Search in sources :

Example 1 with XMLX509SubjectName

use of org.apache.xml.security.keys.content.x509.XMLX509SubjectName in project jdk8u_jdk by JetBrains.

the class X509SubjectNameResolver method engineLookupResolveX509Certificate.

/**
     * Method engineResolveX509Certificate
     * @inheritDoc
     * @param element
     * @param baseURI
     * @param storage
     *
     * @throws KeyResolverException
     */
public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage) throws KeyResolverException {
    if (log.isLoggable(java.util.logging.Level.FINE)) {
        log.log(java.util.logging.Level.FINE, "Can I resolve " + element.getTagName() + "?");
    }
    Element[] x509childNodes = null;
    XMLX509SubjectName[] x509childObject = null;
    if (!XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_X509DATA)) {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "I can't");
        }
        return null;
    }
    x509childNodes = XMLUtils.selectDsNodes(element.getFirstChild(), Constants._TAG_X509SUBJECTNAME);
    if (!((x509childNodes != null) && (x509childNodes.length > 0))) {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "I can't");
        }
        return null;
    }
    try {
        if (storage == null) {
            Object[] exArgs = { Constants._TAG_X509SUBJECTNAME };
            KeyResolverException ex = new KeyResolverException("KeyResolver.needStorageResolver", exArgs);
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, "", ex);
            }
            throw ex;
        }
        x509childObject = new XMLX509SubjectName[x509childNodes.length];
        for (int i = 0; i < x509childNodes.length; i++) {
            x509childObject[i] = new XMLX509SubjectName(x509childNodes[i], baseURI);
        }
        Iterator<Certificate> storageIterator = storage.getIterator();
        while (storageIterator.hasNext()) {
            X509Certificate cert = (X509Certificate) storageIterator.next();
            XMLX509SubjectName certSN = new XMLX509SubjectName(element.getOwnerDocument(), cert);
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, "Found Certificate SN: " + certSN.getSubjectName());
            }
            for (int i = 0; i < x509childObject.length; i++) {
                if (log.isLoggable(java.util.logging.Level.FINE)) {
                    log.log(java.util.logging.Level.FINE, "Found Element SN:     " + x509childObject[i].getSubjectName());
                }
                if (certSN.equals(x509childObject[i])) {
                    if (log.isLoggable(java.util.logging.Level.FINE)) {
                        log.log(java.util.logging.Level.FINE, "match !!! ");
                    }
                    return cert;
                }
                if (log.isLoggable(java.util.logging.Level.FINE)) {
                    log.log(java.util.logging.Level.FINE, "no match...");
                }
            }
        }
        return null;
    } catch (XMLSecurityException ex) {
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
        }
        throw new KeyResolverException("generic.EmptyMessage", ex);
    }
}
Also used : Element(org.w3c.dom.Element) KeyResolverException(com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException) XMLX509SubjectName(com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SubjectName) X509Certificate(java.security.cert.X509Certificate) XMLSecurityException(com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 2 with XMLX509SubjectName

use of org.apache.xml.security.keys.content.x509.XMLX509SubjectName in project jdk8u_jdk by JetBrains.

the class PrivateKeyResolver method resolveX509Data.

private PrivateKey resolveX509Data(Element element, String baseURI) {
    log.log(java.util.logging.Level.FINE, "Can I resolve X509Data?");
    try {
        X509Data x509Data = new X509Data(element, baseURI);
        int len = x509Data.lengthSKI();
        for (int i = 0; i < len; i++) {
            XMLX509SKI x509SKI = x509Data.itemSKI(i);
            PrivateKey privKey = resolveX509SKI(x509SKI);
            if (privKey != null) {
                return privKey;
            }
        }
        len = x509Data.lengthIssuerSerial();
        for (int i = 0; i < len; i++) {
            XMLX509IssuerSerial x509Serial = x509Data.itemIssuerSerial(i);
            PrivateKey privKey = resolveX509IssuerSerial(x509Serial);
            if (privKey != null) {
                return privKey;
            }
        }
        len = x509Data.lengthSubjectName();
        for (int i = 0; i < len; i++) {
            XMLX509SubjectName x509SubjectName = x509Data.itemSubjectName(i);
            PrivateKey privKey = resolveX509SubjectName(x509SubjectName);
            if (privKey != null) {
                return privKey;
            }
        }
        len = x509Data.lengthCertificate();
        for (int i = 0; i < len; i++) {
            XMLX509Certificate x509Cert = x509Data.itemCertificate(i);
            PrivateKey privKey = resolveX509Certificate(x509Cert);
            if (privKey != null) {
                return privKey;
            }
        }
    } catch (XMLSecurityException e) {
        log.log(java.util.logging.Level.FINE, "XMLSecurityException", e);
    } catch (KeyStoreException e) {
        log.log(java.util.logging.Level.FINE, "KeyStoreException", e);
    }
    return null;
}
Also used : XMLX509Certificate(com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate) PrivateKey(java.security.PrivateKey) XMLX509SKI(com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SKI) XMLX509IssuerSerial(com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509IssuerSerial) KeyStoreException(java.security.KeyStoreException) X509Data(com.sun.org.apache.xml.internal.security.keys.content.X509Data) XMLX509SubjectName(com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SubjectName) XMLSecurityException(com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException)

Example 3 with XMLX509SubjectName

use of org.apache.xml.security.keys.content.x509.XMLX509SubjectName in project santuario-java by apache.

the class PrivateKeyResolver method resolveX509Data.

private PrivateKey resolveX509Data(Element element, String baseURI) {
    LOG.debug("Can I resolve X509Data?");
    try {
        X509Data x509Data = new X509Data(element, baseURI);
        int len = x509Data.lengthSKI();
        for (int i = 0; i < len; i++) {
            XMLX509SKI x509SKI = x509Data.itemSKI(i);
            PrivateKey privKey = resolveX509SKI(x509SKI);
            if (privKey != null) {
                return privKey;
            }
        }
        len = x509Data.lengthIssuerSerial();
        for (int i = 0; i < len; i++) {
            XMLX509IssuerSerial x509Serial = x509Data.itemIssuerSerial(i);
            PrivateKey privKey = resolveX509IssuerSerial(x509Serial);
            if (privKey != null) {
                return privKey;
            }
        }
        len = x509Data.lengthSubjectName();
        for (int i = 0; i < len; i++) {
            XMLX509SubjectName x509SubjectName = x509Data.itemSubjectName(i);
            PrivateKey privKey = resolveX509SubjectName(x509SubjectName);
            if (privKey != null) {
                return privKey;
            }
        }
        len = x509Data.lengthCertificate();
        for (int i = 0; i < len; i++) {
            XMLX509Certificate x509Cert = x509Data.itemCertificate(i);
            PrivateKey privKey = resolveX509Certificate(x509Cert);
            if (privKey != null) {
                return privKey;
            }
        }
    } catch (XMLSecurityException e) {
        LOG.debug("XMLSecurityException", e);
    } catch (KeyStoreException e) {
        LOG.debug("KeyStoreException", e);
    }
    return null;
}
Also used : XMLX509Certificate(org.apache.xml.security.keys.content.x509.XMLX509Certificate) PrivateKey(java.security.PrivateKey) XMLX509SKI(org.apache.xml.security.keys.content.x509.XMLX509SKI) XMLX509IssuerSerial(org.apache.xml.security.keys.content.x509.XMLX509IssuerSerial) KeyStoreException(java.security.KeyStoreException) X509Data(org.apache.xml.security.keys.content.X509Data) XMLX509SubjectName(org.apache.xml.security.keys.content.x509.XMLX509SubjectName) XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)

Example 4 with XMLX509SubjectName

use of org.apache.xml.security.keys.content.x509.XMLX509SubjectName in project santuario-java by apache.

the class X509SubjectNameResolver method engineLookupResolveX509Certificate.

/**
 * Method engineResolveX509Certificate
 * {@inheritDoc}
 * @param element
 * @param baseURI
 * @param storage
 *
 * @throws KeyResolverException
 */
public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage) throws KeyResolverException {
    LOG.debug("Can I resolve {}?", element.getTagName());
    Element[] x509childNodes = null;
    XMLX509SubjectName[] x509childObject = null;
    if (!XMLUtils.elementIsInSignatureSpace(element, Constants._TAG_X509DATA)) {
        LOG.debug("I can't");
        return null;
    }
    x509childNodes = XMLUtils.selectDsNodes(element.getFirstChild(), Constants._TAG_X509SUBJECTNAME);
    if (!(x509childNodes != null && x509childNodes.length > 0)) {
        LOG.debug("I can't");
        return null;
    }
    try {
        if (storage == null) {
            Object[] exArgs = { Constants._TAG_X509SUBJECTNAME };
            KeyResolverException ex = new KeyResolverException("KeyResolver.needStorageResolver", exArgs);
            LOG.debug("", ex);
            throw ex;
        }
        x509childObject = new XMLX509SubjectName[x509childNodes.length];
        for (int i = 0; i < x509childNodes.length; i++) {
            x509childObject[i] = new XMLX509SubjectName(x509childNodes[i], baseURI);
        }
        Iterator<Certificate> storageIterator = storage.getIterator();
        while (storageIterator.hasNext()) {
            X509Certificate cert = (X509Certificate) storageIterator.next();
            XMLX509SubjectName certSN = new XMLX509SubjectName(element.getOwnerDocument(), cert);
            LOG.debug("Found Certificate SN: {}", certSN.getSubjectName());
            for (int i = 0; i < x509childObject.length; i++) {
                LOG.debug("Found Element SN:     {}", x509childObject[i].getSubjectName());
                if (certSN.equals(x509childObject[i])) {
                    LOG.debug("match !!! ");
                    return cert;
                }
                LOG.debug("no match...");
            }
        }
        return null;
    } catch (XMLSecurityException ex) {
        LOG.debug("XMLSecurityException", ex);
        throw new KeyResolverException(ex);
    }
}
Also used : Element(org.w3c.dom.Element) KeyResolverException(org.apache.xml.security.keys.keyresolver.KeyResolverException) XMLX509SubjectName(org.apache.xml.security.keys.content.x509.XMLX509SubjectName) X509Certificate(java.security.cert.X509Certificate) XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 5 with XMLX509SubjectName

use of org.apache.xml.security.keys.content.x509.XMLX509SubjectName in project jdk8u_jdk by JetBrains.

the class PrivateKeyResolver method resolveX509SubjectName.

/*
     * Search for a private key entry in the KeyStore with the same Subject Name.
     */
private PrivateKey resolveX509SubjectName(XMLX509SubjectName x509SubjectName) throws KeyStoreException {
    log.log(java.util.logging.Level.FINE, "Can I resolve X509SubjectName?");
    Enumeration<String> aliases = keyStore.aliases();
    while (aliases.hasMoreElements()) {
        String alias = aliases.nextElement();
        if (keyStore.isKeyEntry(alias)) {
            Certificate cert = keyStore.getCertificate(alias);
            if (cert instanceof X509Certificate) {
                XMLX509SubjectName certSN = new XMLX509SubjectName(x509SubjectName.getDocument(), (X509Certificate) cert);
                if (certSN.equals(x509SubjectName)) {
                    log.log(java.util.logging.Level.FINE, "match !!! ");
                    try {
                        Key key = keyStore.getKey(alias, password);
                        if (key instanceof PrivateKey) {
                            return (PrivateKey) key;
                        }
                    } catch (Exception e) {
                        log.log(java.util.logging.Level.FINE, "Cannot recover the key", e);
                    // Keep searching
                    }
                }
            }
        }
    }
    return null;
}
Also used : PrivateKey(java.security.PrivateKey) X509Certificate(java.security.cert.X509Certificate) XMLX509Certificate(com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate) XMLX509SubjectName(com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SubjectName) PublicKey(java.security.PublicKey) Key(java.security.Key) PrivateKey(java.security.PrivateKey) SecretKey(javax.crypto.SecretKey) KeyStoreException(java.security.KeyStoreException) KeyResolverException(com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException) XMLSecurityException(com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException) CertificateEncodingException(java.security.cert.CertificateEncodingException) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) XMLX509Certificate(com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate)

Aggregations

PrivateKey (java.security.PrivateKey)5 X509Certificate (java.security.cert.X509Certificate)5 KeyStoreException (java.security.KeyStoreException)4 Certificate (java.security.cert.Certificate)4 XMLX509SubjectName (org.apache.xml.security.keys.content.x509.XMLX509SubjectName)4 XMLSecurityException (com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException)3 XMLX509SubjectName (com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SubjectName)3 PublicKey (java.security.PublicKey)3 SecretKey (javax.crypto.SecretKey)3 XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)3 XMLX509Certificate (org.apache.xml.security.keys.content.x509.XMLX509Certificate)3 XMLX509Certificate (com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate)2 KeyResolverException (com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException)2 Key (java.security.Key)2 CertificateEncodingException (java.security.cert.CertificateEncodingException)2 X509Data (org.apache.xml.security.keys.content.X509Data)2 XMLX509IssuerSerial (org.apache.xml.security.keys.content.x509.XMLX509IssuerSerial)2 XMLX509SKI (org.apache.xml.security.keys.content.x509.XMLX509SKI)2 KeyResolverException (org.apache.xml.security.keys.keyresolver.KeyResolverException)2 Element (org.w3c.dom.Element)2