1 /* 2 * reserved comment block 3 * DO NOT REMOVE OR ALTER! 4 */ 5 /** 6 * Licensed to the Apache Software Foundation (ASF) under one 7 * or more contributor license agreements. See the NOTICE file 8 * distributed with this work for additional information 9 * regarding copyright ownership. The ASF licenses this file 10 * to you under the Apache License, Version 2.0 (the 11 * "License"); you may not use this file except in compliance 12 * with the License. You may obtain a copy of the License at 13 * 14 * http://www.apache.org/licenses/LICENSE-2.0 15 * 16 * Unless required by applicable law or agreed to in writing, 17 * software distributed under the License is distributed on an 18 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 19 * KIND, either express or implied. See the License for the 20 * specific language governing permissions and limitations 21 * under the License. 22 */ 23 package com.sun.org.apache.xml.internal.security.keys.storage.implementations; 24 25 import java.io.File; 26 import java.io.FileInputStream; 27 import java.io.FileNotFoundException; 28 import java.io.IOException; 29 import java.security.cert.Certificate; 30 import java.security.cert.CertificateException; 31 import java.security.cert.CertificateExpiredException; 32 import java.security.cert.CertificateFactory; 33 import java.security.cert.CertificateNotYetValidException; 34 import java.security.cert.X509Certificate; 35 import java.util.ArrayList; 36 import java.util.Iterator; 37 import java.util.List; 38 39 import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverException; 40 import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverSpi; 41 import com.sun.org.apache.xml.internal.security.utils.Base64; 42 43 /** 44 * This {@link StorageResolverSpi} makes all raw (binary) {@link X509Certificate}s 45 * which reside as files in a single directory available to the 46 * {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}. 47 */ 48 public class CertsInFilesystemDirectoryResolver extends StorageResolverSpi { 49 50 /** {@link org.apache.commons.logging} logging facility */ 51 private static java.util.logging.Logger log = 52 java.util.logging.Logger.getLogger( 53 CertsInFilesystemDirectoryResolver.class.getName() 54 ); 55 56 /** Field merlinsCertificatesDir */ 57 private String merlinsCertificatesDir = null; 58 59 /** Field certs */ 60 private List<X509Certificate> certs = new ArrayList<X509Certificate>(); 61 62 /** 63 * @param directoryName 64 * @throws StorageResolverException 65 */ 66 public CertsInFilesystemDirectoryResolver(String directoryName) 67 throws StorageResolverException { 68 this.merlinsCertificatesDir = directoryName; 69 70 this.readCertsFromHarddrive(); 71 } 72 73 /** 74 * Method readCertsFromHarddrive 75 * 76 * @throws StorageResolverException 77 */ 78 private void readCertsFromHarddrive() throws StorageResolverException { 79 80 File certDir = new File(this.merlinsCertificatesDir); 81 List<String> al = new ArrayList<String>(); 82 String[] names = certDir.list(); 83 84 for (int i = 0; i < names.length; i++) { 85 String currentFileName = names[i]; 86 87 if (currentFileName.endsWith(".crt")) { 88 al.add(names[i]); 89 } 90 } 91 92 CertificateFactory cf = null; 93 94 try { 95 cf = CertificateFactory.getInstance("X.509"); 96 } catch (CertificateException ex) { 97 throw new StorageResolverException("empty", ex); 98 } 99 100 if (cf == null) { 101 throw new StorageResolverException("empty"); 102 } 103 104 for (int i = 0; i < al.size(); i++) { 105 String filename = certDir.getAbsolutePath() + File.separator + al.get(i); 106 File file = new File(filename); 107 boolean added = false; 108 String dn = null; 109 110 FileInputStream fis = null; 111 try { 112 fis = new FileInputStream(file); 113 X509Certificate cert = 114 (X509Certificate) cf.generateCertificate(fis); 115 116 //add to ArrayList 117 cert.checkValidity(); 118 this.certs.add(cert); 119 120 dn = cert.getSubjectX500Principal().getName(); 121 added = true; 122 } catch (FileNotFoundException ex) { 123 if (log.isLoggable(java.util.logging.Level.FINE)) { 124 log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); 125 } 126 } catch (CertificateNotYetValidException ex) { 127 if (log.isLoggable(java.util.logging.Level.FINE)) { 128 log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); 129 } 130 } catch (CertificateExpiredException ex) { 131 if (log.isLoggable(java.util.logging.Level.FINE)) { 132 log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); 133 } 134 } catch (CertificateException ex) { 135 if (log.isLoggable(java.util.logging.Level.FINE)) { 136 log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); 137 } 138 } finally { 139 try { 140 if (fis != null) { 141 fis.close(); 142 } 143 } catch (IOException ex) { 144 if (log.isLoggable(java.util.logging.Level.FINE)) { 145 log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex); 146 } 147 } 148 } 149 150 if (added && log.isLoggable(java.util.logging.Level.FINE)) { 151 log.log(java.util.logging.Level.FINE, "Added certificate: " + dn); 152 } 153 } 154 } 155 156 /** @inheritDoc */ 157 public Iterator<Certificate> getIterator() { 158 return new FilesystemIterator(this.certs); 159 } 160 161 /** 162 * Class FilesystemIterator 163 */ 164 private static class FilesystemIterator implements Iterator<Certificate> { 165 166 /** Field certs */ 167 List<X509Certificate> certs = null; 168 169 /** Field i */ 170 int i; 171 172 /** 173 * Constructor FilesystemIterator 174 * 175 * @param certs 176 */ 177 public FilesystemIterator(List<X509Certificate> certs) { 178 this.certs = certs; 179 this.i = 0; 180 } 181 182 /** @inheritDoc */ 183 public boolean hasNext() { 184 return (this.i < this.certs.size()); 185 } 186 187 /** @inheritDoc */ 188 public Certificate next() { 189 return this.certs.get(this.i++); 190 } 191 192 /** 193 * Method remove 194 * 195 */ 196 public void remove() { 197 throw new UnsupportedOperationException("Can't remove keys from KeyStore"); 198 } 199 } 200 201 /** 202 * Method main 203 * 204 * @param unused 205 * @throws Exception 206 */ 207 public static void main(String unused[]) throws Exception { 208 209 CertsInFilesystemDirectoryResolver krs = 210 new CertsInFilesystemDirectoryResolver( 211 "data/ie/baltimore/merlin-examples/merlin-xmldsig-eighteen/certs"); 212 213 for (Iterator<Certificate> i = krs.getIterator(); i.hasNext(); ) { 214 X509Certificate cert = (X509Certificate) i.next(); 215 byte[] ski = 216 com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SKI.getSKIBytesFromCert(cert); 217 218 System.out.println(); 219 System.out.println("Base64(SKI())= \"" 220 + Base64.encode(ski) + "\""); 221 System.out.println("cert.getSerialNumber()= \"" 222 + cert.getSerialNumber().toString() + "\""); 223 System.out.println("cert.getSubjectX500Principal().getName()= \"" 224 + cert.getSubjectX500Principal().getName() + "\""); 225 System.out.println("cert.getIssuerX500Principal().getName()= \"" 226 + cert.getIssuerX500Principal().getName() + "\""); 227 } 228 } 229 }