001: /*
002: * WSSKeyInfoFactory.java
003: *
004: * Created on August 2, 2006, 3:54 PM
005: *
006: * The contents of this file are subject to the terms
007: * of the Common Development and Distribution License
008: * (the License). You may not use this file except in
009: * compliance with the License.
010: *
011: * You can obtain a copy of the license at
012: * https://glassfish.dev.java.net/public/CDDLv1.0.html.
013: * See the License for the specific language governing
014: * permissions and limitations under the License.
015: *
016: * When distributing Covered Code, include this CDDL
017: * Header Notice in each file and include the License file
018: * at https://glassfish.dev.java.net/public/CDDLv1.0.html.
019: * If applicable, add the following below the CDDL Header,
020: * with the fields enclosed by brackets [] replaced by
021: * you own identifying information:
022: * "Portions Copyrighted [year] [name of copyright owner]"
023: *
024: * Copyright 2006 Sun Microsystems Inc. All Rights Reserved
025: */
026:
027: package com.sun.xml.ws.security.opt.impl.util;
028:
029: import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
030:
031: import com.sun.xml.security.core.dsig.KeyInfoType;
032: import com.sun.xml.security.core.xenc.CipherDataType;
033: import com.sun.xml.security.core.xenc.EncryptedDataType;
034: import com.sun.xml.security.core.xenc.EncryptedKeyType;
035: import com.sun.xml.security.core.xenc.EncryptionMethodType;
036:
037: import com.sun.xml.ws.api.SOAPVersion;
038: import com.sun.xml.ws.security.opt.api.EncryptedData;
039: import com.sun.xml.ws.security.opt.api.EncryptedKey;
040: import com.sun.xml.ws.security.opt.api.SecurityElement;
041: import com.sun.xml.ws.security.opt.impl.enc.EncryptedHeader;
042: import com.sun.xml.ws.security.opt.impl.keyinfo.*;
043: import com.sun.xml.ws.security.opt.impl.message.GSHeaderElement;
044: import com.sun.xml.ws.security.opt.impl.reference.DirectReference;
045: import com.sun.xml.ws.security.opt.api.reference.Reference;
046: import com.sun.xml.ws.security.opt.impl.reference.KeyIdentifier;
047: import com.sun.xml.ws.security.opt.impl.reference.X509Data;
048: import com.sun.xml.ws.security.secconv.impl.bindings.DerivedKeyTokenType;
049: import com.sun.xml.ws.security.secext10.BinarySecurityTokenType;
050: import com.sun.xml.ws.security.secext10.SecurityTokenReferenceType;
051: import com.sun.xml.ws.security.opt.crypto.dsig.keyinfo.KeyInfo;
052: import com.sun.xml.ws.security.opt.crypto.dsig.keyinfo.KeyName;
053: import com.sun.xml.ws.security.opt.impl.enc.JAXBEncryptedData;
054: import com.sun.xml.ws.security.opt.impl.enc.JAXBEncryptedKey;
055: import com.sun.xml.ws.security.secext11.EncryptedHeaderType;
056: import com.sun.xml.wss.XWSSecurityException;
057: import com.sun.xml.wss.impl.MessageConstants;
058:
059: import java.net.URI;
060: import java.security.Key;
061: import java.math.BigInteger;
062: import java.util.ArrayList;
063: import java.util.List;
064: import java.util.Collections;
065:
066: import com.sun.xml.ws.security.opt.impl.outgoing.SecurityHeader;
067: import com.sun.xml.ws.security.secconv.impl.bindings.SecurityContextTokenType;
068: import javax.xml.bind.JAXBElement;
069: import javax.xml.crypto.Data;
070:
071: import com.sun.xml.ws.security.opt.impl.reference.X509IssuerSerial;
072:
073: /**
074: *
075: * @author K.Venugopal@sun.com
076: */
077: public class WSSElementFactory {
078:
079: static {
080: com.sun.org.apache.xml.internal.security.Init.init();
081:
082: }
083: private SOAPVersion soapVersion = SOAPVersion.SOAP_11;
084:
085: public static final com.sun.xml.security.core.xenc.ObjectFactory eoFactory = new com.sun.xml.security.core.xenc.ObjectFactory();
086:
087: /** Creates a new instance of WSSKeyInfoFactory */
088: public WSSElementFactory(SOAPVersion soapVersion) {
089: this .soapVersion = soapVersion;
090: }
091:
092: public SecurityHeader createSecurityHeader() {
093: return new SecurityHeader();
094: }
095:
096: public SecurityHeader createSecurityHeader(int headerLayout,
097: String soapVersion) {
098: return new SecurityHeader(headerLayout, soapVersion);
099: }
100:
101: /*
102: * Create a BinarySecurity Token Header element.
103: *
104: */
105: public BinarySecurityToken createBinarySecurityToken(String id,
106: String valueType, String encodingType, byte[] cert) {
107: BinarySecurityTokenType bst = new BinarySecurityTokenType();
108: bst.setValueType(valueType);
109: bst.setId(id);
110: bst.setEncodingType(encodingType);
111: //bst.setValue(Base64.encode(cert));
112: bst.setValue(cert);
113: return new BinarySecurityToken(bst, soapVersion);
114: }
115:
116: /*
117: * Create a BinarySecurity Token Header element.
118: *
119: */
120: public BinarySecurityToken createBinarySecurityToken(String id,
121: byte[] cert) {
122: return createBinarySecurityToken(id,
123: MessageConstants.X509v3_NS,
124: MessageConstants.BASE64_ENCODING_NS, cert);
125: }
126:
127: /**
128: *Create a SecurityTokenReference
129: *
130: */
131: public SecurityTokenReference createSecurityTokenReference(
132: Reference reference) {
133: SecurityTokenReference str = new SecurityTokenReference(
134: soapVersion);
135: str.setReference(reference);
136: return str;
137: }
138:
139: public SecurityTokenReference createSecurityTokenReference() {
140: SecurityTokenReference str = new SecurityTokenReference(
141: soapVersion);
142: return str;
143: }
144:
145: /**
146: * Creates a DirectReference element
147: *
148: */
149: public DirectReference createDirectReference() {
150: return new DirectReference(soapVersion);
151: }
152:
153: public KeyIdentifier createKeyIdentifier() {
154: return new KeyIdentifier(soapVersion);
155: }
156:
157: public X509Data createX509DataWithIssuerSerial(X509IssuerSerial xis) {
158: X509Data x509Data = new X509Data(soapVersion);
159: List<Object> list = new ArrayList<Object>();
160: list.add(xis);
161: x509Data.setX509IssuerSerialOrX509SKIOrX509SubjectName(list);
162: return x509Data;
163: }
164:
165: public GSHeaderElement createGSHeaderElement(JAXBElement el) {
166: return new GSHeaderElement(el, soapVersion);
167: }
168:
169: public GSHeaderElement createGSHeaderElement(Object obj) {
170: return new GSHeaderElement(obj, soapVersion);
171: }
172:
173: public SecurityContextToken createSecurityContextToken(
174: URI identifier, String instance, String wsuId) {
175: return new SecurityContextToken(identifier, instance, wsuId,
176: soapVersion);
177: }
178:
179: public SecurityContextToken createSecurityContextToken(
180: SecurityContextTokenType sTokenType, String wsuId) {
181: return new SecurityContextToken(sTokenType, soapVersion);
182: }
183:
184: public X509IssuerSerial createX509IssuerSerial(String issuerName,
185: BigInteger serialNumber) {
186: X509IssuerSerial xis = new X509IssuerSerial(soapVersion);
187: xis.setX509IssuerName(issuerName);
188: xis.setX509SerialNumber(serialNumber);
189:
190: return xis;
191: }
192:
193: public KeyInfo createKeyInfo(SecurityTokenReference str) {
194: KeyInfo keyInfo = new KeyInfo();
195: JAXBElement je = new com.sun.xml.ws.security.secext10.ObjectFactory()
196: .createSecurityTokenReference(str);
197: List strList = Collections.singletonList(je);
198: keyInfo.setContent(strList);
199: return keyInfo;
200: }
201:
202: public KeyInfo createKeyInfo(KeyName name) {
203: KeyInfo keyInfo = new KeyInfo();
204: List strList = Collections.singletonList(name);
205: keyInfo.setContent(strList);
206: return keyInfo;
207: }
208:
209: public EncryptedData createEncryptedData(String id, Data data,
210: String dataAlgo, KeyInfoType keyInfo, Key key,
211: boolean contentOnly) {
212: EncryptedDataType edt = new EncryptedDataType();
213: if (contentOnly) {
214: edt.setType(MessageConstants.ENCRYPT_ELEMENT_CONTENT);
215: } else {
216: edt.setType(MessageConstants.ENCRYPT_ELEMENT);
217: }
218: EncryptionMethodType emt = new EncryptionMethodType();
219: emt.setAlgorithm(dataAlgo);
220: edt.setEncryptionMethod(emt);
221: CipherDataType ct = new CipherDataType();
222: ct.setCipherValue("ed".getBytes());
223: edt.setCipherData(ct);
224: edt.setId(id);
225: if (keyInfo != null) {
226: edt.setKeyInfo(keyInfo);
227: }
228: return new JAXBEncryptedData(edt, data, key, soapVersion);
229: }
230:
231: public EncryptedHeader createEncryptedHeader(String ehId,
232: String edId, Data data, String dataAlgo,
233: KeyInfoType keyInfo, Key key, boolean contentOnly) {
234: EncryptedHeaderType eht = new EncryptedHeaderType();
235: EncryptedDataType edt = new EncryptedDataType();
236: if (contentOnly) {
237: // TODO: not valid, need to throw exception here
238: edt.setType(MessageConstants.ENCRYPT_ELEMENT_CONTENT);
239: } else {
240: edt.setType(MessageConstants.ENCRYPT_ELEMENT);
241: }
242: EncryptionMethodType emt = new EncryptionMethodType();
243: emt.setAlgorithm(dataAlgo);
244: edt.setEncryptionMethod(emt);
245: CipherDataType ct = new CipherDataType();
246: ct.setCipherValue("ed".getBytes());
247: edt.setCipherData(ct);
248: edt.setId(edId);
249: if (keyInfo != null) {
250: edt.setKeyInfo(keyInfo);
251: }
252: eht.setEncryptedData(edt);
253: eht.setId(ehId);
254: if (soapVersion == SOAPVersion.SOAP_11) {
255: eht.setMustUnderstand(true);
256: } else if (soapVersion == SOAPVersion.SOAP_12) {
257: eht.setMustUnderstand12(true);
258: }
259: EncryptedHeader eh = new EncryptedHeader(eht, data, key,
260: soapVersion);
261: return eh;
262: }
263:
264: public EncryptedKey createEncryptedKey(String id,
265: String keyEncAlgo, KeyInfo keyInfo, Key dkEK, Key dataEncKey)
266: throws XWSSecurityException {
267: EncryptedKeyType ekt = eoFactory.createEncryptedKeyType();
268: EncryptionMethodType emt = eoFactory
269: .createEncryptionMethodType();
270: emt.setAlgorithm(keyEncAlgo);
271: ekt.setEncryptionMethod(emt);
272: ekt.setKeyInfo(keyInfo);
273: CipherDataType ct = new CipherDataType();
274: ct.setCipherValue("ek".getBytes());
275: ekt.setCipherData(ct);
276: ekt.setId(id);
277: return new JAXBEncryptedKey(ekt, dkEK, dataEncKey, soapVersion);
278: }
279:
280: public JAXBElement<com.sun.xml.security.core.xenc.ReferenceType> createDataReference(
281: SecurityElement se) {
282: com.sun.xml.security.core.xenc.ReferenceType rt = eoFactory
283: .createReferenceType();
284: rt.setURI("#" + se.getId());
285: return eoFactory.createReferenceListDataReference(rt);
286:
287: }
288:
289: public KeyInfoType createKeyInfoType(String keyAlgo,
290: String refType, String refId) {
291: return new KeyInfoType();
292: }
293:
294: public DerivedKey createDerivedKey(String id, String algo,
295: byte[] nonce, long offset, long length, String label,
296: SecurityTokenReference str) {
297: DerivedKeyTokenType dkt = new DerivedKeyTokenType();
298: dkt.setId(id);
299: dkt.setOffset(BigInteger.valueOf(offset));
300: dkt.setNonce(nonce);
301: dkt.setLength(BigInteger.valueOf(length));
302: dkt.setSecurityTokenReference(str);
303: //dkt.setLabel(label);
304: //dkt.setAlgorithm(algo);
305: return new DerivedKey(dkt, soapVersion);
306: }
307:
308: public DerivedKey createDerivedKey(String id, String algo,
309: byte[] nonce, long offset, long length, String label,
310: SecurityTokenReferenceType str) {
311: DerivedKeyTokenType dkt = new DerivedKeyTokenType();
312: dkt.setId(id);
313: dkt.setOffset(BigInteger.valueOf(offset));
314: dkt.setNonce(nonce);
315: dkt.setLength(BigInteger.valueOf(length));
316: dkt.setSecurityTokenReference(str);
317: //dkt.setLabel(label);
318: //dkt.setAlgorithm(algo);
319: return new DerivedKey(dkt, soapVersion);
320: }
321:
322: public DerivedKey createDerivedKey(String id, String algo,
323: byte[] nonce, long offset, long length, String label,
324: SecurityTokenReferenceType str, String refId) {
325: DerivedKeyTokenType dkt = new DerivedKeyTokenType();
326: dkt.setId(id);
327: dkt.setOffset(BigInteger.valueOf(offset));
328: dkt.setNonce(nonce);
329: dkt.setLength(BigInteger.valueOf(length));
330: dkt.setSecurityTokenReference(str);
331: //dkt.setLabel(label);
332: //dkt.setAlgorithm(algo);
333: return new DerivedKey(dkt, soapVersion, refId);
334: }
335:
336: protected String convertAlgURIToTransformation(String algorithmURI) {
337: return JCEMapper.translateURItoJCEID(algorithmURI);
338: }
339: }
|