Example 6 with DViewCertificate
use of org.kse.gui.dialogs.DViewCertificate in project keystore-explorer by kaikramer.
the class ImportCaReplyFromFileAction method doAction.
/**
* Do action.
*/
@Override
protected void doAction() {
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
KeyStoreState currentState = history.getCurrentState();
String alias = kseFrame.getSelectedEntryAlias();
Password password = getEntryPassword(alias, currentState);
if (password == null) {
return;
}
KeyStoreState newState = currentState.createBasisForNextState(this);
KeyStore keyStore = newState.getKeyStore();
KeyStoreType keyStoreType = KeyStoreType.resolveJce(keyStore.getType());
Key privateKey = keyStore.getKey(alias, password.toCharArray());
File caReplyFile = chooseCaFile();
if (caReplyFile == null) {
return;
}
X509Certificate[] certs = openCaReply(caReplyFile);
if ((certs == null) || (certs.length == 0)) {
return;
}
certs = X509CertUtil.orderX509CertChain(certs);
X509Certificate[] exitingEntryCerts = X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(keyStore.getCertificateChain(alias)));
if (!exitingEntryCerts[0].getPublicKey().equals(certs[0].getPublicKey())) {
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromFileAction.NoMatchPubKeyCaReply.message"), res.getString("ImportCaReplyFromFileAction.ImportCaReply.Title"), JOptionPane.WARNING_MESSAGE);
return;
}
// Holds the new certificate chain for the entry should the import succeed
X509Certificate[] newCertChain = null;
if (!applicationSettings.getEnableImportCaReplyTrustCheck()) {
newCertChain = certs;
} else {
KeyStore caCertificates = getCaCertificates();
KeyStore windowsTrustedRootCertificates = getWindowsTrustedRootCertificates();
// of the certificates in the CA Certificates or current KeyStore
if (certs.length > 1) {
X509Certificate rootCert = certs[certs.length - 1];
String matchAlias = null;
if (// Match against CA Certificates KeyStore
caCertificates != null) {
matchAlias = X509CertUtil.matchCertificate(caCertificates, rootCert);
}
// Match against Windows Trusted Root Certificates KeyStore
if ((windowsTrustedRootCertificates != null) && (matchAlias == null)) {
matchAlias = X509CertUtil.matchCertificate(windowsTrustedRootCertificates, rootCert);
}
if (// Match against current KeyStore
matchAlias == null) {
matchAlias = X509CertUtil.matchCertificate(keyStore, rootCert);
}
if (matchAlias == null) {
// No match for the root certificate - display the certificate to the user for confirmation
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromFileAction.NoMatchRootCertCaReplyConfirm.message"), res.getString("ImportCaReplyFromFileAction.ImportCaReply.Title"), JOptionPane.INFORMATION_MESSAGE);
DViewCertificate dViewCertificate = new DViewCertificate(frame, MessageFormat.format(res.getString("ImportCaReplyFromFileAction.CertDetailsFile.Title"), caReplyFile.getName()), new X509Certificate[] { rootCert }, null, DViewCertificate.NONE);
dViewCertificate.setLocationRelativeTo(frame);
dViewCertificate.setVisible(true);
int selected = JOptionPane.showConfirmDialog(frame, res.getString("ImportCaReplyFromFileAction.AcceptCaReply.message"), res.getString("ImportCaReplyFromFileAction.ImportCaReply.Title"), JOptionPane.YES_NO_OPTION);
if (selected != JOptionPane.YES_OPTION) {
return;
}
newCertChain = certs;
} else {
newCertChain = certs;
}
} else // Single X.509 certificate reply - try and establish a chain of
// trust from the certificate and ending with a root CA self-signed certificate
{
// Establish trust against current KeyStore
ArrayList<KeyStore> compKeyStores = new ArrayList<KeyStore>();
compKeyStores.add(keyStore);
if (caCertificates != null) {
// Establish trust against CA Certificates KeyStore
compKeyStores.add(caCertificates);
}
if (windowsTrustedRootCertificates != null) {
// Establish trust against Windows Trusted Root Certificates KeyStore
compKeyStores.add(windowsTrustedRootCertificates);
}
X509Certificate[] trustChain = X509CertUtil.establishTrust(certs[0], compKeyStores.toArray(new KeyStore[compKeyStores.size()]));
if (trustChain != null) {
newCertChain = trustChain;
} else {
// Cannot establish trust for the certificate - fail
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromFileAction.NoTrustCaReply.message"), res.getString("ImportCaReplyFromFileAction.ImportCaReply.Title"), JOptionPane.WARNING_MESSAGE);
return;
}
}
}
if (keyStoreType.isFileBased()) {
// TODO: why or when is delete actually necessary???
keyStore.deleteEntry(alias);
keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), newCertChain);
} else {
keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), newCertChain);
}
currentState.append(newState);
kseFrame.updateControls(true);
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromFileAction.ImportCaReplySuccessful.message"), res.getString("ImportCaReplyFromFileAction.ImportCaReply.Title"), JOptionPane.INFORMATION_MESSAGE);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
}
Also used :
KeyStoreState(org.kse.utilities.history.KeyStoreState)
KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory)
ArrayList(java.util.ArrayList)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
FileNotFoundException(java.io.FileNotFoundException)
KeyStoreType(org.kse.crypto.keystore.KeyStoreType)
DViewCertificate(org.kse.gui.dialogs.DViewCertificate)
File(java.io.File)
Key(java.security.Key)
Password(org.kse.crypto.Password)
Example 7 with DViewCertificate
use of org.kse.gui.dialogs.DViewCertificate in project keystore-explorer by kaikramer.
the class ImportTrustedCertificateAction method doAction.
/**
* Do action.
*/
@Override
protected void doAction() {
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
// handle case that no keystore is currently opened (-> create new keystore)
if (history == null) {
new NewAction(kseFrame).actionPerformed(null);
history = kseFrame.getActiveKeyStoreHistory();
// cancel pressed => abort
if (history == null) {
return;
}
}
KeyStoreState currentState = history.getCurrentState();
KeyStoreState newState = currentState.createBasisForNextState(this);
KeyStore keyStore = newState.getKeyStore();
// use either cert that was passed to c-tor or the one from file selection dialog
X509Certificate trustCert = null;
if (trustCertFromConstructor == null) {
trustCert = showFileSelectionDialog();
if (trustCert == null) {
return;
}
} else {
trustCert = trustCertFromConstructor;
}
if (applicationSettings.getEnableImportTrustedCertTrustCheck()) {
String matchAlias = X509CertUtil.matchCertificate(keyStore, trustCert);
if (matchAlias != null) {
int selected = JOptionPane.showConfirmDialog(frame, MessageFormat.format(res.getString("ImportTrustedCertificateAction.TrustCertExistsConfirm.message"), matchAlias), res.getString("ImportTrustedCertificateAction.ImportTrustCert.Title"), JOptionPane.YES_NO_OPTION);
if (selected != JOptionPane.YES_OPTION) {
return;
}
}
KeyStore caCertificates = getCaCertificates();
KeyStore windowsTrustedRootCertificates = getWindowsTrustedRootCertificates();
// Establish against current KeyStore
ArrayList<KeyStore> compKeyStores = new ArrayList<KeyStore>();
compKeyStores.add(keyStore);
if (caCertificates != null) {
// Establish trust against CA Certificates KeyStore
compKeyStores.add(caCertificates);
}
if (windowsTrustedRootCertificates != null) {
// Establish trust against Windows Trusted Root Certificates KeyStore
compKeyStores.add(windowsTrustedRootCertificates);
}
// Can we establish trust for the certificate?
if (X509CertUtil.establishTrust(trustCert, compKeyStores.toArray(new KeyStore[compKeyStores.size()])) == null) {
// there is no need to present it again to the user
if (certFile != null) {
// display the certificate to the user for confirmation
JOptionPane.showMessageDialog(frame, res.getString("ImportTrustedCertificateAction.NoTrustPathCertConfirm.message"), res.getString("ImportTrustedCertificateAction.ImportTrustCert.Title"), JOptionPane.INFORMATION_MESSAGE);
DViewCertificate dViewCertificate = new DViewCertificate(frame, MessageFormat.format(res.getString("ImportTrustedCertificateAction.CertDetailsFile.Title"), certFile.getName()), new X509Certificate[] { trustCert }, null, DViewCertificate.NONE);
dViewCertificate.setLocationRelativeTo(frame);
dViewCertificate.setVisible(true);
}
int selected = JOptionPane.showConfirmDialog(frame, res.getString("ImportTrustedCertificateAction.AcceptTrustCert.message"), res.getString("ImportTrustedCertificateAction.ImportTrustCert.Title"), JOptionPane.YES_NO_OPTION);
if (selected != JOptionPane.YES_OPTION) {
return;
}
}
}
DGetAlias dGetAlias = new DGetAlias(frame, res.getString("ImportTrustedCertificateAction.TrustCertEntryAlias.Title"), X509CertUtil.getCertificateAlias(trustCert));
dGetAlias.setLocationRelativeTo(frame);
dGetAlias.setVisible(true);
String alias = dGetAlias.getAlias();
if (alias == null) {
return;
}
if (keyStore.containsAlias(alias)) {
String message = MessageFormat.format(res.getString("ImportTrustedCertificateAction.OverWriteEntry.message"), alias);
int selected = JOptionPane.showConfirmDialog(frame, message, res.getString("ImportTrustedCertificateAction.ImportTrustCert.Title"), JOptionPane.YES_NO_OPTION);
if (selected != JOptionPane.YES_OPTION) {
return;
}
keyStore.deleteEntry(alias);
newState.removeEntryPassword(alias);
}
keyStore.setCertificateEntry(alias, trustCert);
currentState.append(newState);
kseFrame.updateControls(true);
JOptionPane.showMessageDialog(frame, res.getString("ImportTrustedCertificateAction.ImportTrustCertSuccessful.message"), res.getString("ImportTrustedCertificateAction.ImportTrustCert.Title"), JOptionPane.INFORMATION_MESSAGE);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
}
Also used :
DGetAlias(org.kse.gui.dialogs.DGetAlias)
KeyStoreState(org.kse.utilities.history.KeyStoreState)
KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory)
DViewCertificate(org.kse.gui.dialogs.DViewCertificate)
ArrayList(java.util.ArrayList)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
Example 8 with DViewCertificate
use of org.kse.gui.dialogs.DViewCertificate in project keystore-explorer by kaikramer.
the class KeyPairCertificateChainDetailsAction method showCertificateSelectedEntry.
/**
* Show the certificate details of the selected KeyStore entry.
*/
public void showCertificateSelectedEntry() {
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
KeyStore keyStore = history.getCurrentState().getKeyStore();
String alias = kseFrame.getSelectedEntryAlias();
X509Certificate[] certs = X509CertUtil.convertCertificates(keyStore.getCertificateChain(alias));
DViewCertificate dViewCertificate = new DViewCertificate(frame, MessageFormat.format(res.getString("KeyPairCertificateChainDetailsAction.CertDetailsEntry.Title"), alias), certs, kseFrame, DViewCertificate.EXPORT);
dViewCertificate.setLocationRelativeTo(frame);
dViewCertificate.setVisible(true);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
}
Also used :
KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory)
DViewCertificate(org.kse.gui.dialogs.DViewCertificate)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
Example 9 with DViewCertificate
use of org.kse.gui.dialogs.DViewCertificate in project keystore-explorer by kaikramer.
the class ExamineFileAction method openCert.
private void openCert(File file) throws CryptoException {
X509Certificate[] certs = openCertificate(file);
if ((certs != null) && (certs.length > 0)) {
DViewCertificate dViewCertificate = new DViewCertificate(frame, MessageFormat.format(res.getString("ExamineFileAction.CertDetailsFile.Title"), file.getName()), certs, kseFrame, DViewCertificate.IMPORT);
dViewCertificate.setLocationRelativeTo(frame);
dViewCertificate.setVisible(true);
}
}
Also used :
DViewCertificate(org.kse.gui.dialogs.DViewCertificate)
X509Certificate(java.security.cert.X509Certificate)
Example 10 with DViewCertificate
use of org.kse.gui.dialogs.DViewCertificate in project keystore-explorer by kaikramer.
the class TrustedCertificateDetailsAction method showCertificateSelectedEntry.
/**
* Show the certificate details of the selected KeyStore entry.
*/
public void showCertificateSelectedEntry() {
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
KeyStore keyStore = history.getCurrentState().getKeyStore();
String alias = kseFrame.getSelectedEntryAlias();
X509Certificate[] certs = new X509Certificate[1];
certs[0] = X509CertUtil.convertCertificate(keyStore.getCertificate(alias));
DViewCertificate dViewCertificate = new DViewCertificate(frame, MessageFormat.format(res.getString("TrustedCertificateDetailsAction.CertDetailsEntry.Title"), alias), certs, kseFrame, DViewCertificate.EXPORT);
dViewCertificate.setLocationRelativeTo(frame);
dViewCertificate.setVisible(true);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
}
Also used :
KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory)
DViewCertificate(org.kse.gui.dialogs.DViewCertificate)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
Aggregations
DViewCertificate (org.kse.gui.dialogs.DViewCertificate)12
X509Certificate (java.security.cert.X509Certificate)11
KeyStoreHistory (org.kse.utilities.history.KeyStoreHistory)6
KeyStore (java.security.KeyStore)5
CryptoException (org.kse.crypto.CryptoException)5
File (java.io.File)4
ArrayList (java.util.ArrayList)3
KeyStoreState (org.kse.utilities.history.KeyStoreState)3
IOException (java.io.IOException)2
Key (java.security.Key)2
Password (org.kse.crypto.Password)2
KeyStoreType (org.kse.crypto.keystore.KeyStoreType)2
UnsupportedFlavorException (java.awt.datatransfer.UnsupportedFlavorException)1
FileNotFoundException (java.io.FileNotFoundException)1
URL (java.net.URL)1
X509CRL (java.security.cert.X509CRL)1
DExamineSsl (org.kse.gui.dialogs.DExamineSsl)1
DExaminingSsl (org.kse.gui.dialogs.DExaminingSsl)1
DGetAlias (org.kse.gui.dialogs.DGetAlias)1
DViewCrl (org.kse.gui.dialogs.DViewCrl)1
