swingui.java

jxta的例子

                return;
            }

            net.jxta.impl.protocol.CertificateSigningRequest csr_msg = new net.jxta.impl.protocol.CertificateSigningRequest(
                    csr_doc);

            csr = csr_msg.getCSR();
        } catch (IOException failed) {
            authenticationStatus.setText("Failed to read certificate signing request: " + failed);
            return;
        }

        // set validity 10 years from today
        Date today = new Date();
        Calendar cal = Calendar.getInstance();

        cal.setTime(today);
        cal.add(Calendar.DATE, 10 * 365);
        Date until = cal.getTime();

        // generate cert
        try {
            X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();

            certGen.setIssuerDN(new X509Principal(true, issuer.cert.getSubjectX500Principal().getName()));
            certGen.setSubjectDN(csr.getCertificationRequestInfo().getSubject());
            certGen.setNotBefore(today);
            certGen.setNotAfter(until);
            certGen.setPublicKey(csr.getPublicKey());
            // certGen.setSignatureAlgorithm("SHA1withDSA");
            certGen.setSignatureAlgorithm("SHA1withRSA");
            // FIXME bondolo 20040317 needs fixing.
            certGen.setSerialNumber(BigInteger.valueOf(1));

            // return issuer info for generating service cert

            // the cert
            X509Certificate newCert = certGen.generateX509Certificate(issuer.subjectPkey);

            net.jxta.impl.protocol.Certificate cert_msg = new net.jxta.impl.protocol.Certificate();

            List<X509Certificate> newChain = new ArrayList<X509Certificate>(Arrays.asList(issuerChain));

            newChain.add(0, newCert);

            cert_msg.setCertificates(newChain);

            XMLDocument asXML = (XMLDocument) cert_msg.getDocument(MimeMediaType.XMLUTF8);

            JFileChooser fc = new JFileChooser();

            // In response to a button click:
            int returnVal = fc.showSaveDialog(this);

            if (returnVal == JFileChooser.APPROVE_OPTION) {
                FileWriter csr_file = new FileWriter(fc.getSelectedFile());

                asXML.sendToWriter(csr_file);

                csr_file.close();

                authenticationStatus.setText("Signed admin certificate saved.");
            } else {
                authenticationStatus.setText("Save admin certificate cancelled.");
            }
        } catch (NoSuchAlgorithmException failed) {
            authenticationStatus.setText("Certificate signing failed:" + failed.getMessage());
        } catch (NoSuchProviderException failed) {
            authenticationStatus.setText("Certificate signing failed:" + failed.getMessage());
        } catch (InvalidKeyException failed) {
            authenticationStatus.setText("Certificate signing failed:" + failed.getMessage());
        } catch (SignatureException failed) {
            authenticationStatus.setText("Certificate signing failed:" + failed.getMessage());
        } catch (IOException failed) {
            authenticationStatus.setText("Certificate signing failed:" + failed.getMessage());
        }
    }// GEN-LAST:event_ownerSignCSRButtonActionPerformed

    private void ownerResignButtonActionPerformed(java.awt.event.ActionEvent evt) { // GEN-FIRST:event_ownerResignButtonActionPerformed
        if (null == ownerCredential) {
            authenticationStatus.setText("Already resigned.");
            return;
        }

        ownerCredential = null;
    }// GEN-LAST:event_ownerResignButtonActionPerformed

    private void ownerAuthenticateButtonActionPerformed(java.awt.event.ActionEvent evt) { // GEN-FIRST:event_ownerAuthenticateButtonActionPerformed
        if (null == membership.getDefaultCredential()) {
            // if the keychain hasn't been unlocked then set the keystore password.
            membership.getPSEConfig().setKeyStorePassword(keyStorePasswordField.getPassword());
        }

        StringAuthenticator ownerAuthenticator = null;

        try {
            AuthenticationCredential application = new AuthenticationCredential(group, "StringAuthentication", null);

            ownerAuthenticator = (StringAuthenticator) membership.apply(application);
        } catch (ProtocolNotSupportedException noAuthenticator) {
            authenticationStatus.setText("Could not create authenticator: " + noAuthenticator.getMessage());
            return;
        }

        ownerAuthenticator.setAuth1_KeyStorePassword(keyStorePasswordField.getPassword());
        ownerAuthenticator.setAuth2Identity(group.getPeerGroupID());
        ownerAuthenticator.setAuth3_IdentityPassword(ownerPasswordField.getPassword());

        // clear the password
        ownerPasswordField.setText("");

        try {
            ownerCredential = (PSECredential) membership.join(ownerAuthenticator);

            authenticationStatus.setText("Owner authentication successful.");
        } catch (PeerGroupException failed) {
            authenticationStatus.setText("Owner authentication failed: " + failed.getMessage());
        }
    }// GEN-LAST:event_ownerAuthenticateButtonActionPerformed

    private void memberResignButtonActionPerformed(java.awt.event.ActionEvent evt) { // GEN-FIRST:event_memberResignButtonActionPerformed
        if (null == memberCredential) {
            authenticationStatus.setText("Already resigned.");
            return;
        }

        memberGenerateCSRButton.setEnabled(false);
        memberResignButton.setEnabled(false);

        memberCredential = null;
    }// GEN-LAST:event_memberResignButtonActionPerformed

    private void memberImportCertButtonActionPerformed(java.awt.event.ActionEvent evt) { // GEN-FIRST:event_memberImportCertButtonActionPerformed
        if (null == memberCredential) {
            authenticationStatus.setText("Not authenticated -- cannot import certificates.");
            return;
        }

        JFileChooser fc = new JFileChooser();

        // In response to a button click:
        int returnVal = fc.showOpenDialog(this);

        XMLDocument certs_doc = null;

        try {
            if (returnVal == JFileChooser.APPROVE_OPTION) {
                FileReader certs_file = new FileReader(fc.getSelectedFile());

                certs_doc = (XMLDocument) StructuredDocumentFactory.newStructuredDocument(MimeMediaType.XMLUTF8, certs_file);

                certs_file.close();
            } else {
                authenticationStatus.setText("Certificate import cancelled.");
                return;
            }
        } catch (IOException failed) {
            authenticationStatus.setText("Certificate import failed: " + failed.getMessage());
        }

        Certificate cert_msg = new Certificate(certs_doc);

        try {
            Iterator<X509Certificate> sourceChain = Arrays.asList(cert_msg.getCertificates()).iterator();

            int imported = 0;
            X509Certificate aCert = sourceChain.next();
            ID createid = group.getPeerGroupID();

            do {
                if (null != membership.getPSEConfig().getTrustedCertificateID(aCert)) {
                    break;
                }

                membership.getPSEConfig().erase(createid);
                membership.getPSEConfig().setTrustedCertificate(createid, aCert);
                imported++;

                // create a codat id for the next certificate in the chain.
                aCert = null;
                if (sourceChain.hasNext()) {
                    aCert = sourceChain.next();

                    if (null != membership.getPSEConfig().getTrustedCertificateID(aCert)) {
                        // it's already in the pse, time to bail!
                        break;
                    }

                    byte[] der = aCert.getEncoded();

                    createid = IDFactory.newCodatID(group.getPeerGroupID(), new ByteArrayInputStream(der));
                }
            } while (null != aCert);

            authenticationStatus.setText(" Imported " + imported + " certificates. ");
        } catch (CertificateEncodingException failure) {
            authenticationStatus.setText("Bad certificate: " + failure);
        } catch (KeyStoreException failure) {
            authenticationStatus.setText("KeyStore failure while importing certificate: " + failure);
        } catch (IOException failure) {
            authenticationStatus.setText("IO failure while importing certificate: " + failure);
        }
    }// GEN-LAST:event_memberImportCertButtonActionPerformed

    private void adminSignCSRButtonActionPerformed(java.awt.event.ActionEvent evt) { // GEN-FIRST:event_adminSignCSRButtonActionPerformed
        if (null == memberCredential) {
            authenticationStatus.setText("Not authenticated -- cannot sign certificates.");
            return;
        }

        PSEUtils.IssuerInfo issuer = null;
        X509Certificate[] issuerChain = null;

        issuerChain = memberCredential.getCertificateChain();

        PrivateKey issuerKey = null;

        try {
            issuerKey = memberCredential.getPrivateKey();
        } catch (IllegalStateException notLocal) {
            ;
        }

        if (null == issuerKey) {
            authenticationStatus.setText("Credential is not a local login credential.");
            return;
        }

        issuer = new PSEUtils.IssuerInfo();

        issuer.cert = issuerChain[0];
        issuer.subjectPkey = issuerKey;
        org.bouncycastle.jce.PKCS10CertificationRequest csr;

        try {
            JFileChooser fc = new JFileChooser();

            // In response to a button click:
            int returnVal = fc.showOpenDialog(this);

            XMLDocument csr_doc = null;

            if (returnVal == JFileChooser.APPROVE_OPTION) {
                FileReader csr_file = new FileReader(fc.getSelectedFile());

                csr_doc = (XMLDocument) StructuredDocumentFactory.newStructuredDocument(MimeMediaType.XMLUTF8, csr_file);

                csr_file.close();
            } else {
                authenticationStatus.setText("Certificate Signing cancelled.");
                return;
            }

            net.jxta.impl.protocol.CertificateSigningRequest csr_msg = new net.jxta.impl.protocol.CertificateSigningRequest(
                    csr_doc);

            csr = csr_msg.getCSR();
        } catch (IOException failed) {
            authenticationStatus.setText("Failed to read certificate signing request: " + failed);
            return;
        }

        // set validity 10 years from today
        Date today = new Date();
        Calendar cal = Calendar.getInstance();

        cal.setTime(today);
        cal.add(Calendar.DATE, 10 * 365);
        Date until = cal.getTime();

        // generate cert
        try {
            X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();

            certGen.setIssuerDN(new X509Principal(true, issuer.cert.getSubjectX500Principal().getName()));
            certGen.setSubjectDN(csr.getCertificationRequestInfo().getSubject());
            certGen.setNotBefore(today);
            certGen.setNotAfter(until);
            certGen.setPublicKey(csr.getPublicKey());
            // certGen.setSignatureAlgorithm("SHA1withDSA");
            certGen.setSignatureAlgorithm("SHA1withRSA");
            // FIXME bondolo 20040317 needs fixing.
            certGen.setSerialNumber(BigInteger.valueOf(1));

            // return issuer info for generating service cert

            // the cert