EvaluateCertGUI


1   
2   package com.ca.commons.security;
3   
4   import com.ca.commons.cbutil.*;
5   import com.ca.commons.security.cert.CertViewer;
6   
7   import java.awt.*;
8   import java.awt.event.ActionListener  ;
9   import java.awt.event.ActionEvent  ;
10  import java.security.cert.X509Certificate  ;
11  import javax.swing.*;
12  
13  /**
14   * <p>This class provides a modal dialog that allows a user to examine an arbitrary certificate,
15   * and then decide whether to accept or reject that certificate, or to add it to their keystore.</p>
16   */
17  public class EvaluateCertGUI
18  {
19  
20      public static final int REJECT = 0;
21      public static final int ACCEPT_ONCE = 1;
22      public static final int ACCEPT_ALWAYS = 2;
23  
24      CBButton View, Reject, Accept_Once, Accept_Always;
25      CBPanel display;
26      CertViewer viewer;
27      Frame owner;
28  
29      public EvaluateCertGUI(Frame rootFrame)
30      {
31          owner = rootFrame;
32      }
33      /**
34       * <p>Creates a modal dialog that prompts the user to accept or reject a
35       * certificate during an SSL connection.</p>
36       *
37       * <p>The function returns either EvaluateCertGUI.REJECT, EvaluateCertGUI.ACCEPT_ONCE or EvaluateCertGUI.ACCEPT_ALWAYS.</p>
38       *
39       * @param cert the (hitherto unknown) certificate to evaluate for use in ssl.
40       * @return One of EvaluateCertGUI.REJECT, EvaluateCertGUI.ACCEPT_ONCE or EvaluateCertGUI.ACCEPT_ALWAYS.  If the user
41       * simply closes the window, the response is taken to be REJECT.
42       */
43      public int isTrusted(X509Certificate   cert)
44      {
45          final X509Certificate   certificate = cert;  // make local, final copy.
46  
47          display = new CBPanel();
48  
49          display.addWide(new JLabel("The ldap server you are connecting to is using"), 3);
50          display.newLine();
51  
52          display.addWide(new JLabel("an unknown security certificate."), 3);
53          display.newLine();
54          display.newLine();
55  
56          display.add(new JLabel("Subject: "));
57          display.addWide(new JLabel(certificate.getSubjectDN().getName()), 2);
58          display.newLine();
59  
60          display.add(new JLabel("Valid from: "));
61          display.addWide(new JLabel(certificate.getNotBefore().toString()), 2);
62          display.newLine();
63  
64          display.add(new JLabel("Valid to: "));
65          display.addWide(new JLabel(certificate.getNotAfter().toString()), 2);
66          display.newLine();
67          display.add(new JLabel(""));
68          display.newLine();
69  
70          display.addWide(new JLabel("Would you like to continue anyway?"), 3);
71          display.newLine();
72  
73          display.add(View = new CBButton("View Certificate", "Examine the Certificate Details"));
74          display.newLine();
75  
76          View.addActionListener(new ActionListener  () {
77              public void actionPerformed(ActionEvent   e)
78              {
79                  viewer = new CertViewer(owner, certificate, CertViewer.VIEW_ONLY);
80                  viewer.setVisible(true);
81              }
82          });
83  
84          /**
85           *  Distilled evil to get JOptionPane to show custom buttons with tooltips.
86           */
87  
88          Reject = new CBButton("End Connection", "Reject the certificate");
89          Accept_Once = new CBButton("This Session Only", "Allow, but do not add to your trusted keystore.");
90          Accept_Always = new CBButton("Always", "Add the server certificate to your trusted keystore");
91  
92          CBButton optionButtons[] = new CBButton[3];
93          optionButtons[REJECT] = Reject;
94          optionButtons[ACCEPT_ONCE] = Accept_Once;
95          optionButtons[ACCEPT_ALWAYS] = Accept_Always;
96  
97  
98          // ugly.  But effective.  This is added to the buttons below so that they trigger the
99          // JOptionPane to return.
100         ActionListener   buttonListener = new ActionListener  ()
101         {
102             public void actionPerformed(ActionEvent   a)
103             {
104                 Component sourceButton = (Component)a.getSource();
105                 ((JOptionPane)(sourceButton).getParent().getParent()).setValue(sourceButton);
106             }
107         };
108 
109         Reject.addActionListener(buttonListener);
110         Accept_Once.addActionListener(buttonListener);
111         Accept_Always.addActionListener(buttonListener);
112 
113         // the deep magic of JOptionPane continues to elude me (how *does* it create internal JButtons?) - however the
114         // upshot is that it returns -1 (window closed) or the index of the button selected (see above)
115         int v = JOptionPane.showOptionDialog(null, display, "Server CA Certificate missing", JOptionPane.DEFAULT_OPTION, JOptionPane.YES_NO_CANCEL_OPTION, null, optionButtons, optionButtons[0]);
116 
117         if (v == -1)
118             v = REJECT;
119 
120         return v;
121     }
122 }
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags