package org.eparapher.rcp.views;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import org.apache.log4j.Logger;
import org.eclipse.jface.action.Action;
import org.eclipse.jface.action.IMenuManager;
import org.eclipse.jface.action.IToolBarManager;
import org.eclipse.jface.action.Separator;
import org.eclipse.jface.viewers.ISelection;
import org.eclipse.jface.viewers.IStructuredSelection;
import org.eclipse.jface.window.Window;
import org.eclipse.jface.wizard.WizardDialog;
import org.eclipse.swt.graphics.Image;
import org.eclipse.swt.widgets.Composite;
import org.eclipse.ui.IViewPart;
import org.eclipse.ui.PlatformUI;
import org.eparapher.core.crypto.EPKeystoreManager;
import org.eparapher.core.crypto.keystore.KeystoreEntry;
import org.eparapher.core.interfaces.IUserKeystore;
import org.eparapher.rcp.EPReferences;
import org.eparapher.rcp.dialog.CertificateRequestViewerDialog;
import org.eparapher.rcp.dialog.CertificateViewerDialog;
import org.eparapher.rcp.tools.GUIIcons;
import org.eparapher.rcp.tools.eParapherTools;
import org.eparapher.rcp.wizards.ExportKeysCertificatesWizard;
import org.eparapher.rcp.wizards.ImportKeysCertificatesWizard;
import org.eparapher.rcp.wizards.NewCertificateWizard;
import org.eparapher.rcp.wizards.PinOrPassphraseWizard;
import org.eparapher.rcp.tools.RCPGUI;
/**
* This view shows user's certificates obtained from the
* Keystore defined in the configuration.
*
* The view uses a label provider to define how model
* objects should be presented in the view. Each
* view can present the same model objects using
* different labels and icons, if needed. Alternatively,
* a single label provider can be shared between views
* in order to ensure that objects of the same type are
* presented in the same way everywhere.
*
*/
public class UserCertificateStoreView extends AbstractCertificateView {
public static final String ID = "org.eparapher.rcp.views.UserCertificateStoreView";
private static Logger log = Logger.getLogger(UserCertificateStoreView.class);
private Action selectAliasAction;
private Action newCertificateAction;
private Action newSecretKeyAction;
private Action changePasswordAction;
/**
* The constructor.
*/
public UserCertificateStoreView() {
}
/**
* This is a callback that will allow us
* to create the viewer and initialize it.
*/
public void createPartControl(Composite parent) {
super.createPartControl(parent);
EPReferences.getInstance().setUsercertview(this);
}
protected void fillLocalPullDown(IMenuManager manager) {
manager.add(newCertificateAction);
manager.add(newSecretKeyAction);
manager.add(new Separator());
super.fillLocalPullDown(manager);
}
protected void fillContextMenu(IMenuManager manager) {
manager.add(selectAliasAction);
manager.add(changePasswordAction);
manager.add(new Separator());
super.fillContextMenu(manager);
}
protected void fillLocalToolBar(IToolBarManager manager) {
manager.add(newCertificateAction);
manager.add(newSecretKeyAction);
manager.add(new Separator());
manager.add(refreshAction);
manager.add(changePasswordAction);
manager.add(new Separator());
manager.add(importAction);
manager.add(exportAction);
}
protected void makeActions() {
super.makeActions();
importAction = new ImportAction();
exportAction = new ExportAction();
newCertificateAction = new NewX509Action();
newSecretKeyAction = new NewSymKeyAction();
selectAliasAction = new SelectAliasAction();
changePasswordAction = new ChangePasswordAction(this);
}
@Override
protected Image getCertificateImage(Object obj) {
KeystoreEntry certchain = (KeystoreEntry) obj;
IUserKeystore userKeystore = EPKeystoreManager.getInstance().getUserkeystore();
if (certchain.getKeystoreAlias().equals(userKeystore.getDefaultAlias()))
return GUIIcons.CERTIFICATE_SEL_ICON_IMAGE;
else if ( certchain.getCertificateChain()==null || certchain.getCertificateChain().length==0 )
return GUIIcons.PRIVATE_KEY_ICON_IMAGE;
else if (certchain.isTrustedCertificate())
return GUIIcons.CERTIFICATE_ICON_IMAGE;
else return GUIIcons.PK_AND_CERT_ICON_IMAGE;
}
@Override
protected Object[] getKeystoreEntries() {
KeystoreEntry[] certlist = new KeystoreEntry[0];
IUserKeystore userKeystore = EPKeystoreManager.getInstance().getUserkeystore();
if ( userKeystore == null ) {
eParapherTools.errorMessage("Failed to initialize your Personal Keystore.\r\nPlease change it in configuration.");
} else if ( userKeystore.loadKeyStore() ) {
certlist = userKeystore.getAllEntries();
}
return certlist;
}
class ImportAction extends Action {
public ImportAction() {
setText("Import...");
setToolTipText("Import a keypair and/or a certificate");
setImageDescriptor(GUIIcons.IMPORT_ICON);
}
public void run() {
//RCPGUI.infoMessage("Import a keypair and/or certificate","Not implemented yet.");
ImportKeysCertificatesWizard importWizard = new ImportKeysCertificatesWizard();
WizardDialog dialog = new WizardDialog(PlatformUI.getWorkbench().getActiveWorkbenchWindow().getShell(), importWizard);
if ( dialog.open() != Window.OK ) {
log.info("Keys and certificate export wizard cancelled");
return;
}
}
}
class ExportAction extends Action {
public ExportAction() {
setText("Export...");
setToolTipText("Export user keypair & certificate");
setImageDescriptor(GUIIcons.EXPORT_ICON);
}
public void run() {
ISelection selection = viewer.getSelection();
if (selection.isEmpty())
RCPGUI.infoMessage("Export a certificate","Please select a certificate in the list.");
else {
int size = ((IStructuredSelection)selection).size();
String[] selected_aliases = new String[size];
int i=0;
IStructuredSelection struct_sel = (IStructuredSelection)selection;
for (Iterator iterator = struct_sel.iterator(); iterator.hasNext();) {
KeystoreEntry type = iterator.next();
selected_aliases[i++] = type.getKeystoreAlias();
}
//Launch Wizard to get PDF Signature Parameters
ExportKeysCertificatesWizard exportWizard = new ExportKeysCertificatesWizard(selected_aliases);
WizardDialog dialog = new WizardDialog(PlatformUI.getWorkbench().getActiveWorkbenchWindow().getShell(), exportWizard);
if ( dialog.open() != Window.OK ) {
log.info("Keys and certificate export wizard cancelled");
return;
}
}
}
}
class ChangePasswordAction extends Action {
IViewPart vp;
public ChangePasswordAction(IViewPart mvp) {
setText("Change &Passphrase");
setToolTipText("Change the selected private key passphrase");
setImageDescriptor(GUIIcons.LOCK_ICON);
vp = mvp;
}
public void run() {
ISelection selection = viewer.getSelection();
if (selection.isEmpty())
RCPGUI.infoMessage("Change private key passphrase","Please select one entry in the list.");
else {
String[] aliases_to_reset_pwd = getSelectedAlias();
IUserKeystore userks = EPKeystoreManager.getInstance().getUserkeystore();
String initial_default_alias = userks.getDefaultAlias();
for (String alias : aliases_to_reset_pwd) {
userks.setDefaultAlias(alias);
X509Certificate[] cc = userks.getX509CertificateChain();
userks.loadPrivateKey();
PrivateKey pk = userks.getPrivateKey();
PinOrPassphraseWizard passphraseWizard = new PinOrPassphraseWizard(true, true, alias );
String pwd = passphraseWizard.askForSecret();
if (pwd != null) {
try {
userks.getKeystore().setKeyEntry(alias, pk, pwd.toCharArray(), cc);
} catch (KeyStoreException e) {
log.error("Error while changing private key password", e);
}
}
}
userks.setDefaultAlias(initial_default_alias);
//eParapherTools.infoMessage("Change private key passphrase","Not implemented yet");
}
}
}
class NewX509Action extends Action {
public NewX509Action() {
setText("New certificate");
setToolTipText("Create a new X509 certificate");
setImageDescriptor(GUIIcons.NEW_CERT_ICON);
}
public void run() {
if (!EPKeystoreManager.getInstance().getUserkeystore().loadKeyStore()) {
log.info("Cannot create a new keypair if the keystore is not loaded");
return;
}
NewCertificateWizard newCertWizard = new NewCertificateWizard();
WizardDialog dialog = new WizardDialog(PlatformUI.getWorkbench().getActiveWorkbenchWindow().getShell(), newCertWizard);
if ( dialog.open() != Window.OK ) {
log.info("New Certificate wizard cancelled");
} else {
viewer.refresh();
if (newCertWizard.isCSR()) {
CertificateRequestViewerDialog csrdialog = new CertificateRequestViewerDialog(newCertWizard.getCSRFile());
csrdialog.open();
}
if (newCertWizard.isSelfSignedCert()) {
CertificateViewerDialog csrdialog = new CertificateViewerDialog(newCertWizard.getGeneratedCertificate());
csrdialog.open();
}
}
}
}
class NewSymKeyAction extends Action {
public NewSymKeyAction() {
setText("New Secret Key");
//setToolTipText("Generate a new Symetric Key");
setToolTipText("Coming soon");
setImageDescriptor(GUIIcons.NEW_KEY_ICON);
setEnabled(false);
}
public void run() {
if (!EPKeystoreManager.getInstance().getUserkeystore().loadKeyStore()) {
log.info("Cannot create a new key if the keystore is not loaded");
return;
}
//test the
if (!EPKeystoreManager.isBCUsed()) {
}
RCPGUI.infoMessage("Generate a new secret key", "Not implemented yet, sorry.");
}
}
class SelectAliasAction extends Action {
public SelectAliasAction() {
setText("Select as Default Certificate");
setToolTipText("Select this certificate as a the defaultCertificate for signing");
setImageDescriptor(GUIIcons.CERT_DEF_ICON);
}
public void run() {
ISelection selection = viewer.getSelection();
if (selection.isEmpty())
RCPGUI.infoMessage("Default certificate","Please select first a certificate in the list.");
if ( ((IStructuredSelection)selection).size() !=1 )
RCPGUI.infoMessage("Default certificate","Please select only one certificate.");
else {
Object obj = ((IStructuredSelection)selection).getFirstElement();
KeystoreEntry kse = (KeystoreEntry) obj;
if (kse.getCertificateChain() != null && kse.getCertificateChain().length!=0 ) {
String selectedAlias = kse.getKeystoreAlias();
IUserKeystore userKeystore = EPKeystoreManager.getInstance().getUserkeystore();
userKeystore.setDefaultAlias(selectedAlias);
viewer.refresh();
} else {
RCPGUI.infoMessage("Default certificate","Cannot set this entry as the default one's for signature : there is no certificate.");
}
}
}
}
}