View Javadoc

1   /*
2    * Copyright 2008 University Corporation for Advanced Internet Development, Inc.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.opensaml.xml.security.x509;
18  
19  import java.security.KeyStore;
20  import java.security.KeyStoreException;
21  import java.security.PrivateKey;
22  import java.security.PublicKey;
23  import java.security.cert.Certificate;
24  import java.security.cert.X509CRL;
25  import java.security.cert.X509Certificate;
26  import java.util.ArrayList;
27  import java.util.Collection;
28  import java.util.Collections;
29  import java.util.List;
30  
31  import org.opensaml.xml.security.credential.BasicCredential;
32  import org.slf4j.Logger;
33  import org.slf4j.LoggerFactory;
34  
35  /** A wrapper that changes a {@link KeyStore} in to a {@link X509Credential}. */
36  public class KeyStoreX509CredentialAdapter extends BasicCredential implements X509Credential {
37  
38      /** Class logger. */
39      private Logger log = LoggerFactory.getLogger(KeyStoreX509CredentialAdapter.class);
40  
41      /** Keystore that contains the credential to be exposed. */
42      private KeyStore keyStore;
43  
44      /** Alias to the credential to be exposed. */
45      private String credentialAlias;
46  
47      /** Password for the key to be exposed. */
48      private char[] keyPassword;
49  
50      /**
51       * Constructor.
52       * 
53       * @param store store containing key to be exposed
54       * @param alias alias to the credential to be exposed
55       * @param password password to the key to be exposed
56       */
57      public KeyStoreX509CredentialAdapter(KeyStore store, String alias, char[] password) {
58          keyStore = store;
59          credentialAlias = alias;
60          keyPassword = password;
61      }
62  
63      /** {@inheritDoc} */
64      public Collection<X509CRL> getCRLs() {
65          return Collections.EMPTY_LIST;
66      }
67  
68      /** {@inheritDoc} */
69      public X509Certificate getEntityCertificate() {
70          try {
71              return (X509Certificate) keyStore.getCertificate(credentialAlias);
72          } catch (KeyStoreException e) {
73              log.error("Error accessing {} certificates in keystore", e);
74              return null;
75          }
76      }
77  
78      /** {@inheritDoc} */
79      public Collection<X509Certificate> getEntityCertificateChain() {
80          List<X509Certificate> certsCollection = Collections.EMPTY_LIST;
81  
82          try {
83              Certificate[] certs = keyStore.getCertificateChain(credentialAlias);
84              if (certs != null) {
85                  certsCollection = new ArrayList<X509Certificate>(certs.length);
86                  for (Certificate cert : certs) {
87                      certsCollection.add((X509Certificate) cert);
88                  }
89              }
90          } catch (KeyStoreException e) {
91              log.error("Error accessing {} certificates in keystore", e);
92          }
93          return certsCollection;
94      }
95  
96      /** {@inheritDoc} */
97      public PrivateKey getPrivateKey() {
98          try {
99              return (PrivateKey) keyStore.getKey(credentialAlias, keyPassword);
100         } catch (Exception e) {
101             log.error("Error accessing {} private key in keystore", e);
102             return null;
103         }
104     }
105 
106     /** {@inheritDoc} */
107     public PublicKey getPublicKey() {
108         return getEntityCertificate().getPublicKey();
109     }
110 }