• Home
• com.github.unbound-tech
• unbound-java-provider
• 2.0.2007.46455
• source code
• KMIPPartition.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.unbound.client.kmip.KMIPPartition Maven / Gradle / Ivy

package com.unbound.client.kmip;

import com.unbound.common.Log;
import com.unbound.common.crypto.X509;
import com.unbound.client.Session;
import com.unbound.client.Partition;
import com.unbound.provider.UBKeyStore;

import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.security.auth.x500.X500Principal;
import java.io.FileInputStream;
import java.security.*;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashMap;

public class KMIPPartition extends Partition
{
  private static final HashMap partitions = new HashMap<>();
  private static KMIPPartition simulator = null;
  private static KMIPPartition defaultPartition = null;


  private KeyManager[] keyManagers;
  private String name;
  //String clientName;
  private final UBKeyStore keyStore = new UBKeyStore(this);
  byte[] jwt = null;
  long jwtValidityClock = 0;
  private int authReq = -1;
  private String clientName;
  private String templateName;
  private String activationCode;

  private KMIPPartition(String name)
  {
    this.name = name;
  }

  private KMIPPartition(String partitionName, String clientName, String templateName, String activationCode)
  {
    this.name = partitionName;
    this.clientName = clientName;
    this.templateName = templateName;
    this.activationCode = activationCode;
  }

  synchronized KeyManager[] getKeyManagers()
  {
    if (keyManagers==null)
    {
      KMIPClient.registerPartition(this, name, clientName, templateName, activationCode);
    }
    return keyManagers;
  }

  private KMIPPartition(String name, KeyStore pfx, String pfxPass)
  {
    this(name);
    setPfx(pfx, pfxPass);
  }

  private static KeyStore loadPfx(String pfxFileName, String pass)
  {
    Log log = Log.func("KMIPPartition.loadPfx").log("pfxFileName", pfxFileName).log("pass", pass!=null).end(); try
    {
      char[] passChars = pass == null ? null : pass.toCharArray();
      KeyStore ks = KeyStore.getInstance("pkcs12");
      ks.load(new FileInputStream(pfxFileName), passChars);
      return ks;
    }
    catch (Exception e) { log.failed(e); throw new ProviderException(e); } finally { log.leave(); }
  }

  private static String getNameFromPfx(KeyStore pfx, String type)
  {
    try
    {
      Enumeration aliases = pfx.aliases();
      if (!aliases.hasMoreElements()) throw new ProviderException("Empty store");
      X509Certificate cert = (X509Certificate) pfx.getCertificate(aliases.nextElement());
      if (cert == null) throw new ProviderException("Empty store");
      X500Principal principal = cert.getSubjectX500Principal();
      if (principal == null) throw new ProviderException("Invalid prinicpal");

      String ou = X509.getName(principal, type);
      if (ou==null) throw new ProviderException("Invalid prinicpal");
      return ou;

      /*X500Name x500name = new X500Name(principal.getName());
      if (x500name == null) throw new KeyStoreException("Invalid X500Name");
      return x500name.getOrganizationalUnit();*/
    }
    catch (KeyStoreException e) { throw new ProviderException(e); }
  }

  static synchronized KMIPPartition registerPfx(String pfxFileName, String pass)
  {
    KeyStore pfx = loadPfx(pfxFileName, pass);
    return registerPfx(pfx, pass);
  }

  void setPfx(KeyStore pfx, String pfxPass)
  {
    Log log = Log.func("KMIPPartition.setPfx").log("name", name).end(); try
    {
      KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());//"X.509");
      kmf.init(pfx, pfxPass.toCharArray());
      keyManagers = kmf.getKeyManagers();
    }
    catch (Exception e) { log.failed(e); throw new ProviderException(e); } finally { log.leave(); }
  }

  public static synchronized KMIPPartition get(String name)
  {
    if (name==null) return defaultPartition;
    return partitions.get(name);
  }

  static synchronized KMIPPartition registerPfx(KeyStore pfx, String pass)
  {
    String name = getNameFromPfx(pfx, "OU");
    KMIPPartition partition = partitions.get(name);
    if (partition == null)
    {
      partition = new KMIPPartition(name, pfx, pass);
      if (defaultPartition==null) defaultPartition = partition;
      partitions.put(name, partition);
    }
    return partition;
  }

  static synchronized KMIPPartition preRegister(String partitionName, String clientName, String templateName, String activationCode)
  {
    KMIPPartition partition = partitions.get(partitionName);
    if (partition == null)
    {
      partition = new KMIPPartition(partitionName, clientName, templateName, activationCode);
      if (defaultPartition==null) defaultPartition = partition;
      partitions.put(partitionName, partition);
    }
    return partition;
  }

  static synchronized KMIPPartition registerSimulator()
  {
    if (simulator==null) simulator = defaultPartition = new KMIPPartition("sumulate");
    return simulator;
  }

  @Override
  public String getName()
  {
    return name;
  }

  @Override
  public UBKeyStore getKeyStore()
  {
    return keyStore;
  }

  @Override
  public Session acquireSession()
  {
    return new KMIPSession(this);
  }

  @Override
  public void login(char[] password)
  {
    if (authReq==0) return;

    KMIPSession session = new KMIPSession(this);

    if (authReq==-1)
    {
      try
      {
        session.login(null);
        authReq = 0;
        return;
      }
      catch (Exception e) { authReq = 1; }
    }

    session.login(new String(password));
  }



}