Java tutorial
/* * This work was created by participants in the DataONE project, and is * jointly copyrighted by participating institutions in DataONE. For * more information on DataONE, see our web site at http://dataone.org. * * Copyright 2014 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * */ package org.dataone.proto.trove.jsse; import java.net.Socket; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.UnrecoverableKeyException; import java.security.cert.X509Certificate; import java.security.Principal; import java.security.PrivateKey; import java.util.ArrayList; import java.util.Arrays; import java.util.Enumeration; import java.util.List; import javax.net.ssl.X509KeyManager; import javax.net.ssl.KeyManager; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; /** * Must have taken this from d1 libclient? * @author waltz */ public class X509KeyManagerImpl implements X509KeyManager, KeyManager { private static Log log = LogFactory.getLog(KeyManager.class); private KeyStore keyStore; private String alias; private char[] password; private X509KeyManager x509KeyManager; public X509KeyManagerImpl(KeyStore keyStore, char[] password, String alias) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException { this.alias = alias; this.password = password; this.keyStore = keyStore; x509KeyManager = new X509ExtendedKeyManagerImpl(keyStore, password); } public PrivateKey getPrivateKey(String alias) { log.info("getPrivateKey"); try { return (PrivateKey) keyStore.getKey(alias, password); } catch (Exception e) { return null; } } public X509Certificate[] getCertificateChain(String alias) { log.info("getCertificateChain"); try { Enumeration<String> aliases = keyStore.aliases(); String foundAlias = null; while (aliases.hasMoreElements()) { foundAlias = aliases.nextElement(); } if (foundAlias == null) { return null; } log.info("looking for " + alias + " but returning " + foundAlias); java.security.cert.Certificate[] certs = keyStore.getCertificateChain(foundAlias); if (certs == null || certs.length == 0) { return null; } X509Certificate[] x509 = new X509Certificate[certs.length]; for (int i = 0; i < certs.length; i++) { x509[i] = (X509Certificate) certs[i]; } return x509; } catch (Exception e) { return null; } } public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) { log.info("chooseServerAlias"); return x509KeyManager.chooseServerAlias(alias, issuers, socket); } public String[] getClientAliases(String parm1, Principal[] parm2) { log.info("getClientAliases"); return x509KeyManager.getClientAliases(parm1, parm2); } public String chooseClientAlias(String keyTypes[], Principal[] issuers, Socket socket) { try { log.info("chooseClientAlias"); if (keyTypes != null) { for (int i = 0; i < keyTypes.length; i++) { log.info(keyTypes[i]); } } List<Principal> principals = new ArrayList<Principal>(); Enumeration<String> aliases = keyStore.aliases(); List issuersList = new ArrayList(); principals.addAll(Arrays.asList(issuers)); Principal[] newIssuers = principals.toArray(new Principal[principals.size()]); log.info(x509KeyManager.getClass().toString()); return x509KeyManager.chooseClientAlias(keyTypes, newIssuers, socket); } catch (KeyStoreException ex) { log.error(ex); return null; } } public String[] getServerAliases(String parm1, Principal[] parm2) { log.info("getServerAliases"); return x509KeyManager.getServerAliases(parm1, parm2); } public String chooseServerAlias(String parm1, Principal[] parm2) { return x509KeyManager.chooseServerAlias(parm1, parm2, null); } }