KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > sf > jguard > ext > authentication > certificates > CertUtils


1 /*
2 jGuard is a security framework based on top of jaas (java authentication and authorization security).
3 it is written for web applications, to resolve simply, access control problems.
4
5 http://sourceforge.net/projects/jguard/
6
7 Copyright (C) 2004 Charles GAY
8
9 This library is free software; you can redistribute it and/or
10 modify it under the terms of the GNU Lesser General Public
11 License as published by the Free Software Foundation; either
12 version 2.1 of the License, or (at your option) any later version.
13
14 This library is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Lesser General Public License for more details.
18
19 You should have received a copy of the GNU Lesser General Public
20 License along with this library; if not, write to the Free Software
21 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22
23
24 jGuard project home page:
25 http://sourceforge.net/projects/jguard/
26
27 */

28 package net.sf.jguard.ext.authentication.certificates;
29
30 import java.io.File JavaDoc;
31 import java.io.FileInputStream JavaDoc;
32 import java.io.FileNotFoundException JavaDoc;
33 import java.io.IOException JavaDoc;
34 import java.security.cert.CertificateException JavaDoc;
35 import java.security.cert.CertificateFactory JavaDoc;
36 import java.security.cert.TrustAnchor JavaDoc;
37 import java.security.cert.X509CRL JavaDoc;
38 import java.security.cert.X509Certificate JavaDoc;
39 import java.util.Arrays JavaDoc;
40 import java.util.HashSet JavaDoc;
41 import java.util.Iterator JavaDoc;
42 import java.util.List JavaDoc;
43 import java.util.Set JavaDoc;
44 import java.util.logging.Level JavaDoc;
45 import java.util.logging.Logger JavaDoc;
46
47 /**
48  * Utility class to handle X509 certificates.
49  *
50  * @author <a HREF="mailto:slebettre@gmail.com">Simon Lebettre</a>
51  * @author <a HREF="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
52  */

53 public class CertUtils {
54
55     private static final String JavaDoc X509 = "X509";
56     /** Logger for this class */
57     private static final Logger JavaDoc logger = Logger.getLogger(CertUtils.class.getName());
58
59     /**
60      * Read a certificate from the specified filepath.
61      * @param path
62      * @return X509Certificate
63      */

64     public static X509Certificate JavaDoc getCertFromFile(String JavaDoc path) {
65         X509Certificate JavaDoc cert = null;
66
67             File JavaDoc certFile = new File JavaDoc(path);
68             if (!certFile.canRead()){
69                     logger.severe(" File " + certFile.toString() +" is unreadable");
70                     return null;
71             }
72             FileInputStream JavaDoc fis = null;
73             try {
74                 fis = new FileInputStream JavaDoc(path);
75             } catch (FileNotFoundException JavaDoc e) {
76                 logger.log(Level.SEVERE, "", e);
77                 return null;
78
79             }
80             CertificateFactory JavaDoc cf;
81             try {
82                 cf = CertificateFactory.getInstance(CertUtils.X509);
83                 cert = (X509Certificate JavaDoc)cf.generateCertificate(fis);
84             } catch (CertificateException JavaDoc e) {
85                 logger.log(Level.SEVERE, "", e);
86                 return null;
87             }finally{
88                 try {
89                     fis.close();
90                 } catch (IOException JavaDoc e) {
91                     logger.log(Level.SEVERE, "", e);
92                 }
93             }
94
95         return cert;
96     }
97
98     /**
99      * return all the certificates contained in the directory path.
100      * @param directoryPath
101      * @return certificates Set, an empty Set if the directoryPath is null
102      */

103     public static Set JavaDoc getCertsFromDirectory(String JavaDoc directoryPath){
104         Set JavaDoc certsSet = new HashSet JavaDoc();
105         if(directoryPath==null){
106             return certsSet;
107         }
108         File JavaDoc file = new File JavaDoc(directoryPath);
109         List JavaDoc filesAndDirectories =Arrays.asList(file.listFiles());
110         Iterator JavaDoc it = filesAndDirectories.iterator();
111
112         while(it.hasNext()){
113             File JavaDoc tempFile = (File JavaDoc)it.next();
114             if(tempFile.isFile()){
115                 certsSet.add(getCertFromFile(tempFile.getPath()));
116             }
117         }
118
119         return certsSet;
120     }
121
122     /**
123      * return a Set of TrustAnchors (without nameConstraints)
124      * which comes from a directory path.
125      * @param directoryPath
126      * @return TrustAnchor Set
127      */

128     public static Set JavaDoc getTrustedAnchorsFromDirectory(String JavaDoc directoryPath){
129         Set JavaDoc trustedAnchors = new HashSet JavaDoc();
130         Set JavaDoc certs = getCertsFromDirectory(directoryPath);
131         Iterator JavaDoc itCerts = certs.iterator();
132         while(itCerts.hasNext()){
133             X509Certificate JavaDoc cert = (X509Certificate JavaDoc)itCerts.next();
134             TrustAnchor JavaDoc trustAnchor = new TrustAnchor JavaDoc(cert,null);
135             trustedAnchors.add(trustAnchor);
136         }
137         return trustedAnchors;
138     }
139
140     /**
141      * return a Set of TrustAnchors (without nameConstraints)
142      * which comes from a directory path.
143      * @param directoryPath
144      * @param nameConstraints constraints applied to all the TrustAnchor
145      * @return TrustAnchor Set
146      */

147     public static Set JavaDoc getTrustedAnchorsFromDirectory(String JavaDoc directoryPath,byte[] nameConstraints){
148         Set JavaDoc trustedAnchors = new HashSet JavaDoc();
149         Set JavaDoc certs = getCertsFromDirectory(directoryPath);
150         Iterator JavaDoc itCerts = certs.iterator();
151         while(itCerts.hasNext()){
152             X509Certificate JavaDoc cert = (X509Certificate JavaDoc)itCerts.next();
153             TrustAnchor JavaDoc trustAnchor = new TrustAnchor JavaDoc(cert,nameConstraints);
154             trustedAnchors.add(trustAnchor);
155         }
156         return trustedAnchors;
157     }
158
159     /**
160      * output the CRL content.
161      * @param crl to inspect
162      */

163     private void inspectCRL(X509CRL JavaDoc crl) {
164
165             logger.finest("crl="+crl.toString());
166             logger.finest("crlType="+crl.getType());
167             logger.finest("crl next update Date="+crl.getNextUpdate());
168             logger.finest("crl issuer DN="+crl.getIssuerDN().getName());
169             logger.finest("crl signature algorithm name ="+crl.getSigAlgName());
170             logger.finest("crl signature algorithm oid ="+crl.getSigAlgOID());
171             logger.finest("crl version ="+crl.getVersion());
172             logger.finest("crl update Date ="+crl.getThisUpdate());
173
174             Set JavaDoc revokedCertificates = crl.getRevokedCertificates();
175             Iterator JavaDoc itRevokedCerts = revokedCertificates.iterator();
176             while(itRevokedCerts.hasNext()){
177                  X509Certificate JavaDoc certificate = (X509Certificate JavaDoc)itRevokedCerts.next();
178                  logger.finest(certificate.toString());
179             }
180             Set JavaDoc criticalExtensions = crl.getCriticalExtensionOIDs();
181             Iterator JavaDoc itCritExtensions = criticalExtensions.iterator();
182             while(itCritExtensions.hasNext()){
183                 String JavaDoc oid = (String JavaDoc)itCritExtensions.next();
184                  logger.finest(" critical extension = "+oid);
185             }
186             Set JavaDoc nonCriticalExtensions = crl.getNonCriticalExtensionOIDs();
187             Iterator JavaDoc itNonCritExtensions = nonCriticalExtensions.iterator();
188             while(itNonCritExtensions.hasNext()){
189                 String JavaDoc oid = (String JavaDoc)itNonCritExtensions.next();
190                  logger.finest(" non critical extension = "+oid);
191             }
192
193     }
194
195 }
196
Popular Tags