geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vamsic...@apache.org
Subject svn commit: r472359 - /geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
Date Wed, 08 Nov 2006 01:25:14 GMT
Author: vamsic007
Date: Tue Nov  7 17:25:14 2006
New Revision: 472359

URL: http://svn.apache.org/viewvc?view=rev&rev=472359
Log:
GERONIMO-2280 FileKeystoreInstance.getKeyManager() fails when there is more than one privatekey
in the store

Modified:
    geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java

Modified: geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java?view=diff&rev=472359&r1=472358&r2=472359
==============================================================================
--- geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
(original)
+++ geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
Tue Nov  7 17:25:14 2006
@@ -433,7 +433,25 @@
         ensureLoaded(storePassword);
         try {
             KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(algorithm);
-            keyFactory.init(keystore, (char[]) keyPasswords.get(alias));
+            if(privateKeys.size() == 1) {
+                keyFactory.init(keystore, (char[]) keyPasswords.get(alias));
+            } else {
+                // When there is more than one private key in the keystore, we create a temporary
"sub keystore"
+                // with only one entry of our interest and use it
+                KeyStore subKeystore = KeyStore.getInstance(keystore.getType(), keystore.getProvider());
+                try {
+                    subKeystore.load(null, null);
+                } catch (NoSuchAlgorithmException e) {
+                    // should not occur
+                } catch (CertificateException e) {
+                    // should not occur
+                } catch (IOException e) {
+                    // should not occur
+                }
+                subKeystore.setKeyEntry(alias, keystore.getKey(alias, (char[]) keyPasswords.get(alias)),
+                                        (char[]) keyPasswords.get(alias), keystore.getCertificateChain(alias));
+                keyFactory.init(subKeystore, (char[]) keyPasswords.get(alias));
+            }
             return keyFactory.getKeyManagers();
         } catch (KeyStoreException e) {
             throw new KeystoreException("Unable to retrieve key manager in keystore '" +
keystoreName + "' for alias '" + alias + "'");



Mime
View raw message