author | mullan |
Mon, 26 Sep 2011 17:20:45 -0700 | |
changeset 10694 | cf59e2badd14 |
parent 1337 | e8d6cef36199 |
child 18780 | f47b920867e7 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
2 |
* reserved comment block |
|
3 |
* DO NOT REMOVE OR ALTER! |
|
4 |
*/ |
|
5 |
/* |
|
6 |
* Copyright 1999-2004 The Apache Software Foundation. |
|
7 |
* |
|
8 |
* Licensed under the Apache License, Version 2.0 (the "License"); |
|
9 |
* you may not use this file except in compliance with the License. |
|
10 |
* You may obtain a copy of the License at |
|
11 |
* |
|
12 |
* http://www.apache.org/licenses/LICENSE-2.0 |
|
13 |
* |
|
14 |
* Unless required by applicable law or agreed to in writing, software |
|
15 |
* distributed under the License is distributed on an "AS IS" BASIS, |
|
16 |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
17 |
* See the License for the specific language governing permissions and |
|
18 |
* limitations under the License. |
|
19 |
* |
|
20 |
*/ |
|
21 |
package com.sun.org.apache.xml.internal.security.keys.storage.implementations; |
|
22 |
||
23 |
import java.io.File; |
|
24 |
import java.io.FileInputStream; |
|
25 |
import java.io.FileNotFoundException; |
|
26 |
import java.io.IOException; |
|
27 |
import java.security.cert.CertificateException; |
|
28 |
import java.security.cert.CertificateExpiredException; |
|
29 |
import java.security.cert.CertificateFactory; |
|
30 |
import java.security.cert.CertificateNotYetValidException; |
|
31 |
import java.security.cert.X509Certificate; |
|
32 |
import java.util.ArrayList; |
|
33 |
import java.util.Iterator; |
|
34 |
import java.util.List; |
|
35 |
||
36 |
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverException; |
|
37 |
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverSpi; |
|
38 |
import com.sun.org.apache.xml.internal.security.utils.Base64; |
|
39 |
||
40 |
/** |
|
41 |
* This {@link StorageResolverSpi} makes all raw (binary) {@link X509Certificate}s |
|
42 |
* which reside as files in a single directory available to the {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}. |
|
43 |
* |
|
1337 | 44 |
* @author $Author: mullan $ |
2 | 45 |
*/ |
46 |
public class CertsInFilesystemDirectoryResolver extends StorageResolverSpi { |
|
47 |
||
48 |
/** {@link java.util.logging} logging facility */ |
|
49 |
static java.util.logging.Logger log = |
|
50 |
java.util.logging.Logger.getLogger( |
|
51 |
CertsInFilesystemDirectoryResolver.class.getName()); |
|
52 |
||
53 |
/** Field _merlinsCertificatesDir */ |
|
54 |
String _merlinsCertificatesDir = null; |
|
55 |
||
56 |
/** Field _certs */ |
|
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
57 |
private List<X509Certificate> _certs = new ArrayList<X509Certificate>(); |
2 | 58 |
|
59 |
/** Field _iterator */ |
|
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
60 |
Iterator<X509Certificate> _iterator = null; |
2 | 61 |
|
62 |
/** |
|
63 |
* |
|
64 |
* |
|
65 |
* @param directoryName |
|
66 |
* @throws StorageResolverException |
|
67 |
*/ |
|
68 |
public CertsInFilesystemDirectoryResolver(String directoryName) |
|
69 |
throws StorageResolverException { |
|
70 |
||
71 |
this._merlinsCertificatesDir = directoryName; |
|
72 |
||
73 |
this.readCertsFromHarddrive(); |
|
74 |
||
75 |
this._iterator = new FilesystemIterator(this._certs); |
|
76 |
} |
|
77 |
||
78 |
/** |
|
79 |
* Method readCertsFromHarddrive |
|
80 |
* |
|
81 |
* @throws StorageResolverException |
|
82 |
*/ |
|
83 |
private void readCertsFromHarddrive() throws StorageResolverException { |
|
84 |
||
85 |
File certDir = new File(this._merlinsCertificatesDir); |
|
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
86 |
ArrayList<String> al = new ArrayList<String>(); |
2 | 87 |
String[] names = certDir.list(); |
88 |
||
89 |
for (int i = 0; i < names.length; i++) { |
|
90 |
String currentFileName = names[i]; |
|
91 |
||
92 |
if (currentFileName.endsWith(".crt")) { |
|
93 |
al.add(names[i]); |
|
94 |
} |
|
95 |
} |
|
96 |
||
97 |
CertificateFactory cf = null; |
|
98 |
||
99 |
try { |
|
100 |
cf = CertificateFactory.getInstance("X.509"); |
|
101 |
} catch (CertificateException ex) { |
|
102 |
throw new StorageResolverException("empty", ex); |
|
103 |
} |
|
104 |
||
105 |
if (cf == null) { |
|
106 |
throw new StorageResolverException("empty"); |
|
107 |
} |
|
108 |
||
109 |
for (int i = 0; i < al.size(); i++) { |
|
110 |
String filename = certDir.getAbsolutePath() + File.separator |
|
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
111 |
+ al.get(i); |
2 | 112 |
File file = new File(filename); |
113 |
boolean added = false; |
|
114 |
String dn = null; |
|
115 |
||
116 |
try { |
|
117 |
FileInputStream fis = new FileInputStream(file); |
|
118 |
X509Certificate cert = |
|
119 |
(X509Certificate) cf.generateCertificate(fis); |
|
120 |
||
121 |
fis.close(); |
|
122 |
||
123 |
//add to ArrayList |
|
124 |
cert.checkValidity(); |
|
125 |
this._certs.add(cert); |
|
126 |
||
127 |
dn = cert.getSubjectDN().getName(); |
|
128 |
added = true; |
|
129 |
} catch (FileNotFoundException ex) { |
|
1337 | 130 |
log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); |
2 | 131 |
} catch (IOException ex) { |
1337 | 132 |
log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); |
2 | 133 |
} catch (CertificateNotYetValidException ex) { |
1337 | 134 |
log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); |
2 | 135 |
} catch (CertificateExpiredException ex) { |
1337 | 136 |
log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); |
2 | 137 |
} catch (CertificateException ex) { |
1337 | 138 |
log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); |
2 | 139 |
} |
140 |
||
141 |
if (added) { |
|
1337 | 142 |
if (log.isLoggable(java.util.logging.Level.FINE)) |
143 |
log.log(java.util.logging.Level.FINE, "Added certificate: " + dn); |
|
2 | 144 |
} |
145 |
} |
|
146 |
} |
|
147 |
||
148 |
/** @inheritDoc */ |
|
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
149 |
public Iterator<X509Certificate> getIterator() { |
2 | 150 |
return this._iterator; |
151 |
} |
|
152 |
||
153 |
/** |
|
154 |
* Class FilesystemIterator |
|
155 |
* |
|
1337 | 156 |
* @author $Author: mullan $ |
157 |
* @version $Revision: 1.5 $ |
|
2 | 158 |
*/ |
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
159 |
private static class FilesystemIterator implements Iterator<X509Certificate> { |
2 | 160 |
|
161 |
/** Field _certs */ |
|
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
162 |
List<X509Certificate> _certs = null; |
2 | 163 |
|
164 |
/** Field _i */ |
|
165 |
int _i; |
|
166 |
||
167 |
/** |
|
168 |
* Constructor FilesystemIterator |
|
169 |
* |
|
170 |
* @param certs |
|
171 |
*/ |
|
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
172 |
public FilesystemIterator(List<X509Certificate> certs) { |
2 | 173 |
this._certs = certs; |
174 |
this._i = 0; |
|
175 |
} |
|
176 |
||
177 |
/** @inheritDoc */ |
|
178 |
public boolean hasNext() { |
|
179 |
return (this._i < this._certs.size()); |
|
180 |
} |
|
181 |
||
182 |
/** @inheritDoc */ |
|
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
183 |
public X509Certificate next() { |
2 | 184 |
return this._certs.get(this._i++); |
185 |
} |
|
186 |
||
187 |
/** |
|
188 |
* Method remove |
|
189 |
* |
|
190 |
*/ |
|
191 |
public void remove() { |
|
192 |
throw new UnsupportedOperationException( |
|
193 |
"Can't remove keys from KeyStore"); |
|
194 |
} |
|
195 |
} |
|
196 |
||
197 |
/** |
|
198 |
* Method main |
|
199 |
* |
|
200 |
* @param unused |
|
201 |
* @throws Exception |
|
202 |
*/ |
|
203 |
public static void main(String unused[]) throws Exception { |
|
204 |
||
205 |
CertsInFilesystemDirectoryResolver krs = |
|
206 |
new CertsInFilesystemDirectoryResolver( |
|
207 |
"data/ie/baltimore/merlin-examples/merlin-xmldsig-eighteen/certs"); |
|
208 |
||
10694
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
209 |
for (Iterator<X509Certificate> i = krs.getIterator(); i.hasNext(); ) { |
cf59e2badd14
7088502: Security libraries don't build with javac -Werror
mullan
parents:
1337
diff
changeset
|
210 |
X509Certificate cert = i.next(); |
2 | 211 |
byte[] ski = |
212 |
com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SKI |
|
213 |
.getSKIBytesFromCert(cert); |
|
214 |
||
215 |
System.out.println(); |
|
216 |
System.out.println("Base64(SKI())= \"" |
|
217 |
+ Base64.encode(ski) + "\""); |
|
218 |
System.out.println("cert.getSerialNumber()= \"" |
|
219 |
+ cert.getSerialNumber().toString() + "\""); |
|
220 |
System.out.println("cert.getSubjectDN().getName()= \"" |
|
221 |
+ cert.getSubjectDN().getName() + "\""); |
|
222 |
System.out.println("cert.getIssuerDN().getName()= \"" |
|
223 |
+ cert.getIssuerDN().getName() + "\""); |
|
224 |
} |
|
225 |
} |
|
226 |
} |