Coverage Report - ca.uhn.hl7v2.hoh.util.KeystoreUtils
 
Classes in this File Line Coverage Branch Coverage Complexity
KeystoreUtils
19%
16/83
20%
5/24
3.778
 
 1  
 package ca.uhn.hl7v2.hoh.util;
 2  
 
 3  
 import java.io.BufferedInputStream;
 4  
 import java.io.File;
 5  
 import java.io.FileInputStream;
 6  
 import java.io.FileNotFoundException;
 7  
 import java.io.IOException;
 8  
 import java.security.Key;
 9  
 import java.security.KeyStore;
 10  
 import java.security.KeyStoreException;
 11  
 import java.security.NoSuchAlgorithmException;
 12  
 import java.security.PrivateKey;
 13  
 import java.security.UnrecoverableKeyException;
 14  
 import java.security.cert.CertificateException;
 15  
 import java.util.Enumeration;
 16  
 
 17  
 public class KeystoreUtils {
 18  
 
 19  5
         private static final org.slf4j.Logger ourLog = org.slf4j.LoggerFactory.getLogger(KeystoreUtils.class);
 20  
 
 21  
         /** non instantiable */
 22  0
         private KeystoreUtils() {
 23  
                 // nothing
 24  0
         }
 25  
 
 26  
         public static KeyStore loadKeystore(File theFile, char[] thePassword) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
 27  10
                 KeyStore keystore = KeyStore.getInstance("JKS");
 28  10
                 keystore.load(new BufferedInputStream(new FileInputStream(theFile)), thePassword);
 29  10
                 return keystore;
 30  
         }
 31  
 
 32  
         public static KeyStore loadKeystore(String theFile, String theKeystorePassword) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
 33  10
                 char[] pass = theKeystorePassword != null ? theKeystorePassword.toCharArray() : null;
 34  10
                 return loadKeystore(new File(theFile), pass);
 35  
         }
 36  
 
 37  
         public static boolean validateKeystoreForTlsReceiving(KeyStore theKs) throws KeyStoreException {
 38  
 
 39  10
                 Enumeration<String> aliases = theKs.aliases();
 40  10
                 boolean foundPrivateKey = false;
 41  20
                 while (aliases.hasMoreElements()) {
 42  10
                         String nextAlias = aliases.nextElement();
 43  
 
 44  10
                         ourLog.debug("Checking keystore alias: {}", nextAlias);
 45  
 
 46  10
                         if (theKs.isKeyEntry(nextAlias)) {
 47  5
                                 ourLog.debug("Found private key: " + nextAlias);
 48  5
                                 foundPrivateKey = true;
 49  
                         }
 50  
 
 51  10
                 }
 52  
 
 53  10
                 return foundPrivateKey;
 54  
         }
 55  
 
 56  
         public static boolean validateKeystoreForSignatureSigning(KeyStore theKs) throws KeyStoreException {
 57  
 
 58  0
                 Enumeration<String> aliases = theKs.aliases();
 59  0
                 boolean foundPrivateKey = false;
 60  0
                 while (aliases.hasMoreElements()) {
 61  0
                         String nextAlias = aliases.nextElement();
 62  
 
 63  0
                         ourLog.debug("Checking keystore alias: {}", nextAlias);
 64  
 
 65  0
                         if (theKs.isKeyEntry(nextAlias)) {
 66  0
                                 ourLog.debug("Found private key: " + nextAlias);
 67  0
                                 foundPrivateKey = true;
 68  
                         }
 69  
 
 70  0
                 }
 71  
 
 72  0
                 return foundPrivateKey;
 73  
         }
 74  
 
 75  
         public static boolean validateKeystoreForTlsSending(KeyStore theKs) throws KeyStoreException {
 76  
 
 77  0
                 Enumeration<String> aliases = theKs.aliases();
 78  0
                 boolean foundPublicKey = false;
 79  0
                 while (aliases.hasMoreElements()) {
 80  0
                         String nextAlias = aliases.nextElement();
 81  
 
 82  0
                         ourLog.debug("Checking keystore alias: {}", nextAlias);
 83  
 
 84  0
                         if (theKs.isCertificateEntry(nextAlias)) {
 85  0
                                 ourLog.debug("Found public key: " + nextAlias);
 86  0
                                 foundPublicKey = true;
 87  
                         }
 88  
 
 89  0
                 }
 90  
 
 91  0
                 return foundPublicKey;
 92  
         }
 93  
 
 94  
         public static boolean validateKeystoreForSignatureVerifying(KeyStore theKs) throws KeyStoreException {
 95  
 
 96  0
                 Enumeration<String> aliases = theKs.aliases();
 97  0
                 boolean foundPublicKey = false;
 98  0
                 while (aliases.hasMoreElements()) {
 99  0
                         String nextAlias = aliases.nextElement();
 100  
 
 101  0
                         ourLog.debug("Checking keystore alias: {}", nextAlias);
 102  
 
 103  0
                         if (theKs.isCertificateEntry(nextAlias)) {
 104  0
                                 ourLog.debug("Found public key: " + nextAlias);
 105  0
                                 foundPublicKey = true;
 106  
                         }
 107  
 
 108  0
                 }
 109  
 
 110  0
                 return foundPublicKey;
 111  
         }
 112  
 
 113  
 
 114  
         public static boolean validateKeyForSignatureSigning(KeyStore theKeystore, String theKeyAlias, String theKeyPassword) {
 115  0
                 Validate.notNull(theKeystore, "Keystore");
 116  0
                 Validate.notBlank(theKeyAlias, "Key Alias");
 117  0
                 Validate.notNull(theKeyPassword, "Key Password");
 118  
                 
 119  
                 Key key;
 120  
                 try {
 121  0
                         key = theKeystore.getKey(theKeyAlias, theKeyPassword.toCharArray());
 122  0
                 } catch (UnrecoverableKeyException e) {
 123  0
                         ourLog.debug("Failed to recover key", e);
 124  0
                         return false;
 125  0
                 } catch (KeyStoreException e) {
 126  0
                         ourLog.debug("Failed to recover key", e);
 127  0
                         return false;
 128  0
                 } catch (NoSuchAlgorithmException e) {
 129  0
                         ourLog.debug("Failed to recover key", e);
 130  0
                         return false;
 131  0
                 }
 132  
                 
 133  0
                 if (key == null) {
 134  0
                         ourLog.debug("Key is null");
 135  0
                         return false;
 136  0
                 } else if (!(key instanceof PrivateKey)) {
 137  0
                         ourLog.debug("Key is of type: {}", key.getClass());
 138  0
                         return false;
 139  
                 }
 140  
                 
 141  0
                 return true;
 142  
         }
 143  
 
 144  
         /**
 145  
          * Returns <code>true</code> if the key can be recovered using the given password
 146  
          */
 147  
         public static boolean canRecoverKey(KeyStore theKeystore, String theKeyAlias, String theKeyPassword) {
 148  0
                 Validate.notNull(theKeystore, "Keystore");
 149  0
                 Validate.notBlank(theKeyAlias, "Key Alias");
 150  0
                 Validate.notNull(theKeyPassword, "Key Password");
 151  
 
 152  
                 try {
 153  0
                         Key key = theKeystore.getKey(theKeyAlias, theKeyPassword.toCharArray());
 154  0
                         return key != null;
 155  0
                 } catch (UnrecoverableKeyException e) {
 156  0
                         ourLog.debug("Failed to recover key", e);
 157  0
                         return false;
 158  0
                 } catch (KeyStoreException e) {
 159  0
                         ourLog.debug("Failed to recover key", e);
 160  0
                         return false;
 161  0
                 } catch (NoSuchAlgorithmException e) {
 162  0
                         ourLog.debug("Failed to recover key", e);
 163  0
                         return false;
 164  
                 }
 165  
                 
 166  
         }
 167  
 
 168  
 }