| Method from org.apache.geronimo.console.core.keystore.KeyStoreGBean Detail: |
|---|
 public void deleteEntry(String alias) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
keystore.deleteEntry(alias);
saveKeyStore();
}
|
public void doFail() {
} |
public void doStart() throws WaitingException, Exception {
//Security.addProvider(new BouncyCastleProvider());
this.keystore = KeyStore.getInstance(keyStoreType);
boolean keystoreExistsFlag = true;
InputStream is = null;
try {
File keyStore = serverInfo.resolveServer(this.keyStoreLocation);
log.debug("loading keystore from " + keyStore);
is = new java.io.FileInputStream(keyStore);
this.keystore.load(is, this.keyStorePassword.toCharArray());
} catch (java.io.FileNotFoundException e) {
keystoreExistsFlag = false;
} finally {
try {
if (is != null) {
is.close();
}
} catch (Exception e) {
}
}
if (keystoreExistsFlag == false) {
keystore.load(null, keyStorePassword.toCharArray());
}
} |
public void doStop() throws WaitingException, Exception {
} |
public String generateCSR(String alias) throws Exception {
// find certificate by alias
X509Certificate cert = (X509Certificate) keystore.getCertificate(alias);
// find private key by alias
PrivateKey key = (PrivateKey) keystore.getKey(alias, keyPassword.toCharArray());
// generate csr
String csr = generateCSR(cert, key);
return csr;
} |
public String generateCSR(X509Certificate cert,
PrivateKey signingKey) throws Exception {
String sigalg = cert.getSigAlgName();
X509Name subject = new X509Name(cert.getSubjectDN().toString());
PublicKey publicKey = cert.getPublicKey();
ASN1Set attributes = null;
PKCS10CertificationRequest csr = new PKCS10CertificationRequest(sigalg,
subject, publicKey, attributes, signingKey);
if (!csr.verify()) {
throw new KeyStoreException("CSR verification failed");
}
ByteArrayOutputStream os = new ByteArrayOutputStream();
DEROutputStream deros = new DEROutputStream(os);
deros.writeObject(csr.getDERObject());
String b64 = new String(Base64.encode(os.toByteArray()));
final String BEGIN_CERT_REQ = "-----BEGIN CERTIFICATE REQUEST-----";
final String END_CERT_REQ = "-----END CERTIFICATE REQUEST-----";
final int CERT_REQ_LINE_LENGTH = 70;
StringBuffer sbuf = new StringBuffer(BEGIN_CERT_REQ).append('\n');
int idx = 0;
while (idx < b64.length()) {
int len = (idx + CERT_REQ_LINE_LENGTH > b64.length()) ? b64
.length()
- idx : CERT_REQ_LINE_LENGTH;
String chunk = b64.substring(idx, idx + len);
sbuf.append(chunk).append('\n');
idx += len;
}
sbuf.append(END_CERT_REQ);
return sbuf.toString();
} |
public X509Certificate generateCert(PublicKey publicKey,
PrivateKey privateKey,
String sigalg,
int validity,
String cn,
String ou,
String o,
String l,
String st,
String c) throws SignatureException, InvalidKeyException {
X509V1CertificateGenerator certgen = new X509V1CertificateGenerator();
// issuer dn
Vector order = new Vector();
Hashtable attrmap = new Hashtable();
if (cn != null) {
attrmap.put(X509Principal.CN, cn);
order.add(X509Principal.CN);
}
if (ou != null) {
attrmap.put(X509Principal.OU, ou);
order.add(X509Principal.OU);
}
if (o != null) {
attrmap.put(X509Principal.O, o);
order.add(X509Principal.O);
}
if (l != null) {
attrmap.put(X509Principal.L, l);
order.add(X509Principal.L);
}
if (st != null) {
attrmap.put(X509Principal.ST, st);
order.add(X509Principal.ST);
}
if (c != null) {
attrmap.put(X509Principal.C, c);
order.add(X509Principal.C);
}
X509Principal issuerDN = new X509Principal(order, attrmap);
certgen.setIssuerDN(issuerDN);
// validity
long curr = System.currentTimeMillis();
long untill = curr + (long) validity * 24 * 60 * 60 * 1000;
certgen.setNotBefore(new Date(curr));
certgen.setNotAfter(new Date(untill));
// subject dn
certgen.setSubjectDN(issuerDN);
// public key
certgen.setPublicKey(publicKey);
// signature alg
certgen.setSignatureAlgorithm(sigalg);
// serial number
certgen.setSerialNumber(new BigInteger(String.valueOf(curr)));
// make certificate
X509Certificate cert = certgen.generateX509Certificate(privateKey);
return cert;
} |
public void generateKeyPair(String alias,
String keyalg,
Integer keysize,
String sigalg,
Integer validity,
String cn,
String ou,
String o,
String l,
String st,
String c) throws NoSuchAlgorithmException, KeyStoreException, SignatureException, InvalidKeyException, CertificateException, IOException {
KeyPairGenerator kpgen = KeyPairGenerator.getInstance(keyalg);
kpgen.initialize(keysize.intValue());
KeyPair keyPair = kpgen.generateKeyPair();
X509Certificate cert = generateCert(keyPair.getPublic(), keyPair
.getPrivate(), sigalg, validity.intValue(), cn, ou, o, l, st, c);
keystore.setKeyEntry(alias, keyPair.getPrivate(), keyPassword.toCharArray(), new Certificate[] { cert });
saveKeyStore();
} |
public Certificate[] getCertificateChain(String alias) throws KeyStoreException {
Certificate[] certs = null;
if (keystore.isCertificateEntry(alias)) {
Certificate cert = keystore.getCertificate(alias);
certs = new Certificate[1];
certs[0] = cert;
} else if (keystore.isKeyEntry(alias)) {
certs = keystore.getCertificateChain(alias);
} else if (keystore.containsAlias(alias)) {
throw new KeyStoreException("Unsupported key-store-entry, alias = "
+ alias);
} else {
throw new KeyStoreException(
"Key-store-entry alias not found, alias = " + alias);
}
return certs;
} |
public static GBeanInfo getGBeanInfo() {
return GBEAN_INFO;
} |
public KeyEntryInfo getKeyEntryInfo(String alias) throws KeyStoreException {
KeyEntryInfo info = null;
if (this.keystore.isCertificateEntry(alias)) {
// certificate entry
info = new KeyEntryInfo(alias, "trusted certificate", keystore
.getCreationDate(alias));
} else if (this.keystore.isKeyEntry(alias)) {
// private key entry
info = new KeyEntryInfo(alias, "private key", keystore
.getCreationDate(alias));
} else {
throw new KeyStoreException("invalid key entry type");
}
return info;
} |
public String getKeyPassword() {
return this.keyPassword;
} |
public List getKeyStoreEntries() throws KeyStoreException {
List list = new ArrayList();
Enumeration aliases = this.keystore.aliases();
while (aliases.hasMoreElements()) {
String alias = (String) aliases.nextElement();
list.add(getKeyEntryInfo(alias));
}
return list;
} |
public String getKeyStoreLocation() {
return this.keyStoreLocation;
} |
public String getKeyStorePassword() {
return this.keyStorePassword;
} |
public String getKeyStoreProvider() {
return this.keyStoreProvider;
} |
public int getKeyStoreSize() throws KeyStoreException {
return this.keystore.size();
} |
public String getKeyStoreType() {
return this.keyStoreType;
} |
public ServerInfo getServerInfo() {
return serverInfo;
} |
public void importPKCS7Certificate(String alias,
String certbuf) throws CertificateException, NoSuchProviderException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, IOException {
InputStream is = null;
try {
is = new ByteArrayInputStream(certbuf.getBytes());
importPKCS7Certificate(alias, is);
} finally {
if (is != null) {
try {
is.close();
} catch (Exception e) {
}
}
}
} |
public void importPKCS7Certificate(String alias,
InputStream is) throws CertificateException, NoSuchProviderException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, IOException {
if (keyStoreProvider.equalsIgnoreCase("Default"))
{
keyStoreProvider = new String(System.getProperty("java.security.Provider"));
}
CertificateFactory cf = CertificateFactory.getInstance("X.509",keyStoreProvider);
Collection certcoll = cf.generateCertificates(is);
Certificate[] chain = new Certificate[certcoll.size()];
Iterator iter = certcoll.iterator();
for (int i = 0; iter.hasNext(); i++) {
chain[i] = (Certificate) iter.next();
}
char[] password = keyPassword.toCharArray();
keystore.setKeyEntry(alias, keystore.getKey(alias, password), password,
chain);
saveKeyStore();
} |
public void importTrustedX509Certificate(String alias,
String certfile) throws FileNotFoundException, CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, NoSuchProviderException {
InputStream is = null;
try {
if (keyStoreProvider.equalsIgnoreCase("Default"))
{
keyStoreProvider = new String(System.getProperty("java.security.Provider"));
}
CertificateFactory cf = CertificateFactory.getInstance("X.509", keyStoreProvider);
is = new FileInputStream(certfile);
Certificate cert = cf.generateCertificate(is);
if(alias == null || alias.equals("")) {
// Generate an alias for this certificate
X509Certificate xcert = (X509Certificate)cert;
alias = xcert.getIssuerDN().toString()+":"+xcert.getSerialNumber();
}
keystore.setCertificateEntry(alias, cert);
saveKeyStore();
} finally {
if (is != null) {
try {
is.close();
} catch (Exception e) {
}
}
}
} |
public void saveKeyStore() throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException {
FileOutputStream os = null;
try {
File keyStore = serverInfo.resolveServer(this.keyStoreLocation);
os = new FileOutputStream(keyStore);
keystore.store(os, keyStorePassword.toCharArray());
} finally {
if (os != null) {
try {
os.close();
} catch (Exception ex) {
}
}
}
} |
public void setKeyPassword(String keyPassword) {
this.keyPassword = keyPassword;
} |
public void setKeyStoreLocation(String keyStoreLocation) {
this.keyStoreLocation = keyStoreLocation;
} |
public void setKeyStorePassword(String keyStorePassword) {
this.keyStorePassword = keyStorePassword;
} |
public void setKeyStoreProvider(String keyStoreProvider) {
this.keyStoreProvider = keyStoreProvider;
} |
public void setKeyStoreType(String keyStoreType) {
this.keyStoreType = keyStoreType;
} |
public void setServerInfo(ServerInfo serverInfo) {
this.serverInfo = serverInfo;
} |
org.apache.geronimo.console.core.keystore.KeyStoreGBean