Example 31 with KeyStoreState
use of org.kse.utilities.history.KeyStoreState in project keystore-explorer by kaikramer.
the class GenerateKeyPairAction method generateKeyPair.
/**
* Generate a key pair (with certificate) in the currently opened KeyStore.
*
* @param issuerCert
* Issuer certificate for signing the new certificate
* @param issuerCertChain
* Chain of issuer certificate
* @param issuerPrivateKey
* Issuer's private key for signing
* @return Alias of new key pair
*/
public String generateKeyPair(X509Certificate issuerCert, X509Certificate[] issuerCertChain, PrivateKey issuerPrivateKey) {
String alias = "";
try {
int keyPairSize = applicationSettings.getGenerateKeyPairSize();
KeyPairType keyPairType = applicationSettings.getGenerateKeyPairType();
KeyStore activeKeyStore = kseFrame.getActiveKeyStore();
KeyStoreType activeKeyStoreType = KeyStoreType.resolveJce(activeKeyStore.getType());
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
Provider provider = history.getExplicitProvider();
DGenerateKeyPair dGenerateKeyPair = new DGenerateKeyPair(frame, activeKeyStoreType, keyPairType, keyPairSize);
dGenerateKeyPair.setLocationRelativeTo(frame);
dGenerateKeyPair.setVisible(true);
if (!dGenerateKeyPair.isSuccessful()) {
return "";
}
keyPairType = dGenerateKeyPair.getKeyPairType();
DGeneratingKeyPair dGeneratingKeyPair;
if (keyPairType != KeyPairType.EC) {
keyPairSize = dGenerateKeyPair.getKeyPairSize();
dGeneratingKeyPair = new DGeneratingKeyPair(frame, keyPairType, keyPairSize, provider);
applicationSettings.setGenerateKeyPairSize(keyPairSize);
applicationSettings.setGenerateKeyPairType(keyPairType);
} else {
String curveName = dGenerateKeyPair.getCurveName();
dGeneratingKeyPair = new DGeneratingKeyPair(frame, keyPairType, curveName, provider);
}
dGeneratingKeyPair.setLocationRelativeTo(frame);
dGeneratingKeyPair.startKeyPairGeneration();
dGeneratingKeyPair.setVisible(true);
KeyPair keyPair = dGeneratingKeyPair.getKeyPair();
if (keyPair == null) {
return "";
}
DGenerateKeyPairCert dGenerateKeyPairCert = new DGenerateKeyPairCert(frame, res.getString("GenerateKeyPairAction.GenerateKeyPairCert.Title"), keyPair, keyPairType, issuerCert, issuerPrivateKey, provider);
dGenerateKeyPairCert.setLocationRelativeTo(frame);
dGenerateKeyPairCert.setVisible(true);
X509Certificate certificate = dGenerateKeyPairCert.getCertificate();
if (certificate == null) {
return "";
}
KeyStoreState currentState = history.getCurrentState();
KeyStoreState newState = currentState.createBasisForNextState(this);
KeyStore keyStore = newState.getKeyStore();
DGetAlias dGetAlias = new DGetAlias(frame, res.getString("GenerateKeyPairAction.NewKeyPairEntryAlias.Title"), X509CertUtil.getCertificateAlias(certificate));
dGetAlias.setLocationRelativeTo(frame);
dGetAlias.setVisible(true);
alias = dGetAlias.getAlias();
if (alias == null) {
return "";
}
if (keyStore.containsAlias(alias)) {
String message = MessageFormat.format(res.getString("GenerateKeyPairAction.OverWriteEntry.message"), alias);
int selected = JOptionPane.showConfirmDialog(frame, message, res.getString("GenerateKeyPairAction.NewKeyPairEntryAlias.Title"), JOptionPane.YES_NO_OPTION);
if (selected != JOptionPane.YES_OPTION) {
return "";
}
}
Password password = new Password((char[]) null);
KeyStoreType keyStoreType = KeyStoreType.resolveJce(activeKeyStore.getType());
if (keyStoreType.hasEntryPasswords()) {
DGetNewPassword dGetNewPassword = new DGetNewPassword(frame, res.getString("GenerateKeyPairAction.NewKeyPairEntryPassword.Title"), applicationSettings.getPasswordQualityConfig());
dGetNewPassword.setLocationRelativeTo(frame);
dGetNewPassword.setVisible(true);
password = dGetNewPassword.getPassword();
if (password == null) {
return "";
}
}
if (keyStore.containsAlias(alias)) {
keyStore.deleteEntry(alias);
newState.removeEntryPassword(alias);
}
// create new chain with certificates from issuer chain
X509Certificate[] newCertChain = null;
if (issuerCertChain != null) {
newCertChain = new X509Certificate[issuerCertChain.length + 1];
System.arraycopy(issuerCertChain, 0, newCertChain, 1, issuerCertChain.length);
newCertChain[0] = certificate;
} else {
newCertChain = new X509Certificate[] { certificate };
}
keyStore.setKeyEntry(alias, keyPair.getPrivate(), password.toCharArray(), newCertChain);
newState.setEntryPassword(alias, password);
currentState.append(newState);
kseFrame.updateControls(true);
JOptionPane.showMessageDialog(frame, res.getString("GenerateKeyPairAction.KeyPairGenerationSuccessful.message"), res.getString("GenerateKeyPairAction.GenerateKeyPair.Title"), JOptionPane.INFORMATION_MESSAGE);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
return alias;
}
Also used :
KeyPair(java.security.KeyPair)
DGenerateKeyPair(org.kse.gui.dialogs.DGenerateKeyPair)
DGeneratingKeyPair(org.kse.gui.dialogs.DGeneratingKeyPair)
KeyStoreState(org.kse.utilities.history.KeyStoreState)
KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory)
KeyStore(java.security.KeyStore)
DGenerateKeyPairCert(org.kse.gui.dialogs.DGenerateKeyPairCert)
X509Certificate(java.security.cert.X509Certificate)
Provider(java.security.Provider)
DGetAlias(org.kse.gui.dialogs.DGetAlias)
KeyStoreType(org.kse.crypto.keystore.KeyStoreType)
DGeneratingKeyPair(org.kse.gui.dialogs.DGeneratingKeyPair)
KeyPairType(org.kse.crypto.keypair.KeyPairType)
DGenerateKeyPair(org.kse.gui.dialogs.DGenerateKeyPair)
DGetNewPassword(org.kse.gui.password.DGetNewPassword)
DGetNewPassword(org.kse.gui.password.DGetNewPassword)
Password(org.kse.crypto.Password)
Example 32 with KeyStoreState
use of org.kse.utilities.history.KeyStoreState in project keystore-explorer by kaikramer.
the class ImportCaReplyFromFileAction method doAction.
/**
* Do action.
*/
@Override
protected void doAction() {
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
KeyStoreState currentState = history.getCurrentState();
String alias = kseFrame.getSelectedEntryAlias();
Password password = getEntryPassword(alias, currentState);
if (password == null) {
return;
}
KeyStoreState newState = currentState.createBasisForNextState(this);
KeyStore keyStore = newState.getKeyStore();
KeyStoreType keyStoreType = KeyStoreType.resolveJce(keyStore.getType());
Key privateKey = keyStore.getKey(alias, password.toCharArray());
File caReplyFile = chooseCaFile();
if (caReplyFile == null) {
return;
}
X509Certificate[] certs = openCaReply(caReplyFile);
if ((certs == null) || (certs.length == 0)) {
return;
}
certs = X509CertUtil.orderX509CertChain(certs);
X509Certificate[] exitingEntryCerts = X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(keyStore.getCertificateChain(alias)));
if (!exitingEntryCerts[0].getPublicKey().equals(certs[0].getPublicKey())) {
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromFileAction.NoMatchPubKeyCaReply.message"), res.getString("ImportCaReplyFromFileAction.ImportCaReply.Title"), JOptionPane.WARNING_MESSAGE);
return;
}
// Holds the new certificate chain for the entry should the import succeed
X509Certificate[] newCertChain = null;
if (!applicationSettings.getEnableImportCaReplyTrustCheck()) {
newCertChain = certs;
} else {
KeyStore caCertificates = getCaCertificates();
KeyStore windowsTrustedRootCertificates = getWindowsTrustedRootCertificates();
// of the certificates in the CA Certificates or current KeyStore
if (certs.length > 1) {
X509Certificate rootCert = certs[certs.length - 1];
String matchAlias = null;
if (// Match against CA Certificates KeyStore
caCertificates != null) {
matchAlias = X509CertUtil.matchCertificate(caCertificates, rootCert);
}
// Match against Windows Trusted Root Certificates KeyStore
if ((windowsTrustedRootCertificates != null) && (matchAlias == null)) {
matchAlias = X509CertUtil.matchCertificate(windowsTrustedRootCertificates, rootCert);
}
if (// Match against current KeyStore
matchAlias == null) {
matchAlias = X509CertUtil.matchCertificate(keyStore, rootCert);
}
if (matchAlias == null) {
// No match for the root certificate - display the certificate to the user for confirmation
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromFileAction.NoMatchRootCertCaReplyConfirm.message"), res.getString("ImportCaReplyFromFileAction.ImportCaReply.Title"), JOptionPane.INFORMATION_MESSAGE);
DViewCertificate dViewCertificate = new DViewCertificate(frame, MessageFormat.format(res.getString("ImportCaReplyFromFileAction.CertDetailsFile.Title"), caReplyFile.getName()), new X509Certificate[] { rootCert }, null, DViewCertificate.NONE);
dViewCertificate.setLocationRelativeTo(frame);
dViewCertificate.setVisible(true);
int selected = JOptionPane.showConfirmDialog(frame, res.getString("ImportCaReplyFromFileAction.AcceptCaReply.message"), res.getString("ImportCaReplyFromFileAction.ImportCaReply.Title"), JOptionPane.YES_NO_OPTION);
if (selected != JOptionPane.YES_OPTION) {
return;
}
newCertChain = certs;
} else {
newCertChain = certs;
}
} else // Single X.509 certificate reply - try and establish a chain of
// trust from the certificate and ending with a root CA self-signed certificate
{
// Establish trust against current KeyStore
ArrayList<KeyStore> compKeyStores = new ArrayList<KeyStore>();
compKeyStores.add(keyStore);
if (caCertificates != null) {
// Establish trust against CA Certificates KeyStore
compKeyStores.add(caCertificates);
}
if (windowsTrustedRootCertificates != null) {
// Establish trust against Windows Trusted Root Certificates KeyStore
compKeyStores.add(windowsTrustedRootCertificates);
}
X509Certificate[] trustChain = X509CertUtil.establishTrust(certs[0], compKeyStores.toArray(new KeyStore[compKeyStores.size()]));
if (trustChain != null) {
newCertChain = trustChain;
} else {
// Cannot establish trust for the certificate - fail
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromFileAction.NoTrustCaReply.message"), res.getString("ImportCaReplyFromFileAction.ImportCaReply.Title"), JOptionPane.WARNING_MESSAGE);
return;
}
}
}
if (keyStoreType.isFileBased()) {
// TODO: why or when is delete actually necessary???
keyStore.deleteEntry(alias);
keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), newCertChain);
} else {
keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), newCertChain);
}
currentState.append(newState);
kseFrame.updateControls(true);
JOptionPane.showMessageDialog(frame, res.getString("ImportCaReplyFromFileAction.ImportCaReplySuccessful.message"), res.getString("ImportCaReplyFromFileAction.ImportCaReply.Title"), JOptionPane.INFORMATION_MESSAGE);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
}
Also used :
KeyStoreState(org.kse.utilities.history.KeyStoreState)
KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory)
ArrayList(java.util.ArrayList)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
FileNotFoundException(java.io.FileNotFoundException)
KeyStoreType(org.kse.crypto.keystore.KeyStoreType)
DViewCertificate(org.kse.gui.dialogs.DViewCertificate)
File(java.io.File)
Key(java.security.Key)
Password(org.kse.crypto.Password)
Example 33 with KeyStoreState
use of org.kse.utilities.history.KeyStoreState in project keystore-explorer by kaikramer.
the class PasteAction method pasteEntry.
private boolean pasteEntry(BufferEntry bufferEntry) {
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
KeyStoreState currentState = history.getCurrentState();
KeyStoreState newState = currentState.createBasisForNextState(this);
KeyStore keyStore = newState.getKeyStore();
String alias = bufferEntry.getName();
if (keyStore.containsAlias(alias)) {
if (bufferEntry.isCut()) {
int selected = JOptionPane.showConfirmDialog(frame, MessageFormat.format(res.getString("PasteAction.PasteExistsReplace.message"), alias), res.getString("PasteAction.Paste.Title"), JOptionPane.YES_NO_OPTION);
if (selected != JOptionPane.YES_OPTION) {
return false;
}
keyStore.deleteEntry(alias);
newState.removeEntryPassword(alias);
} else {
alias = getUniqueEntryName(alias, keyStore);
}
}
if (bufferEntry instanceof KeyBufferEntry) {
KeyStoreType keyStoreType = KeyStoreType.resolveJce(keyStore.getType());
if (!keyStoreType.supportsKeyEntries()) {
JOptionPane.showMessageDialog(frame, MessageFormat.format(res.getString("PasteAction.NoPasteKeyEntry.message"), keyStoreType.friendly()), res.getString("PasteAction.Paste.Title"), JOptionPane.WARNING_MESSAGE);
return false;
}
KeyBufferEntry keyBufferEntry = (KeyBufferEntry) bufferEntry;
Key key = keyBufferEntry.getKey();
Password password = keyBufferEntry.getPassword();
keyStore.setKeyEntry(alias, key, password.toCharArray(), null);
newState.setEntryPassword(alias, password);
} else if (bufferEntry instanceof KeyPairBufferEntry) {
KeyPairBufferEntry keyPairBufferEntry = (KeyPairBufferEntry) bufferEntry;
PrivateKey privateKey = keyPairBufferEntry.getPrivateKey();
Password password = keyPairBufferEntry.getPassword();
Certificate[] certificateChain = keyPairBufferEntry.getCertificateChain();
keyStore.setKeyEntry(alias, privateKey, password.toCharArray(), certificateChain);
newState.setEntryPassword(alias, password);
} else {
TrustedCertificateBufferEntry certBufferEntry = (TrustedCertificateBufferEntry) bufferEntry;
keyStore.setCertificateEntry(alias, certBufferEntry.getTrustedCertificate());
}
if (bufferEntry.isCut()) {
Buffer.clear();
}
currentState.append(newState);
kseFrame.updateControls(true);
return true;
} catch (Exception ex) {
DError.displayError(frame, ex);
return false;
}
}
Also used :
KeyStoreState(org.kse.utilities.history.KeyStoreState)
KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory)
PrivateKey(java.security.PrivateKey)
KeyStore(java.security.KeyStore)
KeyStoreException(java.security.KeyStoreException)
KeyBufferEntry(org.kse.utilities.buffer.KeyBufferEntry)
KeyPairBufferEntry(org.kse.utilities.buffer.KeyPairBufferEntry)
KeyStoreType(org.kse.crypto.keystore.KeyStoreType)
TrustedCertificateBufferEntry(org.kse.utilities.buffer.TrustedCertificateBufferEntry)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
Password(org.kse.crypto.Password)
Example 34 with KeyStoreState
use of org.kse.utilities.history.KeyStoreState in project keystore-explorer by kaikramer.
the class RemoveFromCertificateChainAction method doAction.
/**
* Do action.
*/
@Override
protected void doAction() {
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
KeyStoreState currentState = history.getCurrentState();
String alias = kseFrame.getSelectedEntryAlias();
Password password = getEntryPassword(alias, currentState);
if (password == null) {
return;
}
KeyStoreState newState = currentState.createBasisForNextState(this);
KeyStore keyStore = newState.getKeyStore();
Key privKey = keyStore.getKey(alias, password.toCharArray());
X509Certificate[] certChain = X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(keyStore.getCertificateChain(alias)));
if (certChain.length == 1) {
JOptionPane.showMessageDialog(frame, res.getString("RemoveFromCertificateChainAction.CannotRemoveOnlyCert.message"), res.getString("RemoveFromCertificateChainAction.RemoveFromCertificateChain.Title"), JOptionPane.WARNING_MESSAGE);
return;
}
// Certificate to remove is the end one in the chain
X509Certificate[] newCertChain = new X509Certificate[certChain.length - 1];
System.arraycopy(certChain, 0, newCertChain, 0, newCertChain.length);
keyStore.deleteEntry(alias);
keyStore.setKeyEntry(alias, privKey, password.toCharArray(), newCertChain);
currentState.append(newState);
kseFrame.updateControls(true);
JOptionPane.showMessageDialog(frame, res.getString("RemoveFromCertificateChainAction.RemoveFromCertificateChainSuccessful.message"), res.getString("RemoveFromCertificateChainAction.RemoveFromCertificateChain.Title"), JOptionPane.INFORMATION_MESSAGE);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
}
Also used :
KeyStoreState(org.kse.utilities.history.KeyStoreState)
KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory)
KeyStore(java.security.KeyStore)
Key(java.security.Key)
X509Certificate(java.security.cert.X509Certificate)
Password(org.kse.crypto.Password)
Example 35 with KeyStoreState
use of org.kse.utilities.history.KeyStoreState in project keystore-explorer by kaikramer.
the class RenameKeyAction method doAction.
/**
* Do action.
*/
@Override
protected void doAction() {
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
KeyStoreState currentState = history.getCurrentState();
String alias = kseFrame.getSelectedEntryAlias();
Password password = getEntryPassword(alias, currentState);
if (password == null) {
return;
}
KeyStoreState newState = currentState.createBasisForNextState(this);
KeyStore keyStore = newState.getKeyStore();
Key key = keyStore.getKey(alias, password.toCharArray());
DGetAlias dGetAlias = new DGetAlias(frame, res.getString("RenameKeyAction.NewEntryAlias.Title"), alias);
dGetAlias.setLocationRelativeTo(frame);
dGetAlias.setVisible(true);
String newAlias = dGetAlias.getAlias();
if (newAlias == null) {
return;
}
if (newAlias.equalsIgnoreCase(alias)) {
JOptionPane.showMessageDialog(frame, MessageFormat.format(res.getString("RenameKeyAction.RenameAliasIdentical.message"), alias), res.getString("RenameKeyAction.RenameEntry.Title"), JOptionPane.WARNING_MESSAGE);
return;
}
if (keyStore.containsAlias(newAlias)) {
String message = MessageFormat.format(res.getString("RenameKeyAction.OverWriteEntry.message"), newAlias);
int selected = JOptionPane.showConfirmDialog(frame, message, res.getString("RenameKeyAction.RenameEntry.Title"), JOptionPane.YES_NO_OPTION);
if (selected != JOptionPane.YES_OPTION) {
return;
}
keyStore.deleteEntry(newAlias);
newState.removeEntryPassword(newAlias);
}
keyStore.setKeyEntry(newAlias, key, password.toCharArray(), null);
newState.setEntryPassword(newAlias, new Password(password));
keyStore.deleteEntry(alias);
newState.removeEntryPassword(alias);
currentState.append(newState);
kseFrame.updateControls(true);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
}
Also used :
DGetAlias(org.kse.gui.dialogs.DGetAlias)
KeyStoreState(org.kse.utilities.history.KeyStoreState)
KeyStoreHistory(org.kse.utilities.history.KeyStoreHistory)
KeyStore(java.security.KeyStore)
Key(java.security.Key)
Password(org.kse.crypto.Password)
Aggregations
KeyStoreState (org.kse.utilities.history.KeyStoreState)48
KeyStoreHistory (org.kse.utilities.history.KeyStoreHistory)41
KeyStore (java.security.KeyStore)39
Password (org.kse.crypto.Password)32
PrivateKey (java.security.PrivateKey)17
X509Certificate (java.security.cert.X509Certificate)15
Certificate (java.security.cert.Certificate)13
KeyStoreType (org.kse.crypto.keystore.KeyStoreType)13
Key (java.security.Key)12
DGetAlias (org.kse.gui.dialogs.DGetAlias)10
File (java.io.File)9
FileNotFoundException (java.io.FileNotFoundException)7
DGetNewPassword (org.kse.gui.password.DGetNewPassword)6
PublicKey (java.security.PublicKey)5
CryptoException (org.kse.crypto.CryptoException)5
GeneralSecurityException (java.security.GeneralSecurityException)4
KeyStoreException (java.security.KeyStoreException)4
Provider (java.security.Provider)4
ArrayList (java.util.ArrayList)3
KeyPairType (org.kse.crypto.keypair.KeyPairType)3
