diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/profile/constraint/RenewGracePeriodConstraint.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/profile/constraint/RenewGracePeriodConstraint.java | 165 |
1 files changed, 0 insertions, 165 deletions
diff --git a/pki/base/common/src/com/netscape/cms/profile/constraint/RenewGracePeriodConstraint.java b/pki/base/common/src/com/netscape/cms/profile/constraint/RenewGracePeriodConstraint.java deleted file mode 100644 index fb01d7d14..000000000 --- a/pki/base/common/src/com/netscape/cms/profile/constraint/RenewGracePeriodConstraint.java +++ /dev/null @@ -1,165 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.profile.constraint; - -import java.math.BigInteger; -import java.util.Date; -import java.util.Locale; - -import netscape.security.x509.X509CertInfo; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.profile.EProfileException; -import com.netscape.certsrv.profile.ERejectException; -import com.netscape.certsrv.profile.IPolicyDefault; -import com.netscape.certsrv.profile.IProfile; -import com.netscape.certsrv.property.Descriptor; -import com.netscape.certsrv.property.EPropertyException; -import com.netscape.certsrv.property.IDescriptor; -import com.netscape.certsrv.request.IRequest; -import com.netscape.cms.profile.def.NoDefault; - -/** - * This class supports renewal grace period, which has two - * parameters: graceBefore and graceAfter - * - * @author Christina Fu - * @version $Revision$, $Date$ - */ -public class RenewGracePeriodConstraint extends EnrollConstraint { - - // for renewal: # of days before the orig cert expiration date - public static final String CONFIG_RENEW_GRACE_BEFORE = "renewal.graceBefore"; - // for renewal: # of days after the orig cert expiration date - public static final String CONFIG_RENEW_GRACE_AFTER = "renewal.graceAfter"; - - public RenewGracePeriodConstraint() { - super(); - addConfigName(CONFIG_RENEW_GRACE_BEFORE); - addConfigName(CONFIG_RENEW_GRACE_AFTER); - } - - public void init(IProfile profile, IConfigStore config) - throws EProfileException { - super.init(profile, config); - } - - public void setConfig(String name, String value) - throws EPropertyException { - if (name.equals(CONFIG_RENEW_GRACE_BEFORE) || - name.equals(CONFIG_RENEW_GRACE_AFTER)) { - try { - Integer.parseInt(value); - } catch (Exception e) { - throw new EPropertyException(CMS.getUserMessage( - "CMS_INVALID_PROPERTY", CONFIG_RENEW_GRACE_BEFORE + " or " + CONFIG_RENEW_GRACE_AFTER)); - } - } - super.setConfig(name, value); - } - - public IDescriptor getConfigDescriptor(Locale locale, String name) { - if (name.equals(CONFIG_RENEW_GRACE_BEFORE)) { - return new Descriptor(IDescriptor.INTEGER, null, "30", - CMS.getUserMessage(locale, "CMS_PROFILE_RENEW_GRACE_BEFORE")); - } else if (name.equals(CONFIG_RENEW_GRACE_AFTER)) { - return new Descriptor(IDescriptor.INTEGER, null, "30", - CMS.getUserMessage(locale, "CMS_PROFILE_RENEW_GRACE_AFTER")); - } - return null; - } - - public void validate(IRequest req, X509CertInfo info) - throws ERejectException { - String origExpDate_s = req.getExtDataInString("origNotAfter"); - // probably not for renewal - if (origExpDate_s == null) { - return; - } else { - CMS.debug("validate RenewGracePeriod: original cert expiration date found... renewing"); - } - CMS.debug("ValidilityConstraint: validateRenewGraceperiod begins"); - BigInteger origExpDate_BI = new BigInteger(origExpDate_s); - Date origExpDate = new Date(origExpDate_BI.longValue()); - String renew_grace_before_s = getConfig(CONFIG_RENEW_GRACE_BEFORE); - String renew_grace_after_s = getConfig(CONFIG_RENEW_GRACE_AFTER); - int renew_grace_before = 0; - int renew_grace_after = 0; - BigInteger renew_grace_before_BI = new BigInteger(renew_grace_before_s); - BigInteger renew_grace_after_BI = new BigInteger(renew_grace_after_s); - - // -1 means no limit - if (renew_grace_before_s == "") - renew_grace_before = -1; - else - renew_grace_before = Integer.parseInt(renew_grace_before_s); - - if (renew_grace_after_s == "") - renew_grace_after = -1; - else - renew_grace_after = Integer.parseInt(renew_grace_after_s); - - if (renew_grace_before > 0) - renew_grace_before_BI = renew_grace_before_BI.multiply(BigInteger.valueOf(1000 * 86400)); - if (renew_grace_after > 0) - renew_grace_after_BI = renew_grace_after_BI.multiply(BigInteger.valueOf(1000 * 86400)); - - Date current = CMS.getCurrentDate(); - long millisDiff = origExpDate.getTime() - current.getTime(); - CMS.debug("validateRenewGracePeriod: millisDiff=" - + millisDiff + " origExpDate=" + origExpDate.getTime() + " current=" + current.getTime()); - - /* - * "days", if positive, has to be less than renew_grace_before - * "days", if negative, means already past expiration date, - * (abs value) has to be less than renew_grace_after - * if renew_grace_before or renew_grace_after are negative - * the one with negative value is ignored - */ - if (millisDiff >= 0) { - if ((renew_grace_before > 0) && (millisDiff > renew_grace_before_BI.longValue())) { - throw new ERejectException(CMS.getUserMessage(getLocale(req), - "CMS_PROFILE_RENEW_OUTSIDE_GRACE_PERIOD", - renew_grace_before + " days before and " + - renew_grace_after + " days after original cert expiration date")); - } - } else { - if ((renew_grace_after > 0) && ((0 - millisDiff) > renew_grace_after_BI.longValue())) { - throw new ERejectException(CMS.getUserMessage(getLocale(req), - "CMS_PROFILE_RENEW_OUTSIDE_GRACE_PERIOD", - renew_grace_before + " days before and " + - renew_grace_after + " days after original cert expiration date")); - } - } - } - - public String getText(Locale locale) { - String renew_grace_before_s = getConfig(CONFIG_RENEW_GRACE_BEFORE); - String renew_grace_after_s = getConfig(CONFIG_RENEW_GRACE_AFTER); - return CMS.getUserMessage(locale, "CMS_PROFILE_CONSTRAINT_VALIDITY_TEXT", - renew_grace_before_s + " days before and " + - renew_grace_after_s + " days after original cert expiration date"); - } - - public boolean isApplicable(IPolicyDefault def) { - if (def instanceof NoDefault) - return true; - return false; - } -} |