Example 51 with CryptoException
use of org.kse.crypto.CryptoException in project keystore-explorer by kaikramer.
the class DImportKeyPairPvk method privateKeyDetailsPressed.
private void privateKeyDetailsPressed() {
try {
String path = new File(jtfPrivateKeyPath.getText()).getName();
PrivateKey privateKey = loadPrivateKey();
if (privateKey != null) {
DViewPrivateKey dViewPrivateKey = new DViewPrivateKey(this, MessageFormat.format(res.getString("DImportKeyPairPvk.ViewPrivateKeyDetails.Title"), path), privateKey, new BouncyCastleProvider());
dViewPrivateKey.setLocationRelativeTo(this);
dViewPrivateKey.setVisible(true);
}
} catch (CryptoException ex) {
DError.displayError(this, ex);
}
}
Also used :
PrivateKey(java.security.PrivateKey)
DViewPrivateKey(org.kse.gui.dialogs.DViewPrivateKey)
DViewPrivateKey(org.kse.gui.dialogs.DViewPrivateKey)
CryptoException(org.kse.crypto.CryptoException)
File(java.io.File)
BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)
Example 52 with CryptoException
use of org.kse.crypto.CryptoException in project keystore-explorer by kaikramer.
the class DSignCsr method populatePkcs10CsrDetails.
private void populatePkcs10CsrDetails() throws CryptoException {
jtfCsrFormat.setText(res.getString("DSignCsr.jtfCsrFormat.Pkcs10.text"));
jtfCsrFormat.setCaretPosition(0);
jdnCsrSubject.setDistinguishedName(pkcs10Csr.getSubject());
try {
csrPublicKey = new JcaPKCS10CertificationRequest(pkcs10Csr).getPublicKey();
} catch (GeneralSecurityException ex) {
throw new CryptoException(res.getString("DSignCsr.NoGetCsrPublicKey.message"), ex);
}
populatePublicKey();
String sigAlgId = pkcs10Csr.getSignatureAlgorithm().getAlgorithm().getId();
SignatureType sigAlg = SignatureType.resolveOid(sigAlgId);
if (sigAlg != null) {
jtfCsrSignatureAlgorithm.setText(sigAlg.friendly());
} else {
jtfCsrSignatureAlgorithm.setText(sigAlgId);
}
jtfCsrSignatureAlgorithm.setCaretPosition(0);
DialogHelper.populatePkcs10Challenge(pkcs10Csr.getAttributes(), jtfCsrChallenge);
}
Also used :
JcaPKCS10CertificationRequest(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequest)
GeneralSecurityException(java.security.GeneralSecurityException)
SignatureType(org.kse.crypto.signing.SignatureType)
CryptoException(org.kse.crypto.CryptoException)
Example 53 with CryptoException
use of org.kse.crypto.CryptoException in project keystore-explorer by kaikramer.
the class DSignCsr method pubKeyDetailsPressed.
private void pubKeyDetailsPressed() {
try {
DViewPublicKey dViewPublicKey = new DViewPublicKey(this, res.getString("DSignCsr.PubKeyDetails.Title"), csrPublicKey);
dViewPublicKey.setLocationRelativeTo(this);
dViewPublicKey.setVisible(true);
} catch (CryptoException ex) {
DError dError = new DError(this, ex);
dError.setLocationRelativeTo(this);
dError.setVisible(true);
}
}
Also used :
DViewPublicKey(org.kse.gui.dialogs.DViewPublicKey)
CryptoException(org.kse.crypto.CryptoException)
DError(org.kse.gui.error.DError)
Example 54 with CryptoException
use of org.kse.crypto.CryptoException in project keystore-explorer by kaikramer.
the class SslUtils method readSSLConnectionInfos.
/**
* Load certificates from an SSL connection.
*
* @param host
* Connection host
* @param port
* Connection port
* @param keyStore
* KeyStore with a key pair for SSL client authentication
* @param password
* The password for the KeyStore
* @return SSL infos
* @throws CryptoException
* Problem encountered while loading the certificate(s)
* @throws IOException
* An I/O error occurred
*/
public static SslConnectionInfos readSSLConnectionInfos(String host, int port, KeyStore keyStore, char[] password) throws CryptoException, IOException {
URL url = new URL(MessageFormat.format("https://{0}:{1}/", host, "" + port));
HttpsURLConnection connection = null;
System.setProperty("javax.net.debug", "ssl");
try {
connection = (HttpsURLConnection) url.openConnection();
// create a key manager for client authentication
X509KeyManager km = null;
if (keyStore != null) {
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509", "SunJSSE");
keyManagerFactory.init(keyStore, password);
for (KeyManager keyManager : keyManagerFactory.getKeyManagers()) {
if (keyManager instanceof X509KeyManager) {
km = (X509KeyManager) keyManager;
break;
}
}
}
// We are only interested in getting the SSL certificates even if they are invalid
// either in and of themselves or for the host name they are associated with
// 1) set connection's SSL Socket factory to have a very trusting trust manager
SSLContext context = SSLContext.getInstance("TLS");
X509TrustingManager tm = new X509TrustingManager();
context.init(new KeyManager[] { km }, new TrustManager[] { tm }, null);
// 2) set a host name verifier that always verifies the host name
connection.setHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession sslSession) {
return true;
}
});
// register our handshake completed listener in order to retrieve SSL connection infos later
SSLSocketFactory factory = context.getSocketFactory();
RetrieveSslInfosHandshakeListener handshakeListener = new RetrieveSslInfosHandshakeListener();
boolean sniEnabled = true;
connection.setSSLSocketFactory(new CustomSslSocketFactory(factory, handshakeListener, sniEnabled));
try {
connection.connect();
} catch (SSLProtocolException e) {
// handle server misconfiguration (works only in Java 8 or higher)
if (e.getMessage().contains("unrecognized_name")) {
sniEnabled = false;
connection.setSSLSocketFactory(new CustomSslSocketFactory(factory, handshakeListener, sniEnabled));
connection.connect();
} else {
throw e;
}
}
// this is necessary in order to cause a handshake exception when the client cert is not accepted
if (keyStore != null) {
connection.getResponseMessage();
}
SslConnectionInfos sslConnectionInfos = handshakeListener.getSslConnectionInfos();
sslConnectionInfos.setSniEnabled(sniEnabled);
return sslConnectionInfos;
} catch (GeneralSecurityException ex) {
throw new CryptoException(res.getString("NoLoadCertificate.exception.message"), ex);
} finally {
if (connection != null) {
connection.disconnect();
}
}
}
Also used :
GeneralSecurityException(java.security.GeneralSecurityException)
SSLSession(javax.net.ssl.SSLSession)
SSLContext(javax.net.ssl.SSLContext)
URL(java.net.URL)
KeyManagerFactory(javax.net.ssl.KeyManagerFactory)
HostnameVerifier(javax.net.ssl.HostnameVerifier)
SSLProtocolException(javax.net.ssl.SSLProtocolException)
X509KeyManager(javax.net.ssl.X509KeyManager)
SSLSocketFactory(javax.net.ssl.SSLSocketFactory)
CryptoException(org.kse.crypto.CryptoException)
X509KeyManager(javax.net.ssl.X509KeyManager)
KeyManager(javax.net.ssl.KeyManager)
HttpsURLConnection(javax.net.ssl.HttpsURLConnection)
Example 55 with CryptoException
use of org.kse.crypto.CryptoException in project keystore-explorer by kaikramer.
the class MsPvkUtil method blobToDsaPrivateKey.
private static DSAPrivateKey blobToDsaPrivateKey(byte[] dsaPrivateKeyBlob) throws CryptoException {
try {
ByteBuffer bb = ByteBuffer.wrap(dsaPrivateKeyBlob);
bb.order(ByteOrder.LITTLE_ENDIAN);
// Get each blob field
// dsspubkey.magic
long magic = UnsignedUtil.getInt(bb);
// Check magic field is valid
if (magic != DSS_PRIV_MAGIC) {
throw new CryptoException(MessageFormat.format(res.getString("InvalidDsaMagicField.exception.message"), Long.toHexString(magic), Long.toHexString(DSS_PRIV_MAGIC)));
}
// dsspubkey.bitlen
long bitLength = UnsignedUtil.getInt(bb);
// modulus
BigInteger p = readBigInteger(bb, (int) (bitLength / 8));
// prime
BigInteger q = readBigInteger(bb, 20);
// generator
BigInteger g = readBigInteger(bb, (int) (bitLength / 8));
// secret exponent
BigInteger x = readBigInteger(bb, 20);
// Ignore 24 bytes of dssseed (only applicable to public keys)
for (int i = 0; i < 24; i++) {
bb.get();
}
DSAPrivateKeySpec dsaPrivateKeySpec = new DSAPrivateKeySpec(x, p, q, g);
KeyFactory keyFactory = KeyFactory.getInstance("DSA");
return (DSAPrivateKey) keyFactory.generatePrivate(dsaPrivateKeySpec);
} catch (IOException ex) {
throw new CryptoException(res.getString("NoConvertBlobToDsaKey.exception.message"), ex);
} catch (GeneralSecurityException ex) {
throw new CryptoException(res.getString("NoConvertBlobToDsaKey.exception.message"), ex);
}
}
Also used :
DSAPrivateKeySpec(java.security.spec.DSAPrivateKeySpec)
GeneralSecurityException(java.security.GeneralSecurityException)
BigInteger(java.math.BigInteger)
DSAPrivateKey(java.security.interfaces.DSAPrivateKey)
IOException(java.io.IOException)
CryptoException(org.kse.crypto.CryptoException)
ByteBuffer(java.nio.ByteBuffer)
KeyFactory(java.security.KeyFactory)
Aggregations
CryptoException (org.kse.crypto.CryptoException)80
GeneralSecurityException (java.security.GeneralSecurityException)22
IOException (java.io.IOException)21
X509Certificate (java.security.cert.X509Certificate)21
KeyStore (java.security.KeyStore)16
KeyStoreException (java.security.KeyStoreException)13
BigInteger (java.math.BigInteger)11
DError (org.kse.gui.error.DError)10
ByteArrayInputStream (java.io.ByteArrayInputStream)9
File (java.io.File)9
DefaultMutableTreeNode (javax.swing.tree.DefaultMutableTreeNode)9
ByteBuffer (java.nio.ByteBuffer)8
CertificateException (java.security.cert.CertificateException)8
PrivateKey (java.security.PrivateKey)7
KeyFactory (java.security.KeyFactory)6
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)6
CertificateFactory (java.security.cert.CertificateFactory)6
DSAPrivateKey (java.security.interfaces.DSAPrivateKey)6
RSAPrivateCrtKey (java.security.interfaces.RSAPrivateCrtKey)6
Cipher (javax.crypto.Cipher)6
