1 18 package org.apache.geronimo.security.ca; 19 20 import java.io.File ; 21 import java.io.FileInputStream ; 22 import java.io.FileOutputStream ; 23 import java.io.FilenameFilter ; 24 import java.math.BigInteger ; 25 import java.net.URI ; 26 import java.util.ArrayList ; 27 import java.util.Iterator ; 28 import java.util.Map ; 29 import java.util.Properties ; 30 31 import org.apache.commons.logging.Log; 32 import org.apache.commons.logging.LogFactory; 33 import org.apache.geronimo.gbean.AbstractName; 34 import org.apache.geronimo.gbean.GBeanInfo; 35 import org.apache.geronimo.gbean.GBeanInfoBuilder; 36 import org.apache.geronimo.gbean.GBeanLifecycle; 37 import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory; 38 import org.apache.geronimo.kernel.Kernel; 39 import org.apache.geronimo.management.geronimo.CertificateRequestStore; 40 import org.apache.geronimo.system.serverinfo.ServerInfo; 41 42 47 public class FileCertificateRequestStore implements CertificateRequestStore, GBeanLifecycle { 48 private final static Log log = LogFactory.getLog(FileCertificateRequestStore.class); 49 50 private static final String CSR_STATUS_FILENAME = "csr-status.properties"; 52 private static final String CSR_STATUS_FILE_HEADER = "CSR Status File"; 54 private static final String STATUS_RECEIVED = "R"; 56 private static final String STATUS_VERIFIED = "V"; 58 private static final String CERT_REQ_FILE_PREFIX = "csr"; 60 private static final String CERT_REQ_FILE_SUFFIX = ".txt"; 62 63 private ServerInfo serverInfo; 64 private Kernel kernel; 65 private AbstractName abstractName; 66 private URI directoryPath; 67 private File dir; 68 private Properties requestStatus; 69 70 73 public FileCertificateRequestStore(ServerInfo serverInfo, URI directoryPath, Kernel kernel, AbstractName abstractName) { 74 this.serverInfo = serverInfo; 75 this.kernel = kernel; 76 this.abstractName = abstractName; 77 this.directoryPath = directoryPath; 78 } 79 80 85 public boolean deleteRequest(String id) { 86 if(requestStatus.containsKey(id)) { 87 requestStatus.remove(id); 88 storeRequestStatusFile(); 89 } 90 return new File (dir, id+CERT_REQ_FILE_SUFFIX).delete(); 91 } 92 93 96 public String [] getAllRequestIds() { 97 File [] results = dir.listFiles(new FilenameFilter (){ 98 public boolean accept(File dir, String name) { 99 return name.endsWith(CERT_REQ_FILE_SUFFIX); 100 }}); 101 String [] reqIds = new String [results.length]; 102 int suffixLength = CERT_REQ_FILE_SUFFIX.length(); 103 for(int i = 0; i < results.length; ++i) { 104 String name = results[i].getName(); 105 reqIds[i] = name.substring(0, name.length() - suffixLength); 106 } 107 return reqIds; 108 } 109 110 113 public String [] getVerificatonDueRequestIds() { 114 ArrayList ids = new ArrayList (); 115 for(Iterator itr = requestStatus.entrySet().iterator(); itr.hasNext();) { 116 Map.Entry entry = (Map.Entry ) itr.next(); 117 if(entry.getValue().equals(STATUS_RECEIVED)) { 118 ids.add(entry.getKey()); 119 } 120 } 121 122 return (String []) ids.toArray(new String [0]); 123 } 124 125 128 public String [] getVerifiedRequestIds() { 129 ArrayList ids = new ArrayList (); 130 for(Iterator itr = requestStatus.entrySet().iterator(); itr.hasNext();) { 131 Map.Entry entry = (Map.Entry ) itr.next(); 132 if(entry.getValue().equals(STATUS_VERIFIED)) { 133 ids.add(entry.getKey()); 134 } 135 } 136 137 return (String []) ids.toArray(new String [0]); 138 } 139 140 145 public boolean setRequestVerified(String id) { 146 if(requestStatus.containsKey(id)) { 147 requestStatus.setProperty(id, STATUS_VERIFIED); 148 storeRequestStatusFile(); 149 return true; 150 } else { 151 return false; 152 } 153 } 154 155 161 public boolean setRequestFulfilled(String id, BigInteger sNo) { 162 if(requestStatus.containsKey(id)) { 163 deleteRequest(id); 164 requestStatus.setProperty(id, sNo.toString()); 165 storeRequestStatusFile(); 166 return true; 167 } else { 168 return false; 169 } 170 } 171 172 176 public String getRequest(String id) { 177 try { 178 FileInputStream fin = new FileInputStream (new File (dir, id+CERT_REQ_FILE_SUFFIX)); 179 byte[] data = new byte[fin.available()]; 180 fin.read(data); 181 fin.close(); 182 return new String (data); 183 } catch (Exception e) { 184 log.error("Error reading CSR. id = "+id, e); 185 } 186 return null; 187 } 188 189 196 public String storeRequest(String id, String csr) { 197 try { 198 File csrFile = null; 199 if(id == null || new File (dir, id+CERT_REQ_FILE_SUFFIX).exists()) { 200 csrFile = File.createTempFile(CERT_REQ_FILE_PREFIX, CERT_REQ_FILE_SUFFIX, dir); 201 id = csrFile.getName().substring(0, csrFile.getName().length() - CERT_REQ_FILE_SUFFIX.length()); 202 } else { 203 csrFile = new File (dir, id+CERT_REQ_FILE_SUFFIX); 204 } 205 FileOutputStream fout = new FileOutputStream (csrFile); 206 fout.write(csr.getBytes()); 207 requestStatus.setProperty(id, STATUS_RECEIVED); 208 storeRequestStatusFile(); 209 fout.close(); 210 return id; 211 } catch(Exception e) { 212 log.error("Error storing CSR. id = "+id, e); 213 } 214 return null; 215 } 216 217 224 public BigInteger getSerialNumberForRequest(String id) { 225 BigInteger sNo = null; 226 try { 227 sNo = new BigInteger (requestStatus.getProperty(id)); 228 } catch(NumberFormatException e) { 229 } 231 return sNo; 232 } 233 234 239 public void removeRequestStatus(String id, BigInteger sNo) { 240 if(id != null && requestStatus.containsKey(id)) { 241 requestStatus.remove(id); 242 storeRequestStatusFile(); 243 } else if(sNo != null && requestStatus.containsValue(sNo.toString())) { 244 String sNoTemp = sNo.toString(); 245 for(Iterator itr = requestStatus.entrySet().iterator(); itr.hasNext(); ) { 246 Map.Entry entry = (Map.Entry )itr.next(); 247 if(sNoTemp.equals(entry.getValue())) { 248 requestStatus.remove(entry.getKey()); 249 break; 250 } 251 } 252 storeRequestStatusFile(); 253 } 254 } 255 256 public void doFail() { 257 } 258 259 public void doStart() throws Exception { 260 serverInfo.resolveServer(directoryPath); 261 URI dirURI; 262 if (serverInfo != null) { 263 dirURI = serverInfo.resolve(directoryPath); 264 } else { 265 dirURI = directoryPath; 266 } 267 if (!dirURI.getScheme().equals("file")) { 268 throw new IllegalStateException ("FileCertificateRequestStore must have a root that's a local directory (not " + dirURI + ")"); 269 } 270 dir = new File (dirURI); 271 if(!dir.exists()) { 272 dir.mkdirs(); 273 log.debug("Created directory "+dir.getAbsolutePath()); 274 } else if(!dir.isDirectory() || !dir.canRead()) { 275 throw new IllegalStateException ("FileCertificateRequestStore must have a root that's a valid readable directory (not " + dir.getAbsolutePath() + ")"); 276 } 277 log.debug("CertificateRequestStore directory is " + dir.getAbsolutePath()); 278 File statusFile = new File (dir, CSR_STATUS_FILENAME); 279 if(!statusFile.exists()) { 280 statusFile.createNewFile(); 281 log.debug("Created request status file "+statusFile.getAbsolutePath()); 282 } 283 requestStatus = new Properties (); 284 FileInputStream fin = new FileInputStream (statusFile); 285 requestStatus.load(fin); 286 fin.close(); 287 } 288 289 public void doStop() throws Exception { 290 } 291 public static final GBeanInfo GBEAN_INFO; 292 293 static { 294 GBeanInfoBuilder infoFactory = GBeanInfoBuilder.createStatic(FileCertificateRequestStore.class, "CertificateRequestStore"); 295 infoFactory.addAttribute("directoryPath", URI .class, true, false); 296 infoFactory.addAttribute("kernel", Kernel.class, false); 297 infoFactory.addAttribute("abstractName", AbstractName.class, false); 298 infoFactory.addReference("ServerInfo", ServerInfo.class, NameFactory.GERONIMO_SERVICE); 299 infoFactory.addInterface(CertificateRequestStore.class); 300 infoFactory.setConstructor(new String []{"ServerInfo", "directoryPath", "kernel", "abstractName"}); 301 302 GBEAN_INFO = infoFactory.getBeanInfo(); 303 } 304 305 public static GBeanInfo getGBeanInfo() { 306 return GBEAN_INFO; 307 } 308 309 312 private void storeRequestStatusFile() { 313 File statusFile = new File (dir, CSR_STATUS_FILENAME); 314 FileOutputStream fout = null; 315 try { 316 fout = new FileOutputStream (statusFile); 317 requestStatus.store(fout, CSR_STATUS_FILE_HEADER); 318 fout.close(); 319 } catch (Exception e) { 320 log.error("Errors while storing request status file "+statusFile.getAbsolutePath(), e); 321 } 322 } 323 } 324 | Popular Tags |