[prev in list] [next in list] [prev in thread] [next in thread]
List: axis-dev
Subject: cvs commit: xml-axis/java/prototype/TRL_Proposal/org/apache/axis/handlers Verifier.java SOAPSecurity
From: nakamury () apache ! org
Date: 2001-01-30 7:17:22
[Download RAW message or body]
nakamury 01/01/29 23:17:22
Added: java/prototype/TRL_Proposal/org/apache/axis/handlers
Verifier.java SOAPSecurityException.java
Signer.java Signature.java KeyStoreUtil.java
Log:
Digital signature and verification handlers
Revision Changes Path
1.1 \
xml-axis/java/prototype/TRL_Proposal/org/apache/axis/handlers/Verifier.java
Index: Verifier.java
===================================================================
/*
* The Apache Software License, Version 1.1
*
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Xerces" and "Apache Software Foundation" must
* not be used to endorse or promote products derived from this
* software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* nor may "Apache" appear in their name, without prior written
* permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation and was
* originally based on software copyright (c) 1999, International
* Business Machines, Inc., http://www.ibm.com. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
package org.apache.axis.handlers;
import java.security.cert.CertificateException ;
import java.security.spec.InvalidKeySpecException ;
import java.security.NoSuchAlgorithmException ;
import org.apache.axis.Handler;
import org.apache.axis.MessageContext;
import org.apache.axis.message.SOAPDocument;
public class Verifier implements Handler {
public Verifier() {}
public void init(){}
public void cleanup(){}
public void invoke(MessageContext context)
// throws SOAPFaultException
{
try {
if (!Signature.getInstance().verify((SOAPDocument)context.getMessage()))
throw new SOAPSecurityException("Invalid Signature") ;
// } catch (CertificateException e) {
// throw new SOAPSecurityException(e.getMessage()) ;
// } catch (NoSuchAlgorithmException e) {
// throw new SOAPSecurityException(e.getMessage()) ;
// } catch (InvalidKeySpecException e) {
// throw new SOAPSecurityException(e.getMessage()) ;
// }
} catch(Exception e) {
e.printStackTrace();
}
}
}
1.1 \
xml-axis/java/prototype/TRL_Proposal/org/apache/axis/handlers/SOAPSecurityException.java
Index: SOAPSecurityException.java
===================================================================
/*
* The Apache Software License, Version 1.1
*
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Xerces" and "Apache Software Foundation" must
* not be used to endorse or promote products derived from this
* software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* nor may "Apache" appear in their name, without prior written
* permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation and was
* originally based on software copyright (c) 1999, International
* Business Machines, Inc., http://www.ibm.com. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
package org.apache.axis.handlers;
import org.apache.axis.SOAPFaultException;
/**
* @author Ryo Neyama (neyama@jp.ibm.com)
* @version $Id: SOAPSecurityException.java,v 1.1 2001/01/30 07:17:22 nakamury Exp \
$
*/
final public class SOAPSecurityException
extends SOAPFaultException {
private static final String SOAP_SEC_SIGNATURE = "SOAP-SEC:Signature" ;
public SOAPSecurityException(String faultString) {
// super(SOAP_SEC_SIGNATURE, faultString) ;
super();
}
}
1.1 \
xml-axis/java/prototype/TRL_Proposal/org/apache/axis/handlers/Signer.java
Index: Signer.java
===================================================================
/*
* The Apache Software License, Version 1.1
*
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Xerces" and "Apache Software Foundation" must
* not be used to endorse or promote products derived from this
* software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* nor may "Apache" appear in their name, without prior written
* permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation and was
* originally based on software copyright (c) 1999, International
* Business Machines, Inc., http://www.ibm.com. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
package org.apache.axis.handlers;
import java.security.Key ;
import java.security.cert.Certificate ;
import org.w3c.dom.NodeList ;
import org.w3c.dom.Element ;
import org.apache.axis.Handler;
import org.apache.axis.MessageContext;
import org.apache.axis.util.Logger ;
import org.apache.axis.util.xml.DOMHandler ;
import org.apache.axis.message.SOAPDocument;
import org.apache.axis.message.SOAPHeaderEntry;
public class Signer implements Handler {
public static final String NS_URI_DSIG = "http://www.w3.org/2000/07/xmldsig#" ;
public static final String NS_URI_SIGREQ = \
"http://www.ibm.com/soap/security/Signer" ; public static final String \
ELEM_REFERENCE = "Reference" ; public static final String ELEM_SIGREQ = \
"SignatureRequest" ; public static final String ID_BODY = "body" ;
private final String actor ;
private final Key key ;
private final Certificate cert ;
private final String verifierURI ;
/**
* Creates a Signer which attaches a signature for all messages.
* The object of signature is <code><SOAP-ENV:Body></code>.
* @param key A private key for signature
* @param cert A certificate for signature
* @param verifierURI The verifier URI
*/
public Signer(Key key, Certificate cert, String verifierURI) {
this(key, cert, verifierURI, null);
}
/**
* Creates a Signer which attaches signatures for messages which have
* <code><SignatureRequest></code> header entry.
* The objects of signature should be specified in the entry.
* @param key A private key for signature
* @param cert A certificate for signature
* @param actor The actor URI for this instance
*/
public Signer(Key key, Certificate cert, String verifierURI, String actor) {
this.key = key ;
this.cert = cert ;
this.verifierURI = verifierURI ;
this.actor = actor ;
}
public void init(){}
public void cleanup(){}
public void invoke(MessageContext context)
// throws MustUnderstandException
{
SOAPDocument msg= context.getMessage() ;
try {
processRequests(msg) ;
} catch( Exception ex ) {
ex.printStackTrace();
}
}
private void processRequests(SOAPDocument doc)
// throws MustUnderstandException
throws Exception
{
if (actor != null) {
SOAPHeaderEntry[] entries = \
(SOAPHeaderEntry[])doc.getEnvelope().getHeader().getHeaderEntries(); for (int i = 0 \
; i < entries.length ; i++) if (isRequest(entries[i]))
processRequest(entries[i], doc) ;
} else {
String uri = "#" + ID_BODY;
Logger.normal("Attaching a signature to '" + uri + "'...", 4) ;
doc.getEnvelope().getBody().getDOMEntity().setAttribute(Signature.ATTR_ID, \
ID_BODY); try {
Signature.getInstance().sign(doc, uri, key, cert, verifierURI) ;
} catch (Exception e) {
// throw new MustUnderstandException(e.getMessage());
e.printStackTrace();
}
Logger.normal("Done.", 4) ;
}
}
private boolean isRequest(SOAPHeaderEntry entry) {
Element elem = entry.getDOMEntity();
return (NS_URI_SIGREQ.equals(elem.getNamespaceURI()) &&
ELEM_SIGREQ.equals(elem.getLocalName()) &&
actor.equals(entry.getActor())) ;
}
private void processRequest(SOAPHeaderEntry entry, SOAPDocument doc)
// throws MustUnderstandException
throws Exception
{
NodeList list = entry.getDOMEntity().getElementsByTagNameNS(NS_URI_DSIG, \
ELEM_REFERENCE) ; int length ;
if ((length = list.getLength()) == 0)
throw new Exception( "Signer.processRequest: 1");
// throw new MustUnderstandException("No 'Reference' found") ;
String uri ;
for (int i = 0 ; i < length ; i++) {
if ("".equals(uri = ((Element)list.item(i)).getAttribute("URI")))
// throw new MustUnderstandException("No 'URI' attribute found in \
'Reference'") ; throw new Exception( "Signer.processRequest: 2");
Logger.normal("Attaching a signature to '" + uri + "'...", 4) ;
try {
Signature.getInstance().sign(doc, uri, key, cert, verifierURI) ;
} catch (Exception e) {
// throw new MustUnderstandException(e.getMessage());
throw new Exception( "Signer.processRequest: 3");
}
doc.getEnvelope().getHeader().removeHeaderEntry(entry) ;
Logger.normal("Done.", 4) ;
}
}
}
1.1 \
xml-axis/java/prototype/TRL_Proposal/org/apache/axis/handlers/Signature.java
Index: Signature.java
===================================================================
/*
* The Apache Software License, Version 1.1
*
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Xerces" and "Apache Software Foundation" must
* not be used to endorse or promote products derived from this
* software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* nor may "Apache" appear in their name, without prior written
* permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation and was
* originally based on software copyright (c) 1999, International
* Business Machines, Inc., http://www.ibm.com. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
package org.apache.axis.handlers;
import java.io.IOException;
import java.security.Key;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.InvalidKeyException;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;
import com.ibm.xml.dsig.SignatureStructureException;
import com.ibm.xml.dsig.Validity;
import com.ibm.xml.dsig.Reference;
import com.ibm.xml.dsig.Canonicalizer;
import com.ibm.xml.dsig.DigestMethod;
import com.ibm.xml.dsig.IDResolver;
import com.ibm.xml.dsig.KeyInfoGeneratorX509;
import com.ibm.xml.dsig.SignatureGenerator;
import com.ibm.xml.dsig.SignatureMethod;
import com.ibm.xml.dsig.SignatureStructureException;
import com.ibm.xml.dsig.Transform;
import com.ibm.xml.dsig.TransformException;
import com.ibm.xml.dsig.XSignature;
import com.ibm.xml.dsig.TransformException;
import org.apache.axis.message.SOAPDocument;
import org.apache.axis.message.impl.SOAPDocumentImpl;
import org.apache.axis.SOAPException;
import org.apache.axis.util.Logger;
import org.apache.axis.util.xml.DOMConverter;
final public class Signature {
public static final String URI_SOAP_SEC =
"http://schemas.xmlsoap.org/soap/security/";
private static final String PROPERTY_ID = \
"com.ibm.trl.soapimpl.security.SignatureIDAttribute"; public static final String \
ATTR_ID_DEFAULT = "id"; public static final String ATTR_ID;
static {
String value;
if ((value = System.getProperties().getProperty(PROPERTY_ID)) != null)
ATTR_ID = value;
else
ATTR_ID = ATTR_ID_DEFAULT;
}
private class IDResolverImpl implements IDResolver {
public Element resolveID(Document doc, String id) {
if (doc == null)
return null;
return resolveID(new \
SOAPDocumentImpl(doc).getEnvelope().getBody().getDOMEntity(), id); }
private Element resolveID(Element element, String id) {
String value;
// this element is identified by the 'id'.
if (!"".equals(value = element.getAttribute(ATTR_ID)) &&
id.equals(value))
return element;
// searches in the child nodes
NodeList list = element.getChildNodes();
int length = list.getLength();
Node node;
Element elem;
for (int i = 0; i < length; i++)
if ((node = list.item(i)).getNodeType() == Node.ELEMENT_NODE &&
(elem = resolveID((Element)node, id)) != null)
return elem; // found
// not found in this subtree.
return null;
}
}
private IDResolver idResolver = new IDResolverImpl();
private Signature() { }
private static final Signature singleton = new Signature();
static public Signature getInstance() { return singleton; }
public void sign(SOAPDocument env, String uri,
Key key, Certificate cert,
String verifierURI)
throws IOException,
SOAPException,
TransformException,
SignatureException,
SignatureStructureException,
InvalidKeyException,
NoSuchAlgorithmException,
NoSuchProviderException,
SAXException
{
if (!(cert instanceof X509Certificate)) {
String name = cert == null ? null : cert.getClass().getName();
throw new SOAPException("The cert " + name +
" is not supported in " +
getClass().getName() + ".");
}
Element bodyElement = env.getEnvelope().getBody().getDOMEntity();
SignatureGenerator siggen = new SignatureGenerator(env.getDocument(), \
DigestMethod.SHA1, Canonicalizer.W3C, SignatureMethod.DSA, null);
siggen.setKeyInfoGenerator(new \
KeyInfoGeneratorX509((X509Certificate)cert));
Element headerElement = env.getEnvelope().getHeader().getDOMEntity();
Reference ref = siggen.createReference(uri);
ref.addTransform(Transform.W3CC14N);
siggen.addReference(ref);
Element sigElem = siggen.getSignatureElement();
XSignature.sign(sigElem, key, null, idResolver, null, null);
Element soapSecurity =
// (Element)com.ibm.trl.util.xml.DOMHandler.importNode(env.getDocument(), \
DOMConverter.toDOM("<SOAP-SEC:signature xmlns:SOAP-SEC=\"" + URI_SOAP_SEC + "\" \
xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" SOAP-ENV:actor=\"" + \
verifierURI + "\" SOAP-ENV:mustUnderstand=\"1\"/>").getDocumentElement()); \
(Element)env.getDocument().importNode(DOMConverter.toDOM("<SOAP-SEC:signature \
xmlns:SOAP-SEC=\"" + URI_SOAP_SEC + "\" \
xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" SOAP-ENV:actor=\"" + \
verifierURI + "\" SOAP-ENV:mustUnderstand=\"1\"/>").getDocumentElement(),true); \
soapSecurity.appendChild(sigElem);
env.getEnvelope().getHeader().addHeaderEntry(env.createHeaderEntry(soapSecurity));
}
public Element getSignatureElement(SOAPDocument env)
// throws MustUnderstandException
throws SOAPException
{
// NodeList list = \
com.ibm.trl.util.xml.DOMHandler.getElementsByTagNameNS(env.getEnvelope().getHeader().getDOMEntity(), \
URI_SOAP_SEC, "signature");
NodeList list = \
env.getEnvelope().getHeader().getDOMEntity().getElementsByTagNameNS( URI_SOAP_SEC, \
"signature"); int length;
if ((length = list.getLength()) == 0)
// throw new MustUnderstandException("No signature entry found.");
throw new SOAPException("No signature entry found.");
if (length > 1)
// throw new MustUnderstandException("More than one signature entries \
found.");
throw new SOAPException("More than one signature entries found.");
Element element;
if ((element = (Element)((Element)list.item(0)).getFirstChild()) == null)
// throw new MustUnderstandException("No signature element found.");
throw new SOAPException("No signature element found.");
return element;
}
public boolean verify(SOAPDocument env)
throws CertificateException,
NoSuchAlgorithmException,
InvalidKeySpecException,
// MustUnderstandException,
SOAPException
{
Validity validity = XSignature.verify(getSignatureElement(env), null, \
idResolver); Logger.normal("Core validity=" + validity.getCoreValidity(), 4);
Logger.normal("Signed info validity=" + validity.getSignedInfoValidity(), \
4);
Logger.normal("Signed info message=" + validity.getSignedInfoMessage(), 4);
int count = validity.getNumberOfReferences();
for (int i = 0; i < count; i++) {
Logger.normal("Ref["+i+"](validity=" + \
validity.getReferenceValidity(i)+", message=" + validity.getReferenceMessage(i)+", \
uri=" + validity.getReferenceURI(i)+", type=" + validity.getReferenceType(i)+")", 4); \
} return validity.getCoreValidity();
}
}
1.1 \
xml-axis/java/prototype/TRL_Proposal/org/apache/axis/handlers/KeyStoreUtil.java
Index: KeyStoreUtil.java
===================================================================
/*
* The Apache Software License, Version 1.1
*
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Xerces" and "Apache Software Foundation" must
* not be used to endorse or promote products derived from this
* software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* nor may "Apache" appear in their name, without prior written
* permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation and was
* originally based on software copyright (c) 1999, International
* Business Machines, Inc., http://www.ibm.com. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
package org.apache.axis.handlers;
import java.io.IOException;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import org.apache.axis.SOAPException;
public class KeyStoreUtil {
static KeyStore keyStore;
static {
try {
keyStore = KeyStore.getInstance("jks");
keyStore.load(new \
FileInputStream(System.getProperty("com.ibm.trl.soapimpl.security.KeyStorePath")), \
System.getProperty("com.ibm.trl.soapimpl.security.KeyStorePassword").toCharArray()); \
} catch (NoSuchAlgorithmException e) { e.printStackTrace();
keyStore = null;
} catch (CertificateException e) {
e.printStackTrace();
keyStore = null;
} catch (KeyStoreException e) {
e.printStackTrace();
keyStore = null;
} catch (FileNotFoundException e) {
e.printStackTrace();
keyStore = null;
} catch (IOException e) {
e.printStackTrace();
keyStore = null;
}
}
private KeyStoreUtil() {}
public static Certificate getCertificate(String alias)
throws KeyStoreException, SOAPException
{
if (keyStore == null)
throw new SOAPException("KeyStore is not initialized.");
Certificate cert;
if ((cert = keyStore.getCertificate(alias)) == null)
throw new SOAPException("No alias '" + alias + "' in key store");
return cert;
}
public static Key getKey(String alias, String password)
throws UnrecoverableKeyException,
NoSuchAlgorithmException,
KeyStoreException,
SOAPException
{
if (keyStore == null)
throw new SOAPException("KeyStore is not initialized.");
return keyStore.getKey(alias, password.toCharArray());
}
}
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic