mirrors
/
poi
mirror of https://github.com/apache/poi.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 100 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3452 Commits
26 Branches
Tree: bef0cdf35c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'bef0cdf35c'
${ noResults }
poi/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/KeyInfoKeySelector.java

KeyInfoKeySelector.java 3.6KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899 
  1. 

  2. /* ====================================================================

  3.    Licensed to the Apache Software Foundation (ASF) under one or more

  4.    contributor license agreements.  See the NOTICE file distributed with

  5.    this work for additional information regarding copyright ownership.

  6.    The ASF licenses this file to You under the Apache License, Version 2.0

  7.    (the "License"); you may not use this file except in compliance with

  8.    the License.  You may obtain a copy of the License at

  9. 

  10.        http://www.apache.org/licenses/LICENSE-2.0

  11. 

  12.    Unless required by applicable law or agreed to in writing, software

  13.    distributed under the License is distributed on an "AS IS" BASIS,

  14.    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  15.    See the License for the specific language governing permissions and

  16.    limitations under the License.

  17. ==================================================================== */

  18. 

  19. /*

  20.  * Based on the eID Applet Project code.

  21.  * Original Copyright (C) 2008-2009 FedICT.

  22.  */

  23. 

  24. package org.apache.poi.ooxml.signature.service.signer;

  25. 

  26. import java.security.Key;

  27. import java.security.cert.X509Certificate;

  28. import java.util.List;

  29. 

  30. import javax.xml.crypto.AlgorithmMethod;

  31. import javax.xml.crypto.KeySelector;

  32. import javax.xml.crypto.KeySelectorException;

  33. import javax.xml.crypto.KeySelectorResult;

  34. import javax.xml.crypto.XMLCryptoContext;

  35. import javax.xml.crypto.XMLStructure;

  36. import javax.xml.crypto.dsig.keyinfo.KeyInfo;

  37. import javax.xml.crypto.dsig.keyinfo.X509Data;

  38. 

  39. import org.apache.commons.logging.Log;

  40. import org.apache.commons.logging.LogFactory;

  41. 

  42. /**

  43.  * JSR105 key selector implementation using the ds:KeyInfo data of the signature

  44.  * itself.

  45.  */

  46. public class KeyInfoKeySelector extends KeySelector implements KeySelectorResult {

  47. 

  48.     private static final Log LOG = LogFactory.getLog(KeyInfoKeySelector.class);

  49. 

  50.     private X509Certificate certificate;

  51. 

  52.     @Override

  53.     public KeySelectorResult select(KeyInfo keyInfo, Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException {

  54.         LOG.debug("select key");

  55.         if (null == keyInfo) {

  56.             throw new KeySelectorException("no ds:KeyInfo present");

  57.         }

  58.         List<XMLStructure> keyInfoContent = keyInfo.getContent();

  59.         this.certificate = null;

  60.         for (XMLStructure keyInfoStructure : keyInfoContent) {

  61.             if (false == (keyInfoStructure instanceof X509Data)) {

  62.                 continue;

  63.             }

  64.             X509Data x509Data = (X509Data) keyInfoStructure;

  65.             List<Object> x509DataList = x509Data.getContent();

  66.             for (Object x509DataObject : x509DataList) {

  67.                 if (false == (x509DataObject instanceof X509Certificate)) {

  68.                     continue;

  69.                 }

  70.                 X509Certificate certificate = (X509Certificate) x509DataObject;

  71.                 LOG.debug("certificate: " + certificate.getSubjectX500Principal());

  72.                 if (null == this.certificate) {

  73.                     /*

  74.                      * The first certificate is presumably the signer.

  75.                      */

  76.                     this.certificate = certificate;

  77.                 }

  78.             }

  79.             if (null != this.certificate) {

  80.                 return this;

  81.             }

  82.         }

  83.         throw new KeySelectorException("No key found!");

  84.     }

  85. 

  86.     public Key getKey() {

  87.         return this.certificate.getPublicKey();

  88.     }

  89. 

  90.     /**

  91.      * Gives back the X509 certificate used during the last signature

  92.      * verification operation.

  93.      * 

  94.      * @return

  95.      */

  96.     public X509Certificate getCertificate() {

  97.         return this.certificate;

  98.     }

  99. }