001: /**
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */package org.apache.geronimo.crypto;
017:
018: import java.io.ByteArrayInputStream;
019: import java.io.ByteArrayOutputStream;
020: import java.io.IOException;
021: import java.security.KeyStore;
022: import java.security.Provider;
023: import java.security.Security;
024: import java.security.cert.Certificate;
025: import java.security.cert.CertificateFactory;
026: import java.util.Collections;
027: import java.util.Set;
028: import java.util.TreeSet;
029:
030: /**
031: * @version $Rev: 617735 $ $Date: 2008-02-01 17:20:02 -0800 (Fri, 01 Feb 2008) $
032: */
033: public class KeystoreUtil {
034: /**
035: * All KeyStore types available.
036: */
037: public static final Set<String> keystoreTypes;
038: /**
039: * The keystore types which allow an empty keystore saved to disk.
040: */
041: public static final Set<String> emptyKeystoreTypes;
042: /**
043: * The keystore types which allow certificate entries.
044: */
045: public static final Set<String> certKeystoreTypes;
046: /**
047: * The default keystore type.
048: */
049: public static final String defaultType;
050:
051: static {
052: TreeSet<String> tempKeystoreTypes = new TreeSet<String>();
053: TreeSet<String> tempEmptyKeystoreTypes = new TreeSet<String>();
054: TreeSet<String> tempCertKeystoreTypes = new TreeSet<String>();
055: String tempDefaultType = null;
056: Provider[] providers = Security.getProviders();
057: char[] password = "emptypassword".toCharArray();
058:
059: // Certificate used to check if a keystore allows storing trusted
060: String sampleCertText = "-----BEGIN CERTIFICATE-----\n"
061: + "MIIBpzCCAVECBgEV+CystzANBgkqhkiG9w0BAQQFADBcMQswCQYDVQQDEwJNZTEQMA4GA1UECxMH\n"
062: + "TXkgVW5pdDEPMA0GA1UEChMGTXkgT3JnMRAwDgYDVQQHEwdNeSBDaXR5MQswCQYDVQQIEwJBUDEL\n"
063: + "MAkGA1UEBhMCSU4wHhcNMDcxMDMxMjIyNjU4WhcNMTcxMDI4MjIyNjU4WjBcMQswCQYDVQQDEwJN\n"
064: + "ZTEQMA4GA1UECxMHTXkgVW5pdDEPMA0GA1UEChMGTXkgT3JnMRAwDgYDVQQHEwdNeSBDaXR5MQsw\n"
065: + "CQYDVQQIEwJBUDELMAkGA1UEBhMCSU4wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAlN7IscUYq5U9\n"
066: + "d1TYVJaj5RQJLg39Gz9R9hB0hhOULSHOxeE0utTJvgBQcf+f39FgbGIdriJniyoubtCXGfSpxwID\n"
067: + "AQABMA0GCSqGSIb3DQEBBAUAA0EACQN6ScbxzAjrrQ3Ciy8I7/qsgpQo4Nuhfo5cAU4rvcKnujs6\n"
068: + "uGHAJrHMF/ROGl6kPZvFeoGXk5qjyKs8Kx5MJA==\n"
069: + "-----END CERTIFICATE-----";
070: Certificate sampleCert = null;
071:
072: try {
073: CertificateFactory certFac = CertificateFactory
074: .getInstance("X.509");
075: sampleCert = certFac
076: .generateCertificate(new ByteArrayInputStream(
077: sampleCertText.getBytes()));
078: } catch (Throwable ignored) {
079: }
080: for (Provider provider : providers) {
081: for (Provider.Service service : provider.getServices()) {
082: if (service.getType().equals("KeyStore")) {
083: String type = service.getAlgorithm();
084: tempKeystoreTypes.add(type);
085: if (type
086: .equalsIgnoreCase(KeyStore.getDefaultType())) {
087: tempDefaultType = type;
088: }
089:
090: ByteArrayOutputStream baos = null;
091: KeyStore ks = null;
092: try {
093: ks = KeyStore.getInstance(type);
094: ks.load(null);
095: baos = new ByteArrayOutputStream();
096: // Check if an empty keystore can be saved.
097: ks.store(baos, password);
098: tempEmptyKeystoreTypes.add(type);
099: } catch (Throwable ignored) {
100: } finally {
101: if (baos != null) {
102: try {
103: baos.close();
104: } catch (IOException ignored) {
105: }
106: }
107: }
108:
109: try {
110: // Check if the keystore allows storing of certificate entries.
111: ks
112: .setCertificateEntry("samplecert",
113: sampleCert);
114: tempCertKeystoreTypes.add(type);
115: } catch (Throwable ignored) {
116: }
117: }
118: }
119: }
120:
121: keystoreTypes = Collections
122: .unmodifiableSortedSet(tempKeystoreTypes);
123: emptyKeystoreTypes = Collections
124: .unmodifiableSortedSet(tempEmptyKeystoreTypes);
125: certKeystoreTypes = Collections
126: .unmodifiableSortedSet(tempCertKeystoreTypes);
127: defaultType = tempDefaultType;
128: }
129: }
|