Changeset 5024 for branches/2.3/security/ExpressoCert/src
- Timestamp:
- 09/02/11 13:40:07 (13 years ago)
- Location:
- branches/2.3/security/ExpressoCert/src/br/gov/serpro
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/2.3/security/ExpressoCert/src/br/gov/serpro/cert/DigitalCertificate.java
r4198 r5024 2 2 3 3 import br.gov.serpro.setup.Setup; 4 import br.gov.serpro.cert.Token;5 4 import java.awt.Frame; 6 5 import java.io.ByteArrayInputStream; … … 59 58 import java.io.OutputStreamWriter; 60 59 import java.security.AlgorithmParameters; 61 import java.security.NoSuchProviderException;62 60 import java.security.cert.CertificateEncodingException; 61 import java.util.HashMap; 63 62 import java.util.regex.Matcher; 64 63 import java.util.regex.Pattern; … … 787 786 } 788 787 789 List<String> aliases = new ArrayList<String>();790 for ( Enumeration<String> certificateList = keyStore.aliases(); certificateList.hasMoreElements();){791 aliases. add(certificateList.nextElement());788 Map<String, String> aliases = new HashMap<String, String>(); 789 for (Token token : tokens.getRegisteredTokens()){ 790 aliases.putAll(token.getAliases()); 792 791 } 793 792 -
branches/2.3/security/ExpressoCert/src/br/gov/serpro/cert/Token.java
r4198 r5024 9 9 import java.io.ByteArrayInputStream; 10 10 import java.io.File; 11 import java.io.IOException; 11 12 import java.security.Provider; 12 13 import java.security.ProviderException; 13 14 import java.security.Security; 15 import java.security.cert.CertificateFactory; 16 import java.util.logging.Level; 17 import java.util.logging.Logger; 18 import java.security.cert.X509Certificate; 19 import java.util.HashMap; 20 import java.util.Map; 21 import sun.security.pkcs11.wrapper.CK_ATTRIBUTE; 22 import sun.security.pkcs11.wrapper.CK_C_INITIALIZE_ARGS; 23 import sun.security.pkcs11.wrapper.Functions; 24 import sun.security.pkcs11.wrapper.PKCS11; 25 import sun.security.pkcs11.wrapper.PKCS11Exception; 26 import static sun.security.pkcs11.wrapper.PKCS11Constants.*; 14 27 15 28 //TODO: Deal with wildcards for environments variables. … … 26 39 private Provider tokenProvider; 27 40 private boolean registered = false; 41 private long slot; 42 43 static long CK_OBJECT_CLASS; 44 static long CK_OBJECT_HANDLE; 28 45 29 46 private Token(final Setup setup) { … … 57 74 } 58 75 59 protected void registerToken(long slot){ 60 76 protected void registerToken(long slot) throws IOException{ 77 78 this.slot = slot; 61 79 String tokenConfiguration = new String("name = " + name + "_" + slot + "\n" + 62 80 "library = " + libraryPath + "\nslot = " + slot + 63 "\ndisabledMechanisms = {\n" + "CKM_SHA1_RSA_PKCS\n}"); 81 "\ndisabledMechanisms = {\n" + "CKM_SHA1_RSA_PKCS\n}" + 82 "\n"); 64 83 65 84 try{ … … 71 90 System.out.println("Adding provider: "+pkcs11Provider.getName()); 72 91 System.out.println("Provider info: " + pkcs11Provider.getInfo()); 73 System.out.println("Provider services:");74 for (Provider.Service service : pkcs11Provider.getServices()){75 System.out.println("\t"+service.toString());76 }77 92 } 78 93 Security.addProvider(pkcs11Provider); … … 91 106 protected void unregisterToken(){ 92 107 Security.removeProvider(this.tokenProvider.getName()); 108 this.registered = false; 109 } 110 111 Map<String, String> getAliases() throws IOException{ 112 113 if (setup.getParameter("debug").equalsIgnoreCase("true")) { 114 System.out.println("Getting Aliases"); 115 } 116 117 Map<String, String> aliases = new HashMap<String, String>(); 118 119 CK_C_INITIALIZE_ARGS initArgs = new CK_C_INITIALIZE_ARGS(); 120 String functionList = "C_GetFunctionList"; 121 122 initArgs.flags = CKF_OS_LOCKING_OK; 123 124 PKCS11 tmpPKCS11 = null; 125 try { 126 try { 127 tmpPKCS11 = PKCS11.getInstance(libraryPath, functionList, initArgs, false); 128 } catch (IOException ex) { 129 if (setup.getParameter("debug").equalsIgnoreCase("true")) { 130 Logger.getLogger(TokenCollection.class.getName()).log(Level.SEVERE, null, ex); 131 } 132 throw ex; 133 } 134 } catch (PKCS11Exception e) { 135 try { 136 initArgs = null; 137 tmpPKCS11 = PKCS11.getInstance(libraryPath, functionList, initArgs, true); 138 } catch (IOException ex) { 139 if (setup.getParameter("debug").equalsIgnoreCase("true")) { 140 Logger.getLogger(TokenCollection.class.getName()).log(Level.SEVERE, null, ex); 141 } 142 } catch (PKCS11Exception ex) { 143 if (setup.getParameter("debug").equalsIgnoreCase("true")) { 144 Logger.getLogger(TokenCollection.class.getName()).log(Level.SEVERE, null, ex); 145 } 146 } 147 } 148 149 try { 150 // cria sessão pública rw. com flag CKF_SERIAL_SESSION 151 long session = tmpPKCS11.C_OpenSession(this.slot, CKF_SERIAL_SESSION, null, null); 152 153 if (setup.getParameter("debug").equalsIgnoreCase("true")) { 154 System.out.println("session number: "+session); 155 } 156 157 // TODO: Verifica se está logado, senão loga usuário. Pede pin? ou recebe pin? 158 159 CK_ATTRIBUTE[] TEMPLATE_CERTIFICATE = {new CK_ATTRIBUTE(CKA_CLASS, CKO_CERTIFICATE)}; 160 CK_ATTRIBUTE[] TEMPLATE_PKEY = {new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY)}; 161 CK_ATTRIBUTE[] TEMPLATE_KEY_LABEL_ID = {new CK_ATTRIBUTE(CKA_LABEL), new CK_ATTRIBUTE(CKA_ID)}; 162 CK_ATTRIBUTE[] TEMPLATE_CERT_LABEL_ID = { 163 new CK_ATTRIBUTE(CKA_LABEL), 164 new CK_ATTRIBUTE(CKA_ID), 165 new CK_ATTRIBUTE(CKA_VALUE) 166 }; 167 168 tmpPKCS11.C_FindObjectsInit(session, TEMPLATE_CERTIFICATE); 169 long[] certs = tmpPKCS11.C_FindObjects(session, 20); 170 171 tmpPKCS11.C_FindObjectsFinal(session); 172 173 tmpPKCS11.C_FindObjectsInit(session, TEMPLATE_PKEY); 174 long[] keys = tmpPKCS11.C_FindObjects(session, 20); 175 176 if (setup.getParameter("debug").equalsIgnoreCase("true")) { 177 System.out.println("Private Keys: "+keys.length); 178 } 179 180 for (long key : keys){ 181 tmpPKCS11.C_GetAttributeValue(session, key, TEMPLATE_KEY_LABEL_ID); 182 183 if (setup.getParameter("debug").equalsIgnoreCase("true")) { 184 System.out.print("Private key ID: "); 185 for (byte b : (byte [])TEMPLATE_KEY_LABEL_ID[1].pValue){ 186 System.out.print(b); 187 } 188 System.out.println(); 189 if (TEMPLATE_KEY_LABEL_ID[0].pValue != null) 190 { 191 System.out.println("Private key LABEL: "+new String((char [])TEMPLATE_KEY_LABEL_ID[0].pValue)); 192 } 193 System.out.println("\nCerts:"); 194 } 195 196 for (long cert : certs){ 197 tmpPKCS11.C_GetAttributeValue(session, cert, TEMPLATE_CERT_LABEL_ID); 198 199 if (Functions.equals((byte [])TEMPLATE_KEY_LABEL_ID[1].pValue, 200 (byte [])TEMPLATE_CERT_LABEL_ID[1].pValue)){ 201 if (TEMPLATE_CERT_LABEL_ID[0].pValue != null) 202 { 203 if (setup.getParameter("debug").equalsIgnoreCase("true")) { 204 System.out.println("Certificate LABEL: "+new String((char [])TEMPLATE_CERT_LABEL_ID[0].pValue)); 205 } 206 ByteArrayInputStream in = new ByteArrayInputStream((byte [])TEMPLATE_CERT_LABEL_ID[2].pValue); 207 CertificateFactory cf = CertificateFactory.getInstance("X.509"); 208 X509Certificate certObj = (X509Certificate)cf.generateCertificate(in); 209 if (certObj.getBasicConstraints() == -1 ){ 210 aliases.put(new String((char [])TEMPLATE_CERT_LABEL_ID[0].pValue), 211 certObj.getSubjectX500Principal().getName()); 212 } 213 } 214 } 215 216 } 217 if (setup.getParameter("debug").equalsIgnoreCase("true")) { 218 System.out.println(); 219 } 220 } 221 222 tmpPKCS11.C_CloseSession(session); 223 224 } catch (PKCS11Exception ex) { 225 if (setup.getParameter("debug").equalsIgnoreCase("true")) { 226 Logger.getLogger(TokenCollection.class.getName()).log(Level.SEVERE, null, ex); 227 } 228 } catch (Throwable t) { 229 if (setup.getParameter("debug").equalsIgnoreCase("true")) { 230 Logger.getLogger(TokenCollection.class.getName()).log(Level.SEVERE, null, t); 231 } 232 } 233 234 return aliases; 235 93 236 } 94 237 -
branches/2.3/security/ExpressoCert/src/br/gov/serpro/cert/TokenCollection.java
r4198 r5024 9 9 import java.io.IOException; 10 10 import java.util.HashMap; 11 import java.util.HashSet; 12 import java.util.Set; 11 13 import java.util.logging.Level; 12 14 import java.util.logging.Logger; … … 125 127 126 128 } 129 130 public Set<Token> getRegisteredTokens(){ 131 Set<Token> tokens = new HashSet<Token>(); 132 133 for (String id : this.keySet()){ 134 Token token = this.get(id); 135 if (token.isRegistered()){ 136 tokens.add(token); 137 } 138 } 139 140 return tokens; 141 } 142 127 143 } -
branches/2.3/security/ExpressoCert/src/br/gov/serpro/ui/DialogBuilder.java
r3633 r5024 3 3 import br.gov.serpro.setup.Setup; 4 4 import java.awt.BorderLayout; 5 import java.awt.Color;6 5 import java.awt.Dimension; 7 6 import java.awt.FlowLayout; … … 18 17 import java.lang.reflect.InvocationTargetException; 19 18 19 import java.util.ArrayList; 20 20 import java.util.List; 21 import java.util.Map; 22 import java.util.Set; 21 23 import javax.swing.BorderFactory; 22 24 import javax.swing.JButton; … … 332 334 } 333 335 334 static public String showCertificateSelector(Frame parent, Setup setup, List<String> certificateList) {336 static public String showCertificateSelector(Frame parent, Setup setup, Map<String, String> certificateMap) { 335 337 DialogBuilder certificateSelectorDialog = new DialogBuilder(parent, setup); 338 339 Set<Map.Entry<String, String>> entries = certificateMap.entrySet(); 340 List<String> certificateList = new ArrayList<String>(); 341 342 if (setup.getParameter("debug").equalsIgnoreCase("true")) { 343 System.out.println("Entradas:"); 344 } 345 346 for (Map.Entry<String, String> entry : entries){ 347 if (setup.getParameter("debug").equalsIgnoreCase("true")) { 348 System.out.println("[" + entry.getKey() + " : " + entry.getValue() + "]"); 349 } 350 certificateList.add(entry.getValue()); 351 } 336 352 337 353 try { … … 356 372 357 373 String subject = certificateSelectorDialog.getCertificateSubject(); 374 String label = ""; 375 376 for (Map.Entry<String, String> entry : entries){ 377 if (entry.getValue().equals(subject)){ 378 label = entry.getKey(); 379 break; 380 } 381 } 382 358 383 certificateSelectorDialog.dispose(); 359 384 certificateSelectorDialog = null; 360 385 361 return subject;386 return label; 362 387 } 363 388 }
Note: See TracChangeset
for help on using the changeset viewer.