All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.poreid.common.Util Maven / Gradle / Ivy

Go to download

The POReID is a java library to handle the portuguese eID smartcard, this library can be used for desktop applications as well as browser based applets

The newest version!
/*
 * The MIT License
 *
 * Copyright 2014, 2015, 2016 Rui Martinho ([email protected]), António Braz ([email protected])
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */
package org.poreid.common;

import java.awt.Image;
import org.poreid.CertificateChainNotFound;
import java.io.BufferedInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.CertPathBuilder;
import java.security.cert.CertPathBuilderException;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.PKIXCertPathBuilderResult;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.swing.ImageIcon;
import javax.swing.LookAndFeel;
import javax.swing.UIManager;
import javax.swing.UnsupportedLookAndFeelException;
import javax.xml.bind.DatatypeConverter;
import org.poreid.config.POReIDConfig;

/**
 *
 * @author POReID
 */
public class Util {
    
    
    public static byte[] hexToBytes(String hexString) {
        return DatatypeConverter.parseHexBinary(hexString);
    }

    
    public static String bytesToHex(byte[] b) {
        return DatatypeConverter.printHexBinary(b);
    }

    
    public static String prettyBytesToHex(byte[] b) {
        StringBuilder sb = new StringBuilder();
        for (byte _b : b) {
            sb.append(String.format("%02x", _b));
            sb.append(" ");
        }

        return sb.toString().toUpperCase().trim();
    }

    
    public static void prettyPrintBytesToHex(byte[] b) {
        StringBuilder sb = new StringBuilder();
        for (byte _b : b) {
            sb.append(String.format("%02x", _b));
            sb.append(" ");
        }

        System.out.println(sb.toString().toUpperCase());
    }

    
    public static void prettyPrintBytesToHex(String msg, byte[] b) {
        StringBuilder sb = new StringBuilder();
        for (byte _b : b) {
            sb.append(String.format("%02x", _b));
            sb.append(" ");
        }

        System.out.println(msg + sb.toString().toUpperCase().trim());
    }

    
    public static void prettyPrintBytesToHex(String startMsg, byte[] b, String endMsg) {
        StringBuilder sb = new StringBuilder();
        for (byte _b : b) {
            sb.append(String.format("%02x", _b));
            sb.append(" ");
        }

        System.out.println(startMsg + sb.toString().toUpperCase().trim() + endMsg);
    }

    
    public static X509Certificate readCertificate(File f) throws CertificateException, FileNotFoundException, IOException {
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        X509Certificate cert = null;
        try (BufferedInputStream in = new BufferedInputStream(new FileInputStream(f))) {
            if (in.available() > 0) {
                cert = (X509Certificate) cf.generateCertificate(in);
            }
        }
        return cert;
    }

    
    public static byte[] toByteArray(InputStream is) throws IOException {
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        int reads = is.read();

        while (reads != -1) {
            baos.write(reads);
            reads = is.read();
        }

        return baos.toByteArray();
    }

    
    public static boolean isCertificateSelfSigned(X509Certificate cert) throws CertificateException, NoSuchAlgorithmException, NoSuchProviderException {  
        try {
            cert.verify(cert.getPublicKey());
            return true;
        } catch (SignatureException | InvalidKeyException ex) {
            return false;
        }
    }
    
    
    public static List getCertificateChain(X509Certificate client, KeyStore ks) throws CertificateChainNotFound{ 
        try {
            CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX");
            X509CertSelector select = new X509CertSelector();
            select.setSubject(client.getSubjectX500Principal().getEncoded());
            
            Set trustanchors = new HashSet<>();
            List certList = new ArrayList<>();
            certList.add(client);
            Enumeration enumeration = ks.aliases();
            while (enumeration.hasMoreElements()) {
                X509Certificate certificate = (X509Certificate) ks.getCertificate(enumeration.nextElement());
                if (certificate.getIssuerX500Principal().equals(certificate.getSubjectX500Principal())) {
                    if (isCertificateSelfSigned(certificate)) {
                        trustanchors.add(new TrustAnchor((X509Certificate) certificate, null));
                    }
                } else {
                    certList.add(certificate);
                }

            }

            PKIXBuilderParameters params = new PKIXBuilderParameters(trustanchors, select);
            CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList));
            params.addCertStore(certStore);
            params.setRevocationEnabled(false);
            PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) pathBuilder.build(params);
            
            ArrayList certChain = new ArrayList<>(result.getCertPath().getCertificates());                
            return (List) certChain;
        } catch (IOException | KeyStoreException | CertificateException | NoSuchAlgorithmException | NoSuchProviderException | InvalidAlgorithmParameterException ex) {
            throw new CertificateChainNotFound("Não foi possivel gerar a cadeia de certificação", ex);
        } catch (CertPathBuilderException ex){
            throw new CertificateChainNotFound("Não foi gerada a cadeia de certificação para o certificado com o subject: "+client.getSubjectX500Principal().getName());
        }
    }
    
    
    /* martelada para não fazer parse de asn1 e incluir um porradão de tralha */     
    public static String extractFromASN1(byte[] asn1, int offset, int length) {
        StringBuilder sb = new StringBuilder(length * 2);
        for (int i = offset; i < offset + length; i++) {
            sb.append(String.format("%02x", asn1[i]));
        }
        return sb.toString();
    }
    
    
    /* ideia em http://stackoverflow.com/a/10650881/82609 */
    public static long getDateDiff(Date initialDate, Date finalDate, TimeUnit timeUnit) {        
        return timeUnit.convert(finalDate.getTime() - initialDate.getTime(), TimeUnit.MILLISECONDS);
    }
    
    
    public static void setLookAndFeel() throws ClassNotFoundException, InstantiationException, IllegalAccessException, UnsupportedLookAndFeelException {
        LookAndFeel lnf = UIManager.getLookAndFeel();
        if (null == lnf || lnf.getName().equalsIgnoreCase(POReIDConfig.LAF_SHORT_NAME)) {
            UIManager.setLookAndFeel(POReIDConfig.LAF);
        }
    }
    
    
    public static Image getImage(String path) {

        try (InputStream is = Util.class.getResourceAsStream(path)){
            ImageIcon icon = new ImageIcon(toByteArray(is));
            return icon.getImage();
        } catch (IOException ex) {
            Logger.getLogger(Util.class.getName()).log(Level.SEVERE, null, ex);
        }
        return null;
    }
    
    
    public static List getIconImages(){
        return Arrays.asList(
                Util.getImage("/org/poreid/images/icone_16x16.png"),
                Util.getImage("/org/poreid/images/icone_32x32.png"),
                Util.getImage("/org/poreid/images/icone_48x48.png"),
                Util.getImage("/org/poreid/images/icone_64x64.png"),
                Util.getImage("/org/poreid/images/icone_128x128.png"));
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy