All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.sun.wsit.security.SunKeyIdentifierSPI Maven / Gradle / Ivy

/*
 * Copyright (c) 1997, 2021 Oracle and/or its affiliates. All rights reserved.
 *
 * This program and the accompanying materials are made available under the
 * terms of the Eclipse Distribution License v. 1.0, which is available at
 * http://www.eclipse.org/org/documents/edl-v10.php.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */

package com.sun.wsit.security;

import java.math.BigInteger;
import java.security.cert.X509Certificate;
import java.util.Arrays;

/**
 * @author sk112103
 */
public class SunKeyIdentifierSPI extends com.sun.xml.wss.core.reference.KeyIdentifierSPI {

    /**
     * total header length
     */
    private static final byte HEADER_LENGTH = 4;

    /**
     * length of a header value
     */
    private static final byte HEADER_FIELD_LENGTH = 1;

    /**
     * position (0-based) of the header field that contains the expected length of the actual value in byte
     */
    private static final byte HEADER_FIELD_VALUE_LENGTH = 3;

    /**
     * Creates a new instance of SunKeyIdentifierSPI
     */
    public SunKeyIdentifierSPI() {
    }

    @Override
    public byte[] getSubjectKeyIdentifier(X509Certificate cert) throws KeyIdentifierSPIException {
        byte[] subjectKeyIdentifier = cert.getExtensionValue(SUBJECT_KEY_IDENTIFIER_OID);
        if (subjectKeyIdentifier == null) {
            return null;
        }

        try {
            if (subjectKeyIdentifier.length < HEADER_LENGTH) {
                throw new IllegalArgumentException("subjectKeyIdentifier too short, header is missing");
            }

            final int valueLength = (new BigInteger(
                    Arrays.copyOfRange(subjectKeyIdentifier, HEADER_FIELD_VALUE_LENGTH, HEADER_FIELD_VALUE_LENGTH + HEADER_FIELD_LENGTH)))
                    .intValue();
            final int expectedTotalLength = HEADER_LENGTH + valueLength;
            if (subjectKeyIdentifier.length < expectedTotalLength) {
                throw new IllegalArgumentException(String.format("subjectKeyIdentifier too short (expected=%d, actual=%d)", expectedTotalLength, subjectKeyIdentifier.length));
            } else if (subjectKeyIdentifier.length > expectedTotalLength) {
                throw new IllegalArgumentException(String.format("subjectKeyIdentifier too big (expected=%d, actual=%d)", expectedTotalLength, subjectKeyIdentifier.length));
            }
            return Arrays.copyOfRange(subjectKeyIdentifier, HEADER_LENGTH, HEADER_LENGTH + valueLength);

        } catch (Exception e) {
            //log exception
            throw new KeyIdentifierSPIException(e);
        }
    }
}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy