RACFPasswordEnvelopeUtilities.java

/*
 * ====================
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 * 
 * Copyright 2008-2009 Sun Microsystems, Inc. All rights reserved.     
 * 
 * The contents of this file are subject to the terms of the Common Development 
 * and Distribution License("CDDL") (the "License").  You may not use this file 
 * except in compliance with the License.
 * 
 * You can obtain a copy of the License at 
 * http://IdentityConnectors.dev.java.net/legal/license.txt
 * See the License for the specific language governing permissions and limitations 
 * under the License. 
 * 
 * When distributing the Covered Code, include this CDDL Header Notice in each file
 * and include the License file at identityconnectors/legal/license.txt.
 * If applicable, add the following below this CDDL Header, with the fields 
 * enclosed by brackets [] replaced by your own identifying information: 
 * "Portions Copyrighted [year] [name of copyright owner]"
 * ====================
 */
package org.identityconnectors.racf;

import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.cert.X509Certificate;

import org.identityconnectors.framework.common.exceptions.ConnectorException;

public abstract class RACFPasswordEnvelopeUtilities {

    private X509Certificate certificate = null;
    private static final String DEFAULT_UTILITY = "org.identityconnectors.racf.BouncyCastlePEUtilities";

    protected X509Certificate getCertificate() {
        return certificate;
    }

    protected void setCertificate(X509Certificate certificate) {
        this.certificate = certificate;
    }

    private PrivateKey privateKey = null;

    protected PrivateKey getPrivateKey() {
        return privateKey;
    }

    protected void setPrivateKey(PrivateKey privateKey) {
        this.privateKey = privateKey;
    }

    protected RACFPasswordEnvelopeUtilities(String certificateString, String privateKeyString) {
        setCertificate(decodeX509Certificate(certificateString));
        setPrivateKey(decodePrivateKey(privateKeyString));
    }

    public static RACFPasswordEnvelopeUtilities newRACFPasswordEnvelopeDecryptor(String className, String certificateString, String privateKeyString) {
        try {
            if (className==null)
                className = DEFAULT_UTILITY;
            Class clazz = Class.forName(className);
            Constructor constructor = clazz.getConstructor(new Class[] { String.class, String.class });
            return (RACFPasswordEnvelopeUtilities)constructor.newInstance((Object[])new String[] { certificateString, privateKeyString });
        } catch (SecurityException e) {
            throw ConnectorException.wrap(e);
        } catch (IllegalArgumentException e) {
            throw ConnectorException.wrap(e);
        } catch (ClassNotFoundException e) {
            throw ConnectorException.wrap(e);
        } catch (NoSuchMethodException e) {
            throw ConnectorException.wrap(e);
        } catch (InstantiationException e) {
            throw ConnectorException.wrap(e);
        } catch (IllegalAccessException e) {
            throw ConnectorException.wrap(e);
        } catch (InvocationTargetException e) {
            throw ConnectorException.wrap(e);
        }
    }

    public byte[] decrypt(byte[] encrypted) {
        return decrypt(encrypted, getCertificate(), getPrivateKey());
    }

    // The methods deal with the actual encrypted items
    //

    protected abstract Provider getProvider();

    protected abstract PrivateKey decodePrivateKey(String privateKeyString);

    protected abstract X509Certificate decodeX509Certificate(String certificateString);

    protected abstract byte[] decrypt(byte[] data, X509Certificate certificate, PrivateKey key);

    public abstract String getPassword(byte[] encrypted);

}