private static boolean matches(TokenEntry entry, Term term) throws QueryException { final boolean result; final Object actualValue; switch (TokenEntryFields.valueOf(term.getName())) { case alias: { actualValue = entry.getAlias(); break; } default: { throw new QueryException( "Unsupported token entry field in query terms: " + term.getName()); } } switch (term.getOperator()) { case EQ: { result = term.getValue().equals(actualValue); break; } case NEQ: { result = !term.getValue().equals(actualValue); break; } case NULL: { result = term.getValue() == null; break; } case NOTNULL: { result = term.getValue() != null; break; } case LIKE: { if (term.getValue() instanceof String && actualValue != null) { final String value = (String) term.getValue(); // TODO: At the moment we only support '%' and only in beginning and/or end of value final boolean wildcardInBeginning = value.startsWith("%"); final boolean wildcardAtEnd = value.endsWith("%"); if (!wildcardInBeginning && !wildcardAtEnd) { result = value.equals(actualValue); } else { final String content = value.substring( wildcardInBeginning ? 1 : 0, wildcardAtEnd ? value.length() - 1 : value.length()); if (wildcardInBeginning && wildcardAtEnd) { result = actualValue.toString().contains(content); } else if (wildcardInBeginning) { result = actualValue.toString().endsWith(content); } else { result = actualValue.toString().startsWith(content); } } } else { result = false; } break; } default: { throw new QueryException( "Operator not yet supported in query terms: " + term.getOperator().name()); } } return result; }
public static TokenSearchResults searchTokenEntries( final KeyStore keyStore, final int startIndex, final int max, final QueryCriteria qc, final boolean includeData) throws CryptoTokenOfflineException, QueryException { final TokenSearchResults result; try { final ArrayList<TokenEntry> tokenEntries = new ArrayList<TokenEntry>(); final Enumeration<String> e = keyStore .aliases(); // We assume the order is the same for every call unless entries has been // added or removed final long maxIndex = (long) startIndex + max; for (int i = 0; i < maxIndex && e.hasMoreElements(); ) { final String keyAlias = e.nextElement(); final String type; if (keyStore.entryInstanceOf(keyAlias, KeyStore.PrivateKeyEntry.class)) { type = TokenEntry.TYPE_PRIVATEKEY_ENTRY; } else if (keyStore.entryInstanceOf(keyAlias, KeyStore.SecretKeyEntry.class)) { type = TokenEntry.TYPE_SECRETKEY_ENTRY; } else if (keyStore.entryInstanceOf(keyAlias, KeyStore.TrustedCertificateEntry.class)) { type = TokenEntry.TYPE_TRUSTED_ENTRY; } else { type = null; } TokenEntry entry = new TokenEntry(keyAlias, type); if (shouldBeIncluded(entry, qc)) { if (i < startIndex) { i++; continue; } if (LOG.isDebugEnabled()) { LOG.debug("checking keyAlias: " + keyAlias); } // Add additional data if (includeData) { Map<String, String> info = new HashMap<String, String>(); try { Date creationDate = keyStore.getCreationDate(keyAlias); entry.setCreationDate(creationDate); } catch (ProviderException ex) { } // NOPMD: We ignore if it is not supported if (TokenEntry.TYPE_PRIVATEKEY_ENTRY.equals(type)) { final Certificate[] chain = keyStore.getCertificateChain(keyAlias); if (chain.length > 0) { info.put( INFO_KEY_ALGORITHM, AlgorithmTools.getKeyAlgorithm(chain[0].getPublicKey())); info.put( INFO_KEY_SPECIFICATION, AlgorithmTools.getKeySpecification(chain[0].getPublicKey())); } try { entry.setParsedChain(chain); } catch (CertificateEncodingException ex) { info.put("Error", ex.getMessage()); LOG.error("Certificate could not be encoded for alias: " + keyAlias, ex); } } else if (TokenEntry.TYPE_TRUSTED_ENTRY.equals(type)) { Certificate certificate = keyStore.getCertificate(keyAlias); try { entry.setParsedTrustedCertificate(certificate); } catch (CertificateEncodingException ex) { info.put("Error", ex.getMessage()); LOG.error("Certificate could not be encoded for alias: " + keyAlias, ex); } } else if (TokenEntry.TYPE_SECRETKEY_ENTRY.equals(type)) { try { KeyStore.Entry entry1 = keyStore.getEntry(keyAlias, null); SecretKey secretKey = ((KeyStore.SecretKeyEntry) entry1).getSecretKey(); info.put(INFO_KEY_ALGORITHM, secretKey.getAlgorithm()); // info.put(INFO_KEY_SPECIFICATION, // AlgorithmTools.getKeySpecification(chain[0].getPublicKey())); // TODO: Key // specification support for secret keys } catch (NoSuchAlgorithmException ex) { info.put("Error", ex.getMessage()); LOG.error("Unable to get secret key for alias: " + keyAlias, ex); } catch (UnrecoverableEntryException ex) { info.put("Error", ex.getMessage()); LOG.error("Unable to get secret key for alias: " + keyAlias, ex); } } entry.setInfo(info); } tokenEntries.add(entry); // Increase index i++; } } result = new TokenSearchResults(tokenEntries, e.hasMoreElements()); } catch (KeyStoreException ex) { throw new CryptoTokenOfflineException(ex); } return result; }