Client Cert PKCS#11 - UI/Exception Handling

[kingthorin]

If you enable client certs then goto the PKCS#11 tab and hit "Add to Keystore" you get an exception.

It should be handled better, or perhaps the button shouldn't be active until there's something to add.

31916 [AWT-EventQueue-0] WARN org.parosproxy.paros.extension.option.OptionsCertificatePanel - Couldn't add key from ActivIdentity - Windows (x86)
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at ch.csnc.extension.httpclient.SSLContextManager.createInstance(SSLContextManager.java:378)
at ch.csnc.extension.httpclient.SSLContextManager.createPKCS11Provider(SSLContextManager.java:366)
at ch.csnc.extension.httpclient.SSLContextManager.initPKCS11(SSLContextManager.java:352)
at org.parosproxy.paros.extension.option.OptionsCertificatePanel.addPkcs11ButtonActionPerformed(OptionsCertificatePanel.java:606)
at org.parosproxy.paros.extension.option.OptionsCertificatePanel.access$7(OptionsCertificatePanel.java:569)
at org.parosproxy.paros.extension.option.OptionsCertificatePanel$8.actionPerformed(OptionsCertificatePanel.java:373)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
at java.awt.Component.processMouseEvent(Unknown Source)
at javax.swing.JComponent.processMouseEvent(Unknown Source)
at java.awt.Component.processEvent(Unknown Source)
at java.awt.Container.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Window.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access$500(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Unknown Source)
at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue$4.run(Unknown Source)
at java.awt.EventQueue$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.WaitDispatchSupport$2.run(Unknown Source)
at java.awt.WaitDispatchSupport$4.run(Unknown Source)
at java.awt.WaitDispatchSupport$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.awt.WaitDispatchSupport.enter(Unknown Source)
at java.awt.Dialog.show(Unknown Source)
at java.awt.Component.show(Unknown Source)
at java.awt.Component.setVisible(Unknown Source)
at java.awt.Window.setVisible(Unknown Source)
at java.awt.Dialog.setVisible(Unknown Source)
at org.parosproxy.paros.extension.AbstractDialog.setVisible(AbstractDialog.java:150)
at org.parosproxy.paros.view.AbstractParamDialog.showDialog(AbstractParamDialog.java:361)
at org.parosproxy.paros.control.MenuToolsControl.options(MenuToolsControl.java:71)
at org.parosproxy.paros.control.MenuToolsControl.options(MenuToolsControl.java:63)
at org.zaproxy.zap.view.MainToolbarPanel$8.actionPerformed(MainToolbarPanel.java:372)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
at java.awt.AWTEventMulticaster.mouseReleased(Unknown Source)
at java.awt.Component.processMouseEvent(Unknown Source)
at javax.swing.JComponent.processMouseEvent(Unknown Source)
at java.awt.Component.processEvent(Unknown Source)
at java.awt.Container.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Window.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access$500(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Unknown Source)
at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue$4.run(Unknown Source)
at java.awt.EventQueue$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
Caused by: java.security.ProviderException: Library C:\WINDOWS\System32\acpks211.dll does not exist
at sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:293)
at sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:107)
... 95 more

[thc202]

By handled better, do you mean it shouldn't be being logged? The user is informed (AFAICT) about the possible cause(s) of the problem.

[kingthorin]

I just figured that the exception(s) could be caught and a more user friendly message displayed instead of just stack trace.

Or, even better if the button wasn't active until there is actually something to add to the keystore. (In which case there shouldn't be any exception to handle, or at least not with the same cause [try to load a non-existent key.])

[thc202]

Ah, you mean in the log file? It's not logging a more friendly message because it's already shown in the UI (and the current code it's only used by the UI). Unless no message is being shown??
(Note the exceptions are already being caught/handled).

Not sure we are able to tell if there's a key (or not) without trying to add it?

[kingthorin]

Your right there is an error dialog in the UI, which means the exception could probably to go DEBUG instead of WARN. (Or we make a user friendly WARN message and put the details in DEBUG).

We could probably at least check that there is a PIN code entered ... unless there are pinless/passwordless implementations...

[thc202]

That's WARN to be logged by default, as that's useful if we need more info about the problem.

Yeah, maybe.

[lock]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.