diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/common/GenPendingTemplateFiller.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/common/GenPendingTemplateFiller.java | 160 |
1 files changed, 85 insertions, 75 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/common/GenPendingTemplateFiller.java b/pki/base/common/src/com/netscape/cms/servlet/common/GenPendingTemplateFiller.java index ced36b940..15456865f 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/common/GenPendingTemplateFiller.java +++ b/pki/base/common/src/com/netscape/cms/servlet/common/GenPendingTemplateFiller.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.common; + import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.OutputStream; @@ -58,9 +59,10 @@ import com.netscape.certsrv.ra.IRegistrationAuthority; import com.netscape.certsrv.request.IRequest; import com.netscape.certsrv.request.RequestId; + /** - * default Pending template filler - * + * default Pending template filler + * * @version $Revision$, $Date$ */ public class GenPendingTemplateFiller implements ICMSTemplateFiller { @@ -70,29 +72,28 @@ public class GenPendingTemplateFiller implements ICMSTemplateFiller { } /** - * fill error details and description if any. - * + * fill error details and description if any. * @param cmsReq CMS Request * @param authority this authority * @param locale locale of template. * @param e unexpected exception e. ignored. */ - public CMSTemplateParams getTemplateParams(CMSRequest cmsReq, - IAuthority authority, Locale locale, Exception e) { + public CMSTemplateParams getTemplateParams( + CMSRequest cmsReq, IAuthority authority, Locale locale, Exception e) { IArgBlock fixed = CMS.createArgBlock(); CMSTemplateParams params = new CMSTemplateParams(null, fixed); - if (cmsReq == null) { + if( cmsReq == null ) { return null; } // request status if any. Integer sts = cmsReq.getStatus(); - if (sts != null) + if (sts != null) fixed.set(ICMSTemplateFiller.REQUEST_STATUS, sts.toString()); - // request id + // request id IRequest req = cmsReq.getIRequest(); if (req != null) { @@ -105,46 +106,52 @@ public class GenPendingTemplateFiller implements ICMSTemplateFiller { if (doFullResponse(httpParams)) { SEQUENCE controlSeq = new SEQUENCE(); int bpid = 1; - PendInfo pendInfo = new PendInfo(reqId.toString(), new Date()); - OtherInfo otherInfo = new OtherInfo(OtherInfo.PEND, null, - pendInfo); + PendInfo pendInfo = new PendInfo(reqId.toString(), new + Date()); + OtherInfo otherInfo = new + OtherInfo(OtherInfo.PEND, null, pendInfo); SEQUENCE bpids = new SEQUENCE(); - String[] reqIdArray = req - .getExtDataInStringArray(IRequest.CMC_REQIDS); + String[] reqIdArray = + req.getExtDataInStringArray(IRequest.CMC_REQIDS); for (int i = 0; i < reqIdArray.length; i++) { bpids.addElement(new INTEGER(reqIdArray[i])); } - CMCStatusInfo cmcStatusInfo = new CMCStatusInfo( - CMCStatusInfo.PENDING, bpids, (String) null, otherInfo); - TaggedAttribute ta = new TaggedAttribute(new INTEGER(bpid++), - OBJECT_IDENTIFIER.id_cmc_cMCStatusInfo, cmcStatusInfo); + CMCStatusInfo cmcStatusInfo = new + CMCStatusInfo(CMCStatusInfo.PENDING, bpids, + (String) null, otherInfo); + TaggedAttribute ta = new TaggedAttribute(new + INTEGER(bpid++), + OBJECT_IDENTIFIER.id_cmc_cMCStatusInfo, + cmcStatusInfo); controlSeq.addElement(ta); // copy transactionID, senderNonce, // create recipientNonce // create responseInfo if regInfo exist - String[] transIds = req - .getExtDataInStringArray(IRequest.CMC_TRANSID); + String[] transIds = + req.getExtDataInStringArray(IRequest.CMC_TRANSID); SET ids = new SET(); for (int i = 0; i < transIds.length; i++) { ids.addElement(new INTEGER(transIds[i])); } - ta = new TaggedAttribute(new INTEGER(bpid++), - OBJECT_IDENTIFIER.id_cmc_transactionId, ids); + ta = new TaggedAttribute(new + INTEGER(bpid++), + OBJECT_IDENTIFIER.id_cmc_transactionId, + ids); controlSeq.addElement(ta); - String[] senderNonce = req - .getExtDataInStringArray(IRequest.CMC_SENDERNONCE); + String[] senderNonce = req.getExtDataInStringArray(IRequest.CMC_SENDERNONCE); SET nonces = new SET(); for (int i = 0; i < senderNonce.length; i++) { - nonces.addElement(new OCTET_STRING(senderNonce[i] - .getBytes())); + nonces.addElement(new OCTET_STRING(senderNonce[i].getBytes())); } - ta = new TaggedAttribute(new INTEGER(bpid++), - OBJECT_IDENTIFIER.id_cmc_recipientNonce, nonces); + ta = new TaggedAttribute(new + INTEGER(bpid++), + OBJECT_IDENTIFIER.id_cmc_recipientNonce, + nonces); controlSeq.addElement(ta); req.setExtData(IRequest.CMC_RECIPIENTNONCE, senderNonce); @@ -153,65 +160,61 @@ public class GenPendingTemplateFiller implements ICMSTemplateFiller { byte[] dig; try { - MessageDigest SHA1Digest = MessageDigest - .getInstance("SHA1"); + MessageDigest SHA1Digest = MessageDigest.getInstance("SHA1"); dig = SHA1Digest.digest(salt.getBytes()); } catch (NoSuchAlgorithmException ex) { dig = salt.getBytes(); } String b64E = CMS.BtoA(dig); - String[] newNonce = { b64E }; + String[] newNonce = {b64E}; - ta = new TaggedAttribute(new INTEGER(bpid++), - OBJECT_IDENTIFIER.id_cmc_senderNonce, new OCTET_STRING( - newNonce[0].getBytes())); + ta = new TaggedAttribute(new + INTEGER(bpid++), + OBJECT_IDENTIFIER.id_cmc_senderNonce, + new OCTET_STRING(newNonce[0].getBytes())); controlSeq.addElement(ta); req.setExtData(IRequest.CMC_SENDERNONCE, newNonce); - ResponseBody rb = new ResponseBody(controlSeq, new SEQUENCE(), - new SEQUENCE()); - EncapsulatedContentInfo ci = new EncapsulatedContentInfo( - OBJECT_IDENTIFIER.id_cct_PKIResponse, rb); + ResponseBody rb = new ResponseBody(controlSeq, new + SEQUENCE(), new + SEQUENCE()); + EncapsulatedContentInfo ci = new + EncapsulatedContentInfo(OBJECT_IDENTIFIER.id_cct_PKIResponse, + rb); org.mozilla.jss.crypto.X509Certificate x509cert = null; if (authority instanceof ICertificateAuthority) { - x509cert = ((ICertificateAuthority) authority) - .getCaX509Cert(); - } else if (authority instanceof IRegistrationAuthority) { + x509cert = ((ICertificateAuthority) authority).getCaX509Cert(); + }else if (authority instanceof IRegistrationAuthority) { x509cert = ((IRegistrationAuthority) authority).getRACert(); } if (x509cert == null) return params; try { X509CertImpl cert = new X509CertImpl(x509cert.getEncoded()); - ByteArrayInputStream issuer1 = new ByteArrayInputStream( - ((X500Name) cert.getIssuerDN()).getEncoded()); + ByteArrayInputStream issuer1 = new + ByteArrayInputStream(((X500Name) cert.getIssuerDN()).getEncoded()); Name issuer = (Name) Name.getTemplate().decode(issuer1); - IssuerAndSerialNumber ias = new IssuerAndSerialNumber( - issuer, new INTEGER(cert.getSerialNumber() - .toString())); - SignerIdentifier si = new SignerIdentifier( - SignerIdentifier.ISSUER_AND_SERIALNUMBER, ias, null); + IssuerAndSerialNumber ias = new + IssuerAndSerialNumber(issuer, new INTEGER(cert.getSerialNumber().toString())); + SignerIdentifier si = new + SignerIdentifier(SignerIdentifier.ISSUER_AND_SERIALNUMBER, ias, null); // SHA1 is the default digest Alg for now. DigestAlgorithm digestAlg = null; SignatureAlgorithm signAlg = null; - org.mozilla.jss.crypto.PrivateKey privKey = CryptoManager - .getInstance().findPrivKeyByCert(x509cert); - org.mozilla.jss.crypto.PrivateKey.Type keyType = privKey - .getType(); + org.mozilla.jss.crypto.PrivateKey privKey = CryptoManager.getInstance().findPrivKeyByCert(x509cert); + org.mozilla.jss.crypto.PrivateKey.Type keyType = privKey.getType(); - if (keyType.equals(org.mozilla.jss.crypto.PrivateKey.RSA)) { + if( keyType.equals(org.mozilla.jss.crypto.PrivateKey.RSA ) ) { signAlg = SignatureAlgorithm.RSASignatureWithSHA1Digest; - } else if (keyType - .equals(org.mozilla.jss.crypto.PrivateKey.DSA)) { + } else if( keyType.equals(org.mozilla.jss.crypto.PrivateKey.DSA ) ) { signAlg = SignatureAlgorithm.DSASignatureWithSHA1Digest; } else { - CMS.debug("GenPendingTemplateFiller::getTemplateParams() - " - + "keyType " - + keyType.toString() - + " is unsupported!"); + CMS.debug( "GenPendingTemplateFiller::getTemplateParams() - " + + "keyType " + keyType.toString() + + " is unsupported!" ); return null; } @@ -221,36 +224,41 @@ public class GenPendingTemplateFiller implements ICMSTemplateFiller { try { SHADigest = MessageDigest.getInstance("SHA1"); digestAlg = DigestAlgorithm.SHA1; - + ByteArrayOutputStream ostream = new ByteArrayOutputStream(); rb.encode((OutputStream) ostream); digest = SHADigest.digest(ostream.toByteArray()); } catch (NoSuchAlgorithmException ex) { - // log("digest fail"); + //log("digest fail"); } - SignerInfo signInfo = new SignerInfo(si, null, null, - OBJECT_IDENTIFIER.id_cct_PKIResponse, digest, - signAlg, privKey); + SignerInfo signInfo = new + SignerInfo(si, null, null, + OBJECT_IDENTIFIER.id_cct_PKIResponse, + digest, signAlg, + privKey); SET signInfos = new SET(); signInfos.addElement(signInfo); - + SET digestAlgs = new SET(); if (digestAlg != null) { - AlgorithmIdentifier ai = new AlgorithmIdentifier( - digestAlg.toOID(), null); + AlgorithmIdentifier ai = new + AlgorithmIdentifier(digestAlg.toOID(), + null); digestAlgs.addElement(ai); } - - SignedData fResponse = new SignedData(digestAlgs, ci, null, - null, signInfos); - ContentInfo fullResponse = new ContentInfo( - ContentInfo.SIGNED_DATA, fResponse); - ByteArrayOutputStream ostream = new ByteArrayOutputStream(); + + SignedData fResponse = new + SignedData(digestAlgs, ci, + null, null, signInfos); + ContentInfo fullResponse = new + ContentInfo(ContentInfo.SIGNED_DATA, fResponse); + ByteArrayOutputStream ostream = new + ByteArrayOutputStream(); fullResponse.encode((OutputStream) ostream); byte[] fr = ostream.toByteArray(); @@ -262,8 +270,9 @@ public class GenPendingTemplateFiller implements ICMSTemplateFiller { } } // this authority - if (authority != null) - fixed.set(ICMSTemplateFiller.AUTHORITY, authority.getOfficialName()); + if (authority != null) + fixed.set(ICMSTemplateFiller.AUTHORITY, + authority.getOfficialName()); return params; } @@ -277,3 +286,4 @@ public class GenPendingTemplateFiller implements ICMSTemplateFiller { return false; } } + |