001: /*
002: * $Id: X509SubjectKeyIdentifier.java,v 1.4 2007/01/08 09:28:57 ashutoshshahi Exp $
003: */
004:
005: /*
006: * The contents of this file are subject to the terms
007: * of the Common Development and Distribution License
008: * (the License). You may not use this file except in
009: * compliance with the License.
010: *
011: * You can obtain a copy of the license at
012: * https://glassfish.dev.java.net/public/CDDLv1.0.html.
013: * See the License for the specific language governing
014: * permissions and limitations under the License.
015: *
016: * When distributing Covered Code, include this CDDL
017: * Header Notice in each file and include the License file
018: * at https://glassfish.dev.java.net/public/CDDLv1.0.html.
019: * If applicable, add the following below the CDDL Header,
020: * with the fields enclosed by brackets [] replaced by
021: * you own identifying information:
022: * "Portions Copyrighted [year] [name of copyright owner]"
023: *
024: * Copyright 2006 Sun Microsystems Inc. All Rights Reserved
025: */
026:
027: package com.sun.xml.wss.core.reference;
028:
029: import java.security.cert.X509Certificate;
030: import java.util.logging.Level;
031:
032: import javax.xml.soap.SOAPElement;
033:
034: import org.w3c.dom.Document;
035:
036: import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
037: import com.sun.xml.wss.impl.misc.Base64;
038: import com.sun.xml.wss.impl.MessageConstants;
039: import com.sun.xml.wss.impl.SecurityHeaderException;
040: import com.sun.xml.wss.XWSSecurityException;
041: import java.io.IOException;
042:
043: /**
044: * @author Vishal Mahajan
045: * @author Manveen Kaur
046: */
047: public class X509SubjectKeyIdentifier extends KeyIdentifier {
048:
049: private static final String SUBJECT_KEY_IDENTIFIER_OID = "2.5.29.14";
050:
051: /** Defaults */
052: private String encodingType = MessageConstants.BASE64_ENCODING_NS;
053:
054: private String valueType = MessageConstants.X509SubjectKeyIdentifier_NS;
055:
056: private X509Certificate cert = null;
057:
058: /**
059: * Creates an "empty" KeyIdentifier element with default encoding type
060: * and default value type.
061: */
062: public X509SubjectKeyIdentifier(Document doc)
063: throws XWSSecurityException {
064: super (doc);
065: // Set default attributes
066: setAttribute("EncodingType", encodingType);
067: setAttribute("ValueType", valueType);
068: }
069:
070: public X509SubjectKeyIdentifier(SOAPElement element)
071: throws XWSSecurityException {
072: super (element);
073: }
074:
075: public byte[] getDecodedBase64EncodedValue()
076: throws XWSSecurityException {
077: try {
078: return Base64.decode(getReferenceValue());
079: } catch (Base64DecodingException e) {
080: log.log(Level.SEVERE,
081: "WSS0144.unableto.decode.base64.data",
082: new Object[] { e.getMessage() });
083: throw new SecurityHeaderException(
084: "Unable to decode Base64 encoded data", e);
085: }
086: }
087:
088: /**
089: * @return the SubjectKeyIdentifier from cert or null if cert does not
090: * contain one
091: */
092: public static byte[] getSubjectKeyIdentifier(X509Certificate cert)
093: throws XWSSecurityException {
094: byte[] subjectKeyIdentifier = cert
095: .getExtensionValue(SUBJECT_KEY_IDENTIFIER_OID);
096: if (subjectKeyIdentifier == null)
097: return null;
098:
099: try {
100: sun.security.x509.KeyIdentifier keyId = null;
101:
102: sun.security.util.DerValue derVal = new sun.security.util.DerValue(
103: new sun.security.util.DerInputStream(
104: subjectKeyIdentifier).getOctetString());
105:
106: keyId = new sun.security.x509.KeyIdentifier(derVal
107: .getOctetString());
108: return keyId.getIdentifier();
109: } catch (NoClassDefFoundError ncde) {
110: // TODO X509 Token profile states that only the contents of the
111: // OCTET STRING should be returned, excluding the "prefix"
112: byte[] dest = new byte[subjectKeyIdentifier.length - 4];
113: System.arraycopy(subjectKeyIdentifier, 4, dest, 0,
114: subjectKeyIdentifier.length - 4);
115: return dest;
116:
117: } catch (IOException e) {
118: //log exception
119: throw new XWSSecurityException(
120: "Error in extracting keyIdentifier"
121: + e.getMessage());
122: }
123: }
124:
125: public void setCertificate(X509Certificate cert) {
126: this .cert = cert;
127: }
128:
129: public X509Certificate getCertificate() {
130: return cert;
131: }
132: }
|