Merge "Install tools/libs needed for pkcs11"

[aaf/authz.git] / cadi / aaf / src / main / java / org / onap / aaf / cadi / cm / Factory.java

diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/cm/Factory.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/cm/Factory.java
index 7011188..b7c085b 100644 (file)
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/cm/Factory.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/cm/Factory.java
@@ -34,6 +34,8 @@ import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.Reader;
 import java.io.StringReader;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
 import java.security.InvalidKeyException;
 import java.security.Key;
 import java.security.KeyFactory;
@@ -41,8 +43,10 @@ import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
+import java.security.Provider;
 import java.security.PublicKey;
 import java.security.SecureRandom;
+import java.security.Security;
 import java.security.Signature;
 import java.security.SignatureException;
 import java.security.cert.Certificate;
@@ -56,6 +60,8 @@ import java.security.spec.X509EncodedKeySpec;
 import java.util.Collection;
 import java.util.List;
 
+import sun.security.pkcs11.SunPKCS11;
+
 import javax.crypto.Cipher;
 import javax.crypto.NoSuchPaddingException;
 
@@ -225,13 +231,13 @@ public class Factory {
        public static Collection<? extends Certificate> toX509Certificate(Trans trans, File file) throws CertificateException, FileNotFoundException {
                FileInputStream fis = new FileInputStream(file);
                try {
-                       return toX509Certificate(fis);
-               } finally {
                        try {
-                               fis.close();
-                       } catch (IOException e) {
-                               throw new CertificateException(e);
+                               return toX509Certificate(fis);
+                       } finally {
+                                       fis.close();
                        }
+               } catch (IOException e) {
+                       throw new CertificateException(e);
                }
        }
 
@@ -444,4 +450,35 @@ public class Factory {
                        tt.done();
                }       
        }
+
+       /**
+        * Get the Security Provider, or, if not exists yet, attempt to load
+        * 
+        * @param providerType
+        * @param params
+        * @return
+        * @throws CertException
+        */
+       public static synchronized Provider getSecurityProvider(String providerType, String[][] params) throws CertException {
+               Provider p = null;
+               switch(providerType) {
+                       case "PKCS12":
+                               p = Security.getProvider(providerType);
+                               break;
+                       case "PKCS11": // PKCS11 only known to be supported by Sun
+                               try {
+                                       p = new SunPKCS11(params[0][0]);
+                                       if (p==null) {
+                                               throw new CertException("SunPKCS11 Provider cannot be constructed for " + params[0][0]);
+                                       }
+                                       Security.addProvider(p);
+                               } catch (SecurityException | IllegalArgumentException e) {
+                                       throw new CertException(e);
+                               }
+                               break;
+                       default:
+                               throw new CertException(providerType + " is not a known Security Provider for your JDK.");
+               }
+               return p;
+       }
 }