From a4682ceae6774956461edd03b2485bbacea445f4 Mon Sep 17 00:00:00 2001
From: mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>
Date: Tue, 4 Oct 2011 01:17:41 +0000
Subject: Bugzilla Bug #688225 - (dogtagIPAv2.1) TRACKER: of  the Dogtag fixes
 for freeIPA 2.1

git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/tags/IPA_v2_RHEL_6_2_20111003@2252 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
---
 .../util/src/com/netscape/cmsutil/util/Cert.java   | 189 +++++++++++++++++++++
 1 file changed, 189 insertions(+)
 create mode 100644 pki/base/util/src/com/netscape/cmsutil/util/Cert.java

(limited to 'pki/base/util/src/com/netscape/cmsutil/util/Cert.java')

diff --git a/pki/base/util/src/com/netscape/cmsutil/util/Cert.java b/pki/base/util/src/com/netscape/cmsutil/util/Cert.java
new file mode 100644
index 000000000..6a2d32b32
--- /dev/null
+++ b/pki/base/util/src/com/netscape/cmsutil/util/Cert.java
@@ -0,0 +1,189 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.cmsutil.util;
+
+
+import netscape.security.pkcs.PKCS7;
+import netscape.security.x509.X509CRLImpl;
+import netscape.security.x509.X509CertImpl;
+import org.mozilla.jss.crypto.SignatureAlgorithm;
+//import sun.misc.BASE64Decoder;
+import com.netscape.osutil.OSUtil;
+
+import java.io.IOException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509CRL;
+import java.security.cert.X509Certificate;
+
+public class Cert {
+
+    public static SignatureAlgorithm mapAlgorithmToJss(String algname) {
+        if (algname.equals("MD5withRSA"))
+            return SignatureAlgorithm.RSASignatureWithMD5Digest;
+        else if (algname.equals("MD2withRSA"))
+            return SignatureAlgorithm.RSASignatureWithMD2Digest;
+        else if (algname.equals("SHA1withRSA"))
+            return SignatureAlgorithm.RSASignatureWithSHA1Digest;
+        else if (algname.equals("SHA1withDSA"))
+            return SignatureAlgorithm.DSASignatureWithSHA1Digest;
+        else if (algname.equals("SHA256withRSA"))
+            return SignatureAlgorithm.RSASignatureWithSHA256Digest;
+        else if (algname.equals("SHA512withRSA"))
+            return SignatureAlgorithm.RSASignatureWithSHA512Digest;
+        else if (algname.equals("SHA1withEC"))
+            return SignatureAlgorithm.ECSignatureWithSHA1Digest;
+        else if (algname.equals("SHA256withEC"))
+            return SignatureAlgorithm.ECSignatureWithSHA256Digest;
+        else if (algname.equals("SHA384withEC"))
+            return SignatureAlgorithm.ECSignatureWithSHA384Digest;
+        else if (algname.equals("SHA512withEC"))
+            return SignatureAlgorithm.ECSignatureWithSHA512Digest;
+        return null;
+    }
+
+    public static String stripBrackets(String s) {
+        if (s == null) {
+            return s;
+        }
+
+        if ((s.startsWith("-----BEGIN CERTIFICATE-----")) &&
+            (s.endsWith("-----END CERTIFICATE-----"))) {
+            return (s.substring(27, (s.length() - 25)));
+        }
+
+        // To support Thawte's header and footer
+        if ((s.startsWith("-----BEGIN PKCS #7 SIGNED DATA-----")) &&
+            (s.endsWith("-----END PKCS #7 SIGNED DATA-----"))) {
+            return (s.substring(35, (s.length() - 33)));
+        }
+
+        return s;
+    }
+
+    public static String stripCRLBrackets(String s) {
+        if (s == null) {
+            return s;
+        }
+        if ((s.startsWith("-----BEGIN CERTIFICATE REVOCATION LIST-----")) &&
+            (s.endsWith("-----END CERTIFICATE REVOCATION LIST-----"))) {
+            return (s.substring(43, (s.length() - 41)));
+        }
+        return s;
+    }
+
+    public static String stripCertBrackets(String s) {
+	return stripBrackets(s);
+    }
+
+ // private static BASE64Decoder mDecoder = new BASE64Decoder();
+    public static X509CertImpl mapCert(String mime64)
+        throws IOException {
+        mime64 = stripCertBrackets(mime64.trim());
+        String newval = normalizeCertStr(mime64);
+     // byte rawPub[] = mDecoder.decodeBuffer(newval);
+        byte rawPub[] = OSUtil.AtoB( newval );
+        X509CertImpl cert = null;
+
+        try {
+            cert = new X509CertImpl(rawPub);
+        } catch (CertificateException e) {
+        }
+        return cert;
+    }
+
+    public static X509Certificate[] mapCertFromPKCS7(String mime64)
+        throws IOException {
+        mime64 = stripCertBrackets(mime64.trim());
+        String newval = normalizeCertStr(mime64);
+     // byte rawPub[] = mDecoder.decodeBuffer(newval);
+        byte rawPub[] = OSUtil.AtoB( newval );
+        PKCS7 p7 = null;
+
+        try {
+            p7 = new PKCS7(rawPub);
+        } catch (Exception e) {
+            throw new IOException( "p7 is null" );
+        }
+        return p7.getCertificates();
+    }
+
+    public static X509CRL mapCRL(String mime64)
+        throws IOException {
+        mime64 = stripCRLBrackets(mime64.trim());
+        String newval = normalizeCertStr(mime64);
+     // byte rawPub[] = mDecoder.decodeBuffer(newval);
+        byte rawPub[] = OSUtil.AtoB( newval );
+        X509CRL crl = null;
+
+        try {
+            crl = new X509CRLImpl(rawPub);
+        } catch (Exception e) {
+        }
+        return crl;
+    }
+
+    public static X509CRL mapCRL1(String mime64)
+        throws IOException {
+        mime64 = stripCRLBrackets(mime64.trim());
+
+        byte rawPub[] = OSUtil.AtoB(mime64);
+        X509CRL crl = null;
+
+        try {
+            crl = new X509CRLImpl(rawPub);
+        } catch (Exception e) {
+            throw new IOException(e.toString());
+        }
+        return crl;
+    }
+
+    public static String normalizeCertStr(String s) {
+        String val = "";
+
+        for (int i = 0; i < s.length(); i++) {
+            if (s.charAt(i) == '\n') {
+                continue;
+            } else if (s.charAt(i) == '\r') {
+                continue;
+            } else if (s.charAt(i) == '"') {
+                continue;
+            } else if (s.charAt(i) == ' ') {
+                continue;
+            }
+            val += s.charAt(i);
+        }
+        return val;
+    }
+
+    public static String normalizeCertStrAndReq(String s) {
+        String val = "";
+
+        for (int i = 0; i < s.length(); i++) {
+            if (s.charAt(i) == '\n') {
+                continue;
+            } else if (s.charAt(i) == '\r') {
+                continue;
+            } else if (s.charAt(i) == '"') {
+                continue;
+            }
+            val += s.charAt(i);
+        }
+        return val;
+    }
+}
+
-- 
cgit