private boolean checkPassword() {
Password firstPassword;
if (jpfFirst instanceof JPasswordQualityField) {
char[] firstPasswordChars = ((JPasswordQualityField) jpfFirst).getPassword();
if (firstPasswordChars == null) {
JOptionPane.showMessageDialog(
this,
res.getString("MinimumPasswordQualityNotMet.message"),
getTitle(),
JOptionPane.WARNING_MESSAGE);
return false;
}
firstPassword = new Password(firstPasswordChars);
} else {
firstPassword = new Password(((JPasswordField) jpfFirst).getPassword());
}
Password confirmPassword = new Password(jpfConfirm.getPassword());
if (firstPassword.equals(confirmPassword)) {
password = firstPassword;
return true;
}
JOptionPane.showMessageDialog(
this, res.getString("PasswordsNoMatch.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return false;
}
/** Do action. */
@Override
protected void doAction() {
FileOutputStream fos = null;
File caReplyFile = null;
try {
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
KeyStoreState currentState = history.getCurrentState();
String alias = kseFrame.getSelectedEntryAlias();
Password password = getEntryPassword(alias, currentState);
if (password == null) {
return;
}
KeyStore keyStore = currentState.getKeyStore();
PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias, password.toCharArray());
Certificate[] certs = keyStore.getCertificateChain(alias);
KeyPairType keyPairType = KeyPairUtil.getKeyPairType(privateKey);
File csrFile = chooseCsrFile();
if (csrFile == null) {
return;
}
PKCS10CertificationRequest pkcs10Csr = null;
Spkac spkacCsr = null;
try {
CryptoFileType fileType = CryptoFileUtil.detectFileType(new FileInputStream(csrFile));
if (fileType == CryptoFileType.PKCS10_CSR) {
pkcs10Csr = Pkcs10Util.loadCsr(new FileInputStream(csrFile));
if (!Pkcs10Util.verifyCsr(pkcs10Csr)) {
JOptionPane.showMessageDialog(
frame,
res.getString("SignCsrAction.NoVerifyPkcs10Csr.message"),
res.getString("SignCsrAction.SignCsr.Title"),
JOptionPane.WARNING_MESSAGE);
return;
}
} else if (fileType == CryptoFileType.SPKAC_CSR) {
spkacCsr = new Spkac(new FileInputStream(csrFile));
if (!spkacCsr.verify()) {
JOptionPane.showMessageDialog(
frame,
res.getString("SignCsrAction.NoVerifySpkacCsr.message"),
res.getString("SignCsrAction.SignCsr.Title"),
JOptionPane.WARNING_MESSAGE);
return;
}
} else {
JOptionPane.showMessageDialog(
frame,
MessageFormat.format(
res.getString("SignCsrAction.FileNotRecognisedType.message"), csrFile),
res.getString("SignCsrAction.SignCsr.Title"),
JOptionPane.WARNING_MESSAGE);
return;
}
} catch (FileNotFoundException ex) {
JOptionPane.showMessageDialog(
frame,
MessageFormat.format(res.getString("SignCsrAction.NotFile.message"), csrFile),
res.getString("SignCsrAction.SignCsr.Title"),
JOptionPane.WARNING_MESSAGE);
return;
} catch (Exception ex) {
String problemStr =
MessageFormat.format(
res.getString("SignCsrAction.NoOpenCsr.Problem"), csrFile.getName());
String[] causes =
new String[] {
res.getString("SignCsrAction.NotCsr.Cause"),
res.getString("SignCsrAction.CorruptedCsr.Cause")
};
Problem problem = new Problem(problemStr, causes, ex);
DProblem dProblem =
new DProblem(frame, res.getString("SignCsrAction.ProblemOpeningCsr.Title"), problem);
dProblem.setLocationRelativeTo(frame);
dProblem.setVisible(true);
return;
}
X509Certificate[] signingChain =
X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(certs));
X509Certificate signingCert = signingChain[0];
PublicKey publicKey = null;
X500Name subject = null;
DSignCsr dSignCsr = null;
Provider provider = history.getExplicitProvider();
if (pkcs10Csr != null) {
publicKey = new JcaPKCS10CertificationRequest(pkcs10Csr).getPublicKey();
subject = pkcs10Csr.getSubject();
dSignCsr =
new DSignCsr(frame, pkcs10Csr, csrFile, privateKey, keyPairType, signingCert, provider);
} else {
publicKey = spkacCsr.getPublicKey();
subject = spkacCsr.getSubject().getName();
dSignCsr =
new DSignCsr(frame, spkacCsr, csrFile, privateKey, keyPairType, signingCert, provider);
}
dSignCsr.setLocationRelativeTo(frame);
dSignCsr.setVisible(true);
X509CertificateVersion version = dSignCsr.getVersion();
SignatureType signatureType = dSignCsr.getSignatureType();
long validityPeriod = dSignCsr.getValidityPeriod();
BigInteger serialNumber = dSignCsr.getSerialNumber();
caReplyFile = dSignCsr.getCaReplyFile();
X509ExtensionSet extensions = dSignCsr.getExtensions();
if (version == null) {
return;
}
X500Name issuer =
X500NameUtils.x500PrincipalToX500Name(signingCert.getSubjectX500Principal());
// CA Reply is a cert with subject from CSR and issuer from signing cert's subject
X509CertificateGenerator generator = new X509CertificateGenerator(version);
X509Certificate caReplyCert =
generator.generate(
subject,
issuer,
validityPeriod,
publicKey,
privateKey,
signatureType,
serialNumber,
extensions,
provider);
X509Certificate[] caReplyChain = new X509Certificate[signingChain.length + 1];
caReplyChain[0] = caReplyCert;
// Add all of the signing chain to the reply
System.arraycopy(signingChain, 0, caReplyChain, 1, signingChain.length);
byte[] caCertEncoded = X509CertUtil.getCertsEncodedPkcs7(caReplyChain);
fos = new FileOutputStream(caReplyFile);
fos.write(caCertEncoded);
} catch (FileNotFoundException ex) {
JOptionPane.showMessageDialog(
frame,
MessageFormat.format(res.getString("SignJarAction.NoWriteFile.message"), caReplyFile),
res.getString("SignCsrAction.SignCsr.Title"),
JOptionPane.WARNING_MESSAGE);
return;
} catch (Exception ex) {
DError.displayError(frame, ex);
return;
} finally {
IOUtils.closeQuietly(fos);
}
JOptionPane.showMessageDialog(
frame,
res.getString("SignCsrAction.SignCsrSuccessful.message"),
res.getString("SignCsrAction.SignCsr.Title"),
JOptionPane.INFORMATION_MESSAGE);
}
/** Generate a secret key in the currently opened KeyStore. */
public void generateSecret() {
try {
int secretKeySize = applicationSettings.getGenerateSecretKeySize();
SecretKeyType secretKeyType = applicationSettings.getGenerateSecretKeyType();
DGenerateSecretKey dGenerateSecretKey =
new DGenerateSecretKey(frame, secretKeyType, secretKeySize);
dGenerateSecretKey.setLocationRelativeTo(frame);
dGenerateSecretKey.setVisible(true);
if (!dGenerateSecretKey.isSuccessful()) {
return;
}
secretKeySize = dGenerateSecretKey.getSecretKeySize();
secretKeyType = dGenerateSecretKey.getSecretKeyType();
applicationSettings.setGenerateSecretKeySize(secretKeySize);
applicationSettings.setGenerateSecretKeyType(secretKeyType);
SecretKey secretKey = SecretKeyUtil.generateSecretKey(secretKeyType, secretKeySize);
KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
KeyStoreState currentState = history.getCurrentState();
KeyStoreState newState = currentState.createBasisForNextState(this);
KeyStore keyStore = newState.getKeyStore();
DGetAlias dGetAlias =
new DGetAlias(
frame, res.getString("GenerateSecretKeyAction.NewSecretKeyEntryAlias.Title"), null);
dGetAlias.setLocationRelativeTo(frame);
dGetAlias.setVisible(true);
String alias = dGetAlias.getAlias();
if (alias == null) {
return;
}
if (keyStore.containsAlias(alias)) {
String message =
MessageFormat.format(
res.getString("GenerateSecretKeyAction.OverWriteEntry.message"), alias);
int selected =
JOptionPane.showConfirmDialog(
frame,
message,
res.getString("GenerateSecretKeyAction.NewSecretKeyEntryAlias.Title"),
JOptionPane.YES_NO_OPTION);
if (selected != JOptionPane.YES_OPTION) {
return;
}
}
Password password = new Password((char[]) null);
KeyStoreType type = KeyStoreType.resolveJce(keyStore.getType());
if (type.hasEntryPasswords()) {
DGetNewPassword dGetNewPassword =
new DGetNewPassword(
frame,
res.getString("GenerateSecretKeyAction.NewSecretKeyEntryPassword.Title"),
applicationSettings.getPasswordQualityConfig());
dGetNewPassword.setLocationRelativeTo(frame);
dGetNewPassword.setVisible(true);
password = dGetNewPassword.getPassword();
if (password == null) {
return;
}
}
if (keyStore.containsAlias(alias)) {
keyStore.deleteEntry(alias);
newState.removeEntryPassword(alias);
}
keyStore.setKeyEntry(alias, secretKey, password.toCharArray(), null);
newState.setEntryPassword(alias, password);
currentState.append(newState);
kseFrame.updateControls(true);
JOptionPane.showMessageDialog(
frame,
res.getString("GenerateSecretKeyAction.SecretKeyGenerationSuccessful.message"),
res.getString("GenerateSecretKeyAction.GenerateSecretKey.Title"),
JOptionPane.INFORMATION_MESSAGE);
} catch (Exception ex) {
DError.displayError(frame, ex);
}
}