diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/publish/mappers/AVAPattern.java')
| -rw-r--r-- | pki/base/common/src/com/netscape/cms/publish/mappers/AVAPattern.java | 334 |
1 files changed, 177 insertions, 157 deletions
diff --git a/pki/base/common/src/com/netscape/cms/publish/mappers/AVAPattern.java b/pki/base/common/src/com/netscape/cms/publish/mappers/AVAPattern.java index b3305d4d8..9f337cbb4 100644 --- a/pki/base/common/src/com/netscape/cms/publish/mappers/AVAPattern.java +++ b/pki/base/common/src/com/netscape/cms/publish/mappers/AVAPattern.java @@ -20,6 +20,7 @@ package com.netscape.cms.publish.mappers; + /////////////////////// // import statements // /////////////////////// @@ -47,24 +48,24 @@ import com.netscape.certsrv.ldap.ELdapException; import com.netscape.certsrv.publish.ECompSyntaxErr; import com.netscape.certsrv.request.IRequest; + ////////////////////// // class definition // ////////////////////// /** - * avaPattern is a string representing an ldap attribute formulated from the - * certificate subject name, extension or request attributes. + * avaPattern is a string representing an ldap + * attribute formulated from the certificate + * subject name, extension or request attributes. * <p> * - * The syntax is - * + * The syntax is * <pre> * avaPattern := constant-value | * "$subj" "." attrName [ "." attrNumber ] | * "$req" "." [ prefix .] attrName [ "." attrNumber ] | - * "$ext" "." extName [ "." nameType ] [ "." attrNumber ] + * "$ext" "." extName [ "." nameType ] [ "." attrNumber ] * </pre> - * * <pre> * Example: <i>$ext.SubjectAlternativeName.RFC822Name.1</i> * cert subjectAltName is rfc822Name: jjames@mcom.com @@ -75,16 +76,15 @@ import com.netscape.certsrv.request.IRequest; * The first rfc822name value in the subjAltName extension. <br> * <p> * </pre> - * - * If a request attribute or subject DN component does not exist, the attribute - * is skipped. - * + * If a request attribute or subject DN component does not exist, + * the attribute is skipped. + * * @version $Revision$, $Date$ */ class AVAPattern { - // ////////////// + //////////////// // parameters // - // ////////////// + //////////////// /* the value type of the dn component */ public static final String TYPE_REQ = "$req"; @@ -92,31 +92,37 @@ class AVAPattern { public static final String TYPE_EXT = "$ext"; public static final String TYPE_CONSTANT = "constant"; - public static final String[] GENERAL_NAME_TYPE = { "ANY", "RFC822Name", - "DNSName", "X400Name", "DIRECTORYName", "EDIName", "URIName", - "IPAddress", "OIDName" }; + public static final String[] GENERAL_NAME_TYPE = { "ANY", + "RFC822Name", + "DNSName", + "X400Name", + "DIRECTORYName", + "EDIName", + "URIName", + "IPAddress", + "OIDName"}; private static final char[] endChars = new char[] { '+', ',' }; - private static final LdapV3DNStrConverter mLdapDNStrConverter = new LdapV3DNStrConverter(); + private static final LdapV3DNStrConverter mLdapDNStrConverter = + new LdapV3DNStrConverter(); - /* the list of request attributes needed by this AVA */ + /* the list of request attributes needed by this AVA */ protected String[] mReqAttrs = null; - /* the list of cert attributes needed by this AVA */ + /* the list of cert attributes needed by this AVA*/ protected String[] mCertAttrs = null; /* value type */ protected String mType = null; - /* - * value - could be name of a request attribute or cert subject attribute or - * extension name. + /* value - could be name of a request attribute or + * cert subject attribute or extension name. */ protected String mValue = null; - /* - * value type - general name type of an extension attribute if any. + /* value type - general name type of an + * extension attribute if any. */ protected String mGNType = null; @@ -128,108 +134,107 @@ class AVAPattern { protected String mTestDN = null; - // /////////// + ///////////// // methods // - // /////////// + ///////////// - public AVAPattern(String component) throws ELdapException { + public AVAPattern(String component) + throws ELdapException { if (component == null || component.length() == 0) { - throw new ECompSyntaxErr(CMS.getUserMessage( - "CMS_AUTHENTICATION_COMPONENT_SYNTAX", component)); + throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX", component)); } parse(new PushbackReader(new StringReader(component))); } - public AVAPattern(PushbackReader in) throws ELdapException { + public AVAPattern(PushbackReader in) + throws ELdapException { parse(in); } - private void parse(PushbackReader in) throws ELdapException { + private void parse(PushbackReader in) + throws ELdapException { int c; // skip spaces - // System.out.println("============ AVAPattern Begin ==========="); - // System.out.println("skip spaces"); + //System.out.println("============ AVAPattern Begin ==========="); + //System.out.println("skip spaces"); try { - while ((c = in.read()) == ' ' || c == '\t') {// System.out.println("spaces read "+(char)c); + while ((c = in.read()) == ' ' || c == '\t') {//System.out.println("spaces read "+(char)c); ; } } catch (IOException e) { - throw new ECompSyntaxErr(CMS.getUserMessage( - "CMS_AUTHENTICATION_COMPONENT_SYNTAX", "All blank")); + throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX", "All blank")); } - if (c == -1) { - throw new ECompSyntaxErr(CMS.getUserMessage( - "CMS_AUTHENTICATION_COMPONENT_SYNTAX", "All blank")); + if (c == -1) { + throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX", "All blank")); } if (c == '$') { - // check for $subj $ext or $req + // check for $subj $ext or $req try { c = in.read(); } catch (IOException e) { - throw new ELdapException(CMS.getUserMessage( - "CMS_LDAP_INTERNAL_ERROR", e.toString())); + throw new ELdapException( + CMS.getUserMessage("CMS_LDAP_INTERNAL_ERROR", e.toString())); } if (c == -1) { - throw new ECompSyntaxErr(CMS.getUserMessage( - "CMS_AUTHENTICATION_COMPONENT_SYNTAX", - "expecting $subj $ext or $req in ava pattern")); + throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX", + "expecting $subj $ext or $req in ava pattern")); } if (c == 'r') { try { - if (in.read() != 'e' || in.read() != 'q' - || in.read() != '.') { - throw new ECompSyntaxErr(CMS.getUserMessage( - "CMS_AUTHENTICATION_COMPONENT_SYNTAX", - "expecting $req in ava pattern")); + if (in.read() != 'e' || + in.read() != 'q' || + in.read() != '.') { + throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX", + "expecting $req in ava pattern")); } } catch (IOException e) { - throw new ELdapException(CMS.getUserMessage( - "CMS_LDAP_INTERNAL_ERROR", e.toString())); + throw new ELdapException( + CMS.getUserMessage("CMS_LDAP_INTERNAL_ERROR", e.toString())); } mType = TYPE_REQ; - // System.out.println("---- mtype $req"); + //System.out.println("---- mtype $req"); } else if (c == 's') { try { - if (in.read() != 'u' || in.read() != 'b' - || in.read() != 'j' || in.read() != '.') { - throw new ECompSyntaxErr(CMS.getUserMessage( - "CMS_AUTHENTICATION_COMPONENT_SYNTAX", - "expecting $subj in ava pattern")); + if (in.read() != 'u' || + in.read() != 'b' || + in.read() != 'j' || + in.read() != '.') { + throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX", + "expecting $subj in ava pattern")); } } catch (IOException e) { - throw new ELdapException(CMS.getUserMessage( - "CMS_LDAP_INTERNAL_ERROR", e.toString())); + throw new ELdapException( + CMS.getUserMessage("CMS_LDAP_INTERNAL_ERROR", e.toString())); } mType = TYPE_SUBJ; - // System.out.println("----- mtype $subj"); + //System.out.println("----- mtype $subj"); } else if (c == 'e') { try { - if (in.read() != 'x' || in.read() != 't' - || in.read() != '.') { - throw new ECompSyntaxErr(CMS.getUserMessage( - "CMS_AUTHENTICATION_COMPONENT_SYNTAX", - "expecting $ext in ava pattern")); + if (in.read() != 'x' || + in.read() != 't' || + in.read() != '.') { + throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX", + "expecting $ext in ava pattern")); } } catch (IOException e) { - throw new ELdapException(CMS.getUserMessage( - "CMS_LDAP_INTERNAL_ERROR", e.toString())); + throw new ELdapException( + CMS.getUserMessage("CMS_LDAP_INTERNAL_ERROR", e.toString())); } mType = TYPE_EXT; - // System.out.println("----- mtype $ext"); + //System.out.println("----- mtype $ext"); } else { - throw new ECompSyntaxErr(CMS.getUserMessage( - "CMS_AUTHENTICATION_COMPONENT_SYNTAX", - "unknown keyword. expecting $subj $ext or $req.")); + throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX", + "unknown keyword. expecting $subj $ext or $req.")); } // get request attribute or @@ -239,27 +244,26 @@ class AVAPattern { StringBuffer valueBuf = new StringBuffer(); try { - while ((c = in.read()) != ',' && c != -1 && c != '.' - && c != '+') { - // System.out.println("mValue read "+(char)c); + while ((c = in.read()) != ',' && + c != -1 && c != '.' && c != '+') { + //System.out.println("mValue read "+(char)c); valueBuf.append((char) c); } if (c == '+' || c == ',') { // either ',' or '+' - in.unread(c); // pushback last , or + + in.unread(c); // pushback last , or + } } catch (IOException e) { - throw new ELdapException(CMS.getUserMessage( - "CMS_LDAP_INTERNAL_ERROR", e.toString())); + throw new ELdapException( + CMS.getUserMessage("CMS_LDAP_INTERNAL_ERROR", e.toString())); } mValue = valueBuf.toString().trim(); - if (mValue.length() == 0) { - throw new ECompSyntaxErr(CMS.getUserMessage( - "CMS_AUTHENTICATION_COMPONENT_SYNTAX", - "$subj $ext or $req attribute name expected")); + if (mValue.length() == 0) { + throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX", + "$subj $ext or $req attribute name expected")); } - // System.out.println("----- mValue "+mValue); + //System.out.println("----- mValue "+mValue); // get nth dn xxx not nth request attribute . if (c == '.') { @@ -267,25 +271,24 @@ class AVAPattern { try { while ((c = in.read()) != ',' && c != -1 && c != '.' - && c != '+') { - // System.out.println("mElement read "+(char)c); + && c != '+') { + //System.out.println("mElement read "+(char)c); attrNumberBuf.append((char) c); } - if (c == ',' || c == '+') { // either ',' or '+' - in.unread(c); // pushback last , or + + if (c == ',' || c == '+') { // either ',' or '+' + in.unread(c); // pushback last , or + } } catch (IOException e) { - throw new ELdapException(CMS.getUserMessage( - "CMS_LDAP_INTERNAL_ERROR", e.toString())); + throw new ELdapException( + CMS.getUserMessage("CMS_LDAP_INTERNAL_ERROR", e.toString())); } String attrNumber = attrNumberBuf.toString().trim(); if (attrNumber.length() == 0) { - throw new ECompSyntaxErr(CMS.getUserMessage( - "CMS_AUTHENTICATION_COMPONENT_SYNTAX", - "nth element $req $ext or $subj expected")); + throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX", + "nth element $req $ext or $subj expected")); } try { @@ -298,10 +301,9 @@ class AVAPattern { } else if (TYPE_EXT.equals(mType)) { mGNType = attrNumber; } else { - throw new ECompSyntaxErr(CMS.getUserMessage( - "CMS_AUTHENTICATION_COMPONENT_SYNTAX", - "Invalid format in nth element " - + "$req $ext or $subj")); + throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX", + "Invalid format in nth element " + + "$req $ext or $subj")); } // get nth request attribute . @@ -309,46 +311,44 @@ class AVAPattern { StringBuffer attrNumberBuf1 = new StringBuffer(); try { - while ((c = in.read()) != ',' && c != -1 - && c != '+') { - // System.out.println("mElement read "+ - // (char)c); + while ((c = in.read()) != ',' && + c != -1 && c != '+') { + //System.out.println("mElement read "+ + // (char)c); attrNumberBuf1.append((char) c); } - if (c != -1) { // either ',' or '+' - in.unread(c); // pushback last , or + + if (c != -1) { // either ',' or '+' + in.unread(c); // pushback last , or + } } catch (IOException ex) { - throw new ELdapException(CMS.getUserMessage( - "CMS_LDAP_INTERNAL_ERROR", ex.toString())); + throw new ELdapException( + CMS.getUserMessage("CMS_LDAP_INTERNAL_ERROR", ex.toString())); } - String attrNumber1 = attrNumberBuf1.toString().trim(); + String attrNumber1 = + attrNumberBuf1.toString().trim(); if (attrNumber1.length() == 0) { - throw new ECompSyntaxErr(CMS.getUserMessage( - "CMS_AUTHENTICATION_COMPONENT_SYNTAX", - "nth element $req or $ext expected")); + throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX", "nth element $req or $ext expected")); } - try { - mElement = Integer.parseInt(attrNumber1) - 1; + try { + mElement = Integer.parseInt(attrNumber1) - 1; } catch (NumberFormatException ex) { - throw new ECompSyntaxErr(CMS.getUserMessage( - "CMS_AUTHENTICATION_COMPONENT_SYNTAX", - "Invalid format in nth element " - + "$req or $ext.")); + throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX", + "Invalid format in nth element " + + "$req or $ext.")); } } } } - // System.out.println("----- mElement "+mElement); + //System.out.println("----- mElement "+mElement); } else { // value is constant. treat as regular ava. mType = TYPE_CONSTANT; - // parse ava value. + // parse ava value. StringBuffer valueBuf = new StringBuffer(); valueBuf.append((char) c); @@ -360,26 +360,31 @@ class AVAPattern { } if (c == '+' || c == ',') { // either ',' or '+' - in.unread(c); // pushback last , or + + in.unread(c); // pushback last , or + } } catch (IOException e) { - throw new ELdapException(CMS.getUserMessage( - "CMS_LDAP_INTERNAL_ERROR", e.toString())); + throw new ELdapException( + CMS.getUserMessage("CMS_LDAP_INTERNAL_ERROR", e.toString())); } mValue = valueBuf.toString().trim(); - /* - * try { AVA ava = mLdapDNStrConverter.parseAVA( - * valueBuf.toString()); mValue = ava.toLdapDNString(); - * //System.out.println("----- mValue "+mValue); } catch - * (IOException e) { throw new ECompSyntaxErr(e.toString()); } + /* try { + * AVA ava = mLdapDNStrConverter.parseAVA( + * valueBuf.toString()); + * mValue = ava.toLdapDNString(); + * //System.out.println("----- mValue "+mValue); + * } catch (IOException e) { + * throw new ECompSyntaxErr(e.toString()); + * } */ } } - public String formAVA(IRequest req, X500Name subject, - CertificateExtensions extensions) throws ELdapException { + public String formAVA(IRequest req, + X500Name subject, + CertificateExtensions extensions) + throws ELdapException { if (TYPE_CONSTANT.equals(mType)) { return mValue; } @@ -387,11 +392,11 @@ class AVAPattern { if (TYPE_SUBJ.equals(mType)) { String dn = subject.toString(); - if (mTestDN != null) { + if (mTestDN != null) { dn = mTestDN; } - // System.out.println("AVAPattern Using dn "+mTestDN); + //System.out.println("AVAPattern Using dn "+mTestDN); String[] rdns = LDAPDN.explodeDN(dn, false); String value = null; @@ -404,8 +409,8 @@ class AVAPattern { for (int j = 0; j < avas.length; j++) { String[] exploded = explodeAVA(avas[j]); - if (exploded[0].equalsIgnoreCase(mValue) - && ++nFound == mElement) { + if (exploded[0].equalsIgnoreCase(mValue) && + ++nFound == mElement) { value = exploded[1]; break; } @@ -424,9 +429,11 @@ class AVAPattern { if (extensions != null) { for (int i = 0; i < extensions.size(); i++) { - Extension ext = (Extension) extensions.elementAt(i); + Extension ext = (Extension) + extensions.elementAt(i); - String extName = OIDMap.getName(ext.getExtensionId()); + String extName = + OIDMap.getName(ext.getExtensionId()); int index = extName.lastIndexOf("."); @@ -438,11 +445,13 @@ class AVAPattern { // Check the extensions one by one. // For now, just give subjectAltName // as an example. - if (mValue - .equalsIgnoreCase(SubjectAlternativeNameExtension.NAME)) { + if (mValue.equalsIgnoreCase( + SubjectAlternativeNameExtension.NAME)) { try { - GeneralNames subjectNames = (GeneralNames) ((SubjectAlternativeNameExtension) ext) - .get(SubjectAlternativeNameExtension.SUBJECT_NAME); + GeneralNames subjectNames = (GeneralNames) + ((SubjectAlternativeNameExtension) + ext).get( + SubjectAlternativeNameExtension.SUBJECT_NAME); if (subjectNames.size() == 0) { break; @@ -450,11 +459,12 @@ class AVAPattern { int j = 0; - for (Enumeration n = subjectNames.elements(); n - .hasMoreElements();) { + for (Enumeration n = + subjectNames.elements(); + n.hasMoreElements();) { - GeneralName gn = (GeneralName) n - .nextElement(); + GeneralName gn = (GeneralName) + n.nextElement(); String gname = gn.toString(); @@ -464,13 +474,14 @@ class AVAPattern { break; } - String gType = gname.substring(0, index); + String gType = + gname.substring(0, index); if (mGNType != null) { if (mGNType.equalsIgnoreCase(gType)) { if (mElement == j) { - gname = gname - .substring(index + 2); + gname = + gname.substring(index + 2); return gname; } else { j++; @@ -478,25 +489,30 @@ class AVAPattern { } } else { if (mElement == j) { - gname = gname.substring(index + 2); + gname = + gname.substring(index + 2); return gname; } j++; } } - } catch (IOException e) { - CMS.debug("AVAPattern: Publishing attr not formed " - + "from extension " - + "-- no attr : " - + mValue); + } catch (IOException e) { + CMS.debug( + "AVAPattern: Publishing attr not formed " + + "from extension " + + "-- no attr : " + + mValue); } } } } } - CMS.debug("AVAPattern: Publishing:attr not formed " - + "from extension " + "-- no attr : " + mValue); + CMS.debug( + "AVAPattern: Publishing:attr not formed " + + "from extension " + + "-- no attr : " + + mValue); return null; } @@ -505,8 +521,9 @@ class AVAPattern { // mPrefix and mValue are looked up case-insensitive String reqAttr = req.getExtDataInString(mPrefix, mValue); if (reqAttr == null) { - throw new ELdapException(CMS.getUserMessage( - "CMS_LDAP_NO_REQUEST", mValue, "")); + throw new + ELdapException( + CMS.getUserMessage("CMS_LDAP_NO_REQUEST", mValue, "")); } return reqAttr; @@ -532,9 +549,10 @@ class AVAPattern { } /** - * Explode RDN into AVAs. Does not handle escaped '+' Java ldap library does - * not yet support multiple avas per rdn. If RDN is malformed returns empty - * array. + * Explode RDN into AVAs. + * Does not handle escaped '+' + * Java ldap library does not yet support multiple avas per rdn. + * If RDN is malformed returns empty array. */ public static String[] explodeRDN(String rdn) { int plus = rdn.indexOf('+'); @@ -559,8 +577,9 @@ class AVAPattern { } /** - * Explode AVA into name and value. Does not handle escaped '=' If AVA is - * malformed empty array is returned. + * Explode AVA into name and value. + * Does not handle escaped '=' + * If AVA is malformed empty array is returned. */ public static String[] explodeAVA(String ava) { int equals = ava.indexOf('='); @@ -573,3 +592,4 @@ class AVAPattern { ava.substring(equals + 1).trim() }; } } + |