Allow cert-find using revocation reasons

The REST API expects the integer revocation code to be passed in a certificate search. We have modified the client to allow the user to provide either a revocation code or a revocation reason as a search parameter. Ticket 1053
author: Ade Lee <alee@redhat.com> 2016-05-19 10:49:59 -0400
committer: Ade Lee <alee@redhat.com> 2016-05-24 21:14:19 +0200
commit: 946f561285fe63154d35eb1c99f3d017df8db608 (patch)
tree: 46d2ee3939b8d157d44abbe55ad44e779f749893 /base/java-tools/src/com/netscape
parent: 56d87a8f5036f63fc0a5fbbd3b1f5ea7076e386a (diff)
download: pki-946f561285fe63154d35eb1c99f3d017df8db608.tar.gz
pki-946f561285fe63154d35eb1c99f3d017df8db608.tar.xz
pki-946f561285fe63154d35eb1c99f3d017df8db608.zip
1 files changed, 21 insertions, 2 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java
index cb2d80ef3..8e1045bf3 100644
--- a/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java
@@ -37,6 +37,8 @@ import com.netscape.certsrv.cert.CertSearchRequest;
 import com.netscape.cmstools.cli.CLI;
 import com.netscape.cmstools.cli.MainCLI;
 
+import netscape.security.x509.RevocationReason;
+
 /**
  * @author Endi S. Dewata
  */
@@ -126,7 +128,10 @@ public class CertFindCLI extends CLI {
         options.addOption(option);
 
         //revocationReason
-        option = new Option(null, "revocationReason", true, "Reason for revocation");
+        option = new Option(null, "revocationReason", true,
+                "Reason for revocation: Unspecified(0), Key_compromise(1), CA_Compromise(2), Affiliation_Changed(3), " +
+                "Superseded(4), Cessation_of_Operation(5), Certificate_Hold(6), Remove_from_CRL(8), " +
+                "Privilege_Withdrawn(9), AA_Compromise(10)");
         option.setArgName("reason");
         options.addOption(option);
 
@@ -369,7 +374,21 @@ public class CertFindCLI extends CLI {
         }
         if (cmd.hasOption("revocationReason")) {
             csd.setRevocationReasonInUse(true);
-            csd.setRevocationReason(cmd.getOptionValue("revocationReason"));
+            String value = cmd.getOptionValue("revocationReason");
+            RevocationReason reason = null;
+            try {
+                // accept integer reason codes
+                int val = Integer.parseInt(value);
+                reason = RevocationReason.valueOf(val);
+            } catch (NumberFormatException e) {
+                // accept reason labels
+                reason = RevocationReason.valueOf(value);
+            }
+            if (reason != null) {
+                csd.setRevocationReason(Integer.toString(reason.getCode()));
+            } else {
+                throw new Error("Invalid revocation reason");
+            }
         }
         if (cmd.hasOption("issuedBy")) {
             csd.setIssuedByInUse(true);
author	Ade Lee <alee@redhat.com>	2016-05-19 10:49:59 -0400
committer	Ade Lee <alee@redhat.com>	2016-05-24 21:14:19 +0200
commit	946f561285fe63154d35eb1c99f3d017df8db608 (patch)
tree	46d2ee3939b8d157d44abbe55ad44e779f749893 /base/java-tools/src/com/netscape
parent	56d87a8f5036f63fc0a5fbbd3b1f5ea7076e386a (diff)
download	pki-946f561285fe63154d35eb1c99f3d017df8db608.tar.gz pki-946f561285fe63154d35eb1c99f3d017df8db608.tar.xz pki-946f561285fe63154d35eb1c99f3d017df8db608.zip