ldif_record = null;
// Variables: Logging
private static boolean mDebug = false; // set 'true' for debug messages
private static PrintWriter logger = null;
private static String current_date_and_time = null;
// Variables: PKCS #11 Information
private static CryptoToken mSourceToken = null;
private static X509Certificate mUnwrapCert = null;
private static PrivateKey mUnwrapPrivateKey = null;
private static PublicKey mWrapPublicKey = null;
private static int mPublicKeySize = 0;
// Variables: DRM LDIF Record Messages
private static String mSourcePKISecurityDatabasePwdfileMessage = null;
private static String mDrmNamingContextMessage = null;
private static String mProcessRequestsAndKeyRecordsOnlyMessage = null;
/********************/
/* Calendar Methods */
/********************/
/**
* This method is used to get the current date and time.
*
*
* @param pattern string containing desired format of date and time
* @return a formatted string containing the current date and time
*/
private static String now( String pattern ) {
Calendar cal = Calendar.getInstance();
SimpleDateFormat sdf = new SimpleDateFormat( pattern );
return sdf.format( cal.getTime() );
}
/*****************/
/* Usage Methods */
/*****************/
/**
* This method prints out the proper command-line usage required to
* execute DRMTool.
*/
private static void printUsage() {
System.out.println( "Usage: "
+ DRM_TOOL
+ NEWLINE
+ " "
+ DRMTOOL_CFG_FILE
+ NEWLINE
+ " "
+ DRMTOOL_CFG_DESCRIPTION
+ NEWLINE
+ " "
+ SOURCE_LDIF_FILE
+ NEWLINE
+ " "
+ SOURCE_LDIF_DESCRIPTION
+ NEWLINE
+ " "
+ TARGET_LDIF_FILE
+ NEWLINE
+ " "
+ TARGET_LDIF_DESCRIPTION
+ NEWLINE
+ " "
+ LOG_FILE
+ NEWLINE
+ " "
+ LOG_DESCRIPTION
+ NEWLINE
+ " "
+ "["
+ SOURCE_NSS_DB_PATH
+ NEWLINE
+ " "
+ SOURCE_NSS_DB_DESCRIPTION
+ "]"
+ NEWLINE
+ " "
+ "["
+ SOURCE_STORAGE_TOKEN_NAME
+ NEWLINE
+ " "
+ SOURCE_STORAGE_TOKEN_DESCRIPTION
+ "]"
+ NEWLINE
+ " "
+ "["
+ SOURCE_STORAGE_CERT_NICKNAME
+ NEWLINE
+ " "
+ SOURCE_STORAGE_CERT_NICKNAME_DESCRIPTION
+ "]"
+ NEWLINE
+ " "
+ "["
+ TARGET_STORAGE_CERTIFICATE_FILE
+ NEWLINE
+ " "
+ TARGET_STORAGE_CERTIFICATE_DESCRIPTION
+ "]"
+ NEWLINE
+ " "
+ "["
+ SOURCE_NSS_DB_PWDFILE
+ NEWLINE
+ " "
+ SOURCE_NSS_DB_PWDFILE_DESCRIPTION
+ "]"
+ NEWLINE
+ " "
+ "["
+ APPEND_ID_OFFSET
+ NEWLINE
+ " "
+ APPEND_ID_OFFSET_DESCRIPTION
+ "]"
+ NEWLINE
+ " "
+ "["
+ REMOVE_ID_OFFSET
+ NEWLINE
+ " "
+ REMOVE_ID_OFFSET_DESCRIPTION
+ "]"
+ NEWLINE
+ " "
+ "["
+ SOURCE_DRM_NAMING_CONTEXT
+ NEWLINE
+ " "
+ SOURCE_DRM_NAMING_CONTEXT_DESCRIPTION
+ "]"
+ NEWLINE
+ " "
+ "["
+ TARGET_DRM_NAMING_CONTEXT
+ NEWLINE
+ " "
+ TARGET_DRM_NAMING_CONTEXT_DESCRIPTION
+ "]"
+ NEWLINE
+ " "
+ "["
+ PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY
+ "]"
+ NEWLINE );
System.out.println( "Example of 'Rewrap and Append ID Offset':"
+ NEWLINE
+ NEWLINE
+ " "
+ DRM_TOOL
+ NEWLINE
+ " "
+ DRMTOOL_CFG_FILE_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_LDIF_FILE_EXAMPLE
+ NEWLINE
+ " "
+ TARGET_LDIF_FILE_EXAMPLE
+ NEWLINE
+ " "
+ LOG_FILE_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_NSS_DB_PATH_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_STORAGE_TOKEN_NAME_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_STORAGE_CERT_NICKNAME_EXAMPLE
+ NEWLINE
+ " "
+ TARGET_STORAGE_CERTIFICATE_FILE_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_NSS_DB_PWDFILE_EXAMPLE
+ NEWLINE
+ " "
+ APPEND_ID_OFFSET_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_DRM_NAMING_CONTEXT_EXAMPLE
+ NEWLINE
+ " "
+ TARGET_DRM_NAMING_CONTEXT_EXAMPLE
+ NEWLINE
+ " "
+ PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY
+ NEWLINE );
System.out.println( "Example of 'Rewrap and Remove ID Offset':"
+ NEWLINE
+ NEWLINE
+ " "
+ DRM_TOOL
+ NEWLINE
+ " "
+ DRMTOOL_CFG_FILE_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_LDIF_FILE_EXAMPLE
+ NEWLINE
+ " "
+ TARGET_LDIF_FILE_EXAMPLE
+ NEWLINE
+ " "
+ LOG_FILE_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_NSS_DB_PATH_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_STORAGE_TOKEN_NAME_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_STORAGE_CERT_NICKNAME_EXAMPLE
+ NEWLINE
+ " "
+ TARGET_STORAGE_CERTIFICATE_FILE_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_NSS_DB_PWDFILE_EXAMPLE
+ NEWLINE
+ " "
+ REMOVE_ID_OFFSET_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_DRM_NAMING_CONTEXT_EXAMPLE
+ NEWLINE
+ " "
+ TARGET_DRM_NAMING_CONTEXT_EXAMPLE
+ NEWLINE
+ " "
+ PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY
+ NEWLINE );
System.out.println( "Example of 'Rewrap':"
+ NEWLINE
+ NEWLINE
+ " "
+ DRM_TOOL
+ NEWLINE
+ " "
+ DRMTOOL_CFG_FILE_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_LDIF_FILE_EXAMPLE
+ NEWLINE
+ " "
+ TARGET_LDIF_FILE_EXAMPLE
+ NEWLINE
+ " "
+ LOG_FILE_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_NSS_DB_PATH_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_STORAGE_TOKEN_NAME_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_STORAGE_CERT_NICKNAME_EXAMPLE
+ NEWLINE
+ " "
+ TARGET_STORAGE_CERTIFICATE_FILE_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_NSS_DB_PWDFILE_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_DRM_NAMING_CONTEXT_EXAMPLE
+ NEWLINE
+ " "
+ TARGET_DRM_NAMING_CONTEXT_EXAMPLE
+ NEWLINE
+ " "
+ PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY
+ NEWLINE );
System.out.println( "Example of 'Append ID Offset':"
+ NEWLINE
+ NEWLINE
+ " "
+ DRM_TOOL
+ NEWLINE
+ " "
+ DRMTOOL_CFG_FILE_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_LDIF_FILE_EXAMPLE
+ NEWLINE
+ " "
+ TARGET_LDIF_FILE_EXAMPLE
+ NEWLINE
+ " "
+ LOG_FILE_EXAMPLE
+ NEWLINE
+ " "
+ APPEND_ID_OFFSET_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_DRM_NAMING_CONTEXT_EXAMPLE
+ NEWLINE
+ " "
+ TARGET_DRM_NAMING_CONTEXT_EXAMPLE
+ NEWLINE
+ " "
+ PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY
+ NEWLINE );
System.out.println( "Example of 'Remove ID Offset':"
+ NEWLINE
+ NEWLINE
+ " "
+ DRM_TOOL
+ NEWLINE
+ " "
+ DRMTOOL_CFG_FILE_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_LDIF_FILE_EXAMPLE
+ NEWLINE
+ " "
+ TARGET_LDIF_FILE_EXAMPLE
+ NEWLINE
+ " "
+ LOG_FILE_EXAMPLE
+ NEWLINE
+ " "
+ REMOVE_ID_OFFSET_EXAMPLE
+ NEWLINE
+ " "
+ SOURCE_DRM_NAMING_CONTEXT_EXAMPLE
+ NEWLINE
+ " "
+ TARGET_DRM_NAMING_CONTEXT_EXAMPLE
+ NEWLINE
+ " "
+ PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY
+ NEWLINE );
}
/*******************/
/* Logging Methods */
/*******************/
/**
* This method opens a new log file for writing.
*
*
* @param logfile string containing the name of the log file to be opened
*/
private static void open_log( String logfile ) {
try {
logger = new PrintWriter(
new BufferedWriter(
new FileWriter( logfile ) ) );
} catch( IOException eFile ) {
System.err.println( "ERROR: Unable to open file '"
+ logfile
+ "' for writing: '"
+ eFile.toString()
+ "'"
+ NEWLINE );
System.exit( 0 );
}
}
/**
* This method closes the specified log file.
*
*
* @param logfile string containing the name of the log file to be closed
*/
private static void close_log( String logfile ) {
logger.close();
}
/**
* This method writes the specified message to the log file, and also
* to 'stderr' if the boolean flag is set to 'true'.
*
*
* @param msg string containing the message to be written to the log file
* @param stderr boolean which also writes the message to 'stderr' if 'true'
*/
private static void log( String msg, boolean stderr ) {
current_date_and_time = now( LOGGING_DATE_PATTERN );
if( stderr ) {
System.err.println( msg );
}
logger.write( "["
+ current_date_and_time
+ "]: "
+ msg );
logger.flush();
}
/*********************************************/
/* PKCS #11: Rewrap RSA Storage Key Methods */
/*********************************************/
/**
* Helper method to determine if two arrays contain the same values.
*
* This method is based upon code from 'com.netscape.kra.StorageKeyUnit'.
*
*
* @param bytes first array of bytes
* @param ints second array of bytes
* @return true if the two arrays are identical
*/
private static boolean arraysEqual( byte[] bytes, byte[] ints ) {
if( bytes == null || ints == null ) {
return false;
}
if( bytes.length != ints.length ) {
return false;
}
for( int i = 0; i < bytes.length; i++ ) {
if( bytes[i] != ints[i] ) {
return false;
}
}
return true;
}
/**
* This method is used to obtain the private RSA storage key from
* the "source" DRM instance's security databases.
*
* This method is based upon code from 'com.netscape.kra.StorageKeyUnit'.
*
*
* @return the private RSA storage key from the "source" DRM
*/
private static PrivateKey getPrivateKey() {
try {
PrivateKey pk[] = mSourceToken.getCryptoStore().getPrivateKeys();
for( int i = 0; i < pk.length; i++ ) {
if( arraysEqual( pk[i].getUniqueID(),
( ( TokenCertificate )
mUnwrapCert ).getUniqueID() ) ) {
return pk[i];
}
}
} catch( TokenException exToken ) {
log( "ERROR: Getting private key - "
+ "TokenException: '"
+ exToken.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
}
return null;
}
/**
* This method gets the public key from the certificate stored
* in the "target" DRM storage certificate file. It also obtains
* the keysize of this RSA key.
*
* This method is based upon code from
* 'com.netscape.cmstools.PrettyPrintCert'.
*
*
* @return the public RSA storage key from the "target" DRM
*/
private static PublicKey getPublicKey() {
BufferedReader inputCert = null;
String encodedBASE64CertChunk = new String();
String encodedBASE64Cert = new String();
byte decodedBASE64Cert[] = null;
X509CertImpl cert = null;
PublicKey key = null;
RSAPublicKey rsakey = null;
// Create a DataInputStream() object to the BASE 64
// encoded certificate contained within the file
// specified on the command line
try {
inputCert = new BufferedReader(
new InputStreamReader(
new BufferedInputStream(
new FileInputStream(
mTargetStorageCertificateFilename
) ) ) );
} catch( FileNotFoundException exWrapFileNotFound ) {
log( "ERROR: No target storage "
+ "certificate file named '"
+ mTargetStorageCertificateFilename
+ "' exists! FileNotFoundException: '"
+ exWrapFileNotFound.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
}
// Read the entire contents of the specified BASE 64 encoded
// certificate into a String() object throwing away any
// headers beginning with HEADER and any trailers beginning
// with TRAILER
try {
while( ( encodedBASE64CertChunk = inputCert.readLine() ) != null ) {
if( !( encodedBASE64CertChunk.startsWith( HEADER ) ) &&
!( encodedBASE64CertChunk.startsWith( TRAILER ) ) ) {
encodedBASE64Cert += encodedBASE64CertChunk.trim();
}
}
} catch( IOException exWrapReadLineIO ) {
log( "ERROR: Unexpected BASE64 "
+ "encoded error encountered while reading '"
+ mTargetStorageCertificateFilename
+ "'! IOException: '"
+ exWrapReadLineIO.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
}
// Close the DataInputStream() object
try {
inputCert.close();
} catch( IOException exWrapCloseIO ) {
log( "ERROR: Unexpected BASE64 "
+ "encoded error encountered in closing '"
+ mTargetStorageCertificateFilename
+ "'! IOException: '"
+ exWrapCloseIO.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
}
// Decode the ASCII BASE 64 certificate enclosed in the
// String() object into a BINARY BASE 64 byte[] object
decodedBASE64Cert = com.netscape.osutil.OSUtil.AtoB(
encodedBASE64Cert );
// Create an X509CertImpl() object from
// the BINARY BASE 64 byte[] object
try {
cert = new X509CertImpl( decodedBASE64Cert );
} catch( CertificateException exWrapCertificate ) {
log( "ERROR: Error encountered "
+ "in parsing certificate in '"
+ mTargetStorageCertificateFilename
+ "' CertificateException: '"
+ exWrapCertificate.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
}
// Extract the Public Key
key = cert.getPublicKey();
if( key == null ) {
log( "ERROR: Unable to extract public key "
+ "from certificate that was stored in '"
+ mTargetStorageCertificateFilename
+ "'."
+ NEWLINE, true );
System.exit( 0 );
}
// Convert this X.509 public key --> RSA public key
try {
rsakey = new RSAPublicKey( key.getEncoded() );
} catch( InvalidKeyException exInvalidKey ) {
log( "ERROR: Converting X.509 public key --> RSA public key - "
+ "InvalidKeyException: '"
+ exInvalidKey.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
}
// Obtain the Public Key's keysize
mPublicKeySize = rsakey.getKeySize();
return key;
}
/**
* This method is used to obtain the private RSA storage key
* from the "source" DRM instance's security databases and
* the public RSA storage key from the certificate stored in
* the "target" DRM storage certificate file.
*
*
* @return true if successfully able to obtain both keys
*/
private static boolean obtain_RSA_rewrapping_keys() {
CryptoManager cm = null;
// Initialize the source security databases
try {
log( "Initializing source PKI security databases in '"
+ mSourcePKISecurityDatabasePath + "'."
+ NEWLINE, true );
CryptoManager.initialize( mSourcePKISecurityDatabasePath );
} catch( KeyDatabaseException exKey ) {
log( "ERROR: source_pki_security_database_path='"
+ mSourcePKISecurityDatabasePath
+ "' KeyDatabaseException: '"
+ exKey.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( CertDatabaseException exCert ) {
log( "ERROR: source_pki_security_database_path='"
+ mSourcePKISecurityDatabasePath
+ "' CertDatabaseException: '"
+ exCert.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( AlreadyInitializedException exAlreadyInitialized ) {
log( "ERROR: source_pki_security_database_path='"
+ mSourcePKISecurityDatabasePath
+ "' AlreadyInitializedException: '"
+ exAlreadyInitialized.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( GeneralSecurityException exSecurity ) {
log( "ERROR: source_pki_security_database_path='"
+ mSourcePKISecurityDatabasePath
+ "' GeneralSecurityException: '"
+ exSecurity.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
}
// Retrieve the source storage token by its name
try {
log( "Retrieving token from CryptoManager."
+ NEWLINE, true );
cm = CryptoManager.getInstance();
log( "Retrieving source storage token called '"
+ mSourceStorageTokenName
+ "'."
+ NEWLINE, true );
if( mSourceStorageTokenName.equals( INTERNAL_TOKEN ) ) {
mSourceToken = cm.getInternalKeyStorageToken();
} else {
mSourceToken = cm.getTokenByName( mSourceStorageTokenName );
}
if( mSourceToken == null ) {
return FAILURE;
}
if( mPwdfileFlag ) {
BufferedReader in = null;
String pwd = null;
Password mPwd = null;
try {
in = new BufferedReader(
new FileReader(
mSourcePKISecurityDatabasePwdfile ) );
pwd = in.readLine();
mPwd = new Password( pwd.toCharArray() );
mSourceToken.login( mPwd );
} catch( Exception exReadPwd ) {
log( "ERROR: Failed to read the keydb password from "
+ "the file '"
+ mSourcePKISecurityDatabasePwdfile
+ "'. Exception: '"
+ exReadPwd.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
}
}
} catch( Exception exUninitialized ) {
log( "ERROR: Uninitialized CryptoManager - '"
+ exUninitialized.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
}
// Retrieve the source storage cert by its nickname
try {
if( mSourceStorageTokenName.equals( INTERNAL_TOKEN ) ) {
log( "Retrieving source storage cert with nickname of '"
+ mSourceStorageCertNickname
+ "'."
+ NEWLINE, true );
mUnwrapCert = cm.findCertByNickname( mSourceStorageCertNickname
);
} else {
log( "Retrieving source storage cert with nickname of '"
+ mSourceStorageTokenName
+ ":"
+ mSourceStorageCertNickname
+ "'. "
+ NEWLINE, true );
mUnwrapCert = cm.findCertByNickname( mSourceStorageTokenName
+ ":"
+ mSourceStorageCertNickname
);
}
if( mUnwrapCert == null ) {
return FAILURE;
}
} catch( ObjectNotFoundException exUnwrapObjectNotFound ) {
if( mSourceStorageTokenName.equals( INTERNAL_TOKEN ) ) {
log( "ERROR: No internal "
+ "source storage cert named '"
+ mSourceStorageCertNickname
+ "' exists! ObjectNotFoundException: '"
+ exUnwrapObjectNotFound.toString()
+ "'"
+ NEWLINE, true );
} else {
log( "ERROR: No "
+ "source storage cert named '"
+ mSourceStorageTokenName
+ ":"
+ mSourceStorageCertNickname
+ "' exists! ObjectNotFoundException: '"
+ exUnwrapObjectNotFound
+ "'"
+ NEWLINE, true );
}
System.exit( 0 );
} catch( TokenException exUnwrapToken ) {
if( mSourceStorageTokenName.equals( INTERNAL_TOKEN ) ) {
log( "ERROR: No internal "
+ "source storage cert named '"
+ mSourceStorageCertNickname
+ "' exists! TokenException: '"
+ exUnwrapToken.toString()
+ "'"
+ NEWLINE, true );
} else {
log( "ERROR: No "
+ "source storage cert named '"
+ mSourceStorageTokenName
+ ":"
+ mSourceStorageCertNickname
+ "' exists! TokenException: '"
+ exUnwrapToken
+ "'"
+ NEWLINE, true );
}
System.exit( 0 );
}
// Extract the private key from the source storage token
log( "BEGIN: Obtaining the private key from "
+ "the source storage token . . ."
+ NEWLINE, true );
mUnwrapPrivateKey = getPrivateKey();
if( mUnwrapPrivateKey == null ) {
log( "ERROR: Failed extracting "
+ "private key from the source storage token."
+ NEWLINE, true );
System.exit( 0 );
}
log( "FINISHED: Obtaining the private key from "
+ "the source storage token."
+ NEWLINE, true );
// Extract the public key from the target storage certificate
try {
log( "BEGIN: Obtaining the public key from "
+ "the target storage certificate . . ."
+ NEWLINE, true );
mWrapPublicKey = ( PublicKey )
( PK11PubKey.fromSPKI(
getPublicKey().getEncoded() ) );
if( mWrapPublicKey == null ) {
log( "ERROR: Failed extracting "
+ "public key from target storage certificate stored in '"
+ mTargetStorageCertificateFilename
+ "'"
+ NEWLINE, true );
System.exit( 0 );
}
log( "FINISHED: Obtaining the public key from "
+ "the target storage certificate."
+ NEWLINE, true );
} catch( InvalidKeyFormatException exInvalidPublicKey ) {
log( "ERROR: Failed extracting "
+ "public key from target storage certificate stored in '"
+ mTargetStorageCertificateFilename
+ "' InvalidKeyFormatException '"
+ exInvalidPublicKey.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
}
return SUCCESS;
}
/**
* This method basically rewraps the "wrappedKeyData" by implementiing
* "mStorageUnit.decryptInternalPrivate( byte wrappedKeyData[] )" and
* "mStorageUnit.encryptInternalPrivate( byte priKey[] )", where
* "wrappedKeyData" uses the following structure:
*
* SEQUENCE {
* encryptedSession OCTET STRING,
* encryptedPrivate OCTET STRING
* }
*
* This method is based upon code from
* 'com.netscape.kra.EncryptionUnit'.
*
*
* @return a byte[] containing the rewrappedKeyData
*/
private static byte[] rewrap_wrapped_key_data( byte[] wrappedKeyData )
throws Exception {
DerValue val = null;
DerInputStream in = null;
DerValue dSession = null;
byte source_session[] = null;
DerValue dPri = null;
byte pri[] = null;
KeyWrapper source_rsaWrap = null;
SymmetricKey sk = null;
KeyWrapper target_rsaWrap = null;
byte target_session[] = null;
DerOutputStream tmp = null;
DerOutputStream out = null;
byte[] rewrappedKeyData = null;
// public byte[]
// mStorageUnit.decryptInternalPrivate( byte wrappedKeyData[] );
// throws EBaseException
try {
val = new DerValue( wrappedKeyData );
in = val.data;
dSession = in.getDerValue();
source_session = dSession.getOctetString();
dPri = in.getDerValue();
pri = dPri.getOctetString();
source_rsaWrap = mSourceToken.getKeyWrapper(
KeyWrapAlgorithm.RSA );
source_rsaWrap.initUnwrap( mUnwrapPrivateKey, null );
sk = source_rsaWrap.unwrapSymmetric( source_session,
SymmetricKey.DES3,
SymmetricKey.Usage.DECRYPT,
0 );
if( mDebug ) {
log( "DEBUG: sk = '"
+ com.netscape.osutil.OSUtil.BtoA( sk.getEncoded() )
+ "' length = '"
+ sk.getEncoded().length
+ "'"
+ NEWLINE, false );
log( "DEBUG: pri = '"
+ com.netscape.osutil.OSUtil.BtoA( pri )
+ "' length = '"
+ pri.length
+ "'"
+ NEWLINE, false );
}
} catch( IOException exUnwrapIO ) {
log( "ERROR: Unwrapping key data - "
+ "IOException: '"
+ exUnwrapIO.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( NoSuchAlgorithmException exUnwrapAlgorithm ) {
log( "ERROR: Unwrapping key data - "
+ "NoSuchAlgorithmException: '"
+ exUnwrapAlgorithm.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( TokenException exUnwrapToken ) {
log( "ERROR: Unwrapping key data - "
+ "TokenException: '"
+ exUnwrapToken.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( InvalidKeyException exUnwrapInvalidKey ) {
log( "ERROR: Unwrapping key data - "
+ "InvalidKeyException: '"
+ exUnwrapInvalidKey.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( InvalidAlgorithmParameterException exUnwrapInvalidAlgorithm ) {
log( "ERROR: Unwrapping key data - "
+ "InvalidAlgorithmParameterException: '"
+ exUnwrapInvalidAlgorithm.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( IllegalStateException exUnwrapState ) {
log( "ERROR: Unwrapping key data - "
+ "InvalidStateException: '"
+ exUnwrapState.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
}
// public byte[]
// mStorageUnit.encryptInternalPrivate( byte priKey[] )
// throws EBaseException
try {
// Use "mSourceToken" to get "KeyWrapAlgorithm.RSA"
target_rsaWrap = mSourceToken.getKeyWrapper(
KeyWrapAlgorithm.RSA );
target_rsaWrap.initWrap( mWrapPublicKey, null );
target_session = target_rsaWrap.wrap( sk );
tmp = new DerOutputStream();
out = new DerOutputStream();
tmp.putOctetString( target_session );
tmp.putOctetString( pri );
out.write( DerValue.tag_Sequence, tmp );
rewrappedKeyData = out.toByteArray();
} catch( NoSuchAlgorithmException exWrapAlgorithm ) {
log( "ERROR: Wrapping key data - "
+ "NoSuchAlgorithmException: '"
+ exWrapAlgorithm.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( TokenException exWrapToken ) {
log( "ERROR: Wrapping key data - "
+ "TokenException: '"
+ exWrapToken.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( InvalidKeyException exWrapInvalidKey ) {
log( "ERROR: Wrapping key data - "
+ "InvalidKeyException: '"
+ exWrapInvalidKey.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( InvalidAlgorithmParameterException exWrapInvalidAlgorithm ) {
log( "ERROR: Wrapping key data - "
+ "InvalidAlgorithmParameterException: '"
+ exWrapInvalidAlgorithm.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( IllegalStateException exWrapState ) {
log( "ERROR: Wrapping key data - "
+ "InvalidStateException: '"
+ exWrapState.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( IOException exWrapIO ) {
log( "ERROR: Wrapping key data - "
+ "IOException: '"
+ exWrapIO.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
}
return rewrappedKeyData;
}
/**
* Helper method used to remove all EOLs ('\n' and '\r')
* from the passed in string.
*
*
* @param data consisting of a string containing EOLs
* @return a string consisting of a string with no EOLs
*/
private static String stripEOL( String data ) {
StringBuffer buffer = new StringBuffer();
String revised_data = null;
for( int i = 0; i < data.length(); i++ ) {
if( ( data.charAt(i) != '\n' ) &&
( data.charAt(i) != '\r' ) ) {
buffer.append( data.charAt( i ) );
}
}
revised_data = buffer.toString();
return revised_data;
}
/**
* Helper method used to format a string containing unformatted data
* into a string containing formatted data suitable as an entry for
* an LDIF file.
*
*
* @param length the length of the first line of data
* @param data a string containing unformatted data
* @return formatted data consisting of data formatted for an LDIF record
* suitable for an LDIF file
*/
private static String format_ldif_data( int length, String data ) {
String revised_data = "";
if( data.length() > length ) {
// process first line
for( int i = 0; i < length; i++ ) {
revised_data += data.charAt( i );
}
// terminate first line
revised_data += '\n';
// process remaining lines
int j = 0;
for( int i = length; i < data.length(); i++ ) {
if( j == 0 ) {
revised_data += ' ';
}
revised_data += data.charAt( i );
j++;
if( j == 76 ) {
revised_data += '\n';
j = 0;
}
}
}
return revised_data.replaceAll( "\\s+$", "" );
}
/*********************/
/* ID Offset Methods */
/*********************/
/**
* Helper method which converts an "indexed" BigInteger into
* its String representation.
*
*
*
* NOTE: Indexed data means that the numeric data
* is stored with a prepended length
* (e. g. - record '73' is stored as '0273').
*
* Indexed data is currently limited to '99' digits
* (an index of '00' is invalid). See
* 'com.netscape.cmscore.dbs.BigIntegerMapper.java'
* for details.
*
*
*
* This method is based upon code from
* 'com.netscape.cmscore.dbs.BigIntegerMapper'.
*
*
* @param i an "indexed " BigInteger
* @return the string representation of the "indexed" BigInteger
*/
private static String BigIntegerToDB( BigInteger i ) {
int len = i.toString().length();
String ret = null;
if( len < 10 ) {
ret = "0" + Integer.toString( len ) + i.toString();
} else {
ret = Integer.toString( len ) + i.toString();
}
return ret;
}
/**
* Helper method which converts the string representation of an
* "indexed" integer into a BigInteger.
*
*
* NOTE: Indexed data means that the numeric data
* is stored with a prepended length
* (e. g. - record '73' is stored as '0273').
*
* Indexed data is currently limited to '99' digits
* (an index of '00' is invalid). See
* 'com.netscape.cmscore.dbs.BigIntegerMapper.java'
* for details.
*
*
* This method is based upon code from
* 'com.netscape.cmscore.dbs.BigIntegerMapper'.
*
*
* @param i the string representation of the "indexed" integer
* @return an "indexed " BigInteger
*/
private static BigInteger BigIntegerFromDB( String i ) {
String s = i.substring( 2 );
// possibly check length
return new BigInteger( s );
}
/**
* This method accepts an "attribute", its "delimiter", a string
* representation of numeric data, and a flag indicating whether
* or not the string representation is "indexed".
*
* An "attribute" consists of one of the following values:
*
*
* DRM_LDIF_CN = "cn:";
* DRM_LDIF_DN_EMBEDDED_CN_DATA = "dn: cn";
* DRM_LDIF_EXTDATA_KEY_RECORD = "extdata-keyrecord:";
* DRM_LDIF_EXTDATA_REQUEST_ID = "extdata-requestid:";
* DRM_LDIF_EXTDATA_SERIAL_NUMBER = "extdata-serialnumber:";
* DRM_LDIF_REQUEST_ID = "requestId:";
* DRM_LDIF_SERIAL_NO = "serialno:";
*
*
* NOTE: Indexed data means that the numeric data
* is stored with a prepended length
* (e. g. - record '73' is stored as '0273').
*
* Indexed data is currently limited to '99' digits
* (an index of '00' is invalid). See
* 'com.netscape.cmscore.dbs.BigIntegerMapper.java'
* for details.
*
*
*
*
* @param attribute the string representation of the "name"
* @param delimiter the separator between the attribute and its contents
* @param source_line the string containing the "name" and "value"
* @param indexed boolean flag indicating if the "value" is "indexed"
* @return a revised line containing the "name" and "value" with the
* specified ID offset applied as a "mask" to the "value"
*/
private static String compose_numeric_line( String attribute,
String delimiter,
String source_line,
boolean indexed ) {
String target_line = null;
String data = null;
String revised_data = null;
BigInteger value = null;
// Since both "-append_id_offset" and "-remove_id_offset" are OPTIONAL
// parameters, first check to see if either has been selected
if( !mAppendIdOffsetFlag &&
!mRemoveIdOffsetFlag ) {
return source_line;
}
try {
// extract the data
data = source_line.substring( attribute.length() + 1 ).trim();
// skip values which are non-numeric
if( !data.matches( "[0-9]++" ) ) {
// set the target_line to the unchanged source_line
target_line = source_line;
// log this information
log( "Skipped changing non-numeric line '"
+ source_line
+ "'."
+ NEWLINE, false );
} else {
// if indexed, first strip the index from the data
if( indexed ) {
// NOTE: Indexed data means that the numeric data
// is stored with a prepended length
// (e. g. - record '73' is stored as '0273').
//
// Indexed data is currently limited to '99' digits
// (an index of '00' is invalid). See
// 'com.netscape.cmscore.dbs.BigIntegerMapper.java'
// for details.
value = BigIntegerFromDB( data );
} else {
value = new BigInteger( data );
}
// compare the specified target ID offset
// with the actual value of the attribute
if( mAppendIdOffsetFlag ) {
if( mAppendIdOffset.compareTo( value ) == 1 ) {
// add the target ID offset to this value
if( indexed ) {
revised_data = BigIntegerToDB(
value.add( mAppendIdOffset )
).toString();
} else {
revised_data = value.add(
mAppendIdOffset ).toString();
}
} else {
log( "ERROR: attribute='"
+ attribute
+ "' is greater than the specified "
+ "append_id_offset='"
+ mAppendIdOffset.toString()
+ "'!"
+ NEWLINE, true );
System.exit( 0 );
}
} else if( mRemoveIdOffsetFlag ) {
if( mRemoveIdOffset.compareTo( value ) <= 0 ) {
// subtract the target ID offset to this value
if( indexed ) {
revised_data = BigIntegerToDB(
value.subtract( mRemoveIdOffset )
).toString();
} else {
revised_data = value.subtract( mRemoveIdOffset
).toString();
}
} else {
log( "ERROR: attribute='"
+ attribute
+ "' is less than the specified "
+ "remove_id_offset='"
+ mRemoveIdOffset.toString()
+ "'!"
+ NEWLINE, true );
System.exit( 0 );
}
}
// set the target_line to the revised data
target_line = attribute + delimiter + revised_data;
// log this information
log( "Changed numeric data '"
+ data
+ "' to '"
+ revised_data
+ "'."
+ NEWLINE, false );
}
} catch( IndexOutOfBoundsException exBounds ) {
log( "ERROR: source_line='"
+ source_line
+ "' IndexOutOfBoundsException: '"
+ exBounds.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
} catch( PatternSyntaxException exPattern ) {
log( "ERROR: data='"
+ data
+ "' PatternSyntaxException: '"
+ exPattern.toString()
+ "'"
+ NEWLINE, true );
System.exit( 0 );
}
return target_line;
}
/***********************/
/* LDIF Parser Methods */
/***********************/
/**
* Helper method which composes the output line for DRM_LDIF_CN.
*
*
* @param record_type the string representation of the input record type
* @param line the string representation of the input line
* @return the composed output line
*/
private static String output_cn( String record_type,
String line ) {
String output = null;
if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_ENROLLMENT_CN ) ) {
output = compose_numeric_line( DRM_LDIF_CN,
SPACE,
line,
false );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_CA_KEY_RECORD ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_CA_KEY_RECORD_CN ) ) {
output = compose_numeric_line( DRM_LDIF_CN,
SPACE,
line,
false );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_CN ) ) {
output = compose_numeric_line( DRM_LDIF_CN,
SPACE,
line,
false );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_TPS_KEY_RECORD ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_TPS_KEY_RECORD_CN ) ) {
output = compose_numeric_line( DRM_LDIF_CN,
SPACE,
line,
false );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_CN ) ) {
output = compose_numeric_line( DRM_LDIF_CN,
SPACE,
line,
false );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_RECORD ) ) {
// Non-Request / Non-Key Record:
// Pass through the original
// 'cn' line UNCHANGED
// so that it is ALWAYS written
output = line;
} else {
log( "ERROR: Mismatched record field='"
+ DRM_LDIF_CN
+ "' for record type='"
+ record_type
+ "'!"
+ NEWLINE, true );
}
return output;
}
/**
* Helper method which composes the output line for DRM_LDIF_DATE_OF_MODIFY.
*
*
* @param record_type the string representation of the input record type
* @param line the string representation of the input line
* @return the composed output line
*/
private static String output_date_of_modify( String record_type,
String line ) {
String output = null;
if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_ENROLLMENT_DATE_OF_MODIFY ) ) {
output = DRM_LDIF_DATE_OF_MODIFY
+ SPACE
+ mDateOfModify;
log( "Changed '"
+ line
+ "' to '"
+ output
+ "'."
+ NEWLINE, false );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_CA_KEY_RECORD ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_CA_KEY_RECORD_DATE_OF_MODIFY ) ) {
output = DRM_LDIF_DATE_OF_MODIFY
+ SPACE
+ mDateOfModify;
log( "Changed '"
+ line
+ "' to '"
+ output
+ "'."
+ NEWLINE, false );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_DATE_OF_MODIFY ) ) {
output = DRM_LDIF_DATE_OF_MODIFY
+ SPACE
+ mDateOfModify;
log( "Changed '"
+ line
+ "' to '"
+ output
+ "'."
+ NEWLINE, false );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_TPS_KEY_RECORD ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_TPS_KEY_RECORD_DATE_OF_MODIFY ) ) {
output = DRM_LDIF_DATE_OF_MODIFY
+ SPACE
+ mDateOfModify;
log( "Changed '"
+ line
+ "' to '"
+ output
+ "'."
+ NEWLINE, false );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_DATE_OF_MODIFY ) ) {
output = DRM_LDIF_DATE_OF_MODIFY
+ SPACE
+ mDateOfModify;
log( "Changed '"
+ line
+ "' to '"
+ output
+ "'."
+ NEWLINE, false );
} else {
output = line;
}
} else {
log( "ERROR: Mismatched record field='"
+ DRM_LDIF_DATE_OF_MODIFY
+ "' for record type='"
+ record_type
+ "'!"
+ NEWLINE, true );
}
return output;
}
/**
* Helper method which composes the output line for DRM_LDIF_DN.
*
*
* @param record_type the string representation of the input record type
* @param line the string representation of the input line
* @return the composed output line
*/
private static String output_dn( String record_type,
String line ) {
String data = null;
String embedded_cn_data[] = null;
String embedded_cn_output = null;
String input = null;
String output = null;
try {
if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_ENROLLMENT_DN ) ) {
// First check for an embedded "cn="
// name-value pair
if( line.startsWith( DRM_LDIF_DN_EMBEDDED_CN_DATA ) ) {
// At this point, always extract
// the embedded "cn=" name-value pair
// which will ALWAYS be the first
// portion of the "dn: " attribute
embedded_cn_data = line.split( COMMA, 2 );
embedded_cn_output = compose_numeric_line(
DRM_LDIF_DN_EMBEDDED_CN_DATA,
EQUAL_SIGN,
embedded_cn_data[0],
false );
input = embedded_cn_output
+ COMMA
+ embedded_cn_data[1];
} else {
input = line;
}
// Since "-source_drm_naming_context", and
// "-target_drm_naming_context" are OPTIONAL
// parameters, ONLY process this portion of the field
// if both of these options have been selected
if( mDrmNamingContextsFlag ) {
output = input.replace( mSourceDrmNamingContext,
mTargetDrmNamingContext );
} else {
output = input;
}
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_CA_KEY_RECORD ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_CA_KEY_RECORD_DN ) ) {
// First check for an embedded "cn="
// name-value pair
if( line.startsWith( DRM_LDIF_DN_EMBEDDED_CN_DATA ) ) {
// At this point, always extract
// the embedded "cn=" name-value pair
// which will ALWAYS be the first
// portion of the "dn: " attribute
embedded_cn_data = line.split( COMMA, 2 );
embedded_cn_output = compose_numeric_line(
DRM_LDIF_DN_EMBEDDED_CN_DATA,
EQUAL_SIGN,
embedded_cn_data[0],
false );
input = embedded_cn_output
+ COMMA
+ embedded_cn_data[1];
} else {
input = line;
}
// Since "-source_drm_naming_context", and
// "-target_drm_naming_context" are OPTIONAL
// parameters, ONLY process this portion of the field
// if both of these options have been selected
if( mDrmNamingContextsFlag ) {
output = input.replace( mSourceDrmNamingContext,
mTargetDrmNamingContext );
} else {
output = input;
}
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_DN ) ) {
// First check for an embedded "cn="
// name-value pair
if( line.startsWith( DRM_LDIF_DN_EMBEDDED_CN_DATA ) ) {
// At this point, always extract
// the embedded "cn=" name-value pair
// which will ALWAYS be the first
// portion of the "dn: " attribute
embedded_cn_data = line.split( COMMA, 2 );
embedded_cn_output = compose_numeric_line(
DRM_LDIF_DN_EMBEDDED_CN_DATA,
EQUAL_SIGN,
embedded_cn_data[0],
false );
input = embedded_cn_output
+ COMMA
+ embedded_cn_data[1];
} else {
input = line;
}
// Since "-source_drm_naming_context", and
// "-target_drm_naming_context" are OPTIONAL
// parameters, ONLY process this portion of the field
// if both of these options have been selected
if( mDrmNamingContextsFlag ) {
output = input.replace( mSourceDrmNamingContext,
mTargetDrmNamingContext );
} else {
output = input;
}
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_TPS_KEY_RECORD ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_TPS_KEY_RECORD_DN ) ) {
// First check for an embedded "cn="
// name-value pair
if( line.startsWith( DRM_LDIF_DN_EMBEDDED_CN_DATA ) ) {
// At this point, always extract
// the embedded "cn=" name-value pair
// which will ALWAYS be the first
// portion of the "dn: " attribute
embedded_cn_data = line.split( COMMA, 2 );
embedded_cn_output = compose_numeric_line(
DRM_LDIF_DN_EMBEDDED_CN_DATA,
EQUAL_SIGN,
embedded_cn_data[0],
false );
input = embedded_cn_output
+ COMMA
+ embedded_cn_data[1];
} else {
input = line;
}
// Since "-source_drm_naming_context", and
// "-target_drm_naming_context" are OPTIONAL
// parameters, ONLY process this portion of the field
// if both of these options have been selected
if( mDrmNamingContextsFlag ) {
output = input.replace( mSourceDrmNamingContext,
mTargetDrmNamingContext );
} else {
output = input;
}
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_DN ) ) {
// First check for an embedded "cn="
// name-value pair
if( line.startsWith( DRM_LDIF_DN_EMBEDDED_CN_DATA ) ) {
// At this point, always extract
// the embedded "cn=" name-value pair
// which will ALWAYS be the first
// portion of the "dn: " attribute
embedded_cn_data = line.split( COMMA, 2 );
embedded_cn_output = compose_numeric_line(
DRM_LDIF_DN_EMBEDDED_CN_DATA,
EQUAL_SIGN,
embedded_cn_data[0],
false );
input = embedded_cn_output
+ COMMA
+ embedded_cn_data[1];
} else {
input = line;
}
// Since "-source_drm_naming_context", and
// "-target_drm_naming_context" are OPTIONAL
// parameters, ONLY process this portion of the field
// if both of these options have been selected
if( mDrmNamingContextsFlag ) {
output = input.replace( mSourceDrmNamingContext,
mTargetDrmNamingContext );
} else {
output = input;
}
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_RECORD ) ) {
// Non-Request / Non-Key Record:
// Pass through the original
// 'dn' line UNCHANGED
// so that it is ALWAYS written
output = line;
} else {
log( "ERROR: Mismatched record field='"
+ DRM_LDIF_DN
+ "' for record type='"
+ record_type
+ "'!"
+ NEWLINE, true );
}
} catch( PatternSyntaxException exDnEmbeddedCnNameValuePattern ) {
log( "ERROR: line='"
+ line
+ "' PatternSyntaxException: '"
+ exDnEmbeddedCnNameValuePattern.toString()
+ "'"
+ NEWLINE, true );
} catch( NullPointerException exNullPointerException ) {
log( "ERROR: Unable to replace source DRM naming context '"
+ mSourceDrmNamingContext
+ "' with target DRM naming context '"
+ mTargetDrmNamingContext
+ "' NullPointerException: '"
+ exNullPointerException.toString()
+ "'"
+ NEWLINE, true );
}
return output;
}
/**
* Helper method which composes the output line for
* DRM_LDIF_EXTDATA_KEY_RECORD.
*
*
* @param record_type the string representation of the input record type
* @param line the string representation of the input line
* @return the composed output line
*/
private static String output_extdata_key_record( String record_type,
String line ) {
String output = null;
if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_ENROLLMENT_EXTDATA_KEY_RECORD ) ) {
output = compose_numeric_line( DRM_LDIF_EXTDATA_KEY_RECORD,
SPACE,
line,
false );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_EXTDATA_KEY_RECORD ) ) {
output = compose_numeric_line( DRM_LDIF_EXTDATA_KEY_RECORD,
SPACE,
line,
false );
} else {
output = line;
}
} else {
log( "ERROR: Mismatched record field='"
+ DRM_LDIF_EXTDATA_KEY_RECORD
+ "' for record type='"
+ record_type
+ "'!"
+ NEWLINE, true );
}
return output;
}
/**
* Helper method which composes the output line for
* DRM_LDIF_EXTDATA_REQUEST_ID.
*
*
* @param record_type the string representation of the input record type
* @param line the string representation of the input line
* @return the composed output line
*/
private static String output_extdata_request_id( String record_type,
String line ) {
String output = null;
if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
// ALWAYS pass-through "extdata-requestId" for
// DRM_LDIF_ENROLLMENT records UNCHANGED because the
// value in this field is associated with the issuing CA!
output = line;
} else if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_EXTDATA_REQUEST_ID ) ) {
output = compose_numeric_line( DRM_LDIF_EXTDATA_REQUEST_ID,
SPACE,
line,
false );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_EXTDATA_REQUEST_ID ) ) {
output = compose_numeric_line( DRM_LDIF_EXTDATA_REQUEST_ID,
SPACE,
line,
false );
} else {
output = line;
}
} else {
log( "ERROR: Mismatched record field='"
+ DRM_LDIF_EXTDATA_REQUEST_ID
+ "' for record type='"
+ record_type
+ "'!"
+ NEWLINE, true );
}
return output;
}
/**
* Helper method which composes the output line for
* DRM_LDIF_EXTDATA_REQUEST_NOTES.
*
*
* @param record_type the string representation of the input record type
* @param line the string representation of the input line
* @return the composed output line
*/
private static String output_extdata_request_notes( String record_type,
String line ) {
String input = null;
String data = null;
String unformatted_data = null;
String output = null;
String next_line = null;
// extract the data
if( line.length() > DRM_LDIF_EXTDATA_REQUEST_NOTES.length() ) {
input = line.substring(
DRM_LDIF_EXTDATA_REQUEST_NOTES.length() + 1
).trim();
} else {
input = line.substring(
DRM_LDIF_EXTDATA_REQUEST_NOTES.length()
).trim();
}
while( ( line = ldif_record.next() ) != null ) {
if( line.startsWith( SPACE ) ) {
// Do NOT use "trim()";
// remove single leading space and
// trailing carriage returns and newlines ONLY!
input += line.replaceFirst(" ","").replace('\r','\0').replace('\n','\0');
} else {
next_line = line;
break;
}
}
if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
if(drmtoolCfg.get( DRMTOOL_CFG_ENROLLMENT_EXTDATA_REQUEST_NOTES )) {
// write out a revised 'extdata-requestnotes' line
if( mRewrapFlag && mAppendIdOffsetFlag ) {
data = input
+ SPACE
+ LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REWRAP_MESSAGE
+ mPublicKeySize
+ DRM_LDIF_RSA_MESSAGE
+ mSourcePKISecurityDatabasePwdfileMessage
+ SPACE
+ PLUS + SPACE
+ DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mAppendIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mRewrapFlag && mRemoveIdOffsetFlag ) {
data = input
+ SPACE
+ LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REWRAP_MESSAGE
+ mPublicKeySize
+ DRM_LDIF_RSA_MESSAGE
+ mSourcePKISecurityDatabasePwdfileMessage
+ SPACE
+ PLUS + SPACE
+ DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mRemoveIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mRewrapFlag ) {
data = input
+ SPACE
+ LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REWRAP_MESSAGE
+ mPublicKeySize
+ DRM_LDIF_RSA_MESSAGE
+ mSourcePKISecurityDatabasePwdfileMessage
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mAppendIdOffsetFlag ) {
data = input
+ SPACE
+ LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mAppendIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mRemoveIdOffsetFlag ) {
data = input
+ SPACE
+ LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mRemoveIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
}
// log this information
log( "Changed:"
+ NEWLINE
+ TIC
+ DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
input )
+ TIC
+ NEWLINE
+ "--->"
+ NEWLINE
+ TIC
+ output
+ TIC
+ NEWLINE, false );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_EXTDATA_REQUEST_NOTES ) ) {
// write out a revised 'extdata-requestnotes' line
if( mRewrapFlag && mAppendIdOffsetFlag ) {
data = input
+ SPACE
+ LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REWRAP_MESSAGE
+ mPublicKeySize
+ DRM_LDIF_RSA_MESSAGE
+ mSourcePKISecurityDatabasePwdfileMessage
+ SPACE
+ PLUS + SPACE
+ DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mAppendIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mRewrapFlag && mRemoveIdOffsetFlag ) {
data = input
+ SPACE
+ LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REWRAP_MESSAGE
+ mPublicKeySize
+ DRM_LDIF_RSA_MESSAGE
+ mSourcePKISecurityDatabasePwdfileMessage
+ SPACE
+ PLUS + SPACE
+ DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mRemoveIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mRewrapFlag ) {
data = input
+ SPACE
+ LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REWRAP_MESSAGE
+ mPublicKeySize
+ DRM_LDIF_RSA_MESSAGE
+ mSourcePKISecurityDatabasePwdfileMessage
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mAppendIdOffsetFlag ) {
data = input
+ SPACE
+ LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mAppendIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mRemoveIdOffsetFlag ) {
data = input
+ SPACE
+ LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mRemoveIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
}
// log this information
log( "Changed:"
+ NEWLINE
+ TIC
+ DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
input )
+ TIC
+ NEWLINE
+ "--->"
+ NEWLINE
+ TIC
+ output
+ TIC
+ NEWLINE, false );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_EXTDATA_REQUEST_NOTES ) ) {
// write out a revised 'extdata-requestnotes' line
if( mRewrapFlag && mAppendIdOffsetFlag ) {
data = input
+ SPACE
+ LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REWRAP_MESSAGE
+ mPublicKeySize
+ DRM_LDIF_RSA_MESSAGE
+ mSourcePKISecurityDatabasePwdfileMessage
+ SPACE
+ PLUS + SPACE
+ DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mAppendIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mRewrapFlag && mRemoveIdOffsetFlag ) {
data = input
+ SPACE
+ LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REWRAP_MESSAGE
+ mPublicKeySize
+ DRM_LDIF_RSA_MESSAGE
+ mSourcePKISecurityDatabasePwdfileMessage
+ SPACE
+ PLUS + SPACE
+ DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mRemoveIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mRewrapFlag ) {
data = input
+ SPACE
+ LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REWRAP_MESSAGE
+ mPublicKeySize
+ DRM_LDIF_RSA_MESSAGE
+ mSourcePKISecurityDatabasePwdfileMessage
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mAppendIdOffsetFlag ) {
data = input
+ SPACE
+ LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mAppendIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mRemoveIdOffsetFlag ) {
data = input
+ SPACE
+ LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mRemoveIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
}
// log this information
log( "Changed:"
+ NEWLINE
+ TIC
+ DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
input )
+ TIC
+ NEWLINE
+ "--->"
+ NEWLINE
+ TIC
+ output
+ TIC
+ NEWLINE, false );
} else {
output = line;
}
} else {
log( "ERROR: Mismatched record field='"
+ DRM_LDIF_EXTDATA_REQUEST_NOTES
+ "' for record type='"
+ record_type
+ "'!"
+ NEWLINE, true );
}
if( output != null ) {
output += NEWLINE + next_line;
}
return output;
}
/**
* Helper method which composes the output line for
* DRM_LDIF_EXTDATA_REQUEST_NOTES.
*
*
* @param record_type the string representation of the input record type
* @param previous_line the string representation of the previous input line
* @param writer the PrintWriter used to output this new LDIF line
* @return the composed output line
*/
private static void create_extdata_request_notes( String record_type,
String previous_line,
PrintWriter writer ) {
String data = null;
String unformatted_data = null;
String output = null;
if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_EXTDATA_REQUEST_NOTES ) ) {
if(!previous_line.startsWith( DRM_LDIF_EXTDATA_REQUEST_NOTES)) {
// write out the missing 'extdata-requestnotes' line
if( mRewrapFlag && mAppendIdOffsetFlag ) {
data = LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REWRAP_MESSAGE
+ mPublicKeySize
+ DRM_LDIF_RSA_MESSAGE
+ mSourcePKISecurityDatabasePwdfileMessage
+ SPACE
+ PLUS + SPACE
+ DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mAppendIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mRewrapFlag && mRemoveIdOffsetFlag ) {
data = LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REWRAP_MESSAGE
+ mPublicKeySize
+ DRM_LDIF_RSA_MESSAGE
+ mSourcePKISecurityDatabasePwdfileMessage
+ SPACE
+ PLUS + SPACE
+ DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mRemoveIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mRewrapFlag ) {
data = LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REWRAP_MESSAGE
+ mPublicKeySize
+ DRM_LDIF_RSA_MESSAGE
+ mSourcePKISecurityDatabasePwdfileMessage
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mAppendIdOffsetFlag ) {
data = LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mAppendIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mRemoveIdOffsetFlag ) {
data = LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mRemoveIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
}
// log this information
log( "Created:"
+ NEWLINE
+ TIC
+ output
+ TIC
+ NEWLINE, false );
// Write out this revised line
// and flush the buffer
writer.write( output + NEWLINE );
writer.flush();
System.out.print( "." );
}
}
} else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_EXTDATA_REQUEST_NOTES ) ) {
if(!previous_line.startsWith( DRM_LDIF_EXTDATA_REQUEST_NOTES)) {
// write out the missing 'extdata-requestnotes' line
if( mRewrapFlag && mAppendIdOffsetFlag ) {
data = LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REWRAP_MESSAGE
+ mPublicKeySize
+ DRM_LDIF_RSA_MESSAGE
+ mSourcePKISecurityDatabasePwdfileMessage
+ SPACE
+ PLUS + SPACE
+ DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mAppendIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mRewrapFlag && mRemoveIdOffsetFlag ) {
data = LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REWRAP_MESSAGE
+ mPublicKeySize
+ DRM_LDIF_RSA_MESSAGE
+ mSourcePKISecurityDatabasePwdfileMessage
+ SPACE
+ PLUS + SPACE
+ DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mRemoveIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mRewrapFlag ) {
data = LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REWRAP_MESSAGE
+ mPublicKeySize
+ DRM_LDIF_RSA_MESSAGE
+ mSourcePKISecurityDatabasePwdfileMessage
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mAppendIdOffsetFlag ) {
data = LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_APPENDED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mAppendIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
} else if( mRemoveIdOffsetFlag ) {
data = LEFT_BRACE
+ mDateOfModify
+ RIGHT_BRACE
+ COLON + SPACE
+ DRM_LDIF_REMOVED_ID_OFFSET_MESSAGE
+ SPACE
+ TIC
+ mRemoveIdOffset.toString()
+ TIC
+ mDrmNamingContextMessage
+ mProcessRequestsAndKeyRecordsOnlyMessage;
// Unformat the data
unformatted_data = stripEOL( data );
// Format the unformatted_data
// to match the desired LDIF format
output = DRM_LDIF_EXTDATA_REQUEST_NOTES
+ SPACE
+ format_ldif_data(
EXTDATA_REQUEST_NOTES_FIRST_LINE_DATA_LENGTH,
unformatted_data );
}
// log this information
log( "Created:"
+ NEWLINE
+ TIC
+ output
+ TIC
+ NEWLINE, false );
// Write out this revised line
// and flush the buffer
writer.write( output + NEWLINE );
writer.flush();
System.out.print( "." );
}
}
}
}
/**
* Helper method which composes the output line for
* DRM_LDIF_EXTDATA_SERIAL_NUMBER.
*
*
* @param record_type the string representation of the input record type
* @param line the string representation of the input line
* @return the composed output line
*/
private static String output_extdata_serial_number( String record_type,
String line ) {
String output = null;
if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_EXTDATA_SERIAL_NUMBER ) ) {
output = compose_numeric_line( DRM_LDIF_EXTDATA_SERIAL_NUMBER,
SPACE,
line,
false );
} else {
output = line;
}
} else {
log( "ERROR: Mismatched record field='"
+ DRM_LDIF_EXTDATA_SERIAL_NUMBER
+ "' for record type='"
+ record_type
+ "'!"
+ NEWLINE, true );
}
return output;
}
/**
* Helper method which composes the output line for
* DRM_LDIF_PRIVATE_KEY_DATA.
*
*
* @param record_type the string representation of the input record type
* @param line the string representation of the input line
* @return the composed output line
*/
private static String output_private_key_data( String record_type,
String line ) {
byte source_wrappedKeyData[] = null;
byte target_wrappedKeyData[] = null;
String data = null;
String revised_data = null;
String unformatted_data = null;
String formatted_data = null;
String output = null;
try {
if( record_type.equals( DRM_LDIF_CA_KEY_RECORD ) ) {
if(drmtoolCfg.get(DRMTOOL_CFG_CA_KEY_RECORD_PRIVATE_KEY_DATA)) {
// Since "-source_pki_security_database_path",
// "-source_storage_token_name",
// "-source_storage_certificate_nickname", and
// "-target_storage_certificate_file" are OPTIONAL
// parameters, ONLY process this field if all of
// these options have been selected
if( mRewrapFlag ) {
// extract the data
data = line.substring(
DRM_LDIF_PRIVATE_KEY_DATA.length() + 1
).trim();
while( ( line = ldif_record.next() ) != null ) {
if( line.startsWith( SPACE ) ) {
data += line.trim();
} else {
break;
}
}
// Decode the ASCII BASE 64 certificate
// enclosed in the String() object
// into a BINARY BASE 64 byte[] object
source_wrappedKeyData =
com.netscape.osutil.OSUtil.AtoB( data );
// rewrap the source wrapped private key data
target_wrappedKeyData = rewrap_wrapped_key_data(
source_wrappedKeyData );
// Encode the BINARY BASE 64 byte[] object
// into an ASCII BASE 64 certificate
// enclosed in a String() object
revised_data = com.netscape.osutil.OSUtil.BtoA(
target_wrappedKeyData );
// Unformat the ASCII BASE 64 certificate
// for the log file
unformatted_data = stripEOL( revised_data );
// Format the ASCII BASE 64 certificate
// to match the desired LDIF format
formatted_data = format_ldif_data(
PRIVATE_KEY_DATA_FIRST_LINE_DATA_LENGTH,
unformatted_data );
// construct a revised 'privateKeyData' line
output = DRM_LDIF_PRIVATE_KEY_DATA
+ SPACE
+ formatted_data
+ NEWLINE
+ line;
// log this information
log( "Changed 'privateKeyData' from:"
+ NEWLINE
+ TIC
+ data
+ TIC
+ NEWLINE
+ " to:"
+ NEWLINE
+ TIC
+ unformatted_data
+ TIC
+ NEWLINE, false );
} else {
output = line;
}
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_TPS_KEY_RECORD ) ) {
if(drmtoolCfg.get(DRMTOOL_CFG_TPS_KEY_RECORD_PRIVATE_KEY_DATA)){
// Since "-source_pki_security_database_path",
// "-source_storage_token_name",
// "-source_storage_certificate_nickname", and
// "-target_storage_certificate_file" are OPTIONAL
// parameters, ONLY process this field if all of
// these options have been selected
if( mRewrapFlag ) {
// extract the data
data = line.substring(
DRM_LDIF_PRIVATE_KEY_DATA.length() + 1
).trim();
while( ( line = ldif_record.next() ) != null ) {
if( line.startsWith( SPACE ) ) {
data += line.trim();
} else {
break;
}
}
// Decode the ASCII BASE 64 certificate
// enclosed in the String() object
// into a BINARY BASE 64 byte[] object
source_wrappedKeyData =
com.netscape.osutil.OSUtil.AtoB( data );
// rewrap the source wrapped private key data
target_wrappedKeyData = rewrap_wrapped_key_data(
source_wrappedKeyData );
// Encode the BINARY BASE 64 byte[] object
// into an ASCII BASE 64 certificate
// enclosed in a String() object
revised_data = com.netscape.osutil.OSUtil.BtoA(
target_wrappedKeyData );
// Unformat the ASCII BASE 64 certificate
// for the log file
unformatted_data = stripEOL( revised_data );
// Format the ASCII BASE 64 certificate
// to match the desired LDIF format
formatted_data = format_ldif_data(
PRIVATE_KEY_DATA_FIRST_LINE_DATA_LENGTH,
unformatted_data );
// construct a revised 'privateKeyData' line
output = DRM_LDIF_PRIVATE_KEY_DATA
+ SPACE
+ formatted_data
+ NEWLINE
+ line;
// log this information
log( "Changed 'privateKeyData' from:"
+ NEWLINE
+ TIC
+ data
+ TIC
+ NEWLINE
+ " to:"
+ NEWLINE
+ TIC
+ unformatted_data
+ TIC
+ NEWLINE, false );
} else {
output = line;
}
} else {
output = line;
}
} else {
log( "ERROR: Mismatched record field='"
+ DRM_LDIF_PRIVATE_KEY_DATA
+ "' for record type='"
+ record_type
+ "'!"
+ NEWLINE, true );
}
} catch( Exception exRewrap ) {
log( "ERROR: Unable to rewrap BINARY BASE 64 data. "
+ "Exception: '"
+ exRewrap.toString()
+ "'"
+ NEWLINE, true );
}
return output;
}
/**
* Helper method which composes the output line for DRM_LDIF_REQUEST_ID.
*
*
* @param record_type the string representation of the input record type
* @param line the string representation of the input line
* @return the composed output line
*/
private static String output_request_id( String record_type,
String line ) {
String output = null;
if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_ENROLLMENT_REQUEST_ID ) ) {
output = compose_numeric_line( DRM_LDIF_REQUEST_ID,
SPACE,
line,
true );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_RECOVERY ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_RECOVERY_REQUEST_ID ) ) {
output = compose_numeric_line( DRM_LDIF_REQUEST_ID,
SPACE,
line,
true );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_KEYGEN ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_KEYGEN_REQUEST_ID ) ) {
output = compose_numeric_line( DRM_LDIF_REQUEST_ID,
SPACE,
line,
true );
} else {
output = line;
}
} else {
log( "ERROR: Mismatched record field='"
+ DRM_LDIF_REQUEST_ID
+ "' for record type='"
+ record_type
+ "'!"
+ NEWLINE, true );
}
return output;
}
/**
* Helper method which composes the output line for DRM_LDIF_SERIAL_NO.
*
*
* @param record_type the string representation of the input record type
* @param line the string representation of the input line
* @return the composed output line
*/
private static String output_serial_no( String record_type,
String line ) {
String output = null;
if( record_type.equals( DRM_LDIF_CA_KEY_RECORD ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_CA_KEY_RECORD_SERIAL_NO ) ) {
output = compose_numeric_line( DRM_LDIF_SERIAL_NO,
SPACE,
line,
true );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_TPS_KEY_RECORD ) ) {
if( drmtoolCfg.get( DRMTOOL_CFG_TPS_KEY_RECORD_SERIAL_NO ) ) {
output = compose_numeric_line( DRM_LDIF_SERIAL_NO,
SPACE,
line,
true );
} else {
output = line;
}
} else if( record_type.equals( DRM_LDIF_RECORD ) ) {
// Non-Request / Non-Key Record:
// Pass through the original
// 'serialno' line UNCHANGED
// so that it is ALWAYS written
output = line;
} else {
log( "ERROR: Mismatched record field='"
+ DRM_LDIF_SERIAL_NO
+ "' for record type='"
+ record_type
+ "'!"
+ NEWLINE, true );
}
return output;
}
/**
* Helper method which composes the output line for
* DRM_LDIF_EXTDATA_AUTH_TOKEN_USER.
*
*
* @param record_type the string representation of the input record type
* @param line the string representation of the input line
* @return the composed output line
*/
private static String output_extdata_auth_token_user( String record_type,
String line ) {
String data = null;
String output = null;
try {
if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
// Since "-source_drm_naming_context", and
// "-target_drm_naming_context" are OPTIONAL
// parameters, ONLY process this field if both of
// these options have been selected
if( mDrmNamingContextsFlag ) {
output = line.replace( mSourceDrmNamingContext,
mTargetDrmNamingContext );
} else {
output = line;
}
} else {
log( "ERROR: Mismatched record field='"
+ DRM_LDIF_EXTDATA_AUTH_TOKEN_USER
+ "' for record type='"
+ record_type
+ "'!"
+ NEWLINE, true );
}
} catch( NullPointerException exNullPointerException ) {
log( "ERROR: Unable to replace source DRM naming context '"
+ mSourceDrmNamingContext
+ "' with target DRM naming context '"
+ mTargetDrmNamingContext
+ "' NullPointerException: '"
+ exNullPointerException.toString()
+ "'"
+ NEWLINE, true );
}
return output;
}
/**
* Helper method which composes the output line for
* DRM_LDIF_EXTDATA_AUTH_TOKEN_USER_DN.
*
*
* @param record_type the string representation of the input record type
* @param line the string representation of the input line
* @return the composed output line
*/
private static String output_extdata_auth_token_user_dn( String record_type,
String line ) {
String data = null;
String output = null;
try {
if( record_type.equals( DRM_LDIF_ENROLLMENT ) ) {
// Since "-source_drm_naming_context", and
// "-target_drm_naming_context" are OPTIONAL
// parameters, ONLY process this field if both of
// these options have been selected
if( mDrmNamingContextsFlag ) {
output = line.replace( mSourceDrmNamingContext,
mTargetDrmNamingContext );
} else {
output = line;
}
} else {
log( "ERROR: Mismatched record field='"
+ DRM_LDIF_EXTDATA_AUTH_TOKEN_USER_DN
+ "' for record type='"
+ record_type
+ "'!"
+ NEWLINE, true );
}
} catch( NullPointerException exNullPointerException ) {
log( "ERROR: Unable to replace source DRM naming context '"
+ mSourceDrmNamingContext
+ "' with target DRM naming context '"
+ mTargetDrmNamingContext
+ "' NullPointerException: '"
+ exNullPointerException.toString()
+ "'"
+ NEWLINE, true );
}
return output;
}
/**
* This method performs the actual parsing of the "source" LDIF file
* and produces the "target" LDIF file.
*
*
* @return true if the "target" LDIF file is successfully created
*/
private static boolean convert_source_ldif_to_target_ldif() {
boolean success = false;
BufferedReader reader = null;
PrintWriter writer = null;
String input = null;
String line = null;
String previous_line = null;
String output = null;
String data = null;
String record_type = null;
if( mRewrapFlag ) {
success = obtain_RSA_rewrapping_keys();
if( !success ) {
return FAILURE;
}
}
// Create a vector for LDIF input
record = new Vector( INITIAL_LDIF_RECORD_CAPACITY );
// Process each line in the source LDIF file
// and store it in the target LDIF file
try {
// Open source LDIF file for reading
reader = new BufferedReader(
new FileReader( mSourceLdifFilename ) );
// Open target LDIF file for writing
writer = new PrintWriter(
new BufferedWriter(
new FileWriter( mTargetLdifFilename ) ) );
System.out.print( "PROCESSING: " );
while( ( input = reader.readLine() ) != null ) {
// Read in a record from the source LDIF file and
// add this line of input into the record vector
success = record.add( input );
if( !success ) {
return FAILURE;
}
// Check for the end of an LDIF record
if( !input.equals( "" ) ) {
// Check to see if input line identifies the record type
if( input.startsWith( DRM_LDIF_REQUEST_TYPE ) ) {
// set the record type:
//
// * DRM_LDIF_ENROLLMENT
// * DRM_LDIF_KEYGEN
// * DRM_LDIF_RECOVERY
//
record_type = input.substring(
DRM_LDIF_REQUEST_TYPE.length() + 1
).trim();
if( !record_type.equals( DRM_LDIF_ENROLLMENT ) &&
!record_type.equals( DRM_LDIF_KEYGEN ) &&
!record_type.equals( DRM_LDIF_RECOVERY ) ) {
log( "ERROR: Unknown LDIF record type='"
+ record_type
+ "'!"
+ NEWLINE, true );
return FAILURE;
}
} else if( input.startsWith( DRM_LDIF_ARCHIVED_BY ) ) {
// extract the data
data = input.substring(
DRM_LDIF_ARCHIVED_BY.length() + 1
).trim();
// set the record type:
//
// * DRM_LDIF_CA_KEY_RECORD
// * DRM_LDIF_TPS_KEY_RECORD
//
if( data.startsWith( DRM_LDIF_TPS_KEY_RECORD ) ) {
record_type = DRM_LDIF_TPS_KEY_RECORD;
} else if( data.startsWith( DRM_LDIF_CA_KEY_RECORD ) ) {
record_type = DRM_LDIF_CA_KEY_RECORD;
} else {
log( "ERROR: Unable to determine LDIF record type "
+ "from data='"
+ data
+ "'!"
+ NEWLINE, true );
return FAILURE;
}
}
// continue adding input lines into this record
continue;
}
// If record type is unset, then this record is neither
// an LDIF request record nor an LDIF key record; check
// to see if it needs to be written out to the target
// LDIF file or thrown away.
if( ( record_type == null ) &&
mProcessRequestsAndKeyRecordsOnlyFlag ) {
// Mark each removed record with an 'x'
System.out.print( "x" );
// log this information
log( "INFO: Throwing away an LDIF record which is "
+ "neither a Request nor a Key Record!"
+ NEWLINE, false );
// clear this LDIF record from the record vector
record.clear();
// NOTE: there is no need to reset the record type
// begin adding input lines into a new record
continue;
} else if( record_type == null ) {
// Set record type to specify a "generic" LDIF record
record_type = DRM_LDIF_RECORD;
}
ldif_record = record.iterator();
// Process each line of the record:
// * If LDIF Record Type for this line is 'valid'
// * If DRMTOOL Configuration File Parameter is 'true'
// * Process this data
// * Else If DRMTOOL Configuration File Parameter is 'false'
// * Pass through this data unchanged
// * Else If LDIF Record Type for this line is 'invalid'
// * Log error and leave method returning 'false'
while( ldif_record.hasNext() ) {
line = ldif_record.next();
if( line.startsWith( DRM_LDIF_CN ) ) {
output = output_cn( record_type, line );
if( output == null ) {
return FAILURE;
}
} else if( line.startsWith( DRM_LDIF_DATE_OF_MODIFY ) ) {
output = output_date_of_modify( record_type, line );
if( output == null ) {
return FAILURE;
}
} else if( line.startsWith( DRM_LDIF_DN ) ) {
output = output_dn( record_type, line );
if( output == null ) {
return FAILURE;
}
} else if(line.startsWith( DRM_LDIF_EXTDATA_KEY_RECORD )) {
output = output_extdata_key_record( record_type,
line );
if( output == null ) {
return FAILURE;
}
} else if(line.startsWith( DRM_LDIF_EXTDATA_REQUEST_ID )) {
output = output_extdata_request_id( record_type,
line );
if( output == null ) {
return FAILURE;
}
} else if(line.startsWith(DRM_LDIF_EXTDATA_REQUEST_NOTES)) {
output = output_extdata_request_notes( record_type,
line );
if( output == null ) {
return FAILURE;
}
} else if(line.startsWith(DRM_LDIF_EXTDATA_REQUEST_TYPE)) {
// if one is not already present,
// compose and write out the missing
// 'extdata_requestnotes' line
create_extdata_request_notes( record_type,
previous_line,
writer );
// ALWAYS pass through the original
// 'extdata-requesttype' line UNCHANGED
// so that it is ALWAYS written
output = line;
} else if(line.startsWith(DRM_LDIF_EXTDATA_SERIAL_NUMBER)) {
output = output_extdata_serial_number( record_type,
line );
if( output == null ) {
return FAILURE;
}
} else if( line.startsWith( DRM_LDIF_PRIVATE_KEY_DATA ) ) {
output = output_private_key_data( record_type,
line );
if( output == null ) {
return FAILURE;
}
} else if( line.startsWith( DRM_LDIF_REQUEST_ID ) ) {
output = output_request_id( record_type, line );
if( output == null ) {
return FAILURE;
}
} else if( line.startsWith( DRM_LDIF_SERIAL_NO ) ) {
output = output_serial_no( record_type, line );
if( output == null ) {
return FAILURE;
}
} else if( previous_line != null &&
previous_line.startsWith(
DRM_LDIF_EXTDATA_AUTH_TOKEN_USER ) ) {
output = output_extdata_auth_token_user( record_type,
line );
if( output == null ) {
return FAILURE;
}
} else if( previous_line != null &&
previous_line.startsWith(
DRM_LDIF_EXTDATA_AUTH_TOKEN_USER_DN ) ) {
output = output_extdata_auth_token_user_dn( record_type,
line );
if( output == null ) {
return FAILURE;
}
} else {
// Pass through line unchanged
output = line;
}
// Always save a copy of this line
previous_line = output;
// Always write out the output line and flush the buffer
writer.write( output + NEWLINE );
writer.flush();
System.out.print( "." );
}
// Mark the end of the LDIF record
System.out.print( "!" );
// clear this LDIF record from the record vector
record.clear();
}
System.out.println( " FINISHED." + NEWLINE );
} catch( IOException exIO ) {
log( "ERROR: line='"
+ line
+ "' OR output='"
+ output
+ "' IOException: '"
+ exIO.toString()
+ "'"
+ NEWLINE, true );
return FAILURE;
}
return SUCCESS;
}
/**************************************/
/* DRMTOOL Config File Parser Methods */
/**************************************/
/**
* This method performs the actual parsing of the DRMTOOL config file
* and initializes how the DRM Record Fields should be processed.
*
*
* @return true if the DRMTOOL config file is successfully processed
*/
private static boolean process_drmtool_config_file() {
boolean success = false;
BufferedReader reader = null;
String line = null;
String name_value_pair[] = null;
String name = null;
Boolean value = null;
// Process each line containing a name/value pair
// in the DRMTOOL config file
try {
// Open DRMTOOL config file for reading
reader = new BufferedReader(
new FileReader( mDrmtoolCfgFilename ) );
// Create a hashtable for relevant name/value pairs
drmtoolCfg = new Hashtable();
System.out.print( "PROCESSING DRMTOOL CONFIG FILE: " );
while( ( line = reader.readLine() ) != null ) {
if( line.startsWith( DRMTOOL_CFG_PREFIX ) ) {
// obtain "name=value" pair
name_value_pair = line.split( EQUAL_SIGN );
// obtain "name"
name = name_value_pair[0];
// compute "boolean" value
if( name_value_pair[1].equals( "true" ) ) {
value = Boolean.TRUE;
} else {
value = Boolean.FALSE;
}
// store relevant DRM LDIF fields for processing
if( name.equals( DRMTOOL_CFG_ENROLLMENT_CN )
|| name.equals( DRMTOOL_CFG_ENROLLMENT_DATE_OF_MODIFY )
|| name.equals( DRMTOOL_CFG_ENROLLMENT_DN )
|| name.equals( DRMTOOL_CFG_ENROLLMENT_EXTDATA_KEY_RECORD )
|| name.equals( DRMTOOL_CFG_ENROLLMENT_EXTDATA_REQUEST_NOTES )
|| name.equals( DRMTOOL_CFG_ENROLLMENT_REQUEST_ID )
|| name.equals( DRMTOOL_CFG_CA_KEY_RECORD_CN )
|| name.equals( DRMTOOL_CFG_CA_KEY_RECORD_DATE_OF_MODIFY )
|| name.equals( DRMTOOL_CFG_CA_KEY_RECORD_DN )
|| name.equals( DRMTOOL_CFG_CA_KEY_RECORD_PRIVATE_KEY_DATA )
|| name.equals( DRMTOOL_CFG_CA_KEY_RECORD_SERIAL_NO )
|| name.equals( DRMTOOL_CFG_RECOVERY_CN )
|| name.equals( DRMTOOL_CFG_RECOVERY_DATE_OF_MODIFY )
|| name.equals( DRMTOOL_CFG_RECOVERY_DN )
|| name.equals( DRMTOOL_CFG_RECOVERY_EXTDATA_REQUEST_ID )
|| name.equals( DRMTOOL_CFG_RECOVERY_EXTDATA_REQUEST_NOTES )
|| name.equals( DRMTOOL_CFG_RECOVERY_EXTDATA_SERIAL_NUMBER )
|| name.equals( DRMTOOL_CFG_RECOVERY_REQUEST_ID )
|| name.equals( DRMTOOL_CFG_TPS_KEY_RECORD_CN )
|| name.equals( DRMTOOL_CFG_TPS_KEY_RECORD_DATE_OF_MODIFY )
|| name.equals( DRMTOOL_CFG_TPS_KEY_RECORD_DN )
|| name.equals( DRMTOOL_CFG_TPS_KEY_RECORD_PRIVATE_KEY_DATA )
|| name.equals( DRMTOOL_CFG_TPS_KEY_RECORD_SERIAL_NO )
|| name.equals( DRMTOOL_CFG_KEYGEN_CN )
|| name.equals( DRMTOOL_CFG_KEYGEN_DATE_OF_MODIFY )
|| name.equals( DRMTOOL_CFG_KEYGEN_DN )
|| name.equals( DRMTOOL_CFG_KEYGEN_EXTDATA_KEY_RECORD )
|| name.equals( DRMTOOL_CFG_KEYGEN_EXTDATA_REQUEST_ID )
|| name.equals( DRMTOOL_CFG_KEYGEN_EXTDATA_REQUEST_NOTES )
|| name.equals( DRMTOOL_CFG_KEYGEN_REQUEST_ID ) ) {
drmtoolCfg.put( name, value );
System.out.print( "." );
}
}
}
System.out.println( " FINISHED." + NEWLINE );
} catch( FileNotFoundException exDrmtoolCfgFileNotFound ) {
log( "ERROR: No DRMTOOL config file named '"
+ mDrmtoolCfgFilename
+ "' exists! FileNotFoundException: '"
+ exDrmtoolCfgFileNotFound.toString()
+ "'"
+ NEWLINE, true );
return FAILURE;
} catch( IOException exDrmtoolCfgIO ) {
log( "ERROR: line='"
+ line
+ "' IOException: '"
+ exDrmtoolCfgIO.toString()
+ "'"
+ NEWLINE, true );
return FAILURE;
} catch( PatternSyntaxException exDrmtoolCfgNameValuePattern ) {
log( "ERROR: line='"
+ line
+ "' PatternSyntaxException: '"
+ exDrmtoolCfgNameValuePattern.toString()
+ "'"
+ NEWLINE, true );
return FAILURE;
}
return SUCCESS;
}
/************/
/* DRM Tool */
/************/
/**
* The main DRMTool method.
*
*
* @param args DRMTool options
*/
public static void main( String[] args ) {
// Variables
String append_id_offset = null;
String remove_id_offset = null;
String process_drm_naming_context_fields = null;
String process_requests_and_key_records_only = null;
String use_PKI_security_database_pwdfile = null;
File cfgFile = null;
File sourceFile = null;
File sourceDBPath = null;
File sourceDBPwdfile = null;
File targetStorageCertFile = null;
File targetFile = null;
File logFile = null;
boolean success = false;
// Get current date and time
mDateOfModify = now( DATE_OF_MODIFY_PATTERN );
// Check that the correct number of arguments were
// submitted to the program
if( ( args.length != ID_OFFSET_ARGS ) &&
( args.length != ( ID_OFFSET_ARGS + 1 ) ) &&
( args.length != ( ID_OFFSET_ARGS + 4 ) ) &&
( args.length != ( ID_OFFSET_ARGS + 5 ) ) &&
( args.length != REWRAP_ARGS ) &&
( args.length != ( REWRAP_ARGS + 1 ) ) &&
( args.length != ( REWRAP_ARGS + 2 ) ) &&
( args.length != ( REWRAP_ARGS + 3 ) ) &&
( args.length != ( REWRAP_ARGS + 4 ) ) &&
( args.length != ( REWRAP_ARGS + 5 ) ) &&
( args.length != ( REWRAP_ARGS + 6 ) ) &&
( args.length != ( REWRAP_ARGS + 7 ) ) &&
( args.length != REWRAP_AND_ID_OFFSET_ARGS ) &&
( args.length != ( REWRAP_AND_ID_OFFSET_ARGS + 1 ) ) &&
( args.length != ( REWRAP_AND_ID_OFFSET_ARGS + 2 ) ) &&
( args.length != ( REWRAP_AND_ID_OFFSET_ARGS + 3 ) ) &&
( args.length != ( REWRAP_AND_ID_OFFSET_ARGS + 4 ) ) &&
( args.length != ( REWRAP_AND_ID_OFFSET_ARGS + 5 ) ) &&
( args.length != ( REWRAP_AND_ID_OFFSET_ARGS + 6 ) ) &&
( args.length != ( REWRAP_AND_ID_OFFSET_ARGS + 7 ) ) ) {
System.err.println( "ERROR: Incorrect number of arguments!"
+ NEWLINE );
printUsage();
System.exit( 0 );
}
// Process command-line arguments
for( int i = 0; i < args.length; i += 2 ) {
if( args[i].equals( DRMTOOL_CFG_FILE ) ) {
mDrmtoolCfgFilename = args[i + 1];
mMandatoryNameValuePairs++;
} else if( args[i].equals( SOURCE_LDIF_FILE ) ) {
mSourceLdifFilename = args[i + 1];
mMandatoryNameValuePairs++;
} else if( args[i].equals( TARGET_LDIF_FILE ) ) {
mTargetLdifFilename = args[i + 1];
mMandatoryNameValuePairs++;
} else if( args[i].equals( LOG_FILE ) ) {
mLogFilename = args[i + 1];
mMandatoryNameValuePairs++;
} else if( args[i].equals( SOURCE_NSS_DB_PATH ) ) {
mSourcePKISecurityDatabasePath = args[i + 1];
mRewrapNameValuePairs++;
} else if( args[i].equals( SOURCE_STORAGE_TOKEN_NAME ) ) {
mSourceStorageTokenName = args[i + 1];
mRewrapNameValuePairs++;
} else if( args[i].equals( SOURCE_STORAGE_CERT_NICKNAME ) ) {
mSourceStorageCertNickname = args[i + 1];
mRewrapNameValuePairs++;
} else if( args[i].equals( TARGET_STORAGE_CERTIFICATE_FILE ) ) {
mTargetStorageCertificateFilename = args[i + 1];
mRewrapNameValuePairs++;
} else if( args[i].equals( SOURCE_NSS_DB_PWDFILE ) ) {
mSourcePKISecurityDatabasePwdfile = args[i + 1];
mPKISecurityDatabasePwdfileNameValuePairs++;
} else if( args[i].equals( APPEND_ID_OFFSET ) ) {
append_id_offset = args[i + 1];
mAppendIdOffsetNameValuePairs++;
} else if( args[i].equals( REMOVE_ID_OFFSET ) ) {
remove_id_offset = args[i + 1];
mRemoveIdOffsetNameValuePairs++;
} else if( args[i].equals( SOURCE_DRM_NAMING_CONTEXT ) ) {
mSourceDrmNamingContext = args[i + 1];
mDrmNamingContextNameValuePairs++;
} else if( args[i].equals( TARGET_DRM_NAMING_CONTEXT ) ) {
mTargetDrmNamingContext = args[i + 1];
mDrmNamingContextNameValuePairs++;
} else if( args[i].equals( PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY ) )
{
mProcessRequestsAndKeyRecordsOnlyFlag = true;
i -= 1;
} else {
System.err.println( "ERROR: Unknown argument '"
+ args[i]
+ "'!"
+ NEWLINE );
printUsage();
System.exit( 0 );
}
}
// Verify that correct number of valid mandatory
// arguments were submitted to the program
if( mMandatoryNameValuePairs != MANDATORY_NAME_VALUE_PAIRS ||
mDrmtoolCfgFilename == null ||
mDrmtoolCfgFilename.length() == 0 ||
mSourceLdifFilename == null ||
mSourceLdifFilename.length() == 0 ||
mTargetLdifFilename == null ||
mTargetLdifFilename.length() == 0 ||
mLogFilename == null ||
mLogFilename.length() == 0 ) {
System.err.println( "ERROR: Missing mandatory arguments!"
+ NEWLINE );
printUsage();
System.exit( 0 );
} else {
// Check for a valid DRMTOOL config file
cfgFile = new File( mDrmtoolCfgFilename );
if( !cfgFile.exists() ||
!cfgFile.isFile() ||
( cfgFile.length() == 0 ) ) {
System.err.println( "ERROR: '"
+ mDrmtoolCfgFilename
+ "' does NOT exist, is NOT a file, "
+ "or is empty!"
+ NEWLINE );
printUsage();
System.exit( 0 );
}
// Check for a valid source LDIF file
sourceFile = new File( mSourceLdifFilename );
if( !sourceFile.exists() ||
!sourceFile.isFile() ||
( sourceFile.length() == 0 ) ) {
System.err.println( "ERROR: '"
+ mSourceLdifFilename
+ "' does NOT exist, is NOT a file, "
+ "or is empty!"
+ NEWLINE );
printUsage();
System.exit( 0 );
}
// Check that the target LDIF file does NOT exist
targetFile = new File( mTargetLdifFilename );
if( targetFile.exists() ) {
System.err.println( "ERROR: '"
+ mTargetLdifFilename
+ "' ALREADY exists!"
+ NEWLINE );
printUsage();
System.exit( 0 );
}
// Check that the log file does NOT exist
logFile = new File( mLogFilename );
if( logFile.exists() ) {
System.err.println( "ERROR: '"
+ mLogFilename
+ "' ALREADY exists!"
+ NEWLINE );
printUsage();
System.exit( 0 );
}
// Mark the 'Mandatory' flag true
mMandatoryFlag = true;
}
// Check to see that if the 'Rewrap' command-line options were
// specified, that they are all present and accounted for
if( mRewrapNameValuePairs > 0 ) {
if( mRewrapNameValuePairs != REWRAP_NAME_VALUE_PAIRS ||
mSourcePKISecurityDatabasePath == null ||
mSourcePKISecurityDatabasePath.length() == 0 ||
mSourceStorageTokenName == null ||
mSourceStorageTokenName.length() == 0 ||
mSourceStorageCertNickname == null ||
mSourceStorageCertNickname.length() == 0 ||
mTargetStorageCertificateFilename == null ||
mTargetStorageCertificateFilename.length() == 0 ) {
System.err.println( "ERROR: Missing 'Rewrap' arguments!"
+ NEWLINE );
printUsage();
System.exit( 0 );
} else {
// Check for a valid path to the PKI security databases
sourceDBPath = new File( mSourcePKISecurityDatabasePath );
if( !sourceDBPath.exists() ||
!sourceDBPath.isDirectory() ) {
System.err.println( "ERROR: '"
+ mSourcePKISecurityDatabasePath
+ "' does NOT exist or "
+ "'is NOT a directory!"
+ NEWLINE );
printUsage();
System.exit( 0 );
}
// Check for a valid target storage certificate file
targetStorageCertFile = new File(
mTargetStorageCertificateFilename );
if( !targetStorageCertFile.exists() ||
!targetStorageCertFile.isFile() ||
( targetStorageCertFile.length() == 0 ) ) {
System.err.println( "ERROR: '"
+ mTargetStorageCertificateFilename
+ "' does NOT exist, is NOT a file, "
+ "or is empty!"
+ NEWLINE );
printUsage();
System.exit( 0 );
}
// Mark the 'Rewrap' flag true
mRewrapFlag = true;
}
}
// Check to see that BOTH append 'ID Offset' command-line options
// and remove 'ID Offset' command-line options were NOT specified
// since these two command-line options are mutually exclusive!
if( ( mAppendIdOffsetNameValuePairs > 0 ) &&
( mRemoveIdOffsetNameValuePairs > 0 ) ) {
System.err.println( "ERROR: The 'append ID Offset' option "
+ "and the 'remove ID Offset' option are "
+ "mutually exclusive!"
+ NEWLINE );
printUsage();
System.exit( 0 );
}
// Check to see that if the 'append ID Offset' command-line options
// were specified, that they are all present and accounted for
if( mAppendIdOffsetNameValuePairs > 0 ) {
if( mAppendIdOffsetNameValuePairs == ID_OFFSET_NAME_VALUE_PAIRS &&
append_id_offset != null &&
append_id_offset.length() != 0 ) {
try {
if( !append_id_offset.matches( "[0-9]++" ) ) {
System.err.println( "ERROR: '"
+ append_id_offset
+ "' contains non-numeric "
+ "characters!"
+ NEWLINE );
printUsage();
System.exit( 0 );
} else {
mAppendIdOffset = new BigInteger(
append_id_offset );
// Mark the 'append ID Offset' flag true
mAppendIdOffsetFlag = true;
}
} catch( PatternSyntaxException exAppendPattern ) {
System.err.println( "ERROR: append_id_offset='"
+ append_id_offset
+ "' PatternSyntaxException: '"
+ exAppendPattern.toString()
+ "'"
+ NEWLINE );
System.exit( 0 );
}
} else {
System.err.println( "ERROR: Missing "
+ "'append ID Offset' arguments!"
+ NEWLINE );
printUsage();
System.exit( 0 );
}
}
// Check to see that if the 'remove ID Offset' command-line options
// were specified, that they are all present and accounted for
if( mRemoveIdOffsetNameValuePairs > 0 ) {
if( mRemoveIdOffsetNameValuePairs == ID_OFFSET_NAME_VALUE_PAIRS &&
remove_id_offset != null &&
remove_id_offset.length() != 0 ) {
try {
if( !remove_id_offset.matches( "[0-9]++" ) ) {
System.err.println( "ERROR: '"
+ remove_id_offset
+ "' contains non-numeric "
+ "characters!"
+ NEWLINE );
printUsage();
System.exit( 0 );
} else {
mRemoveIdOffset = new BigInteger(
remove_id_offset );
// Mark the 'remove ID Offset' flag true
mRemoveIdOffsetFlag = true;
}
} catch( PatternSyntaxException exRemovePattern ) {
System.err.println( "ERROR: remove_id_offset='"
+ remove_id_offset
+ "' PatternSyntaxException: '"
+ exRemovePattern.toString()
+ "'"
+ NEWLINE );
System.exit( 0 );
}
} else {
System.err.println( "ERROR: Missing "
+ "'remove ID Offset' arguments!"
+ NEWLINE );
printUsage();
System.exit( 0 );
}
}
// Make certain that at least one of the "Rewrap", "Append ID Offset",
// or "Remove ID Offset" options has been specified
if( !mRewrapFlag &&
!mAppendIdOffsetFlag &&
!mRemoveIdOffsetFlag ) {
System.err.println( "ERROR: At least one of the 'rewrap', "
+ "'append ID Offset', or 'remove ID Offset' "
+ "options MUST be specified!"
+ NEWLINE );
printUsage();
System.exit( 0 );
}
// Check to see that if the OPTIONAL
// 'PKI Security Database Password File'
// command-line options were specified,
// that they are all present and accounted for
if( mPKISecurityDatabasePwdfileNameValuePairs > 0 ) {
if( mPKISecurityDatabasePwdfileNameValuePairs !=
PWDFILE_NAME_VALUE_PAIRS ||
mSourcePKISecurityDatabasePwdfile == null ||
mSourcePKISecurityDatabasePwdfile.length() == 0 ) {
System.err.println( "ERROR: Missing 'Password File' "
+ "arguments!"
+ NEWLINE );
printUsage();
System.exit( 0 );
} else {
if( mRewrapFlag ) {
// Check for a valid source PKI
// security database password file
sourceDBPwdfile = new
File( mSourcePKISecurityDatabasePwdfile );
if( !sourceDBPwdfile.exists() ||
!sourceDBPwdfile.isFile() ||
( sourceDBPwdfile.length() == 0 ) ) {
System.err.println( "ERROR: '"
+ mSourcePKISecurityDatabasePwdfile
+ "' does NOT exist, is NOT a file, "
+ "or is empty!"
+ NEWLINE );
printUsage();
System.exit( 0 );
}
use_PKI_security_database_pwdfile = SPACE
+ SOURCE_NSS_DB_PWDFILE
+ SPACE
+ TIC
+ mSourcePKISecurityDatabasePwdfile
+ TIC;
mSourcePKISecurityDatabasePwdfileMessage = SPACE
+ PLUS
+ SPACE
+ DRM_LDIF_USED_PWDFILE_MESSAGE;
// Mark the 'Password File' flag true
mPwdfileFlag = true;
} else {
System.err.println( "ERROR: The "
+ TIC
+ SOURCE_NSS_DB_PWDFILE
+ TIC
+ " option is ONLY valid when "
+ "performing rewrapping."
+ NEWLINE );
printUsage();
System.exit( 0 );
}
}
} else {
use_PKI_security_database_pwdfile = "";
mSourcePKISecurityDatabasePwdfileMessage = "";
}
// Check to see that if the OPTIONAL 'DRM Naming Context' command-line
// options were specified, that they are all present and accounted for
if( mDrmNamingContextNameValuePairs > 0 ) {
if( mDrmNamingContextNameValuePairs !=
NAMING_CONTEXT_NAME_VALUE_PAIRS ||
mSourceDrmNamingContext == null ||
mSourceDrmNamingContext.length() == 0 ||
mTargetDrmNamingContext == null ||
mTargetDrmNamingContext.length() == 0 ) {
System.err.println( "ERROR: Both 'source DRM naming context' "
+ "and 'target DRM naming context' "
+ "options MUST be specified!"
+ NEWLINE );
printUsage();
System.exit( 0 );
} else {
process_drm_naming_context_fields = SPACE
+ SOURCE_DRM_NAMING_CONTEXT
+ SPACE
+ TIC
+ mSourceDrmNamingContext
+ TIC
+ SPACE
+ TARGET_DRM_NAMING_CONTEXT
+ SPACE
+ TIC
+ mTargetDrmNamingContext
+ TIC;
mDrmNamingContextMessage = SPACE
+ PLUS
+ SPACE
+ DRM_LDIF_SOURCE_NAME_CONTEXT_MESSAGE
+ mSourceDrmNamingContext
+ DRM_LDIF_TARGET_NAME_CONTEXT_MESSAGE
+ mTargetDrmNamingContext
+ TIC;
// Mark the 'DRM Naming Contexts' flag true
mDrmNamingContextsFlag = true;
}
} else {
process_drm_naming_context_fields = "";
mDrmNamingContextMessage = "";
}
// Check for OPTIONAL "Process Requests and Key Records ONLY" option
if( mProcessRequestsAndKeyRecordsOnlyFlag ) {
process_requests_and_key_records_only = SPACE
+ PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY;
mProcessRequestsAndKeyRecordsOnlyMessage = SPACE + PLUS + SPACE +
DRM_LDIF_PROCESS_REQUESTS_AND_KEY_RECORDS_ONLY_MESSAGE;
} else {
process_requests_and_key_records_only = "";
mProcessRequestsAndKeyRecordsOnlyMessage = "";
}
// Enable logging process . . .
open_log( mLogFilename );
// Begin logging progress . . .
if( mRewrapFlag && mAppendIdOffsetFlag ) {
log( "BEGIN \""
+ DRM_TOOL + SPACE
+ DRMTOOL_CFG_FILE + SPACE
+ mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
+ mTargetLdifFilename + SPACE
+ LOG_FILE + SPACE
+ mLogFilename + SPACE
+ SOURCE_NSS_DB_PATH + SPACE
+ mSourcePKISecurityDatabasePath + SPACE
+ SOURCE_STORAGE_TOKEN_NAME + SPACE
+ TIC + mSourceStorageTokenName + TIC + SPACE
+ SOURCE_STORAGE_CERT_NICKNAME + SPACE
+ TIC + mSourceStorageCertNickname + TIC + SPACE
+ TARGET_STORAGE_CERTIFICATE_FILE + SPACE
+ mTargetStorageCertificateFilename + SPACE
+ use_PKI_security_database_pwdfile
+ APPEND_ID_OFFSET + SPACE
+ append_id_offset
+ process_drm_naming_context_fields
+ process_requests_and_key_records_only
+ "\" . . ."
+ NEWLINE, true );
} else if( mRewrapFlag && mRemoveIdOffsetFlag ) {
log( "BEGIN \""
+ DRM_TOOL + SPACE
+ DRMTOOL_CFG_FILE + SPACE
+ mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
+ mTargetLdifFilename + SPACE
+ LOG_FILE + SPACE
+ mLogFilename + SPACE
+ SOURCE_NSS_DB_PATH + SPACE
+ mSourcePKISecurityDatabasePath + SPACE
+ SOURCE_STORAGE_TOKEN_NAME + SPACE
+ TIC + mSourceStorageTokenName + TIC + SPACE
+ SOURCE_STORAGE_CERT_NICKNAME + SPACE
+ TIC + mSourceStorageCertNickname + TIC + SPACE
+ TARGET_STORAGE_CERTIFICATE_FILE + SPACE
+ mTargetStorageCertificateFilename + SPACE
+ use_PKI_security_database_pwdfile
+ REMOVE_ID_OFFSET + SPACE
+ remove_id_offset
+ process_drm_naming_context_fields
+ process_requests_and_key_records_only
+ "\" . . ."
+ NEWLINE, true );
} else if( mRewrapFlag ) {
log( "BEGIN \""
+ DRM_TOOL + SPACE
+ DRMTOOL_CFG_FILE + SPACE
+ mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
+ mTargetLdifFilename + SPACE
+ LOG_FILE + SPACE
+ mLogFilename + SPACE
+ SOURCE_NSS_DB_PATH + SPACE
+ mSourcePKISecurityDatabasePath + SPACE
+ SOURCE_STORAGE_TOKEN_NAME + SPACE
+ TIC + mSourceStorageTokenName + TIC + SPACE
+ SOURCE_STORAGE_CERT_NICKNAME + SPACE
+ TIC + mSourceStorageCertNickname + TIC + SPACE
+ TARGET_STORAGE_CERTIFICATE_FILE + SPACE
+ mTargetStorageCertificateFilename
+ use_PKI_security_database_pwdfile
+ process_drm_naming_context_fields
+ process_requests_and_key_records_only
+ "\" . . ."
+ NEWLINE, true );
} else if( mAppendIdOffsetFlag ) {
log( "BEGIN \""
+ DRM_TOOL + SPACE
+ DRMTOOL_CFG_FILE + SPACE
+ mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
+ mTargetLdifFilename + SPACE
+ LOG_FILE + SPACE
+ mLogFilename + SPACE
+ APPEND_ID_OFFSET + SPACE
+ append_id_offset
+ process_drm_naming_context_fields
+ process_requests_and_key_records_only
+ "\" . . ."
+ NEWLINE, true );
} else if( mRemoveIdOffsetFlag ) {
log( "BEGIN \""
+ DRM_TOOL + SPACE
+ DRMTOOL_CFG_FILE + SPACE
+ mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
+ mTargetLdifFilename + SPACE
+ LOG_FILE + SPACE
+ mLogFilename + SPACE
+ REMOVE_ID_OFFSET + SPACE
+ remove_id_offset
+ process_drm_naming_context_fields
+ process_requests_and_key_records_only
+ "\" . . ."
+ NEWLINE, true );
}
// Process the DRMTOOL config file
success = process_drmtool_config_file();
if( !success ) {
log( "FAILED processing drmtool config file!"
+ NEWLINE, true );
} else {
log( "SUCCESSFULLY processed drmtool config file!"
+ NEWLINE, true );
// Convert the source LDIF file to a target LDIF file
success = convert_source_ldif_to_target_ldif();
if( !success ) {
log( "FAILED converting source LDIF file --> target LDIF file!"
+ NEWLINE, true );
} else {
log( "SUCCESSFULLY converted source LDIF file --> "
+ "target LDIF file!"
+ NEWLINE, true );
}
}
// Finish logging progress
if( mRewrapFlag && mAppendIdOffsetFlag ) {
log( "FINISHED \""
+ DRM_TOOL + SPACE
+ DRMTOOL_CFG_FILE + SPACE
+ mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
+ mTargetLdifFilename + SPACE
+ LOG_FILE + SPACE
+ mLogFilename + SPACE
+ SOURCE_NSS_DB_PATH + SPACE
+ mSourcePKISecurityDatabasePath + SPACE
+ SOURCE_STORAGE_TOKEN_NAME + SPACE
+ TIC + mSourceStorageTokenName + TIC + SPACE
+ SOURCE_STORAGE_CERT_NICKNAME + SPACE
+ TIC + mSourceStorageCertNickname + TIC + SPACE
+ TARGET_STORAGE_CERTIFICATE_FILE + SPACE
+ mTargetStorageCertificateFilename + SPACE
+ use_PKI_security_database_pwdfile
+ APPEND_ID_OFFSET + SPACE
+ append_id_offset
+ process_drm_naming_context_fields
+ process_requests_and_key_records_only
+ "\"."
+ NEWLINE, true );
} else if( mRewrapFlag && mRemoveIdOffsetFlag ) {
log( "FINISHED \""
+ DRM_TOOL + SPACE
+ DRMTOOL_CFG_FILE + SPACE
+ mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
+ mTargetLdifFilename + SPACE
+ LOG_FILE + SPACE
+ mLogFilename + SPACE
+ SOURCE_NSS_DB_PATH + SPACE
+ mSourcePKISecurityDatabasePath + SPACE
+ SOURCE_STORAGE_TOKEN_NAME + SPACE
+ TIC + mSourceStorageTokenName + TIC + SPACE
+ SOURCE_STORAGE_CERT_NICKNAME + SPACE
+ TIC + mSourceStorageCertNickname + TIC + SPACE
+ TARGET_STORAGE_CERTIFICATE_FILE + SPACE
+ mTargetStorageCertificateFilename + SPACE
+ use_PKI_security_database_pwdfile
+ REMOVE_ID_OFFSET + SPACE
+ remove_id_offset
+ process_drm_naming_context_fields
+ process_requests_and_key_records_only
+ "\"."
+ NEWLINE, true );
} else if( mRewrapFlag ) {
log( "FINISHED \""
+ DRM_TOOL + SPACE
+ DRMTOOL_CFG_FILE + SPACE
+ mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
+ mTargetLdifFilename + SPACE
+ LOG_FILE + SPACE
+ mLogFilename + SPACE
+ SOURCE_NSS_DB_PATH + SPACE
+ mSourcePKISecurityDatabasePath + SPACE
+ SOURCE_STORAGE_TOKEN_NAME + SPACE
+ TIC + mSourceStorageTokenName + TIC + SPACE
+ SOURCE_STORAGE_CERT_NICKNAME + SPACE
+ TIC + mSourceStorageCertNickname + TIC + SPACE
+ TARGET_STORAGE_CERTIFICATE_FILE + SPACE
+ mTargetStorageCertificateFilename
+ use_PKI_security_database_pwdfile
+ process_drm_naming_context_fields
+ process_requests_and_key_records_only
+ "\"."
+ NEWLINE, true );
} else if( mAppendIdOffsetFlag ) {
log( "FINISHED \""
+ DRM_TOOL + SPACE
+ DRMTOOL_CFG_FILE + SPACE
+ mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
+ mTargetLdifFilename + SPACE
+ LOG_FILE + SPACE
+ mLogFilename + SPACE
+ APPEND_ID_OFFSET + SPACE
+ append_id_offset
+ process_drm_naming_context_fields
+ process_requests_and_key_records_only
+ "\"."
+ NEWLINE, true );
} else if( mRemoveIdOffsetFlag ) {
log( "FINISHED \""
+ DRM_TOOL + SPACE
+ DRMTOOL_CFG_FILE + SPACE
+ mDrmtoolCfgFilename + SPACE
+ SOURCE_LDIF_FILE + SPACE
+ mSourceLdifFilename + SPACE
+ TARGET_LDIF_FILE + SPACE
+ mTargetLdifFilename + SPACE
+ LOG_FILE + SPACE
+ mLogFilename + SPACE
+ REMOVE_ID_OFFSET + SPACE
+ remove_id_offset
+ process_drm_naming_context_fields
+ process_requests_and_key_records_only
+ "\"."
+ NEWLINE, true );
}
// Shutdown logging process
close_log( mLogFilename );
}
}