diff options
author | Ade Lee <alee@redhat.com> | 2011-12-08 21:15:59 -0500 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2011-12-08 21:15:59 -0500 |
commit | 171aaece4f23709d33d180cf36eb3af5e454b0c9 (patch) | |
tree | 1485f9f0a7bd10de4ff25030db575dbb8dafae74 /pki/base/common/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java | |
parent | adad2fcee8a29fdb82376fbce07dedb11fccc182 (diff) | |
download | pki-171aaece4f23709d33d180cf36eb3af5e454b0c9.tar.gz pki-171aaece4f23709d33d180cf36eb3af5e454b0c9.tar.xz pki-171aaece4f23709d33d180cf36eb3af5e454b0c9.zip |
Revert "Formatting"
This reverts commit 32150d3ee32f8ac27118af7c792794b538c78a2f.
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java | 440 |
1 files changed, 207 insertions, 233 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java index 962c9080a..5e783b1a1 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; + import java.io.IOException; import java.math.BigInteger; import java.security.Principal; @@ -57,38 +58,35 @@ public class CertRequestPanel extends WizardPanelBase { private Vector mCerts = null; private WizardServlet mServlet = null; - public CertRequestPanel() { - } + public CertRequestPanel() {} /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Requests & Certificates"); } - public void init(WizardServlet servlet, ServletConfig config, int panelno, - String id) throws ServletException { + public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) + throws ServletException { setPanelNo(panelno); setName("Requests and Certificates"); mServlet = servlet; setId(id); } - // XXX how do you do this? There could be multiple certs. + // XXX how do you do this? There could be multiple certs. public PropertySet getUsage() { PropertySet set = new PropertySet(); - - Descriptor certDesc = new Descriptor(IDescriptor.STRING, null, /* - * no - * constraint - */ - null, /* no default parameters */ - null); + + Descriptor certDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */ + null, /* no default parameters */ + null); set.add("cert", certDesc); - + return set; } @@ -97,13 +95,13 @@ public class CertRequestPanel extends WizardPanelBase { */ public boolean showApplyButton() { if (isPanelDone()) - return false; + return false; else - return true; + return true; } - private boolean findCertificate(String tokenname, String nickname) - throws IOException { + private boolean findCertificate(String tokenname, String nickname) + throws IOException { IConfigStore cs = CMS.getConfigStore(); CryptoManager cm = null; try { @@ -114,10 +112,9 @@ public class CertRequestPanel extends WizardPanelBase { String fullnickname = nickname; boolean hardware = false; - if (!tokenname.equals("internal") - && !tokenname.equals("Internal Key Storage Token")) { + if (!tokenname.equals("internal") && !tokenname.equals("Internal Key Storage Token")) { hardware = true; - fullnickname = tokenname + ":" + nickname; + fullnickname = tokenname+":"+nickname; } try { @@ -129,23 +126,16 @@ public class CertRequestPanel extends WizardPanelBase { return true; } catch (Exception ee) { if (hardware) { - CMS.debug("CertRequestPanel findCertificate: The certificate with the same nickname: " - + fullnickname - + " has been found on HSM. Please remove it before proceeding."); - throw new IOException( - "The certificate with the same nickname: " - + fullnickname - + " has been found on HSM. Please remove it before proceeding."); + CMS.debug("CertRequestPanel findCertificate: The certificate with the same nickname: "+ fullnickname +" has been found on HSM. Please remove it before proceeding."); + throw new IOException("The certificate with the same nickname: "+ fullnickname +" has been found on HSM. Please remove it before proceeding."); } return true; } } catch (IOException e) { - CMS.debug("CertRequestPanel findCertificate: throw exception:" - + e.toString()); + CMS.debug("CertRequestPanel findCertificate: throw exception:"+e.toString()); throw e; } catch (Exception e) { - CMS.debug("CertRequestPanel findCertificate: Exception=" - + e.toString()); + CMS.debug("CertRequestPanel findCertificate: Exception="+e.toString()); return false; } } @@ -158,13 +148,13 @@ public class CertRequestPanel extends WizardPanelBase { try { select = cs.getString("preop.subsystem.select", ""); list = cs.getString("preop.cert.list", ""); - tokenname = cs.getString("preop.module.token", ""); + tokenname = cs.getString("preop.module.token", ""); } catch (Exception e) { } - ICertificateAuthority ca = (ICertificateAuthority) CMS - .getSubsystem(ICertificateAuthority.ID); - + ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem( + ICertificateAuthority.ID); + if (ca != null) { CMS.debug("CertRequestPanel cleanup: get certificate repository"); BigInteger beginS = null; @@ -186,28 +176,27 @@ public class CertRequestPanel extends WizardPanelBase { try { cr.removeCertRecords(beginS, endS); } catch (Exception e) { - CMS.debug("CertRequestPanel cleanUp exception in removing all objects: " - + e.toString()); + CMS.debug("CertRequestPanel cleanUp exception in removing all objects: "+e.toString()); } - + try { - cr.resetSerialNumber(new BigInteger(beginNum, 16)); + cr.resetSerialNumber(new BigInteger(beginNum,16)); } catch (Exception e) { - CMS.debug("CertRequestPanel cleanUp exception in resetting serial number: " - + e.toString()); + CMS.debug("CertRequestPanel cleanUp exception in resetting serial number: "+e.toString()); } } } + StringTokenizer st = new StringTokenizer(list, ","); String nickname = ""; boolean enable = false; while (st.hasMoreTokens()) { String t = st.nextToken(); - + try { - enable = cs.getBoolean(PCERT_PREFIX + t + ".enable", true); - nickname = cs.getString(PCERT_PREFIX + t + ".nickname", ""); + enable = cs.getBoolean(PCERT_PREFIX+t+".enable", true); + nickname = cs.getString(PCERT_PREFIX +t+".nickname", ""); } catch (Exception e) { } @@ -219,12 +208,10 @@ public class CertRequestPanel extends WizardPanelBase { if (findCertificate(tokenname, nickname)) { try { - CMS.debug("CertRequestPanel cleanup: deleting certificate (" - + nickname + ")."); - deleteCert(tokenname, nickname); + CMS.debug("CertRequestPanel cleanup: deleting certificate ("+nickname+")."); + deleteCert(tokenname, nickname); } catch (Exception e) { - CMS.debug("CertRequestPanel cleanup: failed to delete certificate (" - + nickname + "). Exception: " + e.toString()); + CMS.debug("CertRequestPanel cleanup: failed to delete certificate (" +nickname+"). Exception: " +e.toString()); } } } @@ -240,50 +227,50 @@ public class CertRequestPanel extends WizardPanelBase { public boolean isPanelDone() { IConfigStore cs = CMS.getConfigStore(); try { - boolean s = cs.getBoolean("preop.CertRequestPanel.done", false); + boolean s = cs.getBoolean("preop.CertRequestPanel.done", + false); if (s != true) { return false; } else { return true; } - } catch (EBaseException e) { - } + } catch (EBaseException e) {} return false; } - public void getCert(IConfigStore config, Context context, String certTag, - Cert cert) { + public void getCert(IConfigStore config, + Context context, String certTag, Cert cert) { try { - String subsystem = config.getString(PCERT_PREFIX + certTag - + ".subsystem"); + String subsystem = config.getString( + PCERT_PREFIX + certTag + ".subsystem"); - String certs = config.getString( - subsystem + "." + certTag + ".cert", ""); + String certs = config.getString(subsystem + "." + certTag + ".cert", ""); if (cert != null) { String certf = certs; - CMS.debug("CertRequestPanel getCert: certTag=" + certTag + CMS.debug( + "CertRequestPanel getCert: certTag=" + certTag + " cert=" + certs); - // get and set formated cert - if (!certs.startsWith("...")) { + //get and set formated cert + if (!certs.startsWith("...")) { certf = CryptoUtil.certFormat(certs); } cert.setCert(certf); - // get and set cert pretty print + //get and set cert pretty print byte[] certb = CryptoUtil.base64Decode(certs); CertPrettyPrint pp = new CertPrettyPrint(certb); cert.setCertpp(pp.toString(Locale.getDefault())); } else { - CMS.debug("CertRequestPanel::getCert() - cert is null!"); + CMS.debug( "CertRequestPanel::getCert() - cert is null!" ); return; } - String userfriendlyname = config.getString(PCERT_PREFIX + certTag - + ".userfriendlyname"); + String userfriendlyname = config.getString( + PCERT_PREFIX + certTag + ".userfriendlyname"); cert.setUserFriendlyName(userfriendlyname); String type = config.getString(PCERT_PREFIX + certTag + ".type"); @@ -298,45 +285,46 @@ public class CertRequestPanel extends WizardPanelBase { } public X509Key getECCX509Key(IConfigStore config, String certTag) - throws Exception { + throws Exception + { X509Key pubk = null; - String pubKeyEncoded = config.getString(PCERT_PREFIX + certTag - + ".pubkey.encoded"); - pubk = CryptoUtil.getPublicX509ECCKey(CryptoUtil - .string2byte(pubKeyEncoded)); + String pubKeyEncoded = config.getString( + PCERT_PREFIX + certTag + ".pubkey.encoded"); + pubk = CryptoUtil.getPublicX509ECCKey(CryptoUtil.string2byte(pubKeyEncoded)); return pubk; } public X509Key getRSAX509Key(IConfigStore config, String certTag) - throws Exception { + throws Exception + { X509Key pubk = null; - String pubKeyModulus = config.getString(PCERT_PREFIX + certTag - + ".pubkey.modulus"); - String pubKeyPublicExponent = config.getString(PCERT_PREFIX + certTag - + ".pubkey.exponent"); + String pubKeyModulus = config.getString( + PCERT_PREFIX + certTag + ".pubkey.modulus"); + String pubKeyPublicExponent = config.getString( + PCERT_PREFIX + certTag + ".pubkey.exponent"); pubk = CryptoUtil.getPublicX509Key( - CryptoUtil.string2byte(pubKeyModulus), - CryptoUtil.string2byte(pubKeyPublicExponent)); + CryptoUtil.string2byte(pubKeyModulus), + CryptoUtil.string2byte(pubKeyPublicExponent)); return pubk; } - public void handleCertRequest(IConfigStore config, Context context, - String certTag, Cert cert) { + public void handleCertRequest(IConfigStore config, + Context context, String certTag, Cert cert) { try { // get public key - String pubKeyType = config.getString(PCERT_PREFIX + certTag - + ".keytype"); - String algorithm = config.getString(PCERT_PREFIX + certTag - + ".keyalgorithm"); + String pubKeyType = config.getString( + PCERT_PREFIX + certTag + ".keytype"); + String algorithm = config.getString( + PCERT_PREFIX + certTag + ".keyalgorithm"); X509Key pubk = null; if (pubKeyType.equals("rsa")) { pubk = getRSAX509Key(config, certTag); } else if (pubKeyType.equals("ecc")) { pubk = getECCX509Key(config, certTag); } else { - CMS.debug("CertRequestPanel::handleCertRequest() - " - + "pubKeyType " + pubKeyType + " is unsupported!"); + CMS.debug( "CertRequestPanel::handleCertRequest() - " + + "pubKeyType " + pubKeyType + " is unsupported!" ); return; } @@ -349,11 +337,11 @@ public class CertRequestPanel extends WizardPanelBase { } // get private key - String privKeyID = config.getString(PCERT_PREFIX + certTag - + ".privkey.id"); + String privKeyID = config.getString( + PCERT_PREFIX + certTag + ".privkey.id"); CMS.debug("CertRequestPanel: privKeyID=" + privKeyID); byte[] keyIDb = CryptoUtil.string2byte(privKeyID); - + PrivateKey privk = CryptoUtil.findPrivateKeyFromID(keyIDb); if (privk != null) { @@ -361,7 +349,7 @@ public class CertRequestPanel extends WizardPanelBase { } else { CMS.debug("CertRequestPanel: error getting private key null"); } - + // construct cert request String caDN = config.getString(PCERT_PREFIX + certTag + ".dn"); @@ -373,9 +361,9 @@ public class CertRequestPanel extends WizardPanelBase { byte[] certReqb = certReq.toByteArray(); String certReqs = CryptoUtil.base64Encode(certReqb); String certReqf = CryptoUtil.reqFormat(certReqs); - - String subsystem = config.getString(PCERT_PREFIX + certTag - + ".subsystem"); + + String subsystem = config.getString( + PCERT_PREFIX + certTag + ".subsystem"); config.putString(subsystem + "." + certTag + ".certreq", certReqs); config.commit(false); cert.setRequest(certReqf); @@ -390,7 +378,8 @@ public class CertRequestPanel extends WizardPanelBase { * Display the panel. */ public void display(HttpServletRequest request, - HttpServletResponse response, Context context) { + HttpServletResponse response, + Context context) { CMS.debug("CertRequestPanel: display()"); context.put("title", "Requests and Certificates"); @@ -407,35 +396,36 @@ public class CertRequestPanel extends WizardPanelBase { String certTag = st.nextToken(); try { - String subsystem = config.getString(PCERT_PREFIX + certTag - + ".subsystem"); - String nickname = config.getString(subsystem + "." - + certTag + ".nickname"); - String tokenname = config.getString(subsystem + "." - + certTag + ".tokenname"); + String subsystem = config.getString( + PCERT_PREFIX + certTag + ".subsystem"); + String nickname = config.getString( + subsystem + "." + certTag + ".nickname"); + String tokenname = config.getString( + subsystem + "." + certTag + ".tokenname"); Cert c = new Cert(tokenname, nickname, certTag); handleCertRequest(config, context, certTag, c); - String type = config.getString(PCERT_PREFIX + certTag - + ".type"); + String type = config.getString( + PCERT_PREFIX + certTag + ".type"); c.setType(type); - boolean enable = config.getBoolean(PCERT_PREFIX + certTag - + ".enable", true); + boolean enable = config.getBoolean(PCERT_PREFIX+certTag+".enable", true); c.setEnable(enable); getCert(config, context, certTag, c); c.setSubsystem(subsystem); mCerts.addElement(c); } catch (Exception e) { - CMS.debug("CertRequestPanel:display() Exception caught: " - + e.toString() + " for certTag " + certTag); + CMS.debug( + "CertRequestPanel:display() Exception caught: " + + e.toString() + " for certTag " + certTag); } } } catch (Exception e) { - CMS.debug("CertRequestPanel:display() Exception caught: " - + e.toString()); + CMS.debug( + "CertRequestPanel:display() Exception caught: " + + e.toString()); System.err.println("Exception caught: " + e.toString()); } // try @@ -451,7 +441,8 @@ public class CertRequestPanel extends WizardPanelBase { * Checks if the given parameters are valid. */ public void validate(HttpServletRequest request, - HttpServletResponse response, Context context) throws IOException { + HttpServletResponse response, + Context context) throws IOException { } private boolean findBootstrapServerCert() { @@ -467,8 +458,7 @@ public class CertRequestPanel extends WizardPanelBase { if (issuerDN.equals(subjectDN)) return true; } catch (Exception e) { - CMS.debug("CertRequestPanel findBootstrapServerCert Exception=" - + e.toString()); + CMS.debug("CertRequestPanel findBootstrapServerCert Exception="+e.toString()); } return false; @@ -482,8 +472,7 @@ public class CertRequestPanel extends WizardPanelBase { deleteCert("Internal Key Storage Token", nickname); } catch (Exception e) { - CMS.debug("CertRequestPanel deleteBootstrapServerCert Exception=" - + e.toString()); + CMS.debug("CertRequestPanel deleteBootstrapServerCert Exception="+e.toString()); } } @@ -491,7 +480,8 @@ public class CertRequestPanel extends WizardPanelBase { * Commit parameter changes */ public void update(HttpServletRequest request, - HttpServletResponse response, Context context) throws IOException { + HttpServletResponse response, + Context context) throws IOException { CMS.debug("CertRequestPanel: in update()"); boolean hasErr = false; IConfigStore config = CMS.getConfigStore(); @@ -512,7 +502,7 @@ public class CertRequestPanel extends WizardPanelBase { String tokenname = ""; try { - tokenname = config.getString("preop.module.token", ""); + tokenname = config.getString("preop.module.token", ""); } catch (Exception e) { } @@ -520,216 +510,202 @@ public class CertRequestPanel extends WizardPanelBase { Cert cert = (Cert) c.nextElement(); String certTag = cert.getCertTag(); String subsystem = cert.getSubsystem(); - boolean enable = config.getBoolean(PCERT_PREFIX + certTag - + ".enable", true); + boolean enable = config.getBoolean(PCERT_PREFIX+certTag+".enable", true); if (!enable) continue; - if (hasErr) + if (hasErr) continue; String nickname = cert.getNickname(); - CMS.debug("CertRequestPanel: update() for cert tag " - + cert.getCertTag()); - // String b64 = config.getString(CERT_PREFIX+ certTag +".cert", - // ""); + CMS.debug( + "CertRequestPanel: update() for cert tag " + + cert.getCertTag()); + // String b64 = config.getString(CERT_PREFIX+ certTag +".cert", ""); String b64 = HttpInput.getCert(request, certTag); if (cert.getType().equals("local") - && b64.equals("...certificate be generated internally...")) { + && b64.equals( + "...certificate be generated internally...")) { - String pubKeyType = config.getString(PCERT_PREFIX + certTag - + ".keytype"); + String pubKeyType = config.getString( + PCERT_PREFIX + certTag + ".keytype"); X509Key x509key = null; if (pubKeyType.equals("rsa")) { - x509key = getRSAX509Key(config, certTag); + x509key = getRSAX509Key(config, certTag); } else if (pubKeyType.equals("ecc")) { - x509key = getECCX509Key(config, certTag); + x509key = getECCX509Key(config, certTag); } - + if (findCertificate(tokenname, nickname)) { if (!certTag.equals("sslserver")) - continue; + continue; } - X509CertImpl impl = CertUtil.createLocalCert(config, - x509key, PCERT_PREFIX, certTag, cert.getType(), - context); + X509CertImpl impl = CertUtil.createLocalCert(config, x509key, + PCERT_PREFIX, certTag, cert.getType(), context); if (impl != null) { - byte[] certb = impl.getEncoded(); + byte[] certb = impl.getEncoded(); String certs = CryptoUtil.base64Encode(certb); cert.setCert(certs); - config.putString(subsystem + "." + certTag + ".cert", - certs); + config.putString(subsystem + "." + certTag + ".cert", certs); /* import certificate */ - CMS.debug("CertRequestPanel configCert: nickname=" - + nickname); + CMS.debug( + "CertRequestPanel configCert: nickname=" + + nickname); try { - if (certTag.equals("sslserver") - && findBootstrapServerCert()) + if (certTag.equals("sslserver") && findBootstrapServerCert()) deleteBootstrapServerCert(); if (findCertificate(tokenname, nickname)) deleteCert(tokenname, nickname); - if (certTag.equals("signing") - && subsystem.equals("ca")) - CryptoUtil - .importUserCertificate(impl, nickname); + if (certTag.equals("signing") && subsystem.equals("ca")) + CryptoUtil.importUserCertificate(impl, nickname); else - CryptoUtil.importUserCertificate(impl, - nickname, false); - CMS.debug("CertRequestPanel configCert: cert imported for certTag " - + certTag); + CryptoUtil.importUserCertificate(impl, nickname, false); + CMS.debug( + "CertRequestPanel configCert: cert imported for certTag " + + certTag); } catch (Exception ee) { - CMS.debug("CertRequestPanel configCert: import certificate for certTag=" - + certTag + " Exception: " + ee.toString()); + CMS.debug( + "CertRequestPanel configCert: import certificate for certTag=" + + certTag + " Exception: " + + ee.toString()); CMS.debug("ok"); - // hasErr = true; +// hasErr = true; } } } else if (cert.getType().equals("remote")) { if (b64 != null && b64.length() > 0 && !b64.startsWith("...")) { - String b64chain = HttpInput.getCertChain(request, - certTag + "_cc"); - CMS.debug("CertRequestPanel: in update() process remote...import cert"); + String b64chain = HttpInput.getCertChain(request, certTag+"_cc"); + CMS.debug( + "CertRequestPanel: in update() process remote...import cert"); - String input = HttpInput.getCert(request, - cert.getCertTag()); + String input = HttpInput.getCert(request, cert.getCertTag()); if (input != null) { try { - if (certTag.equals("sslserver") - && findBootstrapServerCert()) + if (certTag.equals("sslserver") && findBootstrapServerCert()) deleteBootstrapServerCert(); - if (findCertificate(tokenname, nickname)) { - deleteCert(tokenname, nickname); + if (findCertificate(tokenname, nickname)) { + deleteCert(tokenname, nickname); } } catch (Exception e) { - CMS.debug("CertRequestPanel update (remote): deleteCert Exception=" - + e.toString()); + CMS.debug("CertRequestPanel update (remote): deleteCert Exception="+e.toString()); } input = CryptoUtil.stripCertBrackets(input.trim()); String certs = CryptoUtil.normalizeCertStr(input); byte[] certb = CryptoUtil.base64Decode(certs); - config.putString(subsystem + "." + certTag - + ".cert", certs); + config.putString(subsystem + "." + certTag + ".cert", + certs); try { CryptoManager cm = CryptoManager.getInstance(); - X509Certificate x509cert = cm - .importCertPackage(certb, nickname); + X509Certificate x509cert = cm.importCertPackage( + certb, nickname); CryptoUtil.trustCertByNickname(nickname); - X509Certificate[] certchains = cm - .buildCertificateChain(x509cert); + X509Certificate[] certchains = cm.buildCertificateChain( + x509cert); X509Certificate leaf = null; if (certchains != null) { - CMS.debug("CertRequestPanel certchains length=" - + certchains.length); + CMS.debug( + "CertRequestPanel certchains length=" + + certchains.length); leaf = certchains[certchains.length - 1]; } - if (leaf == null) { - CMS.debug("CertRequestPanel::update() - " - + "leaf is null!"); - throw new IOException("leaf is null"); + if( leaf == null ) { + CMS.debug( "CertRequestPanel::update() - " + + "leaf is null!" ); + throw new IOException( "leaf is null" ); } - if (/* (certchains.length <= 1) && */ - (b64chain != null && b64chain.length() != 0)) { - CMS.debug("CertRequestPanel: cert might not have contained chain...calling importCertificateChain: " - + b64chain); - try { - CryptoUtil - .importCertificateChain(CryptoUtil - .normalizeCertAndReq(b64chain)); - } catch (Exception e) { - CMS.debug("CertRequestPanel: importCertChain: Exception: " - + e.toString()); - } + if (/*(certchains.length <= 1) &&*/ + (b64chain != null && b64chain.length() != 0)) { + CMS.debug("CertRequestPanel: cert might not have contained chain...calling importCertificateChain: " + b64chain); + try { + CryptoUtil.importCertificateChain( + CryptoUtil.normalizeCertAndReq(b64chain)); + } catch (Exception e) { + CMS.debug("CertRequestPanel: importCertChain: Exception: "+e.toString()); + } } InternalCertificate icert = (InternalCertificate) leaf; - icert.setSSLTrust(InternalCertificate.TRUSTED_CA - | InternalCertificate.TRUSTED_CLIENT_CA - | InternalCertificate.VALID_CA); - CMS.debug("CertRequestPanel configCert: import certificate successfully, certTag=" - + certTag); + icert.setSSLTrust( + InternalCertificate.TRUSTED_CA + | InternalCertificate.TRUSTED_CLIENT_CA + | InternalCertificate.VALID_CA); + CMS.debug( + "CertRequestPanel configCert: import certificate successfully, certTag=" + + certTag); } catch (Exception ee) { - CMS.debug("CertRequestPanel configCert: import certificate for certTag=" - + certTag - + " Exception: " - + ee.toString()); + CMS.debug( + "CertRequestPanel configCert: import certificate for certTag=" + + certTag + " Exception: " + + ee.toString()); CMS.debug("ok"); - // hasErr=true; +// hasErr=true; } } else { CMS.debug("CertRequestPanel: in update() input null"); hasErr = true; } } else { - CMS.debug("CertRequestPanel: in update() b64 not set"); - hasErr = true; + CMS.debug("CertRequestPanel: in update() b64 not set"); + hasErr=true; } - + } else { b64 = CryptoUtil.stripCertBrackets(b64.trim()); String certs = CryptoUtil.normalizeCertStr(b64); byte[] certb = CryptoUtil.base64Decode(certs); X509CertImpl impl = new X509CertImpl(certb); try { - if (certTag.equals("sslserver") - && findBootstrapServerCert()) + if (certTag.equals("sslserver") && findBootstrapServerCert()) deleteBootstrapServerCert(); if (findCertificate(tokenname, nickname)) { - deleteCert(tokenname, nickname); + deleteCert(tokenname, nickname); } } catch (Exception ee) { - CMS.debug("CertRequestPanel update: deleteCert Exception=" - + ee.toString()); + CMS.debug("CertRequestPanel update: deleteCert Exception="+ee.toString()); } try { if (certTag.equals("signing") && subsystem.equals("ca")) CryptoUtil.importUserCertificate(impl, nickname); else - CryptoUtil.importUserCertificate(impl, nickname, - false); + CryptoUtil.importUserCertificate(impl, nickname, false); } catch (Exception ee) { - CMS.debug("CertRequestPanel: Failed to import user certificate." - + ee.toString()); - hasErr = true; + CMS.debug("CertRequestPanel: Failed to import user certificate."+ee.toString()); + hasErr=true; } } - // update requests in request queue for local certs to allow - // renewal - if ((cert.getType().equals("local")) - || (cert.getType().equals("selfsign"))) { - CertUtil.updateLocalRequest(config, certTag, - cert.getRequest(), "pkcs10", null); + //update requests in request queue for local certs to allow renewal + if ((cert.getType().equals("local")) || (cert.getType().equals("selfsign"))) { + CertUtil.updateLocalRequest(config, certTag, cert.getRequest(), "pkcs10", null); } if (certTag.equals("signing") && subsystem.equals("ca")) { String NickName = nickname; - if (!tokenname.equals("internal") - && !tokenname.equals("Internal Key Storage Token")) - NickName = tokenname + ":" + nickname; + if (!tokenname.equals("internal") && !tokenname.equals("Internal Key Storage Token")) + NickName = tokenname+ ":"+ nickname; - CMS.debug("CertRequestPanel update: set trust on CA signing cert " - + NickName); + CMS.debug("CertRequestPanel update: set trust on CA signing cert "+NickName); CryptoUtil.trustCertByNickname(NickName); CMS.reinit(ICertificateAuthority.ID); - } - } // while loop + } + } //while loop if (hasErr == false) { - config.putBoolean("preop.CertRequestPanel.done", true); + config.putBoolean("preop.CertRequestPanel.done", true); } config.commit(false); } catch (Exception e) { @@ -737,7 +713,7 @@ public class CertRequestPanel extends WizardPanelBase { System.err.println("Exception caught: " + e.toString()); } - // reset the attribute of the user certificate to u,u,u + //reset the attribute of the user certificate to u,u,u String certlist = ""; try { certlist = config.getString("preop.cert.list", ""); @@ -747,28 +723,25 @@ public class CertRequestPanel extends WizardPanelBase { String tag = tokenizer.nextToken(); if (tag.equals("signing")) continue; - String nickname = config.getString("preop.cert." + tag - + ".nickname", ""); + String nickname = config.getString("preop.cert."+tag+".nickname", ""); String tokenname = config.getString("preop.module.token", ""); if (!tokenname.equals("Internal Key Storage Token")) - nickname = tokenname + ":" + nickname; + nickname = tokenname+":"+nickname; X509Certificate c = cm.findCertByNickname(nickname); if (c instanceof InternalCertificate) { - InternalCertificate ic = (InternalCertificate) c; + InternalCertificate ic = (InternalCertificate)c; ic.setSSLTrust(InternalCertificate.USER); ic.setEmailTrust(InternalCertificate.USER); if (tag.equals("audit_signing")) { - ic.setObjectSigningTrust(InternalCertificate.USER - | InternalCertificate.VALID_PEER - | InternalCertificate.TRUSTED_PEER); + ic.setObjectSigningTrust(InternalCertificate.USER | InternalCertificate.VALID_PEER | InternalCertificate.TRUSTED_PEER); } else { ic.setObjectSigningTrust(InternalCertificate.USER); } } - } + } } catch (Exception e) { } - if (!hasErr) { + if (!hasErr) { context.put("updateStatus", "success"); } else { context.put("updateStatus", "failure"); @@ -779,7 +752,8 @@ public class CertRequestPanel extends WizardPanelBase { * If validiate() returns false, this method will be called. */ public void displayError(HttpServletRequest request, - HttpServletResponse response, Context context) { + HttpServletResponse response, + Context context) { context.put("title", "Certificate Request"); context.put("panel", "admin/console/config/certrequestpanel.vm"); } |