summaryrefslogtreecommitdiffstats
path: root/pki/base/java-tools
diff options
context:
space:
mode:
authormharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>2011-06-30 21:52:25 +0000
committermharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>2011-06-30 21:52:25 +0000
commit1685275fabdc90acf449feb9414ecb1021100448 (patch)
treec8564ff1bdafead242722cb41910dee1f772aea2 /pki/base/java-tools
parentf0189237025c3dfd2137140915bfb48e743dafa5 (diff)
downloadpki-1685275fabdc90acf449feb9414ecb1021100448.tar.gz
pki-1685275fabdc90acf449feb9414ecb1021100448.tar.xz
pki-1685275fabdc90acf449feb9414ecb1021100448.zip
Bugzilla Bug #532548 - Tool to do DRM re-key (use configuration file, process based upon records, added additional options)
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2034 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/java-tools')
-rw-r--r--pki/base/java-tools/src/CMakeLists.txt6
-rw-r--r--pki/base/java-tools/src/com/netscape/cmstools/DRMTool.cfg160
-rw-r--r--pki/base/java-tools/src/com/netscape/cmstools/DRMTool.java3332
3 files changed, 3080 insertions, 418 deletions
diff --git a/pki/base/java-tools/src/CMakeLists.txt b/pki/base/java-tools/src/CMakeLists.txt
index 7ea53cf89..678671e7f 100644
--- a/pki/base/java-tools/src/CMakeLists.txt
+++ b/pki/base/java-tools/src/CMakeLists.txt
@@ -67,6 +67,12 @@ set(CMAKE_JAVA_TARGET_VERSION ${APPLICATION_VERSION})
# build pki-tools
add_jar(pki-tools ${pki-tools_java_SRCS})
add_dependencies(pki-tools osutil pki-nsutil pki-cmsutil)
+install(
+ FILES
+ com/netscape/cmstools/DRMTool.cfg
+ DESTINATION
+ ${SHARE_INSTALL_PREFIX}/pki/java-tools/
+)
install_jar(pki-tools ${JAVA_JAR_INSTALL_DIR}/pki)
set(PKI_TOOLS_JAR ${pki-tools_JAR_FILE} CACHE INTERNAL "pki-tools jar file")
diff --git a/pki/base/java-tools/src/com/netscape/cmstools/DRMTool.cfg b/pki/base/java-tools/src/com/netscape/cmstools/DRMTool.cfg
new file mode 100644
index 000000000..b43441e19
--- /dev/null
+++ b/pki/base/java-tools/src/com/netscape/cmstools/DRMTool.cfg
@@ -0,0 +1,160 @@
+drmtool.ldif.caEnrollmentRequest._000=########################################
+drmtool.ldif.caEnrollmentRequest._001=## DRM CA Enrollment Request ##
+drmtool.ldif.caEnrollmentRequest._002=########################################
+drmtool.ldif.caEnrollmentRequest._003=## ##
+drmtool.ldif.caEnrollmentRequest._004=## NEVER allow 'DRMTOOL' the ability ##
+drmtool.ldif.caEnrollmentRequest._005=## to change the CA 'naming context' ##
+drmtool.ldif.caEnrollmentRequest._006=## data in the following fields: ##
+drmtool.ldif.caEnrollmentRequest._007=## ##
+drmtool.ldif.caEnrollmentRequest._008=## extdata-auth--005ftoken;uid ##
+drmtool.ldif.caEnrollmentRequest._009=## extdata-auth--005ftoken;userid ##
+drmtool.ldif.caEnrollmentRequest._010=## extdata-updatedby ##
+drmtool.ldif.caEnrollmentRequest._011=## ##
+drmtool.ldif.caEnrollmentRequest._012=## NEVER allow 'DRMTOOL' the ability ##
+drmtool.ldif.caEnrollmentRequest._013=## to change CA 'numeric' data in ##
+drmtool.ldif.caEnrollmentRequest._014=## the following fields: ##
+drmtool.ldif.caEnrollmentRequest._015=## ##
+drmtool.ldif.caEnrollmentRequest._016=## extdata-requestId ##
+drmtool.ldif.caEnrollmentRequest._017=## ##
+drmtool.ldif.caEnrollmentRequest._018=########################################
+drmtool.ldif.caEnrollmentRequest.cn=true
+drmtool.ldif.caEnrollmentRequest.dateOfModify=true
+drmtool.ldif.caEnrollmentRequest.dn=true
+drmtool.ldif.caEnrollmentRequest.extdata.keyRecord=true
+drmtool.ldif.caEnrollmentRequest.extdata.requestNotes=true
+drmtool.ldif.caEnrollmentRequest.requestId=true
+drmtool.ldif.caKeyRecord._000=#########################################
+drmtool.ldif.caKeyRecord._001=## DRM CA Key Record ##
+drmtool.ldif.caKeyRecord._002=#########################################
+drmtool.ldif.caKeyRecord._003=## ##
+drmtool.ldif.caKeyRecord._004=## NEVER allow 'DRMTOOL' the ability ##
+drmtool.ldif.caKeyRecord._005=## to change the CA 'naming context' ##
+drmtool.ldif.caKeyRecord._006=## data in the following fields: ##
+drmtool.ldif.caKeyRecord._007=## ##
+drmtool.ldif.caKeyRecord._008=## archivedBy ##
+drmtool.ldif.caKeyRecord._009=## ##
+drmtool.ldif.caKeyRecord._010=#########################################
+drmtool.ldif.caKeyRecord.cn=true
+drmtool.ldif.caKeyRecord.dateOfModify=true
+drmtool.ldif.caKeyRecord.dn=true
+drmtool.ldif.caKeyRecord.privateKeyData=true
+drmtool.ldif.caKeyRecord.serialno=true
+drmtool.ldif.namingContext._000=############################################
+drmtool.ldif.namingContext._001=## DRM Naming Context Fields ##
+drmtool.ldif.namingContext._002=############################################
+drmtool.ldif.namingContext._003=## ##
+drmtool.ldif.namingContext._004=## NEVER allow 'DRMTOOL' the ability to ##
+drmtool.ldif.namingContext._005=## change the CA 'naming context' data ##
+drmtool.ldif.namingContext._006=## in the following 'non-KeyRecord / ##
+drmtool.ldif.namingContext._007=## non-Request' fields (as these records ##
+drmtool.ldif.namingContext._008=## should be removed via the option to ##
+drmtool.ldif.namingContext._009=## process requests and key records only ##
+drmtool.ldif.namingContext._010=## if this is a DRM migration): ##
+drmtool.ldif.namingContext._011=## ##
+drmtool.ldif.namingContext._012=## cn ##
+drmtool.ldif.namingContext._013=## sn ##
+drmtool.ldif.namingContext._014=## uid ##
+drmtool.ldif.namingContext._015=## uniqueMember ##
+drmtool.ldif.namingContext._016=## ##
+drmtool.ldif.namingContext._017=## NEVER allow 'DRMTOOL' the ability to ##
+drmtool.ldif.namingContext._018=## change the DRM 'naming context' data ##
+drmtool.ldif.namingContext._019=## in the following 'non-KeyRecord / ##
+drmtool.ldif.namingContext._020=## non-Request' fields (as these records ##
+drmtool.ldif.namingContext._021=## should be removed via the option to ##
+drmtool.ldif.namingContext._022=## process requests and key records only ##
+drmtool.ldif.namingContext._023=## if this is a DRM migration): ##
+drmtool.ldif.namingContext._024=## ##
+drmtool.ldif.namingContext._025=## dc ##
+drmtool.ldif.namingContext._026=## dn ##
+drmtool.ldif.namingContext._027=## uniqueMember ##
+drmtool.ldif.namingContext._028=## ##
+drmtool.ldif.namingContext._029=## NEVER allow 'DRMTOOL' the ability to ##
+drmtool.ldif.namingContext._030=## change the TPS 'naming context' data ##
+drmtool.ldif.namingContext._031=## in the following 'non-KeyRecord / ##
+drmtool.ldif.namingContext._032=## non-Request' fields (as these records ##
+drmtool.ldif.namingContext._033=## should be removed via the option to ##
+drmtool.ldif.namingContext._034=## process requests and key records only ##
+drmtool.ldif.namingContext._035=## if this is a DRM migration): ##
+drmtool.ldif.namingContext._036=## ##
+drmtool.ldif.namingContext._037=## uid ##
+drmtool.ldif.namingContext._038=## uniqueMember ##
+drmtool.ldif.namingContext._039=## ##
+drmtool.ldif.namingContext._040=## If '-source_naming_context ##
+drmtool.ldif.namingContext._041=## <original source DRM naming context>' ##
+drmtool.ldif.namingContext._042=## and '-target_naming_context ##
+drmtool.ldif.namingContext._043=## <renamed target DRM naming context>' ##
+drmtool.ldif.namingContext._044=## options are specified, ALWAYS ##
+drmtool.ldif.namingContext._045=## require 'DRMTOOL' to change the ##
+drmtool.ldif.namingContext._046=## DRM 'naming context' data in ALL of ##
+drmtool.ldif.namingContext._047=## the following fields in EACH of the ##
+drmtool.ldif.namingContext._048=## following types of records: ##
+drmtool.ldif.namingContext._049=## ##
+drmtool.ldif.namingContext._050=## caEnrollmentRequest: ##
+drmtool.ldif.namingContext._051=## ##
+drmtool.ldif.namingContext._052=## dn ##
+drmtool.ldif.namingContext._053=## extdata-auth--005ftoken;user ##
+drmtool.ldif.namingContext._054=## extdata-auth--005ftoken;userdn ##
+drmtool.ldif.namingContext._055=## ##
+drmtool.ldif.namingContext._056=## caKeyRecord: ##
+drmtool.ldif.namingContext._057=## ##
+drmtool.ldif.namingContext._058=## dn ##
+drmtool.ldif.namingContext._059=## ##
+drmtool.ldif.namingContext._060=## recoveryRequest: ##
+drmtool.ldif.namingContext._061=## ##
+drmtool.ldif.namingContext._062=## dn ##
+drmtool.ldif.namingContext._063=## ##
+drmtool.ldif.namingContext._064=## tpsKeyRecord: ##
+drmtool.ldif.namingContext._065=## ##
+drmtool.ldif.namingContext._066=## dn ##
+drmtool.ldif.namingContext._067=## ##
+drmtool.ldif.namingContext._068=## tpsNetkeyKeygenRequest: ##
+drmtool.ldif.namingContext._069=## ##
+drmtool.ldif.namingContext._070=## dn ##
+drmtool.ldif.namingContext._071=## ##
+drmtool.ldif.namingContext._072=############################################
+drmtool.ldif.recoveryRequest._000=#####################################
+drmtool.ldif.recoveryRequest._001=## DRM CA / TPS Recovery Request ##
+drmtool.ldif.recoveryRequest._002=#####################################
+drmtool.ldif.recoveryRequest.cn=true
+drmtool.ldif.recoveryRequest.dateOfModify=true
+drmtool.ldif.recoveryRequest.dn=true
+drmtool.ldif.recoveryRequest.extdata.requestId=true
+drmtool.ldif.recoveryRequest.extdata.requestNotes=true
+drmtool.ldif.recoveryRequest.extdata.serialnumber=true
+drmtool.ldif.recoveryRequest.requestId=true
+drmtool.ldif.tpsKeyRecord._000=#########################################
+drmtool.ldif.tpsKeyRecord._001=## DRM TPS Key Record ##
+drmtool.ldif.tpsKeyRecord._002=#########################################
+drmtool.ldif.tpsKeyRecord._003=## ##
+drmtool.ldif.tpsKeyRecord._004=## NEVER allow 'DRMTOOL' the ability ##
+drmtool.ldif.tpsKeyRecord._005=## to change the TPS 'naming context' ##
+drmtool.ldif.tpsKeyRecord._006=## data in the following fields: ##
+drmtool.ldif.tpsKeyRecord._007=## ##
+drmtool.ldif.tpsKeyRecord._008=## archivedBy ##
+drmtool.ldif.tpsKeyRecord._009=## ##
+drmtool.ldif.tpsKeyRecord._010=#########################################
+drmtool.ldif.tpsKeyRecord.cn=true
+drmtool.ldif.tpsKeyRecord.dateOfModify=true
+drmtool.ldif.tpsKeyRecord.dn=true
+drmtool.ldif.tpsKeyRecord.privateKeyData=true
+drmtool.ldif.tpsKeyRecord.serialno=true
+drmtool.ldif.tpsNetkeyKeygenRequest._000=#####################################
+drmtool.ldif.tpsNetkeyKeygenRequest._001=## DRM TPS Netkey Keygen Request ##
+drmtool.ldif.tpsNetkeyKeygenRequest._002=#####################################
+drmtool.ldif.tpsNetkeyKeygenRequest._003=## ##
+drmtool.ldif.tpsNetkeyKeygenRequest._004=## NEVER allow 'DRMTOOL' the ##
+drmtool.ldif.tpsNetkeyKeygenRequest._005=## ability to change the ##
+drmtool.ldif.tpsNetkeyKeygenRequest._006=## TPS 'naming context' data in ##
+drmtool.ldif.tpsNetkeyKeygenRequest._007=## the following fields: ##
+drmtool.ldif.tpsNetkeyKeygenRequest._008=## ##
+drmtool.ldif.tpsNetkeyKeygenRequest._009=## extdata-updatedby ##
+drmtool.ldif.tpsNetkeyKeygenRequest._010=## ##
+drmtool.ldif.tpsNetkeyKeygenRequest._011=#####################################
+drmtool.ldif.tpsNetkeyKeygenRequest.cn=true
+drmtool.ldif.tpsNetkeyKeygenRequest.dateOfModify=true
+drmtool.ldif.tpsNetkeyKeygenRequest.dn=true
+drmtool.ldif.tpsNetkeyKeygenRequest.extdata.keyRecord=true
+drmtool.ldif.tpsNetkeyKeygenRequest.extdata.requestId=true
+drmtool.ldif.tpsNetkeyKeygenRequest.extdata.requestNotes=true
+drmtool.ldif.tpsNetkeyKeygenRequest.requestId=true
+
diff --git a/pki/base/java-tools/src/com/netscape/cmstools/DRMTool.java b/pki/base/java-tools/src/com/netscape/cmstools/DRMTool.java
index e2838854e..f327337d3 100644
--- a/pki/base/java-tools/src/com/netscape/cmstools/DRMTool.java
+++ b/pki/base/java-tools/src/com/netscape/cmstools/DRMTool.java
@@ -33,6 +33,7 @@ import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.crypto.PrivateKey;
import org.mozilla.jss.crypto.*;
import org.mozilla.jss.pkcs11.PK11PubKey;
+import org.mozilla.jss.util.Password;
import org.mozilla.jss.*;
/**
@@ -45,7 +46,10 @@ import org.mozilla.jss.*;
*
* STARTING INVENTORY:
*
- * (1) an LDIF file containing 'exported' DRM data
+ * (1) a DRMTOOL configuration file containing DRM LDIF record
+ * types and the processing status of their associated fields
+ *
+ * (2) an LDIF file containing 'exported' DRM data
* (referred to as the "source" DRM)
*
* NOTE: If this LDIF file contains data that was originally
@@ -53,7 +57,7 @@ import org.mozilla.jss.*;
* must have previously undergone the appropriate
* migration steps.
*
- * (2) the NSS security databases (e. g. - cert8.db, key3.db,
+ * (3) the NSS security databases (e. g. - cert8.db, key3.db,
* and secmod.db) associated with the data contained in
* the source LDIF file
*
@@ -66,7 +70,7 @@ import org.mozilla.jss.*;
* this key (e. g. - which may be located in
* the source DRM's 'password.conf' file).
*
- * (3) a file containing the ASCII BASE-64 storage certificate
+ * (4) a file containing the ASCII BASE-64 storage certificate
* from the DRM instance for which the output LDIF file is
* intended (referred to as the "target")
*
@@ -82,36 +86,52 @@ import org.mozilla.jss.*;
*
* DRMTool PARAMETERS:
*
- * (1) the name of the input LDIF file containing data which was
+ * (1) the name of the DRMTOOL configuration file containing
+ * DRM LDIF record types and the processing status of their
+ * associated fields
+ *
+ * (2) the name of the input LDIF file containing data which was
* 'exported' from the source DRM instance
*
- * (2) the name of the output LDIF file intended to contain the
+ * (3) the name of the output LDIF file intended to contain the
* revised data suitable for 'import' to a target DRM instance
*
- * (3) the name of the log file that may be used for auditing
+ * (4) the name of the log file that may be used for auditing
* purposes
*
- * (4) the path to the security databases that were used by
+ * (5) the path to the security databases that were used by
* the source DRM instance
*
- * (5) the name of the token that was used by
+ * (6) the name of the token that was used by
* the source DRM instance
*
- * (6) the name of the storage certificate that was used by
+ * (7) the name of the storage certificate that was used by
* the source DRM instance
*
- * (7) the name of the file containing the ASCII BASE-64 storage
+ * (8) the name of the file containing the ASCII BASE-64 storage
* certificate from the target DRM instance for which the
* output LDIF file is intended
*
- * DATA FIELDS AFFECTED:
+ * (9) OPTIONALLY, the name of a file which ONLY contains the
+ * password needed to access the source DRM instance's
+ * security databases
+ *
+ * (10) OPTIONALLY, choose to change the specified source DRM naming
+ * context to the specified target DRM naming context
+ *
+ * (11) OPTIONALLY, choose to ONLY process CA enrollment requests,
+ * CA recovery requests, CA key records, TPS netkeyKeygen
+ * enrollment requests, TPS recovery requests, and
+ * TPS key records
+ *
+ * DATA FIELDS AFFECTED (using default config file values):
*
* (1) CA DRM enrollment request
*
* (a) dateOfModify
* (b) extdata-requestnotes
*
- * (2) CA DRM keyrecord
+ * (2) CA DRM key record
*
* (a) dateOfModify
* (b) privateKeyData
@@ -126,7 +146,7 @@ import org.mozilla.jss.*;
* (a) dateOfModify
* (b) extdata-requestnotes (NEW)
*
- * (5) TPS DRM keyrecord
+ * (5) TPS DRM key record
*
* (a) dateOfModify
* (b) privateKeyData
@@ -141,7 +161,10 @@ import org.mozilla.jss.*;
*
* STARTING INVENTORY:
*
- * (1) an LDIF file containing 'exported' DRM data
+ * (1) a DRMTOOL configuration file containing DRM LDIF record
+ * types and the processing status of their associated fields
+ *
+ * (2) an LDIF file containing 'exported' DRM data
* (referred to as the "source" DRM)
*
* NOTE: If this LDIF file contains data that was originally
@@ -161,30 +184,41 @@ import org.mozilla.jss.*;
*
* DRMTool PARAMETERS:
*
- * (1) the name of the input LDIF file containing data which was
+ * (1) the name of the DRMTOOL configuration file containing
+ * DRM LDIF record types and the processing status of their
+ * associated fields
+ *
+ * (2) the name of the input LDIF file containing data which was
* 'exported' from the source DRM instance
*
- * (2) the name of the output LDIF file intended to contain the
+ * (3) the name of the output LDIF file intended to contain the
* revised data suitable for 'import' to a target DRM instance
*
- * (3) the name of the log file that may be used for auditing
+ * (4) the name of the log file that may be used for auditing
* purposes
*
- * (4) a large numeric ID offset (mask) to be appended to existing
+ * (5) a large numeric ID offset (mask) to be appended to existing
* numeric data in the source DRM instance's LDIF file
*
- * DATA FIELDS AFFECTED:
+ * (6) OPTIONALLY, choose to change the specified source DRM naming
+ * context to the specified target DRM naming context
+ *
+ * (7) OPTIONALLY, choose to ONLY process CA enrollment requests,
+ * CA recovery requests, CA key records, TPS netkeyKeygen
+ * enrollment requests, TPS recovery requests, and
+ * TPS key records
+ *
+ * DATA FIELDS AFFECTED (using default config file values):
*
* (1) CA DRM enrollment request
*
* (a) cn
* (b) dateOfModify
* (c) extdata-keyrecord
- * (d) extdata-requestid
- * (e) extdata-requestnotes
- * (f) requestId
+ * (d) extdata-requestnotes
+ * (e) requestId
*
- * (2) CA DRM keyrecord
+ * (2) CA DRM key record
*
* (a) cn
* (b) dateOfModify
@@ -196,7 +230,7 @@ import org.mozilla.jss.*;
* (b) dateOfModify
* (c) extdata-requestid
* (d) extdata-requestnotes (NEW)
- * (e) extdata-serialno
+ * (e) extdata-serialnumber
* (f) requestId
*
* (4) TPS DRM netkeyKeygen (enrollment) request
@@ -208,7 +242,7 @@ import org.mozilla.jss.*;
* (e) extdata-requestnotes (NEW)
* (f) requestId
*
- * (5) TPS DRM keyrecord
+ * (5) TPS DRM key record
*
* (a) cn
* (b) dateOfModify
@@ -220,7 +254,7 @@ import org.mozilla.jss.*;
* (b) dateOfModify
* (c) extdata-requestid
* (d) extdata-requestnotes (NEW)
- * (e) extdata-serialno
+ * (e) extdata-serialnumber
* (f) requestId
*
* (C) Specify an ID offset to be removed from existing numeric data
@@ -228,7 +262,10 @@ import org.mozilla.jss.*;
*
* STARTING INVENTORY:
*
- * (1) an LDIF file containing 'exported' DRM data
+ * (1) a DRMTOOL configuration file containing DRM LDIF record
+ * types and the processing status of their associated fields
+ *
+ * (2) an LDIF file containing 'exported' DRM data
* (referred to as the "source" DRM)
*
* NOTE: If this LDIF file contains data that was originally
@@ -248,30 +285,41 @@ import org.mozilla.jss.*;
*
* DRMTool PARAMETERS:
*
- * (1) the name of the input LDIF file containing data which was
+ * (1) the name of the DRMTOOL configuration file containing
+ * DRM LDIF record types and the processing status of their
+ * associated fields
+ *
+ * (2) the name of the input LDIF file containing data which was
* 'exported' from the source DRM instance
*
- * (2) the name of the output LDIF file intended to contain the
+ * (3) the name of the output LDIF file intended to contain the
* revised data suitable for 'import' to a target DRM instance
*
- * (3) the name of the log file that may be used for auditing
+ * (4) the name of the log file that may be used for auditing
* purposes
*
- * (4) a large numeric ID offset (mask) to be removed from existing
+ * (5) a large numeric ID offset (mask) to be removed from existing
* numeric data in the source DRM instance's LDIF file
*
- * DATA FIELDS AFFECTED:
+ * (6) OPTIONALLY, choose to change the specified source DRM naming
+ * context to the specified target DRM naming context
+ *
+ * (7) OPTIONALLY, choose to ONLY process CA enrollment requests,
+ * CA recovery requests, CA key records, TPS netkeyKeygen
+ * enrollment requests, TPS recovery requests, and
+ * TPS key records
+ *
+ * DATA FIELDS AFFECTED (using default config file values):
*
* (1) CA DRM enrollment request
*
* (a) cn
* (b) dateOfModify
* (c) extdata-keyrecord
- * (d) extdata-requestid
- * (e) extdata-requestnotes
- * (f) requestId
+ * (d) extdata-requestnotes
+ * (e) requestId
*
- * (2) CA DRM keyrecord
+ * (2) CA DRM key record
*
* (a) cn
* (b) dateOfModify
@@ -283,7 +331,7 @@ import org.mozilla.jss.*;
* (b) dateOfModify
* (c) extdata-requestid
* (d) extdata-requestnotes (NEW)
- * (e) extdata-serialno
+ * (e) extdata-serialnumber
* (f) requestId
*
* (4) TPS DRM netkeyKeygen (enrollment) request
@@ -295,7 +343,7 @@ import org.mozilla.jss.*;
* (e) extdata-requestnotes (NEW)
* (f) requestId
*
- * (5) TPS DRM keyrecord
+ * (5) TPS DRM key record
*
* (a) cn
* (b) dateOfModify
@@ -307,7 +355,7 @@ import org.mozilla.jss.*;
* (b) dateOfModify
* (c) extdata-requestid
* (d) extdata-requestnotes (NEW)
- * (e) extdata-serialno
+ * (e) extdata-serialnumber
* (f) requestId
*
* </PRE>
@@ -317,6 +365,7 @@ import org.mozilla.jss.*;
* <PRE>
*
* DRMTool
+ * -drmtool_config_file &lt;path + drmtool config file&gt;
* -source_ldif_file &lt;path + source ldif file&gt;
* -target_ldif_file &lt;path + target ldif file&gt;
* -log_file &lt;path + log file&gt;
@@ -324,11 +373,16 @@ import org.mozilla.jss.*;
* [-source_storage_token_name '&lt;source token&gt;']
* [-source_storage_certificate_nickname '&lt;source nickname&gt;']
* [-target_storage_certificate_file &lt;path to target certificate file&gt;]
+ * [-source_pki_security_database_pwdfile &lt;path to PKI password file&gt;]
* [-append_id_offset &lt;numeric offset&gt;]
* [-remove_id_offset &lt;numeric offset&gt;]
+ * [-source_drm_naming_context '&lt;original source DRM naming context&gt;']
+ * [-target_drm_naming_context '&lt;renamed target DRM naming context&gt;']
+ * [-process_requests_and_key_records_only]
*
* where the following options are 'Mandatory':
*
+ * -drmtool_config_file &lt;path + drmtool config file&gt;
* -source_ldif_file &lt;path + source ldif file&gt;
* -target_ldif_file &lt;path + target ldif file&gt;
* -log_file &lt;path + log file&gt;
@@ -344,19 +398,62 @@ import org.mozilla.jss.*;
* [-target_storage_certificate_file
* &lt;path to target certificate file&gt;]
*
+ * AND OPTIONALLY, specify the name of a file which ONLY contains
+ * the password needed to access the source DRM instance's
+ * security databases:
+ *
+ * [-source_pki_security_database_pwdfile
+ * &lt;path to PKI password file&gt;]
+ *
+ * AND OPTIONALLY, rename source DRM naming context --> target
+ * DRM naming context:
+ *
+ * [-source_drm_naming_context '&lt;source DRM naming context&gt;']
+ * [-target_drm_naming_context '&lt;target DRM naming context&gt;']
+ *
+ * AND OPTIONALLY, process requests and key records ONLY:
+ *
+ * [-process_requests_and_key_records_only]
+ *
* (b) option for appending the specified numeric ID offset
* to existing numerical data:
*
* [-append_id_offset &lt;numeric offset&gt;]
*
+ * AND OPTIONALLY, rename source DRM naming context --> target
+ * DRM naming context:
+ *
+ * [-source_drm_naming_context '&lt;source DRM naming context&gt;']
+ * [-target_drm_naming_context '&lt;target DRM naming context&gt;']
+ *
+ * AND OPTIONALLY, process requests and key records ONLY:
+ *
+ * [-process_requests_and_key_records_only]
+ *
* (c) option for removing the specified numeric ID offset
* from existing numerical data:
*
+ * AND OPTIONALLY, rename source DRM naming context --> target
+ * DRM naming context:
+ *
+ * [-source_drm_naming_context '&lt;source DRM naming context&gt;']
+ * [-target_drm_naming_context '&lt;target DRM naming context&gt;']
+ *
* [-remove_id_offset &lt;numeric offset&gt;]
*
+ * AND OPTIONALLY, process requests and key records ONLY:
+ *
+ * [-process_requests_and_key_records_only]
+ *
* (d) (a) rewrap AND (b) append ID offset
+ * [AND OPTIONALLY, rename source DRM naming context --> target
+ * DRM naming context]
+ * [AND OPTIONALLY process requests and key records ONLY]
*
* (e) (a) rewrap AND (c) remove ID offset
+ * [AND OPTIONALLY, rename source DRM naming context --> target
+ * DRM naming context]
+ * [AND OPTIONALLY process requests and key records ONLY]
*
* NOTE: Options (b) and (c) are mutually exclusive!
*
@@ -375,6 +472,9 @@ public class DRMTool
private static final boolean FAILURE = false;
private static final boolean SUCCESS = true;
private static final String COLON = ":";
+ private static final String DOT = ".";
+ private static final String EQUAL_SIGN = "=";
+ private static final String HASH = "#";
private static final String LEFT_BRACE = "[";
private static final String NEWLINE = "\n";
private static final String PLUS = "+";
@@ -390,24 +490,37 @@ public class DRMTool
// Constants: PKCS #11 Information
private static final String INTERNAL_TOKEN = "Internal Key Storage Token";
- private static final String STORAGE_NICKNAME = "storageCert cert-pki-kra";
- private static final String TARGET_STORAGE_CERT = "target_storage.cert";
- private static final String ID_OFFSET_VALUE = "10000000";
// Constants: Command-line Options
private static final int ID_OFFSET_NAME_VALUE_PAIRS = 1;
- private static final int MANDATORY_NAME_VALUE_PAIRS = 3;
+ private static final int PWDFILE_NAME_VALUE_PAIRS = 1;
+ private static final int NAMING_CONTEXT_NAME_VALUE_PAIRS = 2;
+ private static final int MANDATORY_NAME_VALUE_PAIRS = 4;
private static final int REWRAP_NAME_VALUE_PAIRS = 4;
- private static final int ID_OFFSET_ARGS = 8;
- private static final int REWRAP_ARGS = 14;
- private static final int REWRAP_AND_ID_OFFSET_ARGS = 16;
+ private static final int ID_OFFSET_ARGS = 10;
+ private static final int REWRAP_ARGS = 16;
+ private static final int REWRAP_AND_ID_OFFSET_ARGS = 18;
// Constants: Command-line Options (Mandatory)
private static final String DRM_TOOL = "DRMTool";
private static final String
+ DRMTOOL_CFG_FILE = "-drmtool_config_file";
+
+ private static final String
+ DRMTOOL_CFG_DESCRIPTION = " <complete path to the drmtool config file"
+ + NEWLINE
+ + " "
+ + " ending with the drmtool config file name>";
+
+ private static final String
+ DRMTOOL_CFG_FILE_EXAMPLE = DRMTOOL_CFG_FILE
+ + " "
+ + "/usr/share/pki/java-tools/DRMTool.cfg";
+
+ private static final String
SOURCE_LDIF_FILE = "-source_ldif_file";
private static final String
@@ -417,7 +530,9 @@ public class DRMTool
+ " ending with the source LDIF file name>";
private static final String
- SOURCE_LDIF_FILE_EXAMPLE = "-source_ldif_file /export/pki/source.ldif";
+ SOURCE_LDIF_FILE_EXAMPLE = SOURCE_LDIF_FILE
+ + " "
+ + "/export/pki/source.ldif";
private static final String
TARGET_LDIF_FILE = "-target_ldif_file";
@@ -429,7 +544,9 @@ public class DRMTool
+ " ending with the target LDIF file name>";
private static final String
- TARGET_LDIF_FILE_EXAMPLE = "-target_ldif_file /export/pki/target.ldif";
+ TARGET_LDIF_FILE_EXAMPLE = TARGET_LDIF_FILE
+ + " "
+ + "/export/pki/target.ldif";
private static final String
LOG_FILE = "-log_file";
@@ -441,7 +558,9 @@ public class DRMTool
+ " ending with the log file name>";
private static final String
- LOG_FILE_EXAMPLE = "-log_file /export/pki/drmtool.log";
+ LOG_FILE_EXAMPLE = LOG_FILE
+ + " "
+ + "/export/pki/DRMTool.log";
// Constants: Command-line Options (Rewrap)
@@ -456,7 +575,8 @@ public class DRMTool
+ " used by data in the source LDIF file>";
private static final String
- SOURCE_NSS_DB_PATH_EXAMPLE = "-source_pki_security_database_path "
+ SOURCE_NSS_DB_PATH_EXAMPLE = SOURCE_NSS_DB_PATH
+ + " "
+ "/export/pki";
private static final String
@@ -467,10 +587,11 @@ public class DRMTool
+ "the source storage token>";
private static final String
- SOURCE_STORAGE_TOKEN_NAME_EXAMPLE = "-source_storage_token_name "
- + "\'"
- + INTERNAL_TOKEN
- + "\'";
+ SOURCE_STORAGE_TOKEN_NAME_EXAMPLE = SOURCE_STORAGE_TOKEN_NAME
+ + " "
+ + TIC
+ + "Internal Key Storage Token"
+ + TIC;
private static final String
SOURCE_STORAGE_CERT_NICKNAME = "-source_storage_certificate_nickname";
@@ -480,11 +601,11 @@ public class DRMTool
+ "storage certificate>";
private static final String
- SOURCE_STORAGE_CERT_NICKNAME_EXAMPLE =
- "-source_storage_certificate_nickname"
- + " \'"
- + STORAGE_NICKNAME
- + "\'";
+ SOURCE_STORAGE_CERT_NICKNAME_EXAMPLE = SOURCE_STORAGE_CERT_NICKNAME
+ + " "
+ + TIC
+ + "storageCert cert-pki-kra"
+ + TIC;
private static final String
TARGET_STORAGE_CERTIFICATE_FILE = "-target_storage_certificate_file";
@@ -506,9 +627,26 @@ public class DRMTool
+ "header and footer>";
private static final String
- TARGET_STORAGE_CERTIFICATE_FILE_EXAMPLE = "-target_storage_certificate_file"
- + " /export/pki/"
- + TARGET_STORAGE_CERT;
+ TARGET_STORAGE_CERTIFICATE_FILE_EXAMPLE = TARGET_STORAGE_CERTIFICATE_FILE
+ + " "
+ + "/export/pki/target_storage.cert";
+
+ private static final String
+ SOURCE_NSS_DB_PWDFILE = "-source_pki_security_database_pwdfile";
+
+ private static final String
+ SOURCE_NSS_DB_PWDFILE_DESCRIPTION = " <complete path to the password "
+ + "file which ONLY contains the"
+ + NEWLINE
+ + " "
+ + " password used to access the "
+ + "source security databases>";
+
+ private static final String
+ SOURCE_NSS_DB_PWDFILE_EXAMPLE = SOURCE_NSS_DB_PWDFILE
+ + " "
+ + "/export/pki/pwdfile";
+
// Constants: Command-line Options (ID Offset)
@@ -520,8 +658,9 @@ public class DRMTool
+ "each record's source ID>";
private static final String
- APPEND_ID_OFFSET_EXAMPLE = "-append_id_offset "
- + ID_OFFSET_VALUE;
+ APPEND_ID_OFFSET_EXAMPLE = APPEND_ID_OFFSET
+ + " "
+ + "100000000000";
private static final String
REMOVE_ID_OFFSET = "-remove_id_offset";
@@ -531,8 +670,245 @@ public class DRMTool
+ "each record's source ID>";
private static final String
- REMOVE_ID_OFFSET_EXAMPLE = "-remove_id_offset "
- + ID_OFFSET_VALUE;
+ REMOVE_ID_OFFSET_EXAMPLE = REMOVE_ID_OFFSET
+ + " "
+ + "100000000000";
+
+
+ // Constants: Command-line Options
+ private static final String
+ SOURCE_DRM_NAMING_CONTEXT = "-source_drm_naming_context";
+
+ private static final String
+ SOURCE_DRM_NAMING_CONTEXT_DESCRIPTION = " <source DRM naming context>";
+
+ private static final String
+ SOURCE_DRM_NAMING_CONTEXT_EXAMPLE = SOURCE_DRM_NAMING_CONTEXT
+ + " "
+ + TIC
+ + "alpha.example.com-pki-kra"
+ + TIC;
+
+ private static final String
+ TARGET_DRM_NAMING_CONTEXT = "-target_drm_naming_context";
+
+ private static final String
+ TARGET_DRM_NAMING_CONTEXT_DESCRIPTION = " <target DRM naming context>";
+
+ private static final String
+ TARGET_DRM_NAMING_CONTEXT_EXAMPLE = TARGET_DRM_NAMING_CONTEXT
+ + " "
+ + TIC
+ + "omega.example.com-pki-kra"
+ + TIC;
+
+ private static final String
+ PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY =
+ "-process_requests_and_key_records_only";
+
+
+ // Constants: DRMTOOL Config File
+ private static final String DRMTOOL_CFG_PREFIX = "drmtool.ldif";
+ private static final String DRMTOOL_CFG_ENROLLMENT = "caEnrollmentRequest";
+ private static final String DRMTOOL_CFG_CA_KEY_RECORD = "caKeyRecord";
+ private static final String DRMTOOL_CFG_RECOVERY = "recoveryRequest";
+ private static final String DRMTOOL_CFG_TPS_KEY_RECORD = "tpsKeyRecord";
+ private static final String DRMTOOL_CFG_KEYGEN = "tpsNetkeyKeygenRequest";
+
+
+ // Constants: DRMTOOL Config File (DRM CA Enrollment Request Fields)
+ private static final String
+ DRMTOOL_CFG_ENROLLMENT_CN = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_ENROLLMENT
+ + DOT
+ + "cn";
+ private static final String
+ DRMTOOL_CFG_ENROLLMENT_DATE_OF_MODIFY = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_ENROLLMENT
+ + DOT
+ + "dateOfModify";
+ private static final String
+ DRMTOOL_CFG_ENROLLMENT_DN = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_ENROLLMENT
+ + DOT
+ + "dn";
+ private static final String
+ DRMTOOL_CFG_ENROLLMENT_EXTDATA_KEY_RECORD = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_ENROLLMENT
+ + DOT
+ + "extdata.keyRecord";
+ private static final String
+ DRMTOOL_CFG_ENROLLMENT_EXTDATA_REQUEST_NOTES = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_ENROLLMENT
+ + DOT
+ + "extdata.requestNotes";
+ private static final String
+ DRMTOOL_CFG_ENROLLMENT_REQUEST_ID = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_ENROLLMENT
+ + DOT
+ + "requestId";
+
+
+ // Constants: DRMTOOL Config File (DRM CA Key Record Fields)
+ private static final String
+ DRMTOOL_CFG_CA_KEY_RECORD_CN = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_CA_KEY_RECORD
+ + DOT
+ + "cn";
+ private static final String
+ DRMTOOL_CFG_CA_KEY_RECORD_DATE_OF_MODIFY = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_CA_KEY_RECORD
+ + DOT
+ + "dateOfModify";
+ private static final String
+ DRMTOOL_CFG_CA_KEY_RECORD_DN = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_ENROLLMENT
+ + DOT
+ + "dn";
+ private static final String
+ DRMTOOL_CFG_CA_KEY_RECORD_PRIVATE_KEY_DATA = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_CA_KEY_RECORD
+ + DOT
+ + "privateKeyData";
+ private static final String
+ DRMTOOL_CFG_CA_KEY_RECORD_SERIAL_NO = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_CA_KEY_RECORD
+ + DOT
+ + "serialno";
+
+
+ // Constants: DRMTOOL Config File (DRM CA / TPS Recovery Request Fields)
+ private static final String
+ DRMTOOL_CFG_RECOVERY_CN = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_RECOVERY
+ + DOT
+ + "cn";
+ private static final String
+ DRMTOOL_CFG_RECOVERY_DATE_OF_MODIFY = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_RECOVERY
+ + DOT
+ + "dateOfModify";
+ private static final String
+ DRMTOOL_CFG_RECOVERY_DN = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_RECOVERY
+ + DOT
+ + "dn";
+ private static final String
+ DRMTOOL_CFG_RECOVERY_EXTDATA_REQUEST_ID = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_RECOVERY
+ + DOT
+ + "extdata.requestId";
+ private static final String
+ DRMTOOL_CFG_RECOVERY_EXTDATA_REQUEST_NOTES = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_RECOVERY
+ + DOT
+ + "extdata.requestNotes";
+ private static final String
+ DRMTOOL_CFG_RECOVERY_EXTDATA_SERIAL_NUMBER = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_RECOVERY
+ + DOT
+ + "extdata.serialnumber";
+ private static final String
+ DRMTOOL_CFG_RECOVERY_REQUEST_ID = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_RECOVERY
+ + DOT
+ + "requestId";
+
+
+ // Constants: DRMTOOL Config File (DRM TPS Key Record Fields)
+ private static final String
+ DRMTOOL_CFG_TPS_KEY_RECORD_CN = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_TPS_KEY_RECORD
+ + DOT
+ + "cn";
+ private static final String
+ DRMTOOL_CFG_TPS_KEY_RECORD_DATE_OF_MODIFY = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_TPS_KEY_RECORD
+ + DOT
+ + "dateOfModify";
+ private static final String
+ DRMTOOL_CFG_TPS_KEY_RECORD_DN = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_TPS_KEY_RECORD
+ + DOT
+ + "dn";
+ private static final String
+ DRMTOOL_CFG_TPS_KEY_RECORD_PRIVATE_KEY_DATA = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_TPS_KEY_RECORD
+ + DOT
+ + "privateKeyData";
+ private static final String
+ DRMTOOL_CFG_TPS_KEY_RECORD_SERIAL_NO = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_TPS_KEY_RECORD
+ + DOT
+ + "serialno";
+
+
+ // Constants: DRMTOOL Config File (DRM TPS Netkey Keygen Request Fields)
+ private static final String
+ DRMTOOL_CFG_KEYGEN_CN = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_KEYGEN
+ + DOT
+ + "cn";
+ private static final String
+ DRMTOOL_CFG_KEYGEN_DATE_OF_MODIFY = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_KEYGEN
+ + DOT
+ + "dateOfModify";
+ private static final String
+ DRMTOOL_CFG_KEYGEN_DN = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_KEYGEN
+ + DOT
+ + "dn";
+ private static final String
+ DRMTOOL_CFG_KEYGEN_EXTDATA_KEY_RECORD = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_KEYGEN
+ + DOT
+ + "extdata.keyRecord";
+ private static final String
+ DRMTOOL_CFG_KEYGEN_EXTDATA_REQUEST_ID = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_KEYGEN
+ + DOT
+ + "extdata.requestId";
+ private static final String
+ DRMTOOL_CFG_KEYGEN_EXTDATA_REQUEST_NOTES = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_KEYGEN
+ + DOT
+ + "extdata.requestNotes";
+ private static final String
+ DRMTOOL_CFG_KEYGEN_REQUEST_ID = DRMTOOL_CFG_PREFIX
+ + DOT
+ + DRMTOOL_CFG_KEYGEN
+ + DOT
+ + "requestId";
// Constants: Target Certificate Information
@@ -541,32 +917,67 @@ public class DRMTool
private static final String X509_INFO = "x509.INFO";
- // Constants: DRM LDIF Record Fields (always include trailing space)
- private static final String CN = "cn:";
- private static final String DATE_OF_MODIFY = "dateOfModify:";
- private static final String EXTDATA_KEYRECORD = "extdata-keyrecord:";
- private static final String EXTDATA_REQUESTID = "extdata-requestid:";
- private static final String EXTDATA_REQUESTNOTES = "extdata-requestnotes:";
- private static final String EXTDATA_REQUEST_TYPE = "extdata-requesttype:";
- private static final String EXTDATA_SERIALNUMBER = "extdata-serialnumber:";
- private static final String PRIVATE_KEY_DATA = "privateKeyData::";
- private static final String REQUESTID = "requestId:";
- private static final String SERIALNO = "serialno:";
+ // Constants: DRM LDIF Record Fields (always include trailing delimiters)
+ private static final String DRM_LDIF_ARCHIVED_BY = "archivedBy:";
+ private static final String DRM_LDIF_CN = "cn:";
+ private static final String DRM_LDIF_DATE_OF_MODIFY = "dateOfModify:";
+ private static final String DRM_LDIF_DN = "dn:";
+ private static final String
+ DRM_LDIF_EXTDATA_AUTH_TOKEN_USER = "extdata-auth--005ftoken;user:";
+ private static final String
+ DRM_LDIF_EXTDATA_AUTH_TOKEN_USER_DN = "extdata-auth--005ftoken;userdn:";
+ private static final String
+ DRM_LDIF_EXTDATA_KEY_RECORD = "extdata-keyrecord:";
+ private static final String
+ DRM_LDIF_EXTDATA_REQUEST_ID = "extdata-requestid:";
+ private static final String
+ DRM_LDIF_EXTDATA_REQUEST_NOTES = "extdata-requestnotes:";
+ private static final String
+ DRM_LDIF_EXTDATA_REQUEST_TYPE = "extdata-requesttype:";
+ private static final String
+ DRM_LDIF_EXTDATA_SERIAL_NUMBER = "extdata-serialnumber:";
+ private static final String DRM_LDIF_PRIVATE_KEY_DATA = "privateKeyData::";
+ private static final String DRM_LDIF_REQUEST_ID = "requestId:";
+ private static final String DRM_LDIF_REQUEST_TYPE = "requestType:";
+ private static final String DRM_LDIF_SERIAL_NO = "serialno:";
// Constants: DRM LDIF Record Values
- private static final String NETKEY_KEYGEN = "netkeyKeygen";
- private static final String RECOVERY = "recovery";
- private static final String REWRAP_MESSAGE = "REWRAPPED the existing '"
- + "DES3 symmetric session key"
- + "' with the '";
- private static final String RSA_MESSAGE = "-bit RSA public key' obtained "
- + "from the target storage "
- + "certificate";
- private static final String APPENDED_ID_OFFSET_MESSAGE = "APPENDED "
- + "ID OFFSET";
- private static final String REMOVED_ID_OFFSET_MESSAGE = "REMOVED "
- + "ID OFFSET";
+ private static final int INITIAL_LDIF_RECORD_CAPACITY = 0;
+ private static final int EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH = 56;
+ private static final int PRIVATE_KEY_DATA_FIRST_LINE_DATA_LENGTH = 60;
+ private static final String DRM_LDIF_RECORD = "Generic";
+ private static final String DRM_LDIF_CA_KEY_RECORD = "CA";
+ private static final String DRM_LDIF_ENROLLMENT = "enrollment";
+ private static final String DRM_LDIF_KEYGEN = "netkeyKeygen";
+ private static final String DRM_LDIF_RECOVERY = "recovery";
+ private static final String DRM_LDIF_TPS_KEY_RECORD = "TPS";
+
+
+ // Constants: DRM LDIF Record Messages
+ private static final String DRM_LDIF_REWRAP_MESSAGE = "REWRAPPED the '"
+ + "existing DES3 "
+ + "symmetric "
+ + "session key"
+ + "' with the '";
+ private static final String DRM_LDIF_RSA_MESSAGE = "-bit RSA public key' "
+ + "obtained from the "
+ + "target storage "
+ + "certificate";
+ private static final String DRM_LDIF_USED_PWDFILE_MESSAGE =
+ "USED source PKI security database "
+ + "password file";
+ private static final String DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE =
+ "APPENDED ID offset";
+ private static final String DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE =
+ "REMOVED ID offset";
+ private static final String DRM_LDIF_SOURCE_NAME_CONTEXT_MESSAGE =
+ "RENAMED source DRM naming context '";
+ private static final String DRM_LDIF_TARGET_NAME_CONTEXT_MESSAGE =
+ "' to target DRM naming context '";
+ private static final String
+ DRM_LDIF_PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY_MESSAGE =
+ "PROCESSED requests and key records ONLY!";
/*************/
@@ -580,15 +991,21 @@ public class DRMTool
// Variables: Command-Line Options
private static boolean mMandatoryFlag = false;
private static boolean mRewrapFlag = false;
+ private static boolean mPwdfileFlag = false;
private static boolean mAppendIdOffsetFlag = false;
private static boolean mRemoveIdOffsetFlag = false;
+ private static boolean mDrmNamingContextsFlag = false;
+ private static boolean mProcessRequestsAndKeyRecordsOnlyFlag = false;
private static int mMandatoryNameValuePairs = 0;
private static int mRewrapNameValuePairs = 0;
+ private static int mPKISecurityDatabasePwdfileNameValuePairs = 0;
private static int mAppendIdOffsetNameValuePairs = 0;
private static int mRemoveIdOffsetNameValuePairs = 0;
+ private static int mDrmNamingContextNameValuePairs = 0;
// Variables: Command-Line Values (Mandatory)
+ private static String mDrmtoolCfgFilename = null;
private static String mSourceLdifFilename = null;
private static String mTargetLdifFilename = null;
private static String mLogFilename = null;
@@ -600,12 +1017,28 @@ public class DRMTool
private static String mSourceStorageCertNickname = null;
private static String mTargetStorageCertificateFilename = null;
+ // Variables: Command-Line Values (Rewrap Password File)
+ private static String mSourcePKISecurityDatabasePwdfile = null;
// Variables: Command-Line Values (ID Offset)
private static BigInteger mAppendIdOffset = null;
private static BigInteger mRemoveIdOffset = null;
+ // Variables: Command-Line Values (DRM Naming Contexts)
+ private static String mSourceDrmNamingContext = null;
+ private static String mTargetDrmNamingContext = null;
+
+
+ // Variables: DRMTOOL Config File Parameters of Interest
+ private static Hashtable<String, Boolean> drmtoolCfg = null;
+
+
+ // Variables: DRMTOOL LDIF File Parameters of Interest
+ private static Vector<String> record = null;
+ private static Iterator<String> ldif_record = null;
+
+
// Variables: Logging
private static boolean mDebug = false; // set 'true' for debug messages
private static PrintWriter logger = null;
@@ -613,7 +1046,6 @@ public class DRMTool
// Variables: PKCS #11 Information
- private static CryptoToken mInternalToken = null;
private static CryptoToken mSourceToken = null;
private static X509Certificate mUnwrapCert = null;
private static PrivateKey mUnwrapPrivateKey = null;
@@ -621,6 +1053,12 @@ public class DRMTool
private static int mPublicKeySize = 0;
+ // Variables: DRM LDIF Record Messages
+ private static String mSourcePKISecurityDatabasePwdfileMessage = null;
+ private static String mDrmNamingContextMessage = null;
+ private static String mProcessRequestsAndKeyRecordsOnlyMessage = null;
+
+
/********************/
/* Calendar Methods */
/********************/
@@ -652,6 +1090,12 @@ public class DRMTool
+ DRM_TOOL
+ NEWLINE
+ " "
+ + DRMTOOL_CFG_FILE
+ + NEWLINE
+ + " "
+ + DRMTOOL_CFG_DESCRIPTION
+ + NEWLINE
+ + " "
+ SOURCE_LDIF_FILE
+ NEWLINE
+ " "
@@ -703,6 +1147,14 @@ public class DRMTool
+ NEWLINE
+ " "
+ "["
+ + SOURCE_NSS_DB_PWDFILE
+ + NEWLINE
+ + " "
+ + SOURCE_NSS_DB_PWDFILE_DESCRIPTION
+ + "]"
+ + NEWLINE
+ + " "
+ + "["
+ APPEND_ID_OFFSET
+ NEWLINE
+ " "
@@ -716,6 +1168,27 @@ public class DRMTool
+ " "
+ REMOVE_ID_OFFSET_DESCRIPTION
+ "]"
+ + NEWLINE
+ + " "
+ + "["
+ + SOURCE_DRM_NAMING_CONTEXT
+ + NEWLINE
+ + " "
+ + SOURCE_DRM_NAMING_CONTEXT_DESCRIPTION
+ + "]"
+ + NEWLINE
+ + " "
+ + "["
+ + TARGET_DRM_NAMING_CONTEXT
+ + NEWLINE
+ + " "
+ + TARGET_DRM_NAMING_CONTEXT_DESCRIPTION
+ + "]"
+ + NEWLINE
+ + " "
+ + "["
+ + PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY
+ + "]"
+ NEWLINE );
System.out.println( "Example of 'Rewrap and Append ID Offset':"
@@ -725,6 +1198,9 @@ public class DRMTool
+ DRM_TOOL
+ NEWLINE
+ " "
+ + DRMTOOL_CFG_FILE_EXAMPLE
+ + NEWLINE
+ + " "
+ SOURCE_LDIF_FILE_EXAMPLE
+ NEWLINE
+ " "
@@ -746,7 +1222,19 @@ public class DRMTool
+ TARGET_STORAGE_CERTIFICATE_FILE_EXAMPLE
+ NEWLINE
+ " "
+ + SOURCE_NSS_DB_PWDFILE_EXAMPLE
+ + NEWLINE
+ + " "
+ APPEND_ID_OFFSET_EXAMPLE
+ + NEWLINE
+ + " "
+ + SOURCE_DRM_NAMING_CONTEXT_EXAMPLE
+ + NEWLINE
+ + " "
+ + TARGET_DRM_NAMING_CONTEXT_EXAMPLE
+ + NEWLINE
+ + " "
+ + PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY
+ NEWLINE );
System.out.println( "Example of 'Rewrap and Remove ID Offset':"
@@ -756,6 +1244,9 @@ public class DRMTool
+ DRM_TOOL
+ NEWLINE
+ " "
+ + DRMTOOL_CFG_FILE_EXAMPLE
+ + NEWLINE
+ + " "
+ SOURCE_LDIF_FILE_EXAMPLE
+ NEWLINE
+ " "
@@ -777,7 +1268,19 @@ public class DRMTool
+ TARGET_STORAGE_CERTIFICATE_FILE_EXAMPLE
+ NEWLINE
+ " "
+ + SOURCE_NSS_DB_PWDFILE_EXAMPLE
+ + NEWLINE
+ + " "
+ REMOVE_ID_OFFSET_EXAMPLE
+ + NEWLINE
+ + " "
+ + SOURCE_DRM_NAMING_CONTEXT_EXAMPLE
+ + NEWLINE
+ + " "
+ + TARGET_DRM_NAMING_CONTEXT_EXAMPLE
+ + NEWLINE
+ + " "
+ + PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY
+ NEWLINE );
System.out.println( "Example of 'Rewrap':"
@@ -787,6 +1290,9 @@ public class DRMTool
+ DRM_TOOL
+ NEWLINE
+ " "
+ + DRMTOOL_CFG_FILE_EXAMPLE
+ + NEWLINE
+ + " "
+ SOURCE_LDIF_FILE_EXAMPLE
+ NEWLINE
+ " "
@@ -806,6 +1312,18 @@ public class DRMTool
+ NEWLINE
+ " "
+ TARGET_STORAGE_CERTIFICATE_FILE_EXAMPLE
+ + NEWLINE
+ + " "
+ + SOURCE_NSS_DB_PWDFILE_EXAMPLE
+ + NEWLINE
+ + " "
+ + SOURCE_DRM_NAMING_CONTEXT_EXAMPLE
+ + NEWLINE
+ + " "
+ + TARGET_DRM_NAMING_CONTEXT_EXAMPLE
+ + NEWLINE
+ + " "
+ + PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY
+ NEWLINE );
System.out.println( "Example of 'Append ID Offset':"
@@ -815,6 +1333,9 @@ public class DRMTool
+ DRM_TOOL
+ NEWLINE
+ " "
+ + DRMTOOL_CFG_FILE_EXAMPLE
+ + NEWLINE
+ + " "
+ SOURCE_LDIF_FILE_EXAMPLE
+ NEWLINE
+ " "
@@ -825,6 +1346,15 @@ public class DRMTool
+ NEWLINE
+ " "
+ APPEND_ID_OFFSET_EXAMPLE
+ + NEWLINE
+ + " "
+ + SOURCE_DRM_NAMING_CONTEXT_EXAMPLE
+ + NEWLINE
+ + " "
+ + TARGET_DRM_NAMING_CONTEXT_EXAMPLE
+ + NEWLINE
+ + " "
+ + PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY
+ NEWLINE );
System.out.println( "Example of 'Remove ID Offset':"
@@ -834,6 +1364,9 @@ public class DRMTool
+ DRM_TOOL
+ NEWLINE
+ " "
+ + DRMTOOL_CFG_FILE_EXAMPLE
+ + NEWLINE
+ + " "
+ SOURCE_LDIF_FILE_EXAMPLE
+ NEWLINE
+ " "
@@ -844,6 +1377,15 @@ public class DRMTool
+ NEWLINE
+ " "
+ REMOVE_ID_OFFSET_EXAMPLE
+ + NEWLINE
+ + " "
+ + SOURCE_DRM_NAMING_CONTEXT_EXAMPLE
+ + NEWLINE
+ + " "
+ + TARGET_DRM_NAMING_CONTEXT_EXAMPLE
+ + NEWLINE
+ + " "
+ + PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY
+ NEWLINE );
}
@@ -867,7 +1409,7 @@ public class DRMTool
System.err.println( "ERROR: Unable to open file '"
+ logfile
+ "' for writing: '"
- + eFile
+ + eFile.toString()
+ "'"
+ NEWLINE );
System.exit( 0 );
@@ -963,7 +1505,7 @@ public class DRMTool
} catch( TokenException exToken ) {
log( "ERROR: Getting private key - "
+ "TokenException: '"
- + exToken
+ + exToken.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
@@ -1008,7 +1550,7 @@ public class DRMTool
+ "certificate file named '"
+ mTargetStorageCertificateFilename
+ "' exists! FileNotFoundException: '"
- + exWrapFileNotFound
+ + exWrapFileNotFound.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
@@ -1030,7 +1572,7 @@ public class DRMTool
+ "encoded error encountered while reading '"
+ mTargetStorageCertificateFilename
+ "'! IOException: '"
- + exWrapReadLineIO
+ + exWrapReadLineIO.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
@@ -1044,7 +1586,7 @@ public class DRMTool
+ "encoded error encountered in closing '"
+ mTargetStorageCertificateFilename
+ "'! IOException: '"
- + exWrapCloseIO
+ + exWrapCloseIO.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
@@ -1072,7 +1614,7 @@ public class DRMTool
+ "in parsing certificate in '"
+ mTargetStorageCertificateFilename
+ "' CertificateException: '"
- + exWrapCertificate
+ + exWrapCertificate.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
@@ -1095,7 +1637,7 @@ public class DRMTool
} catch( InvalidKeyException exInvalidKey ) {
log( "ERROR: Converting X.509 public key --> RSA public key - "
+ "InvalidKeyException: '"
- + exInvalidKey
+ + exInvalidKey.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
@@ -1131,7 +1673,7 @@ public class DRMTool
log( "ERROR: source_pki_security_database_path='"
+ mSourcePKISecurityDatabasePath
+ "' KeyDatabaseException: '"
- + exKey
+ + exKey.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
@@ -1139,7 +1681,7 @@ public class DRMTool
log( "ERROR: source_pki_security_database_path='"
+ mSourcePKISecurityDatabasePath
+ "' CertDatabaseException: '"
- + exCert
+ + exCert.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
@@ -1147,7 +1689,7 @@ public class DRMTool
log( "ERROR: source_pki_security_database_path='"
+ mSourcePKISecurityDatabasePath
+ "' AlreadyInitializedException: '"
- + exAlreadyInitialized
+ + exAlreadyInitialized.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
@@ -1155,46 +1697,61 @@ public class DRMTool
log( "ERROR: source_pki_security_database_path='"
+ mSourcePKISecurityDatabasePath
+ "' GeneralSecurityException: '"
- + exSecurity
+ + exSecurity.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
}
- // Retrieve the internal token from the source database
+ // Retrieve the source storage token by its name
try {
- log( "Retrieving internal token from CryptoManager."
+ log( "Retrieving token from CryptoManager."
+ NEWLINE, true );
cm = CryptoManager.getInstance();
- mInternalToken = cm.getInternalKeyStorageToken();
- if( mInternalToken == null ) {
- return FAILURE;
- }
- } catch( Exception exUninitialized ) {
- log( "ERROR: Uninitialized CryptoManager - '"
- + exUninitialized
- + "'"
- + NEWLINE, true );
- System.exit( 0 );
- }
-
- // Retrieve the source storage token by its name
- try {
log( "Retrieving source storage token called '"
+ mSourceStorageTokenName
+ "'."
+ NEWLINE, true );
- mSourceToken = cm.getTokenByName( mSourceStorageTokenName );
+ if( mSourceStorageTokenName.equals( INTERNAL_TOKEN ) ) {
+ mSourceToken = cm.getInternalKeyStorageToken();
+ } else {
+ mSourceToken = cm.getTokenByName( mSourceStorageTokenName );
+ }
+
if( mSourceToken == null ) {
return FAILURE;
}
- } catch( NoSuchTokenException exToken ) {
- log( "ERROR: No source storage token named '"
- + mSourceStorageTokenName
- + "' exists! NoSuchTokenException: '"
- + exToken
+
+ if( mPwdfileFlag ) {
+ BufferedReader in = null;
+ String pwd = null;
+ Password mPwd = null;
+
+ try {
+ in = new BufferedReader(
+ new FileReader(
+ mSourcePKISecurityDatabasePwdfile ) );
+ pwd = in.readLine();
+
+ mPwd = new Password( pwd.toCharArray() );
+
+ mSourceToken.login( mPwd );
+ } catch( Exception exReadPwd ) {
+ log( "ERROR: Failed to read the keydb password from "
+ + "the file '"
+ + mSourcePKISecurityDatabasePwdfile
+ + "'. Exception: '"
+ + exReadPwd.toString()
+ + "'"
+ + NEWLINE, true );
+ System.exit( 0 );
+ }
+ }
+ } catch( Exception exUninitialized ) {
+ log( "ERROR: Uninitialized CryptoManager - '"
+ + exUninitialized.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
@@ -1232,7 +1789,7 @@ public class DRMTool
+ "source storage cert named '"
+ mSourceStorageCertNickname
+ "' exists! ObjectNotFoundException: '"
- + exUnwrapObjectNotFound
+ + exUnwrapObjectNotFound.toString()
+ "'"
+ NEWLINE, true );
} else {
@@ -1253,7 +1810,7 @@ public class DRMTool
+ "source storage cert named '"
+ mSourceStorageCertNickname
+ "' exists! TokenException: '"
- + exUnwrapToken
+ + exUnwrapToken.toString()
+ "'"
+ NEWLINE, true );
} else {
@@ -1317,7 +1874,7 @@ public class DRMTool
+ "public key from target storage certificate stored in '"
+ mTargetStorageCertificateFilename
+ "' InvalidKeyFormatException '"
- + exInvalidPublicKey
+ + exInvalidPublicKey.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
@@ -1394,42 +1951,42 @@ public class DRMTool
} catch( IOException exUnwrapIO ) {
log( "ERROR: Unwrapping key data - "
+ "IOException: '"
- + exUnwrapIO
+ + exUnwrapIO.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( NoSuchAlgorithmException exUnwrapAlgorithm ) {
log( "ERROR: Unwrapping key data - "
+ "NoSuchAlgorithmException: '"
- + exUnwrapAlgorithm
+ + exUnwrapAlgorithm.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( TokenException exUnwrapToken ) {
log( "ERROR: Unwrapping key data - "
+ "TokenException: '"
- + exUnwrapToken
+ + exUnwrapToken.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( InvalidKeyException exUnwrapInvalidKey ) {
log( "ERROR: Unwrapping key data - "
+ "InvalidKeyException: '"
- + exUnwrapInvalidKey
+ + exUnwrapInvalidKey.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( InvalidAlgorithmParameterException exUnwrapInvalidAlgorithm ) {
log( "ERROR: Unwrapping key data - "
+ "InvalidAlgorithmParameterException: '"
- + exUnwrapInvalidAlgorithm
+ + exUnwrapInvalidAlgorithm.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( IllegalStateException exUnwrapState ) {
log( "ERROR: Unwrapping key data - "
+ "InvalidStateException: '"
- + exUnwrapState
+ + exUnwrapState.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
@@ -1439,8 +1996,8 @@ public class DRMTool
// mStorageUnit.encryptInternalPrivate( byte priKey[] )
// throws EBaseException
try {
- // Use "mInternalToken" to get "KeyWrapAlgorithm.RSA"
- target_rsaWrap = mInternalToken.getKeyWrapper(
+ // Use "mSourceToken" to get "KeyWrapAlgorithm.RSA"
+ target_rsaWrap = mSourceToken.getKeyWrapper(
KeyWrapAlgorithm.RSA );
target_rsaWrap.initWrap( mWrapPublicKey, null );
target_session = target_rsaWrap.wrap( sk );
@@ -1456,42 +2013,42 @@ public class DRMTool
} catch( NoSuchAlgorithmException exWrapAlgorithm ) {
log( "ERROR: Wrapping key data - "
+ "NoSuchAlgorithmException: '"
- + exWrapAlgorithm
+ + exWrapAlgorithm.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( TokenException exWrapToken ) {
log( "ERROR: Wrapping key data - "
+ "TokenException: '"
- + exWrapToken
+ + exWrapToken.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( InvalidKeyException exWrapInvalidKey ) {
log( "ERROR: Wrapping key data - "
+ "InvalidKeyException: '"
- + exWrapInvalidKey
+ + exWrapInvalidKey.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( InvalidAlgorithmParameterException exWrapInvalidAlgorithm ) {
log( "ERROR: Wrapping key data - "
+ "InvalidAlgorithmParameterException: '"
- + exWrapInvalidAlgorithm
+ + exWrapInvalidAlgorithm.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( IllegalStateException exWrapState ) {
log( "ERROR: Wrapping key data - "
+ "InvalidStateException: '"
- + exWrapState
+ + exWrapState.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( IOException exWrapIO ) {
log( "ERROR: Wrapping key data - "
+ "IOException: '"
- + exWrapIO
+ + exWrapIO.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
@@ -1506,8 +2063,8 @@ public class DRMTool
* from the passed in string.
* <P>
*
- * @param data consisting of an ASCII BASE 64 string containing EOLs
- * @return a string consisting of an ASCII BASE 64 string with no EOLs
+ * @param data consisting of a string containing EOLs
+ * @return a string consisting of a string with no EOLs
*/
private static String stripEOL( String data ) {
StringBuffer buffer = new StringBuffer();
@@ -1527,21 +2084,22 @@ public class DRMTool
/**
- * Helper method used to format the unformatted string containing an
- * ASCII BASE 64 string into an ASCII BASE 64 string suitable as an
- * entry for an LDIF file.
+ * Helper method used to format a string containing unformatted data
+ * into a string containing formatted data suitable as an entry for
+ * an LDIF file.
* <P>
*
- * @param an unformatted string containing an ASCII BASE 64 string
- * @return formatted data consisting of an ASCII BASE 64 string
+ * @param length the length of the first line of data
+ * @param data a string containing unformatted data
+ * @return formatted data consisting of data formatted for an LDIF record
* suitable for an LDIF file
*/
- private static String format_ldif_data( String data ) {
+ private static String format_ldif_data( int length, String data ) {
String revised_data = "";
- if( data.length() > 60 ) {
+ if( data.length() > length ) {
// process first line
- for( int i = 0; i < 60; i++ ) {
+ for( int i = 0; i < length; i++ ) {
revised_data += data.charAt( i );
}
@@ -1550,7 +2108,7 @@ public class DRMTool
// process remaining lines
int j = 0;
- for( int i = 60; i < data.length(); i++ ) {
+ for( int i = length; i < data.length(); i++ ) {
if( j == 0 ) {
revised_data += ' ';
}
@@ -1649,12 +2207,12 @@ public class DRMTool
* An "attribute" consists of one of the following values:
*
* <PRE>
- * CN = "cn:";
- * EXTDATA_KEYRECORD = "extdata-keyrecord:";
- * EXTDATA_REQUESTID = "extdata-requestid:";
- * EXTDATA_SERIALNUMBER = "extdata-serialnumber:";
- * REQUESTID = "requestId:";
- * SERIALNO = "serialno:";
+ * DRM_LDIF_CN = "cn:";
+ * DRM_LDIF_EXTDATA_KEY_RECORD = "extdata-keyrecord:";
+ * DRM_LDIF_EXTDATA_REQUEST_ID = "extdata-requestid:";
+ * DRM_LDIF_EXTDATA_SERIAL_NUMBER = "extdata-serialnumber:";
+ * DRM_LDIF_REQUEST_ID = "requestId:";
+ * DRM_LDIF_SERIAL_NO = "serialno:";
*
*
* NOTE: Indexed data means that the numeric data
@@ -1781,7 +2339,7 @@ public class DRMTool
log( "ERROR: source_line='"
+ source_line
+ "' IndexOutOfBoundsException: '"
- + exBounds
+ + exBounds.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
@@ -1789,7 +2347,7 @@ public class DRMTool
log( "ERROR: data='"
+ data
+ "' PatternSyntaxException: '"
- + exPattern
+ + exPattern.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
@@ -1804,210 +2362,1362 @@ public class DRMTool
/***********************/
/**
- * This method performs the actual parsing of the "source" LDIF file
- * and produces the "target" LDIF file.
+ * Helper method which composes the output line for DRM_LDIF_CN.
* <P>
*
- * @return true if the "target" LDIF file is successfully created
+ * @param record_type the string representation of the input record type
+ * @param line the string representation of the input line
+ * @return the composed output line
*/
- private static boolean convert_source_ldif_to_target_ldif() {
- boolean success = false;
- BufferedReader reader = null;
- PrintWriter writer = null;
- String line = null;
- String previous_line = null;
- String revised_line = null;
+ private static String output_cn( String record_type,
+ String line ) {
+ String output = null;
+
+ if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_ENROLLMENT_CN ) ) {
+ output = compose_numeric_line( DRM_LDIF_CN,
+ line,
+ false );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_CA_KEY_RECORD ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_CA_KEY_RECORD_CN ) ) {
+ output = compose_numeric_line( DRM_LDIF_CN,
+ line,
+ false );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_CN ) ) {
+ output = compose_numeric_line( DRM_LDIF_CN,
+ line,
+ false );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_TPS_KEY_RECORD ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_TPS_KEY_RECORD_CN ) ) {
+ output = compose_numeric_line( DRM_LDIF_CN,
+ line,
+ false );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_CN ) ) {
+ output = compose_numeric_line( DRM_LDIF_CN,
+ line,
+ false );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_RECORD ) ) {
+ // Non-Request / Non-Key Record:
+ // Pass through the original
+ // 'cn' line UNCHANGED
+ // so that it is ALWAYS written
+ output = line;
+ } else {
+ log( "ERROR: Mismatched record field='"
+ + DRM_LDIF_CN
+ + "' for record type='"
+ + record_type
+ + "'!"
+ + NEWLINE, true );
+ }
+
+ return output;
+ }
+
+
+ /**
+ * Helper method which composes the output line for DRM_LDIF_DATE_OF_MODIFY.
+ * <P>
+ *
+ * @param record_type the string representation of the input record type
+ * @param line the string representation of the input line
+ * @return the composed output line
+ */
+ private static String output_date_of_modify( String record_type,
+ String line ) {
+ String output = null;
+
+ if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_ENROLLMENT_DATE_OF_MODIFY ) ) {
+ output = DRM_LDIF_DATE_OF_MODIFY
+ + SPACE
+ + mDateOfModify;
+
+ log( "Changed '"
+ + line
+ + "' to '"
+ + output
+ + "'."
+ + NEWLINE, false );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_CA_KEY_RECORD ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_CA_KEY_RECORD_DATE_OF_MODIFY ) ) {
+ output = DRM_LDIF_DATE_OF_MODIFY
+ + SPACE
+ + mDateOfModify;
+
+ log( "Changed '"
+ + line
+ + "' to '"
+ + output
+ + "'."
+ + NEWLINE, false );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_DATE_OF_MODIFY ) ) {
+ output = DRM_LDIF_DATE_OF_MODIFY
+ + SPACE
+ + mDateOfModify;
+
+ log( "Changed '"
+ + line
+ + "' to '"
+ + output
+ + "'."
+ + NEWLINE, false );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_TPS_KEY_RECORD ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_TPS_KEY_RECORD_DATE_OF_MODIFY ) ) {
+ output = DRM_LDIF_DATE_OF_MODIFY
+ + SPACE
+ + mDateOfModify;
+
+ log( "Changed '"
+ + line
+ + "' to '"
+ + output
+ + "'."
+ + NEWLINE, false );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_DATE_OF_MODIFY ) ) {
+ output = DRM_LDIF_DATE_OF_MODIFY
+ + SPACE
+ + mDateOfModify;
+
+ log( "Changed '"
+ + line
+ + "' to '"
+ + output
+ + "'."
+ + NEWLINE, false );
+ } else {
+ output = line;
+ }
+ } else {
+ log( "ERROR: Mismatched record field='"
+ + DRM_LDIF_DATE_OF_MODIFY
+ + "' for record type='"
+ + record_type
+ + "'!"
+ + NEWLINE, true );
+ }
+
+ return output;
+ }
+
+
+ /**
+ * Helper method which composes the output line for DRM_LDIF_DN.
+ * <P>
+ *
+ * @param record_type the string representation of the input record type
+ * @param line the string representation of the input line
+ * @return the composed output line
+ */
+ private static String output_dn( String record_type,
+ String line ) {
+ String data = null;
+ String output = null;
+
+ try {
+ if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_ENROLLMENT_DN ) ) {
+ // Since "-source_drm_naming_context", and
+ // "-target_drm_naming_context" are OPTIONAL
+ // parameters, ONLY process this field if both of
+ // these options have been selected
+ if( mDrmNamingContextsFlag ) {
+ output = line.replace( mSourceDrmNamingContext,
+ mTargetDrmNamingContext );
+ } else {
+ output = line;
+ }
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_CA_KEY_RECORD ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_CA_KEY_RECORD_DN ) ) {
+ // Since "-source_drm_naming_context", and
+ // "-target_drm_naming_context" are OPTIONAL
+ // parameters, ONLY process this field if both of
+ // these options have been selected
+ if( mDrmNamingContextsFlag ) {
+ output = line.replace( mSourceDrmNamingContext,
+ mTargetDrmNamingContext );
+ } else {
+ output = line;
+ }
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_DN ) ) {
+ // Since "-source_drm_naming_context", and
+ // "-target_drm_naming_context" are OPTIONAL
+ // parameters, ONLY process this field if both of
+ // these options have been selected
+ if( mDrmNamingContextsFlag ) {
+ output = line.replace( mSourceDrmNamingContext,
+ mTargetDrmNamingContext );
+ } else {
+ output = line;
+ }
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_TPS_KEY_RECORD ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_TPS_KEY_RECORD_DN ) ) {
+ // Since "-source_drm_naming_context", and
+ // "-target_drm_naming_context" are OPTIONAL
+ // parameters, ONLY process this field if both of
+ // these options have been selected
+ if( mDrmNamingContextsFlag ) {
+ output = line.replace( mSourceDrmNamingContext,
+ mTargetDrmNamingContext );
+ } else {
+ output = line;
+ }
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_DN ) ) {
+ // Since "-source_drm_naming_context", and
+ // "-target_drm_naming_context" are OPTIONAL
+ // parameters, ONLY process this field if both of
+ // these options have been selected
+ if( mDrmNamingContextsFlag ) {
+ output = line.replace( mSourceDrmNamingContext,
+ mTargetDrmNamingContext );
+ } else {
+ output = line;
+ }
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_RECORD ) ) {
+ // Non-Request / Non-Key Record:
+ // Pass through the original
+ // 'dn' line UNCHANGED
+ // so that it is ALWAYS written
+ output = line;
+ } else {
+ log( "ERROR: Mismatched record field='"
+ + DRM_LDIF_DN
+ + "' for record type='"
+ + record_type
+ + "'!"
+ + NEWLINE, true );
+ }
+ } catch( NullPointerException exNullPointerException ) {
+ log( "ERROR: Unable to replace source DRM naming context '"
+ + mSourceDrmNamingContext
+ + "' with target DRM naming context '"
+ + mTargetDrmNamingContext
+ + "' NullPointerException: '"
+ + exNullPointerException.toString()
+ + "'"
+ + NEWLINE, true );
+ }
+
+ return output;
+ }
+
+
+ /**
+ * Helper method which composes the output line for
+ * DRM_LDIF_EXTDATA_KEY_RECORD.
+ * <P>
+ *
+ * @param record_type the string representation of the input record type
+ * @param line the string representation of the input line
+ * @return the composed output line
+ */
+ private static String output_extdata_key_record( String record_type,
+ String line ) {
+ String output = null;
+
+ if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_ENROLLMENT_EXTDATA_KEY_RECORD ) ) {
+ output = compose_numeric_line( DRM_LDIF_EXTDATA_KEY_RECORD,
+ line,
+ false );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_EXTDATA_KEY_RECORD ) ) {
+ output = compose_numeric_line( DRM_LDIF_EXTDATA_KEY_RECORD,
+ line,
+ false );
+ } else {
+ output = line;
+ }
+ } else {
+ log( "ERROR: Mismatched record field='"
+ + DRM_LDIF_EXTDATA_KEY_RECORD
+ + "' for record type='"
+ + record_type
+ + "'!"
+ + NEWLINE, true );
+ }
+
+ return output;
+ }
+
+
+ /**
+ * Helper method which composes the output line for
+ * DRM_LDIF_EXTDATA_REQUEST_ID.
+ * <P>
+ *
+ * @param record_type the string representation of the input record type
+ * @param line the string representation of the input line
+ * @return the composed output line
+ */
+ private static String output_extdata_request_id( String record_type,
+ String line ) {
+ String output = null;
+
+ if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
+ // ALWAYS pass-through "extdata-requestId" for
+ // DRM_LDIF_ENROLLMENT records UNCHANGED because the
+ // value in this field is associated with the issuing CA!
+ output = line;
+ } else if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_EXTDATA_REQUEST_ID ) ) {
+ output = compose_numeric_line( DRM_LDIF_EXTDATA_REQUEST_ID,
+ line,
+ false );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_EXTDATA_REQUEST_ID ) ) {
+ output = compose_numeric_line( DRM_LDIF_EXTDATA_REQUEST_ID,
+ line,
+ false );
+ } else {
+ output = line;
+ }
+ } else {
+ log( "ERROR: Mismatched record field='"
+ + DRM_LDIF_EXTDATA_REQUEST_ID
+ + "' for record type='"
+ + record_type
+ + "'!"
+ + NEWLINE, true );
+ }
+
+ return output;
+ }
+
+
+ /**
+ * Helper method which composes the output line for
+ * DRM_LDIF_EXTDATA_REQUEST_NOTES.
+ * <P>
+ *
+ * @param record_type the string representation of the input record type
+ * @param line the string representation of the input line
+ * @return the composed output line
+ */
+ private static String output_extdata_request_notes( String record_type,
+ String line ) {
+ String input = null;
String data = null;
- String revised_data = null;
String unformatted_data = null;
- String formatted_data = null;
- byte source_wrappedKeyData[] = null;
- byte target_wrappedKeyData[] = null;
+ String output = null;
+ String next_line = null;
+
+ // extract the data
+ input = line.substring(
+ DRM_LDIF_EXTDATA_REQUEST_NOTES.length() + 1
+ ).trim();
+
+ while( ( line = ldif_record.next() ) != null ) {
+ if( line.startsWith( SPACE ) ) {
+ // Do NOT use "trim()";
+ // remove single leading space and
+ // trailing carriage returns and newlines ONLY!
+ input += line.replaceFirst(" ","").replace('\r','\0').replace('\n','\0');
+ } else {
+ next_line = line;
+ break;
+ }
+ }
- if( mRewrapFlag ) {
- success = obtain_RSA_rewrapping_keys();
- if( !success ) {
- return FAILURE;
+ if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
+ if(drmtoolCfg.get( DRMTOOL_CFG_ENROLLMENT_EXTDATA_REQUEST_NOTES )) {
+ // write out a revised 'extdata-requestnotes' line
+ if( mRewrapFlag && mAppendIdOffsetFlag ) {
+ data = input
+ + SPACE
+ + LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REWRAP_MESSAGE
+ + mPublicKeySize
+ + DRM_LDIF_RSA_MESSAGE
+ + mSourcePKISecurityDatabasePwdfileMessage
+ + SPACE
+ + PLUS + SPACE
+ + DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mAppendIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mRewrapFlag && mRemoveIdOffsetFlag ) {
+ data = input
+ + SPACE
+ + LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REWRAP_MESSAGE
+ + mPublicKeySize
+ + DRM_LDIF_RSA_MESSAGE
+ + mSourcePKISecurityDatabasePwdfileMessage
+ + SPACE
+ + PLUS + SPACE
+ + DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mRemoveIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mRewrapFlag ) {
+ data = input
+ + SPACE
+ + LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REWRAP_MESSAGE
+ + mPublicKeySize
+ + DRM_LDIF_RSA_MESSAGE
+ + mSourcePKISecurityDatabasePwdfileMessage
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mAppendIdOffsetFlag ) {
+ data = input
+ + SPACE
+ + LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mAppendIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mRemoveIdOffsetFlag ) {
+ data = input
+ + SPACE
+ + LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mRemoveIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ }
+
+ // log this information
+ log( "Changed:"
+ + NEWLINE
+ + TIC
+ + DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ input )
+ + TIC
+ + NEWLINE
+ + "--->"
+ + NEWLINE
+ + TIC
+ + output
+ + TIC
+ + NEWLINE, false );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_EXTDATA_REQUEST_NOTES ) ) {
+ // write out a revised 'extdata-requestnotes' line
+ if( mRewrapFlag && mAppendIdOffsetFlag ) {
+ data = input
+ + SPACE
+ + LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REWRAP_MESSAGE
+ + mPublicKeySize
+ + DRM_LDIF_RSA_MESSAGE
+ + mSourcePKISecurityDatabasePwdfileMessage
+ + SPACE
+ + PLUS + SPACE
+ + DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mAppendIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mRewrapFlag && mRemoveIdOffsetFlag ) {
+ data = input
+ + SPACE
+ + LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REWRAP_MESSAGE
+ + mPublicKeySize
+ + DRM_LDIF_RSA_MESSAGE
+ + mSourcePKISecurityDatabasePwdfileMessage
+ + SPACE
+ + PLUS + SPACE
+ + DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mRemoveIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mRewrapFlag ) {
+ data = input
+ + SPACE
+ + LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REWRAP_MESSAGE
+ + mPublicKeySize
+ + DRM_LDIF_RSA_MESSAGE
+ + mSourcePKISecurityDatabasePwdfileMessage
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mAppendIdOffsetFlag ) {
+ data = input
+ + SPACE
+ + LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mAppendIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mRemoveIdOffsetFlag ) {
+ data = input
+ + SPACE
+ + LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mRemoveIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ }
+
+ // log this information
+ log( "Changed:"
+ + NEWLINE
+ + TIC
+ + DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ input )
+ + TIC
+ + NEWLINE
+ + "--->"
+ + NEWLINE
+ + TIC
+ + output
+ + TIC
+ + NEWLINE, false );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_EXTDATA_REQUEST_NOTES ) ) {
+ // write out a revised 'extdata-requestnotes' line
+ if( mRewrapFlag && mAppendIdOffsetFlag ) {
+ data = input
+ + SPACE
+ + LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REWRAP_MESSAGE
+ + mPublicKeySize
+ + DRM_LDIF_RSA_MESSAGE
+ + mSourcePKISecurityDatabasePwdfileMessage
+ + SPACE
+ + PLUS + SPACE
+ + DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mAppendIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mRewrapFlag && mRemoveIdOffsetFlag ) {
+ data = input
+ + SPACE
+ + LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REWRAP_MESSAGE
+ + mPublicKeySize
+ + DRM_LDIF_RSA_MESSAGE
+ + mSourcePKISecurityDatabasePwdfileMessage
+ + SPACE
+ + PLUS + SPACE
+ + DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mRemoveIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mRewrapFlag ) {
+ data = input
+ + SPACE
+ + LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REWRAP_MESSAGE
+ + mPublicKeySize
+ + DRM_LDIF_RSA_MESSAGE
+ + mSourcePKISecurityDatabasePwdfileMessage
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mAppendIdOffsetFlag ) {
+ data = input
+ + SPACE
+ + LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mAppendIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mRemoveIdOffsetFlag ) {
+ data = input
+ + SPACE
+ + LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mRemoveIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ }
+
+ // log this information
+ log( "Changed:"
+ + NEWLINE
+ + TIC
+ + DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ input )
+ + TIC
+ + NEWLINE
+ + "--->"
+ + NEWLINE
+ + TIC
+ + output
+ + TIC
+ + NEWLINE, false );
+ } else {
+ output = line;
}
+ } else {
+ log( "ERROR: Mismatched record field='"
+ + DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + "' for record type='"
+ + record_type
+ + "'!"
+ + NEWLINE, true );
}
- // Process each line in the source LDIF file
- // and store it in the target LDIF file
- try {
- // Open source LDIF file for reading
- reader = new BufferedReader(
- new FileReader( mSourceLdifFilename ) );
+ if( output != null ) {
+ output += NEWLINE + next_line;
+ }
- // Open target LDIF file for writing
- writer = new PrintWriter(
- new BufferedWriter(
- new FileWriter( mTargetLdifFilename ) ) );
+ return output;
+ }
- System.out.print( "PROCESSING: " );
- while( ( line = reader.readLine() ) != null ) {
- if( line.startsWith( CN ) ) {
- revised_line = compose_numeric_line( CN,
- line,
- false );
- } else if( line.startsWith( DATE_OF_MODIFY ) ) {
- // write out a new 'dateOfModify' line
- revised_line = DATE_OF_MODIFY + SPACE + mDateOfModify;
+
+ /**
+ * Helper method which composes the output line for
+ * DRM_LDIF_EXTDATA_REQUEST_NOTES.
+ * <P>
+ *
+ * @param record_type the string representation of the input record type
+ * @param previous_line the string representation of the previous input line
+ * @param writer the PrintWriter used to output this new LDIF line
+ * @return the composed output line
+ */
+ private static void create_extdata_request_notes( String record_type,
+ String previous_line,
+ PrintWriter writer ) {
+ String data = null;
+ String unformatted_data = null;
+ String output = null;
+
+ if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_EXTDATA_REQUEST_NOTES ) ) {
+ if(!previous_line.startsWith( DRM_LDIF_EXTDATA_REQUEST_NOTES)) {
+ // write out the missing 'extdata-requestnotes' line
+ if( mRewrapFlag && mAppendIdOffsetFlag ) {
+ data = LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REWRAP_MESSAGE
+ + mPublicKeySize
+ + DRM_LDIF_RSA_MESSAGE
+ + mSourcePKISecurityDatabasePwdfileMessage
+ + SPACE
+ + PLUS + SPACE
+ + DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mAppendIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mRewrapFlag && mRemoveIdOffsetFlag ) {
+ data = LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REWRAP_MESSAGE
+ + mPublicKeySize
+ + DRM_LDIF_RSA_MESSAGE
+ + mSourcePKISecurityDatabasePwdfileMessage
+ + SPACE
+ + PLUS + SPACE
+ + DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mRemoveIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mRewrapFlag ) {
+ data = LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REWRAP_MESSAGE
+ + mPublicKeySize
+ + DRM_LDIF_RSA_MESSAGE
+ + mSourcePKISecurityDatabasePwdfileMessage
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mAppendIdOffsetFlag ) {
+ data = LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mAppendIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ } else if( mRemoveIdOffsetFlag ) {
+ data = LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mRemoveIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+ }
// log this information
- log( "Changed '"
- + line
- + "' to '"
- + revised_line
- + "'."
+ log( "Created:"
+ + NEWLINE
+ + TIC
+ + output
+ + TIC
+ NEWLINE, false );
- } else if( line.startsWith( EXTDATA_KEYRECORD ) ) {
- revised_line = compose_numeric_line( EXTDATA_KEYRECORD,
- line,
- false );
- } else if( line.startsWith( EXTDATA_REQUESTID ) ) {
- revised_line = compose_numeric_line( EXTDATA_REQUESTID,
- line,
- false );
- } else if( line.startsWith( EXTDATA_REQUESTNOTES ) ) {
- // write out a revised 'extdata-requestnotes' line
+
+ // Write out this revised line
+ // and flush the buffer
+ writer.write( output + NEWLINE );
+ writer.flush();
+ System.out.print( "." );
+ }
+ }
+ } else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_EXTDATA_REQUEST_NOTES ) ) {
+ if(!previous_line.startsWith( DRM_LDIF_EXTDATA_REQUEST_NOTES)) {
+ // write out the missing 'extdata-requestnotes' line
if( mRewrapFlag && mAppendIdOffsetFlag ) {
- revised_line = line + SPACE
- + LEFT_BRACE
- + mDateOfModify
- + RIGHT_BRACE
- + COLON + COLON + SPACE
- + REWRAP_MESSAGE
- + mPublicKeySize
- + RSA_MESSAGE + SPACE
- + PLUS + SPACE
- + APPENDED_ID_OFFSET_MESSAGE + SPACE
- + TIC + mAppendIdOffset.toString() + TIC;
+ data = LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REWRAP_MESSAGE
+ + mPublicKeySize
+ + DRM_LDIF_RSA_MESSAGE
+ + mSourcePKISecurityDatabasePwdfileMessage
+ + SPACE
+ + PLUS + SPACE
+ + DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mAppendIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
} else if( mRewrapFlag && mRemoveIdOffsetFlag ) {
- revised_line = line + SPACE
- + LEFT_BRACE
- + mDateOfModify
- + RIGHT_BRACE
- + COLON + COLON + SPACE
- + REWRAP_MESSAGE
- + mPublicKeySize
- + RSA_MESSAGE + SPACE
- + PLUS + SPACE
- + REMOVED_ID_OFFSET_MESSAGE + SPACE
- + TIC + mRemoveIdOffset.toString() + TIC;
+ data = LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REWRAP_MESSAGE
+ + mPublicKeySize
+ + DRM_LDIF_RSA_MESSAGE
+ + mSourcePKISecurityDatabasePwdfileMessage
+ + SPACE
+ + PLUS + SPACE
+ + DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mRemoveIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
} else if( mRewrapFlag ) {
- revised_line = line + SPACE
- + LEFT_BRACE
- + mDateOfModify
- + RIGHT_BRACE
- + COLON + COLON + SPACE
- + REWRAP_MESSAGE
- + mPublicKeySize
- + RSA_MESSAGE;
+ data = LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REWRAP_MESSAGE
+ + mPublicKeySize
+ + DRM_LDIF_RSA_MESSAGE
+ + mSourcePKISecurityDatabasePwdfileMessage
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
} else if( mAppendIdOffsetFlag ) {
- revised_line = line + SPACE
- + LEFT_BRACE
- + mDateOfModify
- + RIGHT_BRACE
- + COLON + COLON + SPACE
- + APPENDED_ID_OFFSET_MESSAGE + SPACE
- + TIC + mAppendIdOffset.toString() + TIC;
+ data = LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mAppendIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
} else if( mRemoveIdOffsetFlag ) {
- revised_line = line + SPACE
- + LEFT_BRACE
- + mDateOfModify
- + RIGHT_BRACE
- + COLON + COLON + SPACE
- + REMOVED_ID_OFFSET_MESSAGE + SPACE
- + TIC + mRemoveIdOffset.toString() + TIC;
+ data = LEFT_BRACE
+ + mDateOfModify
+ + RIGHT_BRACE
+ + COLON + SPACE
+ + DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ + SPACE
+ + TIC
+ + mRemoveIdOffset.toString()
+ + TIC
+ + mDrmNamingContextMessage
+ + mProcessRequestsAndKeyRecordsOnlyMessage;
+
+ // Unformat the data
+ unformatted_data = stripEOL( data );
+
+ // Format the unformatted_data
+ // to match the desired LDIF format
+ output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ + SPACE
+ + format_ldif_data(
+ EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
}
// log this information
- log( "Changed '"
- + line
- + "' to '"
- + revised_line
- + "'."
+ log( "Created:"
+ + NEWLINE
+ + TIC
+ + output
+ + TIC
+ NEWLINE, false );
- } else if( line.startsWith( EXTDATA_REQUEST_TYPE ) ) {
- if( ( line.contains( NETKEY_KEYGEN ) ||
- line.contains( RECOVERY ) ) &&
- !previous_line.startsWith( EXTDATA_REQUESTNOTES ) ) {
- // write out the missing 'extdata-requestnotes' line
- if( mRewrapFlag && mAppendIdOffsetFlag ) {
- revised_line = EXTDATA_REQUESTNOTES + SPACE
- + LEFT_BRACE
- + mDateOfModify
- + RIGHT_BRACE
- + COLON + COLON + SPACE
- + REWRAP_MESSAGE
- + mPublicKeySize
- + RSA_MESSAGE + SPACE
- + PLUS + SPACE
- + APPENDED_ID_OFFSET_MESSAGE + SPACE
- + TIC + mAppendIdOffset.toString()
- + TIC;
- } else if( mRewrapFlag && mRemoveIdOffsetFlag ) {
- revised_line = EXTDATA_REQUESTNOTES + SPACE
- + LEFT_BRACE
- + mDateOfModify
- + RIGHT_BRACE
- + COLON + COLON + SPACE
- + REWRAP_MESSAGE
- + mPublicKeySize
- + RSA_MESSAGE + SPACE
- + PLUS + SPACE
- + REMOVED_ID_OFFSET_MESSAGE + SPACE
- + TIC + mRemoveIdOffset.toString()
- + TIC;
- } else if( mRewrapFlag ) {
- revised_line = EXTDATA_REQUESTNOTES + SPACE
- + LEFT_BRACE
- + mDateOfModify
- + RIGHT_BRACE
- + COLON + COLON + SPACE
- + REWRAP_MESSAGE
- + mPublicKeySize
- + RSA_MESSAGE;
- } else if( mAppendIdOffsetFlag ) {
- revised_line = EXTDATA_REQUESTNOTES + SPACE
- + LEFT_BRACE
- + mDateOfModify
- + RIGHT_BRACE
- + COLON + COLON + SPACE
- + APPENDED_ID_OFFSET_MESSAGE + SPACE
- + TIC + mAppendIdOffset.toString()
- + TIC;
- } else if( mRemoveIdOffsetFlag ) {
- revised_line = EXTDATA_REQUESTNOTES + SPACE
- + LEFT_BRACE
- + mDateOfModify
- + RIGHT_BRACE
- + COLON + COLON + SPACE
- + REMOVED_ID_OFFSET_MESSAGE + SPACE
- + TIC + mRemoveIdOffset.toString()
- + TIC;
+
+ // Write out this revised line
+ // and flush the buffer
+ writer.write( output + NEWLINE );
+ writer.flush();
+ System.out.print( "." );
+ }
+ }
+ }
+ }
+
+
+ /**
+ * Helper method which composes the output line for
+ * DRM_LDIF_EXTDATA_SERIAL_NUMBER.
+ * <P>
+ *
+ * @param record_type the string representation of the input record type
+ * @param line the string representation of the input line
+ * @return the composed output line
+ */
+ private static String output_extdata_serial_number( String record_type,
+ String line ) {
+ String output = null;
+
+ if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_EXTDATA_SERIAL_NUMBER ) ) {
+ output = compose_numeric_line( DRM_LDIF_EXTDATA_SERIAL_NUMBER,
+ line,
+ false );
+ } else {
+ output = line;
+ }
+ } else {
+ log( "ERROR: Mismatched record field='"
+ + DRM_LDIF_EXTDATA_SERIAL_NUMBER
+ + "' for record type='"
+ + record_type
+ + "'!"
+ + NEWLINE, true );
+ }
+
+ return output;
+ }
+
+
+ /**
+ * Helper method which composes the output line for
+ * DRM_LDIF_PRIVATE_KEY_DATA.
+ * <P>
+ *
+ * @param record_type the string representation of the input record type
+ * @param line the string representation of the input line
+ * @return the composed output line
+ */
+ private static String output_private_key_data( String record_type,
+ String line ) {
+ byte source_wrappedKeyData[] = null;
+ byte target_wrappedKeyData[] = null;
+ String data = null;
+ String revised_data = null;
+ String unformatted_data = null;
+ String formatted_data = null;
+ String output = null;
+
+ try {
+ if( record_type.equals( DRM_LDIF_CA_KEY_RECORD ) ) {
+ if(drmtoolCfg.get(DRMTOOL_CFG_CA_KEY_RECORD_PRIVATE_KEY_DATA)) {
+ // Since "-source_pki_security_database_path",
+ // "-source_storage_token_name",
+ // "-source_storage_certificate_nickname", and
+ // "-target_storage_certificate_file" are OPTIONAL
+ // parameters, ONLY process this field if all of
+ // these options have been selected
+ if( mRewrapFlag ) {
+ // extract the data
+ data = line.substring(
+ DRM_LDIF_PRIVATE_KEY_DATA.length() + 1
+ ).trim();
+
+ while( ( line = ldif_record.next() ) != null ) {
+ if( line.startsWith( SPACE ) ) {
+ data += line.trim();
+ } else {
+ break;
+ }
}
+ // Decode the ASCII BASE 64 certificate
+ // enclosed in the String() object
+ // into a BINARY BASE 64 byte[] object
+ source_wrappedKeyData =
+ com.netscape.osutil.OSUtil.AtoB( data );
+
+ // rewrap the source wrapped private key data
+ target_wrappedKeyData = rewrap_wrapped_key_data(
+ source_wrappedKeyData );
+
+ // Encode the BINARY BASE 64 byte[] object
+ // into an ASCII BASE 64 certificate
+ // enclosed in a String() object
+ revised_data = com.netscape.osutil.OSUtil.BtoA(
+ target_wrappedKeyData );
+
+ // Unformat the ASCII BASE 64 certificate
+ // for the log file
+ unformatted_data = stripEOL( revised_data );
+
+ // Format the ASCII BASE 64 certificate
+ // to match the desired LDIF format
+ formatted_data = format_ldif_data(
+ PRIVATE_KEY_DATA_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
+
+ // construct a revised 'privateKeyData' line
+ output = DRM_LDIF_PRIVATE_KEY_DATA
+ + SPACE
+ + formatted_data
+ + NEWLINE
+ + line;
+
// log this information
- log( "Created '"
- + revised_line
- + "'."
+ log( "Changed 'privateKeyData' from:"
+ + NEWLINE
+ + TIC
+ + data
+ + TIC
+ + NEWLINE
+ + " to:"
+ + NEWLINE
+ + TIC
+ + unformatted_data
+ + TIC
+ NEWLINE, false );
-
- // Write out this revised line and flush the buffer
- writer.write( revised_line + NEWLINE );
- writer.flush();
- System.out.print( "." );
+ } else {
+ output = line;
}
-
- // ALWAYS pass through the original 'extdata-requesttype'
- // line UNCHANGED so that it is ALWAYS written
- revised_line = line;
- } else if( line.startsWith( EXTDATA_SERIALNUMBER ) ) {
- revised_line = compose_numeric_line( EXTDATA_SERIALNUMBER,
- line,
- false );
- } else if( line.startsWith( PRIVATE_KEY_DATA ) ) {
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_TPS_KEY_RECORD ) ) {
+ if(drmtoolCfg.get(DRMTOOL_CFG_TPS_KEY_RECORD_PRIVATE_KEY_DATA)){
// Since "-source_pki_security_database_path",
// "-source_storage_token_name",
// "-source_storage_certificate_nickname", and
@@ -2016,10 +3726,11 @@ public class DRMTool
// these options have been selected
if( mRewrapFlag ) {
// extract the data
- data = line.substring( PRIVATE_KEY_DATA.length() + 1
- ).trim();
+ data = line.substring(
+ DRM_LDIF_PRIVATE_KEY_DATA.length() + 1
+ ).trim();
- while( ( line = reader.readLine() ) != null ) {
+ while( ( line = ldif_record.next() ) != null ) {
if( line.startsWith( SPACE ) ) {
data += line.trim();
} else {
@@ -2027,10 +3738,11 @@ public class DRMTool
}
}
- // Decode the ASCII BASE 64 certificate enclosed in the
- // String() object into a BINARY BASE 64 byte[] object
- source_wrappedKeyData = com.netscape.osutil.OSUtil.AtoB(
- data );
+ // Decode the ASCII BASE 64 certificate
+ // enclosed in the String() object
+ // into a BINARY BASE 64 byte[] object
+ source_wrappedKeyData =
+ com.netscape.osutil.OSUtil.AtoB( data );
// rewrap the source wrapped private key data
target_wrappedKeyData = rewrap_wrapped_key_data(
@@ -2048,14 +3760,16 @@ public class DRMTool
// Format the ASCII BASE 64 certificate
// to match the desired LDIF format
- formatted_data = format_ldif_data( unformatted_data );
+ formatted_data = format_ldif_data(
+ PRIVATE_KEY_DATA_FIRST_LINE_DATA_LENGTH,
+ unformatted_data );
// construct a revised 'privateKeyData' line
- revised_line = PRIVATE_KEY_DATA
- + SPACE
- + formatted_data
- + NEWLINE
- + line;
+ output = DRM_LDIF_PRIVATE_KEY_DATA
+ + SPACE
+ + formatted_data
+ + NEWLINE
+ + line;
// log this information
log( "Changed 'privateKeyData' from:"
@@ -2071,44 +3785,581 @@ public class DRMTool
+ TIC
+ NEWLINE, false );
} else {
- revised_line = line;
+ output = line;
}
- } else if( line.startsWith( REQUESTID ) ) {
- revised_line = compose_numeric_line( REQUESTID,
- line,
- true );
- } else if( line.startsWith( SERIALNO ) ) {
- revised_line = compose_numeric_line( SERIALNO,
- line,
- true );
} else {
- // Pass through line unchanged
- revised_line = line;
+ output = line;
}
+ } else {
+ log( "ERROR: Mismatched record field='"
+ + DRM_LDIF_PRIVATE_KEY_DATA
+ + "' for record type='"
+ + record_type
+ + "'!"
+ + NEWLINE, true );
+ }
+ } catch( Exception exRewrap ) {
+ log( "ERROR: Unable to rewrap BINARY BASE 64 data. "
+ + "Exception: '"
+ + exRewrap.toString()
+ + "'"
+ + NEWLINE, true );
+ }
+
+ return output;
+ }
- // Always save a copy of this line
- previous_line = revised_line;
- // Always write out the revised line and flush the buffer
- writer.write( revised_line + NEWLINE );
- writer.flush();
- System.out.print( "." );
+ /**
+ * Helper method which composes the output line for DRM_LDIF_REQUEST_ID.
+ * <P>
+ *
+ * @param record_type the string representation of the input record type
+ * @param line the string representation of the input line
+ * @return the composed output line
+ */
+ private static String output_request_id( String record_type,
+ String line ) {
+ String output = null;
+
+ if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_ENROLLMENT_REQUEST_ID ) ) {
+ output = compose_numeric_line( DRM_LDIF_REQUEST_ID,
+ line,
+ true );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_REQUEST_ID ) ) {
+ output = compose_numeric_line( DRM_LDIF_REQUEST_ID,
+ line,
+ true );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_REQUEST_ID ) ) {
+ output = compose_numeric_line( DRM_LDIF_REQUEST_ID,
+ line,
+ true );
+ } else {
+ output = line;
+ }
+ } else {
+ log( "ERROR: Mismatched record field='"
+ + DRM_LDIF_REQUEST_ID
+ + "' for record type='"
+ + record_type
+ + "'!"
+ + NEWLINE, true );
+ }
+
+ return output;
+ }
+
+
+ /**
+ * Helper method which composes the output line for DRM_LDIF_SERIAL_NO.
+ * <P>
+ *
+ * @param record_type the string representation of the input record type
+ * @param line the string representation of the input line
+ * @return the composed output line
+ */
+ private static String output_serial_no( String record_type,
+ String line ) {
+ String output = null;
+
+ if( record_type.equals( DRM_LDIF_CA_KEY_RECORD ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_CA_KEY_RECORD_SERIAL_NO ) ) {
+ output = compose_numeric_line( DRM_LDIF_SERIAL_NO,
+ line,
+ true );
+ } else {
+ output = line;
+ }
+ } else if( record_type.equals( DRM_LDIF_TPS_KEY_RECORD ) ) {
+ if( drmtoolCfg.get( DRMTOOL_CFG_TPS_KEY_RECORD_SERIAL_NO ) ) {
+ output = compose_numeric_line( DRM_LDIF_SERIAL_NO,
+ line,
+ true );
+ } else {
+ output = line;
+ }
+ } else {
+ log( "ERROR: Mismatched record field='"
+ + DRM_LDIF_SERIAL_NO
+ + "' for record type='"
+ + record_type
+ + "'!"
+ + NEWLINE, true );
+ }
+
+ return output;
+ }
+
+
+ /**
+ * Helper method which composes the output line for
+ * DRM_LDIF_EXTDATA_AUTH_TOKEN_USER.
+ * <P>
+ *
+ * @param record_type the string representation of the input record type
+ * @param line the string representation of the input line
+ * @return the composed output line
+ */
+ private static String output_extdata_auth_token_user( String record_type,
+ String line ) {
+ String data = null;
+ String output = null;
+
+ try {
+ if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
+ // Since "-source_drm_naming_context", and
+ // "-target_drm_naming_context" are OPTIONAL
+ // parameters, ONLY process this field if both of
+ // these options have been selected
+ if( mDrmNamingContextsFlag ) {
+ output = line.replace( mSourceDrmNamingContext,
+ mTargetDrmNamingContext );
+ } else {
+ output = line;
+ }
+ } else {
+ log( "ERROR: Mismatched record field='"
+ + DRM_LDIF_EXTDATA_AUTH_TOKEN_USER
+ + "' for record type='"
+ + record_type
+ + "'!"
+ + NEWLINE, true );
+ }
+ } catch( NullPointerException exNullPointerException ) {
+ log( "ERROR: Unable to replace source DRM naming context '"
+ + mSourceDrmNamingContext
+ + "' with target DRM naming context '"
+ + mTargetDrmNamingContext
+ + "' NullPointerException: '"
+ + exNullPointerException.toString()
+ + "'"
+ + NEWLINE, true );
+ }
+
+ return output;
+ }
+
+
+ /**
+ * Helper method which composes the output line for
+ * DRM_LDIF_EXTDATA_AUTH_TOKEN_USER_DN.
+ * <P>
+ *
+ * @param record_type the string representation of the input record type
+ * @param line the string representation of the input line
+ * @return the composed output line
+ */
+ private static String output_extdata_auth_token_user_dn( String record_type,
+ String line ) {
+ String data = null;
+ String output = null;
+
+ try {
+ if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
+ // Since "-source_drm_naming_context", and
+ // "-target_drm_naming_context" are OPTIONAL
+ // parameters, ONLY process this field if both of
+ // these options have been selected
+ if( mDrmNamingContextsFlag ) {
+ output = line.replace( mSourceDrmNamingContext,
+ mTargetDrmNamingContext );
+ } else {
+ output = line;
+ }
+ } else {
+ log( "ERROR: Mismatched record field='"
+ + DRM_LDIF_EXTDATA_AUTH_TOKEN_USER_DN
+ + "' for record type='"
+ + record_type
+ + "'!"
+ + NEWLINE, true );
+ }
+ } catch( NullPointerException exNullPointerException ) {
+ log( "ERROR: Unable to replace source DRM naming context '"
+ + mSourceDrmNamingContext
+ + "' with target DRM naming context '"
+ + mTargetDrmNamingContext
+ + "' NullPointerException: '"
+ + exNullPointerException.toString()
+ + "'"
+ + NEWLINE, true );
+ }
+
+ return output;
+ }
+
+
+ /**
+ * This method performs the actual parsing of the "source" LDIF file
+ * and produces the "target" LDIF file.
+ * <P>
+ *
+ * @return true if the "target" LDIF file is successfully created
+ */
+ private static boolean convert_source_ldif_to_target_ldif() {
+ boolean success = false;
+ BufferedReader reader = null;
+ PrintWriter writer = null;
+ String input = null;
+ String line = null;
+ String previous_line = null;
+ String output = null;
+ String data = null;
+ String record_type = null;
+
+ if( mRewrapFlag ) {
+ success = obtain_RSA_rewrapping_keys();
+ if( !success ) {
+ return FAILURE;
+ }
+ }
+
+ // Create a vector for LDIF input
+ record = new Vector<String>( INITIAL_LDIF_RECORD_CAPACITY );
+
+ // Process each line in the source LDIF file
+ // and store it in the target LDIF file
+ try {
+ // Open source LDIF file for reading
+ reader = new BufferedReader(
+ new FileReader( mSourceLdifFilename ) );
+
+ // Open target LDIF file for writing
+ writer = new PrintWriter(
+ new BufferedWriter(
+ new FileWriter( mTargetLdifFilename ) ) );
+
+ System.out.print( "PROCESSING: " );
+ while( ( input = reader.readLine() ) != null ) {
+ // Read in a record from the source LDIF file and
+ // add this line of input into the record vector
+ success = record.add( input );
+ if( !success ) {
+ return FAILURE;
+ }
+
+ // Check for the end of an LDIF record
+ if( !input.equals( "" ) ) {
+ // Check to see if input line identifies the record type
+ if( input.startsWith( DRM_LDIF_REQUEST_TYPE ) ) {
+ // set the record type:
+ //
+ // * DRM_LDIF_ENROLLMENT
+ // * DRM_LDIF_KEYGEN
+ // * DRM_LDIF_RECOVERY
+ //
+ record_type = input.substring(
+ DRM_LDIF_REQUEST_TYPE.length() + 1
+ ).trim();
+ if( !record_type.equals( DRM_LDIF_ENROLLMENT ) &&
+ !record_type.equals( DRM_LDIF_KEYGEN ) &&
+ !record_type.equals( DRM_LDIF_RECOVERY ) ) {
+ log( "ERROR: Unknown LDIF record type='"
+ + record_type
+ + "'!"
+ + NEWLINE, true );
+ return FAILURE;
+ }
+ } else if( input.startsWith( DRM_LDIF_ARCHIVED_BY ) ) {
+ // extract the data
+ data = input.substring(
+ DRM_LDIF_ARCHIVED_BY.length() + 1
+ ).trim();
+
+ // set the record type:
+ //
+ // * DRM_LDIF_CA_KEY_RECORD
+ // * DRM_LDIF_TPS_KEY_RECORD
+ //
+ if( data.startsWith( DRM_LDIF_TPS_KEY_RECORD ) ) {
+ record_type = DRM_LDIF_TPS_KEY_RECORD;
+ } else if( data.startsWith( DRM_LDIF_CA_KEY_RECORD ) ) {
+ record_type = DRM_LDIF_CA_KEY_RECORD;
+ } else {
+ log( "ERROR: Unable to determine LDIF record type "
+ + "from data='"
+ + data
+ + "'!"
+ + NEWLINE, true );
+ return FAILURE;
+ }
+ }
+
+ // continue adding input lines into this record
+ continue;
+ }
+
+ // If record type is unset, then this record is neither
+ // an LDIF request record nor an LDIF key record; check
+ // to see if it needs to be written out to the target
+ // LDIF file or thrown away.
+ if( ( record_type == null ) &&
+ mProcessRequestsAndKeyRecordsOnlyFlag ) {
+ // Mark each removed record with an 'x'
+ System.out.print( "x" );
+
+ // log this information
+ log( "INFO: Throwing away an LDIF record which is "
+ + "neither a Request nor a Key Record!"
+ + NEWLINE, false );
+
+ // clear this LDIF record from the record vector
+ record.clear();
+
+ // NOTE: there is no need to reset the record type
+
+ // begin adding input lines into a new record
+ continue;
+ } else if( record_type == null ) {
+ // Set record type to specify a "generic" LDIF record
+ record_type = DRM_LDIF_RECORD;
+ }
+
+ ldif_record = record.iterator();
+
+ // Process each line of the record:
+ // * If LDIF Record Type for this line is 'valid'
+ // * If DRMTOOL Configuration File Parameter is 'true'
+ // * Process this data
+ // * Else If DRMTOOL Configuration File Parameter is 'false'
+ // * Pass through this data unchanged
+ // * Else If LDIF Record Type for this line is 'invalid'
+ // * Log error and leave method returning 'false'
+ while( ldif_record.hasNext() ) {
+
+ line = ldif_record.next();
+
+ if( line.startsWith( DRM_LDIF_CN ) ) {
+ output = output_cn( record_type, line );
+ if( output == null ) {
+ return FAILURE;
+ }
+ } else if( line.startsWith( DRM_LDIF_DATE_OF_MODIFY ) ) {
+ output = output_date_of_modify( record_type, line );
+ if( output == null ) {
+ return FAILURE;
+ }
+ } else if( line.startsWith( DRM_LDIF_DN ) ) {
+ output = output_dn( record_type, line );
+ if( output == null ) {
+ return FAILURE;
+ }
+ } else if(line.startsWith( DRM_LDIF_EXTDATA_KEY_RECORD )) {
+ output = output_extdata_key_record( record_type,
+ line );
+ if( output == null ) {
+ return FAILURE;
+ }
+ } else if(line.startsWith( DRM_LDIF_EXTDATA_REQUEST_ID )) {
+ output = output_extdata_request_id( record_type,
+ line );
+ if( output == null ) {
+ return FAILURE;
+ }
+ } else if(line.startsWith(DRM_LDIF_EXTDATA_REQUEST_NOTES)) {
+ output = output_extdata_request_notes( record_type,
+ line );
+ if( output == null ) {
+ return FAILURE;
+ }
+ } else if(line.startsWith(DRM_LDIF_EXTDATA_REQUEST_TYPE)) {
+ // if one is not already present,
+ // compose and write out the missing
+ // 'extdata_requestnotes' line
+ create_extdata_request_notes( record_type,
+ previous_line,
+ writer );
+
+ // ALWAYS pass through the original
+ // 'extdata-requesttype' line UNCHANGED
+ // so that it is ALWAYS written
+ output = line;
+ } else if(line.startsWith(DRM_LDIF_EXTDATA_SERIAL_NUMBER)) {
+ output = output_extdata_serial_number( record_type,
+ line );
+ if( output == null ) {
+ return FAILURE;
+ }
+ } else if( line.startsWith( DRM_LDIF_PRIVATE_KEY_DATA ) ) {
+ output = output_private_key_data( record_type,
+ line );
+ if( output == null ) {
+ return FAILURE;
+ }
+ } else if( line.startsWith( DRM_LDIF_REQUEST_ID ) ) {
+ output = output_request_id( record_type, line );
+ if( output == null ) {
+ return FAILURE;
+ }
+ } else if( line.startsWith( DRM_LDIF_SERIAL_NO ) ) {
+ output = output_serial_no( record_type, line );
+ if( output == null ) {
+ return FAILURE;
+ }
+ } else if( previous_line != null &&
+ previous_line.startsWith(
+ DRM_LDIF_EXTDATA_AUTH_TOKEN_USER ) ) {
+ output = output_extdata_auth_token_user( record_type,
+ line );
+ if( output == null ) {
+ return FAILURE;
+ }
+ } else if( previous_line != null &&
+ previous_line.startsWith(
+ DRM_LDIF_EXTDATA_AUTH_TOKEN_USER_DN ) ) {
+ output = output_extdata_auth_token_user_dn( record_type,
+ line );
+ if( output == null ) {
+ return FAILURE;
+ }
+ } else {
+ // Pass through line unchanged
+ output = line;
+ }
+
+ // Always save a copy of this line
+ previous_line = output;
+
+ // Always write out the output line and flush the buffer
+ writer.write( output + NEWLINE );
+ writer.flush();
+ System.out.print( "." );
+ }
+ // Mark the end of the LDIF record
+ System.out.print( "!" );
+
+ // clear this LDIF record from the record vector
+ record.clear();
}
System.out.println( " FINISHED." + NEWLINE );
} catch( IOException exIO ) {
log( "ERROR: line='"
+ line
- + "' OR revised_line='"
- + revised_line
+ + "' OR output='"
+ + output
+ "' IOException: '"
- + exIO
+ + exIO.toString()
+ "'"
+ NEWLINE, true );
return FAILURE;
- } catch( Exception exRewrap ) {
- log( "ERROR: Unable to rewrap BINARY BASE 64 data. "
- + "Exception: '"
- + exRewrap
+ }
+
+ return SUCCESS;
+ }
+
+
+ /**************************************/
+ /* DRMTOOL Config File Parser Methods */
+ /**************************************/
+
+ /**
+ * This method performs the actual parsing of the DRMTOOL config file
+ * and initializes how the DRM Record Fields should be processed.
+ * <P>
+ *
+ * @return true if the DRMTOOL config file is successfully processed
+ */
+ private static boolean process_drmtool_config_file() {
+ boolean success = false;
+ BufferedReader reader = null;
+ String line = null;
+ String name_value_pair[] = null;
+ String name = null;
+ Boolean value = null;
+
+ // Process each line containing a name/value pair
+ // in the DRMTOOL config file
+ try {
+ // Open DRMTOOL config file for reading
+ reader = new BufferedReader(
+ new FileReader( mDrmtoolCfgFilename ) );
+
+ // Create a hashtable for relevant name/value pairs
+ drmtoolCfg = new Hashtable<String, Boolean>();
+
+ System.out.print( "PROCESSING DRMTOOL CONFIG FILE: " );
+ while( ( line = reader.readLine() ) != null ) {
+ if( line.startsWith( DRMTOOL_CFG_PREFIX ) ) {
+ // obtain "name=value" pair
+ name_value_pair = line.split( EQUAL_SIGN );
+
+ // obtain "name"
+ name = name_value_pair[0];
+
+ // compute "boolean" value
+ if( name_value_pair[1].equals( "true" ) ) {
+ value = Boolean.TRUE;
+ } else {
+ value = Boolean.FALSE;
+ }
+
+ // store relevant DRM LDIF fields for processing
+ if( name.equals( DRMTOOL_CFG_ENROLLMENT_CN )
+ || name.equals( DRMTOOL_CFG_ENROLLMENT_DATE_OF_MODIFY )
+ || name.equals( DRMTOOL_CFG_ENROLLMENT_DN )
+ || name.equals( DRMTOOL_CFG_ENROLLMENT_EXTDATA_KEY_RECORD )
+ || name.equals( DRMTOOL_CFG_ENROLLMENT_EXTDATA_REQUEST_NOTES )
+ || name.equals( DRMTOOL_CFG_ENROLLMENT_REQUEST_ID )
+ || name.equals( DRMTOOL_CFG_CA_KEY_RECORD_CN )
+ || name.equals( DRMTOOL_CFG_CA_KEY_RECORD_DATE_OF_MODIFY )
+ || name.equals( DRMTOOL_CFG_CA_KEY_RECORD_DN )
+ || name.equals( DRMTOOL_CFG_CA_KEY_RECORD_PRIVATE_KEY_DATA )
+ || name.equals( DRMTOOL_CFG_CA_KEY_RECORD_SERIAL_NO )
+ || name.equals( DRMTOOL_CFG_RECOVERY_CN )
+ || name.equals( DRMTOOL_CFG_RECOVERY_DATE_OF_MODIFY )
+ || name.equals( DRMTOOL_CFG_RECOVERY_DN )
+ || name.equals( DRMTOOL_CFG_RECOVERY_EXTDATA_REQUEST_ID )
+ || name.equals( DRMTOOL_CFG_RECOVERY_EXTDATA_REQUEST_NOTES )
+ || name.equals( DRMTOOL_CFG_RECOVERY_EXTDATA_SERIAL_NUMBER )
+ || name.equals( DRMTOOL_CFG_RECOVERY_REQUEST_ID )
+ || name.equals( DRMTOOL_CFG_TPS_KEY_RECORD_CN )
+ || name.equals( DRMTOOL_CFG_TPS_KEY_RECORD_DATE_OF_MODIFY )
+ || name.equals( DRMTOOL_CFG_TPS_KEY_RECORD_DN )
+ || name.equals( DRMTOOL_CFG_TPS_KEY_RECORD_PRIVATE_KEY_DATA )
+ || name.equals( DRMTOOL_CFG_TPS_KEY_RECORD_SERIAL_NO )
+ || name.equals( DRMTOOL_CFG_KEYGEN_CN )
+ || name.equals( DRMTOOL_CFG_KEYGEN_DATE_OF_MODIFY )
+ || name.equals( DRMTOOL_CFG_KEYGEN_DN )
+ || name.equals( DRMTOOL_CFG_KEYGEN_EXTDATA_KEY_RECORD )
+ || name.equals( DRMTOOL_CFG_KEYGEN_EXTDATA_REQUEST_ID )
+ || name.equals( DRMTOOL_CFG_KEYGEN_EXTDATA_REQUEST_NOTES )
+ || name.equals( DRMTOOL_CFG_KEYGEN_REQUEST_ID ) ) {
+ drmtoolCfg.put( name, value );
+ System.out.print( "." );
+ }
+ }
+ }
+ System.out.println( " FINISHED." + NEWLINE );
+ } catch( FileNotFoundException exDrmtoolCfgFileNotFound ) {
+ log( "ERROR: No DRMTOOL config file named '"
+ + mDrmtoolCfgFilename
+ + "' exists! FileNotFoundException: '"
+ + exDrmtoolCfgFileNotFound.toString()
+ + "'"
+ + NEWLINE, true );
+ return FAILURE;
+ } catch( IOException exDrmtoolCfgIO ) {
+ log( "ERROR: line='"
+ + line
+ + "' IOException: '"
+ + exDrmtoolCfgIO.toString()
+ + "'"
+ + NEWLINE, true );
+ return FAILURE;
+ } catch( PatternSyntaxException exDrmtoolCfgNameValuePattern ) {
+ log( "ERROR: line='"
+ + line
+ + "' PatternSyntaxException: '"
+ + exDrmtoolCfgNameValuePattern.toString()
+ "'"
+ NEWLINE, true );
return FAILURE;
@@ -2132,8 +4383,13 @@ public class DRMTool
// Variables
String append_id_offset = null;
String remove_id_offset = null;
+ String process_drm_naming_context_fields = null;
+ String process_requests_and_key_records_only = null;
+ String use_PKI_security_database_pwdfile = null;
+ File cfgFile = null;
File sourceFile = null;
File sourceDBPath = null;
+ File sourceDBPwdfile = null;
File targetStorageCertFile = null;
File targetFile = null;
File logFile = null;
@@ -2144,9 +4400,26 @@ public class DRMTool
// Check that the correct number of arguments were
// submitted to the program
- if( ( args.length != ID_OFFSET_ARGS ) &&
- ( args.length != REWRAP_ARGS ) &&
- ( args.length != REWRAP_AND_ID_OFFSET_ARGS ) ) {
+ if( ( args.length != ID_OFFSET_ARGS ) &&
+ ( args.length != ( ID_OFFSET_ARGS + 1 ) ) &&
+ ( args.length != ( ID_OFFSET_ARGS + 4 ) ) &&
+ ( args.length != ( ID_OFFSET_ARGS + 5 ) ) &&
+ ( args.length != REWRAP_ARGS ) &&
+ ( args.length != ( REWRAP_ARGS + 1 ) ) &&
+ ( args.length != ( REWRAP_ARGS + 2 ) ) &&
+ ( args.length != ( REWRAP_ARGS + 3 ) ) &&
+ ( args.length != ( REWRAP_ARGS + 4 ) ) &&
+ ( args.length != ( REWRAP_ARGS + 5 ) ) &&
+ ( args.length != ( REWRAP_ARGS + 6 ) ) &&
+ ( args.length != ( REWRAP_ARGS + 7 ) ) &&
+ ( args.length != REWRAP_AND_ID_OFFSET_ARGS ) &&
+ ( args.length != ( REWRAP_AND_ID_OFFSET_ARGS + 1 ) ) &&
+ ( args.length != ( REWRAP_AND_ID_OFFSET_ARGS + 2 ) ) &&
+ ( args.length != ( REWRAP_AND_ID_OFFSET_ARGS + 3 ) ) &&
+ ( args.length != ( REWRAP_AND_ID_OFFSET_ARGS + 4 ) ) &&
+ ( args.length != ( REWRAP_AND_ID_OFFSET_ARGS + 5 ) ) &&
+ ( args.length != ( REWRAP_AND_ID_OFFSET_ARGS + 6 ) ) &&
+ ( args.length != ( REWRAP_AND_ID_OFFSET_ARGS + 7 ) ) ) {
System.err.println( "ERROR: Incorrect number of arguments!"
+ NEWLINE );
printUsage();
@@ -2155,7 +4428,10 @@ public class DRMTool
// Process command-line arguments
for( int i = 0; i < args.length; i += 2 ) {
- if( args[i].equals( SOURCE_LDIF_FILE ) ) {
+ if( args[i].equals( DRMTOOL_CFG_FILE ) ) {
+ mDrmtoolCfgFilename = args[i + 1];
+ mMandatoryNameValuePairs++;
+ } else if( args[i].equals( SOURCE_LDIF_FILE ) ) {
mSourceLdifFilename = args[i + 1];
mMandatoryNameValuePairs++;
} else if( args[i].equals( TARGET_LDIF_FILE ) ) {
@@ -2176,12 +4452,25 @@ public class DRMTool
} else if( args[i].equals( TARGET_STORAGE_CERTIFICATE_FILE ) ) {
mTargetStorageCertificateFilename = args[i + 1];
mRewrapNameValuePairs++;
+ } else if( args[i].equals( SOURCE_NSS_DB_PWDFILE ) ) {
+ mSourcePKISecurityDatabasePwdfile = args[i + 1];
+ mPKISecurityDatabasePwdfileNameValuePairs++;
} else if( args[i].equals( APPEND_ID_OFFSET ) ) {
append_id_offset = args[i + 1];
mAppendIdOffsetNameValuePairs++;
} else if( args[i].equals( REMOVE_ID_OFFSET ) ) {
remove_id_offset = args[i + 1];
mRemoveIdOffsetNameValuePairs++;
+ } else if( args[i].equals( SOURCE_DRM_NAMING_CONTEXT ) ) {
+ mSourceDrmNamingContext = args[i + 1];
+ mDrmNamingContextNameValuePairs++;
+ } else if( args[i].equals( TARGET_DRM_NAMING_CONTEXT ) ) {
+ mTargetDrmNamingContext = args[i + 1];
+ mDrmNamingContextNameValuePairs++;
+ } else if( args[i].equals( PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY ) )
+ {
+ mProcessRequestsAndKeyRecordsOnlyFlag = true;
+ i -= 1;
} else {
System.err.println( "ERROR: Unknown argument '"
+ args[i]
@@ -2195,6 +4484,8 @@ public class DRMTool
// Verify that correct number of valid mandatory
// arguments were submitted to the program
if( mMandatoryNameValuePairs != MANDATORY_NAME_VALUE_PAIRS ||
+ mDrmtoolCfgFilename == null ||
+ mDrmtoolCfgFilename.length() == 0 ||
mSourceLdifFilename == null ||
mSourceLdifFilename.length() == 0 ||
mTargetLdifFilename == null ||
@@ -2206,13 +4497,29 @@ public class DRMTool
printUsage();
System.exit( 0 );
} else {
+ // Check for a valid DRMTOOL config file
+ cfgFile = new File( mDrmtoolCfgFilename );
+ if( !cfgFile.exists() ||
+ !cfgFile.isFile() ||
+ ( cfgFile.length() == 0 ) ) {
+ System.err.println( "ERROR: '"
+ + mDrmtoolCfgFilename
+ + "' does NOT exist, is NOT a file, "
+ + "or is empty!"
+ + NEWLINE );
+ printUsage();
+ System.exit( 0 );
+ }
+
// Check for a valid source LDIF file
sourceFile = new File( mSourceLdifFilename );
if( !sourceFile.exists() ||
- !sourceFile.isFile() ) {
+ !sourceFile.isFile() ||
+ ( sourceFile.length() == 0 ) ) {
System.err.println( "ERROR: '"
+ mSourceLdifFilename
- + "' does NOT exist or is NOT a file!"
+ + "' does NOT exist, is NOT a file, "
+ + "or is empty!"
+ NEWLINE );
printUsage();
System.exit( 0 );
@@ -2278,10 +4585,12 @@ public class DRMTool
targetStorageCertFile = new File(
mTargetStorageCertificateFilename );
if( !targetStorageCertFile.exists() ||
- !targetStorageCertFile.isFile() ) {
+ !targetStorageCertFile.isFile() ||
+ ( targetStorageCertFile.length() == 0 ) ) {
System.err.println( "ERROR: '"
+ mTargetStorageCertificateFilename
- + "' does NOT exist or is NOT a file!"
+ + "' does NOT exist, is NOT a file, "
+ + "or is empty!"
+ NEWLINE );
printUsage();
System.exit( 0 );
@@ -2331,7 +4640,7 @@ public class DRMTool
System.err.println( "ERROR: append_id_offset='"
+ append_id_offset
+ "' PatternSyntaxException: '"
- + exAppendPattern
+ + exAppendPattern.toString()
+ "'"
+ NEWLINE );
System.exit( 0 );
@@ -2371,7 +4680,7 @@ public class DRMTool
System.err.println( "ERROR: remove_id_offset='"
+ remove_id_offset
+ "' PatternSyntaxException: '"
- + exRemovePattern
+ + exRemovePattern.toString()
+ "'"
+ NEWLINE );
System.exit( 0 );
@@ -2398,13 +4707,135 @@ public class DRMTool
System.exit( 0 );
}
+ // Check to see that if the OPTIONAL
+ // 'PKI Security Database Password File'
+ // command-line options were specified,
+ // that they are all present and accounted for
+ if( mPKISecurityDatabasePwdfileNameValuePairs > 0 ) {
+ if( mPKISecurityDatabasePwdfileNameValuePairs !=
+ PWDFILE_NAME_VALUE_PAIRS ||
+ mSourcePKISecurityDatabasePwdfile == null ||
+ mSourcePKISecurityDatabasePwdfile.length() == 0 ) {
+ System.err.println( "ERROR: Missing 'Password File' "
+ + "arguments!"
+ + NEWLINE );
+ printUsage();
+ System.exit( 0 );
+ } else {
+ if( mRewrapFlag ) {
+ // Check for a valid source PKI
+ // security database password file
+ sourceDBPwdfile = new
+ File( mSourcePKISecurityDatabasePwdfile );
+ if( !sourceDBPwdfile.exists() ||
+ !sourceDBPwdfile.isFile() ||
+ ( sourceDBPwdfile.length() == 0 ) ) {
+ System.err.println( "ERROR: '"
+ + mSourcePKISecurityDatabasePwdfile
+ + "' does NOT exist, is NOT a file, "
+ + "or is empty!"
+ + NEWLINE );
+ printUsage();
+ System.exit( 0 );
+ }
+
+ use_PKI_security_database_pwdfile = SPACE
+ + SOURCE_NSS_DB_PWDFILE
+ + SPACE
+ + TIC
+ + mSourcePKISecurityDatabasePwdfile
+ + TIC;
+
+ mSourcePKISecurityDatabasePwdfileMessage = SPACE
+ + PLUS
+ + SPACE
+ + DRM_LDIF_USED_PWDFILE_MESSAGE;
+
+ // Mark the 'Password File' flag true
+ mPwdfileFlag = true;
+ } else {
+ System.err.println( "ERROR: The "
+ + TIC
+ + SOURCE_NSS_DB_PWDFILE
+ + TIC
+ + " option is ONLY valid when "
+ + "performing rewrapping."
+ + NEWLINE );
+ printUsage();
+ System.exit( 0 );
+ }
+ }
+ } else {
+ use_PKI_security_database_pwdfile = "";
+ mSourcePKISecurityDatabasePwdfileMessage = "";
+ }
+
+ // Check to see that if the OPTIONAL 'DRM Naming Context' command-line
+ // options were specified, that they are all present and accounted for
+ if( mDrmNamingContextNameValuePairs > 0 ) {
+ if( mDrmNamingContextNameValuePairs !=
+ NAMING_CONTEXT_NAME_VALUE_PAIRS ||
+ mSourceDrmNamingContext == null ||
+ mSourceDrmNamingContext.length() == 0 ||
+ mTargetDrmNamingContext == null ||
+ mTargetDrmNamingContext.length() == 0 ) {
+ System.err.println( "ERROR: Both 'source DRM naming context' "
+ + "and 'target DRM naming context' "
+ + "options MUST be specified!"
+ + NEWLINE );
+ printUsage();
+ System.exit( 0 );
+ } else {
+ process_drm_naming_context_fields = SPACE
+ + SOURCE_DRM_NAMING_CONTEXT
+ + SPACE
+ + TIC
+ + mSourceDrmNamingContext
+ + TIC
+ + SPACE
+ + TARGET_DRM_NAMING_CONTEXT
+ + SPACE
+ + TIC
+ + mTargetDrmNamingContext
+ + TIC;
+
+ mDrmNamingContextMessage = SPACE
+ + PLUS
+ + SPACE
+ + DRM_LDIF_SOURCE_NAME_CONTEXT_MESSAGE
+ + mSourceDrmNamingContext
+ + DRM_LDIF_TARGET_NAME_CONTEXT_MESSAGE
+ + mTargetDrmNamingContext
+ + TIC;
+
+ // Mark the 'DRM Naming Contexts' flag true
+ mDrmNamingContextsFlag = true;
+ }
+ } else {
+ process_drm_naming_context_fields = "";
+ mDrmNamingContextMessage = "";
+ }
+
+ // Check for OPTIONAL "Process Requests and Key Records ONLY" option
+ if( mProcessRequestsAndKeyRecordsOnlyFlag ) {
+ process_requests_and_key_records_only = SPACE
+ + PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY;
+ mProcessRequestsAndKeyRecordsOnlyMessage = SPACE + PLUS + SPACE +
+ DRM_LDIF_PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY_MESSAGE;
+ } else {
+ process_requests_and_key_records_only = "";
+ mProcessRequestsAndKeyRecordsOnlyMessage = "";
+ }
+
// Enable logging process . . .
open_log( mLogFilename );
// Begin logging progress . . .
if( mRewrapFlag && mAppendIdOffsetFlag ) {
- log( "BEGIN '"
+ log( "BEGIN \""
+ DRM_TOOL + SPACE
+ + DRMTOOL_CFG_FILE + SPACE
+ + mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
@@ -2414,17 +4845,23 @@ public class DRMTool
+ SOURCE_NSS_DB_PATH + SPACE
+ mSourcePKISecurityDatabasePath + SPACE
+ SOURCE_STORAGE_TOKEN_NAME + SPACE
- + mSourceStorageTokenName + SPACE
+ + TIC + mSourceStorageTokenName + TIC + SPACE
+ SOURCE_STORAGE_CERT_NICKNAME + SPACE
- + mSourceStorageCertNickname + SPACE
+ + TIC + mSourceStorageCertNickname + TIC + SPACE
+ TARGET_STORAGE_CERTIFICATE_FILE + SPACE
+ mTargetStorageCertificateFilename + SPACE
+ + use_PKI_security_database_pwdfile
+ APPEND_ID_OFFSET + SPACE
- + append_id_offset + "' . . ."
+ + append_id_offset
+ + process_drm_naming_context_fields
+ + process_requests_and_key_records_only
+ + "\" . . ."
+ NEWLINE, true );
} else if( mRewrapFlag && mRemoveIdOffsetFlag ) {
- log( "BEGIN '"
+ log( "BEGIN \""
+ DRM_TOOL + SPACE
+ + DRMTOOL_CFG_FILE + SPACE
+ + mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
@@ -2434,17 +4871,23 @@ public class DRMTool
+ SOURCE_NSS_DB_PATH + SPACE
+ mSourcePKISecurityDatabasePath + SPACE
+ SOURCE_STORAGE_TOKEN_NAME + SPACE
- + mSourceStorageTokenName + SPACE
+ + TIC + mSourceStorageTokenName + TIC + SPACE
+ SOURCE_STORAGE_CERT_NICKNAME + SPACE
- + mSourceStorageCertNickname + SPACE
+ + TIC + mSourceStorageCertNickname + TIC + SPACE
+ TARGET_STORAGE_CERTIFICATE_FILE + SPACE
+ mTargetStorageCertificateFilename + SPACE
+ + use_PKI_security_database_pwdfile
+ REMOVE_ID_OFFSET + SPACE
- + remove_id_offset + "' . . ."
+ + remove_id_offset
+ + process_drm_naming_context_fields
+ + process_requests_and_key_records_only
+ + "\" . . ."
+ NEWLINE, true );
} else if( mRewrapFlag ) {
- log( "BEGIN '"
+ log( "BEGIN \""
+ DRM_TOOL + SPACE
+ + DRMTOOL_CFG_FILE + SPACE
+ + mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
@@ -2454,15 +4897,21 @@ public class DRMTool
+ SOURCE_NSS_DB_PATH + SPACE
+ mSourcePKISecurityDatabasePath + SPACE
+ SOURCE_STORAGE_TOKEN_NAME + SPACE
- + mSourceStorageTokenName + SPACE
+ + TIC + mSourceStorageTokenName + TIC + SPACE
+ SOURCE_STORAGE_CERT_NICKNAME + SPACE
- + mSourceStorageCertNickname + SPACE
+ + TIC + mSourceStorageCertNickname + TIC + SPACE
+ TARGET_STORAGE_CERTIFICATE_FILE + SPACE
- + mTargetStorageCertificateFilename + "' . . ."
+ + mTargetStorageCertificateFilename
+ + use_PKI_security_database_pwdfile
+ + process_drm_naming_context_fields
+ + process_requests_and_key_records_only
+ + "\" . . ."
+ NEWLINE, true );
} else if( mAppendIdOffsetFlag ) {
- log( "BEGIN '"
+ log( "BEGIN \""
+ DRM_TOOL + SPACE
+ + DRMTOOL_CFG_FILE + SPACE
+ + mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
@@ -2470,11 +4919,16 @@ public class DRMTool
+ LOG_FILE + SPACE
+ mLogFilename + SPACE
+ APPEND_ID_OFFSET + SPACE
- + append_id_offset + "' . . ."
+ + append_id_offset
+ + process_drm_naming_context_fields
+ + process_requests_and_key_records_only
+ + "\" . . ."
+ NEWLINE, true );
} else if( mRemoveIdOffsetFlag ) {
- log( "BEGIN '"
+ log( "BEGIN \""
+ DRM_TOOL + SPACE
+ + DRMTOOL_CFG_FILE + SPACE
+ + mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
@@ -2482,24 +4936,40 @@ public class DRMTool
+ LOG_FILE + SPACE
+ mLogFilename + SPACE
+ REMOVE_ID_OFFSET + SPACE
- + remove_id_offset + "' . . ."
+ + remove_id_offset
+ + process_drm_naming_context_fields
+ + process_requests_and_key_records_only
+ + "\" . . ."
+ NEWLINE, true );
}
- // Convert the source LDIF file to a target LDIF file
- success = convert_source_ldif_to_target_ldif();
+ // Process the DRMTOOL config file
+ success = process_drmtool_config_file();
if( !success ) {
- log( "FAILED converting source LDIF file --> target LDIF file!"
+ log( "FAILED processing drmtool config file!"
+ NEWLINE, true );
} else {
- log( "SUCCESSFULLY converted source LDIF file --> target LDIF file!"
+ log( "SUCCESSFULLY processed drmtool config file!"
+ NEWLINE, true );
+
+ // Convert the source LDIF file to a target LDIF file
+ success = convert_source_ldif_to_target_ldif();
+ if( !success ) {
+ log( "FAILED converting source LDIF file --> target LDIF file!"
+ + NEWLINE, true );
+ } else {
+ log( "SUCCESSFULLY converted source LDIF file --> "
+ + "target LDIF file!"
+ + NEWLINE, true );
+ }
}
// Finish logging progress
if( mRewrapFlag && mAppendIdOffsetFlag ) {
- log( "FINISHED '"
+ log( "FINISHED \""
+ DRM_TOOL + SPACE
+ + DRMTOOL_CFG_FILE + SPACE
+ + mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
@@ -2509,17 +4979,23 @@ public class DRMTool
+ SOURCE_NSS_DB_PATH + SPACE
+ mSourcePKISecurityDatabasePath + SPACE
+ SOURCE_STORAGE_TOKEN_NAME + SPACE
- + mSourceStorageTokenName + SPACE
+ + TIC + mSourceStorageTokenName + TIC + SPACE
+ SOURCE_STORAGE_CERT_NICKNAME + SPACE
- + mSourceStorageCertNickname + SPACE
+ + TIC + mSourceStorageCertNickname + TIC + SPACE
+ TARGET_STORAGE_CERTIFICATE_FILE + SPACE
+ mTargetStorageCertificateFilename + SPACE
+ + use_PKI_security_database_pwdfile
+ APPEND_ID_OFFSET + SPACE
- + append_id_offset + "'."
+ + append_id_offset
+ + process_drm_naming_context_fields
+ + process_requests_and_key_records_only
+ + "\"."
+ NEWLINE, true );
} else if( mRewrapFlag && mRemoveIdOffsetFlag ) {
- log( "FINISHED '"
+ log( "FINISHED \""
+ DRM_TOOL + SPACE
+ + DRMTOOL_CFG_FILE + SPACE
+ + mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
@@ -2529,17 +5005,23 @@ public class DRMTool
+ SOURCE_NSS_DB_PATH + SPACE
+ mSourcePKISecurityDatabasePath + SPACE
+ SOURCE_STORAGE_TOKEN_NAME + SPACE
- + mSourceStorageTokenName + SPACE
+ + TIC + mSourceStorageTokenName + TIC + SPACE
+ SOURCE_STORAGE_CERT_NICKNAME + SPACE
- + mSourceStorageCertNickname + SPACE
+ + TIC + mSourceStorageCertNickname + TIC + SPACE
+ TARGET_STORAGE_CERTIFICATE_FILE + SPACE
+ mTargetStorageCertificateFilename + SPACE
+ + use_PKI_security_database_pwdfile
+ REMOVE_ID_OFFSET + SPACE
- + remove_id_offset + "'."
+ + remove_id_offset
+ + process_drm_naming_context_fields
+ + process_requests_and_key_records_only
+ + "\"."
+ NEWLINE, true );
} else if( mRewrapFlag ) {
- log( "FINISHED '"
+ log( "FINISHED \""
+ DRM_TOOL + SPACE
+ + DRMTOOL_CFG_FILE + SPACE
+ + mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
@@ -2549,15 +5031,21 @@ public class DRMTool
+ SOURCE_NSS_DB_PATH + SPACE
+ mSourcePKISecurityDatabasePath + SPACE
+ SOURCE_STORAGE_TOKEN_NAME + SPACE
- + mSourceStorageTokenName + SPACE
+ + TIC + mSourceStorageTokenName + TIC + SPACE
+ SOURCE_STORAGE_CERT_NICKNAME + SPACE
- + mSourceStorageCertNickname + SPACE
+ + TIC + mSourceStorageCertNickname + TIC + SPACE
+ TARGET_STORAGE_CERTIFICATE_FILE + SPACE
- + mTargetStorageCertificateFilename + "'."
+ + mTargetStorageCertificateFilename
+ + use_PKI_security_database_pwdfile
+ + process_drm_naming_context_fields
+ + process_requests_and_key_records_only
+ + "\"."
+ NEWLINE, true );
} else if( mAppendIdOffsetFlag ) {
- log( "FINISHED '"
+ log( "FINISHED \""
+ DRM_TOOL + SPACE
+ + DRMTOOL_CFG_FILE + SPACE
+ + mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
@@ -2565,11 +5053,16 @@ public class DRMTool
+ LOG_FILE + SPACE
+ mLogFilename + SPACE
+ APPEND_ID_OFFSET + SPACE
- + append_id_offset + "'."
+ + append_id_offset
+ + process_drm_naming_context_fields
+ + process_requests_and_key_records_only
+ + "\"."
+ NEWLINE, true );
} else if( mRemoveIdOffsetFlag ) {
- log( "FINISHED '"
+ log( "FINISHED \""
+ DRM_TOOL + SPACE
+ + DRMTOOL_CFG_FILE + SPACE
+ + mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
@@ -2577,7 +5070,10 @@ public class DRMTool
+ LOG_FILE + SPACE
+ mLogFilename + SPACE
+ REMOVE_ID_OFFSET + SPACE
- + remove_id_offset + "'."
+ + remove_id_offset
+ + process_drm_naming_context_fields
+ + process_requests_and_key_records_only
+ + "\"."
+ NEWLINE, true );
}
generated by cgit (git 2.34.1) at 2024-07-04 02:23:52 +0000