Examples with KeyStoreType org.kse.crypto.keystore.KeyStoreType used on opensource projects

Search in sources :

Example 1 with KeyStoreType

use of org.kse.crypto.keystore.KeyStoreType in project keystore-explorer by kaikramer.

the class KeyStoreTableModel method load.

/**
 * Load the KeyStoreTableModel with the entries from a KeyStore.
 *
 * @param history
 *            KeyStore history
 * @throws GeneralSecurityException
 *             If a KeyStore problem occurs while accessing the KeyStore's
 *             entries
 * @throws CryptoException
 *             If a crypto problem occurs while accessing the KeyStore's
 *             entries
 */
public void load(KeyStoreHistory history) throws GeneralSecurityException, CryptoException {
    KeyStoreState currentState = history.getCurrentState();
    KeyStore keyStore = currentState.getKeyStore();
    KeyStoreType type = KeyStoreType.resolveJce(keyStore.getType());
    Enumeration<String> aliases = keyStore.aliases();
    TreeMap<String, String> sortedAliases = new TreeMap<String, String>(new AliasComparator());
    while (aliases.hasMoreElements()) {
        String alias = aliases.nextElement();
        if (!KeyStoreUtil.isSupportedEntryType(alias, keyStore)) {
            continue;
        }
        sortedAliases.put(alias, alias);
    }
    data = new Object[sortedAliases.size()][8];
    int i = 0;
    for (Iterator<Entry<String, String>> itr = sortedAliases.entrySet().iterator(); itr.hasNext(); i++) {
        String alias = itr.next().getKey();
        String entryType = null;
        // Type column
        if (KeyStoreUtil.isTrustedCertificateEntry(alias, keyStore)) {
            entryType = TRUST_CERT_ENTRY;
        } else if (KeyStoreUtil.isKeyPairEntry(alias, keyStore)) {
            entryType = KEY_PAIR_ENTRY;
        } else {
            entryType = KEY_ENTRY;
        }
        data[i][0] = entryType;
        // Lock column - only applies to KeyStores types that actually support passwords for entries
        if ((entryType.equals(KEY_PAIR_ENTRY) || entryType.equals(KEY_ENTRY)) && type.hasEntryPasswords()) {
            if (currentState.getEntryPassword(alias) != null) {
                // Unlocked
                data[i][1] = Boolean.FALSE;
            } else {
                // Locked
                data[i][1] = Boolean.TRUE;
            }
        } else {
            // Lock status does not apply
            data[i][1] = null;
        }
        // Expiry status column
        Date expiry = getCertificateExpiry(alias, keyStore);
        if (expiry == null) {
            // No expiry - must be a key entry
            data[i][2] = null;
        } else if (new Date().after(expiry)) {
            // Expired
            data[i][2] = Boolean.TRUE;
        } else {
            // Not expired
            data[i][2] = Boolean.FALSE;
        }
        // Alias column
        data[i][3] = alias;
        KeyInfo keyInfo = getKeyInfo(alias, keyStore, currentState);
        if (keyInfo != null) {
            // Algorithm column
            data[i][4] = getAlgorithmName(keyInfo);
            // Key Size column
            data[i][5] = keyInfo.getSize();
        }
        // Expiry date column
        if (expiry != null) {
            data[i][6] = expiry;
        } else {
            // No expiry date - must be a key entry
            data[i][6] = null;
        }
        // Modified date column - only applies to non-PKCS #11/#12 KeyStores
        if (!keyStore.getType().equals(KeyStoreType.PKCS12.jce()) && !keyStore.getType().equals(KeyStoreType.PKCS11.jce())) {
            data[i][7] = keyStore.getCreationDate(alias);
        } else {
            data[i][7] = null;
        }
    }
    fireTableDataChanged();
}
Also used : KeyStoreState(org.kse.utilities.history.KeyStoreState) TreeMap(java.util.TreeMap) KeyStore(java.security.KeyStore) Date(java.util.Date) Entry(java.util.Map.Entry) KeyStoreType(org.kse.crypto.keystore.KeyStoreType) KeyInfo(org.kse.crypto.KeyInfo)

Example 2 with KeyStoreType

use of org.kse.crypto.keystore.KeyStoreType in project keystore-explorer by kaikramer.

the class KseFrame method getKeyStoreStatusText.

private String getKeyStoreStatusText(KeyStoreHistory history) {
    // Status Text: 'KeyStore Type, Size, Path'
    KeyStoreState currentState = history.getCurrentState();
    KeyStore ksLoaded = currentState.getKeyStore();
    int size;
    try {
        size = ksLoaded.size();
    } catch (KeyStoreException ex) {
        DError.displayError(frame, ex);
        return "";
    }
    KeyStoreType keyStoreType = currentState.getType();
    return MessageFormat.format(res.getString("KseFrame.entries.statusbar"), keyStoreType.friendly(), size, history.getPath());
}
Also used : KeyStoreState(org.kse.utilities.history.KeyStoreState) KeyStoreType(org.kse.crypto.keystore.KeyStoreType) KeyStoreException(java.security.KeyStoreException) KeyStore(java.security.KeyStore) Point(java.awt.Point)

Example 3 with KeyStoreType

use of org.kse.crypto.keystore.KeyStoreType in project keystore-explorer by kaikramer.

the class KseFrame method maybeShowSelectedEntryPopupMenu.

private void maybeShowSelectedEntryPopupMenu(MouseEvent evt) {
    JTable jtKeyStore = (JTable) evt.getComponent();
    Point point = new Point(evt.getX(), evt.getY());
    int row = jtKeyStore.rowAtPoint(point);
    KeyStoreType type = KeyStoreType.resolveJce(getActiveKeyStoreHistory().getCurrentState().getKeyStore().getType());
    if (evt.isPopupTrigger()) {
        if (row != -1) {
            jtKeyStore.setRowSelectionInterval(row, row);
            if (jtKeyStore.getValueAt(row, 0).equals(KeyStoreTableModel.KEY_PAIR_ENTRY)) {
                // For KeyStore types that support password protected entries...
                if (type.hasEntryPasswords()) {
                    // Only allow unlocking from menu if entry is currently locked
                    boolean locked = ((Boolean) jtKeyStore.getValueAt(row, 1)).booleanValue();
                    unlockKeyPairAction.setEnabled(locked);
                }
                jpmKeyPair.show(evt.getComponent(), evt.getX(), evt.getY());
            } else if (jtKeyStore.getValueAt(row, 0).equals(KeyStoreTableModel.TRUST_CERT_ENTRY)) {
                jpmTrustedCertificate.show(evt.getComponent(), evt.getX(), evt.getY());
            } else if (jtKeyStore.getValueAt(row, 0).equals(KeyStoreTableModel.KEY_ENTRY)) {
                // For KeyStore types that support password protected entries...
                if (type.hasEntryPasswords()) {
                    // Only allow unlocking from menu if entry is currently locked
                    boolean locked = ((Boolean) jtKeyStore.getValueAt(row, 1)).booleanValue();
                    unlockKeyAction.setEnabled(locked);
                }
                jpmKey.show(evt.getComponent(), evt.getX(), evt.getY());
            }
        } else {
            jpmKeyStore.show(evt.getComponent(), evt.getX(), evt.getY());
        }
    } else if (evt.getClickCount() > 1 && row == -1) {
        // double click on free space opens generate key pair dialog
        generateKeyPairAction.generateKeyPair();
    }
    // Selection changed - update edit controls
    updateCutCopyPasteControls();
}
Also used : KeyStoreType(org.kse.crypto.keystore.KeyStoreType) JTable(javax.swing.JTable) Point(java.awt.Point) Point(java.awt.Point)

Example 4 with KeyStoreType

use of org.kse.crypto.keystore.KeyStoreType in project keystore-explorer by kaikramer.

the class GenerateSecretKeyAction method generateSecret.

/**
 * Generate a secret key in the currently opened KeyStore.
 */
public void generateSecret() {
    try {
        int secretKeySize = applicationSettings.getGenerateSecretKeySize();
        SecretKeyType secretKeyType = applicationSettings.getGenerateSecretKeyType();
        DGenerateSecretKey dGenerateSecretKey = new DGenerateSecretKey(frame, secretKeyType, secretKeySize);
        dGenerateSecretKey.setLocationRelativeTo(frame);
        dGenerateSecretKey.setVisible(true);
        if (!dGenerateSecretKey.isSuccessful()) {
            return;
        }
        secretKeySize = dGenerateSecretKey.getSecretKeySize();
        secretKeyType = dGenerateSecretKey.getSecretKeyType();
        applicationSettings.setGenerateSecretKeySize(secretKeySize);
        applicationSettings.setGenerateSecretKeyType(secretKeyType);
        SecretKey secretKey = SecretKeyUtil.generateSecretKey(secretKeyType, secretKeySize);
        KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
        KeyStoreState currentState = history.getCurrentState();
        KeyStoreState newState = currentState.createBasisForNextState(this);
        KeyStore keyStore = newState.getKeyStore();
        DGetAlias dGetAlias = new DGetAlias(frame, res.getString("GenerateSecretKeyAction.NewSecretKeyEntryAlias.Title"), null);
        dGetAlias.setLocationRelativeTo(frame);
        dGetAlias.setVisible(true);
        String alias = dGetAlias.getAlias();
        if (alias == null) {
            return;
        }
        if (keyStore.containsAlias(alias)) {
            String message = MessageFormat.format(res.getString("GenerateSecretKeyAction.OverWriteEntry.message"), alias);
            int selected = JOptionPane.showConfirmDialog(frame, message, res.getString("GenerateSecretKeyAction.NewSecretKeyEntryAlias.Title"), JOptionPane.YES_NO_OPTION);
            if (selected != JOptionPane.YES_OPTION) {
                return;
            }
        }
        Password password = new Password((char[]) null);
        KeyStoreType type = KeyStoreType.resolveJce(keyStore.getType());
        if (type.hasEntryPasswords()) {
            DGetNewPassword dGetNewPassword = new DGetNewPassword(frame, res.getString("GenerateSecretKeyAction.NewSecretKeyEntryPassword.Title"), applicationSettings.getPasswordQualityConfig());
            dGetNewPassword.setLocationRelativeTo(frame);
            dGetNewPassword.setVisible(true);
            password = dGetNewPassword.getPassword();
            if (password == null) {
                return;
            }
        }
        if (keyStore.containsAlias(alias)) {
            keyStore.deleteEntry(alias);
            newState.removeEntryPassword(alias);
        }
        keyStore.setKeyEntry(alias, secretKey, password.toCharArray(), null);
        newState.setEntryPassword(alias, password);
        currentState.append(newState);
        kseFrame.updateControls(true);
        JOptionPane.showMessageDialog(frame, res.getString("GenerateSecretKeyAction.SecretKeyGenerationSuccessful.message"), res.getString("GenerateSecretKeyAction.GenerateSecretKey.Title"), JOptionPane.INFORMATION_MESSAGE);
    } catch (Exception ex) {
        DError.displayError(frame, ex);
    }
}
Also used : KeyStoreState(org.kse.utilities.history.KeyStoreState) KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory) DGenerateSecretKey(org.kse.gui.dialogs.DGenerateSecretKey) KeyStore(java.security.KeyStore) DGetAlias(org.kse.gui.dialogs.DGetAlias) DGenerateSecretKey(org.kse.gui.dialogs.DGenerateSecretKey) SecretKey(javax.crypto.SecretKey) KeyStoreType(org.kse.crypto.keystore.KeyStoreType) SecretKeyType(org.kse.crypto.secretkey.SecretKeyType) DGetNewPassword(org.kse.gui.password.DGetNewPassword) DGetNewPassword(org.kse.gui.password.DGetNewPassword) Password(org.kse.crypto.Password)

Example 5 with KeyStoreType

use of org.kse.crypto.keystore.KeyStoreType in project keystore-explorer by kaikramer.

the class ImportCaReplyFromClipboardAction method doAction.

/**
 * Do action.
 */
@Override
protected void doAction() {
    try {
        KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
        KeyStoreState currentState = history.getCurrentState();
        String alias = kseFrame.getSelectedEntryAlias();
        Password password = getEntryPassword(alias, currentState);
        if (password == null) {
            return;
        }
        KeyStoreState newState = currentState.createBasisForNextState(this);
        KeyStore keyStore = newState.getKeyStore();
        KeyStoreType keyStoreType = KeyStoreType.resolveJce(keyStore.getType());
        Key privateKey = keyStore.getKey(alias, password.toCharArray());
        X509Certificate[] certs = openCaReply();
        if (certs == null || certs.length == 0) {
            return;
        }
        certs = X509CertUtil.orderX509CertChain(certs);
        X509Certificate[] exitingEntryCerts = X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(keyStore.getCertificateChain(alias)));
        if (!exitingEntryCerts[0].getPublicKey().equals(certs[0].getPublicKey())) {
            JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.NoMatchPubKeyCaReply.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.WARNING_MESSAGE);
            return;
        }
        // Holds the new certificate chain for the entry should the import succeed
        X509Certificate[] newCertChain = null;
        if (!applicationSettings.getEnableImportCaReplyTrustCheck()) {
            newCertChain = certs;
        } else {
            KeyStore caCertificates = getCaCertificates();
            KeyStore windowsTrustedRootCertificates = getWindowsTrustedRootCertificates();
            // of the certificates in the CA Certificates or current KeyStore
            if (certs.length > 1) {
                X509Certificate rootCert = certs[certs.length - 1];
                String matchAlias = null;
                if (caCertificates != null) {
                    // Match against CA Certificates KeyStore
                    matchAlias = X509CertUtil.matchCertificate(caCertificates, rootCert);
                }
                // Match against Windows Trusted Root Certificates KeyStore
                if (windowsTrustedRootCertificates != null && matchAlias == null) {
                    matchAlias = X509CertUtil.matchCertificate(windowsTrustedRootCertificates, rootCert);
                }
                if (matchAlias == null) {
                    // Match against current KeyStore
                    matchAlias = X509CertUtil.matchCertificate(keyStore, rootCert);
                }
                if (matchAlias == null) {
                    // No match for the root certificate - display the certificate to the user for confirmation
                    JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.NoMatchRootCertCaReplyConfirm.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.INFORMATION_MESSAGE);
                    DViewCertificate dViewCertificate = new DViewCertificate(frame, MessageFormat.format(res.getString("ImportCaReplyFromClipboardAction.CertDetailsFile.Title"), "Clipboard"), new X509Certificate[] { rootCert }, null, DViewCertificate.NONE);
                    dViewCertificate.setLocationRelativeTo(frame);
                    dViewCertificate.setVisible(true);
                    int selected = JOptionPane.showConfirmDialog(frame, res.getString("ImportCaReplyFromClipboardAction.AcceptCaReply.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.YES_NO_OPTION);
                    if (selected != JOptionPane.YES_OPTION) {
                        return;
                    }
                    newCertChain = certs;
                } else {
                    newCertChain = certs;
                }
            } else // Single X.509 certificate reply - try and establish a chain of
            // trust from the certificate and ending with a root CA self-signed certificate
            {
                // Establish trust against current KeyStore
                ArrayList<KeyStore> compKeyStores = new ArrayList<KeyStore>();
                compKeyStores.add(keyStore);
                if (caCertificates != null) {
                    // Establish trust against CA Certificates KeyStore
                    compKeyStores.add(caCertificates);
                }
                if (windowsTrustedRootCertificates != null) {
                    // Establish trust against Windows Trusted Root Certificates KeyStore
                    compKeyStores.add(windowsTrustedRootCertificates);
                }
                X509Certificate[] trustChain = X509CertUtil.establishTrust(certs[0], compKeyStores.toArray(new KeyStore[compKeyStores.size()]));
                if (trustChain != null) {
                    newCertChain = trustChain;
                } else {
                    // Cannot establish trust for the certificate - fail
                    JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.NoTrustCaReply.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.WARNING_MESSAGE);
                    return;
                }
            }
        }
        if (keyStoreType.isFileBased()) {
            // TODO: why or when is delete actually necessary???
            keyStore.deleteEntry(alias);
            keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), newCertChain);
        } else {
            keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), newCertChain);
        }
        currentState.append(newState);
        kseFrame.updateControls(true);
        JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.ImportCaReplySuccessful.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.INFORMATION_MESSAGE);
    } catch (Exception ex) {
        DError.displayError(frame, ex);
    }
}
Also used : KeyStoreState(org.kse.utilities.history.KeyStoreState) KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory) ArrayList(java.util.ArrayList) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) KeyStoreType(org.kse.crypto.keystore.KeyStoreType) DViewCertificate(org.kse.gui.dialogs.DViewCertificate) Key(java.security.Key) Password(org.kse.crypto.Password)

Aggregations

KeyStoreType (org.kse.crypto.keystore.KeyStoreType)19 KeyStore (java.security.KeyStore)16 KeyStoreState (org.kse.utilities.history.KeyStoreState)13 Password (org.kse.crypto.Password)12 KeyStoreHistory (org.kse.utilities.history.KeyStoreHistory)11 X509Certificate (java.security.cert.X509Certificate)7 PrivateKey (java.security.PrivateKey)6 DGetAlias (org.kse.gui.dialogs.DGetAlias)6 DGetNewPassword (org.kse.gui.password.DGetNewPassword)6 Certificate (java.security.cert.Certificate)4 Point (java.awt.Point)3 File (java.io.File)3 Key (java.security.Key)3 KeyStoreException (java.security.KeyStoreException)3 DNewKeyStoreType (org.kse.gui.dialogs.DNewKeyStoreType)3 FileNotFoundException (java.io.FileNotFoundException)2 GeneralSecurityException (java.security.GeneralSecurityException)2 ArrayList (java.util.ArrayList)2 CryptoException (org.kse.crypto.CryptoException)2 DViewCertificate (org.kse.gui.dialogs.DViewCertificate)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial