📄 readp12.java
字号:
/*
Name: ReadP12.java
Licensing: LGPL
API: Sun (http://java.sun.com) JCE 1.2.2 API (cleanroom implementation by Bouncy Castle)
Provider: Bouncy Castle (http://www.bouncycastle.org)
Disclaimer:
COVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND,
EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED CODE
IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE
RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED CODE IS WITH YOU. SHOULD ANY COVERED CODE
PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR)
ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY
CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED CODE IS AUTHORIZED
HEREUNDER EXCEPT UNDER THIS DISCLAIMER.
*/
package net.sourceforge.jcetaglib.taglib.x509;
import net.sourceforge.jcetaglib.lib.Clean;
import net.sourceforge.jcetaglib.lib.X509Cert;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Base64;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.PageContext;
import javax.servlet.jsp.tagext.TagSupport;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.X509Certificate;
/**
* JSP tag for reading certificates from a PKCS#12 (P12) keystore
*
* @jsp.tag
* name="readp12"
* display-name="ReadP12"
* body-content="empty"
* example="<jce:readp12
* 	storefile=\"C:/keystores/bob.p12\"
* 	storeentry=\"user\"
* 	storepassword=\"<%= new StringBuffer(\"password\") %>\"
* 	certificate=\"cert\"
* 	cacertificate=\"cacert\">>"
*
* description="JSP tag for reading certificates from a PKCS#12 (P12) keystore"
*
* @author Gert Van Ham
* @author hamgert@users.sourceforge.net
* @author http://jcetaglib.sourceforge.net
* @version $Id: ReadP12.java,v 1.5 2004/04/15 07:28:36 hamgert Exp $
*/
public class ReadP12 extends TagSupport {
private static final String PAGE = "page";
private static final String REQUEST = "request";
private static final String SESSION = "session";
private static final String APPLICATION = "application";
private String storefile; // tag attribute
private String storeentry; // tag attribute
private StringBuffer storepassword; // tag attribute
private boolean returnprivatekey = false;
private int scope = PageContext.PAGE_SCOPE;
private String certificate;
private String cacertificate;
private String privatekey;
private StringBuffer pkey;
public static int getScope(String scope) {
int ret = PageContext.PAGE_SCOPE; // default
if (REQUEST.equalsIgnoreCase(scope))
ret = PageContext.REQUEST_SCOPE;
else if (SESSION.equalsIgnoreCase(scope))
ret = PageContext.SESSION_SCOPE;
else if (APPLICATION.equalsIgnoreCase(scope))
ret = PageContext.APPLICATION_SCOPE;
else if (PAGE.equalsIgnoreCase(scope))
ret = PageContext.PAGE_SCOPE;
return ret;
} //getScope()
public int doEndTag() throws JspException {
Security.addProvider(new BouncyCastleProvider());
X509Certificate cert = null;
X509Certificate CAcert = null;
PrivateKey privKey = null;
try {
// read keystore
KeyStore store = KeyStore.getInstance("PKCS12", "BC");
store.load(new FileInputStream(storefile), storepassword.toString().toCharArray());
if (returnprivatekey) {
privKey = X509Cert.getPrivateFromP12(storefile, storeentry, storepassword);
}
cert = X509Cert.getCertificateFromP12(storefile, storeentry, storepassword);
CAcert = X509Cert.getCACertificateFromP12(storefile, storeentry, storepassword);
// Return certificate
byte output[] = cert.getEncoded();
byte certB64[] = Base64.encode(output);
pageContext.setAttribute(certificate, "-----BEGIN CERTIFICATE-----\n" + new String(certB64) + "\n-----END CERTIFICATE-----", scope);
// Return CA certificate
byte CAoutput[] = CAcert.getEncoded();
byte CAcertB64[] = Base64.encode(CAoutput);
pageContext.setAttribute(cacertificate, "-----BEGIN CERTIFICATE-----\n" + new String(CAcertB64) + "\n-----END CERTIFICATE-----", scope);
// Return private key
if (returnprivatekey) {
byte keyoutput[] = privKey.getEncoded();
byte keyB64[] = Base64.encode(keyoutput);
pkey = new StringBuffer("-----BEGIN PRIVATE KEY-----\n");
pkey.append(new String(keyB64));
pkey.append("\n-----END PRIVATE KEY-----");
pageContext.setAttribute(privatekey, pkey, scope);
Clean.blank(keyoutput);
Clean.blank(keyB64);
privKey = null;
}
} catch (Exception e) {
throw new JspException("JCE Exception: Unable to read keystore \"" + storefile + "\": "
+ e.getMessage(), e);
}
return EVAL_PAGE;
} // doEndTag()
public void release() {
// Cleanup all sensitive information
Clean.blank(pkey);
super.release();
} //release()
/**
* @jsp.attribute
* description="The PKCS#12 (P12) keystore to store the certificate"
* type="java.lang.String"
* required="true"
* rtexprvalue="true"
*/
public void setStorefile(String storefile) {
this.storefile = storefile;
}
/**
* @jsp.attribute
* description="The PKCS#12 (P12) keystore entry name for this certificate"
* type="java.lang.String"
* required="true"
* rtexprvalue="true"
*/
public void setStoreentry(String storeentry) {
this.storeentry = storeentry;
}
/**
* @jsp.attribute
* description="The PKCS#12 (P12) keystore password"
* type="java.lang.StringBuffer"
* required="true"
* rtexprvalue="true"
*/
public void setStorepassword(StringBuffer storepassword) {
this.storepassword = storepassword;
}
/**
* @jsp.attribute
* description="Scope of the return variables. Can be 'page', 'session', 'request' or 'application'. Default is 'page'"
* type="java.lang.String"
* required="false"
* rtexprvalue="false"
*/
public void setScope(String scope) {
this.scope = getScope(scope);
}
/**
* @jsp.attribute
* description="Indicates if the private key must be exported as well. Default is false"
* type="java.lang.Boolean"
* required="false"
* rtexprvalue="true"
*/
public void setReturnprivatekey(boolean returnprivatekey) {
this.returnprivatekey = returnprivatekey;
}
/**
* @jsp.attribute
* description="Variable to store the certificate"
* type="java.lang.String"
* required="true"
* rtexprvalue="true"
*/
public void setCertificate(String certificate) {
this.certificate = certificate;
}
public String getCertificate() {
return certificate;
}
/**
* @jsp.attribute
* description="Variable to store the CA certificate"
* type="java.lang.String"
* required="true"
* rtexprvalue="false"
*/
public void setCacertificate(String cacertificate) {
this.cacertificate = cacertificate;
}
public String getCacertificate() {
return cacertificate;
}
/**
* @jsp.attribute
* description="Variable to store the private key (as StringBuffer)"
* type="java.lang.String"
* required="false"
* rtexprvalue="false"
*/
public void setPrivatekey(String privatekey) {
this.privatekey = privatekey;
}
public String getPrivatekey() {
return privatekey;
}
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -