Search in sources :

Example 6 with Password

use of org.kse.crypto.Password in project keystore-explorer by kaikramer.

the class ExportKeyPairPrivateKeyAction method doAction.

/**
 * Do action.
 */
@Override
protected void doAction() {
    try {
        KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
        KeyStoreState currentState = history.getCurrentState();
        String alias = kseFrame.getSelectedEntryAlias();
        Password password = getEntryPassword(alias, currentState);
        if (password == null) {
            return;
        }
        KeyStore keyStore = currentState.getKeyStore();
        PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias, password.toCharArray());
        DExportPrivateKeyType dExportPrivateKeyType = new DExportPrivateKeyType(frame);
        dExportPrivateKeyType.setLocationRelativeTo(frame);
        dExportPrivateKeyType.setVisible(true);
        if (!dExportPrivateKeyType.exportTypeSelected()) {
            return;
        }
        if (dExportPrivateKeyType.exportPkcs8()) {
            exportAsPkcs8(privateKey, alias);
        } else if (dExportPrivateKeyType.exportPvk()) {
            exportAsPvk(privateKey, alias);
        } else {
            exportAsOpenSsl(privateKey, alias);
        }
    } catch (Exception ex) {
        DError.displayError(frame, ex);
    }
}
Also used : KeyStoreState(org.kse.utilities.history.KeyStoreState) KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) PrivateKey(java.security.PrivateKey) DExportPrivateKeyType(org.kse.gui.dialogs.importexport.DExportPrivateKeyType) KeyStore(java.security.KeyStore) CryptoException(org.kse.crypto.CryptoException) IOException(java.io.IOException) FileNotFoundException(java.io.FileNotFoundException) Password(org.kse.crypto.Password)

Example 7 with Password

use of org.kse.crypto.Password in project keystore-explorer by kaikramer.

the class GenerateSecretKeyAction method generateSecret.

/**
 * Generate a secret key in the currently opened KeyStore.
 */
public void generateSecret() {
    try {
        int secretKeySize = applicationSettings.getGenerateSecretKeySize();
        SecretKeyType secretKeyType = applicationSettings.getGenerateSecretKeyType();
        DGenerateSecretKey dGenerateSecretKey = new DGenerateSecretKey(frame, secretKeyType, secretKeySize);
        dGenerateSecretKey.setLocationRelativeTo(frame);
        dGenerateSecretKey.setVisible(true);
        if (!dGenerateSecretKey.isSuccessful()) {
            return;
        }
        secretKeySize = dGenerateSecretKey.getSecretKeySize();
        secretKeyType = dGenerateSecretKey.getSecretKeyType();
        applicationSettings.setGenerateSecretKeySize(secretKeySize);
        applicationSettings.setGenerateSecretKeyType(secretKeyType);
        SecretKey secretKey = SecretKeyUtil.generateSecretKey(secretKeyType, secretKeySize);
        KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
        KeyStoreState currentState = history.getCurrentState();
        KeyStoreState newState = currentState.createBasisForNextState(this);
        KeyStore keyStore = newState.getKeyStore();
        DGetAlias dGetAlias = new DGetAlias(frame, res.getString("GenerateSecretKeyAction.NewSecretKeyEntryAlias.Title"), null);
        dGetAlias.setLocationRelativeTo(frame);
        dGetAlias.setVisible(true);
        String alias = dGetAlias.getAlias();
        if (alias == null) {
            return;
        }
        if (keyStore.containsAlias(alias)) {
            String message = MessageFormat.format(res.getString("GenerateSecretKeyAction.OverWriteEntry.message"), alias);
            int selected = JOptionPane.showConfirmDialog(frame, message, res.getString("GenerateSecretKeyAction.NewSecretKeyEntryAlias.Title"), JOptionPane.YES_NO_OPTION);
            if (selected != JOptionPane.YES_OPTION) {
                return;
            }
        }
        Password password = new Password((char[]) null);
        KeyStoreType type = KeyStoreType.resolveJce(keyStore.getType());
        if (type.hasEntryPasswords()) {
            DGetNewPassword dGetNewPassword = new DGetNewPassword(frame, res.getString("GenerateSecretKeyAction.NewSecretKeyEntryPassword.Title"), applicationSettings.getPasswordQualityConfig());
            dGetNewPassword.setLocationRelativeTo(frame);
            dGetNewPassword.setVisible(true);
            password = dGetNewPassword.getPassword();
            if (password == null) {
                return;
            }
        }
        if (keyStore.containsAlias(alias)) {
            keyStore.deleteEntry(alias);
            newState.removeEntryPassword(alias);
        }
        keyStore.setKeyEntry(alias, secretKey, password.toCharArray(), null);
        newState.setEntryPassword(alias, password);
        currentState.append(newState);
        kseFrame.updateControls(true);
        JOptionPane.showMessageDialog(frame, res.getString("GenerateSecretKeyAction.SecretKeyGenerationSuccessful.message"), res.getString("GenerateSecretKeyAction.GenerateSecretKey.Title"), JOptionPane.INFORMATION_MESSAGE);
    } catch (Exception ex) {
        DError.displayError(frame, ex);
    }
}
Also used : KeyStoreState(org.kse.utilities.history.KeyStoreState) KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory) DGenerateSecretKey(org.kse.gui.dialogs.DGenerateSecretKey) KeyStore(java.security.KeyStore) DGetAlias(org.kse.gui.dialogs.DGetAlias) DGenerateSecretKey(org.kse.gui.dialogs.DGenerateSecretKey) SecretKey(javax.crypto.SecretKey) KeyStoreType(org.kse.crypto.keystore.KeyStoreType) SecretKeyType(org.kse.crypto.secretkey.SecretKeyType) DGetNewPassword(org.kse.gui.password.DGetNewPassword) DGetNewPassword(org.kse.gui.password.DGetNewPassword) Password(org.kse.crypto.Password)

Example 8 with Password

use of org.kse.crypto.Password in project keystore-explorer by kaikramer.

the class ImportCaReplyFromClipboardAction method doAction.

/**
 * Do action.
 */
@Override
protected void doAction() {
    try {
        KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
        KeyStoreState currentState = history.getCurrentState();
        String alias = kseFrame.getSelectedEntryAlias();
        Password password = getEntryPassword(alias, currentState);
        if (password == null) {
            return;
        }
        KeyStoreState newState = currentState.createBasisForNextState(this);
        KeyStore keyStore = newState.getKeyStore();
        KeyStoreType keyStoreType = KeyStoreType.resolveJce(keyStore.getType());
        Key privateKey = keyStore.getKey(alias, password.toCharArray());
        X509Certificate[] certs = openCaReply();
        if (certs == null || certs.length == 0) {
            return;
        }
        certs = X509CertUtil.orderX509CertChain(certs);
        X509Certificate[] exitingEntryCerts = X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(keyStore.getCertificateChain(alias)));
        if (!exitingEntryCerts[0].getPublicKey().equals(certs[0].getPublicKey())) {
            JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.NoMatchPubKeyCaReply.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.WARNING_MESSAGE);
            return;
        }
        // Holds the new certificate chain for the entry should the import succeed
        X509Certificate[] newCertChain = null;
        if (!applicationSettings.getEnableImportCaReplyTrustCheck()) {
            newCertChain = certs;
        } else {
            KeyStore caCertificates = getCaCertificates();
            KeyStore windowsTrustedRootCertificates = getWindowsTrustedRootCertificates();
            // of the certificates in the CA Certificates or current KeyStore
            if (certs.length > 1) {
                X509Certificate rootCert = certs[certs.length - 1];
                String matchAlias = null;
                if (caCertificates != null) {
                    // Match against CA Certificates KeyStore
                    matchAlias = X509CertUtil.matchCertificate(caCertificates, rootCert);
                }
                // Match against Windows Trusted Root Certificates KeyStore
                if (windowsTrustedRootCertificates != null && matchAlias == null) {
                    matchAlias = X509CertUtil.matchCertificate(windowsTrustedRootCertificates, rootCert);
                }
                if (matchAlias == null) {
                    // Match against current KeyStore
                    matchAlias = X509CertUtil.matchCertificate(keyStore, rootCert);
                }
                if (matchAlias == null) {
                    // No match for the root certificate - display the certificate to the user for confirmation
                    JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.NoMatchRootCertCaReplyConfirm.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.INFORMATION_MESSAGE);
                    DViewCertificate dViewCertificate = new DViewCertificate(frame, MessageFormat.format(res.getString("ImportCaReplyFromClipboardAction.CertDetailsFile.Title"), "Clipboard"), new X509Certificate[] { rootCert }, null, DViewCertificate.NONE);
                    dViewCertificate.setLocationRelativeTo(frame);
                    dViewCertificate.setVisible(true);
                    int selected = JOptionPane.showConfirmDialog(frame, res.getString("ImportCaReplyFromClipboardAction.AcceptCaReply.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.YES_NO_OPTION);
                    if (selected != JOptionPane.YES_OPTION) {
                        return;
                    }
                    newCertChain = certs;
                } else {
                    newCertChain = certs;
                }
            } else // Single X.509 certificate reply - try and establish a chain of
            // trust from the certificate and ending with a root CA self-signed certificate
            {
                // Establish trust against current KeyStore
                ArrayList<KeyStore> compKeyStores = new ArrayList<KeyStore>();
                compKeyStores.add(keyStore);
                if (caCertificates != null) {
                    // Establish trust against CA Certificates KeyStore
                    compKeyStores.add(caCertificates);
                }
                if (windowsTrustedRootCertificates != null) {
                    // Establish trust against Windows Trusted Root Certificates KeyStore
                    compKeyStores.add(windowsTrustedRootCertificates);
                }
                X509Certificate[] trustChain = X509CertUtil.establishTrust(certs[0], compKeyStores.toArray(new KeyStore[compKeyStores.size()]));
                if (trustChain != null) {
                    newCertChain = trustChain;
                } else {
                    // Cannot establish trust for the certificate - fail
                    JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.NoTrustCaReply.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.WARNING_MESSAGE);
                    return;
                }
            }
        }
        if (keyStoreType.isFileBased()) {
            // TODO: why or when is delete actually necessary???
            keyStore.deleteEntry(alias);
            keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), newCertChain);
        } else {
            keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), newCertChain);
        }
        currentState.append(newState);
        kseFrame.updateControls(true);
        JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.ImportCaReplySuccessful.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.INFORMATION_MESSAGE);
    } catch (Exception ex) {
        DError.displayError(frame, ex);
    }
}
Also used : KeyStoreState(org.kse.utilities.history.KeyStoreState) KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory) ArrayList(java.util.ArrayList) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) KeyStoreType(org.kse.crypto.keystore.KeyStoreType) DViewCertificate(org.kse.gui.dialogs.DViewCertificate) Key(java.security.Key) Password(org.kse.crypto.Password)

Example 9 with Password

use of org.kse.crypto.Password in project keystore-explorer by kaikramer.

the class ExamineFileAction method openPrivateKey.

private void openPrivateKey(File file, CryptoFileType fileType) throws IOException, CryptoException {
    PrivateKey privKey = null;
    Password password = null;
    switch(fileType) {
        case ENC_PKCS8_PVK:
            password = getPassword(file);
            if (password == null || password.isNulled()) {
                return;
            }
            privKey = Pkcs8Util.loadEncrypted(new FileInputStream(file), password);
            break;
        case UNENC_PKCS8_PVK:
            privKey = Pkcs8Util.load(new FileInputStream(file));
            break;
        case ENC_OPENSSL_PVK:
            password = getPassword(file);
            if (password == null || password.isNulled()) {
                return;
            }
            privKey = OpenSslPvkUtil.loadEncrypted(new FileInputStream(file), password);
            break;
        case UNENC_OPENSSL_PVK:
            privKey = OpenSslPvkUtil.load(new FileInputStream(file));
            break;
        case ENC_MS_PVK:
            password = getPassword(file);
            if (password == null || password.isNulled()) {
                return;
            }
            privKey = MsPvkUtil.loadEncrypted(new FileInputStream(file), password);
            break;
        case UNENC_MS_PVK:
            privKey = MsPvkUtil.load(new FileInputStream(file));
            break;
        default:
            break;
    }
    DViewPrivateKey dViewPrivateKey = new DViewPrivateKey(frame, MessageFormat.format(res.getString("ExamineFileAction.PrivateKeyDetailsFile.Title"), file.getName()), privKey, null);
    dViewPrivateKey.setLocationRelativeTo(frame);
    dViewPrivateKey.setVisible(true);
}
Also used : DViewPrivateKey(org.kse.gui.dialogs.DViewPrivateKey) PrivateKey(java.security.PrivateKey) DViewPrivateKey(org.kse.gui.dialogs.DViewPrivateKey) FileInputStream(java.io.FileInputStream) DGetPassword(org.kse.gui.password.DGetPassword) Password(org.kse.crypto.Password)

Example 10 with Password

use of org.kse.crypto.Password in project keystore-explorer by kaikramer.

the class CopyAction method bufferSelectedEntry.

private BufferEntry bufferSelectedEntry() {
    try {
        KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
        KeyStoreState currentState = history.getCurrentState();
        String alias = kseFrame.getSelectedEntryAlias();
        if (alias == null) {
            return null;
        }
        BufferEntry bufferEntry = null;
        KeyStore keyStore = currentState.getKeyStore();
        if (KeyStoreUtil.isKeyEntry(alias, keyStore)) {
            Password password = getEntryPassword(alias, currentState);
            if (password == null) {
                return null;
            }
            Key key = keyStore.getKey(alias, password.toCharArray());
            if (key instanceof PrivateKey) {
                JOptionPane.showMessageDialog(frame, res.getString("CopyAction.NoCopyKeyEntryWithPrivateKey.message"), res.getString("CopyAction.Copy.Title"), JOptionPane.WARNING_MESSAGE);
                return null;
            }
            bufferEntry = new KeyBufferEntry(alias, false, key, password);
        } else if (KeyStoreUtil.isTrustedCertificateEntry(alias, keyStore)) {
            Certificate certificate = keyStore.getCertificate(alias);
            bufferEntry = new TrustedCertificateBufferEntry(alias, false, certificate);
        } else if (KeyStoreUtil.isKeyPairEntry(alias, keyStore)) {
            Password password = getEntryPassword(alias, currentState);
            if (password == null) {
                return null;
            }
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias, password.toCharArray());
            Certificate[] certificateChain = keyStore.getCertificateChain(alias);
            bufferEntry = new KeyPairBufferEntry(alias, false, privateKey, password, certificateChain);
        }
        return bufferEntry;
    } catch (Exception ex) {
        DError.displayError(frame, ex);
        return null;
    }
}
Also used : KeyStoreState(org.kse.utilities.history.KeyStoreState) KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory) PrivateKey(java.security.PrivateKey) KeyStore(java.security.KeyStore) KeyBufferEntry(org.kse.utilities.buffer.KeyBufferEntry) KeyPairBufferEntry(org.kse.utilities.buffer.KeyPairBufferEntry) TrustedCertificateBufferEntry(org.kse.utilities.buffer.TrustedCertificateBufferEntry) BufferEntry(org.kse.utilities.buffer.BufferEntry) KeyPairBufferEntry(org.kse.utilities.buffer.KeyPairBufferEntry) KeyBufferEntry(org.kse.utilities.buffer.KeyBufferEntry) TrustedCertificateBufferEntry(org.kse.utilities.buffer.TrustedCertificateBufferEntry) Key(java.security.Key) PrivateKey(java.security.PrivateKey) Password(org.kse.crypto.Password) Certificate(java.security.cert.Certificate)

Aggregations

Password (org.kse.crypto.Password)60 KeyStore (java.security.KeyStore)35 KeyStoreState (org.kse.utilities.history.KeyStoreState)32 KeyStoreHistory (org.kse.utilities.history.KeyStoreHistory)31 PrivateKey (java.security.PrivateKey)24 File (java.io.File)23 FileNotFoundException (java.io.FileNotFoundException)16 Key (java.security.Key)15 X509Certificate (java.security.cert.X509Certificate)15 Certificate (java.security.cert.Certificate)13 KeyStoreType (org.kse.crypto.keystore.KeyStoreType)12 CryptoException (org.kse.crypto.CryptoException)9 DProblem (org.kse.gui.error.DProblem)9 Problem (org.kse.gui.error.Problem)9 DGetAlias (org.kse.gui.dialogs.DGetAlias)8 DGetNewPassword (org.kse.gui.password.DGetNewPassword)8 JPasswordField (javax.swing.JPasswordField)6 DViewPrivateKey (org.kse.gui.dialogs.DViewPrivateKey)6 DGetPassword (org.kse.gui.password.DGetPassword)6 FileInputStream (java.io.FileInputStream)5