0N/A/*
0N/A * reserved comment block
0N/A * DO NOT REMOVE OR ALTER!
0N/A */
6159N/A/**
6159N/A * Licensed to the Apache Software Foundation (ASF) under one
6159N/A * or more contributor license agreements. See the NOTICE file
6159N/A * distributed with this work for additional information
6159N/A * regarding copyright ownership. The ASF licenses this file
6159N/A * to you under the Apache License, Version 2.0 (the
6159N/A * "License"); you may not use this file except in compliance
6159N/A * with the License. You may obtain a copy of the License at
0N/A *
6159N/A * http://www.apache.org/licenses/LICENSE-2.0
0N/A *
6159N/A * Unless required by applicable law or agreed to in writing,
6159N/A * software distributed under the License is distributed on an
6159N/A * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
6159N/A * KIND, either express or implied. See the License for the
6159N/A * specific language governing permissions and limitations
6159N/A * under the License.
0N/A */
0N/Apackage com.sun.org.apache.xml.internal.security.keys.keyresolver;
0N/A
0N/Aimport java.security.PublicKey;
0N/Aimport java.security.cert.X509Certificate;
0N/Aimport java.util.ArrayList;
661N/Aimport java.util.Iterator;
0N/Aimport java.util.List;
6159N/Aimport java.util.concurrent.CopyOnWriteArrayList;
0N/A
0N/Aimport javax.crypto.SecretKey;
0N/A
6159N/Aimport com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.DSAKeyValueResolver;
6159N/Aimport com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.RSAKeyValueResolver;
6159N/Aimport com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.RetrievalMethodResolver;
6159N/Aimport com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509CertificateResolver;
6159N/Aimport com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509IssuerSerialResolver;
6159N/Aimport com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509SKIResolver;
6159N/Aimport com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509SubjectNameResolver;
0N/Aimport com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
0N/Aimport org.w3c.dom.Element;
0N/Aimport org.w3c.dom.Node;
0N/A
0N/A/**
0N/A * KeyResolver is factory class for subclass of KeyResolverSpi that
0N/A * represent child element of KeyInfo.
0N/A */
0N/Apublic class KeyResolver {
0N/A
6159N/A /** {@link org.apache.commons.logging} logging facility */
6159N/A private static java.util.logging.Logger log =
0N/A java.util.logging.Logger.getLogger(KeyResolver.class.getName());
0N/A
6159N/A /** Field resolverVector */
6159N/A private static List<KeyResolver> resolverVector = new CopyOnWriteArrayList<KeyResolver>();
0N/A
6159N/A /** Field resolverSpi */
6159N/A private final KeyResolverSpi resolverSpi;
0N/A
6159N/A /**
6159N/A * Constructor.
6159N/A *
6159N/A * @param keyResolverSpi a KeyResolverSpi instance
6159N/A */
6159N/A private KeyResolver(KeyResolverSpi keyResolverSpi) {
6159N/A resolverSpi = keyResolverSpi;
6159N/A }
0N/A
6159N/A /**
6159N/A * Method length
6159N/A *
6159N/A * @return the length of resolvers registered
6159N/A */
6159N/A public static int length() {
6159N/A return resolverVector.size();
6159N/A }
0N/A
6159N/A /**
6159N/A * Method getX509Certificate
6159N/A *
6159N/A * @param element
6159N/A * @param baseURI
6159N/A * @param storage
6159N/A * @return The certificate represented by the element.
6159N/A *
6159N/A * @throws KeyResolverException
6159N/A */
6159N/A public static final X509Certificate getX509Certificate(
6159N/A Element element, String baseURI, StorageResolver storage
6159N/A ) throws KeyResolverException {
6159N/A for (KeyResolver resolver : resolverVector) {
6159N/A if (resolver == null) {
6159N/A Object exArgs[] = {
6159N/A (((element != null)
6159N/A && (element.getNodeType() == Node.ELEMENT_NODE))
6159N/A ? element.getTagName() : "null")
6159N/A };
0N/A
6159N/A throw new KeyResolverException("utils.resolver.noClass", exArgs);
6159N/A }
6159N/A if (log.isLoggable(java.util.logging.Level.FINE)) {
6159N/A log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass());
6159N/A }
0N/A
6159N/A X509Certificate cert = resolver.resolveX509Certificate(element, baseURI, storage);
6159N/A if (cert != null) {
6159N/A return cert;
6159N/A }
6159N/A }
6159N/A
6159N/A Object exArgs[] = {
6159N/A (((element != null) && (element.getNodeType() == Node.ELEMENT_NODE))
6159N/A ? element.getTagName() : "null")
6159N/A };
0N/A
6159N/A throw new KeyResolverException("utils.resolver.noClass", exArgs);
6159N/A }
0N/A
6159N/A /**
6159N/A * Method getPublicKey
6159N/A *
6159N/A * @param element
6159N/A * @param baseURI
6159N/A * @param storage
6159N/A * @return the public key contained in the element
6159N/A *
6159N/A * @throws KeyResolverException
6159N/A */
6159N/A public static final PublicKey getPublicKey(
6159N/A Element element, String baseURI, StorageResolver storage
6159N/A ) throws KeyResolverException {
6159N/A for (KeyResolver resolver : resolverVector) {
6159N/A if (resolver == null) {
6159N/A Object exArgs[] = {
6159N/A (((element != null)
6159N/A && (element.getNodeType() == Node.ELEMENT_NODE))
6159N/A ? element.getTagName() : "null")
6159N/A };
0N/A
6159N/A throw new KeyResolverException("utils.resolver.noClass", exArgs);
6159N/A }
6159N/A if (log.isLoggable(java.util.logging.Level.FINE)) {
661N/A log.log(java.util.logging.Level.FINE, "check resolvability by class " + resolver.getClass());
6159N/A }
661N/A
6159N/A PublicKey cert = resolver.resolvePublicKey(element, baseURI, storage);
6159N/A if (cert != null) {
6159N/A return cert;
6159N/A }
6159N/A }
6159N/A
6159N/A Object exArgs[] = {
6159N/A (((element != null) && (element.getNodeType() == Node.ELEMENT_NODE))
6159N/A ? element.getTagName() : "null")
6159N/A };
6159N/A
6159N/A throw new KeyResolverException("utils.resolver.noClass", exArgs);
6159N/A }
0N/A
6159N/A /**
6159N/A * This method is used for registering {@link KeyResolverSpi}s which are
6159N/A * available to <I>all</I> {@link com.sun.org.apache.xml.internal.security.keys.KeyInfo} objects. This means that
6159N/A * personalized {@link KeyResolverSpi}s should only be registered directly
6159N/A * to the {@link com.sun.org.apache.xml.internal.security.keys.KeyInfo} using
6159N/A * {@link com.sun.org.apache.xml.internal.security.keys.KeyInfo#registerInternalKeyResolver}.
6159N/A * Please note that this method will create a new copy of the underlying array, as the
6159N/A * underlying collection is a CopyOnWriteArrayList.
6159N/A *
6159N/A * @param className
6159N/A * @param globalResolver Whether the KeyResolverSpi is a global resolver or not
6159N/A * @throws InstantiationException
6159N/A * @throws IllegalAccessException
6159N/A * @throws ClassNotFoundException
6159N/A */
6159N/A public static void register(String className, boolean globalResolver)
6159N/A throws ClassNotFoundException, IllegalAccessException, InstantiationException {
6159N/A KeyResolverSpi keyResolverSpi =
6159N/A (KeyResolverSpi) Class.forName(className).newInstance();
6159N/A keyResolverSpi.setGlobalResolver(globalResolver);
6159N/A register(keyResolverSpi, false);
6159N/A }
661N/A
6159N/A /**
6159N/A * This method is used for registering {@link KeyResolverSpi}s which are
6159N/A * available to <I>all</I> {@link com.sun.org.apache.xml.internal.security.keys.KeyInfo} objects. This means that
6159N/A * personalized {@link KeyResolverSpi}s should only be registered directly
6159N/A * to the {@link com.sun.org.apache.xml.internal.security.keys.KeyInfo} using
6159N/A * {@link com.sun.org.apache.xml.internal.security.keys.KeyInfo#registerInternalKeyResolver}.
6159N/A * Please note that this method will create a new copy of the underlying array, as the
6159N/A * underlying collection is a CopyOnWriteArrayList.
6159N/A *
6159N/A * @param className
6159N/A * @param globalResolver Whether the KeyResolverSpi is a global resolver or not
6159N/A */
6159N/A public static void registerAtStart(String className, boolean globalResolver) {
6159N/A KeyResolverSpi keyResolverSpi = null;
6159N/A Exception ex = null;
6159N/A try {
6159N/A keyResolverSpi = (KeyResolverSpi) Class.forName(className).newInstance();
6159N/A } catch (ClassNotFoundException e) {
6159N/A ex = e;
6159N/A } catch (IllegalAccessException e) {
6159N/A ex = e;
6159N/A } catch (InstantiationException e) {
6159N/A ex = e;
6159N/A }
0N/A
6159N/A if (ex != null) {
6159N/A throw (IllegalArgumentException) new
6159N/A IllegalArgumentException("Invalid KeyResolver class name").initCause(ex);
6159N/A }
6159N/A keyResolverSpi.setGlobalResolver(globalResolver);
6159N/A register(keyResolverSpi, true);
6159N/A }
0N/A
6159N/A /**
6159N/A * This method is used for registering {@link KeyResolverSpi}s which are
6159N/A * available to <I>all</I> {@link com.sun.org.apache.xml.internal.security.keys.KeyInfo} objects. This means that
6159N/A * personalized {@link KeyResolverSpi}s should only be registered directly
6159N/A * to the {@link com.sun.org.apache.xml.internal.security.keys.KeyInfo} using
6159N/A * {@link com.sun.org.apache.xml.internal.security.keys.KeyInfo#registerInternalKeyResolver}.
6159N/A * Please note that this method will create a new copy of the underlying array, as the
6159N/A * underlying collection is a CopyOnWriteArrayList.
6159N/A *
6159N/A * @param keyResolverSpi a KeyResolverSpi instance to register
6159N/A * @param start whether to register the KeyResolverSpi at the start of the list or not
6159N/A */
6159N/A public static void register(
6159N/A KeyResolverSpi keyResolverSpi,
6159N/A boolean start
6159N/A ) {
6159N/A KeyResolver resolver = new KeyResolver(keyResolverSpi);
6159N/A if (start) {
6159N/A resolverVector.add(0, resolver);
6159N/A } else {
6159N/A resolverVector.add(resolver);
6159N/A }
6159N/A }
0N/A
6159N/A /**
6159N/A * This method is used for registering {@link KeyResolverSpi}s which are
6159N/A * available to <I>all</I> {@link com.sun.org.apache.xml.internal.security.keys.KeyInfo} objects. This means that
6159N/A * personalized {@link KeyResolverSpi}s should only be registered directly
6159N/A * to the {@link com.sun.org.apache.xml.internal.security.keys.KeyInfo} using
6159N/A * {@link com.sun.org.apache.xml.internal.security.keys.KeyInfo#registerInternalKeyResolver}.
6159N/A * The KeyResolverSpi instances are not registered as a global resolver.
6159N/A *
6159N/A *
6159N/A * @param classNames
6159N/A * @throws InstantiationException
6159N/A * @throws IllegalAccessException
6159N/A * @throws ClassNotFoundException
6159N/A */
6159N/A public static void registerClassNames(List<String> classNames)
6159N/A throws ClassNotFoundException, IllegalAccessException, InstantiationException {
6159N/A List<KeyResolver> keyResolverList = new ArrayList<KeyResolver>(classNames.size());
6159N/A for (String className : classNames) {
6159N/A KeyResolverSpi keyResolverSpi =
6159N/A (KeyResolverSpi) Class.forName(className).newInstance();
6159N/A keyResolverSpi.setGlobalResolver(false);
6159N/A keyResolverList.add(new KeyResolver(keyResolverSpi));
6159N/A }
6159N/A resolverVector.addAll(keyResolverList);
6159N/A }
0N/A
6159N/A /**
6159N/A * This method registers the default resolvers.
6159N/A */
6159N/A public static void registerDefaultResolvers() {
6159N/A
6159N/A List<KeyResolver> keyResolverList = new ArrayList<KeyResolver>();
6159N/A keyResolverList.add(new KeyResolver(new RSAKeyValueResolver()));
6159N/A keyResolverList.add(new KeyResolver(new DSAKeyValueResolver()));
6159N/A keyResolverList.add(new KeyResolver(new X509CertificateResolver()));
6159N/A keyResolverList.add(new KeyResolver(new X509SKIResolver()));
6159N/A keyResolverList.add(new KeyResolver(new RetrievalMethodResolver()));
6159N/A keyResolverList.add(new KeyResolver(new X509SubjectNameResolver()));
6159N/A keyResolverList.add(new KeyResolver(new X509IssuerSerialResolver()));
6159N/A
6159N/A resolverVector.addAll(keyResolverList);
6159N/A }
0N/A
6159N/A /**
6159N/A * Method resolvePublicKey
6159N/A *
6159N/A * @param element
6159N/A * @param baseURI
6159N/A * @param storage
6159N/A * @return resolved public key from the registered from the elements
6159N/A *
6159N/A * @throws KeyResolverException
6159N/A */
6159N/A public PublicKey resolvePublicKey(
6159N/A Element element, String baseURI, StorageResolver storage
6159N/A ) throws KeyResolverException {
6159N/A return resolverSpi.engineLookupAndResolvePublicKey(element, baseURI, storage);
6159N/A }
6159N/A
6159N/A /**
6159N/A * Method resolveX509Certificate
6159N/A *
6159N/A * @param element
6159N/A * @param baseURI
6159N/A * @param storage
6159N/A * @return resolved X509certificate key from the registered from the elements
6159N/A *
6159N/A * @throws KeyResolverException
6159N/A */
6159N/A public X509Certificate resolveX509Certificate(
6159N/A Element element, String baseURI, StorageResolver storage
6159N/A ) throws KeyResolverException {
6159N/A return resolverSpi.engineLookupResolveX509Certificate(element, baseURI, storage);
6159N/A }
0N/A
6159N/A /**
6159N/A * @param element
6159N/A * @param baseURI
6159N/A * @param storage
6159N/A * @return resolved SecretKey key from the registered from the elements
6159N/A * @throws KeyResolverException
6159N/A */
6159N/A public SecretKey resolveSecretKey(
6159N/A Element element, String baseURI, StorageResolver storage
6159N/A ) throws KeyResolverException {
6159N/A return resolverSpi.engineLookupAndResolveSecretKey(element, baseURI, storage);
6159N/A }
0N/A
6159N/A /**
6159N/A * Method setProperty
6159N/A *
6159N/A * @param key
6159N/A * @param value
6159N/A */
6159N/A public void setProperty(String key, String value) {
6159N/A resolverSpi.engineSetProperty(key, value);
6159N/A }
6159N/A
6159N/A /**
6159N/A * Method getProperty
6159N/A *
6159N/A * @param key
6159N/A * @return the property set for this resolver
6159N/A */
6159N/A public String getProperty(String key) {
6159N/A return resolverSpi.engineGetProperty(key);
6159N/A }
0N/A
0N/A
6159N/A /**
6159N/A * Method understandsProperty
6159N/A *
6159N/A * @param propertyToTest
6159N/A * @return true if the resolver understands property propertyToTest
6159N/A */
6159N/A public boolean understandsProperty(String propertyToTest) {
6159N/A return resolverSpi.understandsProperty(propertyToTest);
6159N/A }
0N/A
0N/A
6159N/A /**
6159N/A * Method resolverClassName
6159N/A *
6159N/A * @return the name of the resolver.
6159N/A */
6159N/A public String resolverClassName() {
6159N/A return resolverSpi.getClass().getName();
6159N/A }
661N/A
6159N/A /**
6159N/A * Iterate over the KeyResolverSpi instances
6159N/A */
6159N/A static class ResolverIterator implements Iterator<KeyResolverSpi> {
6159N/A List<KeyResolver> res;
6159N/A Iterator<KeyResolver> it;
6159N/A
6159N/A public ResolverIterator(List<KeyResolver> list) {
6159N/A res = list;
6159N/A it = res.iterator();
661N/A }
6159N/A
6159N/A public boolean hasNext() {
6159N/A return it.hasNext();
6159N/A }
661N/A
6159N/A public KeyResolverSpi next() {
6159N/A KeyResolver resolver = it.next();
6159N/A if (resolver == null) {
6159N/A throw new RuntimeException("utils.resolver.noClass");
6159N/A }
661N/A
6159N/A return resolver.resolverSpi;
6159N/A }
661N/A
6159N/A public void remove() {
6159N/A throw new UnsupportedOperationException("Can't remove resolvers using the iterator");
6159N/A }
6159N/A };
661N/A
6159N/A public static Iterator<KeyResolverSpi> iterator() {
6159N/A return new ResolverIterator(resolverVector);
6159N/A }
0N/A}