RemoteStore.java

  1. /*
  2.  * GovWay - A customizable API Gateway
  3.  * https://govway.org
  4.  *
  5.  * Copyright (c) 2005-2025 Link.it srl (https://link.it).
  6.  *
  7.  * This program is free software: you can redistribute it and/or modify
  8.  * it under the terms of the GNU General Public License version 3, as published by
  9.  * the Free Software Foundation.
  10.  *
  11.  * This program is distributed in the hope that it will be useful,
  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14.  * GNU General Public License for more details.
  15.  *
  16.  * You should have received a copy of the GNU General Public License
  17.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18.  *
  19.  */
  20. package org.openspcoop2.security.keystore;

  21. import java.io.ByteArrayOutputStream;
  22. import java.io.Serializable;
  23. import java.security.PublicKey;

  24. import org.openspcoop2.security.SecurityException;
  25. import org.openspcoop2.utils.certificate.ArchiveLoader;
  26. import org.openspcoop2.utils.certificate.Certificate;
  27. import org.openspcoop2.utils.certificate.JWK;
  28. import org.openspcoop2.utils.certificate.KeyUtils;
  29. import org.openspcoop2.utils.certificate.remote.IRemoteStoreProvider;
  30. import org.openspcoop2.utils.certificate.remote.RemoteKeyType;
  31. import org.openspcoop2.utils.certificate.remote.RemoteStoreConfig;

  32. /**
  33.  * RemoteStore
  34.  *
  35.  * @author Andrea Poli (apoli@link.it)
  36.  * @author $Author$
  37.  * @version $Rev$, $Date$
  38.  */
  39. public class RemoteStore implements Serializable {

  40.     private static final long serialVersionUID = 1L;

  41.     private String remoteStoreName;
  42.     private String keyId;
  43.     private byte[] resource;
  44.     private RemoteKeyType keyType;
  45.     private String keyAlgorithm;
  46.     private transient Certificate x509;
  47.     private transient PublicKey publicKey;
  48.     private transient JWK jwk;
  49.    
  50.     public RemoteStore(String keyId, RemoteKeyType keyType, RemoteStoreConfig remoteStoreConfig, IRemoteStoreProvider provider) throws SecurityException {
  51.         try {
  52.             this.keyType = keyType;
  53.             this.keyId = keyId;
  54.             if(keyId==null) {
  55.                 throw new SecurityException("KeyId undefined");
  56.             }
  57.             if(keyType==null) {
  58.                 throw new SecurityException("KeyType undefined");
  59.             }
  60.             if(remoteStoreConfig==null) {
  61.                 throw new SecurityException("RemoteStoreConfig undefined");
  62.             }
  63.             this.remoteStoreName = remoteStoreConfig.getStoreName();
  64.             if(this.remoteStoreName==null) {
  65.                 throw new SecurityException("RemoteStoreConfig name undefined");
  66.             }
  67.             ByteArrayOutputStream bout = new ByteArrayOutputStream();
  68.             switch (keyType) {
  69.             case JWK:
  70.                 this.jwk = provider.readJWK(keyId, remoteStoreConfig, bout);    
  71.                 break;
  72.             case PUBLIC_KEY:
  73.                 this.publicKey = provider.readPublicKey(this.keyId, remoteStoreConfig, bout);
  74.                 this.keyAlgorithm = remoteStoreConfig.getKeyAlgorithm();
  75.                 break;
  76.             case X509:
  77.                 this.x509 = provider.readX509(this.keyId, remoteStoreConfig, bout);    
  78.                 break;
  79.             }
  80.             this.resource = bout.toByteArray();
  81.         }catch(Exception e) {
  82.             throw new SecurityException(e.getMessage(),e);
  83.         }
  84.     }
  85.        
  86.     private SecurityException newSecurityExceptionDifferentKeyType() {
  87.         return new SecurityException("Different KeyType '"+this.keyType+"'");
  88.     }
  89.    
  90.     private synchronized void initCertificate() throws SecurityException {
  91.         if(this.x509==null) {
  92.             if(RemoteKeyType.X509.equals(this.keyType)) {
  93.                 try {
  94.                     this.x509 = ArchiveLoader.load(this.resource);
  95.                 }catch(Exception e) {
  96.                     throw new SecurityException(e.getMessage(),e);
  97.                 }
  98.             }
  99.             else {
  100.                 throw newSecurityExceptionDifferentKeyType();
  101.             }
  102.         }
  103.     }
  104.     public Certificate getCertificate() throws SecurityException {
  105.         if(this.x509==null) {
  106.             this.initCertificate();
  107.         }
  108.         return this.x509;
  109.     }
  110.    
  111.     private synchronized void initPublicKey() throws SecurityException {
  112.         if(this.publicKey==null) {
  113.             if(RemoteKeyType.PUBLIC_KEY.equals(this.keyType)) {
  114.                 try {
  115.                     this.publicKey = KeyUtils.getInstance(this.keyAlgorithm).getPublicKey(this.resource);
  116.                 }catch(Exception e) {
  117.                     throw new SecurityException(e.getMessage(),e);
  118.                 }
  119.             }
  120.             else {
  121.                 throw newSecurityExceptionDifferentKeyType();
  122.             }
  123.         }
  124.     }
  125.     public PublicKey getPublicKey() throws SecurityException {
  126.         if(this.publicKey==null) {
  127.             this.initPublicKey();
  128.         }
  129.         return this.publicKey;
  130.     }
  131.    
  132.     private synchronized void initJWK() throws SecurityException {
  133.         if(this.jwk==null) {
  134.             if(RemoteKeyType.JWK.equals(this.keyType)) {
  135.                 try {
  136.                     this.jwk = new JWK(new String(this.resource));
  137.                 }catch(Exception e) {
  138.                     throw new SecurityException(e.getMessage(),e);
  139.                 }
  140.             }
  141.             else {
  142.                 throw newSecurityExceptionDifferentKeyType();
  143.             }
  144.         }
  145.     }
  146.     public JWK getJWK() throws SecurityException {
  147.         if(this.jwk==null) {
  148.             this.initJWK();
  149.         }
  150.         return this.jwk;
  151.     }
  152.    
  153.    
  154.     public String getRemoteStoreName() {
  155.         return this.remoteStoreName;
  156.     }

  157.     public void setRemoteStoreName(String remoteStoreName) {
  158.         this.remoteStoreName = remoteStoreName;
  159.     }
  160.    
  161.     public String getKeyId() {
  162.         return this.keyId;
  163.     }

  164.     public void setKeyId(String keyId) {
  165.         this.keyId = keyId;
  166.     }

  167.     public byte[] getResource() {
  168.         return this.resource;
  169.     }

  170.     public void setResource(byte[] resource) {
  171.         this.resource = resource;
  172.     }

  173.     public RemoteKeyType getKeyType() {
  174.         return this.keyType;
  175.     }

  176.     public void setKeyType(RemoteKeyType keyType) {
  177.         this.keyType = keyType;
  178.     }  
  179. }