private boolean checkPassword() { Password firstPassword; if (jpfFirst instanceof JPasswordQualityField) { char[] firstPasswordChars = ((JPasswordQualityField) jpfFirst).getPassword(); if (firstPasswordChars == null) { JOptionPane.showMessageDialog( this, res.getString("MinimumPasswordQualityNotMet.message"), getTitle(), JOptionPane.WARNING_MESSAGE); return false; } firstPassword = new Password(firstPasswordChars); } else { firstPassword = new Password(((JPasswordField) jpfFirst).getPassword()); } Password confirmPassword = new Password(jpfConfirm.getPassword()); if (firstPassword.equals(confirmPassword)) { password = firstPassword; return true; } JOptionPane.showMessageDialog( this, res.getString("PasswordsNoMatch.message"), getTitle(), JOptionPane.WARNING_MESSAGE); return false; }
/** Do action. */ @Override protected void doAction() { FileOutputStream fos = null; File caReplyFile = null; try { KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory(); KeyStoreState currentState = history.getCurrentState(); String alias = kseFrame.getSelectedEntryAlias(); Password password = getEntryPassword(alias, currentState); if (password == null) { return; } KeyStore keyStore = currentState.getKeyStore(); PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias, password.toCharArray()); Certificate[] certs = keyStore.getCertificateChain(alias); KeyPairType keyPairType = KeyPairUtil.getKeyPairType(privateKey); File csrFile = chooseCsrFile(); if (csrFile == null) { return; } PKCS10CertificationRequest pkcs10Csr = null; Spkac spkacCsr = null; try { CryptoFileType fileType = CryptoFileUtil.detectFileType(new FileInputStream(csrFile)); if (fileType == CryptoFileType.PKCS10_CSR) { pkcs10Csr = Pkcs10Util.loadCsr(new FileInputStream(csrFile)); if (!Pkcs10Util.verifyCsr(pkcs10Csr)) { JOptionPane.showMessageDialog( frame, res.getString("SignCsrAction.NoVerifyPkcs10Csr.message"), res.getString("SignCsrAction.SignCsr.Title"), JOptionPane.WARNING_MESSAGE); return; } } else if (fileType == CryptoFileType.SPKAC_CSR) { spkacCsr = new Spkac(new FileInputStream(csrFile)); if (!spkacCsr.verify()) { JOptionPane.showMessageDialog( frame, res.getString("SignCsrAction.NoVerifySpkacCsr.message"), res.getString("SignCsrAction.SignCsr.Title"), JOptionPane.WARNING_MESSAGE); return; } } else { JOptionPane.showMessageDialog( frame, MessageFormat.format( res.getString("SignCsrAction.FileNotRecognisedType.message"), csrFile), res.getString("SignCsrAction.SignCsr.Title"), JOptionPane.WARNING_MESSAGE); return; } } catch (FileNotFoundException ex) { JOptionPane.showMessageDialog( frame, MessageFormat.format(res.getString("SignCsrAction.NotFile.message"), csrFile), res.getString("SignCsrAction.SignCsr.Title"), JOptionPane.WARNING_MESSAGE); return; } catch (Exception ex) { String problemStr = MessageFormat.format( res.getString("SignCsrAction.NoOpenCsr.Problem"), csrFile.getName()); String[] causes = new String[] { res.getString("SignCsrAction.NotCsr.Cause"), res.getString("SignCsrAction.CorruptedCsr.Cause") }; Problem problem = new Problem(problemStr, causes, ex); DProblem dProblem = new DProblem(frame, res.getString("SignCsrAction.ProblemOpeningCsr.Title"), problem); dProblem.setLocationRelativeTo(frame); dProblem.setVisible(true); return; } X509Certificate[] signingChain = X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(certs)); X509Certificate signingCert = signingChain[0]; PublicKey publicKey = null; X500Name subject = null; DSignCsr dSignCsr = null; Provider provider = history.getExplicitProvider(); if (pkcs10Csr != null) { publicKey = new JcaPKCS10CertificationRequest(pkcs10Csr).getPublicKey(); subject = pkcs10Csr.getSubject(); dSignCsr = new DSignCsr(frame, pkcs10Csr, csrFile, privateKey, keyPairType, signingCert, provider); } else { publicKey = spkacCsr.getPublicKey(); subject = spkacCsr.getSubject().getName(); dSignCsr = new DSignCsr(frame, spkacCsr, csrFile, privateKey, keyPairType, signingCert, provider); } dSignCsr.setLocationRelativeTo(frame); dSignCsr.setVisible(true); X509CertificateVersion version = dSignCsr.getVersion(); SignatureType signatureType = dSignCsr.getSignatureType(); long validityPeriod = dSignCsr.getValidityPeriod(); BigInteger serialNumber = dSignCsr.getSerialNumber(); caReplyFile = dSignCsr.getCaReplyFile(); X509ExtensionSet extensions = dSignCsr.getExtensions(); if (version == null) { return; } X500Name issuer = X500NameUtils.x500PrincipalToX500Name(signingCert.getSubjectX500Principal()); // CA Reply is a cert with subject from CSR and issuer from signing cert's subject X509CertificateGenerator generator = new X509CertificateGenerator(version); X509Certificate caReplyCert = generator.generate( subject, issuer, validityPeriod, publicKey, privateKey, signatureType, serialNumber, extensions, provider); X509Certificate[] caReplyChain = new X509Certificate[signingChain.length + 1]; caReplyChain[0] = caReplyCert; // Add all of the signing chain to the reply System.arraycopy(signingChain, 0, caReplyChain, 1, signingChain.length); byte[] caCertEncoded = X509CertUtil.getCertsEncodedPkcs7(caReplyChain); fos = new FileOutputStream(caReplyFile); fos.write(caCertEncoded); } catch (FileNotFoundException ex) { JOptionPane.showMessageDialog( frame, MessageFormat.format(res.getString("SignJarAction.NoWriteFile.message"), caReplyFile), res.getString("SignCsrAction.SignCsr.Title"), JOptionPane.WARNING_MESSAGE); return; } catch (Exception ex) { DError.displayError(frame, ex); return; } finally { IOUtils.closeQuietly(fos); } JOptionPane.showMessageDialog( frame, res.getString("SignCsrAction.SignCsrSuccessful.message"), res.getString("SignCsrAction.SignCsr.Title"), JOptionPane.INFORMATION_MESSAGE); }
/** Generate a secret key in the currently opened KeyStore. */ public void generateSecret() { try { int secretKeySize = applicationSettings.getGenerateSecretKeySize(); SecretKeyType secretKeyType = applicationSettings.getGenerateSecretKeyType(); DGenerateSecretKey dGenerateSecretKey = new DGenerateSecretKey(frame, secretKeyType, secretKeySize); dGenerateSecretKey.setLocationRelativeTo(frame); dGenerateSecretKey.setVisible(true); if (!dGenerateSecretKey.isSuccessful()) { return; } secretKeySize = dGenerateSecretKey.getSecretKeySize(); secretKeyType = dGenerateSecretKey.getSecretKeyType(); applicationSettings.setGenerateSecretKeySize(secretKeySize); applicationSettings.setGenerateSecretKeyType(secretKeyType); SecretKey secretKey = SecretKeyUtil.generateSecretKey(secretKeyType, secretKeySize); KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory(); KeyStoreState currentState = history.getCurrentState(); KeyStoreState newState = currentState.createBasisForNextState(this); KeyStore keyStore = newState.getKeyStore(); DGetAlias dGetAlias = new DGetAlias( frame, res.getString("GenerateSecretKeyAction.NewSecretKeyEntryAlias.Title"), null); dGetAlias.setLocationRelativeTo(frame); dGetAlias.setVisible(true); String alias = dGetAlias.getAlias(); if (alias == null) { return; } if (keyStore.containsAlias(alias)) { String message = MessageFormat.format( res.getString("GenerateSecretKeyAction.OverWriteEntry.message"), alias); int selected = JOptionPane.showConfirmDialog( frame, message, res.getString("GenerateSecretKeyAction.NewSecretKeyEntryAlias.Title"), JOptionPane.YES_NO_OPTION); if (selected != JOptionPane.YES_OPTION) { return; } } Password password = new Password((char[]) null); KeyStoreType type = KeyStoreType.resolveJce(keyStore.getType()); if (type.hasEntryPasswords()) { DGetNewPassword dGetNewPassword = new DGetNewPassword( frame, res.getString("GenerateSecretKeyAction.NewSecretKeyEntryPassword.Title"), applicationSettings.getPasswordQualityConfig()); dGetNewPassword.setLocationRelativeTo(frame); dGetNewPassword.setVisible(true); password = dGetNewPassword.getPassword(); if (password == null) { return; } } if (keyStore.containsAlias(alias)) { keyStore.deleteEntry(alias); newState.removeEntryPassword(alias); } keyStore.setKeyEntry(alias, secretKey, password.toCharArray(), null); newState.setEntryPassword(alias, password); currentState.append(newState); kseFrame.updateControls(true); JOptionPane.showMessageDialog( frame, res.getString("GenerateSecretKeyAction.SecretKeyGenerationSuccessful.message"), res.getString("GenerateSecretKeyAction.GenerateSecretKey.Title"), JOptionPane.INFORMATION_MESSAGE); } catch (Exception ex) { DError.displayError(frame, ex); } }