From e1c87187b5e47e8e38b6bc91c105c92ea5069c59 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Fri, 18 Nov 2016 07:54:53 +0100 Subject: Update PKCS12Util to use SLF4J. The PKCS12Util class has been modified to use SLF4J logging framework. The CMake scripts has been modified to include SLF4J libraries in the classpath. The spec file has been modified to add SLF4J dependencies. https://fedorahosted.org/pki/ticket/195 --- base/CMakeLists.txt | 14 ++++++ base/common/CMakeLists.txt | 2 + base/server/CMakeLists.txt | 2 + base/util/src/CMakeLists.txt | 1 + .../src/netscape/security/pkcs/PKCS12Util.java | 51 +++++++++++----------- 5 files changed, 45 insertions(+), 25 deletions(-) (limited to 'base') diff --git a/base/CMakeLists.txt b/base/CMakeLists.txt index bb156ba48..e29101cc8 100644 --- a/base/CMakeLists.txt +++ b/base/CMakeLists.txt @@ -1,5 +1,19 @@ project(base) +find_file(SLF4J_API_JAR + NAMES + slf4j-api.jar + PATHS + /usr/share/java/slf4j +) + +find_file(SLF4J_JDK14_JAR + NAMES + slf4j-jdk14.jar + PATHS + /usr/share/java/slf4j +) + # The order is important! if (APPLICATION_FLAVOR_PKI_CORE) diff --git a/base/common/CMakeLists.txt b/base/common/CMakeLists.txt index d4b0d7f15..f1e236de7 100644 --- a/base/common/CMakeLists.txt +++ b/base/common/CMakeLists.txt @@ -47,6 +47,8 @@ add_custom_command( COMMAND ${CMAKE_COMMAND} -E create_symlink ${RESTEASY_LIB}/resteasy-jaxrs-jandex.jar lib/resteasy-jaxrs-jandex.jar COMMAND ${CMAKE_COMMAND} -E create_symlink ${RESTEASY_LIB}/resteasy-jaxrs.jar lib/resteasy-jaxrs.jar COMMAND ${CMAKE_COMMAND} -E create_symlink /usr/share/java/servlet.jar lib/servlet.jar + COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_API_JAR} lib/slf4j-api.jar + COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_JDK14_JAR} lib/slf4j-jdk14.jar ) install( diff --git a/base/server/CMakeLists.txt b/base/server/CMakeLists.txt index be58c055e..e0669ca5c 100644 --- a/base/server/CMakeLists.txt +++ b/base/server/CMakeLists.txt @@ -53,6 +53,8 @@ add_custom_command( COMMAND ${CMAKE_COMMAND} -E create_symlink ${RESTEASY_LIB}/jaxrs-api.jar common/lib/resteasy-jaxrs-api.jar COMMAND ${CMAKE_COMMAND} -E create_symlink ${RESTEASY_LIB}/resteasy-jaxrs.jar common/lib/resteasy-jaxrs.jar COMMAND ${CMAKE_COMMAND} -E create_symlink /usr/share/java/scannotation.jar common/lib/scannotation.jar + COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_API_JAR} common/lib/slf4j-api.jar + COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_JDK14_JAR} common/lib/slf4j-jdk14.jar COMMAND /usr/bin/ln -sf /usr/lib/java/symkey.jar ${CMAKE_CURRENT_BINARY_DIR}/common/lib/symkey.jar COMMAND ${CMAKE_COMMAND} -E create_symlink /usr/share/java/tomcatjss.jar common/lib/tomcatjss.jar COMMAND ${CMAKE_COMMAND} -E create_symlink /usr/share/java/velocity.jar common/lib/velocity.jar diff --git a/base/util/src/CMakeLists.txt b/base/util/src/CMakeLists.txt index b434397f7..2a00967ea 100644 --- a/base/util/src/CMakeLists.txt +++ b/base/util/src/CMakeLists.txt @@ -75,6 +75,7 @@ javac(pki-nsutil-classes CLASSPATH ${APACHE_COMMONS_LANG_JAR} ${LDAPJDK_JAR} ${XALAN_JAR} ${XERCES_JAR} ${JSS_JAR} ${COMMONS_CODEC_JAR} + ${SLF4J_API_JAR} OUTPUT_DIR ${CMAKE_CURRENT_BINARY_DIR}/classes DEPENDS diff --git a/base/util/src/netscape/security/pkcs/PKCS12Util.java b/base/util/src/netscape/security/pkcs/PKCS12Util.java index 9a6fe19cd..9adb62972 100644 --- a/base/util/src/netscape/security/pkcs/PKCS12Util.java +++ b/base/util/src/netscape/security/pkcs/PKCS12Util.java @@ -29,7 +29,6 @@ import java.security.Principal; import java.security.PublicKey; import java.security.cert.CertificateException; import java.util.Collection; -import java.util.logging.Logger; import org.apache.commons.lang.StringUtils; import org.mozilla.jss.CryptoManager; @@ -66,6 +65,8 @@ import org.mozilla.jss.pkix.primitive.Attribute; import org.mozilla.jss.pkix.primitive.EncryptedPrivateKeyInfo; import org.mozilla.jss.pkix.primitive.PrivateKeyInfo; import org.mozilla.jss.util.Password; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import netscape.ldap.LDAPDN; import netscape.ldap.util.DN; @@ -73,7 +74,7 @@ import netscape.security.x509.X509CertImpl; public class PKCS12Util { - private static Logger logger = Logger.getLogger(PKCS12Util.class.getName()); + private static Logger logger = LoggerFactory.getLogger(PKCS12Util.class); boolean trustFlagsEnabled = true; @@ -134,7 +135,7 @@ public class PKCS12Util { public void addKeyBag(PKCS12KeyInfo keyInfo, Password password, SEQUENCE encSafeContents) throws Exception { - logger.fine("Creating key bag for " + keyInfo.subjectDN); + logger.debug("Creating key bag for " + keyInfo.subjectDN); PasswordConverter passConverter = new PasswordConverter(); byte salt[] = { 0x01, 0x01, 0x01, 0x01 }; @@ -152,7 +153,7 @@ public class PKCS12Util { public void addCertBag(PKCS12CertInfo certInfo, SEQUENCE safeContents) throws Exception { - logger.fine("Creating cert bag for " + certInfo.nickname); + logger.debug("Creating cert bag for " + certInfo.nickname); ASN1Value cert = new OCTET_STRING(certInfo.cert.getEncoded()); CertBag certBag = new CertBag(CertBag.X509_CERT_TYPE, cert); @@ -313,7 +314,7 @@ public class PKCS12Util { try { PrivateKey privateKey = cm.findPrivKeyByCert(cert); - logger.fine("Certificate \"" + nickname + "\" has private key"); + logger.debug("Certificate \"" + nickname + "\" has private key"); PKCS12KeyInfo keyInfo = new PKCS12KeyInfo(); keyInfo.id = id; @@ -326,7 +327,7 @@ public class PKCS12Util { pkcs12.addKeyInfo(keyInfo); } catch (ObjectNotFoundException e) { - logger.fine("Certificate \"" + nickname + "\" has no private key"); + logger.debug("Certificate \"" + nickname + "\" has no private key"); } } @@ -395,7 +396,7 @@ public class PKCS12Util { BMPString subjectDN = (BMPString) new BMPString.Template().decode(bis); keyInfo.subjectDN = subjectDN.toString(); - logger.fine(" Subject DN: " + keyInfo.subjectDN); + logger.debug(" Subject DN: " + keyInfo.subjectDN); } else if (oid.equals(SafeBag.LOCAL_KEY_ID)) { @@ -406,7 +407,7 @@ public class PKCS12Util { OCTET_STRING keyID = (OCTET_STRING) new OCTET_STRING.Template().decode(bis); keyInfo.id = new BigInteger(1, keyID.toByteArray()); - logger.fine(" ID: " + keyInfo.id.toString(16)); + logger.debug(" ID: " + keyInfo.id.toString(16)); } } @@ -424,7 +425,7 @@ public class PKCS12Util { certInfo.cert = new X509CertImpl(x509cert); Principal subjectDN = certInfo.cert.getSubjectDN(); - logger.fine(" Subject DN: " + subjectDN); + logger.debug(" Subject DN: " + subjectDN); SET bagAttrs = bag.getBagAttributes(); @@ -442,7 +443,7 @@ public class PKCS12Util { BMPString nickname = (BMPString) (new BMPString.Template()).decode(bis); certInfo.nickname = nickname.toString(); - logger.fine(" Nickname: " + certInfo.nickname); + logger.debug(" Nickname: " + certInfo.nickname); } else if (oid.equals(SafeBag.LOCAL_KEY_ID)) { @@ -454,7 +455,7 @@ public class PKCS12Util { OCTET_STRING keyID = (OCTET_STRING) new OCTET_STRING.Template().decode(bis); certInfo.id = new BigInteger(1, keyID.toByteArray()); - logger.fine(" ID: " + certInfo.id.toString(16)); + logger.debug(" ID: " + certInfo.id.toString(16)); } else if (oid.equals(PKCS12.CERT_TRUST_FLAGS_OID) && trustFlagsEnabled) { @@ -465,22 +466,22 @@ public class PKCS12Util { BMPString trustFlags = (BMPString) (new BMPString.Template()).decode(is); certInfo.trustFlags = trustFlags.toString(); - logger.fine(" Trust flags: " + certInfo.trustFlags); + logger.debug(" Trust flags: " + certInfo.trustFlags); } } if (certInfo.id == null) { - logger.fine(" ID not specified, generating new ID"); + logger.debug(" ID not specified, generating new ID"); certInfo.id = createLocalID(x509cert); - logger.fine(" ID: " + certInfo.id.toString(16)); + logger.debug(" ID: " + certInfo.id.toString(16)); } if (certInfo.nickname == null) { - logger.fine(" Nickname not specified, generating new nickname"); + logger.debug(" Nickname not specified, generating new nickname"); DN dn = new DN(subjectDN.getName()); String[] values = dn.explodeDN(true); certInfo.nickname = StringUtils.join(values, " - "); - logger.fine(" Nickname: " + certInfo.nickname); + logger.debug(" Nickname: " + certInfo.nickname); } return certInfo; @@ -488,7 +489,7 @@ public class PKCS12Util { public void getKeyInfos(PKCS12 pkcs12, PFX pfx, Password password) throws Exception { - logger.fine("Load private keys:"); + logger.debug("Load private keys:"); AuthenticatedSafes safes = pfx.getAuthSafes(); @@ -503,7 +504,7 @@ public class PKCS12Util { if (!oid.equals(SafeBag.PKCS8_SHROUDED_KEY_BAG)) continue; - logger.fine(" - Private key:"); + logger.debug(" - Private key:"); PKCS12KeyInfo keyInfo = getKeyInfo(bag, password); pkcs12.addKeyInfo(keyInfo); } @@ -512,7 +513,7 @@ public class PKCS12Util { public void getCertInfos(PKCS12 pkcs12, PFX pfx, Password password) throws Exception { - logger.fine("Loading certificates:"); + logger.debug("Loading certificates:"); AuthenticatedSafes safes = pfx.getAuthSafes(); @@ -527,7 +528,7 @@ public class PKCS12Util { if (!oid.equals(SafeBag.CERT_BAG)) continue; - logger.fine(" - Certificate:"); + logger.debug(" - Certificate:"); PKCS12CertInfo certInfo = getCertInfo(bag); pkcs12.addCertInfo(certInfo, true); } @@ -589,7 +590,7 @@ public class PKCS12Util { PKCS12 pkcs12, PKCS12KeyInfo keyInfo) throws Exception { - logger.fine("Importing private key " + keyInfo.subjectDN); + logger.debug("Importing private key " + keyInfo.subjectDN); PrivateKeyInfo privateKeyInfo = keyInfo.privateKeyInfo; @@ -600,7 +601,7 @@ public class PKCS12Util { PKCS12CertInfo certInfo = pkcs12.getCertInfoByID(keyInfo.getID()); if (certInfo == null) { - logger.fine("Private key has no certificate, ignore"); + logger.debug("Private key has no certificate, ignore"); return; } @@ -653,14 +654,14 @@ public class PKCS12Util { X509Certificate cert; if (keyInfo != null) { // cert has key - logger.fine("Importing user key for " + certInfo.nickname); + logger.debug("Importing user key for " + certInfo.nickname); importKey(pkcs12, keyInfo); - logger.fine("Importing user certificate " + certInfo.nickname); + logger.debug("Importing user certificate " + certInfo.nickname); cert = cm.importUserCACertPackage(certInfo.cert.getEncoded(), certInfo.nickname); } else { // cert has no key - logger.fine("Importing CA certificate " + certInfo.nickname); + logger.debug("Importing CA certificate " + certInfo.nickname); // Note: JSS does not preserve CA certificate nickname cert = cm.importCACertPackage(certInfo.cert.getEncoded()); } -- cgit