Search in sources :

Example 11 with KeyStoreHistory

use of org.kse.utilities.history.KeyStoreHistory in project keystore-explorer by kaikramer.

the class ImportCaReplyFromClipboardAction method doAction.

/**
 * Do action.
 */
@Override
protected void doAction() {
    try {
        KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
        KeyStoreState currentState = history.getCurrentState();
        String alias = kseFrame.getSelectedEntryAlias();
        Password password = getEntryPassword(alias, currentState);
        if (password == null) {
            return;
        }
        KeyStoreState newState = currentState.createBasisForNextState(this);
        KeyStore keyStore = newState.getKeyStore();
        KeyStoreType keyStoreType = KeyStoreType.resolveJce(keyStore.getType());
        Key privateKey = keyStore.getKey(alias, password.toCharArray());
        X509Certificate[] certs = openCaReply();
        if (certs == null || certs.length == 0) {
            return;
        }
        certs = X509CertUtil.orderX509CertChain(certs);
        X509Certificate[] exitingEntryCerts = X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(keyStore.getCertificateChain(alias)));
        if (!exitingEntryCerts[0].getPublicKey().equals(certs[0].getPublicKey())) {
            JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.NoMatchPubKeyCaReply.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.WARNING_MESSAGE);
            return;
        }
        // Holds the new certificate chain for the entry should the import succeed
        X509Certificate[] newCertChain = null;
        if (!applicationSettings.getEnableImportCaReplyTrustCheck()) {
            newCertChain = certs;
        } else {
            KeyStore caCertificates = getCaCertificates();
            KeyStore windowsTrustedRootCertificates = getWindowsTrustedRootCertificates();
            // of the certificates in the CA Certificates or current KeyStore
            if (certs.length > 1) {
                X509Certificate rootCert = certs[certs.length - 1];
                String matchAlias = null;
                if (caCertificates != null) {
                    // Match against CA Certificates KeyStore
                    matchAlias = X509CertUtil.matchCertificate(caCertificates, rootCert);
                }
                // Match against Windows Trusted Root Certificates KeyStore
                if (windowsTrustedRootCertificates != null && matchAlias == null) {
                    matchAlias = X509CertUtil.matchCertificate(windowsTrustedRootCertificates, rootCert);
                }
                if (matchAlias == null) {
                    // Match against current KeyStore
                    matchAlias = X509CertUtil.matchCertificate(keyStore, rootCert);
                }
                if (matchAlias == null) {
                    // No match for the root certificate - display the certificate to the user for confirmation
                    JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.NoMatchRootCertCaReplyConfirm.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.INFORMATION_MESSAGE);
                    DViewCertificate dViewCertificate = new DViewCertificate(frame, MessageFormat.format(res.getString("ImportCaReplyFromClipboardAction.CertDetailsFile.Title"), "Clipboard"), new X509Certificate[] { rootCert }, null, DViewCertificate.NONE);
                    dViewCertificate.setLocationRelativeTo(frame);
                    dViewCertificate.setVisible(true);
                    int selected = JOptionPane.showConfirmDialog(frame, res.getString("ImportCaReplyFromClipboardAction.AcceptCaReply.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.YES_NO_OPTION);
                    if (selected != JOptionPane.YES_OPTION) {
                        return;
                    }
                    newCertChain = certs;
                } else {
                    newCertChain = certs;
                }
            } else // Single X.509 certificate reply - try and establish a chain of
            // trust from the certificate and ending with a root CA self-signed certificate
            {
                // Establish trust against current KeyStore
                ArrayList<KeyStore> compKeyStores = new ArrayList<KeyStore>();
                compKeyStores.add(keyStore);
                if (caCertificates != null) {
                    // Establish trust against CA Certificates KeyStore
                    compKeyStores.add(caCertificates);
                }
                if (windowsTrustedRootCertificates != null) {
                    // Establish trust against Windows Trusted Root Certificates KeyStore
                    compKeyStores.add(windowsTrustedRootCertificates);
                }
                X509Certificate[] trustChain = X509CertUtil.establishTrust(certs[0], compKeyStores.toArray(new KeyStore[compKeyStores.size()]));
                if (trustChain != null) {
                    newCertChain = trustChain;
                } else {
                    // Cannot establish trust for the certificate - fail
                    JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.NoTrustCaReply.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.WARNING_MESSAGE);
                    return;
                }
            }
        }
        if (keyStoreType.isFileBased()) {
            // TODO: why or when is delete actually necessary???
            keyStore.deleteEntry(alias);
            keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), newCertChain);
        } else {
            keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), newCertChain);
        }
        currentState.append(newState);
        kseFrame.updateControls(true);
        JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromClipboardAction.ImportCaReplySuccessful.message"), res.getString("ImportCaReplyFromClipboardAction.ImportCaReply.Title"), JOptionPane.INFORMATION_MESSAGE);
    } catch (Exception ex) {
        DError.displayError(frame, ex);
    }
}
Also used : KeyStoreState(org.kse.utilities.history.KeyStoreState) KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory) ArrayList(java.util.ArrayList) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) KeyStoreType(org.kse.crypto.keystore.KeyStoreType) DViewCertificate(org.kse.gui.dialogs.DViewCertificate) Key(java.security.Key) Password(org.kse.crypto.Password)

Example 12 with KeyStoreHistory

use of org.kse.utilities.history.KeyStoreHistory in project keystore-explorer by kaikramer.

the class DeleteKeyAction method deleteSelectedEntry.

/**
 * Let the user delete the selected KeyStore entry.
 */
public void deleteSelectedEntry() {
    try {
        KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
        KeyStoreState currentState = history.getCurrentState();
        KeyStoreState newState = currentState.createBasisForNextState(this);
        KeyStore keyStore = newState.getKeyStore();
        String alias = kseFrame.getSelectedEntryAlias();
        String message = MessageFormat.format(res.getString("DeleteKeyAction.ConfirmDelete.message"), alias);
        int selected = JOptionPane.showConfirmDialog(frame, message, res.getString("DeleteKeyAction.DeleteEntry.Title"), JOptionPane.YES_NO_OPTION);
        if (selected != JOptionPane.YES_OPTION) {
            return;
        }
        keyStore.deleteEntry(alias);
        currentState.append(newState);
        kseFrame.updateControls(true);
    } catch (Exception ex) {
        DError.displayError(frame, ex);
    }
}
Also used : KeyStoreState(org.kse.utilities.history.KeyStoreState) KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory) KeyStore(java.security.KeyStore)

Example 13 with KeyStoreHistory

use of org.kse.utilities.history.KeyStoreHistory in project keystore-explorer by kaikramer.

the class DeleteTrustedCertificateAction method deleteSelectedEntry.

/**
 * Let the user delete the selected KeyStore entry.
 */
public void deleteSelectedEntry() {
    try {
        KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
        KeyStoreState currentState = history.getCurrentState();
        KeyStoreState newState = currentState.createBasisForNextState(this);
        KeyStore keyStore = newState.getKeyStore();
        String alias = kseFrame.getSelectedEntryAlias();
        String message = MessageFormat.format(res.getString("DeleteTrustedCertificateAction.ConfirmDelete.message"), alias);
        int selected = JOptionPane.showConfirmDialog(frame, message, res.getString("DeleteTrustedCertificateAction.DeleteEntry.Title"), JOptionPane.YES_NO_OPTION);
        if (selected != JOptionPane.YES_OPTION) {
            return;
        }
        keyStore.deleteEntry(alias);
        currentState.append(newState);
        kseFrame.updateControls(true);
    } catch (Exception ex) {
        DError.displayError(frame, ex);
    }
}
Also used : KeyStoreState(org.kse.utilities.history.KeyStoreState) KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory) KeyStore(java.security.KeyStore)

Example 14 with KeyStoreHistory

use of org.kse.utilities.history.KeyStoreHistory in project keystore-explorer by kaikramer.

the class ExamineSslAction method doAction.

/**
 * Do action.
 */
@Override
protected void doAction() {
    try {
        DExamineSsl dExamineSsl = new DExamineSsl(frame, kseFrame);
        dExamineSsl.setLocationRelativeTo(frame);
        dExamineSsl.setVisible(true);
        String sslHost = dExamineSsl.getSslHost();
        int sslPort = dExamineSsl.getSslPort();
        boolean useClientAuth = dExamineSsl.useClientAuth();
        KeyStoreHistory ksh = dExamineSsl.getKeyStore();
        if (dExamineSsl.wasCancelled()) {
            return;
        }
        DExaminingSsl dExaminingSsl = new DExaminingSsl(frame, sslHost, sslPort, useClientAuth, ksh);
        dExaminingSsl.setLocationRelativeTo(frame);
        dExaminingSsl.startExamination();
        dExaminingSsl.setVisible(true);
        SslConnectionInfos sslInfos = dExaminingSsl.getSSLConnectionInfos();
        if (sslInfos == null || sslInfos.getServerCertificates() == null) {
            return;
        }
        DViewCertificate dViewCertificate = new DViewCertificate(frame, MessageFormat.format(res.getString("ExamineSslAction.CertDetailsSsl.Title"), sslHost, Integer.toString(sslPort)), sslInfos.getServerCertificates(), kseFrame, DViewCertificate.IMPORT);
        dViewCertificate.setLocationRelativeTo(frame);
        dViewCertificate.setVisible(true);
    } catch (Exception ex) {
        DError.displayError(frame, ex);
    }
}
Also used : KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory) DViewCertificate(org.kse.gui.dialogs.DViewCertificate) SslConnectionInfos(org.kse.utilities.ssl.SslConnectionInfos) DExaminingSsl(org.kse.gui.dialogs.DExaminingSsl) DExamineSsl(org.kse.gui.dialogs.DExamineSsl)

Example 15 with KeyStoreHistory

use of org.kse.utilities.history.KeyStoreHistory in project keystore-explorer by kaikramer.

the class CloseOthersAction method doAction.

/**
 * Do action.
 */
@Override
protected void doAction() {
    // Get the currently active KeyStore - the one to keep open
    KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
    /*
		 * Keep closing the KeyStores while there are more open KeyStores than
		 * the active one and closing the last one was successful
		 */
    KeyStoreHistory[] histories = kseFrame.getKeyStoreHistories();
    while (histories.length > 1) {
        // Active KeyStore's index may have changed since last loop
        // iteration
        int activeIndex = kseFrame.findKeyStoreIndex(history.getCurrentState().getKeyStore());
        // Get index of next keyStore to close
        int nextCloseIndex = (activeIndex == 0) ? 1 : 0;
        if (!closeKeyStore(histories[nextCloseIndex])) {
            break;
        }
        histories = kseFrame.getKeyStoreHistories();
    }
}
Also used : KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory)

Aggregations

KeyStoreHistory (org.kse.utilities.history.KeyStoreHistory)60 KeyStore (java.security.KeyStore)45 KeyStoreState (org.kse.utilities.history.KeyStoreState)41 Password (org.kse.crypto.Password)31 X509Certificate (java.security.cert.X509Certificate)21 PrivateKey (java.security.PrivateKey)17 Certificate (java.security.cert.Certificate)13 Key (java.security.Key)12 CryptoException (org.kse.crypto.CryptoException)11 KeyStoreType (org.kse.crypto.keystore.KeyStoreType)11 DGetAlias (org.kse.gui.dialogs.DGetAlias)10 KeyStoreException (java.security.KeyStoreException)9 File (java.io.File)7 GeneralSecurityException (java.security.GeneralSecurityException)6 DViewCertificate (org.kse.gui.dialogs.DViewCertificate)6 DGetNewPassword (org.kse.gui.password.DGetNewPassword)6 FileNotFoundException (java.io.FileNotFoundException)5 PublicKey (java.security.PublicKey)5 Provider (java.security.Provider)4 ArrayList (java.util.ArrayList)3