diff options
Diffstat (limited to 'base/java-tools/src/com/netscape/cmstools/client/ClientCertRequestCLI.java')
-rw-r--r-- | base/java-tools/src/com/netscape/cmstools/client/ClientCertRequestCLI.java | 72 |
1 files changed, 60 insertions, 12 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/client/ClientCertRequestCLI.java b/base/java-tools/src/com/netscape/cmstools/client/ClientCertRequestCLI.java index db71c8a0f..370a7be5b 100644 --- a/base/java-tools/src/com/netscape/cmstools/client/ClientCertRequestCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/client/ClientCertRequestCLI.java @@ -19,13 +19,13 @@ package com.netscape.cmstools.client; import java.io.ByteArrayOutputStream; +import java.io.Console; import java.io.File; import java.security.KeyPair; +import java.util.HashMap; +import java.util.Map; import java.util.Vector; -import netscape.ldap.util.DN; -import netscape.ldap.util.RDN; - import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; import org.apache.commons.io.FileUtils; @@ -50,6 +50,9 @@ import com.netscape.cmstools.cli.MainCLI; import com.netscape.cmsutil.util.Cert; import com.netscape.cmsutil.util.Utils; +import netscape.ldap.util.DN; +import netscape.ldap.util.RDN; + /** * @author Endi S. Dewata */ @@ -73,6 +76,13 @@ public class ClientCertRequestCLI extends CLI { option.setArgName("request type"); options.addOption(option); + option = new Option(null, "username", true, "Username for request authentication"); + option.setArgName("username"); + options.addOption(option); + + option = new Option(null, "password", false, "Prompt password for request authentication"); + options.addOption(option); + option = new Option(null, "attribute-encoding", false, "Enable Attribute encoding"); options.addOption(option); @@ -265,20 +275,58 @@ public class ClientCertRequestCLI extends CLI { } } + // parse subject DN and put the values in a map + DN dn = new DN(subjectDN); + Vector<?> rdns = dn.getRDNs(); + + Map<String, String> subjectAttributes = new HashMap<String, String>(); + for (int i=0; i< rdns.size(); i++) { + RDN rdn = (RDN)rdns.elementAt(i); + String type = rdn.getTypes()[0].toLowerCase(); + String value = rdn.getValues()[0]; + subjectAttributes.put(type, value); + } + ProfileInput sn = request.getInput("Subject Name"); if (sn != null) { - DN dn = new DN(subjectDN); - Vector<?> rdns = dn.getRDNs(); - - for (int i=0; i< rdns.size(); i++) { - RDN rdn = (RDN)rdns.elementAt(i); - String type = rdn.getTypes()[0].toLowerCase(); - String value = rdn.getValues()[0]; - ProfileAttribute uidAttr = sn.getAttribute("sn_" + type); - uidAttr.setValue(value); + if (verbose) System.out.println("Subject Name:"); + + for (ProfileAttribute attribute : sn.getAttributes()) { + String name = attribute.getName(); + String value = null; + + if (name.equals("subject")) { + // get the whole subject DN + value = subjectDN; + + } else if (name.startsWith("sn_")) { + // get value from subject DN + value = subjectAttributes.get(name.substring(3)); + + } else { + // unknown attribute, ignore + if (verbose) System.out.println(" - " + name); + continue; + } + + if (value == null) continue; + + if (verbose) System.out.println(" - " + name + ": " + value); + attribute.setValue(value); } } + String certRequestUsername = cmd.getOptionValue("username"); + if (certRequestUsername != null) { + request.setAttribute("uid", certRequestUsername); + } + + if (cmd.hasOption("password")) { + Console console = System.console(); + String certRequestPassword = new String(console.readPassword("Password: ")); + request.setAttribute("pwd", certRequestPassword); + } + if (verbose) { System.out.println("Sending certificate request."); } |