2 * Copyright (c) 2001-2007 Sun Microsystems, Inc. All rights reserved.
4 * The Sun Project JXTA(TM) Software License
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions are met:
9 * 1. Redistributions of source code must retain the above copyright notice,
10 * this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright notice,
13 * this list of conditions and the following disclaimer in the documentation
14 * and/or other materials provided with the distribution.
16 * 3. The end-user documentation included with the redistribution, if any, must
17 * include the following acknowledgment: "This product includes software
18 * developed by Sun Microsystems, Inc. for JXTA(TM) technology."
19 * Alternately, this acknowledgment may appear in the software itself, if
20 * and wherever such third-party acknowledgments normally appear.
22 * 4. The names "Sun", "Sun Microsystems, Inc.", "JXTA" and "Project JXTA" must
23 * not be used to endorse or promote products derived from this software
24 * without prior written permission. For written permission, please contact
25 * Project JXTA at http://www.jxta.org.
27 * 5. Products derived from this software may not be called "JXTA", nor may
28 * "JXTA" appear in their name, without prior written permission of Sun.
30 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
31 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
32 * FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL SUN
33 * MICROSYSTEMS OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
34 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
35 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
36 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
37 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
38 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
39 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
41 * JXTA is a registered trademark of Sun Microsystems, Inc. in the United
42 * States and other countries.
44 * Please see the license information page at :
45 * <http://www.jxta.org/project/www/license.html> for instructions on use of
46 * the license in source files.
48 * ====================================================================
50 * This software consists of voluntary contributions made by many individuals
51 * on behalf of Project JXTA. For more information on Project JXTA, please see
52 * http://www.jxta.org.
54 * This license is based on the BSD license adopted by the Apache Foundation.
57 package net.jxta.impl.membership.pse;
61 import java.util.Arrays;
62 import java.util.ArrayList;
63 import java.util.Iterator;
64 import java.util.List;
65 import java.security.cert.X509Certificate;
66 import javax.crypto.EncryptedPrivateKeyInfo;
68 import java.io.IOException;
69 import java.net.URISyntaxException;
70 import java.security.KeyStoreException;
72 import java.util.logging.Level;
73 import net.jxta.logging.Logging;
74 import java.util.logging.Logger;
76 import net.jxta.credential.AuthenticationCredential;
77 import net.jxta.id.ID;
78 import net.jxta.id.IDFactory;
79 import net.jxta.peer.PeerID;
80 import net.jxta.membership.Authenticator;
81 import net.jxta.membership.MembershipService;
85 * An authenticator associated with the PSE membership service.
87 *@see net.jxta.membership.Authenticator
88 *@see net.jxta.membership.MembershipService
90 public class EngineAuthenticator implements Authenticator {
95 private static final Logger LOG = Logger.getLogger(EngineAuthenticator.class.getName());
98 * The Membership Service which generated this authenticator.
100 transient PSEMembershipService source;
103 * The Authentication which was provided to the Apply operation of the
104 * membership service.
106 transient AuthenticationCredential application;
111 transient X509Certificate seedCert;
116 transient PSEAuthenticatorEngine authenticatorEngine;
121 // transient EncryptedPrivateKeyInfo seedKey;
124 * the password for that identity.
126 transient char[] store_password = null;
129 * the identity which is being claimed
131 transient ID identity = null;
134 * the password for that identity.
136 transient char[] key_password = null;
139 * Creates an authenticator for the PSE membership service. Anything entered
140 * into the identity info section of the Authentication credential is
143 * @param source The instance of the PSE membership service which
144 * created this authenticator.
145 * @param application Anything entered into the identity info section of
146 * the Authentication credential is ignored.
148 EngineAuthenticator(PSEMembershipService source, AuthenticationCredential application, PSEAuthenticatorEngine authenticatorEngine) {
149 // this( source, application );
151 this.source = source;
152 this.application = application;
153 this.seedCert = authenticatorEngine.getX509Certificate();
154 this.authenticatorEngine = authenticatorEngine;
158 * Creates an authenticator for the PSE membership service. Anything entered
159 * into the identity info section of the Authentication credential is
162 * @param source The instance of the PSE membership service which
163 * created this authenticator.
164 * @param application Anything entered into the identity info section of
165 * the Authentication credential is ignored.
167 EngineAuthenticator(PSEMembershipService source, AuthenticationCredential application) {
168 this.source = source;
169 this.application = application;
171 // XXX 20010328 bondolo@jxta.org Could do something with the authentication credential here.
178 protected void finalize() throws Throwable {
179 if (null != store_password) {
180 Arrays.fill(store_password, '\0');
183 if (null != key_password) {
184 Arrays.fill(key_password, '\0');
193 public MembershipService getSourceService() {
194 return (MembershipService) source.getInterface();
200 public AuthenticationCredential getAuthenticationCredential() {
207 public String getMethodName() {
208 return "EngineAuthentication";
214 synchronized public boolean isReadyForJoin() {
215 if (null != seedCert) {
216 return authenticatorEngine.isEnginePresent();
218 return source.pseStore.validPasswd(identity, store_password, key_password);
223 * Get KeyStore password
225 public char[] getAuth1_KeyStorePassword() {
226 return store_password;
230 * Set KeyStore password
232 public void setAuth1_KeyStorePassword(String store_password) {
233 if (null == store_password) {
234 setAuth1_KeyStorePassword((char[]) null);
236 setAuth1_KeyStorePassword(store_password.toCharArray());
241 * Set KeyStore password
243 public void setAuth1_KeyStorePassword(char[] store_password) {
244 if (null != this.store_password) {
245 Arrays.fill(this.store_password, '\0');
248 if (null == store_password) {
249 this.store_password = null;
251 this.store_password = store_password.clone();
256 * Return the available identities.
258 public PeerID[] getIdentities(char[] store_password) {
260 if (seedCert != null) {
261 PeerID[] seed = { source.group.getPeerID() };
266 ID[] allkeys = source.pseStore.getKeysList(store_password);
268 // XXX bondolo 20040329 it may be appropriate to login
269 // something other than a peer id.
270 List peersOnly = new ArrayList();
272 Iterator eachKey = Arrays.asList(allkeys).iterator();
274 while (eachKey.hasNext()) {
275 ID aKey = (ID) eachKey.next();
277 if (aKey instanceof PeerID) {
282 return (PeerID[]) peersOnly.toArray(new PeerID[peersOnly.size()]);
283 } catch (IOException failed) {
285 } catch (KeyStoreException failed) {
291 public X509Certificate getCertificate(char[] store_password, ID aPeer) {
292 if (seedCert != null) {
293 if (aPeer.equals(source.group.getPeerID())) {
300 return source.pseStore.getTrustedCertificate(aPeer, store_password);
301 } catch (IOException failed) {
303 } catch (KeyStoreException failed) {
312 public ID getAuth2Identity() {
319 public void setAuth2Identity(String id) {
321 URI idURI = new URI(id);
322 ID identity = IDFactory.fromURI(idURI);
324 setAuth2Identity(identity);
325 } catch (URISyntaxException badID) {
326 throw new IllegalArgumentException("Bad ID");
333 public void setAuth2Identity(ID identity) {
334 this.identity = identity;
338 * Get identity password
340 public char[] getAuth3_IdentityPassword() {
345 * Set identity password
347 public void setAuth3_IdentityPassword(String key_password) {
348 setAuth3_IdentityPassword(key_password.toCharArray());
352 * Set identity password
354 public void setAuth3_IdentityPassword(char[] key_password) {
355 if (null != this.key_password) {
356 Arrays.fill(this.key_password, '\0');
359 if (null == key_password) {
360 this.key_password = null;
362 this.key_password = key_password.clone();