diff options
Diffstat (limited to 'base/common/src/com/netscape/certsrv/cert')
14 files changed, 2781 insertions, 0 deletions
diff --git a/base/common/src/com/netscape/certsrv/cert/CertData.java b/base/common/src/com/netscape/certsrv/cert/CertData.java new file mode 100644 index 000000000..58f7fcd2c --- /dev/null +++ b/base/common/src/com/netscape/certsrv/cert/CertData.java @@ -0,0 +1,283 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2012 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.cert; + +import java.io.PrintWriter; +import java.io.StringReader; +import java.io.StringWriter; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; +import javax.xml.bind.annotation.XmlAttribute; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; + +import org.jboss.resteasy.plugins.providers.atom.Link; + +import com.netscape.certsrv.dbs.certdb.CertId; +import com.netscape.certsrv.dbs.certdb.CertIdAdapter; + +/** + * @author alee + * + */ +@XmlRootElement(name = "CertData") +public class CertData { + + public static Marshaller marshaller; + public static Unmarshaller unmarshaller; + + static { + try { + marshaller = JAXBContext.newInstance(CertData.class).createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); + unmarshaller = JAXBContext.newInstance(CertData.class).createUnmarshaller(); + } catch (Exception e) { + e.printStackTrace(); + } + } + + CertId serialNumber; + String issuerDN; + String subjectDN; + String prettyPrint; + String encoded; + String pkcs7CertChain; + String notBefore; + String notAfter; + String status; + + Link link; + + @XmlAttribute(name="id") + @XmlJavaTypeAdapter(CertIdAdapter.class) + public CertId getSerialNumber() { + return serialNumber; + } + + public void setSerialNumber(CertId serialNumber) { + this.serialNumber = serialNumber; + } + + @XmlElement(name="IssuerDN") + public String getIssuerDN() { + return issuerDN; + } + + public void setIssuerDN(String issuerDN) { + this.issuerDN = issuerDN; + } + + @XmlElement(name="SubjectDN") + public String getSubjectDN() { + return subjectDN; + } + + public void setSubjectDN(String subjectDN) { + this.subjectDN = subjectDN; + } + + @XmlElement(name="PrettyPrint") + public String getPrettyPrint() { + return prettyPrint; + } + + public void setPrettyPrint(String prettyPrint) { + this.prettyPrint = prettyPrint; + } + + @XmlElement(name="Encoded") + public String getEncoded() { + return encoded; + } + + public void setEncoded(String encoded) { + this.encoded = encoded; + } + + @XmlElement(name="PKCS7CertChain") + public void setPkcs7CertChain(String chain) { + this.pkcs7CertChain = chain; + } + + public String getPkcs7CertChain() { + return pkcs7CertChain; + } + + @XmlElement(name="NotBefore") + public String getNotBefore() { + return notBefore; + } + + public void setNotBefore(String notBefore) { + this.notBefore = notBefore; + } + + @XmlElement(name="NotAfter") + public String getNotAfter() { + return notAfter; + } + + public void setNotAfter(String notAfter) { + this.notAfter = notAfter; + } + + @XmlElement(name="Status") + public String getStatus() { + return status; + } + + public void setStatus(String status) { + this.status = status; + } + + @XmlElement(name="Link") + public Link getLink() { + return link; + } + + public void setLink(Link link) { + this.link = link; + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + ((encoded == null) ? 0 : encoded.hashCode()); + result = prime * result + ((issuerDN == null) ? 0 : issuerDN.hashCode()); + result = prime * result + ((notAfter == null) ? 0 : notAfter.hashCode()); + result = prime * result + ((notBefore == null) ? 0 : notBefore.hashCode()); + result = prime * result + ((pkcs7CertChain == null) ? 0 : pkcs7CertChain.hashCode()); + result = prime * result + ((prettyPrint == null) ? 0 : prettyPrint.hashCode()); + result = prime * result + ((serialNumber == null) ? 0 : serialNumber.hashCode()); + result = prime * result + ((status == null) ? 0 : status.hashCode()); + result = prime * result + ((subjectDN == null) ? 0 : subjectDN.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + CertData other = (CertData) obj; + if (encoded == null) { + if (other.encoded != null) + return false; + } else if (!encoded.equals(other.encoded)) + return false; + if (issuerDN == null) { + if (other.issuerDN != null) + return false; + } else if (!issuerDN.equals(other.issuerDN)) + return false; + if (notAfter == null) { + if (other.notAfter != null) + return false; + } else if (!notAfter.equals(other.notAfter)) + return false; + if (notBefore == null) { + if (other.notBefore != null) + return false; + } else if (!notBefore.equals(other.notBefore)) + return false; + if (pkcs7CertChain == null) { + if (other.pkcs7CertChain != null) + return false; + } else if (!pkcs7CertChain.equals(other.pkcs7CertChain)) + return false; + if (prettyPrint == null) { + if (other.prettyPrint != null) + return false; + } else if (!prettyPrint.equals(other.prettyPrint)) + return false; + if (serialNumber == null) { + if (other.serialNumber != null) + return false; + } else if (!serialNumber.equals(other.serialNumber)) + return false; + if (status == null) { + if (other.status != null) + return false; + } else if (!status.equals(other.status)) + return false; + if (subjectDN == null) { + if (other.subjectDN != null) + return false; + } else if (!subjectDN.equals(other.subjectDN)) + return false; + return true; + } + + public String toString() { + try { + StringWriter sw = new StringWriter(); + marshaller.marshal(this, sw); + return sw.toString(); + + } catch (Exception e) { + return super.toString(); + } + } + + public static CertData valueOf(String string) throws Exception { + try { + return (CertData)unmarshaller.unmarshal(new StringReader(string)); + } catch (Exception e) { + return null; + } + } + + public static void main(String args[]) throws Exception { + + StringWriter sw = new StringWriter(); + PrintWriter out = new PrintWriter(sw, true); + + out.println("-----BEGIN CERTIFICATE-----"); + out.println("MIIB/zCCAWgCCQCtpWH58pqsejANBgkqhkiG9w0BAQUFADBEMRQwEgYDVQQKDAtF"); + out.println("WEFNUExFLUNPTTEYMBYGCgmSJomT8ixkAQEMCHRlc3R1c2VyMRIwEAYDVQQDDAlU"); + out.println("ZXN0IFVzZXIwHhcNMTIwNTE0MTcxNzI3WhcNMTMwNTE0MTcxNzI3WjBEMRQwEgYD"); + out.println("VQQKDAtFWEFNUExFLUNPTTEYMBYGCgmSJomT8ixkAQEMCHRlc3R1c2VyMRIwEAYD"); + out.println("VQQDDAlUZXN0IFVzZXIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKmmiPJp"); + out.println("Agh/gPUAZjfgJ3a8QiHvpMzZ/hZy1FVP3+2sNhCkMv+D/I8Y7AsrbJGxxvD7bTDm"); + out.println("zQYtYx2ryGyOgY7KBRxEj/IrNVHIkJMYq5G/aIU4FAzpc6ntNSwUQBYUAamfK8U6"); + out.println("Wo4Cp6rLePXIDE6sfGn3VX6IeSJ8U2V+vwtzAgMBAAEwDQYJKoZIhvcNAQEFBQAD"); + out.println("gYEAY9bjcD/7Z+oX6gsJtX6Rd79E7X5IBdOdArYzHNE4vjdaQrZw6oCxrY8ffpKC"); + out.println("0T0q5PX9I7er+hx/sQjGPMrJDEN+vFBSNrZE7sTeLRgkyiqGvChSyuG05GtGzXO4"); + out.println("bFBr+Gwk2VF2wJvOhTXU2hN8sfkkd9clzIXuL8WCDhWk1bY="); + out.println("-----END CERTIFICATE-----"); + + CertData before = new CertData(); + before.setSerialNumber(new CertId("12512514865863765114")); + before.setIssuerDN("CN=Test User,UID=testuser,O=EXAMPLE-COM"); + before.setSubjectDN("CN=Test User,UID=testuser,O=EXAMPLE-COM"); + before.setEncoded(sw.toString()); + + String string = before.toString(); + System.out.println(string); + + CertData after = CertData.valueOf(string); + System.out.println(before.equals(after)); + } +} diff --git a/base/common/src/com/netscape/certsrv/cert/CertDataInfo.java b/base/common/src/com/netscape/certsrv/cert/CertDataInfo.java new file mode 100644 index 000000000..969e3e371 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/cert/CertDataInfo.java @@ -0,0 +1,173 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2011 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +/** + * + */ +package com.netscape.certsrv.cert; + +import java.io.StringReader; +import java.io.StringWriter; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; +import javax.xml.bind.annotation.XmlAttribute; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; + +import org.jboss.resteasy.plugins.providers.atom.Link; + +import com.netscape.certsrv.dbs.certdb.CertId; +import com.netscape.certsrv.dbs.certdb.CertIdAdapter; + +/** + * @author alee + * + */ +@XmlRootElement(name = "CertDataInfo") +public class CertDataInfo { + + public static Marshaller marshaller; + public static Unmarshaller unmarshaller; + + static { + try { + JAXBContext context = JAXBContext.newInstance(CertDataInfo.class); + marshaller = context.createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); + unmarshaller = context.createUnmarshaller(); + } catch (Exception e) { + e.printStackTrace(); + } + } + + CertId id; + String subjectDN; + String status; + + Link link; + + @XmlAttribute(name="id") + @XmlJavaTypeAdapter(CertIdAdapter.class) + public CertId getID() { + return id; + } + + public void setID(CertId id) { + this.id = id; + } + + @XmlElement(name="SubjectDN") + public String getSubjectDN() { + return subjectDN; + } + + public void setSubjectDN(String subjectDN) { + this.subjectDN = subjectDN; + } + + @XmlElement(name="Status") + public String getStatus() { + return status; + } + + public void setStatus(String status) { + this.status = status; + } + + @XmlElement(name="Link") + public Link getLink() { + return link; + } + + public void setLink(Link link) { + this.link = link; + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + ((id == null) ? 0 : id.hashCode()); + result = prime * result + ((status == null) ? 0 : status.hashCode()); + result = prime * result + ((subjectDN == null) ? 0 : subjectDN.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + CertDataInfo other = (CertDataInfo) obj; + if (id == null) { + if (other.id != null) + return false; + } else if (!id.equals(other.id)) + return false; + if (status == null) { + if (other.status != null) + return false; + } else if (!status.equals(other.status)) + return false; + if (subjectDN == null) { + if (other.subjectDN != null) + return false; + } else if (!subjectDN.equals(other.subjectDN)) + return false; + return true; + } + + public String toString() { + try { + StringWriter sw = new StringWriter(); + marshaller.marshal(this, sw); + return sw.toString(); + + } catch (Exception e) { + return super.toString(); + } + } + + public static CertDataInfo valueOf(String string) throws Exception { + try { + return (CertDataInfo)unmarshaller.unmarshal(new StringReader(string)); + } catch (Exception e) { + return null; + } + } + + public static void main(String args[]) throws Exception { + + CertDataInfo before = new CertDataInfo(); + before.setID(new CertId("12512514865863765114")); + before.setSubjectDN("CN=Test User,UID=testuser,O=EXAMPLE-COM"); + before.setStatus("VALID"); + + String string = before.toString(); + System.out.println(string); + + CertDataInfo after = CertDataInfo.valueOf(string); + + System.out.println(before.equals(after)); + } +} diff --git a/base/common/src/com/netscape/certsrv/cert/CertDataInfos.java b/base/common/src/com/netscape/certsrv/cert/CertDataInfos.java new file mode 100644 index 000000000..475e90815 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/cert/CertDataInfos.java @@ -0,0 +1,72 @@ +//--- BEGIN COPYRIGHT BLOCK --- +//This program is free software; you can redistribute it and/or modify +//it under the terms of the GNU General Public License as published by +//the Free Software Foundation; version 2 of the License. +// +//This program is distributed in the hope that it will be useful, +//but WITHOUT ANY WARRANTY; without even the implied warranty of +//MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +//GNU General Public License for more details. +// +//You should have received a copy of the GNU General Public License along +//with this program; if not, write to the Free Software Foundation, Inc., +//51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +//(C) 2012 Red Hat, Inc. +//All rights reserved. +//--- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.cert; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +import javax.xml.bind.annotation.XmlElementRef; +import javax.xml.bind.annotation.XmlRootElement; + +import org.jboss.resteasy.plugins.providers.atom.Link; + +@XmlRootElement(name = "CertDataInfos") +public class CertDataInfos { + + protected Collection<CertDataInfo> certInfos = new ArrayList<CertDataInfo>(); + protected List<Link> links = new ArrayList<Link>(); + + /** + * @return the CertInfos + */ + @XmlElementRef + public Collection<CertDataInfo> getCertInfos() { + return certInfos; + } + + /** + * @param certInfos the CertInfos to set + */ + public void setCertInfos(Collection<CertDataInfo> certInfos) { + this.certInfos = certInfos; + } + + /** + * @return the links + */ + @XmlElementRef + public List<Link> getLinks() { + return links; + } + + /** + * @param links the links to set + */ + public void setLinks(List<Link> links) { + this.links = links; + } + + public void addCertData(CertDataInfo certInfo){ + this.certInfos.add(certInfo); + } + + public void addLink(Link link) { + this.links.add(link); + } +} diff --git a/base/common/src/com/netscape/certsrv/cert/CertEnrollmentRequest.java b/base/common/src/com/netscape/certsrv/cert/CertEnrollmentRequest.java new file mode 100644 index 000000000..fefef9a46 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/cert/CertEnrollmentRequest.java @@ -0,0 +1,321 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2011 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +/** + * + */ +package com.netscape.certsrv.cert; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; + +import javax.ws.rs.core.MultivaluedMap; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; + +import com.netscape.certsrv.profile.ProfileInput; +import com.netscape.certsrv.profile.ProfileOutput; + +/** + * @author jmagne + * + */ + +@XmlRootElement(name = "CertEnrollmentRequest") +@XmlAccessorType(XmlAccessType.FIELD) +public class CertEnrollmentRequest { + + private static final String PROFILE_ID = "profileId"; + private static final String RENEWAL = "renewal"; + private static final String SERIAL_NUM = "serial_num"; + + @XmlElement + protected String profileId; + + @XmlElement + protected boolean isRenewal; + + @XmlElement + protected String serialNum; // used for one type of renewal + + @XmlElement + protected String remoteHost; + + @XmlElement + protected String remoteAddr; + + @XmlElement(name = "Input") + protected List<ProfileInput> inputs = new ArrayList<ProfileInput>(); + + @XmlElement(name = "Output") + protected List<ProfileOutput> outputs = new ArrayList<ProfileOutput>(); + + public CertEnrollmentRequest() { + // required for jaxb + } + + public CertEnrollmentRequest(MultivaluedMap<String, String> form) { + profileId = form.getFirst(PROFILE_ID); + String renewalStr = form.getFirst(RENEWAL); + serialNum = form.getFirst(SERIAL_NUM); + isRenewal = new Boolean(renewalStr); + } + + /** + * @return the profileId + */ + public String getProfileId() { + return profileId; + } + + /** + * @param profileId the profileId to set + */ + + public void setProfileId(String profileId) { + this.profileId = profileId; + } + + /** + * @return renewal + */ + + public boolean getIsRenewal() { + return isRenewal; + } + + public void addInput(ProfileInput input) { + ProfileInput curInput = getInput(input.getInputId()); + if (curInput != null) { + getInputs().remove(curInput); + } + getInputs().add(input); + } + + public void deleteInput(ProfileInput input) { + ProfileInput curInput = getInput(input.getInputId()); + if (curInput != null) { + getInputs().remove(curInput); + } + } + + public ProfileInput createInput(String name) { + + ProfileInput oldInput = getInput(name); + + if (oldInput != null) + return oldInput; + + ProfileInput newInput = new ProfileInput(); + newInput.setInputId(name); + + getInputs().add(newInput); + + return newInput; + } + + public ProfileInput getInput(String name) { + + ProfileInput input = null; + + Iterator<ProfileInput> it = getInputs().iterator(); + + ProfileInput curInput = null; + while (it.hasNext()) { + curInput = it.next(); + if (curInput != null && curInput.getInputId().equals(name)) + break; + } + + return input; + } + + public void addOutput(ProfileOutput output) { + ProfileOutput curOutput = getOutput(output.getOutputId()); + if (curOutput != null) { + getOutputs().remove(curOutput); + } + getOutputs().add(output); + } + + public void deleteOutput(ProfileOutput output) { + ProfileOutput curOutput = getOutput(output.getOutputId()); + if (curOutput != null) { + getInputs().remove(curOutput); + } + } + + public ProfileOutput getOutput(String name) { + ProfileOutput output = null; + ProfileOutput curOutput = null; + + Iterator<ProfileOutput> it = getOutputs().iterator(); + while (it.hasNext()) { + curOutput = it.next(); + if (curOutput != null && curOutput.getOutputId().equals(name)) + break; + } + + return output; + } + + /** + * @param renewal the renewal to set + */ + public void setIsRenewal(boolean isRenewal) { + this.isRenewal = isRenewal; + } + + public HashMap<String, String> toParams() { + HashMap<String, String> ret = new HashMap<String, String>(); + ret.put("isRenewal", Boolean.valueOf(isRenewal).toString()); + if (profileId != null) ret.put(PROFILE_ID, profileId); + if (serialNum != null) ret.put(SERIAL_NUM, serialNum); + if (remoteHost != null) ret.put("remoteHost", remoteHost); + if (remoteAddr != null) ret.put("remoteAddr", remoteAddr); + + for (ProfileInput input: inputs) { + Map<String, String> attrs = input.getAttributes(); + for (Map.Entry<String, String> entry: attrs.entrySet()) { + ret.put(entry.getKey(), entry.getValue()); + } + } + + return ret; + } + + public static void main(String args[]) throws Exception { + CertEnrollmentRequest data = new CertEnrollmentRequest(); + data.setProfileId("caUserCert"); + data.setIsRenewal(false); + + //Simulate a "caUserCert" Profile enrollment + + ProfileInput certReq = data.createInput("KeyGenInput"); + certReq.setInputAttr("cert_request_type", "crmf"); + certReq.setInputAttr( + "cert_request", + "MIIBozCCAZ8wggEFAgQBMQp8MIHHgAECpQ4wDDEKMAgGA1UEAxMBeKaBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2NgaPHp0jiohcP4M+ufrJOZEqH8GV+liu5JLbT8nWpkfhC+8EUBqT6g+n3qroSxIcNVGNdcsBEqs1utvpItzyslAbpdyat3WwQep1dWMzo6RHrPDuIoxNA0Yka1n3qEX4U//08cLQtUv2bYglYgN/hOCNQemLV6vZWAv0n7zelkCAwEAAakQMA4GA1UdDwEB/wQEAwIF4DAzMBUGCSsGAQUFBwUBAQwIcmVnVG9rZW4wGgYJKwYBBQUHBQECDA1hdXRoZW50aWNhdG9yoYGTMA0GCSqGSIb3DQEBBQUAA4GBAJ1VOQcaSEhdHa94s8kifVbSZ2WZeYE5//qxL6wVlEst20vq4ybj13CetnbN3+WT49Zkwp7Fg+6lALKgSk47suTg3EbbQDm+8yOrC0nc/q4PTRoHl0alMmUxIhirYc1t3xoCMqJewmjX1bNP8lpVIZAYFZo4eZCpZaiSkM5BeHhz"); + + ProfileInput subjectName = data.createInput("SubjectNameInput"); + subjectName.setInputAttr("sn_uid", "jmagne"); + subjectName.setInputAttr("sn_e", "jmagne@redhat.com"); + subjectName.setInputAttr("sn_c", "US"); + subjectName.setInputAttr("sn_ou", "Development"); + subjectName.setInputAttr("sn_ou1", "IPA"); + subjectName.setInputAttr("sn_ou2", "Dogtag"); + subjectName.setInputAttr("sn_ou3", "CA"); + subjectName.setInputAttr("sn_cn", "Common"); + subjectName.setInputAttr("sn_o", "RedHat"); + + ProfileInput submitter = data.createInput("SubmitterInfoInput"); + submitter.setInputAttr("requestor_name", "admin"); + submitter.setInputAttr("requestor_email", "admin@redhat.com"); + submitter.setInputAttr("requestor_phone", "650-555-5555"); + + try { + JAXBContext context = JAXBContext.newInstance(CertEnrollmentRequest.class); + Marshaller marshaller = context.createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); + + ByteArrayOutputStream stream = new ByteArrayOutputStream(); + + marshaller.marshal(data, stream); + + System.out.println("Originally marshalled enrollment object. \n"); + + System.out.println(stream.toString()); + + //Try to unmarshall + + Unmarshaller unmarshaller = context.createUnmarshaller(); + + ByteArrayInputStream bais = new ByteArrayInputStream(stream.toByteArray()); + Object unmarshalled = unmarshaller.unmarshal(bais); + + //Try re-marshalling, unmarshalled object to compare + + stream.reset(); + + marshaller.marshal(unmarshalled, stream); + + System.out.println("Remarshalled unmarshalled enrollment object. \n"); + + System.out.println(stream.toString()); + + } catch (JAXBException e) { + System.out.println(e.toString()); + } + } + + public String getSerialNum() { + return serialNum; + } + + public void setSerialNum(String serialNum) { + this.serialNum = serialNum; + } + + public List<ProfileInput> getInputs() { + return inputs; + } + + public void setInputs(List<ProfileInput> inputs) { + this.inputs = inputs; + } + + public String getRemoteAddr() { + return remoteAddr; + } + + public void setRemoteAddr(String remoteAddr) { + this.remoteAddr = remoteAddr; + } + + public String getRemoteHost() { + return remoteHost; + } + + public void setRemoteHost(String remoteHost) { + this.remoteHost = remoteHost; + } + + public List<ProfileOutput> getOutputs() { + return outputs; + } + + public void setOutputs(List<ProfileOutput> outputs) { + this.outputs = outputs; + } + + public void setRenewal(boolean isRenewal) { + this.isRenewal = isRenewal; + } + +} diff --git a/base/common/src/com/netscape/certsrv/cert/CertNotFoundException.java b/base/common/src/com/netscape/certsrv/cert/CertNotFoundException.java new file mode 100644 index 000000000..ce0962a84 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/cert/CertNotFoundException.java @@ -0,0 +1,63 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.cert; + +import javax.ws.rs.core.Response; + +import com.netscape.certsrv.base.PKIException; +import com.netscape.certsrv.dbs.certdb.CertId; + +public class CertNotFoundException extends PKIException { + + private static final long serialVersionUID = -4784839378360933483L; + + public CertId certId; + + public CertNotFoundException(CertId certId) { + this(certId, "Certificate ID " + certId.toHexString() + " not found"); + } + + public CertNotFoundException(CertId certId, String message) { + super(Response.Status.NOT_FOUND, message); + this.certId = certId; + } + + public CertNotFoundException(CertId certId, String message, Throwable cause) { + super(Response.Status.NOT_FOUND, message, cause); + this.certId = certId; + } + + public CertNotFoundException(Data data) { + super(data); + certId = new CertId(data.getAttribute("certId")); + } + + public Data getData() { + Data data = super.getData(); + data.setAttribute("certId", certId.toString()); + return data; + } + + public CertId getCertId() { + return certId; + } + + public void setRequestId(CertId certId) { + this.certId = certId; + } +} diff --git a/base/common/src/com/netscape/certsrv/cert/CertRequestInfo.java b/base/common/src/com/netscape/certsrv/cert/CertRequestInfo.java new file mode 100644 index 000000000..d11e94543 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/cert/CertRequestInfo.java @@ -0,0 +1,85 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2011 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +package com.netscape.certsrv.cert; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; + +import com.netscape.certsrv.dbs.certdb.CertId; +import com.netscape.certsrv.request.CMSRequestInfo; + +@XmlRootElement(name = "CertRequestInfo") +@XmlAccessorType(XmlAccessType.FIELD) +public class CertRequestInfo extends CMSRequestInfo { + + public static final String REQ_COMPLETE = "complete"; + + @XmlElement + protected String certURL; + + @XmlElement + protected String certRequestType; + + public CertRequestInfo() { + // required to be here for JAXB (defaults) + } + + /** + * @param certRequestType to set + */ + + public void setCertRequestType(String certRequestType) { + this.certRequestType = certRequestType; + } + + /** + * @return the certRequestType + */ + + public String getCertRequestType() { + return certRequestType; + } + + /** + * @set the certURL + */ + public void setCertURL(String certURL) { + this.certURL = certURL; + } + + /** + * @return the certURL + */ + public String getCertURL() { + return certURL; + } + + /** + * @return the certId + */ + + public CertId getCertId() { + if (certURL == null) return null; + String id = certURL.substring(certURL.lastIndexOf("/") + 1); + return new CertId(id); + } + +} diff --git a/base/common/src/com/netscape/certsrv/cert/CertRequestInfos.java b/base/common/src/com/netscape/certsrv/cert/CertRequestInfos.java new file mode 100644 index 000000000..028bff583 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/cert/CertRequestInfos.java @@ -0,0 +1,89 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2011 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.cert; + +import java.util.Collection; +import java.util.List; + +import javax.xml.bind.annotation.XmlElementRef; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlTransient; + +import com.netscape.certsrv.base.Link; + +@XmlRootElement(name = "CertRequestInfos") +public class CertRequestInfos { + protected Collection<CertRequestInfo> requests; + protected List<Link> links; + + /** + * @return the requests + */ + @XmlElementRef + public Collection<CertRequestInfo> getRequests() { + return requests; + } + + /** + * @param requests the requests to set + */ + public void setRequests(Collection<CertRequestInfo> requests) { + this.requests = requests; + } + + /** + * @return the links + */ + @XmlElementRef + public List<Link> getLinks() { + return links; + } + + /** + * @param links the links to set + */ + public void setLinks(List<Link> links) { + this.links = links; + } + + @XmlTransient + public String getNext() { + if (links == null) { + return null; + } + for (Link link : links) { + if ("next".equals(link.getRelationship())) { + return link.getHref(); + } + } + return null; + } + + @XmlTransient + public String getPrevious() { + if (links == null) { + return null; + } + for (Link link : links) { + if ("previous".equals(link.getRelationship())) { + return link.getHref(); + } + } + return null; + } +} diff --git a/base/common/src/com/netscape/certsrv/cert/CertRequestResource.java b/base/common/src/com/netscape/certsrv/cert/CertRequestResource.java new file mode 100644 index 000000000..1a186f627 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/cert/CertRequestResource.java @@ -0,0 +1,114 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.cert; + +import javax.ws.rs.Consumes; +import javax.ws.rs.DefaultValue; +import javax.ws.rs.GET; +import javax.ws.rs.POST; +import javax.ws.rs.Path; +import javax.ws.rs.PathParam; +import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.MultivaluedMap; + +import com.netscape.certsrv.request.RequestId; + +@Path("") +public interface CertRequestResource { + + public static final int DEFAULT_START = 0; + public static final int DEFAULT_PAGESIZE = 20; + public static final int DEFAULT_MAXRESULTS = 100; + public static final int DEFAULT_MAXTIME = 10; + + /** + * Used to generate list of cert requests based on the search parameters + */ + @GET + @Path("agent/certrequests") + @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public CertRequestInfos listRequests(@QueryParam("requestState") String requestState, + @QueryParam("requestType") String requestType, + @DefaultValue("" + DEFAULT_START) @QueryParam("start") RequestId start, + @DefaultValue("" + DEFAULT_PAGESIZE) @QueryParam("pageSize") int pageSize, + @DefaultValue("" + DEFAULT_MAXRESULTS) @QueryParam("maxResults") int maxResults, + @DefaultValue("" + DEFAULT_MAXTIME) @QueryParam("maxTime") int maxTime); + + /** + * Used to retrieve cert request info for a specific request + */ + @GET + @Path("certrequests/{id}") + @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public CertRequestInfo getRequestInfo(@PathParam("id") RequestId id); + + @GET + @Path("agent/certrequests/{id}") + @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public CertReviewResponse reviewRequest(@PathParam("id") RequestId id); + + // Enrollment - used to test integration with a browser + @POST + @Path("certrequests") + @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + @Consumes({ MediaType.APPLICATION_FORM_URLENCODED }) + public CertRequestInfos enrollCert(MultivaluedMap<String, String> form); + + @POST + @Path("certrequests") + @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public CertRequestInfos enrollCert(CertEnrollmentRequest data); + + @POST + @Path("agent/certrequests/{id}/approve") + @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public void approveRequest(@PathParam("id") RequestId id, CertReviewResponse data); + + @POST + @Path("agent/certrequests/{id}/reject") + @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public void rejectRequest(@PathParam("id") RequestId id, CertReviewResponse data); + + @POST + @Path("agent/certrequests/{id}/cancel") + @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public void cancelRequest(@PathParam("id") RequestId id, CertReviewResponse data); + + @POST + @Path("agent/certrequests/{id}/update") + @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public void updateRequest(@PathParam("id") RequestId id, CertReviewResponse data); + + @POST + @Path("agent/certrequests/{id}/validate") + @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public void validateRequest(@PathParam("id") RequestId id, CertReviewResponse data); + + @POST + @Path("agent/certrequests/{id}/unassign") + @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public void unassignRequest(@PathParam("id") RequestId id, CertReviewResponse data); + + @POST + @Path("agent/certrequests/{id}/assign") + @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public void assignRequest(@PathParam("id") RequestId id, CertReviewResponse data); +} diff --git a/base/common/src/com/netscape/certsrv/cert/CertResource.java b/base/common/src/com/netscape/certsrv/cert/CertResource.java new file mode 100644 index 000000000..1d5958824 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/cert/CertResource.java @@ -0,0 +1,60 @@ +package com.netscape.certsrv.cert; + +import javax.ws.rs.Consumes; +import javax.ws.rs.DefaultValue; +import javax.ws.rs.GET; +import javax.ws.rs.POST; +import javax.ws.rs.Path; +import javax.ws.rs.PathParam; +import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; +import javax.ws.rs.core.MediaType; + +import com.netscape.certsrv.dbs.certdb.CertId; + +@Path("") +public interface CertResource { + + public static final int DEFAULT_MAXTIME = 0; + public static final int DEFAULT_MAXRESULTS = 20; + + @GET + @Path("certs") + @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public CertDataInfos listCerts( + @QueryParam("status") String status, + @DefaultValue("" + DEFAULT_MAXRESULTS) @QueryParam("maxResults") int maxResults, + @DefaultValue("" + DEFAULT_MAXTIME) @QueryParam("maxTime") int maxTime); + + @POST + @Path("certs/search") + @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public CertDataInfos searchCerts( + CertSearchRequest data, + @QueryParam("start") Integer start, + @QueryParam("size") Integer size); + + @GET + @Path("certs/{id}") + @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public CertData getCert(@PathParam("id") CertId id); + + @POST + @Path("agent/certs/{id}/revoke-ca") + @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public CertRequestInfo revokeCACert(@PathParam("id") CertId id, CertRevokeRequest request); + + @POST + @Path("agent/certs/{id}/revoke") + @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public CertRequestInfo revokeCert(@PathParam("id") CertId id, CertRevokeRequest request); + + @POST + @Path("agent/certs/{id}/unrevoke") + @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public CertRequestInfo unrevokeCert(@PathParam("id") CertId id, CertUnrevokeRequest request); +} diff --git a/base/common/src/com/netscape/certsrv/cert/CertRetrievalRequest.java b/base/common/src/com/netscape/certsrv/cert/CertRetrievalRequest.java new file mode 100644 index 000000000..ac8ea079a --- /dev/null +++ b/base/common/src/com/netscape/certsrv/cert/CertRetrievalRequest.java @@ -0,0 +1,78 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2011 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +/** + * + */ +package com.netscape.certsrv.cert; + +import javax.ws.rs.core.MultivaluedMap; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; + +import com.netscape.certsrv.dbs.certdb.CertId; +import com.netscape.certsrv.dbs.certdb.CertIdAdapter; +import com.netscape.certsrv.request.RequestId; +import com.netscape.certsrv.request.RequestIdAdapter; + +/** + * @author alee + * + */ +@XmlRootElement(name = "CertRetrievalRequest") +@XmlAccessorType(XmlAccessType.FIELD) +public class CertRetrievalRequest { + + private static final String CERT_ID = "certId"; + + @XmlElement + @XmlJavaTypeAdapter(CertIdAdapter.class) + protected CertId certId; + + @XmlElement + @XmlJavaTypeAdapter(RequestIdAdapter.class) + protected RequestId requestId; + + public CertRetrievalRequest() { + // required for JAXB (defaults) + } + + public CertRetrievalRequest(MultivaluedMap<String, String> form) { + if (form.containsKey(CERT_ID)) { + certId = new CertId(form.getFirst(CERT_ID)); + } + } + + /** + * @return the CertId + */ + public CertId getCertId() { + return certId; + } + + /** + * @param CertId the CertId to set + */ + public void setCertId(CertId certId) { + this.certId = certId; + } + +} diff --git a/base/common/src/com/netscape/certsrv/cert/CertReviewResponse.java b/base/common/src/com/netscape/certsrv/cert/CertReviewResponse.java new file mode 100644 index 000000000..776c90567 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/cert/CertReviewResponse.java @@ -0,0 +1,252 @@ +//--- BEGIN COPYRIGHT BLOCK --- +//This program is free software; you can redistribute it and/or modify +//it under the terms of the GNU General Public License as published by +//the Free Software Foundation; version 2 of the License. +// +//This program is distributed in the hope that it will be useful, +//but WITHOUT ANY WARRANTY; without even the implied warranty of +//MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +//GNU General Public License for more details. +// +//You should have received a copy of the GNU General Public License along +//with this program; if not, write to the Free Software Foundation, Inc., +//51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +//(C) 2012 Red Hat, Inc. +//All rights reserved. +//--- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.cert; + +import java.io.ByteArrayOutputStream; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.Marshaller; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; + +import com.netscape.certsrv.profile.PolicyDefault; +import com.netscape.certsrv.profile.ProfileAttribute; +import com.netscape.certsrv.profile.ProfilePolicy; +import com.netscape.certsrv.profile.ProfilePolicySet; +import com.netscape.certsrv.request.RequestId; +import com.netscape.certsrv.request.RequestIdAdapter; + +@XmlRootElement +@XmlAccessorType(XmlAccessType.FIELD) +public class CertReviewResponse extends CertEnrollmentRequest { + + @XmlElement(name="ProfilePolicySet") + protected List<ProfilePolicySet> policySets = new ArrayList<ProfilePolicySet>(); + + protected String nonce; + + @XmlElement + @XmlJavaTypeAdapter(RequestIdAdapter.class) + protected RequestId requestId; + + protected String requestType; + + protected String requestStatus; + + protected String requestOwner; + + protected String requestCreationTime; + + protected String requestModificationTime; + + protected String requestNotes; + + protected String profileApprovedBy; + + protected String profileSetId; + + protected String profileIsVisible; + + protected String profileName; + + protected String profileDescription; + + protected String profileRemoteHost; + + protected String profileRemoteAddr; + + public String getNonce() { + return nonce; + } + + public void setNonce(String nonce) { + this.nonce = nonce; + } + + public RequestId getRequestId() { + return requestId; + } + + public void setRequestId(RequestId requestId) { + this.requestId = requestId; + } + + public String getRequestType() { + return requestType; + } + + public void setRequestType(String requestType) { + this.requestType = requestType; + } + + public String getRequestStatus() { + return requestStatus; + } + + public void setRequestStatus(String requestStatus) { + this.requestStatus = requestStatus; + } + + public String getRequestOwner() { + return requestOwner; + } + + public void setRequestOwner(String requestOwner) { + this.requestOwner = requestOwner; + } + + public String getRequestCreationTime() { + return requestCreationTime; + } + + public void setRequestCreationTime(String requestCreationTime) { + this.requestCreationTime = requestCreationTime; + } + + public String getRequestModificationTime() { + return requestModificationTime; + } + + public void setRequestModificationTime(String requestModificationTime) { + this.requestModificationTime = requestModificationTime; + } + + public String getRequestNotes() { + return requestNotes; + } + + public void setRequestNotes(String requestNotes) { + this.requestNotes = requestNotes; + } + + public String getProfileApprovedBy() { + return profileApprovedBy; + } + + public void setProfileApprovedBy(String profileApprovedBy) { + this.profileApprovedBy = profileApprovedBy; + } + + public String getProfileSetId() { + return profileSetId; + } + + public void setProfileSetId(String profileSetId) { + this.profileSetId = profileSetId; + } + + public String getProfileIsVisible() { + return profileIsVisible; + } + + public void setProfileIsVisible(String profileIsVisible) { + this.profileIsVisible = profileIsVisible; + } + + public String getProfileName() { + return profileName; + } + + public void setProfileName(String profileName) { + this.profileName = profileName; + } + + public String getProfileDescription() { + return profileDescription; + } + + public void setProfileDescription(String profileDescription) { + this.profileDescription = profileDescription; + } + + public String getProfileRemoteHost() { + return profileRemoteHost; + } + + public void setProfileRemoteHost(String profileRemoteHost) { + this.profileRemoteHost = profileRemoteHost; + } + + public String getProfileRemoteAddr() { + return profileRemoteAddr; + } + + public void setProfileRemoteAddr(String profileRemoteAddr) { + this.profileRemoteAddr = profileRemoteAddr; + } + + public String toString() { + try { + JAXBContext context = JAXBContext.newInstance(CertReviewResponse.class); + Marshaller marshaller = context.createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); + + ByteArrayOutputStream stream = new ByteArrayOutputStream(); + + marshaller.marshal(this, stream); + return stream.toString(); + } catch (Exception e) { + e.printStackTrace(); + } + return null; + } + + public List<ProfilePolicySet> getPolicySets() { + return policySets; + } + + public void setPolicySets(List<ProfilePolicySet> policySets) { + this.policySets = policySets; + } + + public void addProfilePolicySet(ProfilePolicySet policySet) { + policySets.add(policySet); + } + + public void removeProfilePolicySet(ProfilePolicySet policySet) { + policySets.remove(policySet); + } + + @Override + public HashMap<String,String> toParams() { + HashMap<String,String> ret = super.toParams(); + + if (requestId != null) ret.put("requestId", requestId.toString()); + if (requestNotes != null) ret.put("requestNotes", requestNotes); + if (nonce != null) ret.put("nonces", nonce); + if (requestType != null) ret.put("requestType", requestType); + + for (ProfilePolicySet policySet: policySets) { + for (ProfilePolicy policy: policySet.getPolicies()) { + PolicyDefault def = policy.getDef(); + List<ProfileAttribute> attrs = def.getAttributes(); + for (ProfileAttribute attr: attrs) { + ret.put(attr.getName(), attr.getValue()); + } + } + } + return ret; + } + +} diff --git a/base/common/src/com/netscape/certsrv/cert/CertRevokeRequest.java b/base/common/src/com/netscape/certsrv/cert/CertRevokeRequest.java new file mode 100644 index 000000000..7b86286ce --- /dev/null +++ b/base/common/src/com/netscape/certsrv/cert/CertRevokeRequest.java @@ -0,0 +1,205 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2012 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +package com.netscape.certsrv.cert; + +import java.io.StringReader; +import java.io.StringWriter; +import java.util.Date; + +import javax.ws.rs.FormParam; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; + +import netscape.security.x509.RevocationReason; +import netscape.security.x509.RevocationReasonAdapter; + +import com.netscape.certsrv.request.IRequest; +import com.netscape.certsrv.request.RequestId; +import com.netscape.certsrv.request.RequestIdAdapter; +import com.netscape.certsrv.util.DateAdapter; + +/** + * @author Endi S. Dewata + */ +@XmlRootElement(name="CertRevokeRequest") +public class CertRevokeRequest { + + public static Marshaller marshaller; + public static Unmarshaller unmarshaller; + + static { + try { + JAXBContext context = JAXBContext.newInstance(CertRevokeRequest.class); + marshaller = context.createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); + unmarshaller = context.createUnmarshaller(); + } catch (Exception e) { + e.printStackTrace(); + } + } + + RequestId requestID; + RevocationReason reason; + Date invalidityDate; + String comments; + String encoded; + + + @XmlElement(name="RequestID") + @FormParam("requestId") + @XmlJavaTypeAdapter(RequestIdAdapter.class) + public RequestId getRequestID() { + return requestID; + } + + public void setRequestID(RequestId requestID) { + this.requestID = requestID; + } + + @XmlElement(name="Reason") + @FormParam("revocationReason") + @XmlJavaTypeAdapter(RevocationReasonAdapter.class) + public RevocationReason getReason() { + return reason; + } + + public void setReason(RevocationReason reason) { + this.reason = reason; + } + + @XmlElement(name="InvalidityDate") + @FormParam("invalidityDate") + @XmlJavaTypeAdapter(DateAdapter.class) + public Date getInvalidityDate() { + return invalidityDate; + } + + public void setInvalidityDate(Date invalidityDate) { + this.invalidityDate = invalidityDate; + } + + @XmlElement(name="Comments") + @FormParam(IRequest.REQUESTOR_COMMENTS) + public String getComments() { + return comments; + } + + public void setComments(String comments) { + this.comments = comments; + } + + @XmlElement(name="Encoded") + @FormParam("b64eCertificate") + public String getEncoded() { + return encoded; + } + + public void setEncoded(String encoded) { + this.encoded = encoded; + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + ((comments == null) ? 0 : comments.hashCode()); + result = prime * result + ((encoded == null) ? 0 : encoded.hashCode()); + result = prime * result + ((invalidityDate == null) ? 0 : invalidityDate.hashCode()); + result = prime * result + ((reason == null) ? 0 : reason.hashCode()); + result = prime * result + ((requestID == null) ? 0 : requestID.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + CertRevokeRequest other = (CertRevokeRequest) obj; + if (comments == null) { + if (other.comments != null) + return false; + } else if (!comments.equals(other.comments)) + return false; + if (encoded == null) { + if (other.encoded != null) + return false; + } else if (!encoded.equals(other.encoded)) + return false; + if (invalidityDate == null) { + if (other.invalidityDate != null) + return false; + } else if (!invalidityDate.equals(other.invalidityDate)) + return false; + if (reason == null) { + if (other.reason != null) + return false; + } else if (!reason.equals(other.reason)) + return false; + if (requestID == null) { + if (other.requestID != null) + return false; + } else if (!requestID.equals(other.requestID)) + return false; + return true; + } + + public String toString() { + try { + StringWriter sw = new StringWriter(); + marshaller.marshal(this, sw); + return sw.toString(); + + } catch (Exception e) { + return super.toString(); + } + } + + public static CertRevokeRequest valueOf(String string) throws Exception { + try { + return (CertRevokeRequest)unmarshaller.unmarshal(new StringReader(string)); + } catch (Exception e) { + return null; + } + } + + public static void main(String args[]) throws Exception { + + CertRevokeRequest before = new CertRevokeRequest(); + before.setRequestID(new RequestId("42323234")); + before.setReason(RevocationReason.CERTIFICATE_HOLD); + before.setInvalidityDate(new Date()); + before.setComments("test"); + before.setEncoded("test"); + + String string = before.toString(); + System.out.println(string); + + CertRevokeRequest after = CertRevokeRequest.valueOf(string); + + System.out.println(before.equals(after)); + } +} diff --git a/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java b/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java new file mode 100644 index 000000000..5ae8596ba --- /dev/null +++ b/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java @@ -0,0 +1,862 @@ +//--- BEGIN COPYRIGHT BLOCK --- +//This program is free software; you can redistribute it and/or modify +//it under the terms of the GNU General Public License as published by +//the Free Software Foundation; version 2 of the License. +// +//This program is distributed in the hope that it will be useful, +//but WITHOUT ANY WARRANTY; without even the implied warranty of +//MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +//GNU General Public License for more details. +// +//You should have received a copy of the GNU General Public License along +//with this program; if not, write to the Free Software Foundation, Inc., +//51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +//(C) 2011 Red Hat, Inc. +//All rights reserved. +//--- END COPYRIGHT BLOCK --- + +// TODO: This class is brute force. Come up with a way to divide these search filter entities into +// smaller classes +package com.netscape.certsrv.cert; + +import java.io.Reader; +import java.util.Calendar; +import java.util.StringTokenizer; + +import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.core.MultivaluedMap; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; + +import com.netscape.cmsutil.ldap.LDAPUtil; + +/** + * @author jmagne + * + */ +@XmlRootElement(name = "CertSearchRequest") +@XmlAccessorType(XmlAccessType.FIELD) +public class CertSearchRequest { + + private final static String MATCH_EXACTLY = "exact"; + //Serial Number + @XmlElement + protected boolean serialNumberRangeInUse; + + @XmlElement + protected String serialTo; + + @XmlElement + protected String serialFrom; + + //Subject Name + @XmlElement + protected boolean subjectInUse; + + @XmlElement + protected String eMail; + + @XmlElement + protected String commonName; + + @XmlElement + protected String userID; + + @XmlElement + protected String orgUnit; + + @XmlElement + protected String org; + + @XmlElement + protected String locality; + + @XmlElement + protected String state; + + @XmlElement + protected String country; + + @XmlElement + protected boolean matchExactly; + + //Revoked By + + @XmlElement + protected String revokedBy; + + //Revoked On + + @XmlElement + protected String revokedOnFrom; + + @XmlElement + protected String revokedOnTo; + + //Revocation Reason + + @XmlElement + protected String revocationReason; + + //Issued By + + @XmlElement + protected String issuedBy; + + //Issued On + + @XmlElement + protected String issuedOnFrom; + + @XmlElement + protected String issuedOnTo; + + //Valid Not Before + + @XmlElement + protected String validNotBeforeFrom; + + @XmlElement + protected String validNotBeforeTo; + + //Valid Not After + + @XmlElement + protected String validNotAfterFrom; + + @XmlElement + protected String validNotAfterTo; + + //Validity Length + + @XmlElement + protected String validityOperation; + + @XmlElement + protected String validityCount; + + @XmlElement + protected String validityUnit; + + // Cert Type + + @XmlElement + protected String certTypeSubEmailCA; + + @XmlElement + protected String certTypeSubSSLCA; + + @XmlElement + protected String certTypeSecureEmail; + + @XmlElement + protected String certTypeSSLClient; + + @XmlElement + protected String certTypeSSLServer; + + //Revoked By + @XmlElement + protected boolean revokedByInUse; + + //Revoked On + @XmlElement + protected boolean revokedOnInUse; + + @XmlElement + protected boolean revocationReasonInUse; + + @XmlElement + protected boolean issuedByInUse; + + @XmlElement + protected boolean issuedOnInUse; + + @XmlElement + protected boolean validNotBeforeInUse; + + @XmlElement + protected boolean validNotAfterInUse; + + @XmlElement + protected boolean validityLengthInUse; + + @XmlElement + protected boolean certTypeInUse; + + //Boolean values + public boolean getSerialNumberRangeInUse() { + return serialNumberRangeInUse; + } + + public void setSerialNumberRangeInUse(boolean serialNumberRangeInUse) { + this.serialNumberRangeInUse = serialNumberRangeInUse; + } + + public boolean getSubjectInUse() { + return subjectInUse; + } + + public void setSubjectInUse(boolean subjectInUse) { + this.subjectInUse = subjectInUse; + } + + public boolean getRevokedByInUse() { + return revokedByInUse; + } + + public void setRevokedByInUse(boolean revokedByInUse) { + this.revokedByInUse = revokedByInUse; + } + + public boolean getRevokedOnInUse() { + return revokedOnInUse; + } + + public void setRevokedOnInUse(boolean revokedOnInUse) { + this.revokedOnInUse = revokedOnInUse; + } + + public void setRevocationReasonInUse(boolean revocationReasonInUse) { + this.revocationReasonInUse = revocationReasonInUse; + } + + public boolean getRevocationReasonInUse() { + return revocationReasonInUse; + } + + public void setIssuedByInUse(boolean issuedByInUse) { + this.issuedByInUse = issuedByInUse; + } + + public boolean getIssuedByInUse() { + return issuedByInUse; + } + + public void setIssuedOnInUse(boolean issuedOnInUse) { + this.issuedOnInUse = issuedOnInUse; + } + + public boolean getIssuedOnInUse() { + return issuedOnInUse; + } + + public void setValidNotBeforeInUse(boolean validNotBeforeInUse) { + this.validNotBeforeInUse = validNotBeforeInUse; + } + + public boolean getValidNotBeforeInUse() { + return validNotBeforeInUse; + } + + public void setValidNotAfterInUse(boolean validNotAfterInUse) { + this.validNotAfterInUse = validNotAfterInUse; + } + + public boolean getValidNotAfterInUse() { + return validNotAfterInUse; + } + + public void setValidityLengthInUse(boolean validityLengthInUse) { + this.validityLengthInUse = validityLengthInUse; + } + + public boolean getValidityLengthInUse() { + return validityLengthInUse; + } + + public void setCertTypeInUse(boolean certTypeInUse) { + this.certTypeInUse = certTypeInUse; + } + + public boolean getCertTypeInUse() { + return certTypeInUse; + } + + //Actual Values + + public String getSerialTo() { + return serialTo; + } + + public void setSerialTo(String serialTo) { + this.serialTo = serialTo; + } + + public String getSerialFrom() { + return serialFrom; + } + + public void setSerialFrom(String serialFrom) { + this.serialFrom = serialFrom; + } + + //Subject Name + + public String getEmail() { + return eMail; + } + + public void setEmail(String email) { + this.eMail = email; + } + + public String getCommonName() { + return commonName; + } + + public void setCommonName(String commonName) { + this.commonName = commonName; + } + + public String getUserID() { + return userID; + } + + public void setUserID(String userID) { + this.userID = userID; + } + + public String getOrgUnit() { + return orgUnit; + } + + public void setOrgUnit(String orgUnit) { + this.orgUnit = orgUnit; + } + + public String getOrg() { + return org; + } + + public void setOrg(String org) { + this.org = org; + } + + public String getLocality() { + return locality; + } + + public void setLocality(String locality) { + this.locality = locality; + } + + public String getState() { + return state; + } + + public void setState(String state) { + this.state = state; + } + + public String getCountry() { + return country; + } + + public void setCountry(String country) { + this.country = country; + } + + public boolean getMatchExactly() { + return matchExactly; + } + + public void setMatchExactly(boolean matchExactly) { + this.matchExactly = matchExactly; + } + + //Revoked On + + public String getRevokedOnTo() { + return revokedOnTo; + } + + public void setRevokedOnTo(String revokedOnTo) { + this.revokedOnTo = revokedOnTo; + } + + public String getRevokedOnFrom() { + return revokedOnFrom; + } + + public void setRevokedOnFrom(String revokedOnFrom) { + this.revokedOnFrom = revokedOnFrom; + } + + //Revoked By + + public String getRevokedBy() { + return revokedBy; + } + + public void setRevokedBy(String revokedBy) { + this.revokedBy = revokedBy; + } + + //Revocation Reason + + public String getRevocationReason() { + return revocationReason; + } + + public void setRevocationReason(String revocationReason) { + this.revocationReason = revocationReason; + } + + //Issued By + + public String getIssuedBy() { + return issuedBy; + } + + public void setIssuedBy(String issuedBy) { + this.issuedBy = issuedBy; + } + + //Issued On + + public String getIssuedOnFrom() { + return issuedOnFrom; + } + + public void setIssuedOnFrom(String issuedOnFrom) { + this.issuedOnFrom = issuedOnFrom; + } + + public String getIssuedOnTo() { + return getIssuedOnTo(); + } + + //Valid Not After + + public String getValidNotAfterFrom() { + return validNotAfterFrom; + } + + public void setValidNotAfterFrom(String validNotAfterFrom) { + this.validNotAfterFrom = validNotAfterFrom; + } + + public String getValidNotAfterTo() { + return validNotAfterTo; + } + + public void setValidNotAfterTo(String validNotAfterTo) { + this.validNotAfterTo = validNotAfterTo; + } + + //Valid Not Before + + public String getValidNotBeforeFrom() { + return validNotBeforeFrom; + } + + public void setValidNotBeforeFrom(String validNotBeforeFrom) { + this.validNotBeforeFrom = validNotBeforeFrom; + } + + public String getValidNotBeforeTo() { + return validNotBeforeTo; + } + + public void setValidNotBeforeTo(String validNotBeforeTo) { + this.validNotBeforeTo = validNotBeforeTo; + } + + //Validity Length + + public String getValidityOperation() { + return validityOperation; + } + + public void setValidityOperation(String validityOperation) { + this.validityOperation = validityOperation; + } + + public String getValidityUnit() { + return validityUnit; + } + + public void setValidityUnit(String validityUnit) { + this.validityUnit = validityUnit; + } + + public String getValidityCount() { + return validityCount; + } + + public void setValidityCount(String validityCount) { + this.validityCount = validityCount; + } + + //Cert Type + + public String getCertTypeSubEmailCA() { + return certTypeSubEmailCA; + } + + public void setCertTypeSubEmailCA(String certTypeSubEmailCA) { + this.certTypeSubEmailCA = certTypeSubEmailCA; + } + + public String getCertTypeSubSSLCA() { + return certTypeSubSSLCA; + } + + public void setCertTypeSubSSLCA(String certTypeSubSSLCA) { + this.certTypeSubSSLCA = certTypeSubSSLCA; + } + + public String getCertTypeSecureEmail() { + return certTypeSecureEmail; + } + + public void setCertTypeSecureEmail(String certTypeSecureEmail) { + this.certTypeSecureEmail = certTypeSecureEmail; + } + + public String getCertTypeSSLClient() { + return certTypeSSLClient; + } + + public void setCertTypeSSLClient(String SSLClient) { + this.certTypeSSLClient = SSLClient; + } + + public String getCertTypeSSLServer() { + return certTypeSSLServer; + } + + public void setCertTypeSSLServer(String SSLServer) { + this.certTypeSSLServer = SSLServer; + } + + public CertSearchRequest() { + // required for JAXB (defaults) + } + + public void buildFromServletRequest(HttpServletRequest req) { + //Set values from the servlet request + if (req == null) { + return; + } + } + + public CertSearchRequest(MultivaluedMap<String, String> form) { + } + + public String buildFilter() { + StringBuffer filter = new StringBuffer(); + buildSerialNumberRangeFilter(filter); + buildSubjectFilter(filter); + buildRevokedByFilter(filter); + buildRevokedOnFilter(filter); + buildRevocationReasonFilter(filter); + buildIssuedByFilter(filter); + buildIssuedOnFilter(filter); + buildValidNotBeforeFilter(filter); + buildValidNotAfterFilter(filter); + buildValidityLengthFilter(filter); + buildCertTypeFilter(filter); + + searchFilter = filter.toString(); + + if (searchFilter != null && !searchFilter.equals("")) { + searchFilter = "(&" + searchFilter + ")"; + } + + return searchFilter; + } + + private void buildSerialNumberRangeFilter(StringBuffer filter) { + + if (!getSerialNumberRangeInUse()) { + return; + } + boolean changed = false; + String serialFrom = getSerialFrom(); + if (serialFrom != null && !serialFrom.equals("")) { + filter.append("(certRecordId>=" + LDAPUtil.escapeFilter(serialFrom) + ")"); + changed = true; + } + String serialTo = getSerialTo(); + if (serialTo != null && !serialTo.equals("")) { + filter.append("(certRecordId<=" + LDAPUtil.escapeFilter(serialTo) + ")"); + changed = true; + } + if (!changed) { + filter.append("(certRecordId=*)"); + } + + } + + private void buildSubjectFilter(StringBuffer filter) { + if (!getSubjectInUse()) { + return; + } + StringBuffer lf = new StringBuffer(); + + String matchStr = null; + boolean match = getMatchExactly(); + + if (match == true) { + matchStr = MATCH_EXACTLY; + } + + buildAVAFilter(getEmail(), "E", lf, matchStr); + buildAVAFilter(getCommonName(), "CN", lf, matchStr); + buildAVAFilter(getUserID(), "UID", lf, matchStr); + buildAVAFilter(getOrgUnit(), "OU", lf, matchStr); + buildAVAFilter(getOrg(), "O", lf, matchStr); + buildAVAFilter(getLocality(), "L", lf, matchStr); + buildAVAFilter(getState(), "ST", lf, matchStr); + buildAVAFilter(getCountry(), "C", lf, matchStr); + + if (lf.length() == 0) { + filter.append("(x509cert.subject=*)"); + return; + } + if (matchStr != null && matchStr.equals(MATCH_EXACTLY)) { + filter.append("(&"); + filter.append(lf); + filter.append(")"); + } else { + filter.append("(|"); + filter.append(lf); + filter.append(")"); + } + } + + private void buildRevokedByFilter(StringBuffer filter) { + if (!getRevokedByInUse()) { + return; + } + + String revokedBy = getRevokedBy(); + if (revokedBy == null || revokedBy.equals("")) { + filter.append("(certRevokedBy=*)"); + } else { + filter.append("(certRevokedBy="); + filter.append(LDAPUtil.escapeFilter(revokedBy)); + filter.append(")"); + } + } + + private void buildDateFilter(String prefix, + String outStr, long adjustment, + StringBuffer filter) { + long epoch = 0; + try { + epoch = Long.parseLong(prefix); + } catch (NumberFormatException e) { + // exception safely ignored + } + Calendar from = Calendar.getInstance(); + from.setTimeInMillis(epoch); + filter.append("("); + filter.append(LDAPUtil.escapeFilter(outStr)); + filter.append(Long.toString(from.getTimeInMillis() + adjustment)); + filter.append(")"); + } + + private void buildRevokedOnFilter(StringBuffer filter) { + if (!getRevokedOnInUse()) { + return; + } + buildDateFilter(getRevokedOnFrom(), "certRevokedOn>=", 0, filter); + buildDateFilter(getRevokedOnTo(), "certRevokedOn<=", 86399999, filter); + } + + private void buildRevocationReasonFilter(StringBuffer filter) { + if (!getRevocationReasonInUse()) { + return; + } + String reasons = getRevocationReason(); + if (reasons == null) { + return; + } + String queryCertFilter = null; + StringTokenizer st = new StringTokenizer(reasons, ","); + if (st.hasMoreTokens()) { + filter.append("(|"); + while (st.hasMoreTokens()) { + String token = st.nextToken(); + if (queryCertFilter == null) { + queryCertFilter = ""; + } + filter.append("(x509cert.certRevoInfo="); + filter.append(LDAPUtil.escapeFilter(token)); + filter.append(")"); + } + filter.append(")"); + } + } + + private void buildIssuedByFilter(StringBuffer filter) { + if (!getIssuedByInUse()) { + return; + } + String issuedBy = getIssuedBy(); + ; + if (issuedBy == null || issuedBy.equals("")) { + filter.append("(certIssuedBy=*)"); + } else { + filter.append("(certIssuedBy="); + filter.append(LDAPUtil.escapeFilter(issuedBy)); + filter.append(")"); + } + } + + private void buildIssuedOnFilter(StringBuffer filter) { + if (!getIssuedOnInUse()) { + return; + } + buildDateFilter(getIssuedOnFrom(), "certCreateTime>=", 0, filter); + buildDateFilter(getIssuedOnTo(), "certCreateTime<=", 86399999, filter); + } + + private void buildValidNotBeforeFilter(StringBuffer filter) { + if (!getValidNotBeforeInUse()) { + return; + } + buildDateFilter(validNotBeforeFrom, "x509cert.notBefore>=", 0, filter); + buildDateFilter(validNotBeforeTo, "x509cert.notBefore<=", 86399999, filter); + + } + + private void buildValidNotAfterFilter(StringBuffer filter) { + if (!getValidNotAfterInUse()) { + return; + } + buildDateFilter(getValidNotAfterFrom(), "x509cert.notAfter>=", 0, filter); + buildDateFilter(getValidNotAfterTo(), "x509cert.notAfter<=", 86399999, filter); + + } + + private void buildValidityLengthFilter(StringBuffer filter) { + if (!getValidityLengthInUse()) { + return; + } + String op = getValidityOperation(); + long count = 0; + try { + count = Long.parseLong(getValidityCount()); + } catch (NumberFormatException e) { + // safely ignore + } + long unit = 0; + try { + unit = Long.parseLong(getValidityUnit()); + } catch (NumberFormatException e) { + // safely ignore + } + filter.append("("); + filter.append("x509cert.duration"); + filter.append(LDAPUtil.escapeFilter(op)); + filter.append(count * unit); + filter.append(")"); + } + + private void buildCertTypeFilter(StringBuffer filter) { + if (!getCertTypeInUse()) { + return; + } + if (isOn(getCertTypeSSLClient())) { + filter.append("(x509cert.nsExtension.SSLClient=on)"); + } else if (isOff(getCertTypeSSLClient())) { + filter.append("(x509cert.nsExtension.SSLClient=off)"); + } + if (isOn(getCertTypeSSLServer())) { + filter.append("(x509cert.nsExtension.SSLServer=on)"); + } else if (isOff(getCertTypeSSLServer())) { + filter.append("(x509cert.nsExtension.SSLServer=off)"); + } + if (isOn(getCertTypeSecureEmail())) { + filter.append("(x509cert.nsExtension.SecureEmail=on)"); + } else if (isOff(getCertTypeSecureEmail())) { + filter.append("(x509cert.nsExtension.SecureEmail=off)"); + } + if (isOn(getCertTypeSubSSLCA())) { + filter.append("(x509cert.nsExtension.SubordinateSSLCA=on)"); + } else if (isOff(getCertTypeSubSSLCA())) { + filter.append("(x509cert.nsExtension.SubordinateSSLCA=off)"); + } + if (isOn(getCertTypeSubEmailCA())) { + filter.append("(x509cert.nsExtension.SubordinateEmailCA=on)"); + } else if (isOff(getCertTypeSubEmailCA())) { + filter.append("(x509cert.nsExtension.SubordinateEmailCA=off)"); + } + } + + private boolean isOn(String value) { + String inUse = value; + if (inUse == null) { + return false; + } + if (inUse.equals("on")) { + return true; + } + return false; + } + + private boolean isOff(String value) { + String inUse = value; + if (inUse == null) { + return false; + } + if (inUse.equals("off")) { + return true; + } + return false; + } + + private void buildAVAFilter(String param, + String avaName, StringBuffer lf, String match) { + if (param != null && !param.equals("")) { + if (match != null && match.equals(MATCH_EXACTLY)) { + lf.append("(|"); + lf.append("(x509cert.subject=*"); + lf.append(avaName); + lf.append("="); + lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(param, false))); + lf.append(",*)"); + lf.append("(x509cert.subject=*"); + lf.append(avaName); + lf.append("="); + lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(param, false))); + lf.append(")"); + lf.append(")"); + } else { + lf.append("(x509cert.subject=*"); + lf.append(avaName); + lf.append("="); + lf.append("*"); + lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(param, false))); + lf.append("*)"); + } + } + + } + + private String searchFilter = null; + + public String getSearchFilter() { + return searchFilter; + } + + public void setSearchFilter(String searchFilter) { + this.searchFilter = searchFilter; + } + + public static CertSearchRequest valueOf(Reader reader) throws JAXBException { + JAXBContext context = JAXBContext.newInstance(CertSearchRequest.class); + Unmarshaller unmarshaller = context.createUnmarshaller(); + return (CertSearchRequest) unmarshaller.unmarshal(reader); + } +} diff --git a/base/common/src/com/netscape/certsrv/cert/CertUnrevokeRequest.java b/base/common/src/com/netscape/certsrv/cert/CertUnrevokeRequest.java new file mode 100644 index 000000000..7885482be --- /dev/null +++ b/base/common/src/com/netscape/certsrv/cert/CertUnrevokeRequest.java @@ -0,0 +1,124 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2012 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +package com.netscape.certsrv.cert; + +import java.io.StringReader; +import java.io.StringWriter; + +import javax.ws.rs.FormParam; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; + +import com.netscape.certsrv.request.RequestId; +import com.netscape.certsrv.request.RequestIdAdapter; + +/** + * @author Endi S. Dewata + */ +@XmlRootElement(name="CertUnrevokeRequest") +public class CertUnrevokeRequest { + + public static Marshaller marshaller; + public static Unmarshaller unmarshaller; + + static { + try { + JAXBContext context = JAXBContext.newInstance(CertUnrevokeRequest.class); + marshaller = context.createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); + unmarshaller = context.createUnmarshaller(); + } catch (Exception e) { + e.printStackTrace(); + } + } + + RequestId requestID; + + @XmlElement(name="requestID") + @FormParam("requestId") + @XmlJavaTypeAdapter(RequestIdAdapter.class) + public RequestId getRequestID() { + return requestID; + } + + public void setRequestID(RequestId requestID) { + this.requestID = requestID; + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + ((requestID == null) ? 0 : requestID.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + CertUnrevokeRequest other = (CertUnrevokeRequest) obj; + if (requestID == null) { + if (other.requestID != null) + return false; + } else if (!requestID.equals(other.requestID)) + return false; + return true; + } + + public String toString() { + try { + StringWriter sw = new StringWriter(); + marshaller.marshal(this, sw); + return sw.toString(); + + } catch (Exception e) { + return super.toString(); + } + } + + public static CertUnrevokeRequest valueOf(String string) throws Exception { + try { + return (CertUnrevokeRequest)unmarshaller.unmarshal(new StringReader(string)); + } catch (Exception e) { + return null; + } + } + + public static void main(String args[]) throws Exception { + + CertUnrevokeRequest before = new CertUnrevokeRequest(); + before.setRequestID(new RequestId("42323234")); + + String string = before.toString(); + System.out.println(string); + + CertUnrevokeRequest after = CertUnrevokeRequest.valueOf(string); + + System.out.println(before.equals(after)); + } +} |