All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.certificateservices.messages.DummyMessageSecurityProvider Maven / Gradle / Ivy

Go to download

A Certservice Project

The newest version!
/************************************************************************
*                                                                       *
*  Certificate Service - PKI Messages                                   *
*                                                                       *
*  This software is free software; you can redistribute it and/or       *
*  modify it under the terms of the GNU Lesser General Public License   *
*  License as published by the Free Software Foundation; either         *
*  version 3   of the License, or any later version.                    *
*                                                                       *
*  See terms of license at gnu.org.                                     *
*                                                                       *
*************************************************************************/
package org.certificateservices.messages;

import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;

import org.certificateservices.messages.utils.XMLEncrypter;


/**
 * Dummy PKI Message Security Provider returning a self-signed certificate used
 * for testing.
 * 
 * @author Philip Vendil
 *
 */
public class DummyMessageSecurityProvider implements
		ContextMessageSecurityProvider {

	private KeyStore dummyKS = null;
	private KeyStore encKeyStore = null;
	private String defaultEncKeyId;
	private Map encKeyIdToAlias = new HashMap();
	
	private boolean validCallDone = false;
	private String organisationCalled = null;
	
	private KeyStore getDummyKeystore() throws MessageProcessingException{
		if(dummyKS == null){
			try {
				dummyKS = KeyStore.getInstance("JKS");
				dummyKS.load(this.getClass().getResourceAsStream("/dummykeystore.jks"), "tGidBq0Eep".toCharArray());
			} catch (Exception e) {
				throw new MessageProcessingException("Error loading dummy key store: " + e.getMessage(),e);
			}
			
		}
		return dummyKS;
	}
	
	private KeyStore getEncKeystore() throws MessageProcessingException{
		if(encKeyStore == null){
			try {
				encKeyStore = KeyStore.getInstance("JKS");
				encKeyStore.load(this.getClass().getResourceAsStream("/decryptionks.jks"), "password".toCharArray());
				
				defaultEncKeyId = XMLEncrypter.generateKeyId(encKeyStore.getCertificate("key1").getPublicKey());
				encKeyIdToAlias.put(defaultEncKeyId, "key1");
				encKeyIdToAlias.put(XMLEncrypter.generateKeyId(encKeyStore.getCertificate("key2").getPublicKey()), "key2");
				encKeyIdToAlias.put(XMLEncrypter.generateKeyId(encKeyStore.getCertificate("key3").getPublicKey()), "key3");
				
			} catch (Exception e) {
				throw new MessageProcessingException("Error loading dummy enc key store: " + e.getMessage(),e);
			}
			
		}
		return encKeyStore;
	}
	
	/**
	 * Method fetching the signing key from the dummy keystore.
	 * 
	 * @see org.certificateservices.messages.MessageSecurityProvider#getSigningKey()
	 */
	public PrivateKey getSigningKey() throws MessageProcessingException {
		return getSigningKey(DEFAULT_CONTEXT);
	}


	@Override
	public PrivateKey getSigningKey(Context context) throws MessageProcessingException {
		try {
			return (PrivateKey) getDummyKeystore().getKey("test", "tGidBq0Eep".toCharArray());
		} catch (Exception e) {
			throw new MessageProcessingException("Error fetching dummy signing key: " + e.getMessage(),e);
		}
	}


	/**
	 * 
	 * @see org.certificateservices.messages.MessageSecurityProvider#getSigningCertificate()
	 */
	public X509Certificate getSigningCertificate()
			throws IllegalArgumentException, MessageProcessingException {
		return getSigningCertificate(DEFAULT_CONTEXT);
	}

	@Override
	public X509Certificate getSigningCertificate(Context context) throws MessageProcessingException {
		try {
			return (X509Certificate) getDummyKeystore().getCertificate("test");
		} catch (Exception e) {
			throw new MessageProcessingException("Error fetching dummy signing certificate: " + e.getMessage(),e);
		}
	}


	/**
	 * 
	 * @see org.certificateservices.messages.MessageSecurityProvider#isValidAndAuthorized(X509Certificate, String)
	 */
	public boolean isValidAndAuthorized(X509Certificate signCertificate, String organisation)
			throws IllegalArgumentException, MessageProcessingException {
		return isValidAndAuthorized(DEFAULT_CONTEXT,signCertificate,organisation);
	}

	@Override
	public boolean isValidAndAuthorized(Context context, X509Certificate signCertificate, String organisation) throws IllegalArgumentException, MessageProcessingException {
		if(signCertificate == null){
			throw new IllegalArgumentException("Error sign certificate cannot be null when validating.");
		}

		boolean[] keyUsage = signCertificate.getKeyUsage();
		if (!keyUsage[0]) {
			return false;
		}

		validCallDone = true;
		organisationCalled = organisation;

		return true;
	}

	
	public void resetCounters(){
		validCallDone = false;
		organisationCalled = null;
	}
	
	public boolean getValidCallDone(){
		return validCallDone;
	}
	
	public String getOrganisationCalled(){
		return organisationCalled;
	}


	public PrivateKey getDecryptionKey(String keyId)
			throws MessageProcessingException {
		return getDecryptionKey(DEFAULT_CONTEXT,keyId);
	}

	@Override
	public PrivateKey getDecryptionKey(Context context, String keyId) throws MessageProcessingException {
		KeyStore encKeyStore = getEncKeystore();
		if(keyId == DEFAULT_DECRYPTIONKEY){
			keyId = defaultEncKeyId;
		}
		String alias =  encKeyIdToAlias.get(keyId);
		if(alias == null){
			throw new MessageProcessingException("Error no decryption key with key id; " + keyId + " found in message security provider");
		}
		try {
			return (PrivateKey) encKeyStore.getKey(alias, "password".toCharArray());
		} catch (Exception e) {
			throw new MessageProcessingException("Error no decryption key with key id; " + keyId + " found in message security provider");
		}
	}

	public X509Certificate getDecryptionCertificate(String keyId)
			throws MessageProcessingException {
		return getDecryptionCertificate(DEFAULT_CONTEXT,keyId);
	}

	@Override
	public X509Certificate getDecryptionCertificate(Context context, String keyId) throws MessageProcessingException {
		KeyStore encKeyStore = getEncKeystore();
		if(keyId == DEFAULT_DECRYPTIONKEY){
			keyId = defaultEncKeyId;
		}
		String alias =  encKeyIdToAlias.get(keyId);
		if(alias == null){
			throw new MessageProcessingException("Error no decryption key with key id; " + keyId + " found in message security provider");
		}
		try {
			return  (X509Certificate) encKeyStore.getCertificate(alias);
		} catch (Exception e) {
			throw new MessageProcessingException("Error no decryption key with key id; " + keyId + " found in message security provider");
		}
	}


	public X509Certificate[] getDecryptionCertificateChain(String keyId)
			throws MessageProcessingException {
		return getDecryptionCertificateChain(DEFAULT_CONTEXT,keyId);
	}

	@Override
	public X509Certificate[] getDecryptionCertificateChain(Context context, String keyId) throws MessageProcessingException {
		KeyStore encKeyStore = getEncKeystore();
		if(keyId == DEFAULT_DECRYPTIONKEY){
			keyId = defaultEncKeyId;
		}
		String alias =  encKeyIdToAlias.get(keyId);
		if(alias == null){
			throw new MessageProcessingException("Error no decryption key with key id; " + keyId + " found in message security provider");
		}
		try {
			Certificate[] certChain =  encKeyStore.getCertificateChain(alias);
			return (X509Certificate[]) Arrays.copyOf(certChain,certChain.length, X509Certificate[].class);
		} catch (Exception e) {
			throw new MessageProcessingException("Error no decryption key with key id; " + keyId + " found in message security provider");
		}
	}
	
	public Set getDecryptionKeyIds() throws MessageProcessingException {
		return getDecryptionKeyIds(DEFAULT_CONTEXT);
	}

	@Override
	public Set getDecryptionKeyIds(Context context) throws MessageProcessingException {
		getEncKeystore();
		return encKeyIdToAlias.keySet();
	}


	public EncryptionAlgorithmScheme getEncryptionAlgorithmScheme()
			throws MessageProcessingException {
		return getEncryptionAlgorithmScheme(DEFAULT_CONTEXT);
	}

	@Override
	public EncryptionAlgorithmScheme getEncryptionAlgorithmScheme(Context context) throws MessageProcessingException {
		return EncryptionAlgorithmScheme.RSA_OAEP_WITH_AES256;
	}

	public SigningAlgorithmScheme getSigningAlgorithmScheme()
			throws MessageProcessingException {
		return getSigningAlgorithmScheme(DEFAULT_CONTEXT);
	}

	/**
	 * Method to retrieve JCE provider that should be used with keys provided by this provider.
	 * @return name of an JCE Provider that should be installed prior to usage of this MessageSecurityProvider
	 * if null should the JRE configured list of security providers be used.
	 */
	@Override
	public String getProvider() {
		return "BC";
	}

	@Override
	public SigningAlgorithmScheme getSigningAlgorithmScheme(Context context) throws MessageProcessingException {
		return SigningAlgorithmScheme.RSAWithSHA256;
	}

	/**
	 * Method to retrieve JCE provider that should be used with keys provided by this provider.
	 * @return name of an JCE Provider that should be installed prior to usage of this MessageSecurityProvider
	 * if null should the JRE configured list of security providers be used.
	 */
	@Override
	public String getProvider(Context context) {
		return getProvider();
	}
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy