From 888b67347c880448e4d3c008562feca33edaead3 Mon Sep 17 00:00:00 2001 From: Takuya Ono Date: Sun, 8 May 2011 05:17:41 +0900 Subject: [PATCH] ADD: Untrusted server connection waring dialog support. (Not test yet) --- .../checksmtp/ssl/RespondingX509TrustManager.java | 47 +++++- .../checksmtp/ssl/WarningServerTrustFrame.form | 115 +++++++++++++++ .../checksmtp/ssl/WarningServerTrustFrame.java | 162 +++++++++++++++++++++ 3 files changed, 317 insertions(+), 7 deletions(-) create mode 100644 src/org/jent/checksmtp/ssl/WarningServerTrustFrame.form create mode 100644 src/org/jent/checksmtp/ssl/WarningServerTrustFrame.java diff --git a/src/org/jent/checksmtp/ssl/RespondingX509TrustManager.java b/src/org/jent/checksmtp/ssl/RespondingX509TrustManager.java index 8858b64..f5810fa 100644 --- a/src/org/jent/checksmtp/ssl/RespondingX509TrustManager.java +++ b/src/org/jent/checksmtp/ssl/RespondingX509TrustManager.java @@ -4,9 +4,6 @@ */ package org.jent.checksmtp.ssl; -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; import java.security.KeyStore; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; @@ -20,12 +17,17 @@ import javax.net.ssl.X509TrustManager; * @author takuya-o@users.sourceforge.jp "Takuya Ono" */ public class RespondingX509TrustManager implements X509TrustManager { + //Conform status. + + private final int RESULT_UNKNOWN = 0; + private final int RESULT_YES = 1; + private final int RESULT_NO = 2; + private int result = RESULT_UNKNOWN; /* * The default PKIX X509TrustManager9. We'll delegate * decisions to it, and fall back to the logic in this class if the * default X509TrustManager doesn't trust it. */ - X509TrustManager pkixTrustManager; public RespondingX509TrustManager() throws Exception { @@ -33,7 +35,7 @@ public class RespondingX509TrustManager implements X509TrustManager { //KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX"); - tmf.init((KeyStore)null); //Default KeyStore by null argument. + tmf.init((KeyStore) null); //Default KeyStore by null argument. TrustManager tms[] = tmf.getTrustManagers(); @@ -81,7 +83,7 @@ public class RespondingX509TrustManager implements X509TrustManager { if (chain != null) { System.out.println("Server certificate chain:"); for (int i = 0; i < chain.length; i++) { - System.out.println("X509Certificate[" + i + "]=" + chain[i].getSubjectDN() ); + System.out.println("X509Certificate[" + i + "]=" + chain[i].getSubjectDN()); } } try { @@ -92,7 +94,24 @@ public class RespondingX509TrustManager implements X509TrustManager { * cert chain. */ //TODO: Pop up waring dialog. - System.err.println("Connecting untrusted SMTP server." + chain[0].getSubjectDN() ); + result = RESULT_UNKNOWN; + new WarningServerTrustFrame(this, chain); + while (result == RESULT_UNKNOWN) { + try { + synchronized (this) { + wait(); + } + } catch (InterruptedException e) { + System.err.println("Waring dialog wait interrupted"); + e.printStackTrace(); + } + } + if ( result == RESULT_YES) { + //TODO: 何回もサーバの信頼を確認しないようにする。 + System.err.println("Connecting untrusted SMTP server." + chain[0].getSubjectDN()); + } else { + throw excep; + } } } @@ -102,4 +121,18 @@ public class RespondingX509TrustManager implements X509TrustManager { public X509Certificate[] getAcceptedIssuers() { return pkixTrustManager.getAcceptedIssuers(); } + + public void pushYes() { + result = RESULT_YES; + notifyResult(); + } + + public void pushNo() { + result = RESULT_NO; + notifyResult(); + } + + private synchronized void notifyResult() { + notify(); + } } diff --git a/src/org/jent/checksmtp/ssl/WarningServerTrustFrame.form b/src/org/jent/checksmtp/ssl/WarningServerTrustFrame.form new file mode 100644 index 0000000..02c1325 --- /dev/null +++ b/src/org/jent/checksmtp/ssl/WarningServerTrustFrame.form @@ -0,0 +1,115 @@ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
diff --git a/src/org/jent/checksmtp/ssl/WarningServerTrustFrame.java b/src/org/jent/checksmtp/ssl/WarningServerTrustFrame.java new file mode 100644 index 0000000..ef0b786 --- /dev/null +++ b/src/org/jent/checksmtp/ssl/WarningServerTrustFrame.java @@ -0,0 +1,162 @@ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ + +/* + * WarningServerTrustFrame.java + * + * Created on 2011/05/08, 4:36:36 + */ +package org.jent.checksmtp.ssl; + +import java.awt.Dimension; +import java.awt.Toolkit; +import java.security.cert.X509Certificate; + +/** + * + * @author Takuya Ono + */ +public class WarningServerTrustFrame extends javax.swing.JFrame { + RespondingX509TrustManager trustManager; + + /** Creates new form WarningServerTrustFrame */ + public WarningServerTrustFrame(RespondingX509TrustManager trustManager, X509Certificate[] chain) { + super(); //paranoia statement. + this.trustManager = trustManager; + initComponents(); + jTextField.setText(chain[0].getSubjectDN().toString()); + jTextArea.setText(chain.toString()); + + //Move to screen center. + Dimension screenSize = Toolkit.getDefaultToolkit().getScreenSize(); + Dimension frameSize = getSize(); + if (frameSize.height > screenSize.height) { + frameSize.height = screenSize.height; + } + if (frameSize.width > screenSize.width) { + frameSize.width = screenSize.width; + } + this.setBounds( + (screenSize.width - frameSize.width) / 2, + (screenSize.height - frameSize.height) / 2, + frameSize.width, frameSize.height); + + setVisible(true); + } + + /** This method is called from within the constructor to + * initialize the form. + * WARNING: Do NOT modify this code. The content of this method is + * always regenerated by the Form Editor. + */ + // //GEN-BEGIN:initComponents + private void initComponents() { + + jButtonYes = new javax.swing.JButton(); + jButtonNG = new javax.swing.JButton(); + jLabel1 = new javax.swing.JLabel(); + jScrollPane1 = new javax.swing.JScrollPane(); + jTextArea = new javax.swing.JTextArea(); + jTextField = new javax.swing.JTextField(); + + setDefaultCloseOperation(javax.swing.WindowConstants.EXIT_ON_CLOSE); + + jButtonYes.setText("Yes"); + jButtonYes.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + jButtonYesActionPerformed(evt); + } + }); + + jButtonNG.setText("No"); + jButtonNG.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + jButtonNGActionPerformed(evt); + } + }); + + jLabel1.setText("Warning: Untrusted Server Connection"); + + jTextArea.setColumns(20); + jTextArea.setEditable(false); + jTextArea.setRows(5); + jScrollPane1.setViewportView(jTextArea); + + jTextField.setEditable(false); + jTextField.setText("jTextField1"); + + javax.swing.GroupLayout layout = new javax.swing.GroupLayout(getContentPane()); + getContentPane().setLayout(layout); + layout.setHorizontalGroup( + layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, layout.createSequentialGroup() + .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) + .addGroup(layout.createSequentialGroup() + .addContainerGap() + .addComponent(jScrollPane1, javax.swing.GroupLayout.DEFAULT_SIZE, 340, Short.MAX_VALUE) + .addGap(12, 12, 12)) + .addGroup(javax.swing.GroupLayout.Alignment.LEADING, layout.createSequentialGroup() + .addGap(106, 106, 106) + .addComponent(jButtonYes) + .addGap(53, 53, 53) + .addComponent(jButtonNG)) + .addGroup(javax.swing.GroupLayout.Alignment.LEADING, layout.createSequentialGroup() + .addContainerGap() + .addComponent(jLabel1)) + .addGroup(javax.swing.GroupLayout.Alignment.LEADING, layout.createSequentialGroup() + .addContainerGap() + .addComponent(jTextField, javax.swing.GroupLayout.DEFAULT_SIZE, 352, Short.MAX_VALUE))) + .addGap(0, 0, 0)) + ); + layout.setVerticalGroup( + layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, layout.createSequentialGroup() + .addContainerGap() + .addComponent(jLabel1, javax.swing.GroupLayout.PREFERRED_SIZE, 15, javax.swing.GroupLayout.PREFERRED_SIZE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addComponent(jTextField, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addComponent(jScrollPane1, javax.swing.GroupLayout.DEFAULT_SIZE, 219, Short.MAX_VALUE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(jButtonNG) + .addComponent(jButtonYes)) + .addContainerGap()) + ); + + pack(); + }// //GEN-END:initComponents + + private void jButtonYesActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButtonYesActionPerformed + trustManager.pushYes(); + dispose(); + }//GEN-LAST:event_jButtonYesActionPerformed + + private void jButtonNGActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButtonNGActionPerformed + trustManager.pushNo(); + dispose(); + }//GEN-LAST:event_jButtonNGActionPerformed + + /** + * @param args the command line arguments + * + public static void main(String args[]) { + java.awt.EventQueue.invokeLater(new Runnable() { + + public void run() { + new WarningServerTrustFrame().setVisible(true); + } + }); + }*/ + + // Variables declaration - do not modify//GEN-BEGIN:variables + private javax.swing.JButton jButtonNG; + private javax.swing.JButton jButtonYes; + private javax.swing.JLabel jLabel1; + private javax.swing.JScrollPane jScrollPane1; + private javax.swing.JTextArea jTextArea; + private javax.swing.JTextField jTextField; + // End of variables declaration//GEN-END:variables +} -- 2.11.0