1 /*
   2  * Copyright (c) 2011, 2020, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package apple.security;
  27 
  28 import java.io.*;
  29 import java.security.*;
  30 import java.security.cert.*;
  31 import java.security.cert.Certificate;
  32 import java.security.spec.*;
  33 import java.util.*;
  34 
  35 import javax.crypto.*;
  36 import javax.crypto.spec.*;
  37 import javax.security.auth.x500.*;
  38 
  39 import sun.security.pkcs.*;
  40 import sun.security.pkcs.EncryptedPrivateKeyInfo;
  41 import sun.security.util.*;
  42 import sun.security.x509.*;
  43 
  44 /**
  45  * This class provides the keystore implementation referred to as "KeychainStore".
  46  * It uses the current user's keychain as its backing storage, and does NOT support
  47  * a file-based implementation.
  48  */
  49 
  50 public final class KeychainStore extends KeyStoreSpi {
  51 
  52     // Private keys and their supporting certificate chains
  53     // If a key came from the keychain it has a SecKeyRef and one or more
  54     // SecCertificateRef.  When we delete the key we have to delete all of the corresponding
  55     // native objects.
  56     class KeyEntry {
  57         Date date; // the creation date of this entry
  58         byte[] protectedPrivKey;
  59         char[] password;
  60         long keyRef;  // SecKeyRef for this key
  61         Certificate chain[];
  62         long chainRefs[];  // SecCertificateRefs for this key's chain.
  63     };
  64 
  65     // Trusted certificates
  66     class TrustedCertEntry {
  67         Date date; // the creation date of this entry
  68 
  69         Certificate cert;
  70         long certRef;  // SecCertificateRef for this key
  71     };
  72 
  73     /**
  74      * Entries that have been deleted.  When something calls engineStore we'll
  75      * remove them from the keychain.
  76      */
  77     private Hashtable<String, Object> deletedEntries = new Hashtable<>();
  78 
  79     /**
  80      * Entries that have been added.  When something calls engineStore we'll
  81      * add them to the keychain.
  82      */
  83     private Hashtable<String, Object> addedEntries = new Hashtable<>();
  84 
  85     /**
  86      * Private keys and certificates are stored in a hashtable.
  87      * Hash entries are keyed by alias names.
  88      */
  89     private Hashtable<String, Object> entries = new Hashtable<>();
  90 
  91     /**
  92      * Algorithm identifiers and corresponding OIDs for the contents of the PKCS12 bag we get from the Keychain.
  93      */
  94     private static final int keyBag[]  = {1, 2, 840, 113549, 1, 12, 10, 1, 2};
  95     private static final int pbeWithSHAAnd3KeyTripleDESCBC[] =     {1, 2, 840, 113549, 1, 12, 1, 3};
  96     private static ObjectIdentifier PKCS8ShroudedKeyBag_OID;
  97     private static ObjectIdentifier pbeWithSHAAnd3KeyTripleDESCBC_OID;
  98 
  99     /**
 100      * Constnats used in PBE decryption.
 101      */
 102     private static final int iterationCount = 1024;
 103     private static final int SALT_LEN = 20;
 104 
 105     private static final Debug debug = Debug.getInstance("keystore");
 106 
 107     static {
 108         AccessController.doPrivileged(
 109             new PrivilegedAction<Void>() {
 110                 public Void run() {
 111                     System.loadLibrary("osxsecurity");
 112                     return null;
 113                 }
 114             });
 115         try {
 116             PKCS8ShroudedKeyBag_OID = new ObjectIdentifier(keyBag);
 117             pbeWithSHAAnd3KeyTripleDESCBC_OID = new ObjectIdentifier(pbeWithSHAAnd3KeyTripleDESCBC);
 118         } catch (IOException ioe) {
 119             // should not happen
 120         }
 121     }
 122 
 123     private static void permissionCheck() {
 124         SecurityManager sec = System.getSecurityManager();
 125 
 126         if (sec != null) {
 127             sec.checkPermission(new RuntimePermission("useKeychainStore"));
 128         }
 129     }
 130 
 131 
 132     /**
 133      * Verify the Apple provider in the constructor.
 134      *
 135      * @exception SecurityException if fails to verify
 136      * its own integrity
 137      */
 138     public KeychainStore() { }
 139 
 140     /**
 141         * Returns the key associated with the given alias, using the given
 142      * password to recover it.
 143      *
 144      * @param alias the alias name
 145      * @param password the password for recovering the key. This password is
 146      *        used internally as the key is exported in a PKCS12 format.
 147      *
 148      * @return the requested key, or null if the given alias does not exist
 149      * or does not identify a <i>key entry</i>.
 150      *
 151      * @exception NoSuchAlgorithmException if the algorithm for recovering the
 152      * key cannot be found
 153      * @exception UnrecoverableKeyException if the key cannot be recovered
 154      * (e.g., the given password is wrong).
 155      */
 156     public Key engineGetKey(String alias, char[] password)
 157         throws NoSuchAlgorithmException, UnrecoverableKeyException
 158     {
 159         permissionCheck();
 160 
 161         // An empty password is rejected by MacOS API, no private key data
 162         // is exported. If no password is passed (as is the case when
 163         // this implementation is used as browser keystore in various
 164         // deployment scenarios like Webstart, JFX and applets), create
 165         // a dummy password so MacOS API is happy.
 166         if (password == null || password.length == 0) {
 167             // Must not be a char array with only a 0, as this is an empty
 168             // string.
 169             if (random == null) {
 170                 random = new SecureRandom();
 171             }
 172             password = Long.toString(random.nextLong()).toCharArray();
 173         }
 174 
 175         Object entry = entries.get(alias.toLowerCase());
 176 
 177         if (entry == null || !(entry instanceof KeyEntry)) {
 178             return null;
 179         }
 180 
 181         // This call gives us a PKCS12 bag, with the key inside it.
 182         byte[] exportedKeyInfo = _getEncodedKeyData(((KeyEntry)entry).keyRef, password);
 183         if (exportedKeyInfo == null) {
 184             return null;
 185         }
 186 
 187         PrivateKey returnValue = null;
 188 
 189         try {
 190             byte[] pkcs8KeyData = fetchPrivateKeyFromBag(exportedKeyInfo);
 191             byte[] encryptedKey;
 192             AlgorithmParameters algParams;
 193             ObjectIdentifier algOid;
 194             try {
 195                 // get the encrypted private key
 196                 EncryptedPrivateKeyInfo encrInfo = new EncryptedPrivateKeyInfo(pkcs8KeyData);
 197                 encryptedKey = encrInfo.getEncryptedData();
 198 
 199                 // parse Algorithm parameters
 200                 DerValue val = new DerValue(encrInfo.getAlgorithm().encode());
 201                 DerInputStream in = val.toDerInputStream();
 202                 algOid = in.getOID();
 203                 algParams = parseAlgParameters(in);
 204 
 205             } catch (IOException ioe) {
 206                 UnrecoverableKeyException uke =
 207                 new UnrecoverableKeyException("Private key not stored as "
 208                                               + "PKCS#8 EncryptedPrivateKeyInfo: " + ioe);
 209                 uke.initCause(ioe);
 210                 throw uke;
 211             }
 212 
 213             // Use JCE to decrypt the data using the supplied password.
 214             SecretKey skey = getPBEKey(password);
 215             Cipher cipher = Cipher.getInstance(algOid.toString());
 216             cipher.init(Cipher.DECRYPT_MODE, skey, algParams);
 217             byte[] decryptedPrivateKey = cipher.doFinal(encryptedKey);
 218             PKCS8EncodedKeySpec kspec = new PKCS8EncodedKeySpec(decryptedPrivateKey);
 219 
 220              // Parse the key algorithm and then use a JCA key factory to create the private key.
 221             DerValue val = new DerValue(decryptedPrivateKey);
 222             DerInputStream in = val.toDerInputStream();
 223 
 224             // Ignore this -- version should be 0.
 225             int i = in.getInteger();
 226 
 227             // Get the Algorithm ID next
 228             DerValue[] value = in.getSequence(2);
 229             if (value.length < 1 || value.length > 2) {
 230                 throw new IOException("Invalid length for AlgorithmIdentifier");
 231             }
 232             AlgorithmId algId = new AlgorithmId(value[0].getOID());
 233             String algName = algId.getName();
 234 
 235             // Get a key factory for this algorithm.  It's likely to be 'RSA'.
 236             KeyFactory kfac = KeyFactory.getInstance(algName);
 237             returnValue = kfac.generatePrivate(kspec);
 238         } catch (Exception e) {
 239             UnrecoverableKeyException uke =
 240             new UnrecoverableKeyException("Get Key failed: " +
 241                                           e.getMessage());
 242             uke.initCause(e);
 243             throw uke;
 244         }
 245 
 246         return returnValue;
 247     }
 248 
 249     private native byte[] _getEncodedKeyData(long secKeyRef, char[] password);
 250 
 251     /**
 252      * Returns the certificate chain associated with the given alias.
 253      *
 254      * @param alias the alias name
 255      *
 256      * @return the certificate chain (ordered with the user's certificate first
 257                                       * and the root certificate authority last), or null if the given alias
 258      * does not exist or does not contain a certificate chain (i.e., the given
 259                                                                * alias identifies either a <i>trusted certificate entry</i> or a
 260                                                                * <i>key entry</i> without a certificate chain).
 261      */
 262     public Certificate[] engineGetCertificateChain(String alias) {
 263         permissionCheck();
 264 
 265         Object entry = entries.get(alias.toLowerCase());
 266 
 267         if (entry != null && entry instanceof KeyEntry) {
 268             if (((KeyEntry)entry).chain == null) {
 269                 return null;
 270             } else {
 271                 return ((KeyEntry)entry).chain.clone();
 272             }
 273         } else {
 274             return null;
 275         }
 276     }
 277 
 278     /**
 279      * Returns the certificate associated with the given alias.
 280      *
 281      * <p>If the given alias name identifies a
 282      * <i>trusted certificate entry</i>, the certificate associated with that
 283      * entry is returned. If the given alias name identifies a
 284      * <i>key entry</i>, the first element of the certificate chain of that
 285      * entry is returned, or null if that entry does not have a certificate
 286      * chain.
 287      *
 288      * @param alias the alias name
 289      *
 290      * @return the certificate, or null if the given alias does not exist or
 291      * does not contain a certificate.
 292      */
 293     public Certificate engineGetCertificate(String alias) {
 294         permissionCheck();
 295 
 296         Object entry = entries.get(alias.toLowerCase());
 297 
 298         if (entry != null) {
 299             if (entry instanceof TrustedCertEntry) {
 300                 return ((TrustedCertEntry)entry).cert;
 301             } else {
 302                 KeyEntry ke = (KeyEntry)entry;
 303                 if (ke.chain == null || ke.chain.length == 0) {
 304                     return null;
 305                 }
 306                 return ke.chain[0];
 307             }
 308         } else {
 309             return null;
 310         }
 311     }
 312 
 313     /**
 314         * Returns the creation date of the entry identified by the given alias.
 315      *
 316      * @param alias the alias name
 317      *
 318      * @return the creation date of this entry, or null if the given alias does
 319      * not exist
 320      */
 321     public Date engineGetCreationDate(String alias) {
 322         permissionCheck();
 323 
 324         Object entry = entries.get(alias.toLowerCase());
 325 
 326         if (entry != null) {
 327             if (entry instanceof TrustedCertEntry) {
 328                 return new Date(((TrustedCertEntry)entry).date.getTime());
 329             } else {
 330                 return new Date(((KeyEntry)entry).date.getTime());
 331             }
 332         } else {
 333             return null;
 334         }
 335     }
 336 
 337     /**
 338         * Assigns the given key to the given alias, protecting it with the given
 339      * password.
 340      *
 341      * <p>If the given key is of type <code>java.security.PrivateKey</code>,
 342      * it must be accompanied by a certificate chain certifying the
 343      * corresponding public key.
 344      *
 345      * <p>If the given alias already exists, the keystore information
 346      * associated with it is overridden by the given key (and possibly
 347                                                           * certificate chain).
 348      *
 349      * @param alias the alias name
 350      * @param key the key to be associated with the alias
 351      * @param password the password to protect the key
 352      * @param chain the certificate chain for the corresponding public
 353      * key (only required if the given key is of type
 354             * <code>java.security.PrivateKey</code>).
 355      *
 356      * @exception KeyStoreException if the given key cannot be protected, or
 357      * this operation fails for some other reason
 358      */
 359     public void engineSetKeyEntry(String alias, Key key, char[] password,
 360                                   Certificate[] chain)
 361         throws KeyStoreException
 362     {
 363         permissionCheck();
 364 
 365         synchronized(entries) {
 366             try {
 367                 KeyEntry entry = new KeyEntry();
 368                 entry.date = new Date();
 369 
 370                 if (key instanceof PrivateKey) {
 371                     if ((key.getFormat().equals("PKCS#8")) ||
 372                         (key.getFormat().equals("PKCS8"))) {
 373                         entry.protectedPrivKey = encryptPrivateKey(key.getEncoded(), password);
 374                         entry.password = password.clone();
 375                     } else {
 376                         throw new KeyStoreException("Private key is not encoded as PKCS#8");
 377                     }
 378                 } else {
 379                     throw new KeyStoreException("Key is not a PrivateKey");
 380                 }
 381 
 382                 // clone the chain
 383                 if (chain != null) {
 384                     if ((chain.length > 1) && !validateChain(chain)) {
 385                         throw new KeyStoreException("Certificate chain does not validate");
 386                     }
 387 
 388                     entry.chain = chain.clone();
 389                     entry.chainRefs = new long[entry.chain.length];
 390                 }
 391 
 392                 String lowerAlias = alias.toLowerCase();
 393                 if (entries.get(lowerAlias) != null) {
 394                     deletedEntries.put(lowerAlias, entries.get(lowerAlias));
 395                 }
 396 
 397                 entries.put(lowerAlias, entry);
 398                 addedEntries.put(lowerAlias, entry);
 399             } catch (Exception nsae) {
 400                 KeyStoreException ke = new KeyStoreException("Key protection algorithm not found: " + nsae);
 401                 ke.initCause(nsae);
 402                 throw ke;
 403             }
 404         }
 405     }
 406 
 407     /**
 408         * Assigns the given key (that has already been protected) to the given
 409      * alias.
 410      *
 411      * <p>If the protected key is of type
 412      * <code>java.security.PrivateKey</code>, it must be accompanied by a
 413      * certificate chain certifying the corresponding public key. If the
 414      * underlying keystore implementation is of type <code>jks</code>,
 415      * <code>key</code> must be encoded as an
 416      * <code>EncryptedPrivateKeyInfo</code> as defined in the PKCS #8 standard.
 417      *
 418      * <p>If the given alias already exists, the keystore information
 419      * associated with it is overridden by the given key (and possibly
 420                                                           * certificate chain).
 421      *
 422      * @param alias the alias name
 423      * @param key the key (in protected format) to be associated with the alias
 424      * @param chain the certificate chain for the corresponding public
 425      * key (only useful if the protected key is of type
 426             * <code>java.security.PrivateKey</code>).
 427      *
 428      * @exception KeyStoreException if this operation fails.
 429      */
 430     public void engineSetKeyEntry(String alias, byte[] key,
 431                                   Certificate[] chain)
 432         throws KeyStoreException
 433     {
 434         permissionCheck();
 435 
 436         synchronized(entries) {
 437             // key must be encoded as EncryptedPrivateKeyInfo as defined in
 438             // PKCS#8
 439             KeyEntry entry = new KeyEntry();
 440             try {
 441                 EncryptedPrivateKeyInfo privateKey = new EncryptedPrivateKeyInfo(key);
 442                 entry.protectedPrivKey = privateKey.getEncoded();
 443             } catch (IOException ioe) {
 444                 throw new KeyStoreException("key is not encoded as "
 445                                             + "EncryptedPrivateKeyInfo");
 446             }
 447 
 448             entry.date = new Date();
 449 
 450             if ((chain != null) &&
 451                 (chain.length != 0)) {
 452                 entry.chain = chain.clone();
 453                 entry.chainRefs = new long[entry.chain.length];
 454             }
 455 
 456             String lowerAlias = alias.toLowerCase();
 457             if (entries.get(lowerAlias) != null) {
 458                 deletedEntries.put(lowerAlias, entries.get(alias));
 459             }
 460             entries.put(lowerAlias, entry);
 461             addedEntries.put(lowerAlias, entry);
 462         }
 463     }
 464 
 465     /**
 466         * Assigns the given certificate to the given alias.
 467      *
 468      * <p>If the given alias already exists in this keystore and identifies a
 469      * <i>trusted certificate entry</i>, the certificate associated with it is
 470      * overridden by the given certificate.
 471      *
 472      * @param alias the alias name
 473      * @param cert the certificate
 474      *
 475      * @exception KeyStoreException if the given alias already exists and does
 476      * not identify a <i>trusted certificate entry</i>, or this operation
 477      * fails for some other reason.
 478      */
 479     public void engineSetCertificateEntry(String alias, Certificate cert)
 480         throws KeyStoreException
 481     {
 482         permissionCheck();
 483 
 484         synchronized(entries) {
 485 
 486             Object entry = entries.get(alias.toLowerCase());
 487             if ((entry != null) && (entry instanceof KeyEntry)) {
 488                 throw new KeyStoreException
 489                 ("Cannot overwrite key entry with certificate");
 490             }
 491 
 492             // This will be slow, but necessary.  Enumerate the values and then see if the cert matches the one in the trusted cert entry.
 493             // Security framework doesn't support the same certificate twice in a keychain.
 494             Collection<Object> allValues = entries.values();
 495 
 496             for (Object value : allValues) {
 497                 if (value instanceof TrustedCertEntry) {
 498                     TrustedCertEntry tce = (TrustedCertEntry)value;
 499                     if (tce.cert.equals(cert)) {
 500                         throw new KeyStoreException("Keychain does not support mulitple copies of same certificate.");
 501                     }
 502                 }
 503             }
 504 
 505             TrustedCertEntry trustedCertEntry = new TrustedCertEntry();
 506             trustedCertEntry.cert = cert;
 507             trustedCertEntry.date = new Date();
 508             String lowerAlias = alias.toLowerCase();
 509             if (entries.get(lowerAlias) != null) {
 510                 deletedEntries.put(lowerAlias, entries.get(lowerAlias));
 511             }
 512             entries.put(lowerAlias, trustedCertEntry);
 513             addedEntries.put(lowerAlias, trustedCertEntry);
 514         }
 515     }
 516 
 517     /**
 518         * Deletes the entry identified by the given alias from this keystore.
 519      *
 520      * @param alias the alias name
 521      *
 522      * @exception KeyStoreException if the entry cannot be removed.
 523      */
 524     public void engineDeleteEntry(String alias)
 525         throws KeyStoreException
 526     {
 527         permissionCheck();
 528 
 529         synchronized(entries) {
 530             Object entry = entries.remove(alias.toLowerCase());
 531             deletedEntries.put(alias.toLowerCase(), entry);
 532         }
 533     }
 534 
 535     /**
 536         * Lists all the alias names of this keystore.
 537      *
 538      * @return enumeration of the alias names
 539      */
 540     public Enumeration<String> engineAliases() {
 541         permissionCheck();
 542         return entries.keys();
 543     }
 544 
 545     /**
 546         * Checks if the given alias exists in this keystore.
 547      *
 548      * @param alias the alias name
 549      *
 550      * @return true if the alias exists, false otherwise
 551      */
 552     public boolean engineContainsAlias(String alias) {
 553         permissionCheck();
 554         return entries.containsKey(alias.toLowerCase());
 555     }
 556 
 557     /**
 558         * Retrieves the number of entries in this keystore.
 559      *
 560      * @return the number of entries in this keystore
 561      */
 562     public int engineSize() {
 563         permissionCheck();
 564         return entries.size();
 565     }
 566 
 567     /**
 568         * Returns true if the entry identified by the given alias is a
 569      * <i>key entry</i>, and false otherwise.
 570      *
 571      * @return true if the entry identified by the given alias is a
 572      * <i>key entry</i>, false otherwise.
 573      */
 574     public boolean engineIsKeyEntry(String alias) {
 575         permissionCheck();
 576         Object entry = entries.get(alias.toLowerCase());
 577         if ((entry != null) && (entry instanceof KeyEntry)) {
 578             return true;
 579         } else {
 580             return false;
 581         }
 582     }
 583 
 584     /**
 585         * Returns true if the entry identified by the given alias is a
 586      * <i>trusted certificate entry</i>, and false otherwise.
 587      *
 588      * @return true if the entry identified by the given alias is a
 589      * <i>trusted certificate entry</i>, false otherwise.
 590      */
 591     public boolean engineIsCertificateEntry(String alias) {
 592         permissionCheck();
 593         Object entry = entries.get(alias.toLowerCase());
 594         if ((entry != null) && (entry instanceof TrustedCertEntry)) {
 595             return true;
 596         } else {
 597             return false;
 598         }
 599     }
 600 
 601     /**
 602         * Returns the (alias) name of the first keystore entry whose certificate
 603      * matches the given certificate.
 604      *
 605      * <p>This method attempts to match the given certificate with each
 606      * keystore entry. If the entry being considered
 607      * is a <i>trusted certificate entry</i>, the given certificate is
 608      * compared to that entry's certificate. If the entry being considered is
 609      * a <i>key entry</i>, the given certificate is compared to the first
 610      * element of that entry's certificate chain (if a chain exists).
 611      *
 612      * @param cert the certificate to match with.
 613      *
 614      * @return the (alias) name of the first entry with matching certificate,
 615      * or null if no such entry exists in this keystore.
 616      */
 617     public String engineGetCertificateAlias(Certificate cert) {
 618         permissionCheck();
 619         Certificate certElem;
 620 
 621         for (Enumeration<String> e = entries.keys(); e.hasMoreElements(); ) {
 622             String alias = e.nextElement();
 623             Object entry = entries.get(alias);
 624             if (entry instanceof TrustedCertEntry) {
 625                 certElem = ((TrustedCertEntry)entry).cert;
 626             } else {
 627                 KeyEntry ke = (KeyEntry)entry;
 628                 if (ke.chain == null || ke.chain.length == 0) {
 629                     continue;
 630                 }
 631                 certElem = ke.chain[0];
 632             }
 633             if (certElem.equals(cert)) {
 634                 return alias;
 635             }
 636         }
 637         return null;
 638     }
 639 
 640     /**
 641         * Stores this keystore to the given output stream, and protects its
 642      * integrity with the given password.
 643      *
 644      * @param stream Ignored. the output stream to which this keystore is written.
 645      * @param password the password to generate the keystore integrity check
 646      *
 647      * @exception IOException if there was an I/O problem with data
 648      * @exception NoSuchAlgorithmException if the appropriate data integrity
 649      * algorithm could not be found
 650      * @exception CertificateException if any of the certificates included in
 651      * the keystore data could not be stored
 652      */
 653     public void engineStore(OutputStream stream, char[] password)
 654         throws IOException, NoSuchAlgorithmException, CertificateException
 655     {
 656         permissionCheck();
 657 
 658         // Delete items that do have a keychain item ref.
 659         for (Enumeration<String> e = deletedEntries.keys(); e.hasMoreElements(); ) {
 660             String alias = e.nextElement();
 661             Object entry = deletedEntries.get(alias);
 662             if (entry instanceof TrustedCertEntry) {
 663                 if (((TrustedCertEntry)entry).certRef != 0) {
 664                     _removeItemFromKeychain(((TrustedCertEntry)entry).certRef);
 665                     _releaseKeychainItemRef(((TrustedCertEntry)entry).certRef);
 666                 }
 667             } else {
 668                 Certificate certElem;
 669                 KeyEntry keyEntry = (KeyEntry)entry;
 670 
 671                 if (keyEntry.chain != null) {
 672                     for (int i = 0; i < keyEntry.chain.length; i++) {
 673                         if (keyEntry.chainRefs[i] != 0) {
 674                             _removeItemFromKeychain(keyEntry.chainRefs[i]);
 675                             _releaseKeychainItemRef(keyEntry.chainRefs[i]);
 676                         }
 677                     }
 678 
 679                     if (keyEntry.keyRef != 0) {
 680                         _removeItemFromKeychain(keyEntry.keyRef);
 681                         _releaseKeychainItemRef(keyEntry.keyRef);
 682                     }
 683                 }
 684             }
 685         }
 686 
 687         // Add all of the certs or keys in the added entries.
 688         // No need to check for 0 refs, as they are in the added list.
 689         for (Enumeration<String> e = addedEntries.keys(); e.hasMoreElements(); ) {
 690             String alias = e.nextElement();
 691             Object entry = addedEntries.get(alias);
 692             if (entry instanceof TrustedCertEntry) {
 693                 TrustedCertEntry tce = (TrustedCertEntry)entry;
 694                 Certificate certElem;
 695                 certElem = tce.cert;
 696                 tce.certRef = addCertificateToKeychain(alias, certElem);
 697             } else {
 698                 KeyEntry keyEntry = (KeyEntry)entry;
 699 
 700                 if (keyEntry.chain != null) {
 701                     for (int i = 0; i < keyEntry.chain.length; i++) {
 702                         keyEntry.chainRefs[i] = addCertificateToKeychain(alias, keyEntry.chain[i]);
 703                     }
 704 
 705                     keyEntry.keyRef = _addItemToKeychain(alias, false, keyEntry.protectedPrivKey, keyEntry.password);
 706                 }
 707             }
 708         }
 709 
 710         // Clear the added and deletedEntries hashtables here, now that we're done with the updates.
 711         // For the deleted entries, we freed up the native references above.
 712         deletedEntries.clear();
 713         addedEntries.clear();
 714     }
 715 
 716     private long addCertificateToKeychain(String alias, Certificate cert) {
 717         byte[] certblob = null;
 718         long returnValue = 0;
 719 
 720         try {
 721             certblob = cert.getEncoded();
 722             returnValue = _addItemToKeychain(alias, true, certblob, null);
 723         } catch (Exception e) {
 724             e.printStackTrace();
 725         }
 726 
 727         return returnValue;
 728     }
 729 
 730     private native long _addItemToKeychain(String alias, boolean isCertificate, byte[] datablob, char[] password);
 731     private native int _removeItemFromKeychain(long certRef);
 732     private native void _releaseKeychainItemRef(long keychainItemRef);
 733 
 734     /**
 735       * Loads the keystore from the Keychain.
 736      *
 737      * @param stream Ignored - here for API compatibility.
 738      * @param password Ignored - if user needs to unlock keychain Security
 739      * framework will post any dialogs.
 740      *
 741      * @exception IOException if there is an I/O or format problem with the
 742      * keystore data
 743      * @exception NoSuchAlgorithmException if the algorithm used to check
 744      * the integrity of the keystore cannot be found
 745      * @exception CertificateException if any of the certificates in the
 746      * keystore could not be loaded
 747      */
 748     public void engineLoad(InputStream stream, char[] password)
 749         throws IOException, NoSuchAlgorithmException, CertificateException
 750     {
 751         permissionCheck();
 752 
 753         // Release any stray keychain references before clearing out the entries.
 754         synchronized(entries) {
 755             for (Enumeration<String> e = entries.keys(); e.hasMoreElements(); ) {
 756                 String alias = e.nextElement();
 757                 Object entry = entries.get(alias);
 758                 if (entry instanceof TrustedCertEntry) {
 759                     if (((TrustedCertEntry)entry).certRef != 0) {
 760                         _releaseKeychainItemRef(((TrustedCertEntry)entry).certRef);
 761                     }
 762                 } else {
 763                     KeyEntry keyEntry = (KeyEntry)entry;
 764 
 765                     if (keyEntry.chain != null) {
 766                         for (int i = 0; i < keyEntry.chain.length; i++) {
 767                             if (keyEntry.chainRefs[i] != 0) {
 768                                 _releaseKeychainItemRef(keyEntry.chainRefs[i]);
 769                             }
 770                         }
 771 
 772                         if (keyEntry.keyRef != 0) {
 773                             _releaseKeychainItemRef(keyEntry.keyRef);
 774                         }
 775                     }
 776                 }
 777             }
 778 
 779             entries.clear();
 780             _scanKeychain();
 781             if (debug != null) {
 782                 debug.println("KeychainStore load entry count: " +
 783                         entries.size());
 784             }
 785         }
 786     }
 787 
 788     private native void _scanKeychain();
 789 
 790     /**
 791      * Callback method from _scanKeychain.  If a trusted certificate is found, this method will be called.
 792      */
 793     private void createTrustedCertEntry(String alias, long keychainItemRef, long creationDate, byte[] derStream) {
 794         TrustedCertEntry tce = new TrustedCertEntry();
 795 
 796         try {
 797             CertificateFactory cf = CertificateFactory.getInstance("X.509");
 798             InputStream input = new ByteArrayInputStream(derStream);
 799             X509Certificate cert = (X509Certificate) cf.generateCertificate(input);
 800             input.close();
 801             tce.cert = cert;
 802             tce.certRef = keychainItemRef;
 803 
 804             // Make a creation date.
 805             if (creationDate != 0)
 806                 tce.date = new Date(creationDate);
 807             else
 808                 tce.date = new Date();
 809 
 810             int uniqueVal = 1;
 811             String originalAlias = alias;
 812 
 813             while (entries.containsKey(alias.toLowerCase())) {
 814                 alias = originalAlias + " " + uniqueVal;
 815                 uniqueVal++;
 816             }
 817 
 818             entries.put(alias.toLowerCase(), tce);
 819         } catch (Exception e) {
 820             // The certificate will be skipped.
 821             System.err.println("KeychainStore Ignored Exception: " + e);
 822         }
 823     }
 824 
 825     /**
 826      * Callback method from _scanKeychain.  If an identity is found, this method will be called to create Java certificate
 827      * and private key objects from the keychain data.
 828      */
 829     private void createKeyEntry(String alias, long creationDate, long secKeyRef, long[] secCertificateRefs, byte[][] rawCertData)
 830         throws IOException, NoSuchAlgorithmException, UnrecoverableKeyException {
 831         KeyEntry ke = new KeyEntry();
 832 
 833         // First, store off the private key information.  This is the easy part.
 834         ke.protectedPrivKey = null;
 835         ke.keyRef = secKeyRef;
 836 
 837         // Make a creation date.
 838         if (creationDate != 0)
 839             ke.date = new Date(creationDate);
 840         else
 841             ke.date = new Date();
 842 
 843         // Next, create X.509 Certificate objects from the raw data.  This is complicated
 844         // because a certificate's public key may be too long for Java's default encryption strength.
 845         List<CertKeychainItemPair> createdCerts = new ArrayList<>();
 846 
 847         try {
 848             CertificateFactory cf = CertificateFactory.getInstance("X.509");
 849 
 850             for (int i = 0; i < rawCertData.length; i++) {
 851                 try {
 852                     InputStream input = new ByteArrayInputStream(rawCertData[i]);
 853                     X509Certificate cert = (X509Certificate) cf.generateCertificate(input);
 854                     input.close();
 855 
 856                     // We successfully created the certificate, so track it and its corresponding SecCertificateRef.
 857                     createdCerts.add(new CertKeychainItemPair(secCertificateRefs[i], cert));
 858                 } catch (CertificateException e) {
 859                     // The certificate will be skipped.
 860                     System.err.println("KeychainStore Ignored Exception: " + e);
 861                 }
 862             }
 863         } catch (CertificateException e) {
 864             e.printStackTrace();
 865         } catch (IOException ioe) {
 866             ioe.printStackTrace();  // How would this happen?
 867         }
 868 
 869         // We have our certificates in the List, so now extract them into an array of
 870         // Certificates and SecCertificateRefs.
 871         CertKeychainItemPair[] objArray = createdCerts.toArray(new CertKeychainItemPair[0]);
 872         Certificate[] certArray = new Certificate[objArray.length];
 873         long[] certRefArray = new long[objArray.length];
 874 
 875         for (int i = 0; i < objArray.length; i++) {
 876             CertKeychainItemPair addedItem = objArray[i];
 877             certArray[i] = addedItem.mCert;
 878             certRefArray[i] = addedItem.mCertificateRef;
 879         }
 880 
 881         ke.chain = certArray;
 882         ke.chainRefs = certRefArray;
 883 
 884         // If we don't have already have an item with this item's alias
 885         // create a new one for it.
 886         int uniqueVal = 1;
 887         String originalAlias = alias;
 888 
 889         while (entries.containsKey(alias.toLowerCase())) {
 890             alias = originalAlias + " " + uniqueVal;
 891             uniqueVal++;
 892         }
 893 
 894         entries.put(alias.toLowerCase(), ke);
 895     }
 896 
 897     private class CertKeychainItemPair {
 898         long mCertificateRef;
 899         Certificate mCert;
 900 
 901         CertKeychainItemPair(long inCertRef, Certificate cert) {
 902             mCertificateRef = inCertRef;
 903             mCert = cert;
 904         }
 905     }
 906 
 907     /*
 908      * Validate Certificate Chain
 909      */
 910     private boolean validateChain(Certificate[] certChain)
 911     {
 912         for (int i = 0; i < certChain.length-1; i++) {
 913             X500Principal issuerDN =
 914             ((X509Certificate)certChain[i]).getIssuerX500Principal();
 915             X500Principal subjectDN =
 916                 ((X509Certificate)certChain[i+1]).getSubjectX500Principal();
 917             if (!(issuerDN.equals(subjectDN)))
 918                 return false;
 919         }
 920         return true;
 921     }
 922 
 923     private byte[] fetchPrivateKeyFromBag(byte[] privateKeyInfo) throws IOException, NoSuchAlgorithmException, CertificateException
 924     {
 925         byte[] returnValue = null;
 926         DerValue val = new DerValue(new ByteArrayInputStream(privateKeyInfo));
 927         DerInputStream s = val.toDerInputStream();
 928         int version = s.getInteger();
 929 
 930         if (version != 3) {
 931             throw new IOException("PKCS12 keystore not in version 3 format");
 932         }
 933 
 934         /*
 935             * Read the authSafe.
 936          */
 937         byte[] authSafeData;
 938         ContentInfo authSafe = new ContentInfo(s);
 939         ObjectIdentifier contentType = authSafe.getContentType();
 940 
 941         if (contentType.equals(ContentInfo.DATA_OID)) {
 942             authSafeData = authSafe.getData();
 943         } else /* signed data */ {
 944             throw new IOException("public key protected PKCS12 not supported");
 945         }
 946 
 947         DerInputStream as = new DerInputStream(authSafeData);
 948         DerValue[] safeContentsArray = as.getSequence(2);
 949         int count = safeContentsArray.length;
 950 
 951         /*
 952          * Spin over the ContentInfos.
 953          */
 954         for (int i = 0; i < count; i++) {
 955             byte[] safeContentsData;
 956             ContentInfo safeContents;
 957             DerInputStream sci;
 958             byte[] eAlgId = null;
 959 
 960             sci = new DerInputStream(safeContentsArray[i].toByteArray());
 961             safeContents = new ContentInfo(sci);
 962             contentType = safeContents.getContentType();
 963             safeContentsData = null;
 964 
 965             if (contentType.equals(ContentInfo.DATA_OID)) {
 966                 safeContentsData = safeContents.getData();
 967             } else if (contentType.equals(ContentInfo.ENCRYPTED_DATA_OID)) {
 968                 // The password was used to export the private key from the keychain.
 969                 // The Keychain won't export the key with encrypted data, so we don't need
 970                 // to worry about it.
 971                 continue;
 972             } else {
 973                 throw new IOException("public key protected PKCS12" +
 974                                       " not supported");
 975             }
 976             DerInputStream sc = new DerInputStream(safeContentsData);
 977             returnValue = extractKeyData(sc);
 978         }
 979 
 980         return returnValue;
 981     }
 982 
 983     private byte[] extractKeyData(DerInputStream stream)
 984         throws IOException, NoSuchAlgorithmException, CertificateException
 985     {
 986         byte[] returnValue = null;
 987         DerValue[] safeBags = stream.getSequence(2);
 988         int count = safeBags.length;
 989 
 990         /*
 991          * Spin over the SafeBags.
 992          */
 993         for (int i = 0; i < count; i++) {
 994             ObjectIdentifier bagId;
 995             DerInputStream sbi;
 996             DerValue bagValue;
 997             Object bagItem = null;
 998 
 999             sbi = safeBags[i].toDerInputStream();
1000             bagId = sbi.getOID();
1001             bagValue = sbi.getDerValue();
1002             if (!bagValue.isContextSpecific((byte)0)) {
1003                 throw new IOException("unsupported PKCS12 bag value type "
1004                                       + bagValue.tag);
1005             }
1006             bagValue = bagValue.data.getDerValue();
1007             if (bagId.equals(PKCS8ShroudedKeyBag_OID)) {
1008                 // got what we were looking for.  Return it.
1009                 returnValue = bagValue.toByteArray();
1010             } else {
1011                 // log error message for "unsupported PKCS12 bag type"
1012                 System.out.println("Unsupported bag type '" + bagId + "'");
1013             }
1014         }
1015 
1016         return returnValue;
1017     }
1018 
1019     /*
1020         * Generate PBE Algorithm Parameters
1021      */
1022     private AlgorithmParameters getAlgorithmParameters(String algorithm)
1023         throws IOException
1024     {
1025         AlgorithmParameters algParams = null;
1026 
1027         // create PBE parameters from salt and iteration count
1028         PBEParameterSpec paramSpec =
1029             new PBEParameterSpec(getSalt(), iterationCount);
1030         try {
1031             algParams = AlgorithmParameters.getInstance(algorithm);
1032             algParams.init(paramSpec);
1033         } catch (Exception e) {
1034             IOException ioe =
1035             new IOException("getAlgorithmParameters failed: " +
1036                             e.getMessage());
1037             ioe.initCause(e);
1038             throw ioe;
1039         }
1040         return algParams;
1041     }
1042 
1043     // the source of randomness
1044     private SecureRandom random;
1045 
1046     /*
1047      * Generate random salt
1048      */
1049     private byte[] getSalt()
1050     {
1051         // Generate a random salt.
1052         byte[] salt = new byte[SALT_LEN];
1053         if (random == null) {
1054             random = new SecureRandom();
1055         }
1056         salt = random.generateSeed(SALT_LEN);
1057         return salt;
1058     }
1059 
1060     /*
1061      * parse Algorithm Parameters
1062      */
1063     private AlgorithmParameters parseAlgParameters(DerInputStream in)
1064         throws IOException
1065     {
1066         AlgorithmParameters algParams = null;
1067         try {
1068             DerValue params;
1069             if (in.available() == 0) {
1070                 params = null;
1071             } else {
1072                 params = in.getDerValue();
1073                 if (params.tag == DerValue.tag_Null) {
1074                     params = null;
1075                 }
1076             }
1077             if (params != null) {
1078                 algParams = AlgorithmParameters.getInstance("PBE");
1079                 algParams.init(params.toByteArray());
1080             }
1081         } catch (Exception e) {
1082             IOException ioe =
1083             new IOException("parseAlgParameters failed: " +
1084                             e.getMessage());
1085             ioe.initCause(e);
1086             throw ioe;
1087         }
1088         return algParams;
1089     }
1090 
1091     /*
1092      * Generate PBE key
1093      */
1094     private SecretKey getPBEKey(char[] password) throws IOException
1095     {
1096         SecretKey skey = null;
1097 
1098         try {
1099             PBEKeySpec keySpec = new PBEKeySpec(password);
1100             SecretKeyFactory skFac = SecretKeyFactory.getInstance("PBE");
1101             skey = skFac.generateSecret(keySpec);
1102         } catch (Exception e) {
1103             IOException ioe = new IOException("getSecretKey failed: " +
1104                                               e.getMessage());
1105             ioe.initCause(e);
1106             throw ioe;
1107         }
1108         return skey;
1109     }
1110 
1111     /*
1112      * Encrypt private key using Password-based encryption (PBE)
1113      * as defined in PKCS#5.
1114      *
1115      * NOTE: Currently pbeWithSHAAnd3-KeyTripleDES-CBC algorithmID is
1116      *       used to derive the key and IV.
1117      *
1118      * @return encrypted private key encoded as EncryptedPrivateKeyInfo
1119      */
1120     private byte[] encryptPrivateKey(byte[] data, char[] password)
1121         throws IOException, NoSuchAlgorithmException, UnrecoverableKeyException
1122     {
1123         byte[] key = null;
1124 
1125         try {
1126             // create AlgorithmParameters
1127             AlgorithmParameters algParams =
1128             getAlgorithmParameters("PBEWithSHA1AndDESede");
1129 
1130             // Use JCE
1131             SecretKey skey = getPBEKey(password);
1132             Cipher cipher = Cipher.getInstance("PBEWithSHA1AndDESede");
1133             cipher.init(Cipher.ENCRYPT_MODE, skey, algParams);
1134             byte[] encryptedKey = cipher.doFinal(data);
1135 
1136             // wrap encrypted private key in EncryptedPrivateKeyInfo
1137             // as defined in PKCS#8
1138             AlgorithmId algid =
1139                 new AlgorithmId(pbeWithSHAAnd3KeyTripleDESCBC_OID, algParams);
1140             EncryptedPrivateKeyInfo encrInfo =
1141                 new EncryptedPrivateKeyInfo(algid, encryptedKey);
1142             key = encrInfo.getEncoded();
1143         } catch (Exception e) {
1144             UnrecoverableKeyException uke =
1145             new UnrecoverableKeyException("Encrypt Private Key failed: "
1146                                           + e.getMessage());
1147             uke.initCause(e);
1148             throw uke;
1149         }
1150 
1151         return key;
1152     }
1153 
1154 
1155 }
1156