1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.stax.impl.securityToken;
20
21 import java.security.Key;
22 import java.security.Principal;
23 import java.security.PublicKey;
24
25 import javax.security.auth.Subject;
26 import javax.security.auth.callback.CallbackHandler;
27
28 import org.apache.wss4j.common.crypto.Crypto;
29 import org.apache.wss4j.common.ext.WSSecurityException;
30 import org.apache.wss4j.common.principal.PublicKeyPrincipalImpl;
31 import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
32 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
33 import org.apache.wss4j.stax.securityToken.RsaKeyValueSecurityToken;
34 import org.apache.xml.security.binding.xmldsig.RSAKeyValueType;
35 import org.apache.xml.security.exceptions.XMLSecurityException;
36 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
37
38 public class RsaKeyValueSecurityTokenImpl
39 extends org.apache.xml.security.stax.impl.securityToken.RsaKeyValueSecurityToken
40 implements RsaKeyValueSecurityToken {
41
42 private CallbackHandler callbackHandler;
43 private Crypto crypto;
44 private WSSSecurityProperties securityProperties;
45 private Principal principal;
46
47 public RsaKeyValueSecurityTokenImpl(
48 RSAKeyValueType rsaKeyValueType, WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto,
49 CallbackHandler callbackHandler, WSSSecurityProperties securityProperties) {
50 super(rsaKeyValueType, wsInboundSecurityContext);
51 this.crypto = crypto;
52 this.callbackHandler = callbackHandler;
53 this.securityProperties = securityProperties;
54 }
55
56 @Override
57 public void verify() throws XMLSecurityException {
58 crypto.verifyTrust(getPublicKey());
59 }
60
61 @Override
62 public Subject getSubject() throws WSSecurityException {
63 return null;
64 }
65
66 @Override
67 public Key getKey(String algorithmURI, XMLSecurityConstants.AlgorithmUsage algorithmUsage,
68 String correlationID) throws XMLSecurityException {
69 PublicKey publicKey = getPublicKey();
70
71 try {
72 return crypto.getPrivateKey(publicKey, callbackHandler);
73 } catch (WSSecurityException ex) {
74
75 Crypto decCrypto = securityProperties.getDecryptionCrypto();
76 if (decCrypto != null && decCrypto != crypto) {
77 return decCrypto.getPrivateKey(publicKey, callbackHandler);
78 }
79 throw ex;
80 }
81 }
82
83 @Override
84 public Principal getPrincipal() throws WSSecurityException {
85 if (this.principal == null) {
86 try {
87 this.principal = new PublicKeyPrincipalImpl(getPublicKey());
88 } catch (XMLSecurityException e) {
89 throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, e);
90 }
91 }
92 return this.principal;
93 }
94 }