protected void validateKeyCredential()

in taverna-server-webapp/src/main/java/org/apache/taverna/server/master/worker/SecurityContextDelegateImpl.java [186:234]

• 46 lines of code
• 13 McCabe index (conditional complexity)

	protected void validateKeyCredential(Credential.KeyPair keypairDescriptor)
			throws InvalidCredentialException, KeyStoreException,
			NoSuchAlgorithmException, CertificateException, IOException,
			UnrecoverableKeyException {
		if (keypairDescriptor.credentialName == null
				|| keypairDescriptor.credentialName.trim().isEmpty())
			throw new InvalidCredentialException(
					"absent or empty credentialName");

		InputStream contentsAsStream;
		if (keypairDescriptor.credentialBytes != null
				&& keypairDescriptor.credentialBytes.length > 0) {
			contentsAsStream = new ByteArrayInputStream(
					keypairDescriptor.credentialBytes);
			keypairDescriptor.credentialFile = null;
		} else if (keypairDescriptor.credentialFile == null
				|| keypairDescriptor.credentialFile.trim().isEmpty())
			throw new InvalidCredentialException(
					"absent or empty credentialFile");
		else {
			contentsAsStream = contents(keypairDescriptor.credentialFile);
			keypairDescriptor.credentialBytes = new byte[0];
		}
		if (keypairDescriptor.fileType == null
				|| keypairDescriptor.fileType.trim().isEmpty())
			keypairDescriptor.fileType = KeyStore.getDefaultType();
		keypairDescriptor.fileType = keypairDescriptor.fileType.trim();

		KeyStore ks = KeyStore.getInstance(keypairDescriptor.fileType);
		char[] password = keypairDescriptor.unlockPassword.toCharArray();
		ks.load(contentsAsStream, password);

		try {
			keypairDescriptor.loadedKey = ks.getKey(
					keypairDescriptor.credentialName, password);
		} catch (UnrecoverableKeyException ignored) {
			keypairDescriptor.loadedKey = ks.getKey(
					keypairDescriptor.credentialName, new char[0]);
		}
		if (keypairDescriptor.loadedKey == null)
			throw new InvalidCredentialException(
					"no such credential in key store");
		keypairDescriptor.loadedTrustChain = ks
				.getCertificateChain(keypairDescriptor.credentialName);
		if (keypairDescriptor.loadedTrustChain == null
				|| keypairDescriptor.loadedTrustChain.length == 0)
			throw new InvalidCredentialException(
					"could not establish trust chain for credential");
	}