From dc63e62272f8d610986ce9327ce8ffdea9fe75f9 Mon Sep 17 00:00:00 2001 From: Lars Herschke Date: Mon, 26 Sep 2011 11:43:40 -0400 Subject: Add support for client authentication certificates 2011-09-26 Lars Herschke * netx/net/sourceforge/jnlp/resources/Messages.properties: Add CVExportPasswordMessage, CVImportPasswordMessage and CVPasswordTitle. * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java (initialize): Initialize SSLContext with the user's client certificates. * netx/net/sourceforge/jnlp/security/CertificateUtils.java (addPKCS12ToKeyStore, addPKCS12ToKeyStore, dumpPKCS12): New methods. * netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java (getPasswords): New method. (ImportButtonListener.actionPerformed): Import client certificates in PKCS12 format. (ExportButtonListener.actionPerformed): Export client certificates in PKCS12 format. --- .../jnlp/security/viewer/CertificatePane.java | 38 +++++++++++++++++++--- 1 file changed, 34 insertions(+), 4 deletions(-) (limited to 'netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java') diff --git a/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java b/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java index 04f0982..36a809b 100644 --- a/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java +++ b/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java @@ -66,6 +66,7 @@ import javax.swing.JFileChooser; import javax.swing.JLabel; import javax.swing.JOptionPane; import javax.swing.JPanel; +import javax.swing.JPasswordField; import javax.swing.JScrollPane; import javax.swing.JTabbedPane; import javax.swing.JTable; @@ -100,6 +101,7 @@ public class CertificatePane extends JPanel { new CertificateType(KeyStores.Type.JSSE_CA_CERTS), new CertificateType(KeyStores.Type.CERTS), new CertificateType(KeyStores.Type.JSSE_CERTS), + new CertificateType(KeyStores.Type.CLIENT_CERTS) }; JTabbedPane tabbedPane; @@ -301,6 +303,18 @@ public class CertificatePane extends JPanel { } } + private char[] getPassword(final String label) { + JPasswordField jpf = new JPasswordField(); + int result = JOptionPane.showConfirmDialog(parent, + new Object[]{label, jpf}, R("CVPasswordTitle"), + JOptionPane.OK_CANCEL_OPTION, + JOptionPane.INFORMATION_MESSAGE); + if (result == JOptionPane.OK_OPTION) + return jpf.getPassword(); + else + return null; + } + /** Allows storing KeyStores.Types in a JComponent */ private static class CertificateType { private final KeyStores.Type type; @@ -364,7 +378,17 @@ public class CertificatePane extends JPanel { if (returnVal == JFileChooser.APPROVE_OPTION) { try { KeyStore ks = keyStore; - CertificateUtils.addToKeyStore(chooser.getSelectedFile(), ks); + if (currentKeyStoreType == KeyStores.Type.CLIENT_CERTS) { + char[] password = getPassword(R("CVImportPasswordMessage")); + if (password != null) { + CertificateUtils.addPKCS12ToKeyStore( + chooser.getSelectedFile(), ks, password); + } else { + return; + } + } else { + CertificateUtils.addToKeyStore(chooser.getSelectedFile(), ks); + } File keyStoreFile = new File(KeyStores .getKeyStoreLocation(currentKeyStoreLevel, currentKeyStoreType)); if (!keyStoreFile.isFile()) { @@ -408,9 +432,15 @@ public class CertificatePane extends JPanel { String alias = keyStore.getCertificateAlias(certs .get(selectedRow)); if (alias != null) { - Certificate c = keyStore.getCertificate(alias); - PrintStream ps = new PrintStream(chooser.getSelectedFile().getAbsolutePath()); - CertificateUtils.dump(c, ps); + if (currentKeyStoreType == KeyStores.Type.CLIENT_CERTS) { + char[] password = getPassword(R("CVExportPasswordMessage")); + if (password != null) + CertificateUtils.dumpPKCS12(alias, chooser.getSelectedFile(), keyStore, password); + } else { + Certificate c = keyStore.getCertificate(alias); + PrintStream ps = new PrintStream(chooser.getSelectedFile().getAbsolutePath()); + CertificateUtils.dump(c, ps); + } repopulateTables(); } } -- cgit v1.2.3