|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectjavax.servlet.GenericServlet
javax.servlet.http.HttpServlet
com.netscape.cms.servlet.cert.scep.CRSEnrollment
public class CRSEnrollment
This servlet deals with PKCS#10-based certificate requests from CRS, now called SCEP, and defined at: http://search.ietf.org/internet-drafts/draft-nourse-scep-02.txt The router is hardcoded to look for the http://host:80/cgi-bin/pkiclient.exe The HTTP parameters are 'operation' and 'message' operation can be either 'GetCACert' or 'PKIOperation'
Field Summary | |
---|---|
static java.lang.String |
AUTH_CREDS
|
static java.lang.String |
AUTH_FAILED
|
static java.lang.String |
AUTH_PASSWORD
|
static java.lang.String |
AUTH_TOKEN
|
static java.lang.String |
CERTINFO
|
protected java.lang.String |
mAppendDN
|
protected ICertAuthority |
mAuthority
|
protected IAuthSubsystem |
mAuthSubsystem
|
protected IConfigStore |
mConfig
|
protected boolean |
mCreateEntry
|
protected java.lang.String |
mEntryObjectclass
|
protected boolean |
mFlattenDN
|
protected ILogger |
mLogger
|
protected java.lang.String |
mProfileId
|
protected IProfileSubsystem |
mProfileSubsystem
|
protected java.security.MessageDigest |
mSHADigest
|
static netscape.security.util.ObjectIdentifier |
OID_SERIALNUMBER
|
static netscape.security.util.ObjectIdentifier |
OID_UNSTRUCTUREDADDRESS
|
static netscape.security.util.ObjectIdentifier |
OID_UNSTRUCTUREDNAME
|
static java.lang.String |
SANE_DNSNAME
|
static java.lang.String |
SANE_IPADDRESS
|
static java.lang.String |
SUBJECTNAME
|
Constructor Summary | |
---|---|
CRSEnrollment()
|
Method Summary | |
---|---|
IAuthToken |
authenticate(AuthCredentials credentials,
IProfileAuthenticator authenticator,
javax.servlet.http.HttpServletRequest request)
|
void |
decodePKIMessage(javax.servlet.http.HttpServletRequest httpReq,
javax.servlet.http.HttpServletResponse httpResp,
java.lang.String msg)
Decodes the PKI message and return information to RA. |
IRequest |
findRequestByTransactionID(java.lang.String txid,
boolean ignoreRejected)
finds a request with this transaction ID. |
java.lang.String |
getPasswordFromP10(netscape.security.pkcs.PKCS10 p10)
|
void |
handleGetCACert(javax.servlet.http.HttpServletRequest httpReq,
javax.servlet.http.HttpServletResponse httpResp)
Return the CA certificate back to the requestor. |
netscape.security.x509.X509CertImpl |
handleGetCertInitial(com.netscape.cmsutil.scep.CRSPKIMessage req,
com.netscape.cmsutil.scep.CRSPKIMessage resp)
Called if the router is requesting us to send it its certificate Examine request queue for a request matching the transaction ID. |
netscape.security.x509.X509CertImpl |
handlePKCSReq(javax.servlet.http.HttpServletRequest httpReq,
IRequest cmsRequest,
com.netscape.cmsutil.scep.CRSPKIMessage req,
com.netscape.cmsutil.scep.CRSPKIMessage crsResp,
com.netscape.cms.servlet.cert.scep.CRSEnrollment.CryptoContext cx)
|
void |
handlePKIOperation(javax.servlet.http.HttpServletRequest httpReq,
javax.servlet.http.HttpServletResponse httpResp,
java.lang.String msg)
finds a request with this transaction ID. |
protected java.lang.String |
hashPassword(java.lang.String pwd)
|
void |
init(javax.servlet.ServletConfig sc)
|
java.util.Hashtable |
makeFingerPrints(com.netscape.cmsutil.scep.CRSPKIMessage req)
|
void |
service(javax.servlet.http.HttpServletRequest httpReq,
javax.servlet.http.HttpServletResponse httpResp)
Service a CRS Request. |
static java.util.Hashtable |
toHashtable(javax.servlet.http.HttpServletRequest req)
|
void |
unwrapPKCS10(com.netscape.cmsutil.scep.CRSPKIMessage req,
com.netscape.cms.servlet.cert.scep.CRSEnrollment.CryptoContext cx)
Here we decrypt the PKCS10 message from the client |
void |
verifyRequest(com.netscape.cmsutil.scep.CRSPKIMessage req,
com.netscape.cms.servlet.cert.scep.CRSEnrollment.CryptoContext cx)
|
Methods inherited from class javax.servlet.http.HttpServlet |
---|
doDelete, doGet, doHead, doOptions, doPost, doPut, doTrace, getLastModified, service |
Methods inherited from class javax.servlet.GenericServlet |
---|
destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
protected IProfileSubsystem mProfileSubsystem
protected java.lang.String mProfileId
protected ICertAuthority mAuthority
protected IConfigStore mConfig
protected IAuthSubsystem mAuthSubsystem
protected java.lang.String mAppendDN
protected java.lang.String mEntryObjectclass
protected boolean mCreateEntry
protected boolean mFlattenDN
protected ILogger mLogger
protected java.security.MessageDigest mSHADigest
public static final java.lang.String AUTH_PASSWORD
public static final java.lang.String AUTH_CREDS
public static final java.lang.String AUTH_TOKEN
public static final java.lang.String AUTH_FAILED
public static final java.lang.String SANE_DNSNAME
public static final java.lang.String SANE_IPADDRESS
public static final java.lang.String CERTINFO
public static final java.lang.String SUBJECTNAME
public static netscape.security.util.ObjectIdentifier OID_UNSTRUCTUREDNAME
public static netscape.security.util.ObjectIdentifier OID_UNSTRUCTUREDADDRESS
public static netscape.security.util.ObjectIdentifier OID_SERIALNUMBER
Constructor Detail |
---|
public CRSEnrollment()
Method Detail |
---|
public static java.util.Hashtable toHashtable(javax.servlet.http.HttpServletRequest req)
public void init(javax.servlet.ServletConfig sc)
init
in interface javax.servlet.Servlet
init
in class javax.servlet.GenericServlet
public void service(javax.servlet.http.HttpServletRequest httpReq, javax.servlet.http.HttpServletResponse httpResp) throws javax.servlet.ServletException
service
in class javax.servlet.http.HttpServlet
httpReq
- The HttpServletRequest.httpResp
- The HttpServletResponse.
javax.servlet.ServletException
public IAuthToken authenticate(AuthCredentials credentials, IProfileAuthenticator authenticator, javax.servlet.http.HttpServletRequest request) throws EBaseException
EBaseException
public void handleGetCACert(javax.servlet.http.HttpServletRequest httpReq, javax.servlet.http.HttpServletResponse httpResp) throws javax.servlet.ServletException
javax.servlet.ServletException
public java.lang.String getPasswordFromP10(netscape.security.pkcs.PKCS10 p10)
public void decodePKIMessage(javax.servlet.http.HttpServletRequest httpReq, javax.servlet.http.HttpServletResponse httpResp, java.lang.String msg) throws javax.servlet.ServletException
javax.servlet.ServletException
public void handlePKIOperation(javax.servlet.http.HttpServletRequest httpReq, javax.servlet.http.HttpServletResponse httpResp, java.lang.String msg) throws javax.servlet.ServletException
javax.servlet.ServletException
public IRequest findRequestByTransactionID(java.lang.String txid, boolean ignoreRejected) throws EBaseException
EBaseException
public netscape.security.x509.X509CertImpl handleGetCertInitial(com.netscape.cmsutil.scep.CRSPKIMessage req, com.netscape.cmsutil.scep.CRSPKIMessage resp)
public void verifyRequest(com.netscape.cmsutil.scep.CRSPKIMessage req, com.netscape.cms.servlet.cert.scep.CRSEnrollment.CryptoContext cx) throws com.netscape.cms.servlet.cert.scep.CRSEnrollment.CRSInvalidSignatureException
com.netscape.cms.servlet.cert.scep.CRSEnrollment.CRSInvalidSignatureException
public void unwrapPKCS10(com.netscape.cmsutil.scep.CRSPKIMessage req, com.netscape.cms.servlet.cert.scep.CRSEnrollment.CryptoContext cx) throws javax.servlet.ServletException, org.mozilla.jss.CryptoManager.NotInitializedException, com.netscape.cms.servlet.cert.scep.CRSEnrollment.CryptoContext.CryptoContextException, com.netscape.cms.servlet.cert.scep.CRSEnrollment.CRSFailureException
javax.servlet.ServletException
org.mozilla.jss.CryptoManager.NotInitializedException
com.netscape.cms.servlet.cert.scep.CRSEnrollment.CryptoContext.CryptoContextException
com.netscape.cms.servlet.cert.scep.CRSEnrollment.CRSFailureException
public netscape.security.x509.X509CertImpl handlePKCSReq(javax.servlet.http.HttpServletRequest httpReq, IRequest cmsRequest, com.netscape.cmsutil.scep.CRSPKIMessage req, com.netscape.cmsutil.scep.CRSPKIMessage crsResp, com.netscape.cms.servlet.cert.scep.CRSEnrollment.CryptoContext cx) throws javax.servlet.ServletException, org.mozilla.jss.CryptoManager.NotInitializedException, com.netscape.cms.servlet.cert.scep.CRSEnrollment.CRSFailureException
javax.servlet.ServletException
org.mozilla.jss.CryptoManager.NotInitializedException
com.netscape.cms.servlet.cert.scep.CRSEnrollment.CRSFailureException
public java.util.Hashtable makeFingerPrints(com.netscape.cmsutil.scep.CRSPKIMessage req)
protected java.lang.String hashPassword(java.lang.String pwd)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |