summaryrefslogtreecommitdiffstats
path: root/base/server/cms/src/com/netscape/cms/profile
diff options
context:
space:
mode:
Diffstat (limited to 'base/server/cms/src/com/netscape/cms/profile')
-rw-r--r--base/server/cms/src/com/netscape/cms/profile/constraint/CAEnrollConstraint.java7
-rw-r--r--base/server/cms/src/com/netscape/cms/profile/constraint/CAValidityConstraint.java16
-rw-r--r--base/server/cms/src/com/netscape/cms/profile/def/AuthorityKeyIdentifierExtDefault.java10
-rw-r--r--base/server/cms/src/com/netscape/cms/profile/def/CAEnrollDefault.java9
-rw-r--r--base/server/cms/src/com/netscape/cms/profile/def/EnrollDefault.java34
5 files changed, 45 insertions, 31 deletions
diff --git a/base/server/cms/src/com/netscape/cms/profile/constraint/CAEnrollConstraint.java b/base/server/cms/src/com/netscape/cms/profile/constraint/CAEnrollConstraint.java
index c0a9758da..b0cc927b2 100644
--- a/base/server/cms/src/com/netscape/cms/profile/constraint/CAEnrollConstraint.java
+++ b/base/server/cms/src/com/netscape/cms/profile/constraint/CAEnrollConstraint.java
@@ -17,11 +17,12 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.profile.constraint;
-import netscape.security.x509.X509CertImpl;
-
import com.netscape.certsrv.apps.CMS;
+import com.netscape.certsrv.base.EBaseException;
import com.netscape.certsrv.ca.ICertificateAuthority;
+import netscape.security.x509.X509CertImpl;
+
/**
* This class represents an abstract class for CA enrollment
* constraint.
@@ -38,7 +39,7 @@ public abstract class CAEnrollConstraint extends EnrollConstraint {
/**
* Retrieves the CA certificate.
*/
- public X509CertImpl getCACert() {
+ public X509CertImpl getCACert() throws EBaseException {
ICertificateAuthority ca = (ICertificateAuthority)
CMS.getSubsystem(CMS.SUBSYSTEM_CA);
X509CertImpl caCert = ca.getCACert();
diff --git a/base/server/cms/src/com/netscape/cms/profile/constraint/CAValidityConstraint.java b/base/server/cms/src/com/netscape/cms/profile/constraint/CAValidityConstraint.java
index a7a159de3..77585c076 100644
--- a/base/server/cms/src/com/netscape/cms/profile/constraint/CAValidityConstraint.java
+++ b/base/server/cms/src/com/netscape/cms/profile/constraint/CAValidityConstraint.java
@@ -21,11 +21,8 @@ import java.io.IOException;
import java.util.Date;
import java.util.Locale;
-import netscape.security.x509.CertificateValidity;
-import netscape.security.x509.X509CertImpl;
-import netscape.security.x509.X509CertInfo;
-
import com.netscape.certsrv.apps.CMS;
+import com.netscape.certsrv.base.EBaseException;
import com.netscape.certsrv.base.IConfigStore;
import com.netscape.certsrv.profile.EProfileException;
import com.netscape.certsrv.profile.ERejectException;
@@ -37,6 +34,10 @@ import com.netscape.cms.profile.def.NoDefault;
import com.netscape.cms.profile.def.UserValidityDefault;
import com.netscape.cms.profile.def.ValidityDefault;
+import netscape.security.x509.CertificateValidity;
+import netscape.security.x509.X509CertImpl;
+import netscape.security.x509.X509CertInfo;
+
/**
* This class implements the validity constraint.
* It checks if the validity in the certificate
@@ -56,7 +57,12 @@ public class CAValidityConstraint extends CAEnrollConstraint {
public void init(IProfile profile, IConfigStore config)
throws EProfileException {
super.init(profile, config);
- X509CertImpl caCert = getCACert();
+ X509CertImpl caCert;
+ try {
+ caCert = getCACert();
+ } catch (EBaseException e) {
+ throw new EProfileException(e);
+ }
mDefNotBefore = caCert.getNotBefore();
mDefNotAfter = caCert.getNotAfter();
diff --git a/base/server/cms/src/com/netscape/cms/profile/def/AuthorityKeyIdentifierExtDefault.java b/base/server/cms/src/com/netscape/cms/profile/def/AuthorityKeyIdentifierExtDefault.java
index bd71a4ef8..e2208aba7 100644
--- a/base/server/cms/src/com/netscape/cms/profile/def/AuthorityKeyIdentifierExtDefault.java
+++ b/base/server/cms/src/com/netscape/cms/profile/def/AuthorityKeyIdentifierExtDefault.java
@@ -21,6 +21,7 @@ import java.io.IOException;
import java.util.Locale;
import com.netscape.certsrv.apps.CMS;
+import com.netscape.certsrv.base.EBaseException;
import com.netscape.certsrv.base.IConfigStore;
import com.netscape.certsrv.ca.AuthorityID;
import com.netscape.certsrv.ca.ICertificateAuthority;
@@ -173,12 +174,17 @@ public class AuthorityKeyIdentifierExtDefault extends CAEnrollDefault {
if (ca == null)
throw new EProfileException("Could not reach requested CA");
- AuthorityKeyIdentifierExtension ext = createExtension(ca, info);
+ AuthorityKeyIdentifierExtension ext;
+ try {
+ ext = createExtension(ca, info);
+ } catch (EBaseException e) {
+ throw new EProfileException(e);
+ }
addExtension(PKIXExtensions.AuthorityKey_Id.toString(), ext, info);
}
public AuthorityKeyIdentifierExtension createExtension(
- ICertificateAuthority ca, X509CertInfo info) {
+ ICertificateAuthority ca, X509CertInfo info) throws EBaseException {
KeyIdentifier kid = null;
String localKey = getConfig("localKey");
if (localKey != null && localKey.equals("true")) {
diff --git a/base/server/cms/src/com/netscape/cms/profile/def/CAEnrollDefault.java b/base/server/cms/src/com/netscape/cms/profile/def/CAEnrollDefault.java
index 696830ead..14484e0c3 100644
--- a/base/server/cms/src/com/netscape/cms/profile/def/CAEnrollDefault.java
+++ b/base/server/cms/src/com/netscape/cms/profile/def/CAEnrollDefault.java
@@ -22,6 +22,10 @@ import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
+import com.netscape.certsrv.apps.CMS;
+import com.netscape.certsrv.base.EBaseException;
+import com.netscape.certsrv.ca.ICertificateAuthority;
+
import netscape.security.x509.CertificateX509Key;
import netscape.security.x509.KeyIdentifier;
import netscape.security.x509.PKIXExtensions;
@@ -30,9 +34,6 @@ import netscape.security.x509.X509CertImpl;
import netscape.security.x509.X509CertInfo;
import netscape.security.x509.X509Key;
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.ca.ICertificateAuthority;
-
/**
* This class implements an abstract CA specific
* Enrollment default. This policy can only be
@@ -68,7 +69,7 @@ public abstract class CAEnrollDefault extends EnrollDefault {
return null;
}
- public KeyIdentifier getCAKeyIdentifier(ICertificateAuthority ca) {
+ public KeyIdentifier getCAKeyIdentifier(ICertificateAuthority ca) throws EBaseException {
X509CertImpl caCert = ca.getCACert();
if (caCert == null) {
// during configuration, we dont have the CA certificate
diff --git a/base/server/cms/src/com/netscape/cms/profile/def/EnrollDefault.java b/base/server/cms/src/com/netscape/cms/profile/def/EnrollDefault.java
index 8a6fa4cef..00d669e37 100644
--- a/base/server/cms/src/com/netscape/cms/profile/def/EnrollDefault.java
+++ b/base/server/cms/src/com/netscape/cms/profile/def/EnrollDefault.java
@@ -24,6 +24,23 @@ import java.util.NoSuchElementException;
import java.util.StringTokenizer;
import java.util.Vector;
+import com.netscape.certsrv.apps.CMS;
+import com.netscape.certsrv.base.EBaseException;
+import com.netscape.certsrv.base.IAttrSet;
+import com.netscape.certsrv.base.IConfigStore;
+import com.netscape.certsrv.base.IPrettyPrintFormat;
+import com.netscape.certsrv.common.NameValuePairs;
+import com.netscape.certsrv.pattern.Pattern;
+import com.netscape.certsrv.profile.EProfileException;
+import com.netscape.certsrv.profile.ICertInfoPolicyDefault;
+import com.netscape.certsrv.profile.IEnrollProfile;
+import com.netscape.certsrv.profile.IPolicyDefault;
+import com.netscape.certsrv.profile.IProfile;
+import com.netscape.certsrv.property.EPropertyException;
+import com.netscape.certsrv.property.IDescriptor;
+import com.netscape.certsrv.request.IRequest;
+import com.netscape.cms.profile.common.EnrollProfile;
+
import netscape.security.extensions.KerberosName;
import netscape.security.util.DerInputStream;
import netscape.security.util.DerOutputStream;
@@ -43,23 +60,6 @@ import netscape.security.x509.URIName;
import netscape.security.x509.X500Name;
import netscape.security.x509.X509CertInfo;
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IAttrSet;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.base.IPrettyPrintFormat;
-import com.netscape.certsrv.common.NameValuePairs;
-import com.netscape.certsrv.pattern.Pattern;
-import com.netscape.certsrv.profile.EProfileException;
-import com.netscape.certsrv.profile.ICertInfoPolicyDefault;
-import com.netscape.certsrv.profile.IEnrollProfile;
-import com.netscape.certsrv.profile.IPolicyDefault;
-import com.netscape.certsrv.profile.IProfile;
-import com.netscape.certsrv.property.EPropertyException;
-import com.netscape.certsrv.property.IDescriptor;
-import com.netscape.certsrv.request.IRequest;
-import com.netscape.cms.profile.common.EnrollProfile;
-
/**
* This class implements an enrollment default policy.
*
generated by cgit (git 2.34.1) at 2024-05-17 04:00:35 +0000