Search in sources :

Example 1 with PCKS11ConfigurationBuilder

use of ch.csnc.extension.httpclient.PKCS11Configuration.PCKS11ConfigurationBuilder in project zaproxy by zaproxy.

the class OptionsCertificatePanel method addPkcs11ButtonActionPerformed.

//GEN-LAST:event_showActiveCertificateButtonActionPerformed
private void addPkcs11ButtonActionPerformed(java.awt.event.ActionEvent evt) {
    //GEN-FIRST:event_addPkcs11ButtonActionPerformed
    String name = null;
    try {
        final int indexSelectedDriver = driverComboBox.getSelectedIndex();
        name = driverConfig.getNames().get(indexSelectedDriver);
        if (name.equals("")) {
            return;
        }
        String library = driverConfig.getPaths().get(indexSelectedDriver);
        if (library.equals("")) {
            return;
        }
        int slot = driverConfig.getSlots().get(indexSelectedDriver).intValue();
        if (slot < 0) {
            return;
        }
        int slotListIndex = driverConfig.getSlotIndexes().get(indexSelectedDriver).intValue();
        if (slotListIndex < 0) {
            return;
        }
        String kspass = new String(pkcs11PasswordField.getPassword());
        if (kspass.equals("")) {
            kspass = null;
        }
        PCKS11ConfigurationBuilder confBuilder = PKCS11Configuration.builder();
        confBuilder.setName(name).setLibrary(library);
        if (usePkcs11ExperimentalSliSupportCheckBox.isSelected()) {
            confBuilder.setSlotListIndex(slotListIndex);
        } else {
            confBuilder.setSlotId(slot);
        }
        int ksIndex = contextManager.initPKCS11(confBuilder.build(), kspass);
        if (ksIndex == -1) {
            logger.error("The required PKCS#11 provider is not available (" + SSLContextManager.SUN_PKCS11_CANONICAL_CLASS_NAME + " or " + SSLContextManager.IBM_PKCS11_CONONICAL_CLASS_NAME + ").");
            showErrorMessageSunPkcs11ProviderNotAvailable();
            return;
        }
        // The PCKS11 driver/smartcard was initialized properly: reset login attempts
        login_attempts = 0;
        keyStoreListModel.insertElementAt(contextManager.getKeyStoreDescription(ksIndex), ksIndex);
        // Issue 182
        retry = true;
        certificatejTabbedPane.setSelectedIndex(0);
        selectFirstAliasOfKeyStore(ksIndex);
        driverComboBox.setSelectedIndex(-1);
        pkcs11PasswordField.setText("");
    } catch (InvocationTargetException e) {
        if (e.getCause() instanceof ProviderException) {
            if ("Error parsing configuration".equals(e.getCause().getMessage())) {
                // There was a problem with the configuration provided:
                //   - Missing library.
                //   - Malformed configuration.
                //   - ...
                showGenericErrorMessagePkcs11CouldNotBeAdded();
                logger.warn("Couldn't add key from " + name, e.getCause());
            } else if ("Initialization failed".equals(e.getCause().getMessage())) {
                // conflicts with other software (eg. Firefox), that is accessing it too.
                if (retry) {
                    // Try two times only
                    retry = false;
                    addPkcs11ButtonActionPerformed(evt);
                } else {
                    JOptionPane.showMessageDialog(null, new String[] { Constant.messages.getString("options.cert.error"), Constant.messages.getString("options.cert.error.pkcs11") }, Constant.messages.getString("options.cert.label.client.cert"), JOptionPane.ERROR_MESSAGE);
                    // Error message changed to explain that user should try to add it again... 
                    retry = true;
                    logger.warn("Couldn't add key from " + name, e);
                }
            } else {
                showGenericErrorMessagePkcs11CouldNotBeAdded();
                logger.warn("Couldn't add key from " + name, e);
            }
        } else {
            showGenericErrorMessagePkcs11CouldNotBeAdded();
            logger.error("Couldn't add key from " + name, e);
        }
    } catch (java.io.IOException e) {
        if (e.getMessage().equals("load failed") && e.getCause().getClass().getName().equals("javax.security.auth.login.FailedLoginException")) {
            // Exception due to a failed login attempt: BAD PIN or password
            login_attempts++;
            String attempts = " (" + login_attempts + "/" + MAX_LOGIN_ATTEMPTS + ") ";
            if (login_attempts == (MAX_LOGIN_ATTEMPTS - 1)) {
                // Last attempt before blocking the smartcard
                JOptionPane.showMessageDialog(null, new String[] { Constant.messages.getString("options.cert.error"), Constant.messages.getString("options.cert.error.wrongpassword"), Constant.messages.getString("options.cert.error.wrongpasswordlast"), attempts }, Constant.messages.getString("options.cert.label.client.cert"), JOptionPane.ERROR_MESSAGE);
                logger.warn("PKCS#11: Incorrect PIN or password" + attempts + ": " + name + " *LAST TRY BEFORE BLOCKING*");
            } else {
                JOptionPane.showMessageDialog(null, new String[] { Constant.messages.getString("options.cert.error"), Constant.messages.getString("options.cert.error.wrongpassword"), attempts }, Constant.messages.getString("options.cert.label.client.cert"), JOptionPane.ERROR_MESSAGE);
                logger.warn("PKCS#11: Incorrect PIN or password" + attempts + ": " + name);
            }
        } else {
            showGenericErrorMessagePkcs11CouldNotBeAdded();
            logger.warn("Couldn't add key from " + name, e);
        }
    } catch (KeyStoreException e) {
        showGenericErrorMessagePkcs11CouldNotBeAdded();
        logger.warn("Couldn't add key from " + name, e);
    } catch (Exception e) {
        showGenericErrorMessagePkcs11CouldNotBeAdded();
        logger.error("Couldn't add key from " + name, e);
    }
}
Also used : ProviderException(java.security.ProviderException) KeyStoreException(java.security.KeyStoreException) PCKS11ConfigurationBuilder(ch.csnc.extension.httpclient.PKCS11Configuration.PCKS11ConfigurationBuilder) InvocationTargetException(java.lang.reflect.InvocationTargetException) KeyStoreException(java.security.KeyStoreException) ProviderException(java.security.ProviderException) InvocationTargetException(java.lang.reflect.InvocationTargetException)

Aggregations

PCKS11ConfigurationBuilder (ch.csnc.extension.httpclient.PKCS11Configuration.PCKS11ConfigurationBuilder)1 InvocationTargetException (java.lang.reflect.InvocationTargetException)1 KeyStoreException (java.security.KeyStoreException)1 ProviderException (java.security.ProviderException)1