use of org.kse.utilities.history.KeyStoreHistory in project keystore-explorer by kaikramer.
the class ImportCaReplyFromFileAction method doAction.
/**
* Do action.
*/
@Override
protected void doAction() {
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
KeyStoreState currentState = history.getCurrentState();
String alias = kseFrame.getSelectedEntryAlias();
Password password = getEntryPassword(alias, currentState);
if (password == null) {
return;
}
KeyStoreState newState = currentState.createBasisForNextState(this);
KeyStore keyStore = newState.getKeyStore();
KeyStoreType keyStoreType = KeyStoreType.resolveJce(keyStore.getType());
Key privateKey = keyStore.getKey(alias, password.toCharArray());
File caReplyFile = chooseCaFile();
if (caReplyFile == null) {
return;
}
X509Certificate[] certs = openCaReply(caReplyFile);
if ((certs == null) || (certs.length == 0)) {
return;
}
certs = X509CertUtil.orderX509CertChain(certs);
X509Certificate[] exitingEntryCerts = X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(keyStore.getCertificateChain(alias)));
if (!exitingEntryCerts[0].getPublicKey().equals(certs[0].getPublicKey())) {
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromFileAction.NoMatchPubKeyCaReply.message"), res.getString("ImportCaReplyFromFileAction.ImportCaReply.Title"), JOptionPane.WARNING_MESSAGE);
return;
}
// Holds the new certificate chain for the entry should the import succeed
X509Certificate[] newCertChain = null;
if (!applicationSettings.getEnableImportCaReplyTrustCheck()) {
newCertChain = certs;
} else {
KeyStore caCertificates = getCaCertificates();
KeyStore windowsTrustedRootCertificates = getWindowsTrustedRootCertificates();
// of the certificates in the CA Certificates or current KeyStore
if (certs.length > 1) {
X509Certificate rootCert = certs[certs.length - 1];
String matchAlias = null;
if (// Match against CA Certificates KeyStore
caCertificates != null) {
matchAlias = X509CertUtil.matchCertificate(caCertificates, rootCert);
}
// Match against Windows Trusted Root Certificates KeyStore
if ((windowsTrustedRootCertificates != null) && (matchAlias == null)) {
matchAlias = X509CertUtil.matchCertificate(windowsTrustedRootCertificates, rootCert);
}
if (// Match against current KeyStore
matchAlias == null) {
matchAlias = X509CertUtil.matchCertificate(keyStore, rootCert);
}
if (matchAlias == null) {
// No match for the root certificate - display the certificate to the user for confirmation
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromFileAction.NoMatchRootCertCaReplyConfirm.message"), res.getString("ImportCaReplyFromFileAction.ImportCaReply.Title"), JOptionPane.INFORMATION_MESSAGE);
DViewCertificate dViewCertificate = new DViewCertificate(frame, MessageFormat.format(res.getString("ImportCaReplyFromFileAction.CertDetailsFile.Title"), caReplyFile.getName()), new X509Certificate[] { rootCert }, null, DViewCertificate.NONE);
dViewCertificate.setLocationRelativeTo(frame);
dViewCertificate.setVisible(true);
int selected = JOptionPane.showConfirmDialog(frame, res.getString("ImportCaReplyFromFileAction.AcceptCaReply.message"), res.getString("ImportCaReplyFromFileAction.ImportCaReply.Title"), JOptionPane.YES_NO_OPTION);
if (selected != JOptionPane.YES_OPTION) {
return;
}
newCertChain = certs;
} else {
newCertChain = certs;
}
} else // Single X.509 certificate reply - try and establish a chain of
// trust from the certificate and ending with a root CA self-signed certificate
{
// Establish trust against current KeyStore
ArrayList<KeyStore> compKeyStores = new ArrayList<KeyStore>();
compKeyStores.add(keyStore);
if (caCertificates != null) {
// Establish trust against CA Certificates KeyStore
compKeyStores.add(caCertificates);
}
if (windowsTrustedRootCertificates != null) {
// Establish trust against Windows Trusted Root Certificates KeyStore
compKeyStores.add(windowsTrustedRootCertificates);
}
X509Certificate[] trustChain = X509CertUtil.establishTrust(certs[0], compKeyStores.toArray(new KeyStore[compKeyStores.size()]));
if (trustChain != null) {
newCertChain = trustChain;
} else {
// Cannot establish trust for the certificate - fail
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromFileAction.NoTrustCaReply.message"), res.getString("ImportCaReplyFromFileAction.ImportCaReply.Title"), JOptionPane.WARNING_MESSAGE);
return;
}
}
}
if (keyStoreType.isFileBased()) {
// TODO: why or when is delete actually necessary???
keyStore.deleteEntry(alias);
keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), newCertChain);
} else {
keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), newCertChain);
}
currentState.append(newState);
kseFrame.updateControls(true);
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromFileAction.ImportCaReplySuccessful.message"), res.getString("ImportCaReplyFromFileAction.ImportCaReply.Title"), JOptionPane.INFORMATION_MESSAGE);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
}
use of org.kse.utilities.history.KeyStoreHistory in project keystore-explorer by kaikramer.
the class PasteAction method pasteEntry.
private boolean pasteEntry(BufferEntry bufferEntry) {
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
KeyStoreState currentState = history.getCurrentState();
KeyStoreState newState = currentState.createBasisForNextState(this);
KeyStore keyStore = newState.getKeyStore();
String alias = bufferEntry.getName();
if (keyStore.containsAlias(alias)) {
if (bufferEntry.isCut()) {
int selected = JOptionPane.showConfirmDialog(frame, MessageFormat.format(res.getString("PasteAction.PasteExistsReplace.message"), alias), res.getString("PasteAction.Paste.Title"), JOptionPane.YES_NO_OPTION);
if (selected != JOptionPane.YES_OPTION) {
return false;
}
keyStore.deleteEntry(alias);
newState.removeEntryPassword(alias);
} else {
alias = getUniqueEntryName(alias, keyStore);
}
}
if (bufferEntry instanceof KeyBufferEntry) {
KeyStoreType keyStoreType = KeyStoreType.resolveJce(keyStore.getType());
if (!keyStoreType.supportsKeyEntries()) {
JOptionPane.showMessageDialog(frame, MessageFormat.format(res.getString("PasteAction.NoPasteKeyEntry.message"), keyStoreType.friendly()), res.getString("PasteAction.Paste.Title"), JOptionPane.WARNING_MESSAGE);
return false;
}
KeyBufferEntry keyBufferEntry = (KeyBufferEntry) bufferEntry;
Key key = keyBufferEntry.getKey();
Password password = keyBufferEntry.getPassword();
keyStore.setKeyEntry(alias, key, password.toCharArray(), null);
newState.setEntryPassword(alias, password);
} else if (bufferEntry instanceof KeyPairBufferEntry) {
KeyPairBufferEntry keyPairBufferEntry = (KeyPairBufferEntry) bufferEntry;
PrivateKey privateKey = keyPairBufferEntry.getPrivateKey();
Password password = keyPairBufferEntry.getPassword();
Certificate[] certificateChain = keyPairBufferEntry.getCertificateChain();
keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), certificateChain);
newState.setEntryPassword(alias, password);
} else {
TrustedCertificateBufferEntry certBufferEntry = (TrustedCertificateBufferEntry) bufferEntry;
keyStore.setCertificateEntry(alias, certBufferEntry.getTrustedCertificate());
}
if (bufferEntry.isCut()) {
Buffer.clear();
}
currentState.append(newState);
kseFrame.updateControls(true);
return true;
} catch (Exception ex) {
DError.displayError(frame, ex);
return false;
}
}
use of org.kse.utilities.history.KeyStoreHistory in project keystore-explorer by kaikramer.
the class PropertiesAction method doAction.
/**
* Do action.
*/
@Override
protected void doAction() {
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
DProperties dProperties = new DProperties(frame, history);
dProperties.setLocationRelativeTo(frame);
dProperties.setVisible(true);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
}
use of org.kse.utilities.history.KeyStoreHistory in project keystore-explorer by kaikramer.
the class RemoveFromCertificateChainAction method doAction.
/**
* Do action.
*/
@Override
protected void doAction() {
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
KeyStoreState currentState = history.getCurrentState();
String alias = kseFrame.getSelectedEntryAlias();
Password password = getEntryPassword(alias, currentState);
if (password == null) {
return;
}
KeyStoreState newState = currentState.createBasisForNextState(this);
KeyStore keyStore = newState.getKeyStore();
Key privKey = keyStore.getKey(alias, password.toCharArray());
X509Certificate[] certChain = X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(keyStore.getCertificateChain(alias)));
if (certChain.length == 1) {
JOptionPane.showMessageDialog(frame, res.getString("RemoveFromCertificateChainAction.CannotRemoveOnlyCert.message"), res.getString("RemoveFromCertificateChainAction.RemoveFromCertificateChain.Title"), JOptionPane.WARNING_MESSAGE);
return;
}
// Certificate to remove is the end one in the chain
X509Certificate[] newCertChain = new X509Certificate[certChain.length - 1];
System.arraycopy(certChain, 0, newCertChain, 0, newCertChain.length);
keyStore.deleteEntry(alias);
keyStore.setKeyEntry(alias, privKey, password.toCharArray(), newCertChain);
currentState.append(newState);
kseFrame.updateControls(true);
JOptionPane.showMessageDialog(frame, res.getString("RemoveFromCertificateChainAction.RemoveFromCertificateChainSuccessful.message"), res.getString("RemoveFromCertificateChainAction.RemoveFromCertificateChain.Title"), JOptionPane.INFORMATION_MESSAGE);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
}
use of org.kse.utilities.history.KeyStoreHistory in project keystore-explorer by kaikramer.
the class RenameKeyAction method doAction.
/**
* Do action.
*/
@Override
protected void doAction() {
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
KeyStoreState currentState = history.getCurrentState();
String alias = kseFrame.getSelectedEntryAlias();
Password password = getEntryPassword(alias, currentState);
if (password == null) {
return;
}
KeyStoreState newState = currentState.createBasisForNextState(this);
KeyStore keyStore = newState.getKeyStore();
Key key = keyStore.getKey(alias, password.toCharArray());
DGetAlias dGetAlias = new DGetAlias(frame, res.getString("RenameKeyAction.NewEntryAlias.Title"), alias);
dGetAlias.setLocationRelativeTo(frame);
dGetAlias.setVisible(true);
String newAlias = dGetAlias.getAlias();
if (newAlias == null) {
return;
}
if (newAlias.equalsIgnoreCase(alias)) {
JOptionPane.showMessageDialog(frame, MessageFormat.format(res.getString("RenameKeyAction.RenameAliasIdentical.message"), alias), res.getString("RenameKeyAction.RenameEntry.Title"), JOptionPane.WARNING_MESSAGE);
return;
}
if (keyStore.containsAlias(newAlias)) {
String message = MessageFormat.format(res.getString("RenameKeyAction.OverWriteEntry.message"), newAlias);
int selected = JOptionPane.showConfirmDialog(frame, message, res.getString("RenameKeyAction.RenameEntry.Title"), JOptionPane.YES_NO_OPTION);
if (selected != JOptionPane.YES_OPTION) {
return;
}
keyStore.deleteEntry(newAlias);
newState.removeEntryPassword(newAlias);
}
keyStore.setKeyEntry(newAlias, key, password.toCharArray(), null);
newState.setEntryPassword(newAlias, new Password(password));
keyStore.deleteEntry(alias);
newState.removeEntryPassword(alias);
currentState.append(newState);
kseFrame.updateControls(true);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
}
Aggregations