From 7de81fedeba1a3904c127dc612a937903e622d81 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata@redhat.com>
Date: Tue, 27 Jan 2015 00:35:59 -0500
Subject: Refactored CRMFPopClient.

The CRMFPopClient has been refactored such that it is easier
to understand and reuse. The code has been fixed such that it
can read a normal PEM transport certificate. It also has been
fixed to parse the request submission result properly.

The client-cert-request CLI command was modified to support CRMF
requests.

The MainCLI and ClientConfig were modified to accept a security
token name.

The pki_java_command_wrapper.in was modified to include the Apache
Commons IO library.

https://fedorahosted.org/pki/ticket/1074
---
 .../src/com/netscape/cmstools/cli/MainCLI.java     | 24 ++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

(limited to 'base/java-tools/src/com/netscape/cmstools/cli')

diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
index 8c3805e00..1dbf02760 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
@@ -168,6 +168,10 @@ public class MainCLI extends CLI {
         option.setArgName("passwordfile");
         options.addOption(option);
 
+        option = new Option(null, "token", true, "Security token name");
+        option.setArgName("token");
+        options.addOption(option);
+
         option = new Option(null, "output", true, "Folder to store HTTP messages");
         option.setArgName("folder");
         options.addOption(option);
@@ -286,6 +290,8 @@ public class MainCLI extends CLI {
         String certNickname = cmd.getOptionValue("n");
         String certPassword = cmd.getOptionValue("c");
         String certPasswordFile = cmd.getOptionValue("C");
+        String tokenName = cmd.getOptionValue("token");
+
         String username = cmd.getOptionValue("u");
         String password = cmd.getOptionValue("w");
         String passwordFile = cmd.getOptionValue("W");
@@ -323,6 +329,9 @@ public class MainCLI extends CLI {
         if (certDatabase != null)
             config.setCertDatabase(new File(certDatabase).getAbsolutePath());
 
+        // store token name
+        config.setTokenName(tokenName);
+
         // store certificate nickname
         config.setCertNickname(certNickname);
 
@@ -420,14 +429,25 @@ public class MainCLI extends CLI {
 
         // Main program should initialize client security database
         if (certDatabase.exists()) {
+            if (verbose) System.out.println("Initializing client security database");
             CryptoManager.initialize(certDatabase.getAbsolutePath());
         }
 
-        // If password is specified, use password to access client security database
+        // If password is specified, use password to access security token
         if (config.getCertPassword() != null) {
+            if (verbose) System.out.println("Logging into security token");
             try {
                 CryptoManager manager = CryptoManager.getInstance();
-                CryptoToken token = manager.getInternalKeyStorageToken();
+
+                CryptoToken token;
+                String tokenName = config.getTokenName();
+                if (tokenName == null) {
+                    token = manager.getInternalKeyStorageToken();
+                } else {
+                    token = manager.getTokenByName(tokenName);
+                }
+                manager.setThreadToken(token);
+
                 Password password = new Password(config.getCertPassword().toCharArray());
                 token.login(password);
 
-- 
cgit