@Override public boolean engineIsCertificateEntry(String alias) { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{certificateAttribute}); if (attributes == null) return false; Attribute attribute = LdapUtil.getBinaryAttribute(attributes, certificateAttribute); if (attribute == null) return false; try { byte[] bytes = (byte[]) attribute.get(); return bytes != null; } catch (NamingException e) { throw log.ldapKeyStoreFailedToObtainKey(alias, e); } }
@Override public Key engineGetKey(String alias, char[] password) throws NoSuchAlgorithmException, UnrecoverableKeyException { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{keyAttribute}); if (attributes == null) { log.tracef("Alias [%s] does not exist", alias); return null; } try { Attribute attribute = LdapUtil.getBinaryAttribute(attributes, keyAttribute); if (attribute == null) return null; // alias does not identify a key-related entry byte[] bytes = (byte[]) attribute.get(); if (bytes == null) return null; // alias does not identify a key-related entry InputStream is = new ByteArrayInputStream(bytes); KeyStore keystore = KeyStore.getInstance(keyType); keystore.load(is, password); String firstAlias = keystore.aliases().nextElement(); return keystore.getKey(firstAlias, password); } catch (KeyStoreException | CertificateException | IOException | NamingException e) { throw log.ldapKeyStoreFailedToRecoverKey(alias, e); } }
@Override public boolean verifyCertificate(X509Certificate certificate, Attributes attributes) throws NamingException, RealmUnavailableException { Attribute attribute = LdapUtil.getBinaryAttribute(attributes, ldapAttribute); if (attribute == null) return false; final int size = attribute.size(); try { for (int i = 0; i < size; i++) { Object attrCertificate = attribute.get(i); if (attrCertificate != null){ if (Arrays.equals(certificate.getEncoded(), (byte[]) attrCertificate)) { return true; } } } } catch (CertificateEncodingException e) { throw new RealmUnavailableException(e); } return false; } }
@Override public Certificate engineGetCertificate(String alias) { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{certificateAttribute}); if (attributes == null) { log.tracef("Alias [%s] does not exist", alias); return null; } try { Attribute attribute = LdapUtil.getBinaryAttribute(attributes, certificateAttribute); if (attribute == null) return null; byte[] bytes = (byte[]) attribute.get(); if (bytes == null) return null; InputStream is = new ByteArrayInputStream(bytes); CertificateFactory certFactory = CertificateFactory.getInstance(certificateType); return certFactory.generateCertificate(is); } catch (CertificateException | NamingException e) { throw log.ldapKeyStoreFailedToObtainCertificate(alias, e); } }
@Override public Certificate[] engineGetCertificateChain(String alias) { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{certificateChainAttribute}); if (attributes == null) { log.tracef("Alias [%s] does not exist", alias); return null; } try { Attribute attribute = LdapUtil.getBinaryAttribute(attributes, certificateChainAttribute); if (attribute == null) return null; byte[] bytes = (byte[]) attribute.get(); if (bytes == null) return null; InputStream is = new ByteArrayInputStream(bytes); CertificateFactory certFactory = CertificateFactory.getInstance(certificateType); Collection<? extends Certificate> chain = certFactory.generateCertificates(is); return chain.toArray(new Certificate[chain.size()]); } catch (CertificateException | NamingException e) { throw log.ldapKeyStoreFailedToObtainCertificateChain(alias, e); } }
@Override public boolean engineIsKeyEntry(String alias) { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{keyAttribute}); Attribute attribute = attributes == null ? null : LdapUtil.getBinaryAttribute(attributes, keyAttribute); if (attribute == null) { log.tracef("Alias [%s] is not key entry", alias); return false; } try { byte[] bytes = (byte[]) attribute.get(); return bytes != null; } catch (NamingException e) { throw log.ldapKeyStoreFailedToObtainKey(alias, e); } }
@Override public <C extends Credential> C getCredential(final Class<C> credentialType, final String credentialAlgorithm, final AlgorithmParameterSpec parameterSpec, Supplier<Provider[]> providers) { if (credentialType != PasswordCredential.class) { return null; } try { Attribute attribute = LdapUtil.getBinaryAttribute(attributes, userPasswordAttributeName); if (attribute != null) { final int size = attribute.size(); for (int i = 0; i < size; i++) { byte[] value = (byte[]) attribute.get(i); Password password = parseUserPassword(value); if (credentialType.isAssignableFrom(PasswordCredential.class) && (credentialAlgorithm == null || credentialAlgorithm.equals(password.getAlgorithm()))) { return credentialType.cast(new PasswordCredential(password)); } } } } catch (NamingException | InvalidKeySpecException e) { if (log.isTraceEnabled()) { log.trace("Getting user-password credential " + credentialType.getName() + " failed. dn=" + distinguishedName, e); } } return null; }
@Override public boolean engineIsCertificateEntry(String alias) { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{certificateAttribute}); if (attributes == null) return false; Attribute attribute = LdapUtil.getBinaryAttribute(attributes, certificateAttribute); if (attribute == null) return false; try { byte[] bytes = (byte[]) attribute.get(); return bytes != null; } catch (NamingException e) { throw log.ldapKeyStoreFailedToObtainKey(alias, e); } }
@Override public boolean engineIsCertificateEntry(String alias) { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{certificateAttribute}); if (attributes == null) return false; Attribute attribute = LdapUtil.getBinaryAttribute(attributes, certificateAttribute); if (attribute == null) return false; try { byte[] bytes = (byte[]) attribute.get(); return bytes != null; } catch (NamingException e) { throw log.ldapKeyStoreFailedToObtainKey(alias, e); } }
@Override public boolean engineIsCertificateEntry(String alias) { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{certificateAttribute}); if (attributes == null) return false; Attribute attribute = LdapUtil.getBinaryAttribute(attributes, certificateAttribute); if (attribute == null) return false; try { byte[] bytes = (byte[]) attribute.get(); return bytes != null; } catch (NamingException e) { throw log.ldapKeyStoreFailedToObtainKey(alias, e); } }
@Override public boolean verifyCertificate(X509Certificate certificate, Attributes attributes) throws NamingException, RealmUnavailableException { Attribute attribute = LdapUtil.getBinaryAttribute(attributes, ldapAttribute); if (attribute == null) return false; final int size = attribute.size(); try { for (int i = 0; i < size; i++) { Object attrCertificate = attribute.get(i); if (attrCertificate != null){ if (Arrays.equals(certificate.getEncoded(), (byte[]) attrCertificate)) { return true; } } } } catch (CertificateEncodingException e) { throw new RealmUnavailableException(e); } return false; } }
@Override public boolean verifyCertificate(X509Certificate certificate, Attributes attributes) throws NamingException, RealmUnavailableException { Attribute attribute = LdapUtil.getBinaryAttribute(attributes, ldapAttribute); if (attribute == null) return false; final int size = attribute.size(); try { for (int i = 0; i < size; i++) { Object attrCertificate = attribute.get(i); if (attrCertificate != null){ if (Arrays.equals(certificate.getEncoded(), (byte[]) attrCertificate)) { return true; } } } } catch (CertificateEncodingException e) { throw new RealmUnavailableException(e); } return false; } }
@Override public Certificate engineGetCertificate(String alias) { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{certificateAttribute}); if (attributes == null) { log.tracef("Alias [%s] does not exist", alias); return null; } try { Attribute attribute = LdapUtil.getBinaryAttribute(attributes, certificateAttribute); if (attribute == null) return null; byte[] bytes = (byte[]) attribute.get(); if (bytes == null) return null; InputStream is = new ByteArrayInputStream(bytes); CertificateFactory certFactory = CertificateFactory.getInstance(certificateType); return certFactory.generateCertificate(is); } catch (CertificateException | NamingException e) { throw log.ldapKeyStoreFailedToObtainCertificate(alias, e); } }
@Override public Certificate engineGetCertificate(String alias) { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{certificateAttribute}); if (attributes == null) { log.tracef("Alias [%s] does not exist", alias); return null; } try { Attribute attribute = LdapUtil.getBinaryAttribute(attributes, certificateAttribute); if (attribute == null) return null; byte[] bytes = (byte[]) attribute.get(); if (bytes == null) return null; InputStream is = new ByteArrayInputStream(bytes); CertificateFactory certFactory = CertificateFactory.getInstance(certificateType); return certFactory.generateCertificate(is); } catch (CertificateException | NamingException e) { throw log.ldapKeyStoreFailedToObtainCertificate(alias, e); } }
@Override public Certificate engineGetCertificate(String alias) { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{certificateAttribute}); if (attributes == null) { log.tracef("Alias [%s] does not exist", alias); return null; } try { Attribute attribute = LdapUtil.getBinaryAttribute(attributes, certificateAttribute); if (attribute == null) return null; byte[] bytes = (byte[]) attribute.get(); if (bytes == null) return null; InputStream is = new ByteArrayInputStream(bytes); CertificateFactory certFactory = CertificateFactory.getInstance(certificateType); return certFactory.generateCertificate(is); } catch (CertificateException | NamingException e) { throw log.ldapKeyStoreFailedToObtainCertificate(alias, e); } }
@Override public Certificate[] engineGetCertificateChain(String alias) { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{certificateChainAttribute}); if (attributes == null) { log.tracef("Alias [%s] does not exist", alias); return null; } try { Attribute attribute = LdapUtil.getBinaryAttribute(attributes, certificateChainAttribute); if (attribute == null) return null; byte[] bytes = (byte[]) attribute.get(); if (bytes == null) return null; InputStream is = new ByteArrayInputStream(bytes); CertificateFactory certFactory = CertificateFactory.getInstance(certificateType); Collection<? extends Certificate> chain = certFactory.generateCertificates(is); return chain.toArray(new Certificate[chain.size()]); } catch (CertificateException | NamingException e) { throw log.ldapKeyStoreFailedToObtainCertificateChain(alias, e); } }
@Override public Certificate[] engineGetCertificateChain(String alias) { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{certificateChainAttribute}); if (attributes == null) { log.tracef("Alias [%s] does not exist", alias); return null; } try { Attribute attribute = LdapUtil.getBinaryAttribute(attributes, certificateChainAttribute); if (attribute == null) return null; byte[] bytes = (byte[]) attribute.get(); if (bytes == null) return null; InputStream is = new ByteArrayInputStream(bytes); CertificateFactory certFactory = CertificateFactory.getInstance(certificateType); Collection<? extends Certificate> chain = certFactory.generateCertificates(is); return chain.toArray(new Certificate[chain.size()]); } catch (CertificateException | NamingException e) { throw log.ldapKeyStoreFailedToObtainCertificateChain(alias, e); } }
@Override public boolean engineIsKeyEntry(String alias) { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{keyAttribute}); Attribute attribute = attributes == null ? null : LdapUtil.getBinaryAttribute(attributes, keyAttribute); if (attribute == null) { log.tracef("Alias [%s] is not key entry", alias); return false; } try { byte[] bytes = (byte[]) attribute.get(); return bytes != null; } catch (NamingException e) { throw log.ldapKeyStoreFailedToObtainKey(alias, e); } }
@Override public boolean engineIsKeyEntry(String alias) { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{keyAttribute}); Attribute attribute = attributes == null ? null : LdapUtil.getBinaryAttribute(attributes, keyAttribute); if (attribute == null) { log.tracef("Alias [%s] is not key entry", alias); return false; } try { byte[] bytes = (byte[]) attribute.get(); return bytes != null; } catch (NamingException e) { throw log.ldapKeyStoreFailedToObtainKey(alias, e); } }
@Override public boolean engineIsKeyEntry(String alias) { Attributes attributes = obtainAliasOrCertificateAttributes(alias, null, new String[]{keyAttribute}); Attribute attribute = attributes == null ? null : LdapUtil.getBinaryAttribute(attributes, keyAttribute); if (attribute == null) { log.tracef("Alias [%s] is not key entry", alias); return false; } try { byte[] bytes = (byte[]) attribute.get(); return bytes != null; } catch (NamingException e) { throw log.ldapKeyStoreFailedToObtainKey(alias, e); } }