1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.wss4j.callback;
18
19 import java.io.IOException;
20 import java.security.GeneralSecurityException;
21 import java.security.Key;
22 import java.security.KeyStore;
23 import javax.crypto.SecretKey;
24 import javax.security.auth.callback.UnsupportedCallbackException;
25
26 import org.apache.ws.security.WSPasswordCallback;
27 import org.apache.ws.security.WSSecurityException;
28
29 import org.springframework.beans.factory.InitializingBean;
30 import org.springframework.ws.soap.security.support.KeyStoreUtils;
31
32
33
34
35
36
37
38
39
40
41 public class KeyStoreCallbackHandler extends AbstractWsPasswordCallbackHandler implements InitializingBean {
42
43 private String privateKeyPassword;
44
45 private char[] symmetricKeyPassword;
46
47 private KeyStore keyStore;
48
49
50 public void setKeyStore(KeyStore keyStore) {
51 this.keyStore = keyStore;
52 }
53
54
55
56
57
58 public void setPrivateKeyPassword(String privateKeyPassword) {
59 if (privateKeyPassword != null) {
60 this.privateKeyPassword = privateKeyPassword;
61 }
62 }
63
64
65
66
67
68
69
70 public void setSymmetricKeyPassword(String symmetricKeyPassword) {
71 if (symmetricKeyPassword != null) {
72 this.symmetricKeyPassword = symmetricKeyPassword.toCharArray();
73 }
74 }
75
76 public void afterPropertiesSet() throws Exception {
77 if (keyStore == null) {
78 loadDefaultKeyStore();
79 }
80 if (symmetricKeyPassword == null) {
81 symmetricKeyPassword = privateKeyPassword.toCharArray();
82 }
83 }
84
85 protected void handleDecrypt(WSPasswordCallback callback) throws IOException, UnsupportedCallbackException {
86 callback.setPassword(privateKeyPassword);
87 }
88
89 protected void handleKeyName(WSPasswordCallback callback) throws IOException, UnsupportedCallbackException {
90 try {
91 String identifier = callback.getIdentifier();
92 Key key = keyStore.getKey(identifier, symmetricKeyPassword);
93 if (key instanceof SecretKey) {
94 callback.setKey(key.getEncoded());
95 }
96 else {
97 throw new WSSecurityException("Key [" + key + "] is not a javax.crypto.SecretKey");
98 }
99 }
100 catch (GeneralSecurityException ex) {
101 throw new WSSecurityException("Could not obtain symmetric key", ex);
102 }
103 }
104
105
106 protected void loadDefaultKeyStore() {
107 try {
108 keyStore = KeyStoreUtils.loadDefaultKeyStore();
109 if (logger.isDebugEnabled()) {
110 logger.debug("Loaded default key store");
111 }
112 }
113 catch (Exception ex) {
114 logger.warn("Could not open default key store", ex);
115 }
116 }
117
118 }