1 package jsdsi;
2
3 import java.security.InvalidAlgorithmParameterException;
4 import java.security.cert.CertPathBuilderException;
5 import java.security.cert.CertPathBuilderSpi;
6 import java.util.Iterator;
7
8 import jsdsi.certstore.InMemoryCertificateDAO;
9 import jsdsi.util.Loader;
10 import jsdsi.util.*;
11
12 /***
13 * Attempts to create a certification path that satisfies the given
14 * parameters: essentially a wrapper around the <code>Prover</code>
15 * class and its subclasses.
16 *
17 * @see CertPathParameters
18 * @see Prover
19 *
20 * @author Sameer Ajmani
21 * @version $Revision: 1.2.6.2 $ $Date: 2005/11/08 03:12:52 $
22 **/
23 public class CertPathBuilder extends CertPathBuilderSpi {
24 /***
25 * @see java.security.cert.CertPathBuilderSpi#engineBuild(CertPathParameters)
26 */
27 public java.security.cert.CertPathBuilderResult engineBuild(
28 java.security.cert.CertPathParameters params)
29 throws CertPathBuilderException, InvalidAlgorithmParameterException {
30 try {
31 return engineBuild((jsdsi.CertPathParameters) params);
32 } catch (ClassCastException e) {
33 throw (InvalidAlgorithmParameterException)
34 new InvalidAlgorithmParameterException().initCause(e);
35 }
36 }
37
38 /***
39 * @see java.security.cert.CertPathBuilderSpi#engineBuild(CertPathParameters)
40 */
41 public jsdsi.CertPathBuilderResult engineBuild(
42 jsdsi.CertPathParameters params)
43 throws CertPathBuilderException, InvalidAlgorithmParameterException {
44 if (params instanceof IssuerCertPathParameters) {
45 return engineBuild(new FProver(params.getCert(),
46 params.getStore()));
47 }
48 if (params instanceof SubjectCertPathParameters) {
49 return engineBuild(new RProver(params.getCert(),
50 params.getStore()));
51 }
52 throw new InvalidAlgorithmParameterException(
53 "unrecognized params: " + params.getClass().getName());
54 }
55
56 /***
57 * Returns a <code>CertPathBuilderResult</code> from agiven
58 * <code>Proof</code>.
59 *
60 * @param p prover to create a <code>CertPathBuilder</code> from.
61 * @return a <code>CertPathBuilder</code> created from the
62 * <code>CertPath</code> from the proof of <code>p</code> and the
63 * <code>CertPathBuilderStats</code> created from the number
64 * of certs fetched from the cert store by the proof of
65 * <code>p</code>.
66 * @throws CertPathBuilderException if there is no proof in <code>p</code>.
67 */
68 private jsdsi.CertPathBuilderResult engineBuild(Prover p)
69 throws CertPathBuilderException {
70 Proof pf = p.getProof();
71 if (pf == null) {
72 throw new CertPathBuilderException("no proof found");
73 }
74 return new CertPathBuilderResult(
75 new CertPath(pf),
76 new CertPathBuilderStats(p.getNumFetched()));
77 }
78
79 /***
80 * For command-line usage:<br> <code>java CertPathBuilder
81 * <forward?> <input-file></code><br> Reads all
82 * certificates from the input-file, and tries to find a proof for
83 * every name and tag defined in the input-file.
84 *
85 * @param args command-line arguments.
86 * @throws Exception if an error occurs.
87 */
88 public static void main(String[] args) throws Exception {
89 Provider.install();
90 if (args.length != 2) {
91 System.err.println(
92 "usage: java CertPathBuilder <forward?> <input-file>");
93 return;
94 }
95 boolean forward = args[0].equals("true");
96 Loader l = new Loader(args[1], new InMemoryCertificateDAO());
97 java.security.cert.CertPathBuilder builder =
98 java.security.cert.CertPathBuilder.getInstance("SPKI");
99
100 // try to find proofs from name to each key
101 Iterator ni = l.getNames().iterator();
102 while (ni.hasNext()) {
103 Name n = (Name) ni.next();
104 Iterator ki = l.getKeys().iterator();
105 while (ki.hasNext()) {
106 PublicKey k = (PublicKey) ki.next();
107 NameCert c = new NameCert(n.getIssuer(),
108 k,
109 null,
110 null,
111 null,
112 n.getNames()[0]);
113 try {
114 Proof pf =
115 buildProof(builder, c, l.getCertStore(), forward);
116 NameCert nc = (NameCert) pf.getCert();
117 System.out.println("RESULT: Proof for "
118 + whois(nc.getIssuer())
119 + " "
120 + nc.getName()
121 + " -> "
122 + whois((Principal) nc.getSubject()));
123 System.out.println(pf);
124 } catch (CertPathBuilderException e) {
125 System.out.println("RESULT: No proof for "
126 + n.getNames()[0]
127 + " -> "
128 + whois(k));
129 }
130 }
131 }
132
133 // try to find proofs with each tag, with and without propagate
134 Iterator ii = l.getKeys().iterator();
135 while (ii.hasNext()) {
136 PublicKey issuer = (PublicKey) ii.next();
137 Iterator ki = l.getKeys().iterator();
138 while (ki.hasNext()) {
139 PublicKey k = (PublicKey) ki.next();
140 Iterator ti = l.getTags().iterator();
141 while (ti.hasNext()) {
142 Tag t = (Tag) ti.next();
143 for (int i = 0; i < 2; i++) {
144 boolean propagate = (i == 0);
145 AuthCert c = new AuthCert(issuer,
146 k,
147 null,
148 null,
149 null,
150 t,
151 propagate);
152 try {
153 Proof pf = buildProof(builder,
154 c,
155 l.getCertStore(),
156 forward);
157 AuthCert ac = (AuthCert) pf.getCert();
158 System.out.println(
159 "RESULT: Proof for "
160 + whois(ac.getIssuer())
161 + " "
162 + (ac.getPropagate() ? "+" : "!")
163 + ((StringTag) ac.getTag()).getValue()
164 + " -> "
165 + whois((Principal) ac.getSubject()));
166 System.out.println(pf);
167 } catch (CertPathBuilderException e) {
168 System.out.println(
169 "RESULT: No proof for "
170 + whois(issuer)
171 + " "
172 + (propagate ? "+" : "!")
173 + ((StringTag) t).getValue()
174 + " -> "
175 + whois(k));
176 }
177 }
178 }
179 }
180 }
181 }
182
183 /***
184 * Returns String with a sequence of bytes containing the public key
185 * from a given principal.
186 *
187 * @param p <code>Principal</code> with public key to create the byte
188 * array from.
189 * @return a sequence of bytes in a string representing the public key of
190 * <code>p</code>.
191 */
192 private static String whois(Principal p) {
193 return new String(((RSAPublicKey) p).getModulus().toByteArray());
194 }
195
196 /***
197 * Tries to find a proof for a given <code>Cert</code> and a given
198 * <code>CertStore</code> depending on a (un)set delegation bit.
199 *
200 * @param builder <code>CertBuilder</code> to construct the proof with.
201 * @param c <code>Cert</code> to find the proof for.
202 * @param s <code>Subject</code> to find the proof for.
203 * @param forward delegation bit.
204 * @return a <code>Proof</code> for <code>c</code> and <code>s</code>.
205 * @throws CertPathBuilderException if an error occurs creating the
206 * proof.
207 */
208 private static Proof buildProof(java.security.cert.CertPathBuilder builder,
209 Cert c,
210 java.security.cert.CertStore s,
211 boolean forward)
212 throws CertPathBuilderException {
213 try {
214 jsdsi.CertPathParameters params;
215 if (forward) {
216 params = new IssuerCertPathParameters(c, s);
217 } else {
218 params = new SubjectCertPathParameters(c, s);
219 }
220 jsdsi.CertPathBuilderResult res =
221 (jsdsi.CertPathBuilderResult) builder.build(params);
222 System.out.println("num fetched = "
223 + res.getStats().getNumFetched());
224 return ((jsdsi.CertPath) res.getCertPath()).getProof();
225 } catch (InvalidAlgorithmParameterException e) {
226 throw new Error(e);
227 }
228 }
229 }
This page was automatically generated by Maven