package at.gv.egovernment.moa.util; import iaik.x509.X509Certificate; import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.net.URL; import java.security.GeneralSecurityException; import java.security.KeyStore; import java.security.cert.Certificate; /** * Utility for creating and loading key stores. * * @author Paul Ivancsics * @version $Id$ */ public class KeyStoreUtils { /** * Loads a key store from file. * * @param keystoreType key store type * @param urlString URL of key store * @param password password protecting the key store * @return key store loaded * @throws IOException thrown while reading the key store from file * @throws GeneralSecurityException thrown while creating the key store */ public static KeyStore loadKeyStore( String keystoreType, String urlString, String password) throws IOException, GeneralSecurityException { URL keystoreURL = new URL(urlString); InputStream in = keystoreURL.openStream(); return loadKeyStore(keystoreType, in, password); } /** * Loads a key store from an InputStream, and * closes the InputStream. * * @param keystoreType key store type * @param in input stream * @param password password protecting the key store * @return key store loaded * @throws IOException thrown while reading the key store from the stream * @throws GeneralSecurityException thrown while creating the key store */ public static KeyStore loadKeyStore( String keystoreType, InputStream in, String password) throws IOException, GeneralSecurityException { char[] chPassword = null; if (password != null) chPassword = password.toCharArray(); KeyStore ks = KeyStore.getInstance(keystoreType); ks.load(in, chPassword); in.close(); return ks; } /** * Creates a key store from X509 certificate files, aliasing them with * the index in the String[], starting with "0". * * @param keyStoreType key store type * @param certFilenames certificate filenames * @return key store created * @throws IOException thrown while reading the certificates from file * @throws GeneralSecurityException thrown while creating the key store */ public static KeyStore createKeyStore( String keyStoreType, String[] certFilenames) throws IOException, GeneralSecurityException { KeyStore ks = KeyStore.getInstance(keyStoreType); ks.load(null, null); for (int i = 0; i < certFilenames.length; i++) { Certificate cert = loadCertificate(certFilenames[i]); ks.setCertificateEntry("" + i, cert); } return ks; } /** * Creates a key store from a directory containg X509 certificate files, * aliasing them with the index in the String[], starting with "0". * All the files in the directory are considered to be certificates. * * @param keyStoreType key store type * @param certDirURLString file URL of directory containing certificate filenames * @return key store created * @throws IOException thrown while reading the certificates from file * @throws GeneralSecurityException thrown while creating the key store */ public static KeyStore createKeyStoreFromCertificateDirectory( String keyStoreType, String certDirURLString) throws IOException, GeneralSecurityException { URL certDirURL = new URL(certDirURLString); String certDirname = certDirURL.getFile(); File certDir = new File(certDirname); String[] certFilenames = certDir.list(); String separator = (certDirname.endsWith(File.separator) ? "" : File.separator); for (int i = 0; i < certFilenames.length; i++) { certFilenames[i] = certDirname + separator + certFilenames[i]; } return createKeyStore(keyStoreType, certFilenames); } /** * Loads an X509 certificate from file. * @param certFilename filename * @return the certificate loaded * @throws IOException thrown while reading the certificate from file * @throws GeneralSecurityException thrown while creating the certificate */ private static Certificate loadCertificate(String certFilename) throws IOException, GeneralSecurityException { FileInputStream in = new FileInputStream(certFilename); Certificate cert = new X509Certificate(in); in.close(); return cert; } }