From 602672eca140cde9fb4f1bcc8eab9d297c52d5f0 Mon Sep 17 00:00:00 2001 From: Fraser Tweedale Date: Wed, 10 Jun 2015 03:02:35 -0400 Subject: [PATCH] Add subca CLI --- .../certsrv/authority/AuthorityClient.java | 57 ++++++++++++++ .../src/com/netscape/certsrv/ca/CAClient.java | 3 +- .../netscape/cmstools/authority/AuthorityCLI.java | 56 ++++++++++++++ .../cmstools/authority/AuthorityCreateCLI.java | 86 ++++++++++++++++++++++ .../cmstools/authority/AuthorityFindCLI.java | 62 ++++++++++++++++ .../cmstools/authority/AuthorityShowCLI.java | 57 ++++++++++++++ .../src/com/netscape/cmstools/cli/CACLI.java | 2 + 7 files changed, 322 insertions(+), 1 deletion(-) create mode 100644 base/common/src/com/netscape/certsrv/authority/AuthorityClient.java create mode 100644 base/java-tools/src/com/netscape/cmstools/authority/AuthorityCLI.java create mode 100644 base/java-tools/src/com/netscape/cmstools/authority/AuthorityCreateCLI.java create mode 100644 base/java-tools/src/com/netscape/cmstools/authority/AuthorityFindCLI.java create mode 100644 base/java-tools/src/com/netscape/cmstools/authority/AuthorityShowCLI.java diff --git a/base/common/src/com/netscape/certsrv/authority/AuthorityClient.java b/base/common/src/com/netscape/certsrv/authority/AuthorityClient.java new file mode 100644 index 0000000000000000000000000000000000000000..7ad549c7d4bf85513aa64911fdf1c71c5ac4fc21 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/authority/AuthorityClient.java @@ -0,0 +1,57 @@ +//--- BEGIN COPYRIGHT BLOCK --- +//This program is free software; you can redistribute it and/or modify +//it under the terms of the GNU General Public License as published by +//the Free Software Foundation; version 2 of the License. +// +//This program is distributed in the hope that it will be useful, +//but WITHOUT ANY WARRANTY; without even the implied warranty of +//MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +//GNU General Public License for more details. +// +//You should have received a copy of the GNU General Public License along +//with this program; if not, write to the Free Software Foundation, Inc., +//51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +//(C) 2015 Red Hat, Inc. +//All rights reserved. +//--- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.authority; + +import java.net.URISyntaxException; +import java.util.List; + +import javax.ws.rs.core.GenericType; +import javax.ws.rs.core.Response; + +import com.netscape.certsrv.client.Client; +import com.netscape.certsrv.client.PKIClient; + +/** + * @author Fraser Tweedale + */ +public class AuthorityClient extends Client { + + public AuthorityResource proxy; + + public AuthorityClient(PKIClient client, String subsystem) throws URISyntaxException { + super(client, subsystem, "authority"); + proxy = createProxy(AuthorityResource.class); + } + + public List listCAs() { + Response response = proxy.listCAs(); + GenericType> type = new GenericType>() {}; + return client.getEntity(response, type); + } + + public AuthorityData getCA(String caIDString) { + Response response = proxy.getCA(caIDString); + return client.getEntity(response, AuthorityData.class); + } + + public AuthorityData createCA(AuthorityData data) { + Response response = proxy.createCA(data); + return client.getEntity(response, AuthorityData.class); + } + +} diff --git a/base/common/src/com/netscape/certsrv/ca/CAClient.java b/base/common/src/com/netscape/certsrv/ca/CAClient.java index e1a0a8c02f8a840acbdea924c164020b88557fc4..1fbd2a0b286ed09854373846510c392c5202307a 100644 --- a/base/common/src/com/netscape/certsrv/ca/CAClient.java +++ b/base/common/src/com/netscape/certsrv/ca/CAClient.java @@ -26,6 +26,7 @@ import com.netscape.certsrv.group.GroupClient; import com.netscape.certsrv.profile.ProfileClient; import com.netscape.certsrv.selftests.SelfTestClient; import com.netscape.certsrv.user.UserClient; +import com.netscape.certsrv.authority.AuthorityClient; public class CAClient extends SubsystemClient { @@ -35,7 +36,7 @@ public class CAClient extends SubsystemClient { } public void init() throws URISyntaxException { - + addClient(new AuthorityClient(client, name)); addClient(new CertClient(client, name)); addClient(new GroupClient(client, name)); addClient(new ProfileClient(client, name)); diff --git a/base/java-tools/src/com/netscape/cmstools/authority/AuthorityCLI.java b/base/java-tools/src/com/netscape/cmstools/authority/AuthorityCLI.java new file mode 100644 index 0000000000000000000000000000000000000000..f2b630d32f9b8fc12792d14c84e90e12f7c23f4d --- /dev/null +++ b/base/java-tools/src/com/netscape/cmstools/authority/AuthorityCLI.java @@ -0,0 +1,56 @@ +package com.netscape.cmstools.authority; + +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.net.URI; +import java.util.Locale; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; + +import com.netscape.certsrv.authority.AuthorityData; +import com.netscape.certsrv.authority.AuthorityClient; +import com.netscape.certsrv.cert.CertEnrollmentRequest; +import com.netscape.cmstools.cli.CLI; +import com.netscape.cmstools.cli.MainCLI; + +public class AuthorityCLI extends CLI { + + public AuthorityClient authorityClient; + + public AuthorityCLI(CLI parent) { + super("authority", "CA management commands", parent); + + addModule(new AuthorityFindCLI(this)); + addModule(new AuthorityShowCLI(this)); + addModule(new AuthorityCreateCLI(this)); + } + + public String getFullName() { + if (parent instanceof MainCLI) { + // do not include MainCLI's name + return name; + } else { + return parent.getFullName() + "-" + name; + } + } + + public void execute(String[] args) throws Exception { + client = parent.getClient(); + authorityClient = new AuthorityClient(client, "ca"); + super.execute(args); + } + + protected static void printAuthorityData(AuthorityData data) { + System.out.println(" Issuer DN: " + data.getDN()); + System.out.println(" ID: " + data.getID()); + System.out.println(" Parent ID: " + data.getParentID()); + String desc = data.getDescription(); + if (desc != null) + System.out.println(" Description: " + desc); + } + +} diff --git a/base/java-tools/src/com/netscape/cmstools/authority/AuthorityCreateCLI.java b/base/java-tools/src/com/netscape/cmstools/authority/AuthorityCreateCLI.java new file mode 100644 index 0000000000000000000000000000000000000000..19329cbba0fac3f8c9722cc6854cbeaf6a31c75c --- /dev/null +++ b/base/java-tools/src/com/netscape/cmstools/authority/AuthorityCreateCLI.java @@ -0,0 +1,86 @@ +package com.netscape.cmstools.authority; + +import java.util.Arrays; + +import org.apache.commons.cli.CommandLine; +import org.apache.commons.cli.Option; +import org.apache.commons.cli.ParseException; + +import com.netscape.certsrv.ca.AuthorityID; +import com.netscape.certsrv.authority.AuthorityData; +import com.netscape.cmstools.cli.CLI; +import com.netscape.cmstools.cli.MainCLI; + +public class AuthorityCreateCLI extends CLI { + + public AuthorityCLI authorityCLI; + + public AuthorityCreateCLI(AuthorityCLI authorityCLI) { + super("create", "Create CAs", authorityCLI); + this.authorityCLI = authorityCLI; + + Option optParent = new Option(null, "parent", true, "ID of parent CA"); + optParent.setArgName("id"); + options.addOption(optParent); + + Option optDesc = new Option(null, "desc", true, "Optional description"); + optDesc.setArgName("string"); + options.addOption(optDesc); + } + + public void printHelp() { + formatter.printHelp(getFullName() + " ", options); + } + + public void execute(String[] args) throws Exception { + // Always check for "--help" prior to parsing + if (Arrays.asList(args).contains("--help")) { + // Display usage + printHelp(); + System.exit(0); + } + + CommandLine cmd = null; + + try { + cmd = parser.parse(options, args); + } catch (ParseException e) { + System.err.println("Error: " + e.getMessage()); + printHelp(); + System.exit(-1); + } + + String[] cmdArgs = cmd.getArgs(); + if (cmdArgs.length != 1) { + if (cmdArgs.length < 1) + System.err.println("No DN specified."); + else + System.err.println("Too many arguments."); + printHelp(); + System.exit(-1); + } + + String parentAIDString = null; + if (cmd.hasOption("parent")) { + parentAIDString = cmd.getOptionValue("parent"); + try { + new AuthorityID(parentAIDString); + } catch (IllegalArgumentException e) { + System.err.println("Bad CA ID: " + parentAIDString); + printHelp(); + System.exit(-1); + } + } + + String desc = null; + if (cmd.hasOption("desc")) + desc = cmd.getOptionValue("desc"); + + String dn = cmdArgs[0]; + AuthorityData data = new AuthorityData( + dn, null, parentAIDString, desc); + AuthorityData newData = authorityCLI.authorityClient.createCA(data); + AuthorityCLI.printAuthorityData(newData); + } + +} diff --git a/base/java-tools/src/com/netscape/cmstools/authority/AuthorityFindCLI.java b/base/java-tools/src/com/netscape/cmstools/authority/AuthorityFindCLI.java new file mode 100644 index 0000000000000000000000000000000000000000..4a5684671d6a778146de183a0d122aaa58c45d8d --- /dev/null +++ b/base/java-tools/src/com/netscape/cmstools/authority/AuthorityFindCLI.java @@ -0,0 +1,62 @@ +package com.netscape.cmstools.authority; + +import java.util.Arrays; +import java.util.List; + +import org.apache.commons.cli.CommandLine; +import org.apache.commons.cli.Option; +import org.apache.commons.cli.ParseException; + +import com.netscape.certsrv.authority.AuthorityData; +import com.netscape.cmstools.cli.CLI; +import com.netscape.cmstools.cli.MainCLI; + +public class AuthorityFindCLI extends CLI { + + public AuthorityCLI authorityCLI; + + public AuthorityFindCLI(AuthorityCLI authorityCLI) { + super("find", "Find CAs", authorityCLI); + this.authorityCLI = authorityCLI; + } + + public void printHelp() { + formatter.printHelp(getFullName(), options); + } + + public void execute(String[] args) throws Exception { + // Always check for "--help" prior to parsing + if (Arrays.asList(args).contains("--help")) { + // Display usage + printHelp(); + System.exit(0); + } + + CommandLine cmd = null; + + try { + cmd = parser.parse(options, args); + } catch (ParseException e) { + System.err.println("Error: " + e.getMessage()); + printHelp(); + System.exit(-1); + } + + List datas = authorityCLI.authorityClient.listCAs(); + + MainCLI.printMessage(datas.size() + " entries matched"); + if (datas.size() == 0) return; + + boolean first = true; + for (AuthorityData data : datas) { + if (first) + first = false; + else + System.out.println(); + AuthorityCLI.printAuthorityData(data); + } + + MainCLI.printMessage("Number of entries returned " + datas.size()); + } + +} diff --git a/base/java-tools/src/com/netscape/cmstools/authority/AuthorityShowCLI.java b/base/java-tools/src/com/netscape/cmstools/authority/AuthorityShowCLI.java new file mode 100644 index 0000000000000000000000000000000000000000..a252f3001ae2581f770e58e68a077eb909a5490b --- /dev/null +++ b/base/java-tools/src/com/netscape/cmstools/authority/AuthorityShowCLI.java @@ -0,0 +1,57 @@ +package com.netscape.cmstools.authority; + +import java.util.Arrays; + +import org.apache.commons.cli.CommandLine; +import org.apache.commons.cli.Option; +import org.apache.commons.cli.ParseException; + +import com.netscape.certsrv.authority.AuthorityData; +import com.netscape.cmstools.cli.CLI; +import com.netscape.cmstools.cli.MainCLI; + +public class AuthorityShowCLI extends CLI { + + public AuthorityCLI authorityCLI; + + public AuthorityShowCLI(AuthorityCLI authorityCLI) { + super("show", "Show CAs", authorityCLI); + this.authorityCLI = authorityCLI; + } + + public void printHelp() { + formatter.printHelp(getFullName() + " ", options); + } + + public void execute(String[] args) throws Exception { + // Always check for "--help" prior to parsing + if (Arrays.asList(args).contains("--help")) { + // Display usage + printHelp(); + System.exit(0); + } + + CommandLine cmd = null; + + try { + cmd = parser.parse(options, args); + } catch (ParseException e) { + System.err.println("Error: " + e.getMessage()); + printHelp(); + System.exit(-1); + } + + String[] cmdArgs = cmd.getArgs(); + + if (cmdArgs.length < 1) { + System.err.println("Error: No ID specified."); + printHelp(); + System.exit(-1); + } + + String caIDString = cmdArgs[0]; + AuthorityData data = authorityCLI.authorityClient.getCA(caIDString); + AuthorityCLI.printAuthorityData(data); + } + +} diff --git a/base/java-tools/src/com/netscape/cmstools/cli/CACLI.java b/base/java-tools/src/com/netscape/cmstools/cli/CACLI.java index 17fb4866f38f05f7ead02b6145ef7d09140a90c5..5c41f00c2eb6e393cc95d3b174cb14eefc7307ae 100644 --- a/base/java-tools/src/com/netscape/cmstools/cli/CACLI.java +++ b/base/java-tools/src/com/netscape/cmstools/cli/CACLI.java @@ -20,6 +20,7 @@ package com.netscape.cmstools.cli; import com.netscape.certsrv.ca.CAClient; import com.netscape.certsrv.client.Client; +import com.netscape.cmstools.authority.AuthorityCLI; import com.netscape.cmstools.cert.CertCLI; import com.netscape.cmstools.group.GroupCLI; import com.netscape.cmstools.profile.ProfileCLI; @@ -37,6 +38,7 @@ public class CACLI extends SubsystemCLI { public CACLI(CLI parent) { super("ca", "CA management commands", parent); + addModule(new AuthorityCLI(this)); addModule(new CertCLI(this)); addModule(new GroupCLI(this)); addModule(new KRAConnectorCLI(this)); -- 2.4.3