trunk/src/org/apache/ws/security/message/token/X509Security.java - ws-wss4j - Git at Google

 /*
  * Copyright  2003-2004 The Apache Software Foundation.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
  *  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  *  Unless required by applicable law or agreed to in writing, software
  *  distributed under the License is distributed on an "AS IS" BASIS,
  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  *
  */

 package org.apache.ws.security.message.token;

 import org.apache.ws.security.WSConstants;
 import org.apache.ws.security.WSSecurityException;
 import org.apache.ws.security.components.crypto.Crypto;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;

 import java.io.ByteArrayInputStream;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.X509Certificate;

 /**
  * X509 Security Token.
  * <p/>
  *
  * @author Davanum Srinivas (dims@yahoo.com).
  */
 public class X509Security extends BinarySecurity {

     public static final String X509_V3_TYPE = WSConstants.X509TOKEN_NS + "#X509v3";
     public static final String X509_V1_TYPE = WSConstants.X509TOKEN_NS + "#X509v1";

     /*
      * Stores the associated X.509 Certificate. This saves numerous
      * crypto loadCertificate operations
      */
     private X509Certificate cachedCert = null;

     /**
      * This constructor creates a new X509 certificate object and initializes
      * it from the data contained in the element.
      *
      * @param elem      the element containing the X509 certificate data
      * @throws WSSecurityException
      */
     public X509Security(Element elem) throws WSSecurityException {
         super(elem);
         String valueType = getValueType();
         if (!(valueType.equals(X509_V3_TYPE) || valueType.equals(X509_V1_TYPE))) {
             throw new WSSecurityException(
                 WSSecurityException.INVALID_SECURITY_TOKEN,
                 "invalidValueType",
                 new Object[]{getValueType()}
             );
         }
     }

     /**
      * This constructor creates a new X509 certificate element.
      *
      * @param doc
      */
     public X509Security(Document doc) {
         super(doc);
     }

     /**
      * Gets the X509Certificate certificate.
      * <p/>
      *
      * @return the X509 certificate converted from the base 64 encoded
      *         element data
      * @throws WSSecurityException
      */
     public X509Certificate getX509Certificate(Crypto crypto) throws WSSecurityException {
         if (cachedCert != null) {
             return cachedCert;
         }
         byte[] data = getToken();
         if (data == null) {
             throw new WSSecurityException(WSSecurityException.FAILURE,
                     "invalidCertData",
                     new Object[]{new Integer(0)});
         }
         ByteArrayInputStream in = new ByteArrayInputStream(data);
         cachedCert = crypto.loadCertificate(in);
         return cachedCert;
     }

     /**
      * Sets the X509Certificate.
      * This functions takes the X509 certificate, gets the data from it as
      * encoded bytes, and sets the data as base 64 encoded data in the text
      * node of the element
      *
      * @param cert the X509 certificate to store in the element
      * @throws WSSecurityException
      */
     public void setX509Certificate(X509Certificate cert)
             throws WSSecurityException {
         if (cert == null) {
             throw new WSSecurityException(WSSecurityException.FAILURE, "noCert");
         }
         if (cert.getVersion() == 1) {
             setValueType(X509_V1_TYPE);
         } else {
             setValueType(X509_V3_TYPE);
         }
         cachedCert = cert;
         try {
             setToken(cert.getEncoded());
         } catch (CertificateEncodingException e) {
             throw new WSSecurityException(
                 WSSecurityException.SECURITY_TOKEN_UNAVAILABLE, "encodeError", null, e
             );
         }
     }
 }
	/*
	* Copyright 2003-2004 The Apache Software Foundation.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*
	*/

	package org.apache.ws.security.message.token;

	import org.apache.ws.security.WSConstants;
	import org.apache.ws.security.WSSecurityException;
	import org.apache.ws.security.components.crypto.Crypto;
	import org.w3c.dom.Document;
	import org.w3c.dom.Element;

	import java.io.ByteArrayInputStream;
	import java.security.cert.CertificateEncodingException;
	import java.security.cert.X509Certificate;

	/**
	* X509 Security Token.
	* <p/>
	*
	* @author Davanum Srinivas (dims@yahoo.com).
	*/
	public class X509Security extends BinarySecurity {

	public static final String X509_V3_TYPE = WSConstants.X509TOKEN_NS + "#X509v3";
	public static final String X509_V1_TYPE = WSConstants.X509TOKEN_NS + "#X509v1";

	/*
	* Stores the associated X.509 Certificate. This saves numerous
	* crypto loadCertificate operations
	*/
	private X509Certificate cachedCert = null;

	/**
	* This constructor creates a new X509 certificate object and initializes
	* it from the data contained in the element.
	*
	* @param elem the element containing the X509 certificate data
	* @throws WSSecurityException
	*/
	public X509Security(Element elem) throws WSSecurityException {
	super(elem);
	String valueType = getValueType();
	if (!(valueType.equals(X509_V3_TYPE) \|\| valueType.equals(X509_V1_TYPE))) {
	throw new WSSecurityException(
	WSSecurityException.INVALID_SECURITY_TOKEN,
	"invalidValueType",
	new Object[]{getValueType()}
	);
	}
	}

	/**
	* This constructor creates a new X509 certificate element.
	*
	* @param doc
	*/
	public X509Security(Document doc) {
	super(doc);
	}

	/**
	* Gets the X509Certificate certificate.
	* <p/>
	*
	* @return the X509 certificate converted from the base 64 encoded
	* element data
	* @throws WSSecurityException
	*/
	public X509Certificate getX509Certificate(Crypto crypto) throws WSSecurityException {
	if (cachedCert != null) {
	return cachedCert;
	}
	byte[] data = getToken();
	if (data == null) {
	throw new WSSecurityException(WSSecurityException.FAILURE,
	"invalidCertData",
	new Object[]{new Integer(0)});
	}
	ByteArrayInputStream in = new ByteArrayInputStream(data);
	cachedCert = crypto.loadCertificate(in);
	return cachedCert;
	}

	/**
	* Sets the X509Certificate.
	* This functions takes the X509 certificate, gets the data from it as
	* encoded bytes, and sets the data as base 64 encoded data in the text
	* node of the element
	*
	* @param cert the X509 certificate to store in the element
	* @throws WSSecurityException
	*/
	public void setX509Certificate(X509Certificate cert)
	throws WSSecurityException {
	if (cert == null) {
	throw new WSSecurityException(WSSecurityException.FAILURE, "noCert");
	}
	if (cert.getVersion() == 1) {
	setValueType(X509_V1_TYPE);
	} else {
	setValueType(X509_V3_TYPE);
	}
	cachedCert = cert;
	try {
	setToken(cert.getEncoded());
	} catch (CertificateEncodingException e) {
	throw new WSSecurityException(
	WSSecurityException.SECURITY_TOKEN_UNAVAILABLE, "encodeError", null, e
	);
	}
	}
	}