1 |
|
|
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
|
18 |
|
|
19 |
|
|
20 |
|
package org.xwiki.crypto.store.filesystem.internal; |
21 |
|
|
22 |
|
import java.io.BufferedReader; |
23 |
|
import java.io.BufferedWriter; |
24 |
|
import java.io.File; |
25 |
|
import java.io.FileReader; |
26 |
|
import java.io.FileWriter; |
27 |
|
import java.io.IOException; |
28 |
|
import java.security.GeneralSecurityException; |
29 |
|
|
30 |
|
import javax.inject.Inject; |
31 |
|
import javax.inject.Named; |
32 |
|
import javax.inject.Singleton; |
33 |
|
|
34 |
|
import org.xwiki.component.annotation.Component; |
35 |
|
import org.xwiki.crypto.AsymmetricKeyFactory; |
36 |
|
import org.xwiki.crypto.params.cipher.asymmetric.PrivateKeyParameters; |
37 |
|
import org.xwiki.crypto.password.PrivateKeyPasswordBasedEncryptor; |
38 |
|
import org.xwiki.crypto.pkix.params.CertifiedKeyPair; |
39 |
|
import org.xwiki.crypto.pkix.params.CertifiedPublicKey; |
40 |
|
import org.xwiki.crypto.pkix.params.x509certificate.X509CertifiedPublicKey; |
41 |
|
import org.xwiki.crypto.store.KeyStore; |
42 |
|
import org.xwiki.crypto.store.KeyStoreException; |
43 |
|
import org.xwiki.crypto.store.StoreReference; |
44 |
|
|
45 |
|
|
46 |
|
@link |
47 |
|
|
48 |
|
@version |
49 |
|
@since |
50 |
|
|
51 |
|
@Component |
52 |
|
@Named("X509file") |
53 |
|
@Singleton |
|
|
| 79% |
Uncovered Elements: 22 (105) |
Complexity: 31 |
Complexity Density: 0.48 |
|
54 |
|
public class X509KeyFileSystemStore extends AbstractX509FileSystemStore implements KeyStore |
55 |
|
{ |
56 |
|
private static final String PRIVATE_KEY = "PRIVATE KEY"; |
57 |
|
|
58 |
|
private static final String ENCRYPTED_PRIVATE_KEY = "ENCRYPTED " + PRIVATE_KEY; |
59 |
|
|
60 |
|
|
61 |
|
|
62 |
|
|
63 |
|
@Inject |
64 |
|
private PrivateKeyPasswordBasedEncryptor encryptor; |
65 |
|
|
66 |
|
|
67 |
|
|
68 |
|
|
69 |
|
@Inject |
70 |
|
private AsymmetricKeyFactory keyFactory; |
71 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
72 |
3 |
@Override... |
73 |
|
public void store(StoreReference store, CertifiedKeyPair keyPair) throws KeyStoreException |
74 |
|
{ |
75 |
3 |
storeKeyPair(store, getPublicKey(keyPair.getCertificate()), keyPair.getPrivateKey().getEncoded(), PRIVATE_KEY); |
76 |
|
} |
77 |
|
|
|
|
| 80% |
Uncovered Elements: 1 (5) |
Complexity: 2 |
Complexity Density: 0.4 |
|
78 |
2 |
@Override... |
79 |
|
public void store(StoreReference store, CertifiedKeyPair keyPair, byte[] password) throws KeyStoreException |
80 |
|
{ |
81 |
2 |
byte[] key; |
82 |
|
|
83 |
2 |
try { |
84 |
2 |
key = this.encryptor.encrypt(password, keyPair.getPrivateKey()); |
85 |
|
} catch (Exception e) { |
86 |
0 |
throw new KeyStoreException(String.format("Error while encrypting private key to store a key pair in [%s]", |
87 |
|
store), e); |
88 |
|
} |
89 |
|
|
90 |
2 |
storeKeyPair(store, getPublicKey(keyPair.getCertificate()), key, ENCRYPTED_PRIVATE_KEY); |
91 |
|
} |
92 |
|
|
|
|
| 75% |
Uncovered Elements: 7 (28) |
Complexity: 7 |
Complexity Density: 0.39 |
|
93 |
5 |
private void storeKeyPair(StoreReference store, X509CertifiedPublicKey certificate, byte[] privateKey, String type)... |
94 |
|
throws KeyStoreException |
95 |
|
{ |
96 |
5 |
File file = getStoreFile(store); |
97 |
|
|
98 |
5 |
try { |
99 |
5 |
if (isMulti(store)) { |
100 |
3 |
if (!file.exists()) { |
101 |
3 |
if (!file.mkdirs()) { |
102 |
0 |
throw new KeyStoreException(String.format("Error while creating path [%s]", file)); |
103 |
|
} |
104 |
|
} |
105 |
|
|
106 |
3 |
String filename = getCertIdentifier(certificate); |
107 |
3 |
File keyfile = new File(file, filename + KEY_FILE_EXTENSION); |
108 |
3 |
File certfile = new File(file, filename + CERTIFICATE_FILE_EXTENSION); |
109 |
|
|
110 |
3 |
store(new BufferedWriter(new FileWriter(keyfile)), type, privateKey); |
111 |
3 |
store(new BufferedWriter(new FileWriter(certfile)), CERTIFICATE, certificate.getEncoded()); |
112 |
|
} else { |
113 |
2 |
if (!file.exists()) { |
114 |
2 |
if (!file.createNewFile()) { |
115 |
0 |
throw new KeyStoreException(String.format("Error while creating file [%s]", file)); |
116 |
|
} |
117 |
|
} |
118 |
|
|
119 |
2 |
BufferedWriter out = new BufferedWriter(new FileWriter(file)); |
120 |
2 |
write(out, type, privateKey); |
121 |
2 |
store(out, CERTIFICATE, certificate.getEncoded()); |
122 |
|
} |
123 |
|
} catch (IOException e) { |
124 |
0 |
throw new KeyStoreException(String.format("Error while writing private key to file [%s]", file), e); |
125 |
|
} |
126 |
|
} |
127 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
128 |
3 |
@Override... |
129 |
|
public CertifiedKeyPair retrieve(StoreReference store) throws KeyStoreException |
130 |
|
{ |
131 |
3 |
return retrieve(store, (byte[]) null); |
132 |
|
} |
133 |
|
|
|
|
| 75.9% |
Uncovered Elements: 7 (29) |
Complexity: 9 |
Complexity Density: 0.47 |
|
134 |
4 |
@Override... |
135 |
|
public CertifiedKeyPair retrieve(StoreReference store, byte[] password) throws KeyStoreException |
136 |
|
{ |
137 |
4 |
File file = getStoreFile(store); |
138 |
|
|
139 |
4 |
if (isMulti(store)) { |
140 |
0 |
throw new KeyStoreException(String.format("Unexpected store reference, [%s] should be single key store.", |
141 |
|
file)); |
142 |
|
} |
143 |
|
|
144 |
4 |
X509CertifiedPublicKey cert = null; |
145 |
4 |
PrivateKeyParameters key = null; |
146 |
|
|
147 |
4 |
try { |
148 |
4 |
BufferedReader in = new BufferedReader(new FileReader(file)); |
149 |
|
|
150 |
4 |
Object obj; |
151 |
? |
while ((obj = readObject(in, password)) != null) { |
152 |
6 |
if (obj instanceof X509CertifiedPublicKey) { |
153 |
3 |
cert = (X509CertifiedPublicKey) obj; |
154 |
3 |
continue; |
155 |
|
} |
156 |
3 |
if (obj instanceof PrivateKeyParameters) { |
157 |
3 |
key = ((PrivateKeyParameters) obj); |
158 |
|
} |
159 |
|
} |
160 |
|
} catch (IOException e) { |
161 |
0 |
throw new KeyStoreException(String.format("Error while reading from file [%s]", file), e); |
162 |
|
} catch (GeneralSecurityException e) { |
163 |
0 |
throw new KeyStoreException(String.format("Error while decrypting private key from file [%s]", file), e); |
164 |
|
} |
165 |
|
|
166 |
4 |
if (key != null && cert != null) { |
167 |
2 |
return new CertifiedKeyPair(key, cert); |
168 |
|
} |
169 |
2 |
return null; |
170 |
|
} |
171 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
172 |
3 |
@Override... |
173 |
|
public CertifiedKeyPair retrieve(StoreReference store, CertifiedPublicKey publicKey) throws KeyStoreException |
174 |
|
{ |
175 |
3 |
return retrieve(store, publicKey, null); |
176 |
|
} |
177 |
|
|
|
|
| 69.6% |
Uncovered Elements: 7 (23) |
Complexity: 7 |
Complexity Density: 0.47 |
|
178 |
4 |
@Override... |
179 |
|
public CertifiedKeyPair retrieve(StoreReference store, CertifiedPublicKey publicKey, byte[] password) |
180 |
|
throws KeyStoreException |
181 |
|
{ |
182 |
4 |
File file = getStoreFile(store); |
183 |
4 |
X509CertifiedPublicKey certificate = getPublicKey(publicKey); |
184 |
|
|
185 |
4 |
if (!isMulti(store)) { |
186 |
0 |
throw new KeyStoreException(String.format("Unexpected store reference, [%s] should be multi key store.", |
187 |
|
file)); |
188 |
|
} |
189 |
|
|
190 |
4 |
try { |
191 |
4 |
File keyfile = new File(file, getCertIdentifier(certificate) + KEY_FILE_EXTENSION); |
192 |
|
|
193 |
4 |
if (keyfile.exists()) { |
194 |
3 |
BufferedReader in = new BufferedReader(new FileReader(keyfile)); |
195 |
3 |
Object obj; |
196 |
? |
while ((obj = readObject(in, password)) != null) { |
197 |
3 |
if (obj instanceof PrivateKeyParameters) { |
198 |
3 |
return new CertifiedKeyPair(((PrivateKeyParameters) obj), certificate); |
199 |
|
} |
200 |
|
} |
201 |
|
} |
202 |
|
} catch (IOException e) { |
203 |
0 |
throw new KeyStoreException(String.format("Error while reading private key from store [%s]", file), e); |
204 |
|
} catch (GeneralSecurityException e) { |
205 |
0 |
throw new KeyStoreException(String.format("Error while decrypting private key from store [%s]", file), e); |
206 |
|
} |
207 |
1 |
return null; |
208 |
|
} |
209 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (9) |
Complexity: 3 |
Complexity Density: 0.6 |
|
210 |
9 |
@Override... |
211 |
|
protected Object processObject(BufferedReader in, String line, byte[] password) |
212 |
|
throws IOException, GeneralSecurityException |
213 |
|
{ |
214 |
9 |
if (line.contains(PEM_BEGIN + PRIVATE_KEY + DASHES)) { |
215 |
4 |
return this.keyFactory.fromPKCS8(readBytes(in, PEM_END + PRIVATE_KEY + DASHES)); |
216 |
|
} |
217 |
5 |
if (line.contains(PEM_BEGIN + ENCRYPTED_PRIVATE_KEY + DASHES)) { |
218 |
2 |
return this.encryptor.decrypt(password, readBytes(in, PEM_END + ENCRYPTED_PRIVATE_KEY + DASHES)); |
219 |
|
} |
220 |
3 |
return super.processObject(in, line, password); |
221 |
|
} |
222 |
|
} |