View Javadoc

1   /*
2    * Copyright [2007] [University Corporation for Advanced Internet Development, Inc.]
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.opensaml.xml.security.credential.criteria;
18  
19  import java.security.Key;
20  
21  import org.opensaml.xml.security.SecurityHelper;
22  import org.opensaml.xml.security.credential.Credential;
23  import org.opensaml.xml.security.criteria.KeyLengthCriteria;
24  import org.slf4j.Logger;
25  import org.slf4j.LoggerFactory;
26  
27  /**
28   * Instance of evaluable credential criteria for evaluating the credential key length.
29   */
30  public class EvaluableKeyLengthCredentialCriteria implements EvaluableCredentialCriteria {
31  
32      /** Logger. */
33      private final Logger log = LoggerFactory.getLogger(EvaluableKeyLengthCredentialCriteria.class);
34  
35      /** Base criteria. */
36      private Integer keyLength;
37  
38      /**
39       * Constructor.
40       * 
41       * @param criteria the criteria which is the basis for evaluation
42       */
43      public EvaluableKeyLengthCredentialCriteria(KeyLengthCriteria criteria) {
44          if (criteria == null) {
45              throw new NullPointerException("Criteria instance may not be null");
46          }
47          keyLength = criteria.getKeyLength();
48      }
49  
50      /**
51       * Constructor.
52       * 
53       * @param newKeyLength the criteria value which is the basis for evaluation
54       */
55      public EvaluableKeyLengthCredentialCriteria(Integer newKeyLength) {
56          if (newKeyLength == null) {
57              throw new IllegalArgumentException("Key length may not be null");
58          }
59          keyLength = newKeyLength;
60      }
61  
62      /** {@inheritDoc} */
63      public Boolean evaluate(Credential target) {
64          if (target == null) {
65              log.error("Credential target was null");
66              return null;
67          }
68          Key key = getKey(target);
69          if (key == null) {
70              log.info("Could not evaluate criteria, credential contained no key");
71              return null;
72          }
73          Integer length = SecurityHelper.getKeyLength(key);
74          if (length == null) {
75              log.info("Could not evaluate criteria, can not determine length of key");
76              return null;
77          }
78  
79          Boolean result = keyLength.equals(length);
80          return result;
81      }
82  
83      /**
84       * Get the key contained within the credential.
85       * 
86       * @param credential the credential containing a key
87       * @return the key from the credential
88       */
89      private Key getKey(Credential credential) {
90          if (credential.getPublicKey() != null) {
91              return credential.getPublicKey();
92          } else if (credential.getSecretKey() != null) {
93              return credential.getSecretKey();
94          } else if (credential.getPrivateKey() != null) {
95              // There should have been a corresponding public key, but just in case...
96              return credential.getPrivateKey();
97          } else {
98              return null;
99          }
100 
101     }
102 
103 }