1
10package org.jstk.cert;
11
12import java.util.*;
13import java.security.Signature;
14import java.security.KeyPair;
15import java.security.PrivateKey;
16import java.security.PublicKey;
17import java.security.cert.X509Certificate;
18import java.security.cert.CertPath;
19import java.security.cert.CertificateException;
20import java.security.cert.CertificateFactory;
21import java.io.*;
22
23import org.jstk.*;
24import org.jstk.cert.ca.CADatabase;
25import org.jstk.cert.ca.FileBasedCADatabaseParams;
26import java.math.BigInteger;
27
28public class RevokeCertCommand extends JSTKCommandAdapter {
29 private static HashMap defaults = new HashMap();
30 static {
31 defaults.put("cerfile", "my.cer");
32 defaults.put("cadir", "cadir");
33 }
34
35 public String briefDescription(){
36 String briefDesc = "revokes a previously issued certificate";
37 return briefDesc;
38 }
39
40 public String optionsDescription(){
41 String optionsDesc =
42 " -cerfile <cerfile> : File having the DER oe PEM encoded Certificate.[" +
43 defaults.get("cerfile") + "]\n";
44 return optionsDesc;
45 }
46 public String[] useForms(){
47 String[] useForms = {
48 "[-cerfile <cerfile>]"
49 };
50 return useForms;
51 }
52 public String[] sampleUses(){
53 String[] sampleUses = {
54 "",
55 "-cerfile test.cer"
56 };
57 return sampleUses;
58 }
59
60 public X509Certificate readCertificate(String cerfile) throws Exception {
61 BufferedInputStream bis = new BufferedInputStream(new FileInputStream(cerfile));
62 CertificateFactory cf = CertificateFactory.getInstance("X.509");
63 X509Certificate cert = null;
64 bis.mark(1024);
65 try {
66 CertPath cp;
67 try {
68 cp = cf.generateCertPath(bis);
69 } catch (CertificateException ce){ bis.reset();
71 cp = cf.generateCertPath(bis, "PKCS7");
72 }
73 List list = cp.getCertificates();
74 Iterator li = list.iterator();
75 if (li.hasNext()){ cert = (X509Certificate)li.next();
77 }
78 } catch (CertificateException ce){ bis.reset();
80 cert = (X509Certificate)cf.generateCertificate(bis);
81 }
82 bis.close();
83 return cert;
84 }
85
86 public Object execute(JSTKArgs args) throws JSTKException{
87 try {
88 args.setDefaults(defaults);
89 String cerfile = args.get("cerfile");
90 String cadir = args.get("cadir");
91
92 X509Certificate cert = readCertificate(cerfile);
93
94 FileBasedCADatabaseParams fbParams = new FileBasedCADatabaseParams(cadir);
95 CADatabase cadb = CADatabase.getInstance("file", fbParams);
96 if (!cadb.getIssuedCerts().exists(cert)){
97 return new JSTKResult(null, false,
98 "Certificate not issued. serial no.: " + cert.getSerialNumber());
99 }
00 if (cadb.getRevokedCerts().exists(cert)){
01 return new JSTKResult(null, false,
02 "Certificate already revoked. serial no.: " + cert.getSerialNumber());
03 }
04 cadb.getRevokedCerts().add(cert);
05
06 return new JSTKResult(null, true,
07 "Certificate revoked. serial no.: " + cert.getSerialNumber());
08 } catch (Exception exc){
09 throw new JSTKException("RevokeCertCommand execution failed", exc);
10 }
11 }
12
13 public static void main(String[] args) throws Exception {
14 JSTKOptions opts = new JSTKOptions();
15 opts.parse(args, 0);
16 RevokeCertCommand revokeCertCmd = new RevokeCertCommand();
17 JSTKResult result = (JSTKResult)revokeCertCmd.execute(opts);
18 System.out.println(result.getText());
19 System.exit(result.isSuccess()? 0 : 1);
20 }
21}