diff options
author | Raif S. Naffah <raif@swiftdsl.com.au> | 2006-05-03 12:24:30 +0000 |
---|---|---|
committer | Raif S. Naffah <raif@swiftdsl.com.au> | 2006-05-03 12:24:30 +0000 |
commit | fb8804a9c4b9fd3117e3ab58c1241b76b7d0f199 (patch) | |
tree | 2c9f9c7b09504892a7fda11637f86eac2c2b7f8b | |
parent | 599111bb1dca0a877817a013db4f409d2522c8b0 (diff) | |
download | classpath-fb8804a9c4b9fd3117e3ab58c1241b76b7d0f199.tar.gz |
2006-05-03 Raif S. Naffah <raif@swiftdsl.com.au>
* gnu/javax/crypto/jce/keyring/GnuKeyring.java: Re-implemented using
a pair of one public keyring and one private keyring.
* gnu/javax/crypto/keyring/GnuPublicKeyring.java (log): New field.
(containsCertificate): Added logging.
(getCertificate): Likewise.
(putCertificate): Likewsie.
(load): Likewise.
(store): Likewise.
* gnu/javax/crypto/keyring/GnuPrivateKeyring.java (log): New field.
(containsPrivateKey): Added logging.
(getPrivateKey): Likewise.
(putPrivateKey): Likewise.
(containsPublicKey): Likewise.
(getPublicKey): Likewise.
(putPublicKey): Likewise.
(containsCertPath): Likewise.
(getCertPath): Likewise.
(putCertPath): Likewise.
(load): Likewise.
(store): Likewise.
-rw-r--r-- | ChangeLog | 23 | ||||
-rw-r--r-- | gnu/javax/crypto/jce/keyring/GnuKeyring.java | 572 | ||||
-rw-r--r-- | gnu/javax/crypto/keyring/GnuPrivateKeyring.java | 367 | ||||
-rw-r--r-- | gnu/javax/crypto/keyring/GnuPublicKeyring.java | 106 |
4 files changed, 597 insertions, 471 deletions
@@ -1,3 +1,26 @@ +2006-05-03 Raif S. Naffah <raif@swiftdsl.com.au> + + * gnu/javax/crypto/jce/keyring/GnuKeyring.java: Re-implemented using + a pair of one public keyring and one private keyring. + * gnu/javax/crypto/keyring/GnuPublicKeyring.java (log): New field. + (containsCertificate): Added logging. + (getCertificate): Likewise. + (putCertificate): Likewsie. + (load): Likewise. + (store): Likewise. + * gnu/javax/crypto/keyring/GnuPrivateKeyring.java (log): New field. + (containsPrivateKey): Added logging. + (getPrivateKey): Likewise. + (putPrivateKey): Likewise. + (containsPublicKey): Likewise. + (getPublicKey): Likewise. + (putPublicKey): Likewise. + (containsCertPath): Likewise. + (getCertPath): Likewise. + (putCertPath): Likewise. + (load): Likewise. + (store): Likewise. + 2006-05-03 Roman Kennke <kennke@aicas.com> * gnu/java/awt/java2d/AlphaCompositeContext.java: New class. diff --git a/gnu/javax/crypto/jce/keyring/GnuKeyring.java b/gnu/javax/crypto/jce/keyring/GnuKeyring.java index d74d386b4..d2501f893 100644 --- a/gnu/javax/crypto/jce/keyring/GnuKeyring.java +++ b/gnu/javax/crypto/jce/keyring/GnuKeyring.java @@ -1,4 +1,4 @@ -/* GnuKeyring.java -- +/* GnuKeyring.java -- KeyStore adapter for a pair of private and public Keyrings Copyright (C) 2003, 2006 Free Software Foundation, Inc. This file is a part of GNU Classpath. @@ -38,376 +38,412 @@ exception statement from your version. */ package gnu.javax.crypto.jce.keyring; +import gnu.java.security.Registry; +import gnu.javax.crypto.keyring.GnuPrivateKeyring; +import gnu.javax.crypto.keyring.GnuPublicKeyring; +import gnu.javax.crypto.keyring.IKeyring; +import gnu.javax.crypto.keyring.IPrivateKeyring; +import gnu.javax.crypto.keyring.IPublicKeyring; +import gnu.javax.crypto.keyring.MalformedKeyringException; +import gnu.javax.crypto.keyring.PrimitiveEntry; + import java.io.BufferedInputStream; -import java.io.InputStream; import java.io.IOException; +import java.io.InputStream; import java.io.OutputStream; - import java.security.Key; -import java.security.KeyStoreSpi; import java.security.KeyStoreException; +import java.security.KeyStoreSpi; import java.security.PrivateKey; import java.security.PublicKey; import java.security.UnrecoverableKeyException; import java.security.cert.Certificate; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; - -import java.util.Arrays; +import java.util.Collections; import java.util.Date; import java.util.Enumeration; import java.util.HashMap; +import java.util.HashSet; import java.util.Iterator; -import java.util.List; -import java.util.NoSuchElementException; +import java.util.Set; +import java.util.logging.Logger; import javax.crypto.SecretKey; -import gnu.java.security.Registry; -import gnu.javax.crypto.keyring.IKeyring; -import gnu.javax.crypto.keyring.IPrivateKeyring; -import gnu.javax.crypto.keyring.IPublicKeyring; -import gnu.javax.crypto.keyring.GnuPrivateKeyring; -import gnu.javax.crypto.keyring.GnuPublicKeyring; -import gnu.javax.crypto.keyring.MalformedKeyringException; -import gnu.javax.crypto.keyring.PrimitiveEntry; - -public class GnuKeyring extends KeyStoreSpi +/** + * An <i>Adapter</i> over a pair of one private, and one public keyrings to + * emulate the keystore operations. + */ +public class GnuKeyring + extends KeyStoreSpi { + private static final Logger log = Logger.getLogger(GnuKeyring.class.getName()); + private static final String NOT_LOADED = "not loaded"; - // Constants and fields. - // ------------------------------------------------------------------------ - + /** TRUE if the keystore is loaded; FALSE otherwise. */ private boolean loaded; + /** our underlying private keyring. */ + private IPrivateKeyring privateKR; + /** our underlying public keyring. */ + private IPublicKeyring publicKR; - private IKeyring keyring; - - // Constructor. - // ------------------------------------------------------------------------ - - public GnuKeyring() - { - } - - // Instance methods. - // ------------------------------------------------------------------------ + // default 0-arguments constructor public Enumeration engineAliases() { - if (!loaded) - { - throw new IllegalStateException ("not loaded"); - } - if (keyring == null) - { - return new Enumeration() + ensureLoaded(); + Enumeration result; + if (privateKR == null) + result = Collections.enumeration(Collections.EMPTY_SET); + else { - public boolean hasMoreElements() - { - return false; - } - - public Object nextElement() - { - throw new NoSuchElementException(); - } - }; - } - return keyring.aliases(); + Set aliases = new HashSet(); + for (Enumeration e = privateKR.aliases(); e.hasMoreElements();) + { + String alias = (String) e.nextElement(); + if (alias != null) + aliases.add(alias); + } + + for (Enumeration e = publicKR.aliases(); e.hasMoreElements();) + { + String alias = (String) e.nextElement(); + if (alias != null) + aliases.add(alias); + } + + result = Collections.enumeration(aliases); + } + + return result; } public boolean engineContainsAlias(String alias) { - if (!loaded) - { - throw new IllegalStateException ("not loaded"); - } - if (keyring == null) - { - return false; - } - return keyring.containsAlias(alias); + log.entering(this.getClass().getName(), "engineContainsAlias", alias); + + ensureLoaded(); + boolean inPrivateKR = privateKR.containsAlias(alias); + log.finest("inPrivateKR=" + inPrivateKR); + boolean inPublicKR = publicKR.containsAlias(alias); + log.finest("inPublicKR=" + inPublicKR); + boolean result = inPrivateKR || inPublicKR; + + log.exiting(this.getClass().getName(), "engineContainsAlias", + Boolean.valueOf(result)); + return result; } public void engineDeleteEntry(String alias) { - if (!loaded) - { - throw new IllegalStateException ("not loaded"); - } - if (keyring != null) - { - keyring.remove(alias); - } + log.entering(this.getClass().getName(), "engineDeleteEntry", alias); + + ensureLoaded(); + if (privateKR.containsAlias(alias)) + privateKR.remove(alias); + else if (publicKR.containsAlias(alias)) + publicKR.remove(alias); + else + log.finer("Unknwon alias: " + alias); + + log.exiting(this.getClass().getName(), "engineDeleteEntry"); } public Certificate engineGetCertificate(String alias) { - if (!loaded) - { - throw new IllegalStateException ("not loaded"); - } - if (keyring == null) - { - return null; - } - if (!(keyring instanceof IPublicKeyring)) - { - throw new IllegalStateException("not a public keyring"); - } - return ((IPublicKeyring) keyring).getCertificate(alias); + log.entering(this.getClass().getName(), "engineGetCertificate", alias); + + ensureLoaded(); + Certificate result = publicKR.getCertificate(alias); + + log.exiting(this.getClass().getName(), "engineGetCertificate", result); + return result; } public String engineGetCertificateAlias(Certificate cert) { - if (!loaded) - { - throw new IllegalStateException ("not loaded"); - } - if (keyring == null) - { - return null; - } - if (!(keyring instanceof IPublicKeyring)) - { - throw new IllegalStateException("not a public keyring"); - } - Enumeration aliases = keyring.aliases(); - while (aliases.hasMoreElements()) + log.entering(this.getClass().getName(), "engineGetCertificateAlias", cert); + + ensureLoaded(); + String result = null; + for (Enumeration aliases = publicKR.aliases(); aliases.hasMoreElements();) { String alias = (String) aliases.nextElement(); - Certificate cert2 = ((IPublicKeyring) keyring).getCertificate(alias); + Certificate cert2 = publicKR.getCertificate(alias); if (cert.equals(cert2)) { - return alias; + result = alias; + break; } } - return null; + + log.exiting(this.getClass().getName(), "engineGetCertificateAlias", result); + return result; } public void engineSetCertificateEntry(String alias, Certificate cert) { - if (!loaded) - { - throw new IllegalStateException ("not loaded"); - } - if (keyring == null) - { - keyring = new GnuPublicKeyring("HMAC-SHA-1", 20); - } - if (!(keyring instanceof IPublicKeyring)) - { - throw new IllegalStateException("not a public keyring"); - } - ((IPublicKeyring) keyring).putCertificate(alias, cert); + log.entering(this.getClass().getName(), "engineSetCertificateEntry", + new Object[] { alias, cert }); + + ensureLoaded(); + publicKR.putCertificate(alias, cert); + + log.exiting(this.getClass().getName(), "engineSetCertificateEntry"); } public Certificate[] engineGetCertificateChain(String alias) { - if (!loaded) - { - throw new IllegalStateException ("not loaded"); - } - if (keyring == null) - { - return null; - } - if (!(keyring instanceof IPrivateKeyring)) - { - throw new IllegalStateException("not a private keyring"); - } - return ((IPrivateKeyring) keyring).getCertPath(alias); + log.entering(this.getClass().getName(), "engineGetCertificateChain", alias); + + ensureLoaded(); + Certificate[] result = privateKR.getCertPath(alias); + + log.exiting(this.getClass().getName(), "engineGetCertificateChain", result); + return result; } public Date engineGetCreationDate(String alias) { - if (!loaded) - { - throw new IllegalStateException ("not loaded"); - } - if (keyring == null) - { - return null; - } - List entries = keyring.get(alias); - if (entries.size() == 0) - { - return null; - } - for (Iterator it = entries.iterator(); it.hasNext();) - { - Object o = it.next(); - if (o instanceof PrimitiveEntry) - { - return ((PrimitiveEntry) o).getCreationDate(); - } - } - return null; + log.entering(this.getClass().getName(), "engineGetCreationDate", alias); + + ensureLoaded(); + Date result = getCreationDate(alias, privateKR); + if (result == null) + result = getCreationDate(alias, publicKR); + + log.exiting(this.getClass().getName(), "engineGetCreationDate", result); + return result; } public Key engineGetKey(String alias, char[] password) throws UnrecoverableKeyException { - if (!loaded) - { - throw new IllegalStateException ("not loaded"); - } - if (keyring == null) - { - return null; - } - if (!(keyring instanceof IPrivateKeyring)) - { - throw new IllegalStateException("not a private keyring"); - } + log.entering(this.getClass().getName(), "engineGetKey", + String.valueOf(password)); + + ensureLoaded(); + Key result = null; if (password == null) { - if (((IPrivateKeyring) keyring).containsPublicKey(alias)) - { - return ((IPrivateKeyring) keyring).getPublicKey(alias); - } - } - if (((IPrivateKeyring) keyring).containsPrivateKey(alias)) - { - return ((IPrivateKeyring) keyring).getPrivateKey(alias, password); + if (privateKR.containsPublicKey(alias)) + result = privateKR.getPublicKey(alias); } - return null; + else if (privateKR.containsPrivateKey(alias)) + result = privateKR.getPrivateKey(alias, password); + + log.exiting(this.getClass().getName(), "engineGetKey", result); + return result; } public void engineSetKeyEntry(String alias, Key key, char[] password, - Certificate[] chain) throws KeyStoreException + Certificate[] chain) + throws KeyStoreException { - if (!loaded) - { - throw new IllegalStateException ("not loaded"); - } - if (keyring == null) - { - keyring = new GnuPrivateKeyring("HMAC-SHA-1", 20, "AES", "OFB", 16); - } - if (!(keyring instanceof IPrivateKeyring)) - { - throw new IllegalStateException("not a private keyring"); - } + log.entering(this.getClass().getName(), "engineSetKeyEntry", + new Object[] { alias, key, password, chain }); + ensureLoaded(); if (key instanceof PublicKey) + privateKR.putPublicKey(alias, (PublicKey) key); + else { - ((IPrivateKeyring) keyring).putPublicKey(alias, (PublicKey) key); - return; + if (! (key instanceof PrivateKey) && ! (key instanceof SecretKey)) + throw new KeyStoreException("cannot store keys of type " + + key.getClass().getName()); + privateKR.putCertPath(alias, chain); + log.finest("About to put private key in keyring..."); + privateKR.putPrivateKey(alias, key, password); } - if (!(key instanceof PrivateKey) && !(key instanceof SecretKey)) - { - throw new KeyStoreException("cannot store keys of type " - + key.getClass().getName()); - } - try - { - CertificateFactory fact = CertificateFactory.getInstance("X.509"); - ((IPrivateKeyring) keyring).putCertPath(alias, chain); - } - catch (CertificateException ce) - { - throw new KeyStoreException(ce.toString()); - } - ((IPrivateKeyring) keyring).putPrivateKey(alias, key, password); + + log.exiting(this.getClass().getName(), "engineSetKeyEntry"); } public void engineSetKeyEntry(String alias, byte[] key, Certificate[] chain) throws KeyStoreException { - throw new KeyStoreException("method not supported"); + KeyStoreException x = new KeyStoreException("method not supported"); + log.throwing(this.getClass().getName(), "engineSetKeyEntry(3)", x); + throw x; } public boolean engineIsCertificateEntry(String alias) { - if (!loaded) - { - throw new IllegalStateException ("not loaded"); - } - if (keyring == null) - { - return false; - } - if (!(keyring instanceof IPublicKeyring)) - { - return false; - } - return ((IPublicKeyring) keyring).containsCertificate(alias); + log.entering(this.getClass().getName(), "engineIsCertificateEntry", alias); + + ensureLoaded(); + boolean result = publicKR.containsCertificate(alias); + + log.exiting(this.getClass().getName(), "engineIsCertificateEntry", + Boolean.valueOf(result)); + return result; } public boolean engineIsKeyEntry(String alias) { - if (!loaded) - { - throw new IllegalStateException ("not loaded"); - } - if (keyring == null) - { - return false; - } - if (!(keyring instanceof IPrivateKeyring)) - { - return false; - } - return ((IPrivateKeyring) keyring).containsPublicKey(alias) - || ((IPrivateKeyring) keyring).containsPrivateKey(alias); + log.entering(this.getClass().getName(), "engineIsKeyEntry", alias); + + ensureLoaded(); + boolean result = privateKR.containsPublicKey(alias) + || privateKR.containsPrivateKey(alias); + + log.exiting(this.getClass().getName(), "engineIsKeyEntry", + Boolean.valueOf(result)); + return result; } public void engineLoad(InputStream in, char[] password) throws IOException { + log.entering(this.getClass().getName(), "engineLoad", String.valueOf(password)); if (in != null) { - if (!in.markSupported()) - { - in = new BufferedInputStream(in); - } - in.mark(5); - for (int i = 0; i < 4; i++) - if (in.read() != Registry.GKR_MAGIC[i]) - throw new MalformedKeyringException("incorrect magic"); - int usage = in.read(); - in.reset(); - HashMap attr = new HashMap(); - attr.put(IKeyring.KEYRING_DATA_IN, in); - attr.put(IKeyring.KEYRING_PASSWORD, password); - switch (usage) - { - case GnuPublicKeyring.USAGE: - keyring = new GnuPublicKeyring(); - break; - case GnuPrivateKeyring.USAGE: - keyring = new GnuPrivateKeyring(); - break; - default: - throw new MalformedKeyringException("unsupported ring usage: " - + Integer.toBinaryString(usage)); - } - keyring.load(attr); + if (! in.markSupported()) + in = new BufferedInputStream(in); + + loadPrivateKeyring(in, password); + loadPublicKeyring(in, password); } + else + createNewKeyrings(); + loaded = true; + + log.exiting(this.getClass().getName(), "engineLoad"); } public void engineStore(OutputStream out, char[] password) throws IOException { - if (!loaded || keyring == null) - { - throw new IllegalStateException ("not loaded"); - } + log.entering(this.getClass().getName(), "engineStore", String.valueOf(password)); + + ensureLoaded(); HashMap attr = new HashMap(); attr.put(IKeyring.KEYRING_DATA_OUT, out); attr.put(IKeyring.KEYRING_PASSWORD, password); - keyring.store(attr); + + privateKR.store(attr); + publicKR.store(attr); + + log.exiting(this.getClass().getName(), "engineStore"); } public int engineSize() { - if (!loaded) - { - throw new IllegalStateException ("not loaded"); - } - if (keyring == null) - { - return 0; - } - return keyring.size(); + ensureLoaded(); + return privateKR.size() + publicKR.size(); + } + + /** + * Ensure that the underlying keyring pair is loaded. Throw an exception if it + * isn't; otherwise returns silently. + * + * @throws IllegalStateException if the keyring is not loaded. + */ + private void ensureLoaded() + { + if (! loaded) + throw new IllegalStateException(NOT_LOADED); + } + + /** + * Load the private keyring from the designated input stream. + * + * @param in the input stream to process. + * @param password the password protecting the keyring. + * @throws MalformedKeyringException if the keyring is not a private one. + * @throws IOException if an I/O related exception occurs during the process. + */ + private void loadPrivateKeyring(InputStream in, char[] password) + throws MalformedKeyringException, IOException + { + log.entering(this.getClass().getName(), "loadPrivateKeyring"); + + in.mark(5); + for (int i = 0; i < 4; i++) + if (in.read() != Registry.GKR_MAGIC[i]) + throw new MalformedKeyringException("incorrect magic"); + + int usage = in.read(); + in.reset(); + if (usage != GnuPrivateKeyring.USAGE) + throw new MalformedKeyringException("Was expecting a private keyring but got a wrong USAGE: " + + Integer.toBinaryString(usage)); + HashMap attr = new HashMap(); + attr.put(IKeyring.KEYRING_DATA_IN, in); + attr.put(IKeyring.KEYRING_PASSWORD, password); + privateKR = new GnuPrivateKeyring(); + privateKR.load(attr); + + log.exiting(this.getClass().getName(), "loadPrivateKeyring"); + } + + /** + * Load the public keyring from the designated input stream. + * + * @param in the input stream to process. + * @param password the password protecting the keyring. + * @throws MalformedKeyringException if the keyring is not a public one. + * @throws IOException if an I/O related exception occurs during the process. + */ + private void loadPublicKeyring(InputStream in, char[] password) + throws MalformedKeyringException, IOException + { + log.entering(this.getClass().getName(), "loadPublicKeyring"); + + in.mark(5); + for (int i = 0; i < 4; i++) + if (in.read() != Registry.GKR_MAGIC[i]) + throw new MalformedKeyringException("incorrect magic"); + + int usage = in.read(); + in.reset(); + if (usage != GnuPublicKeyring.USAGE) + throw new MalformedKeyringException("Was expecting a public keyring but got a wrong USAGE: " + + Integer.toBinaryString(usage)); + HashMap attr = new HashMap(); + attr.put(IKeyring.KEYRING_DATA_IN, in); + attr.put(IKeyring.KEYRING_PASSWORD, password); + publicKR = new GnuPublicKeyring(); + publicKR.load(attr); + + log.exiting(this.getClass().getName(), "loadPublicKeyring"); + } + + /** + * Return the creation date of a named alias in a designated keyring. + * + * @param alias the alias to look for. + * @param keyring the keyring to search. + * @return the creattion date of the entry named <code>alias</code>. Return + * <code>null</code> if <code>alias</code> was not found in + * <code>keyring</code>. + */ + private Date getCreationDate(String alias, IKeyring keyring) + { + log.entering(this.getClass().getName(), "getCreationDate", + new Object[] { alias, keyring }); + + Date result = null; + if (keyring != null) + for (Iterator it = keyring.get(alias).iterator(); it.hasNext();) + { + Object o = it.next(); + if (o instanceof PrimitiveEntry) + { + result = ((PrimitiveEntry) o).getCreationDate(); + break; + } + } + + log.exiting(this.getClass().getName(), "getCreationDate", result); + return result; + } + + /** Create empty keyrings. */ + private void createNewKeyrings() + { + log.entering(this.getClass().getName(), "createNewKeyrings"); + + privateKR = new GnuPrivateKeyring("HMAC-SHA-1", 20, "AES", "OFB", 16); + publicKR = new GnuPublicKeyring("HMAC-SHA-1", 20); + + log.exiting(this.getClass().getName(), "createNewKeyrings"); } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/keyring/GnuPrivateKeyring.java b/gnu/javax/crypto/keyring/GnuPrivateKeyring.java index d49bd0963..c1fe30e67 100644 --- a/gnu/javax/crypto/keyring/GnuPrivateKeyring.java +++ b/gnu/javax/crypto/keyring/GnuPrivateKeyring.java @@ -42,8 +42,8 @@ import gnu.java.security.Registry; import java.io.DataInputStream; import java.io.DataOutputStream; -import java.io.InputStream; import java.io.IOException; +import java.io.InputStream; import java.io.OutputStream; import java.security.Key; import java.security.PublicKey; @@ -51,17 +51,18 @@ import java.security.UnrecoverableKeyException; import java.security.cert.Certificate; import java.util.Date; import java.util.Iterator; -import java.util.List; +import java.util.logging.Level; +import java.util.logging.Logger; /** * <p>.</p> */ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring { - // Constants and variables // ------------------------------------------------------------------------- + private static final Logger log = Logger.getLogger(GnuPrivateKeyring.class.getName()); public static final int USAGE = Registry.GKR_PRIVATE_KEYS | Registry.GKR_PUBLIC_CREDENTIALS; @@ -104,225 +105,277 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring public boolean containsPrivateKey(String alias) { - if (!containsAlias(alias)) - { - return false; - } - List l = get(alias); - for (Iterator it = l.iterator(); it.hasNext();) - { + log.entering(this.getClass().getName(), "containsPrivateKey", alias); + + boolean result = false; + if (containsAlias(alias)) + for (Iterator it = get(alias).iterator(); it.hasNext();) if (it.next() instanceof PasswordAuthenticatedEntry) { - return true; + result = true; + break; } - } - return false; + + log.exiting(this.getClass().getName(), "containsPrivateKey", + Boolean.valueOf(result)); + return result; } public Key getPrivateKey(String alias, char[] password) throws UnrecoverableKeyException { - if (!containsAlias(alias)) - { - return null; - } - List l = get(alias); - PasswordAuthenticatedEntry e1 = null; - PasswordEncryptedEntry e2 = null; - for (Iterator it = l.iterator(); it.hasNext();) - { - Entry e = (Entry) it.next(); - if (e instanceof PasswordAuthenticatedEntry) - { - e1 = (PasswordAuthenticatedEntry) e; - break; - } - } - if (e1 == null) - { - return null; - } - try - { - e1.verify(password); - } - catch (Exception e) - { - throw new UnrecoverableKeyException("authentication failed"); - } - for (Iterator it = e1.getEntries().iterator(); it.hasNext();) + log.entering(this.getClass().getName(), "getPrivateKey", + new Object[] { alias, String.valueOf(password) }); + + Key result = null; + if (containsAlias(alias)) { - Entry e = (Entry) it.next(); - if (e instanceof PasswordEncryptedEntry) + PasswordAuthenticatedEntry e1 = null; + PasswordEncryptedEntry e2 = null; + for (Iterator it = get(alias).iterator(); it.hasNext();) { - e2 = (PasswordEncryptedEntry) e; - break; + Entry e = (Entry) it.next(); + if (e instanceof PasswordAuthenticatedEntry) + { + e1 = (PasswordAuthenticatedEntry) e; + break; + } } - } - if (e2 == null) - { - return null; - } - try - { - e2.decrypt(password); - } - catch (Exception e) - { - throw new UnrecoverableKeyException("decryption failed"); - } - for (Iterator it = e2.get(alias).iterator(); it.hasNext();) - { - Entry e = (Entry) it.next(); - if (e instanceof PrivateKeyEntry) + + if (e1 != null) { - return ((PrivateKeyEntry) e).getKey(); + try + { + e1.verify(password); + } + catch (Exception e) + { + throw new UnrecoverableKeyException("authentication failed"); + } + + for (Iterator it = e1.getEntries().iterator(); it.hasNext();) + { + Entry e = (Entry) it.next(); + if (e instanceof PasswordEncryptedEntry) + { + e2 = (PasswordEncryptedEntry) e; + break; + } + } + + if (e2 != null) + { + try + { + e2.decrypt(password); + } + catch (Exception e) + { + throw new UnrecoverableKeyException("decryption failed"); + } + + for (Iterator it = e2.get(alias).iterator(); it.hasNext();) + { + Entry e = (Entry) it.next(); + if (e instanceof PrivateKeyEntry) + { + result = ((PrivateKeyEntry) e).getKey(); + break; + } + } + } } } - return null; + + log.exiting(this.getClass().getName(), "getPrivateKey", result); + return result; } public void putPrivateKey(String alias, Key key, char[] password) { - if (containsPrivateKey(alias)) - { - return; - } - alias = fixAlias(alias); - Properties p = new Properties(); - p.put("alias", alias); - PrivateKeyEntry pke = new PrivateKeyEntry(key, new Date(), p); - PasswordEncryptedEntry enc = new PasswordEncryptedEntry(cipher, mode, - keylen, - new Properties()); - PasswordAuthenticatedEntry auth = new PasswordAuthenticatedEntry( - mac, - maclen, - new Properties()); - enc.add(pke); - auth.add(enc); - try - { - enc.encode(null, password); - auth.encode(null, password); - } - catch (IOException ioe) + log.entering(this.getClass().getName(), "putPrivateKey", + new Object[] { alias, key, String.valueOf(password) }); + + if (! containsPrivateKey(alias)) { - throw new IllegalArgumentException(ioe.toString()); + alias = fixAlias(alias); + Properties p = new Properties(); + p.put("alias", alias); + PrivateKeyEntry pke = new PrivateKeyEntry(key, new Date(), p); + PasswordEncryptedEntry enc; + enc = new PasswordEncryptedEntry(cipher, mode, keylen, new Properties()); + enc.add(pke); + + PasswordAuthenticatedEntry auth; + auth = new PasswordAuthenticatedEntry(mac, maclen, new Properties()); + auth.add(enc); + + log.finest("About to encrypt the key..."); + try + { + enc.encode(null, password); + } + catch (IOException x) + { + log.log(Level.FINER, "Exception while encrypting the key. " + + "Rethrow as IllegalArgumentException", x); + throw new IllegalArgumentException(x.toString()); + } + + log.finest("About to authenticate the encrypted key..."); + try + { + auth.encode(null, password); + } + catch (IOException x) + { + log.log(Level.FINER, "Exception while authenticating the encrypted " + + "key. Rethrow as IllegalArgumentException", x); + throw new IllegalArgumentException(x.toString()); + } + + keyring.add(auth); } - keyring.add(auth); + else + log.finer("Keyring already contains alias: " + alias); + + log.exiting(this.getClass().getName(), "putPrivateKey"); } public boolean containsPublicKey(String alias) { - if (!containsAlias(alias)) - { - return false; - } - List l = get(alias); - for (Iterator it = l.iterator(); it.hasNext();) - { + log.entering(this.getClass().getName(), "containsPublicKey", alias); + + boolean result = false; + if (containsAlias(alias)) + for (Iterator it = get(alias).iterator(); it.hasNext();) if (it.next() instanceof PublicKeyEntry) { - return true; + result = true; + break; } - } - return false; + + log.exiting(this.getClass().getName(), "containsPublicKey", + Boolean.valueOf(result)); + return result; } public PublicKey getPublicKey(String alias) { - if (!containsAlias(alias)) - { - return null; - } - List l = get(alias); - for (Iterator it = l.iterator(); it.hasNext();) - { - Entry e = (Entry) it.next(); - if (e instanceof PublicKeyEntry) - { - return ((PublicKeyEntry) e).getKey(); - } - } - return null; + log.entering(this.getClass().getName(), "getPublicKey", alias); + + PublicKey result = null; + if (containsAlias(alias)) + for (Iterator it = get(alias).iterator(); it.hasNext();) + { + Entry e = (Entry) it.next(); + if (e instanceof PublicKeyEntry) + { + result = ((PublicKeyEntry) e).getKey(); + break; + } + } + + log.exiting(this.getClass().getName(), "getPublicKey", result); + return result; } public void putPublicKey(String alias, PublicKey key) { - if (containsPublicKey(alias)) + log.entering(this.getClass().getName(), "putPublicKey", + new Object[] { alias, key }); + + if (! containsPublicKey(alias)) { - return; + Properties p = new Properties(); + p.put("alias", fixAlias(alias)); + add(new PublicKeyEntry(key, new Date(), p)); } - Properties p = new Properties(); - p.put("alias", fixAlias(alias)); - add(new PublicKeyEntry(key, new Date(), p)); + else + log.finer("Keyring already contains alias: " + alias); + + log.exiting(this.getClass().getName(), "putPublicKey"); } public boolean containsCertPath(String alias) { - if (!containsAlias(alias)) - { - return false; - } - List l = get(alias); - for (Iterator it = l.iterator(); it.hasNext();) - { + log.entering(this.getClass().getName(), "containsCertPath", alias); + + boolean result = false; + if (containsAlias(alias)) + for (Iterator it = get(alias).iterator(); it.hasNext();) if (it.next() instanceof CertPathEntry) { - return true; + result = true; + break; } - } - return false; + + log.exiting(this.getClass().getName(), "containsCertPath", + Boolean.valueOf(result)); + return result; } public Certificate[] getCertPath(String alias) { - if (!containsAlias(alias)) - { - return null; - } - List l = get(alias); - for (Iterator it = l.iterator(); it.hasNext();) - { - Entry e = (Entry) it.next(); - if (e instanceof CertPathEntry) - { - return ((CertPathEntry) e).getCertPath(); - } - } - return null; + log.entering(this.getClass().getName(), "getCertPath", alias); + + Certificate[] result = null; + if (containsAlias(alias)) + for (Iterator it = get(alias).iterator(); it.hasNext();) + { + Entry e = (Entry) it.next(); + if (e instanceof CertPathEntry) + { + result = ((CertPathEntry) e).getCertPath(); + break; + } + } + + log.exiting(this.getClass().getName(), "getCertPath", result); + return result; } public void putCertPath(String alias, Certificate[] path) { - if (containsCertPath(alias)) + log.entering(this.getClass().getName(), "putCertPath", + new Object[] { alias, path }); + + if (! containsCertPath(alias)) { - return; + Properties p = new Properties(); + p.put("alias", fixAlias(alias)); + add(new CertPathEntry(path, new Date(), p)); } - Properties p = new Properties(); - p.put("alias", fixAlias(alias)); - add(new CertPathEntry(path, new Date(), p)); + else + log.finer("Keyring already contains alias: " + alias); + + log.exiting(this.getClass().getName(), "putCertPath"); } protected void load(InputStream in, char[] password) throws IOException { + log.entering(this.getClass().getName(), "load", + new Object[] { in, String.valueOf(password) }); + if (in.read() != USAGE) - { - throw new MalformedKeyringException("incompatible keyring usage"); - } + throw new MalformedKeyringException("incompatible keyring usage"); + if (in.read() != PasswordAuthenticatedEntry.TYPE) - { - throw new MalformedKeyringException( - "expecting password-authenticated entry tag"); - } - keyring = PasswordAuthenticatedEntry.decode(new DataInputStream(in), - password); + throw new MalformedKeyringException("expecting password-authenticated entry tag"); + + keyring = PasswordAuthenticatedEntry.decode(new DataInputStream(in), password); + + log.exiting(this.getClass().getName(), "load"); } protected void store(OutputStream out, char[] password) throws IOException { + log.entering(this.getClass().getName(), "store", + new Object[] { out, String.valueOf(password) }); + out.write(USAGE); keyring.encode(new DataOutputStream(out), password); + + log.exiting(this.getClass().getName(), "store"); } } diff --git a/gnu/javax/crypto/keyring/GnuPublicKeyring.java b/gnu/javax/crypto/keyring/GnuPublicKeyring.java index 318eb036f..490eb4458 100644 --- a/gnu/javax/crypto/keyring/GnuPublicKeyring.java +++ b/gnu/javax/crypto/keyring/GnuPublicKeyring.java @@ -38,26 +38,24 @@ exception statement from your version. */ package gnu.javax.crypto.keyring; +import gnu.java.security.Registry; + import java.io.DataInputStream; import java.io.DataOutputStream; -import java.io.InputStream; import java.io.IOException; +import java.io.InputStream; import java.io.OutputStream; - +import java.security.cert.Certificate; import java.util.Date; import java.util.Iterator; -import java.util.List; - -import java.security.cert.Certificate; - -import gnu.java.security.Registry; +import java.util.logging.Logger; public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring { - // Fields. // ------------------------------------------------------------------------ + private static final Logger log = Logger.getLogger(GnuPublicKeyring.class.getName()); public static final int USAGE = Registry.GKR_CERTIFICATES; // Constructors. @@ -79,68 +77,84 @@ public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring public boolean containsCertificate(String alias) { - if (!containsAlias(alias)) - { - return false; - } - List l = get(alias); - for (Iterator it = l.iterator(); it.hasNext();) - { + log.entering(this.getClass().getName(), "containsCertificate", alias); + + boolean result = false; + if (containsAlias(alias)) + for (Iterator it = get(alias).iterator(); it.hasNext();) if (it.next() instanceof CertificateEntry) { - return true; + result = true; + break; } - } - return false; + + log.exiting(this.getClass().getName(), "containsCertificate", + Boolean.valueOf(result)); + return result; } public Certificate getCertificate(String alias) { - if (!containsAlias(alias)) - { - return null; - } - List l = get(alias); - for (Iterator it = l.iterator(); it.hasNext();) - { - Entry e = (Entry) it.next(); - if (e instanceof CertificateEntry) - { - return ((CertificateEntry) e).getCertificate(); - } - } - return null; + log.entering(this.getClass().getName(), "getCertificate", alias); + + Certificate result = null; + if (containsAlias(alias)) + for (Iterator it = get(alias).iterator(); it.hasNext();) + { + Entry e = (Entry) it.next(); + if (e instanceof CertificateEntry) + { + result = ((CertificateEntry) e).getCertificate(); + break; + } + } + + log.exiting(this.getClass().getName(), "getCertificate", result); + return result; } public void putCertificate(String alias, Certificate cert) { - if (containsCertificate(alias)) + log.entering(this.getClass().getName(), "putCertificate", + new Object[] { alias, cert }); + + if (! containsCertificate(alias)) { - return; + Properties p = new Properties(); + p.put("alias", fixAlias(alias)); + add(new CertificateEntry(cert, new Date(), p)); } - Properties p = new Properties(); - p.put("alias", fixAlias(alias)); - add(new CertificateEntry(cert, new Date(), p)); + else + log.finer("Keyring already contains alias: " + alias); + + log.exiting(this.getClass().getName(), "putCertificate"); } protected void load(InputStream in, char[] password) throws IOException { + log.entering(this.getClass().getName(), "load", + new Object[] { in, String.valueOf(password) }); + if (in.read() != USAGE) - { - throw new MalformedKeyringException("incompatible keyring usage"); - } + throw new MalformedKeyringException("incompatible keyring usage"); + if (in.read() != PasswordAuthenticatedEntry.TYPE) - { - throw new MalformedKeyringException( - "expecting password-authenticated entry tag"); - } - keyring = PasswordAuthenticatedEntry.decode(new DataInputStream(in), - password); + throw new MalformedKeyringException("expecting password-authenticated entry tag"); + + DataInputStream dis = new DataInputStream(in); + keyring = PasswordAuthenticatedEntry.decode(dis, password); + + log.exiting(this.getClass().getName(), "load"); } protected void store(OutputStream out, char[] password) throws IOException { + log.entering(this.getClass().getName(), "store", + new Object[] { out, String.valueOf(password) }); + out.write(USAGE); keyring.encode(new DataOutputStream(out), password); + + log.exiting(this.getClass().getName(), "store"); } } |