Example 1 with DViewCertificate
use of org.kse.gui.dialogs.DViewCertificate in project keystore-explorer by kaikramer.
the class ImportCaReplyFromClipboardAction method doAction.
/**
* Do action.
*/
@Override
protected void doAction() {
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
KeyStoreState currentState = history.getCurrentState();
String alias = kseFrame.getSelectedEntryAlias();
Password password = getEntryPassword(alias, currentState);
if (password == null) {
return;
}
KeyStoreState newState = currentState.createBasisForNextState(this);
KeyStore keyStore = newState.getKeyStore();
KeyStoreType keyStoreType = KeyStoreType.resolveJce(keyStore.getType());
Key privateKey = keyStore.getKey(alias, password.toCharArray());
X509Certificate[] certs = openCaReply();
if (certs == null || certs.length == 0) {
return;
}
certs = X509CertUtil.orderX509CertChain(certs);
X509Certificate[] exitingEntryCerts = X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(keyStore.getCertificateChain(alias)));
if (!exitingEntryCerts[0].getPublicKey().equals(certs[0].getPublicKey())) {
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.NoMatchPubKeyCaReply.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.WARNING_MESSAGE);
return;
}
// Holds the new certificate chain for the entry should the import succeed
X509Certificate[] newCertChain = null;
if (!applicationSettings.getEnableImportCaReplyTrustCheck()) {
newCertChain = certs;
} else {
KeyStore caCertificates = getCaCertificates();
KeyStore windowsTrustedRootCertificates = getWindowsTrustedRootCertificates();
// of the certificates in the CA Certificates or current KeyStore
if (certs.length > 1) {
X509Certificate rootCert = certs[certs.length - 1];
String matchAlias = null;
if (caCertificates != null) {
// Match against CA Certificates KeyStore
matchAlias = X509CertUtil.matchCertificate(caCertificates, rootCert);
}
// Match against Windows Trusted Root Certificates KeyStore
if (windowsTrustedRootCertificates != null && matchAlias == null) {
matchAlias = X509CertUtil.matchCertificate(windowsTrustedRootCertificates, rootCert);
}
if (matchAlias == null) {
// Match against current KeyStore
matchAlias = X509CertUtil.matchCertificate(keyStore, rootCert);
}
if (matchAlias == null) {
// No match for the root certificate - display the certificate to the user for confirmation
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.NoMatchRootCertCaReplyConfirm.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.INFORMATION_MESSAGE);
DViewCertificate dViewCertificate = new DViewCertificate(frame, MessageFormat.format(res.getString("ImportCaReplyFromClipboardAction.CertDetailsFile.Title"), "Clipboard"), new X509Certificate[] { rootCert }, null, DViewCertificate.NONE);
dViewCertificate.setLocationRelativeTo(frame);
dViewCertificate.setVisible(true);
int selected = JOptionPane.showConfirmDialog(frame, res.getString("ImportCaReplyFromClipboardAction.AcceptCaReply.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.YES_NO_OPTION);
if (selected != JOptionPane.YES_OPTION) {
return;
}
newCertChain = certs;
} else {
newCertChain = certs;
}
} else // Single X.509 certificate reply - try and establish a chain of
// trust from the certificate and ending with a root CA self-signed certificate
{
// Establish trust against current KeyStore
ArrayList<KeyStore> compKeyStores = new ArrayList<KeyStore>();
compKeyStores.add(keyStore);
if (caCertificates != null) {
// Establish trust against CA Certificates KeyStore
compKeyStores.add(caCertificates);
}
if (windowsTrustedRootCertificates != null) {
// Establish trust against Windows Trusted Root Certificates KeyStore
compKeyStores.add(windowsTrustedRootCertificates);
}
X509Certificate[] trustChain = X509CertUtil.establishTrust(certs[0], compKeyStores.toArray(new KeyStore[compKeyStores.size()]));
if (trustChain != null) {
newCertChain = trustChain;
} else {
// Cannot establish trust for the certificate - fail
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.NoTrustCaReply.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.WARNING_MESSAGE);
return;
}
}
}
if (keyStoreType.isFileBased()) {
// TODO: why or when is delete actually necessary???
keyStore.deleteEntry(alias);
keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), newCertChain);
} else {
keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), newCertChain);
}
currentState.append(newState);
kseFrame.updateControls(true);
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.ImportCaReplySuccessful.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.INFORMATION_MESSAGE);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
}
Also used :
KeyStoreState(org.kse.utilities.history.KeyStoreState)
KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory)
ArrayList(java.util.ArrayList)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
KeyStoreType(org.kse.crypto.keystore.KeyStoreType)
DViewCertificate(org.kse.gui.dialogs.DViewCertificate)
Key(java.security.Key)
Password(org.kse.crypto.Password)
Example 2 with DViewCertificate
use of org.kse.gui.dialogs.DViewCertificate in project keystore-explorer by kaikramer.
the class ExamineClipboardAction method showCert.
private void showCert(InputStream is) throws CryptoException {
X509Certificate[] certs = null;
try {
certs = X509CertUtil.loadCertificates(is);
if (certs.length == 0) {
JOptionPane.showMessageDialog(frame, res.getString("ExamineClipboardAction.NoCertsFound.message"), res.getString("ExamineClipboardAction.OpenCertificate.Title"), JOptionPane.WARNING_MESSAGE);
}
} catch (Exception ex) {
String problemStr = res.getString("ExamineClipboardAction.NoOpenCert.Problem");
String[] causes = new String[] { res.getString("ExamineClipboardAction.NotCert.Cause"), res.getString("ExamineClipboardAction.CorruptedCert.Cause") };
Problem problem = new Problem(problemStr, causes, ex);
DProblem dProblem = new DProblem(frame, res.getString("ExamineClipboardAction.ProblemOpeningCert.Title"), problem);
dProblem.setLocationRelativeTo(frame);
dProblem.setVisible(true);
}
if (certs != null && certs.length > 0) {
DViewCertificate dViewCertificate = new DViewCertificate(frame, res.getString("ExamineClipboardAction.CertDetails.Title"), certs, kseFrame, DViewCertificate.IMPORT);
dViewCertificate.setLocationRelativeTo(frame);
dViewCertificate.setVisible(true);
}
}
Also used :
DViewCertificate(org.kse.gui.dialogs.DViewCertificate)
Problem(org.kse.gui.error.Problem)
DProblem(org.kse.gui.error.DProblem)
X509Certificate(java.security.cert.X509Certificate)
CryptoException(org.kse.crypto.CryptoException)
UnsupportedFlavorException(java.awt.datatransfer.UnsupportedFlavorException)
IOException(java.io.IOException)
DProblem(org.kse.gui.error.DProblem)
Example 3 with DViewCertificate
use of org.kse.gui.dialogs.DViewCertificate in project keystore-explorer by kaikramer.
the class ExamineSslAction method doAction.
/**
* Do action.
*/
@Override
protected void doAction() {
try {
DExamineSsl dExamineSsl = new DExamineSsl(frame, kseFrame);
dExamineSsl.setLocationRelativeTo(frame);
dExamineSsl.setVisible(true);
String sslHost = dExamineSsl.getSslHost();
int sslPort = dExamineSsl.getSslPort();
boolean useClientAuth = dExamineSsl.useClientAuth();
KeyStoreHistory ksh = dExamineSsl.getKeyStore();
if (dExamineSsl.wasCancelled()) {
return;
}
DExaminingSsl dExaminingSsl = new DExaminingSsl(frame, sslHost, sslPort, useClientAuth, ksh);
dExaminingSsl.setLocationRelativeTo(frame);
dExaminingSsl.startExamination();
dExaminingSsl.setVisible(true);
SslConnectionInfos sslInfos = dExaminingSsl.getSSLConnectionInfos();
if (sslInfos == null || sslInfos.getServerCertificates() == null) {
return;
}
DViewCertificate dViewCertificate = new DViewCertificate(frame, MessageFormat.format(res.getString("ExamineSslAction.CertDetailsSsl.Title"), sslHost, Integer.toString(sslPort)), sslInfos.getServerCertificates(), kseFrame, DViewCertificate.IMPORT);
dViewCertificate.setLocationRelativeTo(frame);
dViewCertificate.setVisible(true);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
}
Also used :
KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory)
DViewCertificate(org.kse.gui.dialogs.DViewCertificate)
SslConnectionInfos(org.kse.utilities.ssl.SslConnectionInfos)
DExaminingSsl(org.kse.gui.dialogs.DExaminingSsl)
DExamineSsl(org.kse.gui.dialogs.DExamineSsl)
Example 4 with DViewCertificate
use of org.kse.gui.dialogs.DViewCertificate in project keystore-explorer by kaikramer.
the class DImportKeyPairPkcs8 method certificateDetailsPressed.
private void certificateDetailsPressed() {
try {
X509Certificate[] certs = loadCertificates();
if ((certs != null) && (certs.length != 0)) {
String path = new File(jtfCertificatePath.getText()).getName();
DViewCertificate dViewCertificate = new DViewCertificate(this, MessageFormat.format(res.getString("DImportKeyPairPkcs8.ViewCertificateDetails.Title"), path), certs, null, DViewCertificate.NONE);
dViewCertificate.setLocationRelativeTo(this);
dViewCertificate.setVisible(true);
}
} catch (CryptoException ex) {
DError.displayError(this, ex);
}
}
Also used :
DViewCertificate(org.kse.gui.dialogs.DViewCertificate)
CryptoException(org.kse.crypto.CryptoException)
File(java.io.File)
X509Certificate(java.security.cert.X509Certificate)
Example 5 with DViewCertificate
use of org.kse.gui.dialogs.DViewCertificate in project keystore-explorer by kaikramer.
the class DViewExtensions method hyperlinkUpdate.
@Override
public void hyperlinkUpdate(HyperlinkEvent e) {
if (e.getEventType() == HyperlinkEvent.EventType.ACTIVATED) {
try {
URL url = e.getURL();
if (url != null) {
if (url.getPath().endsWith(".cer") || url.getPath().endsWith(".crt")) {
X509Certificate[] certs = downloadCert(url);
if (certs != null && certs.length > 0) {
DViewCertificate dViewCertificate = new DViewCertificate(this, MessageFormat.format(res.getString("DViewExtensions.ViewCert.Title"), url.toString()), certs, null, DViewCertificate.NONE);
dViewCertificate.setLocationRelativeTo(this);
dViewCertificate.setVisible(true);
}
} else if (url.getPath().endsWith(".crl")) {
X509CRL crl = downloadCrl(url);
if (crl != null) {
DViewCrl dViewCrl = new DViewCrl(this, MessageFormat.format(res.getString("DViewExtensions.ViewCrl.Title"), url.toString()), ModalityType.DOCUMENT_MODAL, crl);
dViewCrl.setLocationRelativeTo(this);
dViewCrl.setVisible(true);
}
} else {
Desktop.getDesktop().browse(url.toURI());
}
}
} catch (Exception ex) {
ex.printStackTrace();
}
}
}
Also used :
X509CRL(java.security.cert.X509CRL)
DViewCertificate(org.kse.gui.dialogs.DViewCertificate)
URL(java.net.URL)
X509Certificate(java.security.cert.X509Certificate)
CryptoException(org.kse.crypto.CryptoException)
Asn1Exception(org.kse.utilities.asn1.Asn1Exception)
IOException(java.io.IOException)
DViewCrl(org.kse.gui.dialogs.DViewCrl)
Aggregations
DViewCertificate (org.kse.gui.dialogs.DViewCertificate)12
X509Certificate (java.security.cert.X509Certificate)11
KeyStoreHistory (org.kse.utilities.history.KeyStoreHistory)6
KeyStore (java.security.KeyStore)5
CryptoException (org.kse.crypto.CryptoException)5
File (java.io.File)4
ArrayList (java.util.ArrayList)3
KeyStoreState (org.kse.utilities.history.KeyStoreState)3
IOException (java.io.IOException)2
Key (java.security.Key)2
Password (org.kse.crypto.Password)2
KeyStoreType (org.kse.crypto.keystore.KeyStoreType)2
UnsupportedFlavorException (java.awt.datatransfer.UnsupportedFlavorException)1
FileNotFoundException (java.io.FileNotFoundException)1
URL (java.net.URL)1
X509CRL (java.security.cert.X509CRL)1
DExamineSsl (org.kse.gui.dialogs.DExamineSsl)1
DExaminingSsl (org.kse.gui.dialogs.DExaminingSsl)1
DGetAlias (org.kse.gui.dialogs.DGetAlias)1
DViewCrl (org.kse.gui.dialogs.DViewCrl)1
