From 379ac5f86f30d6a3ebe52bb34fc0a8afee763e5d Mon Sep 17 00:00:00 2001 From: Tobias Kellner Date: Wed, 16 Dec 2015 11:11:55 +0100 Subject: Improve keystore error handling --- .../composites/KeystoreConfigurationComposite.java | 66 ++++++++++++---------- .../KeystoreAliasDoesntExistException.java | 2 +- .../exceptions/KeystoreAliasNoKeyException.java | 36 ++++++++++++ .../exceptions/KeystoreKeyPasswordException.java | 35 ++++++++++++ .../at/asit/pdfover/gui/messages.properties | 4 +- .../at/asit/pdfover/gui/messages_de.properties | 4 +- 6 files changed, 115 insertions(+), 32 deletions(-) create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreAliasNoKeyException.java create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreKeyPasswordException.java (limited to 'pdf-over-gui/src/main') diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/KeystoreConfigurationComposite.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/KeystoreConfigurationComposite.java index 6170f22e..7970e145 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/KeystoreConfigurationComposite.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/KeystoreConfigurationComposite.java @@ -53,7 +53,9 @@ import at.asit.pdfover.gui.controls.Dialog.BUTTONS; import at.asit.pdfover.gui.controls.ErrorDialog; import at.asit.pdfover.gui.exceptions.CantLoadKeystoreException; import at.asit.pdfover.gui.exceptions.KeystoreAliasDoesntExistException; +import at.asit.pdfover.gui.exceptions.KeystoreAliasNoKeyException; import at.asit.pdfover.gui.exceptions.KeystoreDoesntExistException; +import at.asit.pdfover.gui.exceptions.KeystoreKeyPasswordException; import at.asit.pdfover.gui.utils.Messages; import at.asit.pdfover.gui.workflow.config.ConfigManipulator; import at.asit.pdfover.gui.workflow.config.ConfigurationContainer; @@ -492,16 +494,12 @@ public class KeystoreConfigurationComposite extends BaseConfigurationComposite { */ @Override public void initConfiguration(PersistentConfigProvider provider) { - this.configurationContainer.setKeyStoreFile( - provider.getKeyStoreFilePersistent()); - this.configurationContainer.setKeyStoreType( - provider.getKeyStoreTypePersistent()); - this.configurationContainer.setKeyStoreAlias( - provider.getKeyStoreAliasPersistent()); - this.configurationContainer.setKeyStoreStorePass( - provider.getKeyStoreStorePassPersistent()); - this.configurationContainer.setKeyStoreKeyPass( - provider.getKeyStoreKeyPassPersistent()); + ConfigurationContainer config = this.configurationContainer; + config.setKeyStoreFile(provider.getKeyStoreFilePersistent()); + config.setKeyStoreType(provider.getKeyStoreTypePersistent()); + config.setKeyStoreAlias(provider.getKeyStoreAliasPersistent()); + config.setKeyStoreStorePass(provider.getKeyStoreStorePassPersistent()); + config.setKeyStoreKeyPass(provider.getKeyStoreKeyPassPersistent()); } /* @@ -512,12 +510,11 @@ public class KeystoreConfigurationComposite extends BaseConfigurationComposite { @Override public void loadConfiguration() { // Initialize form fields from configuration Container - String ks = this.configurationContainer.getKeyStoreFile(); + ConfigurationContainer config = this.configurationContainer; + String ks = config.getKeyStoreFile(); performKeystoreFileChanged(ks); - performKeystoreTypeChanged( - this.configurationContainer.getKeyStoreType()); - performKeystoreStorePassChanged( - this.configurationContainer.getKeyStoreStorePass()); + performKeystoreTypeChanged(config.getKeyStoreType()); + performKeystoreStorePassChanged(config.getKeyStoreStorePass()); try { File ksf = new File(ks); if (ksf.exists()) @@ -525,10 +522,8 @@ public class KeystoreConfigurationComposite extends BaseConfigurationComposite { } catch (Exception e) { log.error("Error loading keystore", e); //$NON-NLS-1$ } - performKeystoreAliasChanged( - this.configurationContainer.getKeyStoreAlias()); - performKeystoreKeyPassChanged( - this.configurationContainer.getKeyStoreKeyPass()); + performKeystoreAliasChanged(config.getKeyStoreAlias()); + performKeystoreKeyPassChanged(config.getKeyStoreKeyPass()); } /* (non-Javadoc) @@ -537,11 +532,12 @@ public class KeystoreConfigurationComposite extends BaseConfigurationComposite { @Override public void storeConfiguration(ConfigManipulator store, PersistentConfigProvider provider) { - store.setKeyStoreFile(this.configurationContainer.getKeyStoreFile()); - store.setKeyStoreType(this.configurationContainer.getKeyStoreType()); - store.setKeyStoreAlias(this.configurationContainer.getKeyStoreAlias()); - store.setKeyStoreStorePass(this.configurationContainer.getKeyStoreStorePass()); - store.setKeyStoreKeyPass(this.configurationContainer.getKeyStoreKeyPass()); + ConfigurationContainer config = this.configurationContainer; + store.setKeyStoreFile(config.getKeyStoreFile()); + store.setKeyStoreType(config.getKeyStoreType()); + store.setKeyStoreAlias(config.getKeyStoreAlias()); + store.setKeyStoreStorePass(config.getKeyStoreStorePass()); + store.setKeyStoreKeyPass(config.getKeyStoreKeyPass()); } /* @@ -553,26 +549,38 @@ public class KeystoreConfigurationComposite extends BaseConfigurationComposite { */ @Override public void validateSettings(int resumeFrom) throws Exception { + ConfigurationContainer config = this.configurationContainer; switch (resumeFrom) { case 0: - String fname = this.configurationContainer.getKeyStoreFile(); + String fname = config.getKeyStoreFile(); if (fname.isEmpty()) break; //no checks required File f = new File(fname); if (!f.exists() || !f.isFile()) - throw new KeystoreDoesntExistException(f, 3); //skip next checks + throw new KeystoreDoesntExistException(f, 4); //skip next checks // Fall through case 1: try { loadKeystore(); } catch (Exception e) { - throw new CantLoadKeystoreException(e, 3); //skip next check + throw new CantLoadKeystoreException(e, 4); //skip next checks } // Fall through case 2: - String alias = this.configurationContainer.getKeyStoreAlias(); + String alias = config.getKeyStoreAlias(); if (!this.ks.containsAlias(alias)) - throw new KeystoreAliasDoesntExistException(alias, 3); + throw new KeystoreAliasDoesntExistException(alias, 4); //skip next check + if (!this.ks.isKeyEntry(alias)) + throw new KeystoreAliasNoKeyException(alias, 4); //skip next check + // Fall through + case 3: + try { + alias = config.getKeyStoreAlias(); + String keypass = config.getKeyStoreKeyPass(); + this.ks.getKey(alias, keypass.toCharArray()); + } catch (Exception e) { + throw new KeystoreKeyPasswordException(4); + } } } diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreAliasDoesntExistException.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreAliasDoesntExistException.java index 591af5f5..45db46e6 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreAliasDoesntExistException.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreAliasDoesntExistException.java @@ -31,6 +31,6 @@ public class KeystoreAliasDoesntExistException extends ResumableException { * @param resumeIndex The resume Index */ public KeystoreAliasDoesntExistException(final String alias, int resumeIndex) { - super(String.format(Messages.getString("error.KeyStoreAlias"), alias), resumeIndex); //$NON-NLS-1$ + super(String.format(Messages.getString("error.KeyStoreAliasExist"), alias), resumeIndex); //$NON-NLS-1$ } } diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreAliasNoKeyException.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreAliasNoKeyException.java new file mode 100644 index 00000000..535945cb --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreAliasNoKeyException.java @@ -0,0 +1,36 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.exceptions; + +import at.asit.pdfover.gui.utils.Messages; + +/** + * + */ +public class KeystoreAliasNoKeyException extends ResumableException { + /** + * + */ + private static final long serialVersionUID = -4030764219866181859L; + + /** + * @param alias The keystore key alias + * @param resumeIndex The resume Index + */ + public KeystoreAliasNoKeyException(final String alias, int resumeIndex) { + super(String.format(Messages.getString("error.KeyStoreAliasNoKey"), alias), resumeIndex); //$NON-NLS-1$ + } +} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreKeyPasswordException.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreKeyPasswordException.java new file mode 100644 index 00000000..a63e00c0 --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/exceptions/KeystoreKeyPasswordException.java @@ -0,0 +1,35 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.exceptions; + +import at.asit.pdfover.gui.utils.Messages; + +/** + * + */ +public class KeystoreKeyPasswordException extends ResumableException { + /** + * + */ + private static final long serialVersionUID = 7734648200275150410L; + + /** + * @param resumeIndex The resume Index + */ + public KeystoreKeyPasswordException(int resumeIndex) { + super(Messages.getString("error.KeyStoreKeyPass"), resumeIndex); //$NON-NLS-1$ + } +} diff --git a/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages.properties b/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages.properties index fab1103a..cc751588 100644 --- a/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages.properties +++ b/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages.properties @@ -121,8 +121,10 @@ error.InvalidLocale=Locale not valid error.InvalidPhoneNumber=Given phone number is invalid\! Example\: +43664123456789 error.InvalidSettings=Invalid settings are still present. Please check your input. error.KeyStore=Error loading they keystore. Wrong password? -error.KeyStoreAlias=Key alias %s not found in keystore +error.KeyStoreAliasExist=Key alias %s not found in keystore +error.KeyStoreAliasNoKey=Alias %s is not a key error.KeyStoreFileNotExist=Keystore file %s does not exist\! +error.KeyStoreKeyPass=Key password invalid error.LocalBKU=Please check if a local CCE (citizen card environment) is running\n\nYou need a CCE to access your citizen card. Further information under www.buergerkarte.at error.MayNotBeAPDF=This may not be a PDF file error.NoTan=No TAN entered diff --git a/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages_de.properties b/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages_de.properties index 29e2e958..33e1c785 100644 --- a/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages_de.properties +++ b/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages_de.properties @@ -121,8 +121,10 @@ error.InvalidLocale=Ung\u00FCltige Sprache error.InvalidPhoneNumber=Telefonnummer ung\u00FCltig\! Beispiel\: +43664123456789 error.InvalidSettings=Ung\u00FCltige Einstellungen vorhanden. Bitte \u00FCberpr\u00FCfen. error.KeyStore=Fehler beim Laden des KeyStores. Falsches Passwort? -error.KeyStoreAlias=Key-Alias %s nicht im Keystore gefunden +error.KeyStoreAliasExist=Key-Alias %s nicht im Keystore gefunden +error.KeyStoreAliasNoKey=Alias %s ist kein Schlüssel error.KeyStoreFileNotExist=Keystore-Datei %s existiert nicht\! +error.KeyStoreKeyPass=Schl\u00FCssel-Passwort nicht akzeptiert error.LocalBKU=Bitte pr\u00FCfen sie, ob Ihre lokale BKU (B\u00FCrgerkartenumgebung) l\u00E4uft\n\nSie ben\u00F6tigen eine BKU, um auf Ihre B\u00FCrgerkarte zuzugreifen. Weitere Informationen unter www.buergerkarte.at error.MayNotBeAPDF=Dies ist m\u00F6glicherweise keine PDF-Datei error.NoTan=Keine TAN eingeben -- cgit v1.2.3