/** * Constructor. * * @param elem The PKIPath element to process * @param bspCompliant Whether the token is processed according to the BSP spec * @throws WSSecurityException */ public PKIPathSecurity(Element elem, boolean bspCompliant) throws WSSecurityException { super(elem, bspCompliant); if (bspCompliant && !PKI_TYPE.equals(getValueType())) { throw new WSSecurityException( WSSecurityException.INVALID_SECURITY_TOKEN, "invalidValueType", new Object[]{PKI_TYPE, getValueType()} ); } }
/** * Extracts the certificate(s) from the Binary Security token reference. * * @param token The BinarySecurity instance corresponding to either X509Security or * PKIPathSecurity * @return The X509Certificates associated with this reference * @throws WSSecurityException */ private X509Certificate[] getCertificatesTokenReference(BinarySecurity token, Crypto crypto) throws WSSecurityException { if (token instanceof PKIPathSecurity) { return ((PKIPathSecurity) token).getX509Certificates(crypto); } else if (token instanceof X509Security) { X509Certificate cert = ((X509Security) token).getX509Certificate(crypto); return new X509Certificate[]{cert}; } return null; }
/** * Constructor. */ public PKIPathSecurity(Document doc) { super(doc); setValueType(PKI_TYPE); }
/** * Checks the <code>element</code> and creates appropriate binary security object. * * @param element The XML element that contains either a <code>BinarySecurityToken * </code> or a <code>PKIPath</code> element. * @param config A WSSConfig instance * @return a BinarySecurity token element * @throws WSSecurityException */ private BinarySecurity createSecurityToken( Element element, WSSConfig config ) throws WSSecurityException { String type = element.getAttributeNS(null, "ValueType"); BinarySecurity token = null; if (X509Security.X509_V3_TYPE.equals(type)) { token = new X509Security(element, config.isWsiBSPCompliant()); } else if (PKIPathSecurity.getType().equals(type)) { token = new PKIPathSecurity(element, config.isWsiBSPCompliant()); } else if (KerberosSecurity.isKerberosToken(type)) { token = new KerberosSecurity(element, config.isWsiBSPCompliant()); } else { token = new BinarySecurity(element, config.isWsiBSPCompliant()); } return token; }
ref.setURI("#" + certUri); if (!useSingleCert) { bstToken = new PKIPathSecurity(document); ((PKIPathSecurity) bstToken).setX509Certificates(certs, crypto); secRef.addTokenType(PKIPathSecurity.PKI_TYPE); } else {
/** * set the X509Certificate array. * * @param certs * @param crypto * @throws WSSecurityException */ public void setX509Certificates( X509Certificate[] certs, Crypto crypto ) throws WSSecurityException { if (certs == null) { throw new WSSecurityException(WSSecurityException.FAILURE, "noCert"); } byte[] data = crypto.getBytesFromCertificates(certs); setToken(data); }
/** * get the X509Certificate array. * * @param crypto * @return array of certificates * @throws WSSecurityException */ public X509Certificate[] getX509Certificates(Crypto crypto) throws WSSecurityException { byte[] data = getToken(); if (data == null) { return null; } if (crypto == null) { throw new WSSecurityException(WSSecurityException.FAILURE, "noSigCryptoFile"); } return crypto.getCertificatesFromBytes(data); }
String type = dereferencedToken.getAttributeNS(null, "ValueType"); if ((X509Security.X509_V3_TYPE.equals(type) || PKIPathSecurity.getType().equals(type))) {
/** * Checks the <code>element</code> and creates appropriate binary security object. * * @param element The XML element that contains either a <code>BinarySecurityToken * </code> or a <code>PKIPath</code> element. * @param config A WSSConfig instance * @return a BinarySecurity token element * @throws WSSecurityException */ private BinarySecurity createSecurityToken( Element element, WSSConfig config ) throws WSSecurityException { String type = element.getAttributeNS(null, "ValueType"); BinarySecurity token = null; if (X509Security.X509_V3_TYPE.equals(type)) { token = new X509Security(element, config.isWsiBSPCompliant()); } else if (PKIPathSecurity.getType().equals(type)) { token = new PKIPathSecurity(element, config.isWsiBSPCompliant()); } else if (KerberosSecurity.isKerberosToken(type)) { token = new KerberosSecurity(element, config.isWsiBSPCompliant()); } else { token = new BinarySecurity(element, config.isWsiBSPCompliant()); } return token; }
ref.setURI("#" + certUri); if (!useSingleCert) { bstToken = new PKIPathSecurity(document); ((PKIPathSecurity) bstToken).setX509Certificates(certs, crypto); secRef.addTokenType(PKIPathSecurity.PKI_TYPE); } else {
/** * set the X509Certificate array. * * @param certs * @param crypto * @throws WSSecurityException */ public void setX509Certificates( X509Certificate[] certs, Crypto crypto ) throws WSSecurityException { if (certs == null) { throw new WSSecurityException(WSSecurityException.FAILURE, "noCert"); } byte[] data = crypto.getBytesFromCertificates(certs); setToken(data); }
/** * get the X509Certificate array. * * @param crypto * @return array of certificates * @throws WSSecurityException */ public X509Certificate[] getX509Certificates(Crypto crypto) throws WSSecurityException { byte[] data = getToken(); if (data == null) { return null; } if (crypto == null) { throw new WSSecurityException(WSSecurityException.FAILURE, "noSigCryptoFile"); } return crypto.getCertificatesFromBytes(data); }
String type = dereferencedToken.getAttributeNS(null, "ValueType"); if ((X509Security.X509_V3_TYPE.equals(type) || PKIPathSecurity.getType().equals(type))) {
/** * Constructor. */ public PKIPathSecurity(Document doc) { super(doc); setValueType(PKI_TYPE); }
/** * Constructor. * * @param elem The PKIPath element to process * @param bspCompliant Whether the token is processed according to the BSP spec * @throws WSSecurityException */ public PKIPathSecurity(Element elem, boolean bspCompliant) throws WSSecurityException { super(elem, bspCompliant); if (bspCompliant && !PKI_TYPE.equals(getValueType())) { throw new WSSecurityException( WSSecurityException.INVALID_SECURITY_TOKEN, "invalidValueType", new Object[]{PKI_TYPE, getValueType()} ); } }
/** * Extracts the certificate(s) from the Binary Security token reference. * * @param token The BinarySecurity instance corresponding to either X509Security or * PKIPathSecurity * @return The X509Certificates associated with this reference * @throws WSSecurityException */ private X509Certificate[] getCertificatesTokenReference(BinarySecurity token, Crypto crypto) throws WSSecurityException { if (token instanceof PKIPathSecurity) { return ((PKIPathSecurity) token).getX509Certificates(crypto); } else if (token instanceof X509Security) { X509Certificate cert = ((X509Security) token).getX509Certificate(crypto); return new X509Certificate[]{cert}; } return null; }