From 7812270317309602507448a0352cf31e1b8c49ba Mon Sep 17 00:00:00 2001
From: Brian Engert <lart2150@gmail.com>
Date: Sun, 28 Apr 2024 18:02:14 -0500
Subject: [PATCH] feat: display certificate information in help

---
 src/com/tivo/kmttg/gui/help.java         | 43 +++++++++++++++++-
 src/com/tivo/kmttg/rpc/TiVoRPC.java      | 35 +++------------
 src/com/tivo/kmttg/util/GetKeyStore.java | 55 ++++++++++++++++++++++++
 3 files changed, 104 insertions(+), 29 deletions(-)
 create mode 100644 src/com/tivo/kmttg/util/GetKeyStore.java

diff --git a/src/com/tivo/kmttg/gui/help.java b/src/com/tivo/kmttg/gui/help.java
index 15e79e6d..5a01e780 100644
--- a/src/com/tivo/kmttg/gui/help.java
+++ b/src/com/tivo/kmttg/gui/help.java
@@ -21,6 +21,14 @@
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.InputStreamReader;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+import java.util.Enumeration;
 import java.util.LinkedHashMap;
 
 import org.apache.hc.client5.http.classic.HttpClient;
@@ -43,6 +51,7 @@
 import javafx.stage.Stage;
 
 import com.tivo.kmttg.main.config;
+import com.tivo.kmttg.util.GetKeyStore;
 import com.tivo.kmttg.util.debug;
 import com.tivo.kmttg.util.log;
 
@@ -50,6 +59,29 @@ public class help {
    private static Stage dialog = null;
    private static VBox content = null;
    
+   static String getKeyExpires() {
+      GetKeyStore getKeyStore;
+      try {
+         getKeyStore = new GetKeyStore(null, config.programDir);
+         KeyStore keyStore = getKeyStore.getKeyStore();
+
+         Enumeration<String> aliases = keyStore.aliases();
+
+         while (aliases.hasMoreElements()) {
+            String alias = aliases.nextElement();
+            X509Certificate crt = (X509Certificate) keyStore.getCertificate(alias);
+            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("MMM d YYYY");
+            return simpleDateFormat.format(crt.getNotAfter());
+         }
+
+         return "No certs in cstore";
+      } catch (Exception e) {
+         System.out.println("Error Loading cert");
+         System.out.println(e);
+         return "Error Loading Cert";
+      }
+   }
+   
    static void showHelp() {
       debug.print("");
       if (dialog == null) {
@@ -83,7 +115,16 @@ public void handle(ActionEvent e) {
          });
          row.getChildren().addAll(lab1, link1);
          content.getChildren().add(row);
-                  
+         
+         HBox certRow = new HBox();
+         certRow.setSpacing(5);
+         certRow.setAlignment(Pos.CENTER);
+         certRow.getChildren().addAll(
+               new Label("Certificate Expires: "),
+               new Label(help.getKeyExpires())
+         );
+         content.getChildren().add(certRow);
+
          final LinkedHashMap<String,String> links = new LinkedHashMap<String,String>();
          links.put("kmttg Home Page", "http://sourceforge.net/p/kmttg/wiki/Home");
          links.put("kmttg downloads", "http://sourceforge.net/projects/kmttg/files");
diff --git a/src/com/tivo/kmttg/rpc/TiVoRPC.java b/src/com/tivo/kmttg/rpc/TiVoRPC.java
index 935fbb0b..fd1e5b81 100644
--- a/src/com/tivo/kmttg/rpc/TiVoRPC.java
+++ b/src/com/tivo/kmttg/rpc/TiVoRPC.java
@@ -17,6 +17,7 @@
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 import java.util.Arrays;
+import java.util.Enumeration;
 import java.util.Random;
 import java.util.Scanner;
 
@@ -28,6 +29,7 @@
 import javax.net.ssl.X509TrustManager;
 
 import com.tivo.kmttg.JSON.JSONObject;
+import com.tivo.kmttg.util.GetKeyStore;
 
 /**
  * Establish an RPC connection route with a TiVo using the provided cdata files.
@@ -209,35 +211,12 @@ public X509Certificate[] getAcceptedIssuers () {
    private final void createSocketFactory() {
       if ( sslSocketFactory == null ) {
         try {
-           KeyStore keyStore = KeyStore.getInstance("PKCS12");
-           // This is default USA password
-           String password = "KllX3KygL9"; // expires 1/24/2026
-           //String password = "vlZaKoduom"; // expires 5/3/2024
-           InputStream keyInput;
-           if (cdata == null) {
-              // Installation dir cdata.p12 file takes priority if it exists
-              String cdata = programDir + "/cdata.p12";
-              if ( new File(cdata).isFile() ) {
-                 keyInput = new FileInputStream(cdata);
-                 cdata = programDir + "/cdata.password";
-                 if (new File(cdata).isFile()) {
-                    Scanner s = new Scanner(new File(cdata));
-                    password = s.useDelimiter("\\A").next();
-                    s.close();
-                 } else {
-                    error("cdata.p12 file present, but cdata.password is not");
-                 }
-              } else {
-                 // Read default USA cdata.p12 from kmttg.jar
-                 keyInput = getClass().getResourceAsStream("/cdata.p12");
-              }
-           }
-           else
-              keyInput = new FileInputStream(cdata);
-           keyStore.load(keyInput, password.toCharArray());
-           keyInput.close();
+           GetKeyStore getKeyStore = new GetKeyStore(cdata, programDir);
+           KeyStore keyStore = getKeyStore.getKeyStore();
+           String keyPassword = getKeyStore.getKeyPassword();
+
            KeyManagerFactory fac = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
-           fac.init(keyStore, password.toCharArray());
+           fac.init(keyStore, keyPassword.toCharArray());
            SSLContext context = SSLContext.getInstance("TLS");
            TrustManager[] tm = new TrustManager[] { new NaiveTrustManager() };
            context.init(fac.getKeyManagers(), tm, new SecureRandom());
diff --git a/src/com/tivo/kmttg/util/GetKeyStore.java b/src/com/tivo/kmttg/util/GetKeyStore.java
new file mode 100644
index 00000000..329ad4a9
--- /dev/null
+++ b/src/com/tivo/kmttg/util/GetKeyStore.java
@@ -0,0 +1,55 @@
+package com.tivo.kmttg.util;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.util.Scanner;
+
+public class GetKeyStore {
+   private String keyPassword;
+   private KeyStore keyStore;
+   public GetKeyStore(String cdata, String programDir)
+         throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException 
+   {
+      keyStore = KeyStore.getInstance("PKCS12");
+      // This is default USA password
+      keyPassword = "KllX3KygL9"; // expires 1/24/2026
+      //String password = "vlZaKoduom"; // expires 5/3/2024
+      InputStream keyInput;
+      if (cdata == null) {
+         // Installation dir cdata.p12 file takes priority if it exists
+         cdata = programDir + "/cdata.p12";
+         if ( new File(cdata).isFile() ) {
+            keyInput = new FileInputStream(cdata);
+            cdata = programDir + "/cdata.password";
+            if (new File(cdata).isFile()) {
+               Scanner s = new Scanner(new File(cdata));
+               keyPassword = s.useDelimiter("\\A").next();
+               s.close();
+            } else {
+               System.out.println("cdata.p12 file present, but cdata.password is not");
+            }
+         } else {
+            // Read default USA cdata.p12 from kmttg.jar
+            keyInput = getClass().getResourceAsStream("/cdata.p12");
+         }
+      }
+      else
+         keyInput = new FileInputStream(cdata);
+      keyStore.load(keyInput, keyPassword.toCharArray());
+      keyInput.close();
+   }
+   public KeyStore getKeyStore() {
+      return keyStore;
+   }
+   
+   public String getKeyPassword() {
+      return keyPassword;
+   }
+   
+}
\ No newline at end of file