Google Git
Sign in
apache / servicemix-components / 76692b120fffba7df3496d50a1da87cce56b04ce / . / shared-libraries / servicemix-soap / src / main / java / org / apache / servicemix / soap / handlers / security / StandaloneCrypto.java
blob: 32d67f2d842b62b2f1d3e0afc5275a7e318089e2 [file] [log] [blame]
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.servicemix.soap.handlers.security;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.security.auth.callback.CallbackHandler;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.CredentialException;
import org.apache.ws.security.components.crypto.CryptoType;
import org.springframework.core.io.Resource;
public class StandaloneCrypto extends BaseCrypto {
private Resource keyStoreUrl;
private String keyStoreType;
private String keyStorePassword;
private KeyStore keyStore;
private String keyPassword;
/**
* @return the keyPassword
*/
public String getKeyPassword() {
return keyPassword;
}
/**
* @param keyPassword the keyPassword to set
*/
public void setKeyPassword(String keyPassword) {
this.keyPassword = keyPassword;
}
/**
* @return the keyStorePassword
*/
public String getKeyStorePassword() {
return keyStorePassword;
}
/**
* @param keyStorePassword the keyStorePassword to set
*/
public void setKeyStorePassword(String keyStorePassword) {
this.keyStorePassword = keyStorePassword;
}
/**
* @return the keyStoreType
*/
public String getKeyStoreType() {
return keyStoreType;
}
/**
* @param keyStoreType the keyStoreType to set
*/
public void setKeyStoreType(String keyStoreType) {
this.keyStoreType = keyStoreType;
}
/**
* @return the keyStoreUrl
*/
public Resource getKeyStoreUrl() {
return keyStoreUrl;
}
/**
* @param keyStoreUrl the keyStoreUrl to set
*/
public void setKeyStoreUrl(Resource keyStoreUrl) {
this.keyStoreUrl = keyStoreUrl;
}
protected String[] getAliases() throws KeyStoreException {
List aliases = Collections.list(loadKeyStore().aliases());
return (String[]) aliases.toArray(new String[aliases.size()]);
}
protected Certificate getCertificate(String alias) throws KeyStoreException {
return loadKeyStore().getCertificate(alias);
}
protected String getCertificateAlias(Certificate cert) throws KeyStoreException {
return loadKeyStore().getCertificateAlias(cert);
}
protected Certificate[] getCertificateChain(String alias) throws KeyStoreException {
return loadKeyStore().getCertificateChain(alias);
}
public PrivateKey getPrivateKey(String alias, String password) throws WSSecurityException {
// The password given here is a dummy password
// See WSSecurityHandler.DefaultHandler#processSignature
password = keyPassword;
if (password == null) {
password = keyStorePassword;
}
if (alias == null) {
throw new WSSecurityException("alias is null");
}
KeyStore keystore = null;
try {
keystore = loadKeyStore();
} catch (Exception e) {
throw new WSSecurityException("Cannot load key store", e);
}
boolean b = false;
try {
b = keystore.isKeyEntry(alias);
} catch (KeyStoreException e) {
throw new WSSecurityException("Cannot find key for alias: " + alias, e);
}
if (!b) {
throw new WSSecurityException("Cannot find key for alias: " + alias);
}
Key keyTmp = null;
try {
keyTmp = keystore.getKey(alias, (password == null || password.length() == 0) ? new char[0] : password.toCharArray());
} catch (Exception e) {
throw new WSSecurityException("Cannot get private key", e);
}
if (!(keyTmp instanceof PrivateKey)) {
throw new WSSecurityException("Key is not a private key, alias: " + alias);
}
return (PrivateKey) keyTmp;
}
protected String[] getTrustCertificates() throws KeyStoreException {
KeyStore keystore = loadKeyStore();
Set hashSet = new HashSet();
Enumeration aliases = keystore.aliases();
while (aliases.hasMoreElements()) {
String alias = (String) aliases.nextElement();
if (keystore.isCertificateEntry(alias)) {
hashSet.add(alias);
}
}
return (String[]) hashSet.toArray(new String[hashSet.size()]);
}
/**
* Loads the the keystore.
*
* @throws CredentialException
*/
public synchronized KeyStore loadKeyStore() throws KeyStoreException {
if (keyStore != null) {
return keyStore;
}
if (keyStoreUrl == null) {
throw new IllegalArgumentException("keyStoreUrl not specified in this StandaloneCrypto");
}
InputStream input = null;
try {
input = keyStoreUrl.getInputStream();
String provider = getProvider();
String type = keyStoreType != null ? keyStoreType : KeyStore.getDefaultType();
if (provider == null || provider.length() == 0) {
keyStore = KeyStore.getInstance(type);
} else {
keyStore = KeyStore.getInstance(type, provider);
}
keyStore.load(input, (keyStorePassword == null || keyStorePassword.length() == 0) ? new char[0] : keyStorePassword.toCharArray());
return keyStore;
} catch (IOException e) {
throw new KeyStoreException(e);
} catch (GeneralSecurityException e) {
throw new KeyStoreException(e);
} catch (Exception e) {
throw new KeyStoreException(e);
} finally {
if (input != null) {
try { input.close(); } catch (Exception ignore) {}
}
}
}
public String getCryptoProvider() {
// TODO Auto-generated method stub
return null;
}
public void setCryptoProvider(String provider) {
// TODO Auto-generated method stub
}
public String getDefaultX509Identifier() throws WSSecurityException {
// TODO Auto-generated method stub
return null;
}
public void setDefaultX509Identifier(String identifier) {
// TODO Auto-generated method stub
}
public void setCertificateFactory(String provider, CertificateFactory certFactory) {
// TODO Auto-generated method stub
}
public byte[] getBytesFromCertificates(X509Certificate[] certs) throws WSSecurityException {
// TODO Auto-generated method stub
return null;
}
public X509Certificate[] getCertificatesFromBytes(byte[] data) throws WSSecurityException {
// TODO Auto-generated method stub
return null;
}
public X509Certificate[] getX509Certificates(CryptoType cryptoType) throws WSSecurityException {
// TODO Auto-generated method stub
return null;
}
public String getX509Identifier(X509Certificate cert) throws WSSecurityException {
// TODO Auto-generated method stub
return null;
}
public PrivateKey getPrivateKey(X509Certificate certificate, CallbackHandler callbackHandler)
throws WSSecurityException {
// TODO Auto-generated method stub
return null;
}
public boolean verifyTrust(X509Certificate[] certs) throws WSSecurityException {
// TODO Auto-generated method stub
return false;
}
public boolean verifyTrust(PublicKey publicKey) throws WSSecurityException {
// TODO Auto-generated method stub
return false;
}
}