Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
38830 views
/*1* Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package sun.security.tools;2627import java.io.BufferedReader;28import java.io.File;29import java.io.FileInputStream;30import java.io.IOException;31import java.io.InputStreamReader;3233import java.net.URL;3435import java.security.KeyStore;3637import java.security.cert.X509Certificate;38import java.text.Collator;3940import java.util.Locale;4142/**43* <p> This class provides several utilities to <code>KeyStore</code>.44*45* @since 1.6.046*/47public class KeyStoreUtil {4849private KeyStoreUtil() {50// this class is not meant to be instantiated51}5253private static final String JKS = "jks";5455private static final Collator collator = Collator.getInstance();56static {57// this is for case insensitive string comparisons58collator.setStrength(Collator.PRIMARY);59};6061/**62* Returns true if the certificate is self-signed, false otherwise.63*/64public static boolean isSelfSigned(X509Certificate cert) {65return signedBy(cert, cert);66}6768public static boolean signedBy(X509Certificate end, X509Certificate ca) {69if (!ca.getSubjectX500Principal().equals(end.getIssuerX500Principal())) {70return false;71}72try {73end.verify(ca.getPublicKey());74return true;75} catch (Exception e) {76return false;77}78}7980/**81* Returns true if KeyStore has a password. This is true except for82* MSCAPI KeyStores83*/84public static boolean isWindowsKeyStore(String storetype) {85return storetype != null86&& (storetype.equalsIgnoreCase("Windows-MY")87|| storetype.equalsIgnoreCase("Windows-ROOT"));88}8990/**91* Returns standard-looking names for storetype92*/93public static String niceStoreTypeName(String storetype) {94if (storetype.equalsIgnoreCase("Windows-MY")) {95return "Windows-MY";96} else if(storetype.equalsIgnoreCase("Windows-ROOT")) {97return "Windows-ROOT";98} else {99return storetype.toUpperCase(Locale.ENGLISH);100}101}102103/**104* Returns the keystore with the configured CA certificates.105*/106public static KeyStore getCacertsKeyStore()107throws Exception108{109String sep = File.separator;110File file = new File(System.getProperty("java.home") + sep111+ "lib" + sep + "security" + sep112+ "cacerts");113if (!file.exists()) {114return null;115}116KeyStore caks = null;117try (FileInputStream fis = new FileInputStream(file)) {118caks = KeyStore.getInstance(JKS);119caks.load(fis, null);120}121return caks;122}123124public static char[] getPassWithModifier(String modifier, String arg,125java.util.ResourceBundle rb) {126if (modifier == null) {127return arg.toCharArray();128} else if (collator.compare(modifier, "env") == 0) {129String value = System.getenv(arg);130if (value == null) {131System.err.println(rb.getString(132"Cannot.find.environment.variable.") + arg);133return null;134} else {135return value.toCharArray();136}137} else if (collator.compare(modifier, "file") == 0) {138try {139URL url = null;140try {141url = new URL(arg);142} catch (java.net.MalformedURLException mue) {143File f = new File(arg);144if (f.exists()) {145url = f.toURI().toURL();146} else {147System.err.println(rb.getString(148"Cannot.find.file.") + arg);149return null;150}151}152153try (BufferedReader br =154new BufferedReader(new InputStreamReader(155url.openStream()))) {156String value = br.readLine();157158if (value == null) {159return new char[0];160}161162return value.toCharArray();163}164} catch (IOException ioe) {165System.err.println(ioe);166return null;167}168} else {169System.err.println(rb.getString("Unknown.password.type.") +170modifier);171return null;172}173}174}175176177