1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.stax.impl.securityToken;
20
21 import java.security.Key;
22
23 import javax.crypto.spec.SecretKeySpec;
24 import javax.security.auth.callback.CallbackHandler;
25
26 import org.apache.wss4j.common.ext.WSPasswordCallback;
27 import org.apache.wss4j.common.ext.WSSecurityException;
28 import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
29 import org.apache.wss4j.stax.ext.WSSConstants;
30 import org.apache.wss4j.stax.securityToken.EncryptedKeySha1SecurityToken;
31 import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
32 import org.apache.wss4j.stax.utils.WSSUtils;
33 import org.apache.xml.security.algorithms.JCEMapper;
34 import org.apache.xml.security.exceptions.XMLSecurityException;
35 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
36 import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
37 import org.apache.xml.security.stax.securityToken.SecurityTokenConstants;
38
39 public class EncryptedKeySha1SecurityTokenImpl
40 extends AbstractInboundSecurityToken implements EncryptedKeySha1SecurityToken {
41
42 private CallbackHandler callbackHandler;
43
44 public EncryptedKeySha1SecurityTokenImpl(
45 WSInboundSecurityContext inboundSecurityContext, CallbackHandler callbackHandler,
46 String sha1Identifier, String id) {
47
48 super(inboundSecurityContext, id, WSSecurityTokenConstants.KEYIDENTIFIER_ENCRYPTED_KEY_SHA1_IDENTIFIER, false);
49 this.callbackHandler = callbackHandler;
50 setSha1Identifier(sha1Identifier);
51 }
52
53 @Override
54 public boolean isAsymmetric() throws XMLSecurityException {
55 return false;
56 }
57
58 @Override
59 protected Key getKey(String algorithmURI, XMLSecurityConstants.AlgorithmUsage algorithmUsage,
60 String correlationID) throws XMLSecurityException {
61
62 Key key = getSecretKey().get(algorithmURI);
63 if (key != null) {
64 return key;
65 }
66
67 WSPasswordCallback secretKeyCallback =
68 new WSPasswordCallback(getSha1Identifier(), null,
69 WSSConstants.NS_ENCRYPTED_KEY_SHA1, WSPasswordCallback.SECRET_KEY);
70 WSSUtils.doSecretKeyCallback(callbackHandler, secretKeyCallback);
71 if (secretKeyCallback.getKey() == null) {
72 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noKey",
73 new Object[] {getSha1Identifier()});
74 }
75
76 String keyAlgorithm = JCEMapper.getJCEKeyAlgorithmFromURI(algorithmURI);
77 key = new SecretKeySpec(secretKeyCallback.getKey(), keyAlgorithm);
78 setSecretKey(algorithmURI, key);
79 return key;
80 }
81
82 @Override
83 public SecurityTokenConstants.TokenType getTokenType() {
84 return WSSecurityTokenConstants.EncryptedKeyToken;
85 }
86 }