1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.stax.ext;
20
21 import java.lang.reflect.Constructor;
22 import java.security.KeyStore;
23 import java.security.cert.CertStore;
24 import java.util.Properties;
25
26 import org.apache.wss4j.common.crypto.Crypto;
27 import org.apache.wss4j.common.crypto.CryptoFactory;
28 import org.apache.wss4j.common.crypto.Merlin;
29 import org.apache.wss4j.common.crypto.PasswordEncryptor;
30 import org.apache.wss4j.common.util.Loader;
31 import org.apache.xml.security.stax.config.ConfigurationProperties;
32
33
34
35
36 class WSSCrypto {
37
38 protected static final transient org.slf4j.Logger LOG =
39 org.slf4j.LoggerFactory.getLogger(WSSCrypto.class);
40
41 private Class<? extends Merlin> cryptoClass = Merlin.class;
42 private Properties cryptoProperties;
43 private Crypto cachedCrypto;
44 private KeyStore cachedKeyStore;
45 private KeyStore keyStore;
46 private CertStore crlCertStore;
47 private PasswordEncryptor passwordEncryptor;
48
49 public Crypto getCrypto() throws WSSConfigurationException {
50
51 if (keyStore == cachedKeyStore && cachedCrypto != null) {
52 return cachedCrypto;
53 }
54
55 Merlin crypto = null;
56 if (cryptoProperties != null) {
57 try {
58 Constructor<?> ctor =
59 cryptoClass.getConstructor(Properties.class, ClassLoader.class, PasswordEncryptor.class);
60 crypto = (Merlin)ctor.newInstance(cryptoProperties,
61 Loader.getClassLoader(CryptoFactory.class),
62 passwordEncryptor);
63 keyStore = crypto.getKeyStore();
64 } catch (Exception e) {
65 throw new WSSConfigurationException(WSSConfigurationException.ErrorCode.FAILURE, e, "signatureCryptoFailure");
66 }
67 } else {
68 try {
69 crypto = cryptoClass.getDeclaredConstructor().newInstance();
70 crypto.setDefaultX509Identifier(ConfigurationProperties.getProperty("DefaultX509Alias"));
71 crypto.setCryptoProvider(ConfigurationProperties.getProperty("CertProvider"));
72 crypto.setKeyStore(this.getKeyStore());
73 crypto.setCRLCertStore(this.getCrlCertStore());
74 crypto.setPasswordEncryptor(passwordEncryptor);
75 } catch (Exception e) {
76 throw new WSSConfigurationException(WSSConfigurationException.ErrorCode.FAILURE, e, "signatureCryptoFailure");
77 }
78 }
79
80 cachedCrypto = crypto;
81 cachedKeyStore = crypto.getKeyStore();
82 return crypto;
83 }
84
85 public void setCrypto(Crypto crypto) {
86 cachedCrypto = crypto;
87 if (crypto instanceof Merlin) {
88 keyStore = ((Merlin)crypto).getKeyStore();
89 cachedKeyStore = keyStore;
90 }
91 }
92
93 public Class<? extends Merlin> getCryptoClass() {
94 return cryptoClass;
95 }
96
97 public void setCryptoClass(Class<? extends Merlin> cryptoClass) {
98 this.cryptoClass = cryptoClass;
99 }
100
101 public Properties getCryptoProperties() {
102 return cryptoProperties;
103 }
104
105 public void setCryptoProperties(Properties cryptoProperties) {
106 this.cryptoProperties = cryptoProperties;
107 }
108
109 public KeyStore getKeyStore() {
110 return keyStore;
111 }
112
113 public void setKeyStore(KeyStore keyStore) {
114 this.keyStore = keyStore;
115 }
116
117 public CertStore getCrlCertStore() {
118 return crlCertStore;
119 }
120
121 public void setCrlCertStore(CertStore crlCertStore) {
122 this.crlCertStore = crlCertStore;
123 }
124
125 public PasswordEncryptor getPasswordEncryptor() {
126 return passwordEncryptor;
127 }
128
129 public void setPasswordEncryptor(PasswordEncryptor passwordEncryptor) {
130 this.passwordEncryptor = passwordEncryptor;
131 }
132 }