cimtrustcommand.cpp

Pegasus is an open-source implementationof the DMTF CIM and WBEM standards. It is designed to be por

//%2006////////////////////////////////////////////////////////////////////////
//
// Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
// Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
// Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
// IBM Corp.; EMC Corporation, The Open Group.
// Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
// IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
// Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
// EMC Corporation; VERITAS Software Corporation; The Open Group.
// Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.;
// EMC Corporation; Symantec Corporation; The Open Group.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to
// deal in the Software without restriction, including without limitation the
// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
// sell copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
// 
// THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
// ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
// "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
// LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
// PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
// HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
// ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
//==============================================================================
//
// Author: Nag Boranna, Hewlett-Packard Company (nagaraja_boranna@hp.com)
//
// Modified By: David Dillard, VERITAS Software Corp.
//                  (david.dillard@veritas.com)
//              Vijay Eli, (vijayeli@in.ibm.com) fix for #2572
//              Aruran, IBM (ashanmug@in.ibm.com) for Bug#4144
//              Sushma Fernandes, Hewlett-Packard Company
//                  (sushma_fernandes@hp.com)
//
//%/////////////////////////////////////////////////////////////////////////////

// define asprintf used to implement ultostr on Linux
#if defined(PEGASUS_LINUX_GENERIC_GNU)
#define _GNU_SOURCE
#include <features.h>
#include <stdio.h>
#endif

#include <iostream>
#include <Pegasus/Common/Config.h>
#include <Pegasus/Common/Constants.h>
#include <Pegasus/Common/System.h>
#include <Pegasus/Common/FileSystem.h>
#include <Pegasus/Common/String.h>
#include <Pegasus/Common/SSLContext.h>
#include <Pegasus/Common/InternalException.h>
#include <Pegasus/Common/PegasusVersion.h>

#include <Pegasus/getoopt/getoopt.h>
#include <Clients/cliutils/CommandException.h>
#include "CIMTrustCommand.h"

PEGASUS_NAMESPACE_BEGIN

//l10n
/**
 * The CLI message resource name
 */
static const char MSG_PATH []                  = "pegasus/pegasusCLI";

/**
    The command name.
 */
const char   CIMTrustCommand::COMMAND_NAME []      = "cimtrust";

/**
    Label for the usage string for this command.
 */
const char   CIMTrustCommand::_USAGE []            = "Usage: ";

/**
    The option character used to specify add certificate.
*/
const char   CIMTrustCommand::_OPTION_ADD          = 'a';

/**
    The option character used to specify remove certificate.
*/
const char   CIMTrustCommand::_OPTION_REMOVE       = 'r';

/**
    The option character used to specify list certificates.
*/
const char   CIMTrustCommand::_OPTION_LIST         = 'l';

/**
    The option character used to specify the certificate file path.
 */
const char   CIMTrustCommand::_OPTION_CERTFILE     = 'f';

/**
    The option character used to specify the certificate user name.
 */
const char   CIMTrustCommand::_OPTION_CERTUSER     = 'U';

/**
    The option character used to specify the issuer name.
 */
const char   CIMTrustCommand::_OPTION_ISSUER   = 'i';

/**
    The option character used to specify the serial number.
 */
const char   CIMTrustCommand::_OPTION_SERIALNUMBER = 'n';

/**
    The option character used to specify the subject.
 */
const char   CIMTrustCommand::_OPTION_SUBJECT = 'S';

/**
    The option character used to specify the certificate type.
 */
const char   CIMTrustCommand::_OPTION_TYPE= 'T';

/**
    The option character used to specify the authority type.
 */
const String   CIMTrustCommand::_ARG_TYPE_AUTHORITY = "a"; 

/**
    The option character used to specify the authority issued end-entity type.
 */
const String   CIMTrustCommand::_ARG_TYPE_AUTHORITY_END_ENTITY = "e";

/**
    The option character used to specify the self-signed identity type.
 */
const String   CIMTrustCommand::_ARG_TYPE_SELF_SIGNED_IDENTITY= "s";

/**
    Constant to represent unknown type certificate.
 */
const String   TYPE_UNKNOWN = "Unknown";

/**
    Constant to represent authority type certificate.
 */
const String   TYPE_AUTHORITY_STR = "Authority";

/**
    Constant to represent authority issued end-entity type certificate.
 */
const String   TYPE_AUTHORITY_END_ENTITY_STR = "Authority issued end-entity";

/**
    Constant to represent self-signed identity type certificate.
 */
const String   TYPE_SELF_SIGNED_IDENTITY_STR = "Self-signed identity";

/**
    This constant signifies that an operation option has not
    been recorded
*/
const Uint32 CIMTrustCommand::_OPERATION_TYPE_UNINITIALIZED = 0;

/**
    The constant representing an add operation
*/
const Uint32 CIMTrustCommand::_OPERATION_TYPE_ADD = 1;

/**
    The constant representing a remove operation
*/
const Uint32 CIMTrustCommand::_OPERATION_TYPE_REMOVE = 2;

/**
    The constant representing a list operation
*/
const Uint32 CIMTrustCommand::_OPERATION_TYPE_LIST = 4;

/**
    The constant representing a help operation
*/
const Uint32 CIMTrustCommand::_OPERATION_TYPE_HELP = 5;

/**
    The constant representing a version display operation
*/
const Uint32 CIMTrustCommand::_OPERATION_TYPE_VERSION = 6;


/**
    The name of the Method that implements add certificate to the
    trust store.
*/
static const CIMName ADD_CERTIFICATE_METHOD = CIMName ("addCertificate");

/**
    This constant represents the name of the Issuer name
    property in the schema
*/
static const CIMName PROPERTY_NAME_ISSUER = CIMName ("IssuerName");

/**
    This constant represents the name of the Serial number
    property in the schema
*/
static const CIMName PROPERTY_NAME_SERIALNUMBER = CIMName ("SerialNumber");

/**
    This constant represents the name of the Subject name type
    property in the schema
*/
static const CIMName PROPERTY_NAME_SUBJECTNAME  = CIMName ("SubjectName");

/**
    This constant represents the name of the RegisteredUserName
    property in the schema
*/
static const CIMName PROPERTY_NAME_REGISTERED_USER_NAME  
                                            = CIMName ("RegisteredUserName");

/**
    This constant represents the name of the type
    property in the schema
*/
static const CIMName PROPERTY_NAME_TYPE  = CIMName ("CertificateType");

/**
    This constant represents the name of the notBefore type
    property in the schema
*/
static const CIMName PROPERTY_NAME_NOTBEFORE    = CIMName ("NotBefore");

/**
    This constant represents the name of the notAfter type
    property in the schema
*/
static const CIMName PROPERTY_NAME_NOTAFTER     = CIMName ("NotAfter");

/**
    This constant represents the name of the lastUpdate type
    property in the schema
*/
static const CIMName PROPERTY_NAME_LASTUPDATE   = CIMName ("LastUpdate");

/**
    This constant represents the name of the nextUpdate type
    property in the schema
*/
static const CIMName PROPERTY_NAME_NEXTUPDATE   = CIMName ("NextUpdate");

/**
    The input parameter name for certificate content.
*/
static const char   CERT_CONTENTS []    = "certificateContents";

/**
    The input parameter name for registered certificate user.
*/
static const char   CERT_USERNAME []    = "userName";

/**
    The input parameter name for certificate type.
*/
static const char   CERT_TYPE []    = "certificateType";

/**
    The constants representing the display messages.
*/
static const char   LONG_HELP []  = "help";

static const char   LONG_VERSION []  = "version";

static const char PASSWORD_PROMPT []  =
                "Please enter your password: ";

static const char PASSWORD_BLANK []  =
                "Password cannot be blank. Please re-enter your password.";

static const char REQUIRED_ARGS_MISSING [] =
                "Required arguments missing.";

static const char REQUIRED_ARGS_MISSING_KEY [] =
                "Clients.cimtrust.CIMTrustCommand.REQUIRED_ARGS_MISSING";

static const char CANNOT_CONNECT_CIMSERVER_NOT_RUNNING [] =
                "Cannot connect to CIM Server, CIM Server may not be running.";

static const char CANNOT_CONNECT_CIMSERVER_NOT_RUNNING_KEY [] =
                "Clients.cimtrust.CIMTrustCommand._CANNOT_CONNECT_CIMSERVER_NOT_RUNNING";

static const char CONNECTION_TIMEOUT [] =
                "Connection timed out.";

static const char CONNECTION_TIMEOUT_KEY [] =
                "Clients.cimtrust.CIMTrustCommand._CONNECTION_TIMEOUT";

static const char ADD_CERT_FAILURE []    =
                "Failed to add certificate.";

static const char ADD_CERT_FAILURE_KEY []    =
                "Clients.cimtrust.CIMTrustCommand.ADD_CERT_FAILURE";

static const char ADD_CERTIFICATE_SUCCESS [] =
                "Certificate added successfully.";

static const char ADD_CERTIFICATE_SUCCESS_KEY [] =
                "Clients.cimtrust.CIMTrustCommand.ADD_CERTIFICATE_SUCCESS";

static const char REMOVE_CERTIFICATE_SUCCESS [] =
                "Certificate removed successfully.";

static const char REMOVE_CERTIFICATE_SUCCESS_KEY [] =
                "Clients.cimtrust.CIMTrustCommand.REMOVE_CERTIFICATE_SUCCESS";

static const char CERT_ALREADY_EXISTS []        =
                "Specified certificate already exists.";

static const char CERT_ALREADY_EXISTS_KEY []        =
                "Clients.cimtrust.CIMTrustCommand.CERT_ALREADY_EXISTS";

static const char CERT_NOT_FOUND [] =
                "Specified certificate does not exist.";

static const char CERT_NOT_FOUND_KEY [] =
                "Clients.cimtrust.CIMTrustCommand.CERT_NOT_FOUND";

static const char CERT_SCHEMA_NOT_LOADED []  =
                "Please restore the internal repository on the CIM Server.";

static const char CERT_SCHEMA_NOT_LOADED_KEY []  =
                "Clients.cimtrust.CIMTrustCommand.CERT_SCHEMA_NOT_LOADED";

static const char REMOVE_CERT_FAILURE [] =
                "Failed to remove certificate.";

static const char REMOVE_CERT_FAILURE_KEY []  =
                "Clients.cimtrust.CIMTrustCommand.REMOVE_CERT_FAILURE";

static const char LIST_CERT_FAILURE [] =
                "Failed to list certificate.";

static const char LIST_CERT_FAILURE_KEY [] =
                "Clients.cimtrust.CIMTrustCommand.LIST_CERT_FAILURE";

static const char CERT_WITHOUT_ASSOCIATED_USER_KEY [] =
    "Clients.cimtrust.CIMTrustCommand.CERT_WITHOUT_ASSOCIATED_USER";

static const char CERT_WITHOUT_ASSOCIATED_USER [] =
    "NOTE: No user name will be associated with the certificate" 
    " in the truststore.";

static const char INVALID_SYSTEM_USER [] =
                "Specified user is not a valid system user.";

static const char INVALID_SYSTEM_USER_KEY [] =
                "Clients.cimtrust.CIMTrustCommand.INVALID_SYSTEM_USER";

/**
    The constant representing the trust manager provider class name
*/
static const char PG_SSLTRUST_MGR_PROV_CLASS []    = "PG_SSLTrustManager";

// Return codes

static const Uint32 RC_CONNECTION_FAILED = 2;

static const Uint32 RC_CONNECTION_TIMEOUT = 3;

static const Uint32 RC_CERTIFICATE_ALREADY_EXISTS = 4;

static const Uint32 RC_CERTIFICATE_DOES_NOT_EXIST = 5;

static const Uint32 RC_INVALID_SYSTEM_USER = 6;

/**

    Constructs a CIMTrustCommand and initializes instance variables.

 */
CIMTrustCommand::CIMTrustCommand ()
{
    //
    // Initialize the instance variables.
    //
    _operationType       = _OPERATION_TYPE_UNINITIALIZED;

    _certFileSet         = false;
    _certUserSet         = false;
    _issuerSet           = false;
    _serialNumberSet     = false;
    _subjectSet          = false;
    _typeSet             = false;

    _timeout             = DEFAULT_TIMEOUT_MILLISECONDS;

    //
    // build Usage string.
    //
    _usage = String (_USAGE);
    _usage.append (COMMAND_NAME);

    //
    // Add option 1
    //
    _usage.append (" -").append (_OPTION_ADD);
    _usage.append (" [ -").append (_OPTION_CERTUSER).append (" certuser")
         .append (" ]");
    _usage.append (" -").append (_OPTION_CERTFILE).append (" certfile");
    _usage.append (" -").append (_OPTION_TYPE).append (" ( ").append(_ARG_TYPE_AUTHORITY);
    _usage.append (" | ").append (_ARG_TYPE_AUTHORITY_END_ENTITY);
    _usage.append (" | ").append (_ARG_TYPE_SELF_SIGNED_IDENTITY).append(" ) ");
    _usage.append ("\n");