diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2017-03-24 01:02:16 +0100 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2017-03-24 16:39:41 +0100 |
| commit | 2fc2f680459898fde757fa413d1763b574f69aff (patch) | |
| tree | e6c913dd467e0d7198c93e0f648735b352465881 /base/java-tools/src | |
| parent | 5e74874f37a739b194b2a7917bc0e8568bd10593 (diff) | |
| download | pki-2fc2f680459898fde757fa413d1763b574f69aff.tar.gz pki-2fc2f680459898fde757fa413d1763b574f69aff.tar.xz pki-2fc2f680459898fde757fa413d1763b574f69aff.zip | |
Refactored KRA KeyCLI.
The KRA KeyCLI and its submodules have been modified to use lazy
initialization to get the PKIClient object.
Diffstat (limited to 'base/java-tools/src')
11 files changed, 56 insertions, 31 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java index c3116a673..6789957c3 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java @@ -12,6 +12,7 @@ import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; import com.netscape.certsrv.key.KeyArchivalRequest; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyRequestResponse; import com.netscape.cmstools.cli.CLI; import com.netscape.cmstools.cli.MainCLI; @@ -68,6 +69,7 @@ public class KeyArchiveCLI extends CLI { String requestFile = cmd.getOptionValue("input"); KeyRequestResponse response = null; + KeyClient keyClient = keyCLI.getKeyClient(); if (requestFile != null) { // Case where the request template file is used. For pre-encrypted data. @@ -78,11 +80,11 @@ public class KeyArchiveCLI extends CLI { KeyArchivalRequest req = (KeyArchivalRequest) unmarshaller.unmarshal(fis); if (req.getPKIArchiveOptions() != null) { - response = keyCLI.keyClient.archivePKIOptions(req.getClientKeyId(), req.getDataType(), + response = keyClient.archivePKIOptions(req.getClientKeyId(), req.getDataType(), req.getKeyAlgorithm(), req.getKeySize(), Utils.base64decode(req.getPKIArchiveOptions()), req.getRealm()); } else { - response = keyCLI.keyClient.archiveEncryptedData(req.getClientKeyId(), req.getDataType(), + response = keyClient.archiveEncryptedData(req.getClientKeyId(), req.getDataType(), req.getKeyAlgorithm(), req.getKeySize(), req.getAlgorithmOID(), Utils.base64decode(req.getSymmetricAlgorithmParams()), Utils.base64decode(req.getWrappedPrivateData()), @@ -109,7 +111,7 @@ public class KeyArchiveCLI extends CLI { } String realm = cmd.getOptionValue("realm"); - response = keyCLI.keyClient.archivePassphrase(clientKeyId, passphrase, realm); + response = keyClient.archivePassphrase(clientKeyId, passphrase, realm); } MainCLI.printMessage("Archival request details"); diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java index d2b425b9f..b9b27d113 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java @@ -19,6 +19,7 @@ package com.netscape.cmstools.key; import com.netscape.certsrv.cert.CertData; +import com.netscape.certsrv.client.PKIClient; import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyInfo; import com.netscape.certsrv.key.KeyRequestInfo; @@ -70,9 +71,11 @@ public class KeyCLI extends CLI { return "pki-key"; } - public void execute(String[] args) throws Exception { + public KeyClient getKeyClient() throws Exception { - client = parent.getClient(); + if (keyClient != null) return keyClient; + + PKIClient client = getClient(); // determine the subsystem String subsystem = client.getSubsystem(); @@ -81,15 +84,16 @@ public class KeyCLI extends CLI { // create new key client keyClient = new KeyClient(client, subsystem); + systemCertClient = new SystemCertClient(client, subsystem); // if security database password is specified, // prepare key client for archival/retrieval if (client.getConfig().getCertPassword() != null) { + // create crypto provider for key client keyClient.setCrypto(new NSSCryptoProvider(client.getConfig())); // download transport cert - systemCertClient = new SystemCertClient(client, subsystem); String transportCert = systemCertClient.getTransportCert().getEncoded(); transportCert = transportCert.substring(CertData.HEADER.length(), transportCert.indexOf(CertData.FOOTER)); @@ -98,7 +102,7 @@ public class KeyCLI extends CLI { keyClient.setTransportCert(transportCert); } - super.execute(args); + return keyClient; } public static void printKeyInfo(KeyInfo info) { diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java index 87d6b2f98..2e41d98f8 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java @@ -24,6 +24,7 @@ import java.util.Collection; import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyInfo; import com.netscape.certsrv.key.KeyInfoCollection; import com.netscape.cmstools.cli.CLI; @@ -108,7 +109,8 @@ public class KeyFindCLI extends CLI { s = cmd.getOptionValue("size"); Integer size = s == null ? null : Integer.valueOf(s); - KeyInfoCollection keys = keyCLI.keyClient.listKeys(clientKeyID, status, maxResults, maxTime, start, size, realm); + KeyClient keyClient = keyCLI.getKeyClient(); + KeyInfoCollection keys = keyClient.listKeys(clientKeyID, status, maxResults, maxTime, start, size, realm); Collection<KeyInfo> entries = keys.getEntries(); diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java index 312fbf078..fb7b919a3 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java @@ -6,6 +6,7 @@ import java.util.List; import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyRequestResource; import com.netscape.certsrv.key.KeyRequestResponse; import com.netscape.cmstools.cli.CLI; @@ -109,6 +110,8 @@ public class KeyGenerateCLI extends CLI { usages = Arrays.asList(givenUsages.split(",")); } + KeyClient keyClient = keyCLI.getKeyClient(); + KeyRequestResponse response = null; switch (keyAlgorithm) { case KeyRequestResource.DES3_ALGORITHM: @@ -117,12 +120,12 @@ public class KeyGenerateCLI extends CLI { case KeyRequestResource.RC4_ALGORITHM: case KeyRequestResource.AES_ALGORITHM: case KeyRequestResource.RC2_ALGORITHM: - response = keyCLI.keyClient.generateSymmetricKey( + response = keyClient.generateSymmetricKey( clientKeyId, keyAlgorithm, size, usages, null, realm); break; case KeyRequestResource.RSA_ALGORITHM: case KeyRequestResource.DSA_ALGORITHM: - response = keyCLI.keyClient.generateAsymmetricKey( + response = keyClient.generateAsymmetricKey( clientKeyId, keyAlgorithm, size, usages, null, realm); break; default: diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyModifyCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyModifyCLI.java index 1778fef47..52bf173d5 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyModifyCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyModifyCLI.java @@ -24,6 +24,7 @@ import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; import com.netscape.certsrv.dbs.keydb.KeyId; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyInfo; import com.netscape.cmstools.cli.CLI; @@ -67,9 +68,10 @@ public class KeyModifyCLI extends CLI { KeyId keyId = new KeyId(cmdArgs[0]); - keyCLI.keyClient.modifyKeyStatus(keyId, status); + KeyClient keyClient = keyCLI.getKeyClient(); + keyClient.modifyKeyStatus(keyId, status); - KeyInfo keyInfo = keyCLI.keyClient.getKeyInfo(keyId); + KeyInfo keyInfo = keyClient.getKeyInfo(keyId); KeyCLI.printKeyInfo(keyInfo); } } diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyRecoverCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyRecoverCLI.java index 0bb2a2d3e..4f4929a58 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyRecoverCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyRecoverCLI.java @@ -12,6 +12,7 @@ import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; import com.netscape.certsrv.dbs.keydb.KeyId; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyRecoveryRequest; import com.netscape.certsrv.key.KeyRequestResponse; import com.netscape.cmstools.cli.CLI; @@ -61,6 +62,7 @@ public class KeyRecoverCLI extends CLI { String keyID = cmd.getOptionValue("keyID"); KeyRequestResponse response = null; + KeyClient keyClient = keyCLI.getKeyClient(); if (requestFile != null) { try { @@ -68,7 +70,7 @@ public class KeyRecoverCLI extends CLI { Unmarshaller unmarshaller = context.createUnmarshaller(); FileInputStream fis = new FileInputStream(requestFile); KeyRecoveryRequest req = (KeyRecoveryRequest) unmarshaller.unmarshal(fis); - response = keyCLI.keyClient.recoverKey(req.getKeyId(), + response = keyClient.recoverKey(req.getKeyId(), Utils.base64decode(req.getSessionWrappedPassphrase()), Utils.base64decode(req.getTransWrappedSessionKey()), Utils.base64decode(req.getNonceData()), req.getCertificate()); @@ -80,7 +82,7 @@ public class KeyRecoverCLI extends CLI { } else if (keyID != null) { String keyId = cmd.getOptionValue("keyID"); - response = keyCLI.keyClient.recoverKey(new KeyId(keyId), null, null, null, null); + response = keyClient.recoverKey(new KeyId(keyId), null, null, null, null); } else { throw new Exception("Neither a key ID nor a request file's path is specified."); } diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java index 69730f9b3..75f08f161 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java @@ -24,6 +24,7 @@ import java.util.Collection; import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyRequestInfo; import com.netscape.certsrv.key.KeyRequestInfoCollection; import com.netscape.certsrv.request.RequestId; @@ -114,7 +115,8 @@ public class KeyRequestFindCLI extends CLI { s = cmd.getOptionValue("maxTime"); Integer maxTime = s == null ? null : Integer.valueOf(s); - KeyRequestInfoCollection keys = keyCLI.keyClient.listRequests( + KeyClient keyClient = keyCLI.getKeyClient(); + KeyRequestInfoCollection keys = keyClient.listRequests( status, type, clientKeyID, start, pageSize, maxResults, maxTime, realm); MainCLI.printMessage(keys.getTotal() + " entries matched"); diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestReviewCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestReviewCLI.java index d3ab01b70..09cb0a185 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestReviewCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestReviewCLI.java @@ -5,6 +5,7 @@ import java.util.Arrays; import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyRequestInfo; import com.netscape.certsrv.request.RequestId; import com.netscape.cmstools.cli.CLI; @@ -48,23 +49,24 @@ public class KeyRequestReviewCLI extends CLI { } RequestId reqId = new RequestId(cmdArgs[0]); + KeyClient keyClient = keyCLI.getKeyClient(); String action = cmd.getOptionValue("action"); switch (action.toLowerCase()) { case "approve": - keyCLI.keyClient.approveRequest(reqId); + keyClient.approveRequest(reqId); break; case "reject": - keyCLI.keyClient.rejectRequest(reqId); + keyClient.rejectRequest(reqId); break; case "cancel": - keyCLI.keyClient.cancelRequest(reqId); + keyClient.cancelRequest(reqId); break; default: throw new Exception("Invalid action."); } - KeyRequestInfo keyRequestInfo = keyCLI.keyClient.getRequestInfo(reqId); + KeyRequestInfo keyRequestInfo = keyClient.getRequestInfo(reqId); MainCLI.printMessage("Result"); KeyCLI.printKeyRequestInfo(keyRequestInfo); diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestShowCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestShowCLI.java index 82aabfc42..9ca6ff9bc 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestShowCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestShowCLI.java @@ -22,6 +22,7 @@ import java.util.Arrays; import org.apache.commons.cli.CommandLine; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyRequestInfo; import com.netscape.certsrv.request.RequestId; import com.netscape.cmstools.cli.CLI; @@ -57,7 +58,8 @@ public class KeyRequestShowCLI extends CLI { RequestId requestId = new RequestId(args[0].trim()); - KeyRequestInfo keyRequestInfo = keyCLI.keyClient.getRequestInfo(requestId); + KeyClient keyClient = keyCLI.getKeyClient(); + KeyRequestInfo keyRequestInfo = keyClient.getRequestInfo(requestId); KeyCLI.printKeyRequestInfo(keyRequestInfo); } diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyRetrieveCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyRetrieveCLI.java index 23e220a9a..740baf3b4 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyRetrieveCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyRetrieveCLI.java @@ -13,6 +13,7 @@ import org.apache.commons.cli.Option; import com.netscape.certsrv.dbs.keydb.KeyId; import com.netscape.certsrv.key.Key; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyRecoveryRequest; import com.netscape.certsrv.request.RequestId; import com.netscape.cmstools.cli.CLI; @@ -77,6 +78,7 @@ public class KeyRetrieveCLI extends CLI { String requestFile = cmd.getOptionValue("input"); + KeyClient keyClient = keyCLI.getKeyClient(); Key keyData = null; if (requestFile != null) { @@ -90,24 +92,24 @@ public class KeyRetrieveCLI extends CLI { } if (req.getCertificate() != null) { - keyData = keyCLI.keyClient.retrieveKeyByPKCS12(req.getKeyId(), req.getCertificate(), + keyData = keyClient.retrieveKeyByPKCS12(req.getKeyId(), req.getCertificate(), req.getPassphrase()); } else if (req.getPassphrase() != null) { - keyData = keyCLI.keyClient.retrieveKeyByPassphrase(req.getKeyId(), req.getPassphrase()); + keyData = keyClient.retrieveKeyByPassphrase(req.getKeyId(), req.getPassphrase()); } else if (req.getSessionWrappedPassphrase() != null) { - keyData = keyCLI.keyClient.retrieveKeyUsingWrappedPassphrase(req.getKeyId(), + keyData = keyClient.retrieveKeyUsingWrappedPassphrase(req.getKeyId(), Utils.base64decode(req.getTransWrappedSessionKey()), Utils.base64decode(req.getSessionWrappedPassphrase()), Utils.base64decode(req.getNonceData())); } else if (req.getTransWrappedSessionKey() != null) { - keyData = keyCLI.keyClient.retrieveKey(req.getKeyId(), + keyData = keyClient.retrieveKey(req.getKeyId(), Utils.base64decode(req.getTransWrappedSessionKey())); } else { - keyData = keyCLI.keyClient.retrieveKey(req.getKeyId()); + keyData = keyClient.retrieveKey(req.getKeyId()); } } else { @@ -122,16 +124,16 @@ public class KeyRetrieveCLI extends CLI { if (passphrase != null) { if (requestId != null) { - keyData = keyCLI.keyClient.retrieveKeyByRequestWithPassphrase( + keyData = keyClient.retrieveKeyByRequestWithPassphrase( new RequestId(requestId), passphrase); } else { - keyData = keyCLI.keyClient.retrieveKeyByPassphrase(new KeyId(keyId), passphrase); + keyData = keyClient.retrieveKeyByPassphrase(new KeyId(keyId), passphrase); } } else { if (requestId != null) { - keyData = keyCLI.keyClient.retrieveKeyByRequest(new RequestId(requestId)); + keyData = keyClient.retrieveKeyByRequest(new RequestId(requestId)); } else { - keyData = keyCLI.keyClient.retrieveKey(new KeyId(keyId)); + keyData = keyClient.retrieveKey(new KeyId(keyId)); } clientEncryption = false; diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyShowCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyShowCLI.java index d877222dc..c579fe5f8 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyShowCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyShowCLI.java @@ -24,6 +24,7 @@ import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; import com.netscape.certsrv.dbs.keydb.KeyId; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyInfo; import com.netscape.cmstools.cli.CLI; @@ -59,14 +60,15 @@ public class KeyShowCLI extends CLI { String[] cmdArgs = cmd.getArgs(); String clientKeyId = cmd.getOptionValue("clientKeyID"); + KeyClient keyClient = keyCLI.getKeyClient(); KeyInfo keyInfo; if (cmdArgs.length == 1) { KeyId keyId = new KeyId(cmdArgs[0]); - keyInfo = keyCLI.keyClient.getKeyInfo(keyId); + keyInfo = keyClient.getKeyInfo(keyId); } else if (clientKeyId != null) { - keyInfo = keyCLI.keyClient.getActiveKeyInfo(clientKeyId); + keyInfo = keyClient.getActiveKeyInfo(clientKeyId); } else { throw new Exception("Missing Key ID or Client Key ID."); |