CertificateLoader.java

/*
 * The contents of this file are subject to the Mozilla Public
 * License Version 1.1 (the "License"); you may not use this
 * file except in compliance with the License. You may obtain
 * a copy of the License at http://www.mozilla.org/MPL/
 *
 * Software distributed under the License is distributed on an
 * "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express
 * or implied. See the License for the specific language governing
 * rights and limitations under the License.
 *
 *
 * The Original Code is Java RASP toolkit.
 *
 * The Initial Developer of the Original Code is Lenio. Portions
 * created by Lenio are Copyright (C) 2007 Danish National IT and 
 * Telecom Agency (http://www.itst.dk). All Rights Reserved.
 *
 * Contributor(s):
 *   Tommy Dejbjerg Pedersen, Lenio
 *   Hans Guldager Knudsen, Lenio
 *   Patrik Johansson, Accenture
 *   Dennis Søgaard, Accenture
 *   Martin Bentzen, Accenture
 *   Jesper Jensen, Avanade
 *   Ramzi Fadel, Avanade
 *   Christian Pedersen, Accenture
 *   Morten Hougesen, Accenture
 *   Mikkel Hippe Brun, ITST
 *   Finn Hartmann Jordal, ITST
 *   Christian Lanng, ITST
 *
 */

package dk.gov.oiosi.security.lookup;

import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URL;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import org.apache.commons.configuration.ConfigurationUtils;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;

import dk.gov.oiosi.security.RootCertificateConfig;

public class CertificateLoader {
	
	private static final Logger log = Logger.getLogger(CertificateLoader.class);
	
	/*
	 * Tries to load the root certificate by searching the user home directory, the current classpath and the system classpath.
	 * 
	 */
    public static X509Certificate GetCertificateFromCertificateStoreInformation(RootCertificateConfig rootCertConfig) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException
    {
        X509Certificate cert = null;
        // define receiver certificate
        KeyStore ks = KeyStore.getInstance("JKS");
        URL rootCertLocation = ConfigurationUtils.locate(rootCertConfig.getKeyStoreLocation());
        if(rootCertLocation != null)
        {
            ks.load(rootCertLocation.openStream(), rootCertConfig.getKeyStorePassword().toCharArray());
            cert = (X509Certificate) ks.getCertificate(rootCertConfig.getKeyLabel());
        } else {
        	if (log.isEnabledFor(Level.WARN)) {
	        	String fileCanonicalPath = null;
	        	try {
	        		File file = new File(rootCertConfig.getKeyStoreLocation());
	        		fileCanonicalPath = file.getCanonicalPath();
	        	} catch (Exception e) {
	        		/*
	        		 * Hide exception
	        		 */
	        	}
	        	log.warn("CertificateLoader: cannot locate key store by location "+rootCertConfig.getKeyStoreLocation()+", among others tries file path "+fileCanonicalPath);
        	}
        }
        
        if (log.isEnabledFor(Level.WARN)) {
	        if (rootCertLocation != null && cert == null) {
	        	log.warn("CertificateLoader: no certificate with label '"+rootCertConfig.getKeyLabel()+"' is found at key store at "+rootCertLocation);
	        }
        }
        
        return cert;
    }
}