summaryrefslogtreecommitdiffstats
path: root/base/java-tools/src/com/netscape
diff options
context:
space:
mode:
authorEndi S. Dewata <edewata@redhat.com>2015-07-10 16:47:29 -0400
committerEndi S. Dewata <edewata@redhat.com>2015-07-13 13:46:47 -0400
commitc3033776af54b27a46d0af33cf602a291e6c603d (patch)
tree41f519d148c0363d318decd27a01b50a29e741d4 /base/java-tools/src/com/netscape
parent11bbb4e28650e7296707e4ddf07cdf2f56c8269b (diff)
downloadpki-c3033776af54b27a46d0af33cf602a291e6c603d.tar.gz
pki-c3033776af54b27a46d0af33cf602a291e6c603d.tar.xz
pki-c3033776af54b27a46d0af33cf602a291e6c603d.zip
Fixed NPE during key-retrieve.
Keys archived through the KRA connector in CA have null data type attribute which causes a NPE during retrieval using the key-retrieve CLI. The SecurityDataRecoveryService has been modified to consider null data type attribute as asymmetric key type. The KeyRetrieveCLI and KeyService have been modified to generate better debugging messages to help troubleshooting. https://fedorahosted.org/pki/ticket/1481
Diffstat (limited to 'base/java-tools/src/com/netscape')
-rw-r--r--base/java-tools/src/com/netscape/cmstools/key/KeyRetrieveCLI.java126
1 files changed, 53 insertions, 73 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyRetrieveCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyRetrieveCLI.java
index 5d882f7a6..92389c021 100644
--- a/base/java-tools/src/com/netscape/cmstools/key/KeyRetrieveCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/key/KeyRetrieveCLI.java
@@ -2,11 +2,9 @@ package com.netscape.cmstools.key;
import java.io.File;
import java.io.FileInputStream;
-import java.io.FileNotFoundException;
import java.util.Arrays;
import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
@@ -54,7 +52,7 @@ public class KeyRetrieveCLI extends CLI {
options.addOption(option);
}
- public void execute(String[] args) {
+ public void execute(String[] args) throws Exception {
// Always check for "--help" prior to parsing
if (Arrays.asList(args).contains("--help")) {
// Display usage
@@ -81,95 +79,73 @@ public class KeyRetrieveCLI extends CLI {
System.exit(-1);
}
- if(cmd.getOptions().length==0){
+ if (cmd.getOptions().length == 0) {
System.err.println("Error: Incorrect number of parameters provided.");
printHelp();
System.exit(-1);
}
+
String requestFile = cmd.getOptionValue("input");
Key keyData = null;
if (requestFile != null) {
- try {
- JAXBContext context = JAXBContext.newInstance(KeyRecoveryRequest.class);
- Unmarshaller unmarshaller = context.createUnmarshaller();
- FileInputStream fis = new FileInputStream(requestFile);
- KeyRecoveryRequest req = (KeyRecoveryRequest) unmarshaller.unmarshal(fis);
-
- if (req.getKeyId() == null) {
- System.err.println("Error: Key Id must be specified in the request file.");
- System.exit(-1);
- }
- if (req.getCertificate() != null) {
- keyData = keyCLI.keyClient.retrieveKeyByPKCS12(req.getKeyId(), req.getCertificate(),
- req.getPassphrase());
- } else if (req.getPassphrase() != null) {
- keyData = keyCLI.keyClient.retrieveKeyByPassphrase(req.getKeyId(), req.getPassphrase());
- } else if (req.getSessionWrappedPassphrase() != null) {
- keyData = keyCLI.keyClient.retrieveKeyUsingWrappedPassphrase(req.getKeyId(),
- Utils.base64decode(req.getTransWrappedSessionKey()),
- Utils.base64decode(req.getSessionWrappedPassphrase()),
- Utils.base64decode(req.getNonceData()));
- } else if (req.getTransWrappedSessionKey() != null) {
- keyData = keyCLI.keyClient.retrieveKey(req.getKeyId(),
- Utils.base64decode(req.getTransWrappedSessionKey()));
- } else {
- keyData = keyCLI.keyClient.retrieveKey(req.getKeyId());
- }
- } catch (JAXBException e) {
- System.err.println("Error: Cannot parse the request file.");
- if (verbose)
- e.printStackTrace();
- System.exit(-1);
- } catch (FileNotFoundException e) {
- System.err.println("Error: Cannot locate file at path: " + requestFile);
- if (verbose)
- e.printStackTrace();
- System.exit(-1);
- } catch (Exception e) {
- System.err.println(e.getMessage());
- if (verbose)
- e.printStackTrace();
+ JAXBContext context = JAXBContext.newInstance(KeyRecoveryRequest.class);
+ Unmarshaller unmarshaller = context.createUnmarshaller();
+ FileInputStream fis = new FileInputStream(requestFile);
+ KeyRecoveryRequest req = (KeyRecoveryRequest) unmarshaller.unmarshal(fis);
+
+ if (req.getKeyId() == null) {
+ System.err.println("Error: Key ID must be specified in the request file.");
System.exit(-1);
}
+ if (req.getCertificate() != null) {
+ keyData = keyCLI.keyClient.retrieveKeyByPKCS12(req.getKeyId(), req.getCertificate(),
+ req.getPassphrase());
+
+ } else if (req.getPassphrase() != null) {
+ keyData = keyCLI.keyClient.retrieveKeyByPassphrase(req.getKeyId(), req.getPassphrase());
+
+ } else if (req.getSessionWrappedPassphrase() != null) {
+ keyData = keyCLI.keyClient.retrieveKeyUsingWrappedPassphrase(req.getKeyId(),
+ Utils.base64decode(req.getTransWrappedSessionKey()),
+ Utils.base64decode(req.getSessionWrappedPassphrase()),
+ Utils.base64decode(req.getNonceData()));
+
+ } else if (req.getTransWrappedSessionKey() != null) {
+ keyData = keyCLI.keyClient.retrieveKey(req.getKeyId(),
+ Utils.base64decode(req.getTransWrappedSessionKey()));
+
+ } else {
+ keyData = keyCLI.keyClient.retrieveKey(req.getKeyId());
+ }
+
} else {
// Using command line options.
String keyId = cmd.getOptionValue("keyID");
String passphrase = cmd.getOptionValue("passphrase");
- try {
- if (passphrase != null) {
- keyData = keyCLI.keyClient.retrieveKeyByPassphrase(new KeyId(keyId), passphrase);
- } else {
- keyData = keyCLI.keyClient.retrieveKey(new KeyId(keyId));
- clientEncryption = false;
-
- // No need to return the encrypted data since encryption
- //is done locally.
- keyData.setEncryptedData(null);
- }
- } catch (Exception e) {
- System.err.println(e.getMessage());
- if (verbose)
- e.printStackTrace();
- System.exit(-1);
+
+ if (passphrase != null) {
+ keyData = keyCLI.keyClient.retrieveKeyByPassphrase(new KeyId(keyId), passphrase);
+
+ } else {
+ keyData = keyCLI.keyClient.retrieveKey(new KeyId(keyId));
+ clientEncryption = false;
+
+ // No need to return the encrypted data since encryption
+ // is done locally.
+ keyData.setEncryptedData(null);
}
}
String outputFilePath = cmd.getOptionValue("output");
if (outputFilePath != null) {
- try {
- JAXBContext context = JAXBContext.newInstance(Key.class);
- Marshaller marshaller = context.createMarshaller();
- marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
- marshaller.marshal(keyData, new File(outputFilePath));
- } catch (JAXBException e) {
- System.err.println(e.getMessage());
- if (verbose)
- e.printStackTrace();
- System.exit(-1);
- }
+ JAXBContext context = JAXBContext.newInstance(Key.class);
+ Marshaller marshaller = context.createMarshaller();
+ marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
+ marshaller.marshal(keyData, new File(outputFilePath));
+
} else {
MainCLI.printMessage("Retrieve Key Information");
printKeyData(keyData);
@@ -180,10 +156,14 @@ public class KeyRetrieveCLI extends CLI {
System.out.println(" Key Algorithm: " + key.getAlgorithm());
System.out.println(" Key Size: " + key.getSize());
System.out.println(" Nonce data: " + Utils.base64encode(key.getNonceData()));
- if(clientEncryption)
+
+ if (clientEncryption) {
System.out.println(" Encrypted Data:" + Utils.base64encode(key.getEncryptedData()));
- if (!clientEncryption)
+
+ } else {
System.out.println(" Actual archived data: " + Utils.base64encode(key.getData()));
+ }
+
if (key.getP12Data() != null) {
System.out.println(" Key data in PKCS12 format: " + key.getP12Data());
}
generated by cgit (git 2.34.1) at 2024-05-23 06:46:21 +0000