Allow using custom SSL certificates

CHANGELOG.md

@@ -12,6 +12,7 @@ Note that this project **does not** adhere to [Semantic Versioning](http://semve
 ### Added
 
 - We added an extra option when right-clicking an entry in the Entry List to copy either the DOI or the DOI url.
+- We added a new section to network preferences to allow using custom SSL certificates [#8126](https://github.com/JabRef/jabref/issues/8126)
 - We improved the version check to take also beta version into account and now redirect to the right changelog for the version
 - We added two new web and fulltext fetchers: SemanticScholar and ResearchGate
 

src/main/java/org/jabref/gui/JabRefMain.java

@@ -21,7 +21,7 @@
 import org.jabref.logic.net.ProxyAuthenticator;
 import org.jabref.logic.net.ProxyPreferences;
 import org.jabref.logic.net.ProxyRegisterer;
-import org.jabref.logic.net.URLDownload;
+import org.jabref.logic.net.ssl.SSLPreferences;
 import org.jabref.logic.protectedterms.ProtectedTermsLoader;
 import org.jabref.logic.remote.RemotePreferences;
 import org.jabref.logic.remote.client.RemoteClient;
@@ -51,7 +51,6 @@ public static void main(String[] args) {
 
     @Override
     public void start(Stage mainStage) {
-        URLDownload.bypassSSLVerification();
         try {
             FallbackExceptionHandler.installExceptionHandler();
 
@@ -63,6 +62,8 @@ public void start(Stage mainStage) {
 
             configureProxy(preferences.getProxyPreferences());
 
+            configureSSL(preferences.getSSLPreferences());
+
             Globals.startBackgroundTasks();
 
             applyPreferences(preferences);
@@ -149,6 +150,11 @@ private static void configureProxy(ProxyPreferences proxyPreferences) {
         }
     }
 
+    private static void configureSSL(SSLPreferences sslPreferences) {
+        System.setProperty("javax.net.ssl.trustStore", sslPreferences.getTruststorePath());
+        System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
+    }
+
     private static void clearOldSearchIndices() {
         Path currentIndexPath = BibDatabaseContext.getFulltextIndexBasePath();
         Path appData = currentIndexPath.getParent();

src/main/java/org/jabref/gui/preferences/network/CustomCertificateViewModel.java

@@ -0,0 +1,115 @@
+package org.jabref.gui.preferences.network;
+
+import java.time.LocalDate;
+import java.util.Optional;
+
+import javafx.beans.property.ObjectProperty;
+import javafx.beans.property.ReadOnlyObjectProperty;
+import javafx.beans.property.ReadOnlyStringProperty;
+import javafx.beans.property.SimpleObjectProperty;
+import javafx.beans.property.SimpleStringProperty;
+import javafx.beans.property.StringProperty;
+
+import org.jabref.gui.AbstractViewModel;
+import org.jabref.logic.net.ssl.SSLCertificate;
+
+public class CustomCertificateViewModel extends AbstractViewModel {
+    private final StringProperty serialNumberProperty = new SimpleStringProperty("");
+    private final StringProperty issuerProperty = new SimpleStringProperty("");
+    private final ObjectProperty<LocalDate> validFromProperty = new SimpleObjectProperty<>();
+    private final ObjectProperty<LocalDate> validToProperty = new SimpleObjectProperty<>();
+    private final StringProperty signatureAlgorithmProperty = new SimpleStringProperty("");
+    private final StringProperty versionProperty = new SimpleStringProperty("");
+    private final StringProperty thumbprintProperty = new SimpleStringProperty("");
+    private final StringProperty pathProperty = new SimpleStringProperty("");
+
+    public CustomCertificateViewModel(String thumbprint, String serialNumber, String issuer, LocalDate validFrom, LocalDate validTo, String sigAlgorithm, String version) {
+        serialNumberProperty.setValue(serialNumber);
+        issuerProperty.setValue(issuer);
+        validFromProperty.setValue(validFrom);
+        validToProperty.setValue(validTo);
+        signatureAlgorithmProperty.setValue(sigAlgorithm);
+        versionProperty.setValue(version);
+        thumbprintProperty.setValue(thumbprint);
+    }
+
+    public ReadOnlyStringProperty serialNumberProperty() {
+        return serialNumberProperty;
+    }
+
+    public ReadOnlyStringProperty issuerProperty() {
+        return issuerProperty;
+    }
+
+    public ReadOnlyObjectProperty<LocalDate> validFromProperty() {
+        return validFromProperty;
+    }
+
+    public ReadOnlyObjectProperty<LocalDate> validToProperty() {
+        return validToProperty;
+    }
+
+    public ReadOnlyStringProperty signatureAlgorithmProperty() {
+        return signatureAlgorithmProperty;
+    }
+
+    public ReadOnlyStringProperty versionProperty() {
+        return versionProperty;
+    }
+
+    public String getVersion() {
+        return versionProperty.getValue();
+    }
+
+    public String getThumbprint() {
+        return thumbprintProperty.getValue();
+    }
+
+    public LocalDate getValidFrom() {
+        return validFromProperty.getValue();
+    }
+
+    public LocalDate getValidTo() {
+        return validToProperty.getValue();
+    }
+
+    public StringProperty pathPropertyProperty() {
+        return pathProperty;
+    }
+
+    public Optional<String> getPath() {
+        if (pathProperty.getValue() == null || pathProperty.getValue().isEmpty()) {
+            return Optional.empty();
+        } else {
+            return Optional.of(pathProperty.getValue());
+        }
+    }
+
+    public CustomCertificateViewModel setPath(String path) {
+        pathProperty.setValue(path);
+        return this;
+    }
+
+    public String getSerialNumber() {
+        return serialNumberProperty.getValue();
+    }
+
+    public String getIssuer() {
+        return issuerProperty.getValue();
+    }
+
+    public String getSignatureAlgorithm() {
+        return signatureAlgorithmProperty.getValue();
+    }
+
+    public static CustomCertificateViewModel fromSSLCertificate(SSLCertificate sslCertificate) {
+        return new CustomCertificateViewModel(
+                sslCertificate.getSHA256Thumbprint(),
+                sslCertificate.getSerialNumber(),
+                sslCertificate.getIssuer(),
+                sslCertificate.getValidFrom(),
+                sslCertificate.getValidTo(),
+                sslCertificate.getSignatureAlgorithm(),
+                sslCertificate.getVersion().toString());
+    }
+}

src/main/java/org/jabref/gui/preferences/network/NetworkTab.fxml

@@ -1,59 +1,157 @@
 <?xml version="1.0" encoding="UTF-8"?>
 
+<?import javafx.geometry.Insets?>
 <?import javafx.scene.control.Button?>
 <?import javafx.scene.control.CheckBox?>
 <?import javafx.scene.control.Label?>
+<?import javafx.scene.control.TableColumn?>
+<?import javafx.scene.control.TableView?>
 <?import javafx.scene.control.TextField?>
 <?import javafx.scene.layout.ColumnConstraints?>
 <?import javafx.scene.layout.GridPane?>
 <?import javafx.scene.layout.HBox?>
 <?import javafx.scene.layout.RowConstraints?>
 <?import javafx.scene.layout.VBox?>
 <?import org.controlsfx.control.textfield.CustomPasswordField?>
-<fx:root spacing="10.0" type="VBox"
-         xmlns="http://javafx.com/javafx" xmlns:fx="http://javafx.com/fxml"
-         fx:controller="org.jabref.gui.preferences.network.NetworkTab">
-    <Label styleClass="titleHeader" text="%Network"/>
-    <Label styleClass="sectionHeader" text="%Remote operation"/>
-    <Label fx:id="remoteLabel"
-           text="%This feature lets new files be opened or imported into an already running instance of JabRef instead of opening a new instance. For instance, this is useful when you open a file in JabRef from your web browser. Note that this will prevent you from running more than one instance of JabRef at a time."
-           textOverrun="CLIP" wrapText="true"/>
+
+<?import org.jabref.gui.icon.JabRefIconView?>
+<fx:root spacing="10.0" type="VBox" xmlns="http://javafx.com/javafx/17" xmlns:fx="http://javafx.com/fxml/1" fx:controller="org.jabref.gui.preferences.network.NetworkTab">
+    <Label styleClass="titleHeader" text="%Network" />
+    <Label styleClass="sectionHeader" text="%Remote operation" />
+    <Label fx:id="remoteLabel" text="%This feature lets new files be opened or imported into an already running instance of JabRef instead of opening a new instance. For instance, this is useful when you open a file in JabRef from your web browser. Note that this will prevent you from running more than one instance of JabRef at a time." textOverrun="CLIP" wrapText="true" />
     <HBox alignment="CENTER_LEFT" spacing="10.0">
-        <CheckBox fx:id="remoteServer" text="%Listen for remote operation on port"/>
-        <TextField fx:id="remotePort" maxWidth="100.0" HBox.hgrow="ALWAYS"/>
-        <Button fx:id="remoteHelp" prefWidth="20.0"/>
+        <CheckBox fx:id="remoteServer" text="%Listen for remote operation on port" />
+        <TextField fx:id="remotePort" maxWidth="100.0" HBox.hgrow="ALWAYS" />
+        <Button fx:id="remoteHelp" prefWidth="20.0" />
     </HBox>
 
-    <Label styleClass="sectionHeader" text="%Proxy configuration"/>
+    <Label styleClass="sectionHeader" text="%Proxy configuration" />
     <GridPane hgap="10.0" vgap="10.0">
         <columnConstraints>
-            <ColumnConstraints hgrow="SOMETIMES"/>
-            <ColumnConstraints hgrow="SOMETIMES"/>
-            <ColumnConstraints hgrow="SOMETIMES"/>
+            <ColumnConstraints hgrow="SOMETIMES" />
+            <ColumnConstraints hgrow="SOMETIMES" />
+            <ColumnConstraints hgrow="SOMETIMES" />
+        </columnConstraints>
+        <rowConstraints>
+            <RowConstraints minHeight="10.0" vgrow="SOMETIMES" />
+            <RowConstraints minHeight="10.0" vgrow="SOMETIMES" />
+            <RowConstraints minHeight="10.0" vgrow="SOMETIMES" />
+            <RowConstraints minHeight="10.0" vgrow="SOMETIMES" />
+            <RowConstraints minHeight="10.0" vgrow="SOMETIMES" />
+         <RowConstraints />
+         <RowConstraints />
+        </rowConstraints>
+        <CheckBox fx:id="proxyUse" text="%Use custom proxy configuration" GridPane.columnSpan="3" GridPane.rowIndex="0" />
+        <Label fx:id="proxyHostnameLabel" text="%Hostname" GridPane.rowIndex="1" />
+        <TextField fx:id="proxyHostname" prefWidth="200.0" GridPane.columnIndex="1" GridPane.rowIndex="1" />
+        <Label fx:id="proxyPortLabel" text="%Port" GridPane.rowIndex="2" />
+        <TextField fx:id="proxyPort" maxWidth="100.0" GridPane.columnIndex="1" GridPane.rowIndex="2" />
+        <CheckBox fx:id="proxyUseAuthentication" text="%Proxy requires authentication" GridPane.columnSpan="3" GridPane.rowIndex="3" />
+        <Label fx:id="proxyUsernameLabel" text="%Username" GridPane.rowIndex="4" />
+        <TextField fx:id="proxyUsername" prefWidth="200.0" GridPane.columnIndex="1" GridPane.rowIndex="4" />
+        <Label fx:id="proxyPasswordLabel" text="%Password" GridPane.rowIndex="5" />
+        <CustomPasswordField fx:id="proxyPassword" prefWidth="200.0" GridPane.columnIndex="1" GridPane.rowIndex="5" />
+        <Label fx:id="proxyAttentionLabel" styleClass="warning-message" text="%Attention: Password is stored in plain text!" GridPane.columnIndex="2" GridPane.rowIndex="5" />
+        <Button fx:id="checkConnectionButton" onAction="#checkConnection" prefWidth="200.0" text="%Check connection" GridPane.columnIndex="1" GridPane.rowIndex="6" />
+    </GridPane>
+   <Label styleClass="sectionHeader" text="%SSL Configuration" />
+    <GridPane
+            hgap="10.0"
+            vgap="10.0">
+        <columnConstraints>
+            <ColumnConstraints
+                    hgrow="SOMETIMES"/>
+            <ColumnConstraints
+                    hgrow="SOMETIMES"/>
+            <ColumnConstraints
+                    hgrow="SOMETIMES"/>
         </columnConstraints>
         <rowConstraints>
-            <RowConstraints minHeight="10.0" vgrow="SOMETIMES"/>
-            <RowConstraints minHeight="10.0" vgrow="SOMETIMES"/>
-            <RowConstraints minHeight="10.0" vgrow="SOMETIMES"/>
-            <RowConstraints minHeight="10.0" vgrow="SOMETIMES"/>
-            <RowConstraints minHeight="10.0" vgrow="SOMETIMES"/>
+            <RowConstraints
+                    minHeight="10.0"
+                    vgrow="SOMETIMES"/>
+            <RowConstraints
+                    minHeight="10.0"
+                    vgrow="SOMETIMES"/>
+            <RowConstraints
+                    minHeight="10.0"
+                    vgrow="SOMETIMES"/>
+            <RowConstraints
+                    minHeight="10.0"
+                    vgrow="SOMETIMES"/>
+            <RowConstraints
+                    minHeight="10.0"
+                    vgrow="SOMETIMES"/>
+            <RowConstraints
+                    minHeight="10.0"
+                    vgrow="SOMETIMES"/>
+            <RowConstraints
+                    minHeight="10.0"
+                    vgrow="SOMETIMES"/>
+            <RowConstraints
+                    minHeight="10.0"
+                    vgrow="SOMETIMES"/>
+            <RowConstraints/>
+            <RowConstraints/>
         </rowConstraints>
-        <CheckBox fx:id="proxyUse" text="%Use custom proxy configuration" GridPane.columnSpan="3"
-                  GridPane.rowIndex="0"/>
-        <Label fx:id="proxyHostnameLabel" text="%Hostname" GridPane.rowIndex="1"/>
-        <TextField fx:id="proxyHostname" prefWidth="200.0" GridPane.columnIndex="1" GridPane.rowIndex="1"/>
-        <Label fx:id="proxyPortLabel" text="%Port" GridPane.rowIndex="2"/>
-        <TextField fx:id="proxyPort" maxWidth="100.0" GridPane.columnIndex="1" GridPane.rowIndex="2"/>
-        <CheckBox fx:id="proxyUseAuthentication" text="%Proxy requires authentication" GridPane.columnSpan="3"
-                  GridPane.rowIndex="3"/>
-        <Label fx:id="proxyUsernameLabel" text="%Username" GridPane.rowIndex="4"/>
-        <TextField fx:id="proxyUsername" prefWidth="200.0" GridPane.columnIndex="1" GridPane.rowIndex="4"/>
-        <Label fx:id="proxyPasswordLabel" text="%Password" GridPane.rowIndex="5"/>
-        <CustomPasswordField fx:id="proxyPassword" prefWidth="200.0" GridPane.columnIndex="1"
-                             GridPane.rowIndex="5"/>
-        <Label fx:id="proxyAttentionLabel" styleClass="warning-message"
-               text="%Attention: Password is stored in plain text!" GridPane.columnIndex="2" GridPane.rowIndex="5"/>
-        <Button fx:id="checkConnectionButton" text="%Check connection" onAction="#checkConnection"
-                prefWidth="200.0" GridPane.columnIndex="1" GridPane.rowIndex="6"/>
+        <TableView
+                fx:id="customCertificatesTable"
+                prefHeight="200.0"
+                GridPane.columnSpan="3"
+                GridPane.rowIndex="0">
+            <GridPane.margin>
+                <Insets right="16.0"/>
+            </GridPane.margin>
+            <columns>
+                <TableColumn
+                        fx:id="certSerialNumber"
+                        prefWidth="75.0"
+                        text="%Serial number"/>
+                <TableColumn
+                        fx:id="certIssuer"
+                        prefWidth="75.0"
+                        text="%Issuer"/>
+                <TableColumn
+                        fx:id="certValidFrom"
+                        prefWidth="50.0"
+                        text="%Valid from"/>
+                <TableColumn
+                        fx:id="certValidTo"
+                        prefWidth="50.0"
+                        text="%Valid to"/>
+                <TableColumn
+                        fx:id="certSignatureAlgorithm"
+                        minWidth="40.0"
+                        prefWidth="100.0"
+                        text="%Signature algorithm"/>
+                <TableColumn
+                        fx:id="certVersion"
+                        prefWidth="136.0"
+                        text="%Version"/>
+                <TableColumn
+                        fx:id="actionsColumn" maxWidth="35.0" minWidth="35.0" prefWidth="35.0"
+                        editable="false" resizable="false" reorderable="false"
+                />
+            </columns>
+           <columnResizePolicy>
+               <TableView
+                       fx:constant="CONSTRAINED_RESIZE_POLICY"/>
+           </columnResizePolicy>
+        </TableView>
+        <Button fx:id="addCertificate"
+                mnemonicParsing="false"
+                onAction="#addCertificateFile"
+                text="%Add certificate"
+                GridPane.columnIndex="2"
+                GridPane.halignment="RIGHT"
+                GridPane.rowIndex="1"
+                GridPane.valignment="TOP">
+           <GridPane.margin>
+               <Insets right="16.0"/>
+           </GridPane.margin>
+            <graphic>
+                <JabRefIconView glyph="OPEN_LIST"/>
+            </graphic>
+        </Button>
     </GridPane>
 </fx:root>