LogCryptoProfile.java example

Explorer
logdb-master
package org.araqne.logstorage;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;

import org.araqne.api.FieldOption;
import org.araqne.confdb.CollectionName;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

// TODO : uri handling
@CollectionName("crypto_profiles")
public class LogCryptoProfile {
	/**
	 * profile name
	 */
	@FieldOption(nullable = false)
	private String name;

	/**
	 * cipher algorithm (e.g. AES/CBC/PKCS5Padding)
	 */
	private String cipher;

	/**
	 * digest algorithm (e.g. HmacSHA256)
	 */
	private String digest;

	/**
	 * pkcs#12 file path
	 */
	private String filePath;

	/**
	 * pkcs#12 keystore password
	 */
	private String password;

	@FieldOption(skip = true)
	private KeyStore keystore;

	public String getName() {
		return name;
	}

	public void setName(String name) {
		this.name = name;
	}

	public String getCipher() {
		return cipher;
	}

	public void setCipher(String cipher) {
		this.cipher = cipher;
	}

	public String getDigest() {
		return digest;
	}

	public void setDigest(String digest) {
		this.digest = digest;
	}

	public String getFilePath() {
		return filePath;
	}

	public void setFilePath(String filePath) {
		this.filePath = filePath;
	}

	public String getPassword() {
		return password;
	}

	public void setPassword(String password) {
		this.password = password;
	}

	public PublicKey getPublicKey() {
		try {
			ensureKeystore();
			String alias = keystore.aliases().nextElement();
			Certificate[] cc = keystore.getCertificateChain(alias);
			return cc[0].getPublicKey();
		} catch (Exception e) {
			throw new IllegalStateException("cannot load public key of crypto profile " + name, e);
		}
	}

	public PrivateKey getPrivateKey() {
		try {
			ensureKeystore();
			String alias = keystore.aliases().nextElement();
			return (PrivateKey) keystore.getKey(alias, password.toCharArray());
		} catch (Exception e) {
			throw new IllegalStateException("cannot load private key of crypto profile " + name, e);
		}
	}

	private void ensureKeystore() {
		if (keystore != null)
			return;

		FileInputStream is = null;
		try {
			KeyStore pfx = KeyStore.getInstance("PKCS12");
			is = new FileInputStream(new File(filePath));
			pfx.load(is, password.toCharArray());
			this.keystore = pfx;
		} catch (Throwable t) {
			// explicit logging for fast troubleshooting. query command may
			// ignore this kinds of reader open failure and just skip.
			String msg = "cannot load pfx file [" + filePath + "] of crypto profile [" + name + "]";
			Logger slog = LoggerFactory.getLogger(LogCryptoProfile.class);
			slog.error("araqne logstorage: " + msg, t);

			throw new IllegalStateException(msg, t);
		} finally {
			if (is != null) {
				try {
					is.close();
				} catch (IOException e) {
				}
			}
		}
	}

	@Override
	public String toString() {
		return "name=" + name + ", cipher=" + cipher + ", digest=" + digest + ", path=" + filePath + ", password=" + password;
	}
}