Java tutorial
/* * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/KeyMaterial.java $ * $Revision: 138 $ * $Date: 2008-03-03 23:50:07 -0800 (Mon, 03 Mar 2008) $ * * ==================================================================== * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see * <http://www.apache.org/>. * */ package org.apache.commons.ssl; import org.apache.kerby.util.Util; import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.net.URL; import java.security.GeneralSecurityException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.cert.Certificate; import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; import java.util.Collections; import java.util.Enumeration; import java.util.Iterator; import java.util.LinkedList; import java.util.List; /** * @author Credit Union Central of British Columbia * @author <a href="http://www.cucbc.com/">www.cucbc.com</a> * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a> * @since 27-Feb-2006 */ public class KeyMaterial extends TrustMaterial { //private final Object keyManagerFactory; private final List aliases; private final List associatedChains; public KeyMaterial(InputStream jks, char[] password) throws GeneralSecurityException, IOException { this(Util.streamToBytes(jks), password); } public KeyMaterial(InputStream jks, char[] jksPass, char[] keyPass) throws GeneralSecurityException, IOException { this(Util.streamToBytes(jks), jksPass, keyPass); } public KeyMaterial(InputStream jks, InputStream key, char[] password) throws GeneralSecurityException, IOException { this(jks != null ? Util.streamToBytes(jks) : null, key != null ? Util.streamToBytes(key) : null, password); } public KeyMaterial(InputStream jks, InputStream key, char[] jksPass, char[] keyPass) throws GeneralSecurityException, IOException { this(jks != null ? Util.streamToBytes(jks) : null, key != null ? Util.streamToBytes(key) : null, jksPass, keyPass); } public KeyMaterial(String pathToJksFile, char[] password) throws GeneralSecurityException, IOException { this(new File(pathToJksFile), password); } public KeyMaterial(String pathToJksFile, char[] jksPass, char[] keyPass) throws GeneralSecurityException, IOException { this(new File(pathToJksFile), jksPass, keyPass); } public KeyMaterial(String pathToCerts, String pathToKey, char[] password) throws GeneralSecurityException, IOException { this(pathToCerts != null ? new File(pathToCerts) : null, pathToKey != null ? new File(pathToKey) : null, password); } public KeyMaterial(String pathToCerts, String pathToKey, char[] jksPass, char[] keyPass) throws GeneralSecurityException, IOException { this(pathToCerts != null ? new File(pathToCerts) : null, pathToKey != null ? new File(pathToKey) : null, jksPass, keyPass); } public KeyMaterial(File jksFile, char[] password) throws GeneralSecurityException, IOException { this(new FileInputStream(jksFile), password); } public KeyMaterial(File jksFile, char[] jksPass, char[] keyPass) throws GeneralSecurityException, IOException { this(new FileInputStream(jksFile), jksPass, keyPass); } public KeyMaterial(File certsFile, File keyFile, char[] password) throws GeneralSecurityException, IOException { this(certsFile != null ? new FileInputStream(certsFile) : null, keyFile != null ? new FileInputStream(keyFile) : null, password); } public KeyMaterial(File certsFile, File keyFile, char[] jksPass, char[] keyPass) throws GeneralSecurityException, IOException { this(certsFile != null ? new FileInputStream(certsFile) : null, keyFile != null ? new FileInputStream(keyFile) : null, jksPass, keyPass); } public KeyMaterial(URL urlToJKS, char[] password) throws GeneralSecurityException, IOException { this(urlToJKS.openStream(), password); } public KeyMaterial(URL urlToJKS, char[] jksPass, char[] keyPass) throws GeneralSecurityException, IOException { this(urlToJKS.openStream(), jksPass, keyPass); } public KeyMaterial(URL urlToCerts, URL urlToKey, char[] password) throws GeneralSecurityException, IOException { this(urlToCerts.openStream(), urlToKey.openStream(), password); } public KeyMaterial(URL urlToCerts, URL urlToKey, char[] jksPass, char[] keyPass) throws GeneralSecurityException, IOException { this(urlToCerts.openStream(), urlToKey.openStream(), jksPass, keyPass); } public KeyMaterial(byte[] jks, char[] password) throws GeneralSecurityException, IOException { this(jks, (byte[]) null, password); } public KeyMaterial(byte[] jks, char[] jksPass, char[] keyPass) throws GeneralSecurityException, IOException { this(jks, null, jksPass, keyPass); } public KeyMaterial(byte[] jksOrCerts, byte[] key, char[] password) throws GeneralSecurityException, IOException { this(jksOrCerts, key, password, password); } public KeyMaterial(byte[] jksOrCerts, byte[] key, char[] jksPass, char[] keyPass) throws GeneralSecurityException, IOException { // We're not a simple trust type, so set "simpleTrustType" value to 0. // Only TRUST_ALL and TRUST_THIS_JVM are simple trust types. super(KeyStoreBuilder.build(jksOrCerts, key, jksPass, keyPass), 0); KeyStore ks = getKeyStore(); Enumeration en = ks.aliases(); List myAliases = new LinkedList(); List myChains = new LinkedList(); while (en.hasMoreElements()) { X509Certificate[] c; // chain String alias = (String) en.nextElement(); if (ks.isKeyEntry(alias)) { try { ks.getKey(alias, keyPass); // No Exception thrown, so we're good! myAliases.add(alias); Certificate[] chain = ks.getCertificateChain(alias); if (chain != null) { c = Certificates.x509ifyChain(chain); // Cleanup chain to remove any spurious entries. if (c != null) { X509Certificate l = c[0]; // The leaf node. c = X509CertificateChainBuilder.buildPath(l, c); } myChains.add(c); } else { throw new KeyStoreException("Could not find KeyMaterial's" + " associated certificate chain with alis=[" + alias + "]"); } } catch (GeneralSecurityException gse) { // oh well, we can't use that KeyStore alias. System.err.println(gse); } } } if (myAliases.isEmpty()) { throw new KeyStoreException("KeyMaterial provided does not contain any keys!"); } this.aliases = Collections.unmodifiableList(myAliases); this.associatedChains = Collections.unmodifiableList(myChains); //this.keyManagerFactory = JavaImpl.newKeyManagerFactory(ks, keyPass); } public List getAssociatedCertificateChains() { return associatedChains; } public List getAliases() { return aliases; } public static void main(String[] args) throws Exception { if (args.length < 2) { System.out.println("Usage1:" + " java org.apache.commons.ssl.KeyMaterial [password] [pkcs12 or jks]"); System.out.println( "Usage2:" + " java org.apache.commons.ssl.KeyMaterial [password] [private-key] [cert-chain]"); System.exit(1); } char[] jksPass = args[0].toCharArray(); char[] keyPass = jksPass; String path1 = args[1]; String path2 = null; if (args.length >= 3) { path2 = args[2]; } if (args.length >= 4) { keyPass = args[3].toCharArray(); } else if (path2 != null) { File f = new File(path2); if (!f.exists()) { // Hmmm... maybe it's a password. keyPass = path2.toCharArray(); path2 = null; } } KeyMaterial km = new KeyMaterial(path1, path2, jksPass, keyPass); System.out.println(km); } public String toString() { List chains = getAssociatedCertificateChains(); List aliases = getAliases(); Iterator it = chains.iterator(); Iterator aliasesIt = aliases.iterator(); StringBuffer buf = new StringBuffer(8192); while (it.hasNext()) { X509Certificate[] certs = (X509Certificate[]) it.next(); String alias = (String) aliasesIt.next(); buf.append("Alias: "); buf.append(alias); buf.append('\n'); if (certs != null) { for (int i = 0; i < certs.length; i++) { buf.append(Certificates.toString(certs[i])); try { buf.append(Certificates.toPEMString(certs[i])); } catch (CertificateEncodingException cee) { buf.append(cee.toString()); buf.append('\n'); } } } } return buf.toString(); } }