1 package org.eparapher.core.crypto;
2
3 import java.security.KeyStoreException;
4 import java.security.cert.X509Certificate;
5
6 import org.apache.log4j.Logger;
7 import org.eparapher.core.crypto.keystore.GenericKeystore;
8
9
10 public class KeystoreEntry {
11
12 private static Logger log = Logger.getLogger(KeystoreEntry.class);
13
14 private GenericKeystore keystore;
15 private String keystoreAlias;
16 private X509Certificate[] certificateChain;
17 private boolean isTrustedCertificate;
18
19 public KeystoreEntry( String alias, X509Certificate[] certificates, GenericKeystore userkeystore ) {
20 this.certificateChain = certificates;
21 this.keystoreAlias = alias;
22 this.keystore = userkeystore;
23 if (userkeystore == null)
24 this.isTrustedCertificate = true;
25 }
26
27 public KeystoreEntry( String alias, X509Certificate certificate, GenericKeystore mtruststore ) {
28 X509Certificate[] certificateChain = { certificate };
29 this.certificateChain = certificateChain;
30 this.keystoreAlias = alias;
31 this.keystore = mtruststore;
32 }
33
34 public GenericKeystore getKeystore() {
35 return keystore;
36 }
37
38 public String getKeystoreAlias() {
39 return keystoreAlias;
40 }
41
42 public X509Certificate[] getCertificateChain() {
43 return certificateChain;
44 }
45
46 public boolean isTrustedCertificate() {
47 if (keystore == null)
48 return isTrustedCertificate;
49 else
50 if (keystore.isKeystoreLoaded())
51 try {
52 this.isTrustedCertificate = keystore.getKeystore().isCertificateEntry(keystoreAlias);
53 } catch (KeyStoreException e) {
54 log.warn("Cannot determine if " + keystoreAlias + " is a trusted certificate entry.",e);
55 }
56 return isTrustedCertificate;
57 }
58
59 @Override
60 public boolean equals(Object obj) {
61 try {
62 if (obj instanceof KeystoreEntry) {
63 KeystoreEntry ke2compare = (KeystoreEntry) obj;
64 if ( this.keystore != null && ke2compare.keystore != null ) {
65 if (this.keystore.getKeystore().equals(ke2compare.keystore.getKeystore()))
66 if (this.keystoreAlias.equals(ke2compare.getKeystoreAlias()))
67 if (ke2compare.getCertificateChain() != null && this.certificateChain != null) {
68 if (ke2compare.getCertificateChain().length == this.certificateChain.length)
69 return true;
70 } else return true;
71 } else if ( this.isTrustedCertificate && ke2compare.isTrustedCertificate()) {
72 if (this.certificateChain != null && ke2compare.certificateChain != null) {
73 if (ke2compare.getCertificateChain().length == this.certificateChain.length) {
74 for (int i = 0; i < this.certificateChain.length; i++) {
75 if (!this.certificateChain[i].equals(ke2compare.getCertificateChain()[i]))
76 return false;
77 }
78 return true;
79 }
80 }
81 }
82 }
83 }
84 catch (Throwable t) {
85 log.error("Error while comparing two keystore entries",t);
86 log.debug("Comparing Keystore Entry :" + this);
87 if (obj == null )
88 log.debug("With null pointer");
89 if (obj instanceof KeystoreEntry) {
90 KeystoreEntry ke = (KeystoreEntry) obj;
91 log.debug(" With Keystore entry : "+ ke);
92 } else log.debug("With non KeystoreEntry : " + obj.toString());
93 }
94 return false;
95 }
96 public String toString() {
97 String tsreturn = " Alias : "+this.keystoreAlias;
98 tsreturn += "\r\n Keystore : "+this.keystore;
99 tsreturn += "\r\n Trusted certificate entry : "+this.isTrustedCertificate;
100
101 if (this.certificateChain == null)
102 tsreturn += "\r\n Certificate chain is null";
103 else {
104 tsreturn += "\r\n Certificate chain length : " + this.certificateChain.length;
105 tsreturn += "\r\n Latest certificate : " + this.certificateChain[0].getSubjectDN();
106 tsreturn += "\r\n Latest certificate Pub Key : " + this.certificateChain[0].getPublicKey();
107 }
108 return tsreturn;
109 }
110
111 }