IsX509CertificateSubject xref

View Javadoc

1   /*****************************************************************
2    * Licensed to the Apache Software Foundation (ASF) under one   *
3    * or more contributor license agreements.  See the NOTICE file *
4    * distributed with this work for additional information        *
5    * regarding copyright ownership.  The ASF licenses this file   *
6    * to you under the Apache License, Version 2.0 (the            *
7    * "License"); you may not use this file except in compliance   *
8    * with the License.  You may obtain a copy of the License at   *
9    *                                                              *
10   *   http://www.apache.org/licenses/LICENSE-2.0                 *
11   *                                                              *
12   * Unless required by applicable law or agreed to in writing,   *
13   * software distributed under the License is distributed on an  *
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY       *
15   * KIND, either express or implied.  See the License for the    *
16   * specific language governing permissions and limitations      *
17   * under the License.                                           *
18   ****************************************************************/
19  
20  package org.apache.james.transport.matchers.smime;
21  
22  import java.security.Principal;
23  import java.security.cert.X509Certificate;
24  import java.util.Collection;
25  import java.util.Collections;
26  import java.util.Iterator;
27  import java.util.List;
28  
29  import javax.mail.MessagingException;
30  
31  import org.apache.mailet.GenericMatcher;
32  import org.apache.mailet.Mail;
33  
34  /***
35   * <p>
36   * Checks if the subject of a X509Certificate contains the supplied string. The
37   * certificate is read from the specified mail attribute.
38   * </p><p>
39   * If the specified attribute contains more than one certificate the matcher matches if at
40   * least one of the certificates contains the given string.
41   * </p>
42   * <p>
43   * Configuration string:
44   * <ul>
45   * <li>mailAttribute;string</li>
46   * </ul>
47   * 
48   */
49  public class IsX509CertificateSubject extends GenericMatcher {
50      protected String sourceAttribute;
51      protected String check;
52      
53      public void init() throws MessagingException {
54          String condition = getCondition();
55          if(condition == null || condition.indexOf(";") == -1) 
56              throw new MessagingException("Invalid matcher configuration: "+condition);
57          
58          int pos = condition.indexOf(";");
59          sourceAttribute = condition.substring(0,pos).trim();
60          check = condition.substring(pos+1, condition.length());
61      }
62      
63      public Collection match(Mail mail) throws MessagingException {
64          List certificates;
65          
66          Object obj = mail.getAttribute(sourceAttribute);
67          if (obj != null) {
68              if (obj instanceof X509Certificate) {
69                  certificates = Collections.singletonList(obj);
70              } else {
71                  certificates = (List) obj;
72              }
73  
74              boolean valid = false;
75  
76              for (Iterator iter = certificates.iterator(); iter.hasNext();) {
77                  X509Certificate cert = (X509Certificate) iter.next();
78  
79                  // Here I should use the method getSubjectX500Principal, but
80                  // that would break the compatibility with jdk13.
81                  Principal prin = cert.getSubjectDN();
82                  // TODO: Maybe here a more strong check should be done ...
83                  if ((prin.toString().indexOf(check)) > 0) {
84                      valid = true;
85                  }
86              }
87  
88              if (valid) {
89                  return mail.getRecipients();
90              } else {
91                  return null;
92              }
93          } else {
94              return null;
95          }
96      }
97  
98  }
99