179 return keystore.engineEntryInstanceOf(alias, entryClass);
180 }
181
182 @Override
183 public void engineStore(OutputStream stream, char[] password)
184 throws IOException, NoSuchAlgorithmException, CertificateException {
185
186 if (debug != null) {
187 debug.println("Storing keystore in " + type + " format");
188 }
189 keystore.engineStore(stream, password);
190 }
191
192 @Override
193 public void engineLoad(InputStream stream, char[] password)
194 throws IOException, NoSuchAlgorithmException, CertificateException {
195
196 // A new keystore is always created in the primary keystore format
197 if (stream == null) {
198 try {
199 keystore = primaryKeyStore.newInstance();
200
201 } catch (InstantiationException | IllegalAccessException e) {
202 // can safely ignore
203 }
204 type = primaryType;
205
206 if (debug != null) {
207 debug.println("Creating a new keystore in " + type + " format");
208 }
209 keystore.engineLoad(stream, password);
210
211 } else {
212 // First try the primary keystore then try the secondary keystore
213 InputStream bufferedStream = new BufferedInputStream(stream);
214 bufferedStream.mark(Integer.MAX_VALUE);
215
216 try {
217 keystore = primaryKeyStore.newInstance();
218 type = primaryType;
219 keystore.engineLoad(bufferedStream, password);
220
221 } catch (Exception e) {
222
223 // incorrect password
224 if (e instanceof IOException &&
225 e.getCause() instanceof UnrecoverableKeyException) {
226 throw (IOException)e;
227 }
228
229 try {
230 // Ignore secondary keystore when no compatibility mode
231 if (!compatModeEnabled) {
232 throw e;
233 }
234
235 keystore = secondaryKeyStore.newInstance();
236 type = secondaryType;
237 bufferedStream.reset();
238 keystore.engineLoad(bufferedStream, password);
239
240 if (debug != null) {
241 debug.println("WARNING: switching from " +
242 primaryType + " to " + secondaryType +
243 " keystore file format has altered the " +
244 "keystore security level");
245 }
246
247 } catch (InstantiationException |
248 IllegalAccessException e2) {
249 // can safely ignore
250
251 } catch (IOException |
252 NoSuchAlgorithmException |
253 CertificateException e3) {
254
255 // incorrect password
267 }
268 }
269 }
270
271 if (debug != null) {
272 debug.println("Loaded a keystore in " + type + " format");
273 }
274 }
275 }
276
277 /**
278 * Probe the first few bytes of the keystore data stream for a valid
279 * keystore encoding. Only the primary keystore implementation is probed.
280 */
281 @Override
282 public boolean engineProbe(InputStream stream) throws IOException {
283
284 boolean result = false;
285
286 try {
287 keystore = primaryKeyStore.newInstance();
288 type = primaryType;
289 result = keystore.engineProbe(stream);
290
291 } catch (Exception e) {
292 throw new IOException(e);
293
294 } finally {
295 // reset
296 if (result == false) {
297 type = null;
298 keystore = null;
299 }
300 }
301
302 return result;
303 }
304 }
|
179 return keystore.engineEntryInstanceOf(alias, entryClass);
180 }
181
182 @Override
183 public void engineStore(OutputStream stream, char[] password)
184 throws IOException, NoSuchAlgorithmException, CertificateException {
185
186 if (debug != null) {
187 debug.println("Storing keystore in " + type + " format");
188 }
189 keystore.engineStore(stream, password);
190 }
191
192 @Override
193 public void engineLoad(InputStream stream, char[] password)
194 throws IOException, NoSuchAlgorithmException, CertificateException {
195
196 // A new keystore is always created in the primary keystore format
197 if (stream == null) {
198 try {
199 @SuppressWarnings("deprecation")
200 KeyStoreSpi tmp = primaryKeyStore.newInstance();
201 keystore = tmp;
202 } catch (InstantiationException | IllegalAccessException e) {
203 // can safely ignore
204 }
205 type = primaryType;
206
207 if (debug != null) {
208 debug.println("Creating a new keystore in " + type + " format");
209 }
210 keystore.engineLoad(stream, password);
211
212 } else {
213 // First try the primary keystore then try the secondary keystore
214 InputStream bufferedStream = new BufferedInputStream(stream);
215 bufferedStream.mark(Integer.MAX_VALUE);
216
217 try {
218 @SuppressWarnings("deprecation")
219 KeyStoreSpi tmp = primaryKeyStore.newInstance();
220 keystore = tmp;
221 type = primaryType;
222 keystore.engineLoad(bufferedStream, password);
223
224 } catch (Exception e) {
225
226 // incorrect password
227 if (e instanceof IOException &&
228 e.getCause() instanceof UnrecoverableKeyException) {
229 throw (IOException)e;
230 }
231
232 try {
233 // Ignore secondary keystore when no compatibility mode
234 if (!compatModeEnabled) {
235 throw e;
236 }
237
238 @SuppressWarnings("deprecation")
239 KeyStoreSpi tmp= secondaryKeyStore.newInstance();
240 keystore = tmp;
241 type = secondaryType;
242 bufferedStream.reset();
243 keystore.engineLoad(bufferedStream, password);
244
245 if (debug != null) {
246 debug.println("WARNING: switching from " +
247 primaryType + " to " + secondaryType +
248 " keystore file format has altered the " +
249 "keystore security level");
250 }
251
252 } catch (InstantiationException |
253 IllegalAccessException e2) {
254 // can safely ignore
255
256 } catch (IOException |
257 NoSuchAlgorithmException |
258 CertificateException e3) {
259
260 // incorrect password
272 }
273 }
274 }
275
276 if (debug != null) {
277 debug.println("Loaded a keystore in " + type + " format");
278 }
279 }
280 }
281
282 /**
283 * Probe the first few bytes of the keystore data stream for a valid
284 * keystore encoding. Only the primary keystore implementation is probed.
285 */
286 @Override
287 public boolean engineProbe(InputStream stream) throws IOException {
288
289 boolean result = false;
290
291 try {
292 @SuppressWarnings("deprecation")
293 KeyStoreSpi tmp = primaryKeyStore.newInstance();
294 keystore = tmp;
295 type = primaryType;
296 result = keystore.engineProbe(stream);
297
298 } catch (Exception e) {
299 throw new IOException(e);
300
301 } finally {
302 // reset
303 if (result == false) {
304 type = null;
305 keystore = null;
306 }
307 }
308
309 return result;
310 }
311 }
|