diff options
author | Endi Sukma Dewata <edewata@redhat.com> | 2012-03-24 02:27:47 -0500 |
---|---|---|
committer | Endi Sukma Dewata <edewata@redhat.com> | 2012-03-26 11:43:54 -0500 |
commit | 621d9e5c413e561293d7484b93882d985b3fe15f (patch) | |
tree | 638f3d75761c121d9a8fb50b52a12a6686c5ac5c /base/common/src/com/netscape/cms/profile/output | |
parent | 40d3643b8d91886bf210aa27f711731c81a11e49 (diff) | |
download | pki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.gz pki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.xz pki-621d9e5c413e561293d7484b93882d985b3fe15f.zip |
Removed unnecessary pki folder.
Previously the source code was located inside a pki folder.
This folder was created during svn migration and is no longer
needed. This folder has now been removed and the contents have
been moved up one level.
Ticket #131
Diffstat (limited to 'base/common/src/com/netscape/cms/profile/output')
5 files changed, 683 insertions, 0 deletions
diff --git a/base/common/src/com/netscape/cms/profile/output/CMMFOutput.java b/base/common/src/com/netscape/cms/profile/output/CMMFOutput.java new file mode 100644 index 000000000..2253460b1 --- /dev/null +++ b/base/common/src/com/netscape/cms/profile/output/CMMFOutput.java @@ -0,0 +1,161 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.cms.profile.output; + +import java.io.ByteArrayOutputStream; +import java.security.cert.X509Certificate; +import java.util.Locale; + +import netscape.security.x509.CertificateChain; +import netscape.security.x509.X509CertImpl; + +import org.mozilla.jss.asn1.INTEGER; +import org.mozilla.jss.pkix.cmmf.CertOrEncCert; +import org.mozilla.jss.pkix.cmmf.CertRepContent; +import org.mozilla.jss.pkix.cmmf.CertResponse; +import org.mozilla.jss.pkix.cmmf.CertifiedKeyPair; +import org.mozilla.jss.pkix.cmmf.PKIStatusInfo; + +import com.netscape.certsrv.apps.CMS; +import com.netscape.certsrv.base.ICertPrettyPrint; +import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.ca.ICertificateAuthority; +import com.netscape.certsrv.profile.EProfileException; +import com.netscape.certsrv.profile.IProfile; +import com.netscape.certsrv.profile.IProfileContext; +import com.netscape.certsrv.profile.IProfileOutput; +import com.netscape.certsrv.property.Descriptor; +import com.netscape.certsrv.property.IDescriptor; +import com.netscape.certsrv.request.IRequest; +import com.netscape.cms.profile.common.EnrollProfile; + +/** + * This class implements the output plugin that outputs + * CMMF response for the issued certificate. + * + * @version $Revision$, $Date$ + */ +public class CMMFOutput extends EnrollOutput implements IProfileOutput { + + public static final String VAL_PRETTY_CERT = "pretty_cert"; + public static final String VAL_CMMF_RESPONSE = "cmmf_response"; + + public CMMFOutput() { + addValueName(VAL_PRETTY_CERT); + addValueName(VAL_CMMF_RESPONSE); + } + + /** + * Initializes this default policy. + */ + public void init(IProfile profile, IConfigStore config) + throws EProfileException { + super.init(profile, config); + } + + /** + * Retrieves the localizable name of this policy. + */ + public String getName(Locale locale) { + return CMS.getUserMessage(locale, "CMS_PROFILE_OUTPUT_CERT_NAME"); + } + + /** + * Retrieves the localizable description of this policy. + */ + public String getText(Locale locale) { + return CMS.getUserMessage(locale, "CMS_PROFILE_OUTPUT_CERT_TEXT"); + } + + /** + * Populates the request with this policy default. + */ + public void populate(IProfileContext ctx, IRequest request) + throws EProfileException { + } + + /** + * Retrieves the descriptor of the given value + * parameter by name. + */ + public IDescriptor getValueDescriptor(Locale locale, String name) { + if (name.equals(VAL_PRETTY_CERT)) { + return new Descriptor(IDescriptor.PRETTY_PRINT, null, + null, + CMS.getUserMessage(locale, + "CMS_PROFILE_OUTPUT_CERT_PP")); + } else if (name.equals(VAL_CMMF_RESPONSE)) { + return new Descriptor(IDescriptor.PRETTY_PRINT, null, + null, + CMS.getUserMessage(locale, + "CMS_PROFILE_OUTPUT_CMMF_B64")); + } + return null; + } + + public String getValue(String name, Locale locale, IRequest request) + throws EProfileException { + if (name.equals(VAL_PRETTY_CERT)) { + X509CertImpl cert = request.getExtDataInCert( + EnrollProfile.REQUEST_ISSUED_CERT); + ICertPrettyPrint prettyCert = CMS.getCertPrettyPrint(cert); + + return prettyCert.toString(locale); + } else if (name.equals(VAL_CMMF_RESPONSE)) { + try { + X509CertImpl cert = request.getExtDataInCert( + EnrollProfile.REQUEST_ISSUED_CERT); + if (cert == null) + return null; + + ICertificateAuthority ca = (ICertificateAuthority) + CMS.getSubsystem("ca"); + CertificateChain cachain = ca.getCACertChain(); + X509Certificate[] cacerts = cachain.getChain(); + + byte[][] caPubs = new byte[cacerts.length][]; + + for (int j = 0; j < cacerts.length; j++) { + caPubs[j] = ((X509CertImpl) cacerts[j]).getEncoded(); + } + + CertRepContent certRepContent = null; + certRepContent = new CertRepContent(caPubs); + + PKIStatusInfo status = new PKIStatusInfo(PKIStatusInfo.granted); + CertifiedKeyPair certifiedKP = + new CertifiedKeyPair(new CertOrEncCert(cert.getEncoded())); + CertResponse resp = + new CertResponse(new INTEGER(request.getRequestId().toString()), + status, certifiedKP); + certRepContent.addCertResponse(resp); + + ByteArrayOutputStream certRepOut = new ByteArrayOutputStream(); + certRepContent.encode(certRepOut); + byte[] certRepBytes = certRepOut.toByteArray(); + + return CMS.BtoA(certRepBytes); + } catch (Exception e) { + return null; + } + } else { + return null; + } + } + +} diff --git a/base/common/src/com/netscape/cms/profile/output/CertOutput.java b/base/common/src/com/netscape/cms/profile/output/CertOutput.java new file mode 100644 index 000000000..1293c055c --- /dev/null +++ b/base/common/src/com/netscape/cms/profile/output/CertOutput.java @@ -0,0 +1,120 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.cms.profile.output; + +import java.util.Locale; + +import netscape.security.x509.X509CertImpl; + +import com.netscape.certsrv.apps.CMS; +import com.netscape.certsrv.base.ICertPrettyPrint; +import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.profile.EProfileException; +import com.netscape.certsrv.profile.IProfile; +import com.netscape.certsrv.profile.IProfileContext; +import com.netscape.certsrv.profile.IProfileOutput; +import com.netscape.certsrv.property.Descriptor; +import com.netscape.certsrv.property.IDescriptor; +import com.netscape.certsrv.request.IRequest; +import com.netscape.cms.profile.common.EnrollProfile; + +/** + * This class implements the pretty print certificate output + * that displays the issued certificate in a pretty print format. + * + * @version $Revision$, $Date$ + */ +public class CertOutput extends EnrollOutput implements IProfileOutput { + public static final String VAL_PRETTY_CERT = "pretty_cert"; + public static final String VAL_B64_CERT = "b64_cert"; + + public CertOutput() { + addValueName(VAL_PRETTY_CERT); + addValueName(VAL_B64_CERT); + } + + /** + * Initializes this default policy. + */ + public void init(IProfile profile, IConfigStore config) + throws EProfileException { + super.init(profile, config); + } + + /** + * Retrieves the localizable name of this policy. + */ + public String getName(Locale locale) { + return CMS.getUserMessage(locale, "CMS_PROFILE_OUTPUT_CERT_NAME"); + } + + /** + * Retrieves the localizable description of this policy. + */ + public String getText(Locale locale) { + return CMS.getUserMessage(locale, "CMS_PROFILE_OUTPUT_CERT_TEXT"); + } + + /** + * Populates the request with this policy default. + */ + public void populate(IProfileContext ctx, IRequest request) + throws EProfileException { + } + + /** + * Retrieves the descriptor of the given value + * parameter by name. + */ + public IDescriptor getValueDescriptor(Locale locale, String name) { + if (name.equals(VAL_PRETTY_CERT)) { + return new Descriptor(IDescriptor.PRETTY_PRINT, null, + null, + CMS.getUserMessage(locale, + "CMS_PROFILE_OUTPUT_CERT_PP")); + } else if (name.equals(VAL_B64_CERT)) { + return new Descriptor(IDescriptor.PRETTY_PRINT, null, + null, + CMS.getUserMessage(locale, + "CMS_PROFILE_OUTPUT_CERT_B64")); + } + return null; + } + + public String getValue(String name, Locale locale, IRequest request) + throws EProfileException { + if (name.equals(VAL_PRETTY_CERT)) { + X509CertImpl cert = request.getExtDataInCert( + EnrollProfile.REQUEST_ISSUED_CERT); + if (cert == null) + return null; + ICertPrettyPrint prettyCert = CMS.getCertPrettyPrint(cert); + + return prettyCert.toString(locale); + } else if (name.equals(VAL_B64_CERT)) { + X509CertImpl cert = request.getExtDataInCert( + EnrollProfile.REQUEST_ISSUED_CERT); + if (cert == null) + return null; + return CMS.getEncodedCert(cert); + } else { + return null; + } + } + +} diff --git a/base/common/src/com/netscape/cms/profile/output/EnrollOutput.java b/base/common/src/com/netscape/cms/profile/output/EnrollOutput.java new file mode 100644 index 000000000..25a4b4908 --- /dev/null +++ b/base/common/src/com/netscape/cms/profile/output/EnrollOutput.java @@ -0,0 +1,134 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.cms.profile.output; + +import java.util.Enumeration; +import java.util.Locale; +import java.util.Vector; + +import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.profile.EProfileException; +import com.netscape.certsrv.profile.IProfile; +import com.netscape.certsrv.profile.IProfileContext; +import com.netscape.certsrv.profile.IProfileOutput; +import com.netscape.certsrv.property.EPropertyException; +import com.netscape.certsrv.property.IDescriptor; +import com.netscape.certsrv.request.IRequest; + +/** + * This class implements the basic enrollment output. + * + * @version $Revision$, $Date$ + */ +public abstract class EnrollOutput implements IProfileOutput { + private IConfigStore mConfig = null; + private Vector<String> mValueNames = new Vector<String>(); + protected Vector<String> mConfigNames = new Vector<String>(); + + /** + * Initializes this default policy. + */ + public void init(IProfile profile, IConfigStore config) + throws EProfileException { + mConfig = config; + } + + public IConfigStore getConfigStore() { + return mConfig; + } + + public void addValueName(String name) { + mValueNames.addElement(name); + } + + /** + * Populates the request with this policy default. + * + * @param ctx profile context + * @param request request + * @exception EProfileException failed to populate + */ + public abstract void populate(IProfileContext ctx, IRequest request) + throws EProfileException; + + /** + * Retrieves the descriptor of the given value + * parameter by name. + * + * @param locale user locale + * @param name property name + * @return property descriptor + */ + public abstract IDescriptor getValueDescriptor(Locale locale, String name); + + /** + * Retrieves the localizable name of this policy. + * + * @param locale user locale + * @return output policy name + */ + public abstract String getName(Locale locale); + + /** + * Retrieves the localizable description of this policy. + * + * @param locale user locale + * @return output policy description + */ + public abstract String getText(Locale locale); + + /** + * Retrieves a list of names of the value parameter. + */ + public Enumeration<String> getValueNames() { + return mValueNames.elements(); + } + + public String getValue(String name, Locale locale, IRequest request) + throws EProfileException { + return request.getExtDataInString(name); + } + + /** + * Sets the value of the given value parameter by name. + */ + public void setValue(String name, Locale locale, IRequest request, + String value) throws EPropertyException { + request.setExtData(name, value); + } + + public Enumeration<String> getConfigNames() { + return mConfigNames.elements(); + } + + public IDescriptor getConfigDescriptor(Locale locale, String name) { + return null; + } + + public void setConfig(String name, String value) + throws EPropertyException { + } + + public String getConfig(String name) { + return null; + } + + public String getDefaultConfig(String name) { + return null; + } +} diff --git a/base/common/src/com/netscape/cms/profile/output/PKCS7Output.java b/base/common/src/com/netscape/cms/profile/output/PKCS7Output.java new file mode 100644 index 000000000..0e01e15dd --- /dev/null +++ b/base/common/src/com/netscape/cms/profile/output/PKCS7Output.java @@ -0,0 +1,158 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.cms.profile.output; + +import java.io.ByteArrayOutputStream; +import java.security.cert.X509Certificate; +import java.util.Locale; + +import netscape.security.pkcs.ContentInfo; +import netscape.security.pkcs.PKCS7; +import netscape.security.pkcs.SignerInfo; +import netscape.security.x509.AlgorithmId; +import netscape.security.x509.CertificateChain; +import netscape.security.x509.X509CertImpl; + +import com.netscape.certsrv.apps.CMS; +import com.netscape.certsrv.base.ICertPrettyPrint; +import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.ca.ICertificateAuthority; +import com.netscape.certsrv.profile.EProfileException; +import com.netscape.certsrv.profile.IProfile; +import com.netscape.certsrv.profile.IProfileContext; +import com.netscape.certsrv.profile.IProfileOutput; +import com.netscape.certsrv.property.Descriptor; +import com.netscape.certsrv.property.IDescriptor; +import com.netscape.certsrv.request.IRequest; +import com.netscape.cms.profile.common.EnrollProfile; + +/** + * This class implements the output plugin that outputs + * PKCS7 for the issued certificate. + * + * @version $Revision$, $Date$ + */ +public class PKCS7Output extends EnrollOutput implements IProfileOutput { + + public static final String VAL_PRETTY_CERT = "pretty_cert"; + public static final String VAL_PKCS7 = "pkcs7"; + + public PKCS7Output() { + addValueName(VAL_PRETTY_CERT); + addValueName(VAL_PKCS7); + } + + /** + * Initializes this default policy. + */ + public void init(IProfile profile, IConfigStore config) + throws EProfileException { + super.init(profile, config); + } + + /** + * Retrieves the localizable name of this policy. + */ + public String getName(Locale locale) { + return CMS.getUserMessage(locale, "CMS_PROFILE_OUTPUT_CERT_NAME"); + } + + /** + * Retrieves the localizable description of this policy. + */ + public String getText(Locale locale) { + return CMS.getUserMessage(locale, "CMS_PROFILE_OUTPUT_CERT_TEXT"); + } + + /** + * Populates the request with this policy default. + */ + public void populate(IProfileContext ctx, IRequest request) + throws EProfileException { + } + + /** + * Retrieves the descriptor of the given value + * parameter by name. + */ + public IDescriptor getValueDescriptor(Locale locale, String name) { + if (name.equals(VAL_PRETTY_CERT)) { + return new Descriptor(IDescriptor.PRETTY_PRINT, null, + null, + CMS.getUserMessage(locale, + "CMS_PROFILE_OUTPUT_CERT_PP")); + } else if (name.equals(VAL_PKCS7)) { + return new Descriptor(IDescriptor.PRETTY_PRINT, null, + null, + CMS.getUserMessage(locale, + "CMS_PROFILE_OUTPUT_PKCS7_B64")); + } + return null; + } + + public String getValue(String name, Locale locale, IRequest request) + throws EProfileException { + if (name.equals(VAL_PRETTY_CERT)) { + X509CertImpl cert = request.getExtDataInCert( + EnrollProfile.REQUEST_ISSUED_CERT); + if (cert == null) + return null; + ICertPrettyPrint prettyCert = CMS.getCertPrettyPrint(cert); + + return prettyCert.toString(locale); + } else if (name.equals(VAL_PKCS7)) { + + try { + X509CertImpl cert = request.getExtDataInCert( + EnrollProfile.REQUEST_ISSUED_CERT); + if (cert == null) + return null; + + ICertificateAuthority ca = (ICertificateAuthority) + CMS.getSubsystem("ca"); + CertificateChain cachain = ca.getCACertChain(); + X509Certificate[] cacerts = cachain.getChain(); + + X509CertImpl[] userChain = new X509CertImpl[cacerts.length + 1]; + int m = 1, n = 0; + + for (; n < cacerts.length; m++, n++) { + userChain[m] = (X509CertImpl) cacerts[n]; + } + + userChain[0] = cert; + PKCS7 p7 = new PKCS7(new AlgorithmId[0], + new ContentInfo(new byte[0]), + userChain, + new SignerInfo[0]); + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + + p7.encodeSignedData(bos); + byte[] p7Bytes = bos.toByteArray(); + String p7Str = CMS.BtoA(p7Bytes); + + return p7Str; + } catch (Exception e) { + return ""; + } + } else { + return null; + } + } + +} diff --git a/base/common/src/com/netscape/cms/profile/output/nsNKeyOutput.java b/base/common/src/com/netscape/cms/profile/output/nsNKeyOutput.java new file mode 100644 index 000000000..6bf03f436 --- /dev/null +++ b/base/common/src/com/netscape/cms/profile/output/nsNKeyOutput.java @@ -0,0 +1,110 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.cms.profile.output; + +import java.util.Locale; + +import netscape.security.x509.X509CertImpl; + +import com.netscape.certsrv.apps.CMS; +import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.profile.EProfileException; +import com.netscape.certsrv.profile.IProfile; +import com.netscape.certsrv.profile.IProfileContext; +import com.netscape.certsrv.profile.IProfileOutput; +import com.netscape.certsrv.property.Descriptor; +import com.netscape.certsrv.property.IDescriptor; +import com.netscape.certsrv.request.IRequest; +import com.netscape.cms.profile.common.EnrollProfile; + +/** + * This class implements the output plugin that outputs + * DER for the issued certificate for token keys + * + * @version $Revision$, $Date$ + */ +public class nsNKeyOutput extends EnrollOutput implements IProfileOutput { + + public static final String VAL_DER = "der"; + + public nsNKeyOutput() { + addValueName(VAL_DER); + } + + /** + * Initializes this default policy. + */ + public void init(IProfile profile, IConfigStore config) + throws EProfileException { + super.init(profile, config); + } + + /** + * Retrieves the localizable name of this policy. + */ + public String getName(Locale locale) { + return CMS.getUserMessage(locale, "CMS_PROFILE_OUTPUT_CERT_TOKENKEY_NAME"); + } + + /** + * Retrieves the localizable description of this policy. + */ + public String getText(Locale locale) { + return CMS.getUserMessage(locale, "CMS_PROFILE_OUTPUT_CERT_TOKENKEY_TEXT"); + } + + /** + * Populates the request with this policy default. + */ + public void populate(IProfileContext ctx, IRequest request) + throws EProfileException { + } + + /** + * Retrieves the descriptor of the given value + * parameter by name. + */ + public IDescriptor getValueDescriptor(Locale locale, String name) { + if (name.equals(VAL_DER)) { + return new Descriptor("der_b64", null, + null, + CMS.getUserMessage(locale, + "CMS_PROFILE_OUTPUT_DER_B64")); + } + return null; + } + + public String getValue(String name, Locale locale, IRequest request) + throws EProfileException { + if (name.equals(VAL_DER)) { + + try { + X509CertImpl cert = request.getExtDataInCert( + EnrollProfile.REQUEST_ISSUED_CERT); + if (cert == null) + return null; + return CMS.BtoA(cert.getEncoded()); + } catch (Exception e) { + return ""; + } + } else { + return null; + } + } + +} |