001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
013: * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
014: * License for the specific language governing permissions and limitations under
015: * the License.
016: */
017:
018: package org.apache.harmony.tools.keytool;
019:
020: import java.io.BufferedOutputStream;
021: import java.io.File;
022: import java.io.FileOutputStream;
023: import java.io.IOException;
024: import java.io.OutputStream;
025: import java.security.KeyStore;
026: import java.security.KeyStoreException;
027: import java.security.NoSuchAlgorithmException;
028: import java.security.NoSuchProviderException;
029: import java.security.cert.CertificateEncodingException;
030: import java.security.cert.CertificateException;
031: import java.security.cert.X509Certificate;
032:
033: import org.apache.harmony.luni.util.Base64;
034:
035: /**
036: * Class for exporting the certificates to a file or stdout in DER or PEM
037: * formats.
038: */
039: public class CertExporter {
040:
041: /**
042: * Reads an X.509 certificate associated with alias and prints it into the
043: * given file. alias and the file name are supplied in param. if The file
044: * name is not given, the certificate is printed to stdout.
045: *
046: * @param param
047: * @throws KeyStoreException
048: * @throws IOException
049: * @throws KeytoolException
050: * @throws NoSuchProviderException
051: * @throws CertificateException
052: * @throws NoSuchAlgorithmException
053: */
054: static void exportCert(KeytoolParameters param)
055: throws KeyStoreException, IOException, KeytoolException,
056: NoSuchAlgorithmException, CertificateException,
057: NoSuchProviderException {
058: KeyStore keyStore = param.getKeyStore();
059: String alias = param.getAlias();
060: if (keyStore.entryInstanceOf(alias,
061: KeyStore.SecretKeyEntry.class)) {
062: throw new KeytoolException("The alias <" + alias
063: + "> points to a secret key entry.\n"
064: + "It has no certificates.");
065: }
066:
067: X509Certificate cert = (X509Certificate) keyStore
068: .getCertificate(alias);
069: byte[] encodedCert;
070: try {
071: encodedCert = cert.getEncoded();
072: } catch (CertificateEncodingException e) {
073: throw new CertificateEncodingException(
074: "Failed to encode the certificate", e);
075: }
076:
077: OutputStream output;
078: String fileName = param.getFileName();
079: // if no file name is given, output to System.out
080: if (fileName == null) {
081: output = System.out;
082: } else { // output to a file if the name is supplied
083: File file = new File(fileName);
084: // the file will be created if it doesn't already exist.
085: // If it already exists and is not a file, then an IOException will
086: // be thrown.
087: file.createNewFile();
088:
089: output = new BufferedOutputStream(
090: new FileOutputStream(file));
091: }
092:
093: if (param.isRfc()) {
094: output.write("-----BEGIN CERTIFICATE-----\n".getBytes());
095: output.write(Base64.encode(encodedCert, "ISO-8859-1")
096: .getBytes());
097: output.write("\n-----END CERTIFICATE-----\n".getBytes());
098: } else {
099: output.write(encodedCert);
100: }
101: output.flush();
102: if (output != System.out) {
103: output.close();
104:
105: if (param.isVerbose()) {
106: System.out
107: .println("The certificate is stored in file <"
108: + fileName + ">.");
109: }
110: }
111: }
112:
113: }
|