1 files changed, 73 insertions, 6 deletions
diff --git a/src/com/isode/stroke/tls/PKCS12Certificate.java b/src/com/isode/stroke/tls/PKCS12Certificate.java
index 0a45f94..06b6b91 100644
--- a/src/com/isode/stroke/tls/PKCS12Certificate.java
+++ b/src/com/isode/stroke/tls/PKCS12Certificate.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011 Isode Limited, London, England.
+ * Copyright (c) 2011-2012 Isode Limited, London, England.
  * All rights reserved.
  */
 /*
@@ -9,20 +9,52 @@
 package com.isode.stroke.tls;
 
 import com.isode.stroke.base.ByteArray;
+import com.isode.stroke.base.NotNull;
 
-public class PKCS12Certificate {
+public class PKCS12Certificate extends CertificateWithKey {
 
     public PKCS12Certificate() {
     }
 
-    public PKCS12Certificate(String filename, String password) {
-        password_ = password;
+    /**
+     * Construct a new object.
+     * @param filename the name of the P12 file, must not be null.
+     * @param password the password for the P12 file. Must not be null,
+     * but may be empty if no password is to be used.
+     */
+    public PKCS12Certificate(String filename, char[] password) {
+
+        NotNull.exceptIfNull(filename,"filename"); 
+        NotNull.exceptIfNull(password,"password"); 
+        filename_ = filename;
+        password_ = new char[password.length];
+        System.arraycopy(password,0,password_,0,password.length);
+        data_ = new ByteArray();
         data_.readFromFile(filename);
     }
 
     public boolean isNull() {
         return data_.isEmpty();
     }
+    
+    public boolean isPrivateKeyExportable() {
+    /////Hopefully a PKCS12 is never missing a private key
+        return true;
+    }
+
+    /**
+     * This returns the name of the P12 file.
+     * @return the P12 filename, never null.
+     */
+    public String getCertStoreName() {
+        return filename_;
+    }
+
+    public String getCertName() {
+        /* TODO */
+        return null;
+    }
+
 
     public ByteArray getData() {
         return data_;
@@ -32,9 +64,44 @@ public class PKCS12Certificate {
         data_ = data;
     }
 
-    public String getPassword() {
+    /**
+     * Returns a reference to the password in this object. If {@link #reset()} 
+     * has been called, then the method will return an empty array.
+     * @return the password for this object.
+     */
+    public char[] getPassword() {
         return password_;
     }
+    @Override
+    public String toString() {
+        return "PKCS12Certificate based on file " + filename_;
+    }
+    
+    /**
+     * This method may be used once the PKCS12Certificate is no longer 
+     * required, and will attempt to clear the memory containing the
+     * password in this object. After calling this method, you should 
+     * not expect this object to be usable for subsequent authentication.
+     * 
+     * <p>Note that this operation does <em>NOT</em> guarantee that all traces 
+     * of the password will have been removed from memory.
+     */
+    public void reset() {
+        if (password_ != null) {
+            for (int i=0; i<password_.length; i++) {
+                password_[i] = 'x';
+            }
+        }
+        password_ = new char[] {};
+        
+    }
+    
+    @Override
+    protected void finalize() {
+        reset();
+    }
+    
     private ByteArray data_;
-    private String password_;
+    private char[] password_;
+    private String filename_;
 }