modules/securevault/src/main/java/org/apache/synapse/securevault/keystore/CACertsLoader.java - synapse - Git at Google

 package org.apache.synapse.securevault.keystore;


 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.synapse.securevault.ICACertsLoader;
 import org.apache.synapse.securevault.SecureVaultException;

 import java.io.BufferedInputStream;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;

 /**
  * Constructs a keyStore from CA certificates
  */
 public class CACertsLoader implements ICACertsLoader {

     private static Log log = LogFactory.getLog(CACertsLoader.class);

     /**
      * Constructs a keyStore from the path provided.
      *
      * @param CACertificateFilesPath - directory which contains Certificate Authority
      *                               Certificates in PEM encoding.
      */
     public KeyStore loadTrustStore(String CACertificateFilesPath) {

         try {
             if (log.isDebugEnabled()) {
                 log.debug("Creating KeyStore from given CA certificates" +
                         " in the given directory : " + CACertificateFilesPath);
             }

             KeyStore trustStore = KeyStore.getInstance("JKS");
             trustStore.load(null, null);

             File certsPath = new File(CACertificateFilesPath);

             File[] certs = certsPath.listFiles();

             for (File currentCert : certs) {
                 FileInputStream inStream = new FileInputStream(currentCert);
                 BufferedInputStream bis = new BufferedInputStream(inStream);

                 CertificateFactory certFactory = CertificateFactory.getInstance("X509");
                 Certificate cert = certFactory.generateCertificate(bis);

                 trustStore.setCertificateEntry(currentCert.getName(), cert);

                 bis.close();
                 inStream.close();
             }

             return trustStore;
         } catch (IOException e) {
             handleException("IOError when reading certificates from " +
                     "directory : " + CACertificateFilesPath, e);
         } catch (NoSuchAlgorithmException e) {
             handleException("Error creating a KeyStore", e);
         } catch (KeyStoreException e) {
             handleException("Error creating a KeyStore", e);
         } catch (CertificateException e) {
             handleException("Error creating a KeyStore", e);
         }
         return null;
     }

     private void handleException(String msg, Exception e) {
         log.error(msg, e);
         throw new SecureVaultException(msg, e);
     }
 }
	package org.apache.synapse.securevault.keystore;


	import org.apache.commons.logging.Log;
	import org.apache.commons.logging.LogFactory;
	import org.apache.synapse.securevault.ICACertsLoader;
	import org.apache.synapse.securevault.SecureVaultException;

	import java.io.BufferedInputStream;
	import java.io.File;
	import java.io.FileInputStream;
	import java.io.IOException;
	import java.security.KeyStore;
	import java.security.KeyStoreException;
	import java.security.NoSuchAlgorithmException;
	import java.security.cert.Certificate;
	import java.security.cert.CertificateException;
	import java.security.cert.CertificateFactory;

	/**
	* Constructs a keyStore from CA certificates
	*/
	public class CACertsLoader implements ICACertsLoader {

	private static Log log = LogFactory.getLog(CACertsLoader.class);

	/**
	* Constructs a keyStore from the path provided.
	*
	* @param CACertificateFilesPath - directory which contains Certificate Authority
	* Certificates in PEM encoding.
	*/
	public KeyStore loadTrustStore(String CACertificateFilesPath) {

	try {
	if (log.isDebugEnabled()) {
	log.debug("Creating KeyStore from given CA certificates" +
	" in the given directory : " + CACertificateFilesPath);
	}

	KeyStore trustStore = KeyStore.getInstance("JKS");
	trustStore.load(null, null);

	File certsPath = new File(CACertificateFilesPath);

	File[] certs = certsPath.listFiles();

	for (File currentCert : certs) {
	FileInputStream inStream = new FileInputStream(currentCert);
	BufferedInputStream bis = new BufferedInputStream(inStream);

	CertificateFactory certFactory = CertificateFactory.getInstance("X509");
	Certificate cert = certFactory.generateCertificate(bis);

	trustStore.setCertificateEntry(currentCert.getName(), cert);

	bis.close();
	inStream.close();
	}

	return trustStore;
	} catch (IOException e) {
	handleException("IOError when reading certificates from " +
	"directory : " + CACertificateFilesPath, e);
	} catch (NoSuchAlgorithmException e) {
	handleException("Error creating a KeyStore", e);
	} catch (KeyStoreException e) {
	handleException("Error creating a KeyStore", e);
	} catch (CertificateException e) {
	handleException("Error creating a KeyStore", e);
	}
	return null;
	}

	private void handleException(String msg, Exception e) {
	log.error(msg, e);
	throw new SecureVaultException(msg, e);
	}
	}