📄 batchmakep12.java
字号:
* @param keyrecoverflag if we should try to revoer already existing keys * * @exception Exception If something goes wrong... */ private void processUser(UserAdminData data, boolean createJKS, boolean createPEM, boolean keyrecoverflag) throws Exception { KeyPair rsaKeys = null; if (usekeyrecovery && keyrecoverflag) { // Recover Keys IKeyRecoverySessionRemote keyrecoverysession = keyrecoveryhome.create(); KeyRecoveryData recoveryData = (KeyRecoveryData) keyrecoverysession.keyRecovery(administrator, data.getUsername()); if (recoveryData != null) { rsaKeys = recoveryData.getKeyPair(); } else { throw new Exception("No Key Recovery Data available for user, "+data.getUsername()+" can not be generated."); } } else { rsaKeys = KeyTools.genKeys(1024); } // Get certificate for user and create P12 if (rsaKeys != null) { createUser(data.getUsername(), data.getPassword(), data.getCAId(), rsaKeys, createJKS, createPEM, data.getKeyRecoverable()); } } //processUser /** * Creates P12-files for all users with status NEW in the local database. * * @exception Exception if something goes wrong... */ public void createAllNew() throws Exception { log.debug(">createAllNew:"); log.info("Generating for all NEW."); createAllWithStatus(UserDataLocal.STATUS_NEW); log.debug("<createAllNew:"); } // createAllNew /** * Creates P12-files for all users with status FAILED in the local database. * * @exception Exception if something goes wrong... */ public void createAllFailed() throws Exception { log.debug(">createAllFailed:"); log.info("Generating for all FAILED."); createAllWithStatus(UserDataLocal.STATUS_FAILED); log.debug("<createAllFailed:"); } // createAllFailed /** * Creates P12-files for all users with status KEYRECOVER in the local database. * * @exception Exception if something goes wrong... */ public void createAllKeyRecover() throws Exception { if (usekeyrecovery) { log.debug(">createAllKeyRecover:"); log.info("Generating for all KEYRECOVER."); createAllWithStatus(UserDataLocal.STATUS_KEYRECOVERY); log.debug("<createAllKeyRecover:"); } } // createAllKeyRecover /** * Creates P12-files for all users with status in the local database. * * @param status * * @exception Exception if something goes wrong... */ public void createAllWithStatus(int status) throws Exception { log.debug(">createAllWithStatus: " + status); Collection result; IUserAdminSessionRemote admin = adminhome.create(); boolean stopnow = false; //Collection result = admin.findAllUsersByStatus(administrator, status); do { result = admin.findAllUsersByStatusWithLimit(administrator, status, true); log.info("Batch generating " + result.size() + " users."); int failcount = 0; int successcount = 0; if (result.size() > 0) { if (result.size() < IUserAdminSessionRemote.MAXIMUM_QUERY_ROWCOUNT) { stopnow = true; } Iterator it = result.iterator(); boolean createJKS; boolean createPEM; boolean createP12; int tokentype = SecConst.TOKEN_SOFT_BROWSERGEN; String failedusers = ""; String successusers = ""; while (it.hasNext()) { createJKS = false; createPEM = false; createP12 = false; UserAdminData data = (UserAdminData) it.next(); if ((data.getPassword() != null) && (data.getPassword().length() > 0)) { try { // get users Token Type. tokentype = data.getTokenType(); createP12 = tokentype == SecConst.TOKEN_SOFT_P12; createPEM = tokentype == SecConst.TOKEN_SOFT_PEM; createJKS = tokentype == SecConst.TOKEN_SOFT_JKS; // Only generate supported tokens if (createP12 || createPEM || createJKS) { if (status == UserDataLocal.STATUS_KEYRECOVERY) { log.info("Retrieving keys for " + data.getUsername()); } else { log.info("Generating keys for " + data.getUsername()); } // Grab new user, set status to INPROCESS admin.setUserStatus(administrator, data.getUsername(), UserDataLocal.STATUS_INPROCESS); processUser(data, createJKS, createPEM, (status == UserDataLocal.STATUS_KEYRECOVERY)); // If all was OK , set status to GENERATED admin.setUserStatus(administrator, data.getUsername(), UserDataLocal.STATUS_GENERATED); // Delete clear text password admin.setClearTextPassword(administrator, data.getUsername(), null); successusers += (":" + data.getUsername()); successcount++; } else { log.debug( "Cannot batchmake browser generated token for user (wrong tokentype)- " + data.getUsername()); } } catch (Exception e) { // If things went wrong set status to FAILED log.error("An error happened, setting status to FAILED.", e); failedusers += (":" + data.getUsername()); failcount++; if (status == UserDataLocal.STATUS_KEYRECOVERY) { admin.setUserStatus(administrator, data.getUsername(), UserDataLocal.STATUS_KEYRECOVERY); } else { admin.setUserStatus(administrator, data.getUsername(), UserDataLocal.STATUS_FAILED); } } } else { log.debug("User '" + data.getUsername() + "' does not have clear text password."); } } if (failedusers.length() > 0) { throw new Exception("BatchMakeP12 failed for " + failcount + " users (" + successcount + " succeeded) - " + failedusers); } log.info(successcount + " new users generated successfully - " + successusers); } } while ((result.size() > 0) && !stopnow); log.debug("<createAllWithStatus: " + status); } // createAllWithStatus /** * Creates P12-files for one user in the local database. * * @param username username * * @exception Exception if the user does not exist or something goes wrong during generation */ public void createUser(String username) throws Exception { log.debug(">createUser(" + username + ")"); boolean createJKS = false; boolean createPEM = false; boolean createP12 = false; int tokentype = SecConst.TOKEN_SOFT_BROWSERGEN; IUserAdminSessionRemote admin = adminhome.create(); UserAdminData data = admin.findUser(administrator, username); int status = data.getStatus(); if ((data != null) && (data.getPassword() != null) && (data.getPassword().length() > 0)) { if ((status == UserDataLocal.STATUS_NEW) || ((status == UserDataLocal.STATUS_KEYRECOVERY) && usekeyrecovery)) { try { // get users Token Type. tokentype = data.getTokenType(); createP12 = tokentype == SecConst.TOKEN_SOFT_P12; createPEM = tokentype == SecConst.TOKEN_SOFT_PEM; createJKS = tokentype == SecConst.TOKEN_SOFT_JKS; // Only generate supported tokens if (createP12 || createPEM || createJKS) { if (status == UserDataLocal.STATUS_KEYRECOVERY) { log.info("Retrieving keys for " + data.getUsername()); } else { log.info("Generating keys for " + data.getUsername()); } // Grab new user, set status to INPROCESS admin.setUserStatus(administrator, data.getUsername(), UserDataLocal.STATUS_INPROCESS); processUser(data, createJKS, createPEM, (status == UserDataLocal.STATUS_KEYRECOVERY)); // If all was OK , set status to GENERATED admin.setUserStatus(administrator, data.getUsername(), UserDataLocal.STATUS_GENERATED); // Delete clear text password admin.setClearTextPassword(administrator, data.getUsername(), null); log.info("New user generated successfully - " + data.getUsername()); } else { log.info("Cannot batchmake browser generated token for user - " + data.getUsername()); } } catch (Exception e) { // If things went wrong set status to FAILED log.error("An error happened, setting status to FAILED (if not keyrecovery)."); log.error(e); if (status == UserDataLocal.STATUS_KEYRECOVERY) { admin.setUserStatus(administrator, data.getUsername(), UserDataLocal.STATUS_KEYRECOVERY); } else { admin.setUserStatus(administrator, data.getUsername(), UserDataLocal.STATUS_FAILED); } throw new Exception("BatchMakeP12 failed for '" + username + "'."); } } else { log.error("Unknown user, or clear text password is null: " + username); throw new Exception("BatchMakeP12 failed for '" + username + "'."); } } log.debug(">createUser(" + username + ")"); } // doit /** * Main * * @param args command line arguments */ public static void main(String[] args) { try { PropertyConfigurator.configure("log4j.properties"); BatchMakeP12 makep12 = new BatchMakeP12(); // Create subdirectory 'p12' if it does not exist File dir = new File("./p12"); dir.mkdir(); makep12.setMainStoreDir("./p12"); if ((args.length > 0) && args[0].equals("-?")) { System.out.println("Usage: batch [username]"); System.out.println( "Without arguments generates all users with status NEW or FAILED."); System.exit(1); } if (args.length > 0) { log.info("Generating Token."); makep12.createUser(args[0]); } else { // Make P12 for all NEW users in local DB makep12.createAllNew(); // Make P12 for all FAILED users in local DB makep12.createAllFailed(); // Make P12 for all KEYRECOVERABLE users in local DB makep12.createAllKeyRecover(); } } catch (Exception e) { e.printStackTrace(); System.exit(1); } } // main } // BatchMakeP12⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -