File	Doc	Category	Size	Date	Package
JKStoNSSConversionModule.java	API Doc	Glassfish v2 API	11498	Thu Jan 11 20:34:46 GMT 2007	com.sun.enterprise.tools.upgrade.certconversion

JKStoNSSConversionModule

• java.lang.Object

Fields Summary
private static Logger	_logger
private com.sun.enterprise.util.i18n.StringManager	sm
private static final String	PKCS12_INPUTFILE_OPTION
private static final String	NSS_DB_LOCATION_OPTION
private static final String	NSS_PWD_OPTION
private static final String	KEYSTORE_PWD_OPTION
private static final String	PK12_UTIL_UNIX
private static final String	PK12_UTIL_WIN
private static final String	CONFIG
private static final String	BIN
private static final String	LIB
String	pathOfNSSDbFiles
private String	jksPath
private String	trustJksPath
private List	pkcs12PathList
private String	nssKeyStorePassword
private List	keyList
private InputStream	isJksPath
private OutputStream	osJksPath
private OutputStream	trustJKSPathStream
private String	jksKeyStorePassword
private String	jksCAkeyStorePassword
private boolean	certificateError
private char[]	pwd
private KeyStore	trustedJksKeyStore
private CommonInfoModel	commonInfo
private String	pkcs12FilePath
private OutputStream	pkcs12KeystoreStream
private KeyStore	jksKeyStore
private KeyStore	pkcs12KeyStore

Constructors Summary
public JKStoNSSConversionModule() sm = StringManager.getManager(LogService.UPGRADE_CERTCONVERSION_LOGGER);

Methods Summary
public void	convertjksTopkcs12() try{ java.util.Enumeration en = jksKeyStore.aliases(); int i=0; for(; en.hasMoreElements(); ){ String alias = (String) en.nextElement(); _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.processing_keypair",alias)); Key key = jksKeyStore.getKey(alias, jksKeyStorePassword.toCharArray()); // START CR 6409992 /* Fix for 6409992. We are not transferring the default key cert pair * with the alias "s1as" */ if( !"s1as".equals(alias) ) { keyList.add(alias); java.security.cert.Certificate[] cert = jksKeyStore.getCertificateChain(alias); writeToOutputKeystore(key, cert, alias); // java.security.cert.Certificate cert1 = jksKeyStore.getCertificate(alias); //writeToOutputTrustedKeystore(cert1,alias); } // END CR 6409992 i++; } }catch(CertificateException e){ throw e; }catch(Exception e){ _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.processing_keypair",e)); throw new CertificateException(e.getMessage()); }finally{ }
private void	deletePKCS12Files() new File(pkcs12FilePath).delete();
public java.lang.String	getName() return sm.getString("enterprise.tools.upgrade.certconversion.moduleName");
public static void	main(java.lang.String[] args) new JKStoNSSConversionModule(); //convModule.upgrade(args);
private void	migratepkcs12TonssDB() // START CR 6409992 // Check if the keyList is of zero length, if yes do not // invoke ps12util if( keyList.isEmpty() ) return; // END CR 6409992 String targetDomainDir = commonInfo.getDestinationDomainPath(); String configDir = targetDomainDir + File.separator + CONFIG; String targetLib = commonInfo.getTargetInstallDir() +File.separator + LIB; String targetBin = commonInfo.getTargetInstallDir() +File.separator + BIN; String pk12UtilPath = ""; String osName = commonInfo.getOSName(); if(osName.indexOf("Windows") == -1) pk12UtilPath = commonInfo.getTargetInstallDir() + File.separator + LIB + File.separator + PK12_UTIL_UNIX; else pk12UtilPath = commonInfo.getTargetInstallDir() + File.separator + LIB + File.separator + PK12_UTIL_WIN; String pk12utilLocation = commonInfo.getTargetInstallDir() + File.separator + LIB; String[] commandArray = {pk12UtilPath, targetLib, targetBin, pk12utilLocation, PKCS12_INPUTFILE_OPTION, pkcs12FilePath, NSS_DB_LOCATION_OPTION, configDir, NSS_PWD_OPTION, commonInfo.getCertDbPassword(), KEYSTORE_PWD_OPTION, commonInfo.getJksKeystorePassword() }; StringWriter result = new StringWriter(); int exitVal = ProcessAdaptor.executeProcess(commandArray, result); result.flush(); if(exitVal == 0) { Iterator itr = keyList.iterator(); while(itr.hasNext()) _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.alias_transferred",(String)itr.next())); } else { _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.certificateError", pkcs12FilePath,commonInfo.getCurrentDomain(),result.toString())); throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.certificateError", pkcs12FilePath,commonInfo.getCurrentDomain(),result.toString())); }
public void	openInputKeystoreJKS() InputStream inputStreamJks = null; try{ inputStreamJks = new FileInputStream(jksPath); jksKeyStore = KeyStore.getInstance("JKS"); jksKeyStore.load(inputStreamJks, jksKeyStorePassword.toCharArray()); }catch(Exception e){ _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"),e); throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error")); }finally{ if(inputStreamJks!=null) try{inputStreamJks.close();}catch(Exception e){} }
public void	openOutputKeystore() try{ pkcs12KeyStore = KeyStore.getInstance("PKCS12"); pkcs12KeyStore.load(null, jksKeyStorePassword.toCharArray()); }catch(Exception e){ _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"),e); throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error")); }finally{ }
public void	recovery(CommonInfoModel commonInfo)
private void	runPkcs12ToJks() openInputKeystoreJKS(); openOutputKeystore(); convertjksTopkcs12(); storepkcs12KeyStore(); migratepkcs12TonssDB(); //deletePKCS12Files();
private void	storepkcs12KeyStore() try{ pkcs12KeystoreStream = new FileOutputStream(pkcs12FilePath); pkcs12KeyStore.store(pkcs12KeystoreStream, jksKeyStorePassword.toCharArray()); Enumeration aliases = pkcs12KeyStore.aliases(); while(aliases.hasMoreElements()){ String alias = (String)aliases.nextElement(); _logger.log(Level.INFO, "Added keystore alias: " + alias); } }catch(Exception ex){ _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.certificate_JKS_Error"),ex); throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.certificate_JKS_Error")); }finally{ if(pkcs12KeystoreStream!=null) try{pkcs12KeystoreStream.close();}catch(Exception e){} }
public boolean	upgrade(CommonInfoModel commonInfo) String currentDomain = commonInfo.getCurrentDomain(); if(!(commonInfo.getDomainOptionList().contains(currentDomain))) return true; pkcs12FilePath = commonInfo.getDestinationDomainPath() + File.separator +"pkcsFile" +".pkcs12"; this.jksPath=commonInfo.getSourceJKSKeyStorePath(); this.trustJksPath=commonInfo.getSourceTrustedJKSKeyStorePath(); this.jksKeyStorePassword=commonInfo.getJksKeystorePassword(); this.jksCAkeyStorePassword=commonInfo.getJksCAKeystorePassword(); this.pkcs12PathList=new ArrayList(); this.keyList = new ArrayList(); this.nssKeyStorePassword=commonInfo.getCertDbPassword(); this.commonInfo = commonInfo; try { runPkcs12ToJks(); }catch(CertificateException ce) { _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.could_not_migrate_certificates",ce)); UpdateProgressManager.getProgressManager().setContinueUpgrade(false); return false; } return true;
public void	writeToOutputKeystore(java.security.Key key, java.security.cert.Certificate[] cert, java.lang.String alias) try{ pkcs12KeyStore.setKeyEntry(alias, key, jksKeyStorePassword.toCharArray(), cert); } catch(Exception e){ _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"),e); throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error")); }
public void	writeToOutputTrustedKeystore(java.security.cert.Certificate cert, java.lang.String alias) try{ pkcs12KeyStore.setCertificateEntry(alias, cert); } catch(Exception e){ _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"),e); throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error")); }