use of org.kse.crypto.Password in project keystore-explorer by kaikramer.
the class AppendToCertificateChainAction method doAction.
/**
* Do action.
*/
@Override
protected void doAction() {
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
KeyStoreState currentState = history.getCurrentState();
String alias = kseFrame.getSelectedEntryAlias();
Password password = getEntryPassword(alias, currentState);
if (password == null) {
return;
}
KeyStoreState newState = currentState.createBasisForNextState(this);
KeyStore keyStore = newState.getKeyStore();
Key privKey = keyStore.getKey(alias, password.toCharArray());
X509Certificate[] certChain = X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(keyStore.getCertificateChain(alias)));
// Certificate to append to is the end one in the chain
X509Certificate certToAppendTo = certChain[certChain.length - 1];
if (X509CertUtil.isCertificateSelfSigned(certToAppendTo)) {
JOptionPane.showMessageDialog(frame, res.getString("AppendToCertificateChainAction.CannotAppendCertSelfSigned.message"), res.getString("AppendToCertificateChainAction.AppendToCertificateChain.Title"), JOptionPane.WARNING_MESSAGE);
return;
}
File certFile = chooseAppendCertificateFile();
if (certFile == null) {
return;
}
X509Certificate[] certs = openCertificate(certFile);
if ((certs == null) || (certs.length == 0)) {
return;
}
if (certs.length > 1) {
JOptionPane.showMessageDialog(frame, res.getString("AppendToCertificateChainAction.NoMultipleAppendCert.message"), res.getString("AppendToCertificateChainAction.AppendToCertificateChain.Title"), JOptionPane.WARNING_MESSAGE);
return;
}
X509Certificate certToAppend = certs[0];
if (!X509CertUtil.verifyCertificate(certToAppendTo, certToAppend)) {
JOptionPane.showMessageDialog(frame, res.getString("AppendToCertificateChainAction.AppendCertNotSigner.message"), res.getString("AppendToCertificateChainAction.AppendToCertificateChain.Title"), JOptionPane.WARNING_MESSAGE);
return;
}
X509Certificate[] newCertChain = new X509Certificate[certChain.length + 1];
System.arraycopy(certChain, 0, newCertChain, 0, certChain.length);
newCertChain[newCertChain.length - 1] = certToAppend;
keyStore.deleteEntry(alias);
keyStore.setKeyEntry(alias, privKey, password.toCharArray(), newCertChain);
currentState.append(newState);
kseFrame.updateControls(true);
JOptionPane.showMessageDialog(frame, res.getString("AppendToCertificateChainAction.AppendToCertificateChainSuccessful.message"), res.getString("AppendToCertificateChainAction.AppendToCertificateChain.Title"), JOptionPane.INFORMATION_MESSAGE);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
}
use of org.kse.crypto.Password in project keystore-explorer by kaikramer.
the class AuthorityCertificatesAction method loadCaCertificatesKeyStore.
private KeyStore loadCaCertificatesKeyStore() {
File caCertificatesFile = applicationSettings.getCaCertificatesFile();
KeyStore caCertificatesKeyStore = null;
try {
// first try to open cacerts with default password
try {
Password password = new Password(AuthorityCertificates.CACERTS_DEFAULT_PWD.toCharArray());
caCertificatesKeyStore = KeyStoreUtil.load(caCertificatesFile, password);
if (caCertificatesFile != null) {
return caCertificatesKeyStore;
}
} catch (KeyStoreLoadException ex) {
// not default password, continue with password dialog
}
DGetPassword dGetPassword = new DGetPassword(frame, res.getString("AuthorityCertificatesAction.CaCertificatesKeyStorePassword.Title"));
dGetPassword.setLocationRelativeTo(frame);
dGetPassword.setVisible(true);
Password password = dGetPassword.getPassword();
if (password == null) {
return null;
}
try {
caCertificatesKeyStore = KeyStoreUtil.load(caCertificatesFile, password);
} catch (KeyStoreLoadException ex) {
String problemStr = MessageFormat.format(res.getString("AuthorityCertificatesAction.NoOpenCaCertificatesKeyStore.Problem"), ex.getKeyStoreType(), caCertificatesFile.getName());
String[] causes = new String[] { res.getString("AuthorityCertificatesAction.PasswordIncorrectKeyStore.Cause"), res.getString("AuthorityCertificatesAction.CorruptedKeyStore.Cause") };
Problem problem = new Problem(problemStr, causes, ex);
DProblem dProblem = new DProblem(frame, res.getString("AuthorityCertificatesAction.ProblemOpeningCaCertificatesKeyStore.Title"), problem);
dProblem.setLocationRelativeTo(frame);
dProblem.setVisible(true);
return null;
}
if (caCertificatesKeyStore == null) {
JOptionPane.showMessageDialog(frame, MessageFormat.format(res.getString("AuthorityCertificatesAction.FileNotRecognisedType.message"), caCertificatesFile.getName()), res.getString("AuthorityCertificatesAction.OpenCaCertificatesKeyStore.Title"), JOptionPane.WARNING_MESSAGE);
return null;
}
return caCertificatesKeyStore;
} catch (FileNotFoundException ex) {
JOptionPane.showMessageDialog(frame, MessageFormat.format(res.getString("AuthorityCertificatesAction.NoReadFile.message"), caCertificatesFile), res.getString("AuthorityCertificatesAction.OpenCaCertificatesKeyStore.Title"), JOptionPane.WARNING_MESSAGE);
return null;
} catch (Exception ex) {
DError.displayError(frame, ex);
return null;
}
}
use of org.kse.crypto.Password in project keystore-explorer by kaikramer.
the class ChangeTypeAction method copyKeyPairEntry.
private boolean copyKeyPairEntry(KeyStoreType newKeyStoreType, KeyStoreState currentState, KeyStore currentKeyStore, String currentType, KeyStore newKeyStore, String alias) throws KeyStoreException, CryptoException, NoSuchAlgorithmException, UnrecoverableKeyException {
Certificate[] certificateChain = currentKeyStore.getCertificateChain(alias);
certificateChain = X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(certificateChain));
Password password = getEntryPassword(alias, currentState);
if (password == null) {
return false;
}
Key privateKey = currentKeyStore.getKey(alias, password.toCharArray());
currentState.setEntryPassword(alias, password);
// EC key pair? => might not be supported in target key store type
if (KeyStoreUtil.isECKeyPair(alias, currentKeyStore)) {
String namedCurve = EccUtil.getNamedCurve(currentKeyStore.getKey(alias, password.toCharArray()));
// EC or curve not supported?
if (!newKeyStoreType.supportsECC() || !newKeyStoreType.supportsNamedCurve(namedCurve)) {
// show warning and abort change or just skip depending on user choice
return showWarnNoECC();
}
}
newKeyStore.setKeyEntry(alias, privateKey, password.toCharArray(), certificateChain);
return true;
}
use of org.kse.crypto.Password in project keystore-explorer by kaikramer.
the class ChangeTypeAction method copySecretKeyEntry.
private boolean copySecretKeyEntry(KeyStoreType newKeyStoreType, KeyStoreState currentState, KeyStore currentKeyStore, KeyStore newKeyStore, String alias) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
if (newKeyStoreType.supportsKeyEntries()) {
Password password = getEntryPassword(alias, currentState);
if (password == null) {
return false;
}
Key secretKey = currentKeyStore.getKey(alias, password.toCharArray());
currentState.setEntryPassword(alias, password);
newKeyStore.setKeyEntry(alias, secretKey, password.toCharArray(), null);
} else {
// show warning and let user decide whether to abort (return false) or just skip the entry (true)
return showWarnNoChangeKey();
}
return true;
}
use of org.kse.crypto.Password in project keystore-explorer by kaikramer.
the class ExportKeyPairPrivateKeyAction method exportAsPvk.
private void exportAsPvk(PrivateKey privateKey, String alias) throws CryptoException, IOException {
File exportFile = null;
try {
DExportPrivateKeyPvk dExportPrivateKeyPvk = new DExportPrivateKeyPvk(frame, alias, privateKey, applicationSettings.getPasswordQualityConfig());
dExportPrivateKeyPvk.setLocationRelativeTo(frame);
dExportPrivateKeyPvk.setVisible(true);
if (!dExportPrivateKeyPvk.exportSelected()) {
return;
}
exportFile = dExportPrivateKeyPvk.getExportFile();
int keyType = dExportPrivateKeyPvk.getKeyType();
boolean encrypt = dExportPrivateKeyPvk.encrypt();
boolean strongEncryption = false;
Password exportPassword = null;
if (encrypt) {
strongEncryption = dExportPrivateKeyPvk.useStrongEncryption();
exportPassword = dExportPrivateKeyPvk.getExportPassword();
}
byte[] encoded = getPvkEncodedPrivateKey(privateKey, keyType, exportPassword, strongEncryption);
exportEncodedPrivateKey(encoded, exportFile);
JOptionPane.showMessageDialog(frame, res.getString("ExportKeyPairPrivateKeyAction.ExportPrivateKeyPvkSuccessful.message"), res.getString("ExportKeyPairPrivateKeyAction.ExportPrivateKeyPvk.Title"), JOptionPane.INFORMATION_MESSAGE);
} catch (FileNotFoundException ex) {
String message = MessageFormat.format(res.getString("ExportKeyPairPrivateKeyAction.NoWriteFile.message"), exportFile);
JOptionPane.showMessageDialog(frame, message, res.getString("ExportKeyPairPrivateKeyAction.ExportPrivateKeyPvk.Title"), JOptionPane.WARNING_MESSAGE);
}
}
Aggregations