TrustedCertificateStoreView xref

View Javadoc

1   package org.eparapher.rcp.views;
2   
3   import java.io.IOException;
4   import java.security.KeyStore;
5   import java.security.KeyStoreException;
6   import java.security.NoSuchProviderException;
7   import java.security.cert.CertificateException;
8   import java.security.cert.X509Certificate;
9   import java.util.Collection;
10  
11  import org.apache.log4j.Logger;
12  import org.bouncycastle.cms.CMSException;
13  import org.bouncycastle.x509.NoSuchStoreException;
14  import org.eclipse.jface.action.Action;
15  import org.eclipse.jface.viewers.ISelection;
16  import org.eclipse.jface.viewers.IStructuredSelection;
17  import org.eclipse.swt.SWT;
18  import org.eclipse.swt.graphics.Image;
19  import org.eclipse.swt.widgets.Composite;
20  import org.eclipse.swt.widgets.FileDialog;
21  import org.eclipse.ui.PlatformUI;
22  import org.eparapher.core.crypto.EPKeystoreManager;
23  import org.eparapher.core.crypto.KeystoreEntry;
24  import org.eparapher.core.crypto.cert.CertificateInfo;
25  import org.eparapher.core.crypto.cert.X509Util;
26  import org.eparapher.core.crypto.keystore.EPKeystoreUtils;
27  import org.eparapher.core.crypto.keystore.ITrustStore;
28  import org.eparapher.core.tools.JVMSettings;
29  import org.eparapher.rcp.EPReferences;
30  import org.eparapher.rcp.tools.GUIIcons;
31  import org.eparapher.rcp.tools.RCPGUI;
32  
33  
34  public class TrustedCertificateStoreView extends AbstractCertificateView {
35  	
36  	public static final String ID = "org.eparapher.rcp.views.TrustedCertificateStoreView";
37  
38  	private static Logger log = Logger.getLogger(TrustedCertificateStoreView.class);
39  	
40  	private ITrustStore trustStore;
41  	
42  	/**
43  	 * The constructor.
44  	 */
45  	public TrustedCertificateStoreView() {
46  		super();
47  	}
48  
49  	/**
50  	 * This is a callback that will allow us
51  	 * to create the viewer and initialize it.
52  	 */
53  	public void createPartControl(Composite parent) {
54  		
55  		trustStore = EPKeystoreManager.getInstance().getTrustStore();
56  		
57  		super.createPartControl(parent);
58  		
59  		EPReferences.getInstance().setTrustcertview(this);
60  	}
61  	
62  	protected void makeActions() {
63  		
64  		super.makeActions();
65  
66  		importAction = new ImportAction();
67  		exportAction = new ExportAction();
68  	}
69  	@Override
70  	protected Image getCertificateImage(Object obj) {
71  		return GUIIcons.CERTIFICATE_ICON_IMAGE;
72  	}
73  
74  	@Override
75  	protected Object[] getKeystoreEntries() {
76  		KeystoreEntry[] certlist = null;
77  		if (trustStore.loadTrustStore())
78  			certlist = trustStore.getTrustedCertificates();
79  		else
80  			certlist = new KeystoreEntry[0];
81  		
82  
83  		return certlist;
84  	}
85  
86  	class ImportAction extends Action {
87  		public ImportAction() {
88  			setText("Import...");
89  			setToolTipText("Import a trusted certificate");
90  			setImageDescriptor(GUIIcons.IMPORT_ICON);
91  		}
92  		public void run() {
93  			
94  			//Ask user for the file to import
95  			FileDialog fd = new FileDialog(PlatformUI.getWorkbench().getActiveWorkbenchWindow().getShell(), SWT.OPEN);
96  		    fd.setText("Import Trusted X509 Certificate(s) from PEM/BASE64 or P7B ...");
97  		    fd.setFilterPath( JVMSettings.getUserHome() );
98  		    String[] filterExt = { "*.*", "*.cer", "*.crt", "*.pem" };
99  		    fd.setFilterExtensions(filterExt);
100 		    String filename = fd.open();
101 		    
102 		    if (filename==null) {
103 		    	log.info("Import of Trusted X509 Certificate cancelled");
104 		    	return;
105 		    }
106 		    
107 		    Collection<X509Certificate> certs_coll;
108 			try {
109 				//Load as PEM/Base64 and as PKCS7 (P7Bfile)
110 			    certs_coll = X509Util.getCertsFromPEM( filename );
111 	            if (certs_coll==null)
112 	                certs_coll = X509Util.getCertsFromPKCS7( filename );
113 	            
114 				if (certs_coll.isEmpty())
115 					RCPGUI.infoMessage( "No certificates to import", "No certificate found in selected file\r\nIt must be Base 64 Encoded certificate(s)");
116 				else {
117 					KeyStore trustedks = EPKeystoreManager.getInstance().getTrustStore().getKeystore();
118 					boolean hasnewcerts = false;
119 					for (X509Certificate certificate : certs_coll) {
120 					    if (!EPKeystoreUtils.isCertificateTrusted(certificate)) {
121                             trustedks.setCertificateEntry(CertificateInfo.getSubjectAsShortText(certificate), certificate);
122                             hasnewcerts = true;
123                             log.info("Adding a new trusted certificate in the trustkeystore, identified by alias " + CertificateInfo.getSubjectAsShortText(certificate));
124 					    } else {
125 					        String alias = EPKeystoreManager.getInstance().getTrustStore().getKeystore().getCertificateAlias(certificate);
126 					        RCPGUI.infoMessage("Certificate already trusted", "The certificate is already trusted, and use alias " + alias);
127 					    }
128 					}
129 					if (hasnewcerts)
130 					    EPKeystoreManager.getInstance().getTrustStore().saveTrustStore();
131 				}
132 			} catch (CertificateException e) {
133 				log.error("Error while importing Certificate from file " + filename,e);
134 			} catch (IOException e) {
135 				log.error("Error while importing Certificate from file " + filename,e);
136 			} catch (KeyStoreException e) {
137 				log.error("Error while importing Certificate from file " + filename,e);
138 			} catch (NoSuchProviderException e) {
139                 log.error("Error while importing Certificate from file " + filename,e);
140             } catch (CMSException e) {
141                 log.error("Error while importing Certificate from file " + filename,e);
142             } catch (NoSuchStoreException e) {
143                 log.error("Error while importing Certificate from file " + filename,e);
144             }
145 			viewer.refresh();
146 		}
147 	}
148 	
149 	class ExportAction extends Action {
150 		public ExportAction() {
151 			setText("Export...");
152 			setToolTipText("Export trusted X509 certificate");
153 			setImageDescriptor(GUIIcons.EXPORT_ICON);
154 		}
155 		public void run() {
156 			ISelection selection = viewer.getSelection();
157 			if (selection.isEmpty()) {
158 				RCPGUI.infoMessage("Export a trusted certificate","Please select a trusted certificate in the list.");
159 				return;
160 			}
161 			Object obj = ((IStructuredSelection)selection).getFirstElement();
162 			if (obj!=null) {
163 				if (obj instanceof KeystoreEntry) {
164 					KeystoreEntry ke = (KeystoreEntry) obj;
165 					
166 					FileDialog fd = new FileDialog(PlatformUI.getWorkbench().getActiveWorkbenchWindow().getShell(), SWT.SAVE);
167 			        fd.setText("Export trusted Certificate to ...");
168 			        fd.setFilterPath( JVMSettings.getUserHome() );
169 			        //String[] filterExt = { "*.cer", "*.crt", "*.pem", "*.*" };
170 			        //fd.setFilterExtensions(filterExt);
171 			        String filename = fd.open();
172 			        if (filename == null)
173 			        	log.info("Choosing a File cancelled for trusted certificate export.");
174 			        else X509Util.saveX509toFile(filename,ke.getCertificateChain()[0]);
175 			        
176 				}
177 			}
178 	        return ;
179 		}
180 	}
181 }