/*
* This file is part of rockframework.
*
* rockframework is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* rockframework is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>;.
*/
package br.net.woodstock.rockframework.security.cert.ext.icpbrasil;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.Serializable;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.List;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
import br.net.woodstock.rockframework.core.RockFrameworkLogger;
import br.net.woodstock.rockframework.core.RockFrameworkVersion;
import br.net.woodstock.rockframework.core.util.Assert;
import br.net.woodstock.rockframework.core.utils.Collections;
import br.net.woodstock.rockframework.security.cert.CertificateException;
import br.net.woodstock.rockframework.security.cert.CertificateValidator;
import br.net.woodstock.rockframework.security.cert.ValidationError;
import br.net.woodstock.rockframework.security.cert.impl.HierarchyCertificateValidator;
import br.net.woodstock.rockframework.security.cert.util.Certificates;
public class ICPBrasilHierarchyCertificateValidator implements CertificateValidator, Serializable {
private static final long serialVersionUID = RockFrameworkVersion.VERSION;
private static final String ZIP_URL = "http://acraiz.icpbrasil.gov.br/credenciadas/CertificadosAC-ICP-Brasil/ACcompactado.zip";
public static final String VALIDATOR_NAME = "Hierarchy Validator";
private HierarchyCertificateValidator delegate;
public ICPBrasilHierarchyCertificateValidator() {
super();
this.initFromUrl(ICPBrasilHierarchyCertificateValidator.ZIP_URL);
}
public ICPBrasilHierarchyCertificateValidator(final File zipFile) {
super();
Assert.notNull(zipFile, "zipFile");
this.initFromFile(zipFile);
}
public ICPBrasilHierarchyCertificateValidator(final URL zipUrl) {
super();
Assert.notNull(zipUrl, "zipUrl");
this.initFromUrl(zipUrl);
}
private void initFromFile(final File zipFile) {
InputStream inputStream = null;
try {
inputStream = new FileInputStream(zipFile);
this.initFromStream(inputStream);
inputStream.close();
} catch (Exception e) {
throw new CertificateException(e);
} finally {
if (inputStream != null) {
try {
inputStream.close();
} catch (IOException e) {
RockFrameworkLogger.getLogger().warn(e.getMessage(), e);
}
}
}
}
private void initFromUrl(final String zipUrl) {
try {
URL url = new URL(zipUrl);
this.initFromUrl(url);
} catch (MalformedURLException e) {
throw new CertificateException(e);
}
}
private void initFromUrl(final URL zipUrl) {
URLConnection connection = null;
InputStream inputStream = null;
try {
connection = zipUrl.openConnection();
inputStream = connection.getInputStream();
this.initFromStream(inputStream);
} catch (Exception e) {
throw new CertificateException(e);
} finally {
if (inputStream != null) {
try {
inputStream.close();
} catch (IOException e) {
RockFrameworkLogger.getLogger().warn(e.getMessage(), e);
}
}
}
}
private void initFromStream(final InputStream zipStream) throws IOException {
ZipInputStream inputStream = new ZipInputStream(zipStream);
List<Certificate> certificates = new ArrayList<Certificate>();
ZipEntry entry = inputStream.getNextEntry();
while (entry != null) {
RockFrameworkLogger.getLogger().info("Adding " + entry.getName());
Certificate certificate = Certificates.get(inputStream);
certificates.add(certificate);
entry = inputStream.getNextEntry();
}
inputStream.close();
Certificate[] array = Collections.toArray(certificates, Certificate.class);
this.delegate = new HierarchyCertificateValidator(array);
}
@Override
public ValidationError[] validate(final Certificate[] chain) {
return this.delegate.validate(chain);
}
}