Search in sources :

Example 11 with KeyResolverException

use of org.apache.xml.security.keys.keyresolver.KeyResolverException in project santuario-java by apache.

the class X509IssuerSerialResolver method engineLookupResolveX509Certificate.

/**
 * {@inheritDoc}
 */
public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage) throws KeyResolverException {
    LOG.debug("Can I resolve {}?", element.getTagName());
    X509Data x509data = null;
    try {
        x509data = new X509Data(element, baseURI);
    } catch (XMLSignatureException ex) {
        LOG.debug("I can't");
        return null;
    } catch (XMLSecurityException ex) {
        LOG.debug("I can't");
        return null;
    }
    if (!x509data.containsIssuerSerial()) {
        return null;
    }
    try {
        if (storage == null) {
            Object[] exArgs = { Constants._TAG_X509ISSUERSERIAL };
            KeyResolverException ex = new KeyResolverException("KeyResolver.needStorageResolver", exArgs);
            LOG.debug("", ex);
            throw ex;
        }
        int noOfISS = x509data.lengthIssuerSerial();
        Iterator<Certificate> storageIterator = storage.getIterator();
        while (storageIterator.hasNext()) {
            X509Certificate cert = (X509Certificate) storageIterator.next();
            XMLX509IssuerSerial certSerial = new XMLX509IssuerSerial(element.getOwnerDocument(), cert);
            LOG.debug("Found Certificate Issuer: {}", certSerial.getIssuerName());
            LOG.debug("Found Certificate Serial: {}", certSerial.getSerialNumber().toString());
            for (int i = 0; i < noOfISS; i++) {
                XMLX509IssuerSerial xmliss = x509data.itemIssuerSerial(i);
                LOG.debug("Found Element Issuer:     {}", xmliss.getIssuerName());
                LOG.debug("Found Element Serial:     {}", xmliss.getSerialNumber().toString());
                if (certSerial.equals(xmliss)) {
                    LOG.debug("match !!! ");
                    return cert;
                }
                LOG.debug("no match...");
            }
        }
        return null;
    } catch (XMLSecurityException ex) {
        LOG.debug("XMLSecurityException", ex);
        throw new KeyResolverException(ex);
    }
}
Also used : KeyResolverException(org.apache.xml.security.keys.keyresolver.KeyResolverException) XMLX509IssuerSerial(org.apache.xml.security.keys.content.x509.XMLX509IssuerSerial) X509Data(org.apache.xml.security.keys.content.X509Data) XMLSignatureException(org.apache.xml.security.signature.XMLSignatureException) XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException) X509Certificate(java.security.cert.X509Certificate) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Aggregations

KeyResolverException (org.apache.xml.security.keys.keyresolver.KeyResolverException)11 XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)7 X509Certificate (java.security.cert.X509Certificate)6 Element (org.w3c.dom.Element)5 Certificate (java.security.cert.Certificate)4 SecretKey (javax.crypto.SecretKey)3 Key (java.security.Key)2 PrivateKey (java.security.PrivateKey)2 PublicKey (java.security.PublicKey)2 KeyInfo (org.apache.xml.security.keys.KeyInfo)2 XMLSignatureException (org.apache.xml.security.signature.XMLSignatureException)2 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)1 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)1 InvalidKeyException (java.security.InvalidKeyException)1 KeyStoreException (java.security.KeyStoreException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 NoSuchProviderException (java.security.NoSuchProviderException)1 CertificateEncodingException (java.security.cert.CertificateEncodingException)1 AlgorithmParameterSpec (java.security.spec.AlgorithmParameterSpec)1 BadPaddingException (javax.crypto.BadPaddingException)1