diff options
| author | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-03-10 19:14:10 +0000 |
|---|---|---|
| committer | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-03-10 19:14:10 +0000 |
| commit | de398e39261d6cfd2e527151f7f2d850bc651882 (patch) | |
| tree | 50cbd6fe81eb8a7b8add8b317b3d33f467db27c9 | |
| parent | b2a39a45abf7a4f52650d01cc4294cc86674f8b9 (diff) | |
Bugzilla 489057: add audit signing to tks,drm, ocsp
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@291 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
| -rw-r--r-- | pki/base/silent/src/drm/ConfigureDRM.java | 31 | ||||
| -rw-r--r-- | pki/base/silent/src/ocsp/ConfigureOCSP.java | 33 | ||||
| -rw-r--r-- | pki/base/silent/src/tks/ConfigureTKS.java | 32 | ||||
| -rw-r--r-- | pki/dogtag/silent/pki-silent.spec | 4 |
4 files changed, 97 insertions, 3 deletions
diff --git a/pki/base/silent/src/drm/ConfigureDRM.java b/pki/base/silent/src/drm/ConfigureDRM.java index fc2b41546..3c1d1abfd 100644 --- a/pki/base/silent/src/drm/ConfigureDRM.java +++ b/pki/base/silent/src/drm/ConfigureDRM.java @@ -126,6 +126,11 @@ public class ConfigureDRM public static String drm_subsystem_cert_pp = null; public static String drm_subsystem_cert_cert = null; + public static String drm_audit_signing_cert_name = null; + public static String drm_audit_signing_cert_req = null; + public static String drm_audit_signing_cert_pp = null; + public static String drm_audit_signing_cert_cert = null; + public static String backup_pwd = null; // cert subject names @@ -133,6 +138,8 @@ public class ConfigureDRM public static String drm_subsystem_cert_subject_name = null; public static String drm_storage_cert_subject_name = null; public static String drm_server_cert_subject_name = null; + public static String drm_audit_signing_cert_subject_name = null; + public static String subsystem_name = null; @@ -409,16 +416,19 @@ public class ConfigureDRM "&subsystem_custom_size=" + key_size + "&sslserver_custom_size=" + key_size + "&custom_size=" + key_size + + "&audit_signing_custom_size=" + key_size + "&transport_keytype=" + key_type + "&storage_keytype=" + key_type + "&subsystem_keytype=" + key_type + "&sslserver_keytype=" + key_type + + "&audit_signing_keytype=" + key_type + "&keytype=" + key_type + "&transport_choice=default"+ "&storage_choice=default"+ "&subsystem_choice=default"+ "&sslserver_choice=default"+ "&choice=default"+ + "&audit_signing_choice=default" + ""; hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); @@ -447,6 +457,9 @@ public class ConfigureDRM { drm_subsystem_cert_name = temp; } + else if (temp.indexOf("DRM Audit Signing Certificate") > 0) { + drm_audit_signing_cert_name = temp; + } else { server_cert_name = temp; @@ -460,6 +473,9 @@ public class ConfigureDRM drm_storage_cert_name); System.out.println("default: drm_subsystem_cert_name=" + drm_subsystem_cert_name); + System.out.println("default: drm_audit_signing_cert_name=" + + drm_audit_signing_cert_name); + System.out.println("default: server_cert_name=" + server_cert_name); return true; @@ -493,6 +509,8 @@ public class ConfigureDRM URLEncoder.encode(drm_storage_cert_subject_name) + "&sslserver=" + URLEncoder.encode(drm_server_cert_subject_name) + + "&audit_signing=" + + URLEncoder.encode(drm_audit_signing_cert_name) + "&urls=" + URLEncoder.encode(domain_url) + ""; @@ -529,6 +547,10 @@ public class ConfigureDRM drm_subsystem_cert_req = (String) req_list.get(i); drm_subsystem_cert_cert = (String) cert_list.get(i); } + else if (temp.indexOf("auditSigningCert") >=0) { + drm_audit_signing_cert_req = (String) req_list.get(i); + drm_audit_signing_cert_cert = (String) cert_list.get(i); + } else { server_cert_req = (String) req_list.get(i); @@ -565,6 +587,9 @@ public class ConfigureDRM "&sslserver=" + URLEncoder.encode(server_cert_cert) + "&sslserver_cc=" + + "&audit_signing=" + + URLEncoder.encode(drm_audit_signing_cert_cert) + + "&audit_signing_cc=" + ""; hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); @@ -980,6 +1005,7 @@ public class ConfigureDRM StringHolder x_drm_server_cert_subject_name = new StringHolder(); StringHolder x_drm_transport_cert_subject_name = new StringHolder(); StringHolder x_drm_storage_cert_subject_name = new StringHolder(); + StringHolder x_drm_audit_signing_cert_subject_name = new StringHolder(); // subsystemName StringHolder x_subsystem_name = new StringHolder(); @@ -1074,6 +1100,10 @@ public class ConfigureDRM "-subsystem_name %s #CA subsystem name", x_subsystem_name); + parser.addOption( + "-drm_audit_signing_cert_subject_name %s #DRM audit signing cert subject name", + x_drm_audit_signing_cert_subject_name); + // and then match the arguments String [] unmatched = null; unmatched = parser.matchAllArgs (args,0,parser.EXIT_ON_UNMATCHED); @@ -1131,6 +1161,7 @@ public class ConfigureDRM x_drm_subsystem_cert_subject_name.value; drm_storage_cert_subject_name = x_drm_storage_cert_subject_name.value ; drm_server_cert_subject_name = x_drm_server_cert_subject_name.value ; + drm_audit_signing_cert_subject_name = x_drm_audit_signing_cert_subject_name.value; subsystem_name = x_subsystem_name.value ; diff --git a/pki/base/silent/src/ocsp/ConfigureOCSP.java b/pki/base/silent/src/ocsp/ConfigureOCSP.java index 09c0c9e06..2103229c0 100644 --- a/pki/base/silent/src/ocsp/ConfigureOCSP.java +++ b/pki/base/silent/src/ocsp/ConfigureOCSP.java @@ -118,12 +118,19 @@ public class ConfigureOCSP public static String ocsp_subsystem_cert_pp = null; public static String ocsp_subsystem_cert_cert = null; + public static String ocsp_audit_signing_cert_name = null; + public static String ocsp_audit_signing_cert_req = null; + public static String ocsp_audit_signing_cert_pp = null; + public static String ocsp_audit_signing_cert_cert = null; + + public static String backup_pwd = null; // cert subject names public static String ocsp_sign_cert_subject_name = null; public static String ocsp_subsystem_cert_subject_name = null; public static String ocsp_server_cert_subject_name = null; + public static String ocsp_audit_signing_cert_subject_name = null; public static String subsystem_name = null; public ConfigureOCSP () @@ -397,17 +404,21 @@ public class ConfigureOCSP "&signing_custom_size=" + key_size + "&subsystem_custom_size=" + key_size + "&sslserver_custom_size=" + key_size + + "&audit_signing_custom_size=" + key_size + "&custom_size=" + key_size + "&signing_keytype=" + key_type + "&subsystem_keytype=" + key_type + - "&sslserver_keytype=" + key_type + + "&sslserver_keytype=" + key_type + + "&audit_signing_keytype=" + key_type + "&keytype=" + key_type + "&signing_choice=default"+ "&subsystem_choice=default"+ "&sslserver_choice=default"+ + "&audit_signing_choice=default" + "&choice=default"+ ""; + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml @@ -430,6 +441,9 @@ public class ConfigureOCSP { ocsp_subsystem_cert_name = temp; } + else if (temp.indexOf("Audit Signing Certificate") > 0) { + ocsp_audit_signing_cert_name = temp; + } else { server_cert_name = temp; @@ -440,6 +454,8 @@ public class ConfigureOCSP System.out.println("default: ocsp_signing_cert_name=" + ocsp_signing_cert_name); System.out.println("default: ocsp_subsystem_cert_name=" + ocsp_subsystem_cert_name); System.out.println("default: server_cert_name=" + server_cert_name); + System.out.println("default: oscp_audit_signing_cert_name=" + ocsp_audit_signing_cert_name); + return true; } @@ -462,6 +478,8 @@ public class ConfigureOCSP URLEncoder.encode(ocsp_sign_cert_subject_name) + "&sslserver=" + URLEncoder.encode(ocsp_server_cert_subject_name) + + "&audit_signing=" + + URLEncoder.encode(ocsp_audit_signing_cert_name) + "&urls=" + URLEncoder.encode(domain_url) + ""; @@ -493,6 +511,10 @@ public class ConfigureOCSP ocsp_subsystem_cert_req = (String) req_list.get(i); ocsp_subsystem_cert_cert = (String) cert_list.get(i); } + else if (temp.indexOf("auditSigningCert") >=0) { + ocsp_audit_signing_cert_req = (String) req_list.get(i); + ocsp_audit_signing_cert_cert = (String) cert_list.get(i); + } else { server_cert_req = (String) req_list.get(i); @@ -526,6 +548,9 @@ public class ConfigureOCSP "&sslserver=" + URLEncoder.encode(server_cert_cert) + "&sslserver_cc=" + + "&audit_signing=" + + URLEncoder.encode(ocsp_audit_signing_cert_cert) + + "&audit_signing_cc=" + ""; hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); @@ -944,6 +969,7 @@ public class ConfigureOCSP StringHolder x_ocsp_sign_cert_subject_name = new StringHolder(); StringHolder x_ocsp_subsystem_cert_subject_name = new StringHolder(); StringHolder x_ocsp_server_cert_subject_name = new StringHolder(); + StringHolder x_ocsp_audit_signing_cert_subject_name = new StringHolder(); // subsystemName StringHolder x_subsystem_name = new StringHolder(); @@ -1035,6 +1061,10 @@ public class ConfigureOCSP "-subsystem_name %s #OCSP subsystem name", x_subsystem_name); + parser.addOption( + "-ocsp_audit_signing_cert_subject_name %s #OCSP audit signing cert subject name", + x_ocsp_audit_signing_cert_subject_name); + // and then match the arguments String [] unmatched = null; unmatched = parser.matchAllArgs (args,0,parser.EXIT_ON_UNMATCHED); @@ -1090,6 +1120,7 @@ public class ConfigureOCSP ocsp_subsystem_cert_subject_name = x_ocsp_subsystem_cert_subject_name.value; ocsp_server_cert_subject_name = x_ocsp_server_cert_subject_name.value ; + ocsp_audit_signing_cert_subject_name = x_ocsp_audit_signing_cert_subject_name.value; subsystem_name = x_subsystem_name.value ; diff --git a/pki/base/silent/src/tks/ConfigureTKS.java b/pki/base/silent/src/tks/ConfigureTKS.java index 624d5bd43..32df24817 100644 --- a/pki/base/silent/src/tks/ConfigureTKS.java +++ b/pki/base/silent/src/tks/ConfigureTKS.java @@ -113,12 +113,18 @@ public class ConfigureTKS public static String tks_subsystem_cert_pp = null; public static String tks_subsystem_cert_cert = null; + public static String tks_audit_signing_cert_name = null; + public static String tks_audit_signing_cert_req = null; + public static String tks_audit_signing_cert_pp = null; + public static String tks_audit_signing_cert_cert = null; + public static String backup_pwd = null; // names public static String tks_subsystem_cert_subject_name = null; public static String tks_server_cert_subject_name = null; public static String subsystem_name = null; + public static String tks_audit_signing_cert_subject_name = null; public ConfigureTKS () { @@ -390,14 +396,18 @@ public class ConfigureTKS "&subsystem_custom_size=" + key_size + "&sslserver_custom_size=" + key_size + "&custom_size=" + key_size + + "&audit_signing_custom_size=" + key_size + "&subsystem_keytype=" + key_type + "&sslserver_keytype=" + key_type + "&keytype=" + key_type + + "&audit_signing_keytype=" + key_type + "&subsystem_choice=default"+ "&sslserver_choice=default"+ + "&audit_signing_choice=default" + "&choice=default"+ ""; + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml @@ -416,6 +426,10 @@ public class ConfigureTKS { tks_subsystem_cert_name = temp; } + else if(temp.indexOf("Audit Signing Certificate") > 0) + { + tks_audit_signing_cert_name = temp; + } else { server_cert_name = temp; @@ -427,6 +441,7 @@ public class ConfigureTKS tks_subsystem_cert_name); System.out.println("default: server_cert_name=" + server_cert_name); + System.out.println("default: tks_audit_signing_cert_name=" + tks_audit_signing_cert_name); return true; } @@ -446,7 +461,9 @@ public class ConfigureTKS "&subsystem=" + URLEncoder.encode(tks_subsystem_cert_subject_name) + "&sslserver=" + - URLEncoder.encode(tks_server_cert_subject_name) + + URLEncoder.encode(tks_server_cert_subject_name) + + "&audit_signing=" + + URLEncoder.encode(tks_audit_signing_cert_name) + "&urls=" + URLEncoder.encode(domain_url) + ""; @@ -473,6 +490,10 @@ public class ConfigureTKS tks_subsystem_cert_req = (String) req_list.get(i); tks_subsystem_cert_cert = (String) cert_list.get(i); } + else if (temp.indexOf("auditSigningCert") >=0) { + tks_audit_signing_cert_req = (String) req_list.get(i); + tks_audit_signing_cert_cert = (String) cert_list.get(i); + } else { server_cert_req = (String) req_list.get(i); @@ -503,6 +524,9 @@ public class ConfigureTKS "&sslserver=" + URLEncoder.encode(server_cert_cert) + "&sslserver_cc=" + + "&audit_signing=" + + URLEncoder.encode(tks_audit_signing_cert_cert) + + "&audit_signing_cc=" + ""; hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); @@ -919,6 +943,7 @@ public class ConfigureTKS // tks cert subject name params StringHolder x_tks_subsystem_cert_subject_name = new StringHolder(); StringHolder x_tks_server_cert_subject_name = new StringHolder(); + StringHolder x_tks_audit_signing_cert_subject_name = new StringHolder(); // subsystemName StringHolder x_subsystem_name = new StringHolder(); @@ -1007,6 +1032,10 @@ public class ConfigureTKS "-subsystem_name %s #CA subsystem name", x_subsystem_name); + parser.addOption( + "-tks_audit_signing_cert_subject_name %s #TKS audit signing cert subject name", + x_tks_audit_signing_cert_subject_name); + // and then match the arguments String [] unmatched = null; unmatched = parser.matchAllArgs (args,0,parser.EXIT_ON_UNMATCHED); @@ -1064,6 +1093,7 @@ public class ConfigureTKS x_tks_server_cert_subject_name.value ; subsystem_name = x_subsystem_name.value ; + tks_audit_signing_cert_subject_name = x_tks_audit_signing_cert_subject_name.value; diff --git a/pki/dogtag/silent/pki-silent.spec b/pki/dogtag/silent/pki-silent.spec index 35ac8f18c..3064bd3fb 100644 --- a/pki/dogtag/silent/pki-silent.spec +++ b/pki/dogtag/silent/pki-silent.spec @@ -33,7 +33,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.0.0 -%define base_release 8 +%define base_release 9 %define base_group System Environment/Shells %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -234,6 +234,8 @@ rm -rf ${RPM_BUILD_ROOT} ############################################################################### %changelog +* Tue Mar 10 2009 Ade Lee <alee@redhat.com> 1.0.0-9 +- Bugzilla Bug #489057 - Add audit_signing cert to drm, ocsp, tks * Fri Feb 20 2009 Ade Lee <alee@redhat.com> 1.0.0-8 - Bugzilla Bug #486028 - Add audit_signing cert * Sat Feb 14 2009 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-7 |