diff options
Diffstat (limited to 'base/console/src/com/netscape/admin/certsrv/connection/PromptForTrustDialog.java')
-rw-r--r-- | base/console/src/com/netscape/admin/certsrv/connection/PromptForTrustDialog.java | 316 |
1 files changed, 316 insertions, 0 deletions
diff --git a/base/console/src/com/netscape/admin/certsrv/connection/PromptForTrustDialog.java b/base/console/src/com/netscape/admin/certsrv/connection/PromptForTrustDialog.java new file mode 100644 index 000000000..868eccc1b --- /dev/null +++ b/base/console/src/com/netscape/admin/certsrv/connection/PromptForTrustDialog.java @@ -0,0 +1,316 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +//package com.netscape.management.client.security; +package com.netscape.admin.certsrv.connection; + +import com.netscape.management.nmclf.SuiConstants; +import com.netscape.management.nmclf.SuiLookAndFeel; +import com.netscape.management.client.util.*; +import com.netscape.admin.certsrv.ug.*; + +import java.awt.event.*; +import java.awt.*; +import javax.swing.*; +import java.io.*; +import java.util.*; +import java.net.*; +import java.text.*; +import java.security.cert.X509Certificate; +import com.netscape.admin.certsrv.*; +import com.netscape.certsrv.common.*; + +import org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus; + +/** + * Dialog box that prompts user to either accept or reject + * an untrusted certificate. + */ +public class PromptForTrustDialog extends AbstractDialog implements SuiConstants { + + private static boolean certIsAccepted = false; + private static boolean acceptedForSingleSession = false; + private X509Certificate mCert; + + private UserConfirmationActionListener buttonActionListener = + new UserConfirmationActionListener(); + protected ResourceBundle mResource; + //static ResourceSet _resource = new ResourceSet("com.netscape.admin.certsrv.connection.ServerAuthResource"); + + CertViewDialog viewCertDialog; + //ViewCertificateDialog viewCertDialog; + JCheckBox oneSession; + + + /** + * create a dialog that prompt user to either accept or reject an untrusted certificate + * @param parent the owner of the dialog + * @param cert certificate chain + * @param certChain_errCode cert chain errors (0 if no errors) + * @param serverCert_errCode server cert errors (0 if no errors) + * + * + */ + public PromptForTrustDialog(Frame parent, X509Certificate cert, + ValidityStatus status) { + super(parent, "", true); + mResource = ResourceBundle.getBundle( + CMSAdminResources.class.getName()); + mCert = cert; + + setTitle(mResource.getString("SSLCLIENT_TRUST_DIALOG_TITLE")); + + getContentPane().setLayout(new GridBagLayout()); + + + //Add action button pane first so the accept button will + //get default focus. Already try various way with *Focus() call + //none of them work. + GridBagUtil.constrain(getContentPane(), createActionButtons(), + 0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.SOUTHEAST, + GridBagConstraints.NONE, 0, 0, 0, 0); + + GridBagUtil.constrain(getContentPane(), siteAlert(), 0, 0, 1, + 1, 1.0, 1.0, GridBagConstraints.NORTH, + GridBagConstraints.BOTH, VERT_WINDOW_INSET, + VERT_WINDOW_INSET, 0, 0); + + //viewCertDialog = new ViewCertificateDialog(parent, cert, status); + viewCertDialog = new CertViewDialog((JFrame)parent); + + setMinimumSize(400, 250); + if (parent == null) { + ModalDialogUtil.setCenteredDialog(this); + } + pack(); + } + + + /** + * Handles all the action (Ok, Accept, Reject, and Help) + * + */ + class UserConfirmationActionListener implements ActionListener { + public void actionPerformed(ActionEvent e) { + if (e.getActionCommand().equals("ACCEPT")) { + certIsAccepted = true; + setVisible(false); + } else if (e.getActionCommand().equals("REJECT")) { + certIsAccepted = false; + setVisible(false); + } else if (e.getActionCommand().equals("VIEWCERT")) { + String certContent = getPrettyPrint(mCert); + viewCertDialog.showDialog("", certContent); + } + } + } + + private final static String spaces = + " " + + " " + + " " + + " " + + " "; + private static final char[] hexdigits = { + '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', + 'A', 'B', 'C', 'D', 'E', 'F' + }; + + private String indent(int size) { + return spaces.substring(0, size); + } + + private String getPrettyPrint(X509Certificate cert) { + String subjectdn = cert.getSubjectDN().toString(); + String issuerdn = cert.getIssuerDN().toString(); + String serial = cert.getSerialNumber().toString(); + SimpleDateFormat formatter = new SimpleDateFormat("EEE MMM dd HH:mm:ss yyyy"); + String before = formatter.format(cert.getNotBefore()); + String after = formatter.format(cert.getNotAfter()); + String fingerprint = getHexString(cert.getSignature(), 16, 16, ":"); + String str = "Subject name: "+subjectdn+"\n"+ + "Issuer name: "+issuerdn+"\n"+"Serial number: "+serial+"\n"+ + "Validity: "+before+" to "+after+"\n"+"Signature:\n"+ + fingerprint+"\n"; + return str; + } + + private String getHexString(byte[] in, int indentSize, int lineLen, + String separator) { + StringBuffer sb = new StringBuffer(); + int hexCount = 0; + char c[]; + int j = 0; + + if (lineLen == 0) { + c = new char[in.length * 3 + 1]; + } else { + c = new char[lineLen * 3 + 1]; + } + + char sep = separator.charAt(0); + + sb.append(indent(indentSize)); + for (int i = 0; i < in.length; i++) { + if (lineLen > 0 && hexCount == lineLen) { + c[j++] = '\n'; + sb.append(c, 0, j); + sb.append(indent(indentSize)); + hexCount = 0; + j = 0; + } + byte x = in[i]; + + // output hex digits to buffer + c[j++] = hexdigits[(char) ((x >> 4) & 0xf)]; + c[j++] = hexdigits[(char) (x & 0xf)]; + + // if not last char, output separator + if (i != in.length - 1) { + c[j++] = sep; + } + + hexCount++; + } + if (j > 0) { + c[j++] = '\n'; + sb.append(c, 0, j); + } + // sb.append("\n"); + + return sb.toString(); + } + + /** + * @return true if certificate is accepted + */ + public boolean isCertAccepted() { + return certIsAccepted; + } + + /** + * @return true certificate should only be accept for a single session + */ + public boolean isAcceptedForOneSession() { + return oneSession.isSelected(); + } + + + /** + * Allow reuse of this dialog, if it is not disposed. + * @param cert certificate chain + * @param certChain_errCode cert chain errors (0 if no errors) + * @param serverCert_errCode server cert errors (0 if no errors) + * + */ + public void setCertificateInfo(X509Certificate cert, + ValidityStatus status) { + //viewCertDialog.setCertificate(cert, status); + } + + + /** + * Create a warning message panel + */ + private JPanel siteAlert() { + JPanel notTrustedSiteWarning = new JPanel(); + notTrustedSiteWarning.setLayout(new GridBagLayout()); + + JLabel warningImage = new JLabel(UIManager.getIcon("OptionPane.warningIcon")); + MultilineLabel warningMsg = new MultilineLabel( + mResource.getString("SSLCLIENT_TRUST_DIALOG_WARNMSG")); + oneSession = new JCheckBox( + mResource.getString("SSLCLIENT_TRUST_DIALOG_ACCEPTONESESSION"), + false); + + GridBagUtil.constrain(notTrustedSiteWarning, warningImage, 0, + 0, 1, 1, 0.0, 0.0, GridBagConstraints.NORTHWEST, + GridBagConstraints.NONE, 0, 0, 0, + DIFFERENT_COMPONENT_SPACE); + + GridBagUtil.constrain(notTrustedSiteWarning, warningMsg, 1, 0, + 1, 1, 1.0, 0.0, GridBagConstraints.NORTHWEST, + GridBagConstraints.BOTH, 0, 0, + DIFFERENT_COMPONENT_SPACE, VERT_WINDOW_INSET); + + GridBagUtil.constrain(notTrustedSiteWarning, oneSession, 1, 1, + 1, 1, 0.0, 0.0, GridBagConstraints.SOUTHWEST, + GridBagConstraints.NONE, 0, 0, 0, VERT_WINDOW_INSET); + + GridBagUtil.constrain(notTrustedSiteWarning, + Box.createVerticalGlue(), 1, 2, 2, 1, 1.0, 1.0, + GridBagConstraints.NORTH, GridBagConstraints.BOTH, 0, + 0, 0, 0); + return notTrustedSiteWarning; + } + + JButton accept; + public void setVisible(boolean visible) { + if (visible) { + accept.grabFocus(); + setDefaultButton(accept); + } + super.setVisible(visible); + } + + /** + * create all the action buttons (Accept, Reject, View Certificate, and Help) + */ + private JPanel createActionButtons() { + JPanel buttonPanel = new JPanel(); + buttonPanel.setLayout(new GridBagLayout()); + + accept = JButtonFactory.create( + mResource.getString("SSLCLIENT_TRUST_DIALOG_ACCEPT"), + buttonActionListener, "ACCEPT"); + accept.registerKeyboardAction(buttonActionListener, "ACCEPT", + KeyStroke.getKeyStroke(KeyEvent.VK_ENTER, 0), + JComponent.WHEN_IN_FOCUSED_WINDOW); + + JButton reject = JButtonFactory.create( + mResource.getString("SSLCLIENT_TRUST_DIALOG_REJECT"), + buttonActionListener, "REJECT"); + reject.registerKeyboardAction(buttonActionListener, "REJECT", + KeyStroke.getKeyStroke(KeyEvent.VK_R, 0), + JComponent.WHEN_IN_FOCUSED_WINDOW); + + JButton viewCert = JButtonFactory.create( + mResource.getString("SSLCLIENT_TRUST_DIALOG_VIEWCERT"), buttonActionListener, "VIEWCERT"); + viewCert.registerKeyboardAction(buttonActionListener, "VIEWCERT", + KeyStroke.getKeyStroke(KeyEvent.VK_V, 0), + JComponent.WHEN_IN_FOCUSED_WINDOW); + JButtonFactory.resizeGroup(accept, reject); + + int x = 0; + GridBagUtil.constrain(buttonPanel, accept, x, 0, 1, 1, 0.0, + 0.0, GridBagConstraints.NORTH, + GridBagConstraints.BOTH, DIFFERENT_COMPONENT_SPACE, 0, + 0, COMPONENT_SPACE); + + GridBagUtil.constrain(buttonPanel, reject, ++x, 0, 1, 1, 0.0, + 0.0, GridBagConstraints.NORTH, + GridBagConstraints.BOTH, DIFFERENT_COMPONENT_SPACE, 0, + 0, COMPONENT_SPACE); + + GridBagUtil.constrain(buttonPanel, viewCert, ++x, 0, 1, 1, 0.0, + 0.0, GridBagConstraints.NORTH, + GridBagConstraints.BOTH, DIFFERENT_COMPONENT_SPACE, 0, + 0, DIFFERENT_COMPONENT_SPACE); + + return buttonPanel; + } +} |