From a25705a6fff3525b26a855d03f0c117bfadc1979 Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Wed, 23 May 2012 14:14:38 -0500 Subject: Added cert revocation REST service. The cert revocation REST service is based on DoRevoke and DoUnrevoke servlets. It provides an interface to manage certificate revocation. Ticket #161 --- base/util/src/CMakeLists.txt | 10 +- .../src/com/netscape/cmsutil/ldap/LDAPUtil.java | 4 +- .../netscape/security/x509/RevocationReason.java | 141 +++++++++++---------- .../security/x509/RevocationReasonAdapter.java | 38 ++++++ 4 files changed, 123 insertions(+), 70 deletions(-) create mode 100644 base/util/src/netscape/security/x509/RevocationReasonAdapter.java (limited to 'base/util') diff --git a/base/util/src/CMakeLists.txt b/base/util/src/CMakeLists.txt index f0c586ad6..24622d6c4 100644 --- a/base/util/src/CMakeLists.txt +++ b/base/util/src/CMakeLists.txt @@ -1,5 +1,12 @@ project(pki-cmsutil_java Java) +find_file(APACHE_COMMONS_LANG_JAR + NAMES + apache-commons-lang.jar + PATHS + /usr/share/java +) + find_file(JSS_JAR NAMES jss4.jar @@ -106,6 +113,7 @@ set(pki-nsutil_java_SRCS netscape/security/x509/URIName.java netscape/security/x509/CertAndKeyGen.java netscape/security/x509/RevocationReason.java + netscape/security/x509/RevocationReasonAdapter.java netscape/security/x509/AVAValueConverter.java netscape/security/x509/CRLDistributionPointsExtension.java netscape/security/x509/GeneralSubtree.java @@ -328,7 +336,7 @@ set(pki-cmsutil_java_SRCS ) set(CMAKE_JAVA_INCLUDE_PATH - ${LDAPJDK_JAR} ${XALAN_JAR} ${XERCES_JAR} + ${APACHE_COMMONS_LANG_JAR} ${LDAPJDK_JAR} ${XALAN_JAR} ${XERCES_JAR} ${JSS_JAR} ${COMMONS_CODEC_JAR}) set(CMAKE_JAVA_TARGET_VERSION ${APPLICATION_VERSION}) diff --git a/base/util/src/com/netscape/cmsutil/ldap/LDAPUtil.java b/base/util/src/com/netscape/cmsutil/ldap/LDAPUtil.java index 4409ddeaf..de8569e4d 100644 --- a/base/util/src/com/netscape/cmsutil/ldap/LDAPUtil.java +++ b/base/util/src/com/netscape/cmsutil/ldap/LDAPUtil.java @@ -45,9 +45,9 @@ public class LDAPUtil { * @param string string to escape * @return escaped string */ - public static String escapeFilter(String string) { + public static String escapeFilter(Object object) { StringBuilder sb = new StringBuilder(); - for (char c : string.toCharArray()) { + for (char c : object.toString().toCharArray()) { if (SPECIAL_CHARS.indexOf(c) >= 0) { sb.append('\\'); if (c < 0x10) diff --git a/base/util/src/netscape/security/x509/RevocationReason.java b/base/util/src/netscape/security/x509/RevocationReason.java index ae68ec525..183d9eecd 100644 --- a/base/util/src/netscape/security/x509/RevocationReason.java +++ b/base/util/src/netscape/security/x509/RevocationReason.java @@ -18,6 +18,10 @@ package netscape.security.x509; import java.io.Serializable; +import java.util.ArrayList; +import java.util.Collection; +import java.util.LinkedHashMap; +import java.util.Map; /** * Represent the enumerated type used in CRLReason Extension of CRL entry. @@ -29,94 +33,97 @@ import java.io.Serializable; public final class RevocationReason implements Serializable { private static final long serialVersionUID = -2582403666913588806L; + + public static final Collection INSTANCES = new ArrayList(); + public static final Map CODES = new LinkedHashMap(); + public static final Map LABELS = new LinkedHashMap(); + /** * Reasons */ - public static final RevocationReason UNSPECIFIED = new RevocationReason(0); - public static final RevocationReason KEY_COMPROMISE = new RevocationReason(1); - public static final RevocationReason CA_COMPROMISE = new RevocationReason(2); - public static final RevocationReason AFFILIATION_CHANGED = new RevocationReason(3); - public static final RevocationReason SUPERSEDED = new RevocationReason(4); - public static final RevocationReason CESSATION_OF_OPERATION = new RevocationReason(5); - public static final RevocationReason CERTIFICATE_HOLD = new RevocationReason(6); - public static final RevocationReason REMOVE_FROM_CRL = new RevocationReason(8); - public static final RevocationReason PRIVILEGE_WITHDRAWN = new RevocationReason(9); - public static final RevocationReason AA_COMPROMISE = new RevocationReason(10); + public static final RevocationReason UNSPECIFIED = new RevocationReason(0, "Unspecified"); + public static final RevocationReason KEY_COMPROMISE = new RevocationReason(1, "Key_Compromise"); + public static final RevocationReason CA_COMPROMISE = new RevocationReason(2, "CA_Compromise"); + public static final RevocationReason AFFILIATION_CHANGED = new RevocationReason(3, "Affiliation_Changed"); + public static final RevocationReason SUPERSEDED = new RevocationReason(4, "Superseded"); + public static final RevocationReason CESSATION_OF_OPERATION = new RevocationReason(5, "Cessation_of_Operation"); + public static final RevocationReason CERTIFICATE_HOLD = new RevocationReason(6, "Certificate_Hold"); + public static final RevocationReason REMOVE_FROM_CRL = new RevocationReason(8, "Remove_from_CRL"); + public static final RevocationReason PRIVILEGE_WITHDRAWN = new RevocationReason(9, "Privilege_Withdrawn"); + public static final RevocationReason AA_COMPROMISE = new RevocationReason(10, "AA_Compromise"); // Private data members - private int mReason; + private int code; + private String label; /** - * Create a RevocationReason with the passed integer value. + * Create a RevocationReason with the passed integer value and string label. * * @param reason integer value of the enumeration alternative. + * @param label string value of the enumeration alternative. */ - private RevocationReason(int reason) { - this.mReason = reason; + private RevocationReason(int reason, String label) { + this.code = reason; + this.label = label; + + INSTANCES.add(this); + CODES.put(reason, this); + LABELS.put(label.toLowerCase(), this); } - public int toInt() { - return mReason; + public int getCode() { + return code; + } + + public String getLabel() { + return label; } public static RevocationReason fromInt(int reason) { - if (reason == UNSPECIFIED.mReason) - return UNSPECIFIED; - if (reason == KEY_COMPROMISE.mReason) - return KEY_COMPROMISE; - if (reason == CA_COMPROMISE.mReason) - return CA_COMPROMISE; - if (reason == AFFILIATION_CHANGED.mReason) - return AFFILIATION_CHANGED; - if (reason == SUPERSEDED.mReason) - return SUPERSEDED; - if (reason == CESSATION_OF_OPERATION.mReason) - return CESSATION_OF_OPERATION; - if (reason == CERTIFICATE_HOLD.mReason) - return CERTIFICATE_HOLD; - if (reason == REMOVE_FROM_CRL.mReason) - return REMOVE_FROM_CRL; - if (reason == PRIVILEGE_WITHDRAWN.mReason) - return PRIVILEGE_WITHDRAWN; - if (reason == AA_COMPROMISE.mReason) - return AA_COMPROMISE; - return null; + return valueOf(reason); } - public boolean equals(Object other) { - if (this == other) - return true; - else if (other instanceof RevocationReason) - return ((RevocationReason) other).mReason == mReason; - else - return false; + public static RevocationReason valueOf(int reason) { + return CODES.get(reason); } - public int hashCode() { - return mReason; + public static RevocationReason valueOf(String string) { + return LABELS.get(string.toLowerCase()); + } + + public int toInt() { + return code; } public String toString() { - if (equals(UNSPECIFIED)) - return "Unspecified"; - if (equals(KEY_COMPROMISE)) - return "Key_Compromise"; - if (equals(CA_COMPROMISE)) - return "CA_Compromise"; - if (equals(AFFILIATION_CHANGED)) - return "Affiliation_Changed"; - if (equals(SUPERSEDED)) - return "Superseded"; - if (equals(CESSATION_OF_OPERATION)) - return "Cessation_of_Operation"; - if (equals(CERTIFICATE_HOLD)) - return "Certificate_Hold"; - if (equals(REMOVE_FROM_CRL)) - return "Remove_from_CRL"; - if (equals(PRIVILEGE_WITHDRAWN)) - return "Privilege_Withdrawn"; - if (equals(AA_COMPROMISE)) - return "AA_Compromise"; - return "[UNDEFINED]"; + return label; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + RevocationReason other = (RevocationReason) obj; + if (code != other.code) + return false; + if (label == null) { + if (other.label != null) + return false; + } else if (!label.equals(other.label)) + return false; + return true; + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + code; + result = prime * result + ((label == null) ? 0 : label.hashCode()); + return result; } } diff --git a/base/util/src/netscape/security/x509/RevocationReasonAdapter.java b/base/util/src/netscape/security/x509/RevocationReasonAdapter.java new file mode 100644 index 000000000..e9445bb43 --- /dev/null +++ b/base/util/src/netscape/security/x509/RevocationReasonAdapter.java @@ -0,0 +1,38 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2012 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package netscape.security.x509; + +import javax.xml.bind.annotation.adapters.XmlAdapter; + +import org.apache.commons.lang.StringUtils; + +/** + * The RevocationReasonAdapter class provides custom marshaling for RevocationReason. + * + * @author Endi S. Dewata + */ +public class RevocationReasonAdapter extends XmlAdapter { + + public RevocationReason unmarshal(String value) throws Exception { + return StringUtils.isEmpty(value) ? null : RevocationReason.valueOf(value); + } + + public String marshal(RevocationReason value) throws Exception { + return value == null ? null : value.toString(); + } +} \ No newline at end of file -- cgit