summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java85
1 files changed, 39 insertions, 46 deletions
diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java
index 7f7537bfe..57176950a 100644
--- a/pki/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java
+++ b/pki/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.policy.constraints;
-
import java.util.Enumeration;
import java.util.Locale;
import java.util.StringTokenizer;
@@ -41,21 +40,21 @@ import com.netscape.certsrv.request.IRequest;
import com.netscape.certsrv.request.PolicyResult;
import com.netscape.cms.policy.APolicyRule;
-
/**
* RSAKeyConstraints policy enforces min and max size of the key.
* Optionally checks the exponents.
* <P>
+ *
* <PRE>
* NOTE: The Policy Framework has been replaced by the Profile Framework.
* </PRE>
* <P>
- *
+ *
* @deprecated
* @version $Revision$, $Date$
*/
public class RSAKeyConstraints extends APolicyRule
- implements IEnrollmentPolicy, IExtendedPluginInfo {
+ implements IEnrollmentPolicy, IExtendedPluginInfo {
private Vector mExponents;
private int mMinSize;
private int mMaxSize;
@@ -81,10 +80,10 @@ public class RSAKeyConstraints extends APolicyRule
PROP_MAX_SIZE + ";number;Maximum size of user's RSA key (bits)",
PROP_EXPONENTS + ";string;Comma-separated list of permissible exponents",
IExtendedPluginInfo.HELP_TOKEN +
- ";configuration-policyrules-rsakeyconstraints",
+ ";configuration-policyrules-rsakeyconstraints",
IExtendedPluginInfo.HELP_TEXT +
- ";Reject request if RSA key length is not within the " +
- "specified constraints"
+ ";Reject request if RSA key length is not within the " +
+ "specified constraints"
};
return params;
@@ -98,38 +97,34 @@ public class RSAKeyConstraints extends APolicyRule
/**
* Initializes this policy rule.
* <P>
- *
+ *
* The entries probably are of the form:
- *
- * ra.Policy.rule.<ruleName>.implName=RSAKeyConstraints
- * ra.Policy.rule.<ruleName>.enable=true
- * ra.Policy.rule.<ruleName>.minSize=512
- * ra.Policy.rule.<ruleName>.maxSize=2048
- * ra.Policy.rule.<ruleName>.predicate=ou==Marketing
- *
- * @param config The config store reference
+ *
+ * ra.Policy.rule.<ruleName>.implName=RSAKeyConstraints ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.minSize=512 ra.Policy.rule.<ruleName>.maxSize=2048 ra.Policy.rule.<ruleName>.predicate=ou==Marketing
+ *
+ * @param config The config store reference
*/
public void init(ISubsystem owner, IConfigStore config)
- throws EBaseException {
+ throws EBaseException {
if (config == null || config.size() == 0)
throw new EPolicyException(
CMS.getUserMessage("CMS_POLICY_MISSING_POLICY_CONFIG",
- getInstanceName()));
+ getInstanceName()));
String exponents = null;
// Get Min and Max sizes
mMinSize = config.getInteger(PROP_MIN_SIZE, DEF_MIN_SIZE);
mMaxSize = config.getInteger(PROP_MAX_SIZE, DEF_MAX_SIZE);
- if (mMinSize <= 0)
+ if (mMinSize <= 0)
throw new EBaseException(
CMS.getUserMessage("CMS_BASE_MUST_BE_POSITIVE_NUMBER", PROP_MIN_SIZE));
- if (mMaxSize <= 0)
+ if (mMaxSize <= 0)
throw new EBaseException(
CMS.getUserMessage("CMS_BASE_MUST_BE_POSITIVE_NUMBER", PROP_MAX_SIZE));
- if (mMinSize > mMaxSize)
+ if (mMinSize > mMaxSize)
throw new EBaseException(
CMS.getUserMessage("CMS_BASE_A_GREATER_THAN_EQUAL_B", PROP_MIN_SIZE, PROP_MAX_SIZE));
@@ -149,8 +144,8 @@ public class RSAKeyConstraints extends APolicyRule
}
} catch (Exception e) {
// e.printStackTrace();
- String[] params = {getInstanceName(), exponents,
- PROP_EXPONENTS};
+ String[] params = { getInstanceName(), exponents,
+ PROP_EXPONENTS };
throw new EPolicyException(
CMS.getUserMessage("CMS_POLICY_INVALID_CONFIG_PARAM", params));
@@ -161,8 +156,8 @@ public class RSAKeyConstraints extends APolicyRule
/**
* Applies the policy on the given Request.
* <P>
- *
- * @param req The request on which to apply policy.
+ *
+ * @param req The request on which to apply policy.
* @return The policy result object.
*/
public PolicyResult apply(IRequest req) {
@@ -172,11 +167,11 @@ public class RSAKeyConstraints extends APolicyRule
try {
// Get the certificate info from the request
X509CertInfo certInfo[] =
- req.getExtDataInCertInfoArray(IRequest.CERT_INFO);
+ req.getExtDataInCertInfoArray(IRequest.CERT_INFO);
// There should be a certificate info set.
if (certInfo == null) {
- setError(req, CMS.getUserMessage("CMS_POLICY_NO_CERT_INFO",
+ setError(req, CMS.getUserMessage("CMS_POLICY_NO_CERT_INFO",
getInstanceName()), "");
return PolicyResult.REJECTED;
}
@@ -184,7 +179,7 @@ public class RSAKeyConstraints extends APolicyRule
// Else check if the key size(s) are within the limit.
for (int i = 0; i < certInfo.length; i++) {
CertificateX509Key certKey = (CertificateX509Key)
- certInfo[i].get(X509CertInfo.KEY);
+ certInfo[i].get(X509CertInfo.KEY);
X509Key key = (X509Key) certKey.get(CertificateX509Key.KEY);
String alg = key.getAlgorithmId().toString();
@@ -196,22 +191,22 @@ public class RSAKeyConstraints extends APolicyRule
newkey = new X509Key(AlgorithmId.get("RSA"),
key.getKey());
} catch (Exception e) {
- CMS.debug( "RSAKeyConstraints::apply() - "
- + "Exception="+e.toString() );
- setError( req,
- CMS.getUserMessage( "CMS_POLICY_KEY_SIZE_VIOLATION",
- getInstanceName() ),
- "" );
+ CMS.debug("RSAKeyConstraints::apply() - "
+ + "Exception=" + e.toString());
+ setError(req,
+ CMS.getUserMessage("CMS_POLICY_KEY_SIZE_VIOLATION",
+ getInstanceName()),
+ "");
return PolicyResult.REJECTED;
}
RSAPublicKey rsaKey = new RSAPublicKey(newkey.getEncoded());
int keySize = rsaKey.getKeySize();
if (keySize < mMinSize || keySize > mMaxSize) {
- String[] params = {getInstanceName(),
- String.valueOf(keySize),
+ String[] params = { getInstanceName(),
+ String.valueOf(keySize),
String.valueOf(mMinSize),
- String.valueOf(mMaxSize)};
+ String.valueOf(mMaxSize) };
setError(req, CMS.getUserMessage("CMS_POLICY_KEY_SIZE_VIOLATION",
params), "");
@@ -226,15 +221,14 @@ public class RSAKeyConstraints extends APolicyRule
if (!mExponents.contains(exp)) {
StringBuffer sb = new StringBuffer();
- for (Enumeration e = mExponents.elements();
- e.hasMoreElements();) {
+ for (Enumeration e = mExponents.elements(); e.hasMoreElements();) {
BigInt bi = (BigInt) e.nextElement();
sb.append(bi.toBigInteger().toString());
sb.append(" ");
}
- String[] params = {getInstanceName(),
- exp.toBigInteger().toString(), new String(sb)};
+ String[] params = { getInstanceName(),
+ exp.toBigInteger().toString(), new String(sb) };
setError(req, CMS.getUserMessage("CMS_POLICY_EXPONENT_VIOLATION", params), "");
result = PolicyResult.REJECTED;
@@ -243,7 +237,7 @@ public class RSAKeyConstraints extends APolicyRule
}
} catch (Exception e) {
// e.printStackTrace();
- String params[] = {getInstanceName(), e.toString()};
+ String params[] = { getInstanceName(), e.toString() };
setError(req, CMS.getUserMessage("CMS_POLICY_UNEXPECTED_POLICY_ERROR", params), "");
result = PolicyResult.REJECTED;
@@ -253,10 +247,10 @@ public class RSAKeyConstraints extends APolicyRule
/**
* Return configured parameters for a policy rule instance.
- *
+ *
* @return nvPairs A Vector of name/value pairs.
*/
- public Vector getInstanceParams() {
+ public Vector getInstanceParams() {
Vector confParams = new Vector();
confParams.addElement(PROP_MIN_SIZE + "=" + mMinSize);
@@ -275,11 +269,10 @@ public class RSAKeyConstraints extends APolicyRule
/**
* Return default parameters for a policy implementation.
- *
+ *
* @return nvPairs A Vector of name/value pairs.
*/
public Vector getDefaultParams() {
return defConfParams;
}
}
-
generated by cgit (git 2.34.1) at 2024-06-30 06:42:02 +0000