/*
* Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* $Id: KeySelector.java,v 1.6 2005/05/10 15:47:42 mullan Exp $
*/
package javax.xml.crypto;
import java.security.Key;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.RetrievalMethod;
/**
* A selector that finds and returns a key using the data contained in a
* {@link KeyInfo} object. An example of an implementation of
* this class is one that searchs a {@link java.security.KeyStore} for
* trusted keys that match information contained in a <code>KeyInfo</code>.
*
* <p>Whether or not the returned key is trusted and the mechanisms
* used to determine that is implementation-specific.
*
* @author Sean Mullan
* @author JSR 105 Expert Group
* @since 1.6
*/
public abstract class KeySelector {
/**
* The purpose of the key that is to be selected.
*/
public static class Purpose {
private final String name;
private Purpose(String name) { this.name = name; }
/**
* Returns a string representation of this purpose ("sign",
* "verify", "encrypt", or "decrypt").
*
* @return a string representation of this purpose
*/
public String toString() { return name; }
/**
* A key for signing.
*/
public static final Purpose SIGN = new Purpose("sign");
/**
* A key for verifying.
*/
public static final Purpose VERIFY = new Purpose("verify");
/**
* A key for encrypting.
*/
public static final Purpose ENCRYPT = new Purpose("encrypt");
/**
* A key for decrypting.
*/
public static final Purpose DECRYPT = new Purpose("decrypt");
}
/**
* Default no-args constructor; intended for invocation by subclasses only.
*/
protected KeySelector() {}
/**
* Attempts to find a key that satisfies the specified constraints.
*
* @param keyInfo a <code>KeyInfo</code> (may be <code>null</code>)
* @param purpose the key's purpose ({@link Purpose#SIGN},
* {@link Purpose#VERIFY}, {@link Purpose#ENCRYPT}, or
* {@link Purpose#DECRYPT})
* @param method the algorithm method that this key is to be used for.
* Only keys that are compatible with the algorithm and meet the
* constraints of the specified algorithm should be returned.
* @param context an <code>XMLCryptoContext</code> that may contain
* useful information for finding an appropriate key. If this key
* selector supports resolving {@link RetrievalMethod} types, the
* context's <code>baseURI</code> and <code>dereferencer</code>
* parameters (if specified) should be used by the selector to
* resolve and dereference the URI.
* @return the result of the key selector
* @throws KeySelectorException if an exceptional condition occurs while
* attempting to find a key. Note that an inability to find a key is not
* considered an exception (<code>null</code> should be
* returned in that case). However, an error condition (ex: network
* communications failure) that prevented the <code>KeySelector</code>
* from finding a potential key should be considered an exception.
* @throws ClassCastException if the data type of <code>method</code>
* is not supported by this key selector
*/
public abstract KeySelectorResult select(KeyInfo keyInfo, Purpose purpose,
AlgorithmMethod method, XMLCryptoContext context)
throws KeySelectorException;
/**
* Returns a <code>KeySelector</code> that always selects the specified
* key, regardless of the <code>KeyInfo</code> passed to it.
*
* @param key the sole key to be stored in the key selector
* @return a key selector that always selects the specified key
* @throws NullPointerException if <code>key</code> is <code>null</code>
*/
public static KeySelector singletonKeySelector(Key key) {
return new SingletonKeySelector(key);
}
private static class SingletonKeySelector extends KeySelector {
private final Key key;
SingletonKeySelector(Key key) {
if (key == null) {
throw new NullPointerException();
}
this.key = key;
}
public KeySelectorResult select(KeyInfo keyInfo, Purpose purpose,
AlgorithmMethod method, XMLCryptoContext context)
throws KeySelectorException {
return new KeySelectorResult() {
public Key getKey() {
return key;
}
};
}
}
}