private static byte[] readData(final FileOrValueType fileOrValue) throws IOException { byte[] data = fileOrValue.getValue(); if (data == null) { data = IoUtil.read(fileOrValue.getFile()); } return data; }
protected String value(final FileOrValueType fileOrValue) throws IOException { if (fileOrValue == null) { return null; } if (fileOrValue.getValue() != null) { return fileOrValue.getValue(); } File file = new File(baseDir, fileOrValue.getFile()); return new String(IoUtil.read(file), "UTF-8"); }
@Override protected Object execute0() throws Exception { if (type == null && conf == null && confFile == null) { throw new IllegalCmdParamException("nothing to update"); } if (conf == null && confFile != null) { conf = new String(IoUtil.read(confFile)); } boolean bo = caManager.changePublisher(name, type, conf); output(bo, "updated", "could not update", "publisher " + name); return null; }
private X509Cert readCertificate(final byte[] keyId) throws CertificateException, IOException { byte[] encoded = IoUtil.read(new File(certDir, Hex.toHexString(keyId) + VALUE_FILE_SUFFIX)); X509Certificate cert = X509Util.parseCert(encoded); return new X509Cert(cert, encoded); }
@Override protected Object execute0() throws Exception { if (type == null && conf == null && confFile == null) { throw new IllegalCmdParamException("nothing to update"); } if (conf == null && confFile != null) { conf = new String(IoUtil.read(confFile)); } boolean bo = caManager.changeCertprofile(name, type, conf); output(bo, "updated", "could not update", "certificate profile " + name); return null; }
protected byte[] binary(final FileOrBinaryType fileOrValue) throws IOException { if (fileOrValue == null) { return null; } if (fileOrValue.getBinary() != null) { return fileOrValue.getBinary(); } File file = new File(baseDir, fileOrValue.getFile()); return IoUtil.read(file); }
private byte[] getBinary(final FileOrBinaryType fileOrBinary, final ZipFile zipFile) throws IOException { if (fileOrBinary == null) { return null; } if (fileOrBinary.getBinary() != null) { return fileOrBinary.getBinary(); } String fileName = expandConf(fileOrBinary.getFile()); InputStream is; if (zipFile != null) { is = zipFile.getInputStream(new ZipEntry(fileName)); if (is == null) { throw new IOException("could not find ZIP entry " + fileName); } } else { is = new FileInputStream(fileName); } return IoUtil.read(is); }
@Override protected Object execute0() throws Exception { // check if the certificate is valid byte[] certBytes = IoUtil.read(certFile); X509Util.parseCert(new ByteArrayInputStream(certBytes)); boolean bo = caManager.changeRequestor(name, Base64.encodeToString(certBytes)); output(bo, "updated", "could not update", "CMP requestor " + name); return null; }
private String getValue(final FileOrValueType fileOrValue, final ZipFile zipFile) throws IOException { if (fileOrValue == null) { return null; } if (fileOrValue.getValue() != null) { return expandConf(fileOrValue.getValue()); } String fileName = expandConf(fileOrValue.getFile()); InputStream is; if (zipFile != null) { is = zipFile.getInputStream(new ZipEntry(fileName)); if (is == null) { throw new IOException("could not find ZIP entry " + fileName); } } else { is = new FileInputStream(fileName); } byte[] binary = IoUtil.read(is); return expandConf(new String(binary, "UTF-8")); }
@Override protected Object execute0() throws Exception { String cert = null; if (CaManager.NULL.equalsIgnoreCase(certFile)) { cert = CaManager.NULL; } else if (certFile != null) { byte[] certBytes = IoUtil.read(certFile); X509Util.parseCert(new ByteArrayInputStream(certBytes)); cert = Base64.encodeToString(certBytes); } boolean bo = caManager.changeResponder(name, signerType, getSignerConf(), cert); output(bo, "updated", "could not update", "CMP responder " + name); return null; }
@Override protected Object execute0() throws Exception { if (conf == null && confFile != null) { conf = new String(IoUtil.read(confFile)); } CertprofileEntry entry = new CertprofileEntry(new NameId(null, name), type, conf); boolean bo = caManager.addCertprofile(entry); output(bo, "added", "could not add", "certificate profile " + name); return null; }
@Override protected Object execute0() throws Exception { if (conf == null && confFile != null) { conf = new String(IoUtil.read(confFile)); } PublisherEntry entry = new PublisherEntry(new NameId(null, name), type, conf); boolean bo = caManager.addPublisher(entry); output(bo, "added", "could not add", "publisher " + name); return null; }
@Override protected Object execute0() throws Exception { String base64Cert = null; if (!"CA".equalsIgnoreCase(signerType)) { if (signerCertFile != null) { byte[] encodedCert = IoUtil.read(signerCertFile); base64Cert = IoUtil.base64Encode(encodedCert, false); X509Util.parseCert(encodedCert); } if (signerConf != null) { if ("PKCS12".equalsIgnoreCase(signerType) || "JKS".equalsIgnoreCase(signerType)) { signerConf = ShellUtil.canonicalizeSignerConf(signerType, signerConf, passwordResolver, securityFactory); } } } X509CrlSignerEntry entry = new X509CrlSignerEntry(name, signerType, signerConf, base64Cert, crlControl); boolean bo = caManager.addCrlSigner(entry); output(bo, "added", "could not add", "CRL signer " + name); return null; }
@Override protected Object execute0() throws Exception { X509CaEntry caEntry = getCaEntry(); byte[] csr = IoUtil.read(csrFile); BigInteger serialNumber = null; if (serialS != null) { serialNumber = toBigInt(serialS); } X509Certificate rcaCert = caManager.generateRootCa(caEntry, rcaProfile, csr, serialNumber); if (rcaCertOutFile != null) { saveVerbose("saved root certificate to file", new File(rcaCertOutFile), rcaCert.getEncoded()); } println("generated root CA " + caEntry.ident().name()); return null; }
@Override protected Object execute0() throws Exception { CaEntry ca = caManager.getCa(caName); if (ca == null) { throw new CmdFailure("CA " + caName + " not available"); } Date notBefore = StringUtil.isNotBlank(notBeforeS) ? DateUtil.parseUtcTimeyyyyMMddhhmmss(notBeforeS) : null; Date notAfter = StringUtil.isNotBlank(notAfterS) ? DateUtil.parseUtcTimeyyyyMMddhhmmss(notAfterS) : null; byte[] encodedCsr = IoUtil.read(csrFile); X509Certificate cert = caManager.generateCertificate(caName, profileName, encodedCsr, notBefore, notAfter); saveVerbose("saved certificate to file", new File(outFile), cert.getEncoded()); return null; }
@Override protected Object execute0() throws Exception { String base64Cert = null; if (certFile != null) { base64Cert = IoUtil.base64Encode(IoUtil.read(certFile), false); } if ("PKCS12".equalsIgnoreCase(responderType) || "JKS".equalsIgnoreCase(responderType)) { responderConf = ShellUtil.canonicalizeSignerConf(responderType, responderConf, passwordResolver, securityFactory); } ScepEntry entry = new ScepEntry(name, new NameId(null, caName), !inactive, responderType, responderConf, base64Cert, profiles, scepControl); if (entry.isFaulty()) { throw new InvalidConfException("certificate is invalid"); } boolean bo = caManager.addScep(entry); output(bo, "added", "could not add", "SCEP responder " + name); return null; }
@Override protected Object execute0() throws Exception { String base64Cert = IoUtil.base64Encode(IoUtil.read(certFile), false); CmpRequestorEntry entry = new CmpRequestorEntry(new NameId(null, name), base64Cert); boolean bo = (entry.cert() == null) ? false : caManager.addRequestor(entry); output(bo, "added", "could not add", "CMP requestor " + name); return null; }
public static SignerConf getKeystoreSignerConf(final InputStream keystoreStream, final String password, final String signatureAlgorithm, final int parallelism) throws IOException { ParamUtil.requireNonNull("keystoreStream", keystoreStream); ParamUtil.requireNonBlank("password", password); ParamUtil.requireNonNull("signatureAlgorithm", signatureAlgorithm); ParamUtil.requireMin("parallelism", parallelism, 1); ConfPairs conf = new ConfPairs("password", password); conf.putPair("algo", signatureAlgorithm); conf.putPair("parallelism", Integer.toString(parallelism)); conf.putPair("keystore", "base64:" + Base64.encodeToString(IoUtil.read(keystoreStream))); return new SignerConf(conf.getEncoded()); }
protected BigInteger getSerialNumber() throws CmdFailure, IllegalCmdParamException, CertificateException, IOException { CaEntry ca = caManager.getCa(caName); if (ca == null) { throw new CmdFailure("CA " + caName + " not available"); } if (!(ca instanceof X509CaEntry)) { throw new CmdFailure("CA " + caName + " is not an X.509-CA"); } BigInteger serialNumber; if (serialNumberS != null) { serialNumber = toBigInt(serialNumberS); } else if (certFile != null) { X509Certificate caCert = ((X509CaEntry) ca).certificate(); X509Certificate cert = X509Util.parseCert(IoUtil.read(certFile)); if (!X509Util.issues(caCert, cert)) { throw new CmdFailure( "certificate '" + certFile + "' is not issued by CA " + caName); } serialNumber = cert.getSerialNumber(); } else { throw new IllegalCmdParamException("neither serialNumber nor certFile is specified"); } return serialNumber; }
protected X509ChangeCrlSignerEntry getCrlSignerChangeEntry() throws Exception { String signerCertConf = null; if (CaManager.NULL.equalsIgnoreCase(signerCert)) { signerCertConf = CaManager.NULL; } else if (signerCert != null) { byte[] certBytes = IoUtil.read(signerCert); X509Util.parseCert(new ByteArrayInputStream(certBytes)); signerCertConf = Base64.encodeToString(certBytes); } if (signerConf != null) { String tmpSignerType = signerType; if (tmpSignerType == null) { X509CrlSignerEntry entry = caManager.getCrlSigner(name); if (entry == null) { throw new IllegalCmdParamException("please specify the signerType"); } tmpSignerType = entry.type(); } signerConf = ShellUtil.canonicalizeSignerConf(tmpSignerType, signerConf, passwordResolver, securityFactory); } X509ChangeCrlSignerEntry dbEntry = new X509ChangeCrlSignerEntry(name); dbEntry.setSignerType(signerType); dbEntry.setSignerConf(signerConf); dbEntry.setCrlControl(crlControl); dbEntry.setBase64Cert(signerCertConf); return dbEntry; } // method getCrlSignerChangeEntry