diff options
author | PKI Team <PKI Team@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2008-03-18 22:36:57 +0000 |
---|---|---|
committer | PKI Team <PKI Team@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2008-03-18 22:36:57 +0000 |
commit | d0f2e4efbd3eb0f1d7f5a28e7f97c1fb4ec027bb (patch) | |
tree | 7e7473fae8af5ad7e6cda7eabbef787093fc59a7 /pki/base/migrate/TxtTo73 | |
parent | 273f8d85df5c31293a908185622b378c8f3cf7e8 (diff) | |
download | pki-d0f2e4efbd3eb0f1d7f5a28e7f97c1fb4ec027bb.tar.gz pki-d0f2e4efbd3eb0f1d7f5a28e7f97c1fb4ec027bb.tar.xz pki-d0f2e4efbd3eb0f1d7f5a28e7f97c1fb4ec027bb.zip |
Initial open source version based upon proprietary Red Hat Certificate System (RHCS) 7.3.
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/migrate/TxtTo73')
-rw-r--r-- | pki/base/migrate/TxtTo73/classes/CMS73LdifParser.class | bin | 0 -> 11509 bytes | |||
-rw-r--r-- | pki/base/migrate/TxtTo73/classes/DummyAuthManager.class | bin | 0 -> 1187 bytes | |||
-rw-r--r-- | pki/base/migrate/TxtTo73/classes/Main.class | bin | 0 -> 1513 bytes | |||
-rwxr-xr-x | pki/base/migrate/TxtTo73/run.bat | 186 | ||||
-rwxr-xr-x | pki/base/migrate/TxtTo73/run.sh | 149 | ||||
-rw-r--r-- | pki/base/migrate/TxtTo73/src/Main.java | 596 | ||||
-rwxr-xr-x | pki/base/migrate/TxtTo73/src/compile.bat | 152 | ||||
-rwxr-xr-x | pki/base/migrate/TxtTo73/src/compile.sh | 141 |
8 files changed, 1224 insertions, 0 deletions
diff --git a/pki/base/migrate/TxtTo73/classes/CMS73LdifParser.class b/pki/base/migrate/TxtTo73/classes/CMS73LdifParser.class Binary files differnew file mode 100644 index 00000000..ccdae339 --- /dev/null +++ b/pki/base/migrate/TxtTo73/classes/CMS73LdifParser.class diff --git a/pki/base/migrate/TxtTo73/classes/DummyAuthManager.class b/pki/base/migrate/TxtTo73/classes/DummyAuthManager.class Binary files differnew file mode 100644 index 00000000..7fa7e3aa --- /dev/null +++ b/pki/base/migrate/TxtTo73/classes/DummyAuthManager.class diff --git a/pki/base/migrate/TxtTo73/classes/Main.class b/pki/base/migrate/TxtTo73/classes/Main.class Binary files differnew file mode 100644 index 00000000..79304773 --- /dev/null +++ b/pki/base/migrate/TxtTo73/classes/Main.class diff --git a/pki/base/migrate/TxtTo73/run.bat b/pki/base/migrate/TxtTo73/run.bat new file mode 100755 index 00000000..4787506f --- /dev/null +++ b/pki/base/migrate/TxtTo73/run.bat @@ -0,0 +1,186 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a normalized <Source CS Version> ldif +REM text file (e. g. - created via a <Source CS Version>ToTxt +REM script) into a CS 7.3 ldif data file. +REM +REM This CS 7.3 ldif data file can then be imported into the +REM internal database of the desired CS 7.3 server using a +REM utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cs71 + + +REM +REM INSTANCE - if the CS instance directory is called 'cert-ca', +REM set the CS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CS="CS 7.3" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\server;%PATH% + + +REM +REM Convert the specified %CS% ldif data file +REM into a normalized %CS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/pki/base/migrate/TxtTo73/run.sh b/pki/base/migrate/TxtTo73/run.sh new file mode 100755 index 00000000..18085170 --- /dev/null +++ b/pki/base/migrate/TxtTo73/run.sh @@ -0,0 +1,149 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a normalized <Source CS Version> ldif ### +### text file (e. g. - created via a <Source CS Version>ToTxt ### +### script) into a CS 7.3 ldif data file. ### +### ### +### This CS 7.3 ldif data file can then be imported into ### +### the internal database of the desired CS 7.3 server ### +### using a utility such as ldif2db. ### +### ### +##################################################################### + +### +### Java Runtime Environment +### +JRE_ROOT=/usr/lib/jvm/jre-1.5.0 +export JRE_ROOT + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CS="CS 7.3" +export CS + +OS_NAME=`uname` +export OS_NAME + +ARCH=`uname -i` +export ARCH + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +CLASSPATH=/usr/share/rhpki/migrate/TxtTo72/classes:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/share/java/rhpki/nsutil.jar:/usr/lib/java/dirsec/jss4.jar:${JRE_ROOT}/lib/rt.jar +export CLASSPATH + +if [ ${OS_NAME} = "Linux" ] ; then + if [ ${ARCH} = "i386" ] ; then + LD_LIBRARY_PATH=/usr/lib/dirsec:/usr/lib:${JRE_ROOT}/lib:${JRE_ROOT}/lib/i386/native_threads + export LD_LIBRARY_PATH + else # x86_64 + LD_LIBRARY_PATH=/usr/lib64/dirsec:/usr/lib64:${JRE_ROOT}/lib:${JRE_ROOT}/lib/i386/native_threads + export LD_LIBRARY_PATH + CLASSPATH=/usr/share/rhpki/migrate/TxtTo72/classes:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/share/java/rhpki/nsutil.jar:/usr/lib64/java/dirsec/jss4.jar:${JRE_ROOT}/lib/rt.jar + export CLASSPATH + fi +else # SunOS 64-bits + LD_LIBRARY_PATH=/usr/lib/sparcv9/dirsec:/usr/lib/sparcv9:${JRE_ROOT}/lib:${JRE_ROOT}/lib/sparc/native_threads + export LD_LIBRARY_PATH + CLASSPATH=/usr/share/rhpki/migrate/TxtTo72/classes:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/share/java/rhpki/nsutil.jar:/usr/lib/sparcv9/java/dirsec/jss4.jar:${JRE_ROOT}/lib/rt.jar + export CLASSPATH +fi + + +### +### Convert the specified ${CS} ldif data file +### into a normalized ${CS} ldif text file. +### + +${JRE_ROOT}/bin/java -classpath ${CLASSPATH} Main $1 $2 diff --git a/pki/base/migrate/TxtTo73/src/Main.java b/pki/base/migrate/TxtTo73/src/Main.java new file mode 100644 index 00000000..9b7ae535 --- /dev/null +++ b/pki/base/migrate/TxtTo73/src/Main.java @@ -0,0 +1,596 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "TxtTo71/src/Main.java" is based upon a copy "TxtTo70/src/Main.java". +// +// Always comment any new code sections with a "CMS 7.1" header, and +// apply these changes forward to all other "TxtTo*/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "TxtTo*" version. +// +// This file should always be maintained by executing the following command: +// +// diff TxtTo70/src/Main.java TxtTo71/src/Main.java +// + +import java.math.*; +import java.io.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import com.netscape.certsrv.base.*; +import com.netscape.certsrv.authentication.*; +import netscape.security.util.*; +import java.lang.reflect.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS73LdifParser parser = null; + if (args.length == 1) { + parser = new CMS73LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS73LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS73LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS73LdifParser(String filename) + { + mFilename = filename; + } + + public CMS73LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + Vector requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.equals(BEGIN)) { + requestAttributes = new Vector(); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.equals(END)) { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + continue; + } + if (line.startsWith(" ")) { // begining of attr + requestAttributes.addElement( + line.substring(1, line.length())); + } else { + requestAttributes.setElementAt( + (String) + requestAttributes.lastElement() + + "\n" + + line, + requestAttributes.size() - 1); + } + } + } + + private byte[] encode(Object value) throws Exception + { + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + + os.writeObject(value); + os.close(); + return bos.toByteArray(); + } + + public void parseAttributes(String dn, Vector attrs) throws Exception + { + Hashtable hashtable = new Hashtable(); + for (int i = 0; i < attrs.size(); i++) { + String attr = (String)attrs.elementAt(i); + buildHashtable(dn, hashtable, attr); + } + + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + Enumeration e = hashtable.keys(); + while (e.hasMoreElements()) { + String key = (String)e.nextElement(); + Object value = hashtable.get(key); + + try { + byte data[] = null; + data = encode(value); + os.writeObject(key); + os.writeObject(data); + } catch (Exception ex) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } // while + os.writeObject(null); + os.close(); + + // print the BASE64 encoding of the Hashtable + BASE64Encoder encoder = new BASE64Encoder(); + String attrsStr = encoder.encodeBuffer(bos.toByteArray()); + // trim the last "\n" + StringBuffer buffer = null; + attrsStr = attrsStr.trim(); + StringTokenizer st = new StringTokenizer(attrsStr, "\r\n"); + while (st.hasMoreTokens()) { + if (buffer == null) { + buffer = new StringBuffer(); + buffer.append(st.nextToken()); + } else { + buffer.append("\r\n " + st.nextToken()); + } + } + + System.out.println(REQUEST_ATTRIBUTES + " " + buffer); + } + + public void buildHashtable(String dn, Hashtable table, String attr) + throws Exception + { + // attribute format [name]:[type]=[value] + + int colon = attr.indexOf(':'); + if (colon == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + int equal = attr.indexOf('='); + if (equal == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + String name = attr.substring(0, colon); + String type = attr.substring(colon+1, equal); + String value = attr.substring(equal+1); + + if (name.startsWith("serviceErrors")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + if (name.startsWith("Error")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + if (type.startsWith("java.lang.String")) { + table.put(name, value); + } else if (type.startsWith("org.mozilla.jss.asn1.INTEGER")) { + // CMS 7.1 stores bodyPartId as INTEGER + // CS 72. fixed the problem by storing it as String + table.put(name, value); + } else if (type.startsWith("byte[]")) { + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if (type.startsWith("java.lang.Integer")) { + table.put(name, new Integer(value)); + } else if (type.startsWith("java.math.BigInteger")) { + table.put(name, new java.math.BigInteger(value)); + } else if (type.startsWith("java.util.Locale")) { + // CMS 6.2: begin checking for new type + // "java.util.Locale" + table.put(name, Locale.getDefault()); + } else if (type.startsWith("java.util.Vector")) { + Vector obj = + (Vector)table.get(name); + if (obj == null) { + obj = new Vector(); + table.put(name, obj); + } + obj.addElement(value); + } else if (type.startsWith("com.netscape.certsrv.base.ArgBlock") || type.startsWith("com.netscape.cmscore.base.ArgBlock")) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + com.netscape.cmscore.base.ArgBlock obj = + (com.netscape.cmscore.base.ArgBlock)table.get(name); + if (obj == null) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + obj = new com.netscape.cmscore.base.ArgBlock(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + obj.set(valuekey, valuevalue); + } else if (type.startsWith("com.netscape.certsrv.request.AgentApprovals")) { + com.netscape.certsrv.request.AgentApprovals obj = + (com.netscape.certsrv.request.AgentApprovals)table.get(name); + if (obj == null) { + obj = new com.netscape.certsrv.request.AgentApprovals(); + table.put(name, obj); + } + obj.addApproval(value.substring(0,value.indexOf(';'))); + } else if (type.startsWith("com.netscape.certsrv.authentication.AuthToken")) { + com.netscape.certsrv.authentication.AuthToken obj = + (com.netscape.certsrv.authentication.AuthToken)table.get(name); + if (obj == null) { + com.netscape.certsrv.authentication.IAuthManager mgr = + new DummyAuthManager(); + obj = new com.netscape.certsrv.authentication.AuthToken(mgr); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else { + System.err.println("ERROR AuthToken type - " + attr); + System.exit(0); + } + } else if (type.startsWith("netscape.security.x509.X509CertInfo[") || type.startsWith("netscape.security.extensions.CertInfo[")) { + // CMS 6.2: begin checking for additional new type + // "netscape.security.extensions.CertInfo[" + // + // CMS 6.1: "netscape.security.x509.X509CertInfo" + // now always utilizes arrays such as + // "netscape.security.x509.X509CertInfo[" + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertInfo objs[] = (netscape.security.x509.X509CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.startsWith("com.netscape.certsrv.cert.CertInfo")) { + // + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.extensions.CertInfo objs[] = (netscape.security.extensions.CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.extensions.CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.extensions.CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.equals("netscape.security.x509.CertificateX509Key")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateX509Key obj = + new netscape.security.x509.CertificateX509Key( + new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.X509CertInfo")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertInfo obj = + new netscape.security.x509.X509CertInfo( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateExtensions")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateExtensions obj = + new netscape.security.x509.CertificateExtensions(); + obj.decodeEx(new ByteArrayInputStream(decoder.decodeBuffer(value))); + // CMS 6.2: revised method of decoding objects of type + // "netscape.security.x509.CertificateExtensions" + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateChain")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateChain obj = + new netscape.security.x509.CertificateChain(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateSubjectName")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateSubjectName obj = + new netscape.security.x509.CertificateSubjectName(new DerInputStream(decoder.decodeBuffer(value))); + // CMS 6.2: revised method of decoding objects of type + // "netscape.security.x509.CertificateSubjectName" + table.put(name, obj); + } else if (type.equals("netscape.security.x509.X509CertImpl")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertImpl obj = + new netscape.security.x509.X509CertImpl( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.X509CertImpl[")) { + // + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertImpl objs[] = (netscape.security.x509.X509CertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertImpl(decoder.decodeBuffer(value)); + } else if (type.startsWith("netscape.security.x509.RevokedCertImpl")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.RevokedCertImpl objs[] = (netscape.security.x509.RevokedCertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.RevokedCertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.RevokedCertImpl(decoder.decodeBuffer(value)); + } else if (type.startsWith("com.netscape.certsrv.dbs.keydb.KeyRecord") || type.startsWith("com.netscape.cmscore.dbs.KeyRecord")) { + com.netscape.cmscore.dbs.KeyRecord obj = + (com.netscape.cmscore.dbs.KeyRecord)table.get(name); + if (obj == null) { + obj = new com.netscape.cmscore.dbs.KeyRecord(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else if (valuetype.equals("java.math.BigInteger")) { + obj.set(valuekey, new java.math.BigInteger(valuevalue)); + } else if (valuetype.equals("java.lang.Integer")) { + obj.set(valuekey, new Integer(valuevalue)); + } else if (valuetype.equals("com.netscape.certsrv.dbs.keydb.KeyState")) { + obj.set(valuekey, com.netscape.certsrv.dbs.keydb.KeyState.toKeyState(valuevalue)); + } else if (valuetype.equals("[B")) { + // byte array + + BASE64Decoder decoder = new BASE64Decoder(); + obj.set(valuekey, decoder.decodeBuffer(valuevalue)); + } else { + System.err.println("ERROR AuthToken type - " + attr); + System.exit(0); + } + } else if (type.startsWith("com.netscape.certsrv.kra.ProofOfArchival") || type.startsWith("com.netscape.cmscore.kra.ProofOfArchival")) { + BASE64Decoder decoder = new BASE64Decoder(); + + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + com.netscape.certsrv.kra.ProofOfArchival obj = + buildPOA(decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.CertificateAlgorithmId")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateAlgorithmId obj = + new netscape.security.x509.CertificateAlgorithmId(new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.CertificateValidity")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateValidity obj = + new netscape.security.x509.CertificateValidity(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.startsWith("Integer[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + Integer objs[] = (Integer[])table.get(name); + if (objs == null) { + objs = new Integer[size]; + table.put(name, objs); + } + objs[index] = new Integer(value); + } else if (type.startsWith("java.math.BigInteger[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + java.math.BigInteger objs[] = (java.math.BigInteger[])table.get(name); + if (objs == null) { + objs = new java.math.BigInteger[size]; + table.put(name, objs); + } + objs[index] = new java.math.BigInteger(value); + } else if (type.startsWith("byte[")) { + // byte array + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if( type.endsWith( "Exception" ) ) { + Class[] argClass = { String.class }; // the argument's class + Object[] argValue = { value }; // the argument's value + + Class x = Class.forName( type ); + Constructor ctr = x.getConstructor( argClass ); + Exception e = ( Exception ) ctr.newInstance( argValue ); + } else { + // + System.err.println("ERROR type - " + type + " - "+ attr); + System.exit(0); + } + } + + public com.netscape.certsrv.kra.ProofOfArchival buildPOA(byte data[]) + throws Exception + { + DerInputStream dis = new DerInputStream(data); + DerValue seq[] = dis.getSequence(0); + + BigInteger mSerialNo = seq[0].getInteger().toBigInteger(); + + // subject + DerValue subject = seq[1]; + netscape.security.x509.X500Name mSubject = + new netscape.security.x509.X500Name(subject.toByteArray()); + + // issuer + DerValue issuer = seq[2]; + netscape.security.x509.X500Name mIssuer = + new netscape.security.x509.X500Name(issuer.toByteArray()); + + // date of archival + DerInputStream dateOfArchival = new DerInputStream(seq[3].toByteArray()); + Date mDateOfArchival = dateOfArchival.getUTCTime(); + com.netscape.certsrv.kra.ProofOfArchival obj = + new com.netscape.certsrv.kra.ProofOfArchival(mSerialNo, + mSubject.toString(), mIssuer.toString(), mDateOfArchival); + return obj; + } +} + +class DummyAuthManager implements com.netscape.certsrv.authentication.IAuthManager +{ + public String getName() + { + return "dummy"; + } + + public String getImplName() + { + return "dummy"; + } + + public IAuthToken authenticate(IAuthCredentials authCred) + throws EMissingCredential, EInvalidCredentials, EBaseException + { + return null; + } + + /** + * Initialize this authentication manager. + * @param name The name of this authentication manager instance. + * @param implName The name of the authentication manager plugin. + * @param config The configuration store for this authentication manager. + * @exception EBaseException If an initialization error occurred. + */ + public void init(String name, String implName, IConfigStore config) + throws EBaseException + { + } + + public void shutdown() + { + } + + public String[] getRequiredCreds() + { + return null; + } + + /** + * Get configuration parameters for this implementation. + * The configuration parameters returned is passed to the + * configuration console so configuration for instances of this + * implementation can be made through the console. + * + * @param implName The authentication manager plugin name. + * @exception EBaseException If an internal error occurred + */ + public String[] getConfigParams() + throws EBaseException + { + return null; + } + + /** + * Get the configuration store for this authentication manager. + * @return The configuration store of this authentication manager. + */ + public IConfigStore getConfigStore() + { + return null; + } +} + diff --git a/pki/base/migrate/TxtTo73/src/compile.bat b/pki/base/migrate/TxtTo73/src/compile.bat new file mode 100755 index 00000000..db46fa01 --- /dev/null +++ b/pki/base/migrate/TxtTo73/src/compile.bat @@ -0,0 +1,152 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "TxtTo73/classes/Main.class", +REM "TxtTo73/classes/CMS73LdifParser.class", and +REM "TxtTo73/classes/DummyAuthManager.class" which are +REM used to create a CS 7.3 ldif data file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CS <server_root> used to compile TxtTo73 +REM + +REM SET SERVER_ROOT=C:\cs73 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CS +REM +REM CS 7.3 NOTE: "WINNT" - 1.4.2 +REM + +REM SET JDK_VERSION=CS_7.3 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CS="CS 7.3" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO %CS% ldif data classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile TxtTo73 - create "CMS73LdifParser.class", "DummyAuthManager.class", +REM and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/pki/base/migrate/TxtTo73/src/compile.sh b/pki/base/migrate/TxtTo73/src/compile.sh new file mode 100755 index 00000000..05d512a5 --- /dev/null +++ b/pki/base/migrate/TxtTo73/src/compile.sh @@ -0,0 +1,141 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "TxtTo73/classes/Main.class", ### +### "TxtTo73/classes/CMS73LdifParser.class", and ### +### "TxtTo73/classes/DummyAuthManager.class" which are ### +### used to create a CS 7.3 ldif data file. ### +### ### +##################################################################### + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +JDK_PLATFORM=Linux +export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CS +### +### CS 7.3 NOTE: "Linux" - 1.5.0 (IBM) +### "SunOS" - 1.5.0 +### + +JDK_VERSION=PKI_7.3.0 +export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CS="CS 7.3" +export CS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " ${CS} ldif data classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=/usr/lib:/usr/lib/dirsec:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=/usr/lib:/usr/lib/dirsec:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=/usr/lib:/usr/lib/dirsec:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile TxtTo70 - create "CMS73LdifParser.class", "DummyAuthManager.class", +### and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:/usr/share/java/rhpki/nsutil.jar:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/lib/java/dirsec/jss4.jar Main.java + |