1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.opensaml.xml.encryption;
18
19 import java.util.ArrayList;
20 import java.util.List;
21
22 import org.opensaml.xml.XMLObject;
23 import org.opensaml.xml.signature.RetrievalMethod;
24 import org.opensaml.xml.util.DatatypeHelper;
25 import org.slf4j.Logger;
26 import org.slf4j.LoggerFactory;
27
28
29
30
31
32
33
34
35
36
37
38 public class SimpleRetrievalMethodEncryptedKeyResolver extends AbstractEncryptedKeyResolver {
39
40
41 private final Logger log = LoggerFactory.getLogger(SimpleRetrievalMethodEncryptedKeyResolver.class);
42
43
44 public Iterable<EncryptedKey> resolve(EncryptedData encryptedData) {
45 List<EncryptedKey> resolvedEncKeys = new ArrayList<EncryptedKey>();
46
47 if (encryptedData.getKeyInfo() == null) {
48 return resolvedEncKeys;
49 }
50
51 for (RetrievalMethod rm : encryptedData.getKeyInfo().getRetrievalMethods()) {
52 if (!DatatypeHelper.safeEquals(rm.getType(), EncryptionConstants.TYPE_ENCRYPTED_KEY)) {
53 continue;
54 }
55 if (rm.getTransforms() != null) {
56 log.warn("EncryptedKey RetrievalMethod has transforms, can not process");
57 continue;
58 }
59
60 EncryptedKey encKey = dereferenceURI(rm);
61 if (encKey == null) {
62 continue;
63 }
64
65 if (matchRecipient(encKey.getRecipient())) {
66 resolvedEncKeys.add(encKey);
67 }
68 }
69
70 return resolvedEncKeys;
71 }
72
73
74
75
76
77
78
79 protected EncryptedKey dereferenceURI(RetrievalMethod rm) {
80 String uri = rm.getURI();
81 if (DatatypeHelper.isEmpty(uri) || !uri.startsWith("#")) {
82 log.warn("EncryptedKey RetrievalMethod did not contain a same-document URI reference, can not process");
83 return null;
84 }
85 XMLObject target = rm.resolveIDFromRoot(uri.substring(1));
86 if (target == null) {
87 log.warn("EncryptedKey RetrievalMethod URI could not be dereferenced");
88 return null;
89 }
90 if (!(target instanceof EncryptedKey)) {
91 log.warn("The product of dereferencing the EncryptedKey RetrievalMethod was not an EncryptedKey");
92 return null;
93 }
94 return (EncryptedKey) target;
95 }
96
97 }