}
}
private void doKeyStoreUpdate(DataEntryEvent<String, Key> event) {
final Key key = event.getValue();
Certificate cert = null;
if(key.getActiveCertId() != null && key.getActiveCertId().length() > 0) {
try {
cert = dataManager.getCertById(key.getActiveCertId());
}
catch (InvalidIDException e) {
LOG.error("Certificate not found "+key.getActiveCertId(), e);
throw new RuntimeException("Certificate not found "+key.getActiveCertId());
}
}
if(cert == null){
// A key has been uploaded without a certificate. Don't add it to the keystore.
// This is a standard use-case. Don't error.
return;
}
PrivateKey jkey = null;
java.security.cert.Certificate jcert = null;
try {
PasswordFinder passwordFinder = null;
if (key.getKeyPassphrase() != null) {
passwordFinder = new PasswordFinder() {
@Override
public char[] getPassword() {
return key.getKeyPassphrase().toCharArray();
}
};
}
PEMReader pemr = new PEMReader(new StringReader(key.getData()), passwordFinder);
Object pemobj = pemr.readObject();
if(pemobj instanceof KeyPair){
jkey = ((KeyPair)pemobj).getPrivate();
} else if (pemobj instanceof PrivateKey){
jkey = (PrivateKey)pemobj;
} else {
LOG.error("The PEM object in Key "+key.getId()+" is not a Private Key");
throw new RuntimeException("The PEM object in Key "+key.getId()+" is not a Private Key");
}
} catch(IOException e){
LOG.error("Failed to read Key "+key.getId()+" data.", e);
throw new RuntimeException("Failed to read Key "+key.getId()+" data.");
}
try{
PEMReader pemr = new PEMReader(new StringReader(cert.getData()));
Object pemobj = pemr.readObject();
if(pemobj instanceof java.security.cert.Certificate){
jcert = (java.security.cert.Certificate)pemobj;
} else {
LOG.error("The PEM object in Certificate "+cert.getId()+" is not a Certificate");
throw new RuntimeException("The PEM object in Certificate "+cert.getId()+" is not a Certificate");
}
} catch(IOException e){
LOG.error("Failed to read Certificate "+cert.getId()+" data.", e);
throw new RuntimeException("Failed to read Certificate "+cert.getId()+" data.");
}
synchronized(keyStoreService) {
KeyStore ks = keyStoreService.loadKeyStore();