From 621d9e5c413e561293d7484b93882d985b3fe15f Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Sat, 24 Mar 2012 02:27:47 -0500 Subject: Removed unnecessary pki folder. Previously the source code was located inside a pki folder. This folder was created during svn migration and is no longer needed. This folder has now been removed and the contents have been moved up one level. Ticket #131 --- .../cmscore/extensions/CMSExtensionsMap.java | 160 ++++++++++++++ .../com/netscape/cmscore/extensions/KeyUsage.java | 230 +++++++++++++++++++++ 2 files changed, 390 insertions(+) create mode 100644 base/common/src/com/netscape/cmscore/extensions/CMSExtensionsMap.java create mode 100644 base/common/src/com/netscape/cmscore/extensions/KeyUsage.java (limited to 'base/common/src/com/netscape/cmscore/extensions') diff --git a/base/common/src/com/netscape/cmscore/extensions/CMSExtensionsMap.java b/base/common/src/com/netscape/cmscore/extensions/CMSExtensionsMap.java new file mode 100644 index 000000000..213772882 --- /dev/null +++ b/base/common/src/com/netscape/cmscore/extensions/CMSExtensionsMap.java @@ -0,0 +1,160 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.cmscore.extensions; + +import java.util.Enumeration; +import java.util.Hashtable; + +import netscape.security.util.ObjectIdentifier; + +import com.netscape.certsrv.apps.CMS; +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.base.ISubsystem; +import com.netscape.certsrv.extensions.EExtensionsException; +import com.netscape.certsrv.extensions.ICMSExtension; + +/** + * Loads extension classes from configuration file and return + * for a given extension name or OID. + */ +public class CMSExtensionsMap implements ISubsystem { + public static String ID = "extensions"; + + private static CMSExtensionsMap mInstance = new CMSExtensionsMap(); + + public static final CMSExtensionsMap getInstance() { + return mInstance; + } + + private CMSExtensionsMap() { + } + + private static final String PROP_CLASS = "class"; + + private Hashtable mName2Ext = new Hashtable(); + private Hashtable mOID2Ext = new Hashtable(); + private ISubsystem mOwner = null; + private IConfigStore mConfig = null; + + /** + * Create extensions from configuration store. + * + * @param config the configuration store. + */ + public void init(ISubsystem owner, IConfigStore config) + throws EBaseException { + mOwner = owner; + mConfig = config; + + Enumeration sstores = mConfig.getSubStoreNames(); + + while (sstores.hasMoreElements()) { + String name = (String) sstores.nextElement(); + IConfigStore c = mConfig.getSubStore(name); + + String className = c.getString(PROP_CLASS); + ICMSExtension ext = null; + + try { + ext = (ICMSExtension) Class.forName(className).newInstance(); + ext.init(this, c); + addExt(ext); + } catch (ClassNotFoundException e) { + throw new EExtensionsException( + CMS.getUserMessage("CMS_EXTENSION_CLASS_NOT_FOUND", className)); + } catch (IllegalAccessException e) { + throw new EExtensionsException( + CMS.getUserMessage("CMS_EXTENSION_INSTANTIATE_ERROR", + className, e.toString())); + } catch (InstantiationException e) { + throw new EExtensionsException( + CMS.getUserMessage("CMS_EXTENSION_INSTANTIATE_ERROR", + className, e.toString())); + } catch (ClassCastException e) { + throw new EExtensionsException( + CMS.getUserMessage("CMS_EXTENSION_INVALID_IMPL", className)); + } + } + } + + public void addExt(ICMSExtension ext) throws EBaseException { + String name = ext.getName(); + ObjectIdentifier oid = ext.getOID(); + + if (name == null || oid == null) { + throw new EExtensionsException( + CMS.getUserMessage("CMS_EXTENSION_INCORRECT_IMPL", + ext.getClass().getName())); + } + mName2Ext.put(name, ext); + mOID2Ext.put(oid.toString(), ext); + } + + /** + * startup - does nothing. + */ + public void startup() throws EBaseException { + } + + /** + * shutdown - does nothing. + */ + public void shutdown() { + } + + /** + * Get configuration store. + */ + public IConfigStore getConfigStore() { + return mConfig; + } + + /** + * Returns subsystem ID + */ + public String getId() { + return ID; + } + + /** + * sets subsystem ID + */ + public void setId(String Id) { + } + + /** + * Get the extension class by name. + * + * @param name name of the extension + * @return the extension class. + */ + public ICMSExtension getByName(String name) { + return (ICMSExtension) mName2Ext.get(name); + } + + /** + * Get the extension class by its OID. + * + * @param oid - the OID of the extension. + * @return the extension class. + */ + public ICMSExtension getByOID(ObjectIdentifier oid) { + return (ICMSExtension) mOID2Ext.get(oid.toString()); + } +} diff --git a/base/common/src/com/netscape/cmscore/extensions/KeyUsage.java b/base/common/src/com/netscape/cmscore/extensions/KeyUsage.java new file mode 100644 index 000000000..dc4423357 --- /dev/null +++ b/base/common/src/com/netscape/cmscore/extensions/KeyUsage.java @@ -0,0 +1,230 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.cmscore.extensions; + +import java.io.IOException; + +import netscape.security.util.ObjectIdentifier; +import netscape.security.x509.Extension; +import netscape.security.x509.KeyUsageExtension; +import netscape.security.x509.PKIXExtensions; + +import com.netscape.certsrv.apps.CMS; +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.IArgBlock; +import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.base.ISubsystem; +import com.netscape.certsrv.extensions.EExtensionsException; +import com.netscape.certsrv.extensions.ICMSExtension; +import com.netscape.certsrv.logging.ILogger; +import com.netscape.cmscore.util.Debug; + +public class KeyUsage implements ICMSExtension { + private final static String NAME = "KeyUsageExtension"; + private final static ObjectIdentifier OID = PKIXExtensions.KeyUsage_Id; + + private IConfigStore mConfig = null; + private boolean mSetDefault = false; + + private ILogger mLogger; + + public KeyUsage(boolean setDefault) { + mSetDefault = setDefault; + mLogger = CMS.getLogger(); + } + + public void init(ISubsystem owner, IConfigStore config) + throws EBaseException { + // nothing to do here. + mConfig = config; + } + + public String getName() { + return NAME; + } + + public ObjectIdentifier getOID() { + return OID; + } + + protected static final boolean[] DEF_BITS = + new boolean[KeyUsageExtension.NBITS]; + + static { + // set default bits used when request missing key usage info. + DEF_BITS[KeyUsageExtension.DIGITAL_SIGNATURE_BIT] = true; + DEF_BITS[KeyUsageExtension.NON_REPUDIATION_BIT] = false; + DEF_BITS[KeyUsageExtension.KEY_ENCIPHERMENT_BIT] = true; + DEF_BITS[KeyUsageExtension.DATA_ENCIPHERMENT_BIT] = true; + DEF_BITS[KeyUsageExtension.KEY_AGREEMENT_BIT] = false; + DEF_BITS[KeyUsageExtension.KEY_CERTSIGN_BIT] = false; + DEF_BITS[KeyUsageExtension.CRL_SIGN_BIT] = false; + DEF_BITS[KeyUsageExtension.ENCIPHER_ONLY_BIT] = false; + DEF_BITS[KeyUsageExtension.DECIPHER_ONLY_BIT] = false; + } + + private static boolean getBoolean(Object value) { + String val = (String) value; + + if (val != null && + (val.equalsIgnoreCase("true") || val.equalsIgnoreCase("on"))) + return true; + else + return false; + } + + public Extension getExtension(IArgBlock args) throws EBaseException { + boolean[] bits = new boolean[KeyUsageExtension.NBITS]; + Object[] values = new Object[KeyUsageExtension.NBITS]; + int bit; + + // check if no bits are set. If not set default bits. + bit = KeyUsageExtension.DIGITAL_SIGNATURE_BIT; + values[bit] = args.get(KeyUsageExtension.names[bit]); + bit = KeyUsageExtension.NON_REPUDIATION_BIT; + values[bit] = args.get(KeyUsageExtension.names[bit]); + bit = KeyUsageExtension.KEY_ENCIPHERMENT_BIT; + values[bit] = args.get(KeyUsageExtension.names[bit]); + bit = KeyUsageExtension.DATA_ENCIPHERMENT_BIT; + values[bit] = args.get(KeyUsageExtension.names[bit]); + bit = KeyUsageExtension.KEY_AGREEMENT_BIT; + values[bit] = args.get(KeyUsageExtension.names[bit]); + bit = KeyUsageExtension.KEY_CERTSIGN_BIT; + values[bit] = args.get(KeyUsageExtension.names[bit]); + bit = KeyUsageExtension.CRL_SIGN_BIT; + values[bit] = args.get(KeyUsageExtension.names[bit]); + bit = KeyUsageExtension.ENCIPHER_ONLY_BIT; + values[bit] = args.get(KeyUsageExtension.names[bit]); + bit = KeyUsageExtension.DECIPHER_ONLY_BIT; + values[bit] = args.get(KeyUsageExtension.names[bit]); + + // if nothing is set, make one with default set of bits. + int i; + + for (i = 0; i < KeyUsageExtension.NBITS; i++) { + if (values[i] != null && (values[i] instanceof String)) + break; + } + if (i == KeyUsageExtension.NBITS && mSetDefault) { + // no key usage extension parameters are requested. set default. + CMS.debug( + "No Key usage bits requested. Setting default."); + bits = DEF_BITS; + } else { + bit = KeyUsageExtension.DIGITAL_SIGNATURE_BIT; + bits[bit] = getBoolean(values[bit]); + if (Debug.ON) + Debug.trace("Requested key usage bit " + bit + " " + bits[bit]); + bit = KeyUsageExtension.NON_REPUDIATION_BIT; + bits[bit] = getBoolean(values[bit]); + if (Debug.ON) + Debug.trace("Requested key usage bit " + bit + " " + bits[bit]); + bit = KeyUsageExtension.KEY_ENCIPHERMENT_BIT; + bits[bit] = getBoolean(values[bit]); + if (Debug.ON) + Debug.trace("Requested key usage bit " + bit + " " + bits[bit]); + bit = KeyUsageExtension.DATA_ENCIPHERMENT_BIT; + bits[bit] = getBoolean(values[bit]); + if (Debug.ON) + Debug.trace("Requested key usage bit " + bit + " " + bits[bit]); + bit = KeyUsageExtension.KEY_AGREEMENT_BIT; + bits[bit] = getBoolean(values[bit]); + if (Debug.ON) + Debug.trace("Requested key usage bit " + bit + " " + bits[bit]); + bit = KeyUsageExtension.KEY_CERTSIGN_BIT; + bits[bit] = getBoolean(values[bit]); + if (Debug.ON) + Debug.trace("Requested key usage bit " + bit + " " + bits[bit]); + bit = KeyUsageExtension.CRL_SIGN_BIT; + bits[bit] = getBoolean(values[bit]); + if (Debug.ON) + Debug.trace("Requested key usage bit " + bit + " " + bits[bit]); + bit = KeyUsageExtension.ENCIPHER_ONLY_BIT; + bits[bit] = getBoolean(values[bit]); + if (Debug.ON) + Debug.trace("Requested key usage bit " + bit + " " + bits[bit]); + bit = KeyUsageExtension.DECIPHER_ONLY_BIT; + bits[bit] = getBoolean(values[bit]); + if (Debug.ON) + Debug.trace("Requested key usage bit " + bit + " " + bits[bit]); + } + + try { + int j = 0; + + for (j = 0; j < bits.length; j++) { + if (bits[j]) + break; + } + if (j == bits.length) { + if (!mSetDefault) + return null; + else + bits = DEF_BITS; + } + return new KeyUsageExtension(bits); + } catch (IOException e) { + throw new EExtensionsException( + CMS.getUserMessage("CMS_EXTENSION_CREATING_EXT_ERROR", NAME)); + } + } + + public IArgBlock getFormParams(Extension extension) + throws EBaseException { + KeyUsageExtension ext = null; + + if (!extension.getExtensionId().equals(PKIXExtensions.KeyUsage_Id)) { + return null; + } + if (extension instanceof KeyUsageExtension) { + ext = (KeyUsageExtension) extension; + } else { + try { + byte[] value = extension.getExtensionValue(); + + ext = new KeyUsageExtension(new Boolean(true), value); + } catch (IOException e) { + return null; + } + } + + IArgBlock params = CMS.createArgBlock(); + boolean[] bits = ext.getBits(); + + params.set(KeyUsageExtension.DIGITAL_SIGNATURE, + String.valueOf(bits[KeyUsageExtension.DIGITAL_SIGNATURE_BIT])); + params.set(KeyUsageExtension.NON_REPUDIATION, + String.valueOf(bits[KeyUsageExtension.NON_REPUDIATION_BIT])); + params.set(KeyUsageExtension.KEY_ENCIPHERMENT, + String.valueOf(bits[KeyUsageExtension.KEY_ENCIPHERMENT_BIT])); + params.set(KeyUsageExtension.DATA_ENCIPHERMENT, + String.valueOf(bits[KeyUsageExtension.DATA_ENCIPHERMENT_BIT])); + params.set(KeyUsageExtension.KEY_AGREEMENT, + String.valueOf(bits[KeyUsageExtension.KEY_AGREEMENT_BIT])); + params.set(KeyUsageExtension.KEY_CERTSIGN, + String.valueOf(bits[KeyUsageExtension.KEY_CERTSIGN_BIT])); + params.set(KeyUsageExtension.CRL_SIGN, + String.valueOf(bits[KeyUsageExtension.CRL_SIGN_BIT])); + params.set(KeyUsageExtension.ENCIPHER_ONLY, + String.valueOf(bits[KeyUsageExtension.ENCIPHER_ONLY_BIT])); + params.set(KeyUsageExtension.DECIPHER_ONLY, + String.valueOf(bits[KeyUsageExtension.DECIPHER_ONLY_BIT])); + return params; + } + +} -- cgit