1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.stax.impl.securityToken;
20
21 import java.io.IOException;
22 import java.io.InputStream;
23 import java.security.cert.CertPath;
24 import java.security.cert.Certificate;
25 import java.security.cert.CertificateException;
26 import java.security.cert.X509Certificate;
27 import java.util.Iterator;
28 import java.util.List;
29
30 import javax.security.auth.callback.CallbackHandler;
31
32 import org.apache.wss4j.common.crypto.Crypto;
33 import org.apache.wss4j.common.ext.WSSecurityException;
34 import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
35 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
36 import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
37 import org.apache.xml.security.exceptions.XMLSecurityException;
38 import org.apache.xml.security.utils.UnsyncByteArrayInputStream;
39
40 public class X509PKIPathv1SecurityTokenImpl extends X509SecurityTokenImpl {
41
42 private String alias;
43
44 public X509PKIPathv1SecurityTokenImpl(
45 WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
46 byte[] binaryContent, String id, WSSecurityTokenConstants.KeyIdentifier keyIdentifier,
47 WSSSecurityProperties securityProperties) throws XMLSecurityException {
48
49 super(WSSecurityTokenConstants.X509PkiPathV1Token, wsInboundSecurityContext, crypto,
50 callbackHandler, id, keyIdentifier, securityProperties, true);
51
52 try (InputStream in = new UnsyncByteArrayInputStream(binaryContent)) {
53 CertPath certPath = getCrypto().getCertificateFactory().generateCertPath(in);
54 List<? extends Certificate> l = certPath.getCertificates();
55 X509Certificate[] certs = new X509Certificate[l.size()];
56 Iterator<? extends Certificate> iterator = l.iterator();
57 for (int i = 0; i < l.size(); i++) {
58 certs[i] = (X509Certificate) iterator.next();
59 }
60 if (certs.length > 0) {
61 setX509Certificates(certs);
62 }
63 } catch (CertificateException | IOException e) {
64 throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, e, "parseError");
65 }
66 }
67
68 @Override
69 protected String getAlias() throws XMLSecurityException {
70 if (this.alias == null && getCrypto() != null) {
71 this.alias = getCrypto().getX509Identifier(getX509Certificates()[0]);
72 }
73 return this.alias;
74 }
75 }