예제 #1
0
  public static void main(String args[]) {

    boolean dryrun = false;
    boolean error = false;
    boolean debug = false;
    File file = null;

    for (int i = 0; i < args.length; i++) {
      if (args[i].equalsIgnoreCase("-dryrun")) {
        dryrun = true;
      } else if (args[i].equalsIgnoreCase("-help") || args[i].equalsIgnoreCase("-usage")) {
        System.err.println(message);
        System.exit(1);
      } else {
        file = new File(args[i]);
        if (dryrun) {
          System.out.println("Would remove " + file.getAbsolutePath());
          continue;
        }
        Util.destroy(file);
      }
    }

    String fn = CoGProperties.getDefault().getProxyFile();
    if (fn == null) return;
    file = new File(fn);
    if (dryrun) {
      System.out.println("Would remove " + file.getAbsolutePath());
      return;
    }

    Util.destroy(file);
  }
예제 #2
0
파일: AutoCA.java 프로젝트: JoeHorn/swift-k
 private OutputStream openStream(File f) throws SecurityException, IOException {
   String path = f.getAbsolutePath();
   File file = Util.createFile(path);
   // set read only permissions
   if (!Util.setOwnerAccessOnly(path)) {
     logger.warn("Failed to set permissions on " + path);
   }
   return new FileOutputStream(file);
 }
예제 #3
0
  public static void createGridsshkey(char[] password, String id) throws Exception {

    if (gridsshkeyExists()) {
      throw new Exception("Key and/or Cert file(s) already exist.");
    }

    JSch jsch = new JSch();
    KeyPair kpair = KeyPair.genKeyPair(jsch, KEY_TYPE);
    kpair.setPassphrase(new String(password));
    kpair.writePrivateKey(CommonGridProperties.getDefault().getGridSSHKey());
    kpair.writePublicKey(CommonGridProperties.getDefault().getGridSSHCert(), id);
    kpair.dispose();

    Util.setFilePermissions(CommonGridProperties.getDefault().getGridSSHKey(), 600);
    Util.setFilePermissions(CommonGridProperties.getDefault().getGridSSHCert(), 600);
  }
예제 #4
0
 /**
  * Returns hostname of this server. The format of the host conforms to RFC 2732, i.e. for a
  * literal IPv6 address, this method will return the IPv6 address enclosed in square brackets ('['
  * and ']').
  *
  * @return hostname
  */
 public String getHost() {
   String host = Util.getLocalHostAddress();
   try {
     URL u = new URL("http", host, 80, "/");
     return u.getHost();
   } catch (MalformedURLException e) {
     return host;
   }
 }
예제 #5
0
 /**
  * Returns hostname of this server
  *
  * @return hostname
  */
 public String getHostname() {
   return Util.getLocalHostAddress();
 }
예제 #6
0
  /** Generates a encrypted private key and certificate request. */
  public static void genCertificateRequest(
      String dname,
      String emailAddressOfCA,
      String password,
      String privKeyLoc,
      String certLoc,
      String certReqLoc)
      throws Exception {

    String sigAlgName = "MD5WithRSA";
    String keyAlgName = "RSA";

    CertUtil.init();

    // Generate a new key pair.
    KeyPairGenerator keygen = KeyPairGenerator.getInstance(keyAlgName);
    KeyPair keyPair = keygen.genKeyPair();
    PrivateKey privKey = keyPair.getPrivate();
    PublicKey pubKey = keyPair.getPublic();

    // Generate the certificate request.
    X509Name name = new X509Name(dname);
    DERConstructedSet derSet = new DERConstructedSet();
    PKCS10CertificationRequest request =
        new PKCS10CertificationRequest(sigAlgName, name, pubKey, derSet, privKey);

    // Save the certificate request to a .pem file.
    byte[] data = request.getEncoded();
    PrintStream ps = new PrintStream(new FileOutputStream(certReqLoc));

    // build / delimited name.
    String certSubject = "";
    StringTokenizer tokens = new StringTokenizer(dname, ",");
    while (tokens.hasMoreTokens()) {
      certSubject = certSubject + "/" + tokens.nextToken();
    }

    /*        ps.print( "\n\n"
    + "Please mail the following certificate request to " + emailAddressOfCA + "\n"
    + "\n"
    + "==================================================================\n"
    + "\n"
    + "Certificate Subject:\n"
    + "\n"
    + certSubject
    + "\n"
    + "\n"
    + "The above string is known as your user certificate subject, and it \n"
    + "uniquely identifies this user.\n"
    + "\n"
    + "To install this user certificate, please save this e-mail message\n"
    + "into the following file.\n"
    + "\n"
    + "\n"
    + certLoc
    + "\n"
    + "\n"
    + "\n"
    + "      You need not edit this message in any way. Simply \n"
    + "      save this e-mail message to the file.\n"
    + "\n"
    + "\n"
    + "If you have any questions about the certificate contact\n"
    + "the Certificate Authority at " + emailAddressOfCA + "\n"
    + "\n");*/
    ps.print(toPEM(data));
    ps.close();

    // Save private key to a .pem file.
    OpenSSLKey key = new BouncyCastleOpenSSLKey(privKey);
    if (password.length() != 0) {
      key.encrypt(password);
    }
    key.writeTo(new File(privKeyLoc).getAbsolutePath());
    // set read only permissions
    Util.setFilePermissions(privKeyLoc, 600);

    // Create an empty cert file.
    /*        File f = new File(certLoc);
    f.createNewFile();*/
  }
예제 #7
0
  public static void main(String[] args) {

    boolean bOk = parseCmdLine(args);

    String userCertFile = "";
    String userKeyFile = "";
    String userCertReqFile = "";
    if (bOk) {

      // Get default location of cert.
      CoGProperties props = CoGProperties.getDefault();

      // If no alternate directory specified.
      if (certDir == null) {
        userCertFile = props.getUserCertFile();
        userKeyFile = props.getUserKeyFile();
        // Get root dir of default cert location.
        int pos = userKeyFile.lastIndexOf(File.separator);
        certDir = userKeyFile.substring(0, pos + 1);
      } else {
        // If alternate directory specified set cert locations.
        if (certDir.endsWith(File.separator) == false) {
          certDir += File.separator;
        }
        userCertFile = certDir + prefix + "cert.pem";
        userKeyFile = certDir + prefix + "key.pem";
      }

      // Cert request file name.
      userCertReqFile = userCertFile.substring(0, userCertFile.length() - 4) + "_request.pem";
    }

    File fDir = null;
    fDir = new File(certDir);
    if (bOk) {
      // Create dir if does not exists.
      if (!fDir.exists()) {
        fDir.mkdir();
      }

      // Make sure directory exists.
      if (!fDir.exists() || !fDir.isDirectory()) {
        System.out.println("The directory " + certDir + " does not exists.");
        bOk = false;
      }
    }

    // Make sure we can write to it.
    if (bOk) {
      if (!fDir.canWrite()) {
        System.out.println("Can't write to " + certDir);
        bOk = false;
      }
    }

    // Check not to overwrite any of these files.
    if (bOk) {
      if (force == false) {
        boolean bFileExists = false;
        File f = new File(userKeyFile);
        if (f.exists()) {
          System.out.println(userKeyFile + " exists");
          bFileExists = true;
        }
        f = new File(userCertFile);
        if (f.exists()) {
          System.out.println(userCertFile + " exists");
          bFileExists = true;
        }
        f = new File(userCertReqFile);
        if (f.exists()) {
          System.out.println(userCertReqFile + " exists");
          bFileExists = true;
        }

        if (bFileExists) {
          System.out.println("If you wish to overwrite, run the script again with -force.");
          bOk = false;
        }
      }
    }

    String password = "";
    if (bOk && !noPswd) {
      // Get password from user.
      bOk = false;
      int attempts = 0;

      System.out.println(message);

      while (bOk == false && attempts < 3) {
        password = Util.getInput("Enter PEM pass phrase: ");
        String password2 = Util.getInput("Verify password Enter PEM pass phrase: ");
        if (password.compareTo(password2) != 0) {
          System.out.println("Verify failure");
        } else {
          if (password.length() < 4) {
            System.out.println("phrase is too short, needs to be at least 4 chars");
          } else {
            bOk = true;
          }
        }
        attempts++;
      }
    }

    // Generate cert request.
    if (bOk) {

      try {
        System.out.println("writing new private key to " + userKeyFile);
        genCertificateRequest(
            cn, "*****@*****.**", password, userKeyFile, userCertFile, userCertReqFile);
      } catch (Exception e) {
        System.out.println("error: " + e);
        e.printStackTrace();
      }
    }
  }