/hg/icedtea-web: integrate multiple keystore support into certif...
omajid at icedtea.classpath.org
omajid at icedtea.classpath.org
Mon Nov 8 13:38:00 PST 2010
changeset 9dd09feb371b in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=9dd09feb371b
author: Omair Majid <omajid at redhat.com>
date: Mon Nov 08 16:36:17 2010 -0500
integrate multiple keystore support into certificate viewer
2010-11-04 Omair Majid <omajid at redhat.com>
*
netx/net/sourceforge/jnlp/runtime/DeploymentConfiguration.java:
Add KEY_USER_TRUSTED_CA_CERTS, KEY_USER_TRUSTED_JSSE_CA_CERTS,
KEY_USER_TRUSTED_CERTS, KEY_USER_TRUSTED_JSSE_CERTS,
KEY_USER_TRUSTED_CLIENT_CERTS, KEY_SYSTEM_TRUSTED_CA_CERTS,
KEY_SYSTEM_TRUSTED_JSSE_CA_CERTS, KEY_SYSTEM_TRUSTED_CERTS,
KEY_SYSTEM_TRUSTED_JSSE_CERTS, KEY_SYSTEM_TRUSTED_CLIENT_CERTS
(loadDefaultProperties): Use the defined constants.
* netx/net/sourceforge/jnlp/security/KeyStores.java: New class.
(getPassword): New method. Return the default password used for
KeyStores. (getKeyStore(Level,Type)): New method. Returns the
appropriate KeyStore. (getKeyStore(Level,Type,String)):
Likewise. (getCertKeyStores): New method. Return all the trusted
certificate KeyStores. (getCAKeyStores): New method. Return
all the trusted CA certificate KeyStores.
(getKeyStoreLocation): New method. Return the location of the
appropriate KeyStore. (toTranslatableString): New method. Return
a string that can be used to create a human-readable name for
the KeyStore. (toDisplayableString): New method. Return a human-
readable name for the KeyStore. (createKeyStoreFromFile):
New method. Creates a new KeyStore object, initializing it from
the given file if possible.
* netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java
(CertificatePane): Create two JTables. Populate the tables when
done creating the user interface. (initializeKeyStore): Use the
correct keystore. (addComponents): Do not read KeyStore. Create
more interface elements to show the new possible KeyStores. Mark
some buttons to be disabled when needed. (repopulateTable):
Renamed to... (repopulateTables): New method. Read KeyStore and
use the contents to create the user and system tables.
(CertificateType): New class. (CertificateTypeListener): New
class. Listens to JComboBox change events.
(TabChangeListener): New class. Listens to new tab selections.
(ImportButtonListener): Import certificates to the appropriate
KeyStore. (ExportButtonListener): Find the certificate from the
right table. (RemoveButtonListener): Find the certificate from
the right table and right the KeyStore.
(DetailsButtonListener): Find the certificate from the right table.
* netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java
(showCertficaiteViewer): Initialize the JNLPRuntime so the
configuration gets loaded.
* netx/net/sourceforge/jnlp/tools/KeyTool.java
(addToKeyStore(File,KeyStore)): New method. Adds certificate from
the file to the KeyStore.
(addToKeyStore(X509Certificate,KeyStore)): New method. Adds a
certificate to a KeyStore.
diffstat:
6 files changed, 637 insertions(+), 42 deletions(-)
ChangeLog | 56 +
netx/net/sourceforge/jnlp/runtime/DeploymentConfiguration.java | 32
netx/net/sourceforge/jnlp/security/KeyStores.java | 337 ++++++++++
netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java | 212 +++++-
netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java | 3
netx/net/sourceforge/jnlp/tools/KeyTool.java | 39 +
diffs (truncated from 902 to 500 lines):
diff -r 8e66d9386273 -r 9dd09feb371b ChangeLog
--- a/ChangeLog Thu Nov 04 16:44:27 2010 -0700
+++ b/ChangeLog Mon Nov 08 16:36:17 2010 -0500
@@ -1,3 +1,59 @@ 2010-11-04 Deepak Bhole <dbhole at redhat.
+2010-11-04 Omair Majid <omajid at redhat.com>
+
+ * netx/net/sourceforge/jnlp/runtime/DeploymentConfiguration.java:
+ Add KEY_USER_TRUSTED_CA_CERTS, KEY_USER_TRUSTED_JSSE_CA_CERTS,
+ KEY_USER_TRUSTED_CERTS, KEY_USER_TRUSTED_JSSE_CERTS,
+ KEY_USER_TRUSTED_CLIENT_CERTS, KEY_SYSTEM_TRUSTED_CA_CERTS,
+ KEY_SYSTEM_TRUSTED_JSSE_CA_CERTS, KEY_SYSTEM_TRUSTED_CERTS,
+ KEY_SYSTEM_TRUSTED_JSSE_CERTS, KEY_SYSTEM_TRUSTED_CLIENT_CERTS
+ (loadDefaultProperties): Use the defined constants.
+ * netx/net/sourceforge/jnlp/security/KeyStores.java: New class.
+ (getPassword): New method. Return the default password used for
+ KeyStores.
+ (getKeyStore(Level,Type)): New method. Returns the appropriate
+ KeyStore.
+ (getKeyStore(Level,Type,String)): Likewise.
+ (getCertKeyStores): New method. Return all the trusted certificate
+ KeyStores.
+ (getCAKeyStores): New method. Return all the trusted CA certificate
+ KeyStores.
+ (getKeyStoreLocation): New method. Return the location of the
+ appropriate KeyStore.
+ (toTranslatableString): New method. Return a string that can be
+ used to create a human-readable name for the KeyStore.
+ (toDisplayableString): New method. Return a human-readable name
+ for the KeyStore.
+ (createKeyStoreFromFile): New method. Creates a new KeyStore object,
+ initializing it from the given file if possible.
+ * netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java
+ (CertificatePane): Create two JTables. Populate the tables when
+ done creating the user interface.
+ (initializeKeyStore): Use the correct keystore.
+ (addComponents): Do not read KeyStore. Create more interface
+ elements to show the new possible KeyStores. Mark some buttons to
+ be disabled when needed.
+ (repopulateTable): Renamed to...
+ (repopulateTables): New method. Read KeyStore and use the contents
+ to create the user and system tables.
+ (CertificateType): New class.
+ (CertificateTypeListener): New class. Listens to JComboBox change
+ events.
+ (TabChangeListener): New class. Listens to new tab selections.
+ (ImportButtonListener): Import certificates to the appropriate
+ KeyStore.
+ (ExportButtonListener): Find the certificate from the right table.
+ (RemoveButtonListener): Find the certificate from the right table
+ and right the KeyStore.
+ (DetailsButtonListener): Find the certificate from the right table.
+ * netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java
+ (showCertficaiteViewer): Initialize the JNLPRuntime so the
+ configuration gets loaded.
+ * netx/net/sourceforge/jnlp/tools/KeyTool.java
+ (addToKeyStore(File,KeyStore)): New method. Adds certificate from
+ the file to the KeyStore.
+ (addToKeyStore(X509Certificate,KeyStore)): New method. Adds a
+ certificate to a KeyStore.
+
2010-11-04 Deepak Bhole <dbhole at redhat.com>
* plugin/icedteanp/java/sun/applet/PluginAppletViewer.java (update):
diff -r 8e66d9386273 -r 9dd09feb371b netx/net/sourceforge/jnlp/runtime/DeploymentConfiguration.java
--- a/netx/net/sourceforge/jnlp/runtime/DeploymentConfiguration.java Thu Nov 04 16:44:27 2010 -0700
+++ b/netx/net/sourceforge/jnlp/runtime/DeploymentConfiguration.java Mon Nov 08 16:36:17 2010 -0500
@@ -141,6 +141,18 @@ public final class DeploymentConfigurati
* are not running
*/
public static final String KEY_USER_NETX_RUNNING_FILE = "deployment.user.runningfile";
+
+ public static final String KEY_USER_TRUSTED_CA_CERTS = "deployment.user.security.trusted.cacerts";
+ public static final String KEY_USER_TRUSTED_JSSE_CA_CERTS = "deployment.user.security.trusted.jssecacerts";
+ public static final String KEY_USER_TRUSTED_CERTS = "deployment.user.security.trusted.certs";
+ public static final String KEY_USER_TRUSTED_JSSE_CERTS = "deployment.user.security.trusted.jssecerts";
+ public static final String KEY_USER_TRUSTED_CLIENT_CERTS = "deployment.user.security.trusted.clientauthcerts";
+
+ public static final String KEY_SYSTEM_TRUSTED_CA_CERTS = "deployment.system.security.cacerts";
+ public static final String KEY_SYSTEM_TRUSTED_JSSE_CA_CERTS = "deployment.system.security.jssecacerts";
+ public static final String KEY_SYSTEM_TRUSTED_CERTS = "deployment.system.security.trusted.certs";
+ public static final String KEY_SYSTEM_TRUSTED_JSSE_CERTS = "deployment.system.security.trusted.jssecerts";
+ public static final String KEY_SYSTEM_TRUSTED_CLIENT_CERTS = "deployment.system.security.trusted.clientautcerts";
public enum ConfigType {
System, User
@@ -315,17 +327,17 @@ public final class DeploymentConfigurati
{ KEY_USER_NETX_RUNNING_FILE, LOCKS_DIR + File.separator + "netx_running" },
/* certificates and policy files */
{ "deployment.user.security.policy", "file://" + USER_SECURITY + File.separator + "java.policy" },
- { "deployment.user.security.trusted.cacerts", USER_SECURITY + File.separator + "trusted.cacerts" },
- { "deployment.user.security.trusted.jssecacerts", USER_SECURITY + File.separator + "trusted.jssecacerts" },
- { "deployment.user.security.trusted.certs", USER_SECURITY + File.separator + "trusted.certs" },
- { "deployment.user.security.trusted.jssecerts", USER_SECURITY + File.separator + "trusted.jssecerts"},
- { "deployment.user.security.trusted.clientauthcerts", USER_SECURITY + File.separator + "trusted.clientcerts" },
+ { KEY_USER_TRUSTED_CA_CERTS, USER_SECURITY + File.separator + "trusted.cacerts" },
+ { KEY_USER_TRUSTED_JSSE_CA_CERTS, USER_SECURITY + File.separator + "trusted.jssecacerts" },
+ { KEY_USER_TRUSTED_CERTS, USER_SECURITY + File.separator + "trusted.certs" },
+ { KEY_USER_TRUSTED_JSSE_CERTS, USER_SECURITY + File.separator + "trusted.jssecerts"},
+ { KEY_USER_TRUSTED_CLIENT_CERTS, USER_SECURITY + File.separator + "trusted.clientcerts" },
{ "deployment.system.security.policy", null },
- { "deployment.system.security.cacerts", SYSTEM_SECURITY + File.separator + "cacerts" },
- { "deployment.system.security.jssecacerts", SYSTEM_SECURITY + File.separator + "jssecacerts" },
- { "deployment.system.security.trusted.certs", SYSTEM_SECURITY + File.separator + "trusted.certs" },
- { "deployment.system.security.trusted.jssecerts", SYSTEM_SECURITY + File.separator + "trusted.jssecerts" },
- { "deployment.system.security.trusted.clientautcerts", SYSTEM_SECURITY + File.separator + "trusted.clientcerts" },
+ { KEY_SYSTEM_TRUSTED_CA_CERTS , SYSTEM_SECURITY + File.separator + "cacerts" },
+ { KEY_SYSTEM_TRUSTED_JSSE_CA_CERTS, SYSTEM_SECURITY + File.separator + "jssecacerts" },
+ { KEY_SYSTEM_TRUSTED_CERTS, SYSTEM_SECURITY + File.separator + "trusted.certs" },
+ { KEY_SYSTEM_TRUSTED_JSSE_CERTS, SYSTEM_SECURITY + File.separator + "trusted.jssecerts" },
+ { KEY_SYSTEM_TRUSTED_CLIENT_CERTS, SYSTEM_SECURITY + File.separator + "trusted.clientcerts" },
/* security access and control */
{ "deployment.security.askgrantdialog.show", String.valueOf(true) },
{ "deployment.security.askgrantdialog.notinca", String.valueOf(true) },
diff -r 8e66d9386273 -r 9dd09feb371b netx/net/sourceforge/jnlp/security/KeyStores.java
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/netx/net/sourceforge/jnlp/security/KeyStores.java Mon Nov 08 16:36:17 2010 -0500
@@ -0,0 +1,337 @@
+/* KeyStores.java
+ Copyright (C) 2010 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING. If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version.
+*/
+
+package net.sourceforge.jnlp.security;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.StringTokenizer;
+
+import net.sourceforge.jnlp.runtime.DeploymentConfiguration;
+import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.runtime.Translator;
+
+/**
+ * The <code>KeyStores</code> class allows easily accessing the various KeyStores
+ * used.
+ */
+public final class KeyStores {
+
+ /* this gets turned into user-readable strings, see toUserReadableString */
+
+ public enum Level {
+ USER,
+ SYSTEM,
+ }
+
+ public enum Type {
+ CERTS,
+ JSSE_CERTS,
+ CA_CERTS,
+ JSSE_CA_CERTS,
+ CLIENT_CERTS,
+ }
+
+ private static final String KEYSTORE_TYPE = "JKS";
+ /** the default password used to protect the KeyStores */
+ private static final String DEFAULT_PASSWORD = "changeit";
+
+ public static final char[] getPassword() {
+ return DEFAULT_PASSWORD.toCharArray();
+ }
+
+ /**
+ * Returns a KeyStore corresponding to the appropriate level level (user or
+ * system) and type.
+ *
+ * @param level whether the KeyStore desired is a user-level or system-level
+ * KeyStore
+ * @param type the type of KeyStore desired
+ * @return a KeyStore containing certificates from the appropriate
+ */
+ public static final KeyStore getKeyStore(Level level, Type type) {
+ boolean create = false;
+ if (level == Level.USER) {
+ create = true;
+ } else {
+ create = false;
+ }
+ return getKeyStore(level, type, create);
+ }
+
+ /**
+ * Returns a KeyStore corresponding to the appropriate level level (user or
+ * system) and type.
+ *
+ * @param level whether the KeyStore desired is a user-level or system-level
+ * KeyStore
+ * @param type the type of KeyStore desired
+ * @return a KeyStore containing certificates from the appropriate
+ */
+ public static final KeyStore getKeyStore(Level level, Type type, boolean create) {
+ String location = getKeyStoreLocation(level, type);
+ KeyStore ks = null;
+ try {
+ ks = createKeyStoreFromFile(new File(location), create, DEFAULT_PASSWORD);
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ return ks;
+ }
+
+ /**
+ * Returns an array of KeyStore that contain certificates that are trusted.
+ * The KeyStores contain certificates from different sources.
+ *
+ * @return an array of KeyStore containing trusted Certificates
+ */
+ public static final KeyStore[] getCertKeyStores() {
+ List<KeyStore> result = new ArrayList<KeyStore>(10);
+ KeyStore ks = null;
+
+ /* System-level JSSE certificates */
+ ks = getKeyStore(Level.SYSTEM, Type.JSSE_CERTS);
+ if (ks != null) {
+ result.add(ks);
+ }
+ /* System-level certificates */
+ ks = getKeyStore(Level.SYSTEM, Type.CERTS);
+ if (ks != null) {
+ result.add(ks);
+ }
+ /* User-level JSSE certificates */
+ ks = getKeyStore(Level.USER, Type.JSSE_CERTS);
+ if (ks != null) {
+ result.add(ks);
+ }
+ /* User-level certificates */
+ ks = getKeyStore(Level.USER, Type.CERTS);
+ if (ks != null) {
+ result.add(ks);
+ }
+
+ return result.toArray(new KeyStore[result.size()]);
+ }
+
+ /**
+ * Returns an array of KeyStore that contain trusted CA certificates.
+ *
+ * @return an array of KeyStore containing trusted CA certificates
+ */
+ public static final KeyStore[] getCAKeyStores() {
+ List<KeyStore> result = new ArrayList<KeyStore>(10);
+ KeyStore ks = null;
+
+ /* System-level JSSE CA certificates */
+ ks = getKeyStore(Level.SYSTEM, Type.JSSE_CA_CERTS);
+ if (ks != null) {
+ result.add(ks);
+ }
+ /* System-level CA certificates */
+ ks = getKeyStore(Level.SYSTEM, Type.CA_CERTS);
+ if (ks != null) {
+ result.add(ks);
+ }
+ /* User-level JSSE CA certificates */
+ ks = getKeyStore(Level.USER, Type.JSSE_CA_CERTS);
+ if (ks != null) {
+ result.add(ks);
+ }
+ /* User-level CA certificates */
+ ks = getKeyStore(Level.USER, Type.CA_CERTS);
+ if (ks != null) {
+ result.add(ks);
+ }
+
+ return result.toArray(new KeyStore[result.size()]);
+ }
+
+ /**
+ * Returns the location of a KeyStore corresponding to the given level and type.
+ * @param level
+ * @param type
+ * @return
+ */
+ public static final String getKeyStoreLocation(Level level, Type type) {
+ String configKey = null;
+ switch (level) {
+ case SYSTEM:
+ switch (type) {
+ case JSSE_CA_CERTS:
+ configKey = DeploymentConfiguration.KEY_SYSTEM_TRUSTED_JSSE_CA_CERTS;
+ break;
+ case CA_CERTS:
+ configKey = DeploymentConfiguration.KEY_SYSTEM_TRUSTED_CA_CERTS;
+ break;
+ case JSSE_CERTS:
+ configKey = DeploymentConfiguration.KEY_SYSTEM_TRUSTED_JSSE_CERTS;
+ break;
+ case CERTS:
+ configKey = DeploymentConfiguration.KEY_SYSTEM_TRUSTED_CERTS;
+ break;
+ case CLIENT_CERTS:
+ configKey = DeploymentConfiguration.KEY_SYSTEM_TRUSTED_CLIENT_CERTS;
+ break;
+ }
+ break;
+ case USER:
+ switch (type) {
+ case JSSE_CA_CERTS:
+ configKey = DeploymentConfiguration.KEY_USER_TRUSTED_JSSE_CA_CERTS;
+ break;
+ case CA_CERTS:
+ configKey = DeploymentConfiguration.KEY_USER_TRUSTED_CA_CERTS;
+ break;
+ case JSSE_CERTS:
+ configKey = DeploymentConfiguration.KEY_USER_TRUSTED_JSSE_CERTS;
+ break;
+ case CERTS:
+ configKey = DeploymentConfiguration.KEY_USER_TRUSTED_CERTS;
+ break;
+ case CLIENT_CERTS:
+ configKey = DeploymentConfiguration.KEY_SYSTEM_TRUSTED_CLIENT_CERTS;
+ break;
+ }
+ break;
+ }
+
+ if (configKey == null) {
+ throw new RuntimeException("Unspported");
+ }
+
+ return JNLPRuntime.getConfiguration().getProperty(configKey);
+ }
+
+ /**
+ * Returns a String that can be used as a translation key to create a
+ * user-visible representation of this KeyStore. Creates a string by
+ * concatenating a level and type, converting everything to Title Case and
+ * removing the _'s. (USER,CA_CERTS) becomes UserCaCerts.
+ *
+ * @param level
+ * @param type
+ * @return
+ */
+ public static final String toTranslatableString(Level level, Type type) {
+ StringBuilder response = new StringBuilder();
+
+ if (level != null) {
+ String levelString = level.toString();
+ response.append(levelString.substring(0, 1).toUpperCase());
+ response.append(levelString.substring(1).toLowerCase());
+ }
+
+ if (type != null) {
+ String typeString = type.toString();
+ StringTokenizer tokenizer = new StringTokenizer(typeString, "_");
+ while (tokenizer.hasMoreTokens()) {
+ String token = tokenizer.nextToken();
+ response.append(token.substring(0, 1).toUpperCase());
+ response.append(token.substring(1).toLowerCase());
+ }
+ }
+
+ return response.toString();
+ }
+
+ /**
+ * Returns a human readable name for this KeyStore
+ *
+ * @param level the level of the KeyStore
+ * @param type the type of KeyStore
+ * @return a localized name for this KeyStore
+ */
+ public static String toDisplayableString(Level level, Type type) {
+ return Translator.R(toTranslatableString(level, type));
+ }
+
+ /**
+ * Reads the file (using the password) and uses it to create a new
+ * {@link KeyStore}. If the file does not exist and should not be created,
+ * it returns an empty but initialized KeyStore
+ *
+ * @param file the file to load information from
+ * @param password the password to unlock the KeyStore file.
+ * @return a KeyStore containing data from the file
+ */
+ private static final KeyStore createKeyStoreFromFile(File file, boolean createIfNotFound,
+ String password) throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ CertificateException {
+ FileInputStream fis = null;
+ KeyStore ks = null;
+
+ try {
+ if (createIfNotFound && !file.exists()) {
+ File parent = file.getParentFile();
+ if (!parent.isDirectory() && !parent.mkdirs()) {
+ throw new IOException("unable to create " + parent);
+ }
+ ks = KeyStore.getInstance(KEYSTORE_TYPE);
+ ks.load(null, password.toCharArray());
+ FileOutputStream fos = new FileOutputStream(file);
+ ks.store(fos, password.toCharArray());
+ fos.close();
+ }
+
+ // TODO catch exception when password is incorrect and prompt user
+
+ if (file.exists()) {
+ fis = new FileInputStream(file);
+ ks = KeyStore.getInstance(KEYSTORE_TYPE);
+ ks.load(fis, password.toCharArray());
+ } else {
+ ks = KeyStore.getInstance(KEYSTORE_TYPE);
+ ks.load(null, password.toCharArray());
+ }
+ } finally {
+ if (fis != null) {
+ fis.close();
+ }
+ }
+
+ return ks;
+ }
+
+}
diff -r 8e66d9386273 -r 9dd09feb371b netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java
--- a/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java Thu Nov 04 16:44:27 2010 -0700
+++ b/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java Mon Nov 08 16:36:17 2010 -0500
@@ -44,35 +44,45 @@ import java.awt.event.ActionListener;
import java.awt.event.ActionListener;
import java.awt.event.KeyEvent;
import java.io.FileOutputStream;
+import java.io.OutputStream;
import java.io.PrintStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
+import java.util.List;
import javax.swing.BorderFactory;
import javax.swing.JButton;
+import javax.swing.JComboBox;
import javax.swing.JComponent;
import javax.swing.JDialog;
import javax.swing.JFileChooser;
+import javax.swing.JLabel;
import javax.swing.JOptionPane;
import javax.swing.JPanel;
import javax.swing.JScrollPane;
import javax.swing.JTabbedPane;
import javax.swing.JTable;
+import javax.swing.event.ChangeEvent;
+import javax.swing.event.ChangeListener;
import javax.swing.table.DefaultTableModel;
+import net.sourceforge.jnlp.security.KeyStores;
import net.sourceforge.jnlp.security.SecurityUtil;
import net.sourceforge.jnlp.security.SecurityWarningDialog;
+import net.sourceforge.jnlp.security.KeyStores.Level;
import net.sourceforge.jnlp.tools.KeyTool;
public class CertificatePane extends JPanel {
/**
- * The certificates stored in the user's trusted.certs file.
+ * The certificates stored in the certificates file.
*/
private ArrayList<X509Certificate> certs = null;
+
More information about the distro-pkg-dev
mailing list