1 17 package com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations; 18 19 20 21 import java.io.ByteArrayInputStream ; 22 import java.io.IOException ; 23 import java.security.PublicKey ; 24 import java.security.cert.CertificateException ; 25 import java.security.cert.CertificateFactory ; 26 import java.security.cert.X509Certificate ; 27 28 import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; 29 import com.sun.org.apache.xml.internal.security.keys.content.RetrievalMethod; 30 import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate; 31 import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolver; 32 import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException; 33 import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverSpi; 34 import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver; 35 import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; 36 import com.sun.org.apache.xml.internal.security.transforms.Transforms; 37 import com.sun.org.apache.xml.internal.security.utils.Constants; 38 import com.sun.org.apache.xml.internal.security.utils.XMLUtils; 39 import com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver; 40 import org.w3c.dom.Attr ; 41 import org.w3c.dom.Element ; 42 import org.w3c.dom.Node ; 43 44 45 56 public class RetrievalMethodResolver extends KeyResolverSpi { 57 58 59 static java.util.logging.Logger log = 60 java.util.logging.Logger.getLogger( 61 RetrievalMethodResolver.class.getName()); 62 63 71 public boolean engineCanResolve(Element element, String BaseURI, 72 StorageResolver storage) { 73 74 if 75 (!XMLUtils.elementIsInSignatureSpace(element, 76 Constants._TAG_RETRIEVALMETHOD)) { 77 return false; 78 } 79 80 return true; 81 } 82 83 91 public PublicKey engineResolvePublicKey( 92 Element element, String BaseURI, StorageResolver storage) 93 { 94 95 try { 96 RetrievalMethod rm = new RetrievalMethod(element, BaseURI); 97 Attr uri = rm.getURIAttr(); 98 99 String type = rm.getType(); 101 Transforms transforms = rm.getTransforms(); 102 ResourceResolver resRes = ResourceResolver.getInstance(uri, BaseURI); 103 104 if (resRes != null) { 105 XMLSignatureInput resource = resRes.resolve(uri, BaseURI); 106 if (true) 107 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Before applying Transforms, resource has " 108 + resource.getBytes().length + "bytes"); 109 110 if (transforms != null) { 111 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "We have Transforms"); 112 113 resource = transforms.performTransforms(resource); 114 } 115 if (true) { 116 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "After applying Transforms, resource has " 117 + resource.getBytes().length + "bytes"); 118 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Resolved to resource " + resource.getSourceURI()); 119 } 120 121 byte inputBytes[] = resource.getBytes(); 122 123 if ((type != null) && type.equals(RetrievalMethod.TYPE_RAWX509)) { 124 125 CertificateFactory certFact = 127 CertificateFactory 128 .getInstance(XMLX509Certificate.JCA_CERT_ID); 129 X509Certificate cert = 130 (X509Certificate ) certFact 131 .generateCertificate(new ByteArrayInputStream (inputBytes)); 132 133 if (cert != null) { 134 return cert.getPublicKey(); 135 } 136 } else { 137 138 if (true) 140 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "we have to parse " + inputBytes.length + " bytes"); 141 142 Element e = this.getDocFromBytes(inputBytes); 143 if (true) 144 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}" 145 + e.getLocalName() + " Element"); 146 147 if (e != null) { 148 KeyResolver newKeyResolver = KeyResolver.getInstance(getFirstElementChild(e), 149 BaseURI, storage); 150 151 if (newKeyResolver != null) { 152 return newKeyResolver.resolvePublicKey(getFirstElementChild(e), BaseURI, 153 storage); 154 } 155 } 156 } 157 } 158 } catch (XMLSecurityException ex) { 159 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); 160 } catch (CertificateException ex) { 161 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "CertificateException", ex); 162 } catch (IOException ex) { 163 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "IOException", ex); 164 } 165 166 return null; 167 } 168 169 177 public X509Certificate engineResolveX509Certificate( 178 Element element, String BaseURI, StorageResolver storage) 179 { 180 181 try { 182 RetrievalMethod rm = new RetrievalMethod(element, BaseURI); 183 Attr uri = rm.getURIAttr(); 184 Transforms transforms = rm.getTransforms(); 185 if (true) 186 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Asked to resolve URI " + uri); 187 188 ResourceResolver resRes = ResourceResolver.getInstance(uri, BaseURI); 189 190 if (resRes != null) { 191 XMLSignatureInput resource = resRes.resolve(uri, BaseURI); 192 if (true) 193 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Before applying Transforms, resource has " 194 + resource.getBytes().length + "bytes"); 195 196 if (transforms != null) { 197 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "We have Transforms"); 198 199 resource = transforms.performTransforms(resource); 200 } 201 202 if (true) { 203 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "After applying Transforms, resource has " 204 + resource.getBytes().length + "bytes"); 205 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Resolved to resource " + resource.getSourceURI()); 206 } 207 208 byte inputBytes[] = resource.getBytes(); 209 210 if ((rm.getType() != null) 211 && rm.getType().equals(RetrievalMethod.TYPE_RAWX509)) { 212 213 CertificateFactory certFact = 215 CertificateFactory 216 .getInstance(XMLX509Certificate.JCA_CERT_ID); 217 X509Certificate cert = 218 (X509Certificate ) certFact 219 .generateCertificate(new ByteArrayInputStream (inputBytes)); 220 221 if (cert != null) { 222 return cert; 223 } 224 } else { 225 226 if (true) 228 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "we have to parse " + inputBytes.length + " bytes"); 229 230 Element e = this.getDocFromBytes(inputBytes); 231 232 if (true) 233 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}" 234 + e.getLocalName() + " Element"); 235 236 if (e != null) { 237 KeyResolver newKeyResolver = KeyResolver.getInstance(getFirstElementChild(e), 238 BaseURI, storage); 239 240 if (newKeyResolver != null) { 241 return newKeyResolver.resolveX509Certificate(getFirstElementChild(e), BaseURI, 242 storage); 243 } 244 } 245 } 246 } 247 } catch (XMLSecurityException ex) { 248 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "XMLSecurityException", ex); 249 } catch (CertificateException ex) { 250 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "CertificateException", ex); 251 } catch (IOException ex) { 252 if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "IOException", ex); 253 } 254 255 return null; 256 } 257 258 265 Element getDocFromBytes(byte[] bytes) throws KeyResolverException { 266 267 try { 268 javax.xml.parsers.DocumentBuilderFactory dbf = 269 javax.xml.parsers.DocumentBuilderFactory.newInstance(); 270 271 dbf.setNamespaceAware(true); 272 273 javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder(); 274 org.w3c.dom.Document doc = 275 db.parse(new java.io.ByteArrayInputStream (bytes)); 276 277 return doc.getDocumentElement(); 278 } catch (org.xml.sax.SAXException ex) { 279 throw new KeyResolverException("empty", ex); 280 } catch (java.io.IOException ex) { 281 throw new KeyResolverException("empty", ex); 282 } catch (javax.xml.parsers.ParserConfigurationException ex) { 283 throw new KeyResolverException("empty", ex); 284 } 285 } 286 287 295 public javax.crypto.SecretKey engineResolveSecretKey( 296 Element element, String BaseURI, StorageResolver storage) 297 { 298 return null; 299 } 300 static Element getFirstElementChild(Element e){ 301 Node n=e.getFirstChild(); 302 while (n!=null && n.getNodeType()!=Node.ELEMENT_NODE) { 303 n=n.getNextSibling(); 304 } 305 return (Element )n; 306 } 307 } 308 | Popular Tags |