001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017:
018: package java.security;
019:
020: import java.io.IOException;
021: import java.io.InputStream;
022: import java.io.OutputStream;
023: import java.security.cert.Certificate;
024: import java.security.cert.CertificateException;
025: import java.util.Date;
026: import java.util.Enumeration;
027: import javax.crypto.SecretKey;
028: import javax.security.auth.callback.CallbackHandler;
029: import javax.security.auth.callback.PasswordCallback;
030:
031: import org.apache.harmony.security.internal.nls.Messages;
032:
033: public abstract class KeyStoreSpi {
034:
035: public abstract Key engineGetKey(String alias, char[] password)
036: throws NoSuchAlgorithmException, UnrecoverableKeyException;
037:
038: public abstract Certificate[] engineGetCertificateChain(String alias);
039:
040: public abstract Certificate engineGetCertificate(String alias);
041:
042: public abstract Date engineGetCreationDate(String alias);
043:
044: public abstract void engineSetKeyEntry(String alias, Key key,
045: char[] password, Certificate[] chain)
046: throws KeyStoreException;
047:
048: public abstract void engineSetKeyEntry(String alias, byte[] key,
049: Certificate[] chain) throws KeyStoreException;
050:
051: public abstract void engineSetCertificateEntry(String alias,
052: Certificate cert) throws KeyStoreException;
053:
054: public abstract void engineDeleteEntry(String alias)
055: throws KeyStoreException;
056:
057: public abstract Enumeration<String> engineAliases();
058:
059: public abstract boolean engineContainsAlias(String alias);
060:
061: public abstract int engineSize();
062:
063: public abstract boolean engineIsKeyEntry(String alias);
064:
065: public abstract boolean engineIsCertificateEntry(String alias);
066:
067: public abstract String engineGetCertificateAlias(Certificate cert);
068:
069: public abstract void engineStore(OutputStream stream,
070: char[] password) throws IOException,
071: NoSuchAlgorithmException, CertificateException;
072:
073: public void engineStore(KeyStore.LoadStoreParameter param)
074: throws IOException, NoSuchAlgorithmException,
075: CertificateException {
076: throw new UnsupportedOperationException(Messages
077: .getString("security.33")); //$NON-NLS-1$
078: }
079:
080: public abstract void engineLoad(InputStream stream, char[] password)
081: throws IOException, NoSuchAlgorithmException,
082: CertificateException;
083:
084: public void engineLoad(KeyStore.LoadStoreParameter param)
085: throws IOException, NoSuchAlgorithmException,
086: CertificateException {
087: if (param == null) {
088: engineLoad(null, null);
089: return;
090: }
091: char[] pwd;
092: KeyStore.ProtectionParameter pp = param
093: .getProtectionParameter();
094: if (pp instanceof KeyStore.PasswordProtection) {
095: try {
096: pwd = ((KeyStore.PasswordProtection) pp).getPassword();
097: engineLoad(null, pwd);
098: return;
099: } catch (IllegalStateException e) {
100: throw new IllegalArgumentException(e);
101: }
102: }
103: if (pp instanceof KeyStore.CallbackHandlerProtection) {
104: try {
105: pwd = getPasswordFromCallBack(pp);
106: engineLoad(null, pwd);
107: return;
108: } catch (UnrecoverableEntryException e) {
109: throw new IllegalArgumentException(e);
110: }
111: }
112: throw new UnsupportedOperationException(Messages
113: .getString("security.35")); //$NON-NLS-1$
114: }
115:
116: public KeyStore.Entry engineGetEntry(String alias,
117: KeyStore.ProtectionParameter protParam)
118: throws KeyStoreException, NoSuchAlgorithmException,
119: UnrecoverableEntryException {
120: if (!engineContainsAlias(alias)) {
121: return null;
122: }
123: if (engineIsCertificateEntry(alias)) {
124: return new KeyStore.TrustedCertificateEntry(
125: engineGetCertificate(alias));
126: }
127: char[] passW = null;
128: if (protParam != null) {
129: if (protParam instanceof KeyStore.PasswordProtection) {
130: try {
131: passW = ((KeyStore.PasswordProtection) protParam)
132: .getPassword();
133: } catch (IllegalStateException ee) {
134: throw new KeyStoreException(Messages
135: .getString("security.36"), ee); //$NON-NLS-1$
136: }
137: } else if (protParam instanceof KeyStore.CallbackHandlerProtection) {
138: passW = getPasswordFromCallBack(protParam);
139: } else {
140: throw new UnrecoverableEntryException(Messages
141: .getString("security.37", //$NON-NLS-1$
142: protParam.toString()));
143: }
144: }
145: if (engineIsKeyEntry(alias)) {
146: try {
147: Key key = engineGetKey(alias, passW);
148: if (key instanceof PrivateKey) {
149: return new KeyStore.PrivateKeyEntry(
150: (PrivateKey) key,
151: engineGetCertificateChain(alias));
152: }
153: if (key instanceof SecretKey) {
154: return new KeyStore.SecretKeyEntry((SecretKey) key);
155: }
156: } catch (UnrecoverableKeyException e) {
157: throw new KeyStoreException(e);
158: }
159: }
160: throw new NoSuchAlgorithmException(Messages
161: .getString("security.38")); //$NON-NLS-1$
162: }
163:
164: public void engineSetEntry(String alias, KeyStore.Entry entry,
165: KeyStore.ProtectionParameter protParam)
166: throws KeyStoreException {
167: if (entry == null) {
168: throw new KeyStoreException(Messages
169: .getString("security.39")); //$NON-NLS-1$
170: }
171:
172: if (engineContainsAlias(alias)) {
173: engineDeleteEntry(alias);
174: }
175:
176: if (entry instanceof KeyStore.TrustedCertificateEntry) {
177: KeyStore.TrustedCertificateEntry trE = (KeyStore.TrustedCertificateEntry) entry;
178: engineSetCertificateEntry(alias, trE
179: .getTrustedCertificate());
180: return;
181: }
182:
183: char[] passW = null;
184: if (protParam instanceof KeyStore.PasswordProtection) {
185: try {
186: passW = ((KeyStore.PasswordProtection) protParam)
187: .getPassword();
188: } catch (IllegalStateException ee) {
189: throw new KeyStoreException(Messages
190: .getString("security.36"), ee); //$NON-NLS-1$
191: }
192: } else {
193: if (protParam instanceof KeyStore.CallbackHandlerProtection) {
194: try {
195: passW = getPasswordFromCallBack(protParam);
196: } catch (Exception e) {
197: throw new KeyStoreException(e);
198: }
199: } else {
200: throw new KeyStoreException(Messages
201: .getString("security.3A")); //$NON-NLS-1$
202: }
203: }
204:
205: if (entry instanceof KeyStore.PrivateKeyEntry) {
206: KeyStore.PrivateKeyEntry prE = (KeyStore.PrivateKeyEntry) entry;
207: engineSetKeyEntry(alias, prE.getPrivateKey(), passW, prE
208: .getCertificateChain());
209: return;
210: }
211:
212: if (entry instanceof KeyStore.SecretKeyEntry) {
213: KeyStore.SecretKeyEntry skE = (KeyStore.SecretKeyEntry) entry;
214: engineSetKeyEntry(alias, skE.getSecretKey(), passW, null);
215: // engineSetKeyEntry(alias, skE.getSecretKey().getEncoded(), null);
216: return;
217: }
218:
219: throw new KeyStoreException(Messages.getString(
220: "security.3B", entry.toString())); //$NON-NLS-1$
221: }
222:
223: public boolean engineEntryInstanceOf(String alias,
224: Class<? extends KeyStore.Entry> entryClass) {
225: if (!engineContainsAlias(alias)) {
226: return false;
227: }
228:
229: try {
230: if (engineIsCertificateEntry(alias)) {
231: return entryClass
232: .isAssignableFrom(Class
233: .forName("java.security.KeyStore$TrustedCertificateEntry")); //$NON-NLS-1$
234: }
235:
236: if (engineIsKeyEntry(alias)) {
237: if (entryClass
238: .isAssignableFrom(Class
239: .forName("java.security.KeyStore$PrivateKeyEntry"))) { //$NON-NLS-1$
240: return engineGetCertificate(alias) != null;
241: }
242:
243: if (entryClass
244: .isAssignableFrom(Class
245: .forName("java.security.KeyStore$SecretKeyEntry"))) { //$NON-NLS-1$
246: return engineGetCertificate(alias) == null;
247: }
248: }
249: } catch (ClassNotFoundException ignore) {
250: }
251:
252: return false;
253: }
254:
255: /*
256: * This method returns password which is encapsulated in
257: * CallbackHandlerProtection object If there is no implementation of
258: * CallbackHandler then this method returns null
259: */
260: static char[] getPasswordFromCallBack(
261: KeyStore.ProtectionParameter protParam)
262: throws UnrecoverableEntryException {
263:
264: if (protParam == null) {
265: return null;
266: }
267:
268: if (!(protParam instanceof KeyStore.CallbackHandlerProtection)) {
269: throw new UnrecoverableEntryException(Messages
270: .getString("security.3C")); //$NON-NLS-1$
271: }
272:
273: String clName = Security
274: .getProperty("auth.login.defaultCallbackHandler"); //$NON-NLS-1$
275: if (clName == null) {
276: throw new UnrecoverableEntryException(Messages
277: .getString("security.3D")); //$NON-NLS-1$
278:
279: }
280:
281: try {
282: Class<?> cl = Class.forName(clName);
283: CallbackHandler cbHand = (CallbackHandler) cl.newInstance();
284: PasswordCallback[] pwCb = { new PasswordCallback(
285: "password: ", true) }; //$NON-NLS-1$
286: cbHand.handle(pwCb);
287: return pwCb[0].getPassword();
288: } catch (Exception e) {
289: throw new UnrecoverableEntryException(e.toString());
290: }
291: }
292: }
|