package org.eparapher.rcp.wizards;
   
   import java.lang.reflect.InvocationTargetException;
   import java.security.KeyPair;
   import java.security.KeyStore;
   import java.security.KeyStoreException;
   import java.security.NoSuchAlgorithmException;
   import java.security.NoSuchProviderException;
   import java.security.cert.X509Certificate;
  import java.util.Date;
  
  import org.apache.log4j.Logger;
  import org.eclipse.core.runtime.IProgressMonitor;
  import org.eclipse.jface.dialogs.ProgressMonitorDialog;
  import org.eclipse.jface.operation.IRunnableWithProgress;
  import org.eclipse.jface.viewers.IStructuredSelection;
  import org.eclipse.jface.wizard.Wizard;
  import org.eclipse.swt.widgets.Display;
  import org.eclipse.ui.INewWizard;
  import org.eclipse.ui.IWorkbench;
  import org.eclipse.ui.IWorkbenchWindow;
  import org.eclipse.ui.PlatformUI;
  import org.eparapher.core.EParapherManager;
  import org.eparapher.core.crypto.EPKeystoreManager;
  import org.eparapher.core.crypto.cert.CertificateManager;
  import org.eparapher.core.crypto.cert.NewCertParams;
  import org.eparapher.core.crypto.keystore.IUserKeystore;
  import org.eparapher.rcp.tools.eParapherTools;
  
  public class NewCertificateWizard extends Wizard implements INewWizard {
  
  	private static Logger log = Logger.getLogger(NewCertificateWizard.class);
  
  	/** The window */
  	private IWorkbenchWindow window;
  
  	private NewCertificateWizardPageOne one;
  
  	private X509Certificate[] generatedCert = null;
  	private String            generatedCSR = null;
  	
  	private NewCertParams     certParams = null;
  	
  	public NewCertificateWizard() {
  		super();
  		setWindowTitle("New certificate wizard");
  		setNeedsProgressMonitor(true);
  		certParams = new  NewCertParams();
  	}
  
  	public void addPages() {
  		one = new NewCertificateWizardPageOne();
  		addPage(one);
  	}
  	
  	public boolean performFinish() {
  		
  		//Get Params
  		certParams.setSelfCertSigned(one.isSelfSigned());
  		certParams.setCSR(one.isCSR());
  		certParams.setAlias(one.getAliasName());
  
  		certParams.setKeypairAlg(one.getKeypairAlg());
  		certParams.setKeypairSize(one.getKeypairSize());
  		certParams.setCertSigAlg(one.getCertSigAlg());
  		certParams.setEcDSASpecName(one.getECSpecsName());
  
  		certParams.setSubjectDN(one.getUserDNasString());
  
  		certParams.setValidFrom(new Date());
  		certParams.setValidUntil(one.getEndofValidityDate(certParams.getValidFrom()));
  
  		certParams.setSubaltnameDNSName(one.getSubjAltNameDNSName());
  		certParams.setSubaltnameEMail(one.getSubjAltNameEMail());
  		certParams.setSubaltnameOtherName(one.getSubjAltNameOtherName());
  
  		//If the alias already exists : user confirm if overwrite.
  		if (EPKeystoreManager.getInstance().getUserkeystore().containsAlias(certParams.getAlias())) {
  			if ( ! EParapherManager.getInstance().getUI().askUserYesNo("alias '"+certParams.getAlias()+"' already exists in keystore\r\nDo you really want to overwrite it (you will loose your private key)?") )
  				return false;
  			else
  				try {
  					EPKeystoreManager.getInstance().getUserkeystore().getKeystore().deleteEntry(certParams.getAlias());
  				} catch (KeyStoreException e) {
  					log.error(e);
  				}
  		}
  		//Ask the user for the Private Key Password
      	if ( !EPKeystoreManager.isCAPICOMUsed() && !EPKeystoreManager.isPKCS11Used() && !EPKeystoreManager.isPKCS12Used()  ) {
  			PinOrPassphraseWizard passphraseWizard = new PinOrPassphraseWizard( true, true, certParams.getAlias() );
  			certParams.setAliaspwd(passphraseWizard.askForSecret());
  			if ( certParams.getAliaspwd() == null || certParams.getAliaspwd().equals("") ) {
  				String msg = "Cannot access private key, .";
  				log.info(msg);
  				eParapherTools.errorMessage(msg);
  				return false;
  			}
      	}
  		ProgressMonitorDialog dialog = new ProgressMonitorDialog(PlatformUI.getWorkbench().getActiveWorkbenchWindow().getShell());
 		try {
 			generateKeysAndCert keycertgen = new generateKeysAndCert(certParams);
 			dialog.run(true, true, keycertgen );
 			generatedCert = keycertgen.getCertCahin();
 			generatedCSR  = keycertgen.getCSRFilename();
 			return true;
 		} catch (InterruptedException e) {
 			 eParapherTools.exceptionMessage("Error while generating Keypair/Certificate/CSR", e);
 		} catch (InvocationTargetException e) {
 			 eParapherTools.exceptionMessage("Error while generating Keypair/Certificate/CSR", e);
 		}
 		return false;
 	}
 	
 	protected class generateKeysAndCert implements IRunnableWithProgress {
 
 		NewCertParams X509Params;
 		
 		String csrFile;
 		X509Certificate[] certChain;
 		
 		protected generateKeysAndCert(NewCertParams params) {
 			X509Params = params;
 			csrFile = null;
 		}
 		protected String getCSRFilename() {
 			return csrFile;
 		}
 		protected X509Certificate[] getCertCahin() {
 			return certChain;
 		}
 		public void run(IProgressMonitor monitor) {
 			
 			if (X509Params.isSelfCertSigned())
 				monitor.beginTask("Generating self signed certificate",3);
 			if (X509Params.isCSR())
 				monitor.beginTask("Generating certificate signing request",4);
 
 			try {
 				//Generate Keys
 				monitor.subTask("Generating " + X509Params.getKeypairAlg() + " Keypair");
 				KeyPair keypair = CertificateManager.generateKeyPair(X509Params);
 				monitor.worked(1);
 				
 				if (monitor.isCanceled())
 					return;
 
 				//Generate Certificate
 				monitor.subTask("Generating X509 Certificate");
 				certChain = CertificateManager.generateNewCertificate( X509Params, keypair );
 				monitor.worked(1);
 				if (monitor.isCanceled())
 					return;
 				monitor.worked(1);
 
 				//EPKeystoreManager.getInstance().getUserkeystore().getKeystore().setKeyEntry(X509Params.getAlias(), keypair.getPrivate(), X509Params.getAliaspwd().toCharArray(), null );
 				//EPKeystoreManager.getInstance().getUserkeystore().saveKeyStore();
 				
 				//Generate CSR
 				if (X509Params.isCSR()) {
 					monitor.subTask("Generating certificate signing request (PKCS#10)");
 					csrFile = CertificateManager.createSigningRequest( X509Params, keypair );
 					monitor.worked(1);
 					if (monitor.isCanceled())
 						return;
 				}
 				
 				monitor.subTask("Storing private key and certificate");
 				//Store the new private key and certificate in your keystore
 				IUserKeystore uks = EPKeystoreManager.getInstance().getUserkeystore();
 				KeyStore ks = uks.getKeystore();
 				String alias = X509Params.getAlias();
 				if ( EPKeystoreManager.isPKCS11Used() || EPKeystoreManager.isCAPICOMUsed() || X509Params.getAliaspwd() == null) {
 					ks.setKeyEntry(alias, keypair.getPrivate(), null, certChain );
 				} else {
 					ks.setKeyEntry(alias, keypair.getPrivate(), X509Params.getAliaspwd().toCharArray(), certChain );
 				}
 				
 				uks.saveKeyStore();
 				monitor.worked(1);
 
 			} catch (NoSuchAlgorithmException e) {
 				manageexception(e);
 			} catch (NoSuchProviderException e) {
 				manageexception(e);
 			} catch (Exception e) {
 				manageexception(e);
 			}
 			monitor.done();
 		}
 
 		private void manageexception(final Throwable e) {
 			log.error(e.getLocalizedMessage(),e);
 			Display.getDefault().syncExec( new Runnable() {
 					public void run() {	eParapherTools.exceptionMessage(e.getLocalizedMessage(), e); }
 				}
 			);
 		}
 	}
 
 	public boolean isCSR() {
 		return certParams.isCSR();
 	}
 
 	public boolean isSelfSignedCert() {
 		
 		return certParams.isSelfCertSigned();
 	}
 
 	public String getAlias() {
 		return certParams.getAlias();
 	}
 
 	public X509Certificate[] getGeneratedCertificate() {
 		return generatedCert;
 	}
 	public String getCSRFile() {
 		return generatedCSR;
 	}
 
 	public void init(IWorkbench workbench, IStructuredSelection selection) {
         window = workbench.getActiveWorkbenchWindow();
 	}
 
 }