Пример #1
0
 /**
  * Returns an instance of a <code>KeyStore</code> representing the specified type, from the
  * specified provider.
  *
  * @param type the type of keystore to create.
  * @param provider the provider to use.
  * @return a <code>KeyStore</code> repesenting the desired type.
  * @throws KeyStoreException if the designated type is not implemented by the given provider.
  * @throws IllegalArgumentException if either <code>type</code> or <code>provider</code> is <code>
  *     null</code>, or if <code>type</code> is an empty string.
  * @since 1.4
  */
 public static KeyStore getInstance(String type, Provider provider) throws KeyStoreException {
   Throwable cause;
   try {
     Object spi = Engine.getInstance(KEY_STORE, type, provider);
     return new KeyStore((KeyStoreSpi) spi, provider, type);
   } catch (NoSuchAlgorithmException x) {
     cause = x;
   } catch (InvocationTargetException x) {
     cause = x.getCause() != null ? x.getCause() : x;
   } catch (ClassCastException x) {
     cause = x;
   }
   KeyStoreException x = new KeyStoreException(type);
   x.initCause(cause);
   throw x;
 }
Пример #2
0
  /**
   * Assigns the given key to the given alias, protecting it with the given password.
   *
   * <p>If the given key is of type <code>java.security.PrivateKey</code>, it must be accompanied by
   * a certificate chain certifying the corresponding public key.
   *
   * <p>If the given alias already exists, the keystore information associated with it is overridden
   * by the given key (and possibly certificate chain).
   *
   * @param alias the alias name
   * @param key the key to be associated with the alias
   * @param password the password to protect the key
   * @param chain the certificate chain for the corresponding public key (only required if the given
   *     key is of type <code>java.security.PrivateKey</code>).
   * @exception KeyStoreException if the given key cannot be protected, or this operation fails for
   *     some other reason
   */
  public void engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] chain)
      throws KeyStoreException {
    permissionCheck();

    synchronized (entries) {
      try {
        KeyEntry entry = new KeyEntry();
        entry.date = new Date();

        if (key instanceof PrivateKey) {
          if ((key.getFormat().equals("PKCS#8")) || (key.getFormat().equals("PKCS8"))) {
            entry.protectedPrivKey = encryptPrivateKey(key.getEncoded(), password);
            entry.password = password.clone();
          } else {
            throw new KeyStoreException("Private key is not encoded as PKCS#8");
          }
        } else {
          throw new KeyStoreException("Key is not a PrivateKey");
        }

        // clone the chain
        if (chain != null) {
          if ((chain.length > 1) && !validateChain(chain)) {
            throw new KeyStoreException("Certificate chain does not validate");
          }

          entry.chain = chain.clone();
          entry.chainRefs = new long[entry.chain.length];
        }

        String lowerAlias = alias.toLowerCase();
        if (entries.get(lowerAlias) != null) {
          deletedEntries.put(lowerAlias, entries.get(lowerAlias));
        }

        entries.put(lowerAlias, entry);
        addedEntries.put(lowerAlias, entry);
      } catch (Exception nsae) {
        KeyStoreException ke = new KeyStoreException("Key protection algorithm not found: " + nsae);
        ke.initCause(nsae);
        throw ke;
      }
    }
  }
  @Override
  public void contextInitialized(ServletContextEvent arg0) {
    final String S_ProcName = "contextInitialized";

    Properties props = System.getProperties();
    if (null == CFBamSchemaPool.getSchemaPool()) {
      try {
        Context ctx = new InitialContext();
        String poolClassName = (String) ctx.lookup("java:comp/env/CFBam24PoolClass");
        if ((poolClassName == null) || (poolClassName.length() <= 0)) {
          throw CFLib.getDefaultExceptionFactory()
              .newNullArgumentException(
                  getClass(), S_ProcName, 0, "JNDI lookup for CFBam24PoolClass");
        }

        Class poolClass = Class.forName(poolClassName);
        if (poolClass == null) {
          throw CFLib.getDefaultExceptionFactory()
              .newNullArgumentException(
                  getClass(),
                  S_ProcName,
                  0,
                  "CFBam24PoolClass \"" + poolClassName + "\" not found.");
        }

        Object obj = poolClass.newInstance();
        if (obj instanceof CFBamSchemaPool) {
          CFBamSchemaPool newPool = (CFBamSchemaPool) obj;
          newPool.setConfigurationFile(null);
          newPool.setJndiName("java:comp/env/CFBam24Connection");
          CFBamSchemaPool.setSchemaPool(newPool);
        } else {
          throw CFLib.getDefaultExceptionFactory()
              .newRuntimeException(
                  getClass(), S_ProcName, "Problems constructing an instance of " + poolClassName);
        }

        String smtpHost = (String) ctx.lookup("java:comp/env/CFBam24SmtpHost");
        if ((smtpHost == null) || (smtpHost.length() <= 0)) {
          throw CFLib.getDefaultExceptionFactory()
              .newNullArgumentException(
                  getClass(), S_ProcName, 0, "JNDI lookup for CFBam24SmtpHost");
        }
        props.setProperty("mail.smtp.host", smtpHost);

        String smtpStartTLS = (String) ctx.lookup("java:comp/env/CFBam24SmtpStartTLS");
        if ((smtpHost == null) || (smtpHost.length() <= 0)) {
          throw CFLib.getDefaultExceptionFactory()
              .newNullArgumentException(
                  getClass(), S_ProcName, 0, "JNDI lookup for CFBam24SmtpStartTLS");
        }
        props.setProperty("mail.smtp.starttls.enable", smtpStartTLS);

        String smtpSocketFactoryClass =
            (String) ctx.lookup("java:comp/env/CFBam24SmtpSocketFactoryClass");
        if ((smtpSocketFactoryClass == null) || (smtpSocketFactoryClass.length() <= 0)) {
          throw CFLib.getDefaultExceptionFactory()
              .newNullArgumentException(
                  getClass(), S_ProcName, 0, "JNDI lookup for CFBam24SmtpSocketFactoryClass");
        }
        props.setProperty("mail.smtp.socketFactory.class", smtpSocketFactoryClass);

        props.setProperty("mail.smtp.socketFactory.fallback", "false");

        String smtpPort = (String) ctx.lookup("java:comp/env/CFBam24SmtpPort");
        if ((smtpPort == null) || (smtpPort.length() <= 0)) {
          throw CFLib.getDefaultExceptionFactory()
              .newNullArgumentException(
                  getClass(), S_ProcName, 0, "JNDI lookup for CFBam24SmtpPort");
        }
        props.setProperty("mail.smtp.port", smtpPort);
        props.setProperty("mail.smtp.socketFactory.port", smtpPort);

        props.setProperty("mail.smtps.auth", "true");

        props.put("mail.smtps.quitwait", "false");

        String smtpEmailFrom = (String) ctx.lookup("java:comp/env/CFBam24SmtpEmailFrom");
        if ((smtpEmailFrom == null) || (smtpEmailFrom.length() <= 0)) {
          throw CFLib.getDefaultExceptionFactory()
              .newNullArgumentException(
                  getClass(), S_ProcName, 0, "JNDI lookup for CFBam24SmtpEmailFrom");
        }

        smtpUsername = (String) ctx.lookup("java:comp/env/CFBam24SmtpUsername");
        if ((smtpUsername == null) || (smtpUsername.length() <= 0)) {
          throw CFLib.getDefaultExceptionFactory()
              .newNullArgumentException(
                  getClass(), S_ProcName, 0, "JNDI lookup for CFBam24SmtpUsername");
        }

        smtpPassword = (String) ctx.lookup("java:comp/env/CFBam24SmtpPassword");
        if ((smtpPassword == null) || (smtpPassword.length() <= 0)) {
          throw CFLib.getDefaultExceptionFactory()
              .newNullArgumentException(
                  getClass(), S_ProcName, 0, "JNDI lookup for CFBam24SmtpPassword");
        }

        String serverKeyStore;
        try {
          serverKeyStore = (String) ctx.lookup("java:comp/env/CFBam24ServerKeyStore");
        } catch (NamingException e) {
          serverKeyStore = null;
        }

        String keyStorePassword;
        try {
          keyStorePassword = (String) ctx.lookup("java:comp/env/CFBam24KeyStorePassword");
        } catch (NamingException e) {
          keyStorePassword = null;
        }

        String keyName;
        try {
          keyName = (String) ctx.lookup("java:comp/env/CFBam24KeyName");
        } catch (NamingException e) {
          keyName = null;
        }

        String keyPassword;
        try {
          keyPassword = (String) ctx.lookup("java:comp/env/CFBam24KeyPassword");
        } catch (NamingException e) {
          keyPassword = null;
        }

        if (((serverKeyStore != null) && (serverKeyStore.length() > 0))
            && (keyStorePassword != null)
            && ((keyName != null) && (keyName.length() > 0))
            && (keyPassword != null)) {
          KeyStore keyStore = null;
          File keystoreFile = new File(serverKeyStore);
          if (!keystoreFile.exists()) {
            throw CFLib.getDefaultExceptionFactory()
                .newUsageException(
                    getClass(),
                    S_ProcName,
                    "CFBam24ServerKeyStore file \"" + serverKeyStore + "\" does not exist.");
          } else if (!keystoreFile.isFile()) {
            throw CFLib.getDefaultExceptionFactory()
                .newUsageException(
                    getClass(),
                    S_ProcName,
                    "CFBam24ServerKeyStore file \"" + serverKeyStore + "\" is not a file.");
          } else if (!keystoreFile.canRead()) {
            throw CFLib.getDefaultExceptionFactory()
                .newUsageException(
                    getClass(),
                    S_ProcName,
                    "Permission denied attempting to read CFBam24ServerKeyStore file \""
                        + serverKeyStore
                        + "\".");
          }

          try {
            keyStore = KeyStore.getInstance("jceks");
            char[] caPassword = keyStorePassword.toCharArray();
            FileInputStream input = new FileInputStream(serverKeyStore);
            keyStore.load(input, caPassword);
            input.close();
            Certificate publicKeyCertificate = keyStore.getCertificate(keyName);
            if (publicKeyCertificate == null) {
              throw CFLib.getDefaultExceptionFactory()
                  .newUsageException(
                      getClass(),
                      S_ProcName,
                      "Could not read CFBam24KeyName \""
                          + keyName
                          + "\" from CFBam24ServerKeyStore file \""
                          + serverKeyStore
                          + "\".");
            }
            publicKey = publicKeyCertificate.getPublicKey();
            char[] caKeyPassword = keyPassword.toCharArray();
            Key key = keyStore.getKey(keyName, caKeyPassword);
            if (key instanceof PrivateKey) {
              privateKey = (PrivateKey) key;
            } else {
              throw CFLib.getDefaultExceptionFactory()
                  .newUnsupportedClassException(getClass(), S_ProcName, "key", key, "PrivateKey");
            }

            getServerInfo();
          } catch (CertificateException x) {
            publicKey = null;
            privateKey = null;
            throw CFLib.getDefaultExceptionFactory()
                .newRuntimeException(
                    getClass(),
                    S_ProcName,
                    "Could not open keystore due to CertificateException -- " + x.getMessage(),
                    x);
          } catch (IOException x) {
            publicKey = null;
            privateKey = null;
            throw CFLib.getDefaultExceptionFactory()
                .newRuntimeException(
                    getClass(),
                    S_ProcName,
                    "Could not open keystore due to IOException -- " + x.getMessage(),
                    x);
          } catch (KeyStoreException x) {
            publicKey = null;
            privateKey = null;
            throw CFLib.getDefaultExceptionFactory()
                .newRuntimeException(
                    getClass(),
                    S_ProcName,
                    "Could not open keystore due to KeyStoreException -- " + x.getMessage(),
                    x);
          } catch (NoSuchAlgorithmException x) {
            publicKey = null;
            privateKey = null;
            throw CFLib.getDefaultExceptionFactory()
                .newRuntimeException(
                    getClass(),
                    S_ProcName,
                    "Could not open keystore due to NoSuchAlgorithmException -- " + x.getMessage(),
                    x);
          } catch (UnrecoverableKeyException x) {
            publicKey = null;
            privateKey = null;
            throw CFLib.getDefaultExceptionFactory()
                .newRuntimeException(
                    getClass(),
                    S_ProcName,
                    "Could not access key due to UnrecoverableKeyException -- " + x.getMessage(),
                    x);
          } catch (RuntimeException x) {
            publicKey = null;
            privateKey = null;
            throw x;
          }
        } else if ((serverKeyStore != null)
            || (keyStorePassword != null)
            || (keyName != null)
            || (keyPassword != null)) {
          publicKey = null;
          privateKey = null;
          throw CFLib.getDefaultExceptionFactory()
              .newUsageException(
                  getClass(),
                  S_ProcName,
                  "All or none of CFBam24ServerKeyStore, "
                      + "CFBam24KeyStorePassword, "
                      + "CFBam24KeyName, and "
                      + "CFBam24KeyPassword must be configured");
        } else {
          getServerInfo();
          try {
            serverInfo.initServerKeys();
          } catch (Exception x) {
            throw CFLib.getDefaultExceptionFactory()
                .newRuntimeException(
                    getClass(),
                    S_ProcName,
                    "Caught "
                        + x.getClass().getName()
                        + " during initServerKeys() -- "
                        + x.getMessage(),
                    x);
          }
        }
      } catch (ClassNotFoundException e) {
        publicKey = null;
        privateKey = null;
        throw CFLib.getDefaultExceptionFactory()
            .newRuntimeException(
                getClass(), S_ProcName, "Caught ClassNotFoundException -- " + e.getMessage(), e);
      } catch (IllegalAccessException e) {
        publicKey = null;
        privateKey = null;
        throw CFLib.getDefaultExceptionFactory()
            .newRuntimeException(
                getClass(),
                S_ProcName,
                "Caught IllegalAccessException trying to construct newInstance() -- "
                    + e.getMessage(),
                e);
      } catch (InstantiationException e) {
        publicKey = null;
        privateKey = null;
        throw CFLib.getDefaultExceptionFactory()
            .newRuntimeException(
                getClass(),
                S_ProcName,
                "Caught InstantiationException trying to construct newInstance() -- "
                    + e.getMessage(),
                e);
      } catch (NamingException e) {
        publicKey = null;
        privateKey = null;
        throw CFLib.getDefaultExceptionFactory()
            .newRuntimeException(
                getClass(), S_ProcName, "Caught NamingException -- " + e.getMessage(), e);
      }
    }
  }