summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/servlet/cert/HashEnrollServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/cert/HashEnrollServlet.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/cert/HashEnrollServlet.java580
1 files changed, 288 insertions, 292 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/HashEnrollServlet.java b/pki/base/common/src/com/netscape/cms/servlet/cert/HashEnrollServlet.java
index 645cb831b..4927a4c14 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/HashEnrollServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/HashEnrollServlet.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.servlet.cert;
-
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
@@ -85,10 +84,9 @@ import com.netscape.cms.servlet.common.CMSTemplateParams;
import com.netscape.cms.servlet.common.ECMSGWException;
import com.netscape.cms.servlet.common.ICMSTemplateFiller;
-
/**
* performs face-to-face enrollment.
- *
+ *
* @version $Revision$, $Date$
*/
public class HashEnrollServlet extends CMSServlet {
@@ -100,8 +98,7 @@ public class HashEnrollServlet extends CMSServlet {
public final static String ADMIN_ENROLL_SERVLET_ID = "adminEnroll";
// enrollment templates.
- public static final String
- ENROLL_SUCCESS_TEMPLATE = "/ra/HashEnrollSuccess.template";
+ public static final String ENROLL_SUCCESS_TEMPLATE = "/ra/HashEnrollSuccess.template";
// http params
public static final String OLD_CERT_TYPE = "csrCertType";
@@ -123,8 +120,7 @@ public class HashEnrollServlet extends CMSServlet {
private boolean mAuthTokenOverride = true;
private String mEnrollSuccessTemplate = null;
- private ICMSTemplateFiller
- mEnrollSuccessFiller = new ImportCertsTemplateFiller();
+ private ICMSTemplateFiller mEnrollSuccessFiller = new ImportCertsTemplateFiller();
ICertificateAuthority mCa = null;
ICertificateRepository mRepository = null;
@@ -135,6 +131,7 @@ public class HashEnrollServlet extends CMSServlet {
/**
* initialize the servlet.
+ *
* @param sc servlet configuration, read from the web.xml file
*/
public void init(ServletConfig sc) throws ServletException {
@@ -146,13 +143,13 @@ public class HashEnrollServlet extends CMSServlet {
CMSServlet.PROP_SUCCESS_TEMPLATE);
if (mEnrollSuccessTemplate == null)
mEnrollSuccessTemplate = ENROLL_SUCCESS_TEMPLATE;
- String fillername =
- sc.getInitParameter(PROP_SUCCESS_TEMPLATE_FILLER);
+ String fillername =
+ sc.getInitParameter(PROP_SUCCESS_TEMPLATE_FILLER);
if (fillername != null) {
ICMSTemplateFiller filler = newFillerObject(fillername);
- if (filler != null)
+ if (filler != null)
mEnrollSuccessFiller = filler;
}
@@ -162,19 +159,18 @@ public class HashEnrollServlet extends CMSServlet {
init_testbed_hack(mConfig);
} catch (Exception e) {
// this should never happen.
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_IMP_INIT_SERV_ERR", e.toString(), mId));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_IMP_INIT_SERV_ERR", e.toString(), mId));
}
}
-
/**
- * Process the HTTP request.
- *
+ * Process the HTTP request.
+ *
* @param cmsReq the object holding the request and response information
*/
- protected void process(CMSRequest cmsReq)
- throws EBaseException {
+ protected void process(CMSRequest cmsReq)
+ throws EBaseException {
IArgBlock httpParams = cmsReq.getHttpParams();
HttpServletRequest httpReq = cmsReq.getHttpReq();
HttpServletResponse httpResp = cmsReq.getHttpResp();
@@ -193,7 +189,7 @@ public class HashEnrollServlet extends CMSServlet {
IConfigStore configStore = CMS.getConfigStore();
String val = configStore.getString("hashDirEnrollment.name");
IAuthSubsystem authSS = (IAuthSubsystem)
- CMS.getSubsystem(CMS.SUBSYSTEM_AUTH);
+ CMS.getSubsystem(CMS.SUBSYSTEM_AUTH);
IAuthManager authMgr = authSS.get(val);
HashAuthentication mgr = (HashAuthentication) authMgr;
@@ -226,14 +222,15 @@ public class HashEnrollServlet extends CMSServlet {
certType = httpParams.getValueAsString(OLD_CERT_TYPE, null);
if (certType == null) {
certType = httpParams.getValueAsString(CERT_TYPE, "client");
- } else {;
- }
+ } else {
+ ;
+ }
- processX509(cmsReq);
+ processX509(cmsReq);
}
-
+
private void printError(CMSRequest cmsReq, String errorCode)
- throws EBaseException {
+ throws EBaseException {
IArgBlock httpParams = cmsReq.getHttpParams();
HttpServletRequest httpReq = cmsReq.getHttpReq();
HttpServletResponse httpResp = cmsReq.getHttpResp();
@@ -253,9 +250,9 @@ public class HashEnrollServlet extends CMSServlet {
form = getTemplate(formPath, httpReq, locale);
} catch (IOException e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", formPath, e.toString()));
+ CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", formPath, e.toString()));
cmsReq.setError(new ECMSGWException(
- CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")));
+ CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")));
cmsReq.setStatus(CMSRequest.ERROR);
return;
}
@@ -267,16 +264,16 @@ public class HashEnrollServlet extends CMSServlet {
cmsReq.setStatus(CMSRequest.SUCCESS);
} catch (IOException e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM",
- e.toString()));
+ CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM",
+ e.toString()));
cmsReq.setError(new ECMSGWException(
- CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")));
+ CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")));
cmsReq.setStatus(CMSRequest.ERROR);
}
}
- protected void processX509(CMSRequest cmsReq)
- throws EBaseException {
+ protected void processX509(CMSRequest cmsReq)
+ throws EBaseException {
IArgBlock httpParams = cmsReq.getHttpParams();
HttpServletRequest httpReq = cmsReq.getHttpReq();
@@ -296,7 +293,7 @@ public class HashEnrollServlet extends CMSServlet {
boolean certAuthEnroll = false;
String certAuthEnrollOn =
- httpParams.getValueAsString("certauthEnroll", null);
+ httpParams.getValueAsString("certauthEnroll", null);
X509CertInfo new_certInfo = null;
if ((certAuthEnrollOn != null) && (certAuthEnrollOn.equals("on"))) {
@@ -307,7 +304,7 @@ public class HashEnrollServlet extends CMSServlet {
String certauthEnrollType = null;
if (certAuthEnroll == true) {
- certauthEnrollType =
+ certauthEnrollType =
httpParams.getValueAsString("certauthEnrollType", null);
if (certauthEnrollType != null) {
if (certauthEnrollType.equals("dual")) {
@@ -318,15 +315,15 @@ public class HashEnrollServlet extends CMSServlet {
CMS.debug("HashEnrollServlet: certauthEnrollType is single");
} else {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_INVALID_CERTAUTH_ENROLL_TYPE_1", certauthEnrollType));
+ CMS.getLogMessage("CMSGW_INVALID_CERTAUTH_ENROLL_TYPE_1", certauthEnrollType));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_INVALID_CERTAUTH_ENROLL_TYPE"));
+ CMS.getUserMessage("CMS_GW_INVALID_CERTAUTH_ENROLL_TYPE"));
}
} else {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_CERTAUTH_ENROLL_TYPE"));
+ CMS.getLogMessage("CMSGW_MISSING_CERTAUTH_ENROLL_TYPE"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_MISSING_CERTAUTH_ENROLL_TYPE"));
+ CMS.getUserMessage("CMS_GW_MISSING_CERTAUTH_ENROLL_TYPE"));
}
}
@@ -365,7 +362,7 @@ public class HashEnrollServlet extends CMSServlet {
if (sslClientCert == null) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_MISSING_SSL_CLIENT_CERT"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_MISSING_SSL_CLIENT_CERT"));
+ CMS.getUserMessage("CMS_GW_MISSING_SSL_CLIENT_CERT"));
}
certBasedOldSubjectDN = (String) sslClientCert.getSubjectDN().toString();
@@ -373,24 +370,24 @@ public class HashEnrollServlet extends CMSServlet {
try {
certInfo = (X509CertInfo)
((X509CertImpl) sslClientCert).get(
- X509CertImpl.NAME + "." + X509CertImpl.INFO);
+ X509CertImpl.NAME + "." + X509CertImpl.INFO);
} catch (CertificateParsingException ex) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_CERTINFO_ENCRYPT_CERT"));
+ CMS.getLogMessage("CMSGW_MISSING_CERTINFO_ENCRYPT_CERT"));
throw new ECMSGWException(
- CMS.getUserMessage(getLocale(httpReq), "CMS_GW_MISSING_CERTINFO"));
+ CMS.getUserMessage(getLocale(httpReq), "CMS_GW_MISSING_CERTINFO"));
}
} else {
certInfo = CMS.getDefaultX509CertInfo();
}
- X509CertInfo[] certInfoArray = new X509CertInfo[] {certInfo};
+ X509CertInfo[] certInfoArray = new X509CertInfo[] { certInfo };
//AuthToken authToken = access.getAuthToken();
IConfigStore configStore = CMS.getConfigStore();
String val = configStore.getString("hashDirEnrollment.name");
IAuthSubsystem authSS = (IAuthSubsystem)
- CMS.getSubsystem(CMS.SUBSYSTEM_AUTH);
+ CMS.getSubsystem(CMS.SUBSYSTEM_AUTH);
IAuthManager authMgr1 = authSS.get(val);
HashAuthentication mgr = (HashAuthentication) authMgr1;
String pageID = httpParams.getValueAsString("pageID", null);
@@ -405,14 +402,14 @@ public class HashEnrollServlet extends CMSServlet {
cmsReq.setStatus(CMSRequest.SUCCESS);
return;
} else {
- authMgr =
+ authMgr =
authToken.getInString(AuthToken.TOKEN_AUTHMGR_INST_NAME);
// don't store agent token in request.
// agent currently used for bulk issuance.
// if (!authMgr.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) {
- log(ILogger.LL_INFO,
- "Enrollment request was authenticated by " +
- authToken.getInString(AuthToken.TOKEN_AUTHMGR_INST_NAME));
+ log(ILogger.LL_INFO,
+ "Enrollment request was authenticated by " +
+ authToken.getInString(AuthToken.TOKEN_AUTHMGR_INST_NAME));
fillCertInfoFromAuthToken(certInfo, authToken);
// save authtoken attrs to request directly (for policy use)
saveAuthToken(authToken, req);
@@ -421,8 +418,8 @@ public class HashEnrollServlet extends CMSServlet {
}
// fill certInfo from input types: keygen, cmc, pkcs10 or crmf
- KeyGenInfo keyGenInfo =
- httpParams.getValueAsKeyGenInfo(SUBJECT_KEYGEN_INFO, null);
+ KeyGenInfo keyGenInfo =
+ httpParams.getValueAsKeyGenInfo(SUBJECT_KEYGEN_INFO, null);
String certType = null;
@@ -441,8 +438,8 @@ public class HashEnrollServlet extends CMSServlet {
req.setExtData(IRequest.HTTP_PARAMS, CERT_TYPE, certType);
}
- String crmf =
- httpParams.getValueAsString(CRMF_REQUEST, null);
+ String crmf =
+ httpParams.getValueAsString(CRMF_REQUEST, null);
if (certAuthEnroll == true) {
@@ -452,24 +449,24 @@ public class HashEnrollServlet extends CMSServlet {
if (certauthEnrollType.equals(CERT_AUTH_DUAL)) {
if (mCa == null) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_NOT_A_CA"));
+ CMS.getLogMessage("CMSGW_NOT_A_CA"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_NOT_A_CA"));
+ CMS.getUserMessage("CMS_GW_NOT_A_CA"));
}
// first, make sure the client cert is indeed a
// signing only cert
if ((CMS.isSigningCert((X509CertImpl) sslClientCert) ==
false) ||
- ((CMS.isSigningCert((X509CertImpl) sslClientCert) ==
+ ((CMS.isSigningCert((X509CertImpl) sslClientCert) ==
true) &&
(CMS.isEncryptionCert((X509CertImpl) sslClientCert) ==
true))) {
// either it's not a signing cert, or it's a dual cert
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_INVALID_CERT_TYPE"));
+ CMS.getLogMessage("CMSGW_INVALID_CERT_TYPE"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_INVALID_CERT_TYPE"));
+ CMS.getUserMessage("CMS_GW_INVALID_CERT_TYPE"));
}
X509Key key = null;
@@ -478,22 +475,22 @@ public class HashEnrollServlet extends CMSServlet {
try {
certInfo.set(X509CertInfo.KEY, new CertificateX509Key(key));
} catch (CertificateException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_FAILED_SET_KEY_FROM_CERT_AUTH_ENROLL_1", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_FAILED_SET_KEY_FROM_CERT_AUTH_ENROLL_1", e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_SET_KEY_FROM_CERT_AUTH_ENROLL_FAILED", e.toString()));
+ CMS.getUserMessage("CMS_GW_SET_KEY_FROM_CERT_AUTH_ENROLL_FAILED", e.toString()));
} catch (IOException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_FAILED_SET_KEY_FROM_CERT_AUTH_ENROLL_1", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_FAILED_SET_KEY_FROM_CERT_AUTH_ENROLL_1", e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_SET_KEY_FROM_CERT_AUTH_ENROLL_FAILED", e.toString()));
+ CMS.getUserMessage("CMS_GW_SET_KEY_FROM_CERT_AUTH_ENROLL_FAILED", e.toString()));
}
String filter =
- "(&(x509cert.subject=" + certBasedOldSubjectDN + ")(!(x509cert.serialNumber=" + certBasedOldSerialNum + "))(certStatus=VALID))";
- ICertRecordList list =
- (ICertRecordList) mCa.getCertificateRepository().findCertRecordsInList(filter,
- null, 10);
+ "(&(x509cert.subject=" + certBasedOldSubjectDN + ")(!(x509cert.serialNumber=" + certBasedOldSerialNum + "))(certStatus=VALID))";
+ ICertRecordList list =
+ (ICertRecordList) mCa.getCertificateRepository().findCertRecordsInList(filter,
+ null, 10);
int size = list.getSize();
Enumeration en = list.getCertRecords(0, size - 1);
boolean gotEncCert = false;
@@ -502,8 +499,8 @@ public class HashEnrollServlet extends CMSServlet {
// pairing encryption cert not found
} else {
X509CertInfo encCertInfo = CMS.getDefaultX509CertInfo();
- X509CertInfo[] cInfoArray = new X509CertInfo[] {certInfo,
- encCertInfo};
+ X509CertInfo[] cInfoArray = new X509CertInfo[] { certInfo,
+ encCertInfo };
int i = 1;
while (en.hasMoreElements()) {
@@ -512,7 +509,7 @@ public class HashEnrollServlet extends CMSServlet {
// if not encryption cert only, try next one
if ((CMS.isEncryptionCert(cert) == false) ||
- ((CMS.isEncryptionCert(cert) == true) &&
+ ((CMS.isEncryptionCert(cert) == true) &&
(CMS.isSigningCert(cert) == true))) {
continue;
}
@@ -521,27 +518,27 @@ public class HashEnrollServlet extends CMSServlet {
try {
encCertInfo = (X509CertInfo)
cert.get(
- X509CertImpl.NAME + "." + X509CertImpl.INFO);
+ X509CertImpl.NAME + "." + X509CertImpl.INFO);
} catch (CertificateParsingException ex) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_CERTINFO_ENCRYPT_CERT"));
+ CMS.getLogMessage("CMSGW_MISSING_CERTINFO_ENCRYPT_CERT"));
throw new ECMSGWException(
- CMS.getUserMessage(getLocale(httpReq), "CMS_GW_MISSING_CERTINFO"));
+ CMS.getUserMessage(getLocale(httpReq), "CMS_GW_MISSING_CERTINFO"));
}
try {
encCertInfo.set(X509CertInfo.KEY, new CertificateX509Key(key));
} catch (CertificateException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_FAILED_SET_KEY_FROM_CERT_AUTH_ENROLL_1", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_FAILED_SET_KEY_FROM_CERT_AUTH_ENROLL_1", e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_SET_KEY_FROM_CERT_AUTH_ENROLL_FAILED", e.toString()));
+ CMS.getUserMessage("CMS_GW_SET_KEY_FROM_CERT_AUTH_ENROLL_FAILED", e.toString()));
} catch (IOException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_FAILED_SET_KEY_FROM_CERT_AUTH_ENROLL_1", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_FAILED_SET_KEY_FROM_CERT_AUTH_ENROLL_1", e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_SET_KEY_FROM_CERT_AUTH_ENROLL_FAILED", e.toString()));
+ CMS.getUserMessage("CMS_GW_SET_KEY_FROM_CERT_AUTH_ENROLL_FAILED", e.toString()));
}
fillCertInfoFromAuthToken(encCertInfo, authToken);
@@ -555,24 +552,24 @@ public class HashEnrollServlet extends CMSServlet {
if (gotEncCert == false) {
// encryption cert not found, bail
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ENCRYPTION_CERT_NOT_FOUND"));
+ CMS.getLogMessage("CMSGW_ENCRYPTION_CERT_NOT_FOUND"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_ENCRYPTION_CERT_NOT_FOUND"));
+ CMS.getUserMessage("CMS_GW_ENCRYPTION_CERT_NOT_FOUND"));
}
} else if (certauthEnrollType.equals(CERT_AUTH_ENCRYPTION)) {
// first, make sure the client cert is indeed a
// signing only cert
if ((CMS.isSigningCert((X509CertImpl) sslClientCert) ==
false) ||
- ((CMS.isSigningCert((X509CertImpl) sslClientCert) ==
+ ((CMS.isSigningCert((X509CertImpl) sslClientCert) ==
true) &&
(CMS.isEncryptionCert((X509CertImpl) sslClientCert) ==
true))) {
// either it's not a signing cert, or it's a dual cert
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_INVALID_CERT_TYPE"));
+ CMS.getLogMessage("CMSGW_INVALID_CERT_TYPE"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_INVALID_CERT_TYPE"));
+ CMS.getUserMessage("CMS_GW_INVALID_CERT_TYPE"));
}
/*
@@ -581,14 +578,14 @@ public class HashEnrollServlet extends CMSServlet {
if (crmf != null && crmf != "") {
certInfoArray = fillCRMF(crmf, authToken, httpParams, req);
req.setExtData(CLIENT_ISSUER,
- sslClientCert.getIssuerDN().toString());
+ sslClientCert.getIssuerDN().toString());
CMS.debug(
- "HashEnrollServlet: sslClientCert issuerDN = " + sslClientCert.getIssuerDN().toString());
+ "HashEnrollServlet: sslClientCert issuerDN = " + sslClientCert.getIssuerDN().toString());
} else {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_KEYGEN_INFO"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_MISSING_KEYGEN_INFO"));
throw new ECMSGWException(CMS.getUserMessage(getLocale(httpReq),
- "CMS_GW_MISSING_KEYGEN_INFO"));
+ "CMS_GW_MISSING_KEYGEN_INFO"));
}
} else if (certauthEnrollType.equals(CERT_AUTH_SINGLE)) {
// have to be buried here to handle the issuer
@@ -596,21 +593,21 @@ public class HashEnrollServlet extends CMSServlet {
if (crmf != null && crmf != "") {
certInfoArray = fillCRMF(crmf, authToken, httpParams, req);
} else {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_KEYGEN_INFO"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_MISSING_KEYGEN_INFO"));
throw new ECMSGWException(CMS.getUserMessage(getLocale(httpReq),
- "CMS_GW_MISSING_KEYGEN_INFO"));
+ "CMS_GW_MISSING_KEYGEN_INFO"));
}
req.setExtData(CLIENT_ISSUER,
- sslClientCert.getIssuerDN().toString());
+ sslClientCert.getIssuerDN().toString());
}
} else if (crmf != null && crmf != "") {
certInfoArray = fillCRMF(crmf, authToken, httpParams, req);
} else {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_KEYGEN_INFO"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_MISSING_KEYGEN_INFO"));
throw new ECMSGWException(CMS.getUserMessage(getLocale(httpReq),
- "CMS_GW_MISSING_KEYGEN_INFO"));
+ "CMS_GW_MISSING_KEYGEN_INFO"));
}
req.setExtData(IRequest.CERT_INFO, certInfoArray);
@@ -648,7 +645,7 @@ public class HashEnrollServlet extends CMSServlet {
} else {
agentID = authToken.getInString("userid");
initiative = AuditFormat.FROMAGENT + " agentID: " + agentID;
- }
+ }
// if service not complete return standard templates.
RequestStatus status = req.getRequestStatus();
@@ -668,52 +665,52 @@ public class HashEnrollServlet extends CMSServlet {
wholeMsg.append("\n");
wholeMsg.append(msgs.nextElement());
}
- mLogger.log(ILogger.EV_AUDIT,
- ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.ENROLLMENTFORMAT,
- new Object[] {
- req.getRequestId(),
- initiative,
- authMgr,
- status.toString(),
- certInfo.get(X509CertInfo.SUBJECT),
- " violation: " +
- wholeMsg.toString()},
- ILogger.L_MULTILINE
- );
+ mLogger.log(ILogger.EV_AUDIT,
+ ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.ENROLLMENTFORMAT,
+ new Object[] {
+ req.getRequestId(),
+ initiative,
+ authMgr,
+ status.toString(),
+ certInfo.get(X509CertInfo.SUBJECT),
+ " violation: " +
+ wholeMsg.toString() },
+ ILogger.L_MULTILINE
+ );
} else { // no policy violation, from agent
mLogger.log(ILogger.EV_AUDIT,
+ ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.ENROLLMENTFORMAT,
+ new Object[] {
+ req.getRequestId(),
+ initiative,
+ authMgr,
+ status.toString(),
+ certInfo.get(X509CertInfo.SUBJECT), "" }
+ );
+ }
+ } else { // other imcomplete status
+ mLogger.log(ILogger.EV_AUDIT,
ILogger.S_OTHER,
AuditFormat.LEVEL,
AuditFormat.ENROLLMENTFORMAT,
new Object[] {
- req.getRequestId(),
- initiative,
- authMgr,
- status.toString(),
- certInfo.get(X509CertInfo.SUBJECT), ""}
- );
- }
- } else { // other imcomplete status
- mLogger.log(ILogger.EV_AUDIT,
- ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.ENROLLMENTFORMAT,
- new Object[] {
- req.getRequestId(),
- initiative,
- authMgr,
- status.toString(),
- certInfo.get(X509CertInfo.SUBJECT), ""}
- );
+ req.getRequestId(),
+ initiative,
+ authMgr,
+ status.toString(),
+ certInfo.get(X509CertInfo.SUBJECT), "" }
+ );
}
} catch (IOException e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_CANT_GET_CERT_SUBJ_AUDITING", e.toString()));
+ CMS.getLogMessage("CMSGW_CANT_GET_CERT_SUBJ_AUDITING", e.toString()));
} catch (CertificateException e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_CANT_GET_CERT_SUBJ_AUDITING", e.toString()));
+ CMS.getLogMessage("CMSGW_CANT_GET_CERT_SUBJ_AUDITING", e.toString()));
}
return;
}
@@ -725,7 +722,7 @@ public class HashEnrollServlet extends CMSServlet {
cmsReq.setStatus(CMSRequest.ERROR);
cmsReq.setError(req.getExtDataInString(IRequest.ERROR));
String[] svcErrors =
- req.getExtDataInStringArray(IRequest.SVCERRORS);
+ req.getExtDataInStringArray(IRequest.SVCERRORS);
if (svcErrors != null && svcErrors.length > 0) {
for (int i = 0; i < svcErrors.length; i++) {
@@ -738,26 +735,26 @@ public class HashEnrollServlet extends CMSServlet {
cmsReq.setErrorDescription(err);
// audit log the error
try {
- mLogger.log(ILogger.EV_AUDIT,
- ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.ENROLLMENTFORMAT,
- new Object[] {
- req.getRequestId(),
- initiative,
- authMgr,
- "completed with error: " +
- err,
- certInfo.get(X509CertInfo.SUBJECT), ""}
- );
+ mLogger.log(ILogger.EV_AUDIT,
+ ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.ENROLLMENTFORMAT,
+ new Object[] {
+ req.getRequestId(),
+ initiative,
+ authMgr,
+ "completed with error: " +
+ err,
+ certInfo.get(X509CertInfo.SUBJECT), "" }
+ );
} catch (IOException e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_CANT_GET_CERT_SUBJ_AUDITING",
- e.toString()));
+ CMS.getLogMessage("CMSGW_CANT_GET_CERT_SUBJ_AUDITING",
+ e.toString()));
} catch (CertificateException e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_CANT_GET_CERT_SUBJ_AUDITING",
- e.toString()));
+ CMS.getLogMessage("CMSGW_CANT_GET_CERT_SUBJ_AUDITING",
+ e.toString()));
}
}
}
@@ -768,53 +765,53 @@ public class HashEnrollServlet extends CMSServlet {
// service success
cmsReq.setStatus(CMSRequest.SUCCESS);
X509CertImpl[] issuedCerts =
- req.getExtDataInCertArray(IRequest.ISSUED_CERTS);
+ req.getExtDataInCertArray(IRequest.ISSUED_CERTS);
// audit log the success.
- mLogger.log(ILogger.EV_AUDIT, ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.ENROLLMENTFORMAT,
- new Object[] {
- req.getRequestId(),
- initiative,
- authMgr,
- "completed",
- issuedCerts[0].getSubjectDN(),
- "cert issued serial number: 0x" +
- issuedCerts[0].getSerialNumber().toString(16)}
- );
+ mLogger.log(ILogger.EV_AUDIT, ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.ENROLLMENTFORMAT,
+ new Object[] {
+ req.getRequestId(),
+ initiative,
+ authMgr,
+ "completed",
+ issuedCerts[0].getSubjectDN(),
+ "cert issued serial number: 0x" +
+ issuedCerts[0].getSerialNumber().toString(16) }
+ );
// return cert as mime type binary if requested.
if (checkImportCertToNav(
- cmsReq.getHttpResp(), httpParams, issuedCerts[0])) {
+ cmsReq.getHttpResp(), httpParams, issuedCerts[0])) {
cmsReq.setStatus(CMSRequest.SUCCESS);
return;
}
-
+
// use success template.
try {
- cmsReq.setResult(issuedCerts);
- renderTemplate(cmsReq, mEnrollSuccessTemplate,
- mEnrollSuccessFiller);
- cmsReq.setStatus(CMSRequest.SUCCESS);
+ cmsReq.setResult(issuedCerts);
+ renderTemplate(cmsReq, mEnrollSuccessTemplate,
+ mEnrollSuccessFiller);
+ cmsReq.setStatus(CMSRequest.SUCCESS);
} catch (IOException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_TEMP_REND_ERR", mEnrollSuccessFiller.toString(), e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_TEMP_REND_ERR", mEnrollSuccessFiller.toString(), e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_RETURNING_RESULT_ERROR"));
+ CMS.getUserMessage("CMS_GW_RETURNING_RESULT_ERROR"));
}
return;
}
/**
- * fill subject name, validity, extensions from authoken if any,
- * overriding what was in pkcs10.
- * fill subject name, extensions from http input if not authenticated.
- * requests not authenticated will need to be approved by an agent.
+ * fill subject name, validity, extensions from authoken if any,
+ * overriding what was in pkcs10.
+ * fill subject name, extensions from http input if not authenticated.
+ * requests not authenticated will need to be approved by an agent.
*/
protected void fillCertInfoFromAuthToken(
- X509CertInfo certInfo, IAuthToken authToken)
- throws EBaseException {
+ X509CertInfo certInfo, IAuthToken authToken)
+ throws EBaseException {
// override subject, validity and extensions from auth token
// CA determines algorithm, version and issuer.
// take key from keygen, cmc, pkcs10 or crmf.
@@ -822,89 +819,89 @@ public class HashEnrollServlet extends CMSServlet {
// subject name.
try {
String subjectname =
- authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT);
+ authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT);
if (subjectname != null) {
CertificateSubjectName certSubject = (CertificateSubjectName)
- new CertificateSubjectName(new X500Name(subjectname));
+ new CertificateSubjectName(new X500Name(subjectname));
certInfo.set(X509CertInfo.SUBJECT, certSubject);
- log(ILogger.LL_INFO,
- "cert subject set to " + certSubject + " from authtoken");
+ log(ILogger.LL_INFO,
+ "cert subject set to " + certSubject + " from authtoken");
}
} catch (CertificateException e) {
- log(ILogger.LL_WARN,
- CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1", e.toString()));
+ log(ILogger.LL_WARN,
+ CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1", e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR"));
+ CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR"));
} catch (IOException e) {
- log(ILogger.LL_WARN,
- CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1",
- e.toString()));
+ log(ILogger.LL_WARN,
+ CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1",
+ e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR"));
+ CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR"));
}
// validity
try {
CertificateValidity validity = null;
- Date notBefore =
- authToken.getInDate(AuthToken.TOKEN_CERT_NOTBEFORE);
- Date notAfter =
- authToken.getInDate(AuthToken.TOKEN_CERT_NOTAFTER);
+ Date notBefore =
+ authToken.getInDate(AuthToken.TOKEN_CERT_NOTBEFORE);
+ Date notAfter =
+ authToken.getInDate(AuthToken.TOKEN_CERT_NOTAFTER);
if (notBefore != null && notAfter != null) {
validity = new CertificateValidity(notBefore, notAfter);
certInfo.set(X509CertInfo.VALIDITY, validity);
- log(ILogger.LL_INFO,
- "cert validity set to " + validity + " from authtoken");
+ log(ILogger.LL_INFO,
+ "cert validity set to " + validity + " from authtoken");
}
} catch (CertificateException e) {
- log(ILogger.LL_WARN,
- CMS.getLogMessage("CMSGW_ERROR_SET_VALIDITY_1",
- e.toString()));
+ log(ILogger.LL_WARN,
+ CMS.getLogMessage("CMSGW_ERROR_SET_VALIDITY_1",
+ e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_SET_VALIDITY_ERROR"));
+ CMS.getUserMessage("CMS_GW_SET_VALIDITY_ERROR"));
} catch (IOException e) {
- log(ILogger.LL_WARN,
- CMS.getLogMessage("CMSGW_ERROR_SET_VALIDITY_1", e.toString()));
+ log(ILogger.LL_WARN,
+ CMS.getLogMessage("CMSGW_ERROR_SET_VALIDITY_1", e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_SET_VALIDITY_ERROR"));
+ CMS.getUserMessage("CMS_GW_SET_VALIDITY_ERROR"));
}
-
+
// extensions
try {
CertificateExtensions extensions =
- authToken.getInCertExts(X509CertInfo.EXTENSIONS);
+ authToken.getInCertExts(X509CertInfo.EXTENSIONS);
if (extensions != null) {
certInfo.set(X509CertInfo.EXTENSIONS, extensions);
log(ILogger.LL_INFO, "cert extensions set from authtoken");
}
} catch (CertificateException e) {
- log(ILogger.LL_WARN,
- CMS.getLogMessage("CMSGW_ERROR_SET_EXTENSIONS_1", e.toString()));
+ log(ILogger.LL_WARN,
+ CMS.getLogMessage("CMSGW_ERROR_SET_EXTENSIONS_1", e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_SET_EXTENSIONS_ERROR"));
+ CMS.getUserMessage("CMS_GW_SET_EXTENSIONS_ERROR"));
} catch (IOException e) {
- log(ILogger.LL_WARN,
- CMS.getLogMessage("CMSGW_ERROR_SET_EXTENSIONS_1",
- e.toString()));
+ log(ILogger.LL_WARN,
+ CMS.getLogMessage("CMSGW_ERROR_SET_EXTENSIONS_1",
+ e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_SET_EXTENSIONS_ERROR"));
+ CMS.getUserMessage("CMS_GW_SET_EXTENSIONS_ERROR"));
}
}
protected X509CertInfo[] fillCRMF(
- String crmf, IAuthToken authToken, IArgBlock httpParams, IRequest req)
- throws EBaseException {
+ String crmf, IAuthToken authToken, IArgBlock httpParams, IRequest req)
+ throws EBaseException {
try {
byte[] crmfBlob = CMS.AtoB(crmf);
ByteArrayInputStream crmfBlobIn =
- new ByteArrayInputStream(crmfBlob);
-
+ new ByteArrayInputStream(crmfBlob);
+
SEQUENCE crmfMsgs = (SEQUENCE)
- new SEQUENCE.OF_Template(new CertReqMsg.Template()).decode(crmfBlobIn);
+ new SEQUENCE.OF_Template(new CertReqMsg.Template()).decode(crmfBlobIn);
int nummsgs = crmfMsgs.size();
X509CertInfo[] certInfoArray = new X509CertInfo[nummsgs];
@@ -951,27 +948,27 @@ public class HashEnrollServlet extends CMSServlet {
if (certTemplate.getNotBefore() != null || certTemplate.getNotAfter() != null) {
CertificateValidity certValidity = new CertificateValidity(certTemplate.getNotBefore(), certTemplate.getNotAfter());
- certInfo.set(X509CertInfo.VALIDITY, certValidity);
+ certInfo.set(X509CertInfo.VALIDITY, certValidity);
}
if (certTemplate.hasSubject()) {
Name subjectdn = certTemplate.getSubject();
- ByteArrayOutputStream subjectEncStream =
- new ByteArrayOutputStream();
+ ByteArrayOutputStream subjectEncStream =
+ new ByteArrayOutputStream();
subjectdn.encode(subjectEncStream);
byte[] subjectEnc = subjectEncStream.toByteArray();
X500Name subject = new X500Name(subjectEnc);
- certInfo.set(X509CertInfo.SUBJECT,
- new CertificateSubjectName(subject));
- } else if (authToken == null ||
- authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT) == null) {
+ certInfo.set(X509CertInfo.SUBJECT,
+ new CertificateSubjectName(subject));
+ } else if (authToken == null ||
+ authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT) == null) {
// No subject name - error!
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_SUBJECT_NAME_FROM_AUTHTOKEN"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_MISSING_SUBJECT_NAME_FROM_AUTHTOKEN"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_MISSING_SUBJECT_NAME_FROM_AUTHTOKEN"));
+ CMS.getUserMessage("CMS_GW_MISSING_SUBJECT_NAME_FROM_AUTHTOKEN"));
}
// get extensions
@@ -979,7 +976,7 @@ public class HashEnrollServlet extends CMSServlet {
try {
extensions = (CertificateExtensions)
- certInfo.get(X509CertInfo.EXTENSIONS);
+ certInfo.get(X509CertInfo.EXTENSIONS);
} catch (CertificateException e) {
extensions = null;
} catch (IOException e) {
@@ -989,40 +986,40 @@ public class HashEnrollServlet extends CMSServlet {
// put each extension from CRMF into CertInfo.
// index by extension name, consistent with
// CertificateExtensions.parseExtension() method.
- if (extensions == null)
+ if (extensions == null)
extensions = new CertificateExtensions();
int numexts = certTemplate.numExtensions();
for (int j = 0; j < numexts; j++) {
- org.mozilla.jss.pkix.cert.Extension jssext =
- certTemplate.extensionAt(j);
+ org.mozilla.jss.pkix.cert.Extension jssext =
+ certTemplate.extensionAt(j);
boolean isCritical = jssext.getCritical();
- org.mozilla.jss.asn1.OBJECT_IDENTIFIER jssoid =
- jssext.getExtnId();
+ org.mozilla.jss.asn1.OBJECT_IDENTIFIER jssoid =
+ jssext.getExtnId();
long[] numbers = jssoid.getNumbers();
int[] oidNumbers = new int[numbers.length];
for (int k = numbers.length - 1; k >= 0; k--) {
oidNumbers[k] = (int) numbers[k];
}
- ObjectIdentifier oid =
- new ObjectIdentifier(oidNumbers);
- org.mozilla.jss.asn1.OCTET_STRING jssvalue =
- jssext.getExtnValue();
- ByteArrayOutputStream jssvalueout =
- new ByteArrayOutputStream();
+ ObjectIdentifier oid =
+ new ObjectIdentifier(oidNumbers);
+ org.mozilla.jss.asn1.OCTET_STRING jssvalue =
+ jssext.getExtnValue();
+ ByteArrayOutputStream jssvalueout =
+ new ByteArrayOutputStream();
jssvalue.encode(jssvalueout);
byte[] extValue = jssvalueout.toByteArray();
- Extension ext =
- new Extension(oid, isCritical, extValue);
+ Extension ext =
+ new Extension(oid, isCritical, extValue);
extensions.parseExtension(ext);
}
- certInfo.set(X509CertInfo.VERSION,
- new CertificateVersion(CertificateVersion.V3));
+ certInfo.set(X509CertInfo.VERSION,
+ new CertificateVersion(CertificateVersion.V3));
certInfo.set(X509CertInfo.EXTENSIONS, extensions);
}
@@ -1034,8 +1031,8 @@ public class HashEnrollServlet extends CMSServlet {
// to have the control of the subject name
// formulation.
// -- CRMFfillCert
- if (authToken != null &&
- authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT) != null) {
+ if (authToken != null &&
+ authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT) != null) {
// if authenticated override subect name, validity and
// extensions if any from authtoken.
fillCertInfoFromAuthToken(certInfo, authToken);
@@ -1048,27 +1045,27 @@ public class HashEnrollServlet extends CMSServlet {
return certInfoArray;
} catch (CertificateException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1", e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR"));
+ CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR"));
} catch (IOException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1",
- e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1",
+ e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR"));
+ CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR"));
} catch (InvalidBERException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1", e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR"));
+ CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR"));
} catch (InvalidKeyException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1",
- e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1",
+ e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR"));
+ CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR"));
}
}
@@ -1107,19 +1104,19 @@ public class HashEnrollServlet extends CMSServlet {
out.println("<P>");
out.println("<PRE>");
X509CertImpl certs[] =
- cmsReq.getIRequest().getExtDataInCertArray(IRequest.ISSUED_CERTS);
+ cmsReq.getIRequest().getExtDataInCertArray(IRequest.ISSUED_CERTS);
out.println(CMS.getEncodedCert(certs[0]));
out.println("</PRE>");
out.println("<P>");
out.println("<!HTTP_OUTPUT REQUEST_CREATION_TIME=" +
- cmsReq.getIRequest().getCreationTime().toString() + ">");
- out.println("<!HTTP_OUTPUT REQUEST_STATUS=" +
- cmsReq.getStatus().toString() + ">");
- out.println("<!HTTP_OUTPUT REQUEST_ID=" +
- cmsReq.getIRequest().getRequestId().toString() + ">");
+ cmsReq.getIRequest().getCreationTime().toString() + ">");
+ out.println("<!HTTP_OUTPUT REQUEST_STATUS=" +
+ cmsReq.getStatus().toString() + ">");
+ out.println("<!HTTP_OUTPUT REQUEST_ID=" +
+ cmsReq.getIRequest().getRequestId().toString() + ">");
out.println("<!HTTP_OUTPUT X509_CERTIFICATE=" +
- CMS.getEncodedCert(certs[0]) + ">");
+ CMS.getEncodedCert(certs[0]) + ">");
} else if (cmsReq.getIRequest().getRequestStatus().equals(RequestStatus.PENDING)) {
out.println("<H1>");
out.println("PENDING");
@@ -1136,11 +1133,11 @@ public class HashEnrollServlet extends CMSServlet {
out.println(cmsReq.getIRequest().getRequestId().toString());
out.println("<P>");
out.println("<!HTTP_OUTPUT REQUEST_CREATION_TIME=" +
- cmsReq.getIRequest().getCreationTime().toString() + ">");
- out.println("<!HTTP_OUTPUT REQUEST_STATUS=" +
- cmsReq.getStatus().toString() + ">");
- out.println("<!HTTP_OUTPUT REQUEST_ID=" +
- cmsReq.getIRequest().getRequestId().toString() + ">");
+ cmsReq.getIRequest().getCreationTime().toString() + ">");
+ out.println("<!HTTP_OUTPUT REQUEST_STATUS=" +
+ cmsReq.getStatus().toString() + ">");
+ out.println("<!HTTP_OUTPUT REQUEST_ID=" +
+ cmsReq.getIRequest().getRequestId().toString() + ">");
} else {
out.println("<H1>");
out.println("ERROR");
@@ -1155,21 +1152,21 @@ public class HashEnrollServlet extends CMSServlet {
out.println("Error: ");
out.println(cmsReq.getError()); // XXX - need to parse in Locale
out.println("<P>");
- out.println("<!HTTP_OUTPUT REQUEST_STATUS=" +
- cmsReq.getStatus().toString() + ">");
- out.println("<!HTTP_OUTPUT ERROR=" +
- cmsReq.getError() + ">");
+ out.println("<!HTTP_OUTPUT REQUEST_STATUS=" +
+ cmsReq.getStatus().toString() + ">");
+ out.println("<!HTTP_OUTPUT ERROR=" +
+ cmsReq.getError() + ">");
}
/**
- // include all the input data
- IArgBlock args = cmsReq.getHttpParams();
- Enumeration ele = args.getElements();
- while (ele.hasMoreElements()) {
- String eleT = (String)ele.nextElement();
- out.println("<!HTTP_INPUT " + eleT + "=" +
- args.get(eleT) + ">");
- }
+ * // include all the input data
+ * IArgBlock args = cmsReq.getHttpParams();
+ * Enumeration ele = args.getElements();
+ * while (ele.hasMoreElements()) {
+ * String eleT = (String)ele.nextElement();
+ * out.println("<!HTTP_INPUT " + eleT + "=" +
+ * args.get(eleT) + ">");
+ * }
**/
out.println("</HTML>");
@@ -1184,32 +1181,32 @@ public class HashEnrollServlet extends CMSServlet {
private boolean mIsTestBed = false;
- private void init_testbed_hack(IConfigStore config)
- throws EBaseException {
+ private void init_testbed_hack(IConfigStore config)
+ throws EBaseException {
mIsTestBed = config.getBoolean("isTestBed", true);
}
private void do_testbed_hack(
- int nummsgs, X509CertInfo[] certinfo, IArgBlock httpParams)
- throws EBaseException {
- if (!mIsTestBed)
+ int nummsgs, X509CertInfo[] certinfo, IArgBlock httpParams)
+ throws EBaseException {
+ if (!mIsTestBed)
return;
- // get around bug in cartman - bits are off by one byte.
+ // get around bug in cartman - bits are off by one byte.
for (int i = 0; i < certinfo.length; i++) {
try {
X509CertInfo cert = certinfo[i];
CertificateExtensions exts = (CertificateExtensions)
- cert.get(CertificateExtensions.NAME);
+ cert.get(CertificateExtensions.NAME);
if (exts == null) {
// should not happen.
continue;
}
KeyUsageExtension ext = (KeyUsageExtension)
- exts.get(KeyUsageExtension.NAME);
+ exts.get(KeyUsageExtension.NAME);
- if (ext == null)
+ if (ext == null)
// should not happen
continue;
byte[] value = ext.getExtensionValue();
@@ -1235,9 +1232,9 @@ public class HashEnrollServlet extends CMSServlet {
}
}
newvalue[4] = 0;
- KeyUsageExtension newext =
- new KeyUsageExtension(Boolean.valueOf(true),
- (Object) newvalue);
+ KeyUsageExtension newext =
+ new KeyUsageExtension(Boolean.valueOf(true),
+ (Object) newvalue);
exts.delete(KeyUsageExtension.NAME);
exts.set(KeyUsageExtension.NAME, newext);
@@ -1253,4 +1250,3 @@ public class HashEnrollServlet extends CMSServlet {
}
}
-
generated by cgit (git 2.34.1) at 2024-07-04 23:54:03 +0000