KeyStoreSignatureTokenConnection.java example

Explorer
dss-master
package eu.europa.esig.dss.token;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStore.PasswordProtection;
import java.security.KeyStore.PrivateKeyEntry;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableEntryException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;

import eu.europa.esig.dss.DSSException;

public class KeyStoreSignatureTokenConnection extends AbstractSignatureTokenConnection {

	private final KeyStore keyStore;
	private final PasswordProtection passwordProtection;

	public KeyStoreSignatureTokenConnection(byte[] ksBytes, String ksType, String ksPassword) {
		this(new ByteArrayInputStream(ksBytes), ksType, ksPassword);
	}

	public KeyStoreSignatureTokenConnection(String filepath, String ksType, String ksPassword) throws IOException {
		this(new File(filepath), ksType, ksPassword);
	}

	public KeyStoreSignatureTokenConnection(File ksFile, String ksType, String ksPassword) throws IOException {
		this(new FileInputStream(ksFile), ksType, ksPassword);
	}

	public KeyStoreSignatureTokenConnection(InputStream ksStream, String ksType, String ksPassword) {
		try {
			keyStore = KeyStore.getInstance(ksType);
			final char[] password = (ksPassword == null) ? null : ksPassword.toCharArray();
			keyStore.load(ksStream, password);
			passwordProtection = new PasswordProtection(password);
		} catch (Exception e) {
			throw new DSSException(e);
		} finally {
			if (ksStream != null) {
				try {
					ksStream.close();
				} catch (IOException e) {
					logger.error(e.getMessage(), e);
				}
			}
		}
	}

	@Override
	public void close() {
	}

	@Override
	public List<DSSPrivateKeyEntry> getKeys() throws DSSException {
		final List<DSSPrivateKeyEntry> list = new ArrayList<DSSPrivateKeyEntry>();
		try {
			final Enumeration<String> aliases = keyStore.aliases();
			while (aliases.hasMoreElements()) {
				final String alias = aliases.nextElement();
				if (keyStore.isKeyEntry(alias)) {
					list.add(getKSPrivateKeyEntry(alias));
				}
			}
		} catch (Exception e) {
			throw new DSSException(e);
		}
		return list;
	}

	/**
	 * This method allows to retrieve a DSSPrivateKeyEntry by alias
	 * 
	 * @param alias
	 *            the expected entry alias
	 * @return
	 */
	public DSSPrivateKeyEntry getKey(String alias) {
		try {
			if (keyStore.isKeyEntry(alias)) {
				return getKSPrivateKeyEntry(alias);
			}
		} catch (Exception e) {
			throw new DSSException("Unable to retrieve the certificate", e);
		}
		return null;
	}

	private KSPrivateKeyEntry getKSPrivateKeyEntry(final String alias) throws NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException {
		final PrivateKeyEntry entry = (PrivateKeyEntry) keyStore.getEntry(alias, passwordProtection);
		return new KSPrivateKeyEntry(alias, entry);
	}

}