diff options
Diffstat (limited to 'base/common')
-rw-r--r-- | base/common/CMakeLists.txt | 11 | ||||
-rw-r--r-- | base/common/key/templates/archiveKey.xml | 16 | ||||
-rw-r--r-- | base/common/key/templates/generateKey.xml | 11 | ||||
-rw-r--r-- | base/common/key/templates/retrieveKey.xml | 14 | ||||
-rw-r--r-- | base/common/src/com/netscape/certsrv/base/ResourceMessage.java | 20 | ||||
-rw-r--r-- | base/common/src/com/netscape/certsrv/key/Key.java | 13 | ||||
-rw-r--r-- | base/common/src/com/netscape/certsrv/key/KeyClient.java | 13 | ||||
-rw-r--r-- | base/common/src/com/netscape/certsrv/key/KeyTemplate.java | 18 | ||||
-rw-r--r-- | base/common/src/com/netscape/certsrv/key/SymKeyGenerationRequest.java | 23 | ||||
-rw-r--r-- | base/common/src/com/netscape/certsrv/key/Template.java | 21 |
10 files changed, 132 insertions, 28 deletions
diff --git a/base/common/CMakeLists.txt b/base/common/CMakeLists.txt index 1094be0c5..f661890f2 100644 --- a/base/common/CMakeLists.txt +++ b/base/common/CMakeLists.txt @@ -57,6 +57,17 @@ install( PATTERN ".gitignore" EXCLUDE ) +install( + DIRECTORY + key + DESTINATION + ${DATA_INSTALL_DIR}/ + FILE_PERMISSIONS + OWNER_READ + GROUP_READ + WORLD_READ +) + # install empty directories install( DIRECTORY diff --git a/base/common/key/templates/archiveKey.xml b/base/common/key/templates/archiveKey.xml new file mode 100644 index 000000000..6f8a01add --- /dev/null +++ b/base/common/key/templates/archiveKey.xml @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<KeyArchivalRequest> + <Attributes> + <Attribute name="description">Template for submitting a key archival request</Attribute> + <Attribute name="clientKeyID"></Attribute> + <Attribute name="dataType">symmetricKey/passphrase/asymmetricKey</Attribute> + <Attribute name="keyAlgorithm"></Attribute> + <Attribute name="keySize">0</Attribute> + <Attribute name="algorithmOID"></Attribute> + <Attribute name="symmetricAlgorithmParams">Base64 encoded NonceData</Attribute> + <Attribute name="wrappedPrivateData">Base64 encoded session key wrapped secret</Attribute> + <Attribute name="transWrappedSessionKey">Base64 encoded transport key wrapped session key</Attribute> + <Attribute name="pkiArchiveOptions">Base 64 encoded PKIArchiveOptions object</Attribute> + </Attributes> + <ClassName>com.netscape.certsrv.key.KeyArchivalRequest</ClassName> +</KeyArchivalRequest> diff --git a/base/common/key/templates/generateKey.xml b/base/common/key/templates/generateKey.xml new file mode 100644 index 000000000..25854e503 --- /dev/null +++ b/base/common/key/templates/generateKey.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<SymKeyGenerationRequest> + <Attributes> + <Attribute name="description">Template for submitting a request for generating a symmetric key.</Attribute> + <Attribute name="clientKeyID"></Attribute> + <Attribute name="keyAlgorithm">[AES/DES/DES3/DESede/RC2/RC4]</Attribute> + <Attribute name="keySize">128</Attribute> + <Attribute name="keyUsage">wrap,unwrap,sign,verify,encrypt,decrypt</Attribute> + </Attributes> + <ClassName>com.netscape.certsrv.key.SymKeyGenerationRequest</ClassName> +</SymKeyGenerationRequest> diff --git a/base/common/key/templates/retrieveKey.xml b/base/common/key/templates/retrieveKey.xml new file mode 100644 index 000000000..4373e0390 --- /dev/null +++ b/base/common/key/templates/retrieveKey.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<KeyRecoveryRequest> + <Attributes> + <Attribute name="description">Template for submitting a key retrieval or key recovery request.</Attribute> + <Attribute name="keyId">1</Attribute> + <Attribute name="requestId">1</Attribute> + <Attribute name="nonceData">Base64 encoded NonceData</Attribute> + <Attribute name="passphrase">Passphrase to encrypt the secret with/Passphrase for the PKCS12 file returned</Attribute> + <Attribute name="sessionWrappedPassphrase">Base64 encoded session key wrapped passphrase</Attribute> + <Attribute name="transWrappedSessionKey">Base64 encoded transport key wrapped session key</Attribute> + <Attribute name="certificate">Base64 certificate used for recoring the key.</Attribute> + </Attributes> + <ClassName>com.netscape.certsrv.key.KeyRecoveryRequest</ClassName> +</KeyRecoveryRequest> diff --git a/base/common/src/com/netscape/certsrv/base/ResourceMessage.java b/base/common/src/com/netscape/certsrv/base/ResourceMessage.java index 65f978ecc..34d7c2b11 100644 --- a/base/common/src/com/netscape/certsrv/base/ResourceMessage.java +++ b/base/common/src/com/netscape/certsrv/base/ResourceMessage.java @@ -1,5 +1,8 @@ package com.netscape.certsrv.base; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.OutputStream; import java.io.StringReader; import java.io.StringWriter; import java.util.ArrayList; @@ -158,6 +161,13 @@ public class ResourceMessage { return sw.toString(); } + public void marshall(OutputStream os) throws JAXBException { + JAXBContext context = JAXBContext.newInstance(this.getClass()); + Marshaller marshaller = context.createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); + marshaller.marshal(this, os); + } + @SuppressWarnings("unchecked") public static <T> T unmarshal(String string, Class<T> clazz) throws Exception { try { @@ -168,4 +178,14 @@ public class ResourceMessage { } } + public static <T> T unmarshall(Class<T> t, String filePath) throws JAXBException, FileNotFoundException { + JAXBContext context = JAXBContext.newInstance(t); + Unmarshaller unmarshaller = context.createUnmarshaller(); + FileInputStream fis = new FileInputStream(filePath); + @SuppressWarnings("unchecked") + T req = (T) unmarshaller.unmarshal(fis); + + return req; + } + } diff --git a/base/common/src/com/netscape/certsrv/key/Key.java b/base/common/src/com/netscape/certsrv/key/Key.java index 1b88075e4..5f5baf707 100644 --- a/base/common/src/com/netscape/certsrv/key/Key.java +++ b/base/common/src/com/netscape/certsrv/key/Key.java @@ -1,5 +1,10 @@ package com.netscape.certsrv.key; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; + import com.netscape.cmsutil.util.Utils; /** @@ -10,18 +15,26 @@ import com.netscape.cmsutil.util.Utils; * @author akoneru * */ +@XmlRootElement(name="Key") +@XmlAccessorType(XmlAccessType.NONE) public class Key { + @XmlElement private byte[] encryptedData; + @XmlElement private byte[] nonceData; + @XmlElement private String p12Data; + @XmlElement private String algorithm; + @XmlElement private Integer size; + @XmlElement private byte[] data; public Key() { diff --git a/base/common/src/com/netscape/certsrv/key/KeyClient.java b/base/common/src/com/netscape/certsrv/key/KeyClient.java index 97793ab39..9363a6a8c 100644 --- a/base/common/src/com/netscape/certsrv/key/KeyClient.java +++ b/base/common/src/com/netscape/certsrv/key/KeyClient.java @@ -195,7 +195,8 @@ public class KeyClient extends Client { if (id == null || status == null) { throw new IllegalArgumentException("Key Id and status must be specified."); } - if ((!status.equalsIgnoreCase(KeyResource.KEY_STATUS_ACTIVE)) && (!status.equalsIgnoreCase(KeyResource.KEY_STATUS_INACTIVE))) { + if (!status.equalsIgnoreCase(KeyResource.KEY_STATUS_ACTIVE) + && !status.equalsIgnoreCase(KeyResource.KEY_STATUS_INACTIVE)) { throw new IllegalArgumentException("Invalid status value."); } Response response = keyClient.modifyKeyStatus(id, status); @@ -670,7 +671,15 @@ public class KeyClient extends Client { if (clientKeyId == null) { throw new IllegalArgumentException("Client Key Identifier must be specified."); } - + //Validate the usages list + List<String> validUsages = SymKeyGenerationRequest.getValidUsagesList(); + if (usages != null) { + for (String usage : usages) { + if (!validUsages.contains(usage)) { + throw new IllegalArgumentException("Invalid usage \"" + usage + "\" specified."); + } + } + } SymKeyGenerationRequest data = new SymKeyGenerationRequest(); data.setClientKeyId(clientKeyId); data.setKeyAlgorithm(keyAlgorithm); diff --git a/base/common/src/com/netscape/certsrv/key/KeyTemplate.java b/base/common/src/com/netscape/certsrv/key/KeyTemplate.java new file mode 100644 index 000000000..25d0d30ff --- /dev/null +++ b/base/common/src/com/netscape/certsrv/key/KeyTemplate.java @@ -0,0 +1,18 @@ +package com.netscape.certsrv.key; + +public class KeyTemplate { + + String id; + String description; + + public KeyTemplate(String id, String description) { + this.id = id; + this.description = description; + } + + public void printTemplateInfo() { + System.out.println(); + System.out.println(" Template ID: " + id); + System.out.println(" Template Description: " + description); + } +}
\ No newline at end of file diff --git a/base/common/src/com/netscape/certsrv/key/SymKeyGenerationRequest.java b/base/common/src/com/netscape/certsrv/key/SymKeyGenerationRequest.java index 27dc69fd5..a2440d7cb 100644 --- a/base/common/src/com/netscape/certsrv/key/SymKeyGenerationRequest.java +++ b/base/common/src/com/netscape/certsrv/key/SymKeyGenerationRequest.java @@ -17,7 +17,7 @@ import com.netscape.certsrv.base.ResourceMessage; * @author alee * */ -@XmlRootElement(name="SymKeyGenerationRequest") +@XmlRootElement(name = "SymKeyGenerationRequest") @XmlAccessorType(XmlAccessType.FIELD) public class SymKeyGenerationRequest extends ResourceMessage { @@ -37,7 +37,7 @@ public class SymKeyGenerationRequest extends ResourceMessage { public List<String> getUsages() { String usageString = attributes.get(KEY_USAGE); - if (! StringUtils.isBlank(usageString)) { + if (!StringUtils.isBlank(usageString)) { return new ArrayList<String>(Arrays.asList(usageString.split(","))); } return new ArrayList<String>(); @@ -49,8 +49,9 @@ public class SymKeyGenerationRequest extends ResourceMessage { public void addUsage(String usage) { List<String> usages = getUsages(); - for (String u: usages) { - if (u.equals(usage)) return; + for (String u : usages) { + if (u.equals(usage)) + return; } usages.add(usage); setUsages(usages); @@ -69,7 +70,7 @@ public class SymKeyGenerationRequest extends ResourceMessage { attributes.put(TRANS_WRAPPED_SESSION_KEY, form.getFirst(TRANS_WRAPPED_SESSION_KEY)); String usageString = attributes.get(KEY_USAGE); - if (! StringUtils.isBlank(usageString)) { + if (!StringUtils.isBlank(usageString)) { setUsages(new ArrayList<String>(Arrays.asList(usageString.split(",")))); } setClassName(getClass().getName()); @@ -156,6 +157,18 @@ public class SymKeyGenerationRequest extends ResourceMessage { } } + public static List<String> getValidUsagesList() { + List<String> list = new ArrayList<String>(); + list.add(WRAP_USAGE); + list.add(UWRAP_USAGE); + list.add(DECRYPT_USAGE); + list.add(ENCRYPT_USAGE); + list.add(KEY_USAGE); + list.add(SIGN_USAGE); + + return list; + } + public static void main(String args[]) throws Exception { SymKeyGenerationRequest before = new SymKeyGenerationRequest(); diff --git a/base/common/src/com/netscape/certsrv/key/Template.java b/base/common/src/com/netscape/certsrv/key/Template.java deleted file mode 100644 index bfcf61eb7..000000000 --- a/base/common/src/com/netscape/certsrv/key/Template.java +++ /dev/null @@ -1,21 +0,0 @@ -package com.netscape.certsrv.key; - - -public class Template{ - String templateID; - String templateName; - String templateDescription; - public Template(String templateID, String templateName, String templateDescription) { - super(); - this.templateID = templateID; - this.templateName = templateName; - this.templateDescription = templateDescription; - } - - public void printTemplateInfo(){ - System.out.println(); - System.out.println(" Template ID: " + templateID); - System.out.println(" Template Name: " + templateName); - System.out.println(" Template Description: " + templateDescription); - } -}
\ No newline at end of file |