diff options
Diffstat (limited to 'pki/base/java-tools/src/com/netscape/cmstools/CMCRequest.java')
| -rw-r--r-- | pki/base/java-tools/src/com/netscape/cmstools/CMCRequest.java | 391 |
1 files changed, 195 insertions, 196 deletions
diff --git a/pki/base/java-tools/src/com/netscape/cmstools/CMCRequest.java b/pki/base/java-tools/src/com/netscape/cmstools/CMCRequest.java index e7a23a85a..bb046f5a7 100644 --- a/pki/base/java-tools/src/com/netscape/cmstools/CMCRequest.java +++ b/pki/base/java-tools/src/com/netscape/cmstools/CMCRequest.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmstools; - import java.io.BufferedInputStream; import java.io.BufferedReader; import java.io.ByteArrayInputStream; @@ -85,31 +84,31 @@ import org.mozilla.jss.util.Password; import com.netscape.cmsutil.util.HMACDigest; - /** * Tool for creating CMC full request * * <P> + * * @version $Revision$, $Date$ - * + * */ public class CMCRequest { public static final String PR_REQUEST_CMC = "CMC"; public static final String PR_REQUEST_CRMF = "CRMF"; - public static final int ARGC = 1; + public static final int ARGC = 1; private static final String CERTDB = "cert8.db"; private static final String KEYDB = "key3.db"; public static final String HEADER = "-----BEGIN NEW CERTIFICATE REQUEST-----"; public static final String TRAILER = "-----END NEW CERTIFICATE REQUEST-----"; - - void cleanArgs(String[] s) { - + + void cleanArgs(String[] s) { + } public static X509Certificate getCertificate(String tokenname, - String nickname) throws Exception { + String nickname) throws Exception { CryptoManager manager = CryptoManager.getInstance(); CryptoToken token = null; @@ -133,28 +132,28 @@ public class CMCRequest { } public static java.security.PrivateKey getPrivateKey(String tokenname, String nickname) - throws Exception { + throws Exception { X509Certificate cert = getCertificate(tokenname, nickname); return CryptoManager.getInstance().findPrivKeyByCert(cert); } - /** * getCMCBlob create and return the enrollent request. * <P> + * * @param signerCert the certificate of the authorized signer of the CMC revocation request. * @param nickname the nickname of the certificate inside the token. * @param rValue CRMF/PKCS10 request. - * @param format either crmf or pkcs10 + * @param format either crmf or pkcs10 * @return the CMC enrollment request encoded in base64 */ - static ContentInfo getCMCBlob(X509Certificate signerCert, String nickname, - String[] rValue, String format, CryptoManager manager, String transactionMgtEnable, - String transactionMgtId, String identityProofEnable, String identityProofSharedSecret, - SEQUENCE controlSeq, SEQUENCE otherMsgSeq, int bpid) { - + static ContentInfo getCMCBlob(X509Certificate signerCert, String nickname, + String[] rValue, String format, CryptoManager manager, String transactionMgtEnable, + String transactionMgtId, String identityProofEnable, String identityProofSharedSecret, + SEQUENCE controlSeq, SEQUENCE otherMsgSeq, int bpid) { + String tokenname = "internal"; ContentInfo fullEnrollmentReq = null; @@ -167,59 +166,59 @@ public class CMCRequest { X509CertImpl impl = new X509CertImpl(certB); X500Name issuerName = (X500Name) impl.getIssuerDN(); byte[] issuerByte = issuerName.getEncoded(); - ByteArrayInputStream istream = new ByteArrayInputStream(issuerByte); - + ByteArrayInputStream istream = new ByteArrayInputStream(issuerByte); + Name issuer = (Name) Name.getTemplate().decode(istream); IssuerAndSerialNumber ias = new IssuerAndSerialNumber( - issuer, new INTEGER(serialno.toString())); + issuer, new INTEGER(serialno.toString())); - si = new SignerIdentifier( - SignerIdentifier.ISSUER_AND_SERIALNUMBER, ias, null); + si = new SignerIdentifier( + SignerIdentifier.ISSUER_AND_SERIALNUMBER, ias, null); privKey = getPrivateKey(tokenname, nickname); TaggedRequest trq = null; PKCS10 pkcs = null; CertReqMsg certReqMsg = null; - + // create CMC req SEQUENCE reqSequence = new SEQUENCE(); try { - for (int k=0; k<rValue.length; k++) { - String asciiBASE64Blob = rValue[k]; + for (int k = 0; k < rValue.length; k++) { + String asciiBASE64Blob = rValue[k]; byte[] decodedBytes = com.netscape.osutil.OSUtil.AtoB(asciiBASE64Blob); - + if (format.equals("crmf")) { - ByteArrayInputStream reqBlob = - new ByteArrayInputStream(decodedBytes); + ByteArrayInputStream reqBlob = + new ByteArrayInputStream(decodedBytes); SEQUENCE crmfMsgs = null; - try { - crmfMsgs = (SEQUENCE)new SEQUENCE.OF_Template(new - CertReqMsg.Template()).decode(reqBlob); + try { + crmfMsgs = (SEQUENCE) new SEQUENCE.OF_Template(new + CertReqMsg.Template()).decode(reqBlob); } catch (InvalidBERException ee) { System.out.println("This is not a crmf request. Or this request has an error."); System.exit(1); } int nummsgs = crmfMsgs.size(); - certReqMsg = (CertReqMsg)crmfMsgs.elementAt(0); + certReqMsg = (CertReqMsg) crmfMsgs.elementAt(0); trq = new TaggedRequest(TaggedRequest.CRMF, null, - certReqMsg); + certReqMsg); } else if (format.equals("pkcs10")) { try { pkcs = new PKCS10(decodedBytes); } catch (IllegalArgumentException e) { System.out.println("This is not a PKCS10 request."); System.exit(1); - } + } ByteArrayInputStream crInputStream = new ByteArrayInputStream( - pkcs.toByteArray()); + pkcs.toByteArray()); CertificationRequest cr = (CertificationRequest) - CertificationRequest.getTemplate().decode(crInputStream); + CertificationRequest.getTemplate().decode(crInputStream); TaggedCertificationRequest tcr = new TaggedCertificationRequest( - new INTEGER(bpid++), cr); + new INTEGER(bpid++), cr); trq = new - TaggedRequest(TaggedRequest.PKCS10, tcr, null); + TaggedRequest(TaggedRequest.PKCS10, tcr, null); } else { - System.out.println("Unrecognized request format: "+format); + System.out.println("Unrecognized request format: " + format); System.exit(1); } reqSequence.addElement(trq); @@ -231,19 +230,19 @@ public class CMCRequest { } catch (NoSuchAlgorithmException e) { throw new IOException("Internal Error - " + e.toString()); } - + if (transactionMgtEnable.equals("true")) - bpid = addTransactionAttr(bpid, controlSeq, transactionMgtId, format, - pkcs, certReqMsg); + bpid = addTransactionAttr(bpid, controlSeq, transactionMgtId, format, + pkcs, certReqMsg); if (identityProofEnable.equals("true")) - bpid = addIdentityProofAttr(bpid, controlSeq, reqSequence, - identityProofSharedSecret); + bpid = addIdentityProofAttr(bpid, controlSeq, reqSequence, + identityProofSharedSecret); PKIData pkidata = new PKIData(controlSeq, reqSequence, new SEQUENCE(), otherMsgSeq); - + EncapsulatedContentInfo ci = new - EncapsulatedContentInfo(OBJECT_IDENTIFIER.id_cct_PKIData, pkidata); + EncapsulatedContentInfo(OBJECT_IDENTIFIER.id_cct_PKIData, pkidata); // SHA1 is the default digest Alg for now. DigestAlgorithm digestAlg = null; SignatureAlgorithm signAlg = SignatureAlgorithm.RSASignatureWithSHA1Digest; @@ -253,11 +252,11 @@ public class CMCRequest { signAlg = SignatureAlgorithm.DSASignatureWithSHA1Digest; MessageDigest SHADigest = null; - byte[] digest = null; + byte[] digest = null; try { SHADigest = MessageDigest.getInstance("SHA1"); digestAlg = DigestAlgorithm.SHA1; - + ByteArrayOutputStream ostream = new ByteArrayOutputStream(); pkidata.encode((OutputStream) ostream); @@ -265,18 +264,18 @@ public class CMCRequest { } catch (NoSuchAlgorithmException e) { } SignerInfo signInfo = new - SignerInfo(si, null, null, OBJECT_IDENTIFIER.id_cct_PKIData, digest, signAlg, - (org.mozilla.jss.crypto.PrivateKey) privKey); + SignerInfo(si, null, null, OBJECT_IDENTIFIER.id_cct_PKIData, digest, signAlg, + (org.mozilla.jss.crypto.PrivateKey) privKey); SET signInfos = new SET(); signInfos.addElement(signInfo); - + SET digestAlgs = new SET(); if (digestAlg != null) { AlgorithmIdentifier ai = new AlgorithmIdentifier(digestAlg.toOID(), null); digestAlgs.addElement(ai); } - + org.mozilla.jss.crypto.X509Certificate[] agentChain = manager.buildCertificateChain(signerCert); SET certs = new SET(); @@ -288,7 +287,7 @@ public class CMCRequest { fullEnrollmentReq = new ContentInfo(req); ByteArrayOutputStream bs = new ByteArrayOutputStream(); PrintStream ps = new PrintStream(bs); - + if (fullEnrollmentReq != null) { ByteArrayOutputStream os = new ByteArrayOutputStream(); @@ -300,7 +299,7 @@ public class CMCRequest { System.out.println(""); System.out.println("The CMC enrollment request in base-64 encoded format:"); System.out.println(""); - System.out.println(asciiBASE64Blob); + System.out.println(asciiBASE64Blob); } catch (Exception e) { e.printStackTrace(); System.exit(1); @@ -400,7 +399,7 @@ public class CMCRequest { System.out.println("revRequest.serial=61"); System.out.println(""); System.out.println("#revRequest.reason: The reason for revoking this certificate: "); - System.out.println("# unspecified, keyCompromise, caCompromise,"); + System.out.println("# unspecified, keyCompromise, caCompromise,"); System.out.println("# affiliationChanged, superseded, cessationOfOperation,"); System.out.println("# certificateHold, removeFromCRL"); System.out.println("revRequest.reason=unspecified"); @@ -443,22 +442,22 @@ public class CMCRequest { private static int addLraPopWitnessAttr(int bpid, SEQUENCE seq, String bodyPartIDs) { StringTokenizer tokenizer = new StringTokenizer(bodyPartIDs, " "); - SEQUENCE bodyList = new SEQUENCE(); + SEQUENCE bodyList = new SEQUENCE(); while (tokenizer.hasMoreTokens()) { - String s = (String)tokenizer.nextToken(); + String s = (String) tokenizer.nextToken(); bodyList.addElement(new INTEGER(s)); } LraPopWitness lra = new LraPopWitness(new INTEGER(0), bodyList); TaggedAttribute cont = new TaggedAttribute(new - INTEGER(bpid++), OBJECT_IDENTIFIER.id_cmc_lraPOPWitness, lra); - System.out.println("Successfully create LRA POP witness control. bpid = "+(bpid-1)); - System.out.println(""); + INTEGER(bpid++), OBJECT_IDENTIFIER.id_cmc_lraPOPWitness, lra); + System.out.println("Successfully create LRA POP witness control. bpid = " + (bpid - 1)); + System.out.println(""); seq.addElement(cont); return bpid; } - private static int addConfirmCertAttr(int bpid, SEQUENCE seq, String confirmCertIssuer, - String confirmCertSerial) { + private static int addConfirmCertAttr(int bpid, SEQUENCE seq, String confirmCertIssuer, + String confirmCertSerial) { try { INTEGER serial = new INTEGER(confirmCertSerial); X500Name issuername = new X500Name(confirmCertIssuer); @@ -466,10 +465,10 @@ public class CMCRequest { ANY issuern = new ANY(issuerbyte); CMCCertId cmcCertId = new CMCCertId(issuern, serial, null); TaggedAttribute cmcCertIdControl = new TaggedAttribute(new - INTEGER(bpid++), - OBJECT_IDENTIFIER.id_cmc_idConfirmCertAcceptance, cmcCertId); - System.out.println("Successfully create confirm certificate acceptance control. bpid = "+(bpid-1)); - System.out.println(""); + INTEGER(bpid++), + OBJECT_IDENTIFIER.id_cmc_idConfirmCertAcceptance, cmcCertId); + System.out.println("Successfully create confirm certificate acceptance control. bpid = " + (bpid - 1)); + System.out.println(""); seq.addElement(cmcCertIdControl); } catch (Exception e) { System.out.println("Error in creating confirm certificate acceptance control. Check the parameters."); @@ -501,10 +500,10 @@ public class CMCRequest { System.exit(1); return RevRequest.unspecified; - } + } - private static int addIdentityProofAttr(int bpid, SEQUENCE seq, SEQUENCE reqSequence, - String sharedSecret) { + private static int addIdentityProofAttr(int bpid, SEQUENCE seq, SEQUENCE reqSequence, + String sharedSecret) { byte[] b = ASN1Util.encode(reqSequence); byte[] key = null; byte[] finalDigest = null; @@ -512,8 +511,8 @@ public class CMCRequest { MessageDigest SHA1Digest = MessageDigest.getInstance("SHA1"); key = SHA1Digest.digest(sharedSecret.getBytes()); } catch (NoSuchAlgorithmException ex) { - System.out.println( "CMCRequest::addIdentityProofAttr() - " - + "No such algorithm!" ); + System.out.println("CMCRequest::addIdentityProofAttr() - " + + "No such algorithm!"); return -1; } @@ -526,29 +525,29 @@ public class CMCRequest { } TaggedAttribute identityProof = new TaggedAttribute(new - INTEGER(bpid++), OBJECT_IDENTIFIER.id_cmc_identityProof, - new OCTET_STRING(finalDigest)); + INTEGER(bpid++), OBJECT_IDENTIFIER.id_cmc_identityProof, + new OCTET_STRING(finalDigest)); seq.addElement(identityProof); System.out.println("Identity Proof control: "); System.out.print(" Value: "); - for (int i=0; i<finalDigest.length; i++) { - System.out.print(finalDigest[i]+" "); - } + for (int i = 0; i < finalDigest.length; i++) { + System.out.print(finalDigest[i] + " "); + } System.out.println(""); - System.out.println("Successfully create identityProof control. bpid = "+(bpid-1)); + System.out.println("Successfully create identityProof control. bpid = " + (bpid - 1)); System.out.println(""); - return bpid; + return bpid; } - private static int addRevRequestAttr(int bpid, SEQUENCE seq, SEQUENCE otherMsgSeq, String nickname, - String revRequestIssuer, String revRequestSerial, String revRequestReason, - String revRequestSharedSecret, String revRequestComment, String invalidityDatePresent, - CryptoManager manager) { - try { + private static int addRevRequestAttr(int bpid, SEQUENCE seq, SEQUENCE otherMsgSeq, String nickname, + String revRequestIssuer, String revRequestSerial, String revRequestReason, + String revRequestSharedSecret, String revRequestComment, String invalidityDatePresent, + CryptoManager manager) { + try { if (nickname.length() <= 0) { System.out.println("The nickname for the certificate being revoked is null"); System.exit(1); - } + } String nickname1 = nickname; UTF8String comment = null; OCTET_STRING sharedSecret = null; @@ -558,27 +557,27 @@ public class CMCRequest { ENUMERATED reason = toCRLReason(revRequestReason); if (revRequestSharedSecret.length() > 0) sharedSecret = new OCTET_STRING(revRequestSharedSecret.getBytes()); - if (revRequestComment.length() > 0) + if (revRequestComment.length() > 0) comment = new UTF8String(revRequestComment); if (invalidityDatePresent.equals("true")) d = new GeneralizedTime(new Date()); RevRequest revRequest = - new RevRequest(new ANY(subjectname.getEncoded()), snumber, - reason, d, sharedSecret, comment); + new RevRequest(new ANY(subjectname.getEncoded()), snumber, + reason, d, sharedSecret, comment); int revokeBpid = bpid; TaggedAttribute revRequestControl = new TaggedAttribute( - new INTEGER(bpid++), - OBJECT_IDENTIFIER.id_cmc_revokeRequest, revRequest); + new INTEGER(bpid++), + OBJECT_IDENTIFIER.id_cmc_revokeRequest, revRequest); seq.addElement(revRequestControl); if (sharedSecret != null) { - System.out.println("Successfully create revRequest control. bpid = "+(bpid-1)); + System.out.println("Successfully create revRequest control. bpid = " + (bpid - 1)); System.out.println(""); - return bpid; + return bpid; } EncapsulatedContentInfo revokeContent = new EncapsulatedContentInfo( - OBJECT_IDENTIFIER.id_cct_PKIData, revRequestControl); + OBJECT_IDENTIFIER.id_cct_PKIData, revRequestControl); DigestAlgorithm digestAlg1 = null; SignatureAlgorithm signAlg1 = SignatureAlgorithm.RSASignatureWithSHA1Digest; java.security.PrivateKey revokePrivKey = null; @@ -586,12 +585,12 @@ public class CMCRequest { try { revokeCert = manager.findCertByNickname(nickname1); } catch (ObjectNotFoundException e) { - System.out.println("Certificate not found: "+nickname1); + System.out.println("Certificate not found: " + nickname1); System.exit(1); } revokePrivKey = manager.findPrivKeyByCert(revokeCert); org.mozilla.jss.crypto.PrivateKey.Type signingKeyType1 = - ((org.mozilla.jss.crypto.PrivateKey) revokePrivKey).getType(); + ((org.mozilla.jss.crypto.PrivateKey) revokePrivKey).getType(); if (signingKeyType1.equals(org.mozilla.jss.crypto.PrivateKey.Type.DSA)) signAlg1 = SignatureAlgorithm.DSASignatureWithSHA1Digest; @@ -609,15 +608,15 @@ public class CMCRequest { } ByteArrayInputStream bistream = - new ByteArrayInputStream(subjectname.getEncoded()); - Name iname = (Name)Name.getTemplate().decode(bistream); + new ByteArrayInputStream(subjectname.getEncoded()); + Name iname = (Name) Name.getTemplate().decode(bistream); IssuerAndSerialNumber ias1 = new IssuerAndSerialNumber(iname, snumber); SignerIdentifier rsi = new SignerIdentifier( - SignerIdentifier.ISSUER_AND_SERIALNUMBER, ias1, null); + SignerIdentifier.ISSUER_AND_SERIALNUMBER, ias1, null); SignerInfo signInfo1 = new SignerInfo(rsi, null, null, - OBJECT_IDENTIFIER.id_cct_PKIData, rdigest, signAlg1, + OBJECT_IDENTIFIER.id_cct_PKIData, rdigest, signAlg1, (org.mozilla.jss.crypto.PrivateKey) revokePrivKey); SET signInfos1 = new SET(); @@ -629,29 +628,29 @@ public class CMCRequest { } org.mozilla.jss.crypto.X509Certificate[] revokeCertChain = - manager.buildCertificateChain(revokeCert); + manager.buildCertificateChain(revokeCert); SET certs1 = new SET(); - for (int i=0; i<revokeCertChain.length; i++) { + for (int i = 0; i < revokeCertChain.length; i++) { ANY cert1 = new ANY(revokeCertChain[i].getEncoded()); certs1.addElement(cert1); } - SignedData sData = new SignedData(digestAlgs1, revokeContent, certs1, null, signInfos1); + SignedData sData = new SignedData(digestAlgs1, revokeContent, certs1, null, signInfos1); OBJECT_IDENTIFIER signedDataOID = new OBJECT_IDENTIFIER("1.2.840.113549.1.7.2"); ByteArrayOutputStream bos1 = new ByteArrayOutputStream(); sData.encode(bos1); OtherMsg otherMsg = new OtherMsg(new INTEGER(revokeBpid), signedDataOID, new ANY(bos1.toByteArray())); otherMsgSeq.addElement(otherMsg); - System.out.println("Successfully create revRequest control. bpid = "+(bpid-1)); + System.out.println("Successfully create revRequest control. bpid = " + (bpid - 1)); System.out.println(""); } catch (Exception e) { System.out.println("Error in creating revRequest control. Check the parameters."); System.exit(1); } - + return bpid; } - + private static int addGetCertAttr(int bpid, SEQUENCE seq, String issuer, String serial) { try { INTEGER serialno = new INTEGER(serial); @@ -660,16 +659,16 @@ public class CMCRequest { ANY issuern = new ANY(issuerbyte); GetCert getCert = new GetCert(issuern, serialno); TaggedAttribute getCertControl = new TaggedAttribute(new - INTEGER(bpid++), - OBJECT_IDENTIFIER.id_cmc_getCert, getCert); - System.out.println("Successfully create get certificate control. bpid = "+(bpid-1)); + INTEGER(bpid++), + OBJECT_IDENTIFIER.id_cmc_getCert, getCert); + System.out.println("Successfully create get certificate control. bpid = " + (bpid - 1)); System.out.println(""); seq.addElement(getCertControl); } catch (Exception e) { System.out.println("Error in creating get certificate control. Check the parameters."); System.exit(1); } - + return bpid; } @@ -678,15 +677,15 @@ public class CMCRequest { byte bvalue[] = str.getBytes(); System.out.println("Data Return Control: "); String ss = " Value: "; - for (int m=0; m<bvalue.length; m++) { - ss = ss+bvalue[m]+" "; + for (int m = 0; m < bvalue.length; m++) { + ss = ss + bvalue[m] + " "; } System.out.println(ss); OCTET_STRING s = new OCTET_STRING(bvalue); TaggedAttribute dataReturnControl = new TaggedAttribute(new - INTEGER(bpid++), OBJECT_IDENTIFIER.id_cmc_dataReturn, s); + INTEGER(bpid++), OBJECT_IDENTIFIER.id_cmc_dataReturn, s); seq.addElement(dataReturnControl); - System.out.println("Successfully create data return control. bpid = "+(bpid-1)); + System.out.println("Successfully create data return control. bpid = " + (bpid - 1)); System.out.println(""); } catch (Exception e) { System.out.println("Error in creating data return control. Check the parameters."); @@ -696,8 +695,8 @@ public class CMCRequest { return bpid; } - private static int addTransactionAttr(int bpid, SEQUENCE seq, String id, String format, - PKCS10 pkcs, CertReqMsg certReqMsg) { + private static int addTransactionAttr(int bpid, SEQUENCE seq, String id, String format, + PKCS10 pkcs, CertReqMsg certReqMsg) { byte[] transId = null; Date date = new Date(); String salt = "lala123" + date.toString(); @@ -718,21 +717,21 @@ public class CMCRequest { transId = salt.getBytes(); } } else { - transId = id.getBytes(); + transId = id.getBytes(); } - if( transId == null ) { - System.out.println( "CMCRequest::addTransactionAttr() - " - + "transId is null!" ); + if (transId == null) { + System.out.println("CMCRequest::addTransactionAttr() - " + + "transId is null!"); return -1; } INTEGER ii = new INTEGER(1, transId); TaggedAttribute transactionId = new TaggedAttribute(new - INTEGER(bpid++), OBJECT_IDENTIFIER.id_cmc_transactionId, ii); + INTEGER(bpid++), OBJECT_IDENTIFIER.id_cmc_transactionId, ii); System.out.println("Transaction ID control: "); - System.out.println(" Value: "+ii.toString()); - System.out.println("Successfully create transaction management control. bpid = "+(bpid-1)); + System.out.println(" Value: " + ii.toString()); + System.out.println("Successfully create transaction management control. bpid = " + (bpid - 1)); System.out.println(""); seq.addElement(transactionId); @@ -758,64 +757,64 @@ public class CMCRequest { sn = com.netscape.osutil.OSUtil.BtoA(dig); } - byte bb[] = sn.getBytes(); + byte bb[] = sn.getBytes(); System.out.println("SenderNonce control: "); String ss = " Value: "; - for (int m=0; m<bb.length; m++) { - ss = ss+bb[m]+" "; + for (int m = 0; m < bb.length; m++) { + ss = ss + bb[m] + " "; } System.out.println(ss); TaggedAttribute senderNonce = new TaggedAttribute(new - INTEGER(bpid++), OBJECT_IDENTIFIER.id_cmc_senderNonce, - new OCTET_STRING(sn.getBytes())); - System.out.println("Successfully create sender nonce control. bpid = "+(bpid-1)); + INTEGER(bpid++), OBJECT_IDENTIFIER.id_cmc_senderNonce, + new OCTET_STRING(sn.getBytes())); + System.out.println("Successfully create sender nonce control. bpid = " + (bpid - 1)); System.out.println(""); seq.addElement(senderNonce); return bpid; } private static int addPopLinkWitnessAttr(int bpid, SEQUENCE controlSeq) { -byte[] seed = -{0x10, 0x53, 0x42, 0x24, 0x1a, 0x2a, 0x35, 0x3c, - 0x7a, 0x52, 0x54, 0x56, 0x71, 0x65, 0x66, 0x4c, - 0x51, 0x34, 0x35, 0x23, 0x3c, 0x42, 0x43, 0x45, - 0x61, 0x4f, 0x6e, 0x43, 0x1e, 0x2a, 0x2b, 0x31, - 0x32, 0x34, 0x35, 0x36, 0x55, 0x51, 0x48, 0x14, - 0x16, 0x29, 0x41, 0x42, 0x43, 0x7b, 0x63, 0x44, - 0x6a, 0x12, 0x6b, 0x3c, 0x4c, 0x3f, 0x00, 0x14, - 0x51, 0x61, 0x15, 0x22, 0x23, 0x5f, 0x5e, 0x69}; + byte[] seed = + { 0x10, 0x53, 0x42, 0x24, 0x1a, 0x2a, 0x35, 0x3c, + 0x7a, 0x52, 0x54, 0x56, 0x71, 0x65, 0x66, 0x4c, + 0x51, 0x34, 0x35, 0x23, 0x3c, 0x42, 0x43, 0x45, + 0x61, 0x4f, 0x6e, 0x43, 0x1e, 0x2a, 0x2b, 0x31, + 0x32, 0x34, 0x35, 0x36, 0x55, 0x51, 0x48, 0x14, + 0x16, 0x29, 0x41, 0x42, 0x43, 0x7b, 0x63, 0x44, + 0x6a, 0x12, 0x6b, 0x3c, 0x4c, 0x3f, 0x00, 0x14, + 0x51, 0x61, 0x15, 0x22, 0x23, 0x5f, 0x5e, 0x69 }; TaggedAttribute idPOPLinkRandom = new TaggedAttribute(new - INTEGER(bpid++), OBJECT_IDENTIFIER.id_cmc_idPOPLinkRandom, - new OCTET_STRING(seed)); + INTEGER(bpid++), OBJECT_IDENTIFIER.id_cmc_idPOPLinkRandom, + new OCTET_STRING(seed)); controlSeq.addElement(idPOPLinkRandom); - System.out.println("Successfully create PopLinkWitness control. bpid = "+(bpid-1)); - System.out.println(""); + System.out.println("Successfully create PopLinkWitness control. bpid = " + (bpid - 1)); + System.out.println(""); return bpid; } - public static void main(String[]s) { - String numRequests=null; - String dbdir=null, nickname=null; - String ifilename=null, ofilename=null, password=null, format=null; + public static void main(String[] s) { + String numRequests = null; + String dbdir = null, nickname = null; + String ifilename = null, ofilename = null, password = null, format = null; FileOutputStream outputBlob = null; String confirmCertEnable = "false", confirmCertIssuer = null, confirmCertSerial = null; String getCertEnable = "false", getCertIssuer = null, getCertSerial = null; - String dataReturnEnable = "false", dataReturnData = null; + String dataReturnEnable = "false", dataReturnData = null; String transactionMgtEnable = "false", transactionMgtId = null; String senderNonceEnable = "false", senderNonce = null; String revCertNickname = ""; - String revRequestEnable = "false", revRequestIssuer = null, revRequestSerial= null; + String revRequestEnable = "false", revRequestIssuer = null, revRequestSerial = null; String revRequestReason = null, revRequestSharedSecret = null, revRequestComment = null; String revRequestInvalidityDatePresent = "false"; String identityProofEnable = "false", identityProofSharedSecret = null; String popLinkWitnessEnable = "false"; String bodyPartIDs = null, lraPopWitnessEnable = "false"; - System.out.println(""); + System.out.println(""); // Check that the correct # of arguments were submitted to the program - if( s.length != ( ARGC ) ) { + if (s.length != (ARGC)) { System.out.println("Wrong number of parameters:" + s.length); printUsage(); } @@ -825,16 +824,16 @@ byte[] seed = try { reader = new BufferedReader(new InputStreamReader( new BufferedInputStream( - new FileInputStream( - configFile)))); + new FileInputStream( + configFile)))); } catch (FileNotFoundException e) { - System.out.println("CMCRequest: can't find configuration file: "+configFile); + System.out.println("CMCRequest: can't find configuration file: " + configFile); printUsage(); } catch (Exception e) { e.printStackTrace(); System.exit(1); } - + try { String str = ""; while ((str = reader.readLine()) != null) { @@ -842,14 +841,14 @@ byte[] seed = if (!str.startsWith("#") && str.length() > 0) { int index = str.indexOf("="); String name = ""; - String val = ""; + String val = ""; if (index == -1) { - System.out.println("Error in configuration file: "+str); + System.out.println("Error in configuration file: " + str); System.exit(1); } name = str.substring(0, index); - if (index != str.length()-1) - val = str.substring(index+1); + if (index != str.length() - 1) + val = str.substring(index + 1); if (name.equals("format")) { format = val; @@ -942,15 +941,15 @@ byte[] seed = } StringTokenizer tokenizer = new StringTokenizer(ifilename, " "); - String[] ifiles = new String[num]; - for (int i=0; i<num; i++) { - String ss = (String)tokenizer.nextToken(); + String[] ifiles = new String[num]; + for (int i = 0; i < num; i++) { + String ss = (String) tokenizer.nextToken(); ifiles[i] = ss; if (ss == null) { System.out.println("Missing input file for the request."); System.exit(1); } - } + } if (ofilename == null) { System.out.println("Missing output filename for the CMC request."); @@ -975,13 +974,13 @@ byte[] seed = try { // initialize CryptoManager if (dbdir == null) - dbdir = "."; - String mPrefix = ""; + dbdir = "."; + String mPrefix = ""; System.out.println("cert/key prefix = " + mPrefix); System.out.println("path = " + dbdir); CryptoManager.InitializationValues vals = - new CryptoManager.InitializationValues(dbdir, mPrefix, - mPrefix, "secmod.db"); + new CryptoManager.InitializationValues(dbdir, mPrefix, + mPrefix, "secmod.db"); CryptoManager.initialize(vals); CryptoManager cm = CryptoManager.getInstance(); @@ -992,18 +991,18 @@ byte[] seed = CryptoStore store = token.getCryptoStore(); X509Certificate[] list = store.getCertificates(); X509Certificate signerCert = null; - + signerCert = cm.findCertByNickname(nickname); - + String[] requests = new String[num]; - for (int i=0; i<num; i++) { + for (int i = 0; i < num; i++) { BufferedReader inputBlob = null; try { inputBlob = new BufferedReader(new InputStreamReader( - new BufferedInputStream(new FileInputStream(ifiles[i])))); + new BufferedInputStream(new FileInputStream(ifiles[i])))); } catch (FileNotFoundException e) { System.out.println("CMCRequest: can't find file " + - ifiles[i] + ":\n" + e); + ifiles[i] + ":\n" + e); } catch (Exception e) { e.printStackTrace(); System.exit(1); @@ -1018,25 +1017,25 @@ byte[] seed = try { while ((asciiBASE64BlobChunk = inputBlob.readLine()) != null) { if (!(asciiBASE64BlobChunk.startsWith(HEADER)) && - !(asciiBASE64BlobChunk.startsWith(TRAILER))) { + !(asciiBASE64BlobChunk.startsWith(TRAILER))) { asciiBASE64Blob += asciiBASE64BlobChunk.trim(); } } requests[i] = asciiBASE64Blob; } catch (IOException e) { System.out.println("CMCRequest: Unexpected BASE64 " + - "encoded error encountered in readLine():\n" + - e); + "encoded error encountered in readLine():\n" + + e); } // (4) Close the DataInputStream() object try { inputBlob.close(); } catch (IOException e) { System.out.println("CMCRequest(): Unexpected BASE64 " + - "encoded error encountered in close():\n" + e); + "encoded error encountered in close():\n" + e); } - } - + } + SEQUENCE controlSeq = new SEQUENCE(); int bpid = 1; if (confirmCertEnable.equalsIgnoreCase("true")) { @@ -1047,13 +1046,13 @@ byte[] seed = } bpid = addConfirmCertAttr(bpid, controlSeq, confirmCertIssuer, confirmCertSerial); } - + if (lraPopWitnessEnable.equalsIgnoreCase("true")) { if (bodyPartIDs.length() == 0) { System.out.println("Illegal parameters for Lra Pop Witness control"); printUsage(); System.exit(1); - } + } bpid = addLraPopWitnessAttr(bpid, controlSeq, bodyPartIDs); } @@ -1064,7 +1063,7 @@ byte[] seed = printUsage(); System.exit(1); } - + bpid = addGetCertAttr(bpid, controlSeq, getCertIssuer, getCertSerial); } @@ -1086,46 +1085,46 @@ byte[] seed = SEQUENCE otherMsgSeq = new SEQUENCE(); if (revRequestEnable.equalsIgnoreCase("true")) { - if (revRequestIssuer.length() == 0 || revRequestSerial.length() == 0 || - revRequestReason.length() == 0) { + if (revRequestIssuer.length() == 0 || revRequestSerial.length() == 0 || + revRequestReason.length() == 0) { System.out.println("Illegal parameters for revRequest control"); printUsage(); System.exit(1); } - bpid = addRevRequestAttr(bpid, controlSeq, otherMsgSeq, revCertNickname, - revRequestIssuer, revRequestSerial, revRequestReason, revRequestSharedSecret, - revRequestComment, revRequestInvalidityDatePresent, cm); + bpid = addRevRequestAttr(bpid, controlSeq, otherMsgSeq, revCertNickname, + revRequestIssuer, revRequestSerial, revRequestReason, revRequestSharedSecret, + revRequestComment, revRequestInvalidityDatePresent, cm); } - - ContentInfo cmcblob = getCMCBlob(signerCert, nickname, requests, format, - cm, transactionMgtEnable, transactionMgtId, identityProofEnable, - identityProofSharedSecret, controlSeq, otherMsgSeq, bpid); + + ContentInfo cmcblob = getCMCBlob(signerCert, nickname, requests, format, + cm, transactionMgtEnable, transactionMgtId, identityProofEnable, + identityProofSharedSecret, controlSeq, otherMsgSeq, bpid); // (6) Finally, print the actual CMC blob to the // specified output file - FileOutputStream os = null; + FileOutputStream os = null; try { os = new FileOutputStream(ofilename); cmcblob.encode(os); System.out.println(""); System.out.println(""); - System.out.println("The CMC enrollment request in binary format is stored in "+ - ofilename+"."); + System.out.println("The CMC enrollment request in binary format is stored in " + + ofilename + "."); } catch (IOException e) { - System.out.println("CMCRequest: unable to open file " +ofilename+ - " for writing:\n" + e); + System.out.println("CMCRequest: unable to open file " + ofilename + + " for writing:\n" + e); } - + try { os.close(); } catch (IOException e) { System.out.println("CMCRequest: Unexpected error " + - "encountered while attempting to close() " + - "\n" + e); + "encountered while attempting to close() " + + "\n" + e); } - - }catch (Exception e) { + + } catch (Exception e) { e.printStackTrace(); System.exit(1); } |