1 /*
2 * reserved comment block
3 * DO NOT REMOVE OR ALTER!
4 */
5 /**
6 * Licensed to the Apache Software Foundation (ASF) under one
7 * or more contributor license agreements. See the NOTICE file
8 * distributed with this work for additional information
9 * regarding copyright ownership. The ASF licenses this file
10 * to you under the Apache License, Version 2.0 (the
11 * "License"); you may not use this file except in compliance
12 * with the License. You may obtain a copy of the License at
13 *
14 * http://www.apache.org/licenses/LICENSE-2.0
15 *
16 * Unless required by applicable law or agreed to in writing,
17 * software distributed under the License is distributed on an
18 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
19 * KIND, either express or implied. See the License for the
20 * specific language governing permissions and limitations
21 * under the License.
22 */
23 package com.sun.org.apache.xml.internal.security.keys.storage.implementations;
24
25 import java.io.File;
26 import java.io.FileInputStream;
27 import java.io.FileNotFoundException;
28 import java.io.IOException;
29 import java.security.cert.Certificate;
30 import java.security.cert.CertificateException;
31 import java.security.cert.CertificateExpiredException;
32 import java.security.cert.CertificateFactory;
33 import java.security.cert.CertificateNotYetValidException;
34 import java.security.cert.X509Certificate;
35 import java.util.ArrayList;
36 import java.util.Iterator;
37 import java.util.List;
38
39 import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverException;
40 import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolverSpi;
41 import com.sun.org.apache.xml.internal.security.utils.Base64;
42
43 /**
44 * This {@link StorageResolverSpi} makes all raw (binary) {@link X509Certificate}s
45 * which reside as files in a single directory available to the
46 * {@link com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver}.
47 */
48 public class CertsInFilesystemDirectoryResolver extends StorageResolverSpi {
49
50 /** {@link org.apache.commons.logging} logging facility */
51 private static java.util.logging.Logger log =
52 java.util.logging.Logger.getLogger(
53 CertsInFilesystemDirectoryResolver.class.getName()
54 );
55
56 /** Field merlinsCertificatesDir */
57 private String merlinsCertificatesDir = null;
58
59 /** Field certs */
60 private List<X509Certificate> certs = new ArrayList<X509Certificate>();
61
62 /**
63 * @param directoryName
64 * @throws StorageResolverException
65 */
66 public CertsInFilesystemDirectoryResolver(String directoryName)
67 throws StorageResolverException {
68 this.merlinsCertificatesDir = directoryName;
69
70 this.readCertsFromHarddrive();
71 }
72
73 /**
74 * Method readCertsFromHarddrive
75 *
76 * @throws StorageResolverException
77 */
78 private void readCertsFromHarddrive() throws StorageResolverException {
79
80 File certDir = new File(this.merlinsCertificatesDir);
81 List<String> al = new ArrayList<String>();
82 String[] names = certDir.list();
83
84 for (int i = 0; i < names.length; i++) {
85 String currentFileName = names[i];
86
87 if (currentFileName.endsWith(".crt")) {
88 al.add(names[i]);
89 }
90 }
91
92 CertificateFactory cf = null;
93
94 try {
95 cf = CertificateFactory.getInstance("X.509");
96 } catch (CertificateException ex) {
97 throw new StorageResolverException("empty", ex);
98 }
99
100 if (cf == null) {
101 throw new StorageResolverException("empty");
102 }
103
104 for (int i = 0; i < al.size(); i++) {
105 String filename = certDir.getAbsolutePath() + File.separator + al.get(i);
106 File file = new File(filename);
107 boolean added = false;
108 String dn = null;
109
110 FileInputStream fis = null;
111 try {
112 fis = new FileInputStream(file);
113 X509Certificate cert =
114 (X509Certificate) cf.generateCertificate(fis);
115
116 //add to ArrayList
117 cert.checkValidity();
118 this.certs.add(cert);
119
120 dn = cert.getSubjectX500Principal().getName();
121 added = true;
122 } catch (FileNotFoundException ex) {
123 if (log.isLoggable(java.util.logging.Level.FINE)) {
124 log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
125 }
126 } catch (CertificateNotYetValidException ex) {
127 if (log.isLoggable(java.util.logging.Level.FINE)) {
128 log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
129 }
130 } catch (CertificateExpiredException ex) {
131 if (log.isLoggable(java.util.logging.Level.FINE)) {
132 log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
133 }
134 } catch (CertificateException ex) {
135 if (log.isLoggable(java.util.logging.Level.FINE)) {
136 log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
137 }
138 } finally {
139 try {
140 if (fis != null) {
141 fis.close();
142 }
143 } catch (IOException ex) {
144 if (log.isLoggable(java.util.logging.Level.FINE)) {
145 log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
146 }
147 }
148 }
149
150 if (added && log.isLoggable(java.util.logging.Level.FINE)) {
151 log.log(java.util.logging.Level.FINE, "Added certificate: " + dn);
152 }
153 }
154 }
155
156 /** @inheritDoc */
157 public Iterator<Certificate> getIterator() {
158 return new FilesystemIterator(this.certs);
159 }
160
161 /**
162 * Class FilesystemIterator
163 */
164 private static class FilesystemIterator implements Iterator<Certificate> {
165
166 /** Field certs */
167 List<X509Certificate> certs = null;
168
169 /** Field i */
170 int i;
171
172 /**
173 * Constructor FilesystemIterator
174 *
175 * @param certs
176 */
177 public FilesystemIterator(List<X509Certificate> certs) {
178 this.certs = certs;
179 this.i = 0;
180 }
181
182 /** @inheritDoc */
183 public boolean hasNext() {
184 return (this.i < this.certs.size());
185 }
186
187 /** @inheritDoc */
188 public Certificate next() {
189 return this.certs.get(this.i++);
190 }
191
192 /**
193 * Method remove
194 *
195 */
196 public void remove() {
197 throw new UnsupportedOperationException("Can't remove keys from KeyStore");
198 }
199 }
200
201 /**
202 * Method main
203 *
204 * @param unused
205 * @throws Exception
206 */
207 public static void main(String unused[]) throws Exception {
208
209 CertsInFilesystemDirectoryResolver krs =
210 new CertsInFilesystemDirectoryResolver(
211 "data/ie/baltimore/merlin-examples/merlin-xmldsig-eighteen/certs");
212
213 for (Iterator<Certificate> i = krs.getIterator(); i.hasNext(); ) {
214 X509Certificate cert = (X509Certificate) i.next();
215 byte[] ski =
216 com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509SKI.getSKIBytesFromCert(cert);
217
218 System.out.println();
219 System.out.println("Base64(SKI())= \""
220 + Base64.encode(ski) + "\"");
221 System.out.println("cert.getSerialNumber()= \""
222 + cert.getSerialNumber().toString() + "\"");
223 System.out.println("cert.getSubjectX500Principal().getName()= \""
224 + cert.getSubjectX500Principal().getName() + "\"");
225 System.out.println("cert.getIssuerX500Principal().getName()= \""
226 + cert.getIssuerX500Principal().getName() + "\"");
227 }
228 }
229 }