diff options
57 files changed, 4 insertions, 2346 deletions
diff --git a/pki/base/ca/src/com/netscape/ca/CRLIssuingPoint.java b/pki/base/ca/src/com/netscape/ca/CRLIssuingPoint.java index bc859910b..ef0e949ab 100644 --- a/pki/base/ca/src/com/netscape/ca/CRLIssuingPoint.java +++ b/pki/base/ca/src/com/netscape/ca/CRLIssuingPoint.java @@ -531,7 +531,6 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { } private int getTimeListSize(Vector<Vector<Integer>> listedDays) { - int listSize = 0; for (int i = 0; listedDays != null && i < listedDays.size(); i++) { Vector<Integer> listedTimes = listedDays.elementAt(i); diff --git a/pki/base/common/src/com/netscape/cms/evaluators/UserOrigReqAccessEvaluator.java b/pki/base/common/src/com/netscape/cms/evaluators/UserOrigReqAccessEvaluator.java index 88358aa58..b1b406c09 100644 --- a/pki/base/common/src/com/netscape/cms/evaluators/UserOrigReqAccessEvaluator.java +++ b/pki/base/common/src/com/netscape/cms/evaluators/UserOrigReqAccessEvaluator.java @@ -159,11 +159,5 @@ public class UserOrigReqAccessEvaluator implements IAccessEvaluator { return false; } - private void log(int level, String msg) { - if (mLogger == null) - return; - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_ACLS, - level, "UserOrigReqAccessEvaluator: " + msg); - } } diff --git a/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java b/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java index d1cc3d808..ca62af5f3 100644 --- a/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java +++ b/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java @@ -300,83 +300,6 @@ public class CertificateRevokedListener implements IRequestListener { } } - private void revoked(IRequest r) { - // do we have an email to send? - String mEmail = null; - IEmailResolverKeys keys = CMS.getEmailResolverKeys(); - - try { - keys.set(IEmailResolverKeys.KEY_REQUEST, r); - } catch (EBaseException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER", e.toString())); - } - - IEmailResolver er = CMS.getReqCertSANameEmailResolver(); - - try { - mEmail = er.getEmail(keys); - } catch (ENotificationException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); - } catch (EBaseException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); - } catch (Exception e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); - } - - // now we can mail - if ((mEmail != null) && !mEmail.equals("")) { - IMailNotification mn = CMS.getMailNotification(); - - mn.setFrom(mSenderEmail); - mn.setTo(mEmail); - mn.setSubject(mSubject); - - /* - * get rejection file from disk - */ - IEmailTemplate template = CMS.getEmailTemplate(mRejectPath); - - if (template != null) { - if (!template.init()) { - return; - } - - if (template.isHTML()) { - mn.setContentType("text/html"); - } - - // build some token data - mContentParams.put(IEmailFormProcessor.TOKEN_ID, - mConfig.getName()); - mReqId = r.getRequestId(); - mContentParams.put(IEmailFormProcessor.TOKEN_REQUEST_ID, - (Object) mReqId.toString()); - IEmailFormProcessor et = CMS.getEmailFormProcessor(); - String c = et.getEmailContent(template.toString(), mContentParams); - - mn.setContent(c); - } else { - log(ILogger.LL_FAILURE, CMS.getLogMessage("LISTENERS_CERT_ISSUED_REJECTION")); - mn.setContent("Your Certificate Request has been revoked. Please contact your administrator for assistance"); - } - - try { - mn.sendNotification(); - } catch (ENotificationException e) { - // already logged, lets audit - log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); - - } catch (IOException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); - } - } else { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("LISTENERS_CERT_ISSUED_REJECTION_NOTIFICATION", mReqId.toString())); - - } - } - private void buildContentParams(RevokedCertImpl crlentries[], String mEmail) { mContentParams.put(IEmailFormProcessor.TOKEN_ID, mConfig.getName()); diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/SubjectDirectoryAttributesExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/SubjectDirectoryAttributesExt.java index f3ef687df..be858c9f0 100644 --- a/pki/base/common/src/com/netscape/cms/policy/extensions/SubjectDirectoryAttributesExt.java +++ b/pki/base/common/src/com/netscape/cms/policy/extensions/SubjectDirectoryAttributesExt.java @@ -22,7 +22,6 @@ import java.io.IOException; import java.security.cert.CertificateException; import java.util.Enumeration; import java.util.Locale; -import java.util.StringTokenizer; import java.util.Vector; import netscape.security.util.DerValue; @@ -192,18 +191,6 @@ public class SubjectDirectoryAttributesExt extends APolicyRule } } - private Vector formValues(String val) { - StringTokenizer tokenizer = new StringTokenizer(val, "+"); - Vector v = new Vector(); - - while (tokenizer.hasMoreElements()) { - String s = (String) tokenizer.nextElement(); - - v.addElement(s); - } - return v; - } - public Vector getInstanceParams() { return mParams; // inited in init() } diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java index 1cd3240fb..0ae51ce48 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java @@ -1569,74 +1569,6 @@ public class CAAdminServlet extends AdminServlet { sendResponse(SUCCESS, null, null, resp); } - /** - * Retrieves configuration parameters of certificate - * authority. - */ - private synchronized void getConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { - // validate - super.getConfig(mCA.getConfigStore(), req, resp); - } - - /** - * Sets configuration parameters of certificate - * authority. - */ - private synchronized void setConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { - super.setConfig(mCA.getConfigStore(), req, resp); - // XXX - commit changes - } - - /** - * Lists configuration store parameters. - */ - private synchronized void listConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { - super.listConfig(mCA.getConfigStore(), req, resp); - } - - /** - * Locks a request so that no one can modify it except - * owner. - */ - private synchronized void lockRequest(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { - NameValuePairs params = new NameValuePairs(); - - // XXX - sendResponse(SUCCESS, null, params, resp); - } - - /** - * Locks certificate record so that no one can - * modify it except owner. - */ - private synchronized void lockCertRecord(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { - NameValuePairs params = new NameValuePairs(); - - sendResponse(SUCCESS, null, params, resp); - } - - /** - * Modifies a cert record. - */ - private synchronized void modifyCertRecord(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { - NameValuePairs params = new NameValuePairs(); - - // XXX - sendResponse(SUCCESS, null, params, resp); - } - private void log(int level, String msg) { if (mLogger == null) return; diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java index f57d12e2d..84290ea61 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java @@ -28,7 +28,6 @@ import java.io.PrintStream; import java.io.PrintWriter; import java.io.StringWriter; import java.math.BigInteger; -import java.net.ServerSocket; import java.security.KeyPair; import java.util.Date; import java.util.Enumeration; @@ -857,196 +856,6 @@ public final class CMSAdminServlet extends AdminServlet { } /** - * Modifies network information. - */ - private void modifyNetworkConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { - - /* - HTTPSubsystem eeGateway = (HTTPSubsystem) - SubsystemRegistry.getInstance().get("eeGateway"); - RemoteAdmin raAdmin = (RemoteAdmin)RemoteAdmin.getInstance(); - AgentGateway agent = (AgentGateway)mReg.get(AgentGateway.ID); - - Enumeration enum1 = req.getParameterNames(); - - String eeHTTPportString = null; - String eeHTTPSportString = null; - String agentHTTPSportString = null; - String radminHTTPSportString = null; - - String gatewayBacklog = "15"; - - // eeHTTPEnabled corresponds to the checkbox which enables the - // HTTP EE port - String eeHTTPEnabled = Constants.FALSE; - - while (enum1.hasMoreElements()) { - String key = (String)enum1.nextElement(); - String value = (String)req.getParameter(key); - - if (key.equals(Constants.PR_AGENT_S_BACKLOG)) { - agent.setHTTPSBacklog(value); - } else if (key.equals(Constants.PR_GATEWAY_S_BACKLOG)) { - eeGateway.setHTTPSBacklog(value); - } else if (key.equals(Constants.PR_ADMIN_S_BACKLOG)) { - raAdmin.setHTTPSBacklog(value); - } else if (key.equals(Constants.PR_GATEWAY_BACKLOG)) { - gatewayBacklog = value; - } else if (key.equals(Constants.PR_GATEWAY_PORT_ENABLED)) { - eeHTTPEnabled = value; - } - } - - - eeHTTPportString = req.getParameter(Constants.PR_GATEWAY_PORT); - eeHTTPSportString = req.getParameter(Constants.PR_GATEWAY_S_PORT); - agentHTTPSportString= req.getParameter(Constants.PR_AGENT_S_PORT); - radminHTTPSportString= req.getParameter(Constants.PR_ADMIN_S_PORT); - - - int eeHTTPport=0; - int eeHTTPSport=0; - int agentHTTPSport=0; - int radminHTTPSport=0; - if (eeHTTPportString != null) eeHTTPport = Integer.parseInt(eeHTTPportString); - if (eeHTTPSportString != null) eeHTTPSport = Integer.parseInt(eeHTTPSportString); - if (agentHTTPSportString != null) agentHTTPSport = Integer.parseInt(agentHTTPSportString); - if (radminHTTPSportString != null) radminHTTPSport = Integer.parseInt(radminHTTPSportString); - - - String portName=""; - int portnum; - try { - - // EE HTTP is special, since it has it's own checkbox for enabling/disabling - if (eeHTTPEnabled.equals(Constants.TRUE) && - eeHTTPport != 0 && - eeHTTPport != eeGateway.getHTTPPort()) - { - portName = "End-entity"; - checkPortAvailable(eeHTTPport); - } - - if (eeHTTPSport != 0 && eeHTTPSport != eeGateway.getHTTPSPort()) { - portName = "SSL End-entity"; - checkPortAvailable(eeHTTPSport); - } - if (agentHTTPSport != 0 && agentHTTPSport != agent.getHTTPSPort()) { - portName = "Agent"; - checkPortAvailable(agentHTTPSport); - } - if (radminHTTPSport != 0 && radminHTTPSport != raAdmin.getHTTPSPort()) { - portName = "Remote Admin"; - checkPortAvailable(radminHTTPSport); - } - - // If any of the above ports are not available, an exception - // will be thrown and these methods below will not be called - - if (eeHTTPEnabled.equals(Constants.TRUE)) { - eeGateway.setHTTPPort(eeHTTPport); - } - eeGateway.setHTTPSPort(eeHTTPSport); - agent.setHTTPSPort(agentHTTPSport); - raAdmin.setHTTPSPort(radminHTTPSport); - - } catch (IOException e) { - // send 'port in use' error - sendResponse(ERROR, portName+" "+e.getMessage(), null, resp); - // we do not want to save the config in this case - return; - } - - eeGateway.setHTTPBacklog(gatewayBacklog); - eeGateway.setHTTPPortEnable(eeHTTPEnabled); - - mConfig.commit(true); - sendResponse(RESTART, null, null, resp); - */ - } - - /** - * Check if the port is available for binding. - * @throws IOException if not available - */ - - private void checkPortAvailable(int port) - throws IOException { - try { - // see if the port is being used by somebody else - ServerSocket ss = new ServerSocket(port); - - ss.close(); - } catch (Exception e) { - throw new IOException("port " + port + " is in use. Please select another port"); - } - } - - /** - * Reads network information. - */ - private void readNetworkConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { - - NameValuePairs params = new NameValuePairs(); - - getEENetworkConfig(params); - getAdminConfig(params); - getAgentConfig(params); - - sendResponse(SUCCESS, null, params, resp); - } - - private void getEENetworkConfig(NameValuePairs params) - throws EBaseException { - - /* - HTTPSubsystem eeGateway = - (HTTPSubsystem)mReg.get("eeGateway"); - if (eeGateway == null) { - // i.e. standalone DRM - params.add(Constants.PR_GATEWAY_S_PORT, "-1"); - params.add(Constants.PR_GATEWAY_PORT, "-1"); - params.add(Constants.PR_GATEWAY_S_BACKLOG, "-1"); - params.add(Constants.PR_GATEWAY_BACKLOG,"-1"); - params.add(Constants.PR_GATEWAY_PORT_ENABLED,"false"); - } else { - params.add(Constants.PR_GATEWAY_S_PORT, - ""+eeGateway.getHTTPSPort()); - params.add(Constants.PR_GATEWAY_PORT, - ""+eeGateway.getHTTPPort()); - params.add(Constants.PR_GATEWAY_S_BACKLOG, - ""+eeGateway.getHTTPBacklog()); - params.add(Constants.PR_GATEWAY_BACKLOG, - ""+eeGateway.getHTTPSBacklog()); - params.add(Constants.PR_GATEWAY_PORT_ENABLED, - eeGateway.getHTTPPortEnable()); - } - */ - } - - private void getAdminConfig(NameValuePairs params) throws EBaseException { - - /* - RemoteAdmin raAdmin = (RemoteAdmin)RemoteAdmin.getInstance(); - params.add(Constants.PR_ADMIN_S_PORT, ""+raAdmin.getHTTPSPort()); - params.add(Constants.PR_ADMIN_S_BACKLOG,""+raAdmin.getHTTPSBacklog()); - */ - } - - private void getAgentConfig(NameValuePairs params) throws EBaseException { - - /* - AgentGateway agent = (AgentGateway)mReg.get(AgentGateway.ID); - params.add(Constants.PR_AGENT_S_PORT, ""+agent.getHTTPSPort()); - params.add(Constants.PR_AGENT_S_BACKLOG,""+agent.getHTTPSBacklog()); - */ - } - - /** * Modifies database information. */ private void setDBConfig(HttpServletRequest req, @@ -2081,37 +1890,6 @@ private void createMasterKey(HttpServletRequest req, } } - private String getDefaultSigningAlg(String keyType, String messageDigest) { - if (keyType.equals("RSA")) { - if (messageDigest.equals("MD2")) { - return "MD2withRSA"; - } else if (messageDigest.equals("MD5")) { - return "MD5withRSA"; - } else if (messageDigest.equals("SHA1")) { - return "SHA1withRSA"; - } else if (messageDigest.equals("SHA256")) { - return "SHA256withRSA"; - } else if (messageDigest.equals("SHA512")) { - return "SHA512withRSA"; - } - } else if (keyType.equals("DSA")) { - if (messageDigest.equals("SHA1")) { - return "SHA1withDSA"; - } - } else /* EC */ { - if (messageDigest.equals("SHA1")) { - return "SHA1withEC"; - } else if (messageDigest.equals("SHA256")) { - return "SHA256withEC"; - } else if (messageDigest.equals("SHA384")) { - return "SHA384withEC"; - } else if (messageDigest.equals("SHA512")) { - return "SHA512withEC"; - } - } - return null; - } - private void updateCASignature(String nickname, KeyCertData properties, ICryptoSubsystem jssSubSystem) throws EBaseException { String alg = jssSubSystem.getSignatureAlgorithm(nickname); diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java index 2c780bb2a..e4138d745 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java @@ -20,9 +20,6 @@ package com.netscape.cms.servlet.admin; import java.io.IOException; import java.util.Enumeration; -import java.util.Hashtable; -import java.util.StringTokenizer; -import java.util.Vector; import javax.servlet.ServletConfig; import javax.servlet.ServletException; @@ -31,17 +28,12 @@ import javax.servlet.http.HttpServletResponse; import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; import com.netscape.certsrv.common.Constants; import com.netscape.certsrv.common.NameValuePairs; import com.netscape.certsrv.common.OpDef; import com.netscape.certsrv.common.ScopeDef; -import com.netscape.certsrv.kra.EKRAException; import com.netscape.certsrv.kra.IKeyRecoveryAuthority; import com.netscape.certsrv.logging.ILogger; -import com.netscape.certsrv.password.IPasswordCheck; -import com.netscape.certsrv.security.Credential; -import com.netscape.certsrv.security.IStorageKeyUnit; /** @@ -240,659 +232,4 @@ public class KRAAdminServlet extends AdminServlet { else sendResponse(SUCCESS, null, null, resp); } - - /** - * Changes M-N scheme. - * <P> - * - * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_DRM used when configuring - * DRM (Key recovery scheme, change of any secret component) - * </ul> - * @param req HTTP servlet request - * @param resp HTTP servlet response - * @exception EBaseException an error has occurred - */ - private synchronized void changeMNScheme(HttpServletRequest req, - HttpServletResponse resp) throws EBaseException { - String auditMessage = null; - String auditSubjectID = auditSubjectID(); - - // ensure that any low-level exceptions are reported - // to the signed audit log and stored as failures - try { - try { - NameValuePairs params = new NameValuePairs(); - String recN = getParameter(req, - Constants.PR_RECOVERY_N); - String recM = getParameter(req, - Constants.PR_RECOVERY_M); - String oldAgents = getParameter(req, - Constants.PR_OLD_RECOVERY_AGENT); - String agents = getParameter(req, - Constants.PR_RECOVERY_AGENT); - - if (recN == null) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - throw new EKRAException( - CMS.getLogMessage("KRA_INVALID_N")); - } - - if (recM == null) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - throw new EKRAException( - CMS.getLogMessage("KRA_INVALID_M")); - } - - if (recN != null && recM != null && oldAgents != null - && agents != null) { - int nVal = Integer.parseInt(recN); - - int mVal = Integer.parseInt(recM); - - Credential oldcreds[] = - parseCredentialStr(oldAgents); - - if (oldcreds == null) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - throw new EKRAException( - CMS.getLogMessage("KRA_INVALID_PASSWORD")); - } - - Credential creds[] = - parseCredentialStr(agents); - - if (creds == null) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - throw new EKRAException( - CMS.getLogMessage("KRA_INVALID_PASSWORD")); - } else { - for (int i = 0; i < creds.length; i++) { - Credential credential = creds[i]; - String pass = credential.getPassword(); - IPasswordCheck checker = CMS.getPasswordChecker(); - - if (!checker.isGoodPassword(pass)) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - throw new EBaseException(checker.getReason(pass)); - } - } - } - if (mKRA.getStorageKeyUnit().changeAgentMN( - nVal, mVal, oldcreds, creds)) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); - - audit(auditMessage); - - // successful operation - sendResponse(SUCCESS, null, params, - resp); - return; - } - } - } catch (IOException e) { - } - - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - throw new EBaseException(CMS.getLogMessage("BASE_INVALID_OPERATION")); - } catch (EBaseException eAudit1) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - // rethrow the specific exception to be handled later - throw eAudit1; - } - } - - /** - * Changes recovery agent password. - * <P> - * - * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_DRM used when configuring - * DRM (Key recovery scheme, change of any secret component) - * </ul> - * @param req HTTP servlet request - * @param resp HTTP servlet response - * @exception EBaseException an error has occurred - */ - private synchronized void changeAgentPwd(HttpServletRequest req, - HttpServletResponse resp) throws EBaseException { - String auditMessage = null; - String auditSubjectID = auditSubjectID(); - - // ensure that any low-level exceptions are reported - // to the signed audit log and stored as failures - try { - try { - String id = getParameter(req, Constants.RS_ID); - String oldpwd = getParameter(req, - Constants.PR_OLD_AGENT_PWD); - String newpwd = getParameter(req, - Constants.PR_AGENT_PWD); - IPasswordCheck checker = CMS.getPasswordChecker(); - - if (!checker.isGoodPassword(newpwd)) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - throw new EBaseException(checker.getReason(newpwd)); - } - - if (mKRA.getStorageKeyUnit().changeAgentPassword(id, - oldpwd, newpwd)) { - NameValuePairs params = new NameValuePairs(); - - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); - - audit(auditMessage); - - sendResponse(SUCCESS, null, params, resp); - return; - } else { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - throw new EKRAException( - CMS.getLogMessage("KRA_INVALID_PASSWORD")); - } - } catch (IOException e) { - } - - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - throw new EBaseException(CMS.getLogMessage("BASE_INVALID_OPERATION")); - } catch (EBaseException eAudit1) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - // rethrow the specific exception to be handled later - throw eAudit1; - } - } - - /** - * Modifies auto recovery configuration. - * <P> - * - * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_DRM used when configuring - * DRM (Key recovery scheme, change of any secret component) - * </ul> - * @param req HTTP servlet request - * @param resp HTTP servlet response - * @exception EBaseException an error has occurred - */ - private synchronized void modifyAutoRecoveryConfig( - HttpServletRequest req, HttpServletResponse resp) - throws EBaseException { - String auditMessage = null; - String auditSubjectID = auditSubjectID(); - - // ensure that any low-level exceptions are reported - // to the signed audit log and stored as failures - try { - try { - NameValuePairs params = new NameValuePairs(); - String autoOn = getParameter(req, - Constants.PR_AUTO_RECOVERY_ON); - String agents = getParameter(req, - Constants.PR_RECOVERY_AGENT); - - if (autoOn.equals(Constants.TRUE)) { - Credential creds[] = parseCredentialStr( - agents); - - if (mKRA.setAutoRecoveryState(creds, true)) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); - - audit(auditMessage); - - sendResponse(SUCCESS, null, params, - resp); - return; - } - } else if (autoOn.equals(Constants.FALSE)) { - if (mKRA.setAutoRecoveryState(null, false)) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); - - audit(auditMessage); - - sendResponse(SUCCESS, null, params, - resp); - return; - } - } - } catch (IOException e) { - } - - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - throw new EBaseException(CMS.getLogMessage("BASE_INVALID_OPERATION")); - } catch (EBaseException eAudit1) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - // rethrow the specific exception to be handled later - throw eAudit1; - } - } - - /** - * Reads auto recovery status. - * - * @param req HTTP request - * @param resp HTTP response - */ - private synchronized void readAutoRecoveryConfig( - HttpServletRequest req, HttpServletResponse resp) - throws EBaseException { - try { - NameValuePairs params = new NameValuePairs(); - - params.add(Constants.PR_AUTO_RECOVERY_ON, - mKRA.getAutoRecoveryState() ? - Constants.TRUE : Constants.FALSE); - sendResponse(SUCCESS, null, params, resp); - } catch (IOException e) { - throw new EBaseException( - CMS.getLogMessage("BASE_INVALID_OPERATION")); - } - } - - /** - * Reads recovery configuration. - * - * @param req HTTP request - * @param resp HTTP response - */ - private synchronized void readRecoveryConfig( - HttpServletRequest req, HttpServletResponse resp) - throws EBaseException { - try { - IStorageKeyUnit sku = mKRA.getStorageKeyUnit(); - NameValuePairs params = new NameValuePairs(); - - params.add(Constants.PR_RECOVERY_N, - Integer.toString(sku.getNoOfAgents())); - params.add(Constants.PR_RECOVERY_M, - Integer.toString(sku.getNoOfRequiredAgents())); - Enumeration e = sku.getAgentIdentifiers(); - StringBuffer as = new StringBuffer(); - - while (e.hasMoreElements()) { - as.append((String)e.nextElement()); - if (e.hasMoreElements()) { - as.append(","); - } - } - params.add(Constants.PR_RECOVERY_AGENT, as.toString()); - sendResponse(SUCCESS, null, params, resp); - } catch (IOException e) { - throw new EBaseException( - CMS.getLogMessage("BASE_INVALID_OPERATION")); - } - } - - /** - * Reads information about auto recovery agents. - * - * @param req HTTP request - * @param resp HTTP response - */ - private synchronized void readAutoRecoveryAgents( - HttpServletRequest req, HttpServletResponse resp) - throws EBaseException { - try { - // send the entire list anyway - NameValuePairs params = new NameValuePairs(); - Enumeration e = mKRA.getAutoRecoveryIDs(); - StringBuffer users = new StringBuffer(); - - while (e.hasMoreElements()) { - users.append((String) e.nextElement()); - if (e.hasMoreElements()) { - users.append(","); - } - } - params.add(Constants.PR_GROUP_USER, users.toString()); - params.add(Constants.PR_GROUP_DESC, - "Auto Recovery Agents"); // XXX - localized - sendResponse(SUCCESS, null, params, resp); - } catch (IOException e) { - throw new EBaseException( - CMS.getLogMessage("BASE_INVALID_OPERATION")); - } - } - - /** - * Modifies information about auto recovery agents. - * - * @param req HTTP request - * @param resp HTTP response - */ - private synchronized void modifyAutoRecoveryAgents( - HttpServletRequest req, HttpServletResponse resp) - throws EBaseException { - Vector v = new Vector(); - String users = getParameter(req, - Constants.PR_GROUP_USER); - StringTokenizer st = new StringTokenizer(users, ","); - - while (st.hasMoreTokens()) { - v.addElement(st.nextToken()); - } - String desc = getParameter(req, - Constants.PR_GROUP_DESC); - String agents = getParameter(req, - Constants.PR_RECOVERY_AGENT); - Credential creds[] = parseCredentialStr( - agents); - // XXX - check if the given password matched - // put ids into hashtable so that we can - // figure out what should be saved and deleted - Enumeration e = mKRA.getAutoRecoveryIDs(); - Hashtable h = new Hashtable(); - - while (e.hasMoreElements()) { - h.put(e.nextElement(), ""); - } - - // go through each of the user in the new list - for (int i = 0; i < v.size(); i++) { - String key = (String) v.elementAt(i); - - if (h.containsKey(key)) { - h.remove(key); - } else { - mKRA.addAutoRecovery(key, creds); - } - } - - // delete all the unreferenced - Enumeration dels = h.keys(); - - while (dels.hasMoreElements()) { - mKRA.removeAutoRecovery((String) - dels.nextElement()); - } - } - - /** - * Parses uid0=pwd0,uid1=pwd1,... into AgentCredential. - * - * @param s credential string - * @return a list of credentials - */ - private Credential[] parseCredentialStr(String s) { - StringTokenizer st = new StringTokenizer(s, ","); - Vector v = new Vector(); - - while (st.hasMoreTokens()) { - String a = st.nextToken(); - StringTokenizer st0 = new StringTokenizer(a, "="); - - v.addElement(new Credential(st0.nextToken(), - st0.nextToken())); - } - Credential ac[] = new Credential[v.size()]; - - v.copyInto(ac); - return ac; - } - - /* - * handle getting request in queue notification config info - */ - private void getNotificationRIQConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { - - NameValuePairs params = new NameValuePairs(); - - IConfigStore config = mKRA.getConfigStore(); - IConfigStore nc = - config.getSubStore(mKRA.PROP_NOTIFY_SUBSTORE); - - IConfigStore riq = nc.getSubStore(mKRA.PROP_REQ_IN_Q_SUBSTORE); - - Enumeration e = req.getParameterNames(); - - while (e.hasMoreElements()) { - String name = (String) e.nextElement(); - - if (name.equals(Constants.OP_TYPE)) - continue; - if (name.equals(Constants.RS_ID)) - continue; - if (name.equals(Constants.OP_SCOPE)) - continue; - if (name.equals(Constants.PR_ENABLE)) - continue; - params.add(name, riq.getString(name, "")); - } - - params.add(Constants.PR_ENABLE, - riq.getString(PROP_ENABLED, Constants.FALSE)); - //System.out.println("Send: "+params.toString()); - sendResponse(SUCCESS, null, params, resp); - } - - /** - * Handle setting request in queue notification config info - * <P> - * - * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_DRM used when configuring - * DRM (Key recovery scheme, change of any secret component) - * </ul> - * @param req HTTP servlet request - * @param resp HTTP servlet response - * @exception ServletException a servlet error has occurred - * @exception IOException an input/output error has occurred - * @exception EBaseException an error has occurred - */ - private void setNotificationRIQConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { - String auditMessage = null; - String auditSubjectID = auditSubjectID(); - - // ensure that any low-level exceptions are reported - // to the signed audit log and stored as failures - try { - IConfigStore config = mKRA.getConfigStore(); - IConfigStore nc = - config.getSubStore(mKRA.PROP_NOTIFY_SUBSTORE); - - IConfigStore riq = nc.getSubStore(mKRA.PROP_REQ_IN_Q_SUBSTORE); - - //set rest of the parameters - Enumeration e = req.getParameterNames(); - - while (e.hasMoreElements()) { - String name = (String) e.nextElement(); - - if (name.equals(Constants.OP_TYPE)) - continue; - if (name.equals(Constants.RS_ID)) - continue; - if (name.equals(Constants.OP_SCOPE)) - continue; - if (name.equals(Constants.PR_ENABLE)) - continue; - String val = req.getParameter(name); - - riq.putString(name, val); - mKRA.getRequestInQListener().set(name, val); - } - - // set enable flag - String enabledString = req.getParameter(Constants.PR_ENABLE); - - riq.putString(PROP_ENABLED, enabledString); - mKRA.getRequestInQListener().set(PROP_ENABLED, enabledString); - - commit(true); - - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); - - audit(auditMessage); - - sendResponse(SUCCESS, null, null, resp); - } catch (EBaseException eAudit1) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - // rethrow the specific exception to be handled later - throw eAudit1; - } catch (IOException eAudit2) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - // rethrow the specific exception to be handled later - throw eAudit2; - // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_DRM, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); - // - // audit( auditMessage ); - // - // // rethrow the specific exception to be handled later - // throw eAudit3; - } - } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java index 58e4dbdfd..358553074 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java @@ -1410,81 +1410,6 @@ public class LogAdminServlet extends AdminServlet { } } - private synchronized void getLogConfig(HttpServletRequest req, - HttpServletResponse resp) - throws ServletException, IOException, EBaseException { - - String implname = req.getParameter(Constants.RS_ID); - - if (implname == null) { - //System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); - return; - } - - Vector configParams = mSys.getLogDefaultParams(implname); - NameValuePairs params = new NameValuePairs(); - - // implName is always required so always send it. - params.add(Constants.PR_LOG_IMPL_NAME, ""); - if (configParams != null) { - for (int i = 0; i < configParams.size(); i++) { - String kv = (String) configParams.elementAt(i); - int index = kv.indexOf('='); - - params.add(kv.substring(0, index), - kv.substring(index + 1)); - } - } - sendResponse(0, null, params, resp); - return; - } - - private synchronized void getLogInstConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { - String id = req.getParameter(Constants.RS_ID); - - if (id == null) { - //System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); - return; - } - - // does log instance exist? - if (mSys.getLogInsts().containsKey(id) == false) { - sendResponse(ERROR, - new ELogNotFound(CMS.getUserMessage(getLocale(req),"CMS_LOG_INSTANCE_NOT_FOUND",id)).toString(), - null, resp); - return; - } - - ILogEventListener logInst = (ILogEventListener) - mSys.getLogInstance(id); - Vector configParams = logInst.getInstanceParams(); - NameValuePairs params = new NameValuePairs(); - - params.add(Constants.PR_LOG_IMPL_NAME, - getLogPluginName(logInst)); - // implName is always required so always send it. - if (configParams != null) { - for (int i = 0; i < configParams.size(); i++) { - String kv = (String) configParams.elementAt(i); - int index = kv.indexOf('='); - - params.add(kv.substring(0, index), - kv.substring(index + 1)); - } - } - - sendResponse(SUCCESS, null, params, resp); - return; - } - /** * Modify log instance * <P> @@ -2384,29 +2309,6 @@ public class LogAdminServlet extends AdminServlet { return logPath; } - /** - * Signed Audit Check Log Expiration Time - * - * This method is called to extract the log expiration time. - * <P> - * - * @param req http servlet request - * @return a string containing the log expiration time - */ - private String auditCheckLogExpirationTime(HttpServletRequest req) { - // check to see if the log expiration time parameter was changed - String expirationTime = req.getParameter( - Constants.PR_LOG_EXPIRED_TIME); - - if (expirationTime == null) { - expirationTime = ""; - } - - expirationTime = expirationTime.trim(); - - return expirationTime; - } - private void getGeneralConfig(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException, EBaseException { diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java index 9464f48ff..152b364f7 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java @@ -538,25 +538,7 @@ public class OCSPAdminServlet extends AdminServlet { // rethrow the specific exception to be handled later throw eAudit2; - // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); - // - // audit( auditMessage ); - // - // // rethrow the specific exception to be handled later - // throw eAudit3; + } } - - private void log(int level, String msg) { - if (mLogger == null) - return; - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_OTHER, - level, "CAAdminServlet: " + msg); - } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java index 1cfab0b6a..6f64d81a0 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java @@ -38,7 +38,6 @@ import com.netscape.certsrv.common.NameValuePairs; import com.netscape.certsrv.common.OpDef; import com.netscape.certsrv.common.ScopeDef; import com.netscape.certsrv.logging.ILogger; -import com.netscape.certsrv.policy.IPolicyRule; import com.netscape.certsrv.profile.EProfileException; import com.netscape.certsrv.profile.IPolicyConstraint; import com.netscape.certsrv.profile.IPolicyDefault; @@ -126,20 +125,6 @@ public class ProfileAdminServlet extends AdminServlet { return INFO; } - private void addDefaultParams(Object ext_info, NameValuePairs nvps) { - - /* make sure policy rules have 'enable' and 'predicate' */ - - if (ext_info instanceof IPolicyRule) { - if (nvps.getPair(IPolicyRule.PROP_ENABLE) == null) { - nvps.add(IPolicyRule.PROP_ENABLE, "boolean;Enable this policy rule"); - } - if (nvps.getPair(PROP_PREDICATE) == null) { - nvps.add(PROP_PREDICATE, "string;Rules describing when this policy should run."); - } - } - } - /** * Serves HTTP admin request. */ diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java index bd96bbeca..fe8d1826c 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java @@ -337,35 +337,6 @@ public class UsrGrpAdminServlet extends AdminServlet { } /** - * Retrieves configuration parameters of - * authentication manager. - */ - private synchronized void getConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { - super.getConfig(mMgr.getConfigStore(), req, resp); - } - - /** - * Sets configuration parameters of - * User/Group manager. - */ - private synchronized void setConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { - super.setConfig(mMgr.getConfigStore(), req, resp); - } - - /** - * Lists configuration parameters. - */ - private synchronized void listConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { - super.listConfig(mMgr.getConfigStore(), req, resp); - } - - /** * Searches for users in LDAP directory. List uids only * * Request/Response Syntax: diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java b/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java index 47b3c9f1e..5431d2cf8 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java @@ -21,7 +21,6 @@ package com.netscape.cms.servlet.cert; import java.io.IOException; import java.math.BigInteger; import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; import java.util.Date; import java.util.Enumeration; import java.util.Locale; @@ -316,93 +315,6 @@ CMS.debug("**** mFormPath = "+mFormPath); } /** - * get cert to revoke from agent. - */ - private BigInteger getCertFromAgent( - IArgBlock httpParams, X509Certificate[] certContainer) - throws EBaseException { - BigInteger serialno = null; - X509Certificate cert = null; - - // get serial no - serialno = httpParams.getValueAsBigInteger(SERIAL_NO, null); - if (serialno == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_MISSING_SERIALNO_FOR_REVOKE")); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_MISSING_SERIALNO_FOR_REVOKE")); - } - - // get cert from db if we're cert authority. - if (mAuthority instanceof ICertificateAuthority) { - cert = getX509Certificate(serialno); - if (cert == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION")); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION")); - } - } - certContainer[0] = cert; - return serialno; - } - - /** - * Revoke the specified certificate - */ - private BigInteger getCertFromAuthMgr( - AuthToken authToken, X509Certificate[] certContainer) - throws EBaseException { - X509CertImpl cert = - authToken.getInCert(AuthToken.TOKEN_CERT); - - if (cert == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_MISSING_CERTS_REVOKE_FROM_AUTHMGR")); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_MISSING_CERTS_REVOKE_FROM_AUTHMGR")); - } - if (mAuthority instanceof ICertificateAuthority && - !isCertFromCA(cert)) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION")); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION")); - } - certContainer[0] = cert; - BigInteger serialno = ((X509Certificate) cert).getSerialNumber(); - - return serialno; - } - - /** - * get cert to revoke from ssl - */ - private BigInteger getCertFromSSL( - HttpServletRequest req, X509CertImpl[] certContainer) - throws EBaseException { - X509Certificate cert = getSSLClientCertificate(req); - - if (cert == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_MISSING_CERTS_REVOKE_FROM_SSL")); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_MISSING_CERTS_REVOKE_FROM_SSL")); - } - if (mAuthority instanceof ICertificateAuthority && - !isCertFromCA(cert)) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION", "")); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION")); - } - BigInteger serialno = ((X509Certificate) cert).getSerialNumber(); - - certContainer[0] = (X509CertImpl) cert; - - return serialno; - } - - /** * Process cert status change request using the Certificate Management * protocol using CMS (CMC) * <P> diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/CloneRedirect.java b/pki/base/common/src/com/netscape/cms/servlet/cert/CloneRedirect.java index 88abe80e5..b3693a533 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/CloneRedirect.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/CloneRedirect.java @@ -142,19 +142,4 @@ public class CloneRedirect extends CMSServlet { throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE")); } } - - /** - * Display information about redirecting to the master's URL info - */ - private void process(CMSTemplateParams argSet, IArgBlock header, - HttpServletRequest req, - HttpServletResponse resp, - String signatureAlgorithm, - Locale locale) - throws EBaseException { - - CMS.debug("CloneRedirect: " + CMS.getLogMessage("ADMIN_SRVLT_ADD_MASTER_URL", mNewUrl)); - header.addStringValue("masterURL", mNewUrl); - return; - } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java b/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java index ee64cb948..4688406ad 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java @@ -37,9 +37,7 @@ import javax.servlet.http.HttpServletResponse; import netscape.security.pkcs.PKCS10; import netscape.security.x509.AlgorithmId; import netscape.security.x509.CertificateAlgorithmId; -import netscape.security.x509.CertificateExtensions; import netscape.security.x509.CertificateX509Key; -import netscape.security.x509.KeyUsageExtension; import netscape.security.x509.X509CertImpl; import netscape.security.x509.X509CertInfo; import netscape.security.x509.X509Key; @@ -1719,71 +1717,6 @@ public class EnrollServlet extends CMSServlet { mIsTestBed = config.getBoolean("isTestBed", true); } - private void do_testbed_hack( - int nummsgs, X509CertInfo[] certinfo, IArgBlock httpParams) - throws EBaseException { - if (!mIsTestBed) - return; - - // get around bug in cartman - bits are off by one byte. - for (int i = 0; i < certinfo.length; i++) { - try { - X509CertInfo cert = certinfo[i]; - CertificateExtensions exts = (CertificateExtensions) - cert.get(CertificateExtensions.NAME); - - if (exts == null) { - // should not happen. - continue; - } - KeyUsageExtension ext = (KeyUsageExtension) - exts.get(KeyUsageExtension.NAME); - - if (ext == null) - // should not happen - continue; - byte[] value = ext.getExtensionValue(); - - if (value[0] == 0x03 && value[1] == 0x02 && value[2] == 0x07) { - byte[] newvalue = new byte[value.length + 1]; - - newvalue[0] = 0x03; - newvalue[1] = 0x03; - newvalue[2] = 0x07; - newvalue[3] = value[3]; - // force encryption certs to have digitial signature - // set too so smime can find the cert for encryption. - if (value[3] == 0x20) { - - /* - newvalue[3] = 0x3f; - newvalue[4] = (byte)0x80; - */ - if (httpParams.getValueAsBoolean( - "dual-use-hack", true)) { - newvalue[3] = (byte) 0xE0; // same as rsa-dual-use. - } - } - newvalue[4] = 0; - KeyUsageExtension newext = - new KeyUsageExtension(Boolean.valueOf(true), - (Object) newvalue); - - exts.delete(KeyUsageExtension.NAME); - exts.set(KeyUsageExtension.NAME, newext); - - } - } catch (IOException e) { - // should never happen - continue; - } catch (CertificateException e) { - // should never happen - continue; - } - } - - } - /** * Signed Audit Log Info Certificate Value * diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java b/pki/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java index facf501cd..b765a2cbb 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java @@ -390,15 +390,6 @@ import com.netscape.cms.servlet.common.ECMSGWException; } /** - * gets base 64 encoded cert chain - */ - private String getChainBase64(byte[] certBytes) { - String certBase64 = CMS.BtoA(certBytes); - - return certBase64; - } - - /** * Retrieves locale based on the request. */ protected Locale getLocale(HttpServletRequest req) { diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java b/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java index e79efc327..f683a83d6 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java @@ -21,7 +21,6 @@ package com.netscape.cms.servlet.cert; import java.io.IOException; import java.math.BigInteger; import java.security.PublicKey; -import java.util.Date; import java.util.Enumeration; import java.util.Locale; import java.util.StringTokenizer; @@ -578,87 +577,6 @@ public class ListCerts extends CMSServlet { } /** - * Process the key search. - */ - private void process(CMSTemplateParams argSet, IArgBlock header, - int maxCount, int sentinel, - String filter, HttpServletRequest req, - HttpServletResponse resp, - String revokeAll, Locale locale) - throws EBaseException { - try { - if (filter.indexOf(CURRENT_TIME, 0) > -1) { - filter = insertCurrentTime(filter); - } - if (revokeAll != null && revokeAll.indexOf(CURRENT_TIME, 0) > -1) { - revokeAll = insertCurrentTime(revokeAll); - } - - // xxx the filter includes serial number range??? - ICertRecordList list = - (ICertRecordList) mCertDB.findCertRecordsInList(filter, null, maxCount); - // sentinel is the index on the list now, not serial number - Enumeration e = - list.getCertRecords(sentinel, sentinel + maxCount - 1); - - int count = 0; - - while (e != null && e.hasMoreElements()) { - ICertRecord rec = (ICertRecord) e.nextElement(); - - count++; - IArgBlock rarg = com.netscape.certsrv.apps.CMS.createArgBlock(); - - fillRecordIntoArg(rec, rarg); - argSet.addRepeatRecord(rarg); - } - - header.addStringValue("op", req.getParameter("op")); - if (revokeAll != null) - header.addStringValue("revokeAll", revokeAll); - if (mAuthName != null) - header.addStringValue("issuerName", mAuthName.toString()); - header.addStringValue("serviceURL", req.getRequestURI()); - header.addStringValue("templateName", "queryCert"); - header.addStringValue("queryFilter", filter); - header.addIntegerValue("maxCount", maxCount); - header.addIntegerValue("totalRecordCount", list.getSize()); - if ((sentinel + count) < list.getSize()) - header.addIntegerValue("querySentinelDown", sentinel + count); - else - header.addStringValue("querySentinelDown", null); - } catch (EBaseException e) { - log(ILogger.LL_FAILURE, com.netscape.certsrv.apps.CMS.getLogMessage("CMSGW_ERROR_LISTCERTS", e.toString())); - throw e; - } - return; - } - - private String insertCurrentTime(String filter) { - Date now = null; - StringBuffer newFilter = new StringBuffer(); - int k = 0; - int i = filter.indexOf(CURRENT_TIME, k); - - while (i > -1) { - if (now == null) now = new Date(); - if (newFilter.length() == 0) { - newFilter.append(filter.substring(k, i)); - newFilter.append(now.getTime()); - } else { - newFilter.append(filter.substring(k, i)); - newFilter.append(now.getTime()); - } - k = i + CURRENT_TIME.length(); - i = filter.indexOf(CURRENT_TIME, k); - } - if (k > 0) { - newFilter.append(filter.substring(k, filter.length())); - } - return newFilter.toString(); - } - - /** * Fills cert record into argument block. */ private void fillRecordIntoArg(ICertRecord rec, IArgBlock rarg) diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java b/pki/base/common/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java index 79151072d..19714cbfa 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java @@ -19,7 +19,6 @@ package com.netscape.cms.servlet.cert.scep; import java.io.ByteArrayInputStream; import java.io.FileOutputStream; -import java.io.IOException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.PublicKey; @@ -1853,19 +1852,7 @@ throws EBaseException { - /** - * This needs to be re-written to log the messages to the system log, since there - * will be no visual webpage feedback for the user. (he's using a router) - */ - - private void writeError(String errMsg, HttpServletRequest httpReq, - HttpServletResponse httpResp) - throws IOException - { - } - - - protected String hashPassword(String pwd) { + protected String hashPassword(String pwd) { String salt = "lala123"; byte[] pwdDigest = mSHADigest.digest((salt+pwd).getBytes()); String b64E = com.netscape.osutil.OSUtil.BtoA(pwdDigest); diff --git a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java index 4528ea7ed..fd89ceaf1 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java +++ b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java @@ -574,21 +574,11 @@ public class CMSTemplate extends CMSFile { flush(); return; } - - public void println(String s) throws IOException { - print(s); - write('\n'); - flush(); - return; - } } private class templateLine { private StringBuffer s = new StringBuffer(); - void templateLine() { - } - void println(String p) { s.append('\n'); s.append(p); diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java index 17a4bae66..e18d86cf2 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java @@ -1210,23 +1210,6 @@ public class DatabasePanel extends WizardPanelBase { context.put("panel", "admin/console/config/databasepanel.vm"); } - private boolean isAgreementExist(String replicadn, LDAPConnection conn, - String name) { - String dn = "cn="+name+","+replicadn; - String filter = "(cn="+name+")"; - String[] attrs = {"cn"}; - try { - LDAPSearchResults results = conn.search(dn, LDAPv3.SCOPE_SUB, - filter, attrs, false); - while (results.hasMoreElements()) - return true; - } catch (LDAPException e) { - return false; - } - - return false; - } - private void createReplicationManager(LDAPConnection conn, String bindUser, String pwd) throws LDAPException { LDAPAttributeSet attrs = null; diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java index 0a6c5ec36..c1bf138e8 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java @@ -130,22 +130,4 @@ public class GetSubsystemCert extends CMSServlet { } return locale; } - - private String normalizeCertStr(String s) { - StringBuffer val = new StringBuffer(); - - for (int i = 0; i < s.length(); i++) { - if (s.charAt(i) == '\n') { - continue; - } else if (s.charAt(i) == '\r') { - continue; - } else if (s.charAt(i) == '"') { - continue; - } else if (s.charAt(i) == ' ') { - continue; - } - val.append(s.charAt(i)); - } - return val.toString(); - } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java b/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java index c065173ca..036bd5d05 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java +++ b/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java @@ -39,7 +39,6 @@ import com.netscape.certsrv.request.IRequest; import com.netscape.certsrv.request.IRequestQueue; import com.netscape.certsrv.request.IRequestVirtualList; import com.netscape.certsrv.request.RequestId; -import com.netscape.certsrv.request.RequestStatus; import com.netscape.cms.servlet.base.CMSServlet; import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.CMSTemplate; @@ -359,14 +358,6 @@ public class QueryReq extends CMSServlet { return; } - private static String makeRequestStatusEq(RequestStatus s) { - return "(" + "requestState" + "=" + s + ")"; - } - - private static String makeRequestIdCmp(String op, int bound) { - return "(requestId" + op + bound + ")"; - } - /** * Perform search based on direction button pressed * @param filter ldap filter indicating which VLV to search through. This can be diff --git a/pki/base/common/src/com/netscape/cms/servlet/tks/TokenServlet.java b/pki/base/common/src/com/netscape/cms/servlet/tks/TokenServlet.java index 1f6efa850..ca7855657 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/tks/TokenServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/tks/TokenServlet.java @@ -23,7 +23,6 @@ import java.io.OutputStream; import java.security.PublicKey; import java.security.SecureRandom; import java.util.StringTokenizer; -import java.util.Vector; import javax.servlet.ServletConfig; import javax.servlet.ServletException; @@ -46,7 +45,6 @@ import com.netscape.certsrv.base.IPrettyPrintFormat; import com.netscape.certsrv.base.SessionContext; import com.netscape.certsrv.common.Constants; import com.netscape.certsrv.logging.ILogger; -import com.netscape.certsrv.security.Credential; import com.netscape.certsrv.tks.ITKSAuthority; import com.netscape.cms.servlet.base.CMSServlet; import com.netscape.cms.servlet.common.CMSRequest; @@ -1376,27 +1374,4 @@ public class TokenServlet extends CMSServlet { super.service(req, resp); } - - /** - * Parses uid0=pwd0,uid1=pwd1,... into AgentCredential. - * - * @param s credential string - * @return a list of credentials - */ - private Credential[] parseCredentialStr(String s) { - StringTokenizer st = new StringTokenizer(s, ","); - Vector v = new Vector(); - - while (st.hasMoreTokens()) { - String a = st.nextToken(); - StringTokenizer st0 = new StringTokenizer(a, "="); - - v.addElement(new Credential(st0.nextToken(), - st0.nextToken())); - } - Credential ac[] = new Credential[v.size()]; - - v.copyInto(ac); - return ac; - } } diff --git a/pki/base/common/src/com/netscape/cmscore/apps/CMSEngine.java b/pki/base/common/src/com/netscape/cmscore/apps/CMSEngine.java index 59b387127..e812cf10a 100644 --- a/pki/base/common/src/com/netscape/cmscore/apps/CMSEngine.java +++ b/pki/base/common/src/com/netscape/cmscore/apps/CMSEngine.java @@ -1120,22 +1120,6 @@ public class CMSEngine implements ICMSEngine { mServerCertNickname = newName; } - private String lineParsing(String input, String newName) { - //<SSLPARAMS servercertnickname="Server-Cert cert-firefly" - int index = input.indexOf("servercertnickname"); - - if (index >= 0) { - String str = input.substring(index + 20); - int index2 = str.indexOf("\""); - String newLine = input.substring(0, index + 20) - + newName + str.substring(index2); - - return newLine; - } else { - return input; - } - } - public String getFingerPrint(Certificate cert) throws CertificateEncodingException, NoSuchAlgorithmException { return CertUtils.getFingerPrint(cert); diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java b/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java index bf698ddad..38901f3be 100644 --- a/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java +++ b/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java @@ -295,16 +295,6 @@ public class ChallengePhraseAuthentication implements IAuthManager { return authToken; } - private String getDecimalStr(String str) { - String newStr = str; - - if (str.startsWith("0x") || str.startsWith("0X")) { - newStr = "" + Integer.parseInt(str.trim().substring(2), 16); - } - - return newStr; - } - private boolean compareChallengePassword(CertRecord record, String pwd) throws EBaseException { MetaInfo metaInfo = (MetaInfo) record.get(CertRecord.ATTR_META_INFO); diff --git a/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java b/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java index 684f8a8ed..924248d01 100644 --- a/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java +++ b/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java @@ -269,132 +269,6 @@ public class SimpleProperties extends Hashtable { return (slashCount % 2 == 1); } - /* - * Converts encoded \\uxxxx to unicode chars - * and changes special saved chars to their original forms - */ - private String loadConvert(String theString) { - char aChar; - int len = theString.length(); - StringBuffer outBuffer = new StringBuffer(len); - - for (int x = 0; x < len;) { - aChar = theString.charAt(x++); - if (aChar == '\\') { - aChar = theString.charAt(x++); - if (aChar == 'u') { - // Read the xxxx - int value = 0; - - for (int i = 0; i < 4; i++) { - aChar = theString.charAt(x++); - switch (aChar) { - case '0': - case '1': - case '2': - case '3': - case '4': - case '5': - case '6': - case '7': - case '8': - case '9': - value = (value << 4) + aChar - '0'; - break; - - case 'a': - case 'b': - case 'c': - case 'd': - case 'e': - case 'f': - value = (value << 4) + 10 + aChar - 'a'; - break; - - case 'A': - case 'B': - case 'C': - case 'D': - case 'E': - case 'F': - value = (value << 4) + 10 + aChar - 'A'; - break; - - default: - throw new IllegalArgumentException( - "Malformed \\uxxxx encoding."); - } - } - outBuffer.append((char) value); - } else { - if (aChar == 't') aChar = '\t'; - else if (aChar == 'r') aChar = '\r'; - else if (aChar == 'n') aChar = '\n'; - else if (aChar == 'f') aChar = '\f'; - outBuffer.append(aChar); - } - } else - outBuffer.append(aChar); - } - return outBuffer.toString(); - } - - /* - * Converts unicodes to encoded \\uxxxx - * and writes out any of the characters in specialSaveChars - * with a preceding slash - */ - private String saveConvert(String theString) { - char aChar; - int len = theString.length(); - StringBuffer outBuffer = new StringBuffer(len * 2); - - for (int x = 0; x < len;) { - aChar = theString.charAt(x++); - switch (aChar) { - case '\\': - outBuffer.append('\\'); - outBuffer.append('\\'); - continue; - - case '\t': - outBuffer.append('\\'); - outBuffer.append('t'); - continue; - - case '\n': - outBuffer.append('\\'); - outBuffer.append('n'); - continue; - - case '\r': - outBuffer.append('\\'); - outBuffer.append('r'); - continue; - - case '\f': - outBuffer.append('\\'); - outBuffer.append('f'); - continue; - - default: - if ((aChar < 20) || (aChar > 127)) { - outBuffer.append('\\'); - outBuffer.append('u'); - outBuffer.append(toHex((aChar >> 12) & 0xF)); - outBuffer.append(toHex((aChar >> 8) & 0xF)); - outBuffer.append(toHex((aChar >> 4) & 0xF)); - outBuffer.append(toHex((aChar >> 0) & 0xF)); - } else { - if (specialSaveChars.indexOf(aChar) != -1) - outBuffer.append('\\'); - outBuffer.append(aChar); - } - } - } - return outBuffer.toString(); - } - /** * Calls the <code>store(OutputStream out, String header)</code> method * and suppresses IOExceptions that were thrown. @@ -599,14 +473,6 @@ public class SimpleProperties extends Hashtable { } } - /** - * Convert a nibble to a hex character - * @param nibble the nibble to convert. - */ - private static char toHex(int nibble) { - return hexDigit[(nibble & 0xF)]; - } - /** A table of hex digits */ private static final char[] hexDigit = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java index f55248eec..8a2d1f2d2 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java @@ -124,22 +124,6 @@ public class PublicKeyMapper implements IDBAttrMapper { return mLdapName + op + value; } - private String normalize(String s) { - String val = ""; - - for (int i = 0; i < s.length(); i++) { - if (s.charAt(i) == '\n') { - continue; - } else if (s.charAt(i) == '\r') { - continue; - } else if (s.charAt(i) == '"') { - continue; - } - val += s.charAt(i); - } - return val; - } - public static String escapeBinaryData(byte data[]) { String result = ""; diff --git a/pki/base/common/src/com/netscape/cmscore/extensions/KeyUsage.java b/pki/base/common/src/com/netscape/cmscore/extensions/KeyUsage.java index a5378ced3..9b8e16cf6 100644 --- a/pki/base/common/src/com/netscape/cmscore/extensions/KeyUsage.java +++ b/pki/base/common/src/com/netscape/cmscore/extensions/KeyUsage.java @@ -231,9 +231,5 @@ public class KeyUsage implements ICMSExtension { return params; } - private void log(int level, String msg) { - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, level, msg); - } - } diff --git a/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java b/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java index 95d668283..cdfb7025c 100644 --- a/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java +++ b/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java @@ -458,19 +458,6 @@ public class GenericPolicyProcessor implements IPolicyProcessor { return mAuthority.getId() + ".Policy"; } - private void setError(IRequest req, String format, String arg) { - if (format == null) - return; - EPolicyException ex = new EPolicyException(format, arg); - - Vector ev = req.getExtDataInStringVector(IRequest.ERRORS); - if (ev == null) { - ev = new Vector(); - } - ev.addElement(ex.toString()); - req.setExtData(IRequest.ERRORS, ev); - } - public Enumeration getPolicyImpls() { Vector impls = new Vector(); Enumeration enum1 = mImplTable.elements(); diff --git a/pki/base/common/src/com/netscape/cmscore/util/OsSubsystem.java b/pki/base/common/src/com/netscape/cmscore/util/OsSubsystem.java index 47bb62801..05118b9ea 100644 --- a/pki/base/common/src/com/netscape/cmscore/util/OsSubsystem.java +++ b/pki/base/common/src/com/netscape/cmscore/util/OsSubsystem.java @@ -32,7 +32,6 @@ import com.netscape.certsrv.logging.ILogger; import com.netscape.cmscore.base.SubsystemRegistry; import com.netscape.osutil.LibC; import com.netscape.osutil.OSUtil; -import com.netscape.osutil.ResourceLimit; import com.netscape.osutil.Signal; import com.netscape.osutil.SignalListener; import com.netscape.osutil.UserID; @@ -174,42 +173,6 @@ public final class OsSubsystem implements ISubsystem { } /** - * Hooks up unix signals. - */ - private void initUnix() throws EBaseException { - // Set up signal handling. We pretty much exit on anything - // Signal.watch(Signal.SIGHUP); - // Signal.watch(Signal.SIGTERM); - // Signal.watch(Signal.SIGINT); - // mSignalThread = new SignalThread(); - // mSignalThread.setDaemon(true); - // mSignalThread.start(); - - Signal.addSignalListener(Signal.SIGHUP, new SIGHUPListener(this)); - Signal.addSignalListener(Signal.SIGTERM, new SIGTERMListener(this)); - Signal.addSignalListener(Signal.SIGINT, new SIGINTListener(this)); - - /* Increase the maximum number of file descriptors */ - int i = mConfig.getInteger("maxFiles", - ResourceLimit.getHardLimit(ResourceLimit.RLIMIT_NOFILE)); - - ResourceLimit.setLimits(ResourceLimit.RLIMIT_NOFILE, - i, ResourceLimit.getHardLimit(ResourceLimit.RLIMIT_NOFILE)); - - // write current pid to specified file - String pf = mConfig.getString("pidFile", null); - - if (pf == null) { - return; // development environment does not rely on this - } - File pidFile = new File(pf); - - if (pidFile.exists()) { - throw new EBaseException(CMS.getUserMessage("CMS_BASE_PID_EXIST")); - } - } - - /** * Used to change the process user id usually called after the appropriate * network ports have been opened. */ @@ -344,24 +307,6 @@ public final class OsSubsystem implements ISubsystem { } /** - * Unix restart - * <P> - */ - private void restartUnix() { - // Tell watch dog to restart us - int ppid = LibC.getppid(); - - Signal.send(ppid, Signal.SIGHUP); - } - - /** - * NT restart - * <P> - */ - private void restartNT() { - } - - /** * Returns the root configuration storage of this system. * <P> * diff --git a/pki/base/java-tools/src/com/netscape/cmstools/PasswordCache.java b/pki/base/java-tools/src/com/netscape/cmstools/PasswordCache.java index f914fab74..cd0351ae4 100644 --- a/pki/base/java-tools/src/com/netscape/cmstools/PasswordCache.java +++ b/pki/base/java-tools/src/com/netscape/cmstools/PasswordCache.java @@ -335,24 +335,6 @@ public class PasswordCache { System.exit(1); } } - - private static boolean badPassword(String pwd) { - // XXX - implement only password checking - return false; -/* - PasswordChecker pwdChecker = new PasswordChecker(); - - if (!pwdChecker.isGoodPassword(pwd)) { - String reason = pwdChecker.getReason(pwd); - - System.out.println("New password does not pass password " + - "quality test: " + reason); - return true; - } else { - return false; - } -*/ - } } diff --git a/pki/base/kra/src/com/netscape/kra/EnrollmentService.java b/pki/base/kra/src/com/netscape/kra/EnrollmentService.java index 397793bfc..6415e1903 100644 --- a/pki/base/kra/src/com/netscape/kra/EnrollmentService.java +++ b/pki/base/kra/src/com/netscape/kra/EnrollmentService.java @@ -855,43 +855,6 @@ public class EnrollmentService implements IService { } /** - * Signed Audit Log Recovery ID - * - * This method is called to obtain the "RecoveryID" for - * a signed audit log message. - * <P> - * - * @return id string containing the signed audit log message RecoveryID - */ - private String auditRecoveryID() { - // if no signed audit object exists, bail - if (mSignedAuditLogger == null) { - return null; - } - - String recoveryID = null; - - // Initialize recoveryID - SessionContext auditContext = SessionContext.getExistingContext(); - - if (auditContext != null) { - recoveryID = (String) - auditContext.get(SessionContext.RECOVERY_ID); - - if (recoveryID != null) { - recoveryID = recoveryID.trim(); - } else { - recoveryID = ILogger.UNIDENTIFIED; - } - } else { - recoveryID = ILogger.UNIDENTIFIED; - } - - return recoveryID; - } - - - /** * Signed Audit Log * * This method is called to store messages to the signed audit log. diff --git a/pki/base/silent/src/com/netscape/pkisilent/argparser/StringScanner.java b/pki/base/silent/src/com/netscape/pkisilent/argparser/StringScanner.java index fae67c791..6153f180f 100644 --- a/pki/base/silent/src/com/netscape/pkisilent/argparser/StringScanner.java +++ b/pki/base/silent/src/com/netscape/pkisilent/argparser/StringScanner.java @@ -577,14 +577,6 @@ class StringScanner } } - private int skipWhiteSpace(int k) - { - while (Character.isWhitespace(buf[k])) - { k++; - } - return k; - } - public boolean atEnd() { return idx == len; diff --git a/pki/base/silent/src/com/netscape/pkisilent/common/AutoInstaller.java b/pki/base/silent/src/com/netscape/pkisilent/common/AutoInstaller.java index a16a6cc53..925e04dc0 100644 --- a/pki/base/silent/src/com/netscape/pkisilent/common/AutoInstaller.java +++ b/pki/base/silent/src/com/netscape/pkisilent/common/AutoInstaller.java @@ -748,60 +748,6 @@ public class AutoInstaller { } - private boolean taskCloneMaster() { - System.out.println("configuring Cert Instance : taskCloneMaster"); - setConfigURL(); - String myStringUrl = "http://" + host + ":" + adminPort + configURL; - - System.out.println(myStringUrl); - String query = "serverRoot=" + URLEncoder.encode(serverRoot); - - query += "&"; - query += "&claPortnumEE=" + URLEncoder.encode(caEEPort); - query += "&claPortnum=" + URLEncoder.encode(caAgentPortnum); - query += "&claHostname=" + URLEncoder.encode(caHostname); - query += "&ra=false"; - query += "&ca=true"; - query += "&kra=false"; - query += "&subsystems=ca"; - query += "&cloning=true"; - query += "&cloningInstance=" + URLEncoder.encode(cloneInstanceId); - query += "&claTimeout=" + URLEncoder.encode("60"); - query += "&internaldb.ldapauth.bindDN=" - + URLEncoder.encode(dbLDAPauthDN); - query += "&AdminUserPassword=" + URLEncoder.encode(adminPWD); - query += "&db.password=" + URLEncoder.encode(dbPassword); - query += "&instanceID=" + URLEncoder.encode(instanceID); - query += "&opType=" + URLEncoder.encode("OP_MODIFY"); - query += "&taskID=" + URLEncoder.encode("taskCloneMaster"); - query += "&cmsSeed=0"; - setPostQueryString(query); - return Connect(myStringUrl); - } - - private boolean taskCloning() { - System.out.println("configuring Cert Instance : taskCloning"); - setConfigURL(); - String myStringUrl = "http://" + host + ":" + adminPort + configURL; - - System.out.println(myStringUrl); - String query = "serverRoot=" + URLEncoder.encode(serverRoot); - - query += "&"; - query += "&cloneTokenPasswd=" + URLEncoder.encode(dbPassword); - query += "&cloneTokenName=" + URLEncoder.encode("internal"); - query += "&cloningInstance=" + URLEncoder.encode(cloneInstanceId); - query += "&cloneSameMachine=true"; - query += "&AdminUserPassword=" + URLEncoder.encode(adminPWD); - query += "&certType=" + URLEncoder.encode(certType); - query += "&instanceID=" + URLEncoder.encode(instanceID); - query += "&opType=" + URLEncoder.encode("OP_MODIFY"); - query += "&taskID=" + URLEncoder.encode("taskCloning"); - query += "&cmsSeed=0"; - setPostQueryString(query); - return Connect(myStringUrl); - } - private boolean setSerial(String start, String end) { System.out.println("configuring Cert Instance : setCASerial"); setConfigURL(); @@ -872,25 +818,6 @@ public class AutoInstaller { } - private boolean serverMigration() { - System.out.println("configuring Cert Instance : Server migration"); - setConfigURL(); - String myStringUrl = "http://" + host + ":" + adminPort + configURL; - - System.out.println(myStringUrl); - String query = "AdminUserPassword=" + URLEncoder.encode(adminPWD); - - query += "&"; - query += "instanceID=" + URLEncoder.encode(instanceID); - query += "&migrationEnable=" + URLEncoder.encode("false"); - query += "&opType=" + URLEncoder.encode("OP_MODIFY"); - query += "&taskID=" + URLEncoder.encode("migration"); - query += "&cmsSeed=0"; - setPostQueryString(query); - return Connect(myStringUrl); - - } - private boolean initializePWD() { System.out.println("configuring Cert Instance : Initialize token"); setConfigURL(); @@ -1570,32 +1497,6 @@ public class AutoInstaller { return Connect(myStringUrl); } - private boolean setupKRAAgents() { - System.out.println("configuring Cert Instance : KRA Agents"); - setConfigURL(); - String myStringUrl = "http://" + host + ":" + adminPort + configURL; - - System.out.println(myStringUrl); - String query = "AdminUserPassword=" + URLEncoder.encode(adminPWD); - - query += "&"; - query += "instanceID=" + URLEncoder.encode(instanceID); - query += "&serverRoot=" + URLEncoder.encode(serverRoot); - query += "&opType=" + URLEncoder.encode("OP_MODIFY"); - query += "&taskID=" + URLEncoder.encode("agents"); - query += "&n=" + URLEncoder.encode("3"); - query += "&m=" + URLEncoder.encode("2"); - query += "&uid2=" + URLEncoder.encode("agent3"); - query += "&uid0=" + URLEncoder.encode("agent1"); - query += "&uid1=" + URLEncoder.encode("agent2"); - query += "&pwd1=" + URLEncoder.encode("netscape"); - query += "&pwd2=" + URLEncoder.encode("netscape"); - query += "&pwd0=" + URLEncoder.encode("netscape"); - query += "&cmsSeed=0"; - setPostQueryString(query); - return Connect(myStringUrl); - } - private boolean ConfRA() { // Start Configuring @@ -2230,116 +2131,6 @@ public class AutoInstaller { // Configure Clone - private boolean ConfClone() { - // Start Configuring - - // Step 1. Start Deamon - - if (!startDeamon()) { - System.out.println( - "Configuring Cert Instance: Unable to start deamon"); - return false; - } - - // Sometimes it takes time to start deamon so wait for few seconds - try { - System.out.println("going to sleep for 10 seconds"); - Thread.sleep(10000); - } catch (InterruptedException ie) { - System.out.println("sleep exection"); - } - - // Step 1a: Initialize Token ( Changed in 6.0)jjj - if (!initializePWD()) { - System.out.println( - "Configuring Cert Instance: error initializing pwd token"); - return false; - } - - // Step 2. Configure Internal DB - if (!configInternalDB()) { - System.out.println( - "Configuring Cert Instance: error configuring internal db"); - return false; - } - - // Step 3. Create Admin Values - if (!createAdminValues()) { - System.out.println( - "Configuring Cert Instance: error configuring admin values "); - return false; - } - - // Step 4. SubSystems - - if (!selectSubSystem()) { - System.out.println( - "Configuring Cert Instance: error selecting subsystems"); - return false; - } - - // Step 5. SetCASerial - if (!setSerial("1000000", "2000000")) { - System.out.println("Configuring Cert Instance: error setSerial"); - return false; - } - - if (!setOCSP()) { - System.out.println("Configuring Cert Instance: error setOCSP"); - return false; - } - - // Step 5. Network Configuration - if (!networkConfig()) { - System.out.println( - "Configuring Cert Instance: error configuring network ports "); - return false; - } - - if (!taskCloning()) { - System.out.println("Configuring Cert Instance: error Task Cloning "); - return false; - } - - if (!taskCloneMaster()) { - System.out.println( - "Configuring Cert Instance: error configuring network ports "); - return false; - } - - // Create a SSL signing cert - certType = "serverCert"; - - if (!taskCloning()) { - System.out.println("Configuring Cert Instance: error Task Cloning "); - return false; - } - - // Step 11 - if (!singleSignON()) { - System.out.println( - "Configuring Cert Instance: error setting up singlesignon"); - return false; - } - - // Step 11 - if (!doMisc()) { - System.out.println( - "Configuring Cert Instance: error setting up miscell"); - return false; - } - - // Step 12 - if (!exitDeamon()) { - System.out.println( - "Configuring Cert Instance: Unable to exit deamon"); - return false; - } - - return true; - - } - public boolean readProperties() { // Read the properties file and assign values to variables . try { diff --git a/pki/base/silent/src/com/netscape/pkisilent/common/CMSConfig.java b/pki/base/silent/src/com/netscape/pkisilent/common/CMSConfig.java index 6913a1440..94c57a62c 100644 --- a/pki/base/silent/src/com/netscape/pkisilent/common/CMSConfig.java +++ b/pki/base/silent/src/com/netscape/pkisilent/common/CMSConfig.java @@ -40,20 +40,6 @@ public class CMSConfig extends ServerInfo { readCMSConfig(); } - private void getProperties(String filePath) throws Exception { - try { - FileInputStream fis = new FileInputStream(filePath); - - props = new CMSProperties(); - props.load(fis); - System.out.println("Reading Properties file successful"); - fis.close(); - } catch (Exception e) { - System.out.println("exception " + e.getMessage()); - } - - } - private void readCMSConfig() { try { @@ -517,51 +503,6 @@ public class CMSConfig extends ServerInfo { CMSprops.setProperty("cardcryptogram.validate.enable", "false"); } - private void ARLOn() { - CMSprops.setProperty( - "ca.crl.MasterCRL.extension.IssuingDistributionPoint.critical", - "true"); - CMSprops.setProperty( - "ca.crl.MasterCRL.extension.IssuingDistributionPoint.enable", - "true"); - CMSprops.setProperty( - "ca.crl.MasterCRL.extension.IssuingDistributionPoint.indirectCRL", - "false"); - CMSprops.setProperty( - "ca.crl.MasterCRL.extension.IssuingDistributionPoint.onlyContainsCACerts", - "true"); - CMSprops.setProperty( - "ca.crl.MasterCRL.extension.IssuingDistributionPoint.onlyContainsUserCerts", - "false"); - CMSprops.setProperty( - "ca.crl.MasterCRL.extension.IssuingDistributionPoint.onlySomeReasons", - null); - CMSprops.setProperty( - "ca.crl.MasterCRL.extension.IssuingDistributionPoint.pointName", - null); - CMSprops.setProperty( - "ca.crl.MasterCRL.extension.IssuingDistributionPoint.pointType", - "DirectoryName"); - CMSprops.setProperty( - "ca.crl.MasterCRL.extension.IssuingDistributionPoint.type", - "CRLExtension"); - CMSprops.setProperty("ca.crl.MasterCRL.allowExtensions", "true"); - CMSprops.setProperty("ca.crl.MasterCRL.alwaysUpdate", "true"); - CMSprops.setProperty("ca.crl.MasterCRL.autoUpdateInterval", "5"); - CMSprops.setProperty("ca.crl.MasterCRL.caCertsOnly", "true"); - CMSprops.setProperty("ca.crl.MasterCRL.cacheUpdateInterval", "5"); - CMSprops.setProperty("ca.crl.MasterCRL.class", - "com.netscape.cmscore.ca.CRLIssuingPoint"); - - CMSprops.setProperty("ca.crl.MasterCRL.description", - "CA's complete Certificate Revocation List"); - CMSprops.setProperty("ca.crl.MasterCRL.enableCRLCache", "true"); - CMSprops.setProperty("ca.crl.MasterCRL.includeExpiredCerts", "true"); - CMSprops.setProperty("ca.crl.MasterCRL.nextUpdateSkew", "5"); - CMSprops.setProperty("ca.crl.MasterCRL.signingAlgorithm", "SHA1withRSA"); - - } - // Policies public void DefaultValidityRule(String SubsystemType, String lagtime, String leadtime, String maxValidity) { if (SubsystemType.equals("ca")) { diff --git a/pki/base/silent/src/com/netscape/pkisilent/common/CMSLDAP.java b/pki/base/silent/src/com/netscape/pkisilent/common/CMSLDAP.java index 51dbd2127..038ec42f9 100644 --- a/pki/base/silent/src/com/netscape/pkisilent/common/CMSLDAP.java +++ b/pki/base/silent/src/com/netscape/pkisilent/common/CMSLDAP.java @@ -98,17 +98,6 @@ public class CMSLDAP { } - private boolean RemoveInstance(String basedn) { - try { - conn.delete(basedn); - return true; - } catch (Exception e) { - System.out.println("ERROR: " + e.toString()); - return false; - } - - } - /** * Search for certificaterevocationList attribute. Takes basedn and filter as parameters */ diff --git a/pki/base/silent/src/com/netscape/pkisilent/common/ServerInfo.java b/pki/base/silent/src/com/netscape/pkisilent/common/ServerInfo.java index 89fa768ca..c353c4ae8 100644 --- a/pki/base/silent/src/com/netscape/pkisilent/common/ServerInfo.java +++ b/pki/base/silent/src/com/netscape/pkisilent/common/ServerInfo.java @@ -252,20 +252,6 @@ public class ServerInfo { } } - private void getProperties(String filePath) throws Exception { - try { - FileInputStream fis = new FileInputStream(filePath); - - props = new CMSProperties(); - props.load(fis); - System.out.println("Reading Properties file successful"); - fis.close(); - } catch (Exception e) { - System.out.println("exception " + e.getMessage()); - } - - } - private String stripSpace(String s) { String val = ""; diff --git a/pki/base/silent/src/com/netscape/pkisilent/common/TestClient.java b/pki/base/silent/src/com/netscape/pkisilent/common/TestClient.java index fc2668565..d711e409e 100644 --- a/pki/base/silent/src/com/netscape/pkisilent/common/TestClient.java +++ b/pki/base/silent/src/com/netscape/pkisilent/common/TestClient.java @@ -19,10 +19,8 @@ package com.netscape.pkisilent.common; import java.io.BufferedReader; import java.io.FileInputStream; -import java.io.IOException; import java.io.InputStreamReader; import java.net.ServerSocket; -import java.net.Socket; import java.util.Properties; import org.mozilla.jss.crypto.X509Certificate; @@ -468,20 +466,6 @@ public class TestClient implements SSLCertificateApprovalCallback { return s; } - private static boolean isSocketUnused(String h, int p) { - - try { - - Socket ss = new Socket(h, p); - - ss.close(); - return false; - - } catch (IOException e) { - return true; - } - } - /** * returns FreePort in this machine . Takes a parmater portnumber. For example getFreePort("4026"). */ diff --git a/pki/base/silent/src/com/netscape/pkisilent/common/UserEnroll.java b/pki/base/silent/src/com/netscape/pkisilent/common/UserEnroll.java index fa402cf61..cd6ebd878 100644 --- a/pki/base/silent/src/com/netscape/pkisilent/common/UserEnroll.java +++ b/pki/base/silent/src/com/netscape/pkisilent/common/UserEnroll.java @@ -155,10 +155,6 @@ public class UserEnroll extends TestClient { certType = ct; } - private long getElapsedTime() { - return elapsedTime; - } - public boolean enroll_load() { buildquery(); setStatusString(""); diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java index 29fbc4e87..3c563d939 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java @@ -78,7 +78,6 @@ public class CertID implements ASN1Value /////////////////////////////////////////////////////////////////////// // Constructors /////////////////////////////////////////////////////////////////////// - private CertID() { } public CertID(AlgorithmIdentifier hashAlgorithm, OCTET_STRING issuerNameHash, OCTET_STRING issuerKeyHash, diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java index 98f50e7ef..ea2e54221 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java @@ -65,11 +65,7 @@ public class OCSPRequest implements ASN1Value { return optionalSignature; } - - /////////////////////////////////////////////////////////////////////// - // Constructors - /////////////////////////////////////////////////////////////////////// - private OCSPRequest() { } + /* THIS code is probably broken. It does not properly encode the explicit element */ diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java index 67f6242c5..d8635fe2a 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java @@ -58,11 +58,6 @@ public class OCSPResponse implements ASN1Value return responseBytes; } - /////////////////////////////////////////////////////////////////////// - // Constructors - /////////////////////////////////////////////////////////////////////// - private OCSPResponse() { } - public OCSPResponse(OCSPResponseStatus responseStatus, ResponseBytes responseBytes) { diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java index ee2b62020..145fbe7d0 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java @@ -69,11 +69,6 @@ public class OCSPResponseStatus implements ASN1Value return responseStatus.getValue(); } - /////////////////////////////////////////////////////////////////////// - // Constructors - /////////////////////////////////////////////////////////////////////// - private OCSPResponseStatus() { } - public OCSPResponseStatus(long val) { responseStatus = new ENUMERATED(val); diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java index f180709de..9f277bb96 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java @@ -72,11 +72,6 @@ public class Request implements ASN1Value return (Extension) singleRequestExtensions.elementAt(index); } - /////////////////////////////////////////////////////////////////////// - // constructors - /////////////////////////////////////////////////////////////////////// - private Request() { } - public Request(CertID reqCert, SEQUENCE singleRequestExtensions) { sequence = new SEQUENCE(); diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java index 80a15b910..b5fed0d9f 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java @@ -64,11 +64,6 @@ public class ResponseBytes implements ASN1Value return response; } - /////////////////////////////////////////////////////////////////////// - // Constructors - /////////////////////////////////////////////////////////////////////// - private ResponseBytes() { } - public ResponseBytes(OBJECT_IDENTIFIER responseType, OCTET_STRING response) { sequence = new SEQUENCE(); diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java index 2810182e1..d670dfe23 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java @@ -81,11 +81,6 @@ public class Signature implements ASN1Value return (Certificate) certs.elementAt(index); } - /////////////////////////////////////////////////////////////////////// - // constructors - /////////////////////////////////////////////////////////////////////// - private Signature() { } - public Signature(AlgorithmIdentifier signatureAlgorithm, BIT_STRING signature, SEQUENCE certs) { diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java index 4e09c5914..ea23200db 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java @@ -98,8 +98,6 @@ public class TBSRequest implements ASN1Value // constructors /////////////////////////////////////////////////////////////////////// - private TBSRequest() {} - public TBSRequest(INTEGER version, ANY requestorName, SEQUENCE requestList, SEQUENCE requestExtensions) { diff --git a/pki/base/util/src/netscape/security/extensions/OCSPNoCheckExtension.java b/pki/base/util/src/netscape/security/extensions/OCSPNoCheckExtension.java index 68d0e8a30..ec3dbbb86 100644 --- a/pki/base/util/src/netscape/security/extensions/OCSPNoCheckExtension.java +++ b/pki/base/util/src/netscape/security/extensions/OCSPNoCheckExtension.java @@ -97,13 +97,6 @@ public class OCSPNoCheckExtension extends Extension implements CertAttrSet { } } - private void encodeThis(DerOutputStream out) throws IOException { - if (mCached == null) { - super.encode(out); - mCached = out.toByteArray(); - } - } - public String toString() { String presentation = "oid=" + OID + " "; diff --git a/pki/base/util/src/netscape/security/pkcs/PKCS8Key.java b/pki/base/util/src/netscape/security/pkcs/PKCS8Key.java index 20a788fcb..eb4478fc1 100644 --- a/pki/base/util/src/netscape/security/pkcs/PKCS8Key.java +++ b/pki/base/util/src/netscape/security/pkcs/PKCS8Key.java @@ -69,18 +69,6 @@ public class PKCS8Key implements PrivateKey { */ public PKCS8Key() { } - /* - * Build and initialize as a "default" key. All PKCS#8 key - * data is stored and transmitted losslessly, but no knowledge - * about this particular algorithm is available. - */ - private PKCS8Key (AlgorithmId algid, byte key []) - throws InvalidKeyException { - this.algid = algid; - this.key = key; - encode(); - } - /** * Construct PKCS#8 subject public key from a DER value. If * the runtime environment is configured with a specific class for diff --git a/pki/base/util/src/netscape/security/provider/DSA.java b/pki/base/util/src/netscape/security/provider/DSA.java index a40bd0295..9fa5b9f6c 100644 --- a/pki/base/util/src/netscape/security/provider/DSA.java +++ b/pki/base/util/src/netscape/security/provider/DSA.java @@ -20,8 +20,6 @@ package netscape.security.provider; import java.io.IOException; import java.io.PrintStream; import java.math.BigInteger; -import java.security.AlgorithmParameters; -import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.InvalidParameterException; import java.security.MessageDigest; @@ -32,8 +30,6 @@ import java.security.SecureRandom; import java.security.Signature; import java.security.SignatureException; import java.security.interfaces.DSAParams; -import java.security.spec.DSAParameterSpec; -import java.security.spec.InvalidParameterSpecException; import netscape.security.util.BigInt; import netscape.security.util.DerInputStream; @@ -143,20 +139,6 @@ public final class DSA extends Signature { setParams(params); } - private void initialize(AlgorithmParameters params) - throws InvalidAlgorithmParameterException { - try { - DSAParameterSpec dsaParamSpec; - dsaParamSpec = (DSAParameterSpec)params.getParameterSpec - (DSAParameterSpec.class); - dataSHA.reset(); - setParams(dsaParamSpec); - } catch (InvalidParameterSpecException e) { - throw new InvalidAlgorithmParameterException - ("Inappropriate parameter"); - } - } - /** * Sign all the data thus far updated. The signature is formatted * according to the Canonical Encoding Rules, returned as a DER @@ -228,10 +210,6 @@ public final class DSA extends Signature { return v.equals(r); } - private void reset() { - dataSHA.reset(); - } - BigInteger generateR(BigInteger p, BigInteger q, BigInteger g, BigInteger k) { BigInteger temp = g.modPow(k, p); @@ -510,12 +488,6 @@ public final class DSA extends Signature { this.presetG = params.getG(); } - private void setParams(DSAParameterSpec params) { - this.presetP = params.getP(); - this.presetQ = params.getQ(); - this.presetG = params.getG(); - } - /** * Update a byte to be signed or verified. * @@ -670,12 +642,6 @@ public final class DSA extends Signature { /* End test vector values */ - private static void debug(Exception e) { - if (debug) { - e.printStackTrace(); - } - } - private static void debug(String s) { if (debug) { System.err.println(s); diff --git a/pki/base/util/src/netscape/security/provider/MD5.java b/pki/base/util/src/netscape/security/provider/MD5.java index a3c12490d..a6adaac20 100644 --- a/pki/base/util/src/netscape/security/provider/MD5.java +++ b/pki/base/util/src/netscape/security/provider/MD5.java @@ -69,14 +69,7 @@ public final class MD5 extends MessageDigestSpi implements Cloneable { init(); } - private MD5(MD5 md5) { - this(); - this.state = (int[])md5.state.clone(); - this.transformBuffer = (int[])md5.transformBuffer.clone(); - this.buffer = (byte[])md5.buffer.clone(); - this.digestBits = (byte[])md5.digestBits.clone(); - this.count = md5.count; - } + /* ********************************************************** * The MD5 Functions. These are copied verbatim from diff --git a/pki/base/util/src/netscape/security/provider/SHA.java b/pki/base/util/src/netscape/security/provider/SHA.java index 2e5ac328e..6e4bf51e7 100644 --- a/pki/base/util/src/netscape/security/provider/SHA.java +++ b/pki/base/util/src/netscape/security/provider/SHA.java @@ -56,20 +56,6 @@ public class SHA extends MessageDigestSpi implements Cloneable { private int AA, BB, CC, DD, EE; - /** - * Creates a SHA object.with state (for cloning) */ - private SHA(SHA sha) { - this(); - this.version = sha.version; - System.arraycopy(sha.W, 0, this.W, 0, W.length); - this.count = sha.count; - this.AA = sha.AA; - this.BB = sha.BB; - this.CC = sha.CC; - this.DD = sha.DD; - this.EE = sha.EE; - } - SHA(int version) { this(); this.version = version; diff --git a/pki/base/util/src/netscape/security/util/DerValue.java b/pki/base/util/src/netscape/security/util/DerValue.java index 58ef8eccc..93ca21240 100644 --- a/pki/base/util/src/netscape/security/util/DerValue.java +++ b/pki/base/util/src/netscape/security/util/DerValue.java @@ -490,24 +490,6 @@ public class DerValue { } /* - * Internal utility ... returns a string regardless of what - * restrictions have been placed on its encoding. - */ - private String simpleGetString() throws IOException { - StringBuffer s = new StringBuffer(length); - try { - int temp = length; - - data.reset (); - while (temp-- > 0) - s.append ((char) data.getByte ()); - } catch (IOException e) { - return null; - } - return new String (s); - } - - /* * @eturns a string if the DerValue is a ASN.1 character string type and * if there is a ByteToChar converter for the type. Returns null otherwise. */ diff --git a/pki/base/util/src/netscape/security/x509/CRLDistributionPoint.java b/pki/base/util/src/netscape/security/x509/CRLDistributionPoint.java index 5207e3199..8c88ec7e7 100644 --- a/pki/base/util/src/netscape/security/x509/CRLDistributionPoint.java +++ b/pki/base/util/src/netscape/security/x509/CRLDistributionPoint.java @@ -478,11 +478,5 @@ public static class Template implements ASN1Template { } } -private static void toFile(String filename, byte[] bytes) throws IOException{ - FileOutputStream fos = new FileOutputStream(filename); - fos.write(bytes); - fos.close(); -} - } diff --git a/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java b/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java index 2ed340962..aa8c20b82 100644 --- a/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java +++ b/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java @@ -71,9 +71,6 @@ public class CRLDistributionPointsExtension extends Extension // vector of CRLDistributionPoint private SEQUENCE distributionPoints = new SEQUENCE(); - // no default constructor - private CRLDistributionPointsExtension() { } - // Cached DER-encoding to improve performance. private byte[] cachedEncoding=null; diff --git a/pki/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java b/pki/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java index 1cef0f883..51b7001e9 100644 --- a/pki/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java +++ b/pki/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java @@ -116,10 +116,6 @@ public class IssuingDistributionPointExtension extends Extension private byte[] cachedEncoding=null; - // no default constructor - private IssuingDistributionPointExtension() { } - - static { try { OIDMap.addAttribute(IssuingDistributionPointExtension.class.getName(), diff --git a/pki/base/util/src/netscape/security/x509/OIDMap.java b/pki/base/util/src/netscape/security/x509/OIDMap.java index 0b0fd5a36..082ecc4fd 100644 --- a/pki/base/util/src/netscape/security/x509/OIDMap.java +++ b/pki/base/util/src/netscape/security/x509/OIDMap.java @@ -19,7 +19,6 @@ package netscape.security.x509; import java.io.File; import java.io.FileInputStream; -import java.io.FileOutputStream; import java.io.IOException; import java.security.cert.CertificateException; import java.util.Enumeration; @@ -211,17 +210,6 @@ public class OIDMap { } } - // save to file - private static void saveDefaults(Properties props, String fileName) { - try { - FileOutputStream fos = new FileOutputStream(fileName); - props.save(fos, "Registered classes"); - fos.close(); - } catch (IOException e) { - System.err.println(e); - } - } - /** * Add a name to lookup table. * diff --git a/pki/base/util/src/netscape/security/x509/X509CRLImpl.java b/pki/base/util/src/netscape/security/x509/X509CRLImpl.java index c76e8e25b..14cf3c016 100755 --- a/pki/base/util/src/netscape/security/x509/X509CRLImpl.java +++ b/pki/base/util/src/netscape/security/x509/X509CRLImpl.java @@ -111,12 +111,6 @@ public class X509CRLImpl extends X509CRL { private boolean readOnly = false; /** - * Not to be used. As it would lead to cases of uninitialized - * CRL objects. - */ - private X509CRLImpl() { } - - /** * Unmarshals an X.509 CRL from its encoded form, parsing the encoded * bytes. This form of constructor is used by agents which * need to examine and use CRL contents. Note that the buffer |