HwCaInitCommand


1   /*************************************************************************
2    *                                                                       *
3    *  EJBCA: The OpenSource Certificate Authority                          *
4    *                                                                       *
5    *  This software is free software; you can redistribute it and/or       *
6    *  modify it under the terms of the GNU Lesser General Public           *
7    *  License as published by the Free Software Foundation; either         *
8    *  version 2.1 of the License, or any later version.                    *
9    *                                                                       *
10   *  See terms of license at gnu.org.                                     *
11   *                                                                       *
12   *************************************************************************/
13   
14  package org.ejbca.ui.cli;
15  
16  import java.io.PrintWriter  ;
17  import java.io.StringWriter  ;
18  import java.util.ArrayList  ;
19  import java.util.Collection  ;
20  import java.util.Date  ;
21  
22  import org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionRemote;
23  import org.ejbca.core.model.SecConst;
24  import org.ejbca.core.model.ca.caadmin.CAInfo;
25  import org.ejbca.core.model.ca.caadmin.X509CAInfo;
26  import org.ejbca.core.model.ca.catoken.CATokenConstants;
27  import org.ejbca.core.model.ca.catoken.HardCATokenInfo;
28  import org.ejbca.core.model.ca.catoken.KeyStrings;
29  import org.ejbca.core.model.ca.catoken.NFastCAToken;
30  import org.ejbca.util.CertTools;
31  import org.ejbca.util.StringTools;
32  
33  
34  /**
35   * Inits the CA by creating the first CRL and publiching the CRL and CA certificate.
36   *
37   * @version $Id$
38   */
39  public class HwCaInitCommand extends BaseCaAdminCommand {
40  
41      /**
42       * Creates a new instance of CaInitCommand
43       *
44       * @param args command line arguments
45       */
46      public HwCaInitCommand(String  [] args) {
47          super(args);
48      }
49  
50      /**
51       * Runs the command
52       *
53       * @throws IllegalAdminCommandException Error in command args
54       * @throws ErrorAdminCommandException Error running command
55       */
56      public void execute() throws IllegalAdminCommandException, ErrorAdminCommandException {
57          // Create new CA.
58          final String   DEFAULT_KEY = "default";
59          final String   SIGN_KEY = "sign";
60          if (this.args.length < 7) {
61              StringWriter   sw = new StringWriter  ();
62              PrintWriter   pw = new PrintWriter  (sw);
63              pw.println("Used to create a Root CA using RSA keys.");
64              pw.println("Usage: "+this.args[0] + " " + this.args[1] +" <caname> <dn> <validity-days>");
65              pw.close();
66              throw new IllegalAdminCommandException(sw.toString());
67          }
68  
69          try {               
70              final String   caname = this.args[5];
71              final String   dn = StringTools.strip(CertTools.stringToBCDNString(this.args[6]));
72              final int validity = Integer.parseInt(this.args[7]);
73              HardCATokenInfo catokeninfo = new HardCATokenInfo();
74              byte keyStoreID[];{
75                  KeyStoreContainer ksc = new KeyStoreContainer(this.args[4],this.args[2], this.args[3], this.args.length>8 ? this.args[8] : null);
76                  ksc.generate(2048, DEFAULT_KEY);
77                  ksc.generate(2048, SIGN_KEY);
78                  keyStoreID = ksc.storeKeyStore();
79                  catokeninfo.setAuthenticationCode(new String  (ksc.getPassPhraseGetSetEntry()));
80              }
81              getOutputStream().println("Initializing CA");            
82              
83              getOutputStream().println("Generating rootCA keystore:");
84              getOutputStream().println("CA name: "+caname);
85              getOutputStream().println("DN: "+dn);
86              getOutputStream().println("Validity (days): "+validity);
87                              
88              catokeninfo.setSignatureAlgorithm(CATokenConstants.SIGALG_SHA1_WITH_RSA);
89              catokeninfo.setEncryptionAlgorithm(CATokenConstants.SIGALG_SHA1_WITH_RSA);
90              {
91                  StringWriter   sw = new StringWriter  ();
92                  PrintWriter   pw = new PrintWriter  (sw);
93                  pw.println(KeyStrings.CAKEYPURPOSE_DEFAULT_STRING+" "+DEFAULT_KEY);
94                  pw.println(KeyStrings.CAKEYPURPOSE_CERTSIGN_STRING+" "+SIGN_KEY);
95                  pw.println(NFastCAToken.SLOT_LABEL_KEY+" "+new String  (keyStoreID));
96                  pw.close();
97                  catokeninfo.setProperties(sw.toString());
98              }
99              catokeninfo.setClassPath("org.ejbca.core.model.ca.catoken.NFastCAToken");
100             X509CAInfo cainfo = new X509CAInfo(dn, 
101                                              caname, SecConst.CA_ACTIVE, new Date  (),
102                                              "", SecConst.CERTPROFILE_FIXED_ROOTCA,
103                                              validity, 
104                                              null, // Expiretime                                             
105                                              CAInfo.CATYPE_X509,
106                                              CAInfo.SELFSIGNED,
107                                              (Collection  ) null,
108                                              catokeninfo,
109                                              "Initial CA",
110                                              -1, null,
111                                              null, // PolicyId
112                                              24, // CRLPeriod
113                                              0, // CRLIssueInterval
114                                              10, // CRLOverlapTime
115                                              new ArrayList  (),
116                                              true, // Authority Key Identifier
117                                              false, // Authority Key Identifier Critical
118                                              true, // CRL Number
119                                              false, // CRL Number Critical
120                                              "", // Default CRL Dist Point
121                                              "", // Default CRL Issuer
122                                              "", // Default OCSP Service Locator
123                                              true, // Finish User
124                                              new ArrayList  (),
125                                              false, // use default utf8 settings
126                                              new ArrayList  (), // Approvals Settings
127                                              1, // Number of Req approvals
128                                              false); // Use UTF8 subject DN by default       
129             
130             getOutputStream().println("Creating CA...");
131             ICAAdminSessionRemote remote = getCAAdminSessionRemote();
132             remote.createCA(this.administrator, cainfo);
133             
134             CAInfo newInfo = remote.getCAInfo(this.administrator, caname);
135             int caid = newInfo.getCAId();
136             getOutputStream().println("CAId for created CA: " + caid);
137               
138 
139             getOutputStream().println("-Created and published initial CRL.");
140             getOutputStream().println("CA initialized");
141         } catch (Exception   e) {
142             debug("An error occured: ", e);
143             throw new ErrorAdminCommandException(e);
144         }
145     } // execute
146     
147 
148 }
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags