Skip to content

Commit 86fe455

Browse files
d-shapirod-shapiro
committed
fix bugs, add more keytool actions
1 parent ce3ebbe commit 86fe455

File tree

2 files changed

+145
-42
lines changed

2 files changed

+145
-42
lines changed

dslink-v2/src/main/java/com/acuity/iot/dsa/dslink/sys/cert/KeyToolUtil.java

Lines changed: 40 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2,8 +2,8 @@
22

33
import java.io.BufferedReader;
44
import java.io.File;
5-
import java.io.FileReader;
65
import java.io.IOException;
6+
import java.io.InputStreamReader;
77
import java.nio.file.Files;
88
import java.nio.file.Paths;
99

@@ -17,13 +17,22 @@ private KeyToolUtil() {
1717

1818
}
1919

20-
private void executeCommand(String[] cmd) {
20+
private String executeCommand(String[] cmd) {
2121
try {
2222
ProcessBuilder builder = new ProcessBuilder();
2323
Process process = builder.command(cmd).start();
2424
process.waitFor();
25+
BufferedReader reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
26+
StringBuilder sb = new StringBuilder();
27+
String line = null;
28+
while ( (line = reader.readLine()) != null) {
29+
sb.append(line);
30+
sb.append(System.getProperty("line.separator"));
31+
}
32+
return sb.toString();
2533
} catch (Exception e) {
2634
error("", e);
35+
return "";
2736
}
2837
}
2938

@@ -42,12 +51,13 @@ public static void generateSelfSigned(String keystore, String password) {
4251
inst.executeCommand(cmd);
4352
}
4453

45-
public static String generateCSR(String keystore) throws IOException {
54+
public static String generateCSR(String keystore, String password) throws IOException {
4655
String filename = "dsa.csr";
4756
String[] cmd = new String[]{
4857
"keytool",
4958
"-certreq",
5059
"-keystore", keystore,
60+
"-storepass", password,
5161
"-alias", "dsa",
5262
"-keyalg", "RSA",
5363
"-validity", "18000",
@@ -58,14 +68,15 @@ public static String generateCSR(String keystore) throws IOException {
5868
return new String(Files.readAllBytes(Paths.get(filename)));
5969
}
6070

61-
public static void importCACert(String keystore, String certStr, String alias) throws IOException {
71+
public static void importCACert(String keystore, String certStr, String alias, String password) throws IOException {
6272
String filename = DSTime.encodeForFiles(DSTime.getCalendar(System.currentTimeMillis()), new StringBuilder("tempCACert")).toString();
6373
Files.write(Paths.get(filename), certStr.getBytes());
6474
String[] cmd = new String[]{
6575
"keytool",
6676
"-import",
6777
"-trustcacerts",
6878
"-keystore", keystore,
79+
"-storepass", password,
6980
"-alias", alias,
7081
"-file", filename
7182
};
@@ -74,20 +85,44 @@ public static void importCACert(String keystore, String certStr, String alias) t
7485
new File(filename).delete();
7586
}
7687

77-
public static void importPrimaryCert(String keystore, String certStr) throws IOException {
88+
public static void importPrimaryCert(String keystore, String certStr, String password) throws IOException {
7889
String filename = DSTime.encodeForFiles(DSTime.getCalendar(System.currentTimeMillis()), new StringBuilder("tempCert")).toString();
7990
Files.write(Paths.get(filename), certStr.getBytes());
8091
String[] cmd = new String[]{
8192
"keytool",
8293
"-import",
8394
"-trustcacerts",
8495
"-keystore", keystore,
96+
"-storepass", password,
8597
"-alias", "dsa",
8698
"-file", filename
8799
};
88100
inst.executeCommand(cmd);
89101

90102
new File(filename).delete();
91103
}
104+
105+
public static String getEntry(String keystore, String password) {
106+
String[] cmd = new String[]{
107+
"keytool",
108+
"-list",
109+
"-v",
110+
"-keystore", keystore,
111+
"-storepass", password,
112+
"-alias", "dsa",
113+
};
114+
return inst.executeCommand(cmd);
115+
}
116+
117+
public static void deleteEntry(String keystore, String password) {
118+
String[] cmd = new String[]{
119+
"keytool",
120+
"-delete",
121+
"-keystore", keystore,
122+
"-storepass", password,
123+
"-alias", "dsa",
124+
};
125+
inst.executeCommand(cmd);
126+
}
92127

93128
}

dslink-v2/src/main/java/com/acuity/iot/dsa/dslink/sys/cert/SysCertManager.java

Lines changed: 105 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -2,20 +2,8 @@
22

33
import java.io.File;
44
import java.io.IOException;
5-
import java.io.StringWriter;
6-
import java.math.BigInteger;
7-
import java.security.KeyPair;
8-
import java.security.KeyPairGenerator;
9-
import java.security.NoSuchAlgorithmException;
10-
import java.security.Provider;
11-
import java.security.SecureRandom;
12-
import java.security.Security;
135
import java.security.cert.CertificateEncodingException;
14-
import java.security.cert.CertificateException;
156
import java.security.cert.X509Certificate;
16-
import java.util.Calendar;
17-
import java.util.Date;
18-
import javax.security.auth.x500.X500Principal;
197
//import org.bouncycastle.asn1.ASN1ObjectIdentifier;
208
//import org.bouncycastle.asn1.x500.X500Name;
219
//import org.bouncycastle.asn1.x509.BasicConstraints;
@@ -50,6 +38,7 @@
5038
* as accepts self signed (anonymous) certs from the broker.
5139
*
5240
* @author Aaron Hansen
41+
* @author Daniel Shapiro
5342
*/
5443
public class SysCertManager extends DSNode {
5544

@@ -61,11 +50,14 @@ public class SysCertManager extends DSNode {
6150
private static final String CERTFILE = "Cert_File";
6251
private static final String CERTFILE_PASS = "Cert_File_Pass";
6352
private static final String CERTFILE_TYPE = "Cert_File_Type";
64-
private static final String LOCAL_TRUSTSTORE = "Local_Truststore";
53+
private static final String LOCAL_TRUSTSTORE = "Local Truststore";
6554
private static final String QUARANTINE = "Quarantine";
66-
private static final String GENERATE_CSR = "Generate_Certificate_Signing_Request";
55+
private static final String GENERATE_CSR = "Generate Certificate Signing Request";
6756
private static final String IMPORT_CA_CERT = "Import CA Certificate";
6857
private static final String IMPORT_PRIMARY_CERT = "Import Primary Certificate";
58+
private static final String GENERATE_SELF_SIGNED = "Generate Self-Signed Certificate";
59+
private static final String DELETE_KS_ENTRY = "Delete Keystore Entry";
60+
private static final String GET_KS_ENTRY = "Get Keystore Entry";
6961

7062
// Fields
7163
// ------
@@ -121,6 +113,9 @@ public void declareDefaults() {
121113
declareDefault(GENERATE_CSR, getGenerateCSRAction());
122114
declareDefault(IMPORT_CA_CERT, getImportCACertAction());
123115
declareDefault(IMPORT_PRIMARY_CERT, getImportPrimaryCertAction());
116+
declareDefault(GENERATE_SELF_SIGNED, getGenerateSelfSignedAction());
117+
declareDefault(GET_KS_ENTRY, getGetKSEntryAction());
118+
declareDefault(DELETE_KS_ENTRY, getDeleteKSEntryAction());
124119
}
125120

126121
private DSAbstractAction getGenerateCSRAction() {
@@ -132,21 +127,24 @@ public void prepareParameter(DSInfo info, DSMap parameter) {
132127

133128
@Override
134129
public ActionResult invoke(DSInfo info, ActionInvocation invocation) {
135-
String csr;
136-
try {
137-
csr = KeyToolUtil.generateCSR(keystore.getElement().toString());
138-
} catch (IOException e) {
139-
DSException.throwRuntime(e);
140-
return null;
141-
}
142-
return new DSActionValues(info.getAction()).addResult(DSString.valueOf(csr));
130+
String csr = ((SysCertManager) info.getParent()).generateCSR();
131+
return csr != null ? new DSActionValues(info.getAction()).addResult(DSString.valueOf(csr)) : null;
143132
}
144133
};
145134
act.setResultType(ResultType.VALUES);
146-
act.addValueResult("CSR", DSValueType.STRING);
135+
act.addValueResult("CSR", DSValueType.STRING).setEditor("textarea");
147136
return act;
148137
}
149138

139+
private String generateCSR() {
140+
try {
141+
return KeyToolUtil.generateCSR(getKeystorePath(), getCertFilePass());
142+
} catch (IOException e) {
143+
DSException.throwRuntime(e);
144+
return null;
145+
}
146+
}
147+
150148
private DSAbstractAction getImportCACertAction() {
151149
DSAbstractAction act = new DSAbstractAction() {
152150

@@ -157,13 +155,7 @@ public void prepareParameter(DSInfo info, DSMap parameter) {
157155
@Override
158156
public ActionResult invoke(DSInfo info, ActionInvocation invocation) {
159157
DSMap parameters = invocation.getParameters();
160-
String alias = parameters.getString("Alias");
161-
String certStr = parameters.getString("Certificate");
162-
try {
163-
KeyToolUtil.importCACert(keystore.getElement().toString(), certStr, alias);
164-
} catch (IOException e) {
165-
DSException.throwRuntime(e);
166-
}
158+
((SysCertManager) info.getParent()).importCACert(parameters);
167159
return null;
168160
}
169161
};
@@ -172,6 +164,16 @@ public ActionResult invoke(DSInfo info, ActionInvocation invocation) {
172164
return act;
173165
}
174166

167+
private void importCACert(DSMap parameters) {
168+
String alias = parameters.getString("Alias");
169+
String certStr = parameters.getString("Certificate");
170+
try {
171+
KeyToolUtil.importCACert(getKeystorePath(), certStr, alias, getCertFilePass());
172+
} catch (IOException e) {
173+
DSException.throwRuntime(e);
174+
}
175+
}
176+
175177
private DSAbstractAction getImportPrimaryCertAction() {
176178
DSAbstractAction act = new DSAbstractAction() {
177179

@@ -182,29 +184,95 @@ public void prepareParameter(DSInfo info, DSMap parameter) {
182184
@Override
183185
public ActionResult invoke(DSInfo info, ActionInvocation invocation) {
184186
DSMap parameters = invocation.getParameters();
185-
String certStr = parameters.getString("Certificate");
186-
try {
187-
KeyToolUtil.importPrimaryCert(keystore.getElement().toString(), certStr);
188-
} catch (IOException e) {
189-
DSException.throwRuntime(e);
190-
}
187+
((SysCertManager) info.getParent()).importPrimaryCert(parameters);
191188
return null;
192189
}
193190
};
194191
act.addParameter("Certificate", DSValueType.STRING, null).setEditor("textarea");
195192
return act;
196193
}
194+
195+
private void importPrimaryCert(DSMap parameters) {
196+
String certStr = parameters.getString("Certificate");
197+
try {
198+
KeyToolUtil.importPrimaryCert(getKeystorePath(), certStr, getCertFilePass());
199+
} catch (IOException e) {
200+
DSException.throwRuntime(e);
201+
}
202+
}
203+
204+
private DSAbstractAction getGenerateSelfSignedAction() {
205+
DSAbstractAction act = new DSAbstractAction() {
206+
207+
@Override
208+
public void prepareParameter(DSInfo info, DSMap parameter) {
209+
}
210+
211+
@Override
212+
public ActionResult invoke(DSInfo info, ActionInvocation invocation) {
213+
((SysCertManager) info.getParent()).keytoolGenkey();
214+
return null;
215+
}
216+
};
217+
return act;
218+
}
219+
220+
private DSAbstractAction getGetKSEntryAction() {
221+
DSAbstractAction act = new DSAbstractAction() {
222+
223+
@Override
224+
public void prepareParameter(DSInfo info, DSMap parameter) {
225+
}
226+
227+
@Override
228+
public ActionResult invoke(DSInfo info, ActionInvocation invocation) {
229+
String result = ((SysCertManager) info.getParent()).getKSEntry();
230+
return new DSActionValues(info.getAction()).addResult(DSString.valueOf(result));
231+
}
232+
};
233+
act.setResultType(ResultType.VALUES);
234+
act.addValueResult("Entry", DSValueType.STRING).setEditor("textarea");
235+
return act;
236+
}
237+
238+
private String getKSEntry() {
239+
return KeyToolUtil.getEntry(getKeystorePath(), getCertFilePass());
240+
}
241+
242+
private DSAbstractAction getDeleteKSEntryAction() {
243+
DSAbstractAction act = new DSAbstractAction() {
244+
245+
@Override
246+
public void prepareParameter(DSInfo info, DSMap parameter) {
247+
}
248+
249+
@Override
250+
public ActionResult invoke(DSInfo info, ActionInvocation invocation) {
251+
((SysCertManager) info.getParent()).deleteKSEntry();
252+
return null;
253+
}
254+
};
255+
return act;
256+
}
257+
258+
private void deleteKSEntry() {
259+
KeyToolUtil.deleteEntry(getKeystorePath(), getCertFilePass());
260+
}
197261

198262
private String getCertFilePass() {
199263
DSPasswordAes128 pass = (DSPasswordAes128) keystorePass.getObject();
200264
return pass.decode();
201265
}
266+
267+
private String getKeystorePath() {
268+
return keystore.getElement().toString();
269+
}
202270

203271
/**
204272
* Executes the java keytool to generate a new self signed cert.
205273
*/
206274
private void keytoolGenkey() {
207-
KeyToolUtil.generateSelfSigned(keystore.getElement().toString(), getCertFilePass());
275+
KeyToolUtil.generateSelfSigned(getKeystorePath(), getCertFilePass());
208276
}
209277

210278
@Override

0 commit comments

Comments
 (0)