Search in sources :

Example 1 with Password

use of org.kse.crypto.Password in project keystore-explorer by kaikramer.

the class AppendToCertificateChainAction method doAction.

/**
 * Do action.
 */
@Override
protected void doAction() {
    try {
        KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
        KeyStoreState currentState = history.getCurrentState();
        String alias = kseFrame.getSelectedEntryAlias();
        Password password = getEntryPassword(alias, currentState);
        if (password == null) {
            return;
        }
        KeyStoreState newState = currentState.createBasisForNextState(this);
        KeyStore keyStore = newState.getKeyStore();
        Key privKey = keyStore.getKey(alias, password.toCharArray());
        X509Certificate[] certChain = X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(keyStore.getCertificateChain(alias)));
        // Certificate to append to is the end one in the chain
        X509Certificate certToAppendTo = certChain[certChain.length - 1];
        if (X509CertUtil.isCertificateSelfSigned(certToAppendTo)) {
            JOptionPane.showMessageDialog(frame, res.getString("AppendToCertificateChainAction.CannotAppendCertSelfSigned.message"), res.getString("AppendToCertificateChainAction.AppendToCertificateChain.Title"), JOptionPane.WARNING_MESSAGE);
            return;
        }
        File certFile = chooseAppendCertificateFile();
        if (certFile == null) {
            return;
        }
        X509Certificate[] certs = openCertificate(certFile);
        if ((certs == null) || (certs.length == 0)) {
            return;
        }
        if (certs.length > 1) {
            JOptionPane.showMessageDialog(frame, res.getString("AppendToCertificateChainAction.NoMultipleAppendCert.message"), res.getString("AppendToCertificateChainAction.AppendToCertificateChain.Title"), JOptionPane.WARNING_MESSAGE);
            return;
        }
        X509Certificate certToAppend = certs[0];
        if (!X509CertUtil.verifyCertificate(certToAppendTo, certToAppend)) {
            JOptionPane.showMessageDialog(frame, res.getString("AppendToCertificateChainAction.AppendCertNotSigner.message"), res.getString("AppendToCertificateChainAction.AppendToCertificateChain.Title"), JOptionPane.WARNING_MESSAGE);
            return;
        }
        X509Certificate[] newCertChain = new X509Certificate[certChain.length + 1];
        System.arraycopy(certChain, 0, newCertChain, 0, certChain.length);
        newCertChain[newCertChain.length - 1] = certToAppend;
        keyStore.deleteEntry(alias);
        keyStore.setKeyEntry(alias, privKey, password.toCharArray(), newCertChain);
        currentState.append(newState);
        kseFrame.updateControls(true);
        JOptionPane.showMessageDialog(frame, res.getString("AppendToCertificateChainAction.AppendToCertificateChainSuccessful.message"), res.getString("AppendToCertificateChainAction.AppendToCertificateChain.Title"), JOptionPane.INFORMATION_MESSAGE);
    } catch (Exception ex) {
        DError.displayError(frame, ex);
    }
}
Also used : KeyStoreState(org.kse.utilities.history.KeyStoreState) KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory) KeyStore(java.security.KeyStore) File(java.io.File) Key(java.security.Key) X509Certificate(java.security.cert.X509Certificate) Password(org.kse.crypto.Password)

Example 2 with Password

use of org.kse.crypto.Password in project keystore-explorer by kaikramer.

the class AuthorityCertificatesAction method loadCaCertificatesKeyStore.

private KeyStore loadCaCertificatesKeyStore() {
    File caCertificatesFile = applicationSettings.getCaCertificatesFile();
    KeyStore caCertificatesKeyStore = null;
    try {
        // first try to open cacerts with default password
        try {
            Password password = new Password(AuthorityCertificates.CACERTS_DEFAULT_PWD.toCharArray());
            caCertificatesKeyStore = KeyStoreUtil.load(caCertificatesFile, password);
            if (caCertificatesFile != null) {
                return caCertificatesKeyStore;
            }
        } catch (KeyStoreLoadException ex) {
        // not default password, continue with password dialog
        }
        DGetPassword dGetPassword = new DGetPassword(frame, res.getString("AuthorityCertificatesAction.CaCertificatesKeyStorePassword.Title"));
        dGetPassword.setLocationRelativeTo(frame);
        dGetPassword.setVisible(true);
        Password password = dGetPassword.getPassword();
        if (password == null) {
            return null;
        }
        try {
            caCertificatesKeyStore = KeyStoreUtil.load(caCertificatesFile, password);
        } catch (KeyStoreLoadException ex) {
            String problemStr = MessageFormat.format(res.getString("AuthorityCertificatesAction.NoOpenCaCertificatesKeyStore.Problem"), ex.getKeyStoreType(), caCertificatesFile.getName());
            String[] causes = new String[] { res.getString("AuthorityCertificatesAction.PasswordIncorrectKeyStore.Cause"), res.getString("AuthorityCertificatesAction.CorruptedKeyStore.Cause") };
            Problem problem = new Problem(problemStr, causes, ex);
            DProblem dProblem = new DProblem(frame, res.getString("AuthorityCertificatesAction.ProblemOpeningCaCertificatesKeyStore.Title"), problem);
            dProblem.setLocationRelativeTo(frame);
            dProblem.setVisible(true);
            return null;
        }
        if (caCertificatesKeyStore == null) {
            JOptionPane.showMessageDialog(frame, MessageFormat.format(res.getString("AuthorityCertificatesAction.FileNotRecognisedType.message"), caCertificatesFile.getName()), res.getString("AuthorityCertificatesAction.OpenCaCertificatesKeyStore.Title"), JOptionPane.WARNING_MESSAGE);
            return null;
        }
        return caCertificatesKeyStore;
    } catch (FileNotFoundException ex) {
        JOptionPane.showMessageDialog(frame, MessageFormat.format(res.getString("AuthorityCertificatesAction.NoReadFile.message"), caCertificatesFile), res.getString("AuthorityCertificatesAction.OpenCaCertificatesKeyStore.Title"), JOptionPane.WARNING_MESSAGE);
        return null;
    } catch (Exception ex) {
        DError.displayError(frame, ex);
        return null;
    }
}
Also used : DGetPassword(org.kse.gui.password.DGetPassword) KeyStoreLoadException(org.kse.crypto.keystore.KeyStoreLoadException) FileNotFoundException(java.io.FileNotFoundException) DProblem(org.kse.gui.error.DProblem) Problem(org.kse.gui.error.Problem) File(java.io.File) KeyStore(java.security.KeyStore) DProblem(org.kse.gui.error.DProblem) FileNotFoundException(java.io.FileNotFoundException) CryptoException(org.kse.crypto.CryptoException) KeyStoreLoadException(org.kse.crypto.keystore.KeyStoreLoadException) DGetPassword(org.kse.gui.password.DGetPassword) Password(org.kse.crypto.Password)

Example 3 with Password

use of org.kse.crypto.Password in project keystore-explorer by kaikramer.

the class ChangeTypeAction method copyKeyPairEntry.

private boolean copyKeyPairEntry(KeyStoreType newKeyStoreType, KeyStoreState currentState, KeyStore currentKeyStore, String currentType, KeyStore newKeyStore, String alias) throws KeyStoreException, CryptoException, NoSuchAlgorithmException, UnrecoverableKeyException {
    Certificate[] certificateChain = currentKeyStore.getCertificateChain(alias);
    certificateChain = X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(certificateChain));
    Password password = getEntryPassword(alias, currentState);
    if (password == null) {
        return false;
    }
    Key privateKey = currentKeyStore.getKey(alias, password.toCharArray());
    currentState.setEntryPassword(alias, password);
    // EC key pair? => might not be supported in target key store type
    if (KeyStoreUtil.isECKeyPair(alias, currentKeyStore)) {
        String namedCurve = EccUtil.getNamedCurve(currentKeyStore.getKey(alias, password.toCharArray()));
        // EC or curve not supported?
        if (!newKeyStoreType.supportsECC() || !newKeyStoreType.supportsNamedCurve(namedCurve)) {
            // show warning and abort change or just skip depending on user choice
            return showWarnNoECC();
        }
    }
    newKeyStore.setKeyEntry(alias, privateKey, password.toCharArray(), certificateChain);
    return true;
}
Also used : Key(java.security.Key) Certificate(java.security.cert.Certificate) Password(org.kse.crypto.Password)

Example 4 with Password

use of org.kse.crypto.Password in project keystore-explorer by kaikramer.

the class ChangeTypeAction method copySecretKeyEntry.

private boolean copySecretKeyEntry(KeyStoreType newKeyStoreType, KeyStoreState currentState, KeyStore currentKeyStore, KeyStore newKeyStore, String alias) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
    if (newKeyStoreType.supportsKeyEntries()) {
        Password password = getEntryPassword(alias, currentState);
        if (password == null) {
            return false;
        }
        Key secretKey = currentKeyStore.getKey(alias, password.toCharArray());
        currentState.setEntryPassword(alias, password);
        newKeyStore.setKeyEntry(alias, secretKey, password.toCharArray(), null);
    } else {
        // show warning and let user decide whether to abort (return false) or just skip the entry (true)
        return showWarnNoChangeKey();
    }
    return true;
}
Also used : Key(java.security.Key) Password(org.kse.crypto.Password)

Example 5 with Password

use of org.kse.crypto.Password in project keystore-explorer by kaikramer.

the class ExportKeyPairPrivateKeyAction method exportAsPvk.

private void exportAsPvk(PrivateKey privateKey, String alias) throws CryptoException, IOException {
    File exportFile = null;
    try {
        DExportPrivateKeyPvk dExportPrivateKeyPvk = new DExportPrivateKeyPvk(frame, alias, privateKey, applicationSettings.getPasswordQualityConfig());
        dExportPrivateKeyPvk.setLocationRelativeTo(frame);
        dExportPrivateKeyPvk.setVisible(true);
        if (!dExportPrivateKeyPvk.exportSelected()) {
            return;
        }
        exportFile = dExportPrivateKeyPvk.getExportFile();
        int keyType = dExportPrivateKeyPvk.getKeyType();
        boolean encrypt = dExportPrivateKeyPvk.encrypt();
        boolean strongEncryption = false;
        Password exportPassword = null;
        if (encrypt) {
            strongEncryption = dExportPrivateKeyPvk.useStrongEncryption();
            exportPassword = dExportPrivateKeyPvk.getExportPassword();
        }
        byte[] encoded = getPvkEncodedPrivateKey(privateKey, keyType, exportPassword, strongEncryption);
        exportEncodedPrivateKey(encoded, exportFile);
        JOptionPane.showMessageDialog(frame, res.getString("ExportKeyPairPrivateKeyAction.ExportPrivateKeyPvkSuccessful.message"), res.getString("ExportKeyPairPrivateKeyAction.ExportPrivateKeyPvk.Title"), JOptionPane.INFORMATION_MESSAGE);
    } catch (FileNotFoundException ex) {
        String message = MessageFormat.format(res.getString("ExportKeyPairPrivateKeyAction.NoWriteFile.message"), exportFile);
        JOptionPane.showMessageDialog(frame, message, res.getString("ExportKeyPairPrivateKeyAction.ExportPrivateKeyPvk.Title"), JOptionPane.WARNING_MESSAGE);
    }
}
Also used : DExportPrivateKeyPvk(org.kse.gui.dialogs.importexport.DExportPrivateKeyPvk) FileNotFoundException(java.io.FileNotFoundException) File(java.io.File) Password(org.kse.crypto.Password)

Aggregations

Password (org.kse.crypto.Password)60 KeyStore (java.security.KeyStore)35 KeyStoreState (org.kse.utilities.history.KeyStoreState)32 KeyStoreHistory (org.kse.utilities.history.KeyStoreHistory)31 PrivateKey (java.security.PrivateKey)24 File (java.io.File)23 FileNotFoundException (java.io.FileNotFoundException)16 Key (java.security.Key)15 X509Certificate (java.security.cert.X509Certificate)15 Certificate (java.security.cert.Certificate)13 KeyStoreType (org.kse.crypto.keystore.KeyStoreType)12 CryptoException (org.kse.crypto.CryptoException)9 DProblem (org.kse.gui.error.DProblem)9 Problem (org.kse.gui.error.Problem)9 DGetAlias (org.kse.gui.dialogs.DGetAlias)8 DGetNewPassword (org.kse.gui.password.DGetNewPassword)8 JPasswordField (javax.swing.JPasswordField)6 DViewPrivateKey (org.kse.gui.dialogs.DViewPrivateKey)6 DGetPassword (org.kse.gui.password.DGetPassword)6 FileInputStream (java.io.FileInputStream)5