001: /*
002: * GenerateCSR.java
003: *
004: */
005:
006: /**
007: *
008: * @author ss133690
009: * @version
010: */package com.sun.portal.cli.cert;
011:
012: import java.util.*;
013: import com.sun.portal.log.common.PortalLogger;
014: import org.mozilla.jss.crypto.*;
015: import org.mozilla.jss.crypto.KeyPairGenerator;
016: import org.mozilla.jss.crypto.X509Certificate;
017: import org.mozilla.jss.util.*;
018: import org.mozilla.jss.ssl.*;
019: import org.mozilla.jss.*;
020: import org.mozilla.jss.pkcs11.*;
021: import java.security.cert.*;
022: import java.security.interfaces.*;
023: import java.security.*;
024: import java.security.PrivateKey;
025: import org.mozilla.jss.pkix.primitive.*;
026: import org.mozilla.jss.pkix.cert.*;
027: import org.mozilla.jss.pkix.cert.Certificate;
028: import org.mozilla.jss.asn1.*;
029: import org.mozilla.jss.pkcs7.*;
030:
031: public class GenerateCSR implements Command {
032: public boolean execute(JSSContext cntx) {
033: CertAdminUtil.println(CertAdminHelpText.getDNHelpText());
034: String tmpfqdn = cntx.getHost();
035: //String fqdn = CertAdminUtil.question("What is the fully-qualified DNS name of this host? ["+tmpfqdn+"]");
036: String fqdn = CertAdminUtil.question(CertAdminLocale
037: .getPFString("q2", CertAdminConstants.q2)
038: + tmpfqdn
039: + CertAdminLocale.getPFString("q1",
040: CertAdminConstants.q1));
041: if (fqdn.equals("")) {
042: fqdn = tmpfqdn;
043: }
044: String tmpo = "MyOrganization";
045: //String o = CertAdminUtil.question("What is the name of your organization (ex: Company)? ["+tmpo+"]");
046: String o = CertAdminUtil.question(CertAdminLocale.getPFString(
047: "q3", CertAdminConstants.q3)
048: + tmpo
049: + CertAdminLocale.getPFString("q1",
050: CertAdminConstants.q1));
051: if (o.equals("")) {
052: o = tmpo;
053: }
054: String tmpou = "MyOrganizationUnit";
055: //String ou = CertAdminUtil.question("What is the name of your organizational unit (ex: division)? ["+tmpou+"]");
056: String ou = CertAdminUtil.question(CertAdminLocale.getPFString(
057: "q4", CertAdminConstants.q4)
058: + tmpou
059: + CertAdminLocale.getPFString("q1",
060: CertAdminConstants.q1));
061: if (ou.equals("")) {
062: ou = tmpou;
063: }
064: String tmpl = "MyLocality";
065: //String l = CertAdminUtil.question("What is the name of your City or Locality? ["+tmpl+"]");
066: String l = CertAdminUtil.question(CertAdminLocale.getPFString(
067: "q5", CertAdminConstants.q5)
068: + tmpl
069: + CertAdminLocale.getPFString("q1",
070: CertAdminConstants.q1));
071: if (l.equals("")) {
072: l = tmpl;
073: }
074: String tmps = "MyState";
075: //String s = CertAdminUtil.question("What is the name (no abbreviation please) of your State or Province? ["+tmps+"]");
076: String s = CertAdminUtil.question(CertAdminLocale.getPFString(
077: "q6", CertAdminConstants.q6)
078: + tmps
079: + CertAdminLocale.getPFString("q1",
080: CertAdminConstants.q1));
081: if (s.equals("")) {
082: s = tmps;
083: }
084: //String c = CertAdminUtil.question("What is the two-letter country code for this unit? []");
085: String c = CertAdminUtil.question(CertAdminLocale.getPFString(
086: "q7", CertAdminConstants.q7));
087: while (c.trim().length() != 2) {
088: //println("Enter a valid country code");
089: CertAdminUtil.println(CertAdminLocale.getPFString("m19",
090: CertAdminConstants.m19));
091: //c = CertAdminUtil.question("What is the two-letter country code for this unit? []");
092: c = CertAdminUtil.question(CertAdminLocale.getPFString(
093: "q7", CertAdminConstants.q7));
094: }
095: CertAdminUtil.println(CertAdminHelpText.getTokenHelpText());
096: //String token = CertAdminUtil.question("Please enter the token name []");
097: String token = CertAdminUtil.question(CertAdminLocale
098: .getPFString("q8", CertAdminConstants.q8));
099: CertAdminUtil.println(CertAdminHelpText.getCSRAdminHelpText());
100: CertAdminUtil.println(CertAdminConstants.newline);
101: //String email = CertAdminUtil.question("What is the email address of the admin/webmaster for this server ?");
102: String email = CertAdminUtil.question(CertAdminLocale
103: .getPFString("q11", CertAdminConstants.q11));
104: //String phone = CertAdminUtil.question("What is the phone number of the admin/webmaster for this server ?");
105: String phone = CertAdminUtil.question(CertAdminLocale
106: .getPFString("q12", CertAdminConstants.q12));
107: while (email.trim().equals("") || phone.trim().equals("")) {
108: //println("Email/Phone values should not be empty");
109: CertAdminUtil.println(CertAdminLocale.getPFString("m19",
110: CertAdminConstants.m19));
111: //email = CertAdminUtil.question("What is the email address of the admin/webmaster for this server ?");
112: email = CertAdminUtil.question(CertAdminLocale.getPFString(
113: "q11", CertAdminConstants.q11));
114: //phone = CertAdminUtil.question("What is the phone number of the admin/webmaster for this server ?");
115: phone = CertAdminUtil.question(CertAdminLocale.getPFString(
116: "q12", CertAdminConstants.q12));
117: }
118: CertAdminUtil.println(CertAdminConstants.newline);
119: //println("You have entered the following values:");
120: CertAdminUtil.println(CertAdminLocale.getPFString("m16",
121: CertAdminConstants.m16));
122: //println("Webmaster Email: "+email);
123: CertAdminUtil.println(CertAdminLocale.getPFString("m17",
124: CertAdminConstants.m17)
125: + email);
126: //println("Webmaster Phone: "+phone);
127: CertAdminUtil.println(CertAdminLocale.getPFString("m18",
128: CertAdminConstants.m18)
129: + phone);
130: CertAdminUtil.println(CertAdminConstants.newline);
131: //String ans = CertAdminUtil.question("Are these values correct (y/n) ? [n]");
132: String ans = CertAdminUtil.question(CertAdminLocale
133: .getPFString("q13", CertAdminConstants.q13));
134: while (!ans.equals("y")) {
135: CertAdminUtil.println(CertAdminConstants.newline);
136: //email = CertAdminUtil.question("What is the email address of the admin/webmaster for this server ?");
137: email = CertAdminUtil.question(CertAdminLocale.getPFString(
138: "q11", CertAdminConstants.q11));
139: //phone = CertAdminUtil.question("What is the phone number of the admin/webmaster for this server ?");
140: phone = CertAdminUtil.question(CertAdminLocale.getPFString(
141: "q12", CertAdminConstants.q12));
142: while (email.trim().equals("") || phone.trim().equals("")) {
143: //println("Email/Phone values should not be empty");
144: CertAdminUtil.println(CertAdminLocale.getPFString(
145: "m19", CertAdminConstants.m19));
146: //email = CertAdminUtil.question("What is the email address of the admin/webmaster for this server ?");
147: email = CertAdminUtil.question(CertAdminLocale
148: .getPFString("q11", CertAdminConstants.q11));
149: //phone = CertAdminUtil.question("What is the phone number of the admin/webmaster for this server ?");
150: phone = CertAdminUtil.question(CertAdminLocale
151: .getPFString("q12", CertAdminConstants.q12));
152: }
153: CertAdminUtil.println(CertAdminConstants.newline);
154: //println("You have entered the following values:");
155: CertAdminUtil.println(CertAdminLocale.getPFString("m16",
156: CertAdminConstants.m16));
157: //println("Webmaster Email: "+email);
158: CertAdminUtil.println(CertAdminLocale.getPFString("m17",
159: CertAdminConstants.m17)
160: + email);
161: //println("Webmaster Phone: "+phone);
162: CertAdminUtil.println(CertAdminLocale.getPFString("m18",
163: CertAdminConstants.m18)
164: + phone);
165: CertAdminUtil.println(CertAdminConstants.newline);
166: //ans = CertAdminUtil.question("Are these values correct (y/n) ? [n]");
167: ans = CertAdminUtil.question(CertAdminLocale.getPFString(
168: "q13", CertAdminConstants.q13));
169: }
170:
171: try {
172: //Get the token password
173: String passphrase = cntx.getPasswordContext()
174: .generatePassphrase(cntx);
175: PasswordCallback password;
176: CryptoToken tok = null;
177: if (token.trim().equals("")) {
178: tok = cntx.getCryptoManager()
179: .getInternalKeyStorageToken();
180: password = new CertAdminPasswordCallback(passphrase);
181: if (!tok.passwordIsInitialized()) {
182: tok.initPassword(new NullPasswordCallback(),
183: password);
184: }
185: } else {
186: tok = cntx.getCryptoManager().getTokenByName(token);
187: password = new ConsolePasswordCallback();
188: if (!tok.passwordIsInitialized()) {
189: tok.initPassword(new NullPasswordCallback(),
190: password);
191: }
192: }
193: //Login to the crypto token.
194: tok.login(password);
195:
196: /*
197: *Construct the ASN1 obbject Name
198: * Let us say the issuername is "C=IN, CN=Sun-Melody-CA, O=Sun, OU=IPS"
199: * ASN1 object Name is a sequence of the attributes C,CN,O,OU.
200: * JSS requires one to create the Name sequence in the reverse order.
201: * i.e. OU,O,CN,C
202: */
203: String dn = "OU=" + ou + "," + "O=" + o + "," + "CN="
204: + fqdn + "," + "C=" + c + "," + "ST=" + s + ","
205: + "L=" + l;
206:
207: Name issuer = new Name();
208: if (!fqdn.equals(""))
209: issuer.addCommonName(fqdn);
210: if (!l.equals(""))
211: issuer.addLocalityName(l);
212: if (!s.equals(""))
213: issuer.addStateOrProvinceName(s);
214: issuer.addCountryName(c);
215: if (!o.equals(""))
216: issuer.addOrganizationName(o);
217: if (!ou.equals(""))
218: issuer.addOrganizationalUnitName(ou);
219:
220: String certWithSameDN = JSSUtil.getCertWithSubject(tok,
221: issuer);
222: if (certWithSameDN != null) {
223: CertAdminUtil.println();
224: CertAdminUtil.println(CertAdminLocale.getPFString(
225: "m63", CertAdminConstants.m63));
226: CertAdminUtil.println(CertAdminLocale.getPFString(
227: "m64", CertAdminConstants.m64)
228: + CertAdminConstants.SPACE + certWithSameDN);
229: CertAdminUtil.println(CertAdminLocale.getPFString(
230: "m65", CertAdminConstants.m65)
231: + CertAdminConstants.SPACE
232: + issuer.getRFC1485());
233: CertAdminUtil.println(CertAdminLocale.getPFString(
234: "m66", CertAdminConstants.m66));
235: CertAdminUtil.question(CertAdminLocale.getPFString(
236: "m67", CertAdminConstants.m67));
237: CertAdminUtil.println(CertAdminConstants.newline);
238: return false;
239: }
240:
241: //println("Generating CSR...");
242: CertAdminUtil.println(CertAdminLocale.getPFString("m20",
243: CertAdminConstants.m20));
244: //println("Generating key. This may take a few moments...");
245: CertAdminUtil.println(CertAdminLocale.getPFString("m12",
246: CertAdminConstants.m12));
247: CertAdminUtil.println(CertAdminConstants.newline);
248: //Generate the certificate signing request.
249: String blob = tok.generateCertRequest(dn, 1024, "rsa",
250: (byte[]) null, (byte[]) null, (byte[]) null);
251: CertAdminUtil.println(CertAdminHelpText.getCSRHelpText());
252: StringBuffer csr = new StringBuffer();
253: csr.append("The CSR is also show below:");
254: csr.append(CertAdminConstants.newline);
255: csr.append(CertAdminConstants.newline);
256: csr
257: .append("Certificate request generated by Netscape certutil");
258: csr.append(CertAdminConstants.newline);
259: csr.append(CertAdminConstants.newline);
260: csr.append("Phone: " + phone);
261: csr.append(CertAdminConstants.newline);
262: csr.append("Common Name: " + fqdn);
263: csr.append(CertAdminConstants.newline);
264: csr.append("Email: " + email);
265: csr.append(CertAdminConstants.newline);
266: csr.append("Organization: " + o);
267: csr.append(CertAdminConstants.newline);
268: csr.append("State: " + s);
269: csr.append(CertAdminConstants.newline);
270: csr.append("Country: " + c);
271: csr.append(CertAdminConstants.newline);
272: csr.append(CertAdminConstants.newline);
273: csr.append(blob);
274: CertAdminUtil.println(csr.toString());
275: //Write the pkcs10 request to the csr file (under the current directory)
276: if (!CertAdminUtil.writeLine(csr.toString(), "csr."
277: + SystemProperties.get("gateway.host") + "."
278: + CertAdminUtil.getCurrentDateTime())) {
279: //println("Could not write the csr to the file");
280: CertAdminUtil.println(CertAdminLocale.getPFString(
281: "m21", CertAdminConstants.m21));
282: }
283: } catch (Exception ex) {
284:
285: //println("Could not generate the csr : "+ex.getMessage());
286: CertAdminUtil.println(CertAdminLocale.getPFString("m22",
287: CertAdminConstants.m22));
288: ex.printStackTrace();
289: return false;
290: }
291: return true;
292:
293: }
294:
295: }
|