diff options
Diffstat (limited to 'base/silent/src/com/netscape/pkisilent/common')
17 files changed, 0 insertions, 8229 deletions
diff --git a/base/silent/src/com/netscape/pkisilent/common/BaseState.java b/base/silent/src/com/netscape/pkisilent/common/BaseState.java deleted file mode 100644 index c668e0f80..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/BaseState.java +++ /dev/null @@ -1,118 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -/** - * CMS Test framework . - * This class reads and sets the values for a CMS subsytems Config file (CS.cfg) - * Using this class you can set the server to a base state. - */ - -public class BaseState { - - private String CMSConfigFile; - private CMSConfig cmscfg = null; - private String ldapbase, ldaphost, ldapport, ldapdn, ldapdnpw; - private boolean ldapsecConn = false; - - // Constructor - - public BaseState() { - } - - /** - * Constructor . Takes the parameter CMSConfigfilename ( with fullpath) - * - * @param CMSConfigfile. - */ - - public BaseState(String cmscfilename) { - CMSConfigFile = cmscfilename; - - } - - /** - * Set the publishing directory information . Takes the paramters ldaphost,ldapport,ldapDN, ldapDN password, BaseDN - * , Secure coonection (true/false) - */ - public void setLDAPInfo(String h, String p, String dn, String pw, String base, boolean sc) { - ldaphost = h; - ldapport = p; - ldapdn = dn; - ldapdnpw = pw; - ldapbase = base; - ldapsecConn = sc; - - } - - /** - * Enable SSL Client authentication for Directory enrollment and publishing - */ - - public void EnableSSLClientAuth() { - ldapsecConn = true; - cmscfg = new CMSConfig(CMSConfigFile); - // Enable DirBaseEnrollment - cmscfg.EnableDirEnrollment(ldapsecConn, ldapbase, ldaphost, ldapport); - // Enable Publishing - cmscfg.EnablePublishing(ldapsecConn, ldapdn, ldapdnpw, ldaphost, - ldapport); - cmscfg.saveCMSConfig(); - - } - - /** - * Set to CA 's base state . Enables Directory based enrollment , publishing and Portal enrollment - */ - - public void CABaseState() { - cmscfg = new CMSConfig(CMSConfigFile); - cmscfg.EnableAdminEnrollment(); - // Enable DirBaseEnrollment - cmscfg.EnableDirEnrollment(ldapsecConn, ldapbase, ldaphost, ldapport); - // Enable Publishing - cmscfg.DisablePublishing(ldapsecConn, ldapdn, ldapdnpw, ldaphost, - ldapport, ldapbase); - // Enable Portalbased enrollment - cmscfg.EnablePortalAuth(ldapsecConn, ldapdn, ldapdnpw, ldaphost, - ldapport, ldapbase); - cmscfg.saveCMSConfig(); - - } - - /** - * Set to RA 's base state . Enables Directory based enrollment and Portal enrollment - */ - - public void RABaseState() { - cmscfg = new CMSConfig(CMSConfigFile); - cmscfg.EnableAdminEnrollment(); - // Enable DirBaseEnrollment - cmscfg.EnableDirEnrollment(ldapsecConn, ldapbase, ldaphost, ldapport); - // Enable Portalbased enrollment - cmscfg.EnablePortalAuth(ldapsecConn, ldapdn, ldapdnpw, ldaphost, - ldapport, ldapbase); - cmscfg.saveCMSConfig(); - - } - - public static void main(String args[]) { - }// end of function main - -} diff --git a/base/silent/src/com/netscape/pkisilent/common/CMSConfig.java b/base/silent/src/com/netscape/pkisilent/common/CMSConfig.java deleted file mode 100644 index 7aeaaa829..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/CMSConfig.java +++ /dev/null @@ -1,569 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -import java.io.FileInputStream; -import java.io.FileOutputStream; - -/** - * CMS Test framework . - * This class reads,modifies and saves CS.cfg file - */ - -public class CMSConfig extends ServerInfo { - - /** - * Constructor . Reads the CS.cfg file .Takes the parameter for Configfile ( Provide fullpath) - */ - - public CMSConfig(String confFile) { - CMSConfigFile = confFile; - System.out.println(CMSConfigFile); - readCMSConfig(); - } - - private void readCMSConfig() { - - try { - FileInputStream fiscfg = new FileInputStream(CMSConfigFile); - - CMSprops = new CMSProperties(); - CMSprops.load(fiscfg); - System.out.println("Reading CMS Config file successful"); - fiscfg.close(); - System.out.println("Number in size " + CMSprops.size()); - } catch (Exception e) { - System.out.println("exception " + e.getMessage()); - } - - } - - /** - * Saves the config file - **/ - - public void saveCMSConfig() { - try { - // Properties s = new Properties(CMSprops); - FileOutputStream fos = new FileOutputStream(CMSConfigFile); - - System.out.println("Number in size " + CMSprops.size()); - // CMSprops.list(System.out); - CMSprops.store(fos, null); - System.out.println("Writing to CMS Config file successful"); - fos.close(); - } catch (Exception e) { - System.out.println("exception " + e.getMessage()); - } - - } - - // AdminEnrollment - - public void EnableAdminEnrollment() { - CMSprops.setProperty("cmsgateway.enableAdminEnroll", "true"); - - } - - // Authentication - - // Enable DirectoryBased Authentication - /** - * Takes parameters : secureConnection( true/false), basedn, ldaphostname, lapdaportnumber ( in case of secured - * connection give ldap secured port) - */ - - public void EnableDirEnrollment(boolean secureConn, String ldapbase, String lhost, String lport) { - CMSprops.setProperty("auths.instance.UserDirEnrollment.dnpattern", - "UID=$attr.uid,E=$attr.mail.1,CN=$attr.cn,OU=$dn.ou.2,O=$dn.o,C=US"); - CMSprops.setProperty("auths.instance.UserDirEnrollment.ldap.basedn", - ldapbase); - CMSprops.setProperty( - "auths.instance.UserDirEnrollment.ldap.ldapconn.host", lhost); - CMSprops.setProperty( - "auths.instance.UserDirEnrollment.ldap.ldapconn.version", "3"); - CMSprops.setProperty("auths.instance.UserDirEnrollment.ldap.maxConns", - "8"); - CMSprops.setProperty("auths.instance.UserDirEnrollment.ldap.minConns", - "2"); - // CMSprops.setProperty("auths.instance.UserDirEnrollment.ldapByteAttributes=",""); - CMSprops.setProperty( - "auths.instance.UserDirEnrollment.ldapStringAttributes", "mail"); - CMSprops.setProperty("auths.instance.UserDirEnrollment.pluginName", - "UidPwdDirAuth"); - if (secureConn) { - CMSprops.setProperty( - "auths.instance.UserDirEnrollment.ldap.ldapconn.secureConn", - "true"); - CMSprops.setProperty( - "auths.instance.UserDirEnrollment.ldap.ldapconn.port", lport); - - } else { - CMSprops.setProperty( - "auths.instance.UserDirEnrollment.ldap.ldapconn.secureConn", - "false"); - CMSprops.setProperty( - "auths.instance.UserDirEnrollment.ldap.ldapconn.port", lport); - - } - } - - public void DisableDirEnrollment() { - CMSprops.remove("auths.instance.UserDirEnrollment.dnpattern"); - CMSprops.remove("auths.instance.UserDirEnrollment.ldap.basedn"); - CMSprops.remove("auths.instance.UserDirEnrollment.ldap.ldapconn.host"); - CMSprops.remove("auths.instance.UserDirEnrollment.ldap.ldapconn.port"); - CMSprops.remove( - "auths.instance.UserDirEnrollment.ldap.ldapconn.secureConn"); - CMSprops.remove("auths.instance.UserDirEnrollment.ldap.ldapconn.version"); - CMSprops.remove("auths.instance.UserDirEnrollment.ldap.maxConns"); - CMSprops.remove("auths.instance.UserDirEnrollment.ldap.minConns"); - CMSprops.remove("auths.instance.UserDirEnrollment.ldapByteAttributes="); - CMSprops.remove("auths.instance.UserDirEnrollment.ldapStringAttributes"); - CMSprops.remove("auths.instance.UserDirEnrollment.pluginName"); - - } - - public void EnableCMCAuth() { - - CMSprops.setProperty("auths.instance.testcmc.pluginName", - "CMCAuthentication"); - } - - /** - * Takes parameters : secureConnection( true/false), ldapbinddn, ldapbindnpassword,ldaphostname, lapdaportnumber ( - * in case of secured connection give ldap secured port), basedn (e.g ou=people,o=mcom.com) - */ - - void EnablePortalAuth(boolean secureConn, String ldaprootDN, String ldaprootDNPW, String lhost, String lport, - String lbsuffix) { - String certnickname = null; - - CMSprops.setProperty("auths.instance.PortalEnrollment.pluginName", - "PortalEnroll"); - CMSprops.setProperty("auths.instance.PortalEnrollment.dnpattern", - "uid=$attr.uid,cn=$attr.cn,O=$dn.co,C=$dn.c"); - CMSprops.setProperty("auths.instance.PortalEnrollment.ldap.basedn", - lbsuffix); - CMSprops.setProperty("auths.instance.PortalEnrollment.ldap.maxConns", - "3"); - CMSprops.setProperty("auths.instance.PortalEnrollment.ldap.minConns", - "2"); - CMSprops.setProperty("auths.instance.PortalEnrollment.ldap.objectclass", - "inetOrgPerson"); - CMSprops.setProperty( - "auths.instance.PortalEnrollment.ldap.ldapauth.bindDN", - ldaprootDN); - CMSprops.setProperty( - "auths.instance.PortalEnrollment.ldap.ldapauth.bindPassword", - ldaprootDNPW); - CMSprops.setProperty( - "auths.instance.PortalEnrollment.ldap.ldapauth.bindPWPrompt", - "Rule PortalEnrollment"); - CMSprops.setProperty( - "auths.instance.PortalEnrollment.ldap.ldapconn.host", lhost); - if (secureConn) { - CMSprops.setProperty( - "auths.instance.PortalEnrollment.ldap.ldapconn.secureConn", - "true"); - CMSprops.setProperty( - "auths.instance.PortalEnrollment.ldap.ldapauth.clientCertNickname", - certnickname); - CMSprops.setProperty( - "auths.instance.PortalEnrollment.ldap.ldapauth.authtype", - "SslClientAuth"); - CMSprops.setProperty( - "auths.instance.PortalEnrollment.ldap.ldapconn.port", lport); - - } else { - CMSprops.setProperty( - "auths.instance.PortalEnrollment.ldap.ldapconn.secureConn", - "false"); - CMSprops.setProperty( - "auths.instance.PortalEnrollment.ldap.ldapconn.port", lport); - CMSprops.setProperty( - "auths.instance.PortalEnrollment.ldap.ldapauth.authtype", - "BasicAuth"); - } - - CMSprops.setProperty( - "auths.instance.PortalEnrollment.ldap.ldapconn.version", "3"); - - } - - // Publishing - /** - * Takes parameters : secureConnection( true/false), ldapbinddn, ldapbindnpassword,ldaphostname, lapdaportnumber ( - * in case of secured connection give ldap secured port) - */ - - public void EnablePublishing(boolean secureConn, String ldaprootDN, String ldaprootDNPW, String lhost, String lport) { - - CMSprops.setProperty("ca.publish.enable", "true"); - CMSprops.setProperty("ca.publish.ldappublish.enable", "true"); - if (secureConn) { - CMSprops.setProperty( - "ca.publish.ldappublish.ldap.ldapconn.secureConn", "true"); - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapconn.port", - lport); - - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapauth.authtype", - "SslClientAuth"); - } else { - CMSprops.setProperty( - "ca.publish.ldappublish.ldap.ldapconn.secureConn", "false"); - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapconn.port", - lport); - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapauth.authtype", - "BasicAuth"); - } - - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapauth.bindDN", - ldaprootDN); - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapauth.bindPassword", - ldaprootDNPW); - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapauth.bindPWPrompt", - "CA LDAP Publishing"); - - // set the hostname with fully qulified name if you are using SSL - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapconn.host", lhost); - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapconn.version", "3"); - CMSprops.setProperty("ca.publish.mapper.impl.LdapCaSimpleMap.class", - "com.netscape.cms.publish.mappers.LdapCaSimpleMap"); - CMSprops.setProperty("ca.publish.mapper.impl.LdapDNCompsMap.class", - "com.netscape.cms.publish.mappers.Lda pCertCompsMap"); - CMSprops.setProperty("ca.publish.mapper.impl.LdapDNExactMap.class", - "com.netscape.cms.publish.mappers.LdapCertExactMap"); - CMSprops.setProperty("ca.publish.mapper.impl.LdapEnhancedMap.class", - "com.netscape.cms.publish.mappers.LdapEnhancedMap"); - CMSprops.setProperty("ca.publish.mapper.impl.LdapSimpleMap.class", - "com.netscape.cms.publish.mappers.LdapSimpleMap"); - CMSprops.setProperty("ca.publish.mapper.impl.LdapSubjAttrMap.class", - "com.netscape.cms.publish.mappers.LdapCertSubjMap"); - CMSprops.setProperty( - "ca.publish.mapper.instance.LdapCaCertMap.createCAEntry", "true"); - CMSprops.setProperty( - "ca.publish.mapper.instance.LdapCaCertMap.dnPattern", - "UID=CManager,OU=people,O=mcom.com"); - CMSprops.setProperty( - "ca.publish.mapper.instance.LdapCaCertMap.pluginName", - "LdapCaSimpleMap"); - CMSprops.setProperty( - "ca.publish.mapper.instance.LdapCrlMap.createCAEntry", "true"); - CMSprops.setProperty("ca.publish.mapper.instance.LdapCrlMap.dnPattern", - "UID=CManager,OU=people,O=mcom.com"); - CMSprops.setProperty("ca.publish.mapper.instance.LdapCrlMap.pluginName", - "LdapCaSimpleMap"); - CMSprops.setProperty( - "ca.publish.mapper.instance.LdapUserCertMap.dnPattern", - "UID=$subj.UID,OU=people,O=mcom.com"); - CMSprops.setProperty( - "ca.publish.mapper.instance.LdapUserCertMap.pluginName", - "LdapSimpleMap"); - CMSprops.setProperty( - "ca.publish.publisher.impl.FileBasedPublisher.class", - "com.netscape.cms.publish.publishers.FileBasedPublisher"); - CMSprops.setProperty( - "ca.publish.publisher.impl.LdapCaCertPublisher.class", - "com.netscape.cms.publish.publishers.LdapCaCertPublisher"); - CMSprops.setProperty("ca.publish.publisher.impl.LdapCrlPublisher.class", - "com.netscape.cms.publish.publishers.LdapCrlPublisher"); - CMSprops.setProperty( - "ca.publish.publisher.impl.LdapUserCertPublisher.class", - "com.netscape.cms.publish.publishers.LdapUserCertPublisher"); - CMSprops.setProperty("ca.publish.publisher.impl.OCSPPublisher.class", - "com.netscape.cms.publish.publishers.OCSPPublisher"); - CMSprops.setProperty( - "ca.publish.publisher.instance.LdapCaCertPublisher.caCertAttr", - "caCertificate;binary"); - CMSprops.setProperty( - "ca.publish.publisher.instance.LdapCaCertPublisher.caObjectClass", - "certificationAuthority"); - CMSprops.setProperty( - "ca.publish.publisher.instance.LdapCaCertPublisher.pluginName", - "LdapCaCertPublisher"); - CMSprops.setProperty( - "ca.publish.publisher.instance.LdapCrlPublisher.crlAttr", - "certificateRevocationList;binary"); - CMSprops.setProperty( - "ca.publish.publisher.instance.LdapCrlPublisher.pluginName", - "LdapCrlPublisher"); - CMSprops.setProperty( - "ca.publish.publisher.instance.LdapUserCertPublisher.certAttr", - "userCertificate;binary"); - CMSprops.setProperty( - "ca.publish.publisher.instance.LdapUserCertPublisher.pluginName", - "LdapUserCertPublisher"); - } - - public void DisablePublishing(boolean secureConn, String ldaprootDN, String ldaprootDNPW, String lhost, - String lport, String base) { - - CMSprops.setProperty("ca.publish.enable", "false"); - CMSprops.setProperty("ca.publish.ldappublish.enable", "false"); - if (secureConn) { - CMSprops.setProperty( - "ca.publish.ldappublish.ldap.ldapconn.secureConn", "false"); - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapconn.port", - lport); - - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapauth.authtype", - "SslClientAuth"); - } else { - CMSprops.setProperty( - "ca.publish.ldappublish.ldap.ldapconn.secureConn", "false"); - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapconn.port", - lport); - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapauth.authtype", - "BasicAuth"); - } - - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapauth.bindDN", - ldaprootDN); - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapauth.bindPassword", - ldaprootDNPW); - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapauth.bindPWPrompt", - "CA LDAP Publishing"); - - // set the hostname with fully qulified name if you are using SSL - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapconn.host", lhost); - CMSprops.setProperty("ca.publish.ldappublish.ldap.ldapconn.version", "3"); - CMSprops.setProperty("ca.publish.mapper.impl.LdapCaSimpleMap.class", - "com.netscape.cms.publish.mappers.LdapCaSimpleMap"); - CMSprops.setProperty("ca.publish.mapper.impl.LdapDNCompsMap.class", - "com.netscape.cms.publish.mappers.Lda pCertCompsMap"); - CMSprops.setProperty("ca.publish.mapper.impl.LdapDNExactMap.class", - "com.netscape.cms.publish.mappers.LdapCertExactMap"); - CMSprops.setProperty("ca.publish.mapper.impl.LdapEnhancedMap.class", - "com.netscape.cms.publish.mappers.LdapEnhancedMap"); - CMSprops.setProperty("ca.publish.mapper.impl.LdapSimpleMap.class", - "com.netscape.cms.publish.mappers.LdapSimpleMap"); - CMSprops.setProperty("ca.publish.mapper.impl.LdapSubjAttrMap.class", - "com.netscape.cms.publish.mappers.LdapCertSubjMap"); - CMSprops.setProperty( - "ca.publish.mapper.instance.LdapCaCertMap.createCAEntry", - "false"); - CMSprops.setProperty( - "ca.publish.mapper.instance.LdapCaCertMap.dnPattern", - "UID=CManager,OU=people," + base); - CMSprops.setProperty( - "ca.publish.mapper.instance.LdapCaCertMap.pluginName", - "LdapCaSimpleMap"); - CMSprops.setProperty( - "ca.publish.mapper.instance.LdapCrlMap.createCAEntry", "false"); - CMSprops.setProperty("ca.publish.mapper.instance.LdapCrlMap.dnPattern", - "UID=CManager,OU=people," + base); - CMSprops.setProperty("ca.publish.mapper.instance.LdapCrlMap.pluginName", - "LdapCaSimpleMap"); - CMSprops.setProperty( - "ca.publish.mapper.instance.LdapUserCertMap.dnPattern", - "UID=$subj.UID,OU=people," + base); - CMSprops.setProperty( - "ca.publish.mapper.instance.LdapUserCertMap.pluginName", - "LdapSimpleMap"); - CMSprops.setProperty( - "ca.publish.publisher.impl.FileBasedPublisher.class", - "com.netscape.cms.publish.publishers.FileBasedPublisher"); - CMSprops.setProperty( - "ca.publish.publisher.impl.LdapCaCertPublisher.class", - "com.netscape.cms.publish.publishers.LdapCaCertPublisher"); - CMSprops.setProperty("ca.publish.publisher.impl.LdapCrlPublisher.class", - "com.netscape.cms.publish.publishers.LdapCrlPublisher"); - CMSprops.setProperty( - "ca.publish.publisher.impl.LdapUserCertPublisher.class", - "com.netscape.cms.publish.publishers.LdapUserCertPublisher"); - CMSprops.setProperty("ca.publish.publisher.impl.OCSPPublisher.class", - "com.netscape.cms.publish.publishers.OCSPPublisher"); - CMSprops.setProperty( - "ca.publish.publisher.instance.LdapCaCertPublisher.caCertAttr", - "caCertificate;binary"); - CMSprops.setProperty( - "ca.publish.publisher.instance.LdapCaCertPublisher.caObjectClass", - "certificationAuthority"); - CMSprops.setProperty( - "ca.publish.publisher.instance.LdapCaCertPublisher.pluginName", - "LdapCaCertPublisher"); - CMSprops.setProperty( - "ca.publish.publisher.instance.LdapCrlPublisher.crlAttr", - "certificateRevocationList;binary"); - CMSprops.setProperty( - "ca.publish.publisher.instance.LdapCrlPublisher.pluginName", - "LdapCrlPublisher"); - CMSprops.setProperty( - "ca.publish.publisher.instance.LdapUserCertPublisher.certAttr", - "userCertificate;binary"); - CMSprops.setProperty( - "ca.publish.publisher.instance.LdapUserCertPublisher.pluginName", - "LdapUserCertPublisher"); - } - - public void CreateOCSPPublisher(String OCSPHost, String OCSPPort, String OCSPEEPort) { - // Set host nmae with fully qualified hostname - String location = "http://" + OCSPHost + ":" + OCSPEEPort + "/ocsp"; - - CMSprops.setProperty("ca.crl.MasterCRL.alwaysUpdate", "true"); - CMSprops.setProperty( - "ca.publish.publisher.instance.CAOCSPPublisher.host", OCSPHost); - CMSprops.setProperty( - "ca.publish.publisher.instance.CAOCSPPublisher.path", - "/ocsp/addCRL"); - CMSprops.setProperty( - "ca.publish.publisher.instance.CAOCSPPublisher.pluginName", - "OCSPPublisher"); - CMSprops.setProperty( - "ca.publish.publisher.instance.CAOCSPPublisher.port", OCSPPort); - CMSprops.setProperty( - "ca.publish.rule.instance.OCSPPublishingRule.enable", "true"); - CMSprops.setProperty( - "ca.publish.rule.instance.OCSPPublishingRule.mapper", ""); - CMSprops.setProperty( - "ca.publish.rule.instance.OCSPPublishingRule.pluginName", "Rule"); - CMSprops.setProperty( - "ca.publish.rule.instance.OCSPPublishingRule.predicate", ""); - CMSprops.setProperty( - "ca.publish.rule.instance.OCSPPublishingRule.publisher", - "CAOCSPPublisher"); - CMSprops.setProperty("ca.publish.rule.instance.OCSPPublishingRule.type", - "crl"); - CMSprops.setProperty("ca.Policy.rule.AuthInfoAccessExt.ad0_location", - location); - CMSprops.setProperty( - "ca.Policy.rule.AuthInfoAccessExt.ad0_location_type", "URL"); - CMSprops.setProperty("ca.Policy.rule.AuthInfoAccessExt.ad0_method", - "ocsp"); - CMSprops.setProperty("ca.Policy.rule.AuthInfoAccessExt.critical", - "false"); - CMSprops.setProperty("ca.Policy.rule.AuthInfoAccessExt.enable", "true"); - CMSprops.setProperty("ca.Policy.rule.AuthInfoAccessExt.implName", - "AuthInfoAccessExt"); - CMSprops.setProperty("ca.Policy.rule.AuthInfoAccessExt.numADs", "1"); - CMSprops.setProperty("ca.Policy.rule.AuthInfoAccessExt.predicate", - "HTTP_PARAMS.certType == client"); - - } - - public void EnableOCSPLDAPStore(String certInstanceID) { - String certNickName = "ocspSigningCert cert-" + certInstanceID; - - CMSprops.setProperty("ocsp.storeId", "ldapStore"); - CMSprops.setProperty("ocsp.store.defStore.byName", "true"); - CMSprops.setProperty("ocsp.store.defStore.class", - "com.netscape.cms.ocsp.DefStore"); - CMSprops.setProperty("ocsp.store.defStore.includeNextUpdate", "true"); - CMSprops.setProperty("ocsp.store.defStore.notFoundAsGood", "true"); - CMSprops.setProperty("ocsp.store.ldapStore.baseDN0", ldapBaseSuffix); - CMSprops.setProperty("ocsp.store.ldapStore.byName", "true"); - CMSprops.setProperty("ocsp.store.ldapStore.caCertAttr", - "cACertificate;binary"); - CMSprops.setProperty("ocsp.store.ldapStore.class", - "com.netscape.cms.ocsp.LDAPStore"); - CMSprops.setProperty("ocsp.store.ldapStore.crlAttr", - "certificateRevocationList;binary"); - CMSprops.setProperty("ocsp.store.ldapStore.host0", ldapHost); - CMSprops.setProperty("ocsp.store.ldapStore.includeNextUpdate", "true"); - CMSprops.setProperty("ocsp.store.ldapStore.notFoundAsGood", "true"); - CMSprops.setProperty("ocsp.store.ldapStore.numConns", "1"); - CMSprops.setProperty("ocsp.store.ldapStore.port0", ldapPort); - CMSprops.setProperty("ocsp.store.ldapStore.refreshInSec0", "864"); - CMSprops.setProperty("ocsp.signing.certnickname", certNickName); - CMSprops.setProperty("ocsp.signing.defaultSigningAlgorithm", - "MD5withRSA"); - CMSprops.setProperty("ocsp.signing.tokenname", "internal"); - - } - - public void SetupKRAConnectorInCA(String certInstanceID, String KRAHost, String KRAPort) { - String certNickName = "Server-Cert " + certInstanceID; - - CMSprops.setProperty("ca.connector.KRA.enable", "true"); - CMSprops.setProperty("ca.connector.KRA.host", KRAHost); - CMSprops.setProperty("ca.connector.KRA.local", "false"); - CMSprops.setProperty("ca.connector.KRA.nickName", certNickName); - CMSprops.setProperty("ca.connector.KRA.port", KRAPort); - CMSprops.setProperty("ca.connector.KRA.timeout", "30"); - CMSprops.setProperty("ca.connector.KRA.uri", "/kra/connector"); - - } - - public void DisableCardCryptoValidationinTKS() { - CMSprops.setProperty("cardcryptogram.validate.enable", "false"); - } - - // Policies - public void DefaultValidityRule(String SubsystemType, String lagtime, String leadtime, String maxValidity) { - if (SubsystemType.equals("ca")) { - CMSprops.setProperty("ca.Policy.rule.DefaultValidityRule.enable", - "true"); - CMSprops.setProperty("ca.Policy.rule.DefaultValidityRule.implName", - "ValidityConstraints"); - CMSprops.setProperty("ca.Policy.rule.DefaultValidityRule.lagTime", - lagtime); - CMSprops.setProperty("ca.Policy.rule.DefaultValidityRule.leadTime", - leadtime); - CMSprops.setProperty( - "ca.Policy.rule.DefaultValidityRule.maxValidity", - maxValidity); - CMSprops.setProperty( - "ca.Policy.rule.DefaultValidityRule.minValidity", "1"); - CMSprops.setProperty( - "ca.Policy.rule.DefaultValidityRule.notBeforeSkew", "5"); - CMSprops.setProperty("ca.Policy.rule.DefaultValidityRule.predicate", - null); - } else { - - CMSprops.setProperty("ra.Policy.rule.DefaultValidityRule.enable", - "true"); - CMSprops.setProperty("ra.Policy.rule.DefaultValidityRule.implName", - "ValidityConstraints"); - CMSprops.setProperty("ra.Policy.rule.DefaultValidityRule.lagTime", - lagtime); - CMSprops.setProperty("ra.Policy.rule.DefaultValidityRule.leadTime", - leadtime); - CMSprops.setProperty( - "ra.Policy.rule.DefaultValidityRule.maxValidity", - maxValidity); - CMSprops.setProperty( - "ra.Policy.rule.DefaultValidityRule.minValidity", "1"); - CMSprops.setProperty( - "ra.Policy.rule.DefaultValidityRule.notBeforeSkew", "5"); - CMSprops.setProperty("ra.Policy.rule.DefaultValidityRule.predicate", - null); - } - - } - - // Main Function - public static void main(String args[]) { - System.out.println(args.length); - - if (args.length < 1) { - System.out.println("Usage : ConfigFilePath"); - System.exit(-1); - } - - CMSConfig s = new CMSConfig(args[0]); - - // boolean secureC = false; - // s.EnableDirEnrollment(secureC); - s.saveCMSConfig(); - - }// end of function main - -} // end of class - diff --git a/base/silent/src/com/netscape/pkisilent/common/CMSLDAP.java b/base/silent/src/com/netscape/pkisilent/common/CMSLDAP.java deleted file mode 100644 index 80613525d..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/CMSLDAP.java +++ /dev/null @@ -1,608 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -import java.io.ByteArrayInputStream; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; - -import netscape.ldap.LDAPAttribute; -import netscape.ldap.LDAPAttributeSet; -import netscape.ldap.LDAPConnection; -import netscape.ldap.LDAPEntry; -import netscape.ldap.LDAPException; -import netscape.ldap.LDAPModification; -import netscape.ldap.LDAPModificationSet; -import netscape.ldap.LDAPSearchResults; -import netscape.ldap.LDAPv2; - -/** - * CMS Test framework . - * Using this class you can add a user and user certificate to LDAP server. - * You can also check if a certificate / CRL is published in LDAP server - * USe this class to turn of SSL and turn on SSL in a LDAP server. - */ - -public class CMSLDAP { - - private String HOST, DN, PASSWORD; - private int PORT; - - private LDAPConnection conn = new LDAPConnection(); - - public CMSLDAP() { - } - - /** - * Constructor. Takes parametes ldaphost, ldapport - */ - public CMSLDAP(String h, String p) { - HOST = h; - PORT = Integer.parseInt(p); - } - - /** - * Cosntructor. Takes parameters ldaphost,ldapport,ldapbinddn, ldapbindnpassword. - */ - public CMSLDAP(String h, String p, String dn, String pwd) { - HOST = h; - PORT = Integer.parseInt(p); - DN = dn; - PASSWORD = pwd; - } - - /** - * Connect to ldap server - */ - - public boolean connect() { - try { - conn.connect(HOST, PORT, DN, PASSWORD); - return true; - } catch (Exception e) { - System.out.println("ERROR: " + e.toString()); - return false; - } - } - - /** - * Disconnect form ldap server - */ - - public void disconnect() { - - if ((conn != null) && conn.isConnected()) { - try { - conn.disconnect(); - } catch (Exception e) { - System.out.println("ERROR: " + e.toString()); - } - - } - - } - - /** - * Search for certificaterevocationList attribute. Takes basedn and filter as parameters - */ - - public boolean searchCRL(String basedn, String filter) throws LDAPException { - int searchScope = LDAPv2.SCOPE_SUB; - String getAttrs[] = { "certificateRevocationList;binary" }; - LDAPSearchResults results = conn.search(basedn, searchScope, filter, - getAttrs, false); - - if (results == null) { - System.out.println("Could not search"); - return false; - } - while (results.hasMoreElements()) { - LDAPEntry entry = (LDAPEntry) results.nextElement(); - - System.out.println(entry.getDN()); - LDAPAttribute anAttr = entry.getAttribute( - "certificateRevocationList;binary"); - - if (anAttr == null) { - System.out.println("Attribute not found "); - return false; - } else { - System.out.println(anAttr.getName()); - System.out.println(anAttr.getByteValueArray()); - return true; - } - } - return true; - } - - /** - * Search for attriburte usercertificate. Takes parameters basedn and filter - */ - - public boolean searchUserCert(String basedn, String filter) throws LDAPException { - int searchScope = LDAPv2.SCOPE_SUB; - String getAttrs[] = { "usercertificate;binary" }; - LDAPSearchResults results = conn.search(basedn, searchScope, filter, - getAttrs, false); - - if (results == null) { - System.out.println("Could not search"); - return false; - } - while (results.hasMoreElements()) { - LDAPEntry entry = (LDAPEntry) results.nextElement(); - - System.out.println(entry.getDN()); - LDAPAttribute anAttr = entry.getAttribute("usercertificate;binary"); - - if (anAttr == null) { - System.out.println("Attribute not found "); - return false; - } else { - System.out.println(anAttr.getName()); - System.out.println(anAttr.getByteValueArray()); - return true; - } - } - return true; - } - - /** - * Adds a user to direcrtory server . Takes parameters basedn, cn,sn,uid and passwd - */ - - public boolean userAdd(String basedn, String cn, String sn, String uid, String pwd) { - try { - LDAPAttributeSet attrSet = new LDAPAttributeSet(); - - attrSet.add( - new LDAPAttribute("objectclass", - new String[] { - "top", "person", "organizationalPerson", - "inetorgperson" })); - attrSet.add(new LDAPAttribute("cn", cn)); - attrSet.add(new LDAPAttribute("mail", uid + "@netscape.com")); - attrSet.add(new LDAPAttribute("userpassword", pwd)); - attrSet.add(new LDAPAttribute("sn", sn)); - attrSet.add(new LDAPAttribute("givenName", cn + sn)); - String name = "uid=" + uid + "," + basedn; - - System.out.println("Basedn " + name); - LDAPEntry entry = new LDAPEntry(name, attrSet); - - conn.add(entry); - System.out.println("ADDED: " + name); - return true; - } catch (Exception e) { - System.out.println("ERROR: " + e.toString()); - return false; - } - - } - - private X509Certificate getXCertificate(byte[] cpack) throws Exception { - - try { - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - ByteArrayInputStream s = new ByteArrayInputStream(cpack); - - System.out.println("Building certificate :" + cpack); - java.security.cert.X509Certificate the_cert = ( - java.security.cert.X509Certificate) cf.generateCertificate(s); - - return the_cert; - } catch (Exception e) { - System.out.println("ERROR: getXCertificate " + e.toString()); - throw e; - } - - } - - private String buildDNString(String s) { - StringBuffer val = new StringBuffer(); - - for (int i = 0; i < s.length(); i++) { - if ((s.charAt(i) == ',') && (s.charAt(i + 1) == ' ')) { - val.append(','); - i++; - continue; - } else { - val.append(s.charAt(i)); - } - } - return val.toString(); - } - - /** - * Returns the SerialNumber;issuerDN;SubjectDN string. - * Takes certificate as parameter - */ - - public String getCertificateString(X509Certificate cert) { - if (cert == null) { - return null; - } - String idn = ((cert.getIssuerDN()).toString()).trim(); - - idn = buildDNString(idn); - String sdn = ((cert.getSubjectDN()).toString()).trim(); - - sdn = buildDNString(sdn); - - System.out.println("GetCertificateString : " + idn + ";" + sdn); - - // note that it did not represent a certificate fully - // return cert.getVersion() + ";" + cert.getSerialNumber().toString() + - // ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); - return "2;" + cert.getSerialNumber().toString() + ";" + idn + ";" + sdn; - - } - - /** - * Adds a user of objectclass cmsuser . Takes cn,sn,uid,password,certificate as parameters. - */ - public boolean CMSuserAdd(String cn, String sn, String uid, String pwd, byte[] certpack) { - try { - X509Certificate cert = getXCertificate(certpack); - - LDAPAttributeSet attrSet = new LDAPAttributeSet(); - - attrSet.add( - new LDAPAttribute("objectclass", - new String[] { - "top", "person", "organizationalPerson", - "inetorgperson", "cmsuser" })); - attrSet.add(new LDAPAttribute("cn", cn)); - attrSet.add(new LDAPAttribute("mail", uid + "@netscape.com")); - attrSet.add(new LDAPAttribute("userpassword", pwd)); - attrSet.add(new LDAPAttribute("sn", sn)); - attrSet.add(new LDAPAttribute("givenName", cn + sn)); - attrSet.add(new LDAPAttribute("usertype", "sub")); - attrSet.add(new LDAPAttribute("userstate", "1")); - - attrSet.add( - new LDAPAttribute("description", getCertificateString(cert))); - LDAPAttribute attrCertBin = new LDAPAttribute("usercertificate"); - - attrCertBin.addValue(cert.getEncoded()); - attrSet.add(attrCertBin); - - String name = "uid=" + uid + "," - + "ou=People,o=netscapecertificateServer"; - LDAPEntry entry = new LDAPEntry(name, attrSet); - - conn.add(entry); - System.out.println("ADDED: " + name); - return true; - } catch (Exception e) { - System.out.println("ERROR: " + e.toString()); - return false; - } - - } - - /** - * Adds a user of objectclass cmsuser . Takes cn,sn,uid,password,certificate as parameters. - */ - - public boolean CMSuserAdd(String cn, String sn, String uid, String pwd, X509Certificate cert) { - - try { - LDAPAttributeSet attrSet = new LDAPAttributeSet(); - - attrSet.add( - new LDAPAttribute("objectclass", - new String[] { - "top", "person", "organizationalPerson", - "inetorgperson", "cmsuser" })); - attrSet.add(new LDAPAttribute("cn", cn)); - attrSet.add(new LDAPAttribute("mail", uid + "@netscape.com")); - attrSet.add(new LDAPAttribute("userpassword", pwd)); - attrSet.add(new LDAPAttribute("sn", sn)); - attrSet.add(new LDAPAttribute("givenName", cn + sn)); - attrSet.add(new LDAPAttribute("usertype", "sub")); - attrSet.add(new LDAPAttribute("userstate", "1")); - - attrSet.add( - new LDAPAttribute("description", getCertificateString(cert))); - - LDAPAttribute attrCertBin = new LDAPAttribute("usercertificate"); - - attrCertBin.addValue(cert.getEncoded()); - attrSet.add(attrCertBin); - - String name = "uid=" + uid + "," - + "ou=People,o=netscapecertificateServer"; - LDAPEntry entry = new LDAPEntry(name, attrSet); - - conn.add(entry); - System.out.println("ADDED: " + name); - } catch (Exception e) { - System.out.println("ERROR: " + e.toString()); - return false; - } - - return true; - } - - /** - * adds a cms user to Trusted Manager Group. Takes uid as parameter. - */ - - public boolean addCMSUserToTMGroup(String uid) { - try { - LDAPAttributeSet attrSet = new LDAPAttributeSet(); - LDAPAttribute um = new LDAPAttribute("uniquemember", - "uid=" + uid + ",ou=People,o=NetscapeCertificateServer"); - - attrSet.add(um); - LDAPModification gr = new LDAPModification(LDAPModification.ADD, um); - - String dn = "cn=Trusted Managers,ou=groups,o=netscapeCertificateServer"; - - conn.modify(dn, gr); - return true; - - } catch (Exception e) { - System.out.println("ERROR: " + e.toString()); - return false; - } - - } - - /** - * adds a cms user to Agent Group. Takes subsytem (ca/ra/ocsp/kra) and uid as parameters . - */ - - public boolean addCMSUserToAgentGroup(String subsystem, String uid) { - try { - String dn = null; - - if (subsystem.equals("ocsp")) { - dn = "cn=Online Certificate Status Manager Agents,ou=groups,o=netscapeCertificateServer"; - } - if (subsystem.equals("kra")) { - dn = "cn=Data Recovery Manager Agents,ou=groups,o=netscapeCertificateServer"; - } - if (subsystem.equals("ra")) { - dn = "cn=Registration Manager Agents,ou=groups,o=netscapeCertificateServer"; - } - if (subsystem.equals("ca")) { - dn = "cn=Certificate Manager Agents,ou=groups,o=netscapeCertificateServer"; - } - if (subsystem.equals("tks")) { - dn = "cn=Token Key Service Manager Agents,ou=groups,o=netscapeCertificateServer"; - } - - LDAPAttributeSet attrSet = new LDAPAttributeSet(); - LDAPAttribute um = new LDAPAttribute("uniquemember", - "uid=" + uid + ",ou=People,o=NetscapeCertificateServer"); - - System.out.println( - "uid=" + uid + ",ou=People,o=NetscapeCertificateServer"); - - attrSet.add(um); - LDAPModification gr = new LDAPModification(LDAPModification.ADD, um); - - conn.modify(dn, gr); - - return true; - - } catch (Exception e) { - System.out.println("ERROR: " + e.toString()); - return false; - } - - } - - /** - * Will trun of SSL in LDAP server - **/ - - public boolean TurnOffSSL() { - try { - - LDAPModificationSet mods = new LDAPModificationSet(); - LDAPAttribute ssl3 = new LDAPAttribute("nsssl3", "off"); - LDAPAttribute ssl3ciphers = new LDAPAttribute("nsssl3ciphers", ""); - LDAPAttribute kfile = new LDAPAttribute("nskeyfile", "alias/"); - LDAPAttribute cfile = new LDAPAttribute("nscertfile", "alias/"); - LDAPAttribute cauth = new LDAPAttribute("nssslclientauth", "allowed"); - - // conn.delete("cn=RSA,cn=encryption,cn=config"); - - mods.add(LDAPModification.REPLACE, ssl3); - mods.add(LDAPModification.DELETE, ssl3ciphers); - mods.add(LDAPModification.DELETE, kfile); - mods.add(LDAPModification.DELETE, cfile); - mods.add(LDAPModification.DELETE, cauth); - System.out.println("going to mod"); - // conn.modify("cn=encryption,cn=config",mods); - System.out.println("mod en=encryption"); - int i = 4; - - while (i >= 0) { - mods.removeElementAt(i); - i--; - } - - LDAPAttribute sec = new LDAPAttribute("nsslapd-security", "off"); - - mods.add(LDAPModification.REPLACE, sec); - conn.modify("cn=config", mods); - System.out.println("mod cn=config"); - - return true; - - } catch (Exception e) { - System.out.println("ERROR: " + e.toString()); - return false; - } - - } - - /** - * Will Turn ON SSL in LDAP server . Takes certPrefix, certificatenickanme and sslport as parameters. - **/ - - public boolean TurnOnSSL(String certPrefix, String certName, String sslport) { - String CIPHERS = - "-rsa_null_md5,+rsa_fips_3des_sha,+rsa_fips_des_sha,+rsa_3des_sha,+rsa_rc4_128_md5,+rsa_des_sha,+rsa_rc2_40_md5,+rsa_rc4_40_md5"; - - try { - int searchScope = LDAPv2.SCOPE_SUB; - String getAttrs[] = { "nssslactivation" }; - - LDAPModificationSet mods = new LDAPModificationSet(); - LDAPAttribute sec = new LDAPAttribute("nsslapd-security", "on"); - LDAPAttribute sp = new LDAPAttribute("nsslapd-securePort", sslport); - - mods.add(LDAPModification.REPLACE, sec); - mods.add(LDAPModification.REPLACE, sp); - conn.modify("cn=config", mods); - mods.removeElementAt(1); - mods.removeElementAt(0); - - LDAPAttribute ssl3 = new LDAPAttribute("nsssl3", "on"); - LDAPAttribute ssl3ciphers = new LDAPAttribute("nsssl3ciphers", - CIPHERS); - LDAPAttribute kfile = new LDAPAttribute("nskeyfile", - "alias/" + certPrefix + "-key3.db"); - LDAPAttribute cfile = new LDAPAttribute("nscertfile", - "alias/" + certPrefix + "-cert7.db"); - LDAPAttribute cauth = new LDAPAttribute("nssslclientauth", "allowed"); - - mods.add(LDAPModification.REPLACE, ssl3); - mods.add(LDAPModification.REPLACE, ssl3ciphers); - mods.add(LDAPModification.REPLACE, kfile); - mods.add(LDAPModification.REPLACE, cfile); - mods.add(LDAPModification.REPLACE, cauth); - - conn.modify("cn=encryption,cn=config", mods); - int i = 4; - - while (i >= 0) { - mods.removeElementAt(i); - i--; - } - - // conn.delete("cn=RSA,cn=encryption,cn=config"); - try { - conn.search( - "cn=RSA,cn=encryption,cn=config", searchScope, null, - getAttrs, false); // check for errors - - LDAPAttribute cn = new LDAPAttribute("cn", "RSA"); - LDAPAttribute ssltoken = new LDAPAttribute("nsssltoken", - "internal (software)"); - LDAPAttribute activation = new LDAPAttribute("nssslactivation", - "on"); - LDAPAttribute cname = new LDAPAttribute("nssslpersonalityssl", - certName); - - mods.add(LDAPModification.REPLACE, cn); - mods.add(LDAPModification.REPLACE, ssltoken); - mods.add(LDAPModification.REPLACE, activation); - mods.add(LDAPModification.REPLACE, cname); - - conn.modify("cn=RSA,cn=encryption,cn=config", mods); - - } catch (Exception e1) { - LDAPAttributeSet attrSet = new LDAPAttributeSet(); - - attrSet.add( - new LDAPAttribute("objectclass", - new String[] { "top", "nsEncryptionModule" })); - attrSet.add(new LDAPAttribute("cn", "RSA")); - attrSet.add( - new LDAPAttribute("nsssltoken", "internal (software)")); - attrSet.add(new LDAPAttribute("nssslactivation", "on")); - attrSet.add(new LDAPAttribute("nssslpersonalityssl", certName)); - LDAPEntry entry = new LDAPEntry("cn=RSA,cn=encryption,cn=config", - attrSet); - - conn.add(entry); - } - - return true; - - } catch (Exception e) { - System.out.println("ERROR: " + e.toString()); - return false; - } - - } - - public static void main(String args[]) { - String HOST = args[0]; - // int PORT = Integer.parseInt(args[1]); - String PORT = args[1]; - String DN = args[2]; - String PASSWORD = args[3]; - String BASEDN = args[4]; - - /*String s = - "MIICFzCCAYCgAwIBAgIBBjANBgkqhkiG9w0BAQQFADBDMRswGQYDVQQKExJhY2NlcHRhY25ldGVz\ndDEwMjQxFzAVBgNVBAsTDmFjY2VwdGFuY2V0ZXN0MQswCQYDVQQDEwJjYTAeFw0wMzA0MTEyMTUx\nMzZaFw0wNDA0MTAwOTQ2NTVaMFwxCzAJBgNVBAYTAlVTMQwwCgYDVQQKEwNTU0wxHTAbBgNVBAsT\nFHNzbHRlc3QxMDUwMDk3ODkzNzQ1MSAwHgYDVQQDExdqdXBpdGVyMi5uc2NwLmFvbHR3Lm5ldDBc\nMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDCsCTIIQ+bJMfPHi6kwa7HF+/xSTVHcpZ5zsodXsNWjPlD\noRu/5KAO8NotfwGnYmALWdYnqXCF0q0gkaJQalQTAgMBAAGjRjBEMA4GA1UdDwEB/wQEAwIFoDAR\nBglghkgBhvhCAQEEBAMCBkAwHwYDVR0jBBgwFoAUzxZkSySZT/Y3SxGMEiNyHnLUOPAwDQYJKoZI\nhvcNAQEEBQADgYEALtpqMOtZt6j5KlghDFgdg/dvf36nWiZwC1ap6+ka22shLkA/RjmOix97btzT\nQ+8LcmdkAW5iap4YbtrCu0wdN6IbIEXoQI1QGZBoKO2o02utssXANmTnRCyH/GX2KefQlp1NSRj9\nZNZ+GRT2Qk/8G5Ds9vVjm1I5+/AkzI9jS14="; - - s = "-----BEGIN CERTIFICATE-----" + "\n" + s + "\n" - + "-----END CERTIFICATE-----\n";*/ - - try { - - System.out.println(HOST + PORT + DN + PASSWORD + BASEDN); - CMSLDAP caIdb = new CMSLDAP(HOST, PORT, DN, PASSWORD); - - /* FileInputStream fis = new FileInputStream("t1"); - DataInputStream dis = new DataInputStream(fis); - - byte[] bytes = new byte[dis.available()]; - dis.readFully(bytes); - - // bytes=s.getBytes(); - */ - - if (!caIdb.connect()) { - System.out.println("Could not connect to CA internal DB port"); - } - - if (!caIdb.searchCRL("o=mcom.com", "uid=CManager")) { - System.out.println("CRL is not published"); - } - - // if(!caIdb.searchUserCert("o=mcom.com","uid=test")) - // System.out.println("USer cert is not published"); - - // if (!caIdb.CMSuserAdd("ra-trust" ,"ra-trust","ra-trust","netscape",bytes)) - // {System.out.println("Trusted MAnager user Could not be add ");} - - // if(!caIdb.addCMSUserToTMGroup("ra-trust")) - // {System.out.println("CMS user Could not be added to Trusted manager group "); } - - // if(!caIdb.addCMSUserToAgentGroup("ra","ra-agent")) - // {System.out.println("CMS user Could not be added to Trusted manager group "); } - /* if(!caIdb.userAdd(BASEDN,"raeetest1","raeetest1","raeetest1","netscape")) - {System.out.println("CMS user Could not be added to Trusted manager group "); } - */ - - } catch (Exception e) { - System.out.println("ERROR: " + e.toString()); - } - - } -} diff --git a/base/silent/src/com/netscape/pkisilent/common/CMSProperties.java b/base/silent/src/com/netscape/pkisilent/common/CMSProperties.java deleted file mode 100644 index 5cf513417..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/CMSProperties.java +++ /dev/null @@ -1,703 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -/* - * @(#)Properties.java 1.60 00/02/02 - * - * Copyright 1995-2000 Sun Microsystems, Inc. All Rights Reserved. - * - * This software is the proprietary information of Sun Microsystems, Inc. - * Use is subject to license terms. - * - */ - -import java.io.BufferedReader; -import java.io.BufferedWriter; -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.io.OutputStream; -import java.io.OutputStreamWriter; -import java.io.PrintStream; -import java.io.PrintWriter; -import java.util.Date; -import java.util.Enumeration; -import java.util.Hashtable; - -/** - * The <code>Properties</code> class represents a persistent set of - * properties. The <code>Properties</code> can be saved to a stream - * or loaded from a stream. Each key and its corresponding value in - * the property list is a string. - * <p> - * A property list can contain another property list as its "defaults"; this second property list is searched if the - * property key is not found in the original property list. - * <p> - * Because <code>Properties</code> inherits from <code>Hashtable</code>, the <code>put</code> and <code>putAll</code> - * methods can be applied to a <code>Properties</code> object. Their use is strongly discouraged as they allow the - * caller to insert entries whose keys or values are not <code>Strings</code>. The <code>setProperty</code> method - * should be used instead. If the <code>store</code> or <code>save</code> method is called on a "compromised" - * <code>Properties</code> object that contains a non- <code>String</code> key or value, the call will fail. - * <p> - * <a name="encoding"></a> When saving properties to a stream or loading them from a stream, the ISO 8859-1 character - * encoding is used. For characters that cannot be directly represented in this encoding, <a - * href="http://java.sun.com/docs/books/jls/html/3.doc.html#100850">Unicode escapes</a> are used; however, only a single - * 'u' character is allowed in an escape sequence. The native2ascii tool can be used to convert property files to and - * from other character encodings. - * - * @see <a href="../../../tooldocs/solaris/native2ascii.html">native2ascii tool for Solaris</a> - * @see <a href="../../../tooldocs/win32/native2ascii.html">native2ascii tool for Windows</a> - * - * @author Arthur van Hoff - * @author Michael McCloskey - * @version 1.60, 02/02/00 - * @since JDK1.0 - */ - -class CMSProperties extends Hashtable<String, String> { - - /** - * use serialVersionUID from JDK 1.1.X for interoperability - */ - private static final long serialVersionUID = 4112578634029874840L; - - /** - * A property list that contains default values for any keys not - * found in this property list. - * - * @serial - */ - protected CMSProperties defaults; - - /** - * Creates an empty property list with no default values. - */ - public CMSProperties() { - this(null); - } - - /** - * Creates an empty property list with the specified defaults. - * - * @param defaults the defaults. - */ - public CMSProperties(CMSProperties defaults) { - this.defaults = defaults; - } - - /** - * Calls the hashtable method <code>put</code>. Provided for - * parallelism with the <tt>getProperty</tt> method. Enforces use of - * strings for property keys and values. - * - * @param key the key to be placed into this property list. - * @param value the value corresponding to <tt>key</tt>. - * @see #getProperty - * @since 1.2 - */ - public synchronized Object setProperty(String key, String value) { - return put(key, value); - } - - private static final String keyValueSeparators = "=: \t\r\n\f"; - - private static final String strictKeyValueSeparators = "=:"; - - private static final String specialSaveChars = " \t\r\n\f"; - - private static final String whiteSpaceChars = " \t\r\n\f"; - - /** - * Reads a property list (key and element pairs) from the input stream. - * The stream is assumed to be using the ISO 8859-1 character encoding. - * <p> - * Every property occupies one line of the input stream. Each line is terminated by a line terminator ( - * <code>\n</code> or <code>\r</code> or <code>\r\n</code>). Lines from the input stream are processed until end of - * file is reached on the input stream. - * <p> - * A line that contains only whitespace or whose first non-whitespace character is an ASCII <code>#</code> or - * <code>!</code> is ignored (thus, <code>#</code> or <code>!</code> indicate comment lines). - * <p> - * Every line other than a blank line or a comment line describes one property to be added to the table (except that - * if a line ends with \, then the following line, if it exists, is treated as a continuation line, as described - * below). The key consists of all the characters in the line starting with the first non-whitespace character and - * up to, but not including, the first ASCII <code>=</code>, <code>:</code>, or whitespace character. All of the key - * termination characters may be included in the key by preceding them with a \. Any whitespace after the key is - * skipped; if the first non-whitespace character after the key is <code>=</code> or <code>:</code>, then it is - * ignored and any whitespace characters after it are also skipped. All remaining characters on the line become part - * of the associated element string. Within the element string, the ASCII escape sequences <code>\t</code>, - * <code>\n</code>, <code>\r</code>, <code>\\</code>, <code>\"</code>, <code>\'</code>, <code>\  </code>  (a - * backslash and a space), and <code>\u</code><i>xxxx</i> are recognized and converted to single characters. - * Moreover, if the last character on the line is <code>\</code>, then the next line is treated as a continuation of - * the current line; the <code>\</code> and line terminator are simply discarded, and any leading whitespace - * characters on the continuation line are also discarded and are not part of the element string. - * <p> - * As an example, each of the following four lines specifies the key <code>"Truth"</code> and the associated element - * value <code>"Beauty"</code>: - * <p> - * - * <pre> - * Truth = Beauty - * Truth:Beauty - * Truth :Beauty - * </pre> - * - * As another example, the following three lines specify a single property: - * <p> - * - * <pre> - * fruits apple, banana, pear, \ - * cantaloupe, watermelon, \ - * kiwi, mango - * </pre> - * - * The key is <code>"fruits"</code> and the associated element is: - * <p> - * - * <pre> - * "apple, banana, pear, cantaloupe, watermelon,kiwi, mango" - * </pre> - * - * Note that a space appears before each <code>\</code> so that a space will appear after each comma in the final - * result; the <code>\</code>, line terminator, and leading whitespace on the continuation line are merely discarded - * and are <i>not</i> replaced by one or more other characters. - * <p> - * As a third example, the line: - * <p> - * - * <pre> - * cheeses - * </pre> - * - * specifies that the key is <code>"cheeses"</code> and the associated element is the empty string. - * <p> - * - * @param inStream the input stream. - * @exception IOException if an error occurred when reading from the - * input stream. - */ - public synchronized void load(InputStream inStream) throws IOException { - - BufferedReader in = new BufferedReader( - new InputStreamReader(inStream, "8859_1")); - - while (true) { - // Get next line - String line = in.readLine(); - - if (line == null) { - return; - } - - if (line.length() > 0) { - // Continue lines that end in slashes if they are not comments - char firstChar = line.charAt(0); - - if ((firstChar != '#') && (firstChar != '!')) { - while (continueLine(line)) { - String nextLine = in.readLine(); - - if (nextLine == null) { - nextLine = ""; - } - String loppedLine = line.substring(0, line.length() - 1); - // Advance beyond whitespace on new line - int startIndex = 0; - - for (startIndex = 0; startIndex < nextLine.length(); startIndex++) { - if (whiteSpaceChars.indexOf( - nextLine.charAt(startIndex)) == -1) { - break; - } - } - nextLine = nextLine.substring(startIndex, - nextLine.length()); - line = loppedLine + nextLine; - } - - // Find start of key - int len = line.length(); - int keyStart; - - for (keyStart = 0; keyStart < len; keyStart++) { - if (whiteSpaceChars.indexOf(line.charAt(keyStart)) == -1) { - break; - } - } - - // Blank lines are ignored - if (keyStart == len) { - continue; - } - - // Find separation between key and value - int separatorIndex; - - for (separatorIndex = keyStart; separatorIndex < len; separatorIndex++) { - char currentChar = line.charAt(separatorIndex); - - if (currentChar == '\\') { - separatorIndex++; - } else if (keyValueSeparators.indexOf(currentChar) != -1) { - break; - } - } - - // Skip over whitespace after key if any - int valueIndex; - - for (valueIndex = separatorIndex; valueIndex < len; valueIndex++) { - if (whiteSpaceChars.indexOf(line.charAt(valueIndex)) == -1) { - break; - } - } - - // Skip over one non whitespace key value separators if any - if (valueIndex < len) { - if (strictKeyValueSeparators.indexOf( - line.charAt(valueIndex)) != -1) { - valueIndex++; - } - } - - // Skip over white space after other separators if any - while (valueIndex < len) { - if (whiteSpaceChars.indexOf(line.charAt(valueIndex)) == -1) { - break; - } - valueIndex++; - } - String key = line.substring(keyStart, separatorIndex); - String value = (separatorIndex < len) - ? line.substring(valueIndex, len) - : ""; - - // Convert then store key and value - key = loadConvert(key); - value = loadConvert(value); - put(key, value); - } - } - } - } - - /* - * Returns true if the given line is a line that must - * be appended to the next line - */ - private boolean continueLine(String line) { - int slashCount = 0; - int index = line.length() - 1; - - while ((index >= 0) && (line.charAt(index--) == '\\')) { - slashCount++; - } - return (slashCount % 2 == 1); - } - - /* - * Converts encoded \uxxxx to unicode chars - * and changes special saved chars to their original forms - */ - private String loadConvert(String theString) { - char aChar; - int len = theString.length(); - StringBuffer outBuffer = new StringBuffer(len); - - for (int x = 0; x < len;) { - aChar = theString.charAt(x++); - if (aChar == '\\') { - aChar = theString.charAt(x++); - if (aChar == 'u') { - // Read the xxxx - int value = 0; - - for (int i = 0; i < 4; i++) { - aChar = theString.charAt(x++); - switch (aChar) { - case '0': - case '1': - case '2': - case '3': - case '4': - case '5': - case '6': - case '7': - case '8': - case '9': - value = (value << 4) + aChar - '0'; - break; - - case 'a': - case 'b': - case 'c': - case 'd': - case 'e': - case 'f': - value = (value << 4) + 10 + aChar - 'a'; - break; - - case 'A': - case 'B': - case 'C': - case 'D': - case 'E': - case 'F': - value = (value << 4) + 10 + aChar - 'A'; - break; - - default: - throw new IllegalArgumentException( - "Malformed \\uxxxx encoding."); - } - } - outBuffer.append((char) value); - } else { - if (aChar == 't') { - aChar = '\t'; - } else if (aChar == 'r') { - aChar = '\r'; - } else if (aChar == 'n') { - aChar = '\n'; - } else if (aChar == 'f') { - aChar = '\f'; - } - outBuffer.append(aChar); - } - } else { - outBuffer.append(aChar); - } - } - return outBuffer.toString(); - } - - /* - * Converts unicodes to encoded \uxxxx - * and writes out any of the characters in specialSaveChars - * with a preceding slash - */ - private String saveConvert(String theString, boolean escapeSpace) { - int len = theString.length(); - StringBuffer outBuffer = new StringBuffer(len * 2); - - for (int x = 0; x < len; x++) { - char aChar = theString.charAt(x); - - switch (aChar) { - case ' ': - if (x == 0 || escapeSpace) { - outBuffer.append('\\'); - } - - outBuffer.append(' '); - break; - - case '\\': - outBuffer.append('\\'); - outBuffer.append('\\'); - break; - - case '\t': - outBuffer.append('\\'); - outBuffer.append('t'); - break; - - case '\n': - outBuffer.append('\\'); - outBuffer.append('n'); - break; - - case '\r': - outBuffer.append('\\'); - outBuffer.append('r'); - break; - - case '\f': - outBuffer.append('\\'); - outBuffer.append('f'); - break; - - default: - if ((aChar < 0x0020) || (aChar > 0x007e)) { - outBuffer.append('\\'); - outBuffer.append('u'); - outBuffer.append(toHex((aChar >> 12) & 0xF)); - outBuffer.append(toHex((aChar >> 8) & 0xF)); - outBuffer.append(toHex((aChar >> 4) & 0xF)); - outBuffer.append(toHex(aChar & 0xF)); - } else { - if (specialSaveChars.indexOf(aChar) != -1) { - outBuffer.append('\\'); - } - outBuffer.append(aChar); - } - } - } - return outBuffer.toString(); - } - - /** - * Calls the <code>store(OutputStream out, String header)</code> method - * and suppresses IOExceptions that were thrown. - * - * @deprecated This method does not throw an IOException if an I/O error - * occurs while saving the property list. As of the Java 2 platform v1.2, the preferred - * way to save a properties list is via the <code>store(OutputStream out, - * String header)</code> method. - * - * @param out an output stream. - * @param header a description of the property list. - * @exception ClassCastException if this <code>Properties</code> object - * contains any keys or values that are not <code>Strings</code>. - */ - public synchronized void save(OutputStream out, String header) { - try { - store(out, header); - } catch (IOException e) { - } - } - - /** - * Writes this property list (key and element pairs) in this <code>Properties</code> table to the output stream in a - * format suitable - * for loading into a <code>Properties</code> table using the <code>load</code> method. - * The stream is written using the ISO 8859-1 character encoding. - * <p> - * Properties from the defaults table of this <code>Properties</code> table (if any) are <i>not</i> written out by - * this method. - * <p> - * If the header argument is not null, then an ASCII <code>#</code> character, the header string, and a line - * separator are first written to the output stream. Thus, the <code>header</code> can serve as an identifying - * comment. - * <p> - * Next, a comment line is always written, consisting of an ASCII <code>#</code> character, the current date and - * time (as if produced by the <code>toString</code> method of <code>Date</code> for the current time), and a line - * separator as generated by the Writer. - * <p> - * Then every entry in this <code>Properties</code> table is written out, one per line. For each entry the key - * string is written, then an ASCII <code>=</code>, then the associated element string. Each character of the - * element string is examined to see whether it should be rendered as an escape sequence. The ASCII characters - * <code>\</code>, tab, newline, and carriage return are written as <code>\\</code>, <code>\t</code>, - * <code>\n</code>, and <code>\r</code>, respectively. Characters less than <code>\u0020</code> and characters - * greater than <code>\u007E</code> are written as <code>\u</code><i>xxxx</i> for the appropriate - * hexadecimal value <i>xxxx</i>. Leading space characters, but not embedded or trailing space characters, are - * written with a preceding <code>\</code>. The key and value characters <code>#</code>, <code>!</code>, - * <code>=</code>, and <code>:</code> are written with a preceding slash to ensure that they are properly loaded. - * <p> - * After the entries have been written, the output stream is flushed. The output stream remains open after this - * method returns. - * - * @param out an output stream. - * @param header a description of the property list. - * @exception IOException if writing this property list to the specified - * output stream throws an <tt>IOException</tt>. - * @exception ClassCastException if this <code>Properties</code> object - * contains any keys or values that are not <code>Strings</code>. - */ - public synchronized void store(OutputStream out, String header) - throws IOException { - BufferedWriter awriter; - - awriter = new BufferedWriter(new OutputStreamWriter(out, "8859_1")); - if (header != null) { - writeln(awriter, "#" + header); - } - writeln(awriter, "#" + new Date().toString()); - for (Enumeration<String> e = keys(); e.hasMoreElements();) { - String key = e.nextElement(); - String val = get(key); - - key = saveConvert(key, true); - - /* No need to escape embedded and trailing spaces for value, hence - * pass false to flag. - */ - val = saveConvert(val, false); - writeln(awriter, key + "=" + val); - } - awriter.flush(); - } - - private static void writeln(BufferedWriter bw, String s) throws IOException { - bw.write(s); - bw.newLine(); - } - - /** - * Searches for the property with the specified key in this property list. - * If the key is not found in this property list, the default property list, - * and its defaults, recursively, are then checked. The method returns <code>null</code> if the property is not - * found. - * - * @param key the property key. - * @return the value in this property list with the specified key value. - * @see #setProperty - * @see #defaults - */ - public String getProperty(String key) { - String oval = super.get(key); - - return ((oval == null) && (defaults != null)) - ? defaults.getProperty(key) - : oval; - } - - /** - * Searches for the property with the specified key in this property list. - * If the key is not found in this property list, the default property list, - * and its defaults, recursively, are then checked. The method returns the - * default value argument if the property is not found. - * - * @param key the hashtable key. - * @param defaultValue a default value. - * - * @return the value in this property list with the specified key value. - * @see #setProperty - * @see #defaults - */ - public String getProperty(String key, String defaultValue) { - String val = getProperty(key); - - return (val == null) ? defaultValue : val; - } - - /** - * Returns an enumeration of all the keys in this property list, including - * the keys in the default property list. - * - * @return an enumeration of all the keys in this property list, including - * the keys in the default property list. - * @see java.util.Enumeration - * @see java.util.Properties#defaults - */ - public Enumeration<String> propertyNames() { - Hashtable<String, String> h = new Hashtable<String, String>(); - - enumerate(h); - return h.keys(); - } - - /** - * Prints this property list out to the specified output stream. - * This method is useful for debugging. - * - * @param out an output stream. - */ - public void list(PrintStream out) { - out.println("-- listing properties --"); - Hashtable<String, String> h = new Hashtable<String, String>(); - - enumerate(h); - for (Enumeration<String> e = h.keys(); e.hasMoreElements();) { - String key = e.nextElement(); - String val = h.get(key); - - if (val.length() > 40) { - val = val.substring(0, 37) + "..."; - } - out.println(key + "=" + val); - } - } - - /** - * Prints this property list out to the specified output stream. - * This method is useful for debugging. - * - * @param out an output stream. - * @since JDK1.1 - */ - - /* - * Rather than use an anonymous inner class to share common code, this - * method is duplicated in order to ensure that a non-1.1 compiler can - * compile this file. - */ - public void list(PrintWriter out) { - out.println("-- listing properties --"); - Hashtable<String, String> h = new Hashtable<String, String>(); - - enumerate(h); - for (Enumeration<String> e = h.keys(); e.hasMoreElements();) { - String key = e.nextElement(); - String val = h.get(key); - - if (val.length() > 40) { - val = val.substring(0, 37) + "..."; - } - out.println(key + "=" + val); - } - } - - /** - * Enumerates all key/value pairs in the specified hastable. - * - * @param h the hashtable - */ - private synchronized void enumerate(Hashtable<String, String> h) { - if (defaults != null) { - defaults.enumerate(h); - } - for (Enumeration<String> e = keys(); e.hasMoreElements();) { - String key = e.nextElement(); - - h.put(key, get(key)); - } - } - - /** - * Convert a nibble to a hex character - * - * @param nibble the nibble to convert. - */ - private static char toHex(int nibble) { - return hexDigit[(nibble & 0xF)]; - } - - /** A table of hex digits */ - private static final char[] hexDigit = { - '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', - 'E', 'F' - }; - - @Override - public int hashCode() { - final int prime = 31; - int result = super.hashCode(); - result = prime * result + ((defaults == null) ? 0 : defaults.hashCode()); - return result; - } - - @Override - public boolean equals(Object obj) { - if (this == obj) - return true; - if (!super.equals(obj)) - return false; - if (getClass() != obj.getClass()) - return false; - CMSProperties other = (CMSProperties) obj; - if (defaults == null) { - if (other.defaults != null) - return false; - } else if (!defaults.equals(other.defaults)) - return false; - return true; - } -} diff --git a/base/silent/src/com/netscape/pkisilent/common/CMSTask.java b/base/silent/src/com/netscape/pkisilent/common/CMSTask.java deleted file mode 100644 index 953dcd25d..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/CMSTask.java +++ /dev/null @@ -1,189 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStreamReader; - -import com.netscape.pkisilent.argparser.ArgParser; -import com.netscape.pkisilent.argparser.StringHolder; - -/** - * CS Test framework . - * This class starts and stops CS server from command line - */ - -public class CMSTask { - - private static String operation; - private static String serverRoot; - private Process p = null; - - /** - * Constructor . Takes CMS server root as parameter - * for example (/export/qa/cert-jupiter2) - **/ - - public CMSTask() {// do nothing - } - - public CMSTask(String sroot) { - serverRoot = sroot; - } - - public boolean CMSStart() { - - try { - System.out.println("Starting Certificate System:"); - Runtime r = Runtime.getRuntime(); - - p = r.exec(serverRoot + "/start-cert"); - - InputStreamReader isr = new InputStreamReader(p.getInputStream()); - BufferedReader br = new BufferedReader(isr); - String s = null; - - try { - while ((s = br.readLine()) != null) { - if (s.indexOf("started") > 0) { - return true; - } - // do something - } - } catch (IOException ioe) { - ioe.printStackTrace(); - } - - return false; - - } catch (Throwable e) { - e.printStackTrace(); - } - - return false; - } - - public boolean CMSStop() { - try { - Runtime r = Runtime.getRuntime(); - - System.out.println("Stopping Certificate System:"); - p = r.exec(serverRoot + "/stop-cert"); - BufferedReader br = new BufferedReader( - new InputStreamReader(p.getInputStream())); - String line; - - while ((line = br.readLine()) != null) { - System.out.println(" " + line); - if (line.indexOf("server shut down") > -1) { - return true; - } else { - return false; - } - } - } catch (Throwable e) { - e.printStackTrace(); - } - return false; - } - - public boolean CMSRestart() { - try { - System.out.println("Restarting Certificate System:"); - Runtime r = Runtime.getRuntime(); - - p = r.exec(serverRoot + "/restart-cert"); - BufferedReader br = new BufferedReader( - new InputStreamReader(p.getInputStream())); - String line; - - while ((line = br.readLine()) != null) { - System.out.println(" " + line); - if (line.indexOf("started") > -1) { - return true; - } else { - return false; - } - } - - } catch (Throwable e) { - e.printStackTrace(); - } - return false; - } - - public boolean task() { - if (operation.equalsIgnoreCase("stop")) { - CMSStop(); - return true; - } - - if (operation.equalsIgnoreCase("start")) { - CMSStart(); - return true; - } - - if (operation.equalsIgnoreCase("restart")) { - CMSRestart(); - return true; - } - - return false; - } - - public static void main(String args[]) { - CMSTask prof = new CMSTask(); - // parse args - StringHolder x_instance_root = new StringHolder(); - StringHolder x_operation = new StringHolder(); - - // parse the args - ArgParser parser = new ArgParser("CMSTask"); - - parser.addOption("-instance_root %s #CA Server Root", x_instance_root); - parser.addOption("-operation %s #CA operation [stop,start,restart]", - x_operation); - - // and then match the arguments - String[] unmatched = null; - - unmatched = parser.matchAllArgs(args, 0, ArgParser.EXIT_ON_UNMATCHED); - - if (unmatched != null) { - System.out.println("ERROR: Argument Mismatch"); - System.exit(-1); - } - - // set variables - serverRoot = x_instance_root.value; - operation = x_operation.value; - - boolean st = prof.task(); - - if (!st) { - System.out.println("ERROR"); - } - - System.out.println("SUCCESS"); - - } // end of function main - -} // end of class - diff --git a/base/silent/src/com/netscape/pkisilent/common/CertificateRecord.java b/base/silent/src/com/netscape/pkisilent/common/CertificateRecord.java deleted file mode 100644 index 9599eb6dd..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/CertificateRecord.java +++ /dev/null @@ -1,44 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -public class CertificateRecord { - - public String revokedOn = null; - public String revokedBy = null; - public String revocation_info = null; - public String signatureAlgorithm = null; - public String serialNumber = null; - public String subjectPublicKeyLength = null; - public String type = null; - public String subject = null; - public String issuedOn = null; - public String validNotBefore = null; - public String validNotAfter = null; - public String issuedBy = null; - public String subjectPublicKeyAlgorithm = null; - public String certChainBase64 = null; - public String certFingerprint = null; - public String pkcs7ChainBase64 = null; - public String certPrettyPrint = null; - - public CertificateRecord() {// Do nothing - } - -}; diff --git a/base/silent/src/com/netscape/pkisilent/common/ComCrypto.java b/base/silent/src/com/netscape/pkisilent/common/ComCrypto.java deleted file mode 100644 index 7abe775a3..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/ComCrypto.java +++ /dev/null @@ -1,768 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -import java.io.ByteArrayInputStream; -import java.security.KeyPair; - -import netscape.security.x509.X500Name; - -import org.mozilla.jss.CryptoManager; -import org.mozilla.jss.asn1.ASN1Util; -import org.mozilla.jss.asn1.BIT_STRING; -import org.mozilla.jss.asn1.INTEGER; -import org.mozilla.jss.asn1.OBJECT_IDENTIFIER; -import org.mozilla.jss.asn1.OCTET_STRING; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.crypto.AlreadyInitializedException; -import org.mozilla.jss.crypto.CryptoStore; -import org.mozilla.jss.crypto.CryptoToken; -import org.mozilla.jss.crypto.IVParameterSpec; -import org.mozilla.jss.crypto.InternalCertificate; -import org.mozilla.jss.crypto.KeyGenAlgorithm; -import org.mozilla.jss.crypto.KeyGenerator; -import org.mozilla.jss.crypto.KeyPairAlgorithm; -import org.mozilla.jss.crypto.KeyPairGenerator; -import org.mozilla.jss.crypto.KeyWrapAlgorithm; -import org.mozilla.jss.crypto.KeyWrapper; -import org.mozilla.jss.crypto.PrivateKey; -import org.mozilla.jss.crypto.SymmetricKey; -import org.mozilla.jss.crypto.X509Certificate; -import org.mozilla.jss.pkix.crmf.CertReqMsg; -import org.mozilla.jss.pkix.crmf.CertRequest; -import org.mozilla.jss.pkix.crmf.CertTemplate; -import org.mozilla.jss.pkix.crmf.EncryptedKey; -import org.mozilla.jss.pkix.crmf.EncryptedValue; -import org.mozilla.jss.pkix.crmf.PKIArchiveOptions; -import org.mozilla.jss.pkix.crmf.POPOPrivKey; -import org.mozilla.jss.pkix.crmf.ProofOfPossession; -import org.mozilla.jss.pkix.primitive.AVA; -import org.mozilla.jss.pkix.primitive.AlgorithmIdentifier; -import org.mozilla.jss.pkix.primitive.Name; -import org.mozilla.jss.pkix.primitive.SubjectPublicKeyInfo; -import org.mozilla.jss.util.Password; - -import com.netscape.cmsutil.util.Utils; - -/** - * CMS Test framework . - * Use this class to initalize,add a certificate ,generate a certificate request from certificate database. - */ - -public class ComCrypto { - - private String cdir, certnickname, keysize, keytype, tokenpwd; - @SuppressWarnings("unused") - private String certpackage; - private String pkcs10request; - private boolean debug = true; - private boolean DBlogin = false; - private boolean generaterequest = false; - - private String transportcert = null; - private boolean dualkey = false; - public String CRMF_REQUEST = null; - int START = 1; - int END = START + 1; - Password password = null; - - public static CryptoManager manager; - public static CryptoToken token; - private CryptoStore store; - - private String bstr = "-----BEGIN NEW CERTIFICATE REQUEST-----"; - private String blob, Blob1 = null; - private String Blob2 = null; - private String estr = "-----END NEW CERTIFICATE REQUEST-----"; - - private String certprefix = null; - - public ComCrypto() { - }; - - /** - * Constructor . Takes the parameter certificatedbdirectory , passwordfor cert database, - * certificatenickname,keysize, keytype(RSA/DSA) - * - * @param certdbdirectory. - * @param certdbpassword - * @param certnickname - * @param keysize (1024/2048/4096) - * @param keytype (RSA/DSA) - */ - - public ComCrypto(String cd, String tpwd, String cn, String ks, String kt) { - cdir = cd; - tokenpwd = tpwd; - certnickname = cn; - keysize = ks; - keytype = kt; - } - - // Set and Get functions - - public void setCertDir(String cd) { - cdir = cd; - } - - public void setCertnickname(String cd) { - certnickname = cd; - } - - public void setKeySize(String cd) { - keysize = cd; - } - - public void setKeyType(String cd) { - keytype = cd; - } - - public void setTokenPWD(String cd) { - tokenpwd = cd; - } - - public void setCertPackage(String cd) { - certpackage = cd; - } - - public synchronized void setGenerateRequest(boolean c) { - generaterequest = c; - } - - public void setDebug(boolean t) { - debug = t; - } - - public void setCertPrefix(String prefix) { - certprefix = prefix; - } - - /* - * setTransportCert() should only be called when the calling profile - * needs to do key archivals with the DRM and make sure the function - * generateCRMFtransport() is called for the CRMF request generation - * part. - */ - public void setTransportCert(String tcert) { - transportcert = tcert; - } - - public void setDualKey(boolean dkey) { - dualkey = dkey; - } - - public synchronized String getPkcs10Request() { - return pkcs10request; - } - - /** - * Parses the Certificate and returns SubjectDN . Takes certificate as parameter - */ - - public String getCertificateString(X509Certificate cert) { - if (cert == null) { - return null; - } - - // note that it did not represent a certificate fully - return cert.getVersion() + ";" + cert.getSerialNumber().toString() + ";" - + cert.getIssuerDN() + ";" + cert.getSubjectDN(); - } - - /** - * Finds and returns Certificate . Takes certificatenickname as parameter. - */ - - public X509Certificate findCert(String certname) { - try { - - X509Certificate cert2 = manager.findCertByNickname(certname); - - return cert2; - - } catch (Exception e) { - System.out.println("exception importing cert " + e.getMessage()); - return null; - } - - } - - /** - * Imports a certificate to Certificate Database. Takes certificate and nickname as parameters. - */ - - public boolean importCert(X509Certificate xcert, String nickname) { - try { - - System.out.println( - "importCert x509 : importing with nickname: " + nickname); - - InternalCertificate cert2 = manager.importCertToPerm(xcert, nickname); - - cert2.setSSLTrust(2); - return true; - - } catch (Exception e) { - System.out.println("exception importing cert " + e.getMessage()); - return false; - } - - } - - /** - * Imports a certificate to Certificate Database. Takes certificate and nickname as parameters. - */ - - public boolean importCert(String cpack, String cn) { - - System.out.println("importCert string: importing with nickname: " + cn); - try { - - String tmp = normalize(cpack); - - if (DBlogin) { - System.out.println("Already logged into to DB"); - } - - if (manager == null) { - System.out.println("ComCrypto: importCert :Manager object is null"); - throw new Exception("ComCrypto: importCert :Manager Object is null"); - } - - manager.importCertPackage(tmp.getBytes(), cn); - - return true; - - } catch (Exception e) { - System.out.println( - "ERROR:exception importing cert " + e.getMessage()); - e.printStackTrace(); - return false; - } - - } - - /* imports CA certificate - */ - - public boolean importCACert(String cpack) { - - try { - String tmp = normalize(cpack); - - if (DBlogin) { - System.out.println("Already logged into to DB"); - } - - if (manager == null) { - System.out.println("ComCrypto: importCACert :Manager object is null"); - throw new Exception("ComCrypto: importCACert :Manager object is null"); - } - - manager.importCACertPackage(tmp.getBytes()); - - return true; - - } catch (Exception e) { - System.out.println( - "ERROR:exception importing cert " + e.getMessage()); - return false; - } - - } - - /** - * Normalizes a given certificate string . Removes the extra \\ in the certificate returned by CMS server. - */ - - public String normalize(String s) { - - StringBuffer val = new StringBuffer(); - - for (int i = 0; i < s.length(); i++) { - if ((s.charAt(i) == '\\') && (s.charAt(i + 1) == 'n')) { - val.append('\n'); - i++; - continue; - } else if ((s.charAt(i) == '\\') && (s.charAt(i + 1) == 'r')) { - i++; - continue; - } else if (s.charAt(i) == '"') { - continue; - } - val.append(s.charAt(i)); - } - return val.toString(); - } - - /** - * Normalizes a given certificate string . Removes the extra \\ in the certificate returned by CMS server. - */ - - public String normalizeForLDAP(String s) { - StringBuffer val = new StringBuffer(); - - for (int i = 0; i < s.length(); i++) { - if ((s.charAt(i) == '\\') && (s.charAt(i + 1) == 'n')) { - val.append("\n" + " "); - i++; - continue; - } else if ((s.charAt(i) == '\\') && (s.charAt(i + 1) == 'r')) { - i++; - continue; - } else if (s.charAt(i) == '"') { - continue; - } - val.append(s.charAt(i)); - } - return val.toString(); - } - - /** - * Convert to pkcs7 format - */ - - public String pkcs7Convertcert(String s) { - StringBuffer val = new StringBuffer(); - - int len = s.length(); - - for (int i = 0; i < len; i = i + 64) { - - if (i + 64 < len) { - val.append(s.substring(i, i + 64) + "\n"); - } else { - val.append(s.substring(i, len)); - } - - } - return val.toString(); - } - - /** - * Delete all keys frim key3.db - **/ - - public void deleteKeys() { - try { - int i = 0; - - store = token.getCryptoStore(); - PrivateKey[] keys = store.getPrivateKeys(); - - if (debug) { - System.out.println("Now we shall delete all the keys!"); - } - - keys = store.getPrivateKeys(); - for (i = 0; i < keys.length; i++) { - PrivateKey key = keys[i]; - - store.deletePrivateKey(key); - } - - } catch (Exception e) { - e.printStackTrace(); - } - } - - /** - * Creates a new certificate database - **/ - - public boolean CreateCertDB() { - return loginDB(); - - } - - /** - * Login to cert database - **/ - - public boolean loginDB() { - Password pass1 = null; - - try { - if (debug) { - System.out.println("CRYPTO INIT WITH CERTDB:" + cdir); - } - - // this piece of code is to create db's with certain prefix - if (certprefix != null) { - CryptoManager.InitializationValues vals; - - vals = new CryptoManager.InitializationValues(cdir, certprefix, - certprefix, "secmod.db"); - CryptoManager.initialize(vals); - } else { - CryptoManager.initialize(cdir); - } - - manager = CryptoManager.getInstance(); - token = manager.getInternalKeyStorageToken(); - pass1 = new Password(tokenpwd.toCharArray()); - if (token.isLoggedIn() && debug) { - System.out.println("Already Logged in "); - } - - if (debug) { - System.out.println("tokenpwd:" + tokenpwd); - } - - token.login(pass1); - pass1.clear(); - - } catch (AlreadyInitializedException e) { - if (debug) { - System.out.println("Crypto manager already initialized"); - } - } catch (Exception e) { - try { - if (!token.isLoggedIn()) { - token.initPassword(pass1, pass1); - } - return true; - } catch (Exception er) { - System.err.println("some exception:" + e); - return false; - } - } - DBlogin = true; - return true; - } - - /** - * Generate Certificate Request - **/ - - public synchronized boolean generateRequest() { - - System.out.println("generating pkcs10 Request"); - loginDB(); - - try { - debug = true; - System.out.println("Generating request : keysize :" + keysize); - System.out.println("Generating request : subject :" + certnickname); - System.out.println("Generating request : keytype :" + keytype); - - Integer n = new Integer(keysize); - - if (generaterequest) { - blob = token.generateCertRequest(certnickname, n.intValue(), - keytype, (byte[]) null, (byte[]) null, (byte[]) null); - - System.out.println("Cert Request Generated."); - - bstr = "-----BEGIN NEW CERTIFICATE REQUEST-----"; - Blob1 = blob.substring(bstr.length() + 1); - Blob2 = Blob1.substring(0, Blob1.indexOf(estr)); - - System.out.println(Blob2); - pkcs10request = Blob2; - } - - return true; - - } catch (Exception e) { - System.out.println("Exception: Unable to generate request: " + e); - } - - return false; - } - - public String generateCRMFrequest() { - KeyPair pair = null; - - System.out.println("Debug : initialize crypto Manager"); - try { - - // Step 1. initialize crypto Manager - try { - CryptoManager.initialize(cdir); - } catch (Exception e) { - // it is ok if it is already initialized - System.out.println("INITIALIZATION ERROR: " + e.toString()); - System.out.println("cdir = " + cdir); - } - - // Step 2 log into database - try { - - System.out.println("Debug : before getInstance"); - - manager = CryptoManager.getInstance(); - String token_pwd = tokenpwd; - - System.out.println("Debug : before get token"); - - token = manager.getInternalKeyStorageToken(); - password = new Password(token_pwd.toCharArray()); - - System.out.println("Debug : before login password"); - - token.login(password); - - System.out.println("Debug : after login password"); - } catch (Exception e) { - System.out.println("INITIALIZATION ERROR: " + e.toString()); - - if (!token.isLoggedIn()) { - token.initPassword(password, password); - } - } - - // Generating CRMF request - - KeyPairGenerator kg = token.getKeyPairGenerator(KeyPairAlgorithm.RSA); - - Integer x = new Integer(keysize); - int key_len = x.intValue(); - - kg.initialize(key_len); - - // 1st key pair - pair = kg.genKeyPair(); - - // create CRMF - CertTemplate certTemplate = new CertTemplate(); - - certTemplate.setVersion(new INTEGER(2)); - - if (certnickname != null) { - X500Name name = new X500Name(certnickname); - ByteArrayInputStream cs = new ByteArrayInputStream(name.getEncoded()); - Name n = (Name) Name.getTemplate().decode(cs); - certTemplate.setSubject(n); - } - - certTemplate.setPublicKey(new SubjectPublicKeyInfo(pair.getPublic())); - - SEQUENCE seq = new SEQUENCE(); - CertRequest certReq = new CertRequest(new INTEGER(1), certTemplate, - seq); - byte popdata[] = { 0x0, 0x3, 0x0 }; - - ProofOfPossession pop = ProofOfPossession.createKeyEncipherment( - POPOPrivKey.createThisMessage(new BIT_STRING(popdata, 3))); - - CertReqMsg crmfMsg = new CertReqMsg(certReq, pop, null); - - SEQUENCE s1 = new SEQUENCE(); - - // 1st : Encryption key - - s1.addElement(crmfMsg); - - // 2nd : Signing Key - - if (dualkey) { - System.out.println("dualkey = true"); - SEQUENCE seq1 = new SEQUENCE(); - CertRequest certReqSigning = new CertRequest(new INTEGER(1), - certTemplate, seq1); - CertReqMsg signingMsg = new CertReqMsg(certReqSigning, pop, null); - - s1.addElement(signingMsg); - } - - byte encoded[] = ASN1Util.encode(s1); - - // BASE64Encoder encoder = new BASE64Encoder(); - // String Req1 = encoder.encodeBuffer(encoded); - String Req1 = Utils.base64encode(encoded); - - // Set CRMF_REQUEST variable - CRMF_REQUEST = Req1; - - System.out.println("CRMF_REQUEST = " + CRMF_REQUEST); - - } catch (Exception e) { - System.out.println("ERROR: " + e.toString()); - e.printStackTrace(); - return null; - } - - return CRMF_REQUEST; - } - - /* - * This function is used to Generated CRMF requests wrapped with the - * transport cert so that we can do key archival with the drm. - * This function expects transportcert variable to be set in this class. - * Use setTransportCert() to do the same. - */ - - public String generateCRMFtransport() { - - KeyPair pair = null; - - try { - // Step 1. initialize crypto Manager - try { - CryptoManager.initialize(cdir); - } catch (Exception e) { - // it is ok if it is already initialized - System.out.println("INITIALIZATION ERROR: " + e.toString()); - System.out.println("cdir = " + cdir); - } - - // Step 2 log into database - try { - - System.out.println("Debug : before getInstance"); - - manager = CryptoManager.getInstance(); - String token_pwd = tokenpwd; - - System.out.println("Debug : before get token"); - - token = manager.getInternalKeyStorageToken(); - password = new Password(token_pwd.toCharArray()); - - System.out.println("Debug : before login password"); - - token.login(password); - - System.out.println("Debug : after login password"); - } catch (Exception e) { - System.out.println("INITIALIZATION ERROR: " + e.toString()); - - if (!token.isLoggedIn()) { - token.initPassword(password, password); - } - } - - // Key Pair Generation - KeyPairGenerator kg = token.getKeyPairGenerator(KeyPairAlgorithm.RSA); - Integer x = new Integer(keysize); - int key_len = x.intValue(); - - kg.initialize(key_len); - - pair = kg.genKeyPair(); - - // wrap private key - // BASE64Decoder decoder = new BASE64Decoder(); - // byte transport[] = decoder.decodeBuffer(transportcert); - byte transport[] = Utils.base64decode(transportcert); - - X509Certificate tcert = manager.importCACertPackage(transport); - - byte iv[] = { 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1 }; - - KeyGenerator kg1 = token.getKeyGenerator(KeyGenAlgorithm.DES3); - SymmetricKey sk = kg1.generate(); - - // wrap private key using session - KeyWrapper wrapper1 = token.getKeyWrapper( - KeyWrapAlgorithm.DES3_CBC_PAD); - - wrapper1.initWrap(sk, new IVParameterSpec(iv)); - - byte key_data[] = wrapper1.wrap(( - org.mozilla.jss.crypto.PrivateKey) pair.getPrivate()); - - // wrap session using transport - KeyWrapper rsaWrap = token.getKeyWrapper(KeyWrapAlgorithm.RSA); - - rsaWrap.initWrap(tcert.getPublicKey(), null); - - byte session_data[] = rsaWrap.wrap(sk); - - // create CRMF - CertTemplate certTemplate = new CertTemplate(); - - certTemplate.setVersion(new INTEGER(2)); - - if (certnickname != null) { - X500Name name = new X500Name(certnickname); - ByteArrayInputStream cs = new ByteArrayInputStream(name.getEncoded()); - Name n = (Name) Name.getTemplate().decode(cs); - certTemplate.setSubject(n); - } - - certTemplate.setPublicKey(new SubjectPublicKeyInfo(pair.getPublic())); - - // set extension - AlgorithmIdentifier algS = new AlgorithmIdentifier( - new OBJECT_IDENTIFIER("1.2.840.113549.3.7"), - new OCTET_STRING(iv)); - - EncryptedValue encValue = new EncryptedValue(null, algS, - new BIT_STRING(session_data, 0), null, null, - new BIT_STRING(key_data, 0)); - - EncryptedKey key = new EncryptedKey(encValue); - PKIArchiveOptions opt = new PKIArchiveOptions(key); - - SEQUENCE seq = new SEQUENCE(); - - seq.addElement( - new AVA(new OBJECT_IDENTIFIER("1.3.6.1.5.5.7.5.1.4"), opt)); - - CertRequest certReq = new CertRequest(new INTEGER(1), certTemplate, - seq); - - // Adding proof of possesion data - byte popdata[] = { 0x0, 0x3, 0x0 }; - ProofOfPossession pop = ProofOfPossession.createKeyEncipherment( - POPOPrivKey.createThisMessage(new BIT_STRING(popdata, 3))); - - CertReqMsg crmfMsg = new CertReqMsg(certReq, pop, null); - - SEQUENCE s1 = new SEQUENCE(); - - // 1st : Encryption key - s1.addElement(crmfMsg); - - // 2nd : Signing Key - - if (dualkey) { - System.out.println("dualkey = true"); - SEQUENCE seq1 = new SEQUENCE(); - CertRequest certReqSigning = new CertRequest(new INTEGER(1), - certTemplate, seq1); - CertReqMsg signingMsg = new CertReqMsg(certReqSigning, pop, null); - - s1.addElement(signingMsg); - } - - byte encoded[] = ASN1Util.encode(s1); - - // BASE64Encoder encoder = new BASE64Encoder(); - - // CRMF_REQUEST = encoder.encodeBuffer(encoded); - CRMF_REQUEST = Utils.base64encode(encoded); - - System.out.println("Generated crmf request: ...... "); - System.out.println(""); - - System.out.println(CRMF_REQUEST); - System.out.println(""); - System.out.println("End crmf Request:"); - } catch (Exception e) { - System.out.println("Exception: " + e.getMessage()); - } - - return CRMF_REQUEST; - } - -} // end of class - diff --git a/base/silent/src/com/netscape/pkisilent/common/Con2Agent.java b/base/silent/src/com/netscape/pkisilent/common/Con2Agent.java deleted file mode 100644 index 3038a1679..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/Con2Agent.java +++ /dev/null @@ -1,376 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -import java.io.BufferedOutputStream; -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStreamReader; -import java.io.OutputStream; -import java.io.PrintStream; -import java.util.Vector; - -import org.mozilla.jss.CryptoManager; -import org.mozilla.jss.crypto.AlreadyInitializedException; -import org.mozilla.jss.crypto.CryptoToken; -import org.mozilla.jss.crypto.X509Certificate; -import org.mozilla.jss.ssl.SSLCertificateApprovalCallback; -import org.mozilla.jss.ssl.SSLClientCertificateSelectionCallback; -import org.mozilla.jss.ssl.SSLSocket; -import org.mozilla.jss.util.Password; - -/** - * CMS Test framework . - * Submits a requests to agent port with sslclient authentication. - */ - -public class Con2Agent implements SSLClientCertificateSelectionCallback, - SSLCertificateApprovalCallback { - - private int port; - @SuppressWarnings("unused") - private String certname; - private String host, certdir, certnickname, tokenpwd, query; - private String ACTIONURL; - - private StringBuffer stdout = new StringBuffer(); - - public Con2Agent() { - } - - /** - * Constructor. Takes hostname , portnumber , certificate nickname, token password ,client certdb directory - * - * @param hostname - * @param portnumber - * @param agent cert nickname - * @param token password - * @param certdb directory - */ - - public Con2Agent(String hs, int p, String cname, String tpwd, String cdir) { - host = hs; - port = p; - certnickname = cname; - tokenpwd = tpwd; - certdir = cdir; - } - - public boolean approve(X509Certificate x509, SSLCertificateApprovalCallback.ValidityStatus status) { - return true; - } - - public String select(@SuppressWarnings("rawtypes") Vector nicknames) { - - System.out.println("nicknames size = " + nicknames.size()); - int i = nicknames.size(); - - if (i > 0) { - return (String) nicknames.elementAt(0); - } else { - return null; - } - - } - - // Get and Set methods - - /* - * Get the page returned by the server - */ - - public StringBuffer getPage() { - return stdout; - } - - /* - * Set the query string to be submitted to the server - */ - - public void setQueryString(String qu) { - query = qu; - } - - /* - *Set token password - */ - - public void setTokenPassword(String pwd) { - tokenpwd = pwd; - } - - /* - * Set Client cert database - */ - - public void setCertDBDir(String cdir) { - certdir = cdir; - } - - /* - * Set host name - */ - - public void setHost(String hs) { - host = hs; - } - - /* - * set Agent port number - */ - - public void setPort(int p) { - port = p; - } - - /* - * Set Agent cert nickname - */ - - public void setCertNickName(String cname) { - certnickname = cname; - } - - /* - * Set action URL - */ - - public void setActionURL(String url) { - ACTIONURL = url; - } - - // Submit requests - - public boolean Send() { - SSLSocket socket = null; - OutputStream rawos = null; - BufferedOutputStream os = null; - PrintStream ps = null; - BufferedReader stdin1 = null; - try { - - if (!loginCertDB()) { - return false; - } - - socket = new SSLSocket(host, port, null, 0, this, null); - - System.out.println("Con2Agent.java: host = " + host); - System.out.println("Con2Agent.java: port = " + port); - System.out.println("Con2Agent.java: certnickname = " + certnickname); - - socket.setClientCertNickname(certnickname); - System.out.println("Connected to the socket"); - - rawos = socket.getOutputStream(); - os = new BufferedOutputStream(rawos); - ps = new PrintStream(os); - - System.out.println(ACTIONURL); - System.out.println("Query :" + query); - ps.println("POST " + ACTIONURL + " HTTP/1.0"); - ps.println("Connection: Keep-Alive"); - ps.println("Content-type: application/x-www-form-urlencoded"); - ps.println("Content-length: " + query.length()); - ps.println(""); - ps.println(query); - ps.println("\r"); - ps.flush(); - os.flush(); - stdin1 = new BufferedReader( - new InputStreamReader(socket.getInputStream())); - String line; - - while ((line = stdin1.readLine()) != null) { - stdout.append(line + "\n"); - System.out.println(line); - } - ps.println("Connection: close"); - } catch (Exception e) { - System.out.println("some exception: in Send routine" + e); - return false; - } finally { - // Send Connection: close to let the server close the connection. - // Else the socket on the server side continues to remain in TIME_WAIT state - if (ps != null) - ps.close(); - if (stdin1 != null) { - try { - stdin1.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - if (socket != null) { - try { - socket.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - if (os != null) { - try { - os.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - if (rawos != null) { - try { - rawos.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - if (socket != null) { - if (socket.isClosed()) { - System.out.println("Con2Agent.java : Socket is Closed"); - } else { - System.out.println("Con2Agent.java : Socket not Closed"); - } - } - } - return true; - } - - private boolean loginCertDB() { - CryptoManager manager; - Password pass1 = null; - - try { - System.out.println("Step 1: Initializing CryptoManager"); - CryptoManager.initialize(certdir); - - System.out.println("Step 2: Login to Cert Database"); - manager = CryptoManager.getInstance(); - CryptoToken token = manager.getInternalKeyStorageToken(); - - if (token.isLoggedIn()) { - System.out.println("Con2Agent: Logged in incorrect"); - } - - System.out.println("tokenpwd:" + tokenpwd); - char[] passchar1 = new char[tokenpwd.length()]; - - tokenpwd.getChars(0, tokenpwd.length(), passchar1, 0); - - pass1 = new Password(passchar1.clone()); - token.login(pass1); - - X509Certificate cert2 = manager.findCertByNickname(certnickname); - - certname = cert2.getNickname(); - return true; - - } catch (AlreadyInitializedException e) { - System.out.println("Crypto manager already initialized"); - return true; - } catch (NumberFormatException e) { - System.err.println("Invalid key size: " + e); - return false; - } catch (java.security.InvalidParameterException e) { - System.err.println("Invalid key size: " + e); - return false; - - } catch (Exception e) { - System.err.println("some exception:" + e); - e.printStackTrace(); - return false; - } - - } - - public boolean Send_withGET() { - SSLSocket socket = null; - OutputStream rawos = null; - BufferedOutputStream os = null; - PrintStream ps = null; - BufferedReader stdin2 = null; - - try { - - if (!loginCertDB()) { - return false; - } - - socket = new SSLSocket(host, port, null, 0, this, null); - - socket.setClientCertNickname(certnickname); - System.out.println("Connected to the socket"); - - rawos = socket.getOutputStream(); - os = new BufferedOutputStream(rawos); - ps = new PrintStream(os); - - System.out.println("Query in con2agent :" + query); - System.out.println("ACTIONURL in con2agent : " + ACTIONURL); - - ps.println("GET " + ACTIONURL + query + " HTTP/1.0"); - ps.println(""); - ps.println("\r"); - ps.flush(); - os.flush(); - stdin2 = new BufferedReader( - new InputStreamReader(socket.getInputStream())); - String line; - - while ((line = stdin2.readLine()) != null) { - stdout.append(line + "\n"); - } - } catch (Exception e) { - System.err.println("some exception: in Send routine" + e); - return false; - } finally { - - if (ps != null) - ps.close(); - if (stdin2 != null) { - try { - stdin2.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - if (socket != null) { - try { - socket.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - if (os != null) { - try { - os.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - if (rawos != null) { - try { - rawos.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - - } - return true; - } - -} // end of class diff --git a/base/silent/src/com/netscape/pkisilent/common/DirEnroll.java b/base/silent/src/com/netscape/pkisilent/common/DirEnroll.java deleted file mode 100644 index 6ab1fb190..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/DirEnroll.java +++ /dev/null @@ -1,489 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -import java.io.BufferedOutputStream; -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStreamReader; -import java.io.OutputStream; -import java.io.PrintStream; -import java.io.UnsupportedEncodingException; -import java.net.URLEncoder; -import java.util.Date; -import java.util.GregorianCalendar; - -import org.mozilla.jss.ssl.SSLSocket; - -/** - * CMS Test framework - Legacyenrollment forms for Directory based enrollmnet and Portal based enrollment . - * Certificate issuance through Legacy Directory based enrollment and Portal based enrollment form. - * <P> - */ - -public class DirEnroll extends TestClient { - - private String Authenticator = "UserDir"; - private int port; - @SuppressWarnings("unused") - private long elapsedTime; - - private String importcert = "false"; - - // Constructors - - /** - * Constructor . Takes the parameter for Properties file name - * <p> - * - * @param propfilename name of the parameter file - */ - - public DirEnroll(String pfile) { - propfileName = pfile; - } - - /** - * Constructor. Takes hostname , EESSLportnumber as parameter - * <p> - * - * @param hostname - * @param portnumber - */ - - public DirEnroll(String h, String p) { - host = h; - ports = p; - } - - /** - * Constructor. Takes - * hostname,EESSLportnumber,uid,password,certdbdirectorypath,certdbpassword,certificatenickname,keysize,teytype - * <p> - * - * @param hostname - * @param portnumber - * @param subjectdn - * @param admuserid - * @param adminpassword - */ - - public DirEnroll(String hs, String p, String uid, String pw, String certdir, String certtokenpwd, String nickname, - String ksz, String kt) { - - host = hs; - ports = p; - UID = uid; - PWD = pw; - cdir = certdir; - tokenpwd = certtokenpwd; - certnickname = nickname; - keysize = "1024"; - keytype = "RSA"; - } - - // Set and Get functions - - /** - * Use this method to set User Info - */ - public void setUIDInfo(String uid, String pw) { - UID = uid; - PWD = pw; - } - - /** - * Returns a string "UserDir" / "Portal" - */ - - public String getAuthenticator() { - return Authenticator; - } - - /** - * Valid values for s - UserDir for Directory based Authntication - * Portal for Portal based Authentication - */ - public void setAuthenticator(String s) { - Authenticator = s; - } - - public boolean enroll_load() throws UnsupportedEncodingException { - buildquery(); - return (Send()); - } - - private boolean pkcs10() { - System.out.println(" In pkcs10 Keysize , key type " + keysize + keytype); - cCrypt.setCertDir(cdir); - cCrypt.setCertnickname("cn=test"); - cCrypt.setKeySize(keysize); - cCrypt.setKeyType(keytype); - cCrypt.setTokenPWD(tokenpwd); - - cCrypt.setDebug(debug); - cCrypt.setGenerateRequest(true); - if (!cCrypt.generateRequest()) { - System.out.println("Request could not be generated "); - return false; - } - pkcs10request = cCrypt.getPkcs10Request(); - - try { - buildquery(); - System.out.println(query); - setStatusString("Congratulations, your certificate has been issued."); - return (Send()); - } catch (Exception e) { - System.err.println("some exception:" + e); - } - - return false; - - } - - /** - * Enroll for certificate . Before calling this mentod SetAuthenticator and setUIDInfo - */ - public boolean enroll() { - return (pkcs10()); - } - - private boolean readProperties() { - - // Read the properties file and assign values to variables . - try { - getProperties(propfileName); - } catch (Exception e) { - System.out.println( - "exception reading Properties File " + e.getMessage()); - return false; - } - - System.out.println("Reading"); - host = props.getProperty("enroll.host"); - ports = props.getProperty("enroll.port"); - UID = props.getProperty("enroll.UID"); - PWD = props.getProperty("enroll.pwd"); - cdir = props.getProperty("enroll.certdir"); - tokenpwd = props.getProperty("enroll.certtokenpwd"); - certnickname = props.getProperty("enroll.nickname"); - keysize = props.getProperty("enroll.keysize"); - keytype = props.getProperty("enroll.keytype"); - Authenticator = props.getProperty("enroll.authenticator"); - GN = props.getProperty("enroll.GN"); - SN = props.getProperty("enroll.SN"); - CN = props.getProperty("enroll.CN"); - OU = props.getProperty("enroll.OU"); - O = props.getProperty("enroll.O"); - MAIL = props.getProperty("enroll.mail"); - L = props.getProperty("enroll.l"); - - importcert = props.getProperty("enroll.importCert"); - if (importcert == null) { - importcert = "false"; - } - String de = props.getProperty("enroll.debug"); - - if (de == null) { - debug = false; - } else if (de.equals("true")) { - debug = true; - } else { - debug = false; - } - - System.out.println("Reading done"); - // Enroll using a pkscks10 request - return true; - } - - // Private functions - - private boolean importCert(String certpack) { - - if (importcert.equals("false")) { - return true; - } - - try { - if (certpack == null) { - return false; - } - - if (debug) { - System.out.println( - "importing cert" + certpack + "certnick" + certnickname); - } - - cCrypt.importCert(certpack, certnickname); - - return true; - - } catch (Exception e) { - System.out.println("exception importing cert " + e.getMessage()); - return false; - } - - } - - private void setElapsedTime(long dif) { - elapsedTime = dif; - } - - private long calculateElapsedTime(GregorianCalendar b, GregorianCalendar e) { - - Date d1 = b.getTime(); - Date d2 = e.getTime(); - long l1 = d1.getTime(); - long l2 = d2.getTime(); - long difference = l2 - l1; - - return difference; - - } - - private boolean Send() { - boolean st = false; - SSLSocket socket = null; - OutputStream rawos = null; - BufferedOutputStream os = null; - PrintStream ps = null; - BufferedReader stdin = null; - try { - if (debug) { - System.out.println("Step 3 : Socket initialize"); - } - - Integer x = new Integer(ports); - - port = x.intValue(); - ErrorDetail = null; - GregorianCalendar begin = new GregorianCalendar(); - - // SSLSocket socket = new SSLSocket(host,port); - socket = new SSLSocket(host, port, null, 0, this, null); - - socket.setUseClientMode(true); - - rawos = socket.getOutputStream(); - os = new BufferedOutputStream(rawos); - ps = new PrintStream(os); - - ps.println("POST /enrollment HTTP/1.0"); - ps.println("Connection: Keep-Alive"); - ps.println("Content-type: application/x-www-form-urlencoded"); - ps.println("Content-length: " + query.length()); - ps.println(""); - ps.println(query); - ps.println("\r"); - ps.flush(); - os.flush(); - stdin = new BufferedReader( - new InputStreamReader(socket.getInputStream())); - - if (debug) { - System.out.println("Step 4: Received the page"); - } - st = false; - String line; - - while ((line = stdin.readLine()) != null) { - if (debug) { - System.out.println(line); - } - if (line.indexOf(STATUS) != -1) { - st = true; - } - if (getError(line)) { - st = true; - } - - if (line.indexOf("record.base64Cert=") > -1) { - String baseCert = line; - - System.out.println("BaseCert : " + baseCert); - if (importcert.equals("true")) { - String strbase = "record.base64Cert="; - - int n = strbase.length() + 1; - - baseCert = baseCert.substring(n); - String tmp = baseCert.substring(0, baseCert.length() - 2); - - importCert(tmp); - } - } - - } - - GregorianCalendar end = new GregorianCalendar(); - long diff = calculateElapsedTime(begin, end); - - setElapsedTime(diff); - - } catch (Exception e) { - System.err.println("some exception: in Send routine" + e); - return false; - } finally { - if (ps != null) - ps.close(); - if (stdin != null) { - try { - stdin.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - if (socket != null) { - try { - socket.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - if (os != null) { - try { - os.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - if (rawos != null) { - try { - rawos.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - } - return st; - } - - private void buildquery() throws UnsupportedEncodingException { - - StringBuffer queryStrBuf = new StringBuffer(); - - queryStrBuf.append("certType=client"); - queryStrBuf.append("&importCert=off"); - queryStrBuf.append("&non_repudiation=true"); - queryStrBuf.append("&submit=Submit"); - queryStrBuf.append("&key_encipherment=true"); - queryStrBuf.append("&digital_signature=true"); - queryStrBuf.append("&ssl_client=true"); - - System.out.println("Authenticator : " + Authenticator); - - if (Authenticator.equals("UserDir")) { - queryStrBuf.append("&authenticator=UserDirEnrollment"); - queryStrBuf.append("&requestFormat=keygen"); - queryStrBuf.append("&uid="); - queryStrBuf.append(URLEncoder.encode(UID, "UTF-8")); - queryStrBuf.append("&pwd="); - queryStrBuf.append(URLEncoder.encode(PWD, "UTF-8")); - queryStrBuf.append("&email=true"); - queryStrBuf.append("&cryptprovider=1"); - - } - - if (Authenticator.equals("Portal")) { - queryStrBuf.append("&authenticator=PortalEnrollment"); - queryStrBuf.append("&requestFormat=keygen"); - queryStrBuf.append("&uid="); - queryStrBuf.append(URLEncoder.encode(UID, "UTF-8")); - queryStrBuf.append("&userPassword="); - queryStrBuf.append(URLEncoder.encode(PWD, "UTF-8")); - GN = "test"; - SN = "test"; - CN = "test"; - MAIL = "test@netscape.com"; - OU = "aol"; - O = "aol"; - L = "MV"; - queryStrBuf.append("&givenname="); - queryStrBuf.append(URLEncoder.encode(GN, "UTF-8")); - - queryStrBuf.append("&sn="); - queryStrBuf.append(URLEncoder.encode(SN, "UTF-8")); - queryStrBuf.append("&cn="); - queryStrBuf.append(URLEncoder.encode(CN, "UTF-8")); - - queryStrBuf.append("&mail="); - queryStrBuf.append(URLEncoder.encode(MAIL, "UTF-8")); - queryStrBuf.append("&ou="); - queryStrBuf.append(URLEncoder.encode(OU, "UTF-8")); - queryStrBuf.append("&o="); - queryStrBuf.append(URLEncoder.encode(O, "UTF-8")); - queryStrBuf.append("&l="); - queryStrBuf.append(URLEncoder.encode(L, "UTF-8")); - - queryStrBuf.append("&email=true"); - - } - - if (Authenticator.equals("NIS")) { - queryStrBuf.append("&authenticator=NISAuth"); - queryStrBuf.append("&requestFormat=keygen"); - queryStrBuf.append("&uid="); - queryStrBuf.append(URLEncoder.encode(UID, "UTF-8")); - queryStrBuf.append("&pwd="); - queryStrBuf.append(URLEncoder.encode(PWD, "UTF-8")); - queryStrBuf.append("&email=true"); - - } - - queryStrBuf.append("&pkcs10Request="); - queryStrBuf.append(URLEncoder.encode(pkcs10request, "UTF-8")); - query = queryStrBuf.toString(); - - System.out.println(query); - - } - - public static void main(String args[]) { - // Exit Status - (0) for error/Fail - // - requestId Pass - boolean st; - - System.out.println(args.length); - if (args.length < 1) { - System.out.println("Usage : propertiesfile"); - System.exit(0); - } - - DirEnroll t = new DirEnroll(args[0]); - - t.readProperties(); - st = t.enroll(); - if (st) { - System.out.println( - t.getAuthenticator() + " based enrollment successfull. "); - System.exit(1); - } else { - - System.out.println( - t.getAuthenticator() - + " based enrollment was not successful." - + "Error: " + t.getErrorDetail()); - System.exit(0); - } - }// end of function main - -} // end of class - diff --git a/base/silent/src/com/netscape/pkisilent/common/ParseXML.java b/base/silent/src/com/netscape/pkisilent/common/ParseXML.java deleted file mode 100644 index cee867740..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/ParseXML.java +++ /dev/null @@ -1,176 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -import java.io.BufferedReader; -import java.io.FileInputStream; -import java.io.InputStreamReader; -import java.util.ArrayList; - -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; - -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.NodeList; -import org.w3c.dom.bootstrap.DOMImplementationRegistry; -import org.w3c.dom.ls.DOMImplementationLS; -import org.w3c.dom.ls.LSOutput; -import org.w3c.dom.ls.LSSerializer; - -public class ParseXML { - Document dom = null; - - public ParseXML() {// nothing - } - - public void parse(java.io.InputStream is) { - try { - // get the factory - DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); - - // Using factory get an instance of document builder - DocumentBuilder db = dbf.newDocumentBuilder(); - - // parse using builder to get DOM representation of the XML file - dom = db.parse(is); - } catch (Exception se) { - System.out.println("ERROR: unable to parse xml"); - se.printStackTrace(); - - try { - BufferedReader br = new BufferedReader(new InputStreamReader(is)); - StringBuilder sb = new StringBuilder(); - String line = null; - - while ((line = br.readLine()) != null) { - sb.append(line + "\n"); - } - - br.close(); - System.out.println("ERROR XML = " + sb.toString()); - } catch (Exception se1) { - System.out.println("ERROR: unable to print xml"); - se1.printStackTrace(); - } - } - } - - public String getvalue(String tag) { - String temp = null; - - try { - - // get the root elememt - Element docEle = dom.getDocumentElement(); - - // get a nodelist of <employee> elements - NodeList nl = docEle.getElementsByTagName(tag); - - if (nl != null && nl.getLength() > 0) { - Element el = (Element) nl.item(0); - - if (el != null) { - temp = el.getFirstChild().getNodeValue(); - } - } - } catch (Exception e) { - System.out.println("ERROR: Tag=" + tag + "has no values"); - return null; - } - - return temp; - } - - public void prettyprintxml() { - try { - // Serialize the document - DOMImplementationRegistry registry = DOMImplementationRegistry.newInstance(); - DOMImplementationLS impl = (DOMImplementationLS)registry.getDOMImplementation("LS"); - - LSSerializer writer = impl.createLSSerializer(); - writer.getDomConfig().setParameter("format-pretty-print", Boolean.TRUE); - - LSOutput output = impl.createLSOutput(); - output.setByteStream(System.out); - - writer.write(dom, output); - - } catch (Exception e) { - e.printStackTrace(); - } - } - - private String getTextValue(Element ele, String tagName) { - String textVal = null; - NodeList nl = ele.getElementsByTagName(tagName); - - if (nl != null && nl.getLength() > 0) { - Element el = (Element) nl.item(0); - - textVal = el.getFirstChild().getNodeValue(); - } - - return textVal; - } - - // returns an arraylist of values for the corresponding tag - - public ArrayList<String> constructValueList(String first, String second) { - ArrayList<String> al = new ArrayList<String>(); - - try { - // get the root elememt - Element docEle = dom.getDocumentElement(); - - // get a nodelist of <employee> elements - NodeList nl = docEle.getElementsByTagName(first); - - if (nl != null && nl.getLength() > 0) { - for (int i = 0; i < nl.getLength(); i++) { - Element el = (Element) nl.item(i); - String value = getTextValue(el, second); - - System.out.println("tag=" + second + " value=" + value); - if (value != null) { - al.add(value); - } - } - } - } catch (Exception e) { - System.out.println("ERROR: Tag=" + first + " has no values"); - } - - return al; - } - - public static void main(String args[]) { - try { - - ParseXML px = new ParseXML(); - FileInputStream fiscfg = new FileInputStream("/tmp/test.xml"); - - px.parse(fiscfg); - px.prettyprintxml(); - - } catch (Exception e) { - } - } - -}; // end class diff --git a/base/silent/src/com/netscape/pkisilent/common/PostQuery.java b/base/silent/src/com/netscape/pkisilent/common/PostQuery.java deleted file mode 100644 index b7399336f..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/PostQuery.java +++ /dev/null @@ -1,141 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -import java.io.BufferedReader; -import java.io.DataOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.net.HttpURLConnection; -import java.net.MalformedURLException; -import java.net.URL; - -import com.netscape.cmsutil.util.Utils; - -/** - * CMS Test framework . - * This class submits request to admin server after authenticating with UID and Password. You can get back the response - * by calling the method. getPage(). - */ - -public class PostQuery { - - private boolean st; - private String NmcStatus = "NMC_STATUS: 0"; - private String postQuery = null; - private String adminID, adminPWD, URLString; - - private StringBuffer stdout = new StringBuffer(); - - /** - * Constructor . Takes the parameters urlstring("http://hostname:<portnumber> , Id for authenticating to the server, - * password for authentication to the server and query which needs to be submitted to the server - */ - - public PostQuery(String urlstr, String authid, String authpwd, String querystring) { - - URLString = urlstr; - adminID = authid; - adminPWD = authpwd; - postQuery = querystring; - - } - - public void setNMCStatus(String m) { - NmcStatus = m; - } - - public void setPostQueryString(String querystring) { - postQuery = querystring; - } - - public void setAuth(String ID, String Pwd) { - adminID = ID; - adminPWD = Pwd; - } - - public StringBuffer getPage() { - return stdout; - } - - public boolean Send() { - // / This functions connects to the URL and POST HTTP Request . - // It compares with NMC_STATUS and return the status. - System.out.println(URLString); - st = false; - - try { - - URL myUrl = new URL(URLString); - String userPassword = adminID + ":" + adminPWD; - - System.out.println("adminid=" + adminID); - System.out.println("adminpwd=" + adminPWD); - // String encoding = new sun.misc.BASE64Encoder().encode( - // userPassword.getBytes()); - String encoding = Utils.base64encode( - userPassword.getBytes()); - HttpURLConnection URLCon = (HttpURLConnection) myUrl.openConnection(); - - URLCon.setRequestProperty("Authorization", "Basic " + encoding); - URLCon.setDoOutput(true); - URLCon.setDoInput(true); - URLCon.setUseCaches(false); - URLCon.setRequestProperty("Content-type", - "application/x-www-form-urlencoded"); - // URLCon.setRequestMethod("POST"); - System.out.println("After post"); - - DataOutputStream os = new DataOutputStream(URLCon.getOutputStream()); - - System.out.println("Query: " + postQuery); - - os.writeBytes(postQuery); - os.flush(); - os.close(); - - InputStream Content = URLCon.getInputStream(); - - System.out.println("Configuring Cert Instance : Return Response"); - BufferedReader in = new BufferedReader( - new InputStreamReader(Content)); - String line; - - while ((line = in.readLine()) != null) { - System.out.println(line); - stdout.append(line + "\n"); - st = line.startsWith(NmcStatus); - if (st) { - break; - } - } - URLCon.disconnect(); - } // try - catch (MalformedURLException e) { - System.out.println(URLString + " is not a valid URL."); - - } catch (IOException e) { - System.out.println("exception : " + e.getMessage()); - } - System.out.println(st); - return st; - } - -} diff --git a/base/silent/src/com/netscape/pkisilent/common/Request.java b/base/silent/src/com/netscape/pkisilent/common/Request.java deleted file mode 100644 index 4557f2f65..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/Request.java +++ /dev/null @@ -1,1162 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -import java.io.UnsupportedEncodingException; -import java.net.URLEncoder; -import java.util.Calendar; -import java.util.Date; -import java.util.GregorianCalendar; -import java.util.Vector; - -/** - * CMS Test framework . - * Submits List,Approve,Reject,cancel requests to agent port - */ - -public class Request extends TestClient { - - private String validityperiod; - private String approveseqnum, type, reqType, reqState, agenttype; - private int i; - - // Program variables - private String ACTION_PROCESS_CERT_REQUEST = null; - private String ACTION_LISTREQUEST = "/queryReq"; - private int reqtype = 1; - private int seqNumFrom = 1; - private int maxCount = 50; - private int validperiod = 180; - private String cadualcert_name = null; - - private String approveseqnumFrom, approveseqnumTo; - // Request variables - private Vector<String> seqNum = new Vector<String>(); - private String AUTH_ID = null; - - // Cert Detail variables - - private String csrRequestorName; - private String csrRequestorPhone; - private String csrRequestorEmail; - private String subject; - private String subjectdn; - private String reqStatus; - @SuppressWarnings("unused") - private String certType; - @SuppressWarnings("unused") - private String requestType; - private String requestID; - @SuppressWarnings("unused") - private String sslclient; - private String clientcert; - private String servercert; - private String emailcert; - private String objectsigningcert; - @SuppressWarnings("unused") - private String sslcacert; - @SuppressWarnings("unused") - private String objectsigningcacert; - @SuppressWarnings("unused") - private String emailcacert; - private String sigAlgo; - @SuppressWarnings("unused") - private String totalRecord; - @SuppressWarnings("unused") - private String validitylength; - private String trustedManager; - - private int totalNumApproved = 0; - - // Constructors - - /** - * Constructor . Takes the parameter for Properties file name - * - * @param propfileName name of the parameter file. - */ - - public Request(String pfile) { - propfileName = pfile; - } - - /** - * Constructor . Takes the parameter host , port and "angent type - ca/ra" - * - * @param hostname. - * @param port - * @param agenttype Whether ca or ra agent - */ - - public Request(String h, String p, String at) { - host = h; - ports = p; - agenttype = at; - } - - /** - * Constructor . Takes the following parmaters - * - * @param hostName . - * @param port - * @param adminuid - * @param adminpwd - * @param agentcertnickname - * @param certdb - * @param tokenpwd - * @param approveSequncenumber - * @param ApproveSequenceNumberFrom - * @param ApproveSequnceNumberTo - * @param type - * @param reqtype enrollment/revoked - * @param requestState complete/pending - * @param agentType ra/ca - * @param trustedManager true/false - */ - - public Request(String h, String p, String aid, String apwd, String cname, String cd, String ctpwd, String snum, - String sfrom, String sto, String ty, String rty, String rstate, String aty, String tm) { - host = h; - ports = p; - adminid = aid; - adminpwd = apwd; - certnickname = cname; - cdir = cd; - tokenpwd = ctpwd; - approveseqnum = snum; - approveseqnumFrom = sfrom; - if (approveseqnumFrom == null) { - approveseqnumFrom = "1"; - } - - approveseqnumTo = sto; - if (approveseqnumTo == null) { - approveseqnumTo = "100"; - } - - type = ty; - reqType = rty; - reqState = rstate; - agenttype = aty; - if (agenttype == null) { - agenttype = "ca"; - } - - trustedManager = tm; - if (trustedManager.equals("true")) { - trustedManager = "true"; - } else { - trustedManager = "false"; - } - debug = false; - - } - - /** - * Set Agent Cert nick name - */ - public void setAgentCertName(String s) { - certnickname = s; - } - - /** - * List all pending enrollment request. Takes parameters fromRequestNumber,toRequestNumber - * - * @param fromrequest number - * @param endrequestnumber. - * @throws UnsupportedEncodingException - */ - - public Vector<String> ListPendingRequests(String fromRequestNumber, String toRequestNumber) throws UnsupportedEncodingException { - reqState = "showWaiting"; - reqType = "enrollment"; - approveseqnumFrom = fromRequestNumber; - approveseqnumTo = toRequestNumber; - listRequest(approveseqnumFrom, approveseqnumTo); - return seqNum; - } - - /** - * List all pending request. Takes parameters fromRequestNumber,toRequestNumber - * - * @param fromrequest number - * @param endrequestnumber. - * @throws UnsupportedEncodingException - */ - - public Vector<String> ListAllRequests(String fromRequestNumber, String toRequestNumber) throws UnsupportedEncodingException { - reqState = "showAll"; - reqType = "enrollment"; - approveseqnumFrom = fromRequestNumber; - approveseqnumTo = toRequestNumber; - listRequest(approveseqnumFrom, approveseqnumTo); - return seqNum; - } - - /** - * Approve pending enrollment request. Takes parameters RequestNumber - * - * @param request number - * @throws UnsupportedEncodingException - */ - - public int ApproveRequests(String requestNumber) throws UnsupportedEncodingException { - reqState = "showWaiting"; - reqType = "enrollment"; - approveseqnum = requestNumber; - approveseqnumFrom = requestNumber; - approveseqnumTo = requestNumber; - if (approveRequest()) { - System.out.println("Approve Request :" + totalNumApproved); - return totalNumApproved; - } else { - return -1; - } - - } - - /** - * Approve profile based pending enrollment request. Takes parameters RequestNumber - * - * @param request number - * @throws UnsupportedEncodingException - */ - - public int ApproveProfileRequests(String RequestNumber) throws UnsupportedEncodingException { - - approveseqnum = RequestNumber; - approveseqnumFrom = RequestNumber; - approveseqnumTo = RequestNumber; - - reqtype = 4; - buildquery(); - if (!Send()) { - System.out.println("Error: Approving request " + approveseqnum); - return 0; - } - return 1; - - } - - public boolean Approve_cadualcert_Profile_Request(String RequestNumber, String name) throws UnsupportedEncodingException { - - approveseqnum = RequestNumber; - approveseqnumFrom = RequestNumber; - approveseqnumTo = RequestNumber; - - cadualcert_name = name; - - // reqtype = 7 means cadualcert profile request - // this is just a convention that we follow within this file to distinguish - // bet'n the different requests - - reqtype = 7; - - buildquery(); - - if (!Send()) { - System.out.println("Error: Approving request " + approveseqnum); - return false; - } - - return true; - - } - - /** - * Reject profile based pending enrollment request. Takes parameters RequestNumber - * - * @param request number - * @throws UnsupportedEncodingException - */ - - public int RejectProfileRequests(String RequestNumber) throws UnsupportedEncodingException { - - approveseqnum = RequestNumber; - approveseqnumFrom = RequestNumber; - approveseqnumTo = RequestNumber; - - reqtype = 5; - buildquery(); - if (!Send()) { - System.out.println("Error: Rejecting request " + approveseqnum); - return 0; - } - return 1; - - } - - /** - * Cancel profile based pending enrollment request. Takes parameters RequestNumber - * - * @param request number - * @throws UnsupportedEncodingException - */ - - public int CancelProfileRequests(String RequestNumber) throws UnsupportedEncodingException { - - approveseqnum = RequestNumber; - approveseqnumFrom = RequestNumber; - approveseqnumTo = RequestNumber; - - reqtype = 6; - buildquery(); - if (!Send()) { - System.out.println("Error: canceling request " + approveseqnum); - return 0; - } - return 1; - - } - - // private methods - private boolean RetrieveProfileCancel(StringBuffer s) { - String res = s.toString(); - int ret = 0; - - ret = res.indexOf("requestStatus="); - String status = res.substring(ret + "requestStatus=".length() + 1, - res.indexOf(";", ret) - 1); - - if (!status.equals("canceled")) { - ErrorDetail = res.substring(ret + "errorReason=".length() + 1, - res.indexOf(";", ret) - 1); - return false; - } - - return true; - } - - private boolean RetrieveProfileReject(StringBuffer s) { - String res = s.toString(); - int ret = 0; - - ret = res.indexOf("requestStatus="); - String status = res.substring(ret + "requestStatus=".length() + 1, - res.indexOf(";", ret) - 1); - - if (!status.equals("rejected")) { - ErrorDetail = res.substring(ret + "errorReason=".length() + 1, - res.indexOf(";", ret) - 1); - return false; - } - - return true; - } - - private boolean RetrieveProfileApproval(StringBuffer s) { - String res = s.toString(); - int ret = 0; - - ret = res.indexOf("requestStatus="); - String status = res.substring(ret + "requestStatus=".length() + 1, - res.indexOf(";", ret) - 1); - - if (!status.equals("complete")) { - ErrorDetail = res.substring(ret + "errorReason=".length() + 1, - res.indexOf(";", ret) - 1); - return false; - } - - return true; - - } - - private boolean RetrieveReq(StringBuffer s) { - String AUTHID = "header.authorityid = "; - String seqnum = "record.seqNum"; - - String res = s.toString(); - int ret = 0; - - if ((ret = res.indexOf(AUTHID)) > -1) { - AUTH_ID = res.substring(ret + AUTHID.length() + 1, - res.indexOf(";", ret) - 1); - while (ret > 0) { - if ((ret = res.indexOf(seqnum, ret)) > -1) { - int bi = ret + seqnum.length() + 2; - int be = res.indexOf(";", ret) - 1; - - seqNum.addElement(res.substring(bi, be)); - ret++; - } - - } - - } - - ret = res.indexOf("header.totalRecordCount ="); - totalRecord = res.substring(ret + "header.totalRecordCount = ".length(), - res.indexOf(";", ret)); - - return true; - - } - - private boolean RetrieveCertDetails(StringBuffer s) { - - // System.out.println("Debug : Retrieving cert details "); - String res = s.toString(); - - if (debug) { - System.out.println(res); - } - int ret = 0; - - boolean st = false; - - for (int t = 0; t < 25; t++) { - String cmp = "header.SERVER_ATTRS[" + t + "].name="; - - ret = res.indexOf(cmp); - if ((res.substring(ret + cmp.length() + 1, res.indexOf(";", ret) - 1)).equals( - "requestId")) { - ret = res.indexOf("header.SERVER_ATTRS[" + t + "].value="); - requestID = res.substring( - ret + "header.SERVER_ATTRS[t].value=".length() + 1, - res.indexOf(";", ret) - 1); - } - if ((res.substring(ret + cmp.length() + 1, res.indexOf(";", ret) - 1)).equals( - "requestStatus")) { - ret = res.indexOf("header.SERVER_ATTRS[" + t + "].value="); - reqStatus = res.substring( - ret + "header.SERVER_ATTRS[t].value=".length() + 1, - res.indexOf(";", ret) - 1); - } - - if ((res.substring(ret + cmp.length() + 1, res.indexOf(";", ret) - 1)).equals( - "requestType")) { - ret = res.indexOf("header.SERVER_ATTRS[" + t + "].value="); - requestType = res.substring( - ret + "header.SERVER_ATTRS[t].value=".length() + 1, - res.indexOf(";", ret) - 1); - } - - } // end of for loop - - // System.out.println("Debug : Retrieving cert details Serverattributes "); - - if (requestID.equals(approveseqnum)) { - st = true; - } - - if (!st) { - System.out.println("Error in retrieving the record " + approveseqnum); - return false; - } - - // System.out.println("Debug : Retrieving cert details HTTP parmas "); - - for (int t = 0; t < 25; t++) { - String cmp = "header.HTTP_PARAMS[" + t + "].name="; - - ret = res.indexOf(cmp); - if ((res.substring(ret + cmp.length() + 1, res.indexOf(";", ret) - 1)).equals( - "csrRequestorEmail")) { - ret = res.indexOf("header.HTTP_PARAMS[" + t + "].value="); - csrRequestorEmail = res.substring( - ret + "header.HTTP_PARAMS[t].value=".length() + 1, - res.indexOf(";", ret) - 1); - } - if ((res.substring(ret + cmp.length() + 1, res.indexOf(";", ret) - 1)).equals( - "csrRequestorPhone")) { - ret = res.indexOf("header.HTTP_PARAMS[" + t + "].value="); - csrRequestorPhone = res.substring( - ret + "header.HTTP_PARAMS[t].value=".length() + 1, - res.indexOf(";", ret) - 1); - } - if ((res.substring(ret + cmp.length() + 1, res.indexOf(";", ret) - 1)).equals( - "csrRequestorName")) { - ret = res.indexOf("header.HTTP_PARAMS[" + t + "].value="); - csrRequestorName = res.substring( - ret + "header.HTTP_PARAMS[t].value=".length() + 1, - res.indexOf(";", ret) - 1); - } - - if ((res.substring(ret + cmp.length() + 1, res.indexOf(";", ret) - 1)).equals( - "subject")) { - ret = res.indexOf("header.HTTP_PARAMS[" + t + "].value="); - subjectdn = res.substring( - ret + "header.HTTP_PARAMS[t].value=".length() + 1, - res.indexOf(";", ret) - 1); - } - - } // end of for loop - - // System.out.println("Debug : Retrieving cert details"); - - ret = res.indexOf("header.subject ="); - if (ret > 0) { - subject = res.substring(ret + "header.subject = ".length() + 1, - res.indexOf(";", ret) - 1); - } - // System.out.println("Debug : Retrieving cert details "); - - sslclient = - clientcert = - servercert = - emailcert = objectsigningcert = sslcacert = objectsigningcacert = emailcacert = "false"; - ret = res.indexOf("header.sslclient ="); - if (ret > 0) { - sslclient = res.substring(ret + "header.sslclient = ".length() + 1, - res.indexOf(";", ret) - 1); - } - // System.out.println("Debug : Retrieving cert details "); - - ret = res.indexOf("header.ext_ssl_client ="); - if (ret > 0) { - clientcert = res.substring( - ret + "header.ext_ssl_client = ".length() + 1, - res.indexOf(";", ret) - 1); - } - // System.out.println("Debug : Retrieving cert details "); - - ret = res.indexOf("header.ext_email ="); - if (ret > 0) { - emailcert = res.substring(ret + "header.ext_email = ".length() + 1, - res.indexOf(";", ret) - 1); - } - // System.out.println("Debug : Retrieving cert details "); - - ret = res.indexOf("header.ext_ssl_server ="); - if (ret > 0) { - servercert = res.substring( - ret + "header.ext_ssl_server = ".length() + 1, - res.indexOf(";", ret) - 1); - } - - // System.out.println("Debug : Retrieving cert details "); - - ret = res.indexOf("header.ext_object_signing ="); - if (ret > 0) { - objectsigningcert = res.substring( - ret + "header.ext_object_signing = ".length() + 1, - res.indexOf(";", ret) - 1); - } - - // System.out.println("Debug : Retrieving cert details "); - - ret = res.indexOf("header.ext_ssl_ca ="); - if (ret > 0) { - sslcacert = res.substring(ret + "header.ext_ssl_ca = ".length() + 1, - res.indexOf(";", ret) - 1); - } - - // System.out.println("Debug : Retrieving cert details "); - - if (ret > 0) { - ret = res.indexOf("header.ext_object_signing_ca="); - } - objectsigningcacert = res.substring( - ret + "header.ext_object_signing_ca = ".length() + 1, - res.indexOf(";", ret) - 1); - - // System.out.println("Debug : Retrieving cert details "); - - ret = res.indexOf("header.ext_email_ca ="); - if (ret > 0) { - emailcacert = res.substring( - ret + "header.ext_email_ca = ".length() + 1, - res.indexOf(";", ret) - 1); - } - - // System.out.println("Debug : Retrieving cert details "); - - ret = res.indexOf("header.certType ="); - if (ret > 0) { - certType = res.substring(ret + "header.certType = ".length() + 1, - res.indexOf(";", ret) - 1); - } - // System.out.println("Debug : Retrieving cert details "); - - ret = res.indexOf("header.signatureAlgorithmName ="); - if (ret > 0) { - sigAlgo = res.substring( - ret + "header.signatureAlgorithmName = ".length() + 1, - res.indexOf(";", ret) - 1); - } - - ret = res.indexOf("header.validityLength ="); - if (ret > 0) { - validitylength = res.substring( - ret + "header.validityLength = ".length() + 1, - res.indexOf(";", ret) - 1); - } - - return true; - - } - - private boolean approveRequestStatus(StringBuffer s) { - - String res = s.toString(); - - if (debug) { - System.out.println(res); - } - - // Find th Server_ATTRS paramteter value of reqStatus - - int i = 1; - int ret; - - for (int t = 0; t < 25; t++) { - String cmp = "header.SERVER_ATTRS[" + t + "].name="; - - ret = res.indexOf(cmp); - if ((res.substring(ret + cmp.length() + 1, res.indexOf(";", ret) - 1)).equals( - "requestStatus")) { - i = t; - break; - } - - } - - String req = "header.SERVER_ATTRS[" + i + "].value="; - - ret = res.indexOf(req); - reqStatus = res.substring(ret + req.length() + 1, - res.indexOf(";", ret) - 1); - - if (reqStatus != null) { - reqStatus.toLowerCase(); - if (reqStatus.equals("complete")) { - return true; - } else { - return false; - } - } - - return false; - - } - - private boolean Send() { - debug = true; - boolean st = false; - - try { - // Covert the string port to int port - - Integer x = new Integer(ports); - - port = x.intValue(); - - Con2Agent con = new Con2Agent(host, port, certnickname, tokenpwd, - cdir); - - con.setQueryString(query); - con.setActionURL(ACTION_STRING); - con.Send(); - StringBuffer s = con.getPage(); - - if (debug) { - System.out.println(s.toString()); - } - switch (reqtype) { - case 1: - st = RetrieveReq(s); - break; - - case 2: - st = RetrieveCertDetails(s); - break; - - case 3: - st = approveRequestStatus(s); - break; - - case 4: - st = RetrieveProfileApproval(s); - break; - - case 5: - st = RetrieveProfileReject(s); - break; - - case 6: - st = RetrieveProfileCancel(s); - break; - - case 7: - st = RetrieveProfileApproval(s); - break; - - default: - System.out.println("reqtype not recognized"); - } - } catch (Exception e) { - System.err.println("exception: in Send routine" + e); - return false; - } - - return st; - } - - private void buildquery() throws UnsupportedEncodingException { - - if (reqtype == 1) { // req type = list - ACTION_STRING = "/" + agenttype + ACTION_LISTREQUEST; - query = "seqNumFrom=" + seqNumFrom; - query += "&maxCount=" + maxCount; - query += "&reqType=" + reqType; - query += "&reqState=" + reqState; - - } - - if (reqtype == 2) { // get cert details - ACTION_PROCESS_CERT_REQUEST = "/" + AUTH_ID + "/processCertReq"; - ACTION_STRING = ACTION_PROCESS_CERT_REQUEST; - query = "seqNum=" + approveseqnum; - - } - - if (reqtype == 3) { // aaprove cert - - if (validityperiod != null) { - Integer x = new Integer(validityperiod); - - validperiod = x.intValue(); - } else { - validperiod = 180; - } - - ACTION_PROCESS_CERT_REQUEST = "/" + AUTH_ID + "/processCertReq"; - ACTION_STRING = ACTION_PROCESS_CERT_REQUEST; - query = "seqNum=" + approveseqnum; - query += "&toDo=accept"; - if (subjectdn != null) { - query += "&subject=" + URLEncoder.encode(subjectdn, "UTF-8"); - } else if (subject != null) { - query += "&subject=" + URLEncoder.encode(subject, "UTF-8"); - } - - if (csrRequestorName != null) { - query += "&csrRequestorName=" + csrRequestorName; - } - if (csrRequestorPhone != null) { - query += "&csrRequestorPhone=" + csrRequestorPhone; - } - - if (csrRequestorEmail != null) { - query += "&csrRequestorEmail=" + csrRequestorEmail; - } - if (sigAlgo != null) { - query += "&signatureAlgorithm=" + sigAlgo; - } - query += "&grantUID=u" + approveseqnum; - - GregorianCalendar begin = new GregorianCalendar(); - GregorianCalendar end = new GregorianCalendar(); - - end.add(GregorianCalendar.DATE, validperiod); - Date begindate = begin.getTime(); - Date enddate = end.getTime(); - - query += "¬ValidBefore=" + begindate.getTime() / 1000; - query += "¬ValidAfter=" + enddate.getTime() / 1000; - - if (clientcert.equals("true")) { - query += "&certTypeSSLClient=" + clientcert; - } - - if (servercert.equals("true")) { - query += "&certTypeSSLServer=" + servercert; - } - - if (emailcert.equals("true")) { - query += "&certTypeEmail=" + emailcert; - } - - if (objectsigningcert.equals("true")) { - query += "&certTypeObjSigning=" + objectsigningcert; - } - - query += "&grantTrustedManagerPrivilege=" + trustedManager; - - } - - if ((reqtype == 4) || (reqtype == 5) || (reqtype == 6)) { // profile based cert request - - if (validityperiod != null) { - Integer x = new Integer(validityperiod); - - validperiod = x.intValue(); - } else { - validperiod = 180; - } - - ACTION_PROCESS_CERT_REQUEST = "/" + agenttype + "/profileProcess"; - ACTION_STRING = ACTION_PROCESS_CERT_REQUEST; - query = "requestId=" + approveseqnum; - query += "&name=" - + URLEncoder.encode( - "UID=test,E=test,CN=test,OU=netscape,O=aol", "UTF-8"); - query += "&keyUsageCritical=true"; - query += "&keyUsageDigitalSignature=true"; - query += "&keyUsageNonRepudiation=true"; - query += "&keyUsageKeyEncipherment=true"; - query += "&keyUsageDataEncipherment=false"; - query += "&keyUsageKeyAgreement=false"; - query += "&keyUsageKeyCertSign=false"; - query += "&keyUsageCrlSign=false"; - query += "&keyUsageEncipherOnly=false"; - query += "&keyUsageDecipherOnly=false"; - - query += "&nsCertCritical=false"; - query += "&nsCertSSLClient=true"; - - query += "&nsCertSSLServer=false"; - query += "&nsCertEmail=true"; - query += "&nsCertObjectSigning=false"; - query += "&nsCertSSLCA=false"; - query += "&nsCertEmailCA=false"; - query += "&nsCertObjectSigningCA=false"; - - query += "&subAltNameExtCritical=false"; - query += "&subjAltNames=RFC822Name:" - + URLEncoder.encode(" thomasknscp@aol.com", "UTF-8"); - query += "&signingAlg=MD5withRSA"; - - query += "&submit=submit"; - - GregorianCalendar begin = new GregorianCalendar(); - GregorianCalendar end = new GregorianCalendar(); - - end.add(GregorianCalendar.DATE, validperiod); - // Date begindate = begin.getTime(); - // Date enddate = end.getTime(); - String nb = begin.get(Calendar.YEAR) + "-" - + begin.get(Calendar.MONTH) + "-" + begin.get(Calendar.DATE) - + " " + begin.get(Calendar.HOUR) + ":" - + begin.get(Calendar.MINUTE) + ":" - + begin.get(Calendar.SECOND); - - String nat = end.get(Calendar.YEAR) + "-" + end.get(Calendar.MONTH) - + "-" + end.get(Calendar.DATE) + " " - + end.get(Calendar.HOUR) + ":" + end.get(Calendar.MINUTE) - + ":" + end.get(Calendar.SECOND); - - query += "¬Before=" + nb; - query += "¬After=" + nat; - - query += "&authInfoAccessCritical=false"; - query += "&authInfoAccessGeneralNames="; - query += "&exKeyUsageOIDs=" + "1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4"; - - } - - if (reqtype == 4) { - query += "&op=approve"; - } - - if (reqtype == 5) { - query += "&op=reject"; - } - - if (reqtype == 6) { - query += "&op=cancel"; - } - - if (reqtype == 7) { - // cadualcert profile approval - ACTION_STRING = "/" + "ca" + "/profileProcess"; - - GregorianCalendar begin = new GregorianCalendar(); - GregorianCalendar end = new GregorianCalendar(); - - end.add(GregorianCalendar.DATE, validperiod); - - String nb = begin.get(Calendar.YEAR) + "-" - + begin.get(Calendar.MONTH) + "-" + begin.get(Calendar.DATE) - + " " + begin.get(Calendar.HOUR) + ":" - + begin.get(Calendar.MINUTE) + ":" - + begin.get(Calendar.SECOND); - - String nat = end.get(Calendar.YEAR) + "-" + end.get(Calendar.MONTH) - + "-" + end.get(Calendar.DATE) + " " - + end.get(Calendar.HOUR) + ":" + end.get(Calendar.MINUTE) - + ":" + end.get(Calendar.SECOND); - - query = "requestId=" + approveseqnum + "&name=" - + URLEncoder.encode(cadualcert_name, "UTF-8") + "¬Before=" + nb - + "¬After=" + nat + "&authInfoAccessCritical=false" - + "&authInfoAccessGeneralNames=" + "&keyUsageCritical=true" - + "&keyUsageDigitalSignature=false" - + "&keyUsageNonRepudiation=false" - + "&keyUsageKeyEncipherment=true" - + "&keyUsageDataEncipherment=false" - + "&keyUsageKeyAgreement=false" - + "&keyUsageKeyCertSign=false" + "&keyUsageCrlSign=false" - + "&keyUsageEncipherOnly=false" - + "&keyUsageDecipherOnly=false" + /* -- For Older CMS 6.x servers use these - "&nsCertCritical=false" + - "&nsCertSSLClient=true" + - "&nsCertSSLServer=false" + - "&nsCertEmail=true" + - "&nsCertObjectSigning=false" + - "&nsCertSSLCA=false" + - "&nsCertEmailCA=false" + - "&nsCertObjectSigningCA=false" + - "&subjAltNameExtCritical=false" + - "&subjAltNames=RFC822Name: null" + - "&signingAlg=MD5withRSA" + - */// For newer CS 7.x servers use these - "&exKeyUsageCritical=false" - + "&exKeyUsageOIDs=1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4" - + "&subjAltNameExtCritical=false" - + "&subjAltNames=RFC822Name: null" - + "&signingAlg=SHA1withRSA" + "&requestNotes=" - + "&op=approve" + "&submit=submit"; - - } - - } - - private void readProperties() { - - // Read the properties file and assign values to variables . - try { - getProperties(propfileName); - } catch (Exception e) { - System.out.println( - "exception reading Properties File " + e.getMessage()); - } - - // Read the properties file - host = props.getProperty("enroll.host"); - ports = props.getProperty("enroll.port"); - adminid = props.getProperty("enroll.adminid"); - adminpwd = props.getProperty("enroll.adminpwd"); - certnickname = props.getProperty("enroll.nickname"); - cdir = props.getProperty("enroll.certdir"); - tokenpwd = props.getProperty("enroll.certtokenpwd"); - approveseqnum = props.getProperty("enroll.seqnum"); - if (approveseqnum == null) { - System.out.println("Seq num is null"); - } - - approveseqnumFrom = props.getProperty("enroll.seqnumFrom"); - if (approveseqnumFrom == null) { - approveseqnumFrom = "1"; - } - - approveseqnumTo = props.getProperty("enroll.seqnumTo"); - if (approveseqnumTo == null) { - approveseqnumTo = "100"; - } - validityperiod = props.getProperty("enroll.validperiod"); - type = props.getProperty("enroll.type"); - reqType = props.getProperty("enroll.reqtype"); - reqState = props.getProperty("enroll.reqstate"); - agenttype = props.getProperty("enroll.agenttype"); - if (agenttype == null) { - agenttype = "ca"; - } - - trustedManager = props.getProperty("enroll.trust"); - if (trustedManager.equals("true")) { - trustedManager = "true"; - } else { - trustedManager = "false"; - } - - String de = props.getProperty("enroll.debug"); - - if (de == null) { - debug = false; - } else if (de.equals("true")) { - debug = true; - } else { - debug = false; - } - - } - - private boolean listRequest(String from, String To) throws UnsupportedEncodingException { - - Integer x = new Integer(from); - - seqNumFrom = x.intValue(); - - Integer y = new Integer(To); - - if ((y.intValue() - seqNumFrom) > 50) { - maxCount = 50; - } else { - maxCount = y.intValue() - x.intValue(); - } - if (maxCount == 0) { - maxCount = 1; - } - - reqtype = 1; - buildquery(); - return (Send()); - } - - private boolean approveRequest() throws UnsupportedEncodingException { - - boolean st = true; - - listRequest(approveseqnumFrom, approveseqnumTo); - - if (seqNum.isEmpty()) { - System.out.println("No Requests for approval"); - return false; - } - - if (approveseqnum.length() > 0) { - if (seqNum.contains(approveseqnum)) { - seqNum.removeAllElements(); - seqNum.addElement(approveseqnum); - } else { - System.out.println( - " Seq num " + approveseqnum + " already approved "); - return false; - } - } else { - System.out.println( - " Seq num not specified . Approving all pending request From : " - + approveseqnumFrom + " To : " + approveseqnumTo); - } - - boolean flag = true; - - Integer y = new Integer(approveseqnumTo); - int torequest = y.intValue(); - - while (flag) { - - i = 0; - while (i < seqNum.size()) { - - approveseqnum = (seqNum.elementAt(i)).toString(); - // Get request details - reqtype = 2; - buildquery(); - if (!Send()) { - System.out.println("Error : Getting Request details "); - i++; - continue; - } - - if (debug) { - System.out.println( - csrRequestorName + " " + csrRequestorPhone + " " - + csrRequestorEmail + " " + requestID + " " - + subject); - } - // Now for pending status - approve the request - reqtype = 3; - buildquery(); - if (!Send()) { - System.out.println( - "Error: Approving request " + approveseqnum); - i++; - continue; - } - System.out.println("Request " + approveseqnum + " is approved "); - totalNumApproved++; - i++; - } - Integer x = new Integer(approveseqnum); - - if (x.intValue() >= torequest) { - flag = false; - } else { - listRequest(approveseqnum, approveseqnumTo); - } - - } - return st; - } - - /** - * Use this method when you need to use properties file. - * @throws UnsupportedEncodingException - */ - - public int processRequest() throws UnsupportedEncodingException { - if (propfileName != null) { - readProperties(); - } - - if (approveseqnum.length() > 0) { - approveseqnumFrom = approveseqnum; - approveseqnumTo = approveseqnum; - } - - type = type.toLowerCase(); - if (type.equals("approve")) { - if (approveRequest()) { - System.out.println("Approve Request :" + totalNumApproved); - return totalNumApproved; - } else { - return -1; - } - - } - - if (type.equals("list")) { - - if (listRequest(approveseqnumFrom, approveseqnumTo)) { - System.out.println("List Request : " + seqNum.size()); - if (seqNum.size() > 0) { - return seqNum.size(); - } else { - return 0; - } - } else { - return -1; - } - - } - - return -1; - } - - public static void main(String args[]) { - // Exit Status - (0) for error - // - any number > 0 Pass - int st = 0; - - if (args.length < 1) { - System.out.println("Usage : propertiesfile"); - System.exit(0); - } - - Request t = new Request(args[0]); - - try { - st = t.processRequest(); - } catch (UnsupportedEncodingException e) { - System.out.println(e); - e.printStackTrace(); - } - if (st == -1) { - System.exit(0); - } else { - System.exit(st); - } - - }// end of function main - -} // end of class - diff --git a/base/silent/src/com/netscape/pkisilent/common/ServerInfo.java b/base/silent/src/com/netscape/pkisilent/common/ServerInfo.java deleted file mode 100644 index ff99a47f4..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/ServerInfo.java +++ /dev/null @@ -1,359 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -import java.io.BufferedReader; -import java.io.FileInputStream; -import java.io.FileReader; -import java.io.IOException; -import java.net.InetAddress; -import java.util.StringTokenizer; - -/** - * CMS Test framework . - * This class fetches all the necssary ServerInformation to run the test . For example AdminServer information linke - * port , hsotname, Config LDAP server port, CMS servers Agentport,AdminPort, EESSL port, EE port etc.. - */ - -public class ServerInfo { - - public String serverRoot, instanceRoot, instanceID; - public String ldapPort, ldapHost, ldapSSLPort, ldapBaseSuffix, adminPort, admDN, admDNPW, singleSignOnPWD, domain; - public String caSigningCertNickName, raSigningCertNickName, ocspSigningCertNickName, kraTransportCertNickName; - public String ServerCertNickName, CertAuthority; - public String CMSAgentPort, CMSEESSLPort, CMSEEPort, CMSAdminPort, IDBPort; - - public static CMSProperties props = null; - public static CMSProperties CMSprops = null; - - // Private variables - public String CMSConfigFile, AdminConfigFile; - - public ServerInfo() { - } - - /** - * Constructor. Takes Server root as parameter for example ( /export/qa). Reads and collects information about - * adminserver and Config LDAP server. - */ - public ServerInfo(String sroot) { - serverRoot = sroot; - AdminConfigFile = serverRoot + "/admin-serv/config/adm.conf"; - readAdminConfig(); - SystemInfo(); - } - - /** - * Constructor. Takes Serverroot ( /export/qa) and instanceRoot (/export/qa/cert-jupiter2) as parameters . Reads and - * collects information about Admin Server , Config LDAP server and CMS server . - */ - - public ServerInfo(String sroot, String instRoot) { - serverRoot = sroot; - instanceRoot = instRoot; - CMSConfigFile = instanceRoot + "/config/CS.cfg"; - AdminConfigFile = serverRoot + "/admin-serv/config/adm.conf"; - instanceID = instanceRoot.substring(instanceRoot.indexOf("cert-") + 5); - readAdminConfig(); - SystemInfo(); - parseServerXML(); - readCMSConfig(); - } - - public String GetAdminPort() { - return adminPort; - } - - public String GetConfigLDAPPort() { - return ldapPort; - } - - public String GetHostName() { - if (domain.indexOf(".") > 0) { - return domain.substring(0, domain.indexOf(".")); - } else { - return domain; - } - } - - public String GetInstanceID() { - return instanceID; - } - - public String GetCMSConfigFileName() { - return CMSConfigFile; - } - - public String GetDomainName() { - return ldapHost.substring(ldapHost.indexOf(".") + 1); - } - - public String GetAgentPort() { - return CMSAgentPort; - } - - public String GetEESSLPort() { - return CMSEESSLPort; - } - - public String GetEEPort() { - return CMSEEPort; - } - - public String GetCMSAdminPort() { - return CMSAdminPort; - } - - public String GetInternalDBPort() { - return IDBPort; - } - - public String GetCertAuthority() { - return CertAuthority; - } - - public String GetCASigningCert() { - return caSigningCertNickName; - } - - public String GetRASigningCert() { - return raSigningCertNickName; - } - - public String GetServerCertNickName() { - return ServerCertNickName; - } - - public void setInstanceRoot(String instRoot) { - instanceRoot = instRoot; - CMSConfigFile = instanceRoot + "/config/CS.cfg"; - AdminConfigFile = serverRoot + "/admin-serv/config/adm.conf"; - instanceID = instanceRoot.substring(instanceRoot.indexOf("cert-") + 5); - SystemInfo(); - parseServerXML(); - readCMSConfig(); - } - - // Private functions - private void SystemInfo() { - try { - domain = InetAddress.getLocalHost().getHostName(); - System.out.println("Debu:SystemInfo " + domain); - } catch (Exception e) { - System.out.println("Exception InetAddress : " + e.getMessage()); - } - - } - - private void parseServerXML() { - int AGENT = 1; - int ADMIN = 2; - int EE_SSL = 3; - int EE_NON_SSL = 4; - int IP = 5; - int PORT = 6; - BufferedReader in = null; - - try { - String xmlFilePath = instanceRoot + "/config/server.xml"; - - in = new BufferedReader(new FileReader(xmlFilePath)); - String s = in.readLine(); - - while (s != null) { - // <LS id="agent" ip="0.0.0.0" port="8101" security="on" - // acceptorthreads="1" blocking="no"> - if (s.startsWith("<LS id=")) { - StringTokenizer st = new StringTokenizer(s, "\""); - int index1 = 5, index2 = 3; - - while (st.hasMoreTokens()) { - String token = st.nextToken(); - - if (token.equalsIgnoreCase("agent")) { - index1 = AGENT; - } else if (token.equalsIgnoreCase("admin")) { - index1 = ADMIN; - } else if (token.equalsIgnoreCase("eeSSL")) { - index1 = EE_SSL; - } else if (token.equalsIgnoreCase("ee_nonSSL")) { - index1 = EE_NON_SSL; - } else if (token.equals(" ip=")) { - index2 = IP; - } else if (token.equals(" port=")) { - index2 = PORT; - } - - if (index1 != 5 && index2 == IP && !token.equals(" ip=")) { - // token contains the ip value - } else if (index2 == PORT && !token.equals(" port=")) { - - switch (index1) { - case 1: - CMSAgentPort = token; - break; - - case 2: - CMSAdminPort = token; - break; - - case 3: - CMSEESSLPort = token; - break; - - case 4: - CMSEEPort = token; - break; - - default: - break; - - } - - break; - } - } // while token - } // if LS - s = in.readLine(); - } // while file no end - in.close(); - } catch (Exception e) { - if (in != null) { - try { - in.close(); - } catch (Exception ex) { - } - } - } - } - - private String stripSpace(String s) { - StringBuffer val = new StringBuffer(); - - for (int i = 0; i < s.length(); i++) { - if ((s.charAt(i) == ' ')) { - i++; - continue; - } else { - val.append(s.charAt(i)); - } - } - return val.toString(); - } - - private void readAdminConfig() { - String ldapHostStr = "ldapHost:"; - String ldapPortStr = "ldapPort:"; - String adminPortStr = "port:"; - FileInputStream fis = null; - try { - fis = new FileInputStream(AdminConfigFile); - int size = fis.available(); - byte b[] = new byte[size]; - - if (fis.read(b) != b.length) { - System.out.println("Could not read "); - - } else { - String tmpstr = new String(b, 0, b.length); - int ret; - - if ((ret = tmpstr.indexOf(ldapHostStr)) > -1) { - ldapHost = tmpstr.substring(ret + ldapHostStr.length() + 1, - tmpstr.indexOf("ldapPort", ret) - 1); - ldapHost = stripSpace(ldapHost); - // System.out.println(ldapPort); - } - - if ((ret = tmpstr.indexOf(ldapPortStr)) > -1) { - ldapPort = tmpstr.substring(ret + ldapPortStr.length() + 1, - tmpstr.indexOf("sie", ret) - 1); - ldapPort = stripSpace(ldapPort); - // System.out.println(ldapPort); - } - if ((ret = tmpstr.indexOf(adminPortStr)) > -1) { - adminPort = tmpstr.substring(ret + adminPortStr.length() + 1, - tmpstr.indexOf("ldapStart", ret) - 1); - adminPort = stripSpace(adminPort); - // System.out.println(adminPort); - } - - } - } catch (Exception e) { - System.out.println("exception " + e.getMessage()); - } finally { - if (fis != null) { - try { - fis.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - } - } - - private void readCMSConfig() { - - try { - FileInputStream fis = new FileInputStream(CMSConfigFile); - - CMSprops = new CMSProperties(); - CMSprops.load(fis); - System.out.println("Reading CMS Config file successful"); - CertAuthority = CMSprops.getProperty("subsystem.0.id"); - if (CertAuthority.equals("ca")) { - caSigningCertNickName = CMSprops.getProperty( - "ca.signing.cacertnickname"); - ServerCertNickName = "Server-Cert cert-" + instanceID; - } - if (CertAuthority.equals("ra")) { - raSigningCertNickName = CMSprops.getProperty( - "ra.signing.cacertnickname"); - ServerCertNickName = "Server-Cert cert-" + instanceID; - } - IDBPort = CMSprops.getProperty("internaldb.ldapconn.port"); - - fis.close(); - } catch (Exception e) { - System.out.println("exception " + e.getMessage()); - } - - } - - public static void main(String args[]) { - ServerInfo s = new ServerInfo("Test", "Test"); - - System.out.println(" Admin Port : " + s.GetAdminPort()); - System.out.println(" LDAP Port : " + s.GetConfigLDAPPort()); - System.out.println("Hostname " + s.GetHostName()); - System.out.println("InstanceID" + s.GetInstanceID()); - System.out.println(" doamin name : " + s.GetDomainName()); - System.out.println("AgentPort " + s.GetAgentPort()); - System.out.println("EESSLPort " + s.GetEESSLPort()); - System.out.println("EEPort " + s.GetEEPort()); - System.out.println("CMSAdminPort :" + s.GetCMSAdminPort()); - System.out.println("CAAuthority : " + s.GetCertAuthority()); - System.out.println("CASigningCert:" + s.GetCASigningCert()); - System.out.println("RASigningCert:" + s.GetRASigningCert()); - System.out.println("ServerCert" + s.GetServerCertNickName()); - - }// end of function main - -} // end of class - diff --git a/base/silent/src/com/netscape/pkisilent/common/TestClient.java b/base/silent/src/com/netscape/pkisilent/common/TestClient.java deleted file mode 100644 index 6fb5bd120..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/TestClient.java +++ /dev/null @@ -1,938 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -import java.io.BufferedReader; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStreamReader; -import java.net.ServerSocket; -import java.util.Properties; - -import org.mozilla.jss.crypto.X509Certificate; -import org.mozilla.jss.ssl.SSLCertificateApprovalCallback; - -/** - * CMS Test framework . - * Before createing an instance of this class make sure you havae set an environment variable TEST_CONFIG_FILE. - */ - -public class TestClient implements SSLCertificateApprovalCallback { - - public int port; - - // properties file parameters - public static String host, ports, adminid, adminpwd, propfileName, cdir; - public static String certnickname, keysize, keytype, tokenpwd; - public static String serverRoot, instanceRoot, ldaprootDN, ldaprootDNPW, caInstanceRoot, dataDirectory; - - // Program variables - public String STATUS; - public Properties props = null; - public String ACTION_STRING; - public String query; - public boolean debug = false; - // Certificate nicknames to be used by Test Clients - private String testConfigFile; - - public String caAgentCertName = "ca-agent"; - public String raAgentCertName = "ra-agent"; - public String ocspAgentCertName = "ocsp-agent"; - public String kraAgentCertName = "kra-agent"; - public String tksAgentCertName = "tks-agent"; - public String singleSignOnPWD = "secret12"; - public String adminCertName = "cn=admin"; - private String ldapBaseSuffix = "dc=netscape,dc=com"; - private String admDN = "admin"; - private String admDNPW = "admin"; - private String TmpDir; - @SuppressWarnings("unused") - private String TestLogFile; - private String startupTests, cleanupTests; - - private X509Certificate SSLServerCert = null; - - // Cert Sub vart - public String UID, OU, O, DN, E, CN, C, GN, SN, L, MAIL; - // Enroll - protected String PWD; - // CRypto - public ComCrypto cCrypt = new ComCrypto(); - public String pkcs10request = null; - - // Error - - public String ErrorDetail; - - private String serverKeyType, serverKeySize, serverKeyAlgo; - - private String unauth[] = { - "Unauthorized Access", "Server Error", - "Not Found", "Generic Unauthorized" }; - - public boolean approve(X509Certificate x509, SSLCertificateApprovalCallback.ValidityStatus status) { - SSLServerCert = x509; - return true; - } - - // Constructor - - public TestClient() { - keysize = "1024"; - keytype = "RSA"; - } - - /** - * Constructor . Takes the parameter for keysize and keytype . - * Before creating a new instance of this class make sure you have set TEST_CONFIG_FILE variable in your - * environnemt. - * Reads the TEST_CONFIG_FILE . Initializes the certificate database. See engage.cfg file for example. - * - * @param keysize - * @param keytype - */ - - public TestClient(String ks, String kt) { - - testConfigFile = ReadEnv("TEST_CONFIG_FILE"); - - System.out.println(testConfigFile); - readConfigFile(); - keysize = ks; - keytype = kt; - cCrypt.setCertDir(cdir); - cCrypt.setCertnickname(adminCertName); - cCrypt.setKeySize(keysize); - cCrypt.setKeyType(keytype); - cCrypt.setTokenPWD(tokenpwd); - cCrypt.setDebug(true); - cCrypt.CreateCertDB(); - - } - - /** - * Gets the SSLServer Certificate of the server - */ - - public X509Certificate getSSLServerCert() { - return SSLServerCert; - } - - /** - * finds the cert with nickname cname in the clients cert database - */ - - public X509Certificate findCertByNickname(String cname) { - - return cCrypt.findCert(cname); - - } - - /** - * Imports certificate to cert database.Takes parameters Certpackage and certnickname - */ - boolean importCert(String cp, String nickname) { - - return cCrypt.importCert(cp, nickname); - - } - - /** - * This function returns true if you choose to executeStartupTests - */ - - public boolean executeStartupTests() { - - if (startupTests == null) { - return false; - } else if (startupTests.equals("y")) { - return true; - } else { - return false; - } - - } - - /** - * This function returns true if you choose to executeCleanupTests - */ - - public boolean executeCleanupTests() { - - if (cleanupTests == null) { - return false; - } else if (cleanupTests.equals("y")) { - return true; - } else { - return false; - } - - } - - public String GetServerRoot() { - return serverRoot; - } - - public String GetInstanceRoot() { - return instanceRoot; - } - - public String getErrorDetail() { - return ErrorDetail; - } - - public String GetAdminDN() { - return admDN; - } - - public String GetAdminDNPWD() { - return admDNPW; - } - - public String GetLDAPDN() { - return ldaprootDN; - } - - public String GetLDAPDNPW() { - return ldaprootDNPW; - } - - public String GetLDAPBASE() { - return ldapBaseSuffix; - } - - public String GetAdminCertName() { - return adminCertName; - } - - public String GetRAAgentCertName() { - return raAgentCertName; - } - - public String GetKRAAgentCertName() { - return kraAgentCertName; - } - - public String GetOCSPAgentCertName() { - return ocspAgentCertName; - } - - public String GetTKSAgentCertName() { - return tksAgentCertName; - } - - public String GetDataDirectory() { - return dataDirectory; - } - - public String GetClientCertDB() { - return cdir; - } - - public String GetClientCertDBPW() { - return tokenpwd; - } - - public String GetSingleSignOnPW() { - return singleSignOnPWD; - } - - public String GetCARoot() { - return caInstanceRoot; - } - - public String GetTmpDir() { - return TmpDir; - } - - public String GetServerKeySize() { - return serverKeySize; - } - - public String GetServerKeyType() { - return serverKeyType; - } - - public String GetServerKeyAlgorithm() { - return serverKeyAlgo; - } - - public void setStatusString(String ststr) { - STATUS = ststr; - } - - public void setDebug(boolean t) { - debug = t; - } - - public void setpkcs10Request(String t) { - pkcs10request = t; - } - - public void setHostName(String s) { - host = s; - } - - public void setCARoot(String s) { - caInstanceRoot = s; - } - - public void setTestLogFile(String s) { - TestLogFile = s; - } - - /** - * parses a http page and returns true if any error is returned by server - **/ - - public boolean getError(String line) { - - int ret; - - ret = line.indexOf("fixed.errorDetails"); - - if (line.indexOf("fixed.errorDetails") == 0) { - ErrorDetail = line.substring( - ret + ("fixed.errorDetails = ").length()); - return true; - } - - if (line.indexOf("fixed.errorDetails") >= 0) { - ErrorDetail = line.substring( - ret + ("fixed.errorDetails = ").length()); - return true; - } - - ret = line.indexOf("fixed.unexpectedError"); - - if (line.indexOf("fixed.unexpectedError") == 0) { - System.out.println("Processing unexpectedError"); - ErrorDetail = line.substring( - ret + ("fixed.unexpectedError = ").length()); - return true; - } - - if (line.indexOf(unauth[0]) > 0) { - ErrorDetail = unauth[0]; - return true; - } - if (line.indexOf(unauth[1]) > -1) { - ErrorDetail = unauth[1]; - return true; - } - if (line.indexOf(unauth[2]) > -1) { - ErrorDetail = unauth[2]; - return true; - } - if (line.indexOf(unauth[3]) > -1) { - ErrorDetail = unauth[3]; - return true; - } - - if (line.indexOf("errorReason") >= 0) { - ErrorDetail = line.substring(ret + ("errorReason=").length()); - return true; - } - - return false; - } - - /** - * Reads a properties file . Takes filename as input parameter. - */ - - public void getProperties(String fileName) throws Exception { - FileInputStream fis = null; - try { - fis = new FileInputStream(fileName); - props = new Properties(); - props.load(fis); - } finally { - if (fis != null) - fis.close(); - } - } - - public String ReadEnv(String str) { - try { - Process p = null; - Runtime r = Runtime.getRuntime(); - String OS = System.getProperty("os.name").toLowerCase(); - - if (OS.indexOf("windows") > 1) { - p = r.exec("cmd.exe /c set"); - } else { - p = r.exec("env"); - } - - BufferedReader br = new BufferedReader( - new InputStreamReader(p.getInputStream())); - String line; - - while ((line = br.readLine()) != null) { - int idx = line.indexOf('='); - String key = line.substring(0, idx); - String value = line.substring(idx + 1); - - // System.out.println(key + "=" + value); - if (key.startsWith(str)) { - return value; - } - } - return null; - } catch (Throwable e) { - e.printStackTrace(); - } - return null; - } - - private void readConfigFile() { - try { - getProperties(testConfigFile); - } catch (Exception e) { - System.out.println( - "exception reading TestConfigFile " + e.getMessage()); - } - - serverRoot = props.getProperty("SROOT"); - instanceRoot = props.getProperty("IROOT"); - dataDirectory = props.getProperty("DATA_DIR"); - ldapBaseSuffix = props.getProperty("LDAPBASESUFFIX"); - - if (ldapBaseSuffix.indexOf("\"") > -1) { - ldapBaseSuffix = ldapBaseSuffix.substring(1, - ldapBaseSuffix.length() - 1); - } - - ldaprootDN = props.getProperty("LDAPROOTDN"); - // Strip of th e quotes "cn=directory manager" string - if (ldaprootDN.indexOf("\"") > -1) { - ldaprootDN = ldaprootDN.substring(1, ldaprootDN.length() - 1); - } - System.out.println("ldaprootDN : " + ldaprootDN); - - ldaprootDNPW = props.getProperty("LDAPROOTDNPW"); - cdir = props.getProperty("CERTDB"); - tokenpwd = props.getProperty("CERTDBPW"); - caInstanceRoot = props.getProperty("CAIROOT"); - admDN = props.getProperty("ADMINDN"); - admDNPW = props.getProperty("ADMINDNPW"); - singleSignOnPWD = props.getProperty("SINGLESIGNONPW"); - serverKeySize = props.getProperty("KEYSIZE"); - serverKeyType = props.getProperty("KEYTYPE"); - serverKeyAlgo = props.getProperty("KEYALGORITHM"); - - TmpDir = props.getProperty("TMP_DIR"); - TestLogFile = props.getProperty("TEST_LOG_FILE"); - - String de = props.getProperty("DEBUG"); - - if (de == null) { - debug = false; - } else if (de.equals("true")) { - debug = true; - } else { - debug = false; - } - - } - - /** - * returns FreePort in this machine . Takes a parmater portnumber. For example getFreePort("4026"). - */ - public String getFreePort(String s) { - Integer x = new Integer(s); - int p = x.intValue(); - - // if p = 0, then the serversocket constructor get a free port by itself - p = 0; - try { - ServerSocket ss1 = new ServerSocket(p); - - p = ss1.getLocalPort(); - System.out.println("Obtained Free Port = " + p); - ss1.close(); - } catch (Exception e) { - System.out.println("Unable to get Free Port"); - e.printStackTrace(); - p = 0; - } - return (String.valueOf(p)); - // This following method doesn't Always get a free port. - // while (st) { - // if(isSocketUnused(host,p) ) - // st=false; - // p++; - // } - // return (String.valueOf(p)); - - } - - /** - * Reads a file and returns the cert request as string - **/ - - public String readRequest(String filename) { - FileInputStream f1 = null; - try { - f1 = new FileInputStream(filename); - int size = f1.available(); - byte b[] = new byte[size]; - - if (f1.read(b) != b.length) { - return null; - } - - String s = new String(b); - - return s; - } catch (Exception e) { - System.out.println("exception " + e.getMessage()); - return null; - } finally { - if (f1 != null) { - try { - f1.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - } - } - - public static void main(String args[]) { - TestClient t = new TestClient("1024", "RSA"); - - /* - ******************************************************************* - * Sample programs to initialze calsses - ******************************************************************* - */ - - /* - ******************************************************************** - * To Test AutoInstaller - ******************************************************************* - */ - - /* - AutoInstaller a = new AutoInstaller(t.GetServerRoot()); - - ServerInfo s = new ServerInfo(t.GetServerRoot()); - System.out.println (" Admin Port : " + s.GetAdminPort()); - System.out.println (" LDAP Port : "+ s.GetConfigLDAPPort()); - System.out.println( "Hostname " + s.GetHostName()); - System.out.println(" doamin name : " + s.GetDomainName()); - - t.setHostName(s.GetHostName()); - // Set adminServer Info - a.setAdminInfo(s.GetHostName(),s.GetAdminPort(),s.GetDomainName(),"admin","admin"); - a.setAdminInfo(s.GetHostName(),s.GetAdminPort(),"mcom.com","admin","admin"); - - // setCAInfo - a.setCAInfo(s.GetHostName(),"1027","8100","admin","secret12"); - //setInternalDB info - String dp = t.getFreePort("38900"); - a.setInternalDBInfo(s.GetHostName(),"38907","ca-db","cn=directory manager","secret12" ); - - // set tokenInfo - - a.setTokenInfo("Internal","secret12"); - - // set Subsystem info - String agp = t.getFreePort("8100"); - String adp = t.getFreePort("8200"); - String eesp = t.getFreePort("1027"); - String eep = t.getFreePort("1100"); - - System.out.println(agp); - - a.setSubSystemInfo("testra",t.GetServerRoot(),"RSA","1024","MD5","365","cn=certificate manager,ou=test,o=test",adp,agp,eesp,eep); - - a.setClientDBInfo(t.GetClientCertDB(),"secret12",t.GetAdminCertName()); - - a.ConfigureCA("admin","admin","secret12","secret12"); - - // a.ConfigureRA("admin","admin","secret12","secret12"); - - */ - - /* - ****************************************************** - * Example to Get Server Details - ****************************************************** - */ - - ServerInfo s = new ServerInfo(t.GetServerRoot(), t.GetInstanceRoot()); - - t.setHostName(s.GetHostName()); - - System.out.println("AgentPort " + s.GetAgentPort()); - System.out.println("EESSLPort " + s.GetEESSLPort()); - System.out.println("EEPort " + s.GetEEPort()); - System.out.println("CMSAdminPort :" + s.GetCMSAdminPort()); - System.out.println("IDBPort : " + s.GetInternalDBPort()); - System.out.println("CAAuthority : " + s.GetCertAuthority()); - System.out.println("CASigningCert:" + s.GetCASigningCert()); - System.out.println("RASigningCert:" + s.GetRASigningCert()); - System.out.println("ServerCert" + s.GetServerCertNickName()); - System.out.println("------------------------------------------"); - System.out.println(" Internal Database Test:"); - System.out.println(" LDAP Port : " + s.GetConfigLDAPPort()); - System.out.println("Hostname " + s.GetHostName()); - - DirEnroll de = new DirEnroll(s.GetHostName(), s.GetEESSLPort()); - - de.setAuthenticator("Portal"); - de.setUIDInfo("caeetest110", "secret12"); - de.enroll(); - - /* **************************************************************** - * CMC Enroll - *************************************************************** - */ - - /* CMSUtils cmsutils = new CMSUtils(t.GetServerRoot()); - String requestfile="/u/lgopal/work/tetCMS/ns/tetframework/testcases/CMS/6.0/acceptance/data/basic/cmcreq/cmctest1.req"; - cmsutils.runCMCEnroll(t.GetClientCertDB(),"cn=admin",t.GetClientCertDBPW(),requestfile); - Profiles pr = new Profiles(s.GetHostName(),s.GetEESSLPort()); - pr.setProfileType("caCMCUserCert"); - pr.setCertAuthority("ca"); - - String request = t.readRequest(requestfile+".out"); - String bstr = "-----BEGIN NEW CERTIFICATE REQUEST-----"; - String estr="-----END NEW CERTIFICATE REQUEST-----"; - String Blob1 = request.substring(bstr.length() + 1); - String Blob2 = Blob1.substring(0,Blob1.indexOf(estr)); - request=Blob2; - - - pr.setRequest(request); - - pr.setUserInfo("UID=test1,Ou=netscape,o=aol","test","test","test","netscape","aol"); - pr.clientCertEnroll(); - */ - - /* **************************************************************** - * OCSP Client stuff - ************************************************************ - */ - - /* - String ip= "10.169.25.26"; - OCSPClient ocspclient= new OCSPClient(s.GetHostName(),ip,s.GetEEPort(),t.GetClientCertDB(),t.GetClientCertDBPW(),"cn=admin" ,"/tmp/ocsp.out","4"); - ocspclient.setCert(t.findCertByNickname("ocsp-agent")); - - ocspclient.SendOCSPRequest(); - */ - - /* - ***************************************************** - * Test CRMFcleint and KRA REcovery and Archival - ***************************************************** - */ - - /* - ********************************************************* - * OCSP Agent stuff - ********************************************************* - */ - - /* Retrieval rtr = new Retrieval(s.GetHostName(),s.GetEESSLPort()); - rtr.getCACert(); - System.out.println("CA Cert chain" + rtr.getCert()); - - OcspAgent ocspAgent= new OcspAgent(s.GetHostName(),"8111"); - ocspAgent.setAgentCertName(t.GetOCSPAgentCertName()); - - String cert = "-----BEGIN CERTIFICATE-----"+"\n"+rtr.getCert()+"\n"+"-----END CERTIFICATE-----\n"; - - ocspAgent.setCACert(cert); - ocspAgent.addCA(); - */ - - /* - *************************************************************** - Submit Profile based request - ********************************************************* - */ - - /* - Profiles pr = new Profiles(s.GetHostName(),s.GetEESSLPort()); - pr.setProfileType("caUserCert"); - // pr.setProfileType("caDirUserCert"); - - pr.setCertAuthority("ca"); - pr.setUserInfo("UID=test1,Ou=netscape,o=aol","test","test","test","netscape","aol"); - //pr.setDirUserInfo("test","netscape"); - pr.clientCertEnroll(); - System.out.println("Request ID is " + pr.getRequestID()); - - - Request re = new Request (s.GetHostName(),s.GetAgentPort(),"ca"); - re.setAgentCertName(t.GetAdminCertName()); - re.ApproveProfileRequests(pr.getRequestID()); - */ - - /* - String TransportCert="MIICJTCCAY6gAwIBAgIBBTANBgkqhkiG9w0BAQQFADBDMRswGQYDVQQKExJhY2NlcHRhY25ldGVzdDEwMjQxFzAVBgNVBAsTDmFjY2VwdGFuY2V0ZXN0MQswCQYDVQQDEwJjYTAeFw0wMzA0MjMyMTM3NTFaFw0wNDA0MjIwOTMzMzFaMDkxETAPBgNVBAoTCHRlc3QxMDI0MRcwFQYDVQQLEw5hY2NlcHRhbmNldGVzdDELMAkGA1UEAxMCcmEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANVW81T7GatHIB25kF0jdY4h4hOF1NAlAHE2YdN/UEyXuU22CfwrIltA3x/6sKFHhbbFysn6nGJlgKipPJqJDwyYTIv07hgoXqgcUu8fSYQg4BDHYhpHJxsUt3BSfADTjxAUHize7C2F8TVhBIcWW043FSkwvAiUjJb7uqQRKn7lAgMBAAGjMzAxMA4GA1UdDwEB/wQEAwIFIDAfBgNVHSMEGDAWgBTqvc3UPGDSWq+21DZGSUABNGIUbDANBgkqhkiG9w0BAQQFAAOBgQCNLJivNDHTTmCb2vDefUwLMxXNjuHwrbjVqymHPFqUjredTq2Yp+Ed1zxj+mxRovzegd65Tbnx+MV84j8K3Qc1kWOC+kbohAY9svSPsN3o5Q5BB19+5nUPC5Gk/mxkWJWWJLOnpKJGiAHMZIr58TH7hF8KQWXWMN9ikSFkPj0a/g=="; - - - CRMFClient CrmfClient = new CRMFClient(s.GetHostName(),s.GetEEPort()); - CrmfClient.setDBInfo(t.GetClientCertDB(),t.GetClientCertDBPW()); - CrmfClient.setTransportCert(TransportCert); - CrmfClient.setUserInfo("user","netscape"); - CrmfClient.setLDAPInfo(t.GetLDAPDN(),t.GetLDAPDNPW()); - CrmfClient.setDualKey(true); - - if(!CrmfClient.Enroll()) - {System.out.println("CRMFClient : could not submit request");} - - - checkRequest cr = new checkRequest(s.GetHostName(),s.GetEESSLPort(),String.valueOf(CrmfClient.getRequestId()),"false"); - cr.checkRequestStatus(); - System.out.println("Serial num " + cr.getSerialNumber()); - System.out.println("cert pack " + cr.getCert()); - - KraAgent kraAgent = new KraAgent(s.GetHostName(),"8111"); - kraAgent.setAgentCertName("cn=admin"); - System.out.println("KRAAgent List archival"); - - Vector aReq= kraAgent.ListArchivalRequests(); - int i=0; - while(i < aReq.size() ) - { - System.out.print(aReq.elementAt(i) + " "); - i++; - } - - kraAgent.setCertificate(cr.getCert()); - kraAgent.setLocalAgent(false); - kraAgent.recoverKeys(); - */ - - /* - ************************************************************* - * Example to Connect oto Config Directory port - ************************************************************* - */ - - /* - CMSLDAP cmsldap = new CMSLDAP(s.GetHostName(),s.GetConfigLDAPPort(),t.GetLDAPDN(),t.GetLDAPDNPW()); - if(cmsldap.connect()) - System.out.println("LDAP Connection successful"); - else - System.out.println("Error Connecting to LDAPSERVER"); - - // Add user to config directoory - if (cmsldap.userAdd("ou=people,"+t.GetLDAPBASE(),"t2","t2","t2","netscape")) - System.out.println("Added user to Config directory"); - - */ - - /* - ************************************************************* - * Example to Submit a CRMFCleint request to CA - ************************************************************* - */ - - /* - String TransportCert = - "MIICJTCCAY6gAwIBAgIBBTANBgkqhkiG9w0BAQQFADBDMRswGQYDVQQKExJhY2NlcHRhY25ldGVzdDEwMjQxFzAVBgNVBAsTDmFjY2VwdGFuY2V0ZXN0MQswCQYDVQQDEwJjYTAeFw0wMzA0MTgyMjMwMDhaFw0wNDA0MTcxMDI2MDhaMDkxETAPBgNVBAoTCHRlc3QxMDI0MRcwFQYDVQQLEw5hY2NlcHRhbmNldGVzdDELMAkGA1UEAxMCcmEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN6sQ3mSU8mL6i6gTZIXDLzOZPhYOkQLpnJjit5hcPZ0JMn0CQVXo4QjKN1xvuZv8qVlZoQw9czmzp/knTa0sCDgFKd0r+u0TnLeZkJMSimgFnma9CnChlaDHnBd8Beu4vyaHmo7rJ0xA4etn7HjhmKbaQZOcv/aP0SW9JXRga7ZAgMBAAGjMzAxMA4GA1UdDwEB/wQEAwIFIDAfBgNVHSMEGDAWgBSC3fsQHb7fddr2vL0UdkM2dAmUWzANBgkqhkiG9w0BAQQFAAOBgQBkAGbgd9HIqwoLKAr+V6bj9oWesDmDH80gPPxj10qyWSQYIs8PofOs/75yGS9nxhydtgSMFoBgCPdroUI31kZQQlFzxtudGoKD+5MWSXho79XzPwpjheOBYgpX6ch+L4tMLFDpqeraB1yZESO5EEeKm20DGVBOKVWxHhddO1BenA=="; - - CRMFClient CrmfClient = new CRMFClient(s.GetHostName(),s.GetEEPort()); - CrmfClient.setDBInfo(t.GetClientCertDB(),t.GetClientCertDBPW()); - CrmfClient.setTransportCert(TransportCert); - CrmfClient.setUserInfo("user","netscape"); - CrmfClient.setLDAPInfo(t.GetLDAPDN(),t.GetLDAPDNPW()); - CrmfClient.setDualKey(true); - - if(!CrmfClient.Enroll()) - {System.out.println("CRMFClient : could not submit request");} - */ - - /* KRA Agent list archived request */ - - /* ServerInfo KRAsvrInfo = new ServerInfo(t.GetServerRoot()); - String KRAinstanceRoot=t.GetServerRoot() + "/cert-" + "KRARSA1024" ; - KRAsvrInfo.setInstanceRoot(KRAinstanceRoot);*/ - - /* System.out.println("KRAAgent "); - KraAgent kraAgent = new KraAgent(s.GetHostName(),s.GetAgentPort()); - kraAgent.setAgentCertName(t.GetKRAAgentCertName()); - System.out.println("KRAAgent List archival"); - - Vector aReq= kraAgent.ListArchivalRequests(); - int i=0; - while(i < aReq.size() ) - { - System.out.print(aReq.elementAt(i) + " "); - i++; - } - - */ - - // cmsldap.disconnect(); - - /* - ************************************************************* - * Example to submit manual user enrollment request - ************************************************************* - /* - - - /* - UserEnroll ue = new UserEnroll(s.GetHostName(),"1029"); - ue.setUserInfo("E=testman,CN=testman,OU=netscape,O=aol,UID=testman1,C=US","testman", "testman", "testman1", "netscape","t"); - - boolean flag = ue.clientCertEnroll(); - if(flag) - System.out.println("Success submitted request"); - */ - - /* - ************************************************************* - * Example to submit Directory based enroolemt request - ************************************************************* - /* - - /* - // Add user to config directoory - if (cmsldap.userAdd("dc=netscape,dc=com","t2","t2","t2","netscape")) - System.out.println("Success "); - - if(cmsldap.TurnOnSSL("slapd-jupiter2","Server-Cert cert-jupiter2","7000")) - System.out.println("Turned on ssl"); - else - return; - - cmsldap.TurnOffSSL(); - - cmsldap.disconnect(); - - DirEnroll de = new DirEnroll(s.GetHostName(),s.GetEESSLPort()); - de.setUIDInfo("t2","netscape"); - de.enroll(); - - */ - - /* - ************************************************************* - * Example to submit Admin Enrollment request - ************************************************************* - /* - - /* - - AdminEnroll ade = new AdminEnroll("jupiter2","8200","cn=CMS Administrator,UID=admin,C=US","admin", "secret12"); - flag = ade.Enroll(); - if (flag) - System.out.println("adminEnrolled Successfully"); - */ - - /* - ************************************************************* - * Example gent List Pending request - ************************************************************* - /* - - /* - - // Agent List and Approve Request - Request re = new Request (s.GetHostName(),s.GetAgentPort(),s.GetCertAuthority()); - re.setAgentCertName(t.GetAdminCertName()); - re.ListPendingRequests("2","70"); - re.ApproveRequests(String.valueOf(ue.getRequestId())); - */ - - /* - ************************************************************* - * Example for CheckRequest Status and add the certificate to internal db - ************************************************************* - /* - - /* - // check request status and Revoke cert - checkRequest cr = new checkRequest(s.GetHostName(),s.GetEESSLPort(),String.valueOf(ue.getRequestId()),"false"); - checkRequest cr = new checkRequest(s.GetHostName(),s.GetEESSLPort(),"1","false"); - - cr.checkRequestStatus(); - System.out.println("Serial num " + cr.getSerialNumber()); - System.out.println("cert pack " + cr.getCert()); - - String st= "-----BEGIN CERTIFICATE-----"+"\n"+cr.getCert()+"\n"+"-----END CERTIFICATE-----\n"; - System.out.println("cert pack " + st); - - cmsldap.getXCertificate(st.getBytes()); - - */ - - /* - ************************************************************* - * Example agent ro revoke request - ************************************************************* - /* - - /* - Revoke rr = new Revoke (s.GetHostName(),s.GetAgentPort(),s.GetCertAuthority(),String.valueOf(cr.getSerialNumber())); - rr.revokeCerts(); - */ - - /* - ************************************************************* - * Example Agent update CRL - ************************************************************* - /* - - /* - // Update CRLand DISPLAY it - - System.out.println("Displayin CRL"); - CRL crl = new CRL (s.GetHostName(),s.GetAgentPort(),"/tmp/crlfile"); - crl.setAgentCertName(t.GetAdminCertName()); - crl.updateCRL(); - crl.displayCRL(); - crl.getRevokedCerts(); - */ - - // Update CRL in Directory - /* UpdateDir dcrl = new UpdateDir(s.GetHostName(),s.GetEESSLPort()); - dcrl.updateDir();*/ - - /* - ************************************************************* - * Example for stopping and starting servers - ************************************************************* - */ - - /* - DSTask idb = new DSTask(t.GetServerRoot()+"/slapd-jupiter2-db"); - if (idb.ldapStop()) System.out.println("IDB stopped"); - if(idb.ldapStart()) System.out.println("IDB Started"); - - System.out.println("------------------------------------------"); - System.out.println(" CMS Test:"); - CMSTask task = new CMSTask(t.GetInstanceRoot()); - task.CMSStop(); - task.CMSStart(); - */ - - }// end of function main - -} diff --git a/base/silent/src/com/netscape/pkisilent/common/UserEnroll.java b/base/silent/src/com/netscape/pkisilent/common/UserEnroll.java deleted file mode 100644 index 2f6a03924..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/UserEnroll.java +++ /dev/null @@ -1,562 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -import java.io.BufferedOutputStream; -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStreamReader; -import java.io.OutputStream; -import java.io.PrintStream; -import java.io.UnsupportedEncodingException; -import java.net.URLEncoder; -import java.util.Date; -import java.util.GregorianCalendar; - -import org.mozilla.jss.ssl.SSLSocket; - -/** - * CMS Test framework . - * Submits Legacy Manual User Enrollment request from EESSL port. Parses the response from server and return RequestID. - * <P> - */ - -public class UserEnroll extends TestClient { - - private String requestorName, requestorEmail, requestorPhone, requestorComments, requestId, certType, ssl_client; - private int port; - @SuppressWarnings("unused") - private long elapsedTime; - - // Constructor - public UserEnroll() { - } - - /** - * Constructor . Takes the parameter hostname and EESSLport - * <p> - */ - - public UserEnroll(String h, String p) { - host = h; - ports = p; - } - - /** - * Constructor . Takes the parameter for Properties file name - * <p> - * - * @param propfilename name of the parameter file - */ - - public UserEnroll(String pfile) { - propfileName = pfile; - } - - /** - * Constructor . Takes the parameter for hostname, EESSLportnumber, subjectdn, E, CN,UID,OU,O, - * CertdbDirecrory(fullpath) , certdbPassword, keysize, keytype, requestorName,requestorEmail and Certtype. - * valid values for Certtype - "ca","ra","ocsp" - * <p> - * - * @param propfilename name of the parameter file - */ - - public UserEnroll(String h, String p, String dn, String e, String cn, String uid, String ou, String o, String cd, - String tpwd, String sslcl, String ksize, String keyty, String reqname, String reqemail, String ctype) { - - host = h; - ports = p; - DN = dn; - E = e; - CN = cn; - UID = uid; - OU = ou; - O = o; - C = "US"; - cdir = cd; - tokenpwd = tpwd; - ssl_client = sslcl; - keysize = ksize; - keytype = keyty; - requestorName = reqname; - requestorPhone = "650"; - requestorEmail = "lg"; - requestorComments = "load Test"; - certnickname = "cn=test"; - keytype = "RSA"; - keysize = "1024"; - certType = ctype; - if (certType.equals("caSigningCert")) { - certType = "ca"; - } - if (certType.equals("raSigningCert")) { - certType = "ra"; - } - if (certType.equals("ocspSigningCert")) { - certType = "ocsp"; - } - } - - /** - * Set Certificate Request information. Takes parameters - subjectdn,E,CN,UID,OU,O - */ - - public void setUserInfo(String dn, String e, String cn, String uid, String ou, String o) { - DN = dn; - E = e; - CN = cn; - UID = uid; - OU = ou; - O = o; - requestorName = "test"; - requestorPhone = "650"; - requestorEmail = "lg"; - requestorComments = "Test"; - certnickname = "cn=test"; - - } - - public void setUserInfo(String dn, String e, String cn, String uid, String ou, String o, String nickname) { - DN = dn; - E = e; - CN = cn; - UID = uid; - OU = ou; - O = o; - requestorName = "test"; - requestorPhone = "650"; - requestorEmail = "lg"; - requestorComments = "Test"; - certnickname = nickname; - - } - - /** - * Set Certificat Type for which you want to submit a request . Valid values - "ca"/"ra"/"ocsp" - */ - public void setCertType(String ct) { - certType = ct; - } - - public boolean enroll_load() throws UnsupportedEncodingException { - buildquery(); - setStatusString(""); - return (Send()); - } - - private boolean pkcs10() { - - System.out.println(" In pkcs10 Keysize , key type " + keysize + keytype); - // ComCrypto cCrypt = new ComCrypto(cdir,tokenpwd,certnickname,keysize,keytype); - cCrypt.setCertDir(cdir); - cCrypt.setCertnickname(adminCertName); - cCrypt.setKeySize(keysize); - cCrypt.setKeyType(keytype); - cCrypt.setTokenPWD(tokenpwd); - cCrypt.setDebug(true); - if (pkcs10request != null) { - cCrypt.setGenerateRequest(false); - cCrypt.loginDB(); - } else { - cCrypt.setGenerateRequest(true); - if (!cCrypt.generateRequest()) { - System.out.println("Request could not be generated "); - return false; - } - pkcs10request = cCrypt.getPkcs10Request(); - } - - try { - System.out.println("Debug: building query "); - buildquery(); - if (debug) { - System.out.println(query); - } - setStatusString(""); - return (Send()); - } catch (Exception e) { - System.err.println("some exception:" + e); - } - - return (false); - - } - - // Private methods - - private void setElapsedTime(long dif) { - elapsedTime = dif; - } - - private long calculateElapsedTime(GregorianCalendar b, GregorianCalendar e) { - - Date d1 = b.getTime(); - Date d2 = e.getTime(); - long l1 = d1.getTime(); - long l2 = d2.getTime(); - long difference = l2 - l1; - - return difference; - - } - - private boolean Send() { - boolean st = false; - SSLSocket socket = null; - OutputStream rawos = null; - BufferedOutputStream os = null; - PrintStream ps = null; - BufferedReader stdin = null; - try { - - if (debug) { - System.out.println("Step 3 : Socket initialize"); - } - - Integer x = new Integer(ports); - - port = x.intValue(); - - GregorianCalendar begin = new GregorianCalendar(); - - // SSLSocket socket = new SSLSocket(host,port); - socket = new SSLSocket(host, port, null, 0, this, null); - - socket.setUseClientMode(true); - rawos = socket.getOutputStream(); - os = new BufferedOutputStream(rawos); - ps = new PrintStream(os); - - ps.println("POST /enrollment HTTP/1.0"); - ps.println("Connection: Keep-Alive"); - ps.println("Content-type: application/x-www-form-urlencoded"); - ps.println("Content-length: " + query.length()); - ps.println(""); - ps.println(query); - ps.println("\r"); - ps.flush(); - os.flush(); - stdin = new BufferedReader( - new InputStreamReader(socket.getInputStream())); - - if (debug) { - System.out.println("Step 4: Received the page"); - } - st = false; - String line; - - while ((line = stdin.readLine()) != null) { - if (debug) { - System.out.println(line); - } - if (line.indexOf(STATUS) != -1) { - st = true; - } - if (line.indexOf("fixed.requestId = ") != -1) { - requestId = line.substring("fixed.requestId = ".length() + 1, - line.indexOf(";") - 1); - } - - if (getError(line)) { - st = false; - } - - } - GregorianCalendar end = new GregorianCalendar(); - long diff = calculateElapsedTime(begin, end); - - setElapsedTime(diff); - - } catch (Exception e) { - System.err.println("some exception: in Send routine" + e); - return false; - } finally { - if (ps != null) { - ps.close(); - } - if (stdin != null) { - try { - stdin.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - if (socket != null) { - try { - socket.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - if (os != null) { - try { - os.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - if (rawos != null) { - try { - rawos.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - } - - return st; - - } - - private void buildquery() throws UnsupportedEncodingException { - StringBuffer queryStrBuf = new StringBuffer(); - - if (certType.equals("client")) { - queryStrBuf.append("certType="); - queryStrBuf.append(certType); - queryStrBuf.append("&Send=submit"); - - queryStrBuf.append("&key_encipherment=true"); - - queryStrBuf.append("&digital_signature=true"); - - queryStrBuf.append("&requestFormat=keygen"); - - queryStrBuf.append("&cryptprovider=1"); - if (ssl_client.equals("true")) { - queryStrBuf.append("&ssl_client=true"); - } else { - queryStrBuf.append("&ssl_server=true"); - } - - queryStrBuf.append("&non_repudiation=true"); - - if (requestorName.length() > 0) { - queryStrBuf.append("&csrRequestorName="); - } - queryStrBuf.append(URLEncoder.encode(requestorName, "UTF-8")); - if (requestorEmail.length() > 0) { - queryStrBuf.append("&csrRequestorEmail="); - queryStrBuf.append(URLEncoder.encode(requestorEmail, "UTF-8")); - queryStrBuf.append("&email=true"); - - } else { - queryStrBuf.append("&email=false"); - } - - if (requestorPhone.length() > 0) { - queryStrBuf.append("&csrRequestorPhone="); - queryStrBuf.append(URLEncoder.encode(requestorPhone, "UTF-8")); - } - if (requestorComments.length() > 0) { - queryStrBuf.append("&csrRequestorComments="); - queryStrBuf.append(URLEncoder.encode(requestorComments, "UTF-8")); - } - System.out.println("buidlquery client E "); - if (E.length() > 0) { - queryStrBuf.append("&E="); - queryStrBuf.append(E); - } - if (CN.length() > 0) { - queryStrBuf.append("&CN="); - queryStrBuf.append(CN); - } - - if (UID.length() > 0) { - queryStrBuf.append("&UID="); - queryStrBuf.append(UID); - } - if (OU.length() > 0) { - queryStrBuf.append("&OU="); - queryStrBuf.append(OU); - } - // if(O.length() > 0) { queryStrBuf.append("&O=");queryStrBuf.append(O);} - // if(C.length() >0) { queryStrBuf.append("&C=");queryStrBuf.append(C);} - System.out.println("buidlquery client dn "); - queryStrBuf.append("&subject="); - queryStrBuf.append(URLEncoder.encode(DN, "UTF-8")); - } - - if (certType.equals("ra")) { - queryStrBuf.append("certType=" + certType); - queryStrBuf.append("&digital_signature=true"); - queryStrBuf.append("&non_repudiation=true"); - queryStrBuf.append("&ssl_client=true"); - } - - if (certType.equals("server")) { - queryStrBuf.append("certType=" + certType); - queryStrBuf.append("&digital_signature=true"); - queryStrBuf.append("&non_repudiation=true"); - queryStrBuf.append("&ssl_server=true"); - queryStrBuf.append("&key_encipherment=true"); - queryStrBuf.append("&data_encipherment=true"); - - } - - if (certType.equals("ocsp")) { - queryStrBuf.append("certType=ocspResponder"); - queryStrBuf.append("&digital_signature=true"); - queryStrBuf.append("&non_repudiation=true"); - queryStrBuf.append("&ssl_client=true"); - } - - if (certType.equals("ca")) { - queryStrBuf.append("certType=" + certType); - queryStrBuf.append("&digital_signature=true"); - queryStrBuf.append("&non_repudiation=true"); - queryStrBuf.append("&ssl_client=true"); - queryStrBuf.append("&object_signing_ca=true"); - queryStrBuf.append("&crl_sign=true"); - queryStrBuf.append("&ssl_ca=true"); - queryStrBuf.append("&key_certsign=true"); - queryStrBuf.append("&email_ca=true"); - - } - - queryStrBuf.append("&pkcs10Request="); - queryStrBuf.append(URLEncoder.encode(pkcs10request, "UTF-8")); - System.out.println("before converting bug to string "); - query = queryStrBuf.toString(); - - System.out.println(query); - queryStrBuf = null; - } - - public int getRequestId() { - Integer m = new Integer(requestId); - - return m.intValue(); - - } - - /** - * Submit enrollment request - */ - - public boolean clientCertEnroll() { - certType = "client"; - ssl_client = "true"; - debug = true; - return (pkcs10()); - } - - public boolean Enroll() { - debug = true; - return (pkcs10()); - } - - /** - * Read the properties file - **/ - - public boolean readProperties() { - - // Read the properties file and assign values to variables . - try { - getProperties(propfileName); - } catch (Exception e) { - System.out.println( - "exception reading Properties File " + e.getMessage()); - return false; - } - - host = props.getProperty("enroll.host"); - ports = props.getProperty("enroll.port"); - DN = props.getProperty("enroll.DN"); - requestorName = props.getProperty("enroll.name"); - requestorEmail = props.getProperty("enroll.email"); - requestorPhone = props.getProperty("enroll.phone"); - requestorComments = props.getProperty("enroll.comments"); - E = props.getProperty("enroll.E"); - CN = props.getProperty("enroll.CN"); - UID = props.getProperty("enroll.UID"); - OU = props.getProperty("enroll.OU"); - O = props.getProperty("enroll.O"); - C = props.getProperty("enroll.C"); - cdir = props.getProperty("enroll.certdir"); - tokenpwd = props.getProperty("enroll.certtokenpwd"); - certnickname = props.getProperty("enroll.nickname"); - keysize = props.getProperty("enroll.keysize"); - keytype = props.getProperty("enroll.keytype"); - certType = props.getProperty("enroll.certtype"); - if (certType == null) { - certType = "client"; - } - if (certType.equals("raSigningCert")) { - certType = "ra"; - } - if (certType.equals("ocspSigningCert")) { - certType = "ocsp"; - } - pkcs10request = props.getProperty("enroll.pkcs10"); - ssl_client = props.getProperty("enroll.sslclient"); - if (ssl_client == null) { - ssl_client = "true"; - } - - String de = props.getProperty("enroll.debug"); - - if (de == null) { - debug = false; - } else if (de.equals("true")) { - debug = true; - } else { - debug = false; - } - - // Enroll using a pkscks10 request - return (pkcs10()); - } - - public static void main(String args[]) { - // Exit Status - (0) for error/Fail - // - requestId Pass - - UserEnroll e = new UserEnroll("jupiter2", "1027", - "E=test,cn=test,uid=test", "test", "test", "test", "t1", "t", - "/u/lgopal/work/tetCMS/ns/tetframework/testcases/CMS/6.0/acceptanceJava/data/certdb", - "secret12", "true", "1024", "RSA", "rn", "re", "client"); - - e.clientCertEnroll(); - - /* if ( args.length < 1) - { - System.out.println("Usage : propertiesfile"); - System.exit(0); - } - - - UserEnroll t = new UserEnroll(args[0]); - st=t.enroll(); - if (st){ - System.out.println("User Enrolled successfully . RequestId is "+t.getrequestId()); - System.exit(t.getRequestId()); - } - else{ - - System.out.println("Error: " + t.getErrorDetail()); - System.exit(0); - } - */ - }// end of function main - -} // end of class - diff --git a/base/silent/src/com/netscape/pkisilent/common/Utilities.java b/base/silent/src/com/netscape/pkisilent/common/Utilities.java deleted file mode 100644 index 79712eb11..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/Utilities.java +++ /dev/null @@ -1,413 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -import java.io.BufferedReader; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStreamReader; - -import netscape.security.x509.CertificateSerialNumber; -import netscape.security.x509.CertificateSubjectName; -import netscape.security.x509.RDN; -import netscape.security.x509.SerialNumber; -import netscape.security.x509.X500Name; -import netscape.security.x509.X509CertImpl; -import netscape.security.x509.X509CertInfo; - -import com.netscape.cmsutil.util.Utils; - -public class Utilities { - - public Utilities() {// Do nothing - } - - public String cleanupQuotes(String token) { - StringBuffer buf = new StringBuffer(); - int length = token.length(); - int curIndex = 0; - - if (token.startsWith("\"") && token.endsWith("\"")) { - curIndex = 1; - length--; - } - - boolean oneQuoteFound = false; - boolean twoQuotesFound = false; - - while (curIndex < length) { - char curChar = token.charAt(curIndex); - - if (curChar == '"') { - twoQuotesFound = (oneQuoteFound) ? true : false; - oneQuoteFound = true; - } else { - oneQuoteFound = false; - twoQuotesFound = false; - } - - if (twoQuotesFound) { - twoQuotesFound = false; - oneQuoteFound = false; - curIndex++; - continue; - } - - buf.append(curChar); - curIndex++; - } - - return buf.toString(); - } - - public String removechar(String token) { - - StringBuffer buf = new StringBuffer(); - int end = token.length(); - int begin = 0; - - if (token.endsWith(";")) { - end--; - } - - while (begin < end) { - char curChar = token.charAt(begin); - - buf.append(curChar); - begin++; - } - return buf.toString(); - - } - - public String parse_httpresponse(String line) { - // look for name=value pair - // remove trailing white spaces - // remove trailing ; - // remove double quotes - - String temp = line.substring(line.indexOf("=") + 1); - - return cleanupQuotes(removechar(temp.trim())); - - } - - public String remove_newline(String s) { - if (s == null) { - return null; - } - - StringBuffer val = new StringBuffer(); - - for (int i = 0; i < s.length(); i++) { - if ((s.charAt(i) == '\\') && (s.charAt(i + 1) == 'n')) { - i++; - continue; - } else if ((s.charAt(i) == '\\') && (s.charAt(i + 1) == 'r')) { - i++; - continue; - } else if (s.charAt(i) == '"') { - continue; - } - val.append(s.charAt(i)); - } - return val.toString(); - - } - - public String normalize(String s) { - - if (s == null) { - return null; - } - - StringBuffer val = new StringBuffer(); - - for (int i = 0; i < s.length(); i++) { - if ((s.charAt(i) == '\\') && (s.charAt(i + 1) == 'n')) { - val.append("\n"); - i++; - continue; - } else if ((s.charAt(i) == '\\') && (s.charAt(i + 1) == 'r')) { - i++; - continue; - } else if (s.charAt(i) == '"') { - continue; - } - val.append(s.charAt(i)); - } - return val.toString(); - } - - /* - * format of the file should be like this: - * -----BEGIN CERTIFICATE----- - * base64 encoded certificate - * -----END CERTIFICATE----- - */ - public String getcertfromfile(String filename) { - StringBuffer tempBuffer = new StringBuffer(); - BufferedReader in = null; - FileInputStream fis = null; - try { - fis = new FileInputStream(filename); - in = new BufferedReader(new InputStreamReader(fis)); - - String temp; - while ((temp = in.readLine()) != null) { - - if (temp.equalsIgnoreCase("-----BEGIN CERTIFICATE-----") - || temp.equalsIgnoreCase("-----END CERTIFICATE-----")) { - continue; - } - tempBuffer.append(temp); - } - - return tempBuffer.toString(); - } catch (Exception e) { - System.out.println("ERROR: getcertfromfile" + e.toString()); - e.printStackTrace(); - } finally { - if (in != null) { - try { - in.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - if (fis != null) { - try { - fis.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - } - return null; - } - - public String getcertfromfile_withheaders(String filename) { - StringBuffer tempBuffer = new StringBuffer(); - BufferedReader in = null; - FileInputStream fis = null; - try { - fis = new FileInputStream(filename); - in = new BufferedReader(new InputStreamReader(fis)); - - String temp; - while ((temp = in.readLine()) != null) { - tempBuffer.append(temp); - } - return tempBuffer.toString(); - } catch (Exception e) { - System.out.println( - "ERROR: getcertfromfile_withheaders" + e.toString()); - e.printStackTrace(); - } finally { - if (in != null) { - try { - in.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - if (fis != null) { - try { - fis.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - } - return null; - } - - /* - * format of the file should be like this: - * -----BEGIN CERTIFICATE REVOCATION LIST----- - * base64 encoded CRL - * -----END CERTIFICATE REVOCATION LIST----- - */ - public String getcrlfromfile(String filename) { - StringBuffer tempBuffer = new StringBuffer(); - BufferedReader in = null; - FileInputStream fis = null; - try { - fis = new FileInputStream(filename); - in = new BufferedReader(new InputStreamReader(fis)); - - String temp; - while ((temp = in.readLine()) != null) { - tempBuffer.append(temp); - } - - return tempBuffer.toString(); - } catch (Exception e) { - System.out.println("ERROR: getcrlfromfile" + e.toString()); - e.printStackTrace(); - } finally { - if (in != null) { - try { - in.close(); - } catch (IOException e) { - System.out.println("ERROR: Unable to close the input reader"); - e.printStackTrace(); - } - } - if (fis != null) { - try { - fis.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - } - - return null; - } - - /* - * format of the file should be like this: - * -----BEGIN CERTIFICATE----- - * base64 encoded certificate - * -----END CERTIFICATE----- - */ - public String getcafromfile(String filename) { - StringBuffer tempBuffer = new StringBuffer(); - BufferedReader in = null; - FileInputStream fis = null; - try { - fis = new FileInputStream(filename); - in = new BufferedReader(new InputStreamReader(fis)); - - String temp; - while ((temp = in.readLine()) != null) { - tempBuffer.append(temp); - } - - return tempBuffer.toString(); - } catch (Exception e) { - System.out.println("ERROR: getcafromfile" + e.toString()); - e.printStackTrace(); - } finally { - if (in != null) { - try { - in.close(); - } catch (IOException e) { - System.out.println("ERROR: Unable to close the input reader"); - e.printStackTrace(); - } - } - if (fis != null) { - try { - fis.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - } - return null; - } - - /* - * function for RFC 2254. converts a x509 certificate given as - * a binary array[] to a Ldap filter string - */ - public static String escapeBinaryData(byte data[]) { - StringBuffer result = new StringBuffer(); - - for (int i = 0; i < data.length; i++) { - String s = Integer.toHexString(0xff & data[i]); - - if (s.length() == 1) { - s = "0" + s; - } - result.append("\\" + s); - } - - System.out.println("LDAP_FILTER=" + result.toString()); - return result.toString(); - } - - /* - * function to decode base64 encoded certificate - */ - public CertificateRecord decode_cert(String cert) { - - String head = "-----BEGIN CERTIFICATE-----"; - String tail = "-----END CERTIFICATE-----"; - - CertificateRecord cr = new CertificateRecord(); - - int head_pos = cert.indexOf(head); - int tail_pos = cert.indexOf(tail); - - // String not found - if (head_pos == -1 || tail_pos == -1) { - return null; - } - - String temp = cert.substring(head_pos + head.length(), tail_pos); - - temp = temp.replaceAll("\\r", ""); - temp = temp.replaceAll("\\n", ""); - - try { - // BASE64Decoder base64 = new BASE64Decoder(); - // byte decodedBASE64Cert[] = base64.decodeBuffer(temp); - byte decodedBASE64Cert[] = Utils.base64decode(temp); - X509CertImpl x509_cert = new X509CertImpl(decodedBASE64Cert); - X509CertInfo certinfo = (X509CertInfo) x509_cert.get("x509.INFO"); - - /* Get Serial Number */ - CertificateSerialNumber csn = (CertificateSerialNumber) - certinfo.get(X509CertInfo.SERIAL_NUMBER); - SerialNumber sn = (SerialNumber) csn.get("NUMBER"); - - // just adding serialnumber for add. - // we can add mode here like subject name, extensions,issuer to this record. - cr.serialNumber = sn.getNumber().toString().trim(); - - /* Get Subject Name */ - - CertificateSubjectName csn1 = (CertificateSubjectName) - certinfo.get(X509CertInfo.SUBJECT); - - X500Name dname = (X500Name) csn1.get(CertificateSubjectName.DN_NAME); - - StringBuffer pp = new StringBuffer(); - RDN[] rdns = dname.getNames(); - - for (int i = rdns.length - 1; i >= 0; i--) { - pp.append(rdns[i] + "\n"); - } - - cr.subject = pp.toString(); - - } catch (Exception e) { - System.out.println("ERROR: Exception when decoding certificate=" + e); - e.printStackTrace(); - return null; - } - - return cr; - - } - -}; // end class diff --git a/base/silent/src/com/netscape/pkisilent/common/checkRequest.java b/base/silent/src/com/netscape/pkisilent/common/checkRequest.java deleted file mode 100644 index e785657c0..000000000 --- a/base/silent/src/com/netscape/pkisilent/common/checkRequest.java +++ /dev/null @@ -1,614 +0,0 @@ -package com.netscape.pkisilent.common; - -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -import java.io.BufferedOutputStream; -import java.io.BufferedReader; -import java.io.FileOutputStream; -import java.io.InputStreamReader; -import java.io.OutputStream; -import java.io.PrintStream; -import java.util.Date; -import java.util.GregorianCalendar; - -import org.mozilla.jss.ssl.SSLSocket; - -/** - * CMS Test framework . - * Submits a checkRequestStatus request to the server. parses the response from server and can import cert to the - * specified client database. - * <P> - */ - -public class checkRequest extends TestClient { - - private String certfile, importcert = "false", certnickname, serialNumber, ldapformat; - - private String requestId; - private String reqStatus = "false"; - private String pkcsCert, baseCert, ACTION_STRING, issuer, subject, AUTH = "ca"; - private int port; - private int type = 1; - - @SuppressWarnings("unused") - private long elapsedTime; - - private String host; - private String ports; - private String tokenpwd; - private String cdir; - - // public methods - - /** - * Constructor . Takes the parameter for Properties file name - * <p> - * - * @param propfilename name of the parameter file - */ - - public checkRequest(String pfile) { - propfileName = pfile; - } - - /** - * Constructor . Takes the parameter for hostname and EESSLportnumber - * <p> - */ - - public checkRequest(String h, String p) { - host = h; - ports = p; - }; - - /** - * Constructor . Takes the parameter for hostname , EESSLportnumber , Requestnumber and ImportCert ( true/false) - * <p> - */ - - public checkRequest(String h, String p, String snum, String impc) { - host = h; - ports = p; - requestId = snum; - importcert = impc; - } - - /** - * Constructor . Takes the parameter for hostname , EESSLportnumber , certdbdir, certdbpassword, Requestnumber - * ,certnickname and ImportCert ( true/false) - * <p> - */ - - public checkRequest(String hs, String pt, String certdir, String certtokenpwd, String seqnum, String nickname, - String impc) { - host = hs; - ports = pt; - cdir = certdir; - tokenpwd = certtokenpwd; - requestId = seqnum; - if (impc == null) { - importcert = "false"; - } else { - importcert = impc; - } - certnickname = nickname; - - } - - public void setDebug(boolean t) { - debug = t; - } - - public void setreqId(String seqnum) { - requestId = seqnum; - } - - public void setCertNickname(String cname) { - certnickname = cname; - } - - /** - * takes values - true/false - **/ - public void setImportCert(String impc) { - importcert = impc; - } - - public String getpkcs7ChainCert() { - return pkcsCert; - } - - /** - * returns Certificate - **/ - - public String getCert() { - return cCrypt.normalize(baseCert); - } - - /** - * returns Request status - "complete","pending" - **/ - - public String getRequestStatus() { - return reqStatus; - } - - /** - * returns the hex serial number of the certificate - **/ - - public String getSerialNumberHex() { - return serialNumber; - } - - /** - * returns the serial number as interger - **/ - - public int getSerialNumber() { - if (serialNumber != null) { - Integer y = new Integer(Integer.parseInt(serialNumber, 16)); - - return y.intValue(); - } - return 0; - } - - /** - * Submits a checkRequestStatus request to the server - **/ - - public boolean checkRequestStatus() { - - // Login to dB and genertae request - cCrypt.setCertDir(cdir); - cCrypt.setCertnickname(certnickname); - cCrypt.setKeySize(keysize); - cCrypt.setKeyType(keytype); - cCrypt.setTokenPWD(tokenpwd); - cCrypt.setDebug(debug); - - if (!cCrypt.loginDB()) { - System.out.println("Error : Login certdb failed "); - System.err.println("FAIL : Login certdb failed "); - return false; - } - - try { - - type = 1; - buildquery(); - if (debug) { - System.out.println(query); - } - setStatusString("Congratulations, your certificate has been issued."); - if (Send()) { - if (debug) { - System.out.println("Request Status :" + reqStatus); - } - if (reqStatus.equals("complete")) { - type = 2; - buildquery(); - if (debug) { - System.out.println(query); - } - if (Send()) { - return true; - } - } else { - return true; - } - - } - if (debug) { - System.out.println("Request Status :" + reqStatus); - } - - System.err.println("FAIL: reached end of checkRequestStatus()"); - - return false; - } catch (Exception e) { - System.err.println("some exception:" + e); - } - - return false; - } - - // Private functions - - private void setElapsedTime(long dif) { - elapsedTime = dif; - } - - private long calculateElapsedTime(GregorianCalendar b, GregorianCalendar e) { - - Date d1 = b.getTime(); - Date d2 = e.getTime(); - long l1 = d1.getTime(); - long l2 = d2.getTime(); - long difference = l2 - l1; - - return difference; - - } - - private boolean writeCert2File() { - if (serialNumber != null) { - - try { - FileOutputStream fos = new FileOutputStream(certfile); - - if (ldapformat.equals("true")) { - String tmp = "description: 2;" - + Integer.parseInt(serialNumber, 16) + ";" + issuer - + ";" + subject + "\n"; - - fos.write(tmp.getBytes()); - tmp = cCrypt.normalizeForLDAP(getCert()); - if (debug) { - System.out.println(tmp); - } - fos.write(("usercertificate:: ").getBytes()); - fos.write(tmp.getBytes()); - fos.close(); - } else { - String tmp = cCrypt.normalize(getCert()); - - if (debug) { - System.out.println(tmp); - } - fos.write(tmp.getBytes()); - fos.close(); - - } - - } catch (Exception e) { - System.out.println( - "exception in writeCert2File: " + e.getMessage()); - return false; - } - - } - - return true; - } - - private boolean importCert(String certpack) { - - if (importcert.equals("false")) { - return true; - } - - try { - if (certpack == null) { - return false; - } - - String s = cCrypt.normalize(certpack); - - if (AUTH.equals("ca")) { - String tmp = "-----BEGIN CERTIFICATE-----\n" + s + "\n" - + "-----END CERTIFICATE-----"; - - if (debug) { - System.out.println( - "importing cert" + tmp + "certnick" + certnickname); - } - s = tmp; - } - - if (cCrypt.importCert(s, certnickname)) { - System.out.println("successfully imported cert"); - return true; - } - - return false; - - } catch (Exception e) { - System.out.println( - "exception importing cert crequest" + e.getMessage()); - return false; - } - - } - - private boolean RetrieveRequestDetail(String line) { - String stat = "header.status = "; - boolean st = true; - - if (debug) { - System.out.println(line); - } - - if (line.indexOf(stat) != -1) { - String tm = line.substring(stat.length() + 1, - line.indexOf(";", 10) - 1); - - reqStatus = tm; - } - if (line.indexOf("header.pkcs7ChainBase64 = ") != -1) { - // if status is complete retrieve cert - pkcsCert = line.substring("header.pkcs7ChainBase64 = ".length() + 1, - line.indexOf(";", 10) - 1); - } - if (line.indexOf("record.serialNumber=") != -1) { - serialNumber = line.substring("record.serialNumber=".length() + 1, - line.indexOf(";", 1) - 1); - } - if (line.indexOf("header.authority =") == 0) { - AUTH = line.substring("header.authority =".length() + 2, - line.indexOf(";", 1) - 1); - } - - if (getError(line)) { - st = false; - } - - return st; - - } - - private boolean RetrieveCertDetails(String line) { - if (debug) { - System.out.println(line); - } - - boolean st = true; - - String retriveStr[] = { - "record.base64Cert=", "record.certPrettyPrint=", - "header.certChainBase64 = ", "header.certPrettyPrint = " }; - String baseCertStr, certPrettyprintStr; - - if (AUTH.equals("ra")) { - baseCertStr = retriveStr[0]; - certPrettyprintStr = retriveStr[1]; - } else { - baseCertStr = retriveStr[2]; - certPrettyprintStr = retriveStr[3]; - } - - if (line.indexOf(baseCertStr) != -1) { - - // if status is complete retrieve cert - baseCert = line.substring(baseCertStr.length() + 1, - line.indexOf(";", 10) - 1); - if (importcert.equals("true")) { - if (importCert(baseCert)) { - st = true; - } - } else { - st = true; - } - } - - if (line.indexOf(certPrettyprintStr) != -1) { - - System.out.println("Found certPrettyPrint"); - int ret = line.indexOf("Issuer: "); - - issuer = line.substring(("Issuer: ").length() + ret, - line.indexOf("Validi", ret) - 14); - ret = line.indexOf("Subject:"); - subject = line.substring(("Subject: ").length() + ret, - line.indexOf("Subject Public", ret) - 14); - - System.out.println(" HEADER : " + issuer); - - } - - // System.out.println("Debug :get Error detail " + line); - if (getError(line)) { - st = false; - } - - return st; - - } - - private synchronized boolean Send() { - boolean st = false; - - try { - if (debug) { - System.out.println("Step 3 : Socket initialize"); - } - - Integer x = new Integer(ports); - - port = x.intValue(); - - GregorianCalendar begin = new GregorianCalendar(); - - // SSLSocket socket = new SSLSocket(host,port); - SSLSocket socket = new SSLSocket(host, port, null, 0, this, null); - - socket.setUseClientMode(true); - - OutputStream rawos = socket.getOutputStream(); - BufferedOutputStream os = new BufferedOutputStream(rawos); - PrintStream ps = new PrintStream(os); - - ps.println("POST " + ACTION_STRING + " HTTP/1.0"); - ps.println("Connection: Keep-Alive"); - ps.println("Content-type: application/x-www-form-urlencoded"); - ps.println("Content-length: " + query.length()); - ps.println(""); - ps.println(query); - ps.println("\r"); - ps.flush(); - os.flush(); - BufferedReader stdin = new BufferedReader( - new InputStreamReader(socket.getInputStream())); - - if (debug) { - System.out.println("Step 4: Received the page"); - } - st = false; - String line; - - while ((line = stdin.readLine()) != null) { - switch (type) { - case 1: - RetrieveRequestDetail(line); - st = true; - break; - - case 2: - st = RetrieveCertDetails(line); - break; - - default: - System.out.println("invalid format"); - - } - - } - stdin.close(); - socket.close(); - os.close(); - rawos.close(); - ps.close(); - os = null; - rawos = null; - stdin = null; - ps = null; - line = null; - - GregorianCalendar end = new GregorianCalendar(); - long diff = calculateElapsedTime(begin, end); - - setElapsedTime(diff); - - } catch (Exception e) { - System.err.println("some exception: in Send routine" + e); - return false; - } - if ((certfile != null) && (type == 2)) { - st = writeCert2File(); - } - - if (debug) { - System.out.println(serialNumber); - } - - return st; - - } - - private void buildquery() { - - StringBuffer queryStrBuf = new StringBuffer(); - - if (type == 1) { - ACTION_STRING = "/checkRequest"; - queryStrBuf.append("requestId="); - queryStrBuf.append(requestId); - queryStrBuf.append("&importCert=true"); - } - - if (type == 2) { - ACTION_STRING = "/" + AUTH + "/displayBySerial"; - if (AUTH.equals("ra")) { - ACTION_STRING = "/displayCertFromRequest"; - queryStrBuf.append("requestId="); - queryStrBuf.append(requestId); - - } else { - ACTION_STRING = "/displayBySerial"; - queryStrBuf.append("op=displayBySerial"); - queryStrBuf.append("&serialNumber=0x"); - queryStrBuf.append(serialNumber); - } - } - - query = queryStrBuf.toString(); - - queryStrBuf = null; - - } - - private boolean readProperties() { - - // Read the properties file and assign values to variables . - try { - getProperties(propfileName); - } catch (Exception e) { - System.out.println( - "exception reading Properties File " + e.getMessage()); - return false; - } - - host = props.getProperty("enroll.host"); - ports = props.getProperty("enroll.port"); - cdir = props.getProperty("enroll.certdir"); - tokenpwd = props.getProperty("enroll.certtokenpwd"); - requestId = props.getProperty("enroll.seqnum"); - certfile = props.getProperty("enroll.certfile"); - importcert = props.getProperty("enroll.importCert"); - if (importcert == null) { - importcert = "false"; - } - ldapformat = props.getProperty("enroll.ldapformat"); - if (ldapformat == null) { - ldapformat = "true"; - } - System.out.println(ldapformat); - certnickname = props.getProperty("enroll.nickname"); - String de = props.getProperty("enroll.debug"); - - if (de == null) { - debug = false; - } else if (de.equals("true")) { - debug = true; - } else { - debug = false; - } - - // Enroll using a pkscks10 request - return (checkRequestStatus()); - } - - public static void main(String args[]) { - // Exit Status - (0) for error/Fail - // - requestId Pass - boolean st; - - if (args.length < 1) { - System.out.println("Usage : propertiesfile"); - System.exit(0); - } - - checkRequest t = new checkRequest(args[0]); - - st = t.readProperties(); - if (st) { - System.exit(t.getSerialNumber()); - } else { - - System.out.println("Request Status :" + t.getRequestStatus()); - System.out.println("Error: " + t.getErrorDetail()); - - System.exit(0); - } - }// end of function main - -} // end of class - |