1 files changed, 144 insertions, 9 deletions

diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertRequestSubmitCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertRequestSubmitCLI.java
index 3a91f87f5..90b957721 100644
--- a/base/java-tools/src/com/netscape/cmstools/cert/CertRequestSubmitCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cert/CertRequestSubmitCLI.java
@@ -4,9 +4,10 @@ import java.io.Console;
 import java.io.File;
 import java.io.FileNotFoundException;
 import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
 import java.util.Scanner;
-
-import javax.xml.bind.JAXBException;
+import java.util.Vector;
 
 import org.apache.commons.cli.CommandLine;
 import org.apache.commons.cli.Option;
@@ -14,9 +15,14 @@ import org.apache.commons.cli.ParseException;
 
 import com.netscape.certsrv.cert.CertEnrollmentRequest;
 import com.netscape.certsrv.cert.CertRequestInfos;
+import com.netscape.certsrv.profile.ProfileAttribute;
+import com.netscape.certsrv.profile.ProfileInput;
 import com.netscape.cmstools.cli.CLI;
 import com.netscape.cmstools.cli.MainCLI;
 
+import netscape.ldap.util.DN;
+import netscape.ldap.util.RDN;
+
 public class CertRequestSubmitCLI extends CLI {
 
     CertCLI certCLI;
@@ -25,12 +31,36 @@ public class CertRequestSubmitCLI extends CLI {
         super("request-submit", "Submit certificate request", certCLI);
         this.certCLI = certCLI;
 
-        Option option = new Option(null, "username", true, "Username for request authentication");
+        Option option = new Option(null, "issuer-id", true, "Authority ID (host authority if omitted)");
+        option.setArgName("ID");
+        options.addOption(option);
+
+        option = new Option(null, "issuer-dn", true, "Authority DN (host authority if omitted)");
+        option.setArgName("DN");
+        options.addOption(option);
+
+        option = new Option(null, "username", true, "Username for request authentication");
         option.setArgName("username");
         options.addOption(option);
 
         option = new Option(null, "password", false, "Prompt password for request authentication");
         options.addOption(option);
+
+        option = new Option(null, "profile", true, "Certificate profile");
+        option.setArgName("profile");
+        options.addOption(option);
+
+        option = new Option(null, "request-type", true, "Request type (default: pkcs10)");
+        option.setArgName("type");
+        options.addOption(option);
+
+        option = new Option(null, "csr-file", true, "File containing the CSR");
+        option.setArgName("path");
+        options.addOption(option);
+
+        option = new Option(null, "subject", true, "Subject DN");
+        option.setArgName("DN");
+        options.addOption(option);
     }
 
     public void printHelp() {
@@ -58,13 +88,119 @@ public class CertRequestSubmitCLI extends CLI {
 
         String[] cmdArgs = cmd.getArgs();
 
-        if (cmdArgs.length < 1) {
-            System.err.println("Error: No filename specified.");
+        String requestFilename = cmdArgs.length > 0 ? cmdArgs[0] : null;
+        String profileID = cmd.getOptionValue("profile");
+
+        if (requestFilename == null && profileID == null) {
+            System.err.println("Error: Missing request file or profile ID.");
+            printHelp();
+            System.exit(-1);
+        }
+
+        if (requestFilename != null && profileID != null) {
+            System.err.println("Error: Request file and profile ID are mutually exclusive.");
             printHelp();
             System.exit(-1);
         }
 
-        CertEnrollmentRequest request = getEnrollmentRequest(cmdArgs[0]);
+        String requestType = cmd.getOptionValue("request-type");
+
+        CertEnrollmentRequest request;
+        if (requestFilename == null) { // if no request file specified, generate new request from profile
+
+            if (verbose) {
+                System.out.println("Retrieving " + profileID + " profile.");
+            }
+
+            request = certCLI.certClient.getEnrollmentTemplate(profileID);
+
+            // set default request type for new request
+            if (requestType == null) requestType = "pkcs10";
+
+        } else { // otherwise, load request from file
+
+            if (verbose) {
+                System.out.println("Loading request from " + requestFilename + ".");
+            }
+
+            String xml = loadFile(requestFilename);
+            request = CertEnrollmentRequest.fromXML(xml);
+        }
+
+        if (requestType != null) {
+
+            if (verbose) {
+                System.out.println("Request type: " + requestType);
+            }
+
+            for (ProfileInput input : request.getInputs()) {
+                ProfileAttribute typeAttr = input.getAttribute("cert_request_type");
+                if (typeAttr != null) {
+                    typeAttr.setValue(requestType);
+                }
+            }
+        }
+
+        String csrFilename = cmd.getOptionValue("csr-file");
+        if (csrFilename != null) {
+
+            String csr = loadFile(csrFilename);
+
+            if (verbose) {
+                System.out.println("CSR:");
+                System.out.println(csr);
+            }
+
+            for (ProfileInput input : request.getInputs()) {
+                ProfileAttribute csrAttr = input.getAttribute("cert_request");
+                if (csrAttr != null) {
+                    csrAttr.setValue(csr);
+                }
+            }
+        }
+
+        String subjectDN = cmd.getOptionValue("subject");
+        if (subjectDN != null) {
+            DN dn = new DN(subjectDN);
+            Vector<?> rdns = dn.getRDNs();
+
+            Map<String, String> subjectAttributes = new HashMap<String, String>();
+            for (int i=0; i< rdns.size(); i++) {
+                RDN rdn = (RDN)rdns.elementAt(i);
+                String type = rdn.getTypes()[0].toLowerCase();
+                String value = rdn.getValues()[0];
+                subjectAttributes.put(type, value);
+            }
+
+            ProfileInput sn = request.getInput("Subject Name");
+            if (sn != null) {
+                if (verbose) System.out.println("Subject Name:");
+
+                for (ProfileAttribute attribute : sn.getAttributes()) {
+                    String name = attribute.getName();
+                    String value = null;
+
+                    if (name.equals("subject")) {
+                        // get the whole subject DN
+                        value = subjectDN;
+
+                    } else if (name.startsWith("sn_")) {
+                        // get value from subject DN
+                        value = subjectAttributes.get(name.substring(3));
+
+                    } else {
+                        // unknown attribute, ignore
+                        if (verbose) System.out.println(" - " + name);
+                        continue;
+                    }
+
+                    if (value == null) continue;
+
+                    if (verbose) System.out.println(" - " + name + ": " + value);
+                    attribute.setValue(value);
+                }
+            }
+        }
 
         String certRequestUsername = cmd.getOptionValue("username");
         if (certRequestUsername != null) {
@@ -82,10 +218,9 @@ public class CertRequestSubmitCLI extends CLI {
         CertCLI.printCertRequestInfos(cri);
     }
 
-    private CertEnrollmentRequest getEnrollmentRequest(String fileName) throws JAXBException, FileNotFoundException {
+    private String loadFile(String fileName) throws FileNotFoundException {
         try (Scanner scanner = new Scanner(new File(fileName))) {
-            String xml = scanner.useDelimiter("\\A").next();
-            return CertEnrollmentRequest.fromXML(xml);
+            return scanner.useDelimiter("\\A").next();
         }
     }
 }