Skip to main content
aboutsummaryrefslogtreecommitdiffstats
path: root/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine.java
blob: 96b4bda67c00e0933bd7dc591a880c98a4a058ff (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335

/*******************************************************************************
 * Copyright (c) 2007, 2010 IBM Corporation and others.
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 * 
 * Contributors:
 *     IBM Corporation - initial API and implementation
 *******************************************************************************/
package org.eclipse.osgi.internal.service.security;

import java.io.*;
import java.security.*;
import java.security.cert.*;
import java.security.cert.Certificate;
import java.util.*;
import org.eclipse.osgi.framework.log.FrameworkLogEntry;
import org.eclipse.osgi.internal.signedcontent.SignedBundleHook;
import org.eclipse.osgi.internal.signedcontent.SignedContentMessages;
import org.eclipse.osgi.service.security.TrustEngine;
import org.eclipse.osgi.util.NLS;

//*potential enhancements*
// 1. reloading from the backing file when it changes
// 3. methods to support lock/unlock
//  3a. Using a callback handler to collect the password
//  3b. managing lock/unlock between multiple threads. dealing with SWT UI thread
// 4. methods to support changing password, etc
// 5. methods to support export, etc
// 6. 'friendly-name' generator
// 7. Listeners for change events
public class KeyStoreTrustEngine extends TrustEngine {

	private KeyStore keyStore;

	private final String type;
	private final String path;
	private final char[] password;
	private final String name;

	/**
	 * Create a new KeyStoreTrustEngine that is backed by a KeyStore 
	 * @param path - path to the keystore
	 * @param type - the type of keystore at the path location
	 * @param password - the password required to unlock the keystore
	 */
	public KeyStoreTrustEngine(String path, String type, char[] password, String name) { //TODO: This should be a *CallbackHandler*
		this.path = path;
		this.type = type;
		this.password = password;
		this.name = name;
	}

	/**
	 * Return the type
	 * @return type - the type for the KeyStore being managed
	 */
	private String getType() {
		return type;
	}

	/**
	 * Return the path
	 * @return - the path for the KeyStore being managed
	 */
	private String getPath() {
		return path;
	}

	/**
	 * Return the password
	 * @return password - the password as a char[] 
	 */
	private char[] getPassword() {
		return password;
	}

	/**
	 * Return the KeyStore managed
	 * @return The KeyStore instance, initialized and loaded
	 * @throws KeyStoreException
	 */
	private synchronized KeyStore getKeyStore() throws IOException, GeneralSecurityException {
		if (null == keyStore) {
			keyStore = KeyStore.getInstance(getType());
			final InputStream in = getInputStream();
			try {
				loadStore(keyStore, in);
			} finally {
				try {
					in.close();
				} catch (IOException e) {
					//ignore secondary failure
				}
			}
		}

		if (keyStore == null)
			throw new KeyStoreException(NLS.bind(SignedContentMessages.Default_Trust_Keystore_Load_Failed, getPath()));

		return keyStore;
	}

	public Certificate findTrustAnchor(Certificate[] certChain) throws IOException {

		if (certChain == null || certChain.length == 0)
			throw new IllegalArgumentException("Certificate chain is required"); //$NON-NLS-1$

		try {
			Certificate rootCert = null;
			KeyStore store = getKeyStore();
			for (int i = 0; i < certChain.length; i++) {
				if (certChain[i] instanceof X509Certificate) {
					if (i == certChain.length - 1) {
						// this is the last certificate in the chain
						// determine if we have a valid root
						X509Certificate cert = (X509Certificate) certChain[i];
						if (cert.getSubjectDN().equals(cert.getIssuerDN())) {
							cert.verify(cert.getPublicKey());
							rootCert = cert; // this is a self-signed certificate
						} else {
							// try to find a parent, we have an incomplete chain
							return findAlternativeRoot(cert, store);
						}
					} else {
						X509Certificate nextX509Cert = (X509Certificate) certChain[i + 1];
						certChain[i].verify(nextX509Cert.getPublicKey());
					}
				}

				synchronized (store) {
					String alias = rootCert == null ? null : store.getCertificateAlias(rootCert);
					if (alias != null)
						return store.getCertificate(alias);
					else if (rootCert != certChain[i]) {
						alias = store.getCertificateAlias(certChain[i]);
						if (alias != null)
							return store.getCertificate(alias);
					}
					// if we have reached the end and the last cert is not found to be a valid root CA
					// then we need to back off the root CA and try to find an alternative
					if (certChain.length > 1 && i == certChain.length - 1 && certChain[i - 1] instanceof X509Certificate)
						return findAlternativeRoot((X509Certificate) certChain[i - 1], store);
				}
			}
		} catch (KeyStoreException e) {
			throw (IOException) new IOException(e.getMessage()).initCause(e);
		} catch (GeneralSecurityException e) {
			SignedBundleHook.log(e.getMessage(), FrameworkLogEntry.WARNING, e);
			return null;
		}
		return null;
	}

	private Certificate findAlternativeRoot(X509Certificate cert, KeyStore store) throws InvalidKeyException, KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, CertificateException {
		synchronized (store) {
			for (Enumeration<String> e = store.aliases(); e.hasMoreElements();) {
				Certificate nextCert = store.getCertificate(e.nextElement());
				if (nextCert instanceof X509Certificate && ((X509Certificate) nextCert).getSubjectDN().equals(cert.getIssuerDN())) {
					cert.verify(nextCert.getPublicKey());
					return nextCert;
				}
			}
			return null;
		}
	}

	protected String doAddTrustAnchor(Certificate cert, String alias) throws IOException, GeneralSecurityException {
		if (isReadOnly())
			throw new IOException(SignedContentMessages.Default_Trust_Read_Only);
		if (cert == null) {
			throw new IllegalArgumentException("Certificate must be specified"); //$NON-NLS-1$
		}
		try {
			KeyStore store = getKeyStore();
			synchronized (store) {
				String oldAlias = store.getCertificateAlias(cert);
				if (null != oldAlias)
					throw new CertificateException(SignedContentMessages.Default_Trust_Existing_Cert);
				Certificate oldCert = store.getCertificate(alias);
				if (null != oldCert)
					throw new CertificateException(SignedContentMessages.Default_Trust_Existing_Alias);
				store.setCertificateEntry(alias, cert);
				final OutputStream out = getOutputStream();
				try {
					saveStore(store, out);
				} finally {
					safeClose(out);
				}
			}
		} catch (KeyStoreException ke) {
			throw (CertificateException) new CertificateException(ke.getMessage()).initCause(ke);
		}
		return alias;
	}

	protected void doRemoveTrustAnchor(Certificate cert) throws IOException, GeneralSecurityException {
		if (isReadOnly())
			throw new IOException(SignedContentMessages.Default_Trust_Read_Only);
		if (cert == null) {
			throw new IllegalArgumentException("Certificate must be specified"); //$NON-NLS-1$
		}
		try {
			KeyStore store = getKeyStore();
			synchronized (store) {
				String alias = store.getCertificateAlias(cert);
				if (alias == null) {
					throw new CertificateException(SignedContentMessages.Default_Trust_Cert_Not_Found);
				}
				removeTrustAnchor(alias);
			}
		} catch (KeyStoreException ke) {
			throw (CertificateException) new CertificateException(ke.getMessage()).initCause(ke);
		}
	}

	protected void doRemoveTrustAnchor(String alias) throws IOException, GeneralSecurityException {

		if (alias == null) {
			throw new IllegalArgumentException("Alias must be specified"); //$NON-NLS-1$
		}
		try {
			KeyStore store = getKeyStore();
			synchronized (store) {
				Certificate oldCert = store.getCertificate(alias);
				if (oldCert == null)
					throw new CertificateException(SignedContentMessages.Default_Trust_Cert_Not_Found);
				store.deleteEntry(alias);
				final OutputStream out = getOutputStream();
				try {
					saveStore(store, out);
				} finally {
					safeClose(out);
				}
			}
		} catch (KeyStoreException ke) {
			throw (CertificateException) new CertificateException(ke.getMessage()).initCause(ke);
		}
	}

	public Certificate getTrustAnchor(String alias) throws IOException, GeneralSecurityException {

		if (alias == null) {
			throw new IllegalArgumentException("Alias must be specified"); //$NON-NLS-1$
		}

		try {
			KeyStore store = getKeyStore();
			synchronized (store) {
				return store.getCertificate(alias);
			}
		} catch (KeyStoreException ke) {
			throw (CertificateException) new CertificateException(ke.getMessage()).initCause(ke);
		}
	}

	public String[] getAliases() throws IOException, GeneralSecurityException {

		List<String> returnList = new ArrayList<String>();
		try {
			KeyStore store = getKeyStore();
			synchronized (store) {
				for (Enumeration<String> aliases = store.aliases(); aliases.hasMoreElements();) {
					String currentAlias = aliases.nextElement();
					if (store.isCertificateEntry(currentAlias)) {
						returnList.add(currentAlias);
					}
				}
			}
		} catch (KeyStoreException ke) {
			throw (CertificateException) new CertificateException(ke.getMessage()).initCause(ke);
		}
		return returnList.toArray(new String[] {});
	}

	/**
	 * Load using the current password
	 */
	private void loadStore(KeyStore store, InputStream is) throws IOException, GeneralSecurityException {
		store.load(is, getPassword());
	}

	/**
	 * Save using the current password
	 */
	private void saveStore(KeyStore store, OutputStream os) throws IOException, GeneralSecurityException {
		store.store(os, getPassword());
	}

	/**
	 * Closes a stream and ignores any resulting exception. This is useful
	 * when doing stream cleanup in a finally block where secondary exceptions
	 * are not worth logging.
	 */
	private void safeClose(OutputStream out) {
		try {
			if (out != null)
				out.close();
		} catch (IOException e) {
			//ignore
		}
	}

	/**
	 * Get an input stream for the KeyStore managed
	 * @return inputstream - the stream
	 * @throws KeyStoreException
	 */
	private InputStream getInputStream() throws IOException {
		return new FileInputStream(new File(getPath()));
	}

	/**
	 * Get an output stream for the KeyStore managed
	 * @return outputstream - the stream
	 * @throws KeyStoreException
	 */
	private OutputStream getOutputStream() throws IOException {

		File file = new File(getPath());
		if (!file.exists())
			file.createNewFile();

		return new FileOutputStream(file);
	}

	public boolean isReadOnly() {
		return getPassword() == null || !(new File(path).canWrite());
	}

	public String getName() {
		return name;
	}
}

Back to the top