1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.wss4j.callback;
18
19 import java.io.IOException;
20 import java.security.GeneralSecurityException;
21 import java.security.Key;
22 import java.security.KeyStore;
23 import javax.crypto.SecretKey;
24 import javax.security.auth.callback.UnsupportedCallbackException;
25
26 import org.springframework.beans.factory.InitializingBean;
27 import org.springframework.ws.soap.security.support.KeyStoreUtils;
28
29 import org.apache.ws.security.WSPasswordCallback;
30
31
32
33
34
35
36
37
38
39
40 public class KeyStoreCallbackHandler extends AbstractWsPasswordCallbackHandler implements InitializingBean {
41
42 private String privateKeyPassword;
43
44 private char[] symmetricKeyPassword;
45
46 private KeyStore keyStore;
47
48
49 public void setKeyStore(KeyStore keyStore) {
50 this.keyStore = keyStore;
51 }
52
53
54
55
56
57 public void setPrivateKeyPassword(String privateKeyPassword) {
58 if (privateKeyPassword != null) {
59 this.privateKeyPassword = privateKeyPassword;
60 }
61 }
62
63
64
65
66
67
68
69 public void setSymmetricKeyPassword(String symmetricKeyPassword) {
70 if (symmetricKeyPassword != null) {
71 this.symmetricKeyPassword = symmetricKeyPassword.toCharArray();
72 }
73 }
74
75 public void afterPropertiesSet() throws Exception {
76 if (keyStore == null) {
77 loadDefaultKeyStore();
78 }
79 if (symmetricKeyPassword == null) {
80 symmetricKeyPassword = privateKeyPassword.toCharArray();
81 }
82 }
83
84 @Override
85 protected void handleDecrypt(WSPasswordCallback callback) throws IOException, UnsupportedCallbackException {
86 callback.setPassword(privateKeyPassword);
87 }
88
89
90 @Override
91 protected void handleSecretKey(WSPasswordCallback callback) throws IOException, UnsupportedCallbackException {
92 try {
93 String identifier = callback.getIdentifier();
94 Key key = keyStore.getKey(identifier, symmetricKeyPassword);
95 if (key instanceof SecretKey) {
96 callback.setKey(key.getEncoded());
97 }
98 else {
99 logger.error("Key [" + key + "] is not a javax.crypto.SecretKey");
100 }
101 }
102 catch (GeneralSecurityException ex) {
103 logger.error("Could not obtain symmetric key", ex);
104 }
105 }
106
107
108 protected void loadDefaultKeyStore() {
109 try {
110 keyStore = KeyStoreUtils.loadDefaultKeyStore();
111 if (logger.isDebugEnabled()) {
112 logger.debug("Loaded default key store");
113 }
114 }
115 catch (Exception ex) {
116 logger.warn("Could not open default key store", ex);
117 }
118 }
119
120 }