificate());
087: buildKeyInfoWithKI(binding,
088: MessageConstants.X509SubjectKeyIdentifier_NS);
089: try {
090: if (binding.getSTRID() != null) {
091: OctectStreamData osd = new OctectStreamData(
092: new String(binding.getX509Certificate()
093: .getEncoded()));
094: context.getElementCache().put(binding.getSTRID(),
095: osd);
096: }
097: } catch (CertificateEncodingException ce) {
098: logger.log(Level.SEVERE, LogStringsMessages
099: .WSS_1814_ERROR_ENCODING_CERTIFICATE());
100: throw new XWSSecurityException(LogStringsMessages
101: .WSS_1814_ERROR_ENCODING_CERTIFICATE(), ce);
102: }
103: } else if (referenceType
104: .equals(MessageConstants.THUMB_PRINT_TYPE)) {
105: BinarySecurityToken bst = createBinarySecurityToken(
106: binding, binding.getX509Certificate());
107: KeyIdentifier ki = buildKeyInfoWithKI(binding,
108: MessageConstants.ThumbPrintIdentifier_NS);
109: try {
110: if (binding.getSTRID() != null) {
111: OctectStreamData osd = new OctectStreamData(
112: new String(binding.getX509Certificate()
113: .getEncoded()));
114: context.getElementCache().put(binding.getSTRID(),
115: osd);
116: }
117: } catch (CertificateEncodingException ce) {
118: logger.log(Level.SEVERE, LogStringsMessages
119: .WSS_1814_ERROR_ENCODING_CERTIFICATE());
120: throw new XWSSecurityException(LogStringsMessages
121: .WSS_1814_ERROR_ENCODING_CERTIFICATE(), ce);
122: }
123: } else if (referenceType
124: .equals(MessageConstants.X509_ISSUER_TYPE)) {
125: X509Certificate xCert = binding.getX509Certificate();
126: X509IssuerSerial xis = elementFactory
127: .createX509IssuerSerial(xCert.getIssuerDN()
128: .getName(), xCert.getSerialNumber());
129: X509Data x509Data = elementFactory
130: .createX509DataWithIssuerSerial(xis);
131: buildKeyInfo(x509Data, binding.getSTRID());
132: try {
133: if (binding.getSTRID() != null) {
134: OctectStreamData osd = new OctectStreamData(
135: new String(binding.getX509Certificate()
136: .getEncoded()));
137: context.getElementCache().put(binding.getSTRID(),
138: osd);
139: }
140: } catch (CertificateEncodingException ce) {
141: logger.log(Level.SEVERE, LogStringsMessages
142: .WSS_1814_ERROR_ENCODING_CERTIFICATE());
143: throw new XWSSecurityException(LogStringsMessages
144: .WSS_1814_ERROR_ENCODING_CERTIFICATE(), ce);
145: }
146: } else {
147: logger
148: .log(
149: Level.SEVERE,
150: LogStringsMessages
151: .WSS_1803_UNSUPPORTED_REFERENCE_TYPE(referenceType));
152: throw new XWSSecurityException(LogStringsMessages
153: .WSS_1803_UNSUPPORTED_REFERENCE_TYPE(referenceType));
154: }
155: result.setKeyInfo(keyInfo);
156: return result;
157: }
158:
159: }
|