Java > Open Source Codes > com > sun > enterprise > tools > upgrade > certconversion > JKStoNSSConversionModule


1 /*
2  * The contents of this file are subject to the terms
3  * of the Common Development and Distribution License
4  * (the License). You may not use this file except in
5  * compliance with the License.
6  *
7  * You can obtain a copy of the license at
8  * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9  * glassfish/bootstrap/legal/CDDLv1.0.txt.
10  * See the License for the specific language governing
11  * permissions and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL
14  * Header Notice in each file and include the License file
15  * at glassfish/bootstrap/legal/CDDLv1.0.txt.
16  * If applicable, add the following below the CDDL Header,
17  * with the fields enclosed by brackets [] replaced by
18  * you own identifying information:
19  * "Portions Copyrighted [year] [name of copyright owner]"
20  *
21  * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22  */
23
24 package com.sun.enterprise.tools.upgrade.certconversion;
25
26 import java.io.*;
27 import java.util.*;
28 import java.util.logging.*;
29 import java.security.*;
30 import java.security.cert.*;
31 import com.sun.enterprise.tools.upgrade.logging.*;
32 import com.sun.enterprise.util.i18n.StringManager;
33 import com.sun.enterprise.tools.upgrade.common.*;
34
35 /**
36  *
37  * author : Servesh Singh
38  *
39  */
40
41 public class JKStoNSSConversionModule implements BaseModule{
42     
43     
44     private static Logger _logger = LogService.getLogger(LogService.UPGRADE_LOGGER);
45     private StringManager sm;
46     private static final String PKCS12_INPUTFILE_OPTION = "-i";
47     private static final String NSS_DB_LOCATION_OPTION = "-d";
48     private static final String NSS_PWD_OPTION = "-K";
49     private static final String KEYSTORE_PWD_OPTION = "-W";
50     private static final String PK12_UTIL_UNIX = "pk12util.sh";
51     private static final String PK12_UTIL_WIN = "pk12util.bat";
52     private static final String CONFIG = "config";
53     private static final String BIN = "bin";
54     private static final String LIB = "lib";
55     
56     String pathOfNSSDbFiles;
57     private String jksPath;
58     private String trustJksPath;
59     private List pkcs12PathList;
60     private String nssKeyStorePassword;
61     private List keyList;
62     private InputStream isJksPath;
63     private OutputStream osJksPath;
64     private OutputStream trustJKSPathStream;
65     private String jksKeyStorePassword;
66     private String jksCAkeyStorePassword;
67     private boolean certificateError = false;
68     private char[] pwd;
69     private KeyStore trustedJksKeyStore;
70     private CommonInfoModel commonInfo;
71     private String pkcs12FilePath;
72     private OutputStream pkcs12KeystoreStream;
73     private KeyStore jksKeyStore;
74     private KeyStore pkcs12KeyStore;
75     
76     
77     public JKStoNSSConversionModule(){
78         sm = StringManager.getManager(LogService.UPGRADE_CERTCONVERSION_LOGGER);
79     }
80     
81     public void recovery(CommonInfoModel commonInfo) {
82         
83     }
84     public boolean upgrade(CommonInfoModel commonInfo){
85         String currentDomain = commonInfo.getCurrentDomain();
86         if(!(commonInfo.getDomainOptionList().contains(currentDomain)))
87             return true;
88         pkcs12FilePath = commonInfo.getDestinationDomainPath() + File.separator +"pkcsFile" +".pkcs12";
89         this.jksPath=commonInfo.getSourceJKSKeyStorePath();
90         this.trustJksPath=commonInfo.getSourceTrustedJKSKeyStorePath();
91         this.jksKeyStorePassword=commonInfo.getJksKeystorePassword();
92         this.jksCAkeyStorePassword=commonInfo.getJksCAKeystorePassword();
93         this.pkcs12PathList=new ArrayList();
94         this.keyList = new ArrayList();
95         this.nssKeyStorePassword=commonInfo.getCertDbPassword();
96         this.commonInfo = commonInfo;
97         try {
98             runPkcs12ToJks();
99         }catch(CertificateException ce) {
100             _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.could_not_migrate_certificates",ce));
101             UpdateProgressManager.getProgressManager().setContinueUpgrade(false);
102             return false;
103         }
104         return true;
105     }
106     
107     
108     
109     private void runPkcs12ToJks() throws CertificateException{
110         openInputKeystoreJKS();
111         openOutputKeystore();
112         convertjksTopkcs12();
113         storepkcs12KeyStore();
114         migratepkcs12TonssDB();
115         //deletePKCS12Files();
116
117     }
118     
119     private void migratepkcs12TonssDB() throws CertificateException{
120         String targetDomainDir = commonInfo.getDestinationDomainPath();
121         String configDir = targetDomainDir + File.separator + CONFIG;
122         String targetLib = commonInfo.getTargetInstallDir() +File.separator + LIB;
123         String targetBin = commonInfo.getTargetInstallDir() +File.separator + BIN;
124         String pk12UtilPath = "";
125         String osName = commonInfo.getOSName();
126         if(osName.indexOf("Windows") == -1)
127             pk12UtilPath = commonInfo.getTargetInstallDir() + File.separator + LIB + File.separator + PK12_UTIL_UNIX;
128         else
129             pk12UtilPath = commonInfo.getTargetInstallDir() + File.separator + LIB + File.separator + PK12_UTIL_WIN;
130         String pk12utilLocation = commonInfo.getTargetInstallDir() + File.separator + LIB;
131         String [] commandArray = {pk12UtilPath,
132                 targetLib,
133                 targetBin,
134                 pk12utilLocation,
135                 PKCS12_INPUTFILE_OPTION, pkcs12FilePath,
136                 NSS_DB_LOCATION_OPTION, configDir,
137                 NSS_PWD_OPTION, commonInfo.getCertDbPassword(),
138                 KEYSTORE_PWD_OPTION, commonInfo.getJksKeystorePassword()
139         };
140         StringWriter result = new StringWriter();
141         int exitVal = ProcessAdaptor.executeProcess(commandArray, result);
142         result.flush();
143         if(exitVal == 0) {
144             Iterator itr = keyList.iterator();
145             while(itr.hasNext())
146                 _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.alias_transferred",(String )itr.next()));
147         } else {
148             _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.certificateError", pkcs12FilePath,commonInfo.getCurrentDomain(),result.toString()));
149             throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.certificateError", pkcs12FilePath,commonInfo.getCurrentDomain(),result.toString()));
150         }
151     }
152     
153     private void storepkcs12KeyStore()throws CertificateException{
154         try{
155             pkcs12KeystoreStream = new FileOutputStream(pkcs12FilePath);
156             pkcs12KeyStore.store(pkcs12KeystoreStream, jksKeyStorePassword.toCharArray());
157             Enumeration aliases = pkcs12KeyStore.aliases();
158             while(aliases.hasMoreElements()){
159                 String alias = (String )aliases.nextElement();
160                 System.out.println("Added keystore alias: " + alias);
161                 _logger.log(Level.INFO, "Added keystore alias: " + alias);
162             }
163         }catch(Exception ex){
164             _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.certificate_JKS_Error"),ex);
165             throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.certificate_JKS_Error"));
166         }finally{
167             if(pkcs12KeystoreStream!=null)
168                 try{pkcs12KeystoreStream.close();}catch(Exception e){}
169         }
170     }
171     
172     
173     public void openInputKeystoreJKS() throws CertificateException{
174         InputStream inputStreamJks = null;
175         try{
176             inputStreamJks = new FileInputStream(jksPath);
177             jksKeyStore = KeyStore.getInstance("JKS");
178             jksKeyStore.load(inputStreamJks, jksKeyStorePassword.toCharArray());
179         }catch(Exception e){
180             _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"),e);
181             throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"));
182         }finally{
183             if(inputStreamJks!=null)
184                 try{inputStreamJks.close();}catch(Exception e){}
185         }
186     }
187     
188     public void openOutputKeystore()throws CertificateException{
189         try{
190             pkcs12KeyStore = KeyStore.getInstance("PKCS12");
191             pkcs12KeyStore.load(null, jksKeyStorePassword.toCharArray());
192         }catch(Exception e){
193             _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"),e);
194             throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"));
195         }finally{
196         }
197     }
198     
199     public void writeToOutputKeystore(Key key, java.security.cert.Certificate [] cert, String alias) throws CertificateException{
200         try{
201             pkcs12KeyStore.setKeyEntry(alias, key, jksKeyStorePassword.toCharArray(), cert);
202         } catch(Exception e){
203             _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"),e);
204             throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"));
205         }
206     }
207     public void writeToOutputTrustedKeystore(java.security.cert.Certificate cert, String alias) throws CertificateException{
208         try{
209             pkcs12KeyStore.setCertificateEntry(alias, cert);
210         } catch(Exception e){
211             _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"),e);
212             throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"));
213         }
214     }
215     public void convertjksTopkcs12() throws CertificateException{
216         try{
217             java.util.Enumeration en = jksKeyStore.aliases();
218             int i=0;
219             for(; en.hasMoreElements(); ){
220                 String alias = (String ) en.nextElement();
221                 _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.processing_keypair",alias));
222                 Key key = jksKeyStore.getKey(alias, jksKeyStorePassword.toCharArray());
223                 keyList.add(alias);
224                 java.security.cert.Certificate [] cert = jksKeyStore.getCertificateChain(alias);
225                 writeToOutputKeystore(key, cert, alias);
226                 //java.security.cert.Certificate cert = jksKeyStore.getCertificate(alias);
227 //writeToOutputTrustedKeystore(cert,alias);
228 i++;
229             }
230         }catch(CertificateException e){
231             throw e;
232         }catch(Exception e){
233             _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.processing_keypair",e));
234             throw new CertificateException(e.getMessage());
235         }finally{
236         }
237     }
238     
239     private void deletePKCS12Files() {
240         new File(pkcs12FilePath).delete();
241     }
242     
243     
244     
245     public static void main(String [] args){
246         JKStoNSSConversionModule convModule = new JKStoNSSConversionModule();
247         //convModule.upgrade(args);
248 }
249     
250     public String getName() {
251         return sm.getString("enterprise.tools.upgrade.certconversion.moduleName");
252     }
253     
254 }
255
256

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags