/** Do action. */
  @Override
  protected void doAction() {
    try {
      KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();

      KeyStoreState currentState = history.getCurrentState();
      KeyStoreState newState = currentState.createBasisForNextState(this);

      KeyStore keyStore = newState.getKeyStore();
      String alias = kseFrame.getSelectedEntryAlias();

      DGetAlias dGetAlias =
          new DGetAlias(
              frame, res.getString("RenameTrustedCertificateAction.NewEntryAlias.Title"), alias);
      dGetAlias.setLocationRelativeTo(frame);
      dGetAlias.setVisible(true);
      String newAlias = dGetAlias.getAlias();

      if (newAlias == null) {
        return;
      }

      if (newAlias.equalsIgnoreCase(alias)) {
        JOptionPane.showMessageDialog(
            frame,
            MessageFormat.format(
                res.getString("RenameTrustedCertificateAction.RenameAliasIdentical.message"),
                alias),
            res.getString("RenameTrustedCertificateAction.RenameEntry.Title"),
            JOptionPane.WARNING_MESSAGE);
        return;
      }

      if (keyStore.containsAlias(newAlias)) {
        String message =
            MessageFormat.format(
                res.getString("RenameTrustedCertificateAction.OverWriteEntry.message"), newAlias);

        int selected =
            JOptionPane.showConfirmDialog(
                frame,
                message,
                res.getString("RenameTrustedCertificateAction.RenameEntry.Title"),
                JOptionPane.YES_NO_OPTION);
        if (selected != JOptionPane.YES_OPTION) {
          return;
        }

        keyStore.deleteEntry(newAlias);
        newState.removeEntryPassword(newAlias);
      }

      Certificate cert = keyStore.getCertificate(alias);
      keyStore.setCertificateEntry(newAlias, cert);

      keyStore.deleteEntry(alias);

      currentState.append(newState);

      kseFrame.updateControls(true);
    } catch (Exception ex) {
      DError.displayError(frame, ex);
    }
  }
コード例 #2
0
  /** Do action. */
  @Override
  protected void doAction() {
    FileOutputStream fos = null;
    File caReplyFile = null;

    try {
      KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();
      KeyStoreState currentState = history.getCurrentState();

      String alias = kseFrame.getSelectedEntryAlias();

      Password password = getEntryPassword(alias, currentState);

      if (password == null) {
        return;
      }

      KeyStore keyStore = currentState.getKeyStore();

      PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias, password.toCharArray());
      Certificate[] certs = keyStore.getCertificateChain(alias);

      KeyPairType keyPairType = KeyPairUtil.getKeyPairType(privateKey);

      File csrFile = chooseCsrFile();
      if (csrFile == null) {
        return;
      }

      PKCS10CertificationRequest pkcs10Csr = null;
      Spkac spkacCsr = null;

      try {
        CryptoFileType fileType = CryptoFileUtil.detectFileType(new FileInputStream(csrFile));
        if (fileType == CryptoFileType.PKCS10_CSR) {
          pkcs10Csr = Pkcs10Util.loadCsr(new FileInputStream(csrFile));

          if (!Pkcs10Util.verifyCsr(pkcs10Csr)) {
            JOptionPane.showMessageDialog(
                frame,
                res.getString("SignCsrAction.NoVerifyPkcs10Csr.message"),
                res.getString("SignCsrAction.SignCsr.Title"),
                JOptionPane.WARNING_MESSAGE);
            return;
          }
        } else if (fileType == CryptoFileType.SPKAC_CSR) {
          spkacCsr = new Spkac(new FileInputStream(csrFile));

          if (!spkacCsr.verify()) {
            JOptionPane.showMessageDialog(
                frame,
                res.getString("SignCsrAction.NoVerifySpkacCsr.message"),
                res.getString("SignCsrAction.SignCsr.Title"),
                JOptionPane.WARNING_MESSAGE);
            return;
          }
        } else {
          JOptionPane.showMessageDialog(
              frame,
              MessageFormat.format(
                  res.getString("SignCsrAction.FileNotRecognisedType.message"), csrFile),
              res.getString("SignCsrAction.SignCsr.Title"),
              JOptionPane.WARNING_MESSAGE);
          return;
        }
      } catch (FileNotFoundException ex) {
        JOptionPane.showMessageDialog(
            frame,
            MessageFormat.format(res.getString("SignCsrAction.NotFile.message"), csrFile),
            res.getString("SignCsrAction.SignCsr.Title"),
            JOptionPane.WARNING_MESSAGE);
        return;
      } catch (Exception ex) {
        String problemStr =
            MessageFormat.format(
                res.getString("SignCsrAction.NoOpenCsr.Problem"), csrFile.getName());

        String[] causes =
            new String[] {
              res.getString("SignCsrAction.NotCsr.Cause"),
              res.getString("SignCsrAction.CorruptedCsr.Cause")
            };

        Problem problem = new Problem(problemStr, causes, ex);

        DProblem dProblem =
            new DProblem(frame, res.getString("SignCsrAction.ProblemOpeningCsr.Title"), problem);
        dProblem.setLocationRelativeTo(frame);
        dProblem.setVisible(true);

        return;
      }

      X509Certificate[] signingChain =
          X509CertUtil.orderX509CertChain(X509CertUtil.convertCertificates(certs));
      X509Certificate signingCert = signingChain[0];

      PublicKey publicKey = null;
      X500Name subject = null;
      DSignCsr dSignCsr = null;
      Provider provider = history.getExplicitProvider();

      if (pkcs10Csr != null) {
        publicKey = new JcaPKCS10CertificationRequest(pkcs10Csr).getPublicKey();
        subject = pkcs10Csr.getSubject();

        dSignCsr =
            new DSignCsr(frame, pkcs10Csr, csrFile, privateKey, keyPairType, signingCert, provider);
      } else {
        publicKey = spkacCsr.getPublicKey();
        subject = spkacCsr.getSubject().getName();

        dSignCsr =
            new DSignCsr(frame, spkacCsr, csrFile, privateKey, keyPairType, signingCert, provider);
      }

      dSignCsr.setLocationRelativeTo(frame);
      dSignCsr.setVisible(true);

      X509CertificateVersion version = dSignCsr.getVersion();
      SignatureType signatureType = dSignCsr.getSignatureType();
      long validityPeriod = dSignCsr.getValidityPeriod();
      BigInteger serialNumber = dSignCsr.getSerialNumber();
      caReplyFile = dSignCsr.getCaReplyFile();
      X509ExtensionSet extensions = dSignCsr.getExtensions();

      if (version == null) {
        return;
      }

      X500Name issuer =
          X500NameUtils.x500PrincipalToX500Name(signingCert.getSubjectX500Principal());

      // CA Reply is a cert with subject from CSR and issuer from signing cert's subject
      X509CertificateGenerator generator = new X509CertificateGenerator(version);
      X509Certificate caReplyCert =
          generator.generate(
              subject,
              issuer,
              validityPeriod,
              publicKey,
              privateKey,
              signatureType,
              serialNumber,
              extensions,
              provider);

      X509Certificate[] caReplyChain = new X509Certificate[signingChain.length + 1];

      caReplyChain[0] = caReplyCert;

      // Add all of the signing chain to the reply
      System.arraycopy(signingChain, 0, caReplyChain, 1, signingChain.length);

      byte[] caCertEncoded = X509CertUtil.getCertsEncodedPkcs7(caReplyChain);

      fos = new FileOutputStream(caReplyFile);
      fos.write(caCertEncoded);
    } catch (FileNotFoundException ex) {
      JOptionPane.showMessageDialog(
          frame,
          MessageFormat.format(res.getString("SignJarAction.NoWriteFile.message"), caReplyFile),
          res.getString("SignCsrAction.SignCsr.Title"),
          JOptionPane.WARNING_MESSAGE);
      return;
    } catch (Exception ex) {
      DError.displayError(frame, ex);
      return;
    } finally {
      IOUtils.closeQuietly(fos);
    }

    JOptionPane.showMessageDialog(
        frame,
        res.getString("SignCsrAction.SignCsrSuccessful.message"),
        res.getString("SignCsrAction.SignCsr.Title"),
        JOptionPane.INFORMATION_MESSAGE);
  }
コード例 #3
0
  /** Generate a secret key in the currently opened KeyStore. */
  public void generateSecret() {
    try {
      int secretKeySize = applicationSettings.getGenerateSecretKeySize();
      SecretKeyType secretKeyType = applicationSettings.getGenerateSecretKeyType();

      DGenerateSecretKey dGenerateSecretKey =
          new DGenerateSecretKey(frame, secretKeyType, secretKeySize);
      dGenerateSecretKey.setLocationRelativeTo(frame);
      dGenerateSecretKey.setVisible(true);

      if (!dGenerateSecretKey.isSuccessful()) {
        return;
      }

      secretKeySize = dGenerateSecretKey.getSecretKeySize();
      secretKeyType = dGenerateSecretKey.getSecretKeyType();

      applicationSettings.setGenerateSecretKeySize(secretKeySize);
      applicationSettings.setGenerateSecretKeyType(secretKeyType);

      SecretKey secretKey = SecretKeyUtil.generateSecretKey(secretKeyType, secretKeySize);

      KeyStoreHistory history = kseFrame.getActiveKeyStoreHistory();

      KeyStoreState currentState = history.getCurrentState();
      KeyStoreState newState = currentState.createBasisForNextState(this);

      KeyStore keyStore = newState.getKeyStore();

      DGetAlias dGetAlias =
          new DGetAlias(
              frame, res.getString("GenerateSecretKeyAction.NewSecretKeyEntryAlias.Title"), null);
      dGetAlias.setLocationRelativeTo(frame);
      dGetAlias.setVisible(true);
      String alias = dGetAlias.getAlias();

      if (alias == null) {
        return;
      }

      if (keyStore.containsAlias(alias)) {
        String message =
            MessageFormat.format(
                res.getString("GenerateSecretKeyAction.OverWriteEntry.message"), alias);

        int selected =
            JOptionPane.showConfirmDialog(
                frame,
                message,
                res.getString("GenerateSecretKeyAction.NewSecretKeyEntryAlias.Title"),
                JOptionPane.YES_NO_OPTION);
        if (selected != JOptionPane.YES_OPTION) {
          return;
        }
      }

      Password password = new Password((char[]) null);
      KeyStoreType type = KeyStoreType.resolveJce(keyStore.getType());

      if (type.hasEntryPasswords()) {
        DGetNewPassword dGetNewPassword =
            new DGetNewPassword(
                frame,
                res.getString("GenerateSecretKeyAction.NewSecretKeyEntryPassword.Title"),
                applicationSettings.getPasswordQualityConfig());
        dGetNewPassword.setLocationRelativeTo(frame);
        dGetNewPassword.setVisible(true);
        password = dGetNewPassword.getPassword();

        if (password == null) {
          return;
        }
      }

      if (keyStore.containsAlias(alias)) {
        keyStore.deleteEntry(alias);
        newState.removeEntryPassword(alias);
      }

      keyStore.setKeyEntry(alias, secretKey, password.toCharArray(), null);
      newState.setEntryPassword(alias, password);

      currentState.append(newState);

      kseFrame.updateControls(true);

      JOptionPane.showMessageDialog(
          frame,
          res.getString("GenerateSecretKeyAction.SecretKeyGenerationSuccessful.message"),
          res.getString("GenerateSecretKeyAction.GenerateSecretKey.Title"),
          JOptionPane.INFORMATION_MESSAGE);
    } catch (Exception ex) {
      DError.displayError(frame, ex);
    }
  }