harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mloe...@apache.org
Subject svn commit: r426443 [2/2] - /incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/
Date Fri, 28 Jul 2006 08:59:56 GMT
Modified: incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/KeyStoreCertPrinter.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/KeyStoreCertPrinter.java?rev=426443&r1=426442&r2=426443&view=diff
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/KeyStoreCertPrinter.java
(original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/KeyStoreCertPrinter.java
Fri Jul 28 01:59:55 2006
@@ -16,7 +16,8 @@
 
 package org.apache.harmony.tools.keytool;
 
-import java.io.UnsupportedEncodingException;
+import java.io.FileNotFoundException;
+import java.io.IOException;
 import java.security.Key;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
@@ -26,9 +27,12 @@
 import java.security.UnrecoverableKeyException;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
+import java.util.Collection;
 import java.util.Collections;
 import java.util.Enumeration;
+import java.util.Iterator;
 
 import org.apache.harmony.luni.util.Base64;
 
@@ -46,16 +50,18 @@
      * 
      * @param param
      * @throws KeyStoreException
-     * @throws CertificateEncodingException
      * @throws NoSuchAlgorithmException
      * @throws NoSuchProviderException
-     * @throws UnsupportedEncodingException
      * @throws UnrecoverableKeyException
+     * @throws KeytoolException 
+     * @throws IOException 
+     * @throws FileNotFoundException 
+     * @throws CertificateException 
      */
     static void list(KeytoolParameters param) throws KeyStoreException,
-            CertificateEncodingException, NoSuchAlgorithmException,
-            NoSuchProviderException, UnsupportedEncodingException,
-            UnrecoverableKeyException {
+            NoSuchAlgorithmException, NoSuchProviderException,
+            UnrecoverableKeyException, CertificateException,
+            FileNotFoundException, IOException, KeytoolException {
         Enumeration aliases;
         KeyStore keyStore = param.getKeyStore();
         String alias = param.getAlias();
@@ -71,8 +77,9 @@
             System.out.println("Type of keystore: " + keyStore.getType());
             System.out.println("Keystore provider name: "
                     + keyStore.getProvider().getName());
-            System.out.println("\nThe keystore contains " + keyStore.size()
-                    + " entries \n");
+            int keyStoreSize = keyStore.size();
+            System.out.println("\nThe keystore contains " + keyStoreSize
+                    + ((keyStoreSize == 1) ? " entry \n" : " entries \n"));
         }
 
         String provider = param.getProvider();
@@ -198,7 +205,6 @@
                     // If the key is explicitly asked to be printed
                     // by setting the alias, print it out, otherwise - do
                     // nothing.
-                    System.out.println();
                     if (alias != null) {
                         char[] keyPass;
                         if ((keyPass = param.getKeyPass()) != null) {
@@ -294,20 +300,39 @@
      * Reads an X.509 certificate from the file specified in param and prints it
      * in a human-readable format. If param.getFileName() returns null, the
      * certificate is read from the standard input. The input data is awaited
-     * for some time. If the data is not entered, an exception is thrown.
+     * for 3 seconds. If the data is not entered, an exception is thrown.
      * 
      * @param param
+     * @throws KeytoolException
+     * @throws IOException
+     * @throws CertificateException
+     * @throws FileNotFoundException
+     * @throws NoSuchAlgorithmException
+     * @throws NoSuchProviderException
      */
-    static void printCert(KeytoolParameters param) {
-        // TODO
-        throw new RuntimeException("The method is not implemented yet.");
+    static void printCert(KeytoolParameters param)
+            throws FileNotFoundException, CertificateException, IOException,
+            KeytoolException, NoSuchAlgorithmException, NoSuchProviderException {
+        // get the certificate(s) from the file
+        Collection certCollection = CertReader.readCerts(param.getFileName(),
+                false, param.getProvider());
+        Iterator certIter = certCollection.iterator();
+        int counter = 1;
+
+        // print the datailed info on all certificates
+        while (certIter.hasNext()) {
+            X509Certificate cert = (X509Certificate) certIter.next();
+            System.out.println("\nCertificate[" + counter + "]:");
+            printX509CertDetailed(cert, param.getProvider());
+            ++counter;
+        }
     }
 
     // Formats byte array as a String looking like "0A:1B:C3:D4:....:E5".
     private static String formatBytes(byte[] bytes) {
         int i;
         // The method is expected to format mostly message digest results and
-        // ? length of the String repesenting a SHA1 digest printed in
+        // åhe length of the String repesenting a SHA1 digest printed in
         // the way: "0A:1B:C3:D4:....:E5" is the biggest and is 59.
         StringBuffer buffer = new StringBuffer(59);
         int length;
@@ -315,14 +340,12 @@
         for (i = 0; i < bytes.length - 1; i++) {
             // TODO: change when String.format(..) method is implemented.
             // buffer.append(String.format("%02X", bytes[i]) + ":");
-            // /
             currentByte = Integer.toHexString(bytes[i]).toUpperCase();
             if ((length = currentByte.length()) > 1) {
                 buffer.append(currentByte.substring(length - 2) + ":");
             } else {
                 buffer.append("0" + currentByte + ":");
             }
-            // /
         }
         // The last byte doesn't need ":" after it ("...:E5:6F")
         // TODO: change in the same way to (String.format(..))

Modified: incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/KeyStoreLoaderSaver.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/KeyStoreLoaderSaver.java?rev=426443&r1=426442&r2=426443&view=diff
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/KeyStoreLoaderSaver.java
(original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/KeyStoreLoaderSaver.java
Fri Jul 28 01:59:55 2006
@@ -16,6 +16,7 @@
 
 package org.apache.harmony.tools.keytool;
 
+import java.io.BufferedInputStream;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
@@ -31,7 +32,6 @@
  * Class for loading keystores, saving ang changing the main keystore password.
  */
 public class KeyStoreLoaderSaver {
-
     /**
      * Creates an instance of class KeyStore and loads a keystore to it.
      * param.getStorePass() is used to check the integrity of the keystore. If
@@ -98,16 +98,16 @@
             KeyStoreException, NoSuchAlgorithmException, CertificateException,
             IOException, NoSuchProviderException, KeytoolException {
 
-        FileInputStream fis;
+        BufferedInputStream bis;
         // if the path is given, make a FileInputStream on it
         if (path != null) {
             File ksFile = new File(path);
             if (ksFile.length() == 0) {
                 throw new KeytoolException("Keystore file exists but is empty");
             }
-            fis = new FileInputStream(ksFile);
+            bis = new BufferedInputStream(new FileInputStream(ksFile));
         } else { // if the path is not given, a new keystore will be created
-            fis = null;
+            bis = null;
         }
 
         // Set the store type to default if it is not given.
@@ -131,7 +131,7 @@
 
         try {
             // try to load the keystore
-            keyStore.load(fis, storePass);
+            keyStore.load(bis, storePass);
         } catch (NoSuchAlgorithmException e) {
             throw new NoSuchAlgorithmException(
                     "Failed to find the algorithm to check the keystore integrity",
@@ -147,27 +147,54 @@
     }
 
     /**
-     * Saves the keystore to the file and protects its integrity with password.
+     * Saves the main keystore to the file and protects its integrity with
+     * password.
      * 
      * @throws KeyStoreException
      * @throws NoSuchAlgorithmException
      * @throws CertificateException
      * @throws IOException
+     * @throws KeytoolException 
+     * @throws NoSuchProviderException 
      */
     static void saveStore(KeytoolParameters param) throws KeyStoreException,
-            NoSuchAlgorithmException, CertificateException, IOException {
+            NoSuchAlgorithmException, CertificateException, IOException,
+            NoSuchProviderException, KeytoolException {
+        saveStore(param.getKeyStore(), param.getStorePath(), param
+                .getStorePass(), param.isVerbose());
+    }
+
+    /**
+     * Saves a keystore to the file and protects its integrity with password.
+     * 
+     * @throws KeyStoreException
+     * @throws NoSuchAlgorithmException
+     * @throws CertificateException
+     * @throws IOException
+     */
+    static void saveStore(KeyStore keyStore, String storePath,
+            char[] storePass, boolean isVerbose)
+            throws KeyStoreException, NoSuchAlgorithmException,
+            CertificateException, IOException {
         // TODO: store not only to a file?
+
+        // if the program should output additional information, do it
+        if (isVerbose) {
+            System.out.println("[Saving " + storePath + "]");
+        }
+
         // if the path to the store is not set, use the default value
-        if (param.getStorePath() == null) {
-            param.setStorePath(KeytoolParameters.defaultKeystorePath);
+        if (storePath == null) {
+            storePath = KeytoolParameters.defaultKeystorePath;
         }
-        File ksFile = new File(param.getStorePath());
+
+        File ksFile = new File(storePath);
         // the file will be created if and only if one with the same name
         // doesn't exist
         ksFile.createNewFile();
-        FileOutputStream fos = new FileOutputStream(param.getStorePath());
+        FileOutputStream fos = new FileOutputStream(ksFile);
         try {
-            param.getKeyStore().store(fos, param.getStorePass());
+            keyStore.store(fos, storePass);
         } catch (NoSuchAlgorithmException e) {
             throw new NoSuchAlgorithmException(
                     "Failed to find the algorithm to check the keystore integrity",
@@ -180,7 +207,7 @@
                     .initCause(e);
         }
     }
-
+    
     /**
      * Changes the keystore password to the new one.
      * 
@@ -189,5 +216,4 @@
     static void storePasswd(KeytoolParameters param) {
         param.setStorePass(param.getNewPasswd());
     }
-
 }

Modified: incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/KeytoolParameters.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/KeytoolParameters.java?rev=426443&r1=426442&r2=426443&view=diff
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/KeytoolParameters.java
(original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/KeytoolParameters.java
Fri Jul 28 01:59:55 2006
@@ -17,11 +17,17 @@
 package org.apache.harmony.tools.keytool;
 
 import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.IOException;
 import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.cert.CertificateException;
 
 /**
- * The class encapsulates paramaters for Keytool most of which are ususally
- * given in command line.
+ * The class encapsulates paramaters for Keytool most of which are ususally given
+ * in command line.
  */
 public class KeytoolParameters {
     /**
@@ -32,13 +38,14 @@
             .getProperty("user.home")
             + File.separator + ".keystore";
 
-    /**
-     * Location of cacerts file, containing the certificates from root
-     * certificate authorities (usually self-signed).
-     */
-    public static final String cacertsPath = System.getProperty("java.home")
+    // Default location of cacerts file
+    private static final String defaultCacertsPath = System.getProperty("java.home")
             + File.separator + "lib" + File.separator + "security"
             + File.separator + "cacerts";
+    
+    // Default password for cacerts keystore
+    private static final char[] defaultCacertsPass = { 'c', 'h', 'a', 'n', 'g',
+            'e', 'i', 't' };
 
     // the keystore to work with
     private KeyStore keyStore;
@@ -74,8 +81,8 @@
     // generated certificate can be signed with)
     private String issuerAlias;
 
-    // certstore to keep a CRL in
-    private String crlStore;
+    // file with CRLs
+    private String crlFile;
 
     // used in keyclone. Shows the destination alias to copy key pair to
     private String destAlias;
@@ -121,15 +128,37 @@
 
     // should a secret key or a key pair be generated
     private boolean isSecretKey;
+    
+    // should the generated certificate ba a CA certificate or not
+    private boolean isCA;
 
-    // true if the store worked with is a keystore, false - if a certstore
-    private boolean isKeyStore = true;
-
+    // path to the keystore to convert the current keystore to
+    private String convertedKeyStorePath;    
+    
+    // type of the keystore to convert the current keystore to
+    private String convertedKeyStoreType;    
+    
+    // password to the keystore to convert the current keystore to
+    private char [] convertedKeyStorePass;
+    
+    // should the key entries be converted or not
+    private boolean convertKeyEntries;
+    
+    // location of cacerts file
+    private String cacertsPath;
+    
+    // password for cacerts keystore
+    private char [] cacertsPass;
+    
+    // cacerts keystore containing the certificates from root
+    // certificate authorities (usually self-signed)
+    private KeyStore cacerts;
+    
     // command to perform
     private Command command = Command.HELP;
-    
+
     /**
-     * The method sets the fields to default values. If there is no default
+     * The method sets the fields to default values. If there is not a default
      * value the field is set to null.
      */
     void setDefault() {
@@ -154,17 +183,38 @@
         verbose = false;
         isSecretKey = false;
         issuerAlias = null;
+        issuerPass = null;
         X509version = 3;
         certSerialNr = 0;
-        isKeyStore = true;
+        isCA = false;
+        convertedKeyStorePath = null;
+        convertedKeyStoreType = null;
+        convertedKeyStorePass = null;
+        convertKeyEntries = false;
+        cacertsPath = null;
+        cacertsPass = null;
+        cacerts = null;
+        crlFile = null;
         command = Command.HELP;
     }
 
     // getters and setters down here.
     /**
      * @return Returns the keystore to work with.
-     */
-    KeyStore getKeyStore() {
+     * @throws KeytoolException 
+     * @throws IOException 
+     * @throws NoSuchProviderException 
+     * @throws KeyStoreException 
+     * @throws FileNotFoundException 
+     * @throws CertificateException 
+     * @throws NoSuchAlgorithmException 
+     */
+    KeyStore getKeyStore() throws NoSuchAlgorithmException,
+            CertificateException, FileNotFoundException, KeyStoreException,
+            NoSuchProviderException, IOException, KeytoolException {
+        if (keyStore == null){
+            KeyStoreLoaderSaver.loadStore(this);
+        }
         return keyStore;
     }
 
@@ -224,18 +274,18 @@
     }
 
     /**
-     * @return Returns the certstore path to keep CRLs in.
+     * @return Returns path to a file with CRLs.
      */
-    String getCrlStore() {
-        return crlStore;
+    String getCrlFile() {
+        return crlFile;
     }
 
     /**
-     * @param crlStore
-     *            certstore path to keep CRLs in.
+     * @param crlFile
+     *            path to a file with CRLs.
      */
-    public void setCrlStore(String crlStore) {
-        this.crlStore = crlStore;
+    public void setCrlFile(String crlStore) {
+        this.crlFile = crlStore;
     }
 
     /**
@@ -314,23 +364,6 @@
     }
 
     /**
-     * @return Returns true if the store to work with is a keystore, false - if
-     *         a certstore
-     */
-    boolean isKeyStore() {
-        return isKeyStore;
-    }
-
-    /**
-     * @param isKeyStore
-     *            set true if the store worked with is a keystore, false - if a
-     *            certstore
-     */
-    void setIsKeyStore(boolean isKeyStore) {
-        this.isKeyStore = isKeyStore;
-    }
-
-    /**
      * @return Returns the algorithm name to get instance of KeyPairGenerator,
      *         KeyFactory, etc.
      */
@@ -476,6 +509,23 @@
     }
 
     /**
+     * @return true if the generated certificate should be a CA certificate,
+     *         false - otherwise
+     */
+    boolean isCA() {
+        return isCA;
+    }
+
+    /**
+     * @param isCA
+     *            set true if the generated certificate should be a CA
+     *            certificate, false - otherwise
+     */
+    public void setCA(boolean isCA) {
+        this.isCA = isCA;
+    }
+
+    /**
      * @return Returns the digital signature algorithm
      */
     String getSigAlg() {
@@ -604,5 +654,133 @@
         this.storePath = storePath;
     }
 
-}
+    /**
+     * @return password for the keystore to convert the current keystore to
+     */
+    char [] getConvertedKeyStorePass() {
+        return convertedKeyStorePass;
+    }
+
+    /**
+     * @param password
+     *            for the keystore to convert the current keystore to
+     */
+    public void setConvertedKeyStorePass(char [] convertedKeyStorePass) {
+        this.convertedKeyStorePass = convertedKeyStorePass;
+    }
+
+    /**
+     * @return path to the keystore to convert the current keystore to
+     */
+    String getConvertedKeyStorePath() {
+        return convertedKeyStorePath;
+    }
 
+    /**
+     * @param path
+     *            to the keystore to convert the current keystore to
+     */
+    public void setConvertedKeyStorePath(String convertedKeyStorePath) {
+        this.convertedKeyStorePath = convertedKeyStorePath;
+    }
+
+    /**
+     * @return type of the keystore to convert the current keystore to
+     */
+    String getConvertedKeyStoreType() {
+        return convertedKeyStoreType;
+    }
+
+    /**
+     * @param type
+     *            of the keystore to convert the current keystore to
+     */
+    public void setConvertedKeyStoreType(String convertedKeyStoreType) {
+        this.convertedKeyStoreType = convertedKeyStoreType;
+    }
+
+    /**
+     * @return true if key entries should be converted, false - if not
+     */
+    boolean isConvertKeyEntries() {
+        return convertKeyEntries;
+    }
+
+    /**
+     * @param set
+     *            true if key entries should be converted, false - if not
+     */
+    public void setConvertKeyEntries(boolean convertKeyEnties) {
+        this.convertKeyEntries = convertKeyEnties;
+    }
+
+    /**
+     * @return Returns the location of cacerts file, containing the certificates
+     *         from root certificate authorities (usually self-signed).
+     */
+    String getCacertsPath() {
+        if (cacertsPath != null) {
+            return cacertsPath;
+        } else {
+            return defaultCacertsPath;
+        }
+    }
+
+    /**
+     * @param the
+     *            location of cacerts file, containing the certificates from
+     *            root certificate authorities (usually self-signed).
+     */
+    public void setCacertsPath(String cacertsPath) {
+        this.cacertsPath = cacertsPath;
+    }
+
+    /**
+     * @return password for cacerts keystore
+     */
+    char[] getCacertsPass() {
+        if (cacertsPass != null) {
+            return cacertsPass;
+        } else {
+            return defaultCacertsPass;
+        }
+    }
+
+    /**
+     * @param password
+     *            for cacerts keystore
+     */
+    public void setCacertsPass(char[] cacertsPass) {
+        this.cacertsPass = cacertsPass;
+    }
+
+    /**
+     * @return cacerts keystore containing the certificates from root
+     *         certificate authorities (usually self-signed)
+     * @throws KeytoolException 
+     * @throws IOException 
+     * @throws NoSuchProviderException 
+     * @throws CertificateException 
+     * @throws NoSuchAlgorithmException 
+     * @throws KeyStoreException 
+     * @throws FileNotFoundException 
+     */
+    KeyStore getCacerts() throws FileNotFoundException, KeyStoreException,
+            NoSuchAlgorithmException, CertificateException,
+            NoSuchProviderException, IOException, KeytoolException {
+        if (cacerts == null) {
+            cacerts = KeyStoreLoaderSaver.loadStore(getCacertsPath(),
+                    storeType, getCacertsPass(), provider);
+        }
+        return cacerts;
+    }
+
+    /**
+     * @param cacerts
+     *            keystore containing the certificates from root certificate
+     *            authorities (usually self-signed)
+     */
+    void setCacerts(KeyStore cacerts) {
+        this.cacerts = cacerts;
+    }
+}

Modified: incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/Main.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/Main.java?rev=426443&r1=426442&r2=426443&view=diff
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/Main.java
(original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/tools/src/main/java/org/apache/harmony/tools/keytool/Main.java
Fri Jul 28 01:59:55 2006
@@ -49,6 +49,16 @@
             case KEYPASSWD:
                 EntryManager.keyPasswd(param);
                 break;
+            case IMPORT:
+                CertImporter.importCert(param);
+                break;
+            case CHECK:
+                CRLManager.checkRevoked(param);
+                break;
+            case HELP:
+                HelpPrinter.printHelp();
+                break;
+
             // TODO: calls for other options.    
         }
     }
@@ -63,7 +73,7 @@
         KeytoolParameters param = ArgumentsParser.parseArgs(args);
 
         if (param == null) {
-            System.out.println("Help message is printed here");
+            HelpPrinter.printHelp();
             System.exit(-1);
         }
 
@@ -78,11 +88,9 @@
                 throw new KeytoolException(
                         "Must specify store password to work with this command.");
             }
-            // load the keystore
-            KeyStoreLoaderSaver.loadStore(param);
             // prompt for additional parameters if some of the expected
             // ones have not been specified.
-            //ArgumentsParser.getAdditionalParameters(param);
+            ArgumentsParser.getAdditionalParameters(param);
         }
 
         // print the warning if store password is not set
@@ -97,10 +105,6 @@
         doWork(param);
 
         if (param.isNeedSaveKS()) {
-            // if the program should output additional information, do it
-            if (param.isVerbose()) {
-                System.out.println("[Saving " + param.getStorePath() + "]");
-            }
             // save the store
             KeyStoreLoaderSaver.saveStore(param);
         }



Mime
View raw message