KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sun > org > apache > xml > internal > security > keys > keyresolver > implementations > RetrievalMethodResolver


1 /*
2  * Copyright 1999-2004 The Apache Software Foundation.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  *
16  */
17 package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations;
18
19
20
21 import java.io.ByteArrayInputStream JavaDoc;
22 import java.io.IOException JavaDoc;
23 import java.security.PublicKey JavaDoc;
24 import java.security.cert.CertificateException JavaDoc;
25 import java.security.cert.CertificateFactory JavaDoc;
26 import java.security.cert.X509Certificate JavaDoc;
27
28 import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
29 import com.sun.org.apache.xml.internal.security.keys.content.RetrievalMethod;
30 import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate;
31 import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolver;
32 import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException;
33 import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi;
34 import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
35 import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
36 import com.sun.org.apache.xml.internal.security.transforms.Transforms;
37 import com.sun.org.apache.xml.internal.security.utils.Constants;
38 import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
39 import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver;
40 import org.w3c.dom.Attr JavaDoc;
41 import org.w3c.dom.Element JavaDoc;
42 import org.w3c.dom.Node JavaDoc;
43
44
45 /**
46  * The RetrievalMethodResolver can retrieve public keys and certificates from
47  * other locations. The location is specified using the ds:RetrievalMethod
48  * element which points to the location. This includes the handling of raw
49  * (binary) X.509 certificate which are not encapsulated in an XML structure.
50  * If the retrieval process encounters an element which the
51  * RetrievalMethodResolver cannot handle itself, resolving of the extracted
52  * element is delegated back to the KeyResolver mechanism.
53  *
54  * @author $Author: raul $
55  */
56 public class RetrievalMethodResolver extends KeyResolverSpi {
57
58    /** {@link java.util.logging} logging facility */
59     static java.util.logging.Logger JavaDoc log =
60         java.util.logging.Logger.getLogger(
61                         RetrievalMethodResolver.class.getName());
62
63    /**
64     * Method engineCanResolve
65     * @inheritDoc
66     * @param element
67     * @param BaseURI
68     * @param storage
69     *
70     */
71    public boolean engineCanResolve(Element JavaDoc element, String JavaDoc BaseURI,
72                                    StorageResolver storage) {
73
74       if
75          (!XMLUtils.elementIsInSignatureSpace(element,
76                  Constants._TAG_RETRIEVALMETHOD)) {
77          return false;
78       }
79
80       return true;
81    }
82
83    /**
84     * Method engineResolvePublicKey
85     * @inheritDoc
86     * @param element
87     * @param BaseURI
88     * @param storage
89     *
90     */
91    public PublicKey JavaDoc engineResolvePublicKey(
92            Element JavaDoc element, String JavaDoc BaseURI, StorageResolver storage)
93               {
94
95       try {
96          RetrievalMethod rm = new RetrievalMethod(element, BaseURI);
97          Attr JavaDoc uri = rm.getURIAttr();
98
99          // type can be null because it's optional
100 String JavaDoc type = rm.getType();
101          Transforms transforms = rm.getTransforms();
102          ResourceResolver resRes = ResourceResolver.getInstance(uri, BaseURI);
103
104          if (resRes != null) {
105             XMLSignatureInput resource = resRes.resolve(uri, BaseURI);
106             if (true)
107                 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Before applying Transforms, resource has "
108                       + resource.getBytes().length + "bytes");
109
110             if (transforms != null) {
111                if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "We have Transforms");
112
113                resource = transforms.performTransforms(resource);
114             }
115             if (true) {
116                 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "After applying Transforms, resource has "
117                       + resource.getBytes().length + "bytes");
118                 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Resolved to resource " + resource.getSourceURI());
119             }
120
121             byte inputBytes[] = resource.getBytes();
122
123             if ((type != null) && type.equals(RetrievalMethod.TYPE_RAWX509)) {
124
125                // if the resource stores a raw certificate, we have to handle it
126 CertificateFactory JavaDoc certFact =
127                   CertificateFactory
128                      .getInstance(XMLX509Certificate.JCA_CERT_ID);
129                X509Certificate JavaDoc cert =
130                   (X509Certificate JavaDoc) certFact
131                      .generateCertificate(new ByteArrayInputStream JavaDoc(inputBytes));
132
133                if (cert != null) {
134                   return cert.getPublicKey();
135                }
136             } else {
137
138                // otherwise, we parse the resource, create an Element and delegate
139 if (true)
140                     if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "we have to parse " + inputBytes.length + " bytes");
141
142                Element JavaDoc e = this.getDocFromBytes(inputBytes);
143                if (true)
144                     if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}"
145                          + e.getLocalName() + " Element");
146
147                if (e != null) {
148                   KeyResolver newKeyResolver = KeyResolver.getInstance(getFirstElementChild(e),
149                                                   BaseURI, storage);
150
151                   if (newKeyResolver != null) {
152                      return newKeyResolver.resolvePublicKey(getFirstElementChild(e), BaseURI,
153                                                             storage);
154                   }
155                }
156             }
157          }
158       } catch (XMLSecurityException ex) {
159          if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
160       } catch (CertificateException JavaDoc ex) {
161          if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "CertificateException", ex);
162       } catch (IOException JavaDoc ex) {
163          if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "IOException", ex);
164       }
165
166       return null;
167    }
168
169    /**
170     * Method engineResolveX509Certificate
171     * @inheritDoc
172     * @param element
173     * @param BaseURI
174     * @param storage
175     *
176     */
177    public X509Certificate JavaDoc engineResolveX509Certificate(
178            Element JavaDoc element, String JavaDoc BaseURI, StorageResolver storage)
179               {
180
181       try {
182          RetrievalMethod rm = new RetrievalMethod(element, BaseURI);
183          Attr JavaDoc uri = rm.getURIAttr();
184          Transforms transforms = rm.getTransforms();
185          if (true)
186             if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Asked to resolve URI " + uri);
187
188          ResourceResolver resRes = ResourceResolver.getInstance(uri, BaseURI);
189
190          if (resRes != null) {
191             XMLSignatureInput resource = resRes.resolve(uri, BaseURI);
192             if (true)
193                 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Before applying Transforms, resource has "
194                       + resource.getBytes().length + "bytes");
195
196             if (transforms != null) {
197                if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "We have Transforms");
198
199                resource = transforms.performTransforms(resource);
200             }
201             
202             if (true) {
203                 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "After applying Transforms, resource has "
204                       + resource.getBytes().length + "bytes");
205                 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Resolved to resource " + resource.getSourceURI());
206             }
207
208             byte inputBytes[] = resource.getBytes();
209
210             if ((rm.getType() != null)
211                     && rm.getType().equals(RetrievalMethod.TYPE_RAWX509)) {
212
213                // if the resource stores a raw certificate, we have to handle it
214 CertificateFactory JavaDoc certFact =
215                   CertificateFactory
216                      .getInstance(XMLX509Certificate.JCA_CERT_ID);
217                X509Certificate JavaDoc cert =
218                   (X509Certificate JavaDoc) certFact
219                      .generateCertificate(new ByteArrayInputStream JavaDoc(inputBytes));
220
221                if (cert != null) {
222                   return cert;
223                }
224             } else {
225
226                // otherwise, we parse the resource, create an Element and delegate
227 if (true)
228                     if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "we have to parse " + inputBytes.length + " bytes");
229
230                Element JavaDoc e = this.getDocFromBytes(inputBytes);
231
232                if (true)
233                     if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}"
234                          + e.getLocalName() + " Element");
235
236                if (e != null) {
237                   KeyResolver newKeyResolver = KeyResolver.getInstance(getFirstElementChild(e),
238                                                   BaseURI, storage);
239
240                   if (newKeyResolver != null) {
241                      return newKeyResolver.resolveX509Certificate(getFirstElementChild(e), BaseURI,
242                              storage);
243                   }
244                }
245             }
246          }
247       } catch (XMLSecurityException ex) {
248          if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex);
249       } catch (CertificateException JavaDoc ex) {
250          if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "CertificateException", ex);
251       } catch (IOException JavaDoc ex) {
252          if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "IOException", ex);
253       }
254
255       return null;
256    }
257
258    /**
259     * Parses a byte array and returns the parsed Element.
260     *
261     * @param bytes
262     * @return the Document Element after parsing bytes
263     * @throws KeyResolverException if something goes wrong
264     */
265    Element JavaDoc getDocFromBytes(byte[] bytes) throws KeyResolverException {
266
267       try {
268          javax.xml.parsers.DocumentBuilderFactory JavaDoc dbf =
269             javax.xml.parsers.DocumentBuilderFactory.newInstance();
270
271          dbf.setNamespaceAware(true);
272
273          javax.xml.parsers.DocumentBuilder JavaDoc db = dbf.newDocumentBuilder();
274          org.w3c.dom.Document JavaDoc doc =
275             db.parse(new java.io.ByteArrayInputStream JavaDoc(bytes));
276
277          return doc.getDocumentElement();
278       } catch (org.xml.sax.SAXException JavaDoc ex) {
279          throw new KeyResolverException("empty", ex);
280       } catch (java.io.IOException JavaDoc ex) {
281          throw new KeyResolverException("empty", ex);
282       } catch (javax.xml.parsers.ParserConfigurationException JavaDoc ex) {
283          throw new KeyResolverException("empty", ex);
284       }
285    }
286
287    /**
288     * Method engineResolveSecretKey
289     * @inheritDoc
290     * @param element
291     * @param BaseURI
292     * @param storage
293     *
294     */
295    public javax.crypto.SecretKey engineResolveSecretKey(
296            Element JavaDoc element, String JavaDoc BaseURI, StorageResolver storage)
297    {
298       return null;
299    }
300    static Element JavaDoc getFirstElementChild(Element JavaDoc e){
301         Node JavaDoc n=e.getFirstChild();
302         while (n!=null && n.getNodeType()!=Node.ELEMENT_NODE) {
303             n=n.getNextSibling();
304         }
305         return (Element JavaDoc)n;
306    }
307 }
308
Popular Tags