org.wso2.wsas.security
Class ServerCrypto

java.lang.Object
  extended by org.wso2.wsas.security.ServerCrypto
All Implemented Interfaces:
org.apache.ws.security.components.crypto.Crypto

public class ServerCrypto
extends java.lang.Object
implements org.apache.ws.security.components.crypto.Crypto

ServerCrypto implementation to support a collection of keystores holding different trusted certs and CA certs


Field Summary
static java.lang.String PROP_ID_CERT_PROVIDER
           
static java.lang.String PROP_ID_DEFAULT_ALIAS
           
static java.lang.String PROP_ID_KEY_STORE
           
static java.lang.String PROP_ID_TRUST_STORES
           
static java.lang.String PROP_ID_XKMS_SERVICE_PASS_PHRASE
           
static java.lang.String PROP_ID_XKMS_SERVICE_URL
           
 
Constructor Summary
ServerCrypto(java.util.Properties prop)
           
ServerCrypto(java.util.Properties prop, java.lang.ClassLoader loader)
           
 
Method Summary
 java.lang.String[] getAliasesForDN(java.lang.String subjectDN)
           
 java.lang.String getAliasForX509Cert(byte[] skiBytes)
           
 java.lang.String getAliasForX509Cert(java.security.cert.Certificate cert)
           
 java.lang.String getAliasForX509Cert(java.lang.String issuer)
           
 java.lang.String getAliasForX509Cert(java.lang.String issuer, java.math.BigInteger serialNumber)
           
 java.lang.String getAliasForX509CertThumb(byte[] thumb)
           
 byte[] getCertificateData(boolean reverse, java.security.cert.X509Certificate[] certs)
           
 java.security.cert.CertificateFactory getCertificateFactory()
           
 java.security.cert.X509Certificate[] getCertificates(java.lang.String alias)
          This first looks into the primary keystore and then looks at the other trust stores
 java.lang.String getDefaultX509Alias()
           
 java.security.KeyStore getKeyStore()
           
 java.security.PrivateKey getPrivateKey(java.lang.String alias, java.lang.String password)
           
 byte[] getSKIBytesFromCert(java.security.cert.X509Certificate cert)
           
 java.security.cert.X509Certificate[] getX509Certificates(byte[] data, boolean reverse)
           
 java.security.cert.X509Certificate loadCertificate(java.io.InputStream in)
           
 boolean validateCertPath(java.security.cert.X509Certificate[] certs)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

PROP_ID_KEY_STORE

public static final java.lang.String PROP_ID_KEY_STORE
See Also:
Constant Field Values

PROP_ID_TRUST_STORES

public static final java.lang.String PROP_ID_TRUST_STORES
See Also:
Constant Field Values

PROP_ID_CERT_PROVIDER

public static final java.lang.String PROP_ID_CERT_PROVIDER
See Also:
Constant Field Values

PROP_ID_DEFAULT_ALIAS

public static final java.lang.String PROP_ID_DEFAULT_ALIAS
See Also:
Constant Field Values

PROP_ID_XKMS_SERVICE_URL

public static final java.lang.String PROP_ID_XKMS_SERVICE_URL
See Also:
Constant Field Values

PROP_ID_XKMS_SERVICE_PASS_PHRASE

public static final java.lang.String PROP_ID_XKMS_SERVICE_PASS_PHRASE
See Also:
Constant Field Values
Constructor Detail

ServerCrypto

public ServerCrypto(java.util.Properties prop)
             throws org.apache.ws.security.components.crypto.CredentialException,
                    java.io.IOException
Throws:
org.apache.ws.security.components.crypto.CredentialException
java.io.IOException

ServerCrypto

public ServerCrypto(java.util.Properties prop,
                    java.lang.ClassLoader loader)
             throws org.apache.ws.security.components.crypto.CredentialException,
                    java.io.IOException
Throws:
org.apache.ws.security.components.crypto.CredentialException
java.io.IOException
Method Detail

loadCertificate

public java.security.cert.X509Certificate loadCertificate(java.io.InputStream in)
                                                   throws org.apache.ws.security.WSSecurityException
Specified by:
loadCertificate in interface org.apache.ws.security.components.crypto.Crypto
Throws:
org.apache.ws.security.WSSecurityException
See Also:
Crypto.loadCertificate(java.io.InputStream)

getX509Certificates

public java.security.cert.X509Certificate[] getX509Certificates(byte[] data,
                                                                boolean reverse)
                                                         throws org.apache.ws.security.WSSecurityException
Specified by:
getX509Certificates in interface org.apache.ws.security.components.crypto.Crypto
Throws:
org.apache.ws.security.WSSecurityException
See Also:
Crypto.getX509Certificates(byte[],boolean)

getCertificateData

public byte[] getCertificateData(boolean reverse,
                                 java.security.cert.X509Certificate[] certs)
                          throws org.apache.ws.security.WSSecurityException
Specified by:
getCertificateData in interface org.apache.ws.security.components.crypto.Crypto
Throws:
org.apache.ws.security.WSSecurityException
See Also:
Crypto.getCertificateData(boolean, java.security.cert.X509Certificate[])

getPrivateKey

public java.security.PrivateKey getPrivateKey(java.lang.String alias,
                                              java.lang.String password)
                                       throws java.lang.Exception
Specified by:
getPrivateKey in interface org.apache.ws.security.components.crypto.Crypto
Throws:
java.lang.Exception
See Also:
Crypto.getPrivateKey(java.lang.String, java.lang.String)

getCertificates

public java.security.cert.X509Certificate[] getCertificates(java.lang.String alias)
                                                     throws org.apache.ws.security.WSSecurityException
This first looks into the primary keystore and then looks at the other trust stores

Specified by:
getCertificates in interface org.apache.ws.security.components.crypto.Crypto
Throws:
org.apache.ws.security.WSSecurityException
See Also:
Crypto.getCertificates(String)

getAliasForX509Cert

public java.lang.String getAliasForX509Cert(java.security.cert.Certificate cert)
                                     throws org.apache.ws.security.WSSecurityException
Specified by:
getAliasForX509Cert in interface org.apache.ws.security.components.crypto.Crypto
Throws:
org.apache.ws.security.WSSecurityException
See Also:
Crypto.getAliasForX509Cert(java.security.cert.Certificate)

getAliasForX509Cert

public java.lang.String getAliasForX509Cert(java.lang.String issuer)
                                     throws org.apache.ws.security.WSSecurityException
Specified by:
getAliasForX509Cert in interface org.apache.ws.security.components.crypto.Crypto
Throws:
org.apache.ws.security.WSSecurityException
See Also:
Crypto.getAliasForX509Cert(java.lang.String)

getAliasForX509Cert

public java.lang.String getAliasForX509Cert(java.lang.String issuer,
                                            java.math.BigInteger serialNumber)
                                     throws org.apache.ws.security.WSSecurityException
Specified by:
getAliasForX509Cert in interface org.apache.ws.security.components.crypto.Crypto
Throws:
org.apache.ws.security.WSSecurityException
See Also:
Crypto.getAliasForX509Cert(java.lang.String, java.math.BigInteger)

getAliasForX509Cert

public java.lang.String getAliasForX509Cert(byte[] skiBytes)
                                     throws org.apache.ws.security.WSSecurityException
Specified by:
getAliasForX509Cert in interface org.apache.ws.security.components.crypto.Crypto
Throws:
org.apache.ws.security.WSSecurityException
See Also:
Crypto.getAliasForX509Cert(byte[])

getDefaultX509Alias

public java.lang.String getDefaultX509Alias()
Specified by:
getDefaultX509Alias in interface org.apache.ws.security.components.crypto.Crypto
See Also:
Crypto.getDefaultX509Alias()

getSKIBytesFromCert

public byte[] getSKIBytesFromCert(java.security.cert.X509Certificate cert)
                           throws org.apache.ws.security.WSSecurityException
Specified by:
getSKIBytesFromCert in interface org.apache.ws.security.components.crypto.Crypto
Throws:
org.apache.ws.security.WSSecurityException
See Also:
Crypto.getSKIBytesFromCert(java.security.cert.X509Certificate)

getAliasForX509CertThumb

public java.lang.String getAliasForX509CertThumb(byte[] thumb)
                                          throws org.apache.ws.security.WSSecurityException
Specified by:
getAliasForX509CertThumb in interface org.apache.ws.security.components.crypto.Crypto
Throws:
org.apache.ws.security.WSSecurityException
See Also:
Crypto.getAliasForX509CertThumb(byte[])

getKeyStore

public java.security.KeyStore getKeyStore()
Specified by:
getKeyStore in interface org.apache.ws.security.components.crypto.Crypto
See Also:
Crypto.getKeyStore()

getCertificateFactory

public java.security.cert.CertificateFactory getCertificateFactory()
                                                            throws org.apache.ws.security.WSSecurityException
Specified by:
getCertificateFactory in interface org.apache.ws.security.components.crypto.Crypto
Throws:
org.apache.ws.security.WSSecurityException
See Also:
Crypto.getCertificateFactory()

validateCertPath

public boolean validateCertPath(java.security.cert.X509Certificate[] certs)
                         throws org.apache.ws.security.WSSecurityException
Specified by:
validateCertPath in interface org.apache.ws.security.components.crypto.Crypto
Throws:
org.apache.ws.security.WSSecurityException
See Also:
Crypto.validateCertPath(java.security.cert.X509Certificate[])

getAliasesForDN

public java.lang.String[] getAliasesForDN(java.lang.String subjectDN)
                                   throws org.apache.ws.security.WSSecurityException
Specified by:
getAliasesForDN in interface org.apache.ws.security.components.crypto.Crypto
Throws:
org.apache.ws.security.WSSecurityException
See Also:
Crypto.getAliasesForDN(java.lang.String)