KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sun > enterprise > tools > upgrade > certconversion > NSStoJKSConversionModule


1 /*
2  * The contents of this file are subject to the terms
3  * of the Common Development and Distribution License
4  * (the License). You may not use this file except in
5  * compliance with the License.
6  *
7  * You can obtain a copy of the license at
8  * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9  * glassfish/bootstrap/legal/CDDLv1.0.txt.
10  * See the License for the specific language governing
11  * permissions and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL
14  * Header Notice in each file and include the License file
15  * at glassfish/bootstrap/legal/CDDLv1.0.txt.
16  * If applicable, add the following below the CDDL Header,
17  * with the fields enclosed by brackets [] replaced by
18  * you own identifying information:
19  * "Portions Copyrighted [year] [name of copyright owner]"
20  *
21  * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22  */
23
24 package com.sun.enterprise.tools.upgrade.certconversion;
25
26 import java.io.*;
27 import java.util.*;
28 import java.util.logging.*;
29 import java.security.*;
30 import java.security.cert.*;
31 import com.sun.enterprise.tools.upgrade.logging.*;
32 import com.sun.enterprise.util.i18n.StringManager;
33 import com.sun.enterprise.tools.upgrade.common.*;
34
35 /**
36  *
37  * author : Gautam Borah
38  *
39  */
40
41 public class NSStoJKSConversionModule implements BaseModule{
42     
43     private static Logger _logger = LogService.getLogger(LogService.UPGRADE_LOGGER);
44     private StringManager sm;
45     private static final String JavaDoc PKCS12_OUTPUTFILE_OPTION = "-o";
46     private static final String JavaDoc NSS_DB_LOCATION_OPTION = "-d";
47     private static final String JavaDoc ALIAS_OPTION = "-n";
48     private static final String JavaDoc NSS_PWD_OPTION = "-K";
49     private static final String JavaDoc KEYSTORE_PWD_OPTION = "-W";
50     private static final String JavaDoc LIST_CERTIFICATE_OPTION = "-L";
51     private static final String JavaDoc LIST_KEY_ID = "-K";
52     private static final String JavaDoc CERT_NSS_PWD_OPTION = "-f";
53     private static final String JavaDoc CERT_UTIL_UNIX = "certutil.sh";
54     private static final String JavaDoc PK12_UTIL_UNIX = "pk12util.sh";
55     private static final String JavaDoc CERT_UTIL_WIN = "certutil.bat";
56     private static final String JavaDoc PK12_UTIL_WIN = "pk12util.bat";
57     private static final String JavaDoc CONFIG = "config";
58     private static final String JavaDoc BIN = "bin";
59     private static final String JavaDoc LIB = "lib";
60     private static final String JavaDoc UPGRADE = "upgrade";
61     String JavaDoc pathOfNSSDbFiles;
62     private String JavaDoc jksPath;
63     private String JavaDoc trustJksPath;
64     private List pkcs12PathList;
65     private String JavaDoc nssKeyStorePassword;
66     private List keyList;
67     private InputStream isJksPath;
68     private OutputStream osJksPath;
69     private OutputStream trustJKSPathStream;
70     private String JavaDoc jksKeyStorePassword;
71     private String JavaDoc jksCAkeyStorePassword;
72     private boolean certificateError = false;
73     private char[] pwd;
74     private KeyStore jksKeyStore;
75     private KeyStore trustedJksKeyStore;
76     private CommonInfoModel commonInfo;
77     
78     public NSStoJKSConversionModule(){
79         sm = StringManager.getManager(LogService.UPGRADE_CERTCONVERSION_LOGGER);
80     }
81     
82     public boolean upgrade(CommonInfoModel commonInfo){
83         try {
84             String JavaDoc currentDomain = commonInfo.getCurrentDomain();
85             if(!(commonInfo.getDomainOptionList().contains(currentDomain)) || commonInfo.getCertDbPassword() == null)
86                 return true;
87             this.jksPath=commonInfo.getTargetJKSKeyStorePath();
88             this.trustJksPath = commonInfo.getTargetTrustedJKSKeyStorePath();
89             this.jksKeyStorePassword=commonInfo.getJksKeystorePassword();
90             this.jksCAkeyStorePassword=commonInfo.getJksCAKeystorePassword();
91             this.pkcs12PathList=new ArrayList();
92             this.keyList = new ArrayList();
93             this.nssKeyStorePassword=commonInfo.getCertDbPassword();
94             this.commonInfo = commonInfo;
95             
96             _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.start_certificate_migration",currentDomain));
97             doBackup(commonInfo);
98             listAllKeysFromSourceInstall();
99             generatePKCS12Certificates();
100             runPkcs12ToJks();
101             deletePKCS12Files();
102             _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.finished_certificate_migration",currentDomain));
103         }catch(CertificateException ce) {
104             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.could_not_migrate_certificates",ce));
105             UpdateProgressManager.getProgressManager().setContinueUpgrade(false);
106             return false;
107         }
108         return true;
109     }
110     
111     private void doBackup(CommonInfoModel commonInfo) {
112         doCACertificateBackup();
113         doKeyPairBackup();
114     }
115     
116     private void doCACertificateBackup() {
117         FileInputStream in = null;
118         FileOutputStream out = null;
119         try {
120             KeyStore keystoreSource = KeyStore.getInstance(KeyStore.getDefaultType());
121             KeyStore keystoreTarget = KeyStore.getInstance(KeyStore.getDefaultType());
122             in = new FileInputStream(new File(trustJksPath));
123             keystoreSource.load(in,jksCAkeyStorePassword.toCharArray());
124             keystoreTarget.load(null, jksCAkeyStorePassword.toCharArray());
125             java.util.Enumeration JavaDoc en = keystoreSource.aliases();
126             for(; en.hasMoreElements(); ){
127                 String JavaDoc alias = (String JavaDoc) en.nextElement();
128                 java.security.cert.Certificate JavaDoc cert = keystoreSource.getCertificate(alias);
129                 keystoreTarget.setCertificateEntry(alias,cert);
130             }
131             out = new FileOutputStream(trustJksPath+".back");
132             keystoreTarget.store(out, jksCAkeyStorePassword.toCharArray());
133         } catch (java.security.cert.CertificateException JavaDoc e) {
134             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
135         } catch (NoSuchAlgorithmException e) {
136             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
137         } catch (FileNotFoundException e) {
138             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
139             // Keystore does not exist
140 } catch (KeyStoreException e) {
141             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
142         } catch (IOException e) {
143             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
144         }catch(Exception JavaDoc e) {
145             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
146         }finally {
147             try {
148                 if(in!=null)
149                     in.close();
150                 if(out!=null)
151                     out.close();
152             }catch(Exception JavaDoc ex){}
153         }
154     }
155     
156     private void doKeyPairBackup() {
157         FileInputStream in = null;
158         FileOutputStream out = null;
159         try {
160             KeyStore keystoreSource = KeyStore.getInstance(KeyStore.getDefaultType());
161             KeyStore keystoreTarget = KeyStore.getInstance(KeyStore.getDefaultType());
162             in = new FileInputStream(new File(jksPath));
163             keystoreSource.load(in,jksKeyStorePassword.toCharArray());
164             keystoreTarget.load(null, jksKeyStorePassword.toCharArray());
165             java.util.Enumeration JavaDoc en = keystoreSource.aliases();
166             for(; en.hasMoreElements(); ){
167                 String JavaDoc alias = (String JavaDoc) en.nextElement();
168                 Key key = keystoreSource.getKey(alias, jksKeyStorePassword.toCharArray());
169                 java.security.cert.Certificate JavaDoc[] cert = keystoreSource.getCertificateChain(alias);
170                 keystoreTarget.setKeyEntry(alias, key, jksKeyStorePassword.toCharArray(), cert);
171             }
172             out = new FileOutputStream(jksPath+".back");
173             keystoreTarget.store(out, jksKeyStorePassword.toCharArray());
174         } catch (java.security.cert.CertificateException JavaDoc e) {
175             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
176         } catch (NoSuchAlgorithmException e) {
177             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
178         } catch (FileNotFoundException e) {
179             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
180             // Keystore does not exist
181 } catch (KeyStoreException e) {
182             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
183         } catch (IOException e) {
184             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
185         }catch(Exception JavaDoc e) {
186             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
187         }finally {
188             try {
189                 if(in!=null)
190                     in.close();
191                 if(out!=null)
192                     out.close();
193             }catch(Exception JavaDoc ex){}
194         }
195     }
196     
197     
198     public void recovery(CommonInfoModel commonInfo) {
199         File keypairKeyStoreOriginalFile = new File(jksPath);
200         File keypairKeyStoreBackupFile = new File(jksPath+".back");
201         File trustedKeyStoreOriginalFile = new File(trustJksPath);
202         File trustedKeyStoreBackupFile = new File(trustJksPath+".back");
203         new File(jksPath+".back1").delete();
204         new File(trustJksPath+".back1").delete();
205         boolean success = keypairKeyStoreOriginalFile.renameTo(new File(jksPath+".back1"));
206         if(!success) {
207             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.could_not_recover_certificates"));
208             return;
209         }
210         success = trustedKeyStoreOriginalFile.renameTo(new File(trustJksPath+".back1"));
211         if(!success) {
212             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.could_not_recover_certificates"));
213             return;
214         }
215         keypairKeyStoreOriginalFile.delete();
216         trustedKeyStoreOriginalFile.delete();
217         success = keypairKeyStoreBackupFile.renameTo(keypairKeyStoreOriginalFile);
218         if(!success) {
219             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.could_not_recover_certificates"));
220             File keypairKeyStoreanotherBackupFile = new File(jksPath+".back1");
221             File trustedKeyStoreanotherBackupFile = new File(trustJksPath+".back1");
222             keypairKeyStoreanotherBackupFile.renameTo(keypairKeyStoreOriginalFile);
223             trustedKeyStoreanotherBackupFile.renameTo(trustedKeyStoreOriginalFile);
224             return;
225         }
226         success = trustedKeyStoreBackupFile.renameTo(trustedKeyStoreOriginalFile);
227         if(!success) {
228             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.could_not_recover_certificates"));
229             File keypairKeyStoreanotherBackupFile = new File(jksPath+".back1");
230             File trustedKeyStoreanotherBackupFile = new File(trustJksPath+".back1");
231             keypairKeyStoreanotherBackupFile.renameTo(keypairKeyStoreOriginalFile);
232             trustedKeyStoreanotherBackupFile.renameTo(trustedKeyStoreOriginalFile);
233             return;
234         }
235         new File(jksPath+".back1").delete();
236         new File(trustJksPath+".back1").delete();
237     }
238     
239     private void listAllKeysFromSourceInstall() throws CertificateException{
240         String JavaDoc osName = commonInfo.getOSName();
241         String JavaDoc sourceDomainDir = commonInfo.getSourceInstancePath();
242         String JavaDoc configDir = sourceDomainDir + File.separator + CONFIG;
243         String JavaDoc source70Lib = commonInfo.getSourceInstallDir() +File.separator + LIB;
244         String JavaDoc source70Bin = commonInfo.getSourceInstallDir() +File.separator + BIN;
245         String JavaDoc certutilLocation = commonInfo.getTargetInstallDir() +File.separator + LIB +File.separator + UPGRADE;
246         String JavaDoc certUtilPath = "";
247         if(osName.indexOf("Windows") == -1)
248             certUtilPath = commonInfo.getTargetInstallDir() + File.separator + LIB + File.separator + CERT_UTIL_UNIX;
249         else
250             certUtilPath = commonInfo.getTargetInstallDir() + File.separator + LIB + File.separator + CERT_UTIL_WIN;
251         
252         StringWriter result = new StringWriter();
253         String JavaDoc nssPwd = commonInfo.getCertDbPassword();
254         //String nssPwdFile = commonInfo.getNSSPwdFile();
255 String JavaDoc domainPath = commonInfo.getDestinationDomainPath();
256         String JavaDoc nssPwdFile = domainPath +File.separator +"pwdfile";
257         PrintWriter pw = null;
258         try{
259             pw = new PrintWriter(new FileOutputStream(nssPwdFile ));
260             pw.println(nssPwd);
261             pw.flush();
262             pw.close();
263         }catch(FileNotFoundException fe) {
264             _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.unknownError "),fe);
265         }finally {
266             try {
267                 if(pw !=null)
268                     pw.close();
269             }catch(Exception JavaDoc e){}
270         }
271         String JavaDoc commandString = certUtilPath + " " +
272                 LIST_KEY_ID + " " + NSS_DB_LOCATION_OPTION +
273                 " " + configDir + " " + CERT_NSS_PWD_OPTION +
274                 " " + nssPwdFile +
275                 " " +source70Lib +
276                 " " +source70Bin +
277                 " " +certutilLocation;
278         int exitVal = ProcessAdaptor.executeProcess(commandString, result);
279         result.flush();
280         String JavaDoc resultString = result.toString();
281         if(exitVal == 0) {
282             parseAndGetKeys(resultString);
283         }else {
284             _logger.log(Level.WARNING, sm.getString("enterprise.tools.upgrade.certconversion.error_reading_source_keys",resultString));
285             throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.error_reading_source_keys",resultString));
286         }
287         
288     }
289     
290     private void parseAndGetKeys(String JavaDoc input) {
291         try {
292             BufferedReader reader = new BufferedReader(new StringReader(input));
293             //Reading the Line <0> KEY
294 String JavaDoc readString =reader.readLine();
295             while(readString != null) {
296                 //Key starts from 4th Index
297 String JavaDoc marker = readString.substring(0,1);
298                 String JavaDoc anotherMarker = readString.substring(2,3);
299                 if(!(marker.equals("<") && anotherMarker.equals(">"))) {
300                     _logger.log(Level.WARNING, sm.getString("enterprise.tools.upgrade.certconversion.error_reading_source_keys",input));
301                     return;
302                 }
303                 String JavaDoc alias = readString.substring(4);
304                 keyList.add(alias);
305                 _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.alias_info",commonInfo.getCurrentDomain(), alias)); readString =reader.readLine();
306             }
307         }catch (Exception JavaDoc e) {
308             _logger.log(Level.WARNING, sm.getString("enterprise.tools.upgrade.certconversion.unknownError"),e);
309         }
310     }
311     
312     private void generatePKCS12Certificates() throws CertificateException{
313         String JavaDoc osName = commonInfo.getOSName();
314         int size = keyList.size();
315         for (int i =0;i<size;i++) {
316             String JavaDoc pkcsFile = removeWhiteSpace("" + keyList.get(i));
317             String JavaDoc pkcsFilePath = commonInfo.getDestinationDomainPath() + File.separator +pkcsFile +".pkcs12";
318             String JavaDoc sourceDomainDir = commonInfo.getSourceInstancePath();
319             String JavaDoc configDir = sourceDomainDir + File.separator + CONFIG;
320             String JavaDoc source70Lib = commonInfo.getSourceInstallDir() +File.separator + LIB;
321             String JavaDoc source70Bin = commonInfo.getSourceInstallDir() +File.separator + BIN;
322             String JavaDoc pk12UtilPath = "";
323             if(osName.indexOf("Windows") == -1)
324                 pk12UtilPath = commonInfo.getTargetInstallDir() + File.separator + LIB + File.separator + PK12_UTIL_UNIX;
325             else
326                 pk12UtilPath = commonInfo.getTargetInstallDir() + File.separator + LIB + File.separator + PK12_UTIL_WIN;
327             String JavaDoc pk12utilLocation = commonInfo.getTargetInstallDir() + File.separator + LIB + File.separator + UPGRADE;
328             /*String commandString = pk12UtilPath + " " +
329             PKCS12_OUTPUTFILE_OPTION + " " + pkcsFilePath + " " +
330             NSS_DB_LOCATION_OPTION + " " + configDir + " " +
331             ALIAS_OPTION + " " + keyList.get(i) + " " +
332             NSS_PWD_OPTION + " " + commonInfo.getCertDbPassword() +" " +
333             KEYSTORE_PWD_OPTION + " " + commonInfo.getCertDbPassword(); */
334             String JavaDoc[] commandArray = {pk12UtilPath,
335                     source70Lib,
336                     source70Bin,
337                     pk12utilLocation,
338                     PKCS12_OUTPUTFILE_OPTION, pkcsFilePath,
339                     NSS_DB_LOCATION_OPTION, configDir,
340                     ALIAS_OPTION, ""+ keyList.get(i) + "",
341                     NSS_PWD_OPTION, commonInfo.getCertDbPassword(),
342                     KEYSTORE_PWD_OPTION, commonInfo.getCertDbPassword()
343             };
344             StringWriter result = new StringWriter();
345             //int exitVal = ProcessAdaptor.executeProcess(commandString, result);
346 int exitVal = ProcessAdaptor.executeProcess(commandArray, result);
347             result.flush();
348             //If process execution is successful add pkcs12file to pkcs12PathList
349 if(exitVal == 0)
350                 pkcs12PathList.add(pkcsFilePath);
351             else {
352                 _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.certificateError", keyList.get(i),commonInfo.getCurrentDomain(),result.toString()));
353                 throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.certificateError", keyList.get(i),commonInfo.getCurrentDomain(),result.toString()));
354             }
355             
356         }
357     }
358     
359     private String JavaDoc removeWhiteSpace(String JavaDoc str) {
360         
361         String JavaDoc concat="";
362         StringTokenizer st = new StringTokenizer(str);
363         while(st.hasMoreTokens()) {
364             concat=concat+st.nextToken();
365         }
366         return concat;
367     }
368     private void runPkcs12ToJks() throws CertificateException{
369         // to convert from pkcs12 to jks
370 openOutputKeystoreJKS();
371         openOutputTrustedKeystoreJKS();
372         openAllInputKeystorePKCS12();
373         if(!certificateError)
374             storeJksKeyStore();
375         if(!certificateError)
376             storeJksTrustedKeyStore();
377     }
378     
379     private void storeJksKeyStore() throws CertificateException{
380         try{
381             osJksPath = new FileOutputStream(jksPath);
382             jksKeyStore.store(osJksPath, jksKeyStorePassword.toCharArray());
383         }catch(Exception JavaDoc ex){
384             _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.certificate_JKS_Error"),ex);
385             throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.certificate_JKS_Error"));
386         }finally{
387             if(osJksPath!=null)
388                 try{osJksPath.close();}catch(Exception JavaDoc e){}
389         }
390     }
391     
392     private void storeJksTrustedKeyStore() throws CertificateException{
393         try{
394             trustJKSPathStream = new FileOutputStream(trustJksPath);
395             trustedJksKeyStore.store(trustJKSPathStream, jksCAkeyStorePassword.toCharArray());
396         }catch(Exception JavaDoc ex){
397             _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.certificate_JKS_Error"),ex);
398             throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.certificate_JKS_Error"));
399         }finally{
400             if(osJksPath!=null)
401                 try{osJksPath.close();}catch(Exception JavaDoc e){}
402         }
403     }
404     
405     public void openOutputKeystoreJKS() throws CertificateException{
406         InputStream inputStreamJks = null;
407         try{
408             inputStreamJks = new FileInputStream(jksPath);
409             jksKeyStore = KeyStore.getInstance("JKS");
410             jksKeyStore.load(inputStreamJks, jksKeyStorePassword.toCharArray());
411         }catch(Exception JavaDoc e){
412             certificateError = true;
413             _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"),e);
414             throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"));
415         }finally{
416             if(inputStreamJks!=null)
417                 try{inputStreamJks.close();}catch(Exception JavaDoc e){}
418         }
419     }
420     
421     public void openOutputTrustedKeystoreJKS() throws CertificateException{
422         InputStream inputStreamJks = null;
423         try{
424             inputStreamJks = new FileInputStream(trustJksPath);
425             trustedJksKeyStore = KeyStore.getInstance("JKS");
426             trustedJksKeyStore.load(inputStreamJks, jksCAkeyStorePassword.toCharArray());
427         }catch(Exception JavaDoc e){
428             certificateError = true;
429             _logger.log(Level.SEVERE,sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"),e);
430             throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"));
431         }finally{
432             if(inputStreamJks!=null)
433                 try{inputStreamJks.close();}catch(Exception JavaDoc e){}
434         }
435     }
436     
437     private void openAllInputKeystorePKCS12() throws CertificateException{
438         int size = pkcs12PathList.size();
439         for(int i=0; i<size; i++){
440             openInputKeystorePKCS12((String JavaDoc)pkcs12PathList.get(i), nssKeyStorePassword);
441         }
442     }
443     
444     public void openInputKeystorePKCS12(String JavaDoc pkcs12Path, String JavaDoc pkcs12Pwd) throws CertificateException{
445         FileInputStream fis = null;
446         KeyStore pkcs12KeyStore = null;
447         try{
448             fis = new FileInputStream(pkcs12Path);
449             pkcs12KeyStore = KeyStore.getInstance("PKCS12");
450             pkcs12KeyStore.load(fis, pkcs12Pwd.toCharArray());
451             java.util.Enumeration JavaDoc en = pkcs12KeyStore.aliases();
452             for(; en.hasMoreElements(); ){
453                 String JavaDoc alias = (String JavaDoc) en.nextElement();
454                 _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.processing_keypair",alias));
455                 Key key = pkcs12KeyStore.getKey(alias, pkcs12Pwd.toCharArray());
456                 java.security.cert.Certificate JavaDoc[] cert = pkcs12KeyStore.getCertificateChain(alias);
457                 List caList = new ArrayList();
458                 int i =0;
459                 if(cert.length > 1) {
460                     i=1;
461                     for(;i<cert.length;i++) {
462                         if(cert[i] instanceof X509Certificate) {
463                             if(!certificateError)
464                                 writeToOutputTrustedKeystore(cert[i],alias + "ca" + i);
465                                     /*X509Certificate x509cert = (X509Certificate)cert[i];
466                                     Principal principal = x509cert.getIssuerDN();
467                     caList.add(principal.getName()+"\n");*/
468                         }
469                     }
470                 }
471                 if(cert.length == 1) {
472                     X509Certificate x509cert = (X509Certificate)cert[0];
473                     Principal issuerPrincipal = x509cert.getIssuerDN();
474                     Principal subjectPrincipal = x509cert.getSubjectDN();
475                     String JavaDoc subject = subjectPrincipal.getName();
476                     String JavaDoc issuer = issuerPrincipal.getName();
477                     if(subject.equals(issuer) && (!certificateError))
478                         writeToOutputTrustedKeystore(cert[i],alias);
479                     else
480                         _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.ca_list",issuer));
481                 }
482                 //_logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.ca_list",caList));
483 if(!certificateError)
484                     writeToOutputKeystore(key, cert, alias);
485             }
486         }catch(Exception JavaDoc e){
487             certificateError = true;
488             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.certificate_PKCS12_Error"),e);
489             throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.certificate_PKCS12_Error"));
490         }finally{
491             if(fis!=null)
492                 try{fis.close();}catch(Exception JavaDoc e){}
493         }
494     }
495     
496     public void writeToOutputKeystore(Key key, java.security.cert.Certificate JavaDoc[] cert, String JavaDoc alias) throws CertificateException{
497         try{
498             jksKeyStore.setKeyEntry(alias, key, jksKeyStorePassword.toCharArray(), cert);
499             _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.alias_transferred",alias));
500         } catch(Exception JavaDoc e){
501             certificateError = true;
502             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"),e);
503             throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"));
504         }
505     }
506     
507     public void writeToOutputTrustedKeystore(java.security.cert.Certificate JavaDoc cert, String JavaDoc alias) throws CertificateException{
508         try{
509             trustedJksKeyStore.setCertificateEntry(alias, cert);
510             _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.ca_transferred",alias));
511         } catch(Exception JavaDoc e){
512             certificateError = true;
513             _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"),e);
514             throw new CertificateException(sm.getString("enterprise.tools.upgrade.certconversion.JKS_Password_Error"));
515         }
516     }
517     
518     private void deletePKCS12Files() {
519         String JavaDoc pkcsFilesPath = commonInfo.getDestinationDomainPath();
520         String JavaDoc[] fileList = new File(pkcsFilesPath).list();
521         for(int i=0; i<fileList.length; i++){
522             File pkcsFile = new File(pkcsFilesPath+File.separator+fileList[i]);
523             if(pkcsFile.isFile() && fileList[i].endsWith(".pkcs12") ){
524                 pkcsFile.delete();
525             }
526         }
527         String JavaDoc domainPath = commonInfo.getDestinationDomainPath();
528         String JavaDoc nssPwdFile = domainPath +File.separator +"pwdfile";
529         File pwdfile = new File(nssPwdFile);
530         pwdfile.delete();
531     }
532     
533     public static void main(String JavaDoc[] args){
534         CommonInfoModel commonInfo = new CommonInfoModel();
535         commonInfo.setSourceInstallDir(args[0]);
536         commonInfo.setTargetInstallDir(args[1]);
537         commonInfo.setCertDbPassword(args[2]);
538         commonInfo.setJksKeystorePassword(args[3]);
539         NSStoJKSConversionModule convModule = new NSStoJKSConversionModule();
540         convModule.upgrade(commonInfo);
541     }
542     
543     public String JavaDoc getName() {
544         return sm.getString("enterprise.tools.upgrade.certconversion.moduleName");
545     }
546     
547 }
548
549
Popular Tags