diff options
Diffstat (limited to 'base/java-tools/src/com/netscape')
3 files changed, 59 insertions, 20 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertCLI.java b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertCLI.java index 1ed88b1fa..fe7092c00 100644 --- a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertCLI.java @@ -18,9 +18,12 @@ package com.netscape.cmstools.pkcs12; +import java.math.BigInteger; + import com.netscape.certsrv.dbs.certdb.CertId; import com.netscape.cmstools.cli.CLI; +import netscape.security.pkcs.PKCS12; import netscape.security.pkcs.PKCS12CertInfo; /** @@ -37,18 +40,20 @@ public class PKCS12CertCLI extends CLI { addModule(new PKCS12CertRemoveCLI(this)); } - public static void printCertInfo(PKCS12CertInfo certInfo) throws Exception { + public static void printCertInfo(PKCS12 pkcs12, PKCS12CertInfo certInfo) throws Exception { + + BigInteger id = certInfo.getID(); + System.out.println(" Certificate ID: " + id.toString(16)); + System.out.println(" Serial Number: " + new CertId(certInfo.getCert().getSerialNumber()).toHexString()); System.out.println(" Nickname: " + certInfo.getNickname()); System.out.println(" Subject DN: " + certInfo.getCert().getSubjectDN()); System.out.println(" Issuer DN: " + certInfo.getCert().getIssuerDN()); - if (certInfo.getKeyID() != null) { - System.out.println(" Key ID: " + certInfo.getKeyID().toString(16)); - } - if (certInfo.getTrustFlags() != null) { System.out.println(" Trust Flags: " + certInfo.getTrustFlags()); } + + System.out.println(" Has Key: " + (pkcs12.getKeyInfoByID(id) != null)); } } diff --git a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertExportCLI.java b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertExportCLI.java index 04e2b7b6f..8fb526d48 100644 --- a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertExportCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertExportCLI.java @@ -22,6 +22,9 @@ import java.io.BufferedReader; import java.io.FileOutputStream; import java.io.FileReader; import java.io.PrintStream; +import java.math.BigInteger; +import java.util.ArrayList; +import java.util.Collection; import java.util.logging.Level; import java.util.logging.Logger; @@ -50,7 +53,7 @@ public class PKCS12CertExportCLI extends CLI { } public void printHelp() { - formatter.printHelp(getFullName() + " [OPTIONS...] <nickname>", options); + formatter.printHelp(getFullName() + " [OPTIONS...] [nickname]", options); } public void createOptions() { @@ -70,6 +73,10 @@ public class PKCS12CertExportCLI extends CLI { option.setArgName("path"); options.addOption(option); + option = new Option(null, "cert-id", true, "Certificate ID to export"); + option.setArgName("ID"); + options.addOption(option); + options.addOption("v", "verbose", false, "Run in verbose mode."); options.addOption(null, "debug", false, "Run in debug mode."); options.addOption(null, "help", false, "Show help message."); @@ -104,14 +111,28 @@ public class PKCS12CertExportCLI extends CLI { } String[] cmdArgs = cmd.getArgs(); + String id = cmd.getOptionValue("cert-id"); - if (cmdArgs.length < 1) { - System.err.println("Error: Missing certificate nickname."); + if (cmdArgs.length < 1 && id == null) { + System.err.println("Error: Missing certificate nickname or ID."); printHelp(); System.exit(-1); } - String nickname = cmdArgs[0]; + if (cmdArgs.length >= 1 && id != null) { + System.err.println("Error: Certificate nickname and ID are mutually exclusive."); + printHelp(); + System.exit(-1); + } + + String nickname = null; + BigInteger certID = null; + + if (cmdArgs.length >= 1) { + nickname = cmdArgs[0]; + } else { + certID = new BigInteger(id, 16); + } String pkcs12File = cmd.getOptionValue("pkcs12-file"); @@ -153,17 +174,30 @@ public class PKCS12CertExportCLI extends CLI { PKCS12Util util = new PKCS12Util(); PKCS12 pkcs12 = util.loadFromFile(pkcs12File, password); - PKCS12CertInfo certInfo = pkcs12.getCertInfoByNickname(nickname); - if (certInfo == null) { + Collection<PKCS12CertInfo> certInfos = new ArrayList<PKCS12CertInfo>(); + + if (nickname != null) { + certInfos.addAll(pkcs12.getCertInfosByNickname(nickname)); + + } else { + PKCS12CertInfo certInfo = pkcs12.getCertInfoByID(certID); + if (certInfo != null) { + certInfos.add(certInfo); + } + } + + if (certInfos.isEmpty()) { System.err.println("Error: Certificate not found."); System.exit(-1); } - X509CertImpl cert = certInfo.getCert(); try (PrintStream os = new PrintStream(new FileOutputStream(certFile))) { - os.println("-----BEGIN CERTIFICATE-----"); - os.print(Utils.base64encode(cert.getEncoded())); - os.println("-----END CERTIFICATE-----"); + for (PKCS12CertInfo certInfo : certInfos) { + X509CertImpl cert = certInfo.getCert(); + os.println("-----BEGIN CERTIFICATE-----"); + os.print(Utils.base64encode(cert.getEncoded())); + os.println("-----END CERTIFICATE-----"); + } } } finally { diff --git a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertFindCLI.java b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertFindCLI.java index a97933188..9bb4ad3ba 100644 --- a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertFindCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertFindCLI.java @@ -133,17 +133,17 @@ public class PKCS12CertFindCLI extends CLI { Password password = new Password(passwordString.toCharArray()); - Collection<PKCS12CertInfo> certInfos; + PKCS12 pkcs12; try { PKCS12Util util = new PKCS12Util(); - PKCS12 pkcs12 = util.loadFromFile(filename, password); - - certInfos = pkcs12.getCertInfos(); + pkcs12 = util.loadFromFile(filename, password); } finally { password.clear(); } + Collection<PKCS12CertInfo> certInfos = pkcs12.getCertInfos(); + MainCLI.printMessage(certInfos.size() + " entries found"); if (certInfos.size() == 0) return; @@ -156,7 +156,7 @@ public class PKCS12CertFindCLI extends CLI { System.out.println(); } - PKCS12CertCLI.printCertInfo(certInfo); + PKCS12CertCLI.printCertInfo(pkcs12, certInfo); } } } |