The PKCS12Util class has been modified to use SLF4J logging framework. The CMake scripts has been modified to include SLF4J libraries in the classpath. The spec file has been modified to add SLF4J dependencies.
https://fedorahosted.org/pki/ticket/195 -- Endi S. Dewata
>From 29d7068c74effbb6337154d30ca940d445c2ffc7 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" <edew...@redhat.com> Date: Fri, 18 Nov 2016 07:54:53 +0100 Subject: [PATCH] Update PKCS12Util to use SLF4J. The PKCS12Util class has been modified to use SLF4J logging framework. The CMake scripts has been modified to include SLF4J libraries in the classpath. The spec file has been modified to add SLF4J dependencies. https://fedorahosted.org/pki/ticket/195 --- .classpath | 1 + base/CMakeLists.txt | 14 ++++++ base/common/CMakeLists.txt | 2 + base/server/CMakeLists.txt | 2 + base/util/src/CMakeLists.txt | 1 + .../src/netscape/security/pkcs/PKCS12Util.java | 51 +++++++++++----------- specs/pki-core.spec | 7 ++- 7 files changed, 52 insertions(+), 26 deletions(-) diff --git a/.classpath b/.classpath index cbb7b2f034c1201f27456e3dd461bdc271b1b2ac..8c4d2b8d979eadc3da56ccaa21453bc62f04b104 100644 --- a/.classpath +++ b/.classpath @@ -61,5 +61,6 @@ <classpathentry kind="lib" path="/usr/share/java/tomcatjss.jar"/> <classpathentry kind="lib" path="/usr/share/java/tomcat/tomcat-api.jar"/> <classpathentry kind="lib" path="/usr/share/java/tomcat/tomcat-util-scan.jar"/> + <classpathentry kind="lib" path="/usr/share/java/slf4j/slf4j-api.jar"/> <classpathentry kind="output" path="build/classes"/> </classpath> diff --git a/base/CMakeLists.txt b/base/CMakeLists.txt index bb156ba48c008ec12fb52f4f35fbb853d9b0fff5..e29101cc8c0b002f2907031e1b540dc89b9f5d49 100644 --- a/base/CMakeLists.txt +++ b/base/CMakeLists.txt @@ -1,5 +1,19 @@ project(base) +find_file(SLF4J_API_JAR + NAMES + slf4j-api.jar + PATHS + /usr/share/java/slf4j +) + +find_file(SLF4J_JDK14_JAR + NAMES + slf4j-jdk14.jar + PATHS + /usr/share/java/slf4j +) + # The order is important! if (APPLICATION_FLAVOR_PKI_CORE) diff --git a/base/common/CMakeLists.txt b/base/common/CMakeLists.txt index d4b0d7f15e6f2d2ba6bddd5b332f35a86169c185..f1e236de73c1b7f1db1e8f61b5cb02d4b1cd1b8f 100644 --- a/base/common/CMakeLists.txt +++ b/base/common/CMakeLists.txt @@ -47,6 +47,8 @@ add_custom_command( COMMAND ${CMAKE_COMMAND} -E create_symlink ${RESTEASY_LIB}/resteasy-jaxrs-jandex.jar lib/resteasy-jaxrs-jandex.jar COMMAND ${CMAKE_COMMAND} -E create_symlink ${RESTEASY_LIB}/resteasy-jaxrs.jar lib/resteasy-jaxrs.jar COMMAND ${CMAKE_COMMAND} -E create_symlink /usr/share/java/servlet.jar lib/servlet.jar + COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_API_JAR} lib/slf4j-api.jar + COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_JDK14_JAR} lib/slf4j-jdk14.jar ) install( diff --git a/base/server/CMakeLists.txt b/base/server/CMakeLists.txt index be58c055eb159ed7d9e0ff1b76a2476e4e309454..e0669ca5c0f7d990b8ab8a10f9babf96cf36e4a3 100644 --- a/base/server/CMakeLists.txt +++ b/base/server/CMakeLists.txt @@ -53,6 +53,8 @@ add_custom_command( COMMAND ${CMAKE_COMMAND} -E create_symlink ${RESTEASY_LIB}/jaxrs-api.jar common/lib/resteasy-jaxrs-api.jar COMMAND ${CMAKE_COMMAND} -E create_symlink ${RESTEASY_LIB}/resteasy-jaxrs.jar common/lib/resteasy-jaxrs.jar COMMAND ${CMAKE_COMMAND} -E create_symlink /usr/share/java/scannotation.jar common/lib/scannotation.jar + COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_API_JAR} common/lib/slf4j-api.jar + COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_JDK14_JAR} common/lib/slf4j-jdk14.jar COMMAND /usr/bin/ln -sf /usr/lib/java/symkey.jar ${CMAKE_CURRENT_BINARY_DIR}/common/lib/symkey.jar COMMAND ${CMAKE_COMMAND} -E create_symlink /usr/share/java/tomcatjss.jar common/lib/tomcatjss.jar COMMAND ${CMAKE_COMMAND} -E create_symlink /usr/share/java/velocity.jar common/lib/velocity.jar diff --git a/base/util/src/CMakeLists.txt b/base/util/src/CMakeLists.txt index b434397f7c799d8a4fa3d6a7157ee5d41a0ba7cb..2a00967eac4b51937063bd98c4be8c2d5707acb4 100644 --- a/base/util/src/CMakeLists.txt +++ b/base/util/src/CMakeLists.txt @@ -75,6 +75,7 @@ javac(pki-nsutil-classes CLASSPATH ${APACHE_COMMONS_LANG_JAR} ${LDAPJDK_JAR} ${XALAN_JAR} ${XERCES_JAR} ${JSS_JAR} ${COMMONS_CODEC_JAR} + ${SLF4J_API_JAR} OUTPUT_DIR ${CMAKE_CURRENT_BINARY_DIR}/classes DEPENDS diff --git a/base/util/src/netscape/security/pkcs/PKCS12Util.java b/base/util/src/netscape/security/pkcs/PKCS12Util.java index 9a6fe19cd19bc02601a07332939c1391bc0728b7..9adb62972c3fdd57a3691374032fa78cc6b1e2dc 100644 --- a/base/util/src/netscape/security/pkcs/PKCS12Util.java +++ b/base/util/src/netscape/security/pkcs/PKCS12Util.java @@ -29,7 +29,6 @@ import java.security.Principal; import java.security.PublicKey; import java.security.cert.CertificateException; import java.util.Collection; -import java.util.logging.Logger; import org.apache.commons.lang.StringUtils; import org.mozilla.jss.CryptoManager; @@ -66,6 +65,8 @@ import org.mozilla.jss.pkix.primitive.Attribute; import org.mozilla.jss.pkix.primitive.EncryptedPrivateKeyInfo; import org.mozilla.jss.pkix.primitive.PrivateKeyInfo; import org.mozilla.jss.util.Password; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import netscape.ldap.LDAPDN; import netscape.ldap.util.DN; @@ -73,7 +74,7 @@ import netscape.security.x509.X509CertImpl; public class PKCS12Util { - private static Logger logger = Logger.getLogger(PKCS12Util.class.getName()); + private static Logger logger = LoggerFactory.getLogger(PKCS12Util.class); boolean trustFlagsEnabled = true; @@ -134,7 +135,7 @@ public class PKCS12Util { public void addKeyBag(PKCS12KeyInfo keyInfo, Password password, SEQUENCE encSafeContents) throws Exception { - logger.fine("Creating key bag for " + keyInfo.subjectDN); + logger.debug("Creating key bag for " + keyInfo.subjectDN); PasswordConverter passConverter = new PasswordConverter(); byte salt[] = { 0x01, 0x01, 0x01, 0x01 }; @@ -152,7 +153,7 @@ public class PKCS12Util { public void addCertBag(PKCS12CertInfo certInfo, SEQUENCE safeContents) throws Exception { - logger.fine("Creating cert bag for " + certInfo.nickname); + logger.debug("Creating cert bag for " + certInfo.nickname); ASN1Value cert = new OCTET_STRING(certInfo.cert.getEncoded()); CertBag certBag = new CertBag(CertBag.X509_CERT_TYPE, cert); @@ -313,7 +314,7 @@ public class PKCS12Util { try { PrivateKey privateKey = cm.findPrivKeyByCert(cert); - logger.fine("Certificate \"" + nickname + "\" has private key"); + logger.debug("Certificate \"" + nickname + "\" has private key"); PKCS12KeyInfo keyInfo = new PKCS12KeyInfo(); keyInfo.id = id; @@ -326,7 +327,7 @@ public class PKCS12Util { pkcs12.addKeyInfo(keyInfo); } catch (ObjectNotFoundException e) { - logger.fine("Certificate \"" + nickname + "\" has no private key"); + logger.debug("Certificate \"" + nickname + "\" has no private key"); } } @@ -395,7 +396,7 @@ public class PKCS12Util { BMPString subjectDN = (BMPString) new BMPString.Template().decode(bis); keyInfo.subjectDN = subjectDN.toString(); - logger.fine(" Subject DN: " + keyInfo.subjectDN); + logger.debug(" Subject DN: " + keyInfo.subjectDN); } else if (oid.equals(SafeBag.LOCAL_KEY_ID)) { @@ -406,7 +407,7 @@ public class PKCS12Util { OCTET_STRING keyID = (OCTET_STRING) new OCTET_STRING.Template().decode(bis); keyInfo.id = new BigInteger(1, keyID.toByteArray()); - logger.fine(" ID: " + keyInfo.id.toString(16)); + logger.debug(" ID: " + keyInfo.id.toString(16)); } } @@ -424,7 +425,7 @@ public class PKCS12Util { certInfo.cert = new X509CertImpl(x509cert); Principal subjectDN = certInfo.cert.getSubjectDN(); - logger.fine(" Subject DN: " + subjectDN); + logger.debug(" Subject DN: " + subjectDN); SET bagAttrs = bag.getBagAttributes(); @@ -442,7 +443,7 @@ public class PKCS12Util { BMPString nickname = (BMPString) (new BMPString.Template()).decode(bis); certInfo.nickname = nickname.toString(); - logger.fine(" Nickname: " + certInfo.nickname); + logger.debug(" Nickname: " + certInfo.nickname); } else if (oid.equals(SafeBag.LOCAL_KEY_ID)) { @@ -454,7 +455,7 @@ public class PKCS12Util { OCTET_STRING keyID = (OCTET_STRING) new OCTET_STRING.Template().decode(bis); certInfo.id = new BigInteger(1, keyID.toByteArray()); - logger.fine(" ID: " + certInfo.id.toString(16)); + logger.debug(" ID: " + certInfo.id.toString(16)); } else if (oid.equals(PKCS12.CERT_TRUST_FLAGS_OID) && trustFlagsEnabled) { @@ -465,22 +466,22 @@ public class PKCS12Util { BMPString trustFlags = (BMPString) (new BMPString.Template()).decode(is); certInfo.trustFlags = trustFlags.toString(); - logger.fine(" Trust flags: " + certInfo.trustFlags); + logger.debug(" Trust flags: " + certInfo.trustFlags); } } if (certInfo.id == null) { - logger.fine(" ID not specified, generating new ID"); + logger.debug(" ID not specified, generating new ID"); certInfo.id = createLocalID(x509cert); - logger.fine(" ID: " + certInfo.id.toString(16)); + logger.debug(" ID: " + certInfo.id.toString(16)); } if (certInfo.nickname == null) { - logger.fine(" Nickname not specified, generating new nickname"); + logger.debug(" Nickname not specified, generating new nickname"); DN dn = new DN(subjectDN.getName()); String[] values = dn.explodeDN(true); certInfo.nickname = StringUtils.join(values, " - "); - logger.fine(" Nickname: " + certInfo.nickname); + logger.debug(" Nickname: " + certInfo.nickname); } return certInfo; @@ -488,7 +489,7 @@ public class PKCS12Util { public void getKeyInfos(PKCS12 pkcs12, PFX pfx, Password password) throws Exception { - logger.fine("Load private keys:"); + logger.debug("Load private keys:"); AuthenticatedSafes safes = pfx.getAuthSafes(); @@ -503,7 +504,7 @@ public class PKCS12Util { if (!oid.equals(SafeBag.PKCS8_SHROUDED_KEY_BAG)) continue; - logger.fine(" - Private key:"); + logger.debug(" - Private key:"); PKCS12KeyInfo keyInfo = getKeyInfo(bag, password); pkcs12.addKeyInfo(keyInfo); } @@ -512,7 +513,7 @@ public class PKCS12Util { public void getCertInfos(PKCS12 pkcs12, PFX pfx, Password password) throws Exception { - logger.fine("Loading certificates:"); + logger.debug("Loading certificates:"); AuthenticatedSafes safes = pfx.getAuthSafes(); @@ -527,7 +528,7 @@ public class PKCS12Util { if (!oid.equals(SafeBag.CERT_BAG)) continue; - logger.fine(" - Certificate:"); + logger.debug(" - Certificate:"); PKCS12CertInfo certInfo = getCertInfo(bag); pkcs12.addCertInfo(certInfo, true); } @@ -589,7 +590,7 @@ public class PKCS12Util { PKCS12 pkcs12, PKCS12KeyInfo keyInfo) throws Exception { - logger.fine("Importing private key " + keyInfo.subjectDN); + logger.debug("Importing private key " + keyInfo.subjectDN); PrivateKeyInfo privateKeyInfo = keyInfo.privateKeyInfo; @@ -600,7 +601,7 @@ public class PKCS12Util { PKCS12CertInfo certInfo = pkcs12.getCertInfoByID(keyInfo.getID()); if (certInfo == null) { - logger.fine("Private key has no certificate, ignore"); + logger.debug("Private key has no certificate, ignore"); return; } @@ -653,14 +654,14 @@ public class PKCS12Util { X509Certificate cert; if (keyInfo != null) { // cert has key - logger.fine("Importing user key for " + certInfo.nickname); + logger.debug("Importing user key for " + certInfo.nickname); importKey(pkcs12, keyInfo); - logger.fine("Importing user certificate " + certInfo.nickname); + logger.debug("Importing user certificate " + certInfo.nickname); cert = cm.importUserCACertPackage(certInfo.cert.getEncoded(), certInfo.nickname); } else { // cert has no key - logger.fine("Importing CA certificate " + certInfo.nickname); + logger.debug("Importing CA certificate " + certInfo.nickname); // Note: JSS does not preserve CA certificate nickname cert = cm.importCACertPackage(certInfo.cert.getEncoded()); } diff --git a/specs/pki-core.spec b/specs/pki-core.spec index 59be03166270f1911bbccb220560f9b4faa80946..5815a630a7f60ed4ce502ef611b675da23726a87 100644 --- a/specs/pki-core.spec +++ b/specs/pki-core.spec @@ -84,6 +84,7 @@ BuildRequires: apache-commons-codec BuildRequires: apache-commons-io BuildRequires: apache-commons-lang BuildRequires: jakarta-commons-httpclient +BuildRequires: slf4j BuildRequires: nspr-devel BuildRequires: nss-devel >= 3.14.3 @@ -368,13 +369,17 @@ Summary: Certificate System - Java Framework Group: System Environment/Base BuildArch: noarch +Requires: java-1.8.0-openjdk-headless Requires: apache-commons-cli Requires: apache-commons-codec Requires: apache-commons-io Requires: apache-commons-lang Requires: apache-commons-logging Requires: jakarta-commons-httpclient -Requires: java-1.8.0-openjdk-headless +Requires: slf4j +%if ! 0%{?rhel} +Requires: slf4j-jdk14 +%endif Requires: javassist Requires: jpackage-utils >= 0:1.7.5-10 Requires: jss >= 4.2.6-40 -- 2.5.5
_______________________________________________ Pki-devel mailing list Pki-devel@redhat.com https://www.redhat.com/mailman/listinfo/pki-devel
