locatecommand.java

一个免费的CA,基于EJB平台的,老师叫我们测试,现把之共享出来让大家参考

/*************************************************************************
 *                                                                       *
 *  EJBCA: The OpenSource Certificate Authority                          *
 *                                                                       *
 *  This software is free software; you can redistribute it and/or       *
 *  modify it under the terms of the GNU Lesser General Public           *
 *  License as published by the Free Software Foundation; either         *
 *  version 2.1 of the License, or any later version.                    *
 *                                                                       *
 *  See terms of license at gnu.org.                                     *
 *                                                                       *
 *************************************************************************/
 
package org.ejbca.core.protocol.xkms.client;

import java.io.FileOutputStream;
import java.io.IOException;
import java.security.cert.CRLException;
import java.security.cert.CertificateException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;

import javax.xml.bind.JAXBElement;

import org.ejbca.core.protocol.xkms.common.XKMSConstants;
import org.ejbca.ui.cli.ErrorAdminCommandException;
import org.ejbca.ui.cli.IAdminCommand;
import org.ejbca.ui.cli.IllegalAdminCommandException;
import org.ejbca.util.Base64;
import org.ejbca.util.CertTools;
import org.w3._2000._09.xmldsig_.KeyInfoType;
import org.w3._2000._09.xmldsig_.X509DataType;
import org.w3._2002._03.xkms_.KeyBindingType;
import org.w3._2002._03.xkms_.LocateRequestType;
import org.w3._2002._03.xkms_.LocateResultType;
import org.w3._2002._03.xkms_.ObjectFactory;
import org.w3._2002._03.xkms_.QueryKeyBindingType;
import org.w3._2002._03.xkms_.UnverifiedKeyBindingType;
import org.w3._2002._03.xkms_.UseKeyWithType;
import org.w3._2002._03.xkms_.ValidateRequestType;
import org.w3._2002._03.xkms_.ValidateResultType;





/**
 * Performes KISS calls to an web service.
 *
 * @version $Id: LocateCommand.java,v 1.2 2007/01/07 00:31:51 herrvendil Exp $
 * @author Philip Vendil
 */
public class LocateCommand extends XKMSCLIBaseCommand implements IAdminCommand{

	private ObjectFactory xKMSObjectFactory = new ObjectFactory();
	private org.w3._2000._09.xmldsig_.ObjectFactory sigFactory = new org.w3._2000._09.xmldsig_.ObjectFactory();
	
	private static final int ARG_QUERYTYPE          = 1;
	private static final int ARG_QUERYVALUE         = 2;
	private static final int ARG_KEYUSAGE           = 3;
	private static final int ARG_RESPONDWITH        = 4;
	private static final int ARG_VALIDATEFLAG       = 5;
	private static final int ARG_ENCODING           = 6;
	private static final int ARG_OUTPUTPATH         = 7;
	

	

        
    private static final String VALIDATION_VALIDATE        = "validate";
    private static final String VALIDATION_NOVALIDATION    = "novalidation";


	
    /**
     * Creates a new instance of RaAddUserCommand
     *
     * @param args command line arguments
     */
    public LocateCommand(String[] args) {
        super(args);
    }

    /**
     * Runs the command
     *
     * @throws IllegalAdminCommandException Error in command args
     * @throws ErrorAdminCommandException Error running command
     */
    public void execute() throws IllegalAdminCommandException, ErrorAdminCommandException {
    	
        try {   
           
            if(args.length < 7 || args.length > 8){
            	usage();
            	System.exit(-1);
            }
            
            boolean isCertQuery = args[ARG_QUERYTYPE].equalsIgnoreCase(QUERYTYPE_CERT);
            
            String queryType = getQueryType(args[ARG_QUERYTYPE]);
            
            byte[] queryCert = null;
            String queryVal = null;
            if(isCertQuery){
            	queryCert = loadCert(args[ARG_QUERYVALUE]);
            }else{
            	queryVal = args[ARG_QUERYVALUE];
            }
            
            boolean validate = getValidate(args[ARG_VALIDATEFLAG]);
            boolean pEMEncoding = usePEMEncoding(args[ARG_ENCODING]);
            String keyUsage = getKeyUsage(args[ARG_KEYUSAGE]);
            Collection respondWith = getResponseWith(args[ARG_RESPONDWITH]);
            String outputPath = "";
            if(args.length >= ARG_OUTPUTPATH +1){
            	if(args[ARG_OUTPUTPATH] != null){
            	  outputPath = args[ARG_OUTPUTPATH] + "/";            	            	
            	}
            }

            
            QueryKeyBindingType queryKeyBindingType = xKMSObjectFactory.createQueryKeyBindingType();
            if(isCertQuery){
            	X509DataType x509DataType = sigFactory.createX509DataType();
                x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(queryCert));
                KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
                keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
                queryKeyBindingType.setKeyInfo(keyInfoType);
            }else{
            	UseKeyWithType useKeyWithType = xKMSObjectFactory.createUseKeyWithType();
            	useKeyWithType.setApplication(queryType);
            	useKeyWithType.setIdentifier(queryVal);
            	queryKeyBindingType.getUseKeyWith().add(useKeyWithType);
            }
            if(keyUsage != null){
              queryKeyBindingType.getKeyUsage().add(keyUsage);
            }
            
            String reqId = genId();
            
            List keyBindings = new ArrayList();
            if(validate){
            	ValidateRequestType validationRequestType = xKMSObjectFactory.createValidateRequestType();
            	validationRequestType.setId(reqId);
                Iterator iter = respondWith.iterator();
                while(iter.hasNext()){
                	validationRequestType.getRespondWith().add((String) iter.next());
                }
                validationRequestType.setQueryKeyBinding(queryKeyBindingType);
                getPrintStream().println("Sending validation request with id " + reqId + " to XKMS Service");
                
                ValidateResultType validateResult = getXKMSInvoker().validate(validationRequestType, clientCert, privateKey);                
                keyBindings = validateResult.getKeyBinding();                                
                
            }else{
            	LocateRequestType locateRequestType = xKMSObjectFactory.createLocateRequestType();
            	locateRequestType.setId(reqId);
                Iterator iter = respondWith.iterator();
                while(iter.hasNext()){
                	locateRequestType.getRespondWith().add((String) iter.next());
                }
                locateRequestType.setQueryKeyBinding(queryKeyBindingType);
                
                getPrintStream().println("Sending locate request with id " + reqId + " to XKMS Service");
                LocateResultType locateResult = getXKMSInvoker().locate(locateRequestType, clientCert, privateKey);
                keyBindings = locateResult.getUnverifiedKeyBinding();                                                
            }

            if(keyBindings.size() > 0){
            	getPrintStream().println("\n  The query matched " + keyBindings.size() + " certificates :");
            	Iterator iter = keyBindings.iterator();
            	while(iter.hasNext()){
            		UnverifiedKeyBindingType next = (UnverifiedKeyBindingType) iter.next();
            		displayAndOutputCert(next, outputPath, pEMEncoding);            		
            		if(next instanceof KeyBindingType){
            			displayStatus((KeyBindingType) next);
            		}            		            		
            		getPrintStream().println("\n\n\n");
            	}
            }else{
            	getPrintStream().println("\n  The query didn't match any certificates");
            }
        
        } catch (Exception e) {
            throw new ErrorAdminCommandException(e);
        }
    }

 

	private void displayAndOutputCert(UnverifiedKeyBindingType next, String outputPath, boolean pEMEncoding) throws CertificateException, CRLException, IOException {
		List keyInfos = next.getKeyInfo().getContent();

		Iterator iter = keyInfos.iterator();