Author: indika
Date: Tue Dec 1 17:00:40 2009
New Revision: 885834
URL: http://svn.apache.org/viewvc?rev=885834&view=rev
Log:
update keystore wrappers
Modified:
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/CipherWrapper.java
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/IdentityKeyStoreWrapper.java
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/KeyStoreWrapper.java
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/TrustKeyStoreWrapper.java
Modified:
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/CipherWrapper.java
URL:
http://svn.apache.org/viewvc/synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/CipherWrapper.java?rev=885834&r1=885833&r2=885834&view=diff
==============================================================================
---
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/CipherWrapper.java
(original)
+++
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/CipherWrapper.java
Tue Dec 1 17:00:40 2009
@@ -20,16 +20,15 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.synapse.commons.SynapseCommonsException;
import org.apache.synapse.commons.security.definition.CipherInformation;
import org.apache.synapse.commons.security.enumeration.CipherOperationMode;
import org.apache.synapse.commons.security.tool.EncodingHelper;
-import org.apache.synapse.commons.SynapseCommonsException;
import javax.crypto.Cipher;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;
-
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
@@ -54,7 +53,7 @@
* providing those.
*
* @param cipherInformation Encapsulated object contains all information
required to cipher
- * @param key The key that will be used by the cipher either
for encryption and
+ * @param key The key that will be used by the cipher either
for encryption and
* encryption
*/
public CipherWrapper(CipherInformation cipherInformation, Key key) {
@@ -73,23 +72,23 @@
} else if (opMode == CipherOperationMode.DECRYPT) {
cipher.init(Cipher.DECRYPT_MODE, key);
} else {
- handleException("Invalid mode : " + opMode);
+ throw new SynapseCommonsException("Invalid mode : " + opMode,
log);
}
} catch (NoSuchAlgorithmException e) {
- handleException("There is no algorithm support for " +
- "'" + algorithm + "' in the operation mode '" + opMode +
"'" + e);
+ throw new SynapseCommonsException("There is no algorithm support
for " +
+ "'" + algorithm + "' in the operation mode '" + opMode +
"'" + e, log);
} catch (NoSuchPaddingException e) {
- handleException("There is no padding scheme for " +
- "'" + algorithm + "' in the operation mode '" + opMode +
"'" + e);
+ throw new SynapseCommonsException("There is no padding scheme for
" +
+ "'" + algorithm + "' in the operation mode '" + opMode +
"'" + e, log);
} catch (InvalidKeyException e) {
- handleException("Invalid key ", e);
+ throw new SynapseCommonsException("Invalid key ", e, log);
}
}
/**
* Constructs a cipher wrapper using the provided information and pass
phrase.
- *
+ *
* @param cipherInformation Encapsulated object contains all information
required to cipher
* @param passphrase The pass phrase used to construct a secret key
using the same algorithm
* that will be used to de- or encrypt data.
@@ -107,12 +106,13 @@
*/
public String getSecret(InputStream inputStream) {
- InputStream sourceStream = null;
+ InputStream sourceStream;
if (cipherInformation.getInType() != null) {
try {
sourceStream = EncodingHelper.decode(inputStream,
cipherInformation.getInType());
} catch (IOException e) {
- handleException("IOError when decoding the input stream for
cipher ", e);
+ throw new SynapseCommonsException(
+ "IOError when decoding the input stream for cipher ",
e, log);
}
} else {
sourceStream = inputStream;
@@ -128,7 +128,8 @@
out.write(buffer, 0, length);
}
} catch (IOException e) {
- handleException("IOError when reading the input stream for cipher
", e);
+ throw new SynapseCommonsException("IOError when reading the input
stream for cipher ",
+ e, log);
} finally {
try {
sourceStream.close();
@@ -138,24 +139,13 @@
// ignore exception
}
}
-
+
String secret;
- if (cipherInformation.getOutType() != null) {
+ if (cipherInformation.getOutType() != null) {
secret = EncodingHelper.encode(baos,
cipherInformation.getOutType());
} else {
secret = baos.toString();
}
return secret;
}
-
-
- private static void handleException(String msg, Exception e) {
- log.error(msg, e);
- throw new SynapseCommonsException(msg, e);
- }
-
- private static void handleException(String msg) {
- log.error(msg);
- throw new SynapseCommonsException(msg);
- }
}
Modified:
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/IdentityKeyStoreWrapper.java
URL:
http://svn.apache.org/viewvc/synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/IdentityKeyStoreWrapper.java?rev=885834&r1=885833&r2=885834&view=diff
==============================================================================
---
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/IdentityKeyStoreWrapper.java
(original)
+++
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/IdentityKeyStoreWrapper.java
Tue Dec 1 17:00:40 2009
@@ -20,7 +20,6 @@
import
org.apache.synapse.commons.security.definition.IdentityKeyStoreInformation;
-import javax.crypto.SecretKey;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
@@ -33,8 +32,8 @@
public class IdentityKeyStoreWrapper extends KeyStoreWrapper {
/**
- * @see org.apache.synapse.commons.security.wrappers.KeyStoreWrapper
- * #init(org.apache.synapse.security.bean.KeyStoreInformation,
String, String)
+ * @see KeyStoreWrapper
+ * #init(KeyStoreInformation, String, String)
*/
public void init(IdentityKeyStoreInformation information, String
keyPassword) {
super.init(information, keyPassword);
@@ -61,7 +60,7 @@
* @return PrivateKey if there is a one , otherwise null
*/
public PrivateKey getPrivateKey() {
- Key key = super.getKey();
+ Key key = super.getDefaultPrivateKey();
if (key instanceof PrivateKey) {
return (PrivateKey) key;
}
@@ -82,34 +81,6 @@
}
/**
- * Returns the secret key
- *
- * @param alias The alias of the certificate in the specified
keyStore
- * @param keyPassword Password to access secret key
- * @return SecretKey if there is a one , otherwise null
- */
- public SecretKey getSecretKey(String alias, String keyPassword) {
- Key key = super.getKey(alias, keyPassword);
- if (key instanceof SecretKey) {
- return (SecretKey) key;
- }
- return null;
- }
-
- /**
- * Returns the secret key based on initialization data
- *
- * @return SecretKey if there is a one , otherwise null
- */
- public SecretKey getSecretKey() {
- Key key = super.getKey();
- if (key instanceof SecretKey) {
- return (SecretKey) key;
- }
- return null;
- }
-
- /**
* Abstraction for getting Private Entry KeyStore(Identity)
*
* @return KeyStore Instance
Modified:
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/KeyStoreWrapper.java
URL:
http://svn.apache.org/viewvc/synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/KeyStoreWrapper.java?rev=885834&r1=885833&r2=885834&view=diff
==============================================================================
---
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/KeyStoreWrapper.java
(original)
+++
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/KeyStoreWrapper.java
Tue Dec 1 17:00:40 2009
@@ -20,19 +20,20 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.synapse.commons.SynapseCommonsException;
import
org.apache.synapse.commons.security.definition.IdentityKeyStoreInformation;
import org.apache.synapse.commons.security.definition.KeyStoreInformation;
import org.apache.synapse.commons.security.definition.TrustKeyStoreInformation;
-import org.apache.synapse.commons.SynapseCommonsException;
+import javax.crypto.SecretKey;
import java.security.*;
import java.security.cert.Certificate;
/**
- * Wraps the keyStore and provide abstraction need for ciphering in the
synapse.
+ * Wraps the keyStore and provide abstraction need for ciphering.
*/
public abstract class KeyStoreWrapper {
-
+
protected Log log;
/* Bean that encapsulates the information about KeyStore */
private KeyStoreInformation keyStoreInformation;
@@ -55,7 +56,7 @@
protected void init(KeyStoreInformation information, String keyPassword) {
if (information == null) {
- handleException("KeyStore information cannot be found");
+ throw new SynapseCommonsException("KeyStore information cannot be
found", log);
}
this.keyStoreInformation = information;
this.keyPassword = keyPassword;
@@ -65,7 +66,7 @@
} else if (information instanceof IdentityKeyStoreInformation) {
this.keyStore = ((IdentityKeyStoreInformation)
information).getIdentityKeyStore();
} else {
- handleException("Invalid KeyStore type");
+ throw new SynapseCommonsException("Invalid KeyStore type", log);
}
}
@@ -79,17 +80,17 @@
protected Key getKey(String alias, String keyPassword) {
if (alias == null || "".equals(alias)) {
- handleException("The alias need to provided to get certificate");
+ throw new SynapseCommonsException("The alias need to provided to
get certificate", log);
}
if (keyPassword != null) {
try {
return keyStore.getKey(alias, keyPassword.toCharArray());
} catch (KeyStoreException e) {
- handleException("Error loading key for alias : " + alias, e);
+ throw new SynapseCommonsException("Error loading key for alias
: " + alias, e, log);
} catch (NoSuchAlgorithmException e) {
- handleException("Error loading key for alias : " + alias, e);
+ throw new SynapseCommonsException("Error loading key for alias
: " + alias, e, log);
} catch (UnrecoverableKeyException e) {
- handleException("Error loading key for alias : " + alias, e);
+ throw new SynapseCommonsException("Error loading key for alias
: " + alias, e, log);
}
}
return null;
@@ -101,14 +102,14 @@
* @param alias The alias of the certificate in the specified keyStore
* @return Key , if there is a one , otherwise null
*/
- protected Key getKey(String alias) {
+ protected Key getPublicKeyFromCetificate(String alias) {
try {
Certificate certificate = keyStore.getCertificate(alias);
if (certificate != null) {
return certificate.getPublicKey();
}
} catch (KeyStoreException e) {
- handleException("Error loading key for alias : " + alias, e);
+ throw new SynapseCommonsException("Error loading key for alias : "
+ alias, e, log);
}
return null;
}
@@ -118,12 +119,11 @@
*
* @return Key , if there is a one , otherwise null
*/
- protected Key getKey() {
+ protected Key getDefaultPrivateKey() {
if (keyPassword != null) {
return getKey(keyStoreInformation.getAlias(), keyPassword);
- } else {
- return getKey(keyStoreInformation.getAlias());
}
+ return null;
}
/**
@@ -143,7 +143,7 @@
* @return PublicKey if there is a one , otherwise null
*/
public PublicKey getPublicKey(String alias) {
- Key key = getKey(alias);
+ Key key = getPublicKeyFromCetificate(alias);
if (key instanceof PublicKey) {
return (PublicKey) key;
}
@@ -156,23 +156,13 @@
* @return PublicKey if there is a one , otherwise null
*/
public PublicKey getPublicKey() {
- Key key = getKey();
+ Key key = getPublicKeyFromCetificate(keyStoreInformation.getAlias());
if (key instanceof PublicKey) {
return (PublicKey) key;
}
return null;
}
- protected void handleException(String msg, Exception e) {
- log.error(msg, e);
- throw new SynapseCommonsException(msg, e);
- }
-
- protected void handleException(String msg) {
- log.error(msg);
- throw new SynapseCommonsException(msg);
- }
-
/**
* Returns KeyStore Information
*
@@ -181,4 +171,33 @@
protected KeyStore getKeyStore() {
return keyStore;
}
+
+ /**
+ * Returns the secret key
+ *
+ * @param alias The alias of the certificate in the specified
keyStore
+ * @param keyPassword Password to access secret key
+ * @return SecretKey if there is a one , otherwise null
+ */
+ public SecretKey getSecretKey(String alias, String keyPassword) {
+ Key key = getKey(alias, keyPassword);
+ if (key instanceof SecretKey) {
+ return (SecretKey) key;
+ }
+ return null;
+ }
+
+ /**
+ * Returns the secret key based on initialization data
+ *
+ * @return SecretKey if there is a one , otherwise null
+ */
+ public SecretKey getSecretKey() {
+ Key key = getKey(keyStoreInformation.getAlias(),
+
keyStoreInformation.getKeyStorePasswordProvider().getResolvedSecret());
+ if (key instanceof SecretKey) {
+ return (SecretKey) key;
+ }
+ return null;
+ }
}
Modified:
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/TrustKeyStoreWrapper.java
URL:
http://svn.apache.org/viewvc/synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/TrustKeyStoreWrapper.java?rev=885834&r1=885833&r2=885834&view=diff
==============================================================================
---
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/TrustKeyStoreWrapper.java
(original)
+++
synapse/trunk/java/modules/commons/src/main/java/org/apache/synapse/commons/security/wrappers/TrustKeyStoreWrapper.java
Tue Dec 1 17:00:40 2009
@@ -28,7 +28,7 @@
*/
public class TrustKeyStoreWrapper extends KeyStoreWrapper {
/**
- * @see org.apache.synapse.commons.security.wrappers.KeyStoreWrapper
+ * @see KeyStoreWrapper
* There is no keyPassword as trusted Store doesn't keep private or
secret keys
*/
public void init(TrustKeyStoreInformation information) {
