org.wso2.carbon.security.keystore.KeyStoreAdmin.java Source code

Java tutorial

Introduction

Here is the source code for org.wso2.carbon.security.keystore.KeyStoreAdmin.java

Source

/*
 * Copyright (c) 2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
 *
 * WSO2 Inc. licenses this file to you under the Apache License,
 * Version 2.0 (the "License"); you may not use this file except
 * in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */

package org.wso2.carbon.security.keystore;

import org.apache.axiom.om.util.Base64;
import org.apache.axis2.context.MessageContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.base.ServerConfiguration;
import org.wso2.carbon.core.RegistryResources;
import org.wso2.carbon.core.util.CryptoUtil;
import org.wso2.carbon.core.util.KeyStoreManager;
import org.wso2.carbon.core.util.KeyStoreUtil;
import org.wso2.carbon.registry.core.Association;
import org.wso2.carbon.registry.core.Collection;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.registry.core.Resource;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.security.SecurityConfigException;
import org.wso2.carbon.security.SecurityConstants;
import org.wso2.carbon.security.keystore.service.CertData;
import org.wso2.carbon.security.keystore.service.CertDataDetail;
import org.wso2.carbon.security.keystore.service.KeyStoreData;
import org.wso2.carbon.security.keystore.service.PaginatedCertData;
import org.wso2.carbon.security.keystore.service.PaginatedKeyStoreData;
import org.wso2.carbon.security.util.KeyStoreMgtUtil;
import org.wso2.carbon.utils.CarbonUtils;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.text.Format;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;

public class KeyStoreAdmin {

    private static Log log = LogFactory.getLog(KeyStoreAdmin.class);
    private Registry registry = null;
    private int tenantId;
    private boolean includeCert = false;

    public KeyStoreAdmin(int tenantId, Registry registry) {
        this.registry = registry;
        this.tenantId = tenantId;
    }

    public boolean isIncludeCert() {
        return includeCert;
    }

    public void setIncludeCert(boolean includeCert) {
        this.includeCert = includeCert;
    }

    /**
     * Method to retrive keystore data.
     *
     * @param isSuperTenant - Indication whether the querying super tennat data
     * @return
     * @throws SecurityConfigException
     */
    public KeyStoreData[] getKeyStores(boolean isSuperTenant) throws SecurityConfigException {
        CarbonUtils.checkSecurity();
        KeyStoreData[] names = new KeyStoreData[0];
        try {
            if (registry.resourceExists(SecurityConstants.KEY_STORES)) {
                Collection collection = (Collection) registry.get(SecurityConstants.KEY_STORES);
                String[] ks = collection.getChildren();
                List<KeyStoreData> lst = new ArrayList<>();
                for (int i = 0; i < ks.length; i++) {
                    String fullname = ks[i];

                    if (RegistryResources.SecurityManagement.PRIMARY_KEYSTORE_PHANTOM_RESOURCE.equals(fullname)) {
                        continue;
                    }

                    Resource store = registry.get(ks[i]);
                    int lastIndex = fullname.lastIndexOf("/");
                    String name = fullname.substring(lastIndex + 1);
                    String type = store.getProperty(SecurityConstants.PROP_TYPE);
                    String provider = store.getProperty(SecurityConstants.PROP_PROVIDER);

                    KeyStoreData data = new KeyStoreData();
                    data.setKeyStoreName(name);
                    data.setKeyStoreType(type);
                    data.setProvider(provider);

                    String alias = store.getProperty(SecurityConstants.PROP_PRIVATE_KEY_ALIAS);
                    if (alias != null) {
                        data.setPrivateStore(true);
                    } else {
                        data.setPrivateStore(false);
                    }

                    // Dump the generated public key to the file system for sub tenants 
                    if (!isSuperTenant) {
                        Association[] associations = registry.getAssociations(ks[i],
                                SecurityConstants.ASSOCIATION_TENANT_KS_PUB_KEY);
                        if (associations != null && associations.length > 0) {
                            Resource pubKeyResource = registry.get(associations[0].getDestinationPath());
                            String fileName = generatePubCertFileName(ks[i], pubKeyResource
                                    .getProperty(SecurityConstants.PROP_TENANT_PUB_KEY_FILE_NAME_APPENDER));
                            String pubKeyFilePath = KeyStoreMgtUtil.dumpCert(
                                    MessageContext.getCurrentMessageContext().getConfigurationContext(),
                                    (byte[]) pubKeyResource.getContent(), fileName);
                            data.setPubKeyFilePath(pubKeyFilePath);
                        }
                    }
                    lst.add(data);

                }
                names = new KeyStoreData[lst.size() + 1];
                Iterator<KeyStoreData> ite = lst.iterator();
                int count = 0;
                while (ite.hasNext()) {
                    names[count] = ite.next();
                    count++;
                }

                if (isSuperTenant) {
                    KeyStoreData data = new KeyStoreData();
                    ServerConfiguration config = ServerConfiguration.getInstance();
                    String fileName = config
                            .getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIMARY_KEYSTORE_FILE);
                    String type = config
                            .getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIMARY_KEYSTORE_TYPE);
                    String name = KeyStoreUtil.getKeyStoreFileName(fileName);
                    data.setKeyStoreName(name);
                    data.setKeyStoreType(type);
                    data.setProvider(" ");
                    data.setPrivateStore(true);

                    names[count] = data;
                }

            }
            return names;
        } catch (RegistryException e) {
            String msg = "Error when getting keyStore data";
            log.error(msg, e);
            throw new SecurityConfigException(msg, e);
        }
    }

    public void addKeyStoreWithFilePath(String filePath, String filename, String password, String provider,
            String type, String pvtkeyPass) throws SecurityConfigException {
        try {
            addKeyStore(readBytesFromFile(filePath), filename, password, provider, type, pvtkeyPass);
        } catch (IOException e) {
            throw new SecurityConfigException("Error while loading keystore from file " + filePath, e);
        }

    }

    public void addKeyStore(String fileData, String filename, String password, String provider, String type,
            String pvtkeyPass) throws SecurityConfigException {
        byte[] content = Base64.decode(fileData);
        addKeyStore(content, filename, password, provider, type, pvtkeyPass);
    }

    public void addKeyStore(byte[] content, String filename, String password, String provider, String type,
            String pvtkeyPass) throws SecurityConfigException {
        if (filename == null) {
            throw new SecurityConfigException("Key Store name can't be null");
        }
        try {
            if (KeyStoreUtil.isPrimaryStore(filename)) {
                throw new SecurityConfigException("Key store " + filename + " already available");
            }

            String path = SecurityConstants.KEY_STORES + "/" + filename;
            if (registry.resourceExists(path)) {
                throw new SecurityConfigException("Key store " + filename + " already available");
            }

            KeyStore keyStore = KeyStore.getInstance(type);
            keyStore.load(new ByteArrayInputStream(content), password.toCharArray());

            // check for more private keys
            Enumeration enumeration = keyStore.aliases();
            String pvtKeyAlias = null;
            while (enumeration.hasMoreElements()) {
                String alias = (String) enumeration.nextElement();
                if (keyStore.isKeyEntry(alias)) {
                    if (pvtKeyAlias == null) {
                        pvtKeyAlias = alias;
                    } else {
                        // more than one private key
                        throw new SecurityConfigException("more than one private key");
                    }
                }
            }

            // just to test weather pvt key password is correct.
            keyStore.getKey(pvtKeyAlias, pvtkeyPass.toCharArray());

            CryptoUtil cryptoUtil = CryptoUtil.getDefaultCryptoUtil();

            Resource resource = registry.newResource();
            resource.addProperty(SecurityConstants.PROP_PASSWORD,
                    cryptoUtil.encryptAndBase64Encode(password.getBytes()));
            resource.addProperty(SecurityConstants.PROP_PROVIDER, provider);
            resource.addProperty(SecurityConstants.PROP_TYPE, type);

            if (pvtKeyAlias != null) {
                resource.addProperty(SecurityConstants.PROP_PRIVATE_KEY_ALIAS, pvtKeyAlias);
                resource.addProperty(SecurityConstants.PROP_PRIVATE_KEY_PASS,
                        cryptoUtil.encryptAndBase64Encode(pvtkeyPass.getBytes()));
            }

            resource.setContent(content);
            registry.put(path, resource);
        } catch (SecurityConfigException e) {
            throw e;
        } catch (Exception e) {
            String msg = "Error when adding a keyStore";
            log.error(msg, e);
            throw new SecurityConfigException(msg, e);
        }
    }

    public void addTrustStore(String fileData, String filename, String password, String provider, String type)
            throws SecurityConfigException {
        byte[] content = Base64.decode(fileData);
        addTrustStore(content, filename, password, provider, type);
    }

    public void addTrustStore(byte[] content, String filename, String password, String provider, String type)
            throws SecurityConfigException {
        if (filename == null) {
            throw new SecurityConfigException("Key Store name can't be null");
        }
        try {
            if (KeyStoreUtil.isPrimaryStore(filename)) {
                throw new SecurityConfigException("Key store " + filename + " already available");
            }

            String path = SecurityConstants.KEY_STORES + "/" + filename;
            if (registry.resourceExists(path)) {
                throw new SecurityConfigException("Key store " + filename + " already available");
            }

            KeyStore keyStore = KeyStore.getInstance(type);
            keyStore.load(new ByteArrayInputStream(content), password.toCharArray());
            CryptoUtil cryptoUtil = CryptoUtil.getDefaultCryptoUtil();
            Resource resource = registry.newResource();
            resource.addProperty(SecurityConstants.PROP_PASSWORD,
                    cryptoUtil.encryptAndBase64Encode(password.getBytes()));
            resource.addProperty(SecurityConstants.PROP_PROVIDER, provider);
            resource.addProperty(SecurityConstants.PROP_TYPE, type);
            resource.setContent(content);
            registry.put(path, resource);
        } catch (SecurityConfigException e) {
            throw e;
        } catch (Exception e) {
            String msg = "Error when adding a trustStore";
            log.error(msg, e);
            throw new SecurityConfigException(msg, e);
        }
    }

    public void deleteStore(String keyStoreName) throws SecurityConfigException {
        try {
            String keyStoreNameTrim = keyStoreName.trim();
            if (keyStoreName == null || keyStoreNameTrim.length() == 0) {
                throw new SecurityConfigException("Key Store name can't be null");
            }

            if (KeyStoreUtil.isPrimaryStore(keyStoreName)) {
                throw new SecurityConfigException("Not allowed to delete the primary key store : " + keyStoreName);
            }

            String path = SecurityConstants.KEY_STORES + "/" + keyStoreName;
            boolean isFound = false;
            Association[] assocs = registry.getAllAssociations(path);
            if (assocs.length > 0) {
                isFound = true;
            }

            if (isFound) {
                throw new SecurityConfigException(
                        "Key store : " + keyStoreName + " is already in use and can't be deleted");
            }
            registry.delete(path);
        } catch (RegistryException e) {
            String msg = "Error when deleting a keyStore";
            log.error(msg, e);
            throw new SecurityConfigException(msg, e);
        }
    }

    public void importCertToStore(String fileName, String certData, String keyStoreName)
            throws SecurityConfigException {
        try {
            if (keyStoreName == null) {
                throw new SecurityConfigException("Key Store name can't be null");
            }

            KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId);
            KeyStore ks = keyMan.getKeyStore(keyStoreName);

            byte[] bytes = Base64.decode(certData);
            CertificateFactory factory = CertificateFactory.getInstance("X.509");
            X509Certificate cert;
            try {
                cert = (X509Certificate) factory.generateCertificate(new ByteArrayInputStream(bytes));
            } catch (CertificateException e) {
                log.error(e.getMessage(), e);
                throw new SecurityConfigException("Invalid format of the provided certificate file");
            }

            if (ks.getCertificateAlias(cert) != null) {
                // We already have this certificate in the key store - ignore
                // adding it twice
                return;
            }

            ks.setCertificateEntry(fileName, cert);

            keyMan.updateKeyStore(keyStoreName, ks);

        } catch (SecurityConfigException e) {
            throw e;
        } catch (Exception e) {
            String msg = "Error when importing cert to the keyStore";
            log.error(msg, e);
            throw new SecurityConfigException(msg, e);
        }

    }

    public String importCertToStore(String certData, String keyStoreName) throws SecurityConfigException {
        String alias = null;

        try {
            if (keyStoreName == null) {
                throw new SecurityConfigException("Key Store name can't be null");
            }

            KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId);
            KeyStore ks = keyMan.getKeyStore(keyStoreName);

            byte[] bytes = Base64.decode(certData);
            CertificateFactory factory = CertificateFactory.getInstance("X.509");
            X509Certificate cert;
            try {
                cert = (X509Certificate) factory.generateCertificate(new ByteArrayInputStream(bytes));
            } catch (Exception e) {
                throw new SecurityConfigException("Invalid format of the provided certificate file", e);
            }

            if (ks.getCertificateAlias(cert) != null) {
                // We already have this certificate in the key store - ignore
                // adding it twice
                return null;
            }
            alias = cert.getSubjectDN().getName();
            ks.setCertificateEntry(alias, cert);

            keyMan.updateKeyStore(keyStoreName, ks);

            return alias;

        } catch (SecurityConfigException e) {
            throw e;
        } catch (Exception e) {
            String msg = "Error when importing cert to keyStore";
            log.error(msg, e);
            throw new SecurityConfigException(msg);
        }
    }

    public void removeCertFromStore(String alias, String keyStoreName) throws SecurityConfigException {
        try {
            if (keyStoreName == null) {
                throw new SecurityConfigException("Key Store name can't be null");
            }

            KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId);
            KeyStore ks = keyMan.getKeyStore(keyStoreName);

            if (ks.getCertificate(alias) == null) {
                return;
            }

            ks.deleteEntry(alias);
            keyMan.updateKeyStore(keyStoreName, ks);
        } catch (SecurityConfigException e) {
            throw e;
        } catch (Exception e) {
            String msg = "Error when removing cert from store";
            log.error(msg, e);
            throw new SecurityConfigException(msg);
        }
    }

    public String[] getStoreEntries(String keyStoreName) throws SecurityConfigException {
        String[] names;
        try {
            if (keyStoreName == null) {
                throw new Exception("keystore name cannot be null");
            }

            KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId);
            KeyStore ks = keyMan.getKeyStore(keyStoreName);

            Enumeration<String> enm = ks.aliases();
            List<String> lst = new ArrayList<>();
            while (enm.hasMoreElements()) {
                lst.add(enm.nextElement());
            }

            names = lst.toArray(new String[lst.size()]);
        } catch (SecurityConfigException e) {
            throw e;
        } catch (Exception e) {
            String msg = "Error when getting store entries";
            log.error(msg, e);
            throw new SecurityConfigException(msg);
        }

        return names;
    }

    /**
     * This method will list 1. Certificate aliases 2. Private key alise 3. Private key value to a
     * given keystore.
     *
     * @param keyStoreName The name of the keystore
     * @return Instance of KeyStoreData
     * @throws SecurityConfigException will be thrown
     */
    public KeyStoreData getKeystoreInfo(String keyStoreName) throws SecurityConfigException {
        try {

            if (keyStoreName == null) {
                throw new Exception("keystore name cannot be null");
            }

            KeyStore keyStore;
            String keyStoreType;
            String privateKeyPassowrd = null;
            if (KeyStoreUtil.isPrimaryStore(keyStoreName)) {
                KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId);
                keyStore = keyMan.getPrimaryKeyStore();
                ServerConfiguration serverConfig = ServerConfiguration.getInstance();
                keyStoreType = serverConfig
                        .getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIMARY_KEYSTORE_TYPE);
                privateKeyPassowrd = serverConfig
                        .getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIVATE_KEY_PASSWORD);
            } else {
                String path = SecurityConstants.KEY_STORES + "/" + keyStoreName;
                if (!registry.resourceExists(path)) {
                    throw new SecurityConfigException("Key Store not found");
                }
                Resource resource = registry.get(path);
                KeyStoreManager manager = KeyStoreManager.getInstance(tenantId);
                keyStore = manager.getKeyStore(keyStoreName);
                keyStoreType = resource.getProperty(SecurityConstants.PROP_TYPE);

                String encpass = resource.getProperty(SecurityConstants.PROP_PRIVATE_KEY_PASS);
                if (encpass != null) {
                    CryptoUtil util = CryptoUtil.getDefaultCryptoUtil();
                    privateKeyPassowrd = new String(util.base64DecodeAndDecrypt(encpass));
                }
            }
            // Fill the information about the certificates
            Enumeration<String> aliases = keyStore.aliases();
            List<org.wso2.carbon.security.keystore.service.CertData> certDataList = new ArrayList<>();
            Format formatter = new SimpleDateFormat("dd/MM/yyyy");

            while (aliases.hasMoreElements()) {
                String alias = aliases.nextElement();
                if (keyStore.isCertificateEntry(alias)) {
                    X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
                    certDataList.add(fillCertData(cert, alias, formatter));
                }
            }

            // Create a cert array
            CertData[] certs = certDataList.toArray(new CertData[certDataList.size()]);

            // Create a KeyStoreData bean, set the name and fill in the cert information
            KeyStoreData keyStoreData = new KeyStoreData();
            keyStoreData.setKeyStoreName(keyStoreName);
            keyStoreData.setCerts(certs);
            keyStoreData.setKeyStoreType(keyStoreType);

            aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String alias = aliases.nextElement();
                // There be only one entry in WSAS related keystores
                if (keyStore.isKeyEntry(alias)) {
                    X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
                    keyStoreData.setKey(fillCertData(cert, alias, formatter));

                    PrivateKey key = (PrivateKey) keyStore.getKey(alias, privateKeyPassowrd.toCharArray());
                    String pemKey;
                    pemKey = "-----BEGIN PRIVATE KEY-----\n";
                    pemKey += Base64.encode(key.getEncoded());
                    pemKey += "\n-----END PRIVATE KEY-----";
                    keyStoreData.setKeyValue(pemKey);
                    break;

                }
            }
            return keyStoreData;
        } catch (Exception e) {
            String msg = "Error has encounted while loading the keystore to the given keystore name "
                    + keyStoreName;
            log.error(msg, e);
            throw new SecurityConfigException(msg);
        }

    }

    public Key getPrivateKey(String alias, boolean isSuperTenant) throws SecurityConfigException {
        KeyStoreData[] keystores = getKeyStores(isSuperTenant);
        KeyStore keyStore = null;
        String privateKeyPassowrd = null;

        try {

            for (int i = 0; i < keystores.length; i++) {
                if (KeyStoreUtil.isPrimaryStore(keystores[i].getKeyStoreName())) {
                    KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId);
                    keyStore = keyMan.getPrimaryKeyStore();
                    ServerConfiguration serverConfig = ServerConfiguration.getInstance();
                    privateKeyPassowrd = serverConfig
                            .getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIVATE_KEY_PASSWORD);
                    return keyStore.getKey(alias, privateKeyPassowrd.toCharArray());
                }
            }
        } catch (Exception e) {
            String msg = "Error has encounted while loading the key for the given alias " + alias;
            log.error(msg, e);
            throw new SecurityConfigException(msg);
        }
        return null;
    }

    private CertData fillCertData(X509Certificate cert, String alise, Format formatter)
            throws CertificateEncodingException {
        CertData certData = null;

        if (includeCert) {
            certData = new CertDataDetail();
        } else {
            certData = new CertData();
        }
        certData.setAlias(alise);
        certData.setSubjectDN(cert.getSubjectDN().getName());
        certData.setIssuerDN(cert.getIssuerDN().getName());
        certData.setSerialNumber(cert.getSerialNumber());
        certData.setVersion(cert.getVersion());
        certData.setNotAfter(formatter.format(cert.getNotAfter()));
        certData.setNotBefore(formatter.format(cert.getNotBefore()));
        certData.setPublicKey(Base64.encode(cert.getPublicKey().getEncoded()));

        if (includeCert) {
            ((CertDataDetail) certData).setCertificate(cert);
        }

        return certData;
    }

    private byte[] readBytesFromFile(String filePath) throws IOException {
        InputStream inputStream = null;
        File file = new File(filePath);
        long length;
        byte[] bytes;
        int offset = 0;
        int numRead = 0;

        try {
            inputStream = new FileInputStream(file);
            length = file.length();
            bytes = new byte[(int) length];

            while (offset < bytes.length
                    && (numRead = inputStream.read(bytes, offset, bytes.length - offset)) >= 0) {
                offset += numRead;
            }
        } finally {
            if (inputStream != null) {
                inputStream.close();
            }
        }

        return bytes;
    }

    /**
     * This method is used to generate the file name of the pub. cert of a tenant
     *
     * @param ksLocation keystore location in the registry
     * @param uuid       UUID appender
     * @return file name of the pub. cert
     */
    private String generatePubCertFileName(String ksLocation, String uuid) {
        String tenantName = ksLocation.substring(ksLocation.lastIndexOf("/"));
        if (tenantName.endsWith(".jks")) {
            tenantName = tenantName.replace(".jks", "");
        }
        return tenantName + "-" + uuid + ".cert";
    }

    /**
     * This method is used internally to do the pagination purposes.
     *
     * @param pageNumber  page Number
     * @param certDataSet set of keyStoreData
     * @return PaginatedPolicySetDTO object containing the number of pages and the set of policies
     * that reside in the given page.
     */
    private PaginatedCertData doPaging(int pageNumber, CertData[] certDataSet) {

        PaginatedCertData paginatedCertData = new PaginatedCertData();
        if (certDataSet.length == 0) {
            paginatedCertData.setCertDataSet(new CertData[0]);
            return paginatedCertData;
        }
        int itemsPerPageInt = SecurityConstants.ITEMS_PER_PAGE;
        int numberOfPages = (int) Math.ceil((double) certDataSet.length / itemsPerPageInt);
        if (pageNumber > numberOfPages - 1) {
            pageNumber = numberOfPages - 1;
        }
        int startIndex = pageNumber * itemsPerPageInt;
        int endIndex = (pageNumber + SecurityConstants.CACHING_PAGE_SIZE) * itemsPerPageInt;
        CertData[] returnedCertDataSet = new CertData[itemsPerPageInt * SecurityConstants.CACHING_PAGE_SIZE];

        for (int i = startIndex, j = 0; i < endIndex && i < certDataSet.length; i++, j++) {
            returnedCertDataSet[j] = certDataSet[i];
        }

        paginatedCertData.setCertDataSet(returnedCertDataSet);
        paginatedCertData.setNumberOfPages(numberOfPages);

        return paginatedCertData;
    }

    /**
     * This method will list 1. Certificate aliases 2. Private key alise 3. Private key value to a
     * given keystore.
     *
     * @param keyStoreName The name of the keystore
     * @param pageNumber   page number
     * @return Instance of KeyStoreData
     * @throws SecurityConfigException will be thrown
     */
    public PaginatedKeyStoreData getPaginatedKeystoreInfo(String keyStoreName, int pageNumber)
            throws SecurityConfigException {
        try {

            if (keyStoreName == null) {
                throw new Exception("keystore name cannot be null");
            }

            KeyStore keyStore;
            String keyStoreType;
            String privateKeyPassowrd = null;
            if (KeyStoreUtil.isPrimaryStore(keyStoreName)) {
                KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId);
                keyStore = keyMan.getPrimaryKeyStore();
                ServerConfiguration serverConfig = ServerConfiguration.getInstance();
                keyStoreType = serverConfig
                        .getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIMARY_KEYSTORE_TYPE);
                privateKeyPassowrd = serverConfig
                        .getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIVATE_KEY_PASSWORD);
            } else {
                String path = SecurityConstants.KEY_STORES + "/" + keyStoreName;
                if (!registry.resourceExists(path)) {
                    throw new SecurityConfigException("Key Store not found");
                }
                Resource resource = registry.get(path);
                KeyStoreManager manager = KeyStoreManager.getInstance(tenantId);
                keyStore = manager.getKeyStore(keyStoreName);
                keyStoreType = resource.getProperty(SecurityConstants.PROP_TYPE);

                String encpass = resource.getProperty(SecurityConstants.PROP_PRIVATE_KEY_PASS);
                if (encpass != null) {
                    CryptoUtil util = CryptoUtil.getDefaultCryptoUtil();
                    privateKeyPassowrd = new String(util.base64DecodeAndDecrypt(encpass));
                }
            }
            // Fill the information about the certificates
            Enumeration<String> aliases = keyStore.aliases();
            List<org.wso2.carbon.security.keystore.service.CertData> certDataList = new ArrayList<>();
            Format formatter = new SimpleDateFormat("dd/MM/yyyy");

            while (aliases.hasMoreElements()) {
                String alias = aliases.nextElement();
                if (keyStore.isCertificateEntry(alias)) {
                    X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
                    certDataList.add(fillCertData(cert, alias, formatter));
                }
            }

            // Create a cert array
            CertData[] certs = certDataList.toArray(new CertData[certDataList.size()]);

            // Create a KeyStoreData bean, set the name and fill in the cert information
            PaginatedKeyStoreData keyStoreData = new PaginatedKeyStoreData();
            keyStoreData.setKeyStoreName(keyStoreName);
            keyStoreData.setPaginatedCertData(doPaging(pageNumber, certs));
            keyStoreData.setKeyStoreType(keyStoreType);

            aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String alias = aliases.nextElement();
                // There be only one entry in WSAS related keystores
                if (keyStore.isKeyEntry(alias)) {
                    X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
                    keyStoreData.setKey(fillCertData(cert, alias, formatter));

                    PrivateKey key = (PrivateKey) keyStore.getKey(alias, privateKeyPassowrd.toCharArray());
                    String pemKey;
                    pemKey = "-----BEGIN PRIVATE KEY-----\n";
                    pemKey += Base64.encode(key.getEncoded());
                    pemKey += "\n-----END PRIVATE KEY-----";
                    keyStoreData.setKeyValue(pemKey);
                    break;

                }
            }
            return keyStoreData;
        } catch (Exception e) {
            String msg = "Error has encounted while loading the keystore to the given keystore name "
                    + keyStoreName;
            log.error(msg, e);
            throw new SecurityConfigException(msg);
        }

    }

}