diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2017-03-24 01:02:16 +0100 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2017-03-24 16:39:41 +0100 |
| commit | 2fc2f680459898fde757fa413d1763b574f69aff (patch) | |
| tree | e6c913dd467e0d7198c93e0f648735b352465881 /base | |
| parent | 5e74874f37a739b194b2a7917bc0e8568bd10593 (diff) | |
| download | pki-2fc2f680459898fde757fa413d1763b574f69aff.tar.gz pki-2fc2f680459898fde757fa413d1763b574f69aff.tar.xz pki-2fc2f680459898fde757fa413d1763b574f69aff.zip | |
Refactored KRA KeyCLI.
The KRA KeyCLI and its submodules have been modified to use lazy
initialization to get the PKIClient object.
Diffstat (limited to 'base')
11 files changed, 56 insertions, 31 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java index c3116a673..6789957c3 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java @@ -12,6 +12,7 @@ import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; import com.netscape.certsrv.key.KeyArchivalRequest; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyRequestResponse; import com.netscape.cmstools.cli.CLI; import com.netscape.cmstools.cli.MainCLI; @@ -68,6 +69,7 @@ public class KeyArchiveCLI extends CLI { String requestFile = cmd.getOptionValue("input"); KeyRequestResponse response = null; + KeyClient keyClient = keyCLI.getKeyClient(); if (requestFile != null) { // Case where the request template file is used. For pre-encrypted data. @@ -78,11 +80,11 @@ public class KeyArchiveCLI extends CLI { KeyArchivalRequest req = (KeyArchivalRequest) unmarshaller.unmarshal(fis); if (req.getPKIArchiveOptions() != null) { - response = keyCLI.keyClient.archivePKIOptions(req.getClientKeyId(), req.getDataType(), + response = keyClient.archivePKIOptions(req.getClientKeyId(), req.getDataType(), req.getKeyAlgorithm(), req.getKeySize(), Utils.base64decode(req.getPKIArchiveOptions()), req.getRealm()); } else { - response = keyCLI.keyClient.archiveEncryptedData(req.getClientKeyId(), req.getDataType(), + response = keyClient.archiveEncryptedData(req.getClientKeyId(), req.getDataType(), req.getKeyAlgorithm(), req.getKeySize(), req.getAlgorithmOID(), Utils.base64decode(req.getSymmetricAlgorithmParams()), Utils.base64decode(req.getWrappedPrivateData()), @@ -109,7 +111,7 @@ public class KeyArchiveCLI extends CLI { } String realm = cmd.getOptionValue("realm"); - response = keyCLI.keyClient.archivePassphrase(clientKeyId, passphrase, realm); + response = keyClient.archivePassphrase(clientKeyId, passphrase, realm); } MainCLI.printMessage("Archival request details"); diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java index d2b425b9f..b9b27d113 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java @@ -19,6 +19,7 @@ package com.netscape.cmstools.key; import com.netscape.certsrv.cert.CertData; +import com.netscape.certsrv.client.PKIClient; import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyInfo; import com.netscape.certsrv.key.KeyRequestInfo; @@ -70,9 +71,11 @@ public class KeyCLI extends CLI { return "pki-key"; } - public void execute(String[] args) throws Exception { + public KeyClient getKeyClient() throws Exception { - client = parent.getClient(); + if (keyClient != null) return keyClient; + + PKIClient client = getClient(); // determine the subsystem String subsystem = client.getSubsystem(); @@ -81,15 +84,16 @@ public class KeyCLI extends CLI { // create new key client keyClient = new KeyClient(client, subsystem); + systemCertClient = new SystemCertClient(client, subsystem); // if security database password is specified, // prepare key client for archival/retrieval if (client.getConfig().getCertPassword() != null) { + // create crypto provider for key client keyClient.setCrypto(new NSSCryptoProvider(client.getConfig())); // download transport cert - systemCertClient = new SystemCertClient(client, subsystem); String transportCert = systemCertClient.getTransportCert().getEncoded(); transportCert = transportCert.substring(CertData.HEADER.length(), transportCert.indexOf(CertData.FOOTER)); @@ -98,7 +102,7 @@ public class KeyCLI extends CLI { keyClient.setTransportCert(transportCert); } - super.execute(args); + return keyClient; } public static void printKeyInfo(KeyInfo info) { diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java index 87d6b2f98..2e41d98f8 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java @@ -24,6 +24,7 @@ import java.util.Collection; import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyInfo; import com.netscape.certsrv.key.KeyInfoCollection; import com.netscape.cmstools.cli.CLI; @@ -108,7 +109,8 @@ public class KeyFindCLI extends CLI { s = cmd.getOptionValue("size"); Integer size = s == null ? null : Integer.valueOf(s); - KeyInfoCollection keys = keyCLI.keyClient.listKeys(clientKeyID, status, maxResults, maxTime, start, size, realm); + KeyClient keyClient = keyCLI.getKeyClient(); + KeyInfoCollection keys = keyClient.listKeys(clientKeyID, status, maxResults, maxTime, start, size, realm); Collection<KeyInfo> entries = keys.getEntries(); diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java index 312fbf078..fb7b919a3 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java @@ -6,6 +6,7 @@ import java.util.List; import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyRequestResource; import com.netscape.certsrv.key.KeyRequestResponse; import com.netscape.cmstools.cli.CLI; @@ -109,6 +110,8 @@ public class KeyGenerateCLI extends CLI { usages = Arrays.asList(givenUsages.split(",")); } + KeyClient keyClient = keyCLI.getKeyClient(); + KeyRequestResponse response = null; switch (keyAlgorithm) { case KeyRequestResource.DES3_ALGORITHM: @@ -117,12 +120,12 @@ public class KeyGenerateCLI extends CLI { case KeyRequestResource.RC4_ALGORITHM: case KeyRequestResource.AES_ALGORITHM: case KeyRequestResource.RC2_ALGORITHM: - response = keyCLI.keyClient.generateSymmetricKey( + response = keyClient.generateSymmetricKey( clientKeyId, keyAlgorithm, size, usages, null, realm); break; case KeyRequestResource.RSA_ALGORITHM: case KeyRequestResource.DSA_ALGORITHM: - response = keyCLI.keyClient.generateAsymmetricKey( + response = keyClient.generateAsymmetricKey( clientKeyId, keyAlgorithm, size, usages, null, realm); break; default: diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyModifyCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyModifyCLI.java index 1778fef47..52bf173d5 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyModifyCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyModifyCLI.java @@ -24,6 +24,7 @@ import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; import com.netscape.certsrv.dbs.keydb.KeyId; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyInfo; import com.netscape.cmstools.cli.CLI; @@ -67,9 +68,10 @@ public class KeyModifyCLI extends CLI { KeyId keyId = new KeyId(cmdArgs[0]); - keyCLI.keyClient.modifyKeyStatus(keyId, status); + KeyClient keyClient = keyCLI.getKeyClient(); + keyClient.modifyKeyStatus(keyId, status); - KeyInfo keyInfo = keyCLI.keyClient.getKeyInfo(keyId); + KeyInfo keyInfo = keyClient.getKeyInfo(keyId); KeyCLI.printKeyInfo(keyInfo); } } diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyRecoverCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyRecoverCLI.java index 0bb2a2d3e..4f4929a58 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyRecoverCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyRecoverCLI.java @@ -12,6 +12,7 @@ import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; import com.netscape.certsrv.dbs.keydb.KeyId; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyRecoveryRequest; import com.netscape.certsrv.key.KeyRequestResponse; import com.netscape.cmstools.cli.CLI; @@ -61,6 +62,7 @@ public class KeyRecoverCLI extends CLI { String keyID = cmd.getOptionValue("keyID"); KeyRequestResponse response = null; + KeyClient keyClient = keyCLI.getKeyClient(); if (requestFile != null) { try { @@ -68,7 +70,7 @@ public class KeyRecoverCLI extends CLI { Unmarshaller unmarshaller = context.createUnmarshaller(); FileInputStream fis = new FileInputStream(requestFile); KeyRecoveryRequest req = (KeyRecoveryRequest) unmarshaller.unmarshal(fis); - response = keyCLI.keyClient.recoverKey(req.getKeyId(), + response = keyClient.recoverKey(req.getKeyId(), Utils.base64decode(req.getSessionWrappedPassphrase()), Utils.base64decode(req.getTransWrappedSessionKey()), Utils.base64decode(req.getNonceData()), req.getCertificate()); @@ -80,7 +82,7 @@ public class KeyRecoverCLI extends CLI { } else if (keyID != null) { String keyId = cmd.getOptionValue("keyID"); - response = keyCLI.keyClient.recoverKey(new KeyId(keyId), null, null, null, null); + response = keyClient.recoverKey(new KeyId(keyId), null, null, null, null); } else { throw new Exception("Neither a key ID nor a request file's path is specified."); } diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java index 69730f9b3..75f08f161 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java @@ -24,6 +24,7 @@ import java.util.Collection; import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyRequestInfo; import com.netscape.certsrv.key.KeyRequestInfoCollection; import com.netscape.certsrv.request.RequestId; @@ -114,7 +115,8 @@ public class KeyRequestFindCLI extends CLI { s = cmd.getOptionValue("maxTime"); Integer maxTime = s == null ? null : Integer.valueOf(s); - KeyRequestInfoCollection keys = keyCLI.keyClient.listRequests( + KeyClient keyClient = keyCLI.getKeyClient(); + KeyRequestInfoCollection keys = keyClient.listRequests( status, type, clientKeyID, start, pageSize, maxResults, maxTime, realm); MainCLI.printMessage(keys.getTotal() + " entries matched"); diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestReviewCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestReviewCLI.java index d3ab01b70..09cb0a185 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestReviewCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestReviewCLI.java @@ -5,6 +5,7 @@ import java.util.Arrays; import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyRequestInfo; import com.netscape.certsrv.request.RequestId; import com.netscape.cmstools.cli.CLI; @@ -48,23 +49,24 @@ public class KeyRequestReviewCLI extends CLI { } RequestId reqId = new RequestId(cmdArgs[0]); + KeyClient keyClient = keyCLI.getKeyClient(); String action = cmd.getOptionValue("action"); switch (action.toLowerCase()) { case "approve": - keyCLI.keyClient.approveRequest(reqId); + keyClient.approveRequest(reqId); break; case "reject": - keyCLI.keyClient.rejectRequest(reqId); + keyClient.rejectRequest(reqId); break; case "cancel": - keyCLI.keyClient.cancelRequest(reqId); + keyClient.cancelRequest(reqId); break; default: throw new Exception("Invalid action."); } - KeyRequestInfo keyRequestInfo = keyCLI.keyClient.getRequestInfo(reqId); + KeyRequestInfo keyRequestInfo = keyClient.getRequestInfo(reqId); MainCLI.printMessage("Result"); KeyCLI.printKeyRequestInfo(keyRequestInfo); diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestShowCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestShowCLI.java index 82aabfc42..9ca6ff9bc 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestShowCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestShowCLI.java @@ -22,6 +22,7 @@ import java.util.Arrays; import org.apache.commons.cli.CommandLine; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyRequestInfo; import com.netscape.certsrv.request.RequestId; import com.netscape.cmstools.cli.CLI; @@ -57,7 +58,8 @@ public class KeyRequestShowCLI extends CLI { RequestId requestId = new RequestId(args[0].trim()); - KeyRequestInfo keyRequestInfo = keyCLI.keyClient.getRequestInfo(requestId); + KeyClient keyClient = keyCLI.getKeyClient(); + KeyRequestInfo keyRequestInfo = keyClient.getRequestInfo(requestId); KeyCLI.printKeyRequestInfo(keyRequestInfo); } diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyRetrieveCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyRetrieveCLI.java index 23e220a9a..740baf3b4 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyRetrieveCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyRetrieveCLI.java @@ -13,6 +13,7 @@ import org.apache.commons.cli.Option; import com.netscape.certsrv.dbs.keydb.KeyId; import com.netscape.certsrv.key.Key; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyRecoveryRequest; import com.netscape.certsrv.request.RequestId; import com.netscape.cmstools.cli.CLI; @@ -77,6 +78,7 @@ public class KeyRetrieveCLI extends CLI { String requestFile = cmd.getOptionValue("input"); + KeyClient keyClient = keyCLI.getKeyClient(); Key keyData = null; if (requestFile != null) { @@ -90,24 +92,24 @@ public class KeyRetrieveCLI extends CLI { } if (req.getCertificate() != null) { - keyData = keyCLI.keyClient.retrieveKeyByPKCS12(req.getKeyId(), req.getCertificate(), + keyData = keyClient.retrieveKeyByPKCS12(req.getKeyId(), req.getCertificate(), req.getPassphrase()); } else if (req.getPassphrase() != null) { - keyData = keyCLI.keyClient.retrieveKeyByPassphrase(req.getKeyId(), req.getPassphrase()); + keyData = keyClient.retrieveKeyByPassphrase(req.getKeyId(), req.getPassphrase()); } else if (req.getSessionWrappedPassphrase() != null) { - keyData = keyCLI.keyClient.retrieveKeyUsingWrappedPassphrase(req.getKeyId(), + keyData = keyClient.retrieveKeyUsingWrappedPassphrase(req.getKeyId(), Utils.base64decode(req.getTransWrappedSessionKey()), Utils.base64decode(req.getSessionWrappedPassphrase()), Utils.base64decode(req.getNonceData())); } else if (req.getTransWrappedSessionKey() != null) { - keyData = keyCLI.keyClient.retrieveKey(req.getKeyId(), + keyData = keyClient.retrieveKey(req.getKeyId(), Utils.base64decode(req.getTransWrappedSessionKey())); } else { - keyData = keyCLI.keyClient.retrieveKey(req.getKeyId()); + keyData = keyClient.retrieveKey(req.getKeyId()); } } else { @@ -122,16 +124,16 @@ public class KeyRetrieveCLI extends CLI { if (passphrase != null) { if (requestId != null) { - keyData = keyCLI.keyClient.retrieveKeyByRequestWithPassphrase( + keyData = keyClient.retrieveKeyByRequestWithPassphrase( new RequestId(requestId), passphrase); } else { - keyData = keyCLI.keyClient.retrieveKeyByPassphrase(new KeyId(keyId), passphrase); + keyData = keyClient.retrieveKeyByPassphrase(new KeyId(keyId), passphrase); } } else { if (requestId != null) { - keyData = keyCLI.keyClient.retrieveKeyByRequest(new RequestId(requestId)); + keyData = keyClient.retrieveKeyByRequest(new RequestId(requestId)); } else { - keyData = keyCLI.keyClient.retrieveKey(new KeyId(keyId)); + keyData = keyClient.retrieveKey(new KeyId(keyId)); } clientEncryption = false; diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyShowCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyShowCLI.java index d877222dc..c579fe5f8 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyShowCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyShowCLI.java @@ -24,6 +24,7 @@ import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; import com.netscape.certsrv.dbs.keydb.KeyId; +import com.netscape.certsrv.key.KeyClient; import com.netscape.certsrv.key.KeyInfo; import com.netscape.cmstools.cli.CLI; @@ -59,14 +60,15 @@ public class KeyShowCLI extends CLI { String[] cmdArgs = cmd.getArgs(); String clientKeyId = cmd.getOptionValue("clientKeyID"); + KeyClient keyClient = keyCLI.getKeyClient(); KeyInfo keyInfo; if (cmdArgs.length == 1) { KeyId keyId = new KeyId(cmdArgs[0]); - keyInfo = keyCLI.keyClient.getKeyInfo(keyId); + keyInfo = keyClient.getKeyInfo(keyId); } else if (clientKeyId != null) { - keyInfo = keyCLI.keyClient.getActiveKeyInfo(clientKeyId); + keyInfo = keyClient.getActiveKeyInfo(clientKeyId); } else { throw new Exception("Missing Key ID or Client Key ID."); |