Mercurial > hg > release > icedtea-web-1.5
changeset 910:0a36108ce4b9
All security dialogs moved to appropriate package
line wrap: on
line diff
--- a/ChangeLog Wed Mar 05 15:43:03 2014 +0100 +++ b/ChangeLog Wed Mar 05 16:41:06 2014 +0100 @@ -1,3 +1,43 @@ +2014-03-05 Jiri Vanek <jvanek@redhat.com> + + All security dialogs moved to appropriate package + * netx/net/sourceforge/jnlp/security/AccessWarningPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/AccessWarningPane.java: + * netx/net/sourceforge/jnlp/security/AppletWarningPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/AppletWarningPane.java: + * netx/net/sourceforge/jnlp/security/CertWarningPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java + * netx/net/sourceforge/jnlp/security/CertsInfoPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/CertsInfoPane.java: + * netx/net/sourceforge/jnlp/security/MoreInfoPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/MoreInfoPane.java: + * netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/NotAllSignedWarningPane.java: + * netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/PasswordAuthenticationPane.java: + * netx/net/sourceforge/jnlp/security/SecurityDialogPanel.java: to + * netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java: + * netx/net/sourceforge/jnlp/security/SingleCertInfoPane.java: to + * netx/net/sourceforge/jnlp/security/dialogs/SingleCertInfoPane.java: + * netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java: to + * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java: + * netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: to + * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java: + * netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java: to + * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/UnsignedAppletTrustWarningDialog.java: + * netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java: to + * netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/UnsignedAppletTrustWarningPanel.java: + * tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java: to + * tests/netx/unit/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanelTest.java: + * tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java: necessary changes + * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java: necessary changes + * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: necessary changes + * netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java: necessary changes + * netx/net/sourceforge/jnlp/security/SecurityDialog.java: necessary changes + * netx/net/sourceforge/jnlp/security/KeyStores.java: necessary changes + * netx/net/sourceforge/jnlp/security/HttpsCertVerifier.java: necessary changes + * netx/net/sourceforge/jnlp/security/CertificateUtils.java: necessary changes + 2014-03-05 Jiri Vanek <jvanek@redhat.com> * netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: fixed
--- a/netx/net/sourceforge/jnlp/security/AccessWarningPane.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,213 +0,0 @@ -/* AccessWarningPane.java - Copyright (C) 2008 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. -*/ - -package net.sourceforge.jnlp.security; - -import static net.sourceforge.jnlp.runtime.Translator.R; - -import java.awt.BorderLayout; -import java.awt.Color; -import java.awt.Dimension; -import java.awt.FlowLayout; -import java.awt.Font; -import java.awt.GridLayout; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; - -import javax.swing.BorderFactory; -import javax.swing.BoxLayout; -import javax.swing.ImageIcon; -import javax.swing.JButton; -import javax.swing.JCheckBox; -import javax.swing.JLabel; -import javax.swing.JPanel; -import javax.swing.SwingConstants; - -import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; -import net.sourceforge.jnlp.util.FileUtils; - -/** - * Provides a panel to show inside a SecurityDialog. These dialogs are - * used to warn the user when either signed code (with or without signing - * issues) is going to be run, or when service permission (file, clipboard, - * printer, etc) is needed with unsigned code. - * - * @author <a href="mailto:jsumali@redhat.com">Joshua Sumali</a> - */ -public class AccessWarningPane extends SecurityDialogPanel { - - JCheckBox alwaysAllow; - Object[] extras; - - public AccessWarningPane(SecurityDialog x, CertVerifier certVerifier) { - super(x, certVerifier); - addComponents(); - } - - public AccessWarningPane(SecurityDialog x, Object[] extras, CertVerifier certVerifier) { - super(x, certVerifier); - this.extras = extras; - addComponents(); - } - - /** - * Creates the actual GUI components, and adds it to this panel - */ - private void addComponents() { - AccessType type = parent.getAccessType(); - JNLPFile file = parent.getFile(); - - String name = ""; - String publisher = ""; - String from = ""; - - //We don't worry about exceptions when trying to fill in - //these strings -- we just want to fill in as many as possible. - try { - name = file.getInformation().getTitle() != null ? file.getInformation().getTitle() : R("SNoAssociatedCertificate"); - } catch (Exception e) { - } - - try { - publisher = file.getInformation().getVendor() != null ? - file.getInformation().getVendor() + " " + R("SUnverified") : - R("SNoAssociatedCertificate"); - } catch (Exception e) { - } - - try { - from = !file.getInformation().getHomepage().toString().equals("") ? file.getInformation().getHomepage().toString() : file.getSourceLocation().getAuthority(); - } catch (Exception e) { - from = file.getSourceLocation().getAuthority(); - } - - //Top label - String topLabelText = ""; - switch (type) { - case READ_FILE: - if (extras != null && extras.length > 0 && extras[0] instanceof String) { - topLabelText = R("SFileReadAccess", FileUtils.displayablePath((String) extras[0])); - } else { - topLabelText = R("SFileReadAccess", R("AFileOnTheMachine")); - } - break; - case WRITE_FILE: - if (extras != null && extras.length > 0 && extras[0] instanceof String) { - topLabelText = R("SFileWriteAccess", FileUtils.displayablePath((String) extras[0])); - } else { - topLabelText = R("SFileWriteAccess", R("AFileOnTheMachine")); - } - break; - case CREATE_DESTKOP_SHORTCUT: - topLabelText = R("SDesktopShortcut"); - break; - case CLIPBOARD_READ: - topLabelText = R("SClipboardReadAccess"); - break; - case CLIPBOARD_WRITE: - topLabelText = R("SClipboardWriteAccess"); - break; - case PRINTER: - topLabelText = R("SPrinterAccess"); - break; - case NETWORK: - if (extras != null && extras.length >= 0) - topLabelText = R("SNetworkAccess", extras[0]); - else - topLabelText = R("SNetworkAccess", "(address here)"); - } - - ImageIcon icon = new ImageIcon((new sun.misc.Launcher()).getClassLoader().getResource("net/sourceforge/jnlp/resources/question.png")); - JLabel topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.LEFT); - topLabel.setFont(new Font(topLabel.getFont().toString(), - Font.BOLD, 12)); - JPanel topPanel = new JPanel(new BorderLayout()); - topPanel.setBackground(Color.WHITE); - topPanel.add(topLabel, BorderLayout.CENTER); - topPanel.setPreferredSize(new Dimension(450, 100)); - topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - - //application info - JLabel nameLabel = new JLabel(R("Name") + ": " + name); - nameLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); - JLabel publisherLabel = new JLabel(R("Publisher") + ": " + publisher); - publisherLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); - JLabel fromLabel = new JLabel(R("From") + ": " + from); - fromLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); - - alwaysAllow = new JCheckBox(R("AlwaysAllowAction")); - alwaysAllow.setEnabled(false); - - JPanel infoPanel = new JPanel(new GridLayout(4, 1)); - infoPanel.add(nameLabel); - infoPanel.add(publisherLabel); - infoPanel.add(fromLabel); - infoPanel.add(alwaysAllow); - infoPanel.setBorder(BorderFactory.createEmptyBorder(25, 25, 25, 25)); - - //run and cancel buttons - JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); - - JButton run = new JButton(R("ButAllow")); - JButton cancel = new JButton(R("ButCancel")); - run.addActionListener(createSetValueListener(parent, 0)); - run.addActionListener(new CheckBoxListener()); - cancel.addActionListener(createSetValueListener(parent, 1)); - initialFocusComponent = cancel; - buttonPanel.add(run); - buttonPanel.add(cancel); - buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - - //all of the above - setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); - add(topPanel); - add(infoPanel); - add(buttonPanel); - - } - - private class CheckBoxListener implements ActionListener { - public void actionPerformed(ActionEvent e) { - if (alwaysAllow != null && alwaysAllow.isSelected()) { - // TODO: somehow tell the ApplicationInstance - // to stop asking for permission - } - } - } - -}
--- a/netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,68 +0,0 @@ -/* Copyright (C) 2013 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. - */ - -package net.sourceforge.jnlp.security; - -import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.security.AppTrustWarningPanel.ActionChoiceListener; -import net.sourceforge.jnlp.security.AppTrustWarningPanel.AppSigningWarningAction; - -/** - * A panel that confirms that the user is OK with unsigned code running. - */ -public class AppTrustWarningDialog extends SecurityDialogPanel { - - private AppTrustWarningDialog(final SecurityDialog dialog) { - super(dialog); - } - - public static AppTrustWarningDialog unsigned(final SecurityDialog dialog, final JNLPFile file) { - final AppTrustWarningDialog warningDialog = new AppTrustWarningDialog(dialog); - warningDialog.add(new UnsignedAppletTrustWarningPanel(file, warningDialog.getActionChoiceListener())); - return warningDialog; - } - - private ActionChoiceListener getActionChoiceListener() { - return new ActionChoiceListener() { - @Override - public void actionChosen(final AppSigningWarningAction action) { - parent.setValue(action); - parent.dispose(); - } - }; - } - -}
--- a/netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,338 +0,0 @@ -/* Copyright (C) 2013 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. - */ - -package net.sourceforge.jnlp.security; - -import static net.sourceforge.jnlp.runtime.Translator.R; - -import java.awt.BorderLayout; -import java.awt.Color; -import java.awt.Dimension; -import java.awt.FlowLayout; -import java.awt.Font; -import java.awt.GridLayout; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; -import java.util.ArrayList; -import java.util.List; - -import javax.swing.BorderFactory; -import javax.swing.BoxLayout; -import javax.swing.ButtonGroup; -import javax.swing.ImageIcon; -import javax.swing.JButton; -import javax.swing.JCheckBox; -import javax.swing.JDialog; -import javax.swing.JLabel; -import javax.swing.JPanel; -import javax.swing.JRadioButton; -import javax.swing.SwingConstants; - -import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; -import net.sourceforge.jnlp.security.appletextendedsecurity.ExtendedAppletSecurityHelp; -import net.sourceforge.jnlp.util.ScreenFinder; - -/* - * This class is meant to provide a common layout and functionality for warning dialogs - * that appear when the user needs to confirm the running of applets/applications. - * Subclasses include UnsignedAppletTrustWarningPanel, for unsigned plugin applets, and - * PartiallySignedAppTrustWarningPanel, for partially signed JNLP applications as well as - * plugin applets. New implementations should be added to the unit test at - * unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest - */ -public abstract class AppTrustWarningPanel extends JPanel { - - /* - * Details of decided action. - */ - public static class AppSigningWarningAction { - private ExecuteAppletAction action; - private boolean applyToCodeBase; - - public AppSigningWarningAction(ExecuteAppletAction action, - boolean applyToCodeBase) { - this.action = action; - this.applyToCodeBase = applyToCodeBase; - } - - public ExecuteAppletAction getAction() { - return action; - } - - public boolean rememberForCodeBase() { - return applyToCodeBase; - } - } - - /* - * Callback for when action is decided. - */ - public static interface ActionChoiceListener { - void actionChosen(AppSigningWarningAction action); - } - - protected int PANE_WIDTH = 500; - - protected int TOP_PANEL_HEIGHT = 60; - protected int INFO_PANEL_HEIGHT = 140; - protected int INFO_PANEL_HINT_HEIGHT = 25; - protected int QUESTION_PANEL_HEIGHT = 35; - - protected List<JButton> buttons; - protected JButton allowButton; - protected JButton rejectButton; - protected JButton helpButton; - protected JCheckBox permanencyCheckBox; - protected JRadioButton applyToAppletButton; - protected JRadioButton applyToCodeBaseButton; - - protected JNLPFile file; - - protected ActionChoiceListener actionChoiceListener; - - /* - * Subclasses should call addComponents() IMMEDIATELY after calling the super() constructor! - */ - public AppTrustWarningPanel(JNLPFile file, ActionChoiceListener actionChoiceListener) { - this.file = file; - this.actionChoiceListener = actionChoiceListener; - this.buttons = new ArrayList<JButton>(); - - allowButton = new JButton(R("ButProceed")); - rejectButton = new JButton(R("ButCancel")); - helpButton = new JButton(R("APPEXTSECguiPanelHelpButton")); - - allowButton.addActionListener(chosenActionSetter(true)); - rejectButton.addActionListener(chosenActionSetter(false)); - - helpButton.addActionListener(getHelpButtonAction()); - - buttons.add(allowButton); - buttons.add(rejectButton); - buttons.add(helpButton); - } - - /* - * Provides an image to be displayed near the upper left corner of the dialog. - */ - protected abstract ImageIcon getInfoImage(); - - /* - * Provides a short description of why the dialog is appearing. The message is expected to be HTML-formatted. - */ - protected abstract String getTopPanelText(); - - /* - * Provides in-depth information on why the dialog is appearing. The message is expected to be HTML-formatted. - */ - protected abstract String getInfoPanelText(); - - /* - * This provides the text for the final prompt to the user. The message is expected to be HTML formatted. - * The user's action is a direct response to this question. - */ - protected abstract String getQuestionPanelText(); - - public final JButton getAllowButton() { - return allowButton; - } - - public final JButton getRejectButton() { - return rejectButton; - } - - protected ActionListener getHelpButtonAction() { - return new ActionListener() { - - public void actionPerformed(ActionEvent e) { - JDialog d = new ExtendedAppletSecurityHelp(null, false, "dialogue"); - ScreenFinder.centerWindowsToCurrentScreen(d); - d.setVisible(true); - } - }; - } - - protected static final String htmlWrap(String text) { - return "<html>" + text + "</html>"; - } - - private void setupTopPanel() { - final String topLabelText = getTopPanelText(); - - JLabel topLabel = new JLabel(topLabelText, getInfoImage(), - SwingConstants.LEFT); - topLabel.setFont(new Font(topLabel.getFont().toString(), Font.BOLD, 12)); - - JPanel topPanel = new JPanel(new BorderLayout()); - topPanel.setBackground(Color.WHITE); - topPanel.add(topLabel, BorderLayout.CENTER); - topPanel.setPreferredSize(new Dimension(PANE_WIDTH, TOP_PANEL_HEIGHT)); - topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - - add(topPanel); - } - - private void setupInfoPanel() { - String titleText = R("SAppletTitle", file.getTitle()); - JLabel titleLabel = new JLabel(titleText); - titleLabel.setFont(new Font(titleLabel.getFont().getName(), Font.BOLD, 18)); - - String infoLabelText = getInfoPanelText(); - JLabel infoLabel = new JLabel(infoLabelText); - - int panelHeight = titleLabel.getHeight() + INFO_PANEL_HEIGHT + INFO_PANEL_HINT_HEIGHT; - JPanel infoPanel = new JPanel(new BorderLayout()); - infoPanel.add(titleLabel, BorderLayout.PAGE_START); - infoPanel.add(infoLabel, BorderLayout.CENTER); - infoPanel.setPreferredSize(new Dimension(PANE_WIDTH, panelHeight)); - infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - - add(infoPanel); - } - - private void setupQuestionsPanel() { - JPanel questionPanel = new JPanel(new BorderLayout()); - - final String questionPanelText = getQuestionPanelText(); - questionPanel.add(new JLabel(questionPanelText), BorderLayout.EAST); - - questionPanel.setPreferredSize(new Dimension(PANE_WIDTH, QUESTION_PANEL_HEIGHT)); - questionPanel.setBorder(BorderFactory.createEmptyBorder(0, 10, 0, 10)); - - add(questionPanel); - } - - private JPanel createMatchOptionsPanel() { - JPanel matchOptionsPanel = new JPanel(new FlowLayout(FlowLayout.LEFT)); - - ButtonGroup group = new ButtonGroup(); - applyToAppletButton = new JRadioButton(R("SRememberAppletOnly")); - applyToAppletButton.setSelected(true); - applyToAppletButton.setEnabled(false); // Start disabled until 'Remember this option' is selected - - applyToCodeBaseButton = new JRadioButton(htmlWrap(R("SRememberCodebase", file.getCodeBase()))); - applyToCodeBaseButton.setEnabled(false); - - group.add(applyToAppletButton); - group.add(applyToCodeBaseButton); - - matchOptionsPanel.add(applyToAppletButton); - matchOptionsPanel.add(applyToCodeBaseButton); - - return matchOptionsPanel; - } - - private JPanel createCheckBoxPanel() { - JPanel checkBoxPanel = new JPanel(new BorderLayout()); - - permanencyCheckBox = new JCheckBox(htmlWrap(R("SRememberOption"))); - permanencyCheckBox.addActionListener(permanencyListener()); - checkBoxPanel.setBorder(BorderFactory.createEmptyBorder(0, 15, 0, 0)); - checkBoxPanel.add(permanencyCheckBox, BorderLayout.SOUTH); - - return checkBoxPanel; - } - - private JPanel createButtonPanel() { - JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); - - for (final JButton button : buttons) { - buttonPanel.add(button); - } - - buttonPanel.setBorder(BorderFactory.createEmptyBorder(0, 10, 10, 10)); - - return buttonPanel; - } - - // Set up 'Remember Option' checkbox & Proceed/Cancel buttons - private void setupButtonAndCheckBoxPanel() { - JPanel outerPanel = new JPanel(new BorderLayout()); - JPanel rememberPanel = new JPanel(new GridLayout(2 /*rows*/, 1 /*column*/)); - rememberPanel.add(createMatchOptionsPanel()); - rememberPanel.setBorder(BorderFactory.createEmptyBorder(0, 10, 0, 10)); - - outerPanel.add(createCheckBoxPanel(), BorderLayout.WEST); - outerPanel.add(rememberPanel, BorderLayout.SOUTH); - outerPanel.add(createButtonPanel(), BorderLayout.EAST); - - add(outerPanel); - } - - /** - * Creates the actual GUI components, and adds it to this panel. This should be called by all subclasses - * IMMEDIATELY after calling the super() constructor! - */ - protected final void addComponents() { - setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); - - setupTopPanel(); - setupInfoPanel(); - setupQuestionsPanel(); - setupButtonAndCheckBoxPanel(); - } - - // Toggles whether 'match applet' or 'match codebase' options are greyed out - private ActionListener permanencyListener() { - return new ActionListener() { - @Override - public void actionPerformed(ActionEvent e) { - applyToAppletButton.setEnabled(permanencyCheckBox.isSelected()); - applyToCodeBaseButton.setEnabled(permanencyCheckBox.isSelected()); - } - }; - } - - // Sets action depending on allowApplet + checkbox state - private ActionListener chosenActionSetter(final boolean allowApplet) { - return new ActionListener() { - @Override - public void actionPerformed(ActionEvent e) { - ExecuteAppletAction action; - - if (allowApplet) { - action = permanencyCheckBox.isSelected() ? ExecuteAppletAction.ALWAYS : ExecuteAppletAction.YES; - } else { - action = permanencyCheckBox.isSelected() ? ExecuteAppletAction.NEVER : ExecuteAppletAction.NO; - } - - boolean applyToCodeBase = applyToCodeBaseButton.isSelected(); - actionChoiceListener.actionChosen(new AppSigningWarningAction(action, applyToCodeBase)); - } - }; - } -}
--- a/netx/net/sourceforge/jnlp/security/AppletWarningPane.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,114 +0,0 @@ -/* AppletWarningPane.java - Copyright (C) 2008 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. -*/ - -package net.sourceforge.jnlp.security; - -import java.awt.BorderLayout; -import java.awt.Color; -import java.awt.Dimension; -import java.awt.FlowLayout; -import java.awt.Font; - -import javax.swing.BorderFactory; -import javax.swing.BoxLayout; -import javax.swing.JButton; -import javax.swing.JLabel; -import javax.swing.JPanel; - -public class AppletWarningPane extends SecurityDialogPanel { - - public AppletWarningPane(SecurityDialog x, CertVerifier certVerifier) { - super(x, certVerifier); - addComponents(); - } - - protected void addComponents() { - - //Top label - String topLabelText = "While support for verifying signed code" + - " has not been implemented yet, some applets will not run " + - "properly under the default restricted security level."; - String bottomLabelText = "Do you want to run this applet under the " + - "restricted security level? (clicking No will run this applet " + - "without any security checking, and should only be done if you " + - "trust the applet!)"; - - JLabel topLabel = new JLabel(htmlWrap(topLabelText)); - topLabel.setFont(new Font(topLabel.getFont().toString(), - Font.BOLD, 12)); - JPanel topPanel = new JPanel(new BorderLayout()); - topPanel.setBackground(Color.WHITE); - topPanel.add(topLabel, BorderLayout.CENTER); - topPanel.setPreferredSize(new Dimension(400, 80)); - topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - - JLabel bottomLabel = new JLabel(htmlWrap(bottomLabelText)); - JPanel infoPanel = new JPanel(new BorderLayout()); - infoPanel.add(bottomLabel, BorderLayout.CENTER); - infoPanel.setPreferredSize(new Dimension(400, 80)); - infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - - //run and cancel buttons - JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); - - JButton yes = new JButton("Yes"); - JButton no = new JButton("No"); - JButton cancel = new JButton("Cancel"); - int buttonWidth = cancel.getMinimumSize().width; - int buttonHeight = cancel.getMinimumSize().height; - Dimension d = new Dimension(buttonWidth, buttonHeight); - yes.setPreferredSize(d); - no.setPreferredSize(d); - cancel.setPreferredSize(d); - yes.addActionListener(createSetValueListener(parent, 0)); - no.addActionListener(createSetValueListener(parent, 1)); - cancel.addActionListener(createSetValueListener(parent, 2)); - initialFocusComponent = cancel; - buttonPanel.add(yes); - buttonPanel.add(no); - buttonPanel.add(cancel); - buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - - //all of the above - setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); - add(topPanel); - add(infoPanel); - add(buttonPanel); - - } - -}
--- a/netx/net/sourceforge/jnlp/security/CertWarningPane.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,319 +0,0 @@ -/* CertWarningPane.java - Copyright (C) 2012 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. -*/ - -package net.sourceforge.jnlp.security; - -import static net.sourceforge.jnlp.runtime.Translator.R; - -import java.awt.BorderLayout; -import java.awt.Color; -import java.awt.Dimension; -import java.awt.FlowLayout; -import java.awt.Font; -import java.awt.GridLayout; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; -import java.io.File; -import java.io.FileOutputStream; -import java.io.OutputStream; -import java.security.KeyStore; -import java.security.cert.Certificate; -import java.security.cert.X509Certificate; - -import javax.swing.BorderFactory; -import javax.swing.BoxLayout; -import javax.swing.ImageIcon; -import javax.swing.JButton; -import javax.swing.JCheckBox; -import javax.swing.JLabel; -import javax.swing.JPanel; -import javax.swing.SwingConstants; - -import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.PluginBridge; -import net.sourceforge.jnlp.security.KeyStores.Level; -import net.sourceforge.jnlp.security.KeyStores.Type; -import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; -import net.sourceforge.jnlp.util.FileUtils; -import net.sourceforge.jnlp.util.logging.OutputController; - -/** - * Provides the panel for using inside a SecurityDialog. These dialogs are - * used to warn the user when either signed code (with or without signing - * issues) is going to be run, or when service permission (file, clipboard, - * printer, etc) is needed with unsigned code. - * - * @author <a href="mailto:jsumali@redhat.com">Joshua Sumali</a> - */ -public class CertWarningPane extends SecurityDialogPanel { - - JCheckBox alwaysTrust; - CertVerifier certVerifier; - - public CertWarningPane(SecurityDialog x, CertVerifier certVerifier) { - super(x, certVerifier); - this.certVerifier = certVerifier; - addComponents(); - } - - /** - * Creates the actual GUI components, and adds it to this panel - */ - private void addComponents() { - AccessType type = parent.getAccessType(); - JNLPFile file = parent.getFile(); - Certificate c = parent.getCertVerifier().getPublisher(null); - - String name = ""; - String publisher = ""; - String from = ""; - - //We don't worry about exceptions when trying to fill in - //these strings -- we just want to fill in as many as possible. - try { - if ((certVerifier instanceof HttpsCertVerifier) && - (c instanceof X509Certificate)) { - name = SecurityUtil.getCN(((X509Certificate) c) - .getSubjectX500Principal().getName()); - } else if (file instanceof PluginBridge) { - name = file.getTitle(); - } else { - name = file.getInformation().getTitle(); - } - } catch (Exception e) { - } - - try { - if (c instanceof X509Certificate) { - publisher = SecurityUtil.getCN(((X509Certificate) c) - .getSubjectX500Principal().getName()); - } - } catch (Exception e) { - } - - try { - if (file instanceof PluginBridge) { - from = file.getCodeBase().getHost(); - } else { - from = file.getInformation().getHomepage().toString(); - } - } catch (Exception e) { - } - - // Labels - String topLabelText = ""; - String bottomLabelText = parent.getCertVerifier().getRootInCacerts() ? - R("STrustedSource") : R("SUntrustedSource"); - String propertyName = ""; - String iconLocation = "net/sourceforge/jnlp/resources/"; - boolean alwaysTrustSelected = false; - if (certVerifier instanceof HttpsCertVerifier) { - // HTTPS certs that are verified do not prompt for a dialog. - // @see VariableX509TrustManager#checkServerTrusted - topLabelText = R("SHttpsUnverified") + " " + R("Continue"); - propertyName = "OptionPane.warningIcon"; - iconLocation += "warning.png"; - } else { - switch (type) { - case VERIFIED: - topLabelText = R("SSigVerified"); - propertyName = "OptionPane.informationIcon"; - iconLocation += "question.png"; - alwaysTrustSelected = true; - break; - case UNVERIFIED: - topLabelText = R("SSigUnverified"); - propertyName = "OptionPane.warningIcon"; - iconLocation += "warning.png"; - bottomLabelText += " " + R("SWarnFullPermissionsIgnorePolicy"); - break; - case SIGNING_ERROR: - topLabelText = R("SSignatureError"); - propertyName = "OptionPane.warningIcon"; - iconLocation += "warning.png"; - bottomLabelText += " " + R("SWarnFullPermissionsIgnorePolicy"); - break; - } - } - ImageIcon icon = new ImageIcon((new sun.misc.Launcher()) - .getClassLoader().getResource(iconLocation)); - JLabel topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.LEFT); - topLabel.setFont(new Font(topLabel.getFont().toString(), - Font.BOLD, 12)); - JPanel topPanel = new JPanel(new BorderLayout()); - topPanel.setBackground(Color.WHITE); - topPanel.add(topLabel, BorderLayout.CENTER); - topPanel.setPreferredSize(new Dimension(400, 75)); - topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - - //application info - JLabel nameLabel = new JLabel(R("Name") + ": " + name); - nameLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); - JLabel publisherLabel = new JLabel(R("Publisher") + ": " + publisher); - publisherLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); - JLabel fromLabel = new JLabel(R("From") + ": " + from); - fromLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); - - alwaysTrust = new JCheckBox(R("SAlwaysTrustPublisher")); - alwaysTrust.setEnabled(true); - alwaysTrust.setSelected(alwaysTrustSelected); - - JPanel infoPanel = new JPanel(new GridLayout(4, 1)); - infoPanel.add(nameLabel); - infoPanel.add(publisherLabel); - - if (!(certVerifier instanceof HttpsCertVerifier)) { - infoPanel.add(fromLabel); - } - - infoPanel.add(alwaysTrust); - infoPanel.setBorder(BorderFactory.createEmptyBorder(25, 25, 25, 25)); - - //run and cancel buttons - JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); - JButton run = new JButton(R("ButRun")); - JButton sandbox = new JButton(R("ButSandbox")); - JButton cancel = new JButton(R("ButCancel")); - run.setToolTipText(R("CertWarnRunTip")); - sandbox.setToolTipText(R("CertWarnSandboxTip")); - cancel.setToolTipText(R("CertWarnCancelTip")); - - alwaysTrust.addActionListener(new ButtonDisableListener(sandbox)); - int buttonWidth = Math.max(run.getMinimumSize().width, - sandbox.getMinimumSize().width); - buttonWidth = Math.max(buttonWidth, cancel.getMinimumSize().width); - int buttonHeight = run.getMinimumSize().height; - Dimension d = new Dimension(buttonWidth, buttonHeight); - run.setPreferredSize(d); - sandbox.setPreferredSize(d); - cancel.setPreferredSize(d); - - sandbox.setEnabled(!alwaysTrust.isSelected()); - - run.addActionListener(createSetValueListener(parent, 0)); - run.addActionListener(new CheckBoxListener()); - sandbox.addActionListener(createSetValueListener(parent, 1)); - cancel.addActionListener(createSetValueListener(parent, 2)); - initialFocusComponent = cancel; - buttonPanel.add(run); - // file will be null iff this dialog is being called from VariableX509TrustManager. - // In this case, the "sandbox" button does not make any sense, as we are asking - // the user if they trust some certificate that is not being used to sign an app. - // Since there is no app, there is nothing to run sandboxed. - if (file != null) { - buttonPanel.add(sandbox); - } - buttonPanel.add(cancel); - buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - - //all of the above - setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); - add(topPanel); - add(infoPanel); - add(buttonPanel); - - JLabel bottomLabel = new JLabel(htmlWrap(bottomLabelText)); - JButton moreInfo = new JButton(R("ButMoreInformation")); - moreInfo.addActionListener(new MoreInfoButtonListener()); - - JPanel bottomPanel = new JPanel(); - bottomPanel.setLayout(new BoxLayout(bottomPanel, BoxLayout.X_AXIS)); - bottomPanel.add(bottomLabel); - bottomPanel.add(moreInfo); - bottomPanel.setPreferredSize(new Dimension(600, 100)); - bottomPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - add(bottomPanel); - - } - - private class MoreInfoButtonListener implements ActionListener { - @Override - public void actionPerformed(ActionEvent e) { - SecurityDialog.showMoreInfoDialog(parent.getCertVerifier(), - parent); - } - } - - /** - * Disable the Sandbox button when the AlwaysTrust checkbox is checked - */ - private class ButtonDisableListener implements ActionListener { - private JButton button; - - public ButtonDisableListener(JButton button) { - this.button = button; - } - - @Override - public void actionPerformed(ActionEvent e) { - button.setEnabled(!alwaysTrust.isSelected()); - } - } - - /** - * Updates the user's KeyStore of trusted Certificates. - */ - private class CheckBoxListener implements ActionListener { - @Override - public void actionPerformed(ActionEvent e) { - if (alwaysTrust != null && alwaysTrust.isSelected()) { - try { - KeyStore ks = KeyStores.getKeyStore(Level.USER, Type.CERTS); - X509Certificate c = (X509Certificate) parent.getCertVerifier().getPublisher(null); - CertificateUtils.addToKeyStore(c, ks); - File keyStoreFile = new File(KeyStores.getKeyStoreLocation(Level.USER, Type.CERTS)); - if (!keyStoreFile.isFile()) { - FileUtils.createRestrictedFile(keyStoreFile, true); - } - - OutputStream os = new FileOutputStream(keyStoreFile); - try { - ks.store(os, KeyStores.getPassword()); - } finally { - os.close(); - } - OutputController.getLogger().log("certificate is now permanently trusted"); - } catch (Exception ex) { - // TODO: Let NetX show a dialog here notifying user - // about being unable to add cert to keystore - OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ex); - } - } - } - } - -}
--- a/netx/net/sourceforge/jnlp/security/CertificateUtils.java Wed Mar 05 15:43:03 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/CertificateUtils.java Wed Mar 05 16:41:06 2014 +0100 @@ -45,13 +45,9 @@ import java.io.IOException; import java.io.PrintStream; import java.math.BigInteger; -import java.security.InvalidKeyException; import java.security.Key; import java.security.KeyStore; import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; -import java.security.SignatureException; import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; @@ -59,7 +55,6 @@ import java.util.Enumeration; import java.util.Random; -import net.sourceforge.jnlp.runtime.JNLPRuntime; import net.sourceforge.jnlp.runtime.Translator; import net.sourceforge.jnlp.util.logging.OutputController; import net.sourceforge.jnlp.util.replacements.BASE64Encoder;
--- a/netx/net/sourceforge/jnlp/security/CertsInfoPane.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,347 +0,0 @@ -/* CertsInfoPane.java - Copyright (C) 2008 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. -*/ - -package net.sourceforge.jnlp.security; - -import static net.sourceforge.jnlp.runtime.Translator.R; - -import java.util.ArrayList; -import java.security.cert.CertPath; -import java.security.cert.X509Certificate; -import java.security.MessageDigest; - -import sun.misc.HexDumpEncoder; -import sun.security.x509.*; -import javax.swing.*; -import javax.swing.event.*; -import javax.swing.table.*; -import java.awt.*; -import java.awt.event.*; -import java.awt.datatransfer.Clipboard; -import java.awt.datatransfer.StringSelection; -import javax.swing.tree.DefaultMutableTreeNode; -import javax.swing.tree.TreeSelectionModel; - -/** - * Provides the panel for the Certificate Info dialog. This dialog displays data from - * X509Certificate(s) used in jar signing. - * - * @author <a href="mailto:jsumali@redhat.com">Joshua Sumali</a> - */ -public class CertsInfoPane extends SecurityDialogPanel { - - private CertPath certPath; - protected JTree tree; - private JTable table; - private JTextArea output; - private ListSelectionModel listSelectionModel; - private ListSelectionModel tableSelectionModel; - protected String[] certNames; - private String[] columnNames = { R("Field"), R("Value") }; - protected ArrayList<String[][]> certsData; - - public CertsInfoPane(SecurityDialog x, CertVerifier certVerifier) { - super(x, certVerifier); - addComponents(); - } - - /** - * Builds the JTree out of CertPaths. - */ - void buildTree() { - certPath = parent.getCertVerifier().getCertPath(null); - X509Certificate firstCert = - ((X509Certificate) certPath.getCertificates().get(0)); - String subjectString = - SecurityUtil.getCN(firstCert.getSubjectX500Principal().getName()); - String issuerString = - SecurityUtil.getCN(firstCert.getIssuerX500Principal().getName()); - - DefaultMutableTreeNode top = - new DefaultMutableTreeNode(subjectString - + " (" + issuerString + ")"); - - //not self signed - if (!firstCert.getSubjectDN().equals(firstCert.getIssuerDN()) - && (certPath.getCertificates().size() > 1)) { - X509Certificate secondCert = - ((X509Certificate) certPath.getCertificates().get(1)); - subjectString = - SecurityUtil.getCN(secondCert.getSubjectX500Principal().getName()); - issuerString = - SecurityUtil.getCN(secondCert.getIssuerX500Principal().getName()); - top.add(new DefaultMutableTreeNode(subjectString - + " (" + issuerString + ")")); - } - - tree = new JTree(top); - tree.getSelectionModel().setSelectionMode - (TreeSelectionModel.SINGLE_TREE_SELECTION); - tree.addTreeSelectionListener(new TreeSelectionHandler()); - } - - /** - * Fills in certsNames, certsData with data from the certificates. - */ - protected void populateTable() { - certNames = new String[certPath.getCertificates().size()]; - certsData = new ArrayList<String[][]>(); - - for (int i = 0; i < certPath.getCertificates().size(); i++) { - - X509Certificate c = (X509Certificate) certPath.getCertificates().get(i); - certsData.add(parseCert(c)); - certNames[i] = SecurityUtil.getCN(c.getSubjectX500Principal().getName()) - + " (" + SecurityUtil.getCN(c.getIssuerX500Principal().getName()) + ")"; - } - } - - protected String[][] parseCert(X509Certificate c) { - - String version = "" + c.getVersion(); - String serialNumber = c.getSerialNumber().toString(); - String signatureAlg = c.getSigAlgName(); - String issuer = c.getIssuerX500Principal().toString(); - String validity = new CertificateValidity(c.getNotBefore(), - c.getNotAfter()).toString(); - String subject = c.getSubjectX500Principal().toString(); - - //convert our signature into a nice human-readable form. - HexDumpEncoder encoder = new HexDumpEncoder(); - String signature = encoder.encodeBuffer(c.getSignature()); - - String md5Hash = ""; - String sha1Hash = ""; - try { - MessageDigest digest = MessageDigest.getInstance("MD5"); - digest.update(c.getEncoded()); - md5Hash = makeFingerprint(digest.digest()); - - digest = MessageDigest.getInstance("SHA-1"); - digest.update(c.getEncoded()); - sha1Hash = makeFingerprint(digest.digest()); - } catch (Exception e) { - //fail quietly - } - - String[][] cert = { { R("Version"), version }, - { R("SSerial"), serialNumber }, - { R("SSignatureAlgorithm"), signatureAlg }, - { R("SIssuer"), issuer }, - { R("SValidity"), validity }, - { R("SSubject"), subject }, - { R("SSignature"), signature }, - { R("SMD5Fingerprint"), md5Hash }, - { R("SSHA1Fingerprint"), sha1Hash } - }; - return cert; - } - - /** - * Constructs the GUI components of this panel - */ - private void addComponents() { - buildTree(); - populateTable(); - /** - //List of Certs - list = new JList(certNames); - list.setSelectedIndex(0); //assuming there's at least 1 cert - listSelectionModel = list.getSelectionModel(); - listSelectionModel.addListSelectionListener(new ListSelectionHandler()); - JScrollPane listPane = new JScrollPane(list); - */ - JScrollPane listPane = new JScrollPane(tree); - - //Table of field-value pairs - DefaultTableModel tableModel = new DefaultTableModel(certsData.get(0), - columnNames); - table = new JTable(tableModel); - table.getTableHeader().setReorderingAllowed(false); - tableSelectionModel = table.getSelectionModel(); - tableSelectionModel.addListSelectionListener(new TableSelectionHandler()); - table.setFillsViewportHeight(true); - JScrollPane tablePane = new JScrollPane(table); - tablePane.setPreferredSize(new Dimension(500, 200)); - - //Text area to display the larger values - output = new JTextArea(); - output.setEditable(false); - JScrollPane outputPane = new JScrollPane(output, - ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED, - ScrollPaneConstants.HORIZONTAL_SCROLLBAR_AS_NEEDED); - outputPane.setPreferredSize(new Dimension(500, 200)); - - //split pane of the field-value pairs and textbox - JSplitPane rightSplitPane = new JSplitPane(JSplitPane.VERTICAL_SPLIT, - tablePane, outputPane); - rightSplitPane.setDividerLocation(0.50); - rightSplitPane.setResizeWeight(0.50); - - JSplitPane mainPane = new JSplitPane(JSplitPane.HORIZONTAL_SPLIT, - listPane, rightSplitPane); - mainPane.setDividerLocation(0.30); - mainPane.setResizeWeight(0.30); - - JPanel buttonPane = new JPanel(new BorderLayout()); - JButton close = new JButton(R("ButClose")); - JButton copyToClipboard = new JButton(R("ButCopy")); - close.addActionListener(createSetValueListener(parent, 0)); - copyToClipboard.addActionListener(new CopyToClipboardHandler()); - buttonPane.add(close, BorderLayout.EAST); - buttonPane.add(copyToClipboard, BorderLayout.WEST); - buttonPane.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); - - add(mainPane, BorderLayout.CENTER); - add(buttonPane, BorderLayout.SOUTH); - } - - /** - * Copies the currently selected certificate to the system Clipboard. - */ - private class CopyToClipboardHandler implements ActionListener { - @Override - public void actionPerformed(ActionEvent e) { - Clipboard clipboard = Toolkit.getDefaultToolkit().getSystemClipboard(); - int certIndex = 0; - DefaultMutableTreeNode node = (DefaultMutableTreeNode) - tree.getLastSelectedPathComponent(); - if (node == null) { - return; - } - if (node.isRoot()) { - certIndex = 0; - } - else if (node.isLeaf()) { - certIndex = 1; - } - - String[][] cert = certsData.get(certIndex); - int rows = cert.length; - int cols = cert[0].length; - - String certString = ""; - for (int i = 0; i < rows; i++) { - for (int j = 0; j < cols; j++) { - certString += cert[i][j]; - certString += " "; - } - certString += "\n"; - } - - clipboard.setContents(new StringSelection(certString), null); - } - } - - /** - * Updates the JTable when the JTree selection has changed. - */ - protected class TreeSelectionHandler implements TreeSelectionListener { - @Override - public void valueChanged(TreeSelectionEvent e) { - DefaultMutableTreeNode node = (DefaultMutableTreeNode) - tree.getLastSelectedPathComponent(); - - if (node == null) { - return; - } - if (node.isRoot()) { - table.setModel(new DefaultTableModel(certsData.get(0), - columnNames)); - } else if (node.isLeaf()) { - table.setModel(new DefaultTableModel(certsData.get(1), - columnNames)); - } - } - } - - /** - * Updates the JTable when the selection on the list has changed. - */ - private class ListSelectionHandler implements ListSelectionListener { - @Override - public void valueChanged(ListSelectionEvent e) { - ListSelectionModel lsm = (ListSelectionModel) e.getSource(); - - int minIndex = lsm.getMinSelectionIndex(); - int maxIndex = lsm.getMaxSelectionIndex(); - - for (int i = minIndex; i <= maxIndex; i++) { - if (lsm.isSelectedIndex(i)) { - table.setModel(new DefaultTableModel(certsData.get(i), - columnNames)); - } - } - } - } - - /** - * Updates the JTextArea output when the selection on the JTable - * has changed. - */ - private class TableSelectionHandler implements ListSelectionListener { - @Override - public void valueChanged(ListSelectionEvent e) { - ListSelectionModel lsm = (ListSelectionModel) e.getSource(); - - int minIndex = lsm.getMinSelectionIndex(); - int maxIndex = lsm.getMaxSelectionIndex(); - - for (int i = minIndex; i <= maxIndex; i++) { - if (lsm.isSelectedIndex(i)) { - output.setText((String) table.getValueAt(i, 1)); - } - } - } - } - - /** - * Makes a human readable hash fingerprint. - * For example: 11:22:33:44:AA:BB:CC:DD:EE:FF. - */ - private String makeFingerprint(byte[] hash) { - String fingerprint = ""; - for (int i = 0; i < hash.length; i++) { - if (!fingerprint.equals("")) { - fingerprint += ":"; - } - fingerprint += Integer.toHexString( - ((hash[i] & 0xFF) | 0x100)).substring(1, 3); - } - return fingerprint.toUpperCase(); - } -}
--- a/netx/net/sourceforge/jnlp/security/HttpsCertVerifier.java Wed Mar 05 15:43:03 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/HttpsCertVerifier.java Wed Mar 05 16:41:06 2014 +0100 @@ -77,6 +77,7 @@ this.hostMatched = hostMatched; } + @Override public boolean getAlreadyTrustPublisher() { return isTrusted; }
--- a/netx/net/sourceforge/jnlp/security/KeyStores.java Wed Mar 05 15:43:03 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/KeyStores.java Wed Mar 05 16:41:06 2014 +0100 @@ -86,7 +86,7 @@ /** the default password used to protect the KeyStores */ private static final String DEFAULT_PASSWORD = "changeit"; - public static final char[] getPassword() { + public static char[] getPassword() { return DEFAULT_PASSWORD.toCharArray(); }
--- a/netx/net/sourceforge/jnlp/security/MoreInfoPane.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,125 +0,0 @@ -/* MoreInfoPane.java - Copyright (C) 2008 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. -*/ - -package net.sourceforge.jnlp.security; - -import static net.sourceforge.jnlp.runtime.Translator.R; - -import java.awt.BorderLayout; -import java.awt.Dimension; -import java.awt.GridLayout; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; -import java.util.List; - -import javax.swing.BorderFactory; -import javax.swing.ImageIcon; -import javax.swing.JButton; -import javax.swing.JLabel; -import javax.swing.JPanel; -import javax.swing.SwingConstants; - -/** - * Provides the panel for the More Info dialog. This dialog shows details about an - * application's signing status. - * - * @author <a href="mailto:jsumali@redhat.com">Joshua Sumali</a> - */ -public class MoreInfoPane extends SecurityDialogPanel { - - private boolean showSignedJNLPWarning; - - public MoreInfoPane(SecurityDialog x, CertVerifier certVerifier) { - super(x, certVerifier); - showSignedJNLPWarning= x.requiresSignedJNLPWarning(); - addComponents(); - } - - /** - * Constructs the GUI components of this panel - */ - private void addComponents() { - List<String> details = certVerifier.getDetails(null); - - // Show signed JNLP warning if the signed main jar does not have a - // signed JNLP file and the launching JNLP file contains special properties - if(showSignedJNLPWarning) - details.add(R("SJNLPFileIsNotSigned")); - - int numLabels = details.size(); - JPanel errorPanel = new JPanel(new GridLayout(numLabels, 1)); - errorPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - errorPanel.setPreferredSize(new Dimension(400, 70 * (numLabels))); - - for (int i = 0; i < numLabels; i++) { - ImageIcon icon = null; - if (details.get(i).equals(R("STrustedCertificate"))) - icon = new ImageIcon((new sun.misc.Launcher()) - .getClassLoader().getResource("net/sourceforge/jnlp/resources/info-small.png")); - else - icon = new ImageIcon((new sun.misc.Launcher()) - .getClassLoader().getResource("net/sourceforge/jnlp/resources/warning-small.png")); - - errorPanel.add(new JLabel(htmlWrap(details.get(i)), icon, SwingConstants.LEFT)); - } - - // Removes signed JNLP warning after it has been used. This will avoid - // any alteration to certVerifier. - if(showSignedJNLPWarning) - details.remove(details.size()-1); - - JPanel buttonsPanel = new JPanel(new BorderLayout()); - JButton certDetails = new JButton(R("SCertificateDetails")); - certDetails.addActionListener(new CertInfoButtonListener()); - JButton close = new JButton(R("ButClose")); - close.addActionListener(createSetValueListener(parent, 0)); - buttonsPanel.add(certDetails, BorderLayout.WEST); - buttonsPanel.add(close, BorderLayout.EAST); - buttonsPanel.setBorder(BorderFactory.createEmptyBorder(15, 15, 15, 15)); - - add(errorPanel, BorderLayout.NORTH); - add(buttonsPanel, BorderLayout.SOUTH); - - } - - private class CertInfoButtonListener implements ActionListener { - public void actionPerformed(ActionEvent e) { - SecurityDialog.showCertInfoDialog(parent.getCertVerifier(), - parent); - } - } -}
--- a/netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,114 +0,0 @@ -/* NotAllSignedWarningPane.java - Copyright (C) 2008 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. -*/ - -package net.sourceforge.jnlp.security; - -import static net.sourceforge.jnlp.runtime.Translator.R; - -import java.awt.BorderLayout; -import java.awt.Color; -import java.awt.Dimension; -import java.awt.FlowLayout; -import java.awt.Font; - -import javax.swing.BorderFactory; -import javax.swing.BoxLayout; -import javax.swing.ImageIcon; -import javax.swing.JButton; -import javax.swing.JLabel; -import javax.swing.JPanel; -import javax.swing.SwingConstants; - -public class NotAllSignedWarningPane extends SecurityDialogPanel { - - public NotAllSignedWarningPane(SecurityDialog x) { - super(x); - addComponents(); - } - - /** - * Creates the actual GUI components, and adds it to this panel - */ - private void addComponents() { - - String topLabelText = R("SNotAllSignedSummary"); - String infoLabelText = R("SNotAllSignedDetail"); - String questionLabelText = R("SNotAllSignedQuestion"); - - ImageIcon icon = new ImageIcon((new sun.misc.Launcher()).getClassLoader().getResource("net/sourceforge/jnlp/resources/warning.png")); - JLabel topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.LEFT); - topLabel.setFont(new Font(topLabel.getFont().toString(), - Font.BOLD, 12)); - JPanel topPanel = new JPanel(new BorderLayout()); - topPanel.setBackground(Color.WHITE); - topPanel.add(topLabel, BorderLayout.CENTER); - topPanel.setPreferredSize(new Dimension(500, 80)); - topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - - JLabel infoLabel = new JLabel(htmlWrap(infoLabelText)); - JPanel infoPanel = new JPanel(new BorderLayout()); - infoPanel.add(infoLabel, BorderLayout.CENTER); - infoPanel.setPreferredSize(new Dimension(500, 100)); - infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - - JLabel questionLabel = new JLabel(htmlWrap(questionLabelText)); - JPanel questionPanel = new JPanel(new BorderLayout()); - questionPanel.add(questionLabel, BorderLayout.CENTER); - questionPanel.setPreferredSize(new Dimension(500, 100)); - questionPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - - //run and cancel buttons - JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); - - JButton run = new JButton(R("ButProceed")); - JButton cancel = new JButton(R("ButCancel")); - run.addActionListener(createSetValueListener(parent, 0)); - cancel.addActionListener(createSetValueListener(parent, 1)); - initialFocusComponent = cancel; - buttonPanel.add(run); - buttonPanel.add(cancel); - buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); - - //all of the above - setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); - add(topPanel); - add(infoPanel); - add(questionPanel); - add(buttonPanel); - - } -}
--- a/netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,182 +0,0 @@ -/* PasswordAuthenticationPane -- requests authentication information from users - Copyright (C) 2010 Red Hat - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -IcedTea is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - -package net.sourceforge.jnlp.security; - -import static net.sourceforge.jnlp.runtime.Translator.R; - -import java.awt.Dimension; -import java.awt.GridBagConstraints; -import java.awt.GridBagLayout; -import java.awt.Insets; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; - -import javax.swing.JButton; -import javax.swing.JLabel; -import javax.swing.JPasswordField; -import javax.swing.JTextField; - -/** - * Modal non-minimizable dialog to request http authentication credentials - */ - -public class PasswordAuthenticationPane extends SecurityDialogPanel { - - private final JTextField jtfUserName = new JTextField(); - private final JPasswordField jpfPassword = new JPasswordField(); - - private final String host; - private final int port; - private final String prompt; - private final String type; - - public PasswordAuthenticationPane(SecurityDialog parent, Object[] extras) { - super(parent); - host = (String) extras[0]; - port = (Integer) extras[1]; - prompt = (String) extras[2]; - type = (String) extras[3]; - - addComponents(); - } - - /** - * Initialized the dialog components - */ - - public void addComponents() { - - JLabel jlInfo = new JLabel(""); - jlInfo.setText("<html>" + R("SAuthenticationPrompt", type, host, prompt) + "</html>"); - - setLayout(new GridBagLayout()); - - JLabel jlUserName = new JLabel(R("Username")); - JLabel jlPassword = new JLabel(R("Password")); - JButton jbOK = new JButton(R("ButOk")); - JButton jbCancel = new JButton(R("ButCancel")); - - jtfUserName.setSize(20, 10); - jpfPassword.setSize(20, 10); - - GridBagConstraints c; - - c = new GridBagConstraints(); - c.fill = GridBagConstraints.HORIZONTAL; - c.gridx = 0; - c.gridy = 0; - c.gridwidth = 2; - c.insets = new Insets(10, 5, 3, 3); - add(jlInfo, c); - - c = new GridBagConstraints(); - c.gridx = 0; - c.gridy = 1; - c.insets = new Insets(10, 5, 3, 3); - add(jlUserName, c); - - c = new GridBagConstraints(); - c.fill = GridBagConstraints.HORIZONTAL; - c.gridx = 1; - c.gridy = 1; - c.insets = new Insets(10, 5, 3, 3); - c.weightx = 1.0; - add(jtfUserName, c); - - c = new GridBagConstraints(); - c.gridx = 0; - c.gridy = 2; - c.insets = new Insets(5, 5, 3, 3); - add(jlPassword, c); - - c = new GridBagConstraints(); - c.fill = GridBagConstraints.HORIZONTAL; - c.gridx = 1; - c.gridy = 2; - c.insets = new Insets(5, 5, 3, 3); - c.weightx = 1.0; - add(jpfPassword, c); - - c = new GridBagConstraints(); - c.anchor = GridBagConstraints.SOUTHEAST; - c.gridx = 1; - c.gridy = 3; - c.insets = new Insets(5, 5, 3, 70); - c.weightx = 0.0; - add(jbCancel, c); - - c = new GridBagConstraints(); - c.anchor = GridBagConstraints.SOUTHEAST; - c.gridx = 1; - c.gridy = 3; - c.insets = new Insets(5, 5, 3, 3); - c.weightx = 0.0; - add(jbOK, c); - - setMinimumSize(new Dimension(400, 150)); - setMaximumSize(new Dimension(1024, 150)); - - setSize(400, 150); - parent.setLocationRelativeTo(null); - initialFocusComponent = jtfUserName; - - ActionListener acceptActionListener = new ActionListener() { - public void actionPerformed(ActionEvent e) { - parent.setValue(new Object[] { jtfUserName.getText(), jpfPassword.getPassword() }); - parent.dispose(); - } - }; - - ActionListener cancelActionListener = new ActionListener() { - public void actionPerformed(ActionEvent e) { - parent.setValue(null); - parent.dispose(); - } - }; - - // OK => read supplied info and pass it on - jbOK.addActionListener(acceptActionListener); - - // Cancel => discard supplied info and pass on an empty auth - jbCancel.addActionListener(cancelActionListener); - - // "return" key in either user or password field => OK - jtfUserName.addActionListener(acceptActionListener); - jpfPassword.addActionListener(acceptActionListener); - } -}
--- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java Wed Mar 05 15:43:03 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java Wed Mar 05 16:41:06 2014 +0100 @@ -37,9 +37,17 @@ package net.sourceforge.jnlp.security; +import net.sourceforge.jnlp.security.dialogs.AppletWarningPane; +import net.sourceforge.jnlp.security.dialogs.AccessWarningPane; +import net.sourceforge.jnlp.security.dialogs.NotAllSignedWarningPane; +import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.UnsignedAppletTrustWarningDialog; +import net.sourceforge.jnlp.security.dialogs.PasswordAuthenticationPane; +import net.sourceforge.jnlp.security.dialogs.SecurityDialogPanel; +import net.sourceforge.jnlp.security.dialogs.CertWarningPane; +import net.sourceforge.jnlp.security.dialogs.SingleCertInfoPane; +import net.sourceforge.jnlp.security.dialogs.CertsInfoPane; +import net.sourceforge.jnlp.security.dialogs.MoreInfoPane; import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.PluginBridge; -import net.sourceforge.jnlp.runtime.JNLPRuntime; import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; import net.sourceforge.jnlp.security.SecurityDialogs.DialogType; import net.sourceforge.jnlp.util.ImageResources; @@ -324,7 +332,7 @@ panel.requestFocusOnDefaultButton(); } - protected void setValue(Object value) { + public void setValue(Object value) { OutputController.getLogger().log("Setting value:" + value); this.value = value; }
--- a/netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java Wed Mar 05 15:43:03 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java Wed Mar 05 16:41:06 2014 +0100 @@ -44,7 +44,6 @@ import sun.awt.AppContext; -import net.sourceforge.jnlp.runtime.JNLPRuntime; import net.sourceforge.jnlp.util.logging.OutputController; /**
--- a/netx/net/sourceforge/jnlp/security/SecurityDialogPanel.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,119 +0,0 @@ -/* SecurityDialogPanel.java -Copyright (C) 2008-2010 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. -*/ - -package net.sourceforge.jnlp.security; - -import java.awt.BorderLayout; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; - -import javax.swing.JComponent; -import javax.swing.JPanel; - -/** - * Provides a JPanel for use in JNLP warning dialogs. - */ -public abstract class SecurityDialogPanel extends JPanel { - - protected SecurityDialog parent; - - JComponent initialFocusComponent = null; - - CertVerifier certVerifier = null; - - public SecurityDialogPanel(SecurityDialog dialog, CertVerifier certVerifier) { - this.parent = dialog; - this.certVerifier = certVerifier; - this.setLayout(new BorderLayout()); - } - - public SecurityDialogPanel(SecurityDialog dialog) { - this.parent = dialog; - this.setLayout(new BorderLayout()); - } - - /** - * Needed to get word wrap working in JLabels. - */ - protected String htmlWrap(String s) { - return "<html>" + s + "</html>"; - } - - /** - * Create an ActionListener suitable for use with buttons. When this {@link ActionListener} - * is invoked, it will set the value of the {@link SecurityDialog} and then dispossed. - * - * @param buttonIndex the index of the button. By convention 0 = Yes. 1 = No, 2 = Cancel - * @return the ActionListener instance. - */ - protected ActionListener createSetValueListener(SecurityDialog dialog, int buttonIndex) { - return new SetValueHandler(dialog, buttonIndex); - } - - @Override - public void setVisible(boolean aFlag) { - super.setVisible(aFlag); - requestFocusOnDefaultButton(); - } - - public void requestFocusOnDefaultButton() { - if (initialFocusComponent != null) { - initialFocusComponent.requestFocusInWindow(); - } - } - - /** - * Creates a handler that sets a dialog's value and then disposes it when activated - * - */ - private static class SetValueHandler implements ActionListener { - - Integer buttonIndex; - SecurityDialog dialog; - - public SetValueHandler(SecurityDialog dialog, int buttonIndex) { - this.dialog = dialog; - this.buttonIndex = buttonIndex; - } - - @Override - public void actionPerformed(ActionEvent e) { - dialog.setValue(buttonIndex); - dialog.dispose(); - } - } -}
--- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Wed Mar 05 15:43:03 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Wed Mar 05 16:41:06 2014 +0100 @@ -51,7 +51,7 @@ import net.sourceforge.jnlp.JNLPFile; import net.sourceforge.jnlp.config.DeploymentConfiguration; import net.sourceforge.jnlp.runtime.JNLPRuntime; -import net.sourceforge.jnlp.security.AppTrustWarningPanel.AppSigningWarningAction; +import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.AppSigningWarningAction; import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; /**
--- a/netx/net/sourceforge/jnlp/security/SingleCertInfoPane.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,76 +0,0 @@ -/* SingleCertInfoPane.java - Copyright (C) 2008 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. -*/ - -package net.sourceforge.jnlp.security; - -import java.security.cert.X509Certificate; -import java.util.ArrayList; - -import javax.swing.JTree; -import javax.swing.tree.DefaultMutableTreeNode; -import javax.swing.tree.TreeSelectionModel; - -public class SingleCertInfoPane extends CertsInfoPane { - - public SingleCertInfoPane(SecurityDialog x, CertVerifier certVerifier) { - super(x, certVerifier); - } - - protected void buildTree() { - X509Certificate cert = parent.getCert(); - String subjectString = - SecurityUtil.getCN(cert.getSubjectX500Principal().getName()); - String issuerString = - SecurityUtil.getCN(cert.getIssuerX500Principal().getName()); - - DefaultMutableTreeNode top = new DefaultMutableTreeNode(subjectString - + " (" + issuerString + ")"); - - tree = new JTree(top); - tree.getSelectionModel().setSelectionMode(TreeSelectionModel.SINGLE_TREE_SELECTION); - tree.addTreeSelectionListener(new TreeSelectionHandler()); - } - - protected void populateTable() { - X509Certificate c = parent.getCert(); - certNames = new String[1]; - certsData = new ArrayList<String[][]>(); - certsData.add(parseCert(c)); - certNames[0] = SecurityUtil.getCN(c.getSubjectX500Principal().getName()) - + " (" + SecurityUtil.getCN(c.getIssuerX500Principal().getName()) + ")"; - } -}
--- a/netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,63 +0,0 @@ -/* Copyright (C) 2013 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. - */ - -package net.sourceforge.jnlp.security; - -import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.security.AppTrustWarningPanel.ActionChoiceListener; -import net.sourceforge.jnlp.security.AppTrustWarningPanel.AppSigningWarningAction; - -/** - * A panel that confirms that the user is OK with unsigned code running. - * - */ -public class UnsignedAppletTrustWarningDialog extends SecurityDialogPanel { - - public UnsignedAppletTrustWarningDialog(SecurityDialog x, JNLPFile file) { - super(x); - - add(new UnsignedAppletTrustWarningPanel(file, - new ActionChoiceListener() { - @Override - public void actionChosen(AppSigningWarningAction action) { - parent.setValue(action); - parent.dispose(); - } - }) - ); - } - -}
--- a/netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,106 +0,0 @@ -/* Copyright (C) 2014 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. -*/ - -package net.sourceforge.jnlp.security; - -import java.awt.BorderLayout; -import java.net.URL; -import static net.sourceforge.jnlp.runtime.Translator.R; - -import javax.swing.ImageIcon; -import javax.swing.JFrame; -import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; -import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustConfirmation; - - -public class UnsignedAppletTrustWarningPanel extends AppTrustWarningPanel { - - public UnsignedAppletTrustWarningPanel(final JNLPFile file, final ActionChoiceListener listener) { - super(file, listener); - addComponents(); - } - - @Override - protected ImageIcon getInfoImage() { - final String location = "net/sourceforge/jnlp/resources/info-small.png"; - return new ImageIcon(ClassLoader.getSystemClassLoader().getResource(location)); - } - - protected static String getTopPanelTextKey() { - return "SUnsignedSummary"; - } - - protected static String getInfoPanelTextKey() { - return "SUnsignedDetail"; - } - - protected static String getQuestionPanelTextKey() { - return "SUnsignedQuestion"; - } - - @Override - protected String getTopPanelText() { - return htmlWrap(R(getTopPanelTextKey())); - } - - @Override - protected String getInfoPanelText() { - String text = R(getInfoPanelTextKey(), file.getCodeBase(), file.getSourceLocation()); - ExecuteAppletAction rememberedAction = UnsignedAppletTrustConfirmation.getStoredAction(file); - if (rememberedAction == ExecuteAppletAction.YES) { - text += "<br>" + R("SUnsignedAllowedBefore"); - } else if (rememberedAction == ExecuteAppletAction.NO) { - text += "<br>" + R("SUnsignedRejectedBefore"); - } - return htmlWrap(text); - } - - @Override - protected String getQuestionPanelText() { - return htmlWrap(R(getQuestionPanelTextKey())); - } - - public static void main(String[] args) throws Exception { - UnsignedAppletTrustWarningPanel w = new UnsignedAppletTrustWarningPanel(new JNLPFile(new URL("http://www.geogebra.org/webstart/geogebra.jnlp")), null); - JFrame f = new JFrame(); - f.setSize(600, 400); - f.add(w, BorderLayout.CENTER); - f.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); - f.setVisible(true); - } - -}
--- a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java Wed Mar 05 15:43:03 2014 +0100 +++ b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java Wed Mar 05 16:41:06 2014 +0100 @@ -48,7 +48,7 @@ import net.sourceforge.jnlp.JNLPFile; import net.sourceforge.jnlp.LaunchException; import net.sourceforge.jnlp.PluginBridge; -import net.sourceforge.jnlp.security.AppTrustWarningPanel.AppSigningWarningAction; +import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.AppSigningWarningAction; import net.sourceforge.jnlp.security.CertVerifier; import net.sourceforge.jnlp.security.SecurityDialogs; import net.sourceforge.jnlp.util.UrlUtils;
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/AccessWarningPane.java Wed Mar 05 16:41:06 2014 +0100 @@ -0,0 +1,216 @@ +/* AccessWarningPane.java + Copyright (C) 2008 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. +*/ + +package net.sourceforge.jnlp.security.dialogs; + +import static net.sourceforge.jnlp.runtime.Translator.R; + +import java.awt.BorderLayout; +import java.awt.Color; +import java.awt.Dimension; +import java.awt.FlowLayout; +import java.awt.Font; +import java.awt.GridLayout; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; + +import javax.swing.BorderFactory; +import javax.swing.BoxLayout; +import javax.swing.ImageIcon; +import javax.swing.JButton; +import javax.swing.JCheckBox; +import javax.swing.JLabel; +import javax.swing.JPanel; +import javax.swing.SwingConstants; + +import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.security.CertVerifier; +import net.sourceforge.jnlp.security.SecurityDialog; +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; +import net.sourceforge.jnlp.util.FileUtils; + +/** + * Provides a panel to show inside a SecurityDialog. These dialogs are + * used to warn the user when either signed code (with or without signing + * issues) is going to be run, or when service permission (file, clipboard, + * printer, etc) is needed with unsigned code. + * + * @author <a href="mailto:jsumali@redhat.com">Joshua Sumali</a> + */ +public class AccessWarningPane extends SecurityDialogPanel { + + JCheckBox alwaysAllow; + Object[] extras; + + public AccessWarningPane(SecurityDialog x, CertVerifier certVerifier) { + super(x, certVerifier); + addComponents(); + } + + public AccessWarningPane(SecurityDialog x, Object[] extras, CertVerifier certVerifier) { + super(x, certVerifier); + this.extras = extras; + addComponents(); + } + + /** + * Creates the actual GUI components, and adds it to this panel + */ + private void addComponents() { + AccessType type = parent.getAccessType(); + JNLPFile file = parent.getFile(); + + String name = ""; + String publisher = ""; + String from = ""; + + //We don't worry about exceptions when trying to fill in + //these strings -- we just want to fill in as many as possible. + try { + name = file.getInformation().getTitle() != null ? file.getInformation().getTitle() : R("SNoAssociatedCertificate"); + } catch (Exception e) { + } + + try { + publisher = file.getInformation().getVendor() != null ? + file.getInformation().getVendor() + " " + R("SUnverified") : + R("SNoAssociatedCertificate"); + } catch (Exception e) { + } + + try { + from = !file.getInformation().getHomepage().toString().equals("") ? file.getInformation().getHomepage().toString() : file.getSourceLocation().getAuthority(); + } catch (Exception e) { + from = file.getSourceLocation().getAuthority(); + } + + //Top label + String topLabelText = ""; + switch (type) { + case READ_FILE: + if (extras != null && extras.length > 0 && extras[0] instanceof String) { + topLabelText = R("SFileReadAccess", FileUtils.displayablePath((String) extras[0])); + } else { + topLabelText = R("SFileReadAccess", R("AFileOnTheMachine")); + } + break; + case WRITE_FILE: + if (extras != null && extras.length > 0 && extras[0] instanceof String) { + topLabelText = R("SFileWriteAccess", FileUtils.displayablePath((String) extras[0])); + } else { + topLabelText = R("SFileWriteAccess", R("AFileOnTheMachine")); + } + break; + case CREATE_DESTKOP_SHORTCUT: + topLabelText = R("SDesktopShortcut"); + break; + case CLIPBOARD_READ: + topLabelText = R("SClipboardReadAccess"); + break; + case CLIPBOARD_WRITE: + topLabelText = R("SClipboardWriteAccess"); + break; + case PRINTER: + topLabelText = R("SPrinterAccess"); + break; + case NETWORK: + if (extras != null && extras.length >= 0) + topLabelText = R("SNetworkAccess", extras[0]); + else + topLabelText = R("SNetworkAccess", "(address here)"); + } + + ImageIcon icon = new ImageIcon((new sun.misc.Launcher()).getClassLoader().getResource("net/sourceforge/jnlp/resources/question.png")); + JLabel topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.LEFT); + topLabel.setFont(new Font(topLabel.getFont().toString(), + Font.BOLD, 12)); + JPanel topPanel = new JPanel(new BorderLayout()); + topPanel.setBackground(Color.WHITE); + topPanel.add(topLabel, BorderLayout.CENTER); + topPanel.setPreferredSize(new Dimension(450, 100)); + topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + //application info + JLabel nameLabel = new JLabel(R("Name") + ": " + name); + nameLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); + JLabel publisherLabel = new JLabel(R("Publisher") + ": " + publisher); + publisherLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); + JLabel fromLabel = new JLabel(R("From") + ": " + from); + fromLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); + + alwaysAllow = new JCheckBox(R("AlwaysAllowAction")); + alwaysAllow.setEnabled(false); + + JPanel infoPanel = new JPanel(new GridLayout(4, 1)); + infoPanel.add(nameLabel); + infoPanel.add(publisherLabel); + infoPanel.add(fromLabel); + infoPanel.add(alwaysAllow); + infoPanel.setBorder(BorderFactory.createEmptyBorder(25, 25, 25, 25)); + + //run and cancel buttons + JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); + + JButton run = new JButton(R("ButAllow")); + JButton cancel = new JButton(R("ButCancel")); + run.addActionListener(createSetValueListener(parent, 0)); + run.addActionListener(new CheckBoxListener()); + cancel.addActionListener(createSetValueListener(parent, 1)); + initialFocusComponent = cancel; + buttonPanel.add(run); + buttonPanel.add(cancel); + buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + //all of the above + setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); + add(topPanel); + add(infoPanel); + add(buttonPanel); + + } + + private class CheckBoxListener implements ActionListener { + @Override + public void actionPerformed(ActionEvent e) { + if (alwaysAllow != null && alwaysAllow.isSelected()) { + // TODO: somehow tell the ApplicationInstance + // to stop asking for permission + } + } + } + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/AppletWarningPane.java Wed Mar 05 16:41:06 2014 +0100 @@ -0,0 +1,116 @@ +/* AppletWarningPane.java + Copyright (C) 2008 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. +*/ + +package net.sourceforge.jnlp.security.dialogs; + +import java.awt.BorderLayout; +import java.awt.Color; +import java.awt.Dimension; +import java.awt.FlowLayout; +import java.awt.Font; + +import javax.swing.BorderFactory; +import javax.swing.BoxLayout; +import javax.swing.JButton; +import javax.swing.JLabel; +import javax.swing.JPanel; +import net.sourceforge.jnlp.security.CertVerifier; +import net.sourceforge.jnlp.security.SecurityDialog; + +public class AppletWarningPane extends SecurityDialogPanel { + + public AppletWarningPane(SecurityDialog x, CertVerifier certVerifier) { + super(x, certVerifier); + addComponents(); + } + + protected void addComponents() { + + //Top label + String topLabelText = "While support for verifying signed code" + + " has not been implemented yet, some applets will not run " + + "properly under the default restricted security level."; + String bottomLabelText = "Do you want to run this applet under the " + + "restricted security level? (clicking No will run this applet " + + "without any security checking, and should only be done if you " + + "trust the applet!)"; + + JLabel topLabel = new JLabel(htmlWrap(topLabelText)); + topLabel.setFont(new Font(topLabel.getFont().toString(), + Font.BOLD, 12)); + JPanel topPanel = new JPanel(new BorderLayout()); + topPanel.setBackground(Color.WHITE); + topPanel.add(topLabel, BorderLayout.CENTER); + topPanel.setPreferredSize(new Dimension(400, 80)); + topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + JLabel bottomLabel = new JLabel(htmlWrap(bottomLabelText)); + JPanel infoPanel = new JPanel(new BorderLayout()); + infoPanel.add(bottomLabel, BorderLayout.CENTER); + infoPanel.setPreferredSize(new Dimension(400, 80)); + infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + //run and cancel buttons + JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); + + JButton yes = new JButton("Yes"); + JButton no = new JButton("No"); + JButton cancel = new JButton("Cancel"); + int buttonWidth = cancel.getMinimumSize().width; + int buttonHeight = cancel.getMinimumSize().height; + Dimension d = new Dimension(buttonWidth, buttonHeight); + yes.setPreferredSize(d); + no.setPreferredSize(d); + cancel.setPreferredSize(d); + yes.addActionListener(createSetValueListener(parent, 0)); + no.addActionListener(createSetValueListener(parent, 1)); + cancel.addActionListener(createSetValueListener(parent, 2)); + initialFocusComponent = cancel; + buttonPanel.add(yes); + buttonPanel.add(no); + buttonPanel.add(cancel); + buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + //all of the above + setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); + add(topPanel); + add(infoPanel); + add(buttonPanel); + + } + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java Wed Mar 05 16:41:06 2014 +0100 @@ -0,0 +1,325 @@ +/* CertWarningPane.java + Copyright (C) 2012 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. +*/ + +package net.sourceforge.jnlp.security.dialogs; + +import static net.sourceforge.jnlp.runtime.Translator.R; + +import java.awt.BorderLayout; +import java.awt.Color; +import java.awt.Dimension; +import java.awt.FlowLayout; +import java.awt.Font; +import java.awt.GridLayout; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.io.File; +import java.io.FileOutputStream; +import java.io.OutputStream; +import java.security.KeyStore; +import java.security.cert.Certificate; +import java.security.cert.X509Certificate; + +import javax.swing.BorderFactory; +import javax.swing.BoxLayout; +import javax.swing.ImageIcon; +import javax.swing.JButton; +import javax.swing.JCheckBox; +import javax.swing.JLabel; +import javax.swing.JPanel; +import javax.swing.SwingConstants; + +import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.PluginBridge; +import net.sourceforge.jnlp.security.CertVerifier; +import net.sourceforge.jnlp.security.CertificateUtils; +import net.sourceforge.jnlp.security.HttpsCertVerifier; +import net.sourceforge.jnlp.security.KeyStores; +import net.sourceforge.jnlp.security.KeyStores.Level; +import net.sourceforge.jnlp.security.KeyStores.Type; +import net.sourceforge.jnlp.security.SecurityDialog; +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; +import net.sourceforge.jnlp.security.SecurityUtil; +import net.sourceforge.jnlp.util.FileUtils; +import net.sourceforge.jnlp.util.logging.OutputController; + +/** + * Provides the panel for using inside a SecurityDialog. These dialogs are + * used to warn the user when either signed code (with or without signing + * issues) is going to be run, or when service permission (file, clipboard, + * printer, etc) is needed with unsigned code. + * + * @author <a href="mailto:jsumali@redhat.com">Joshua Sumali</a> + */ +public class CertWarningPane extends SecurityDialogPanel { + + JCheckBox alwaysTrust; + CertVerifier certVerifier; + + public CertWarningPane(SecurityDialog x, CertVerifier certVerifier) { + super(x, certVerifier); + this.certVerifier = certVerifier; + addComponents(); + } + + /** + * Creates the actual GUI components, and adds it to this panel + */ + private void addComponents() { + AccessType type = parent.getAccessType(); + JNLPFile file = parent.getFile(); + Certificate c = parent.getCertVerifier().getPublisher(null); + + String name = ""; + String publisher = ""; + String from = ""; + + //We don't worry about exceptions when trying to fill in + //these strings -- we just want to fill in as many as possible. + try { + if ((certVerifier instanceof HttpsCertVerifier) && + (c instanceof X509Certificate)) { + name = SecurityUtil.getCN(((X509Certificate) c) + .getSubjectX500Principal().getName()); + } else if (file instanceof PluginBridge) { + name = file.getTitle(); + } else { + name = file.getInformation().getTitle(); + } + } catch (Exception e) { + } + + try { + if (c instanceof X509Certificate) { + publisher = SecurityUtil.getCN(((X509Certificate) c) + .getSubjectX500Principal().getName()); + } + } catch (Exception e) { + } + + try { + if (file instanceof PluginBridge) { + from = file.getCodeBase().getHost(); + } else { + from = file.getInformation().getHomepage().toString(); + } + } catch (Exception e) { + } + + // Labels + String topLabelText = ""; + String bottomLabelText = parent.getCertVerifier().getRootInCacerts() ? + R("STrustedSource") : R("SUntrustedSource"); + String propertyName = ""; + String iconLocation = "net/sourceforge/jnlp/resources/"; + boolean alwaysTrustSelected = false; + if (certVerifier instanceof HttpsCertVerifier) { + // HTTPS certs that are verified do not prompt for a dialog. + // @see VariableX509TrustManager#checkServerTrusted + topLabelText = R("SHttpsUnverified") + " " + R("Continue"); + propertyName = "OptionPane.warningIcon"; + iconLocation += "warning.png"; + } else { + switch (type) { + case VERIFIED: + topLabelText = R("SSigVerified"); + propertyName = "OptionPane.informationIcon"; + iconLocation += "question.png"; + alwaysTrustSelected = true; + break; + case UNVERIFIED: + topLabelText = R("SSigUnverified"); + propertyName = "OptionPane.warningIcon"; + iconLocation += "warning.png"; + bottomLabelText += " " + R("SWarnFullPermissionsIgnorePolicy"); + break; + case SIGNING_ERROR: + topLabelText = R("SSignatureError"); + propertyName = "OptionPane.warningIcon"; + iconLocation += "warning.png"; + bottomLabelText += " " + R("SWarnFullPermissionsIgnorePolicy"); + break; + } + } + ImageIcon icon = new ImageIcon((new sun.misc.Launcher()) + .getClassLoader().getResource(iconLocation)); + JLabel topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.LEFT); + topLabel.setFont(new Font(topLabel.getFont().toString(), + Font.BOLD, 12)); + JPanel topPanel = new JPanel(new BorderLayout()); + topPanel.setBackground(Color.WHITE); + topPanel.add(topLabel, BorderLayout.CENTER); + topPanel.setPreferredSize(new Dimension(400, 75)); + topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + //application info + JLabel nameLabel = new JLabel(R("Name") + ": " + name); + nameLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); + JLabel publisherLabel = new JLabel(R("Publisher") + ": " + publisher); + publisherLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); + JLabel fromLabel = new JLabel(R("From") + ": " + from); + fromLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); + + alwaysTrust = new JCheckBox(R("SAlwaysTrustPublisher")); + alwaysTrust.setEnabled(true); + alwaysTrust.setSelected(alwaysTrustSelected); + + JPanel infoPanel = new JPanel(new GridLayout(4, 1)); + infoPanel.add(nameLabel); + infoPanel.add(publisherLabel); + + if (!(certVerifier instanceof HttpsCertVerifier)) { + infoPanel.add(fromLabel); + } + + infoPanel.add(alwaysTrust); + infoPanel.setBorder(BorderFactory.createEmptyBorder(25, 25, 25, 25)); + + //run and cancel buttons + JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); + JButton run = new JButton(R("ButRun")); + JButton sandbox = new JButton(R("ButSandbox")); + JButton cancel = new JButton(R("ButCancel")); + run.setToolTipText(R("CertWarnRunTip")); + sandbox.setToolTipText(R("CertWarnSandboxTip")); + cancel.setToolTipText(R("CertWarnCancelTip")); + + alwaysTrust.addActionListener(new ButtonDisableListener(sandbox)); + int buttonWidth = Math.max(run.getMinimumSize().width, + sandbox.getMinimumSize().width); + buttonWidth = Math.max(buttonWidth, cancel.getMinimumSize().width); + int buttonHeight = run.getMinimumSize().height; + Dimension d = new Dimension(buttonWidth, buttonHeight); + run.setPreferredSize(d); + sandbox.setPreferredSize(d); + cancel.setPreferredSize(d); + + sandbox.setEnabled(!alwaysTrust.isSelected()); + + run.addActionListener(createSetValueListener(parent, 0)); + run.addActionListener(new CheckBoxListener()); + sandbox.addActionListener(createSetValueListener(parent, 1)); + cancel.addActionListener(createSetValueListener(parent, 2)); + initialFocusComponent = cancel; + buttonPanel.add(run); + // file will be null iff this dialog is being called from VariableX509TrustManager. + // In this case, the "sandbox" button does not make any sense, as we are asking + // the user if they trust some certificate that is not being used to sign an app. + // Since there is no app, there is nothing to run sandboxed. + if (file != null) { + buttonPanel.add(sandbox); + } + buttonPanel.add(cancel); + buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + //all of the above + setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); + add(topPanel); + add(infoPanel); + add(buttonPanel); + + JLabel bottomLabel = new JLabel(htmlWrap(bottomLabelText)); + JButton moreInfo = new JButton(R("ButMoreInformation")); + moreInfo.addActionListener(new MoreInfoButtonListener()); + + JPanel bottomPanel = new JPanel(); + bottomPanel.setLayout(new BoxLayout(bottomPanel, BoxLayout.X_AXIS)); + bottomPanel.add(bottomLabel); + bottomPanel.add(moreInfo); + bottomPanel.setPreferredSize(new Dimension(600, 100)); + bottomPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + add(bottomPanel); + + } + + private class MoreInfoButtonListener implements ActionListener { + @Override + public void actionPerformed(ActionEvent e) { + SecurityDialog.showMoreInfoDialog(parent.getCertVerifier(), + parent); + } + } + + /** + * Disable the Sandbox button when the AlwaysTrust checkbox is checked + */ + private class ButtonDisableListener implements ActionListener { + private JButton button; + + public ButtonDisableListener(JButton button) { + this.button = button; + } + + @Override + public void actionPerformed(ActionEvent e) { + button.setEnabled(!alwaysTrust.isSelected()); + } + } + + /** + * Updates the user's KeyStore of trusted Certificates. + */ + private class CheckBoxListener implements ActionListener { + @Override + public void actionPerformed(ActionEvent e) { + if (alwaysTrust != null && alwaysTrust.isSelected()) { + try { + KeyStore ks = KeyStores.getKeyStore(Level.USER, Type.CERTS); + X509Certificate c = (X509Certificate) parent.getCertVerifier().getPublisher(null); + CertificateUtils.addToKeyStore(c, ks); + File keyStoreFile = new File(KeyStores.getKeyStoreLocation(Level.USER, Type.CERTS)); + if (!keyStoreFile.isFile()) { + FileUtils.createRestrictedFile(keyStoreFile, true); + } + + OutputStream os = new FileOutputStream(keyStoreFile); + try { + ks.store(os, KeyStores.getPassword()); + } finally { + os.close(); + } + OutputController.getLogger().log("certificate is now permanently trusted"); + } catch (Exception ex) { + // TODO: Let NetX show a dialog here notifying user + // about being unable to add cert to keystore + OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ex); + } + } + } + } + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/CertsInfoPane.java Wed Mar 05 16:41:06 2014 +0100 @@ -0,0 +1,350 @@ +/* CertsInfoPane.java + Copyright (C) 2008 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. +*/ + +package net.sourceforge.jnlp.security.dialogs; + +import static net.sourceforge.jnlp.runtime.Translator.R; + +import java.util.ArrayList; +import java.security.cert.CertPath; +import java.security.cert.X509Certificate; +import java.security.MessageDigest; + +import sun.misc.HexDumpEncoder; +import sun.security.x509.*; +import javax.swing.*; +import javax.swing.event.*; +import javax.swing.table.*; +import java.awt.*; +import java.awt.event.*; +import java.awt.datatransfer.Clipboard; +import java.awt.datatransfer.StringSelection; +import javax.swing.tree.DefaultMutableTreeNode; +import javax.swing.tree.TreeSelectionModel; +import net.sourceforge.jnlp.security.CertVerifier; +import net.sourceforge.jnlp.security.SecurityDialog; +import net.sourceforge.jnlp.security.SecurityUtil; + +/** + * Provides the panel for the Certificate Info dialog. This dialog displays data from + * X509Certificate(s) used in jar signing. + * + * @author <a href="mailto:jsumali@redhat.com">Joshua Sumali</a> + */ +public class CertsInfoPane extends SecurityDialogPanel { + + private CertPath certPath; + protected JTree tree; + private JTable table; + private JTextArea output; + private ListSelectionModel listSelectionModel; + private ListSelectionModel tableSelectionModel; + protected String[] certNames; + private String[] columnNames = { R("Field"), R("Value") }; + protected ArrayList<String[][]> certsData; + + public CertsInfoPane(SecurityDialog x, CertVerifier certVerifier) { + super(x, certVerifier); + addComponents(); + } + + /** + * Builds the JTree out of CertPaths. + */ + void buildTree() { + certPath = parent.getCertVerifier().getCertPath(null); + X509Certificate firstCert = + ((X509Certificate) certPath.getCertificates().get(0)); + String subjectString = + SecurityUtil.getCN(firstCert.getSubjectX500Principal().getName()); + String issuerString = + SecurityUtil.getCN(firstCert.getIssuerX500Principal().getName()); + + DefaultMutableTreeNode top = + new DefaultMutableTreeNode(subjectString + + " (" + issuerString + ")"); + + //not self signed + if (!firstCert.getSubjectDN().equals(firstCert.getIssuerDN()) + && (certPath.getCertificates().size() > 1)) { + X509Certificate secondCert = + ((X509Certificate) certPath.getCertificates().get(1)); + subjectString = + SecurityUtil.getCN(secondCert.getSubjectX500Principal().getName()); + issuerString = + SecurityUtil.getCN(secondCert.getIssuerX500Principal().getName()); + top.add(new DefaultMutableTreeNode(subjectString + + " (" + issuerString + ")")); + } + + tree = new JTree(top); + tree.getSelectionModel().setSelectionMode + (TreeSelectionModel.SINGLE_TREE_SELECTION); + tree.addTreeSelectionListener(new TreeSelectionHandler()); + } + + /** + * Fills in certsNames, certsData with data from the certificates. + */ + protected void populateTable() { + certNames = new String[certPath.getCertificates().size()]; + certsData = new ArrayList<String[][]>(); + + for (int i = 0; i < certPath.getCertificates().size(); i++) { + + X509Certificate c = (X509Certificate) certPath.getCertificates().get(i); + certsData.add(parseCert(c)); + certNames[i] = SecurityUtil.getCN(c.getSubjectX500Principal().getName()) + + " (" + SecurityUtil.getCN(c.getIssuerX500Principal().getName()) + ")"; + } + } + + protected String[][] parseCert(X509Certificate c) { + + String version = "" + c.getVersion(); + String serialNumber = c.getSerialNumber().toString(); + String signatureAlg = c.getSigAlgName(); + String issuer = c.getIssuerX500Principal().toString(); + String validity = new CertificateValidity(c.getNotBefore(), + c.getNotAfter()).toString(); + String subject = c.getSubjectX500Principal().toString(); + + //convert our signature into a nice human-readable form. + HexDumpEncoder encoder = new HexDumpEncoder(); + String signature = encoder.encodeBuffer(c.getSignature()); + + String md5Hash = ""; + String sha1Hash = ""; + try { + MessageDigest digest = MessageDigest.getInstance("MD5"); + digest.update(c.getEncoded()); + md5Hash = makeFingerprint(digest.digest()); + + digest = MessageDigest.getInstance("SHA-1"); + digest.update(c.getEncoded()); + sha1Hash = makeFingerprint(digest.digest()); + } catch (Exception e) { + //fail quietly + } + + String[][] cert = { { R("Version"), version }, + { R("SSerial"), serialNumber }, + { R("SSignatureAlgorithm"), signatureAlg }, + { R("SIssuer"), issuer }, + { R("SValidity"), validity }, + { R("SSubject"), subject }, + { R("SSignature"), signature }, + { R("SMD5Fingerprint"), md5Hash }, + { R("SSHA1Fingerprint"), sha1Hash } + }; + return cert; + } + + /** + * Constructs the GUI components of this panel + */ + private void addComponents() { + buildTree(); + populateTable(); + /** + //List of Certs + list = new JList(certNames); + list.setSelectedIndex(0); //assuming there's at least 1 cert + listSelectionModel = list.getSelectionModel(); + listSelectionModel.addListSelectionListener(new ListSelectionHandler()); + JScrollPane listPane = new JScrollPane(list); + */ + JScrollPane listPane = new JScrollPane(tree); + + //Table of field-value pairs + DefaultTableModel tableModel = new DefaultTableModel(certsData.get(0), + columnNames); + table = new JTable(tableModel); + table.getTableHeader().setReorderingAllowed(false); + tableSelectionModel = table.getSelectionModel(); + tableSelectionModel.addListSelectionListener(new TableSelectionHandler()); + table.setFillsViewportHeight(true); + JScrollPane tablePane = new JScrollPane(table); + tablePane.setPreferredSize(new Dimension(500, 200)); + + //Text area to display the larger values + output = new JTextArea(); + output.setEditable(false); + JScrollPane outputPane = new JScrollPane(output, + ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED, + ScrollPaneConstants.HORIZONTAL_SCROLLBAR_AS_NEEDED); + outputPane.setPreferredSize(new Dimension(500, 200)); + + //split pane of the field-value pairs and textbox + JSplitPane rightSplitPane = new JSplitPane(JSplitPane.VERTICAL_SPLIT, + tablePane, outputPane); + rightSplitPane.setDividerLocation(0.50); + rightSplitPane.setResizeWeight(0.50); + + JSplitPane mainPane = new JSplitPane(JSplitPane.HORIZONTAL_SPLIT, + listPane, rightSplitPane); + mainPane.setDividerLocation(0.30); + mainPane.setResizeWeight(0.30); + + JPanel buttonPane = new JPanel(new BorderLayout()); + JButton close = new JButton(R("ButClose")); + JButton copyToClipboard = new JButton(R("ButCopy")); + close.addActionListener(createSetValueListener(parent, 0)); + copyToClipboard.addActionListener(new CopyToClipboardHandler()); + buttonPane.add(close, BorderLayout.EAST); + buttonPane.add(copyToClipboard, BorderLayout.WEST); + buttonPane.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5)); + + add(mainPane, BorderLayout.CENTER); + add(buttonPane, BorderLayout.SOUTH); + } + + /** + * Copies the currently selected certificate to the system Clipboard. + */ + private class CopyToClipboardHandler implements ActionListener { + @Override + public void actionPerformed(ActionEvent e) { + Clipboard clipboard = Toolkit.getDefaultToolkit().getSystemClipboard(); + int certIndex = 0; + DefaultMutableTreeNode node = (DefaultMutableTreeNode) + tree.getLastSelectedPathComponent(); + if (node == null) { + return; + } + if (node.isRoot()) { + certIndex = 0; + } + else if (node.isLeaf()) { + certIndex = 1; + } + + String[][] cert = certsData.get(certIndex); + int rows = cert.length; + int cols = cert[0].length; + + String certString = ""; + for (int i = 0; i < rows; i++) { + for (int j = 0; j < cols; j++) { + certString += cert[i][j]; + certString += " "; + } + certString += "\n"; + } + + clipboard.setContents(new StringSelection(certString), null); + } + } + + /** + * Updates the JTable when the JTree selection has changed. + */ + protected class TreeSelectionHandler implements TreeSelectionListener { + @Override + public void valueChanged(TreeSelectionEvent e) { + DefaultMutableTreeNode node = (DefaultMutableTreeNode) + tree.getLastSelectedPathComponent(); + + if (node == null) { + return; + } + if (node.isRoot()) { + table.setModel(new DefaultTableModel(certsData.get(0), + columnNames)); + } else if (node.isLeaf()) { + table.setModel(new DefaultTableModel(certsData.get(1), + columnNames)); + } + } + } + + /** + * Updates the JTable when the selection on the list has changed. + */ + private class ListSelectionHandler implements ListSelectionListener { + @Override + public void valueChanged(ListSelectionEvent e) { + ListSelectionModel lsm = (ListSelectionModel) e.getSource(); + + int minIndex = lsm.getMinSelectionIndex(); + int maxIndex = lsm.getMaxSelectionIndex(); + + for (int i = minIndex; i <= maxIndex; i++) { + if (lsm.isSelectedIndex(i)) { + table.setModel(new DefaultTableModel(certsData.get(i), + columnNames)); + } + } + } + } + + /** + * Updates the JTextArea output when the selection on the JTable + * has changed. + */ + private class TableSelectionHandler implements ListSelectionListener { + @Override + public void valueChanged(ListSelectionEvent e) { + ListSelectionModel lsm = (ListSelectionModel) e.getSource(); + + int minIndex = lsm.getMinSelectionIndex(); + int maxIndex = lsm.getMaxSelectionIndex(); + + for (int i = minIndex; i <= maxIndex; i++) { + if (lsm.isSelectedIndex(i)) { + output.setText((String) table.getValueAt(i, 1)); + } + } + } + } + + /** + * Makes a human readable hash fingerprint. + * For example: 11:22:33:44:AA:BB:CC:DD:EE:FF. + */ + private String makeFingerprint(byte[] hash) { + String fingerprint = ""; + for (int i = 0; i < hash.length; i++) { + if (!fingerprint.equals("")) { + fingerprint += ":"; + } + fingerprint += Integer.toHexString( + ((hash[i] & 0xFF) | 0x100)).substring(1, 3); + } + return fingerprint.toUpperCase(); + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/MoreInfoPane.java Wed Mar 05 16:41:06 2014 +0100 @@ -0,0 +1,128 @@ +/* MoreInfoPane.java + Copyright (C) 2008 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. +*/ + +package net.sourceforge.jnlp.security.dialogs; + +import static net.sourceforge.jnlp.runtime.Translator.R; + +import java.awt.BorderLayout; +import java.awt.Dimension; +import java.awt.GridLayout; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.util.List; + +import javax.swing.BorderFactory; +import javax.swing.ImageIcon; +import javax.swing.JButton; +import javax.swing.JLabel; +import javax.swing.JPanel; +import javax.swing.SwingConstants; +import net.sourceforge.jnlp.security.CertVerifier; +import net.sourceforge.jnlp.security.SecurityDialog; + +/** + * Provides the panel for the More Info dialog. This dialog shows details about an + * application's signing status. + * + * @author <a href="mailto:jsumali@redhat.com">Joshua Sumali</a> + */ +public class MoreInfoPane extends SecurityDialogPanel { + + private boolean showSignedJNLPWarning; + + public MoreInfoPane(SecurityDialog x, CertVerifier certVerifier) { + super(x, certVerifier); + showSignedJNLPWarning= x.requiresSignedJNLPWarning(); + addComponents(); + } + + /** + * Constructs the GUI components of this panel + */ + private void addComponents() { + List<String> details = certVerifier.getDetails(null); + + // Show signed JNLP warning if the signed main jar does not have a + // signed JNLP file and the launching JNLP file contains special properties + if(showSignedJNLPWarning) + details.add(R("SJNLPFileIsNotSigned")); + + int numLabels = details.size(); + JPanel errorPanel = new JPanel(new GridLayout(numLabels, 1)); + errorPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + errorPanel.setPreferredSize(new Dimension(400, 70 * (numLabels))); + + for (int i = 0; i < numLabels; i++) { + ImageIcon icon = null; + if (details.get(i).equals(R("STrustedCertificate"))) + icon = new ImageIcon((new sun.misc.Launcher()) + .getClassLoader().getResource("net/sourceforge/jnlp/resources/info-small.png")); + else + icon = new ImageIcon((new sun.misc.Launcher()) + .getClassLoader().getResource("net/sourceforge/jnlp/resources/warning-small.png")); + + errorPanel.add(new JLabel(htmlWrap(details.get(i)), icon, SwingConstants.LEFT)); + } + + // Removes signed JNLP warning after it has been used. This will avoid + // any alteration to certVerifier. + if(showSignedJNLPWarning) + details.remove(details.size()-1); + + JPanel buttonsPanel = new JPanel(new BorderLayout()); + JButton certDetails = new JButton(R("SCertificateDetails")); + certDetails.addActionListener(new CertInfoButtonListener()); + JButton close = new JButton(R("ButClose")); + close.addActionListener(createSetValueListener(parent, 0)); + buttonsPanel.add(certDetails, BorderLayout.WEST); + buttonsPanel.add(close, BorderLayout.EAST); + buttonsPanel.setBorder(BorderFactory.createEmptyBorder(15, 15, 15, 15)); + + add(errorPanel, BorderLayout.NORTH); + add(buttonsPanel, BorderLayout.SOUTH); + + } + + private class CertInfoButtonListener implements ActionListener { + @Override + public void actionPerformed(ActionEvent e) { + SecurityDialog.showCertInfoDialog(parent.getCertVerifier(), + parent); + } + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/NotAllSignedWarningPane.java Wed Mar 05 16:41:06 2014 +0100 @@ -0,0 +1,115 @@ +/* NotAllSignedWarningPane.java + Copyright (C) 2008 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. +*/ + +package net.sourceforge.jnlp.security.dialogs; + +import static net.sourceforge.jnlp.runtime.Translator.R; + +import java.awt.BorderLayout; +import java.awt.Color; +import java.awt.Dimension; +import java.awt.FlowLayout; +import java.awt.Font; + +import javax.swing.BorderFactory; +import javax.swing.BoxLayout; +import javax.swing.ImageIcon; +import javax.swing.JButton; +import javax.swing.JLabel; +import javax.swing.JPanel; +import javax.swing.SwingConstants; +import net.sourceforge.jnlp.security.SecurityDialog; + +public class NotAllSignedWarningPane extends SecurityDialogPanel { + + public NotAllSignedWarningPane(SecurityDialog x) { + super(x); + addComponents(); + } + + /** + * Creates the actual GUI components, and adds it to this panel + */ + private void addComponents() { + + String topLabelText = R("SNotAllSignedSummary"); + String infoLabelText = R("SNotAllSignedDetail"); + String questionLabelText = R("SNotAllSignedQuestion"); + + ImageIcon icon = new ImageIcon((new sun.misc.Launcher()).getClassLoader().getResource("net/sourceforge/jnlp/resources/warning.png")); + JLabel topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.LEFT); + topLabel.setFont(new Font(topLabel.getFont().toString(), + Font.BOLD, 12)); + JPanel topPanel = new JPanel(new BorderLayout()); + topPanel.setBackground(Color.WHITE); + topPanel.add(topLabel, BorderLayout.CENTER); + topPanel.setPreferredSize(new Dimension(500, 80)); + topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + JLabel infoLabel = new JLabel(htmlWrap(infoLabelText)); + JPanel infoPanel = new JPanel(new BorderLayout()); + infoPanel.add(infoLabel, BorderLayout.CENTER); + infoPanel.setPreferredSize(new Dimension(500, 100)); + infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + JLabel questionLabel = new JLabel(htmlWrap(questionLabelText)); + JPanel questionPanel = new JPanel(new BorderLayout()); + questionPanel.add(questionLabel, BorderLayout.CENTER); + questionPanel.setPreferredSize(new Dimension(500, 100)); + questionPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + //run and cancel buttons + JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); + + JButton run = new JButton(R("ButProceed")); + JButton cancel = new JButton(R("ButCancel")); + run.addActionListener(createSetValueListener(parent, 0)); + cancel.addActionListener(createSetValueListener(parent, 1)); + initialFocusComponent = cancel; + buttonPanel.add(run); + buttonPanel.add(cancel); + buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + //all of the above + setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); + add(topPanel); + add(infoPanel); + add(questionPanel); + add(buttonPanel); + + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/PasswordAuthenticationPane.java Wed Mar 05 16:41:06 2014 +0100 @@ -0,0 +1,185 @@ +/* PasswordAuthenticationPane -- requests authentication information from users + Copyright (C) 2010 Red Hat + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package net.sourceforge.jnlp.security.dialogs; + +import static net.sourceforge.jnlp.runtime.Translator.R; + +import java.awt.Dimension; +import java.awt.GridBagConstraints; +import java.awt.GridBagLayout; +import java.awt.Insets; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; + +import javax.swing.JButton; +import javax.swing.JLabel; +import javax.swing.JPasswordField; +import javax.swing.JTextField; +import net.sourceforge.jnlp.security.SecurityDialog; + +/** + * Modal non-minimizable dialog to request http authentication credentials + */ + +public class PasswordAuthenticationPane extends SecurityDialogPanel { + + private final JTextField jtfUserName = new JTextField(); + private final JPasswordField jpfPassword = new JPasswordField(); + + private final String host; + private final int port; + private final String prompt; + private final String type; + + public PasswordAuthenticationPane(SecurityDialog parent, Object[] extras) { + super(parent); + host = (String) extras[0]; + port = (Integer) extras[1]; + prompt = (String) extras[2]; + type = (String) extras[3]; + + addComponents(); + } + + /** + * Initialized the dialog components + */ + + public void addComponents() { + + JLabel jlInfo = new JLabel(""); + jlInfo.setText("<html>" + R("SAuthenticationPrompt", type, host, prompt) + "</html>"); + + setLayout(new GridBagLayout()); + + JLabel jlUserName = new JLabel(R("Username")); + JLabel jlPassword = new JLabel(R("Password")); + JButton jbOK = new JButton(R("ButOk")); + JButton jbCancel = new JButton(R("ButCancel")); + + jtfUserName.setSize(20, 10); + jpfPassword.setSize(20, 10); + + GridBagConstraints c; + + c = new GridBagConstraints(); + c.fill = GridBagConstraints.HORIZONTAL; + c.gridx = 0; + c.gridy = 0; + c.gridwidth = 2; + c.insets = new Insets(10, 5, 3, 3); + add(jlInfo, c); + + c = new GridBagConstraints(); + c.gridx = 0; + c.gridy = 1; + c.insets = new Insets(10, 5, 3, 3); + add(jlUserName, c); + + c = new GridBagConstraints(); + c.fill = GridBagConstraints.HORIZONTAL; + c.gridx = 1; + c.gridy = 1; + c.insets = new Insets(10, 5, 3, 3); + c.weightx = 1.0; + add(jtfUserName, c); + + c = new GridBagConstraints(); + c.gridx = 0; + c.gridy = 2; + c.insets = new Insets(5, 5, 3, 3); + add(jlPassword, c); + + c = new GridBagConstraints(); + c.fill = GridBagConstraints.HORIZONTAL; + c.gridx = 1; + c.gridy = 2; + c.insets = new Insets(5, 5, 3, 3); + c.weightx = 1.0; + add(jpfPassword, c); + + c = new GridBagConstraints(); + c.anchor = GridBagConstraints.SOUTHEAST; + c.gridx = 1; + c.gridy = 3; + c.insets = new Insets(5, 5, 3, 70); + c.weightx = 0.0; + add(jbCancel, c); + + c = new GridBagConstraints(); + c.anchor = GridBagConstraints.SOUTHEAST; + c.gridx = 1; + c.gridy = 3; + c.insets = new Insets(5, 5, 3, 3); + c.weightx = 0.0; + add(jbOK, c); + + setMinimumSize(new Dimension(400, 150)); + setMaximumSize(new Dimension(1024, 150)); + + setSize(400, 150); + parent.setLocationRelativeTo(null); + initialFocusComponent = jtfUserName; + + ActionListener acceptActionListener = new ActionListener() { + @Override + public void actionPerformed(ActionEvent e) { + parent.setValue(new Object[] { jtfUserName.getText(), jpfPassword.getPassword() }); + parent.dispose(); + } + }; + + ActionListener cancelActionListener = new ActionListener() { + @Override + public void actionPerformed(ActionEvent e) { + parent.setValue(null); + parent.dispose(); + } + }; + + // OK => read supplied info and pass it on + jbOK.addActionListener(acceptActionListener); + + // Cancel => discard supplied info and pass on an empty auth + jbCancel.addActionListener(cancelActionListener); + + // "return" key in either user or password field => OK + jtfUserName.addActionListener(acceptActionListener); + jpfPassword.addActionListener(acceptActionListener); + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java Wed Mar 05 16:41:06 2014 +0100 @@ -0,0 +1,121 @@ +/* SecurityDialogPanel.java +Copyright (C) 2008-2010 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. +*/ + +package net.sourceforge.jnlp.security.dialogs; + +import java.awt.BorderLayout; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; + +import javax.swing.JComponent; +import javax.swing.JPanel; +import net.sourceforge.jnlp.security.CertVerifier; +import net.sourceforge.jnlp.security.SecurityDialog; + +/** + * Provides a JPanel for use in JNLP warning dialogs. + */ +public abstract class SecurityDialogPanel extends JPanel { + + protected SecurityDialog parent; + + JComponent initialFocusComponent = null; + + CertVerifier certVerifier = null; + + public SecurityDialogPanel(SecurityDialog dialog, CertVerifier certVerifier) { + this.parent = dialog; + this.certVerifier = certVerifier; + this.setLayout(new BorderLayout()); + } + + public SecurityDialogPanel(SecurityDialog dialog) { + this.parent = dialog; + this.setLayout(new BorderLayout()); + } + + /** + * Needed to get word wrap working in JLabels. + */ + protected String htmlWrap(String s) { + return "<html>" + s + "</html>"; + } + + /** + * Create an ActionListener suitable for use with buttons. When this {@link ActionListener} + * is invoked, it will set the value of the {@link SecurityDialog} and then dispossed. + * + * @param buttonIndex the index of the button. By convention 0 = Yes. 1 = No, 2 = Cancel + * @return the ActionListener instance. + */ + protected ActionListener createSetValueListener(SecurityDialog dialog, int buttonIndex) { + return new SetValueHandler(dialog, buttonIndex); + } + + @Override + public void setVisible(boolean aFlag) { + super.setVisible(aFlag); + requestFocusOnDefaultButton(); + } + + public void requestFocusOnDefaultButton() { + if (initialFocusComponent != null) { + initialFocusComponent.requestFocusInWindow(); + } + } + + /** + * Creates a handler that sets a dialog's value and then disposes it when activated + * + */ + private static class SetValueHandler implements ActionListener { + + Integer buttonIndex; + SecurityDialog dialog; + + public SetValueHandler(SecurityDialog dialog, int buttonIndex) { + this.dialog = dialog; + this.buttonIndex = buttonIndex; + } + + @Override + public void actionPerformed(ActionEvent e) { + dialog.setValue(buttonIndex); + dialog.dispose(); + } + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/SingleCertInfoPane.java Wed Mar 05 16:41:06 2014 +0100 @@ -0,0 +1,81 @@ +/* SingleCertInfoPane.java + Copyright (C) 2008 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. +*/ + +package net.sourceforge.jnlp.security.dialogs; + +import java.security.cert.X509Certificate; +import java.util.ArrayList; + +import javax.swing.JTree; +import javax.swing.tree.DefaultMutableTreeNode; +import javax.swing.tree.TreeSelectionModel; +import net.sourceforge.jnlp.security.CertVerifier; +import net.sourceforge.jnlp.security.SecurityDialog; +import net.sourceforge.jnlp.security.SecurityUtil; + +public class SingleCertInfoPane extends CertsInfoPane { + + public SingleCertInfoPane(SecurityDialog x, CertVerifier certVerifier) { + super(x, certVerifier); + } + + @Override + protected void buildTree() { + X509Certificate cert = parent.getCert(); + String subjectString = + SecurityUtil.getCN(cert.getSubjectX500Principal().getName()); + String issuerString = + SecurityUtil.getCN(cert.getIssuerX500Principal().getName()); + + DefaultMutableTreeNode top = new DefaultMutableTreeNode(subjectString + + " (" + issuerString + ")"); + + tree = new JTree(top); + tree.getSelectionModel().setSelectionMode(TreeSelectionModel.SINGLE_TREE_SELECTION); + tree.addTreeSelectionListener(new TreeSelectionHandler()); + } + + @Override + protected void populateTable() { + X509Certificate c = parent.getCert(); + certNames = new String[1]; + certsData = new ArrayList<String[][]>(); + certsData.add(parseCert(c)); + certNames[0] = SecurityUtil.getCN(c.getSubjectX500Principal().getName()) + + " (" + SecurityUtil.getCN(c.getIssuerX500Principal().getName()) + ")"; + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java Wed Mar 05 16:41:06 2014 +0100 @@ -0,0 +1,70 @@ +/* Copyright (C) 2013 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + */ + +package net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel; + +import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.security.SecurityDialog; +import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.ActionChoiceListener; +import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.AppSigningWarningAction; +import net.sourceforge.jnlp.security.dialogs.SecurityDialogPanel; + +/** + * A panel that confirms that the user is OK with unsigned code running. + */ +public class AppTrustWarningDialog extends SecurityDialogPanel { + + private AppTrustWarningDialog(final SecurityDialog dialog) { + super(dialog); + } + + public static AppTrustWarningDialog unsigned(final SecurityDialog dialog, final JNLPFile file) { + final AppTrustWarningDialog warningDialog = new AppTrustWarningDialog(dialog); + warningDialog.add(new UnsignedAppletTrustWarningPanel(file, warningDialog.getActionChoiceListener())); + return warningDialog; + } + + private ActionChoiceListener getActionChoiceListener() { + return new ActionChoiceListener() { + @Override + public void actionChosen(final AppSigningWarningAction action) { + parent.setValue(action); + parent.dispose(); + } + }; + } + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java Wed Mar 05 16:41:06 2014 +0100 @@ -0,0 +1,339 @@ +/* Copyright (C) 2013 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + */ + +package net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel; + +import static net.sourceforge.jnlp.runtime.Translator.R; + +import java.awt.BorderLayout; +import java.awt.Color; +import java.awt.Dimension; +import java.awt.FlowLayout; +import java.awt.Font; +import java.awt.GridLayout; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.util.ArrayList; +import java.util.List; + +import javax.swing.BorderFactory; +import javax.swing.BoxLayout; +import javax.swing.ButtonGroup; +import javax.swing.ImageIcon; +import javax.swing.JButton; +import javax.swing.JCheckBox; +import javax.swing.JDialog; +import javax.swing.JLabel; +import javax.swing.JPanel; +import javax.swing.JRadioButton; +import javax.swing.SwingConstants; + +import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; +import net.sourceforge.jnlp.security.appletextendedsecurity.ExtendedAppletSecurityHelp; +import net.sourceforge.jnlp.util.ScreenFinder; + +/* + * This class is meant to provide a common layout and functionality for warning dialogs + * that appear when the user needs to confirm the running of applets/applications. + * Subclasses include UnsignedAppletTrustWarningPanel, for unsigned plugin applets, and + * PartiallySignedAppTrustWarningPanel, for partially signed JNLP applications as well as + * plugin applets. New implementations should be added to the unit test at + * unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest + */ +public abstract class AppTrustWarningPanel extends JPanel { + + /* + * Details of decided action. + */ + public static class AppSigningWarningAction { + private ExecuteAppletAction action; + private boolean applyToCodeBase; + + public AppSigningWarningAction(ExecuteAppletAction action, + boolean applyToCodeBase) { + this.action = action; + this.applyToCodeBase = applyToCodeBase; + } + + public ExecuteAppletAction getAction() { + return action; + } + + public boolean rememberForCodeBase() { + return applyToCodeBase; + } + } + + /* + * Callback for when action is decided. + */ + public static interface ActionChoiceListener { + void actionChosen(AppSigningWarningAction action); + } + + protected int PANE_WIDTH = 500; + + protected int TOP_PANEL_HEIGHT = 60; + protected int INFO_PANEL_HEIGHT = 160; + protected int INFO_PANEL_HINT_HEIGHT = 25; + protected int QUESTION_PANEL_HEIGHT = 35; + + protected List<JButton> buttons; + protected JButton allowButton; + protected JButton rejectButton; + protected JButton helpButton; + protected JCheckBox permanencyCheckBox; + protected JRadioButton applyToAppletButton; + protected JRadioButton applyToCodeBaseButton; + + protected JNLPFile file; + + protected ActionChoiceListener actionChoiceListener; + + /* + * Subclasses should call addComponents() IMMEDIATELY after calling the super() constructor! + */ + public AppTrustWarningPanel(JNLPFile file, ActionChoiceListener actionChoiceListener) { + this.file = file; + this.actionChoiceListener = actionChoiceListener; + this.buttons = new ArrayList<JButton>(); + + allowButton = new JButton(R("ButProceed")); + rejectButton = new JButton(R("ButCancel")); + helpButton = new JButton(R("APPEXTSECguiPanelHelpButton")); + + allowButton.addActionListener(chosenActionSetter(true)); + rejectButton.addActionListener(chosenActionSetter(false)); + + helpButton.addActionListener(getHelpButtonAction()); + + buttons.add(allowButton); + buttons.add(rejectButton); + buttons.add(helpButton); + } + + /* + * Provides an image to be displayed near the upper left corner of the dialog. + */ + protected abstract ImageIcon getInfoImage(); + + /* + * Provides a short description of why the dialog is appearing. The message is expected to be HTML-formatted. + */ + protected abstract String getTopPanelText(); + + /* + * Provides in-depth information on why the dialog is appearing. The message is expected to be HTML-formatted. + */ + protected abstract String getInfoPanelText(); + + /* + * This provides the text for the final prompt to the user. The message is expected to be HTML formatted. + * The user's action is a direct response to this question. + */ + protected abstract String getQuestionPanelText(); + + public final JButton getAllowButton() { + return allowButton; + } + + public final JButton getRejectButton() { + return rejectButton; + } + + protected ActionListener getHelpButtonAction() { + return new ActionListener() { + + @Override + public void actionPerformed(ActionEvent e) { + JDialog d = new ExtendedAppletSecurityHelp(null, false, "dialogue"); + ScreenFinder.centerWindowsToCurrentScreen(d); + d.setVisible(true); + } + }; + } + + protected static String htmlWrap(String text) { + return "<html>" + text + "</html>"; + } + + private void setupTopPanel() { + final String topLabelText = getTopPanelText(); + + JLabel topLabel = new JLabel(topLabelText, getInfoImage(), + SwingConstants.LEFT); + topLabel.setFont(new Font(topLabel.getFont().toString(), Font.BOLD, 12)); + + JPanel topPanel = new JPanel(new BorderLayout()); + topPanel.setBackground(Color.WHITE); + topPanel.add(topLabel, BorderLayout.CENTER); + topPanel.setPreferredSize(new Dimension(PANE_WIDTH, TOP_PANEL_HEIGHT)); + topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + add(topPanel); + } + + private void setupInfoPanel() { + String titleText = R("SAppletTitle", file.getTitle()); + JLabel titleLabel = new JLabel(titleText); + titleLabel.setFont(new Font(titleLabel.getFont().getName(), Font.BOLD, 18)); + + String infoLabelText = getInfoPanelText(); + JLabel infoLabel = new JLabel(infoLabelText); + + int panelHeight = titleLabel.getHeight() + INFO_PANEL_HEIGHT + INFO_PANEL_HINT_HEIGHT; + JPanel infoPanel = new JPanel(new BorderLayout()); + infoPanel.add(titleLabel, BorderLayout.PAGE_START); + infoPanel.add(infoLabel, BorderLayout.CENTER); + infoPanel.setPreferredSize(new Dimension(PANE_WIDTH, panelHeight)); + infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + add(infoPanel); + } + + private void setupQuestionsPanel() { + JPanel questionPanel = new JPanel(new BorderLayout()); + + final String questionPanelText = getQuestionPanelText(); + questionPanel.add(new JLabel(questionPanelText), BorderLayout.EAST); + + questionPanel.setPreferredSize(new Dimension(PANE_WIDTH, QUESTION_PANEL_HEIGHT)); + questionPanel.setBorder(BorderFactory.createEmptyBorder(0, 10, 0, 10)); + + add(questionPanel); + } + + private JPanel createMatchOptionsPanel() { + JPanel matchOptionsPanel = new JPanel(new FlowLayout(FlowLayout.LEFT)); + + ButtonGroup group = new ButtonGroup(); + applyToAppletButton = new JRadioButton(R("SRememberAppletOnly")); + applyToAppletButton.setSelected(true); + applyToAppletButton.setEnabled(false); // Start disabled until 'Remember this option' is selected + + applyToCodeBaseButton = new JRadioButton(htmlWrap(R("SRememberCodebase", file.getCodeBase()))); + applyToCodeBaseButton.setEnabled(false); + + group.add(applyToAppletButton); + group.add(applyToCodeBaseButton); + + matchOptionsPanel.add(applyToAppletButton); + matchOptionsPanel.add(applyToCodeBaseButton); + + return matchOptionsPanel; + } + + private JPanel createCheckBoxPanel() { + JPanel checkBoxPanel = new JPanel(new BorderLayout()); + + permanencyCheckBox = new JCheckBox(htmlWrap(R("SRememberOption"))); + permanencyCheckBox.addActionListener(permanencyListener()); + checkBoxPanel.setBorder(BorderFactory.createEmptyBorder(0, 15, 0, 0)); + checkBoxPanel.add(permanencyCheckBox, BorderLayout.SOUTH); + + return checkBoxPanel; + } + + private JPanel createButtonPanel() { + JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); + + for (final JButton button : buttons) { + buttonPanel.add(button); + } + + buttonPanel.setBorder(BorderFactory.createEmptyBorder(0, 10, 10, 10)); + + return buttonPanel; + } + + // Set up 'Remember Option' checkbox & Proceed/Cancel buttons + private void setupButtonAndCheckBoxPanel() { + JPanel outerPanel = new JPanel(new BorderLayout()); + JPanel rememberPanel = new JPanel(new GridLayout(2 /*rows*/, 1 /*column*/)); + rememberPanel.add(createMatchOptionsPanel()); + rememberPanel.setBorder(BorderFactory.createEmptyBorder(0, 10, 0, 10)); + + outerPanel.add(createCheckBoxPanel(), BorderLayout.WEST); + outerPanel.add(rememberPanel, BorderLayout.SOUTH); + outerPanel.add(createButtonPanel(), BorderLayout.EAST); + + add(outerPanel); + } + + /** + * Creates the actual GUI components, and adds it to this panel. This should be called by all subclasses + * IMMEDIATELY after calling the super() constructor! + */ + protected final void addComponents() { + setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); + + setupTopPanel(); + setupInfoPanel(); + setupQuestionsPanel(); + setupButtonAndCheckBoxPanel(); + } + + // Toggles whether 'match applet' or 'match codebase' options are greyed out + private ActionListener permanencyListener() { + return new ActionListener() { + @Override + public void actionPerformed(ActionEvent e) { + applyToAppletButton.setEnabled(permanencyCheckBox.isSelected()); + applyToCodeBaseButton.setEnabled(permanencyCheckBox.isSelected()); + } + }; + } + + // Sets action depending on allowApplet + checkbox state + private ActionListener chosenActionSetter(final boolean allowApplet) { + return new ActionListener() { + @Override + public void actionPerformed(ActionEvent e) { + ExecuteAppletAction action; + + if (allowApplet) { + action = permanencyCheckBox.isSelected() ? ExecuteAppletAction.ALWAYS : ExecuteAppletAction.YES; + } else { + action = permanencyCheckBox.isSelected() ? ExecuteAppletAction.NEVER : ExecuteAppletAction.NO; + } + + boolean applyToCodeBase = applyToCodeBaseButton.isSelected(); + actionChoiceListener.actionChosen(new AppSigningWarningAction(action, applyToCodeBase)); + } + }; + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/UnsignedAppletTrustWarningDialog.java Wed Mar 05 16:41:06 2014 +0100 @@ -0,0 +1,65 @@ +/* Copyright (C) 2013 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + */ + +package net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel; + +import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.ActionChoiceListener; +import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.AppSigningWarningAction; +import net.sourceforge.jnlp.security.SecurityDialog; +import net.sourceforge.jnlp.security.dialogs.SecurityDialogPanel; + +/** + * A panel that confirms that the user is OK with unsigned code running. + * + */ +public class UnsignedAppletTrustWarningDialog extends SecurityDialogPanel { + + public UnsignedAppletTrustWarningDialog(SecurityDialog x, JNLPFile file) { + super(x); + + add(new UnsignedAppletTrustWarningPanel(file, + new ActionChoiceListener() { + @Override + public void actionChosen(AppSigningWarningAction action) { + parent.setValue(action); + parent.dispose(); + } + }) + ); + } + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/UnsignedAppletTrustWarningPanel.java Wed Mar 05 16:41:06 2014 +0100 @@ -0,0 +1,106 @@ +/* Copyright (C) 2014 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. +*/ + +package net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel; + +import java.awt.BorderLayout; +import java.net.URL; +import static net.sourceforge.jnlp.runtime.Translator.R; + +import javax.swing.ImageIcon; +import javax.swing.JFrame; +import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; +import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustConfirmation; + + +public class UnsignedAppletTrustWarningPanel extends AppTrustWarningPanel { + + public UnsignedAppletTrustWarningPanel(final JNLPFile file, final ActionChoiceListener listener) { + super(file, listener); + addComponents(); + } + + @Override + protected ImageIcon getInfoImage() { + final String location = "net/sourceforge/jnlp/resources/info-small.png"; + return new ImageIcon(ClassLoader.getSystemClassLoader().getResource(location)); + } + + protected static String getTopPanelTextKey() { + return "SUnsignedSummary"; + } + + protected static String getInfoPanelTextKey() { + return "SUnsignedDetail"; + } + + protected static String getQuestionPanelTextKey() { + return "SUnsignedQuestion"; + } + + @Override + protected String getTopPanelText() { + return htmlWrap(R(getTopPanelTextKey())); + } + + @Override + protected String getInfoPanelText() { + String text = R(getInfoPanelTextKey(), file.getCodeBase(), file.getSourceLocation()); + ExecuteAppletAction rememberedAction = UnsignedAppletTrustConfirmation.getStoredAction(file); + if (rememberedAction == ExecuteAppletAction.YES) { + text += "<br>" + R("SUnsignedAllowedBefore"); + } else if (rememberedAction == ExecuteAppletAction.NO) { + text += "<br>" + R("SUnsignedRejectedBefore"); + } + return htmlWrap(text); + } + + @Override + protected String getQuestionPanelText() { + return htmlWrap(R(getQuestionPanelTextKey())); + } + + public static void main(String[] args) throws Exception { + UnsignedAppletTrustWarningPanel w = new UnsignedAppletTrustWarningPanel(new JNLPFile(new URL("http://www.geogebra.org/webstart/geogebra.jnlp")), null); + JFrame f = new JFrame(); + f.setSize(600, 400); + f.add(w, BorderLayout.CENTER); + f.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); + f.setVisible(true); + } + +}
--- a/tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java Wed Mar 05 15:43:03 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,123 +0,0 @@ -package net.sourceforge.jnlp.security; - -import java.net.URL; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import javax.swing.JButton; -import net.sourceforge.jnlp.PluginBridge; -import net.sourceforge.jnlp.PluginParameters; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertTrue; -import org.junit.BeforeClass; -import org.junit.Test; - -public class AppTrustWarningPanelTest { - - private static URL mockCodebase; - private static URL mockDocumentBase; - private static String mockJar; - private static String mockMainClass; - private static int mockWidth; - private static int mockHeight; - private static PluginParameters mockParameters; - - private static PluginBridge mockPluginBridge; - - /* Should contain an instance of each AppTrustWarningPanel subclass */ - private static List<AppTrustWarningPanel> panelList = new ArrayList<AppTrustWarningPanel>(); - - @BeforeClass - public static void setup() throws Exception { - mockCodebase = new URL("http://www.example.com"); - mockDocumentBase = new URL("http://www.example.com"); - mockJar = "ApplicationName.jar"; - mockMainClass = "ApplicationMainClass"; - mockWidth = 100; - mockHeight = 100; - - Map<String, String> fakeMap = new HashMap<String, String>(); - fakeMap.put("code", mockMainClass); - mockParameters = new PluginParameters(fakeMap); - - mockPluginBridge = new PluginBridge(mockCodebase, mockDocumentBase, mockJar, - mockMainClass, mockWidth, mockHeight, mockParameters); - - panelList.add(new UnsignedAppletTrustWarningPanel(mockPluginBridge, null)); - } - - @Test - public void testJNLPFile() throws Exception { - for (AppTrustWarningPanel panel : panelList) { - assertNotNull("JNLPFile for " + panel.getClass() + " should not be null", panel.file); - } - } - - @Test - public void testDimensions() throws Exception { - for (AppTrustWarningPanel panel : panelList) { - assertTrue("Pane width for " + panel.getClass() + " should be positive", panel.PANE_WIDTH > 0); - assertTrue("Top panel height for " + panel.getClass() + " should be positive", panel.TOP_PANEL_HEIGHT > 0); - assertTrue("Info panel height for " + panel.getClass() + " should be positive", panel.INFO_PANEL_HEIGHT > 0); - assertTrue("Info panel hint height for " + panel.getClass() + " should be positive", panel.INFO_PANEL_HINT_HEIGHT > 0); - assertTrue("Question panel height for " + panel.getClass() + " should be positive", panel.QUESTION_PANEL_HEIGHT > 0); - } - } - - @Test - public void testButtons() throws Exception { - for (AppTrustWarningPanel panel : panelList) { - assertTrue("Allow Button for " + panel.getClass() + " should be a JButton", panel.getAllowButton() instanceof JButton); - assertTrue("Reject Button for " + panel.getClass() + " should be a JButton", panel.getRejectButton() instanceof JButton); - } - } - - @Test - public void testInfoImage() throws Exception { - for (AppTrustWarningPanel panel : panelList) { - assertNotNull("infoImage should not be null for " + panel.getClass(), panel.getInfoImage()); - } - } - - @Test - public void testGetTopLabelTextKey() throws Exception { - for (AppTrustWarningPanel panel : panelList) { - assertResultTextValid("top panel", panel.getClass(), panel.getTopPanelText()); - } - } - - @Test - public void testGetInfoLabelTextKey() throws Exception { - for (AppTrustWarningPanel panel : panelList) { - assertResultTextValid("info panel", panel.getClass(), panel.getInfoPanelText()); - } - } - - @Test - public void testGetQuestionPanelKey() throws Exception { - for (AppTrustWarningPanel panel : panelList) { - assertResultTextValid("question panel", panel.getClass(), panel.getQuestionPanelText()); - } - } - - @Test - public void testHtmlWrap() throws Exception { - final String testText = "This is some text"; - final String expectedResult = "<html>This is some text</html>"; - final String actualResult = UnsignedAppletTrustWarningPanel.htmlWrap(testText); - assertEquals("htmlWrap should properly wrap text with HTML tags", expectedResult, actualResult); - } - - private static void assertResultTextValid(String propertyName, Class<? extends AppTrustWarningPanel> panelType, String result) { - assertNotNull(propertyName + " text should not be null for " + panelType, result); - assertFalse(propertyName + " text should not be No Resource for " + panelType, result.contains("RNoResource")); - assertFalse(propertyName + " label text resource should not be missing for " + panelType, result.contains("Missing Resource:")); - assertTrue(propertyName + " text should be html-wrapped for " + panelType, - result.startsWith("<html>") && result.endsWith("</html>")); - assertFalse(propertyName + " should not have empty fields for " + panelType, result.matches(".*\\{\\d+\\}.*")); - } - -}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/netx/unit/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanelTest.java Wed Mar 05 16:41:06 2014 +0100 @@ -0,0 +1,125 @@ +package net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel; + +import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.UnsignedAppletTrustWarningPanel; +import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel; +import java.net.URL; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import javax.swing.JButton; +import net.sourceforge.jnlp.PluginBridge; +import net.sourceforge.jnlp.PluginParameters; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; +import org.junit.BeforeClass; +import org.junit.Test; + +public class AppTrustWarningPanelTest { + + private static URL mockCodebase; + private static URL mockDocumentBase; + private static String mockJar; + private static String mockMainClass; + private static int mockWidth; + private static int mockHeight; + private static PluginParameters mockParameters; + + private static PluginBridge mockPluginBridge; + + /* Should contain an instance of each AppTrustWarningPanel subclass */ + private static List<AppTrustWarningPanel> panelList = new ArrayList<AppTrustWarningPanel>(); + + @BeforeClass + public static void setup() throws Exception { + mockCodebase = new URL("http://www.example.com"); + mockDocumentBase = new URL("http://www.example.com"); + mockJar = "ApplicationName.jar"; + mockMainClass = "ApplicationMainClass"; + mockWidth = 100; + mockHeight = 100; + + Map<String, String> fakeMap = new HashMap<String, String>(); + fakeMap.put("code", mockMainClass); + mockParameters = new PluginParameters(fakeMap); + + mockPluginBridge = new PluginBridge(mockCodebase, mockDocumentBase, mockJar, + mockMainClass, mockWidth, mockHeight, mockParameters); + + panelList.add(new UnsignedAppletTrustWarningPanel(mockPluginBridge, null)); + } + + @Test + public void testJNLPFile() throws Exception { + for (AppTrustWarningPanel panel : panelList) { + assertNotNull("JNLPFile for " + panel.getClass() + " should not be null", panel.file); + } + } + + @Test + public void testDimensions() throws Exception { + for (AppTrustWarningPanel panel : panelList) { + assertTrue("Pane width for " + panel.getClass() + " should be positive", panel.PANE_WIDTH > 0); + assertTrue("Top panel height for " + panel.getClass() + " should be positive", panel.TOP_PANEL_HEIGHT > 0); + assertTrue("Info panel height for " + panel.getClass() + " should be positive", panel.INFO_PANEL_HEIGHT > 0); + assertTrue("Info panel hint height for " + panel.getClass() + " should be positive", panel.INFO_PANEL_HINT_HEIGHT > 0); + assertTrue("Question panel height for " + panel.getClass() + " should be positive", panel.QUESTION_PANEL_HEIGHT > 0); + } + } + + @Test + public void testButtons() throws Exception { + for (AppTrustWarningPanel panel : panelList) { + assertTrue("Allow Button for " + panel.getClass() + " should be a JButton", panel.getAllowButton() instanceof JButton); + assertTrue("Reject Button for " + panel.getClass() + " should be a JButton", panel.getRejectButton() instanceof JButton); + } + } + + @Test + public void testInfoImage() throws Exception { + for (AppTrustWarningPanel panel : panelList) { + assertNotNull("infoImage should not be null for " + panel.getClass(), panel.getInfoImage()); + } + } + + @Test + public void testGetTopLabelTextKey() throws Exception { + for (AppTrustWarningPanel panel : panelList) { + assertResultTextValid("top panel", panel.getClass(), panel.getTopPanelText()); + } + } + + @Test + public void testGetInfoLabelTextKey() throws Exception { + for (AppTrustWarningPanel panel : panelList) { + assertResultTextValid("info panel", panel.getClass(), panel.getInfoPanelText()); + } + } + + @Test + public void testGetQuestionPanelKey() throws Exception { + for (AppTrustWarningPanel panel : panelList) { + assertResultTextValid("question panel", panel.getClass(), panel.getQuestionPanelText()); + } + } + + @Test + public void testHtmlWrap() throws Exception { + final String testText = "This is some text"; + final String expectedResult = "<html>This is some text</html>"; + final String actualResult = UnsignedAppletTrustWarningPanel.htmlWrap(testText); + assertEquals("htmlWrap should properly wrap text with HTML tags", expectedResult, actualResult); + } + + private static void assertResultTextValid(String propertyName, Class<? extends AppTrustWarningPanel> panelType, String result) { + assertNotNull(propertyName + " text should not be null for " + panelType, result); + assertFalse(propertyName + " text should not be No Resource for " + panelType, result.contains("RNoResource")); + assertFalse(propertyName + " label text resource should not be missing for " + panelType, result.contains("Missing Resource:")); + assertTrue(propertyName + " text should be html-wrapped for " + panelType, + result.startsWith("<html>") && result.endsWith("</html>")); + assertFalse(propertyName + " should not have empty fields for " + panelType, result.matches(".*\\{\\d+\\}.*")); + } + +}
--- a/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java Wed Mar 05 15:43:03 2014 +0100 +++ b/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java Wed Mar 05 16:41:06 2014 +0100 @@ -118,10 +118,10 @@ } Assert.assertNotNull(ex); //wrongly palced :// - is catched by hasProtocol - Assert.assertNotEquals("http", ClasspathMatcher.extractProtocol("httpsome.correct.url:5050://full/path")); - Assert.assertNotEquals("http", ClasspathMatcher.extractProtocol("httpsome.corr://ect.url:5050/full/path")); - Assert.assertNotEquals("http", ClasspathMatcher.extractProtocol("httpsome.corr://ect.url")); - Assert.assertNotEquals("http", ClasspathMatcher.extractProtocol("httpsome/ful://l/path")); + Assert.assertFalse("http".equals(ClasspathMatcher.extractProtocol("httpsome.correct.url:5050://full/path"))); + Assert.assertFalse("http".equals(ClasspathMatcher.extractProtocol("httpsome.corr://ect.url:5050/full/path"))); + Assert.assertFalse("http".equals(ClasspathMatcher.extractProtocol("httpsome.corr://ect.url"))); + Assert.assertFalse("http".equals(ClasspathMatcher.extractProtocol("httpsome/ful://l/path"))); } @Test @@ -154,10 +154,10 @@ } Assert.assertNotNull(ex); //wrongly palced :// - is catched by hasProtocol - Assert.assertNotEquals("some.correct.url:5050://full/path", ClasspathMatcher.removeProtocol("httpsome.correct.url:5050://full/path")); - Assert.assertNotEquals("some.corr://ect.url:5050/full/path", ClasspathMatcher.removeProtocol("httpsome.corr://ect.url:5050/full/path")); - Assert.assertNotEquals("some.corr://ect.url", ClasspathMatcher.removeProtocol("httpsome.corr://ect.url")); - Assert.assertNotEquals("some/ful://l/path", ClasspathMatcher.removeProtocol("httpsome/ful://l/path")); + Assert.assertFalse("some.correct.url:5050://full/path".equals(ClasspathMatcher.removeProtocol("httpsome.correct.url:5050://full/path"))); + Assert.assertFalse("some.corr://ect.url:5050/full/path".equals(ClasspathMatcher.removeProtocol("httpsome.corr://ect.url:5050/full/path"))); + Assert.assertFalse("some.corr://ect.url".equals(ClasspathMatcher.removeProtocol("httpsome.corr://ect.url"))); + Assert.assertFalse("some/ful://l/path".equals(ClasspathMatcher.removeProtocol("httpsome/ful://l/path"))); } @Test