com.sun.enterprise.security.store.AsadminTruststore Maven / Gradle / Ivy
/*
* Copyright (c) 2022 Contributors to the Eclipse Foundation
* Copyright (c) 1997, 2021 Oracle and/or its affiliates. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0, which is available at
* http://www.eclipse.org/legal/epl-2.0.
*
* This Source Code may also be made available under the following Secondary
* Licenses when the conditions for such availability set forth in the
* Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
* version 2 with the GNU Classpath Exception, which is available at
* https://www.gnu.org/software/classpath/license.html.
*
* SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
*/
package com.sun.enterprise.security.store;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import static com.sun.enterprise.util.SystemPropertyConstants.CLIENT_TRUSTSTORE_PROPERTY;
/**
* This class implements an adapter for password manipulation a JCEKS.
*
* This class delegates the work of actually opening the trust store to AsadminSecurityUtil.
*
* @author Shing Wai Chan
*/
public class AsadminTruststore {
private static final String ASADMIN_TRUSTSTORE = "truststore";
private KeyStore _keyStore;
private File _keyFile;
private char[] _password;
public static File getAsadminTruststore() {
String location = System.getProperty(CLIENT_TRUSTSTORE_PROPERTY);
if (location == null) {
return new File(AsadminSecurityUtil.GF_CLIENT_DIR, ASADMIN_TRUSTSTORE);
}
return new File(location);
}
public static AsadminTruststore newInstance() throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException {
return AsadminSecurityUtil.getInstance(true /* isPromptable */).getAsadminTruststore();
}
public static AsadminTruststore newInstance(final char[] password)
throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException {
return AsadminSecurityUtil.getInstance(password, true /* isPromptable */).getAsadminTruststore();
}
AsadminTruststore(final char[] password) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException {
init(getAsadminTruststore(), password);
}
private void init(File keyfile, final char[] password)
throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException {
_keyFile = keyfile;
_keyStore = KeyStore.getInstance("JKS");
_password = password;
if (!_keyFile.exists()) {
_keyStore.load(null, null);
return;
}
try (BufferedInputStream bInput = new BufferedInputStream(new FileInputStream(_keyFile))) {
//load must be called with null to initialize an empty keystore
_keyStore.load(bInput, _password);
}
}
public boolean certificateExists(Certificate cert) throws KeyStoreException {
return _keyStore.getCertificateAlias(cert) == null ? false : true;
}
public void addCertificate(String alias, Certificate cert)
throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
_keyStore.setCertificateEntry(alias, cert);
writeStore();
}
public void writeStore() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
try (BufferedOutputStream boutput = new BufferedOutputStream(new FileOutputStream(_keyFile))) {
_keyStore.store(boutput, _password);
}
}
}