diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java | 319 |
1 files changed, 154 insertions, 165 deletions
diff --git a/pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java index f6ddd9153..367e83c28 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.profile.def; - import java.io.IOException; import java.util.Enumeration; import java.util.Locale; @@ -41,25 +40,22 @@ import com.netscape.certsrv.property.EPropertyException; import com.netscape.certsrv.property.IDescriptor; import com.netscape.certsrv.request.IRequest; - /** - * This class implements an enrollment default policy - * that populates a name constraint extension - * into the certificate template. - * + * This class implements an enrollment default policy that populates a name + * constraint extension into the certificate template. + * * @version $Revision$, $Date$ */ public class NameConstraintsExtDefault extends EnrollExtDefault { public static final String CONFIG_CRITICAL = "nameConstraintsCritical"; - public static final String CONFIG_NUM_PERMITTED_SUBTREES = - "nameConstraintsNumPermittedSubtrees"; + public static final String CONFIG_NUM_PERMITTED_SUBTREES = "nameConstraintsNumPermittedSubtrees"; public static final String CONFIG_PERMITTED_MIN_VAL = "nameConstraintsPermittedSubtreeMinValue_"; public static final String CONFIG_PERMITTED_MAX_VAL = "nameConstraintsPermittedSubtreeMaxValue_"; public static final String CONFIG_PERMITTED_NAME_CHOICE = "nameConstraintsPermittedSubtreeNameChoice_"; public static final String CONFIG_PERMITTED_NAME_VAL = "nameConstraintsPermittedSubtreeNameValue_"; public static final String CONFIG_PERMITTED_ENABLE = "nameConstraintsPermittedSubtreeEnable_"; - + public static final String CONFIG_NUM_EXCLUDED_SUBTREES = "nameConstraintsNumExcludedSubtrees"; public static final String CONFIG_EXCLUDED_MIN_VAL = "nameConstraintsExcludedSubtreeMinValue_"; public static final String CONFIG_EXCLUDED_MAX_VAL = "nameConstraintsExcludedSubtreeMaxValue_"; @@ -87,7 +83,7 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { } public void init(IProfile profile, IConfigStore config) - throws EProfileException { + throws EProfileException { super.init(profile, config); refreshConfigAndValueNames(); @@ -128,48 +124,48 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { return num; } - public void setConfig(String name, String value) - throws EPropertyException { + public void setConfig(String name, String value) throws EPropertyException { int num = 0; if (name.equals(CONFIG_NUM_PERMITTED_SUBTREES)) { - try { - num = Integer.parseInt(value); + try { + num = Integer.parseInt(value); - if (num >= MAX_NUM_PERMITTED_SUBTREES || num < 0) { - throw new EPropertyException(CMS.getUserMessage( - "CMS_INVALID_PROPERTY", CONFIG_NUM_PERMITTED_SUBTREES)); - } + if (num >= MAX_NUM_PERMITTED_SUBTREES || num < 0) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", + CONFIG_NUM_PERMITTED_SUBTREES)); + } - } catch (Exception e) { + } catch (Exception e) { throw new EPropertyException(CMS.getUserMessage( - "CMS_INVALID_PROPERTY", CONFIG_NUM_PERMITTED_SUBTREES)); - } - } else if(name.equals(CONFIG_NUM_EXCLUDED_SUBTREES)) { + "CMS_INVALID_PROPERTY", CONFIG_NUM_PERMITTED_SUBTREES)); + } + } else if (name.equals(CONFIG_NUM_EXCLUDED_SUBTREES)) { try { - num = Integer.parseInt(value); + num = Integer.parseInt(value); - if (num >= MAX_NUM_EXCLUDED_SUBTREES || num < 0) { - throw new EPropertyException(CMS.getUserMessage( - "CMS_INVALID_PROPERTY", CONFIG_NUM_EXCLUDED_SUBTREES)); - } + if (num >= MAX_NUM_EXCLUDED_SUBTREES || num < 0) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", + CONFIG_NUM_EXCLUDED_SUBTREES)); + } - } catch (Exception e) { + } catch (Exception e) { throw new EPropertyException(CMS.getUserMessage( - "CMS_INVALID_PROPERTY", CONFIG_NUM_EXCLUDED_SUBTREES)); - } + "CMS_INVALID_PROPERTY", CONFIG_NUM_EXCLUDED_SUBTREES)); + } } super.setConfig(name, value); } - public Enumeration getConfigNames() { refreshConfigAndValueNames(); return super.getConfigNames(); } protected void refreshConfigAndValueNames() { - //refesh our config name list + // refesh our config name list super.refreshConfigAndValueNames(); @@ -203,119 +199,112 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { } - - public IDescriptor getConfigDescriptor(Locale locale, String name) { + public IDescriptor getConfigDescriptor(Locale locale, String name) { if (name.equals(CONFIG_CRITICAL)) { - return new Descriptor(IDescriptor.BOOLEAN, null, - "false", + return new Descriptor(IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_CRITICAL")); } else if (name.startsWith(CONFIG_PERMITTED_MIN_VAL)) { - return new Descriptor(IDescriptor.STRING, null, - null, + return new Descriptor(IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_PERMITTED_MIN_VAL")); } else if (name.startsWith(CONFIG_PERMITTED_MAX_VAL)) { - return new Descriptor(IDescriptor.STRING, null, - null, + return new Descriptor(IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_PERMITTED_MAX_VAL")); } else if (name.startsWith(CONFIG_PERMITTED_NAME_CHOICE)) { - return new Descriptor(IDescriptor.STRING, null, - null, - CMS.getUserMessage(locale, "CMS_PROFILE_PERMITTED_NAME_CHOICE")); + return new Descriptor(IDescriptor.STRING, null, null, + CMS.getUserMessage(locale, + "CMS_PROFILE_PERMITTED_NAME_CHOICE")); } else if (name.startsWith(CONFIG_PERMITTED_NAME_VAL)) { - return new Descriptor(IDescriptor.STRING, null, + return new Descriptor( + IDescriptor.STRING, + null, null, CMS.getUserMessage(locale, "CMS_PROFILE_PERMITTED_NAME_VAL")); } else if (name.startsWith(CONFIG_PERMITTED_ENABLE)) { - return new Descriptor(IDescriptor.BOOLEAN, null, - "false", + return new Descriptor(IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_ENABLE")); } else if (name.startsWith(CONFIG_EXCLUDED_MIN_VAL)) { - return new Descriptor(IDescriptor.STRING, null, - null, + return new Descriptor(IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_EXCLUDED_MIN_VAL")); } else if (name.startsWith(CONFIG_EXCLUDED_MAX_VAL)) { - return new Descriptor(IDescriptor.STRING, null, - null, + return new Descriptor(IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_EXCLUDED_MAX_VAL")); } else if (name.startsWith(CONFIG_EXCLUDED_NAME_CHOICE)) { - return new Descriptor(IDescriptor.STRING, null, - null, - CMS.getUserMessage(locale, "CMS_PROFILE_EXCLUDED_NAME_CHOICE")); + return new Descriptor(IDescriptor.STRING, null, null, + CMS.getUserMessage(locale, + "CMS_PROFILE_EXCLUDED_NAME_CHOICE")); } else if (name.startsWith(CONFIG_EXCLUDED_NAME_VAL)) { - return new Descriptor(IDescriptor.STRING, null, - null, + return new Descriptor(IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_EXCLUDED_NAME_VAL")); } else if (name.startsWith(CONFIG_EXCLUDED_ENABLE)) { - return new Descriptor(IDescriptor.BOOLEAN, null, - "false", + return new Descriptor(IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_ENABLE")); } else if (name.startsWith(CONFIG_NUM_EXCLUDED_SUBTREES)) { - return new Descriptor(IDescriptor.INTEGER, null, - "1", - CMS.getUserMessage(locale, "CMS_PROFILE_NUM_EXCLUDED_SUBTREES")); + return new Descriptor(IDescriptor.INTEGER, null, "1", + CMS.getUserMessage(locale, + "CMS_PROFILE_NUM_EXCLUDED_SUBTREES")); } else if (name.startsWith(CONFIG_NUM_PERMITTED_SUBTREES)) { - return new Descriptor(IDescriptor.INTEGER, null, - "1", - CMS.getUserMessage(locale, "CMS_PROFILE_NUM_PERMITTED_SUBTREES")); + return new Descriptor(IDescriptor.INTEGER, null, "1", + CMS.getUserMessage(locale, + "CMS_PROFILE_NUM_PERMITTED_SUBTREES")); } return null; } public IDescriptor getValueDescriptor(Locale locale, String name) { if (name.equals(VAL_CRITICAL)) { - return new Descriptor(IDescriptor.BOOLEAN, null, - "false", + return new Descriptor(IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_CRITICAL")); } else if (name.equals(VAL_PERMITTED_SUBTREES)) { - return new Descriptor(IDescriptor.STRING_LIST, null, + return new Descriptor( + IDescriptor.STRING_LIST, + null, null, CMS.getUserMessage(locale, "CMS_PROFILE_PERMITTED_SUBTREES")); } else if (name.equals(VAL_EXCLUDED_SUBTREES)) { - return new Descriptor(IDescriptor.STRING_LIST, null, - null, + return new Descriptor(IDescriptor.STRING_LIST, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_EXCLUDED_SUBTREES")); } else { return null; } } - public void setValue(String name, Locale locale, - X509CertInfo info, String value) - throws EPropertyException { + public void setValue(String name, Locale locale, X509CertInfo info, + String value) throws EPropertyException { try { NameConstraintsExtension ext = null; - if (name == null) { - throw new EPropertyException(CMS.getUserMessage( - locale, "CMS_INVALID_PROPERTY", name)); + if (name == null) { + throw new EPropertyException(CMS.getUserMessage(locale, + "CMS_INVALID_PROPERTY", name)); } - ext = (NameConstraintsExtension) - getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); + ext = (NameConstraintsExtension) getExtension( + PKIXExtensions.NameConstraints_Id.toString(), info); - if(ext == null) { - populate(null,info); + if (ext == null) { + populate(null, info); } if (name.equals(VAL_CRITICAL)) { - ext = (NameConstraintsExtension) - getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); + ext = (NameConstraintsExtension) getExtension( + PKIXExtensions.NameConstraints_Id.toString(), info); boolean val = Boolean.valueOf(value).booleanValue(); - if(ext == null) { + if (ext == null) { return; } - ext.setCritical(val); - } else if (name.equals(VAL_PERMITTED_SUBTREES)) { - ext = (NameConstraintsExtension) - getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); + ext.setCritical(val); + } else if (name.equals(VAL_PERMITTED_SUBTREES)) { + ext = (NameConstraintsExtension) getExtension( + PKIXExtensions.NameConstraints_Id.toString(), info); - if(ext == null) { + if (ext == null) { return; } - if ((value == null) || (value.equals("null")) || (value.equals(""))) { - CMS.debug("NameConstraintsExtDefault:setValue : " + - "blank value for permitted subtrees ... returning"); + if ((value == null) || (value.equals("null")) + || (value.equals(""))) { + CMS.debug("NameConstraintsExtDefault:setValue : " + + "blank value for permitted subtrees ... returning"); return; } @@ -323,44 +312,47 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { Vector permittedSubtrees = createSubtrees(locale, v); - ext.set(NameConstraintsExtension.PERMITTED_SUBTREES, - new GeneralSubtrees(permittedSubtrees)); + ext.set(NameConstraintsExtension.PERMITTED_SUBTREES, + new GeneralSubtrees(permittedSubtrees)); } else if (name.equals(VAL_EXCLUDED_SUBTREES)) { - ext = (NameConstraintsExtension) - getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); + ext = (NameConstraintsExtension) getExtension( + PKIXExtensions.NameConstraints_Id.toString(), info); - if(ext == null) { + if (ext == null) { return; } - if ((value == null) || (value.equals("null")) || (value.equals(""))) { - CMS.debug("NameConstraintsExtDefault:setValue : " + - "blank value for excluded subtrees ... returning"); + if ((value == null) || (value.equals("null")) + || (value.equals(""))) { + CMS.debug("NameConstraintsExtDefault:setValue : " + + "blank value for excluded subtrees ... returning"); return; } Vector v = parseRecords(value); Vector excludedSubtrees = createSubtrees(locale, v); - ext.set(NameConstraintsExtension.EXCLUDED_SUBTREES, - new GeneralSubtrees(excludedSubtrees)); + ext.set(NameConstraintsExtension.EXCLUDED_SUBTREES, + new GeneralSubtrees(excludedSubtrees)); } else { - throw new EPropertyException(CMS.getUserMessage( - locale, "CMS_INVALID_PROPERTY", name)); + throw new EPropertyException(CMS.getUserMessage(locale, + "CMS_INVALID_PROPERTY", name)); } - replaceExtension(PKIXExtensions.NameConstraints_Id.toString(), ext, info); + replaceExtension(PKIXExtensions.NameConstraints_Id.toString(), ext, + info); } catch (IOException e) { CMS.debug("NameConstraintsExtDefault: setValue " + e.toString()); - throw new EPropertyException(CMS.getUserMessage( - locale, "CMS_INVALID_PROPERTY", name)); + throw new EPropertyException(CMS.getUserMessage(locale, + "CMS_INVALID_PROPERTY", name)); } catch (EProfileException e) { CMS.debug("NameConstraintsExtDefault: setValue " + e.toString()); - throw new EPropertyException(CMS.getUserMessage( - locale, "CMS_INVALID_PROPERTY", name)); + throw new EPropertyException(CMS.getUserMessage(locale, + "CMS_INVALID_PROPERTY", name)); } } - private Vector createSubtrees(Locale locale, Vector v) throws EPropertyException { + private Vector createSubtrees(Locale locale, Vector v) + throws EPropertyException { int size = v.size(); String choice = null; String val = ""; @@ -385,16 +377,16 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { } else if (name1.equals(MAX_VALUE)) { maxS = nvps.getValue(name1); } - } + } if (choice == null || choice.length() == 0) { throw new EPropertyException(CMS.getUserMessage(locale, - "CMS_PROFILE_GENERAL_NAME_NOT_FOUND")); + "CMS_PROFILE_GENERAL_NAME_NOT_FOUND")); } - + if (val == null) val = ""; - + int min = 0; int max = -1; @@ -409,53 +401,50 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { try { gnI = parseGeneralName(choice + ":" + val); } catch (IOException e) { - CMS.debug("NameConstraintsExtDefault: createSubtress " + - e.toString()); + CMS.debug("NameConstraintsExtDefault: createSubtress " + + e.toString()); } if (gnI != null) { gn = new GeneralName(gnI); } else { throw new EPropertyException(CMS.getUserMessage(locale, - "CMS_PROFILE_GENERAL_NAME_NOT_FOUND")); + "CMS_PROFILE_GENERAL_NAME_NOT_FOUND")); } - GeneralSubtree subtree = new GeneralSubtree( - gn, min, max); + GeneralSubtree subtree = new GeneralSubtree(gn, min, max); subtrees.addElement(subtree); - } + } return subtrees; } - public String getValue(String name, Locale locale, - X509CertInfo info) - throws EPropertyException { + public String getValue(String name, Locale locale, X509CertInfo info) + throws EPropertyException { NameConstraintsExtension ext = null; if (name == null) { - throw new EPropertyException(CMS.getUserMessage( - locale, "CMS_INVALID_PROPERTY", name)); + throw new EPropertyException(CMS.getUserMessage(locale, + "CMS_INVALID_PROPERTY", name)); } - ext = (NameConstraintsExtension) - getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); + ext = (NameConstraintsExtension) getExtension( + PKIXExtensions.NameConstraints_Id.toString(), info); - if(ext == null) - { + if (ext == null) { try { - populate(null,info); + populate(null, info); } catch (EProfileException e) { - throw new EPropertyException(CMS.getUserMessage( - locale, "CMS_INVALID_PROPERTY", name)); + throw new EPropertyException(CMS.getUserMessage(locale, + "CMS_INVALID_PROPERTY", name)); } } if (name.equals(VAL_CRITICAL)) { - ext = (NameConstraintsExtension) - getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); + ext = (NameConstraintsExtension) getExtension( + PKIXExtensions.NameConstraints_Id.toString(), info); if (ext == null) { return null; @@ -465,9 +454,9 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { } else { return "false"; } - } else if (name.equals(VAL_PERMITTED_SUBTREES)) { - ext = (NameConstraintsExtension) - getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); + } else if (name.equals(VAL_PERMITTED_SUBTREES)) { + ext = (NameConstraintsExtension) getExtension( + PKIXExtensions.NameConstraints_Id.toString(), info); if (ext == null) return ""; @@ -475,21 +464,21 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { GeneralSubtrees subtrees = null; try { - subtrees = (GeneralSubtrees) - ext.get(NameConstraintsExtension.PERMITTED_SUBTREES); + subtrees = (GeneralSubtrees) ext + .get(NameConstraintsExtension.PERMITTED_SUBTREES); } catch (IOException e) { CMS.debug("NameConstraintExtDefault: getValue " + e.toString()); } - if( subtrees == null ) { - CMS.debug( "NameConstraintsExtDefault::getValue() VAL_PERMITTED_SUBTREES is null!" ); - throw new EPropertyException( "subtrees is null" ); + if (subtrees == null) { + CMS.debug("NameConstraintsExtDefault::getValue() VAL_PERMITTED_SUBTREES is null!"); + throw new EPropertyException("subtrees is null"); } return getSubtreesInfo(ext, subtrees); - } else if (name.equals(VAL_EXCLUDED_SUBTREES)) { - ext = (NameConstraintsExtension) - getExtension(PKIXExtensions.NameConstraints_Id.toString(), info); + } else if (name.equals(VAL_EXCLUDED_SUBTREES)) { + ext = (NameConstraintsExtension) getExtension( + PKIXExtensions.NameConstraints_Id.toString(), info); if (ext == null) return ""; @@ -497,26 +486,26 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { GeneralSubtrees subtrees = null; try { - subtrees = (GeneralSubtrees) - ext.get(NameConstraintsExtension.EXCLUDED_SUBTREES); + subtrees = (GeneralSubtrees) ext + .get(NameConstraintsExtension.EXCLUDED_SUBTREES); } catch (IOException e) { CMS.debug("NameConstraintExtDefault: getValue " + e.toString()); } - if( subtrees == null ) { - CMS.debug( "NameConstraintsExtDefault::getValue() VAL_EXCLUDED_SUBTREES is null!" ); - throw new EPropertyException( "subtrees is null" ); + if (subtrees == null) { + CMS.debug("NameConstraintsExtDefault::getValue() VAL_EXCLUDED_SUBTREES is null!"); + throw new EPropertyException("subtrees is null"); } return getSubtreesInfo(ext, subtrees); } else { - throw new EPropertyException(CMS.getUserMessage( - locale, "CMS_INVALID_PROPERTY", name)); + throw new EPropertyException(CMS.getUserMessage(locale, + "CMS_INVALID_PROPERTY", name)); } } - private String getSubtreesInfo(NameConstraintsExtension ext, - GeneralSubtrees subtrees) throws EPropertyException { + private String getSubtreesInfo(NameConstraintsExtension ext, + GeneralSubtrees subtrees) throws EPropertyException { Vector trees = subtrees.getSubtrees(); int size = trees.size(); @@ -526,8 +515,8 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { GeneralSubtree tree = (GeneralSubtree) trees.elementAt(i); GeneralName gn = tree.getGeneralName(); - String type = getGeneralNameType(gn); - int max = tree.getMaxValue(); + String type = getGeneralNameType(gn); + int max = tree.getMaxValue(); int min = tree.getMinValue(); NameValuePairs pairs = new NameValuePairs(); @@ -540,7 +529,7 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { recs.addElement(pairs); } - + return buildRecords(recs); } @@ -583,8 +572,8 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { sb.append(getConfig(CONFIG_EXCLUDED_MAX_VAL + i)); sb.append("}"); } - return CMS.getUserMessage(locale, - "CMS_PROFILE_DEF_NAME_CONSTRAINTS_EXT", + return CMS.getUserMessage(locale, + "CMS_PROFILE_DEF_NAME_CONSTRAINTS_EXT", getConfig(CONFIG_CRITICAL), sb.toString()); } @@ -592,14 +581,14 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { * Populates the request with this policy default. */ public void populate(IRequest request, X509CertInfo info) - throws EProfileException { + throws EProfileException { NameConstraintsExtension ext = createExtension(); addExtension(PKIXExtensions.NameConstraints_Id.toString(), ext, info); } public NameConstraintsExtension createExtension() { - NameConstraintsExtension ext = null; + NameConstraintsExtension ext = null; try { int num = getNumPermitted(); @@ -637,18 +626,18 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { } } - ext = new NameConstraintsExtension(critical, - new GeneralSubtrees(v), new GeneralSubtrees(v1)); + ext = new NameConstraintsExtension(critical, + new GeneralSubtrees(v), new GeneralSubtrees(v1)); } catch (Exception e) { - CMS.debug("NameConstraintsExtDefault: createExtension " + - e.toString()); + CMS.debug("NameConstraintsExtDefault: createExtension " + + e.toString()); } return ext; } - private GeneralSubtree createSubtree(String choice, String value, - String minS, String maxS) { + private GeneralSubtree createSubtree(String choice, String value, + String minS, String maxS) { GeneralName gn = null; GeneralNameInterface gnI = null; @@ -660,7 +649,7 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { if (gnI != null) gn = new GeneralName(gnI); else - //throw new EPropertyException("GeneralName must not be null"); + // throw new EPropertyException("GeneralName must not be null"); return null; int min = 0; |