diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java | 197 |
1 files changed, 96 insertions, 101 deletions
diff --git a/pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java index 065b30444..45db35767 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.profile.def; - import java.io.IOException; import java.util.Enumeration; import java.util.Locale; @@ -41,25 +40,24 @@ import com.netscape.certsrv.property.EPropertyException; import com.netscape.certsrv.property.IDescriptor; import com.netscape.certsrv.request.IRequest; - /** * This class implements an enrollment default policy * that populates a name constraint extension * into the certificate template. - * + * * @version $Revision$, $Date$ */ public class NameConstraintsExtDefault extends EnrollExtDefault { public static final String CONFIG_CRITICAL = "nameConstraintsCritical"; - public static final String CONFIG_NUM_PERMITTED_SUBTREES = - "nameConstraintsNumPermittedSubtrees"; + public static final String CONFIG_NUM_PERMITTED_SUBTREES = + "nameConstraintsNumPermittedSubtrees"; public static final String CONFIG_PERMITTED_MIN_VAL = "nameConstraintsPermittedSubtreeMinValue_"; public static final String CONFIG_PERMITTED_MAX_VAL = "nameConstraintsPermittedSubtreeMaxValue_"; public static final String CONFIG_PERMITTED_NAME_CHOICE = "nameConstraintsPermittedSubtreeNameChoice_"; public static final String CONFIG_PERMITTED_NAME_VAL = "nameConstraintsPermittedSubtreeNameValue_"; public static final String CONFIG_PERMITTED_ENABLE = "nameConstraintsPermittedSubtreeEnable_"; - + public static final String CONFIG_NUM_EXCLUDED_SUBTREES = "nameConstraintsNumExcludedSubtrees"; public static final String CONFIG_EXCLUDED_MIN_VAL = "nameConstraintsExcludedSubtreeMinValue_"; public static final String CONFIG_EXCLUDED_MAX_VAL = "nameConstraintsExcludedSubtreeMaxValue_"; @@ -87,7 +85,7 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { } public void init(IProfile profile, IConfigStore config) - throws EProfileException { + throws EProfileException { super.init(profile, config); refreshConfigAndValueNames(); @@ -128,41 +126,40 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { return num; } - public void setConfig(String name, String value) - throws EPropertyException { + public void setConfig(String name, String value) + throws EPropertyException { int num = 0; if (name.equals(CONFIG_NUM_PERMITTED_SUBTREES)) { - try { - num = Integer.parseInt(value); + try { + num = Integer.parseInt(value); - if (num >= MAX_NUM_PERMITTED_SUBTREES || num < 0) { - throw new EPropertyException(CMS.getUserMessage( + if (num >= MAX_NUM_PERMITTED_SUBTREES || num < 0) { + throw new EPropertyException(CMS.getUserMessage( "CMS_INVALID_PROPERTY", CONFIG_NUM_PERMITTED_SUBTREES)); - } + } - } catch (Exception e) { + } catch (Exception e) { throw new EPropertyException(CMS.getUserMessage( "CMS_INVALID_PROPERTY", CONFIG_NUM_PERMITTED_SUBTREES)); - } - } else if(name.equals(CONFIG_NUM_EXCLUDED_SUBTREES)) { + } + } else if (name.equals(CONFIG_NUM_EXCLUDED_SUBTREES)) { try { - num = Integer.parseInt(value); + num = Integer.parseInt(value); - if (num >= MAX_NUM_EXCLUDED_SUBTREES || num < 0) { - throw new EPropertyException(CMS.getUserMessage( + if (num >= MAX_NUM_EXCLUDED_SUBTREES || num < 0) { + throw new EPropertyException(CMS.getUserMessage( "CMS_INVALID_PROPERTY", CONFIG_NUM_EXCLUDED_SUBTREES)); - } + } - } catch (Exception e) { + } catch (Exception e) { throw new EPropertyException(CMS.getUserMessage( "CMS_INVALID_PROPERTY", CONFIG_NUM_EXCLUDED_SUBTREES)); - } + } } super.setConfig(name, value); } - public Enumeration<String> getConfigNames() { refreshConfigAndValueNames(); return super.getConfigNames(); @@ -203,50 +200,49 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { } - - public IDescriptor getConfigDescriptor(Locale locale, String name) { + public IDescriptor getConfigDescriptor(Locale locale, String name) { if (name.equals(CONFIG_CRITICAL)) { - return new Descriptor(IDescriptor.BOOLEAN, null, + return new Descriptor(IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_CRITICAL")); } else if (name.startsWith(CONFIG_PERMITTED_MIN_VAL)) { - return new Descriptor(IDescriptor.STRING, null, + return new Descriptor(IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_PERMITTED_MIN_VAL")); } else if (name.startsWith(CONFIG_PERMITTED_MAX_VAL)) { - return new Descriptor(IDescriptor.STRING, null, + return new Descriptor(IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_PERMITTED_MAX_VAL")); } else if (name.startsWith(CONFIG_PERMITTED_NAME_CHOICE)) { - return new Descriptor(IDescriptor.STRING, null, + return new Descriptor(IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_PERMITTED_NAME_CHOICE")); } else if (name.startsWith(CONFIG_PERMITTED_NAME_VAL)) { - return new Descriptor(IDescriptor.STRING, null, + return new Descriptor(IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_PERMITTED_NAME_VAL")); } else if (name.startsWith(CONFIG_PERMITTED_ENABLE)) { - return new Descriptor(IDescriptor.BOOLEAN, null, + return new Descriptor(IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_ENABLE")); } else if (name.startsWith(CONFIG_EXCLUDED_MIN_VAL)) { - return new Descriptor(IDescriptor.STRING, null, + return new Descriptor(IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_EXCLUDED_MIN_VAL")); } else if (name.startsWith(CONFIG_EXCLUDED_MAX_VAL)) { - return new Descriptor(IDescriptor.STRING, null, + return new Descriptor(IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_EXCLUDED_MAX_VAL")); } else if (name.startsWith(CONFIG_EXCLUDED_NAME_CHOICE)) { - return new Descriptor(IDescriptor.STRING, null, + return new Descriptor(IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_EXCLUDED_NAME_CHOICE")); } else if (name.startsWith(CONFIG_EXCLUDED_NAME_VAL)) { - return new Descriptor(IDescriptor.STRING, null, + return new Descriptor(IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_EXCLUDED_NAME_VAL")); } else if (name.startsWith(CONFIG_EXCLUDED_ENABLE)) { - return new Descriptor(IDescriptor.BOOLEAN, null, + return new Descriptor(IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_ENABLE")); } else if (name.startsWith(CONFIG_NUM_EXCLUDED_SUBTREES)) { @@ -255,23 +251,23 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { CMS.getUserMessage(locale, "CMS_PROFILE_NUM_EXCLUDED_SUBTREES")); } else if (name.startsWith(CONFIG_NUM_PERMITTED_SUBTREES)) { return new Descriptor(IDescriptor.INTEGER, null, - "1", - CMS.getUserMessage(locale, "CMS_PROFILE_NUM_PERMITTED_SUBTREES")); + "1", + CMS.getUserMessage(locale, "CMS_PROFILE_NUM_PERMITTED_SUBTREES")); } return null; } public IDescriptor getValueDescriptor(Locale locale, String name) { if (name.equals(VAL_CRITICAL)) { - return new Descriptor(IDescriptor.BOOLEAN, null, + return new Descriptor(IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_CRITICAL")); } else if (name.equals(VAL_PERMITTED_SUBTREES)) { - return new Descriptor(IDescriptor.STRING_LIST, null, + return new Descriptor(IDescriptor.STRING_LIST, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_PERMITTED_SUBTREES")); } else if (name.equals(VAL_EXCLUDED_SUBTREES)) { - return new Descriptor(IDescriptor.STRING_LIST, null, + return new Descriptor(IDescriptor.STRING_LIST, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_EXCLUDED_SUBTREES")); } else { @@ -280,21 +276,21 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { } public void setValue(String name, Locale locale, - X509CertInfo info, String value) - throws EPropertyException { + X509CertInfo info, String value) + throws EPropertyException { try { NameConstraintsExtension ext = null; - if (name == null) { - throw new EPropertyException(CMS.getUserMessage( + if (name == null) { + throw new EPropertyException(CMS.getUserMessage( locale, "CMS_INVALID_PROPERTY", name)); } ext = (NameConstraintsExtension) getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); - if(ext == null) { - populate(null,info); + if (ext == null) { + populate(null, info); } if (name.equals(VAL_CRITICAL)) { @@ -302,19 +298,19 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); boolean val = Boolean.valueOf(value).booleanValue(); - if(ext == null) { + if (ext == null) { return; } - ext.setCritical(val); - } else if (name.equals(VAL_PERMITTED_SUBTREES)) { + ext.setCritical(val); + } else if (name.equals(VAL_PERMITTED_SUBTREES)) { ext = (NameConstraintsExtension) getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); - if(ext == null) { + if (ext == null) { return; } if ((value == null) || (value.equals("null")) || (value.equals(""))) { - CMS.debug("NameConstraintsExtDefault:setValue : " + + CMS.debug("NameConstraintsExtDefault:setValue : " + "blank value for permitted subtrees ... returning"); return; } @@ -323,17 +319,17 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { Vector permittedSubtrees = createSubtrees(locale, v); - ext.set(NameConstraintsExtension.PERMITTED_SUBTREES, - new GeneralSubtrees(permittedSubtrees)); + ext.set(NameConstraintsExtension.PERMITTED_SUBTREES, + new GeneralSubtrees(permittedSubtrees)); } else if (name.equals(VAL_EXCLUDED_SUBTREES)) { ext = (NameConstraintsExtension) getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); - if(ext == null) { + if (ext == null) { return; } if ((value == null) || (value.equals("null")) || (value.equals(""))) { - CMS.debug("NameConstraintsExtDefault:setValue : " + + CMS.debug("NameConstraintsExtDefault:setValue : " + "blank value for excluded subtrees ... returning"); return; } @@ -341,21 +337,21 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { Vector excludedSubtrees = createSubtrees(locale, v); - ext.set(NameConstraintsExtension.EXCLUDED_SUBTREES, - new GeneralSubtrees(excludedSubtrees)); + ext.set(NameConstraintsExtension.EXCLUDED_SUBTREES, + new GeneralSubtrees(excludedSubtrees)); } else { - throw new EPropertyException(CMS.getUserMessage( + throw new EPropertyException(CMS.getUserMessage( locale, "CMS_INVALID_PROPERTY", name)); } replaceExtension(PKIXExtensions.NameConstraints_Id.toString(), ext, info); } catch (IOException e) { CMS.debug("NameConstraintsExtDefault: setValue " + e.toString()); - throw new EPropertyException(CMS.getUserMessage( + throw new EPropertyException(CMS.getUserMessage( locale, "CMS_INVALID_PROPERTY", name)); } catch (EProfileException e) { CMS.debug("NameConstraintsExtDefault: setValue " + e.toString()); - throw new EPropertyException(CMS.getUserMessage( + throw new EPropertyException(CMS.getUserMessage( locale, "CMS_INVALID_PROPERTY", name)); } } @@ -385,16 +381,16 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { } else if (name1.equals(MAX_VALUE)) { maxS = nvps.getValue(name1); } - } + } if (choice == null || choice.length() == 0) { throw new EPropertyException(CMS.getUserMessage(locale, "CMS_PROFILE_GENERAL_NAME_NOT_FOUND")); } - + if (val == null) val = ""; - + int min = 0; int max = -1; @@ -410,7 +406,7 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { gnI = parseGeneralName(choice + ":" + val); } catch (IOException e) { CMS.debug("NameConstraintsExtDefault: createSubtress " + - e.toString()); + e.toString()); } if (gnI != null) { @@ -423,32 +419,31 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { gn, min, max); subtrees.addElement(subtree); - } + } return subtrees; } public String getValue(String name, Locale locale, - X509CertInfo info) - throws EPropertyException { + X509CertInfo info) + throws EPropertyException { NameConstraintsExtension ext = null; if (name == null) { - throw new EPropertyException(CMS.getUserMessage( + throw new EPropertyException(CMS.getUserMessage( locale, "CMS_INVALID_PROPERTY", name)); } ext = (NameConstraintsExtension) - getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); + getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); - if(ext == null) - { + if (ext == null) { try { - populate(null,info); + populate(null, info); } catch (EProfileException e) { - throw new EPropertyException(CMS.getUserMessage( - locale, "CMS_INVALID_PROPERTY", name)); + throw new EPropertyException(CMS.getUserMessage( + locale, "CMS_INVALID_PROPERTY", name)); } } @@ -465,7 +460,7 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { } else { return "false"; } - } else if (name.equals(VAL_PERMITTED_SUBTREES)) { + } else if (name.equals(VAL_PERMITTED_SUBTREES)) { ext = (NameConstraintsExtension) getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); @@ -475,19 +470,19 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { GeneralSubtrees subtrees = null; try { - subtrees = (GeneralSubtrees) + subtrees = (GeneralSubtrees) ext.get(NameConstraintsExtension.PERMITTED_SUBTREES); } catch (IOException e) { CMS.debug("NameConstraintExtDefault: getValue " + e.toString()); } - if( subtrees == null ) { - CMS.debug( "NameConstraintsExtDefault::getValue() VAL_PERMITTED_SUBTREES is null!" ); - throw new EPropertyException( "subtrees is null" ); + if (subtrees == null) { + CMS.debug("NameConstraintsExtDefault::getValue() VAL_PERMITTED_SUBTREES is null!"); + throw new EPropertyException("subtrees is null"); } return getSubtreesInfo(ext, subtrees); - } else if (name.equals(VAL_EXCLUDED_SUBTREES)) { + } else if (name.equals(VAL_EXCLUDED_SUBTREES)) { ext = (NameConstraintsExtension) getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); @@ -497,26 +492,26 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { GeneralSubtrees subtrees = null; try { - subtrees = (GeneralSubtrees) + subtrees = (GeneralSubtrees) ext.get(NameConstraintsExtension.EXCLUDED_SUBTREES); } catch (IOException e) { CMS.debug("NameConstraintExtDefault: getValue " + e.toString()); } - if( subtrees == null ) { - CMS.debug( "NameConstraintsExtDefault::getValue() VAL_EXCLUDED_SUBTREES is null!" ); - throw new EPropertyException( "subtrees is null" ); + if (subtrees == null) { + CMS.debug("NameConstraintsExtDefault::getValue() VAL_EXCLUDED_SUBTREES is null!"); + throw new EPropertyException("subtrees is null"); } return getSubtreesInfo(ext, subtrees); } else { - throw new EPropertyException(CMS.getUserMessage( + throw new EPropertyException(CMS.getUserMessage( locale, "CMS_INVALID_PROPERTY", name)); } } - private String getSubtreesInfo(NameConstraintsExtension ext, - GeneralSubtrees subtrees) throws EPropertyException { + private String getSubtreesInfo(NameConstraintsExtension ext, + GeneralSubtrees subtrees) throws EPropertyException { Vector trees = subtrees.getSubtrees(); int size = trees.size(); @@ -526,8 +521,8 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { GeneralSubtree tree = (GeneralSubtree) trees.elementAt(i); GeneralName gn = tree.getGeneralName(); - String type = getGeneralNameType(gn); - int max = tree.getMaxValue(); + String type = getGeneralNameType(gn); + int max = tree.getMaxValue(); int min = tree.getMinValue(); NameValuePairs pairs = new NameValuePairs(); @@ -540,7 +535,7 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { recs.addElement(pairs); } - + return buildRecords(recs); } @@ -583,8 +578,8 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { sb.append(getConfig(CONFIG_EXCLUDED_MAX_VAL + i)); sb.append("}"); } - return CMS.getUserMessage(locale, - "CMS_PROFILE_DEF_NAME_CONSTRAINTS_EXT", + return CMS.getUserMessage(locale, + "CMS_PROFILE_DEF_NAME_CONSTRAINTS_EXT", getConfig(CONFIG_CRITICAL), sb.toString()); } @@ -592,14 +587,14 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { * Populates the request with this policy default. */ public void populate(IRequest request, X509CertInfo info) - throws EProfileException { + throws EProfileException { NameConstraintsExtension ext = createExtension(); addExtension(PKIXExtensions.NameConstraints_Id.toString(), ext, info); } public NameConstraintsExtension createExtension() { - NameConstraintsExtension ext = null; + NameConstraintsExtension ext = null; try { int num = getNumPermitted(); @@ -637,18 +632,18 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { } } - ext = new NameConstraintsExtension(critical, + ext = new NameConstraintsExtension(critical, new GeneralSubtrees(v), new GeneralSubtrees(v1)); } catch (Exception e) { - CMS.debug("NameConstraintsExtDefault: createExtension " + - e.toString()); + CMS.debug("NameConstraintsExtDefault: createExtension " + + e.toString()); } return ext; } - private GeneralSubtree createSubtree(String choice, String value, - String minS, String maxS) { + private GeneralSubtree createSubtree(String choice, String value, + String minS, String maxS) { GeneralName gn = null; GeneralNameInterface gnI = null; |