J. Duke | 319a3b9 | 2007-12-01 00:00:00 +0000 | [diff] [blame^] | 1 | /* |
| 2 | * reserved comment block |
| 3 | * DO NOT REMOVE OR ALTER! |
| 4 | */ |
| 5 | |
| 6 | /* |
| 7 | * Copyright 1999-2004 The Apache Software Foundation. |
| 8 | * |
| 9 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 10 | * you may not use this file except in compliance with the License. |
| 11 | * You may obtain a copy of the License at |
| 12 | * |
| 13 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 14 | * |
| 15 | * Unless required by applicable law or agreed to in writing, software |
| 16 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 17 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 18 | * See the License for the specific language governing permissions and |
| 19 | * limitations under the License. |
| 20 | * |
| 21 | */ |
| 22 | package com.sun.org.apache.xml.internal.security.keys.storage.implementations; |
| 23 | |
| 24 | |
| 25 | |
| 26 | import java.io.File; |
| 27 | import java.io.FileInputStream; |
| 28 | import java.io.FileNotFoundException; |
| 29 | import java.io.IOException; |
| 30 | import java.security.cert.CertificateException; |
| 31 | import java.security.cert.CertificateExpiredException; |
| 32 | import java.security.cert.CertificateFactory; |
| 33 | import java.security.cert.CertificateNotYetValidException; |
| 34 | import java.security.cert.X509Certificate; |
| 35 | import java.util.ArrayList; |
| 36 | import java.util.Iterator; |
| 37 | import java.util.List; |
| 38 | |
| 39 | import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverException; |
| 40 | import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverSpi; |
| 41 | import com.sun.org.apache.xml.internal.security.utils.Base64; |
| 42 | |
| 43 | |
| 44 | /** |
| 45 | * This {@link StorageResolverSpi} makes all raw (binary) {@link X509Certificate}s |
| 46 | * which reside as files in a single directory available to the {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}. |
| 47 | * |
| 48 | * @author $Author: raul $ |
| 49 | */ |
| 50 | public class CertsInFilesystemDirectoryResolver extends StorageResolverSpi { |
| 51 | |
| 52 | /** {@link java.util.logging} logging facility */ |
| 53 | static java.util.logging.Logger log = |
| 54 | java.util.logging.Logger.getLogger( |
| 55 | CertsInFilesystemDirectoryResolver.class.getName()); |
| 56 | |
| 57 | /** Field _merlinsCertificatesDir */ |
| 58 | String _merlinsCertificatesDir = null; |
| 59 | |
| 60 | /** Field _certs */ |
| 61 | private List _certs = new ArrayList(); |
| 62 | |
| 63 | /** Field _iterator */ |
| 64 | Iterator _iterator = null; |
| 65 | |
| 66 | /** |
| 67 | * |
| 68 | * |
| 69 | * @param directoryName |
| 70 | * @throws StorageResolverException |
| 71 | */ |
| 72 | public CertsInFilesystemDirectoryResolver(String directoryName) |
| 73 | throws StorageResolverException { |
| 74 | |
| 75 | this._merlinsCertificatesDir = directoryName; |
| 76 | |
| 77 | this.readCertsFromHarddrive(); |
| 78 | |
| 79 | this._iterator = new FilesystemIterator(this._certs); |
| 80 | } |
| 81 | |
| 82 | /** |
| 83 | * Method readCertsFromHarddrive |
| 84 | * |
| 85 | * @throws StorageResolverException |
| 86 | */ |
| 87 | private void readCertsFromHarddrive() throws StorageResolverException { |
| 88 | |
| 89 | File certDir = new File(this._merlinsCertificatesDir); |
| 90 | ArrayList al = new ArrayList(); |
| 91 | String[] names = certDir.list(); |
| 92 | |
| 93 | for (int i = 0; i < names.length; i++) { |
| 94 | String currentFileName = names[i]; |
| 95 | |
| 96 | if (currentFileName.endsWith(".crt")) { |
| 97 | al.add(names[i]); |
| 98 | } |
| 99 | } |
| 100 | |
| 101 | CertificateFactory cf = null; |
| 102 | |
| 103 | try { |
| 104 | cf = CertificateFactory.getInstance("X.509"); |
| 105 | } catch (CertificateException ex) { |
| 106 | throw new StorageResolverException("empty", ex); |
| 107 | } |
| 108 | |
| 109 | if (cf == null) { |
| 110 | throw new StorageResolverException("empty"); |
| 111 | } |
| 112 | |
| 113 | for (int i = 0; i < al.size(); i++) { |
| 114 | String filename = certDir.getAbsolutePath() + File.separator |
| 115 | + (String) al.get(i); |
| 116 | File file = new File(filename); |
| 117 | boolean added = false; |
| 118 | String dn = null; |
| 119 | |
| 120 | try { |
| 121 | FileInputStream fis = new FileInputStream(file); |
| 122 | X509Certificate cert = |
| 123 | (X509Certificate) cf.generateCertificate(fis); |
| 124 | |
| 125 | fis.close(); |
| 126 | |
| 127 | //add to ArrayList |
| 128 | cert.checkValidity(); |
| 129 | this._certs.add(cert); |
| 130 | |
| 131 | dn = cert.getSubjectDN().getName(); |
| 132 | added = true; |
| 133 | } catch (FileNotFoundException ex) { |
| 134 | if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); |
| 135 | } catch (IOException ex) { |
| 136 | if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); |
| 137 | } catch (CertificateNotYetValidException ex) { |
| 138 | if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); |
| 139 | } catch (CertificateExpiredException ex) { |
| 140 | if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); |
| 141 | } catch (CertificateException ex) { |
| 142 | if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); |
| 143 | } |
| 144 | |
| 145 | if (added) { |
| 146 | if (true) |
| 147 | if (log.isLoggable(java.util.logging.Level.FINE)) log.log(java.util.logging.Level.FINE, "Added certificate: " + dn); |
| 148 | } |
| 149 | } |
| 150 | } |
| 151 | |
| 152 | /** @inheritDoc */ |
| 153 | public Iterator getIterator() { |
| 154 | return this._iterator; |
| 155 | } |
| 156 | |
| 157 | /** |
| 158 | * Class FilesystemIterator |
| 159 | * |
| 160 | * @author $Author: raul $ |
| 161 | */ |
| 162 | class FilesystemIterator implements Iterator { |
| 163 | |
| 164 | /** Field _certs */ |
| 165 | List _certs = null; |
| 166 | |
| 167 | /** Field _i */ |
| 168 | int _i; |
| 169 | |
| 170 | /** |
| 171 | * Constructor FilesystemIterator |
| 172 | * |
| 173 | * @param certs |
| 174 | */ |
| 175 | public FilesystemIterator(List certs) { |
| 176 | this._certs = certs; |
| 177 | this._i = 0; |
| 178 | } |
| 179 | |
| 180 | /** @inheritDoc */ |
| 181 | public boolean hasNext() { |
| 182 | return (this._i < this._certs.size()); |
| 183 | } |
| 184 | |
| 185 | /** @inheritDoc */ |
| 186 | public Object next() { |
| 187 | return this._certs.get(this._i++); |
| 188 | } |
| 189 | |
| 190 | /** |
| 191 | * Method remove |
| 192 | * |
| 193 | */ |
| 194 | public void remove() { |
| 195 | throw new UnsupportedOperationException( |
| 196 | "Can't remove keys from KeyStore"); |
| 197 | } |
| 198 | } |
| 199 | |
| 200 | /** |
| 201 | * Method main |
| 202 | * |
| 203 | * @param unused |
| 204 | * @throws Exception |
| 205 | */ |
| 206 | public static void main(String unused[]) throws Exception { |
| 207 | |
| 208 | CertsInFilesystemDirectoryResolver krs = |
| 209 | new CertsInFilesystemDirectoryResolver( |
| 210 | "data/ie/baltimore/merlin-examples/merlin-xmldsig-eighteen/certs"); |
| 211 | |
| 212 | for (Iterator i = krs.getIterator(); i.hasNext(); ) { |
| 213 | X509Certificate cert = (X509Certificate) i.next(); |
| 214 | byte[] ski = |
| 215 | com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SKI |
| 216 | .getSKIBytesFromCert(cert); |
| 217 | |
| 218 | System.out.println(); |
| 219 | System.out.println("Base64(SKI())= \"" |
| 220 | + Base64.encode(ski) + "\""); |
| 221 | System.out.println("cert.getSerialNumber()= \"" |
| 222 | + cert.getSerialNumber().toString() + "\""); |
| 223 | System.out.println("cert.getSubjectDN().getName()= \"" |
| 224 | + cert.getSubjectDN().getName() + "\""); |
| 225 | System.out.println("cert.getIssuerDN().getName()= \"" |
| 226 | + cert.getIssuerDN().getName() + "\""); |
| 227 | } |
| 228 | } |
| 229 | } |