Improve keystore error handling

6 files changed, 115 insertions, 32 deletions

diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/KeystoreConfigurationComposite.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/KeystoreConfigurationComposite.java
index 6170f22e..7970e145 100644
--- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/KeystoreConfigurationComposite.java
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/KeystoreConfigurationComposite.java
@@ -53,7 +53,9 @@ import at.asit.pdfover.gui.controls.Dialog.BUTTONS;
 import at.asit.pdfover.gui.controls.ErrorDialog;
 import at.asit.pdfover.gui.exceptions.CantLoadKeystoreException;
 import at.asit.pdfover.gui.exceptions.KeystoreAliasDoesntExistException;
+import at.asit.pdfover.gui.exceptions.KeystoreAliasNoKeyException;
 import at.asit.pdfover.gui.exceptions.KeystoreDoesntExistException;
+import at.asit.pdfover.gui.exceptions.KeystoreKeyPasswordException;
 import at.asit.pdfover.gui.utils.Messages;
 import at.asit.pdfover.gui.workflow.config.ConfigManipulator;
 import at.asit.pdfover.gui.workflow.config.ConfigurationContainer;
@@ -492,16 +494,12 @@ public class KeystoreConfigurationComposite extends BaseConfigurationComposite {
 	 */
 	@Override
 	public void initConfiguration(PersistentConfigProvider provider) {
-		this.configurationContainer.setKeyStoreFile(
-				provider.getKeyStoreFilePersistent());
-		this.configurationContainer.setKeyStoreType(
-				provider.getKeyStoreTypePersistent());
-		this.configurationContainer.setKeyStoreAlias(
-				provider.getKeyStoreAliasPersistent());
-		this.configurationContainer.setKeyStoreStorePass(
-				provider.getKeyStoreStorePassPersistent());
-		this.configurationContainer.setKeyStoreKeyPass(
-				provider.getKeyStoreKeyPassPersistent());
+		ConfigurationContainer config = this.configurationContainer;
+		config.setKeyStoreFile(provider.getKeyStoreFilePersistent());
+		config.setKeyStoreType(provider.getKeyStoreTypePersistent());
+		config.setKeyStoreAlias(provider.getKeyStoreAliasPersistent());
+		config.setKeyStoreStorePass(provider.getKeyStoreStorePassPersistent());
+		config.setKeyStoreKeyPass(provider.getKeyStoreKeyPassPersistent());
 	}
 
 	/*
@@ -512,12 +510,11 @@ public class KeystoreConfigurationComposite extends BaseConfigurationComposite {
 	@Override
 	public void loadConfiguration() {
 		// Initialize form fields from configuration Container
-		String ks = this.configurationContainer.getKeyStoreFile();
+		ConfigurationContainer config = this.configurationContainer;
+		String ks = config.getKeyStoreFile();
 		performKeystoreFileChanged(ks);
-		performKeystoreTypeChanged(
-				this.configurationContainer.getKeyStoreType());
-		performKeystoreStorePassChanged(
-				this.configurationContainer.getKeyStoreStorePass());
+		performKeystoreTypeChanged(config.getKeyStoreType());
+		performKeystoreStorePassChanged(config.getKeyStoreStorePass());
 		try {
 			File ksf = new File(ks);
 			if (ksf.exists())
@@ -525,10 +522,8 @@ public class KeystoreConfigurationComposite extends BaseConfigurationComposite {
 		} catch (Exception e) {
 			log.error("Error loading keystore", e); //$NON-NLS-1$
 		}
-		performKeystoreAliasChanged(
-				this.configurationContainer.getKeyStoreAlias());
-		performKeystoreKeyPassChanged(
-				this.configurationContainer.getKeyStoreKeyPass());
+		performKeystoreAliasChanged(config.getKeyStoreAlias());
+		performKeystoreKeyPassChanged(config.getKeyStoreKeyPass());
 	}
 
 	/* (non-Javadoc)
@@ -537,11 +532,12 @@ public class KeystoreConfigurationComposite extends BaseConfigurationComposite {
 	@Override
 	public void storeConfiguration(ConfigManipulator store,
 			PersistentConfigProvider provider) {
-		store.setKeyStoreFile(this.configurationContainer.getKeyStoreFile());
-		store.setKeyStoreType(this.configurationContainer.getKeyStoreType());
-		store.setKeyStoreAlias(this.configurationContainer.getKeyStoreAlias());
-		store.setKeyStoreStorePass(this.configurationContainer.getKeyStoreStorePass());
-		store.setKeyStoreKeyPass(this.configurationContainer.getKeyStoreKeyPass());
+		ConfigurationContainer config = this.configurationContainer;
+		store.setKeyStoreFile(config.getKeyStoreFile());
+		store.setKeyStoreType(config.getKeyStoreType());
+		store.setKeyStoreAlias(config.getKeyStoreAlias());
+		store.setKeyStoreStorePass(config.getKeyStoreStorePass());
+		store.setKeyStoreKeyPass(config.getKeyStoreKeyPass());
 	}
 
 	/*
@@ -553,26 +549,38 @@ public class KeystoreConfigurationComposite extends BaseConfigurationComposite {
 	 */
 	@Override
 	public void validateSettings(int resumeFrom) throws Exception {
+		ConfigurationContainer config = this.configurationContainer;
 		switch (resumeFrom) {
 		case 0:
-			String fname = this.configurationContainer.getKeyStoreFile();
+			String fname = config.getKeyStoreFile();
 			if (fname.isEmpty())
 				break; //no checks required
 			File f = new File(fname);
 			if (!f.exists() || !f.isFile())
-				throw new KeystoreDoesntExistException(f, 3); //skip next checks
+				throw new KeystoreDoesntExistException(f, 4); //skip next checks
 			// Fall through
 		case 1:
 			try {
 				loadKeystore();
 			} catch (Exception e) {
-				throw new CantLoadKeystoreException(e, 3); //skip next check
+				throw new CantLoadKeystoreException(e, 4); //skip next checks
 			}
 			// Fall through
 		case 2:
-			String alias = this.configurationContainer.getKeyStoreAlias();
+			String alias = config.getKeyStoreAlias();
 			if (!this.ks.containsAlias(alias))
-				throw new KeystoreAliasDoesntExistException(alias, 3);
+				throw new KeystoreAliasDoesntExistException(alias, 4); //skip next check
+			if (!this.ks.isKeyEntry(alias))
+				throw new KeystoreAliasNoKeyException(alias, 4); //skip next check
+			// Fall through
+		case 3:
+			try {
+				alias = config.getKeyStoreAlias();
+				String keypass = config.getKeyStoreKeyPass();
+				this.ks.getKey(alias, keypass.toCharArray());
+			} catch (Exception e) {
+				throw new KeystoreKeyPasswordException(4);
+			}
 		}
 	}
 
diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreAliasDoesntExistException.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreAliasDoesntExistException.java
index 591af5f5..45db46e6 100644
--- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreAliasDoesntExistException.java
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreAliasDoesntExistException.java
@@ -31,6 +31,6 @@ public class KeystoreAliasDoesntExistException extends ResumableException {
 	 * @param resumeIndex The resume Index
 	 */
 	public KeystoreAliasDoesntExistException(final String alias, int resumeIndex) {
-		super(String.format(Messages.getString("error.KeyStoreAlias"), alias), resumeIndex); //$NON-NLS-1$
+		super(String.format(Messages.getString("error.KeyStoreAliasExist"), alias), resumeIndex); //$NON-NLS-1$
 	}
 }
diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreAliasNoKeyException.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreAliasNoKeyException.java
new file mode 100644
index 00000000..535945cb
--- /dev/null
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreAliasNoKeyException.java
@@ -0,0 +1,36 @@
+/*
+ * Copyright 2012 by A-SIT, Secure Information Technology Center Austria
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://joinup.ec.europa.eu/software/page/eupl
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ */
+package at.asit.pdfover.gui.exceptions;
+
+import at.asit.pdfover.gui.utils.Messages;
+
+/**
+ *
+ */
+public class KeystoreAliasNoKeyException extends ResumableException {
+	/**
+	 * 
+	 */
+	private static final long serialVersionUID = -4030764219866181859L;
+
+	/**
+	 * @param alias The keystore key alias
+	 * @param resumeIndex The resume Index
+	 */
+	public KeystoreAliasNoKeyException(final String alias, int resumeIndex) {
+		super(String.format(Messages.getString("error.KeyStoreAliasNoKey"), alias), resumeIndex); //$NON-NLS-1$
+	}
+}
diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreKeyPasswordException.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreKeyPasswordException.java
new file mode 100644
index 00000000..a63e00c0
--- /dev/null
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreKeyPasswordException.java
@@ -0,0 +1,35 @@
+/*
+ * Copyright 2012 by A-SIT, Secure Information Technology Center Austria
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://joinup.ec.europa.eu/software/page/eupl
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ */
+package at.asit.pdfover.gui.exceptions;
+
+import at.asit.pdfover.gui.utils.Messages;
+
+/**
+ *
+ */
+public class KeystoreKeyPasswordException extends ResumableException {
+	/**
+	 * 
+	 */
+	private static final long serialVersionUID = 7734648200275150410L;
+
+	/**
+	 * @param resumeIndex The resume Index
+	 */
+	public KeystoreKeyPasswordException(int resumeIndex) {
+		super(Messages.getString("error.KeyStoreKeyPass"), resumeIndex); //$NON-NLS-1$
+	}
+}
diff --git a/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages.properties b/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages.properties
index fab1103a..cc751588 100644
--- a/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages.properties
+++ b/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages.properties
@@ -121,8 +121,10 @@ error.InvalidLocale=Locale not valid
 error.InvalidPhoneNumber=Given phone number is invalid\! Example\: +43664123456789
 error.InvalidSettings=Invalid settings are still present. Please check your input.
 error.KeyStore=Error loading they keystore. Wrong password?
-error.KeyStoreAlias=Key alias %s not found in keystore
+error.KeyStoreAliasExist=Key alias %s not found in keystore
+error.KeyStoreAliasNoKey=Alias %s is not a key
 error.KeyStoreFileNotExist=Keystore file %s does not exist\!
+error.KeyStoreKeyPass=Key password invalid
 error.LocalBKU=Please check if a local CCE (citizen card environment) is running\n\nYou need a CCE to access your citizen card. Further information under www.buergerkarte.at
 error.MayNotBeAPDF=This may not be a PDF file
 error.NoTan=No TAN entered
diff --git a/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages_de.properties b/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages_de.properties
index 29e2e958..33e1c785 100644
--- a/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages_de.properties
+++ b/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages_de.properties
@@ -121,8 +121,10 @@ error.InvalidLocale=Ung\u00FCltige Sprache
 error.InvalidPhoneNumber=Telefonnummer ung\u00FCltig\! Beispiel\: +43664123456789
 error.InvalidSettings=Ung\u00FCltige Einstellungen vorhanden. Bitte \u00FCberpr\u00FCfen.
 error.KeyStore=Fehler beim Laden des KeyStores. Falsches Passwort?
-error.KeyStoreAlias=Key-Alias %s nicht im Keystore gefunden
+error.KeyStoreAliasExist=Key-Alias %s nicht im Keystore gefunden
+error.KeyStoreAliasNoKey=Alias %s ist kein Schlüssel
 error.KeyStoreFileNotExist=Keystore-Datei %s existiert nicht\!
+error.KeyStoreKeyPass=Schl\u00FCssel-Passwort nicht akzeptiert
 error.LocalBKU=Bitte pr\u00FCfen sie, ob Ihre lokale BKU (B\u00FCrgerkartenumgebung) l\u00E4uft\n\nSie ben\u00F6tigen eine BKU, um auf Ihre B\u00FCrgerkarte zuzugreifen. Weitere Informationen unter www.buergerkarte.at
 error.MayNotBeAPDF=Dies ist m\u00F6glicherweise keine PDF-Datei
 error.NoTan=Keine TAN eingeben