KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > eclipse > osgi > internal > verifier > KeyStores


1 /*******************************************************************************
2  * Copyright (c) 2006 IBM Corporation and others.
3  * All rights reserved. This program and the accompanying materials
4  * are made available under the terms of the Eclipse Public License v1.0
5  * which accompanies this distribution, and is available at
6  * http://www.eclipse.org/legal/epl-v10.html
7  *
8  * Contributors:
9  * IBM Corporation - initial API and implementation
10  *******************************************************************************/
11
12 package org.eclipse.osgi.internal.verifier;
13
14 import java.io.*;
15 import java.net.*;
16 import java.security.*;
17 import java.security.cert.Certificate JavaDoc;
18 import java.util.*;
19 import org.eclipse.osgi.framework.internal.core.FrameworkProperties;
20 import org.eclipse.osgi.framework.log.FrameworkLogEntry;
21
22 /**
23  * Class to manage the different KeyStores we should check for certificates of
24  * Signed JAR
25  */
26 public class KeyStores {
27     /**
28      * java.policy files properties of the java.security file
29      */
30     private static final String JavaDoc JAVA_POLICY_URL = "policy.url."; //$NON-NLS-1$
31 /**
32      * Default keystore type in java.security file
33      */
34     private static final String JavaDoc DEFAULT_KEYSTORE_TYPE = "keystore.type"; //$NON-NLS-1$
35 /**
36      * List of KeyStores
37      */
38     private List /* of Keystore */keyStores;
39
40     /**
41      * KeyStores constructor comment.
42      */
43     public KeyStores() {
44         super();
45         initializeDefaultKeyStores();
46     }
47
48     private void processKeyStore(String JavaDoc urlSpec, String JavaDoc type, URL rootURL) {
49         if (type == null)
50             type = KeyStore.getDefaultType();
51         InputStream in = null;
52         try {
53             URL url;
54             try {
55                 url = new URL(urlSpec);
56             } catch (MalformedURLException mue) {
57                 url = new URL(rootURL, urlSpec);
58             }
59             KeyStore ks = KeyStore.getInstance(type);
60             try {
61                 in = url.openStream();
62             } catch (IOException ioe) {
63                 // ignore this; the file probably does not exist
64 }
65             if (in != null) {
66                 ks.load(in, null);
67                 keyStores.add(ks);
68             }
69         } catch (Exception JavaDoc e) {
70             SignedBundleHook.log(e.getMessage(), FrameworkLogEntry.WARNING, e);
71         } finally {
72             if (in != null)
73                 try {
74                     in.close();
75                 } catch (IOException e){
76                     // do nothing
77 }
78         }
79     }
80
81     /**
82      * populate the list of Keystores should be done with Dialog with
83      * Cancel/Skip button if the connection to the URL is down...
84      */
85     private void initializeDefaultKeyStores() {
86         keyStores = new ArrayList(5);
87         // get JRE cacerts
88 String JavaDoc defaultType = Security.getProperty(DEFAULT_KEYSTORE_TYPE);
89         String JavaDoc urlSpec = "file:" + FrameworkProperties.getProperty("java.home") + File.separator + "lib" + File.separator + "security" + File.separator + "cacerts"; //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ //$NON-NLS-4$ //$NON-NLS-5$
90 processKeyStore(urlSpec, defaultType, null);
91
92         // get java.home .keystore
93 urlSpec = "file:" + FrameworkProperties.getProperty("user.home") + File.separator + ".keystore"; //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
94 processKeyStore(urlSpec, defaultType, null);
95
96         // get osgi.framework.keystore keystore
97 urlSpec = FrameworkProperties.getProperty("osgi.framework.keystore"); //$NON-NLS-1$
98 if (urlSpec != null)
99             processKeyStore(urlSpec, defaultType, null);
100
101         // get KeyStores from policy files...
102 int index = 1;
103         String JavaDoc java_policy = Security.getProperty(JAVA_POLICY_URL + index);
104         while (java_policy != null) {
105             // retrieve keystore url from java.policy
106 // also retrieve keystore type
107 processKeystoreFromLocation(java_policy);
108             index++;
109             java_policy = Security.getProperty(JAVA_POLICY_URL + index);
110         }
111     }
112
113     /**
114      * retrieve the keystore from java.policy file
115      */
116     private void processKeystoreFromLocation(String JavaDoc location) {
117         InputStream in = null;
118         char[] buff = new char[4096];
119         int indexOf$ = location.indexOf("${"); //$NON-NLS-1$
120 int indexOfCurly = location.indexOf('}', indexOf$);
121         if (indexOf$ != -1 && indexOfCurly != -1) {
122             String JavaDoc prop = FrameworkProperties.getProperty(location.substring(indexOf$ + 2, indexOfCurly));
123             String JavaDoc location2 = location.substring(0, indexOf$);
124             location2 += prop;
125             location2 += location.substring(indexOfCurly + 1);
126             location = location2;
127         }
128         try {
129             URL url = new URL(location);
130             //System.out.println("getKeystoreFromLocation: location is: " +location);
131 in = url.openStream();
132             Reader reader = new InputStreamReader(in);
133             int result = reader.read(buff);
134             StringBuffer JavaDoc contentBuff = new StringBuffer JavaDoc();
135             while (result != -1) {
136                 contentBuff.append(buff, 0, result);
137                 result = reader.read(buff);
138             }
139             if (contentBuff.length() > 0) {
140                 String JavaDoc content = new String JavaDoc(contentBuff.toString());
141                 int indexOfKeystore = content.indexOf("keystore"); //$NON-NLS-1$
142 if (indexOfKeystore != -1) {
143                     int indexOfSemiColumn = content.indexOf(';', indexOfKeystore);
144                     processKeystoreFromString(content.substring(indexOfKeystore, indexOfSemiColumn), url);
145                     return;
146                 }
147             }
148         } catch (MalformedURLException e) {
149             SignedBundleHook.log(e.getMessage(), FrameworkLogEntry.WARNING, e);
150         } catch (IOException e) {
151             // do nothing it is likely that the file does not exist
152 } finally {
153             if (in != null) {
154                 try {
155                     in.close();
156                 } catch (IOException e) {
157                     // do nothing
158 }
159             }
160         }
161     }
162
163     /**
164      * retrieve the keystore from java.policy file
165      */
166     private void processKeystoreFromString(String JavaDoc content, URL rootURL) {
167         String JavaDoc keyStoreType = null;
168         int indexOfSpace = content.indexOf(' ');
169         if (indexOfSpace == -1)
170             return;
171         int secondSpace = content.lastIndexOf(',');
172         if (secondSpace == -1) {
173             secondSpace = content.length();
174         } else {
175             keyStoreType = content.substring(secondSpace + 1, content.length()).trim();
176         }
177         processKeyStore(content.substring(indexOfSpace, secondSpace), keyStoreType, rootURL);
178     }
179
180     public boolean isTrusted(Certificate JavaDoc cert) {
181         Iterator it = keyStores.iterator();
182         while (it.hasNext()) {
183             KeyStore ks = (KeyStore) it.next();
184             try {
185                 if (ks.getCertificateAlias(cert) != null) {
186                     return true;
187                 }
188             } catch (KeyStoreException e) {
189                 SignedBundleHook.log(e.getMessage(), FrameworkLogEntry.WARNING, e);
190             }
191         }
192         return false;
193     }
194 }
Popular Tags