1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 package org.conscrypt; 18 19 import java.io.File; 20 import java.io.FileInputStream; 21 import java.io.FileNotFoundException; 22 import java.io.IOException; 23 import java.security.InvalidAlgorithmParameterException; 24 import java.security.KeyStore; 25 import java.security.KeyStoreException; 26 import java.security.NoSuchAlgorithmException; 27 import java.security.UnrecoverableKeyException; 28 import java.security.cert.CertificateException; 29 import javax.net.ssl.KeyManager; 30 import javax.net.ssl.KeyManagerFactorySpi; 31 import javax.net.ssl.ManagerFactoryParameters; 32 import org.conscrypt.io.IoUtils; 33 34 /** 35 * KeyManagerFactory implementation. 36 * @see KeyManagerFactorySpi 37 */ 38 @Internal 39 public class KeyManagerFactoryImpl extends KeyManagerFactorySpi { 40 41 // source of key material 42 private KeyStore keyStore; 43 44 //password 45 private char[] pwd; 46 47 /** 48 * @see KeyManagerFactorySpi#engineInit(KeyStore ks, char[] password) 49 */ 50 @Override engineInit(KeyStore ks, char[] password)51 protected void engineInit(KeyStore ks, char[] password) 52 throws KeyStoreException, NoSuchAlgorithmException, 53 UnrecoverableKeyException { 54 if (ks != null) { 55 keyStore = ks; 56 if (password != null) { 57 pwd = password.clone(); 58 } else { 59 pwd = EmptyArray.CHAR; 60 } 61 } else { 62 keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); 63 String keyStoreName = System.getProperty("javax.net.ssl.keyStore"); 64 String keyStorePwd = null; 65 if (keyStoreName == null || keyStoreName.equalsIgnoreCase("NONE") || keyStoreName.isEmpty()) { 66 try { 67 keyStore.load(null, null); 68 } catch (IOException e) { 69 throw new KeyStoreException(e); 70 } catch (CertificateException e) { 71 throw new KeyStoreException(e); 72 } 73 } else { 74 keyStorePwd = System.getProperty("javax.net.ssl.keyStorePassword"); 75 if (keyStorePwd == null) { 76 pwd = EmptyArray.CHAR; 77 } else { 78 pwd = keyStorePwd.toCharArray(); 79 } 80 FileInputStream fis = null; 81 try { 82 fis = new FileInputStream(new File(keyStoreName)); 83 keyStore.load(fis, pwd); 84 } catch (FileNotFoundException e) { 85 throw new KeyStoreException(e); 86 } catch (IOException e) { 87 throw new KeyStoreException(e); 88 } catch (CertificateException e) { 89 throw new KeyStoreException(e); 90 } finally { 91 IoUtils.closeQuietly(fis); 92 } 93 } 94 95 } 96 97 } 98 99 /** 100 * @see KeyManagerFactorySpi#engineInit(ManagerFactoryParameters spec) 101 */ 102 @Override engineInit(ManagerFactoryParameters spec)103 protected void engineInit(ManagerFactoryParameters spec) 104 throws InvalidAlgorithmParameterException { 105 throw new InvalidAlgorithmParameterException( 106 "ManagerFactoryParameters not supported"); 107 108 } 109 110 /** 111 * @see KeyManagerFactorySpi#engineGetKeyManagers() 112 */ 113 @Override engineGetKeyManagers()114 protected KeyManager[] engineGetKeyManagers() { 115 if (keyStore == null) { 116 throw new IllegalStateException("KeyManagerFactory is not initialized"); 117 } 118 return new KeyManager[] { new KeyManagerImpl(keyStore, pwd) }; 119 } 120 } 121