/*
* Copyright 2003 Federal Chancellery Austria
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*     http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package at.gv.egovernment.moa.util;

import iaik.x509.X509Certificate;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.Certificate;

/**
 * Utility for creating and loading key stores.
 * 
 * @author Paul Ivancsics
 * @version $Id$
 */
public class KeyStoreUtils {

  /**
   * Loads a key store from file.
   * 
   * @param keystoreType key store type
   * @param urlString URL of key store
   * @param password password protecting the key store
   * @return key store loaded
   * @throws IOException thrown while reading the key store from file
   * @throws GeneralSecurityException thrown while creating the key store
   */
  public static KeyStore loadKeyStore(
    String keystoreType,
    String urlString,
    String password)
    throws IOException, GeneralSecurityException {

    URL keystoreURL = new URL(urlString);
    InputStream in = keystoreURL.openStream();
    return loadKeyStore(keystoreType, in, password);
  }
  /**
   * Loads a key store from an <code>InputStream</code>, and
   * closes the <code>InputStream</code>.
   * 
   * @param keystoreType key store type
   * @param in input stream
   * @param password password protecting the key store
   * @return key store loaded
   * @throws IOException thrown while reading the key store from the stream
   * @throws GeneralSecurityException thrown while creating the key store
   */
  public static KeyStore loadKeyStore(
    String keystoreType,
    InputStream in,
    String password)
    throws IOException, GeneralSecurityException {

    char[] chPassword = null;
    if (password != null)
      chPassword = password.toCharArray();
    KeyStore ks = KeyStore.getInstance(keystoreType);
    ks.load(in, chPassword);
    in.close();
    return ks;
  }
  /**
   * Creates a key store from X509 certificate files, aliasing them with
   * the index in the <code>String[]</code>, starting with <code>"0"</code>.
   * 
   * @param keyStoreType key store type
   * @param certFilenames certificate filenames
   * @return key store created
   * @throws IOException thrown while reading the certificates from file
   * @throws GeneralSecurityException thrown while creating the key store
   */
  public static KeyStore createKeyStore(
    String keyStoreType,
    String[] certFilenames)
    throws IOException, GeneralSecurityException {

    KeyStore ks = KeyStore.getInstance(keyStoreType);
    ks.load(null, null);
    for (int i = 0; i < certFilenames.length; i++) {
      Certificate cert = loadCertificate(certFilenames[i]);
      ks.setCertificateEntry("" + i, cert);
    }
    return ks;
  }
  /**
   * Creates a key store from a directory containg X509 certificate files, 
   * aliasing them with the index in the <code>String[]</code>, starting with <code>"0"</code>.
   * All the files in the directory are considered to be certificates.
   * 
   * @param keyStoreType key store type
   * @param certDirURLString file URL of directory containing certificate filenames
   * @return key store created
   * @throws IOException thrown while reading the certificates from file
   * @throws GeneralSecurityException thrown while creating the key store
   */
  public static KeyStore createKeyStoreFromCertificateDirectory(
    String keyStoreType,
    String certDirURLString)
    throws IOException, GeneralSecurityException {

    URL certDirURL = new URL(certDirURLString);
    String certDirname = certDirURL.getFile();
    File certDir = new File(certDirname);
    String[] certFilenames = certDir.list();
    String separator =
      (certDirname.endsWith(File.separator) ? "" : File.separator);
    for (int i = 0; i < certFilenames.length; i++) {
      certFilenames[i] = certDirname + separator + certFilenames[i];
    }
    return createKeyStore(keyStoreType, certFilenames);
  }

  /**
   * Loads an X509 certificate from file.
   * @param certFilename filename
   * @return the certificate loaded
   * @throws IOException thrown while reading the certificate from file
   * @throws GeneralSecurityException thrown while creating the certificate
   */
  private static Certificate loadCertificate(String certFilename)
    throws IOException, GeneralSecurityException {

    FileInputStream in = new FileInputStream(certFilename);
    Certificate cert = new X509Certificate(in);
    in.close();
    return cert;
  }

}