diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/processors')
6 files changed, 223 insertions, 242 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/processors/CMCProcessor.java b/pki/base/common/src/com/netscape/cms/servlet/processors/CMCProcessor.java index 1e44dad18..f2b3f57a2 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/processors/CMCProcessor.java +++ b/pki/base/common/src/com/netscape/cms/servlet/processors/CMCProcessor.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.processors; - import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -72,11 +71,10 @@ import com.netscape.cms.servlet.base.CMSServlet; import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.ECMSGWException; - /** * Process CMC messages according to RFC 2797 * See http://www.ietf.org/rfc/rfc2797.txt - * + * * @version $Revision$, $Date$ */ public class CMCProcessor extends PKIProcessor { @@ -95,18 +93,18 @@ public class CMCProcessor extends PKIProcessor { } public void process(CMSRequest cmsReq) - throws EBaseException { + throws EBaseException { } public void fillCertInfo( - String protocolString, X509CertInfo certInfo, - IAuthToken authToken, IArgBlock httpParams) - throws EBaseException { + String protocolString, X509CertInfo certInfo, + IAuthToken authToken, IArgBlock httpParams) + throws EBaseException { } public X509CertInfo[] fillCertInfoArray( - String protocolString, IAuthToken authToken, IArgBlock httpParams, IRequest req) - throws EBaseException { + String protocolString, IAuthToken authToken, IArgBlock httpParams, IRequest req) + throws EBaseException { CMS.debug("CMCProcessor: In CMCProcessor.fillCertInfoArray!"); String cmc = protocolString; @@ -114,17 +112,16 @@ public class CMCProcessor extends PKIProcessor { try { byte[] cmcBlob = CMS.AtoB(cmc); ByteArrayInputStream cmcBlobIn = - new ByteArrayInputStream(cmcBlob); + new ByteArrayInputStream(cmcBlob); org.mozilla.jss.pkix.cms.ContentInfo cmcReq = (org.mozilla.jss.pkix.cms.ContentInfo) - org.mozilla.jss.pkix.cms.ContentInfo.getTemplate().decode(cmcBlobIn); + org.mozilla.jss.pkix.cms.ContentInfo.getTemplate().decode(cmcBlobIn); - if - (!cmcReq.getContentType().equals(org.mozilla.jss.pkix.cms.ContentInfo.SIGNED_DATA) || !cmcReq.hasContent()) + if (!cmcReq.getContentType().equals(org.mozilla.jss.pkix.cms.ContentInfo.SIGNED_DATA) || !cmcReq.hasContent()) throw new ECMSGWException(CMS.getUserMessage("CMS_GW_NO_CMC_CONTENT")); SignedData cmcFullReq = (SignedData) - cmcReq.getInterpretedContent(); + cmcReq.getInterpretedContent(); EncapsulatedContentInfo ci = cmcFullReq.getContentInfo(); @@ -132,7 +129,7 @@ public class CMCProcessor extends PKIProcessor { if (!id.equals(OBJECT_IDENTIFIER.id_cct_PKIData) || !ci.hasContent()) { throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_NO_PKIDATA")); + CMS.getUserMessage("CMS_GW_NO_PKIDATA")); } OCTET_STRING content = ci.getContent(); @@ -144,7 +141,7 @@ public class CMCProcessor extends PKIProcessor { int numReqs = reqSequence.size(); X509CertInfo[] certInfoArray = new X509CertInfo[numReqs]; String[] reqIdArray = new String[numReqs]; - + for (int i = 0; i < numReqs; i++) { // decode message. TaggedRequest taggedRequest = (TaggedRequest) reqSequence.elementAt(i); @@ -158,7 +155,7 @@ public class CMCProcessor extends PKIProcessor { reqIdArray[i] = String.valueOf(p10Id); CertificationRequest p10 = - tcr.getCertificationRequest(); + tcr.getCertificationRequest(); // transfer to sun class ByteArrayOutputStream ostream = new ByteArrayOutputStream(); @@ -195,7 +192,7 @@ public class CMCProcessor extends PKIProcessor { reqIdArray[i] = String.valueOf(srcId); - certInfoArray[i] = crmfProc.processIndividualRequest(crm, authToken, httpParams); + certInfoArray[i] = crmfProc.processIndividualRequest(crm, authToken, httpParams); } else { throw new ECMSGWException(CMS.getUserMessage("CMS_GW_NO_CMC_CONTENT")); @@ -209,12 +206,12 @@ public class CMCProcessor extends PKIProcessor { for (int i = 0; i < numDig; i++) { AlgorithmIdentifier dai = - (AlgorithmIdentifier) dais.elementAt(i); + (AlgorithmIdentifier) dais.elementAt(i); String name = - DigestAlgorithm.fromOID(dai.getOID()).toString(); + DigestAlgorithm.fromOID(dai.getOID()).toString(); MessageDigest md = - MessageDigest.getInstance(name); + MessageDigest.getInstance(name); byte[] digest = md.digest(content.toByteArray()); @@ -226,8 +223,8 @@ public class CMCProcessor extends PKIProcessor { for (int i = 0; i < numSis; i++) { org.mozilla.jss.pkix.cms.SignerInfo si = - (org.mozilla.jss.pkix.cms.SignerInfo) - sis.elementAt(i); + (org.mozilla.jss.pkix.cms.SignerInfo) + sis.elementAt(i); String name = si.getDigestAlgorithm().toString(); byte[] digest = (byte[]) digs.get(name); @@ -243,8 +240,7 @@ public class CMCProcessor extends PKIProcessor { SignerIdentifier sid = si.getSignerIdentifier(); - if - (sid.getType().equals(SignerIdentifier.ISSUER_AND_SERIALNUMBER)) { + if (sid.getType().equals(SignerIdentifier.ISSUER_AND_SERIALNUMBER)) { IssuerAndSerialNumber issuerAndSerialNumber = sid.getIssuerAndSerialNumber(); // find from the certs in the signedData X509Certificate cert = null; @@ -255,20 +251,19 @@ public class CMCProcessor extends PKIProcessor { for (int j = 0; j < numCerts; j++) { Certificate certJss = - (Certificate) certs.elementAt(j); + (Certificate) certs.elementAt(j); CertificateInfo certI = - certJss.getInfo(); + certJss.getInfo(); Name issuer = certI.getIssuer(); byte[] issuerB = ASN1Util.encode(issuer); INTEGER sn = certI.getSerialNumber(); - if ( - new String(issuerB).equals(new + if (new String(issuerB).equals(new String(ASN1Util.encode(issuerAndSerialNumber.getIssuer()))) - && sn.toString().equals(issuerAndSerialNumber.getSerialNumber().toString())) { + && sn.toString().equals(issuerAndSerialNumber.getSerialNumber().toString())) { ByteArrayOutputStream os = new - ByteArrayOutputStream(); + ByteArrayOutputStream(); certJss.encode(os); cert = new X509CertImpl(os.toByteArray()); @@ -296,8 +291,8 @@ public class CMCProcessor extends PKIProcessor { } else { } PK11PubKey pubK = - PK11PubKey.fromRaw(keyType, - ((X509Key) signKey).getKey()); + PK11PubKey.fromRaw(keyType, + ((X509Key) signKey).getKey()); si.verify(digest, id, pubK); } @@ -321,8 +316,7 @@ public class CMCProcessor extends PKIProcessor { j++; } if (signKey == null) { - throw new - ECMSGWException(CMS.getUserMessage("CMS_GW_CMC_ERROR", + throw new ECMSGWException(CMS.getUserMessage("CMS_GW_CMC_ERROR", "SubjectKeyIdentifier in SignerInfo does not match any publicKey in the request.")); } else { PrivateKey.Type keyType = null; @@ -352,7 +346,7 @@ public class CMCProcessor extends PKIProcessor { for (int i = 0; i < numControls; i++) { TaggedAttribute control = - (TaggedAttribute) controls.elementAt(i); + (TaggedAttribute) controls.elementAt(i); OBJECT_IDENTIFIER type = control.getType(); SET values = control.getValues(); int numVals = values.size(); @@ -364,7 +358,7 @@ public class CMCProcessor extends PKIProcessor { vals = new String[numVals]; for (int j = 0; j < numVals; j++) { ANY val = (ANY) - values.elementAt(j); + values.elementAt(j); INTEGER transId = (INTEGER) ((ANY) val).decodeWith( INTEGER.getTemplate()); @@ -374,17 +368,16 @@ public class CMCProcessor extends PKIProcessor { } if (vals != null) req.setExtData(IRequest.CMC_TRANSID, vals); - } else if - (type.equals(OBJECT_IDENTIFIER.id_cmc_senderNonce)) { + } else if (type.equals(OBJECT_IDENTIFIER.id_cmc_senderNonce)) { String[] vals = null; if (numVals > 0) vals = new String[numVals]; for (int j = 0; j < numVals; j++) { ANY val = (ANY) - values.elementAt(j); + values.elementAt(j); OCTET_STRING nonce = (OCTET_STRING) - ((ANY) val).decodeWith(OCTET_STRING.getTemplate()); + ((ANY) val).decodeWith(OCTET_STRING.getTemplate()); if (nonce != null) { vals[j] = new String(nonce.toByteArray()); @@ -409,27 +402,27 @@ public class CMCProcessor extends PKIProcessor { return certInfoArray; } catch (CertificateException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_CMC_TO_CERTINFO_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_CMC_TO_CERTINFO_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_CMC_TO_CERTINFO_ERROR")); + CMS.getUserMessage("CMS_GW_CMC_TO_CERTINFO_ERROR")); } catch (IOException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_CMC_TO_CERTINFO_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_CMC_TO_CERTINFO_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_CMC_TO_CERTINFO_ERROR")); + CMS.getUserMessage("CMS_GW_CMC_TO_CERTINFO_ERROR")); } catch (InvalidBERException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_CMC_TO_CERTINFO_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_CMC_TO_CERTINFO_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_CMC_TO_CERTINFO_ERROR")); + CMS.getUserMessage("CMS_GW_CMC_TO_CERTINFO_ERROR")); } catch (InvalidKeyException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_CMC_TO_CERTINFO_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_CMC_TO_CERTINFO_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_CMC_TO_CERTINFO_ERROR")); - }catch (Exception e) { + CMS.getUserMessage("CMS_GW_CMC_TO_CERTINFO_ERROR")); + } catch (Exception e) { throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_CMC_ERROR", e.toString())); + CMS.getUserMessage("CMS_GW_CMC_ERROR", e.toString())); } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java b/pki/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java index 27648758b..dcfb3eaee 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java +++ b/pki/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.processors; - import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -56,11 +55,10 @@ import com.netscape.cms.servlet.base.CMSServlet; import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.ECMSGWException; - /** * Process CRMF requests, according to RFC 2511 * See http://www.ietf.org/rfc/rfc2511.txt - * + * * @version $Revision$, $Date$ */ public class CRMFProcessor extends PKIProcessor { @@ -70,7 +68,7 @@ public class CRMFProcessor extends PKIProcessor { private boolean enforcePop = false; private final static String LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION = - "LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION_2"; + "LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION_2"; public CRMFProcessor() { super(); @@ -84,22 +82,22 @@ public class CRMFProcessor extends PKIProcessor { } public void process(CMSRequest cmsReq) - throws EBaseException { + throws EBaseException { } /** * Verify Proof of Possession (POP) * <P> - * + * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION used when proof - * of possession is checked during certificate enrollment + * <li>signed.audit LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION used when proof of possession is checked during certificate enrollment * </ul> + * * @param certReqMsg the certificate request message * @exception EBaseException an error has occurred */ private void verifyPOP(CertReqMsg certReqMsg) - throws EBaseException { + throws EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -118,59 +116,59 @@ public class CRMFProcessor extends PKIProcessor { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION, - auditSubjectID, - ILogger.SUCCESS ); + LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION, + auditSubjectID, + ILogger.SUCCESS); - audit( auditMessage ); + audit(auditMessage); } catch (Exception e) { CMS.debug("CRMFProcessor: Failed POP verify!"); log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_POP_VERIFY")); + CMS.getLogMessage("CMSGW_ERROR_POP_VERIFY")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION, - auditSubjectID, - ILogger.FAILURE ); + LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION, + auditSubjectID, + ILogger.FAILURE); - audit( auditMessage ); + audit(auditMessage); throw new ECMSGWException( - CMS.getLogMessage("CMSGW_ERROR_POP_VERIFY")); + CMS.getLogMessage("CMSGW_ERROR_POP_VERIFY")); } } } else { if (enforcePop == true) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_NO_POP")); + CMS.getLogMessage("CMSGW_ERROR_NO_POP")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION, - auditSubjectID, - ILogger.FAILURE ); + LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION, + auditSubjectID, + ILogger.FAILURE); - audit( auditMessage ); + audit(auditMessage); throw new ECMSGWException( - CMS.getLogMessage("CMSGW_ERROR_NO_POP")); + CMS.getLogMessage("CMSGW_ERROR_NO_POP")); } } - } catch( EBaseException eAudit1 ) { + } catch (EBaseException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION, - auditSubjectID, - ILogger.FAILURE ); + LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION, + auditSubjectID, + ILogger.FAILURE); - audit( auditMessage ); + audit(auditMessage); } } - public X509CertInfo processIndividualRequest(CertReqMsg certReqMsg, IAuthToken authToken, IArgBlock httpParams) - throws EBaseException { + public X509CertInfo processIndividualRequest(CertReqMsg certReqMsg, IAuthToken authToken, IArgBlock httpParams) + throws EBaseException { CMS.debug("CRMFProcessor::processIndividualRequest!"); try { @@ -205,21 +203,21 @@ public class CRMFProcessor extends PKIProcessor { if (certTemplate.hasSubject()) { Name subjectdn = certTemplate.getSubject(); ByteArrayOutputStream subjectEncStream = - new ByteArrayOutputStream(); + new ByteArrayOutputStream(); subjectdn.encode(subjectEncStream); byte[] subjectEnc = subjectEncStream.toByteArray(); X500Name subject = new X500Name(subjectEnc); certInfo.set(X509CertInfo.SUBJECT, - new CertificateSubjectName(subject)); + new CertificateSubjectName(subject)); } else if (authToken == null || - authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT) == null) { + authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT) == null) { // No subject name - error! log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_MISSING_SUBJECT_NAME_FROM_AUTHTOKEN")); + CMS.getLogMessage("CMSGW_MISSING_SUBJECT_NAME_FROM_AUTHTOKEN")); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_MISSING_SUBJECT_NAME_FROM_AUTHTOKEN")); + CMS.getUserMessage("CMS_GW_MISSING_SUBJECT_NAME_FROM_AUTHTOKEN")); } // get extensions @@ -243,10 +241,10 @@ public class CRMFProcessor extends PKIProcessor { for (int j = 0; j < numexts; j++) { org.mozilla.jss.pkix.cert.Extension jssext = - certTemplate.extensionAt(j); + certTemplate.extensionAt(j); boolean isCritical = jssext.getCritical(); org.mozilla.jss.asn1.OBJECT_IDENTIFIER jssoid = - jssext.getExtnId(); + jssext.getExtnId(); long[] numbers = jssoid.getNumbers(); int[] oidNumbers = new int[numbers.length]; @@ -254,23 +252,23 @@ public class CRMFProcessor extends PKIProcessor { oidNumbers[k] = (int) numbers[k]; } ObjectIdentifier oid = - new ObjectIdentifier(oidNumbers); + new ObjectIdentifier(oidNumbers); org.mozilla.jss.asn1.OCTET_STRING jssvalue = - jssext.getExtnValue(); + jssext.getExtnValue(); ByteArrayOutputStream jssvalueout = - new ByteArrayOutputStream(); + new ByteArrayOutputStream(); jssvalue.encode(jssvalueout); byte[] extValue = jssvalueout.toByteArray(); Extension ext = - new Extension(oid, isCritical, extValue); + new Extension(oid, isCritical, extValue); extensions.parseExtension(ext); } certInfo.set(X509CertInfo.VERSION, - new CertificateVersion(CertificateVersion.V3)); + new CertificateVersion(CertificateVersion.V3)); certInfo.set(X509CertInfo.EXTENSIONS, extensions); } @@ -283,7 +281,7 @@ public class CRMFProcessor extends PKIProcessor { // formulation. // -- CRMFfillCert if (authToken != null && - authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT) != null) { + authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT) != null) { // if authenticated override subect name, validity and // extensions if any from authtoken. fillCertInfoFromAuthToken(certInfo, authToken); @@ -300,31 +298,31 @@ public class CRMFProcessor extends PKIProcessor { } catch (CertificateException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR")); + CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR")); } catch (IOException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR")); + CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR")); } /* catch (InvalidBERException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1",e.toString())); - throw new ECMSGWException( - CMSGWResources.ERROR_CRMF_TO_CERTINFO); - } */ catch (InvalidKeyException e) { + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1",e.toString())); + throw new ECMSGWException( + CMSGWResources.ERROR_CRMF_TO_CERTINFO); + } */catch (InvalidKeyException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR")); + CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR")); } } public X509CertInfo[] fillCertInfoArray( - String protocolString, IAuthToken authToken, IArgBlock httpParams, IRequest req) - throws EBaseException { + String protocolString, IAuthToken authToken, IArgBlock httpParams, IRequest req) + throws EBaseException { CMS.debug("CRMFProcessor.fillCertInfoArray!"); @@ -333,10 +331,10 @@ public class CRMFProcessor extends PKIProcessor { try { byte[] crmfBlob = CMS.AtoB(crmf); ByteArrayInputStream crmfBlobIn = - new ByteArrayInputStream(crmfBlob); + new ByteArrayInputStream(crmfBlob); SEQUENCE crmfMsgs = (SEQUENCE) - new SEQUENCE.OF_Template(new CertReqMsg.Template()).decode(crmfBlobIn); + new SEQUENCE.OF_Template(new CertReqMsg.Template()).decode(crmfBlobIn); int nummsgs = crmfMsgs.size(); X509CertInfo[] certInfoArray = new X509CertInfo[nummsgs]; @@ -344,7 +342,7 @@ public class CRMFProcessor extends PKIProcessor { for (int i = 0; i < nummsgs; i++) { // decode message. CertReqMsg certReqMsg = (CertReqMsg) crmfMsgs.elementAt(i); - + CertRequest certReq = certReqMsg.getCertReq(); INTEGER certReqId = certReq.getCertReqId(); int srcId = certReqId.intValue(); @@ -360,15 +358,14 @@ public class CRMFProcessor extends PKIProcessor { return certInfoArray; } catch (IOException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR")); + CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR")); } catch (InvalidBERException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_CRMF_TO_CERTINFO_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR")); + CMS.getUserMessage("CMS_GW_CRMF_TO_CERTINFO_ERROR")); } } } - diff --git a/pki/base/common/src/com/netscape/cms/servlet/processors/IPKIProcessor.java b/pki/base/common/src/com/netscape/cms/servlet/processors/IPKIProcessor.java index d021f6537..9139f888c 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/processors/IPKIProcessor.java +++ b/pki/base/common/src/com/netscape/cms/servlet/processors/IPKIProcessor.java @@ -17,19 +17,17 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.processors; - import com.netscape.certsrv.base.EBaseException; import com.netscape.cms.servlet.common.CMSRequest; - /** * This represents the request parser. - * + * * @version $Revision$, $Date$ */ public interface IPKIProcessor { public void process(CMSRequest cmsReq) - throws EBaseException; + throws EBaseException; } diff --git a/pki/base/common/src/com/netscape/cms/servlet/processors/KeyGenProcessor.java b/pki/base/common/src/com/netscape/cms/servlet/processors/KeyGenProcessor.java index cc035033a..cfe9754a8 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/processors/KeyGenProcessor.java +++ b/pki/base/common/src/com/netscape/cms/servlet/processors/KeyGenProcessor.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.processors; - import java.io.IOException; import java.security.cert.CertificateException; @@ -37,11 +36,10 @@ import com.netscape.cms.servlet.base.CMSServlet; import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.ECMSGWException; - /** * KeyGenProcess parses Certificate request matching the * KEYGEN tag format used by Netscape Communicator 4.x - * + * * @version $Revision$, $Date$ */ public class KeyGenProcessor extends PKIProcessor { @@ -56,13 +54,13 @@ public class KeyGenProcessor extends PKIProcessor { } public void process(CMSRequest cmsReq) - throws EBaseException { + throws EBaseException { } public void fillCertInfo( - String protocolString, X509CertInfo certInfo, - IAuthToken authToken, IArgBlock httpParams) - throws EBaseException { + String protocolString, X509CertInfo certInfo, + IAuthToken authToken, IArgBlock httpParams) + throws EBaseException { CMS.debug("KeyGenProcessor: fillCertInfo"); @@ -72,7 +70,7 @@ public class KeyGenProcessor extends PKIProcessor { KeyGenInfo keyGenInfo = httpParams.getValueAsKeyGenInfo( PKIProcessor.SUBJECT_KEYGEN_INFO, null); - + // fill key X509Key key = null; @@ -80,20 +78,20 @@ public class KeyGenProcessor extends PKIProcessor { if (key == null) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_MISSING_KEY_IN_KEYGENINFO")); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_MISSING_KEY_IN_KEYGENINFO")); + CMS.getUserMessage("CMS_GW_MISSING_KEY_IN_KEYGENINFO")); } try { certInfo.set(X509CertInfo.KEY, new CertificateX509Key(key)); } catch (CertificateException e) { log(ILogger.LL_FAILURE, - "Could not set key into certInfo from keygen. Error " + e); + "Could not set key into certInfo from keygen. Error " + e); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_KEY_FROM_KEYGEN_FAILED", e.toString())); + CMS.getUserMessage("CMS_GW_SET_KEY_FROM_KEYGEN_FAILED", e.toString())); } catch (IOException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_FAILED_SET_KEY_FROM_KEYGEN_1", e.toString())); + CMS.getLogMessage("CMSGW_FAILED_SET_KEY_FROM_KEYGEN_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_KEY_FROM_KEYGEN_FAILED", e.toString())); + CMS.getUserMessage("CMS_GW_SET_KEY_FROM_KEYGEN_FAILED", e.toString())); } String authMgr = mServlet.getAuthMgr(); @@ -106,12 +104,12 @@ public class KeyGenProcessor extends PKIProcessor { if (authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT) == null) { // allow special case for agent gateway in admin enroll // and bulk issuance. - if (!authMgr.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID) && - !authMgr.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID)) { + if (!authMgr.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID) && + !authMgr.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID)) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_MISSING_SUBJECT_NAME_FROM_AUTHTOKEN")); + CMS.getLogMessage("CMSGW_MISSING_SUBJECT_NAME_FROM_AUTHTOKEN")); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_MISSING_SUBJECT_NAME_FROM_AUTHTOKEN")); + CMS.getUserMessage("CMS_GW_MISSING_SUBJECT_NAME_FROM_AUTHTOKEN")); } fillCertInfoFromForm(certInfo, httpParams); } else { diff --git a/pki/base/common/src/com/netscape/cms/servlet/processors/PKCS10Processor.java b/pki/base/common/src/com/netscape/cms/servlet/processors/PKCS10Processor.java index 53d38455f..dad4b64ab 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/processors/PKCS10Processor.java +++ b/pki/base/common/src/com/netscape/cms/servlet/processors/PKCS10Processor.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.processors; - import java.io.IOException; import java.security.cert.CertificateException; @@ -46,12 +45,11 @@ import com.netscape.cms.servlet.base.CMSServlet; import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.ECMSGWException; - /** * PKCS10Processor process Certificate Requests in * PKCS10 format, as defined here: * http://www.rsasecurity.com/rsalabs/pkcs/pkcs-10/index.html - * + * * @version $Revision$, $Date$ */ public class PKCS10Processor extends PKIProcessor { @@ -61,7 +59,7 @@ public class PKCS10Processor extends PKIProcessor { private final String USE_INTERNAL_PKCS10 = "internal"; public PKCS10Processor() { - + super(); } @@ -71,24 +69,24 @@ public class PKCS10Processor extends PKIProcessor { } public void process(CMSRequest cmsReq) - throws EBaseException { + throws EBaseException { } - public void fillCertInfo( - PKCS10 pkcs10, X509CertInfo certInfo, - IAuthToken authToken, IArgBlock httpParams) - throws EBaseException { + public void fillCertInfo( + PKCS10 pkcs10, X509CertInfo certInfo, + IAuthToken authToken, IArgBlock httpParams) + throws EBaseException { mPkcs10 = pkcs10; - - fillCertInfo(USE_INTERNAL_PKCS10, certInfo, authToken, httpParams); + + fillCertInfo(USE_INTERNAL_PKCS10, certInfo, authToken, httpParams); } public void fillCertInfo( - String protocolString, X509CertInfo certInfo, - IAuthToken authToken, IArgBlock httpParams) - throws EBaseException { + String protocolString, X509CertInfo certInfo, + IAuthToken authToken, IArgBlock httpParams) + throws EBaseException { PKCS10 p10 = null; @@ -99,8 +97,8 @@ public class PKCS10Processor extends PKIProcessor { } else if (protocolString.equals(USE_INTERNAL_PKCS10)) { p10 = mPkcs10; } else { - CMS.debug( "PKCS10Processor::fillCertInfo() - p10 is null!" ); - throw new EBaseException( "p10 is null" ); + CMS.debug("PKCS10Processor::fillCertInfo() - p10 is null!"); + throw new EBaseException("p10 is null"); } if (mServlet == null) { @@ -123,7 +121,7 @@ public class PKCS10Processor extends PKIProcessor { certInfo.set(X509CertInfo.KEY, certKey); } catch (CertificateException e) { EBaseException ex = new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_KEY_FROM_P10_FAILED", e.toString())); + CMS.getUserMessage("CMS_GW_SET_KEY_FROM_P10_FAILED", e.toString())); log(ILogger.LL_FAILURE, ex.toString()); throw ex; @@ -140,31 +138,31 @@ public class PKCS10Processor extends PKIProcessor { if (subject != null) { try { certInfo.set(X509CertInfo.SUBJECT, - new CertificateSubjectName(subject)); + new CertificateSubjectName(subject)); log(ILogger.LL_INFO, - "Setting subject name " + subject + " from p10."); + "Setting subject name " + subject + " from p10."); } catch (CertificateException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_FAILED_SET_SUBJECT_FROM_P10", e.toString())); + CMS.getLogMessage("CMSGW_FAILED_SET_SUBJECT_FROM_P10", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_SUBJECT_FROM_P10_FAILED", e.toString())); + CMS.getUserMessage("CMS_GW_SET_SUBJECT_FROM_P10_FAILED", e.toString())); } catch (IOException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_FAILED_SET_SUBJECT_FROM_P10", e.toString())); + CMS.getLogMessage("CMSGW_FAILED_SET_SUBJECT_FROM_P10", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_SUBJECT_FROM_P10_FAILED", e.toString())); + CMS.getUserMessage("CMS_GW_SET_SUBJECT_FROM_P10_FAILED", e.toString())); } catch (Exception e) { // if anything bad happens in X500 name parsing, // this will catch it. log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_FAILED_SET_SUBJECT_FROM_P10", e.toString())); + CMS.getLogMessage("CMSGW_FAILED_SET_SUBJECT_FROM_P10", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_SUBJECT_FROM_P10_FAILED", e.toString())); + CMS.getUserMessage("CMS_GW_SET_SUBJECT_FROM_P10_FAILED", e.toString())); } } else if (authToken == null || - authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT) == null) { + authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT) == null) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_MISSING_SUBJECT_IN_P10")); + CMS.getLogMessage("CMSGW_MISSING_SUBJECT_IN_P10")); throw new ECMSGWException(CMS.getUserMessage("CMS_GW_MISSING_SUBJECT_IN_P10")); } @@ -177,12 +175,12 @@ public class PKCS10Processor extends PKIProcessor { if (p10Attrs != null) { PKCS10Attribute p10Attr = (PKCS10Attribute) - (p10Attrs.getAttribute(CertificateExtensions.NAME)); + (p10Attrs.getAttribute(CertificateExtensions.NAME)); if (p10Attr != null && p10Attr.getAttributeId().equals( PKCS9Attribute.EXTENSION_REQUEST_OID)) { Extensions exts0 = (Extensions) - (p10Attr.getAttributeValue()); + (p10Attr.getAttributeValue()); DerOutputStream extOut = new DerOutputStream(); exts0.encode(extOut); @@ -196,23 +194,23 @@ public class PKCS10Processor extends PKIProcessor { } } CMS.debug( - "PKCS10Processor: Seted cert extensions from pkcs10. "); + "PKCS10Processor: Seted cert extensions from pkcs10. "); } catch (IOException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_FAILED_SET_EXTENSIONS_FROM_P10", e.toString())); + CMS.getLogMessage("CMSGW_FAILED_SET_EXTENSIONS_FROM_P10", e.toString())); throw new ECMSGWException( CMS.getUserMessage("CMS_GW_SET_KEY_FROM_P10_FAILED", e.toString())); } catch (CertificateException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_FAILED_SET_EXTENSIONS_FROM_P10", e.toString())); + CMS.getLogMessage("CMSGW_FAILED_SET_EXTENSIONS_FROM_P10", e.toString())); throw new ECMSGWException( CMS.getUserMessage("CMS_GW_SET_KEY_FROM_P10_FAILED", e.toString())); } catch (Exception e) { // if anything bad happens in extensions parsing, // this will catch it. log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_FAILED_SET_EXTENSIONS_FROM_P10", e.toString())); + CMS.getLogMessage("CMSGW_FAILED_SET_EXTENSIONS_FROM_P10", e.toString())); throw new ECMSGWException( CMS.getUserMessage("CMS_GW_SET_KEY_FROM_P10_FAILED", e.toString())); } @@ -223,8 +221,8 @@ public class PKCS10Processor extends PKIProcessor { String authMgr = mServlet.getAuthMgr(); if (authToken != null && - authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT) != null && - !(authMgr.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID))) { + authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT) != null && + !(authMgr.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID))) { fillCertInfoFromAuthToken(certInfo, authToken); } @@ -233,12 +231,12 @@ public class PKCS10Processor extends PKIProcessor { // from the http parameters. if (mServletId.equals(PKIProcessor.ADMIN_ENROLL_SERVLET_ID)) { fillValidityFromForm(certInfo, httpParams); - } - + } + } private PKCS10 getPKCS10(IArgBlock httpParams) - throws EBaseException { + throws EBaseException { PKCS10 pkcs10 = null; @@ -277,7 +275,7 @@ public class PKCS10Processor extends PKIProcessor { try { // coming from server cut & paste blob. pkcs10 = httpParams.getValueAsPKCS10(PKIProcessor.PKCS10_REQUEST, false, null); - }catch (Exception ex) { + } catch (Exception ex) { ex.printStackTrace(); } } @@ -286,4 +284,4 @@ public class PKCS10Processor extends PKIProcessor { } -} +} diff --git a/pki/base/common/src/com/netscape/cms/servlet/processors/PKIProcessor.java b/pki/base/common/src/com/netscape/cms/servlet/processors/PKIProcessor.java index 625808d79..df7b0c3d1 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/processors/PKIProcessor.java +++ b/pki/base/common/src/com/netscape/cms/servlet/processors/PKIProcessor.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.processors; - import java.io.IOException; import java.security.cert.CertificateException; import java.util.Date; @@ -42,10 +41,9 @@ import com.netscape.cms.servlet.base.CMSServlet; import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.ECMSGWException; - /** * Process Certificate Requests - * + * * @version $Revision$, $Date$ */ public class PKIProcessor implements IPKIProcessor { @@ -57,7 +55,7 @@ public class PKIProcessor implements IPKIProcessor { public static final String PKCS10_REQUEST = "pkcs10Request"; public static final String SUBJECT_KEYGEN_INFO = "subjectKeyGenInfo"; - protected CMSRequest mRequest = null; + protected CMSRequest mRequest = null; protected HttpServletRequest httpReq = null; protected String mServletId = null; @@ -84,18 +82,18 @@ public class PKIProcessor implements IPKIProcessor { } public void process(CMSRequest cmsReq) - throws EBaseException { + throws EBaseException { } protected void fillCertInfo( - String protocolString, X509CertInfo certInfo, - IAuthToken authToken, IArgBlock httpParams) - throws EBaseException { + String protocolString, X509CertInfo certInfo, + IAuthToken authToken, IArgBlock httpParams) + throws EBaseException { } protected X509CertInfo[] fillCertInfoArray( - String protocolString, IAuthToken authToken, IArgBlock httpParams, IRequest req) - throws EBaseException { + String protocolString, IAuthToken authToken, IArgBlock httpParams, IRequest req) + throws EBaseException { return null; } @@ -106,8 +104,8 @@ public class PKIProcessor implements IPKIProcessor { * requests not authenticated will need to be approved by an agent. */ public static void fillCertInfoFromAuthToken( - X509CertInfo certInfo, IAuthToken authToken) - throws EBaseException { + X509CertInfo certInfo, IAuthToken authToken) + throws EBaseException { // override subject, validity and extensions from auth token // CA determines algorithm, version and issuer. // take key from keygen, cmc, pkcs10 or crmf. @@ -116,60 +114,60 @@ public class PKIProcessor implements IPKIProcessor { // subject name. try { String subjectname = - authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT); + authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT); if (subjectname != null) { CertificateSubjectName certSubject = (CertificateSubjectName) - new CertificateSubjectName(new X500Name(subjectname)); + new CertificateSubjectName(new X500Name(subjectname)); certInfo.set(X509CertInfo.SUBJECT, certSubject); log(ILogger.LL_INFO, - "cert subject set to " + certSubject + " from authtoken"); + "cert subject set to " + certSubject + " from authtoken"); } } catch (CertificateException e) { log(ILogger.LL_WARN, - CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1", - e.toString())); + CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1", + e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR")); + CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR")); } catch (IOException e) { log(ILogger.LL_WARN, - CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME", - e.toString())); + CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME", + e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR")); + CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR")); } // validity try { CertificateValidity validity = null; Date notBefore = - authToken.getInDate(AuthToken.TOKEN_CERT_NOTBEFORE); + authToken.getInDate(AuthToken.TOKEN_CERT_NOTBEFORE); Date notAfter = - authToken.getInDate(AuthToken.TOKEN_CERT_NOTAFTER); + authToken.getInDate(AuthToken.TOKEN_CERT_NOTAFTER); if (notBefore != null && notAfter != null) { validity = new CertificateValidity(notBefore, notAfter); certInfo.set(X509CertInfo.VALIDITY, validity); log(ILogger.LL_INFO, - "cert validity set to " + validity + " from authtoken"); + "cert validity set to " + validity + " from authtoken"); } } catch (CertificateException e) { log(ILogger.LL_WARN, - CMS.getLogMessage("CMSGW_ERROR_SET_VALIDITY_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_SET_VALIDITY_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_VALIDITY_ERROR")); + CMS.getUserMessage("CMS_GW_SET_VALIDITY_ERROR")); } catch (IOException e) { log(ILogger.LL_WARN, - CMS.getLogMessage("CMSGW_ERROR_SET_VALIDITY_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_SET_VALIDITY_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_VALIDITY_ERROR")); + CMS.getUserMessage("CMS_GW_SET_VALIDITY_ERROR")); } // extensions try { CertificateExtensions extensions = - authToken.getInCertExts(X509CertInfo.EXTENSIONS); + authToken.getInCertExts(X509CertInfo.EXTENSIONS); if (extensions != null) { certInfo.set(X509CertInfo.EXTENSIONS, extensions); @@ -177,14 +175,14 @@ public class PKIProcessor implements IPKIProcessor { } } catch (CertificateException e) { log(ILogger.LL_WARN, - CMS.getLogMessage("CMSGW_ERROR_SET_EXTENSIONS_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_SET_EXTENSIONS_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_EXTENSIONS_ERROR")); + CMS.getUserMessage("CMS_GW_SET_EXTENSIONS_ERROR")); } catch (IOException e) { log(ILogger.LL_WARN, - CMS.getLogMessage("CMSGW_ERROR_SET_EXTENSIONS_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_SET_EXTENSIONS_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_EXTENSIONS_ERROR")); + CMS.getUserMessage("CMS_GW_SET_EXTENSIONS_ERROR")); } } @@ -195,8 +193,8 @@ public class PKIProcessor implements IPKIProcessor { * all be seen by and agent. */ public static void fillCertInfoFromForm( - X509CertInfo certInfo, IArgBlock httpParams) - throws EBaseException { + X509CertInfo certInfo, IArgBlock httpParams) + throws EBaseException { CMS.debug("PKIProcessor: fillCertInfoFromForm"); // subject name. @@ -205,41 +203,41 @@ public class PKIProcessor implements IPKIProcessor { if (subject == null) { throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_MISSING_SUBJECT_FROM_FORM")); + CMS.getUserMessage("CMS_GW_MISSING_SUBJECT_FROM_FORM")); } X500Name x500name = new X500Name(subject); certInfo.set( - X509CertInfo.SUBJECT, new CertificateSubjectName(x500name)); + X509CertInfo.SUBJECT, new CertificateSubjectName(x500name)); fillValidityFromForm(certInfo, httpParams); } catch (CertificateException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR")); + CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR")); } catch (IOException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR")); + CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR")); } catch (IllegalArgumentException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1", e.toString())); log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_REQ_ILLEGAL_CHARACTERS")); + CMS.getLogMessage("CMSGW_REQ_ILLEGAL_CHARACTERS")); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_CONVERT_DN_TO_X500NAME_ERROR")); + CMS.getUserMessage("CMS_GW_CONVERT_DN_TO_X500NAME_ERROR")); } // requested extensions. // let polcies form extensions from http input. } - public static void fillValidityFromForm( - X509CertInfo certInfo, IArgBlock httpParams) - throws EBaseException { + public static void fillValidityFromForm( + X509CertInfo certInfo, IArgBlock httpParams) + throws EBaseException { CMS.debug("PKIProcessor: fillValidityFromForm!"); try { String notValidBeforeStr = httpParams.getValueAsString("notValidBefore", null); @@ -267,43 +265,43 @@ public class PKIProcessor implements IPKIProcessor { validity = new CertificateValidity(notBefore, notAfter); certInfo.set(X509CertInfo.VALIDITY, validity); log(ILogger.LL_INFO, - "cert validity set to " + validity + " from authtoken"); + "cert validity set to " + validity + " from authtoken"); } } } } catch (CertificateException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR")); + CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR")); } catch (IOException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1", e.toString())); + CMS.getLogMessage("CMSGW_ERROR_SET_SUBJECT_NAME_1", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR")); + CMS.getUserMessage("CMS_GW_SET_SUBJECT_NAME_ERROR")); } } /** * log according to authority category. */ - public static void log(int event, int level, String msg) { + public static void log(int event, int level, String msg) { CMS.getLogger().log(event, ILogger.S_OTHER, level, - "PKIProcessor " + ": " + msg); + "PKIProcessor " + ": " + msg); } public static void log(int level, String msg) { CMS.getLogger().log(ILogger.EV_SYSTEM, ILogger.S_OTHER, level, - "PKIProcessor " + ": " + msg); + "PKIProcessor " + ": " + msg); } /** * Signed Audit Log - * + * * This method is inherited by all extended "CMSServlet"s, * and is called to store messages to the signed audit log. * <P> - * + * * @param msg signed audit log message */ protected void audit(String msg) { @@ -315,20 +313,20 @@ public class PKIProcessor implements IPKIProcessor { } mSignedAuditLogger.log(ILogger.EV_SIGNED_AUDIT, - null, - ILogger.S_SIGNED_AUDIT, - ILogger.LL_SECURITY, - msg); + null, + ILogger.S_SIGNED_AUDIT, + ILogger.LL_SECURITY, + msg); } /** * Signed Audit Log Subject ID - * + * * This method is inherited by all extended "CMSServlet"s, * and is called to obtain the "SubjectID" for * a signed audit log message. * <P> - * + * * @return id string containing the signed audit log message SubjectID */ protected String auditSubjectID() { @@ -358,4 +356,3 @@ public class PKIProcessor implements IPKIProcessor { return subjectID; } } - |