integrate support for multiple KeyStores into the various validators

2010-11-11 Omair Majid <[email protected]> * netx/net/sourceforge/jnlp/runtime/Boot.java (main): Move trust manager initialization code into JNLPRuntime.initialize. * plugin/icedteanp/java/sun/applet/PluginMain.java (init): Likewise. * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java (initialize): Set the default SSL TrustManager here. * netx/net/sourceforge/jnlp/security/CertWarningPane.java (CheckBoxListener.actionPerformed): Add this certificate into user's trusted certificate store. * netx/net/sourceforge/jnlp/tools/KeyTool.java (addToKeyStore(File,KeyStore)): Move to CertificateUtils. (addToKeyStore(X509Certificate,KeyStore)): Likewise. (dumpCert): Likewise. * netx/net/sourceforge/jnlp/security/CertificateUtils.java: New class. (addToKeyStore(File,KeyStore)): Moved from KeyTool. (addToKeyStore(X509Certificate,KeyStore)): Likewise. (dumpCert): Likewise. (inKeyStores): New method. * netx/net/sourceforge/jnlp/security/HttpsCertVerifier.java (getRootInCacerts): Check all available CA store to check if root is in CA certificates. * netx/net/sourceforge/jnlp/security/KeyStores.java (getKeyStore(Level,Type,boolean)): Add security check. (getClientKeyStores): New method. * netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java (VariableX509TrustManager): Initialize multiple CA, certificate and client trust managers. (checkClientTrusted): Check all the client TrustManagers if certificate is trusted. (checkAllManagers): Check multiple CA certificates and trusted certificates to determine if the certificate chain can be trusted. (isExplicitlyTrusted): Check with multiple TrustManagers. (getAcceptedIssuers): Gather results from multiple TrustManagers. * netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java (ImportButtonListener): Use CertificateUtils instead of KeyTool. * netx/net/sourceforge/jnlp/tools/JarSigner.java (checkTrustedCerts): Use multiple key stores to check if certificate is directly trusted and if the root is trusted.
author: Omair Majid <[email protected]> 2010-11-11 11:43:13 -0500
committer: Omair Majid <[email protected]> 2010-11-11 11:43:13 -0500
commit: 4b48fb654279154b6126c86d5998e02d74d125fb (patch)
tree: 7f037a171f123564b80f5c1d237d26161ce7e8e4 /netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java
parent: ec49901d9f4844acd69a51ebc0c7fa548be70ff3 (diff)
1 files changed, 3 insertions, 4 deletions
diff --git a/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java b/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java
index d0ac050..d07e741 100644
--- a/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java
+++ b/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java
@@ -71,11 +71,11 @@ import javax.swing.event.ChangeEvent;
 import javax.swing.event.ChangeListener;
 import javax.swing.table.DefaultTableModel;
 
+import net.sourceforge.jnlp.security.CertificateUtils;
 import net.sourceforge.jnlp.security.KeyStores;
 import net.sourceforge.jnlp.security.SecurityUtil;
 import net.sourceforge.jnlp.security.SecurityWarningDialog;
 import net.sourceforge.jnlp.security.KeyStores.Level;
-import net.sourceforge.jnlp.tools.KeyTool;
 
 public class CertificatePane extends JPanel {
 
@@ -359,9 +359,8 @@ public class CertificatePane extends JPanel {
                 int returnVal = chooser.showOpenDialog(parent);
                 if(returnVal == JFileChooser.APPROVE_OPTION) {
                         try {
-                                KeyTool kt = new KeyTool();
                                 KeyStore ks = keyStore;
-                                kt.addToKeyStore(chooser.getSelectedFile(), ks);
+                                CertificateUtils.addToKeyStore(chooser.getSelectedFile(), ks);
                                 OutputStream os = new FileOutputStream(
                                         KeyStores.getKeyStoreLocation(currentKeyStoreLevel, currentKeyStoreType));
                                 ks.store(os, KeyStores.getPassword());
@@ -399,7 +398,7 @@ public class CertificatePane extends JPanel {
                                         if (alias != null) {
                                                 Certificate c = keyStore.getCertificate(alias);
                                                 PrintStream ps = new PrintStream(chooser.getSelectedFile().getAbsolutePath());
-                                                KeyTool.dumpCert(c, ps);
+                                                CertificateUtils.dump(c, ps);
                                                 repopulateTables();
                                         }
                                 }
author	Omair Majid <[email protected]>	2010-11-11 11:43:13 -0500
committer	Omair Majid <[email protected]>	2010-11-11 11:43:13 -0500
commit	4b48fb654279154b6126c86d5998e02d74d125fb (patch)
tree	7f037a171f123564b80f5c1d237d26161ce7e8e4 /netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java
parent	ec49901d9f4844acd69a51ebc0c7fa548be70ff3 (diff)