Example 1 with Certificate
use of qz.auth.Certificate in project tray by qzind.
the class SiteManagerDialog method readCertificates.
/**
* Reads a certificate data file and updates the corresponding {@code ArrayList}
*
* @param certList The {@code ArrayList} requiring updating
* @param file The data file containing allow/block certificate information
*/
public ArrayList<Certificate> readCertificates(ArrayList<Certificate> certList, File file) {
try (BufferedReader br = new BufferedReader(new FileReader(file))) {
String line;
while ((line = br.readLine()) != null) {
String[] data = line.split("\\t");
if (data.length == Certificate.saveFields.length) {
HashMap<String, String> dataMap = new HashMap<>();
for (int i = 0; i < data.length; i++) {
dataMap.put(Certificate.saveFields[i], data[i]);
}
Certificate certificate = Certificate.loadCertificate(dataMap);
// Don't include the unsigned certificate if we are blocking it, there is a menu option instead
if (!certList.contains(certificate) && !Certificate.UNKNOWN.equals(certificate)) {
certList.add(certificate);
}
}
}
} catch (IOException ioe) {
ioe.printStackTrace();
}
return certList;
}
Also used :
HashMap(java.util.HashMap)
BufferedReader(java.io.BufferedReader)
FileReader(java.io.FileReader)
IOException(java.io.IOException)
Certificate(qz.auth.Certificate)
Example 2 with Certificate
use of qz.auth.Certificate in project tray by qzind.
the class PrintSocketClient method onMessage.
@OnWebSocketMessage
public void onMessage(Session session, Reader reader) throws IOException {
String message = IOUtils.toString(reader);
if (message == null || message.isEmpty()) {
sendError(session, null, "Message is empty");
return;
}
if (Constants.PROBE_REQUEST.equals(message)) {
try {
session.getRemote().sendString(Constants.PROBE_RESPONSE);
} catch (Exception ignore) {
}
log.warn("Second instance of {} likely detected, asking it to close", Constants.ABOUT_TITLE);
return;
}
// keep-alive call / no need to process
if ("ping".equals(message)) {
return;
}
String UID = null;
try {
log.debug("Message: {}", message);
JSONObject json = new JSONObject(message);
UID = json.optString("uid");
Integer connectionPort = session.getRemoteAddress().getPort();
SocketConnection connection = openConnections.get(connectionPort);
RequestState request = new RequestState(connection.getCertificate(), json);
// if sent a certificate use that instead for this connection
if (json.has("certificate")) {
try {
Certificate certificate = new Certificate(json.optString("certificate"));
connection.setCertificate(certificate);
request.markNewConnection(certificate);
log.debug("Received new certificate from connection through {}", connectionPort);
} catch (CertificateException ignore) {
request.markNewConnection(Certificate.UNKNOWN);
}
if (allowedFromDialog(request, "connect to " + Constants.ABOUT_TITLE, findDialogPosition(session, json.optJSONObject("position")))) {
sendResult(session, UID, null);
} else {
sendError(session, UID, "Connection blocked by client");
session.disconnect();
}
// this is a setup call, so no further processing is needed
return;
}
// check request signature
if (request.hasCertificate()) {
if (json.optLong("timestamp") + Constants.VALID_SIGNING_PERIOD < System.currentTimeMillis() || json.optLong("timestamp") - Constants.VALID_SIGNING_PERIOD > System.currentTimeMillis()) {
// bad timestamps use the expired certificate
log.warn("Expired signature on request");
request.setStatus(RequestState.Validity.EXPIRED);
} else if (json.isNull("signature") || !validSignature(request.getCertUsed(), json)) {
// bad signatures use the unsigned certificate
log.warn("Bad signature on request");
request.setStatus(RequestState.Validity.UNSIGNED);
} else {
log.trace("Valid signature from {}", request.getCertName());
request.setStatus(RequestState.Validity.TRUSTED);
}
}
processMessage(session, json, connection, request);
} catch (JSONException e) {
log.error("Bad JSON: {}", e.getMessage());
sendError(session, UID, e);
} catch (InvalidPathException | FileSystemException e) {
log.error("FileIO exception occurred", e);
sendError(session, UID, String.format("FileIO exception occurred: %s: %s", e.getClass().getSimpleName(), e.getMessage()));
} catch (Exception e) {
log.error("Problem processing message", e);
sendError(session, UID, e);
}
}
Also used :
RequestState(qz.auth.RequestState)
JSONObject(org.codehaus.jettison.json.JSONObject)
JSONException(org.codehaus.jettison.json.JSONException)
CertificateException(java.security.cert.CertificateException)
WebSocketException(org.eclipse.jetty.websocket.api.WebSocketException)
SerialPortException(jssc.SerialPortException)
TimeoutException(java.util.concurrent.TimeoutException)
CloseException(org.eclipse.jetty.websocket.api.CloseException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
EOFException(java.io.EOFException)
JSONException(org.codehaus.jettison.json.JSONException)
ListenerNotFoundException(javax.management.ListenerNotFoundException)
Certificate(qz.auth.Certificate)
Example 3 with Certificate
use of qz.auth.Certificate in project tray by qzind.
the class FileUtilities method addToCertList.
public static ArgParser.ExitStatus addToCertList(String list, File certFile) throws Exception {
FileReader fr = new FileReader(certFile);
Certificate cert = new Certificate(IOUtils.toString(fr));
if (FileUtilities.printLineToFile(list, cert.data(), !SystemUtilities.isAdmin())) {
log.info("Successfully added {} to {} list", cert.getOrganization(), ALLOW_FILE);
return ArgParser.ExitStatus.SUCCESS;
}
log.error("Failed to add {} to {} list", cert.getOrganization(), ALLOW_FILE);
return ArgParser.ExitStatus.GENERAL_ERROR;
}
Also used :
Certificate(qz.auth.Certificate)
Example 4 with Certificate
use of qz.auth.Certificate in project tray by qzind.
the class SiteManagerDialog method addCertificates.
private void addCertificates(File[] certFiles, ContainerList<CertificateDisplay> list, boolean selectWhenDone) {
for (File file : certFiles) {
try {
Certificate importCert = new Certificate(file.toPath());
if (importCert.isValid()) {
addCertificate(new CertificateDisplay(importCert, true), list, selectWhenDone);
continue;
}
// Warn of any invalid certs
showInvalidCertWarning(file, importCert);
} catch (CertificateException | IOException e) {
log.warn("Unable to import cert {}", file, e);
JOptionPane.showMessageDialog(this, String.format(INVALID_CERTIFICATE), "Import failed", JOptionPane.ERROR_MESSAGE);
}
}
}
Also used :
CertificateException(java.security.cert.CertificateException)
Certificate(qz.auth.Certificate)
Aggregations
Certificate (qz.auth.Certificate)4
IOException (java.io.IOException)2
CertificateException (java.security.cert.CertificateException)2
BufferedReader (java.io.BufferedReader)1
EOFException (java.io.EOFException)1
FileReader (java.io.FileReader)1
HashMap (java.util.HashMap)1
TimeoutException (java.util.concurrent.TimeoutException)1
ListenerNotFoundException (javax.management.ListenerNotFoundException)1
SerialPortException (jssc.SerialPortException)1
JSONException (org.codehaus.jettison.json.JSONException)1
JSONObject (org.codehaus.jettison.json.JSONObject)1
CloseException (org.eclipse.jetty.websocket.api.CloseException)1
WebSocketException (org.eclipse.jetty.websocket.api.WebSocketException)1
RequestState (qz.auth.RequestState)1
