Fix up library versions and classpath
[java-idp.git] / src / edu / internet2 / middleware / shibboleth / utils / ExtKeyTool.java
index 08e09ab..2dade76 100755 (executable)
@@ -26,6 +26,7 @@ import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
+import java.io.OutputStream;
 import java.io.PrintStream;
 import java.security.Key;
 import java.security.KeyFactory;
@@ -38,6 +39,7 @@ import java.security.Provider;
 import java.security.PublicKey;
 import java.security.Security;
 import java.security.UnrecoverableKeyException;
+import java.security.cert.Certificate;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
@@ -63,7 +65,7 @@ import org.bouncycastle.util.encoders.Base64;
 
 /**
  * Extension utility for use alongside Sun's keytool program. Performs useful functions not found in original.
- * 
+ *
  * @author Walter Hoehn
  */
 
@@ -135,6 +137,20 @@ public class ExtKeyTool {
                }
        }
 
+       private void writeWithWrapping(byte[] base64text, int linesize, OutputStream out)
+       throws IOException
+       {
+               int length = base64text.length;
+               if (length == 0) return;
+
+               out.write( (int)base64text[0] );
+               for (int i=1; i < length; i++)
+               {
+                       if (i%linesize == 0) out.write('\n');
+                       out.write( (int)base64text[i] );
+               }
+       }
+
        /**
         * Retrieves a private key from a java keystore and writes it to an <code>PrintStream</code>
         * 
@@ -178,15 +194,17 @@ public class ExtKeyTool {
                        }
                        log.info("Found key.");
 
+                       byte[] encodedKey = key.getEncoded();
+
                        if (rfc) {
                                log.debug("Dumping with rfc encoding");
                                outStream.println("-----BEGIN PRIVATE KEY-----");
-                               outStream.println(Base64.encode(key.getEncoded()));
-
+                               writeWithWrapping(Base64.encode(encodedKey), 76, outStream);
+                               outStream.println();
                                outStream.println("-----END PRIVATE KEY-----");
                        } else {
                                log.debug("Dumping with default encoding.");
-                               outStream.write(key.getEncoded());
+                               outStream.write(encodedKey);
                        }
 
                } catch (KeyStoreException e) {
@@ -343,7 +361,7 @@ public class ExtKeyTool {
                log.debug("Located " + untestedCerts.length + " cert(s) in input file");
 
                log.info("Finding end cert in chain.");
-               ArrayList replyCerts = new ArrayList();
+               ArrayList<X509Certificate> replyCerts = new ArrayList<X509Certificate>();
                for (int i = 0; untestedCerts.length > i; i++) {
                        if (isMatchingKey(keyAlgorithm, untestedCerts[i].getPublicKey(), privKey)) {
                                log.debug("Found matching end cert: " + untestedCerts[i].getSubjectDN());
@@ -390,7 +408,7 @@ public class ExtKeyTool {
         *             thrown if a chain cannot be constructed from the specified elements
         */
 
-       protected void walkChain(X509Certificate[] chainSource, ArrayList chainDest)
+       protected void walkChain(X509Certificate[] chainSource, ArrayList<X509Certificate> chainDest)
                        throws InvalidCertificateChainException {
 
                X509Certificate currentCert = (X509Certificate) chainDest.get(chainDest.size() - 1);
@@ -484,7 +502,8 @@ public class ExtKeyTool {
                                log.info("Reading certificate chain.");
 
                                CertificateFactory certFactory = CertificateFactory.getInstance("X.509", provider);
-                               Collection chain = certFactory.generateCertificates(new BufferedInputStream(chainStream));
+                               Collection<? extends Certificate> chain = certFactory.generateCertificates(new BufferedInputStream(
+                                               chainStream));
                                if (chain.isEmpty()) {
                                        log.error("Input did not contain any valid certificates.");
                                        throw new ExtKeyToolException("Input did not contain any valid certificates.");