EncryptedKeyResolver


1   /*
2    * Copyright  1999-2004 The Apache Software Foundation.
3    *
4    *  Licensed under the Apache License, Version 2.0 (the "License");
5    *  you may not use this file except in compliance with the License.
6    *  You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   *  Unless required by applicable law or agreed to in writing, software
11   *  distributed under the License is distributed on an "AS IS" BASIS,
12   *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   *  See the License for the specific language governing permissions and
14   *  limitations under the License.
15   *
16   */
17  package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
18  
19  import java.security.Key  ;
20  import java.security.PublicKey  ;
21  import java.security.cert.X509Certificate  ;
22  
23  import javax.crypto.SecretKey;
24  
25  import com.sun.org.apache.xml.internal.security.encryption.EncryptedKey;
26  import com.sun.org.apache.xml.internal.security.encryption.XMLCipher;
27  import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
28  import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
29  import com.sun.org.apache.xml.internal.security.utils.EncryptionConstants;
30  import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
31  import org.w3c.dom.Element  ;
32  
33  
34  /**
35   * The <code>EncryptedKeyResolver</code> is not a generic resolver.  It can 
36   * only be for specific instantiations, as the key being unwrapped will 
37   * always be of a particular type and will always have been wrapped by 
38   * another key which needs to be recursively resolved.
39   *
40   * The <code>EncryptedKeyResolver</code> can therefore only be instantiated
41   * with an algorithm.  It can also be instantiated with a key (the KEK) or 
42   * will search the static KeyResolvers to find the appropriate key.
43   *
44   * @author Berin Lautenbach
45   */
46  
47  public class EncryptedKeyResolver extends KeyResolverSpi {
48  
49      /** {@link java.util.logging} logging facility */
50      static java.util.logging.Logger   log = 
51          java.util.logging.Logger.getLogger(
52                          RSAKeyValueResolver.class.getName());
53  
54      
55      Key   _key;
56      Key   _kek;
57      String   _algorithm;
58  
59      /**
60       * Constructor for use when a KEK needs to be derived from a KeyInfo
61       * list
62       * @param algorithm
63       */
64      public EncryptedKeyResolver(String   algorithm) {
65          _key = null;
66          _kek = null;
67          _algorithm=algorithm;
68      }
69  
70      /**
71       * Constructor used for when a KEK has been set
72       * @param algorithm
73       * @param kek
74       */
75  
76      public EncryptedKeyResolver(String   algorithm, Key   kek) {
77          _key = null;
78          _algorithm = algorithm;
79          _kek = kek;
80  
81      }
82  
83      /**
84       * Method engineCanResolve
85       *
86       * @param element
87       * @param BaseURI
88       * @param storage
89       * @return true if can resolve the key in the element
90       *
91       */
92  
93      public boolean engineCanResolve(Element   element, String   BaseURI,
94                                     StorageResolver storage) {
95        if (true)
96          if (log.isLoggable(java.util.logging.Level.FINE))                                     log.log(java.util.logging.Level.FINE, "EncryptedKeyResolver - Can I resolve " + element.getTagName());
97  
98        if (element == null) {
99           return false;
100       }
101 
102       boolean isEncryptedKey = XMLUtils.elementIsInEncryptionSpace(element,
103                               EncryptionConstants._TAG_ENCRYPTEDKEY);
104 
105       if (isEncryptedKey) {
106           if (log.isLoggable(java.util.logging.Level.FINE))                                     log.log(java.util.logging.Level.FINE, "Passed an Encrypted Key");
107           try {
108               XMLCipher cipher = XMLCipher.getInstance();
109               cipher.init(XMLCipher.UNWRAP_MODE, _kek);
110               EncryptedKey ek = cipher.loadEncryptedKey(element);
111               _key = cipher.decryptKey(ek, _algorithm);
112           }
113           catch (Exception   e) {}
114       }
115       
116       return (_key != null);
117    }
118 
119     /** @inheritDoc */
120    public PublicKey   engineResolvePublicKey(
121            Element   element, String   BaseURI, StorageResolver storage) {
122 
123        return null;
124    }
125 
126    /** @inheritDoc */
127    public X509Certificate   engineResolveX509Certificate(
128            Element   element, String   BaseURI, StorageResolver storage) {
129       return null;
130    }
131 
132    /** @inheritDoc */
133    public javax.crypto.SecretKey engineResolveSecretKey(
134            Element   element, String   BaseURI, StorageResolver storage) {
135       return (SecretKey) _key;
136    }
137 }
138
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags