diff options
Diffstat (limited to 'pki/base/java-tools/src/com/netscape/cmstools/OCSPClient.java')
-rw-r--r-- | pki/base/java-tools/src/com/netscape/cmstools/OCSPClient.java | 253 |
1 files changed, 121 insertions, 132 deletions
diff --git a/pki/base/java-tools/src/com/netscape/cmstools/OCSPClient.java b/pki/base/java-tools/src/com/netscape/cmstools/OCSPClient.java index df18a3e52..a3e885e97 100644 --- a/pki/base/java-tools/src/com/netscape/cmstools/OCSPClient.java +++ b/pki/base/java-tools/src/com/netscape/cmstools/OCSPClient.java @@ -56,232 +56,221 @@ import com.netscape.cmsutil.ocsp.SingleResponse; import com.netscape.cmsutil.ocsp.TBSRequest; import com.netscape.cmsutil.ocsp.UnknownInfo; - /** * This class implements a OCSP client for testing. - * + * * @version $Revision$, $Date$ */ -public class OCSPClient -{ +public class OCSPClient { private String _host = null; private int _port = 0; - public OCSPClient(String host, int port, String dbdir) - throws Exception - { + public OCSPClient(String host, int port, String dbdir) + throws Exception { _host = host; _port = port; CryptoManager.initialize(dbdir); } - public void send(String uri, String nickname, int serialno, String output) - throws Exception - { - CryptoManager manager = CryptoManager.getInstance(); + public void send(String uri, String nickname, int serialno, String output) + throws Exception { + CryptoManager manager = CryptoManager.getInstance(); X509Certificate caCert = manager.findCertByNickname(nickname); OCSPRequest request = getOCSPRequest(caCert, serialno); - ByteArrayOutputStream os = new ByteArrayOutputStream(); - request.encode(os); - byte request_data[] = os.toByteArray(); + ByteArrayOutputStream os = new ByteArrayOutputStream(); + request.encode(os); + byte request_data[] = os.toByteArray(); sendOCSPRequest(uri, _host, _port, request_data, output); } - public void sendRequestData(String uri, String nickname, byte request_data[], String output) - throws Exception - { + public void sendRequestData(String uri, String nickname, byte request_data[], String output) + throws Exception { sendOCSPRequest(uri, _host, _port, request_data, output); } - public OCSPRequest getOCSPRequest(X509Certificate caCert, int serialno) - throws Exception - { + public OCSPRequest getOCSPRequest(X509Certificate caCert, int serialno) + throws Exception { MessageDigest md = MessageDigest.getInstance("SHA"); // calculate issuer key hash X509CertImpl x509Cert = new X509CertImpl(caCert.getEncoded()); - X509Key x509key = (X509Key)x509Cert.getPublicKey(); + X509Key x509key = (X509Key) x509Cert.getPublicKey(); byte issuerKeyHash[] = md.digest(x509key.getKey()); // calculate name hash - X500Name name = (X500Name)x509Cert.getSubjectDN(); + X500Name name = (X500Name) x509Cert.getSubjectDN(); byte issuerNameHash[] = md.digest(name.getEncoded()); // constructing the OCSP request CertID certid = new CertID( - new AlgorithmIdentifier( - new OBJECT_IDENTIFIER("1.3.14.3.2.26"), new NULL()), - new OCTET_STRING(issuerNameHash), - new OCTET_STRING(issuerKeyHash), + new AlgorithmIdentifier( + new OBJECT_IDENTIFIER("1.3.14.3.2.26"), new NULL()), + new OCTET_STRING(issuerNameHash), + new OCTET_STRING(issuerKeyHash), new INTEGER(serialno)); Request request = new Request(certid, null); SEQUENCE requestList = new SEQUENCE(); requestList.addElement(request); - TBSRequest tbsRequest = new TBSRequest(null,null,requestList,null); + TBSRequest tbsRequest = new TBSRequest(null, null, requestList, null); return new OCSPRequest(tbsRequest, null); } - public void sendOCSPRequest(String uri, String host, int port, - byte request_data[], String output) throws Exception - { + public void sendOCSPRequest(String uri, String host, int port, + byte request_data[], String output) throws Exception { Socket socket = new Socket(host, port); // send request System.out.println("URI: " + uri); - DataOutputStream dos = new DataOutputStream(socket.getOutputStream()); - dos.writeBytes("POST " + uri + " HTTP/1.0\r\n"); - dos.writeBytes("Content-length: " + request_data.length + "\r\n"); - dos.writeBytes("\r\n"); - dos.write(request_data); + DataOutputStream dos = new DataOutputStream(socket.getOutputStream()); + dos.writeBytes("POST " + uri + " HTTP/1.0\r\n"); + dos.writeBytes("Content-length: " + request_data.length + "\r\n"); + dos.writeBytes("\r\n"); + dos.write(request_data); dos.flush(); System.out.println("Data Length: " + request_data.length); System.out.println("Data: " + com.netscape.osutil.OSUtil.BtoA(request_data)); - InputStream iiss = socket.getInputStream(); + InputStream iiss = socket.getInputStream(); FileOutputStream fof = new FileOutputStream(output); - boolean startSaving = false; - int sum = 0; - boolean hack = false; - try { - while (true) - { - int r = iiss.read(); - if (r == -1) - break; - if (r == 10) { - sum++; - } - if (sum == 6) { - startSaving = true; - continue; - } - if (startSaving) { - if (hack) { - fof.write(r); - } - if (hack == false) { - hack = true; - } - } + boolean startSaving = false; + int sum = 0; + boolean hack = false; + try { + while (true) { + int r = iiss.read(); + if (r == -1) + break; + if (r == 10) { + sum++; + } + if (sum == 6) { + startSaving = true; + continue; + } + if (startSaving) { + if (hack) { + fof.write(r); + } + if (hack == false) { + hack = true; + } + } } // while - } catch (IOException e) { - } + } catch (IOException e) { + } fof.close(); - // parse OCSPResponse + // parse OCSPResponse BufferedInputStream fis = - new BufferedInputStream( - new FileInputStream(output)); + new BufferedInputStream( + new FileInputStream(output)); OCSPResponse resp = (OCSPResponse) - OCSPResponse.getTemplate().decode(fis); - OCSPResponseStatus status = resp.getResponseStatus(); + OCSPResponse.getTemplate().decode(fis); + OCSPResponseStatus status = resp.getResponseStatus(); ResponseBytes bytes = resp.getResponseBytes(); - BasicOCSPResponse basic = (BasicOCSPResponse) - BasicOCSPResponse.getTemplate().decode( - new ByteArrayInputStream(bytes.getResponse().toByteArray())); + BasicOCSPResponse basic = (BasicOCSPResponse) + BasicOCSPResponse.getTemplate().decode( + new ByteArrayInputStream(bytes.getResponse().toByteArray())); ResponseData rd = basic.getResponseData(); for (int i = 0; i < rd.getResponseCount(); i++) { - SingleResponse rd1 = rd.getResponseAt(i); - System.out.println("CertID.serialNumber=" + - rd1.getCertID().getSerialNumber()); - CertStatus status1 = rd1.getCertStatus(); - if (status1 instanceof GoodInfo) { - System.out.println("CertStatus=Good"); - } - if (status1 instanceof UnknownInfo) { - System.out.println("CertStatus=Unknown"); - } - if (status1 instanceof RevokedInfo) { - System.out.println("CertStatus=Revoked"); - } + SingleResponse rd1 = rd.getResponseAt(i); + System.out.println("CertID.serialNumber=" + + rd1.getCertID().getSerialNumber()); + CertStatus status1 = rd1.getCertStatus(); + if (status1 instanceof GoodInfo) { + System.out.println("CertStatus=Good"); + } + if (status1 instanceof UnknownInfo) { + System.out.println("CertStatus=Unknown"); + } + if (status1 instanceof RevokedInfo) { + System.out.println("CertStatus=Revoked"); + } } } - public static void printUsage() - { - System.out.println("Usage: OCSPClient " + - "<host> <port> <dbdir> <nickname> <serialno_or_filename> <output> <times>"); - System.out.println(" <host> = OCSP server hostname"); - System.out.println(" <port> = OCSP server port number"); - System.out.println(" <dbdir> = Certificate Database Directory"); - System.out.println(" <nickname> = Nickname of CA Certificate"); - System.out.println(" <serialno_or_filename> = Serial Number Being Checked, Or Name of file that contains the request"); - System.out.println(" <output> = Filename of Response in DER encoding"); - System.out.println(" <times> = Submit Request Multiple Times"); - System.out.println(" [<uri>] = OCSP Service URI (i.e. /ocsp/ee/ocsp)"); + public static void printUsage() { + System.out.println("Usage: OCSPClient " + + "<host> <port> <dbdir> <nickname> <serialno_or_filename> <output> <times>"); + System.out.println(" <host> = OCSP server hostname"); + System.out.println(" <port> = OCSP server port number"); + System.out.println(" <dbdir> = Certificate Database Directory"); + System.out.println(" <nickname> = Nickname of CA Certificate"); + System.out.println(" <serialno_or_filename> = Serial Number Being Checked, Or Name of file that contains the request"); + System.out.println(" <output> = Filename of Response in DER encoding"); + System.out.println(" <times> = Submit Request Multiple Times"); + System.out.println(" [<uri>] = OCSP Service URI (i.e. /ocsp/ee/ocsp)"); } - public static void main(String args[]) - { - if (args.length != 7 && args.length !=8 ) - { + public static void main(String args[]) { + if (args.length != 7 && args.length != 8) { System.out.println("ERROR: Invalid number of arguments - got " + args.length + " expected 7!"); for (int i = 0; i < args.length; i++) { - System.out.println("arg[" + i + "]=" + args[i]); + System.out.println("arg[" + i + "]=" + args[i]); } printUsage(); - System.exit(0); + System.exit(0); } String host = args[0]; int port = -1; try { - port = Integer.parseInt(args[1]); + port = Integer.parseInt(args[1]); } catch (Exception e) { - System.out.println("Error: Invalid Port Number"); - printUsage(); - System.exit(0); + System.out.println("Error: Invalid Port Number"); + printUsage(); + System.exit(0); } String dbdir = args[2]; String nickname = args[3]; int serialno = -1; byte data[] = null; try { - serialno = Integer.parseInt(args[4]); + serialno = Integer.parseInt(args[4]); } catch (Exception e) { - try { - System.out.println("Warning: Serial Number not found. It may be a filename."); - /* it could be a file name */ - FileInputStream fis = new FileInputStream(args[4]); - System.out.println("File Size: " + fis.available()); - data = new byte[fis.available()]; - fis.read(data); - } catch (Exception e1) { - System.out.println("Error: Invalid Serial Number or File Name"); - printUsage(); - System.exit(0); - } + try { + System.out.println("Warning: Serial Number not found. It may be a filename."); + /* it could be a file name */ + FileInputStream fis = new FileInputStream(args[4]); + System.out.println("File Size: " + fis.available()); + data = new byte[fis.available()]; + fis.read(data); + } catch (Exception e1) { + System.out.println("Error: Invalid Serial Number or File Name"); + printUsage(); + System.exit(0); + } } String output = args[5]; int times = 1; try { - times = Integer.parseInt(args[6]); + times = Integer.parseInt(args[6]); } catch (Exception e) { - System.out.println("Error: Invalid Times"); - printUsage(); - System.exit(0); + System.out.println("Error: Invalid Times"); + printUsage(); + System.exit(0); } String uri = "/ocsp/ee/ocsp"; if (args.length > 7) { - uri = args[7]; + uri = args[7]; } try { - OCSPClient client = - new OCSPClient(host, port, dbdir); - for (int i = 0; i < times; i ++) { - if (data != null) { - client.sendRequestData(uri, nickname, data, output); - } else { - client.send(uri, nickname, serialno, output); - } + OCSPClient client = + new OCSPClient(host, port, dbdir); + for (int i = 0; i < times; i++) { + if (data != null) { + client.sendRequestData(uri, nickname, data, output); + } else { + client.send(uri, nickname, serialno, output); + } } System.out.println("Success: Output " + output); } catch (Exception e) { System.out.println("Error: " + e.toString()); printUsage(); - System.exit(0); + System.exit(0); } } } |