Ignore:
Timestamp:
2014-07-28T16:40:19+02:00 (9 years ago)
Author:
Don-vip
Message:

see #10230, see #10033 - add "Install/uninstall certificate" buttons in remote control preferences (Windows only)

Location:
trunk/src/org/openstreetmap/josm/tools
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/org/openstreetmap/josm/tools/PlatformHook.java

    r7335 r7343  
    109109    /**
    110110     * Setup system keystore to add JOSM HTTPS certificate (for remote control).
     111     * @param entryAlias The entry alias to use
    111112     * @param trustedCert the JOSM certificate for localhost
     113     * @return {@code true} if something has changed as a result of the call (certificate installation, etc.)
    112114     * @throws KeyStoreException in case of error
    113115     * @throws IOException in case of error
    114116     * @throws CertificateException in case of error
    115117     * @throws NoSuchAlgorithmException in case of error
    116      * @since 7206
     118     * @since 7343
    117119     */
    118     public void setupHttpsCertificate(KeyStore.TrustedCertificateEntry trustedCert)
     120    public boolean setupHttpsCertificate(String entryAlias, KeyStore.TrustedCertificateEntry trustedCert)
    119121            throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException;
    120122}

  • trunk/src/org/openstreetmap/josm/tools/PlatformHookUnixoid.java

    r7335 r7343  
    358358
    359359    @Override
    360     public void setupHttpsCertificate(KeyStore.TrustedCertificateEntry trustedCert)
     360    public boolean setupHttpsCertificate(String entryAlias, KeyStore.TrustedCertificateEntry trustedCert)
    361361            throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
    362362        // TODO setup HTTPS certificate on Unix systems
     363        return false;
    363364    }
    364365}

  • trunk/src/org/openstreetmap/josm/tools/PlatformHookWindows.java

    r7342 r7343  
    181181     * @throws IOException if there is an I/O or format problem with the keystore data, if a password is required but not given
    182182     * @throws KeyStoreException if no Provider supports a KeyStore implementation for the type "Windows-ROOT"
     183     * @since 7343
    183184     */
    184     private KeyStore getWindowsKeystore() throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException {
     185    public static KeyStore getRootKeystore() throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException {
    185186        KeyStore ks = KeyStore.getInstance(WINDOWS_ROOT);
    186187        ks.load(null, null);
     
    196197     * @since 7335
    197198     */
    198     public void removeInsecureCertificates() throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException {
     199    public static void removeInsecureCertificates() throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException {
    199200        // We offered before a public private key we need now to remove from Windows PCs as it might be a huge security risk (see #10230)
    200201        PublicKey insecurePubKey = null;
     
    205206            return;
    206207        }
    207         KeyStore ks = getWindowsKeystore();
     208        KeyStore ks = getRootKeystore();
    208209        Enumeration<String> en = ks.aliases();
    209210        Collection<String> insecureCertificates = new ArrayList<>();
     
    249250
    250251    @Override
    251     public void setupHttpsCertificate(KeyStore.TrustedCertificateEntry trustedCert)
     252    public boolean setupHttpsCertificate(String entryAlias, KeyStore.TrustedCertificateEntry trustedCert)
    252253            throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
    253         KeyStore ks = getWindowsKeystore();
    254         Enumeration<String> en = ks.aliases();
    255 
    256         while (en.hasMoreElements()) {
    257             String alias = en.nextElement();
    258             // Look for certificate to install
    259             if (ks.getCertificate(alias).equals(trustedCert.getTrustedCertificate())) {
    260                 // JOSM certificate found, return
    261                 Main.debug("JOSM certificate found: "+alias);
    262                 return;
    263             }
     254        KeyStore ks = getRootKeystore();
     255        // Look for certificate to install
     256        String alias = ks.getCertificateAlias(trustedCert.getTrustedCertificate());
     257        if (alias != null) {
     258            // JOSM certificate found, return
     259            Main.debug(tr("JOSM localhost certificate found in {0} keystore: {1}", WINDOWS_ROOT, alias));
     260            return false;
    264261        }
    265262        // JOSM certificate not found, install it to Windows-ROOT keystore, used by IE, Chrome and Safari, but not by Firefox
    266263        Main.info(tr("Adding JOSM localhost certificate to {0} keystore", WINDOWS_ROOT));
    267         ks.setEntry("josm_localhost", trustedCert, null);
     264        ks.setEntry(entryAlias, trustedCert, null);
     265        return true;
    268266    }
    269267}
Note: See TracChangeset for help on using the changeset viewer.