summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/policy/extensions/ExtendedKeyUsageExt.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/policy/extensions/ExtendedKeyUsageExt.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/policy/extensions/ExtendedKeyUsageExt.java71
1 files changed, 36 insertions, 35 deletions
diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/ExtendedKeyUsageExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/ExtendedKeyUsageExt.java
index b5c4176d0..4bba5d371 100644
--- a/pki/base/common/src/com/netscape/cms/policy/extensions/ExtendedKeyUsageExt.java
+++ b/pki/base/common/src/com/netscape/cms/policy/extensions/ExtendedKeyUsageExt.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.policy.extensions;
-
import java.io.IOException;
import java.security.cert.CertificateException;
import java.util.Locale;
@@ -40,20 +39,20 @@ import com.netscape.certsrv.request.IRequest;
import com.netscape.certsrv.request.PolicyResult;
import com.netscape.cms.policy.APolicyRule;
-
/**
* This implements the extended key usage extension.
* <P>
+ *
* <PRE>
* NOTE: The Policy Framework has been replaced by the Profile Framework.
* </PRE>
* <P>
- *
+ *
* @deprecated
* @version $Revision$, $Date$
*/
public class ExtendedKeyUsageExt extends APolicyRule
- implements IEnrollmentPolicy, IExtendedPluginInfo {
+ implements IEnrollmentPolicy, IExtendedPluginInfo {
public static final String PROP_CRITICAL = "critical";
protected static final String PROP_PURPOSE_ID = "id";
protected static final String PROP_NUM_IDS = "numIds";
@@ -63,7 +62,7 @@ public class ExtendedKeyUsageExt extends APolicyRule
private Vector mUsages = null;
private String[] mParams = null;
-
+
// PKIX specifies the that the extension SHOULD NOT be critical
public static final boolean DEFAULT_CRITICALITY = false;
@@ -81,7 +80,7 @@ public class ExtendedKeyUsageExt extends APolicyRule
* Performs one-time initialization of the policy.
*/
public void init(ISubsystem owner, IConfigStore config)
- throws EBaseException {
+ throws EBaseException {
mConfig = config;
setExtendedPluginInfo();
setupParams();
@@ -99,7 +98,7 @@ public class ExtendedKeyUsageExt extends APolicyRule
}
X509CertInfo[] ci =
- req.getExtDataInCertInfoArray(IRequest.CERT_INFO);
+ req.getExtDataInCertInfoArray(IRequest.CERT_INFO);
if (ci == null || ci[0] == null) {
setError(req, CMS.getUserMessage("CMS_POLICY_NO_CERT_INFO"), NAME);
@@ -119,15 +118,15 @@ public class ExtendedKeyUsageExt extends APolicyRule
try {
// find the extensions in the certInfo
CertificateExtensions extensions = (CertificateExtensions)
- certInfo.get(X509CertInfo.EXTENSIONS);
+ certInfo.get(X509CertInfo.EXTENSIONS);
// prepare the extensions data structure
if (extensions == null) {
certInfo.set(X509CertInfo.VERSION,
- new CertificateVersion(CertificateVersion.V3));
+ new CertificateVersion(CertificateVersion.V3));
extensions = new CertificateExtensions();
certInfo.set(X509CertInfo.VERSION,
- new CertificateVersion(CertificateVersion.V3));
+ new CertificateVersion(CertificateVersion.V3));
certInfo.set(X509CertInfo.EXTENSIONS, extensions);
} else {
try {
@@ -143,17 +142,17 @@ public class ExtendedKeyUsageExt extends APolicyRule
} catch (IOException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("BASE_IO_ERROR", e.getMessage()));
setError(req, CMS.getUserMessage("CMS_POLICY_UNEXPECTED_POLICY_ERROR"), NAME,
- e.getMessage());
+ e.getMessage());
return PolicyResult.REJECTED;
} catch (CertificateException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CA_CERT_INFO_ERROR",
e.getMessage()));
setError(req, CMS.getUserMessage("CMS_POLICY_UNEXPECTED_POLICY_ERROR"), NAME,
- e.getMessage());
+ e.getMessage());
return PolicyResult.REJECTED;
}
}
-
+
/**
* Returns instance specific parameters.
*/
@@ -172,16 +171,16 @@ public class ExtendedKeyUsageExt extends APolicyRule
for (int i = 0; i < numIds; i++) {
if (mUsages.size() <= i) {
- params.addElement(PROP_PURPOSE_ID +
- Integer.toString(i) + "=");
+ params.addElement(PROP_PURPOSE_ID +
+ Integer.toString(i) + "=");
} else {
usage = ((ObjectIdentifier) mUsages.elementAt(i)).toString();
if (usage == null) {
- params.addElement(PROP_PURPOSE_ID +
- Integer.toString(i) + "=");
+ params.addElement(PROP_PURPOSE_ID +
+ Integer.toString(i) + "=");
} else {
- params.addElement(PROP_PURPOSE_ID +
- Integer.toString(i) + "=" + usage);
+ params.addElement(PROP_PURPOSE_ID +
+ Integer.toString(i) + "=" + usage);
}
}
}
@@ -200,17 +199,17 @@ public class ExtendedKeyUsageExt extends APolicyRule
}
for (int i = 0; i < mNum; i++) {
v.addElement(PROP_PURPOSE_ID + Integer.toString(i) + ";string;" +
- "A unique,valid OID specified in dot-separated numeric component notation. e.g. 2.16.840.1.113730.1.99");
+ "A unique,valid OID specified in dot-separated numeric component notation. e.g. 2.16.840.1.113730.1.99");
}
v.addElement(PROP_NUM_IDS + ";number;The total number of policy IDs.");
v.addElement(PROP_CRITICAL +
- ";boolean;RFC 2459 recommendation: This extension may, at the option of the certificate issuer, be either critical or non-critical.");
+ ";boolean;RFC 2459 recommendation: This extension may, at the option of the certificate issuer, be either critical or non-critical.");
v.addElement(IExtendedPluginInfo.HELP_TOKEN +
- ";configuration-policyrules-extendedkeyusage");
+ ";configuration-policyrules-extendedkeyusage");
v.addElement(IExtendedPluginInfo.HELP_TEXT +
- ";Adds Extended Key Usage Extension. Defined in RFC 2459 " +
- "(4.2.1.13)");
+ ";Adds Extended Key Usage Extension. Defined in RFC 2459 " +
+ "(4.2.1.13)");
mParams = com.netscape.cmsutil.util.Utils.getStringArrayFromVector(v);
}
@@ -221,7 +220,7 @@ public class ExtendedKeyUsageExt extends APolicyRule
}
return mParams;
}
-
+
/**
* Returns default parameters.
*/
@@ -235,30 +234,32 @@ public class ExtendedKeyUsageExt extends APolicyRule
}
return defParams;
}
-
+
/**
* Setups parameters.
*/
private void setupParams() throws EBaseException {
-
+
mCritical = mConfig.getBoolean(PROP_CRITICAL, false);
if (mUsages == null) {
mUsages = new Vector();
}
-
+
int mNum = mConfig.getInteger(PROP_NUM_IDS, MAX_PURPOSE_ID);
for (int i = 0; i < mNum; i++) {
ObjectIdentifier usageOID = null;
-
- String usage = mConfig.getString(PROP_PURPOSE_ID +
+
+ String usage = mConfig.getString(PROP_PURPOSE_ID +
Integer.toString(i), null);
try {
-
- if (usage == null) break;
+
+ if (usage == null)
+ break;
usage = usage.trim();
- if (usage.equals("")) break;
+ if (usage.equals(""))
+ break;
if (usage.equalsIgnoreCase("ocspsigning")) {
usageOID = ObjectIdentifier.getObjectIdentifier(ExtendedKeyUsageExtension.OID_OCSPSigning);
} else if (usage.equalsIgnoreCase("codesigning")) {
@@ -268,10 +269,10 @@ public class ExtendedKeyUsageExt extends APolicyRule
usageOID = ObjectIdentifier.getObjectIdentifier(usage);
}
} catch (IOException ex) {
- throw new EBaseException(this.getClass().getName() + ":" +
+ throw new EBaseException(this.getClass().getName() + ":" +
ex.getMessage());
} catch (NumberFormatException ex) {
- throw new EBaseException(this.getClass().getName() + ":" +
+ throw new EBaseException(this.getClass().getName() + ":" +
"OID '" + usage + "' format error");
}
mUsages.addElement(usageOID);
generated by cgit (git 2.34.1) at 2024-06-30 06:11:09 +0000