001: /*
002: * IzPack - Copyright 2001-2008 Julien Ponge, All Rights Reserved.
003: *
004: * http://izpack.org/
005: * http://izpack.codehaus.org/
006: *
007: * Copyright 2003 Elmar Grom
008: *
009: * Licensed under the Apache License, Version 2.0 (the "License");
010: * you may not use this file except in compliance with the License.
011: * You may obtain a copy of the License at
012: *
013: * http://www.apache.org/licenses/LICENSE-2.0
014: *
015: * Unless required by applicable law or agreed to in writing, software
016: * distributed under the License is distributed on an "AS IS" BASIS,
017: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
018: * See the License for the specific language governing permissions and
019: * limitations under the License.
020: */
021: package com.izforge.izpack.util;
022:
023: import com.izforge.izpack.installer.InstallData;
024: import com.izforge.izpack.panels.PasswordGroup;
025: import com.izforge.izpack.panels.ProcessingClient;
026: import com.izforge.izpack.panels.Validator;
027: import java.io.FileInputStream;
028: import java.security.KeyStore;
029: import java.util.HashMap;
030: import java.util.Iterator;
031: import java.util.Map;
032:
033: /**
034: * This class based on a simple validator for passwords to demonstrate
035: * the implementation of a password validator that cooperates with the
036: * password field in the <code>UserInputPanel</code>. Additional validation may
037: * be done by utilizing the params added to the password field.
038: *
039: * @author Elmar Grom
040: * @author Jeff Gordon
041: */
042: public class PasswordKeystoreValidator implements Validator {
043:
044: /**PasswordKeystoreValidator
045: * Validates the ability to open a keystore based on the password and
046: * parameters provided. Must specify parameter 'keystoreFile', and optionally
047: * 'keystoreType' (defaults to JKS), 'keystoreAlias' (to check for existence of a key),
048: * and 'aliasPassword' (for trying to retrieve the key).
049: * An additional parameter 'skipValidation' can be set to 'true' in a checkbox and
050: * allow the validator framework to run, but not actually do the validation.
051: *
052: * Optionally checking the key password of multiple keys within a keystore
053: * requires the keystore password (if different from the key password) be set
054: * in the keystorePassword parameter.
055: *
056: * @param client the client object using the services of this validator.
057: *
058: * @return <code>true</code> if the validation passes, otherwise <code>false</code>.
059: */
060: public boolean validate(ProcessingClient client) {
061: boolean returnValue = false;
062: String keystorePassword = null;
063: String keystoreFile = null;
064: String keystoreType = "JKS";
065: String skipValidation = null;
066: String alias = null;
067: String aliasPassword = null;
068: Map<String, String> params = getParams(client);
069: try {
070: if (params != null) {
071: // Don't try and open the keystore if skipValidation is true
072: skipValidation = params.get("skipValidation");
073: System.out
074: .println("skipValidation = " + skipValidation);
075: if (skipValidation != null
076: && skipValidation.equalsIgnoreCase("true")) {
077: System.out.println("Not validating keystore");
078: return true;
079: }
080: // See if keystore password is passed in or is passed through the validator
081: keystorePassword = params.get("keystorePassword");
082: if (keystorePassword == null) {
083: keystorePassword = getPassword(client);
084: System.out
085: .println("keystorePassword parameter null, using validator password for keystore");
086: } else if (keystorePassword.equalsIgnoreCase("")) {
087: keystorePassword = getPassword(client);
088: System.out
089: .println("keystorePassword parameter empty, using validator password for keystore");
090: }
091: // See if alias (key) password is passed in or is passed through the validator
092: aliasPassword = params.get("aliasPassword");
093: if (aliasPassword == null) {
094: aliasPassword = getPassword(client);
095: System.out
096: .println("aliasPassword parameter null, using validator password for key");
097: } else if (aliasPassword.equalsIgnoreCase("")) {
098: aliasPassword = getPassword(client);
099: System.out
100: .println("aliasPassword parameter empty, using validator password for key");
101: }
102: // Get keystore type from parameters or use default
103: keystoreType = params.get("keystoreType");
104: if (keystoreFile == null) {
105: keystoreType = "JKS";
106: System.out
107: .println("keystoreType parameter null, using default of JKS");
108: } else if (keystorePassword.equalsIgnoreCase("")) {
109: keystoreType = "JKS";
110: System.out
111: .println("keystoreType parameter empty, using default of JKS");
112: }
113: // Get keystore location from params
114: keystoreFile = params.get("keystoreFile");
115: if (keystoreFile != null) {
116: System.out.println("Attempting to open keystore: "
117: + keystoreFile);
118: KeyStore ks = getKeyStore(keystoreFile,
119: keystoreType, keystorePassword
120: .toCharArray());
121: if (ks != null) {
122: returnValue = true;
123: System.out
124: .println("keystore password validated");
125: // check alias if provided
126: alias = params.get("keystoreAlias");
127: if (alias != null) {
128: returnValue = ks.containsAlias(alias);
129: if (returnValue) {
130: System.out
131: .println("keystore alias '"
132: + alias
133: + "' found, trying to retrieve");
134: try {
135: ks.getKey(alias, aliasPassword
136: .toCharArray());
137: System.out
138: .println("keystore alias '"
139: + alias
140: + "' validated");
141: } catch (Exception e) {
142: System.out
143: .println("keystore alias validation failed: "
144: + e);
145: returnValue = false;
146: }
147: } else {
148: System.out.println("keystore alias '"
149: + alias + "' not found");
150: }
151: }
152: }
153: } else {
154: System.out
155: .println("keystoreFile param not provided");
156: }
157: } else {
158: System.out.println("params not provided");
159: }
160: } catch (Exception e) {
161: System.out.println("validate() Failed: " + e);
162: }
163: return (returnValue);
164: }
165:
166: private Map<String, String> getParams(ProcessingClient client) {
167: Map<String, String> returnValue = null;
168: PasswordGroup group = null;
169: InstallData idata = getIdata(client);
170: VariableSubstitutor vs = new VariableSubstitutor(idata
171: .getVariables());
172: try {
173: group = (PasswordGroup) client;
174: if (group.hasParams()) {
175: Map<String, String> params = group.getValidatorParams();
176: returnValue = new HashMap<String, String>();
177: Iterator<String> keys = params.keySet().iterator();
178: while (keys.hasNext()) {
179: String key = keys.next();
180: // Feed parameter values through vs
181: String value = vs.substitute(params.get(key), null);
182: // System.out.println("Adding local parameter: "+key+"="+value);
183: returnValue.put(key, value);
184: }
185: }
186: } catch (Exception e) {
187: System.out.println("getParams() Failed: " + e);
188: }
189: return returnValue;
190: }
191:
192: private InstallData getIdata(ProcessingClient client) {
193: PasswordGroup group = null;
194: InstallData idata = null;
195: try {
196: group = (PasswordGroup) client;
197: idata = group.getIdata();
198: } catch (Exception e) {
199: System.out.println("getIdata() Failed: " + e);
200: }
201: return idata;
202: }
203:
204: private String getPassword(ProcessingClient client) {
205: // ----------------------------------------------------
206: // We assume that if there is more than one field an equality validation
207: // was already performed.
208: // ----------------------------------------------------
209: return client.getFieldContents(0);
210: }
211:
212: public static KeyStore getKeyStore(String fileName, String type,
213: char[] password) {
214: KeyStore ks = null;
215: try {
216: ks = KeyStore.getInstance(type);
217: ks.load(new FileInputStream(fileName), password);
218: } catch (Exception e) {
219: System.out.println("getKeyStore() Failed: " + e);
220: ks = null;
221: }
222: return ks;
223: }
224:
225: }
|