01: /*
02: * KeyIdentifierCertSelector.java
03: *
04: * Created on February 26, 2007, 5:59 PM
05: *
06: * To change this template, choose Tools | Template Manager
07: * and open the template in the editor.
08: */
09:
10: package com.sun.xml.wss.impl.misc;
11:
12: import java.security.cert.CertSelector;
13: import java.security.cert.Certificate;
14:
15: import com.sun.xml.wss.core.reference.X509SubjectKeyIdentifier;
16: import java.security.cert.X509Certificate;
17: import java.util.Arrays;
18:
19: import com.sun.xml.wss.XWSSecurityException;
20:
21: /**
22: *
23: * @author kumar jayanti
24: */
25: public class KeyIdentifierCertSelector implements CertSelector {
26:
27: private final byte[] keyId;
28:
29: /** Creates a new instance of KeyIdentifierCertSelector */
30: public KeyIdentifierCertSelector(byte[] keyIdValue) {
31: this .keyId = keyIdValue;
32: }
33:
34: public boolean match(Certificate cert) {
35: if (cert instanceof X509Certificate) {
36: byte[] keyIdtoMatch = null;
37: try {
38: keyIdtoMatch = X509SubjectKeyIdentifier
39: .getSubjectKeyIdentifier((X509Certificate) cert);
40: } catch (XWSSecurityException ex) {
41: //ignore since not all certs in Certstore may have SKID
42: }
43: if (Arrays.equals(keyIdtoMatch, keyId)) {
44: return true;
45: }
46: }
47: return false;
48: }
49:
50: public Object clone() {
51: return new KeyIdentifierCertSelector(this.keyId);
52: }
53:
54: }
|