summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--pki/base/ca/src/com/netscape/ca/CRLIssuingPoint.java1
-rw-r--r--pki/base/common/src/com/netscape/cms/evaluators/UserOrigReqAccessEvaluator.java6
-rw-r--r--pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java77
-rw-r--r--pki/base/common/src/com/netscape/cms/policy/extensions/SubjectDirectoryAttributesExt.java13
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java68
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java222
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java663
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java98
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java20
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java15
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java29
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java88
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/cert/CloneRedirect.java15
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java67
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java9
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java82
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java15
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java10
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java17
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java18
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java9
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/tks/TokenServlet.java25
-rw-r--r--pki/base/common/src/com/netscape/cmscore/apps/CMSEngine.java16
-rw-r--r--pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java10
-rw-r--r--pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java134
-rw-r--r--pki/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java16
-rw-r--r--pki/base/common/src/com/netscape/cmscore/extensions/KeyUsage.java4
-rw-r--r--pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java13
-rw-r--r--pki/base/common/src/com/netscape/cmscore/util/OsSubsystem.java55
-rw-r--r--pki/base/java-tools/src/com/netscape/cmstools/PasswordCache.java18
-rw-r--r--pki/base/kra/src/com/netscape/kra/EnrollmentService.java37
-rw-r--r--pki/base/silent/src/com/netscape/pkisilent/argparser/StringScanner.java8
-rw-r--r--pki/base/silent/src/com/netscape/pkisilent/common/AutoInstaller.java209
-rw-r--r--pki/base/silent/src/com/netscape/pkisilent/common/CMSConfig.java59
-rw-r--r--pki/base/silent/src/com/netscape/pkisilent/common/CMSLDAP.java11
-rw-r--r--pki/base/silent/src/com/netscape/pkisilent/common/ServerInfo.java14
-rw-r--r--pki/base/silent/src/com/netscape/pkisilent/common/TestClient.java16
-rw-r--r--pki/base/silent/src/com/netscape/pkisilent/common/UserEnroll.java4
-rw-r--r--pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java1
-rw-r--r--pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java6
-rw-r--r--pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java5
-rw-r--r--pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java5
-rw-r--r--pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java5
-rw-r--r--pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java5
-rw-r--r--pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java5
-rw-r--r--pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java2
-rw-r--r--pki/base/util/src/netscape/security/extensions/OCSPNoCheckExtension.java7
-rw-r--r--pki/base/util/src/netscape/security/pkcs/PKCS8Key.java12
-rw-r--r--pki/base/util/src/netscape/security/provider/DSA.java34
-rw-r--r--pki/base/util/src/netscape/security/provider/MD5.java9
-rw-r--r--pki/base/util/src/netscape/security/provider/SHA.java14
-rw-r--r--pki/base/util/src/netscape/security/util/DerValue.java18
-rw-r--r--pki/base/util/src/netscape/security/x509/CRLDistributionPoint.java6
-rw-r--r--pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java3
-rw-r--r--pki/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java4
-rw-r--r--pki/base/util/src/netscape/security/x509/OIDMap.java12
-rwxr-xr-xpki/base/util/src/netscape/security/x509/X509CRLImpl.java6
57 files changed, 4 insertions, 2346 deletions
diff --git a/pki/base/ca/src/com/netscape/ca/CRLIssuingPoint.java b/pki/base/ca/src/com/netscape/ca/CRLIssuingPoint.java
index bc859910b..ef0e949ab 100644
--- a/pki/base/ca/src/com/netscape/ca/CRLIssuingPoint.java
+++ b/pki/base/ca/src/com/netscape/ca/CRLIssuingPoint.java
@@ -531,7 +531,6 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable {
}
private int getTimeListSize(Vector<Vector<Integer>> listedDays) {
-
int listSize = 0;
for (int i = 0; listedDays != null && i < listedDays.size(); i++) {
Vector<Integer> listedTimes = listedDays.elementAt(i);
diff --git a/pki/base/common/src/com/netscape/cms/evaluators/UserOrigReqAccessEvaluator.java b/pki/base/common/src/com/netscape/cms/evaluators/UserOrigReqAccessEvaluator.java
index 88358aa58..b1b406c09 100644
--- a/pki/base/common/src/com/netscape/cms/evaluators/UserOrigReqAccessEvaluator.java
+++ b/pki/base/common/src/com/netscape/cms/evaluators/UserOrigReqAccessEvaluator.java
@@ -159,11 +159,5 @@ public class UserOrigReqAccessEvaluator implements IAccessEvaluator {
return false;
}
- private void log(int level, String msg) {
- if (mLogger == null)
- return;
- mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_ACLS,
- level, "UserOrigReqAccessEvaluator: " + msg);
- }
}
diff --git a/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java b/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java
index d1cc3d808..ca62af5f3 100644
--- a/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java
+++ b/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java
@@ -300,83 +300,6 @@ public class CertificateRevokedListener implements IRequestListener {
}
}
- private void revoked(IRequest r) {
- // do we have an email to send?
- String mEmail = null;
- IEmailResolverKeys keys = CMS.getEmailResolverKeys();
-
- try {
- keys.set(IEmailResolverKeys.KEY_REQUEST, r);
- } catch (EBaseException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER", e.toString()));
- }
-
- IEmailResolver er = CMS.getReqCertSANameEmailResolver();
-
- try {
- mEmail = er.getEmail(keys);
- } catch (ENotificationException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString()));
- } catch (EBaseException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString()));
- } catch (Exception e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString()));
- }
-
- // now we can mail
- if ((mEmail != null) && !mEmail.equals("")) {
- IMailNotification mn = CMS.getMailNotification();
-
- mn.setFrom(mSenderEmail);
- mn.setTo(mEmail);
- mn.setSubject(mSubject);
-
- /*
- * get rejection file from disk
- */
- IEmailTemplate template = CMS.getEmailTemplate(mRejectPath);
-
- if (template != null) {
- if (!template.init()) {
- return;
- }
-
- if (template.isHTML()) {
- mn.setContentType("text/html");
- }
-
- // build some token data
- mContentParams.put(IEmailFormProcessor.TOKEN_ID,
- mConfig.getName());
- mReqId = r.getRequestId();
- mContentParams.put(IEmailFormProcessor.TOKEN_REQUEST_ID,
- (Object) mReqId.toString());
- IEmailFormProcessor et = CMS.getEmailFormProcessor();
- String c = et.getEmailContent(template.toString(), mContentParams);
-
- mn.setContent(c);
- } else {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("LISTENERS_CERT_ISSUED_REJECTION"));
- mn.setContent("Your Certificate Request has been revoked. Please contact your administrator for assistance");
- }
-
- try {
- mn.sendNotification();
- } catch (ENotificationException e) {
- // already logged, lets audit
- log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString()));
-
- } catch (IOException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString()));
- }
- } else {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("LISTENERS_CERT_ISSUED_REJECTION_NOTIFICATION", mReqId.toString()));
-
- }
- }
-
private void buildContentParams(RevokedCertImpl crlentries[], String mEmail) {
mContentParams.put(IEmailFormProcessor.TOKEN_ID,
mConfig.getName());
diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/SubjectDirectoryAttributesExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/SubjectDirectoryAttributesExt.java
index f3ef687df..be858c9f0 100644
--- a/pki/base/common/src/com/netscape/cms/policy/extensions/SubjectDirectoryAttributesExt.java
+++ b/pki/base/common/src/com/netscape/cms/policy/extensions/SubjectDirectoryAttributesExt.java
@@ -22,7 +22,6 @@ import java.io.IOException;
import java.security.cert.CertificateException;
import java.util.Enumeration;
import java.util.Locale;
-import java.util.StringTokenizer;
import java.util.Vector;
import netscape.security.util.DerValue;
@@ -192,18 +191,6 @@ public class SubjectDirectoryAttributesExt extends APolicyRule
}
}
- private Vector formValues(String val) {
- StringTokenizer tokenizer = new StringTokenizer(val, "+");
- Vector v = new Vector();
-
- while (tokenizer.hasMoreElements()) {
- String s = (String) tokenizer.nextElement();
-
- v.addElement(s);
- }
- return v;
- }
-
public Vector getInstanceParams() {
return mParams; // inited in init()
}
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java
index 1cd3240fb..0ae51ce48 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java
@@ -1569,74 +1569,6 @@ public class CAAdminServlet extends AdminServlet {
sendResponse(SUCCESS, null, null, resp);
}
- /**
- * Retrieves configuration parameters of certificate
- * authority.
- */
- private synchronized void getConfig(HttpServletRequest req,
- HttpServletResponse resp) throws ServletException,
- IOException, EBaseException {
- // validate
- super.getConfig(mCA.getConfigStore(), req, resp);
- }
-
- /**
- * Sets configuration parameters of certificate
- * authority.
- */
- private synchronized void setConfig(HttpServletRequest req,
- HttpServletResponse resp) throws ServletException,
- IOException, EBaseException {
- super.setConfig(mCA.getConfigStore(), req, resp);
- // XXX - commit changes
- }
-
- /**
- * Lists configuration store parameters.
- */
- private synchronized void listConfig(HttpServletRequest req,
- HttpServletResponse resp) throws ServletException,
- IOException, EBaseException {
- super.listConfig(mCA.getConfigStore(), req, resp);
- }
-
- /**
- * Locks a request so that no one can modify it except
- * owner.
- */
- private synchronized void lockRequest(HttpServletRequest req,
- HttpServletResponse resp) throws ServletException,
- IOException, EBaseException {
- NameValuePairs params = new NameValuePairs();
-
- // XXX
- sendResponse(SUCCESS, null, params, resp);
- }
-
- /**
- * Locks certificate record so that no one can
- * modify it except owner.
- */
- private synchronized void lockCertRecord(HttpServletRequest req,
- HttpServletResponse resp) throws ServletException,
- IOException, EBaseException {
- NameValuePairs params = new NameValuePairs();
-
- sendResponse(SUCCESS, null, params, resp);
- }
-
- /**
- * Modifies a cert record.
- */
- private synchronized void modifyCertRecord(HttpServletRequest req,
- HttpServletResponse resp) throws ServletException,
- IOException, EBaseException {
- NameValuePairs params = new NameValuePairs();
-
- // XXX
- sendResponse(SUCCESS, null, params, resp);
- }
-
private void log(int level, String msg) {
if (mLogger == null)
return;
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
index f57d12e2d..84290ea61 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
@@ -28,7 +28,6 @@ import java.io.PrintStream;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.math.BigInteger;
-import java.net.ServerSocket;
import java.security.KeyPair;
import java.util.Date;
import java.util.Enumeration;
@@ -857,196 +856,6 @@ public final class CMSAdminServlet extends AdminServlet {
}
/**
- * Modifies network information.
- */
- private void modifyNetworkConfig(HttpServletRequest req,
- HttpServletResponse resp) throws ServletException,
- IOException, EBaseException {
-
- /*
- HTTPSubsystem eeGateway = (HTTPSubsystem)
- SubsystemRegistry.getInstance().get("eeGateway");
- RemoteAdmin raAdmin = (RemoteAdmin)RemoteAdmin.getInstance();
- AgentGateway agent = (AgentGateway)mReg.get(AgentGateway.ID);
-
- Enumeration enum1 = req.getParameterNames();
-
- String eeHTTPportString = null;
- String eeHTTPSportString = null;
- String agentHTTPSportString = null;
- String radminHTTPSportString = null;
-
- String gatewayBacklog = "15";
-
- // eeHTTPEnabled corresponds to the checkbox which enables the
- // HTTP EE port
- String eeHTTPEnabled = Constants.FALSE;
-
- while (enum1.hasMoreElements()) {
- String key = (String)enum1.nextElement();
- String value = (String)req.getParameter(key);
-
- if (key.equals(Constants.PR_AGENT_S_BACKLOG)) {
- agent.setHTTPSBacklog(value);
- } else if (key.equals(Constants.PR_GATEWAY_S_BACKLOG)) {
- eeGateway.setHTTPSBacklog(value);
- } else if (key.equals(Constants.PR_ADMIN_S_BACKLOG)) {
- raAdmin.setHTTPSBacklog(value);
- } else if (key.equals(Constants.PR_GATEWAY_BACKLOG)) {
- gatewayBacklog = value;
- } else if (key.equals(Constants.PR_GATEWAY_PORT_ENABLED)) {
- eeHTTPEnabled = value;
- }
- }
-
-
- eeHTTPportString = req.getParameter(Constants.PR_GATEWAY_PORT);
- eeHTTPSportString = req.getParameter(Constants.PR_GATEWAY_S_PORT);
- agentHTTPSportString= req.getParameter(Constants.PR_AGENT_S_PORT);
- radminHTTPSportString= req.getParameter(Constants.PR_ADMIN_S_PORT);
-
-
- int eeHTTPport=0;
- int eeHTTPSport=0;
- int agentHTTPSport=0;
- int radminHTTPSport=0;
- if (eeHTTPportString != null) eeHTTPport = Integer.parseInt(eeHTTPportString);
- if (eeHTTPSportString != null) eeHTTPSport = Integer.parseInt(eeHTTPSportString);
- if (agentHTTPSportString != null) agentHTTPSport = Integer.parseInt(agentHTTPSportString);
- if (radminHTTPSportString != null) radminHTTPSport = Integer.parseInt(radminHTTPSportString);
-
-
- String portName="";
- int portnum;
- try {
-
- // EE HTTP is special, since it has it's own checkbox for enabling/disabling
- if (eeHTTPEnabled.equals(Constants.TRUE) &&
- eeHTTPport != 0 &&
- eeHTTPport != eeGateway.getHTTPPort())
- {
- portName = "End-entity";
- checkPortAvailable(eeHTTPport);
- }
-
- if (eeHTTPSport != 0 && eeHTTPSport != eeGateway.getHTTPSPort()) {
- portName = "SSL End-entity";
- checkPortAvailable(eeHTTPSport);
- }
- if (agentHTTPSport != 0 && agentHTTPSport != agent.getHTTPSPort()) {
- portName = "Agent";
- checkPortAvailable(agentHTTPSport);
- }
- if (radminHTTPSport != 0 && radminHTTPSport != raAdmin.getHTTPSPort()) {
- portName = "Remote Admin";
- checkPortAvailable(radminHTTPSport);
- }
-
- // If any of the above ports are not available, an exception
- // will be thrown and these methods below will not be called
-
- if (eeHTTPEnabled.equals(Constants.TRUE)) {
- eeGateway.setHTTPPort(eeHTTPport);
- }
- eeGateway.setHTTPSPort(eeHTTPSport);
- agent.setHTTPSPort(agentHTTPSport);
- raAdmin.setHTTPSPort(radminHTTPSport);
-
- } catch (IOException e) {
- // send 'port in use' error
- sendResponse(ERROR, portName+" "+e.getMessage(), null, resp);
- // we do not want to save the config in this case
- return;
- }
-
- eeGateway.setHTTPBacklog(gatewayBacklog);
- eeGateway.setHTTPPortEnable(eeHTTPEnabled);
-
- mConfig.commit(true);
- sendResponse(RESTART, null, null, resp);
- */
- }
-
- /**
- * Check if the port is available for binding.
- * @throws IOException if not available
- */
-
- private void checkPortAvailable(int port)
- throws IOException {
- try {
- // see if the port is being used by somebody else
- ServerSocket ss = new ServerSocket(port);
-
- ss.close();
- } catch (Exception e) {
- throw new IOException("port " + port + " is in use. Please select another port");
- }
- }
-
- /**
- * Reads network information.
- */
- private void readNetworkConfig(HttpServletRequest req,
- HttpServletResponse resp) throws ServletException,
- IOException, EBaseException {
-
- NameValuePairs params = new NameValuePairs();
-
- getEENetworkConfig(params);
- getAdminConfig(params);
- getAgentConfig(params);
-
- sendResponse(SUCCESS, null, params, resp);
- }
-
- private void getEENetworkConfig(NameValuePairs params)
- throws EBaseException {
-
- /*
- HTTPSubsystem eeGateway =
- (HTTPSubsystem)mReg.get("eeGateway");
- if (eeGateway == null) {
- // i.e. standalone DRM
- params.add(Constants.PR_GATEWAY_S_PORT, "-1");
- params.add(Constants.PR_GATEWAY_PORT, "-1");
- params.add(Constants.PR_GATEWAY_S_BACKLOG, "-1");
- params.add(Constants.PR_GATEWAY_BACKLOG,"-1");
- params.add(Constants.PR_GATEWAY_PORT_ENABLED,"false");
- } else {
- params.add(Constants.PR_GATEWAY_S_PORT,
- ""+eeGateway.getHTTPSPort());
- params.add(Constants.PR_GATEWAY_PORT,
- ""+eeGateway.getHTTPPort());
- params.add(Constants.PR_GATEWAY_S_BACKLOG,
- ""+eeGateway.getHTTPBacklog());
- params.add(Constants.PR_GATEWAY_BACKLOG,
- ""+eeGateway.getHTTPSBacklog());
- params.add(Constants.PR_GATEWAY_PORT_ENABLED,
- eeGateway.getHTTPPortEnable());
- }
- */
- }
-
- private void getAdminConfig(NameValuePairs params) throws EBaseException {
-
- /*
- RemoteAdmin raAdmin = (RemoteAdmin)RemoteAdmin.getInstance();
- params.add(Constants.PR_ADMIN_S_PORT, ""+raAdmin.getHTTPSPort());
- params.add(Constants.PR_ADMIN_S_BACKLOG,""+raAdmin.getHTTPSBacklog());
- */
- }
-
- private void getAgentConfig(NameValuePairs params) throws EBaseException {
-
- /*
- AgentGateway agent = (AgentGateway)mReg.get(AgentGateway.ID);
- params.add(Constants.PR_AGENT_S_PORT, ""+agent.getHTTPSPort());
- params.add(Constants.PR_AGENT_S_BACKLOG,""+agent.getHTTPSBacklog());
- */
- }
-
- /**
* Modifies database information.
*/
private void setDBConfig(HttpServletRequest req,
@@ -2081,37 +1890,6 @@ private void createMasterKey(HttpServletRequest req,
}
}
- private String getDefaultSigningAlg(String keyType, String messageDigest) {
- if (keyType.equals("RSA")) {
- if (messageDigest.equals("MD2")) {
- return "MD2withRSA";
- } else if (messageDigest.equals("MD5")) {
- return "MD5withRSA";
- } else if (messageDigest.equals("SHA1")) {
- return "SHA1withRSA";
- } else if (messageDigest.equals("SHA256")) {
- return "SHA256withRSA";
- } else if (messageDigest.equals("SHA512")) {
- return "SHA512withRSA";
- }
- } else if (keyType.equals("DSA")) {
- if (messageDigest.equals("SHA1")) {
- return "SHA1withDSA";
- }
- } else /* EC */ {
- if (messageDigest.equals("SHA1")) {
- return "SHA1withEC";
- } else if (messageDigest.equals("SHA256")) {
- return "SHA256withEC";
- } else if (messageDigest.equals("SHA384")) {
- return "SHA384withEC";
- } else if (messageDigest.equals("SHA512")) {
- return "SHA512withEC";
- }
- }
- return null;
- }
-
private void updateCASignature(String nickname, KeyCertData properties,
ICryptoSubsystem jssSubSystem) throws EBaseException {
String alg = jssSubSystem.getSignatureAlgorithm(nickname);
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java
index 2c780bb2a..e4138d745 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java
@@ -20,9 +20,6 @@ package com.netscape.cms.servlet.admin;
import java.io.IOException;
import java.util.Enumeration;
-import java.util.Hashtable;
-import java.util.StringTokenizer;
-import java.util.Vector;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
@@ -31,17 +28,12 @@ import javax.servlet.http.HttpServletResponse;
import com.netscape.certsrv.apps.CMS;
import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
import com.netscape.certsrv.common.Constants;
import com.netscape.certsrv.common.NameValuePairs;
import com.netscape.certsrv.common.OpDef;
import com.netscape.certsrv.common.ScopeDef;
-import com.netscape.certsrv.kra.EKRAException;
import com.netscape.certsrv.kra.IKeyRecoveryAuthority;
import com.netscape.certsrv.logging.ILogger;
-import com.netscape.certsrv.password.IPasswordCheck;
-import com.netscape.certsrv.security.Credential;
-import com.netscape.certsrv.security.IStorageKeyUnit;
/**
@@ -240,659 +232,4 @@ public class KRAAdminServlet extends AdminServlet {
else
sendResponse(SUCCESS, null, null, resp);
}
-
- /**
- * Changes M-N scheme.
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_DRM used when configuring
- * DRM (Key recovery scheme, change of any secret component)
- * </ul>
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception EBaseException an error has occurred
- */
- private synchronized void changeMNScheme(HttpServletRequest req,
- HttpServletResponse resp) throws EBaseException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- try {
- NameValuePairs params = new NameValuePairs();
- String recN = getParameter(req,
- Constants.PR_RECOVERY_N);
- String recM = getParameter(req,
- Constants.PR_RECOVERY_M);
- String oldAgents = getParameter(req,
- Constants.PR_OLD_RECOVERY_AGENT);
- String agents = getParameter(req,
- Constants.PR_RECOVERY_AGENT);
-
- if (recN == null) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- throw new EKRAException(
- CMS.getLogMessage("KRA_INVALID_N"));
- }
-
- if (recM == null) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- throw new EKRAException(
- CMS.getLogMessage("KRA_INVALID_M"));
- }
-
- if (recN != null && recM != null && oldAgents != null
- && agents != null) {
- int nVal = Integer.parseInt(recN);
-
- int mVal = Integer.parseInt(recM);
-
- Credential oldcreds[] =
- parseCredentialStr(oldAgents);
-
- if (oldcreds == null) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- throw new EKRAException(
- CMS.getLogMessage("KRA_INVALID_PASSWORD"));
- }
-
- Credential creds[] =
- parseCredentialStr(agents);
-
- if (creds == null) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- throw new EKRAException(
- CMS.getLogMessage("KRA_INVALID_PASSWORD"));
- } else {
- for (int i = 0; i < creds.length; i++) {
- Credential credential = creds[i];
- String pass = credential.getPassword();
- IPasswordCheck checker = CMS.getPasswordChecker();
-
- if (!checker.isGoodPassword(pass)) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- throw new EBaseException(checker.getReason(pass));
- }
- }
- }
- if (mKRA.getStorageKeyUnit().changeAgentMN(
- nVal, mVal, oldcreds, creds)) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- // successful operation
- sendResponse(SUCCESS, null, params,
- resp);
- return;
- }
- }
- } catch (IOException e) {
- }
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- throw new EBaseException(CMS.getLogMessage("BASE_INVALID_OPERATION"));
- } catch (EBaseException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- }
- }
-
- /**
- * Changes recovery agent password.
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_DRM used when configuring
- * DRM (Key recovery scheme, change of any secret component)
- * </ul>
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception EBaseException an error has occurred
- */
- private synchronized void changeAgentPwd(HttpServletRequest req,
- HttpServletResponse resp) throws EBaseException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- try {
- String id = getParameter(req, Constants.RS_ID);
- String oldpwd = getParameter(req,
- Constants.PR_OLD_AGENT_PWD);
- String newpwd = getParameter(req,
- Constants.PR_AGENT_PWD);
- IPasswordCheck checker = CMS.getPasswordChecker();
-
- if (!checker.isGoodPassword(newpwd)) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- throw new EBaseException(checker.getReason(newpwd));
- }
-
- if (mKRA.getStorageKeyUnit().changeAgentPassword(id,
- oldpwd, newpwd)) {
- NameValuePairs params = new NameValuePairs();
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, params, resp);
- return;
- } else {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- throw new EKRAException(
- CMS.getLogMessage("KRA_INVALID_PASSWORD"));
- }
- } catch (IOException e) {
- }
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- throw new EBaseException(CMS.getLogMessage("BASE_INVALID_OPERATION"));
- } catch (EBaseException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- }
- }
-
- /**
- * Modifies auto recovery configuration.
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_DRM used when configuring
- * DRM (Key recovery scheme, change of any secret component)
- * </ul>
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception EBaseException an error has occurred
- */
- private synchronized void modifyAutoRecoveryConfig(
- HttpServletRequest req, HttpServletResponse resp)
- throws EBaseException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- try {
- NameValuePairs params = new NameValuePairs();
- String autoOn = getParameter(req,
- Constants.PR_AUTO_RECOVERY_ON);
- String agents = getParameter(req,
- Constants.PR_RECOVERY_AGENT);
-
- if (autoOn.equals(Constants.TRUE)) {
- Credential creds[] = parseCredentialStr(
- agents);
-
- if (mKRA.setAutoRecoveryState(creds, true)) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, params,
- resp);
- return;
- }
- } else if (autoOn.equals(Constants.FALSE)) {
- if (mKRA.setAutoRecoveryState(null, false)) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, params,
- resp);
- return;
- }
- }
- } catch (IOException e) {
- }
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- throw new EBaseException(CMS.getLogMessage("BASE_INVALID_OPERATION"));
- } catch (EBaseException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- }
- }
-
- /**
- * Reads auto recovery status.
- *
- * @param req HTTP request
- * @param resp HTTP response
- */
- private synchronized void readAutoRecoveryConfig(
- HttpServletRequest req, HttpServletResponse resp)
- throws EBaseException {
- try {
- NameValuePairs params = new NameValuePairs();
-
- params.add(Constants.PR_AUTO_RECOVERY_ON,
- mKRA.getAutoRecoveryState() ?
- Constants.TRUE : Constants.FALSE);
- sendResponse(SUCCESS, null, params, resp);
- } catch (IOException e) {
- throw new EBaseException(
- CMS.getLogMessage("BASE_INVALID_OPERATION"));
- }
- }
-
- /**
- * Reads recovery configuration.
- *
- * @param req HTTP request
- * @param resp HTTP response
- */
- private synchronized void readRecoveryConfig(
- HttpServletRequest req, HttpServletResponse resp)
- throws EBaseException {
- try {
- IStorageKeyUnit sku = mKRA.getStorageKeyUnit();
- NameValuePairs params = new NameValuePairs();
-
- params.add(Constants.PR_RECOVERY_N,
- Integer.toString(sku.getNoOfAgents()));
- params.add(Constants.PR_RECOVERY_M,
- Integer.toString(sku.getNoOfRequiredAgents()));
- Enumeration e = sku.getAgentIdentifiers();
- StringBuffer as = new StringBuffer();
-
- while (e.hasMoreElements()) {
- as.append((String)e.nextElement());
- if (e.hasMoreElements()) {
- as.append(",");
- }
- }
- params.add(Constants.PR_RECOVERY_AGENT, as.toString());
- sendResponse(SUCCESS, null, params, resp);
- } catch (IOException e) {
- throw new EBaseException(
- CMS.getLogMessage("BASE_INVALID_OPERATION"));
- }
- }
-
- /**
- * Reads information about auto recovery agents.
- *
- * @param req HTTP request
- * @param resp HTTP response
- */
- private synchronized void readAutoRecoveryAgents(
- HttpServletRequest req, HttpServletResponse resp)
- throws EBaseException {
- try {
- // send the entire list anyway
- NameValuePairs params = new NameValuePairs();
- Enumeration e = mKRA.getAutoRecoveryIDs();
- StringBuffer users = new StringBuffer();
-
- while (e.hasMoreElements()) {
- users.append((String) e.nextElement());
- if (e.hasMoreElements()) {
- users.append(",");
- }
- }
- params.add(Constants.PR_GROUP_USER, users.toString());
- params.add(Constants.PR_GROUP_DESC,
- "Auto Recovery Agents"); // XXX - localized
- sendResponse(SUCCESS, null, params, resp);
- } catch (IOException e) {
- throw new EBaseException(
- CMS.getLogMessage("BASE_INVALID_OPERATION"));
- }
- }
-
- /**
- * Modifies information about auto recovery agents.
- *
- * @param req HTTP request
- * @param resp HTTP response
- */
- private synchronized void modifyAutoRecoveryAgents(
- HttpServletRequest req, HttpServletResponse resp)
- throws EBaseException {
- Vector v = new Vector();
- String users = getParameter(req,
- Constants.PR_GROUP_USER);
- StringTokenizer st = new StringTokenizer(users, ",");
-
- while (st.hasMoreTokens()) {
- v.addElement(st.nextToken());
- }
- String desc = getParameter(req,
- Constants.PR_GROUP_DESC);
- String agents = getParameter(req,
- Constants.PR_RECOVERY_AGENT);
- Credential creds[] = parseCredentialStr(
- agents);
- // XXX - check if the given password matched
- // put ids into hashtable so that we can
- // figure out what should be saved and deleted
- Enumeration e = mKRA.getAutoRecoveryIDs();
- Hashtable h = new Hashtable();
-
- while (e.hasMoreElements()) {
- h.put(e.nextElement(), "");
- }
-
- // go through each of the user in the new list
- for (int i = 0; i < v.size(); i++) {
- String key = (String) v.elementAt(i);
-
- if (h.containsKey(key)) {
- h.remove(key);
- } else {
- mKRA.addAutoRecovery(key, creds);
- }
- }
-
- // delete all the unreferenced
- Enumeration dels = h.keys();
-
- while (dels.hasMoreElements()) {
- mKRA.removeAutoRecovery((String)
- dels.nextElement());
- }
- }
-
- /**
- * Parses uid0=pwd0,uid1=pwd1,... into AgentCredential.
- *
- * @param s credential string
- * @return a list of credentials
- */
- private Credential[] parseCredentialStr(String s) {
- StringTokenizer st = new StringTokenizer(s, ",");
- Vector v = new Vector();
-
- while (st.hasMoreTokens()) {
- String a = st.nextToken();
- StringTokenizer st0 = new StringTokenizer(a, "=");
-
- v.addElement(new Credential(st0.nextToken(),
- st0.nextToken()));
- }
- Credential ac[] = new Credential[v.size()];
-
- v.copyInto(ac);
- return ac;
- }
-
- /*
- * handle getting request in queue notification config info
- */
- private void getNotificationRIQConfig(HttpServletRequest req,
- HttpServletResponse resp) throws ServletException,
- IOException, EBaseException {
-
- NameValuePairs params = new NameValuePairs();
-
- IConfigStore config = mKRA.getConfigStore();
- IConfigStore nc =
- config.getSubStore(mKRA.PROP_NOTIFY_SUBSTORE);
-
- IConfigStore riq = nc.getSubStore(mKRA.PROP_REQ_IN_Q_SUBSTORE);
-
- Enumeration e = req.getParameterNames();
-
- while (e.hasMoreElements()) {
- String name = (String) e.nextElement();
-
- if (name.equals(Constants.OP_TYPE))
- continue;
- if (name.equals(Constants.RS_ID))
- continue;
- if (name.equals(Constants.OP_SCOPE))
- continue;
- if (name.equals(Constants.PR_ENABLE))
- continue;
- params.add(name, riq.getString(name, ""));
- }
-
- params.add(Constants.PR_ENABLE,
- riq.getString(PROP_ENABLED, Constants.FALSE));
- //System.out.println("Send: "+params.toString());
- sendResponse(SUCCESS, null, params, resp);
- }
-
- /**
- * Handle setting request in queue notification config info
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_DRM used when configuring
- * DRM (Key recovery scheme, change of any secret component)
- * </ul>
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- * @exception EBaseException an error has occurred
- */
- private void setNotificationRIQConfig(HttpServletRequest req,
- HttpServletResponse resp) throws ServletException,
- IOException, EBaseException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- IConfigStore config = mKRA.getConfigStore();
- IConfigStore nc =
- config.getSubStore(mKRA.PROP_NOTIFY_SUBSTORE);
-
- IConfigStore riq = nc.getSubStore(mKRA.PROP_REQ_IN_Q_SUBSTORE);
-
- //set rest of the parameters
- Enumeration e = req.getParameterNames();
-
- while (e.hasMoreElements()) {
- String name = (String) e.nextElement();
-
- if (name.equals(Constants.OP_TYPE))
- continue;
- if (name.equals(Constants.RS_ID))
- continue;
- if (name.equals(Constants.OP_SCOPE))
- continue;
- if (name.equals(Constants.PR_ENABLE))
- continue;
- String val = req.getParameter(name);
-
- riq.putString(name, val);
- mKRA.getRequestInQListener().set(name, val);
- }
-
- // set enable flag
- String enabledString = req.getParameter(Constants.PR_ENABLE);
-
- riq.putString(PROP_ENABLED, enabledString);
- mKRA.getRequestInQListener().set(PROP_ENABLED, enabledString);
-
- commit(true);
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, null, resp);
- } catch (EBaseException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- } catch (IOException eAudit2) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit2;
- // } catch( ServletException eAudit3 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_DRM,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit3;
- }
- }
}
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java
index 58e4dbdfd..358553074 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java
@@ -1410,81 +1410,6 @@ public class LogAdminServlet extends AdminServlet {
}
}
- private synchronized void getLogConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException, EBaseException {
-
- String implname = req.getParameter(Constants.RS_ID);
-
- if (implname == null) {
- //System.out.println("SRVLT_NULL_RS_ID");
- sendResponse(ERROR,
- CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"),
- null, resp);
- return;
- }
-
- Vector configParams = mSys.getLogDefaultParams(implname);
- NameValuePairs params = new NameValuePairs();
-
- // implName is always required so always send it.
- params.add(Constants.PR_LOG_IMPL_NAME, "");
- if (configParams != null) {
- for (int i = 0; i < configParams.size(); i++) {
- String kv = (String) configParams.elementAt(i);
- int index = kv.indexOf('=');
-
- params.add(kv.substring(0, index),
- kv.substring(index + 1));
- }
- }
- sendResponse(0, null, params, resp);
- return;
- }
-
- private synchronized void getLogInstConfig(HttpServletRequest req,
- HttpServletResponse resp) throws ServletException,
- IOException, EBaseException {
- String id = req.getParameter(Constants.RS_ID);
-
- if (id == null) {
- //System.out.println("SRVLT_NULL_RS_ID");
- sendResponse(ERROR,
- CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"),
- null, resp);
- return;
- }
-
- // does log instance exist?
- if (mSys.getLogInsts().containsKey(id) == false) {
- sendResponse(ERROR,
- new ELogNotFound(CMS.getUserMessage(getLocale(req),"CMS_LOG_INSTANCE_NOT_FOUND",id)).toString(),
- null, resp);
- return;
- }
-
- ILogEventListener logInst = (ILogEventListener)
- mSys.getLogInstance(id);
- Vector configParams = logInst.getInstanceParams();
- NameValuePairs params = new NameValuePairs();
-
- params.add(Constants.PR_LOG_IMPL_NAME,
- getLogPluginName(logInst));
- // implName is always required so always send it.
- if (configParams != null) {
- for (int i = 0; i < configParams.size(); i++) {
- String kv = (String) configParams.elementAt(i);
- int index = kv.indexOf('=');
-
- params.add(kv.substring(0, index),
- kv.substring(index + 1));
- }
- }
-
- sendResponse(SUCCESS, null, params, resp);
- return;
- }
-
/**
* Modify log instance
* <P>
@@ -2384,29 +2309,6 @@ public class LogAdminServlet extends AdminServlet {
return logPath;
}
- /**
- * Signed Audit Check Log Expiration Time
- *
- * This method is called to extract the log expiration time.
- * <P>
- *
- * @param req http servlet request
- * @return a string containing the log expiration time
- */
- private String auditCheckLogExpirationTime(HttpServletRequest req) {
- // check to see if the log expiration time parameter was changed
- String expirationTime = req.getParameter(
- Constants.PR_LOG_EXPIRED_TIME);
-
- if (expirationTime == null) {
- expirationTime = "";
- }
-
- expirationTime = expirationTime.trim();
-
- return expirationTime;
- }
-
private void getGeneralConfig(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java
index 9464f48ff..152b364f7 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java
@@ -538,25 +538,7 @@ public class OCSPAdminServlet extends AdminServlet {
// rethrow the specific exception to be handled later
throw eAudit2;
- // } catch( ServletException eAudit3 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit3;
+
}
}
-
- private void log(int level, String msg) {
- if (mLogger == null)
- return;
- mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_OTHER,
- level, "CAAdminServlet: " + msg);
- }
}
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java
index 1cfab0b6a..6f64d81a0 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java
@@ -38,7 +38,6 @@ import com.netscape.certsrv.common.NameValuePairs;
import com.netscape.certsrv.common.OpDef;
import com.netscape.certsrv.common.ScopeDef;
import com.netscape.certsrv.logging.ILogger;
-import com.netscape.certsrv.policy.IPolicyRule;
import com.netscape.certsrv.profile.EProfileException;
import com.netscape.certsrv.profile.IPolicyConstraint;
import com.netscape.certsrv.profile.IPolicyDefault;
@@ -126,20 +125,6 @@ public class ProfileAdminServlet extends AdminServlet {
return INFO;
}
- private void addDefaultParams(Object ext_info, NameValuePairs nvps) {
-
- /* make sure policy rules have 'enable' and 'predicate' */
-
- if (ext_info instanceof IPolicyRule) {
- if (nvps.getPair(IPolicyRule.PROP_ENABLE) == null) {
- nvps.add(IPolicyRule.PROP_ENABLE, "boolean;Enable this policy rule");
- }
- if (nvps.getPair(PROP_PREDICATE) == null) {
- nvps.add(PROP_PREDICATE, "string;Rules describing when this policy should run.");
- }
- }
- }
-
/**
* Serves HTTP admin request.
*/
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java
index bd96bbeca..fe8d1826c 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java
@@ -337,35 +337,6 @@ public class UsrGrpAdminServlet extends AdminServlet {
}
/**
- * Retrieves configuration parameters of
- * authentication manager.
- */
- private synchronized void getConfig(HttpServletRequest req,
- HttpServletResponse resp) throws ServletException,
- IOException, EBaseException {
- super.getConfig(mMgr.getConfigStore(), req, resp);
- }
-
- /**
- * Sets configuration parameters of
- * User/Group manager.
- */
- private synchronized void setConfig(HttpServletRequest req,
- HttpServletResponse resp) throws ServletException,
- IOException, EBaseException {
- super.setConfig(mMgr.getConfigStore(), req, resp);
- }
-
- /**
- * Lists configuration parameters.
- */
- private synchronized void listConfig(HttpServletRequest req,
- HttpServletResponse resp) throws ServletException,
- IOException, EBaseException {
- super.listConfig(mMgr.getConfigStore(), req, resp);
- }
-
- /**
* Searches for users in LDAP directory. List uids only
*
* Request/Response Syntax:
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java b/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
index 47b3c9f1e..5431d2cf8 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
@@ -21,7 +21,6 @@ package com.netscape.cms.servlet.cert;
import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
import java.util.Locale;
@@ -316,93 +315,6 @@ CMS.debug("**** mFormPath = "+mFormPath);
}
/**
- * get cert to revoke from agent.
- */
- private BigInteger getCertFromAgent(
- IArgBlock httpParams, X509Certificate[] certContainer)
- throws EBaseException {
- BigInteger serialno = null;
- X509Certificate cert = null;
-
- // get serial no
- serialno = httpParams.getValueAsBigInteger(SERIAL_NO, null);
- if (serialno == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_SERIALNO_FOR_REVOKE"));
- throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_MISSING_SERIALNO_FOR_REVOKE"));
- }
-
- // get cert from db if we're cert authority.
- if (mAuthority instanceof ICertificateAuthority) {
- cert = getX509Certificate(serialno);
- if (cert == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION"));
- throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION"));
- }
- }
- certContainer[0] = cert;
- return serialno;
- }
-
- /**
- * Revoke the specified certificate
- */
- private BigInteger getCertFromAuthMgr(
- AuthToken authToken, X509Certificate[] certContainer)
- throws EBaseException {
- X509CertImpl cert =
- authToken.getInCert(AuthToken.TOKEN_CERT);
-
- if (cert == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_CERTS_REVOKE_FROM_AUTHMGR"));
- throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_MISSING_CERTS_REVOKE_FROM_AUTHMGR"));
- }
- if (mAuthority instanceof ICertificateAuthority &&
- !isCertFromCA(cert)) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION"));
- throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION"));
- }
- certContainer[0] = cert;
- BigInteger serialno = ((X509Certificate) cert).getSerialNumber();
-
- return serialno;
- }
-
- /**
- * get cert to revoke from ssl
- */
- private BigInteger getCertFromSSL(
- HttpServletRequest req, X509CertImpl[] certContainer)
- throws EBaseException {
- X509Certificate cert = getSSLClientCertificate(req);
-
- if (cert == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_CERTS_REVOKE_FROM_SSL"));
- throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_MISSING_CERTS_REVOKE_FROM_SSL"));
- }
- if (mAuthority instanceof ICertificateAuthority &&
- !isCertFromCA(cert)) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION", ""));
- throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION"));
- }
- BigInteger serialno = ((X509Certificate) cert).getSerialNumber();
-
- certContainer[0] = (X509CertImpl) cert;
-
- return serialno;
- }
-
- /**
* Process cert status change request using the Certificate Management
* protocol using CMS (CMC)
* <P>
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/CloneRedirect.java b/pki/base/common/src/com/netscape/cms/servlet/cert/CloneRedirect.java
index 88abe80e5..b3693a533 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/CloneRedirect.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/CloneRedirect.java
@@ -142,19 +142,4 @@ public class CloneRedirect extends CMSServlet {
throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
}
}
-
- /**
- * Display information about redirecting to the master's URL info
- */
- private void process(CMSTemplateParams argSet, IArgBlock header,
- HttpServletRequest req,
- HttpServletResponse resp,
- String signatureAlgorithm,
- Locale locale)
- throws EBaseException {
-
- CMS.debug("CloneRedirect: " + CMS.getLogMessage("ADMIN_SRVLT_ADD_MASTER_URL", mNewUrl));
- header.addStringValue("masterURL", mNewUrl);
- return;
- }
}
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java b/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java
index ee64cb948..4688406ad 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java
@@ -37,9 +37,7 @@ import javax.servlet.http.HttpServletResponse;
import netscape.security.pkcs.PKCS10;
import netscape.security.x509.AlgorithmId;
import netscape.security.x509.CertificateAlgorithmId;
-import netscape.security.x509.CertificateExtensions;
import netscape.security.x509.CertificateX509Key;
-import netscape.security.x509.KeyUsageExtension;
import netscape.security.x509.X509CertImpl;
import netscape.security.x509.X509CertInfo;
import netscape.security.x509.X509Key;
@@ -1719,71 +1717,6 @@ public class EnrollServlet extends CMSServlet {
mIsTestBed = config.getBoolean("isTestBed", true);
}
- private void do_testbed_hack(
- int nummsgs, X509CertInfo[] certinfo, IArgBlock httpParams)
- throws EBaseException {
- if (!mIsTestBed)
- return;
-
- // get around bug in cartman - bits are off by one byte.
- for (int i = 0; i < certinfo.length; i++) {
- try {
- X509CertInfo cert = certinfo[i];
- CertificateExtensions exts = (CertificateExtensions)
- cert.get(CertificateExtensions.NAME);
-
- if (exts == null) {
- // should not happen.
- continue;
- }
- KeyUsageExtension ext = (KeyUsageExtension)
- exts.get(KeyUsageExtension.NAME);
-
- if (ext == null)
- // should not happen
- continue;
- byte[] value = ext.getExtensionValue();
-
- if (value[0] == 0x03 && value[1] == 0x02 && value[2] == 0x07) {
- byte[] newvalue = new byte[value.length + 1];
-
- newvalue[0] = 0x03;
- newvalue[1] = 0x03;
- newvalue[2] = 0x07;
- newvalue[3] = value[3];
- // force encryption certs to have digitial signature
- // set too so smime can find the cert for encryption.
- if (value[3] == 0x20) {
-
- /*
- newvalue[3] = 0x3f;
- newvalue[4] = (byte)0x80;
- */
- if (httpParams.getValueAsBoolean(
- "dual-use-hack", true)) {
- newvalue[3] = (byte) 0xE0; // same as rsa-dual-use.
- }
- }
- newvalue[4] = 0;
- KeyUsageExtension newext =
- new KeyUsageExtension(Boolean.valueOf(true),
- (Object) newvalue);
-
- exts.delete(KeyUsageExtension.NAME);
- exts.set(KeyUsageExtension.NAME, newext);
-
- }
- } catch (IOException e) {
- // should never happen
- continue;
- } catch (CertificateException e) {
- // should never happen
- continue;
- }
- }
-
- }
-
/**
* Signed Audit Log Info Certificate Value
*
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java b/pki/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java
index facf501cd..b765a2cbb 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java
@@ -390,15 +390,6 @@ import com.netscape.cms.servlet.common.ECMSGWException;
}
/**
- * gets base 64 encoded cert chain
- */
- private String getChainBase64(byte[] certBytes) {
- String certBase64 = CMS.BtoA(certBytes);
-
- return certBase64;
- }
-
- /**
* Retrieves locale based on the request.
*/
protected Locale getLocale(HttpServletRequest req) {
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java b/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java
index e79efc327..f683a83d6 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java
@@ -21,7 +21,6 @@ package com.netscape.cms.servlet.cert;
import java.io.IOException;
import java.math.BigInteger;
import java.security.PublicKey;
-import java.util.Date;
import java.util.Enumeration;
import java.util.Locale;
import java.util.StringTokenizer;
@@ -578,87 +577,6 @@ public class ListCerts extends CMSServlet {
}
/**
- * Process the key search.
- */
- private void process(CMSTemplateParams argSet, IArgBlock header,
- int maxCount, int sentinel,
- String filter, HttpServletRequest req,
- HttpServletResponse resp,
- String revokeAll, Locale locale)
- throws EBaseException {
- try {
- if (filter.indexOf(CURRENT_TIME, 0) > -1) {
- filter = insertCurrentTime(filter);
- }
- if (revokeAll != null && revokeAll.indexOf(CURRENT_TIME, 0) > -1) {
- revokeAll = insertCurrentTime(revokeAll);
- }
-
- // xxx the filter includes serial number range???
- ICertRecordList list =
- (ICertRecordList) mCertDB.findCertRecordsInList(filter, null, maxCount);
- // sentinel is the index on the list now, not serial number
- Enumeration e =
- list.getCertRecords(sentinel, sentinel + maxCount - 1);
-
- int count = 0;
-
- while (e != null && e.hasMoreElements()) {
- ICertRecord rec = (ICertRecord) e.nextElement();
-
- count++;
- IArgBlock rarg = com.netscape.certsrv.apps.CMS.createArgBlock();
-
- fillRecordIntoArg(rec, rarg);
- argSet.addRepeatRecord(rarg);
- }
-
- header.addStringValue("op", req.getParameter("op"));
- if (revokeAll != null)
- header.addStringValue("revokeAll", revokeAll);
- if (mAuthName != null)
- header.addStringValue("issuerName", mAuthName.toString());
- header.addStringValue("serviceURL", req.getRequestURI());
- header.addStringValue("templateName", "queryCert");
- header.addStringValue("queryFilter", filter);
- header.addIntegerValue("maxCount", maxCount);
- header.addIntegerValue("totalRecordCount", list.getSize());
- if ((sentinel + count) < list.getSize())
- header.addIntegerValue("querySentinelDown", sentinel + count);
- else
- header.addStringValue("querySentinelDown", null);
- } catch (EBaseException e) {
- log(ILogger.LL_FAILURE, com.netscape.certsrv.apps.CMS.getLogMessage("CMSGW_ERROR_LISTCERTS", e.toString()));
- throw e;
- }
- return;
- }
-
- private String insertCurrentTime(String filter) {
- Date now = null;
- StringBuffer newFilter = new StringBuffer();
- int k = 0;
- int i = filter.indexOf(CURRENT_TIME, k);
-
- while (i > -1) {
- if (now == null) now = new Date();
- if (newFilter.length() == 0) {
- newFilter.append(filter.substring(k, i));
- newFilter.append(now.getTime());
- } else {
- newFilter.append(filter.substring(k, i));
- newFilter.append(now.getTime());
- }
- k = i + CURRENT_TIME.length();
- i = filter.indexOf(CURRENT_TIME, k);
- }
- if (k > 0) {
- newFilter.append(filter.substring(k, filter.length()));
- }
- return newFilter.toString();
- }
-
- /**
* Fills cert record into argument block.
*/
private void fillRecordIntoArg(ICertRecord rec, IArgBlock rarg)
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java b/pki/base/common/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java
index 79151072d..19714cbfa 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java
@@ -19,7 +19,6 @@ package com.netscape.cms.servlet.cert.scep;
import java.io.ByteArrayInputStream;
import java.io.FileOutputStream;
-import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
@@ -1853,19 +1852,7 @@ throws EBaseException {
- /**
- * This needs to be re-written to log the messages to the system log, since there
- * will be no visual webpage feedback for the user. (he's using a router)
- */
-
- private void writeError(String errMsg, HttpServletRequest httpReq,
- HttpServletResponse httpResp)
- throws IOException
- {
- }
-
-
- protected String hashPassword(String pwd) {
+ protected String hashPassword(String pwd) {
String salt = "lala123";
byte[] pwdDigest = mSHADigest.digest((salt+pwd).getBytes());
String b64E = com.netscape.osutil.OSUtil.BtoA(pwdDigest);
diff --git a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java
index 4528ea7ed..fd89ceaf1 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java
@@ -574,21 +574,11 @@ public class CMSTemplate extends CMSFile {
flush();
return;
}
-
- public void println(String s) throws IOException {
- print(s);
- write('\n');
- flush();
- return;
- }
}
private class templateLine {
private StringBuffer s = new StringBuffer();
- void templateLine() {
- }
-
void println(String p) {
s.append('\n');
s.append(p);
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java
index 17a4bae66..e18d86cf2 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java
@@ -1210,23 +1210,6 @@ public class DatabasePanel extends WizardPanelBase {
context.put("panel", "admin/console/config/databasepanel.vm");
}
- private boolean isAgreementExist(String replicadn, LDAPConnection conn,
- String name) {
- String dn = "cn="+name+","+replicadn;
- String filter = "(cn="+name+")";
- String[] attrs = {"cn"};
- try {
- LDAPSearchResults results = conn.search(dn, LDAPv3.SCOPE_SUB,
- filter, attrs, false);
- while (results.hasMoreElements())
- return true;
- } catch (LDAPException e) {
- return false;
- }
-
- return false;
- }
-
private void createReplicationManager(LDAPConnection conn, String bindUser, String pwd)
throws LDAPException {
LDAPAttributeSet attrs = null;
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java
index 0a6c5ec36..c1bf138e8 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java
@@ -130,22 +130,4 @@ public class GetSubsystemCert extends CMSServlet {
}
return locale;
}
-
- private String normalizeCertStr(String s) {
- StringBuffer val = new StringBuffer();
-
- for (int i = 0; i < s.length(); i++) {
- if (s.charAt(i) == '\n') {
- continue;
- } else if (s.charAt(i) == '\r') {
- continue;
- } else if (s.charAt(i) == '"') {
- continue;
- } else if (s.charAt(i) == ' ') {
- continue;
- }
- val.append(s.charAt(i));
- }
- return val.toString();
- }
}
diff --git a/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java b/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java
index c065173ca..036bd5d05 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java
@@ -39,7 +39,6 @@ import com.netscape.certsrv.request.IRequest;
import com.netscape.certsrv.request.IRequestQueue;
import com.netscape.certsrv.request.IRequestVirtualList;
import com.netscape.certsrv.request.RequestId;
-import com.netscape.certsrv.request.RequestStatus;
import com.netscape.cms.servlet.base.CMSServlet;
import com.netscape.cms.servlet.common.CMSRequest;
import com.netscape.cms.servlet.common.CMSTemplate;
@@ -359,14 +358,6 @@ public class QueryReq extends CMSServlet {
return;
}
- private static String makeRequestStatusEq(RequestStatus s) {
- return "(" + "requestState" + "=" + s + ")";
- }
-
- private static String makeRequestIdCmp(String op, int bound) {
- return "(requestId" + op + bound + ")";
- }
-
/**
* Perform search based on direction button pressed
* @param filter ldap filter indicating which VLV to search through. This can be
diff --git a/pki/base/common/src/com/netscape/cms/servlet/tks/TokenServlet.java b/pki/base/common/src/com/netscape/cms/servlet/tks/TokenServlet.java
index 1f6efa850..ca7855657 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/tks/TokenServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/tks/TokenServlet.java
@@ -23,7 +23,6 @@ import java.io.OutputStream;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.StringTokenizer;
-import java.util.Vector;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
@@ -46,7 +45,6 @@ import com.netscape.certsrv.base.IPrettyPrintFormat;
import com.netscape.certsrv.base.SessionContext;
import com.netscape.certsrv.common.Constants;
import com.netscape.certsrv.logging.ILogger;
-import com.netscape.certsrv.security.Credential;
import com.netscape.certsrv.tks.ITKSAuthority;
import com.netscape.cms.servlet.base.CMSServlet;
import com.netscape.cms.servlet.common.CMSRequest;
@@ -1376,27 +1374,4 @@ public class TokenServlet extends CMSServlet {
super.service(req, resp);
}
-
- /**
- * Parses uid0=pwd0,uid1=pwd1,... into AgentCredential.
- *
- * @param s credential string
- * @return a list of credentials
- */
- private Credential[] parseCredentialStr(String s) {
- StringTokenizer st = new StringTokenizer(s, ",");
- Vector v = new Vector();
-
- while (st.hasMoreTokens()) {
- String a = st.nextToken();
- StringTokenizer st0 = new StringTokenizer(a, "=");
-
- v.addElement(new Credential(st0.nextToken(),
- st0.nextToken()));
- }
- Credential ac[] = new Credential[v.size()];
-
- v.copyInto(ac);
- return ac;
- }
}
diff --git a/pki/base/common/src/com/netscape/cmscore/apps/CMSEngine.java b/pki/base/common/src/com/netscape/cmscore/apps/CMSEngine.java
index 59b387127..e812cf10a 100644
--- a/pki/base/common/src/com/netscape/cmscore/apps/CMSEngine.java
+++ b/pki/base/common/src/com/netscape/cmscore/apps/CMSEngine.java
@@ -1120,22 +1120,6 @@ public class CMSEngine implements ICMSEngine {
mServerCertNickname = newName;
}
- private String lineParsing(String input, String newName) {
- //<SSLPARAMS servercertnickname="Server-Cert cert-firefly"
- int index = input.indexOf("servercertnickname");
-
- if (index >= 0) {
- String str = input.substring(index + 20);
- int index2 = str.indexOf("\"");
- String newLine = input.substring(0, index + 20)
- + newName + str.substring(index2);
-
- return newLine;
- } else {
- return input;
- }
- }
-
public String getFingerPrint(Certificate cert)
throws CertificateEncodingException, NoSuchAlgorithmException {
return CertUtils.getFingerPrint(cert);
diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java b/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java
index bf698ddad..38901f3be 100644
--- a/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java
+++ b/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java
@@ -295,16 +295,6 @@ public class ChallengePhraseAuthentication implements IAuthManager {
return authToken;
}
- private String getDecimalStr(String str) {
- String newStr = str;
-
- if (str.startsWith("0x") || str.startsWith("0X")) {
- newStr = "" + Integer.parseInt(str.trim().substring(2), 16);
- }
-
- return newStr;
- }
-
private boolean compareChallengePassword(CertRecord record, String pwd)
throws EBaseException {
MetaInfo metaInfo = (MetaInfo) record.get(CertRecord.ATTR_META_INFO);
diff --git a/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java b/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java
index 684f8a8ed..924248d01 100644
--- a/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java
+++ b/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java
@@ -269,132 +269,6 @@ public class SimpleProperties extends Hashtable {
return (slashCount % 2 == 1);
}
- /*
- * Converts encoded \\uxxxx to unicode chars
- * and changes special saved chars to their original forms
- */
- private String loadConvert(String theString) {
- char aChar;
- int len = theString.length();
- StringBuffer outBuffer = new StringBuffer(len);
-
- for (int x = 0; x < len;) {
- aChar = theString.charAt(x++);
- if (aChar == '\\') {
- aChar = theString.charAt(x++);
- if (aChar == 'u') {
- // Read the xxxx
- int value = 0;
-
- for (int i = 0; i < 4; i++) {
- aChar = theString.charAt(x++);
- switch (aChar) {
- case '0':
- case '1':
- case '2':
- case '3':
- case '4':
- case '5':
- case '6':
- case '7':
- case '8':
- case '9':
- value = (value << 4) + aChar - '0';
- break;
-
- case 'a':
- case 'b':
- case 'c':
- case 'd':
- case 'e':
- case 'f':
- value = (value << 4) + 10 + aChar - 'a';
- break;
-
- case 'A':
- case 'B':
- case 'C':
- case 'D':
- case 'E':
- case 'F':
- value = (value << 4) + 10 + aChar - 'A';
- break;
-
- default:
- throw new IllegalArgumentException(
- "Malformed \\uxxxx encoding.");
- }
- }
- outBuffer.append((char) value);
- } else {
- if (aChar == 't') aChar = '\t';
- else if (aChar == 'r') aChar = '\r';
- else if (aChar == 'n') aChar = '\n';
- else if (aChar == 'f') aChar = '\f';
- outBuffer.append(aChar);
- }
- } else
- outBuffer.append(aChar);
- }
- return outBuffer.toString();
- }
-
- /*
- * Converts unicodes to encoded \\uxxxx
- * and writes out any of the characters in specialSaveChars
- * with a preceding slash
- */
- private String saveConvert(String theString) {
- char aChar;
- int len = theString.length();
- StringBuffer outBuffer = new StringBuffer(len * 2);
-
- for (int x = 0; x < len;) {
- aChar = theString.charAt(x++);
- switch (aChar) {
- case '\\':
- outBuffer.append('\\');
- outBuffer.append('\\');
- continue;
-
- case '\t':
- outBuffer.append('\\');
- outBuffer.append('t');
- continue;
-
- case '\n':
- outBuffer.append('\\');
- outBuffer.append('n');
- continue;
-
- case '\r':
- outBuffer.append('\\');
- outBuffer.append('r');
- continue;
-
- case '\f':
- outBuffer.append('\\');
- outBuffer.append('f');
- continue;
-
- default:
- if ((aChar < 20) || (aChar > 127)) {
- outBuffer.append('\\');
- outBuffer.append('u');
- outBuffer.append(toHex((aChar >> 12) & 0xF));
- outBuffer.append(toHex((aChar >> 8) & 0xF));
- outBuffer.append(toHex((aChar >> 4) & 0xF));
- outBuffer.append(toHex((aChar >> 0) & 0xF));
- } else {
- if (specialSaveChars.indexOf(aChar) != -1)
- outBuffer.append('\\');
- outBuffer.append(aChar);
- }
- }
- }
- return outBuffer.toString();
- }
-
/**
* Calls the <code>store(OutputStream out, String header)</code> method
* and suppresses IOExceptions that were thrown.
@@ -599,14 +473,6 @@ public class SimpleProperties extends Hashtable {
}
}
- /**
- * Convert a nibble to a hex character
- * @param nibble the nibble to convert.
- */
- private static char toHex(int nibble) {
- return hexDigit[(nibble & 0xF)];
- }
-
/** A table of hex digits */
private static final char[] hexDigit = {
'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'
diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java
index f55248eec..8a2d1f2d2 100644
--- a/pki/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java
+++ b/pki/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java
@@ -124,22 +124,6 @@ public class PublicKeyMapper implements IDBAttrMapper {
return mLdapName + op + value;
}
- private String normalize(String s) {
- String val = "";
-
- for (int i = 0; i < s.length(); i++) {
- if (s.charAt(i) == '\n') {
- continue;
- } else if (s.charAt(i) == '\r') {
- continue;
- } else if (s.charAt(i) == '"') {
- continue;
- }
- val += s.charAt(i);
- }
- return val;
- }
-
public static String escapeBinaryData(byte data[]) {
String result = "";
diff --git a/pki/base/common/src/com/netscape/cmscore/extensions/KeyUsage.java b/pki/base/common/src/com/netscape/cmscore/extensions/KeyUsage.java
index a5378ced3..9b8e16cf6 100644
--- a/pki/base/common/src/com/netscape/cmscore/extensions/KeyUsage.java
+++ b/pki/base/common/src/com/netscape/cmscore/extensions/KeyUsage.java
@@ -231,9 +231,5 @@ public class KeyUsage implements ICMSExtension {
return params;
}
- private void log(int level, String msg) {
- mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, level, msg);
- }
-
}
diff --git a/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java b/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java
index 95d668283..cdfb7025c 100644
--- a/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java
+++ b/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java
@@ -458,19 +458,6 @@ public class GenericPolicyProcessor implements IPolicyProcessor {
return mAuthority.getId() + ".Policy";
}
- private void setError(IRequest req, String format, String arg) {
- if (format == null)
- return;
- EPolicyException ex = new EPolicyException(format, arg);
-
- Vector ev = req.getExtDataInStringVector(IRequest.ERRORS);
- if (ev == null) {
- ev = new Vector();
- }
- ev.addElement(ex.toString());
- req.setExtData(IRequest.ERRORS, ev);
- }
-
public Enumeration getPolicyImpls() {
Vector impls = new Vector();
Enumeration enum1 = mImplTable.elements();
diff --git a/pki/base/common/src/com/netscape/cmscore/util/OsSubsystem.java b/pki/base/common/src/com/netscape/cmscore/util/OsSubsystem.java
index 47bb62801..05118b9ea 100644
--- a/pki/base/common/src/com/netscape/cmscore/util/OsSubsystem.java
+++ b/pki/base/common/src/com/netscape/cmscore/util/OsSubsystem.java
@@ -32,7 +32,6 @@ import com.netscape.certsrv.logging.ILogger;
import com.netscape.cmscore.base.SubsystemRegistry;
import com.netscape.osutil.LibC;
import com.netscape.osutil.OSUtil;
-import com.netscape.osutil.ResourceLimit;
import com.netscape.osutil.Signal;
import com.netscape.osutil.SignalListener;
import com.netscape.osutil.UserID;
@@ -174,42 +173,6 @@ public final class OsSubsystem implements ISubsystem {
}
/**
- * Hooks up unix signals.
- */
- private void initUnix() throws EBaseException {
- // Set up signal handling. We pretty much exit on anything
- // Signal.watch(Signal.SIGHUP);
- // Signal.watch(Signal.SIGTERM);
- // Signal.watch(Signal.SIGINT);
- // mSignalThread = new SignalThread();
- // mSignalThread.setDaemon(true);
- // mSignalThread.start();
-
- Signal.addSignalListener(Signal.SIGHUP, new SIGHUPListener(this));
- Signal.addSignalListener(Signal.SIGTERM, new SIGTERMListener(this));
- Signal.addSignalListener(Signal.SIGINT, new SIGINTListener(this));
-
- /* Increase the maximum number of file descriptors */
- int i = mConfig.getInteger("maxFiles",
- ResourceLimit.getHardLimit(ResourceLimit.RLIMIT_NOFILE));
-
- ResourceLimit.setLimits(ResourceLimit.RLIMIT_NOFILE,
- i, ResourceLimit.getHardLimit(ResourceLimit.RLIMIT_NOFILE));
-
- // write current pid to specified file
- String pf = mConfig.getString("pidFile", null);
-
- if (pf == null) {
- return; // development environment does not rely on this
- }
- File pidFile = new File(pf);
-
- if (pidFile.exists()) {
- throw new EBaseException(CMS.getUserMessage("CMS_BASE_PID_EXIST"));
- }
- }
-
- /**
* Used to change the process user id usually called after the appropriate
* network ports have been opened.
*/
@@ -344,24 +307,6 @@ public final class OsSubsystem implements ISubsystem {
}
/**
- * Unix restart
- * <P>
- */
- private void restartUnix() {
- // Tell watch dog to restart us
- int ppid = LibC.getppid();
-
- Signal.send(ppid, Signal.SIGHUP);
- }
-
- /**
- * NT restart
- * <P>
- */
- private void restartNT() {
- }
-
- /**
* Returns the root configuration storage of this system.
* <P>
*
diff --git a/pki/base/java-tools/src/com/netscape/cmstools/PasswordCache.java b/pki/base/java-tools/src/com/netscape/cmstools/PasswordCache.java
index f914fab74..cd0351ae4 100644
--- a/pki/base/java-tools/src/com/netscape/cmstools/PasswordCache.java
+++ b/pki/base/java-tools/src/com/netscape/cmstools/PasswordCache.java
@@ -335,24 +335,6 @@ public class PasswordCache {
System.exit(1);
}
}
-
- private static boolean badPassword(String pwd) {
- // XXX - implement only password checking
- return false;
-/*
- PasswordChecker pwdChecker = new PasswordChecker();
-
- if (!pwdChecker.isGoodPassword(pwd)) {
- String reason = pwdChecker.getReason(pwd);
-
- System.out.println("New password does not pass password " +
- "quality test: " + reason);
- return true;
- } else {
- return false;
- }
-*/
- }
}
diff --git a/pki/base/kra/src/com/netscape/kra/EnrollmentService.java b/pki/base/kra/src/com/netscape/kra/EnrollmentService.java
index 397793bfc..6415e1903 100644
--- a/pki/base/kra/src/com/netscape/kra/EnrollmentService.java
+++ b/pki/base/kra/src/com/netscape/kra/EnrollmentService.java
@@ -855,43 +855,6 @@ public class EnrollmentService implements IService {
}
/**
- * Signed Audit Log Recovery ID
- *
- * This method is called to obtain the "RecoveryID" for
- * a signed audit log message.
- * <P>
- *
- * @return id string containing the signed audit log message RecoveryID
- */
- private String auditRecoveryID() {
- // if no signed audit object exists, bail
- if (mSignedAuditLogger == null) {
- return null;
- }
-
- String recoveryID = null;
-
- // Initialize recoveryID
- SessionContext auditContext = SessionContext.getExistingContext();
-
- if (auditContext != null) {
- recoveryID = (String)
- auditContext.get(SessionContext.RECOVERY_ID);
-
- if (recoveryID != null) {
- recoveryID = recoveryID.trim();
- } else {
- recoveryID = ILogger.UNIDENTIFIED;
- }
- } else {
- recoveryID = ILogger.UNIDENTIFIED;
- }
-
- return recoveryID;
- }
-
-
- /**
* Signed Audit Log
*
* This method is called to store messages to the signed audit log.
diff --git a/pki/base/silent/src/com/netscape/pkisilent/argparser/StringScanner.java b/pki/base/silent/src/com/netscape/pkisilent/argparser/StringScanner.java
index fae67c791..6153f180f 100644
--- a/pki/base/silent/src/com/netscape/pkisilent/argparser/StringScanner.java
+++ b/pki/base/silent/src/com/netscape/pkisilent/argparser/StringScanner.java
@@ -577,14 +577,6 @@ class StringScanner
}
}
- private int skipWhiteSpace(int k)
- {
- while (Character.isWhitespace(buf[k]))
- { k++;
- }
- return k;
- }
-
public boolean atEnd()
{
return idx == len;
diff --git a/pki/base/silent/src/com/netscape/pkisilent/common/AutoInstaller.java b/pki/base/silent/src/com/netscape/pkisilent/common/AutoInstaller.java
index a16a6cc53..925e04dc0 100644
--- a/pki/base/silent/src/com/netscape/pkisilent/common/AutoInstaller.java
+++ b/pki/base/silent/src/com/netscape/pkisilent/common/AutoInstaller.java
@@ -748,60 +748,6 @@ public class AutoInstaller {
}
- private boolean taskCloneMaster() {
- System.out.println("configuring Cert Instance : taskCloneMaster");
- setConfigURL();
- String myStringUrl = "http://" + host + ":" + adminPort + configURL;
-
- System.out.println(myStringUrl);
- String query = "serverRoot=" + URLEncoder.encode(serverRoot);
-
- query += "&";
- query += "&claPortnumEE=" + URLEncoder.encode(caEEPort);
- query += "&claPortnum=" + URLEncoder.encode(caAgentPortnum);
- query += "&claHostname=" + URLEncoder.encode(caHostname);
- query += "&ra=false";
- query += "&ca=true";
- query += "&kra=false";
- query += "&subsystems=ca";
- query += "&cloning=true";
- query += "&cloningInstance=" + URLEncoder.encode(cloneInstanceId);
- query += "&claTimeout=" + URLEncoder.encode("60");
- query += "&internaldb.ldapauth.bindDN="
- + URLEncoder.encode(dbLDAPauthDN);
- query += "&AdminUserPassword=" + URLEncoder.encode(adminPWD);
- query += "&db.password=" + URLEncoder.encode(dbPassword);
- query += "&instanceID=" + URLEncoder.encode(instanceID);
- query += "&opType=" + URLEncoder.encode("OP_MODIFY");
- query += "&taskID=" + URLEncoder.encode("taskCloneMaster");
- query += "&cmsSeed=0";
- setPostQueryString(query);
- return Connect(myStringUrl);
- }
-
- private boolean taskCloning() {
- System.out.println("configuring Cert Instance : taskCloning");
- setConfigURL();
- String myStringUrl = "http://" + host + ":" + adminPort + configURL;
-
- System.out.println(myStringUrl);
- String query = "serverRoot=" + URLEncoder.encode(serverRoot);
-
- query += "&";
- query += "&cloneTokenPasswd=" + URLEncoder.encode(dbPassword);
- query += "&cloneTokenName=" + URLEncoder.encode("internal");
- query += "&cloningInstance=" + URLEncoder.encode(cloneInstanceId);
- query += "&cloneSameMachine=true";
- query += "&AdminUserPassword=" + URLEncoder.encode(adminPWD);
- query += "&certType=" + URLEncoder.encode(certType);
- query += "&instanceID=" + URLEncoder.encode(instanceID);
- query += "&opType=" + URLEncoder.encode("OP_MODIFY");
- query += "&taskID=" + URLEncoder.encode("taskCloning");
- query += "&cmsSeed=0";
- setPostQueryString(query);
- return Connect(myStringUrl);
- }
-
private boolean setSerial(String start, String end) {
System.out.println("configuring Cert Instance : setCASerial");
setConfigURL();
@@ -872,25 +818,6 @@ public class AutoInstaller {
}
- private boolean serverMigration() {
- System.out.println("configuring Cert Instance : Server migration");
- setConfigURL();
- String myStringUrl = "http://" + host + ":" + adminPort + configURL;
-
- System.out.println(myStringUrl);
- String query = "AdminUserPassword=" + URLEncoder.encode(adminPWD);
-
- query += "&";
- query += "instanceID=" + URLEncoder.encode(instanceID);
- query += "&migrationEnable=" + URLEncoder.encode("false");
- query += "&opType=" + URLEncoder.encode("OP_MODIFY");
- query += "&taskID=" + URLEncoder.encode("migration");
- query += "&cmsSeed=0";
- setPostQueryString(query);
- return Connect(myStringUrl);
-
- }
-
private boolean initializePWD() {
System.out.println("configuring Cert Instance : Initialize token");
setConfigURL();
@@ -1570,32 +1497,6 @@ public class AutoInstaller {
return Connect(myStringUrl);
}
- private boolean setupKRAAgents() {
- System.out.println("configuring Cert Instance : KRA Agents");
- setConfigURL();
- String myStringUrl = "http://" + host + ":" + adminPort + configURL;
-
- System.out.println(myStringUrl);
- String query = "AdminUserPassword=" + URLEncoder.encode(adminPWD);
-
- query += "&";
- query += "instanceID=" + URLEncoder.encode(instanceID);
- query += "&serverRoot=" + URLEncoder.encode(serverRoot);
- query += "&opType=" + URLEncoder.encode("OP_MODIFY");
- query += "&taskID=" + URLEncoder.encode("agents");
- query += "&n=" + URLEncoder.encode("3");
- query += "&m=" + URLEncoder.encode("2");
- query += "&uid2=" + URLEncoder.encode("agent3");
- query += "&uid0=" + URLEncoder.encode("agent1");
- query += "&uid1=" + URLEncoder.encode("agent2");
- query += "&pwd1=" + URLEncoder.encode("netscape");
- query += "&pwd2=" + URLEncoder.encode("netscape");
- query += "&pwd0=" + URLEncoder.encode("netscape");
- query += "&cmsSeed=0";
- setPostQueryString(query);
- return Connect(myStringUrl);
- }
-
private boolean ConfRA() {
// Start Configuring
@@ -2230,116 +2131,6 @@ public class AutoInstaller {
// Configure Clone
- private boolean ConfClone() {
- // Start Configuring
-
- // Step 1. Start Deamon
-
- if (!startDeamon()) {
- System.out.println(
- "Configuring Cert Instance: Unable to start deamon");
- return false;
- }
-
- // Sometimes it takes time to start deamon so wait for few seconds
- try {
- System.out.println("going to sleep for 10 seconds");
- Thread.sleep(10000);
- } catch (InterruptedException ie) {
- System.out.println("sleep exection");
- }
-
- // Step 1a: Initialize Token ( Changed in 6.0)jjj
- if (!initializePWD()) {
- System.out.println(
- "Configuring Cert Instance: error initializing pwd token");
- return false;
- }
-
- // Step 2. Configure Internal DB
- if (!configInternalDB()) {
- System.out.println(
- "Configuring Cert Instance: error configuring internal db");
- return false;
- }
-
- // Step 3. Create Admin Values
- if (!createAdminValues()) {
- System.out.println(
- "Configuring Cert Instance: error configuring admin values ");
- return false;
- }
-
- // Step 4. SubSystems
-
- if (!selectSubSystem()) {
- System.out.println(
- "Configuring Cert Instance: error selecting subsystems");
- return false;
- }
-
- // Step 5. SetCASerial
- if (!setSerial("1000000", "2000000")) {
- System.out.println("Configuring Cert Instance: error setSerial");
- return false;
- }
-
- if (!setOCSP()) {
- System.out.println("Configuring Cert Instance: error setOCSP");
- return false;
- }
-
- // Step 5. Network Configuration
- if (!networkConfig()) {
- System.out.println(
- "Configuring Cert Instance: error configuring network ports ");
- return false;
- }
-
- if (!taskCloning()) {
- System.out.println("Configuring Cert Instance: error Task Cloning ");
- return false;
- }
-
- if (!taskCloneMaster()) {
- System.out.println(
- "Configuring Cert Instance: error configuring network ports ");
- return false;
- }
-
- // Create a SSL signing cert
- certType = "serverCert";
-
- if (!taskCloning()) {
- System.out.println("Configuring Cert Instance: error Task Cloning ");
- return false;
- }
-
- // Step 11
- if (!singleSignON()) {
- System.out.println(
- "Configuring Cert Instance: error setting up singlesignon");
- return false;
- }
-
- // Step 11
- if (!doMisc()) {
- System.out.println(
- "Configuring Cert Instance: error setting up miscell");
- return false;
- }
-
- // Step 12
- if (!exitDeamon()) {
- System.out.println(
- "Configuring Cert Instance: Unable to exit deamon");
- return false;
- }
-
- return true;
-
- }
-
public boolean readProperties() {
// Read the properties file and assign values to variables .
try {
diff --git a/pki/base/silent/src/com/netscape/pkisilent/common/CMSConfig.java b/pki/base/silent/src/com/netscape/pkisilent/common/CMSConfig.java
index 6913a1440..94c57a62c 100644
--- a/pki/base/silent/src/com/netscape/pkisilent/common/CMSConfig.java
+++ b/pki/base/silent/src/com/netscape/pkisilent/common/CMSConfig.java
@@ -40,20 +40,6 @@ public class CMSConfig extends ServerInfo {
readCMSConfig();
}
- private void getProperties(String filePath) throws Exception {
- try {
- FileInputStream fis = new FileInputStream(filePath);
-
- props = new CMSProperties();
- props.load(fis);
- System.out.println("Reading Properties file successful");
- fis.close();
- } catch (Exception e) {
- System.out.println("exception " + e.getMessage());
- }
-
- }
-
private void readCMSConfig() {
try {
@@ -517,51 +503,6 @@ public class CMSConfig extends ServerInfo {
CMSprops.setProperty("cardcryptogram.validate.enable", "false");
}
- private void ARLOn() {
- CMSprops.setProperty(
- "ca.crl.MasterCRL.extension.IssuingDistributionPoint.critical",
- "true");
- CMSprops.setProperty(
- "ca.crl.MasterCRL.extension.IssuingDistributionPoint.enable",
- "true");
- CMSprops.setProperty(
- "ca.crl.MasterCRL.extension.IssuingDistributionPoint.indirectCRL",
- "false");
- CMSprops.setProperty(
- "ca.crl.MasterCRL.extension.IssuingDistributionPoint.onlyContainsCACerts",
- "true");
- CMSprops.setProperty(
- "ca.crl.MasterCRL.extension.IssuingDistributionPoint.onlyContainsUserCerts",
- "false");
- CMSprops.setProperty(
- "ca.crl.MasterCRL.extension.IssuingDistributionPoint.onlySomeReasons",
- null);
- CMSprops.setProperty(
- "ca.crl.MasterCRL.extension.IssuingDistributionPoint.pointName",
- null);
- CMSprops.setProperty(
- "ca.crl.MasterCRL.extension.IssuingDistributionPoint.pointType",
- "DirectoryName");
- CMSprops.setProperty(
- "ca.crl.MasterCRL.extension.IssuingDistributionPoint.type",
- "CRLExtension");
- CMSprops.setProperty("ca.crl.MasterCRL.allowExtensions", "true");
- CMSprops.setProperty("ca.crl.MasterCRL.alwaysUpdate", "true");
- CMSprops.setProperty("ca.crl.MasterCRL.autoUpdateInterval", "5");
- CMSprops.setProperty("ca.crl.MasterCRL.caCertsOnly", "true");
- CMSprops.setProperty("ca.crl.MasterCRL.cacheUpdateInterval", "5");
- CMSprops.setProperty("ca.crl.MasterCRL.class",
- "com.netscape.cmscore.ca.CRLIssuingPoint");
-
- CMSprops.setProperty("ca.crl.MasterCRL.description",
- "CA's complete Certificate Revocation List");
- CMSprops.setProperty("ca.crl.MasterCRL.enableCRLCache", "true");
- CMSprops.setProperty("ca.crl.MasterCRL.includeExpiredCerts", "true");
- CMSprops.setProperty("ca.crl.MasterCRL.nextUpdateSkew", "5");
- CMSprops.setProperty("ca.crl.MasterCRL.signingAlgorithm", "SHA1withRSA");
-
- }
-
// Policies
public void DefaultValidityRule(String SubsystemType, String lagtime, String leadtime, String maxValidity) {
if (SubsystemType.equals("ca")) {
diff --git a/pki/base/silent/src/com/netscape/pkisilent/common/CMSLDAP.java b/pki/base/silent/src/com/netscape/pkisilent/common/CMSLDAP.java
index 51dbd2127..038ec42f9 100644
--- a/pki/base/silent/src/com/netscape/pkisilent/common/CMSLDAP.java
+++ b/pki/base/silent/src/com/netscape/pkisilent/common/CMSLDAP.java
@@ -98,17 +98,6 @@ public class CMSLDAP {
}
- private boolean RemoveInstance(String basedn) {
- try {
- conn.delete(basedn);
- return true;
- } catch (Exception e) {
- System.out.println("ERROR: " + e.toString());
- return false;
- }
-
- }
-
/**
* Search for certificaterevocationList attribute. Takes basedn and filter as parameters
*/
diff --git a/pki/base/silent/src/com/netscape/pkisilent/common/ServerInfo.java b/pki/base/silent/src/com/netscape/pkisilent/common/ServerInfo.java
index 89fa768ca..c353c4ae8 100644
--- a/pki/base/silent/src/com/netscape/pkisilent/common/ServerInfo.java
+++ b/pki/base/silent/src/com/netscape/pkisilent/common/ServerInfo.java
@@ -252,20 +252,6 @@ public class ServerInfo {
}
}
- private void getProperties(String filePath) throws Exception {
- try {
- FileInputStream fis = new FileInputStream(filePath);
-
- props = new CMSProperties();
- props.load(fis);
- System.out.println("Reading Properties file successful");
- fis.close();
- } catch (Exception e) {
- System.out.println("exception " + e.getMessage());
- }
-
- }
-
private String stripSpace(String s) {
String val = "";
diff --git a/pki/base/silent/src/com/netscape/pkisilent/common/TestClient.java b/pki/base/silent/src/com/netscape/pkisilent/common/TestClient.java
index fc2668565..d711e409e 100644
--- a/pki/base/silent/src/com/netscape/pkisilent/common/TestClient.java
+++ b/pki/base/silent/src/com/netscape/pkisilent/common/TestClient.java
@@ -19,10 +19,8 @@ package com.netscape.pkisilent.common;
import java.io.BufferedReader;
import java.io.FileInputStream;
-import java.io.IOException;
import java.io.InputStreamReader;
import java.net.ServerSocket;
-import java.net.Socket;
import java.util.Properties;
import org.mozilla.jss.crypto.X509Certificate;
@@ -468,20 +466,6 @@ public class TestClient implements SSLCertificateApprovalCallback {
return s;
}
- private static boolean isSocketUnused(String h, int p) {
-
- try {
-
- Socket ss = new Socket(h, p);
-
- ss.close();
- return false;
-
- } catch (IOException e) {
- return true;
- }
- }
-
/**
* returns FreePort in this machine . Takes a parmater portnumber. For example getFreePort("4026").
*/
diff --git a/pki/base/silent/src/com/netscape/pkisilent/common/UserEnroll.java b/pki/base/silent/src/com/netscape/pkisilent/common/UserEnroll.java
index fa402cf61..cd6ebd878 100644
--- a/pki/base/silent/src/com/netscape/pkisilent/common/UserEnroll.java
+++ b/pki/base/silent/src/com/netscape/pkisilent/common/UserEnroll.java
@@ -155,10 +155,6 @@ public class UserEnroll extends TestClient {
certType = ct;
}
- private long getElapsedTime() {
- return elapsedTime;
- }
-
public boolean enroll_load() {
buildquery();
setStatusString("");
diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java
index 29fbc4e87..3c563d939 100644
--- a/pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java
+++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java
@@ -78,7 +78,6 @@ public class CertID implements ASN1Value
///////////////////////////////////////////////////////////////////////
// Constructors
///////////////////////////////////////////////////////////////////////
- private CertID() { }
public CertID(AlgorithmIdentifier hashAlgorithm,
OCTET_STRING issuerNameHash, OCTET_STRING issuerKeyHash,
diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java
index 98f50e7ef..ea2e54221 100644
--- a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java
+++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java
@@ -65,11 +65,7 @@ public class OCSPRequest implements ASN1Value
{
return optionalSignature;
}
-
- ///////////////////////////////////////////////////////////////////////
- // Constructors
- ///////////////////////////////////////////////////////////////////////
- private OCSPRequest() { }
+
/* THIS code is probably broken. It does not properly encode the explicit element */
diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java
index 67f6242c5..d8635fe2a 100644
--- a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java
+++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java
@@ -58,11 +58,6 @@ public class OCSPResponse implements ASN1Value
return responseBytes;
}
- ///////////////////////////////////////////////////////////////////////
- // Constructors
- ///////////////////////////////////////////////////////////////////////
- private OCSPResponse() { }
-
public OCSPResponse(OCSPResponseStatus responseStatus,
ResponseBytes responseBytes)
{
diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java
index ee2b62020..145fbe7d0 100644
--- a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java
+++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java
@@ -69,11 +69,6 @@ public class OCSPResponseStatus implements ASN1Value
return responseStatus.getValue();
}
- ///////////////////////////////////////////////////////////////////////
- // Constructors
- ///////////////////////////////////////////////////////////////////////
- private OCSPResponseStatus() { }
-
public OCSPResponseStatus(long val)
{
responseStatus = new ENUMERATED(val);
diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java
index f180709de..9f277bb96 100644
--- a/pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java
+++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java
@@ -72,11 +72,6 @@ public class Request implements ASN1Value
return (Extension) singleRequestExtensions.elementAt(index);
}
- ///////////////////////////////////////////////////////////////////////
- // constructors
- ///////////////////////////////////////////////////////////////////////
- private Request() { }
-
public Request(CertID reqCert, SEQUENCE singleRequestExtensions)
{
sequence = new SEQUENCE();
diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java
index 80a15b910..b5fed0d9f 100644
--- a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java
+++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java
@@ -64,11 +64,6 @@ public class ResponseBytes implements ASN1Value
return response;
}
- ///////////////////////////////////////////////////////////////////////
- // Constructors
- ///////////////////////////////////////////////////////////////////////
- private ResponseBytes() { }
-
public ResponseBytes(OBJECT_IDENTIFIER responseType, OCTET_STRING response)
{
sequence = new SEQUENCE();
diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java
index 2810182e1..d670dfe23 100644
--- a/pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java
+++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java
@@ -81,11 +81,6 @@ public class Signature implements ASN1Value
return (Certificate) certs.elementAt(index);
}
- ///////////////////////////////////////////////////////////////////////
- // constructors
- ///////////////////////////////////////////////////////////////////////
- private Signature() { }
-
public Signature(AlgorithmIdentifier signatureAlgorithm,
BIT_STRING signature, SEQUENCE certs)
{
diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java
index 4e09c5914..ea23200db 100644
--- a/pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java
+++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java
@@ -98,8 +98,6 @@ public class TBSRequest implements ASN1Value
// constructors
///////////////////////////////////////////////////////////////////////
- private TBSRequest() {}
-
public TBSRequest(INTEGER version, ANY requestorName,
SEQUENCE requestList, SEQUENCE requestExtensions)
{
diff --git a/pki/base/util/src/netscape/security/extensions/OCSPNoCheckExtension.java b/pki/base/util/src/netscape/security/extensions/OCSPNoCheckExtension.java
index 68d0e8a30..ec3dbbb86 100644
--- a/pki/base/util/src/netscape/security/extensions/OCSPNoCheckExtension.java
+++ b/pki/base/util/src/netscape/security/extensions/OCSPNoCheckExtension.java
@@ -97,13 +97,6 @@ public class OCSPNoCheckExtension extends Extension implements CertAttrSet {
}
}
- private void encodeThis(DerOutputStream out) throws IOException {
- if (mCached == null) {
- super.encode(out);
- mCached = out.toByteArray();
- }
- }
-
public String toString() {
String presentation = "oid=" + OID + " ";
diff --git a/pki/base/util/src/netscape/security/pkcs/PKCS8Key.java b/pki/base/util/src/netscape/security/pkcs/PKCS8Key.java
index 20a788fcb..eb4478fc1 100644
--- a/pki/base/util/src/netscape/security/pkcs/PKCS8Key.java
+++ b/pki/base/util/src/netscape/security/pkcs/PKCS8Key.java
@@ -69,18 +69,6 @@ public class PKCS8Key implements PrivateKey {
*/
public PKCS8Key() { }
- /*
- * Build and initialize as a "default" key. All PKCS#8 key
- * data is stored and transmitted losslessly, but no knowledge
- * about this particular algorithm is available.
- */
- private PKCS8Key (AlgorithmId algid, byte key [])
- throws InvalidKeyException {
- this.algid = algid;
- this.key = key;
- encode();
- }
-
/**
* Construct PKCS#8 subject public key from a DER value. If
* the runtime environment is configured with a specific class for
diff --git a/pki/base/util/src/netscape/security/provider/DSA.java b/pki/base/util/src/netscape/security/provider/DSA.java
index a40bd0295..9fa5b9f6c 100644
--- a/pki/base/util/src/netscape/security/provider/DSA.java
+++ b/pki/base/util/src/netscape/security/provider/DSA.java
@@ -20,8 +20,6 @@ package netscape.security.provider;
import java.io.IOException;
import java.io.PrintStream;
import java.math.BigInteger;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.MessageDigest;
@@ -32,8 +30,6 @@ import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.DSAParams;
-import java.security.spec.DSAParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
import netscape.security.util.BigInt;
import netscape.security.util.DerInputStream;
@@ -143,20 +139,6 @@ public final class DSA extends Signature {
setParams(params);
}
- private void initialize(AlgorithmParameters params)
- throws InvalidAlgorithmParameterException {
- try {
- DSAParameterSpec dsaParamSpec;
- dsaParamSpec = (DSAParameterSpec)params.getParameterSpec
- (DSAParameterSpec.class);
- dataSHA.reset();
- setParams(dsaParamSpec);
- } catch (InvalidParameterSpecException e) {
- throw new InvalidAlgorithmParameterException
- ("Inappropriate parameter");
- }
- }
-
/**
* Sign all the data thus far updated. The signature is formatted
* according to the Canonical Encoding Rules, returned as a DER
@@ -228,10 +210,6 @@ public final class DSA extends Signature {
return v.equals(r);
}
- private void reset() {
- dataSHA.reset();
- }
-
BigInteger generateR(BigInteger p, BigInteger q, BigInteger g,
BigInteger k) {
BigInteger temp = g.modPow(k, p);
@@ -510,12 +488,6 @@ public final class DSA extends Signature {
this.presetG = params.getG();
}
- private void setParams(DSAParameterSpec params) {
- this.presetP = params.getP();
- this.presetQ = params.getQ();
- this.presetG = params.getG();
- }
-
/**
* Update a byte to be signed or verified.
*
@@ -670,12 +642,6 @@ public final class DSA extends Signature {
/* End test vector values */
- private static void debug(Exception e) {
- if (debug) {
- e.printStackTrace();
- }
- }
-
private static void debug(String s) {
if (debug) {
System.err.println(s);
diff --git a/pki/base/util/src/netscape/security/provider/MD5.java b/pki/base/util/src/netscape/security/provider/MD5.java
index a3c12490d..a6adaac20 100644
--- a/pki/base/util/src/netscape/security/provider/MD5.java
+++ b/pki/base/util/src/netscape/security/provider/MD5.java
@@ -69,14 +69,7 @@ public final class MD5 extends MessageDigestSpi implements Cloneable {
init();
}
- private MD5(MD5 md5) {
- this();
- this.state = (int[])md5.state.clone();
- this.transformBuffer = (int[])md5.transformBuffer.clone();
- this.buffer = (byte[])md5.buffer.clone();
- this.digestBits = (byte[])md5.digestBits.clone();
- this.count = md5.count;
- }
+
/* **********************************************************
* The MD5 Functions. These are copied verbatim from
diff --git a/pki/base/util/src/netscape/security/provider/SHA.java b/pki/base/util/src/netscape/security/provider/SHA.java
index 2e5ac328e..6e4bf51e7 100644
--- a/pki/base/util/src/netscape/security/provider/SHA.java
+++ b/pki/base/util/src/netscape/security/provider/SHA.java
@@ -56,20 +56,6 @@ public class SHA extends MessageDigestSpi implements Cloneable {
private int AA, BB, CC, DD, EE;
- /**
- * Creates a SHA object.with state (for cloning) */
- private SHA(SHA sha) {
- this();
- this.version = sha.version;
- System.arraycopy(sha.W, 0, this.W, 0, W.length);
- this.count = sha.count;
- this.AA = sha.AA;
- this.BB = sha.BB;
- this.CC = sha.CC;
- this.DD = sha.DD;
- this.EE = sha.EE;
- }
-
SHA(int version) {
this();
this.version = version;
diff --git a/pki/base/util/src/netscape/security/util/DerValue.java b/pki/base/util/src/netscape/security/util/DerValue.java
index 58ef8eccc..93ca21240 100644
--- a/pki/base/util/src/netscape/security/util/DerValue.java
+++ b/pki/base/util/src/netscape/security/util/DerValue.java
@@ -490,24 +490,6 @@ public class DerValue {
}
/*
- * Internal utility ... returns a string regardless of what
- * restrictions have been placed on its encoding.
- */
- private String simpleGetString() throws IOException {
- StringBuffer s = new StringBuffer(length);
- try {
- int temp = length;
-
- data.reset ();
- while (temp-- > 0)
- s.append ((char) data.getByte ());
- } catch (IOException e) {
- return null;
- }
- return new String (s);
- }
-
- /*
* @eturns a string if the DerValue is a ASN.1 character string type and
* if there is a ByteToChar converter for the type. Returns null otherwise.
*/
diff --git a/pki/base/util/src/netscape/security/x509/CRLDistributionPoint.java b/pki/base/util/src/netscape/security/x509/CRLDistributionPoint.java
index 5207e3199..8c88ec7e7 100644
--- a/pki/base/util/src/netscape/security/x509/CRLDistributionPoint.java
+++ b/pki/base/util/src/netscape/security/x509/CRLDistributionPoint.java
@@ -478,11 +478,5 @@ public static class Template implements ASN1Template {
}
}
-private static void toFile(String filename, byte[] bytes) throws IOException{
- FileOutputStream fos = new FileOutputStream(filename);
- fos.write(bytes);
- fos.close();
-}
-
}
diff --git a/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java b/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java
index 2ed340962..aa8c20b82 100644
--- a/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java
+++ b/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java
@@ -71,9 +71,6 @@ public class CRLDistributionPointsExtension extends Extension
// vector of CRLDistributionPoint
private SEQUENCE distributionPoints = new SEQUENCE();
- // no default constructor
- private CRLDistributionPointsExtension() { }
-
// Cached DER-encoding to improve performance.
private byte[] cachedEncoding=null;
diff --git a/pki/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java b/pki/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java
index 1cef0f883..51b7001e9 100644
--- a/pki/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java
+++ b/pki/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java
@@ -116,10 +116,6 @@ public class IssuingDistributionPointExtension extends Extension
private byte[] cachedEncoding=null;
- // no default constructor
- private IssuingDistributionPointExtension() { }
-
-
static {
try {
OIDMap.addAttribute(IssuingDistributionPointExtension.class.getName(),
diff --git a/pki/base/util/src/netscape/security/x509/OIDMap.java b/pki/base/util/src/netscape/security/x509/OIDMap.java
index 0b0fd5a36..082ecc4fd 100644
--- a/pki/base/util/src/netscape/security/x509/OIDMap.java
+++ b/pki/base/util/src/netscape/security/x509/OIDMap.java
@@ -19,7 +19,6 @@ package netscape.security.x509;
import java.io.File;
import java.io.FileInputStream;
-import java.io.FileOutputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.util.Enumeration;
@@ -211,17 +210,6 @@ public class OIDMap {
}
}
- // save to file
- private static void saveDefaults(Properties props, String fileName) {
- try {
- FileOutputStream fos = new FileOutputStream(fileName);
- props.save(fos, "Registered classes");
- fos.close();
- } catch (IOException e) {
- System.err.println(e);
- }
- }
-
/**
* Add a name to lookup table.
*
diff --git a/pki/base/util/src/netscape/security/x509/X509CRLImpl.java b/pki/base/util/src/netscape/security/x509/X509CRLImpl.java
index c76e8e25b..14cf3c016 100755
--- a/pki/base/util/src/netscape/security/x509/X509CRLImpl.java
+++ b/pki/base/util/src/netscape/security/x509/X509CRLImpl.java
@@ -111,12 +111,6 @@ public class X509CRLImpl extends X509CRL {
private boolean readOnly = false;
/**
- * Not to be used. As it would lead to cases of uninitialized
- * CRL objects.
- */
- private X509CRLImpl() { }
-
- /**
* Unmarshals an X.509 CRL from its encoded form, parsing the encoded
* bytes. This form of constructor is used by agents which
* need to examine and use CRL contents. Note that the buffer