libjava/classpath/gnu/javax/crypto/jce/keyring/GnuKeyring.java

   1 /* GnuKeyring.java --
   2    Copyright (C) 2003, 2006  Free Software Foundation, Inc.
   3
   4 This file is a part of GNU Classpath.
   5
   6 GNU Classpath is free software; you can redistribute it and/or modify
   7 it under the terms of the GNU General Public License as published by
   8 the Free Software Foundation; either version 2 of the License, or (at
   9 your option) any later version.
  10
  11 GNU Classpath is distributed in the hope that it will be useful, but
  12 WITHOUT ANY WARRANTY; without even the implied warranty of
  13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14 General Public License for more details.
  15
  16 You should have received a copy of the GNU General Public License
  17 along with GNU Classpath; if not, write to the Free Software
  18 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
  19 USA
  20
  21 Linking this library statically or dynamically with other modules is
  22 making a combined work based on this library.  Thus, the terms and
  23 conditions of the GNU General Public License cover the whole
  24 combination.
  25
  26 As a special exception, the copyright holders of this library give you
  27 permission to link this library with independent modules to produce an
  28 executable, regardless of the license terms of these independent
  29 modules, and to copy and distribute the resulting executable under
  30 terms of your choice, provided that you also meet, for each linked
  31 independent module, the terms and conditions of the license of that
  32 module.  An independent module is a module which is not derived from
  33 or based on this library.  If you modify this library, you may extend
  34 this exception to your version of the library, but you are not
  35 obligated to do so.  If you do not wish to do so, delete this
  36 exception statement from your version.  */
  37
  38
  39 package gnu.javax.crypto.jce.keyring;
  40
  41 import java.io.BufferedInputStream;
  42 import java.io.InputStream;
  43 import java.io.IOException;
  44 import java.io.OutputStream;
  45
  46 import java.security.Key;
  47 import java.security.KeyStoreSpi;
  48 import java.security.KeyStoreException;
  49 import java.security.PrivateKey;
  50 import java.security.PublicKey;
  51 import java.security.UnrecoverableKeyException;
  52 import java.security.cert.Certificate;
  53 import java.security.cert.CertificateException;
  54 import java.security.cert.CertificateFactory;
  55
  56 import java.util.Arrays;
  57 import java.util.Date;
  58 import java.util.Enumeration;
  59 import java.util.HashMap;
  60 import java.util.Iterator;
  61 import java.util.List;
  62 import java.util.NoSuchElementException;
  63
  64 import javax.crypto.SecretKey;
  65
  66 import gnu.java.security.Registry;
  67 import gnu.javax.crypto.keyring.IKeyring;
  68 import gnu.javax.crypto.keyring.IPrivateKeyring;
  69 import gnu.javax.crypto.keyring.IPublicKeyring;
  70 import gnu.javax.crypto.keyring.GnuPrivateKeyring;
  71 import gnu.javax.crypto.keyring.GnuPublicKeyring;
  72 import gnu.javax.crypto.keyring.MalformedKeyringException;
  73 import gnu.javax.crypto.keyring.PrimitiveEntry;
  74
  75 public class GnuKeyring extends KeyStoreSpi
  76 {
  77
  78   // Constants and fields.
  79   // ------------------------------------------------------------------------
  80
  81   private boolean loaded;
  82
  83   private IKeyring keyring;
  84
  85   // Constructor.
  86   // ------------------------------------------------------------------------
  87
  88   public GnuKeyring()
  89   {
  90   }
  91
  92   // Instance methods.
  93   // ------------------------------------------------------------------------
  94
  95   public Enumeration engineAliases()
  96   {
  97     if (!loaded)
  98       {
  99         throw new IllegalStateException ("not loaded");
 100       }
 101     if (keyring == null)
 102       {
 103         return new Enumeration()
 104         {
 105           public boolean hasMoreElements()
 106           {
 107             return false;
 108           }
 109
 110           public Object nextElement()
 111           {
 112             throw new NoSuchElementException();
 113           }
 114         };
 115       }
 116     return keyring.aliases();
 117   }
 118
 119   public boolean engineContainsAlias(String alias)
 120   {
 121     if (!loaded)
 122       {
 123         throw new IllegalStateException ("not loaded");
 124       }
 125     if (keyring == null)
 126       {
 127         return false;
 128       }
 129     return keyring.containsAlias(alias);
 130   }
 131
 132   public void engineDeleteEntry(String alias)
 133   {
 134     if (!loaded)
 135       {
 136         throw new IllegalStateException ("not loaded");
 137       }
 138     if (keyring != null)
 139       {
 140         keyring.remove(alias);
 141       }
 142   }
 143
 144   public Certificate engineGetCertificate(String alias)
 145   {
 146     if (!loaded)
 147       {
 148         throw new IllegalStateException ("not loaded");
 149       }
 150     if (keyring == null)
 151       {
 152         return null;
 153       }
 154     if (!(keyring instanceof IPublicKeyring))
 155       {
 156         throw new IllegalStateException("not a public keyring");
 157       }
 158     return ((IPublicKeyring) keyring).getCertificate(alias);
 159   }
 160
 161   public String engineGetCertificateAlias(Certificate cert)
 162   {
 163     if (!loaded)
 164       {
 165         throw new IllegalStateException ("not loaded");
 166       }
 167     if (keyring == null)
 168       {
 169         return null;
 170       }
 171     if (!(keyring instanceof IPublicKeyring))
 172       {
 173         throw new IllegalStateException("not a public keyring");
 174       }
 175     Enumeration aliases = keyring.aliases();
 176     while (aliases.hasMoreElements())
 177       {
 178         String alias = (String) aliases.nextElement();
 179         Certificate cert2 = ((IPublicKeyring) keyring).getCertificate(alias);
 180         if (cert.equals(cert2))
 181           {
 182             return alias;
 183           }
 184       }
 185     return null;
 186   }
 187
 188   public void engineSetCertificateEntry(String alias, Certificate cert)
 189   {
 190     if (!loaded)
 191       {
 192         throw new IllegalStateException ("not loaded");
 193       }
 194     if (keyring == null)
 195       {
 196         keyring = new GnuPublicKeyring("HMAC-SHA-1", 20);
 197       }
 198     if (!(keyring instanceof IPublicKeyring))
 199       {
 200         throw new IllegalStateException("not a public keyring");
 201       }
 202     ((IPublicKeyring) keyring).putCertificate(alias, cert);
 203   }
 204
 205   public Certificate[] engineGetCertificateChain(String alias)
 206   {
 207     if (!loaded)
 208       {
 209         throw new IllegalStateException ("not loaded");
 210       }
 211     if (keyring == null)
 212       {
 213         return null;
 214       }
 215     if (!(keyring instanceof IPrivateKeyring))
 216       {
 217         throw new IllegalStateException("not a private keyring");
 218       }
 219     return ((IPrivateKeyring) keyring).getCertPath(alias);
 220   }
 221
 222   public Date engineGetCreationDate(String alias)
 223   {
 224     if (!loaded)
 225       {
 226         throw new IllegalStateException ("not loaded");
 227       }
 228     if (keyring == null)
 229       {
 230         return null;
 231       }
 232     List entries = keyring.get(alias);
 233     if (entries.size() == 0)
 234       {
 235         return null;
 236       }
 237     for (Iterator it = entries.iterator(); it.hasNext();)
 238       {
 239         Object o = it.next();
 240         if (o instanceof PrimitiveEntry)
 241           {
 242             return ((PrimitiveEntry) o).getCreationDate();
 243           }
 244       }
 245     return null;
 246   }
 247
 248   public Key engineGetKey(String alias, char[] password)
 249       throws UnrecoverableKeyException
 250   {
 251     if (!loaded)
 252       {
 253         throw new IllegalStateException ("not loaded");
 254       }
 255     if (keyring == null)
 256       {
 257         return null;
 258       }
 259     if (!(keyring instanceof IPrivateKeyring))
 260       {
 261         throw new IllegalStateException("not a private keyring");
 262       }
 263     if (password == null)
 264       {
 265         if (((IPrivateKeyring) keyring).containsPublicKey(alias))
 266           {
 267             return ((IPrivateKeyring) keyring).getPublicKey(alias);
 268           }
 269       }
 270     if (((IPrivateKeyring) keyring).containsPrivateKey(alias))
 271       {
 272         return ((IPrivateKeyring) keyring).getPrivateKey(alias, password);
 273       }
 274     return null;
 275   }
 276
 277   public void engineSetKeyEntry(String alias, Key key, char[] password,
 278                                 Certificate[] chain) throws KeyStoreException
 279   {
 280     if (!loaded)
 281       {
 282         throw new IllegalStateException ("not loaded");
 283       }
 284     if (keyring == null)
 285       {
 286         keyring = new GnuPrivateKeyring("HMAC-SHA-1", 20, "AES", "OFB", 16);
 287       }
 288     if (!(keyring instanceof IPrivateKeyring))
 289       {
 290         throw new IllegalStateException("not a private keyring");
 291       }
 292     if (key instanceof PublicKey)
 293       {
 294         ((IPrivateKeyring) keyring).putPublicKey(alias, (PublicKey) key);
 295         return;
 296       }
 297     if (!(key instanceof PrivateKey) && !(key instanceof SecretKey))
 298       {
 299         throw new KeyStoreException("cannot store keys of type "
 300                                     + key.getClass().getName());
 301       }
 302     try
 303       {
 304         CertificateFactory fact = CertificateFactory.getInstance("X.509");
 305         ((IPrivateKeyring) keyring).putCertPath(alias, chain);
 306       }
 307     catch (CertificateException ce)
 308       {
 309         throw new KeyStoreException(ce.toString());
 310       }
 311     ((IPrivateKeyring) keyring).putPrivateKey(alias, key, password);
 312   }
 313
 314   public void engineSetKeyEntry(String alias, byte[] key, Certificate[] chain)
 315       throws KeyStoreException
 316   {
 317     throw new KeyStoreException("method not supported");
 318   }
 319
 320   public boolean engineIsCertificateEntry(String alias)
 321   {
 322     if (!loaded)
 323       {
 324         throw new IllegalStateException ("not loaded");
 325       }
 326     if (keyring == null)
 327       {
 328         return false;
 329       }
 330     if (!(keyring instanceof IPublicKeyring))
 331       {
 332         return false;
 333       }
 334     return ((IPublicKeyring) keyring).containsCertificate(alias);
 335   }
 336
 337   public boolean engineIsKeyEntry(String alias)
 338   {
 339     if (!loaded)
 340       {
 341         throw new IllegalStateException ("not loaded");
 342       }
 343     if (keyring == null)
 344       {
 345         return false;
 346       }
 347     if (!(keyring instanceof IPrivateKeyring))
 348       {
 349         return false;
 350       }
 351     return ((IPrivateKeyring) keyring).containsPublicKey(alias)
 352            || ((IPrivateKeyring) keyring).containsPrivateKey(alias);
 353   }
 354
 355   public void engineLoad(InputStream in, char[] password) throws IOException
 356   {
 357     if (in != null)
 358       {
 359         if (!in.markSupported())
 360           {
 361             in = new BufferedInputStream(in);
 362           }
 363         in.mark(5);
 364         for (int i = 0; i < 4; i++)
 365           if (in.read() != Registry.GKR_MAGIC[i])
 366             throw new MalformedKeyringException("incorrect magic");
 367         int usage = in.read();
 368         in.reset();
 369         HashMap attr = new HashMap();
 370         attr.put(IKeyring.KEYRING_DATA_IN, in);
 371         attr.put(IKeyring.KEYRING_PASSWORD, password);
 372         switch (usage)
 373           {
 374           case GnuPublicKeyring.USAGE:
 375             keyring = new GnuPublicKeyring();
 376             break;
 377           case GnuPrivateKeyring.USAGE:
 378             keyring = new GnuPrivateKeyring();
 379             break;
 380           default:
 381             throw new MalformedKeyringException("unsupported ring usage: "
 382                                                 + Integer.toBinaryString(usage));
 383           }
 384         keyring.load(attr);
 385       }
 386     loaded = true;
 387   }
 388
 389   public void engineStore(OutputStream out, char[] password) throws IOException
 390   {
 391     if (!loaded || keyring == null)
 392       {
 393         throw new IllegalStateException ("not loaded");
 394       }
 395     HashMap attr = new HashMap();
 396     attr.put(IKeyring.KEYRING_DATA_OUT, out);
 397     attr.put(IKeyring.KEYRING_PASSWORD, password);
 398     keyring.store(attr);
 399   }
 400
 401   public int engineSize()
 402   {
 403     if (!loaded)
 404       {
 405         throw new IllegalStateException ("not loaded");
 406       }
 407     if (keyring == null)
 408       {
 409         return 0;
 410       }
 411     return keyring.size();
 412   }
 413 }