diff options
author | Endi S. Dewata <edewata@redhat.com> | 2015-10-20 21:07:33 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2015-10-22 17:42:28 +0200 |
commit | aaacd71a2f125501645885d3da1de18459782572 (patch) | |
tree | 406ccb7219a99335482e343de37ed985d6973120 /base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java | |
parent | 60fa66aa04ec61350420d95a554c0cec7834ebbd (diff) | |
download | pki-aaacd71a2f125501645885d3da1de18459782572.tar.gz pki-aaacd71a2f125501645885d3da1de18459782572.tar.xz pki-aaacd71a2f125501645885d3da1de18459782572.zip |
Replaced legacy HttpClient.
The ConfigurationUtils and CertUtil have been modified to use
PKIConnection which uses Apache HttpClient instead of the legacy
custom HttpClient. The POST request content is now created using
MultivaluedMap.
The PKIConnection has been modified to provide a get() method to
send an HTTP GET request. The post() method was modified to accept
a path parameter.
https://fedorahosted.org/pki/ticket/342
Diffstat (limited to 'base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java')
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java | 91 |
1 files changed, 34 insertions, 57 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java index cb1c1a545..f4cd82fcc 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java +++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java @@ -28,6 +28,7 @@ import java.util.Properties; import java.util.Set; import javax.servlet.http.HttpServletResponse; +import javax.ws.rs.core.MultivaluedMap; import org.apache.commons.lang.ArrayUtils; import org.apache.commons.lang.StringUtils; @@ -35,6 +36,7 @@ import org.apache.velocity.context.Context; import org.mozilla.jss.CryptoManager; import org.mozilla.jss.crypto.PrivateKey; import org.mozilla.jss.crypto.X509Certificate; +import org.xml.sax.SAXException; import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.ConflictingOperationException; @@ -54,10 +56,6 @@ import com.netscape.certsrv.usrgrp.IGroup; import com.netscape.certsrv.usrgrp.IUGSubsystem; import com.netscape.certsrv.usrgrp.IUser; import com.netscape.cmsutil.crypto.CryptoUtil; -import com.netscape.cmsutil.http.HttpClient; -import com.netscape.cmsutil.http.HttpRequest; -import com.netscape.cmsutil.http.HttpResponse; -import com.netscape.cmsutil.http.JssSSLSocketFactory; import com.netscape.cmsutil.xml.XMLObject; import netscape.security.pkcs.PKCS10; @@ -72,67 +70,46 @@ public class CertUtil { static final int LINE_COUNT = 76; public static X509CertImpl createRemoteCert(String hostname, - int port, String content, HttpServletResponse response) - throws IOException { - HttpClient httpclient = new HttpClient(); - String c = null; - CMS.debug("CertUtil createRemoteCert: content " + content); - try { - JssSSLSocketFactory factory = new JssSSLSocketFactory(); - - httpclient = new HttpClient(factory); - httpclient.connect(hostname, port); - HttpRequest httprequest = new HttpRequest(); - - httprequest.setMethod(HttpRequest.POST); - httprequest.setURI("/ca/ee/ca/profileSubmit"); - httprequest.setHeader("user-agent", "HTTPTool/1.0"); - httprequest.setHeader("content-length", "" + content.length()); - httprequest.setHeader("content-type", - "application/x-www-form-urlencoded"); - httprequest.setContent(content); - HttpResponse httpresponse = httpclient.send(httprequest); - - c = httpresponse.getContent(); - } catch (Exception e) { - CMS.debug("CertUtil createRemoteCert: " + e.toString()); - throw new IOException(e.toString()); - } + int port, MultivaluedMap<String, String> content, HttpServletResponse response) + throws Exception { + + CMS.debug("CertUtil: content: " + content); + + String c = ConfigurationUtils.post(hostname, port, true, "/ca/ee/ca/profileSubmit", content, null, null); if (c != null) { + ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); + XMLObject parser; try { - ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); - XMLObject parser = null; - - try { - parser = new XMLObject(bis); - } catch (Exception e) { - CMS.debug("CertUtil::createRemoteCert() - " - + "Exception=" + e.toString()); - throw new IOException(e.toString()); - } - String status = parser.getValue("Status"); + parser = new XMLObject(bis); + } catch (SAXException e) { + CMS.debug("CertUtil: Unable to parse XML response:"); + CMS.debug(c); + CMS.debug(e); + throw e; + } - CMS.debug("CertUtil createRemoteCert: status=" + status); - if (!status.equals("0")) { - String error = parser.getValue("Error"); - throw new IOException(error); - } + String status = parser.getValue("Status"); - String b64 = parser.getValue("b64"); + CMS.debug("CertUtil: status: " + status); + if (!status.equals("0")) { + String error = parser.getValue("Error"); + CMS.debug("CertUtil: error: " + error); + throw new IOException(error); + } - CMS.debug("CertUtil createRemoteCert: " + b64); - b64 = CryptoUtil.normalizeCertAndReq(b64); - byte[] b = CryptoUtil.base64Decode(b64); + String b64 = parser.getValue("b64"); - return new X509CertImpl(b); - } catch (Exception e) { - CMS.debug("CertUtil createRemoteCert: " + e.toString()); - throw new IOException(e.toString()); - } - } + CMS.debug("CertUtil: cert: " + b64); + b64 = CryptoUtil.normalizeCertAndReq(b64); + byte[] b = CryptoUtil.base64Decode(b64); + + return new X509CertImpl(b); - return null; + } else { + CMS.debug("CertUtil: Missing CA response"); + throw new Exception("Missing CA response"); + } } public static String getPKCS10(IConfigStore config, String prefix, |