1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
// --- BEGIN COPYRIGHT BLOCK ---
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; version 2 of the License.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License along
// with this program; if not, write to the Free Software Foundation, Inc.,
// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
//
// (C) 2007 Red Hat, Inc.
// All rights reserved.
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmscore.security;
import java.io.IOException;
import java.security.KeyPair;
import netscape.security.x509.KeyUsageExtension;
import com.netscape.certsrv.base.EBaseException;
import com.netscape.certsrv.base.IConfigStore;
import com.netscape.certsrv.common.ConfigConstants;
import com.netscape.certsrv.common.Constants;
import com.netscape.certsrv.security.KeyCertData;
/**
* SSL server certificate
*
* @author Christine Ho
* @version $Revision$, $Date$
*/
public class SSLSelfSignedCert extends CertificateInfo {
public static final String SUBJECT_NAME =
"CN=SSL, O=Netscape Communications, C=US";
private String mTokenname = Constants.PR_INTERNAL_TOKEN_NAME;
public SSLSelfSignedCert(KeyCertData properties) {
this(properties, null);
}
public SSLSelfSignedCert(KeyCertData properties, KeyPair pair) {
super(properties, pair);
String tmp = (String) mProperties.get(Constants.PR_TOKEN_NAME);
if ((tmp != null) &&
(!tmp.equals(Constants.PR_INTERNAL_TOKEN)))
mTokenname = tmp;
mProperties.remove(Constants.PR_AKI);
// 020599: This SSL server bit has to be turned on. Otherwise, it
// might crash jss.
mProperties.put(Constants.PR_SSL_SERVER_BIT, Constants.TRUE);
}
public void updateConfig(IConfigStore cmsFileTmp) throws EBaseException {
String tokenname = (String) mProperties.get(Constants.PR_TOKEN_NAME);
String nickname = getNickname();
String fullNickname = "";
if (tokenname.equals(Constants.PR_INTERNAL_TOKEN_NAME)) {
fullNickname = nickname;
} else {
fullNickname = tokenname + ":" + nickname;
}
cmsFileTmp.putString("radm.https.nickName", fullNickname);
cmsFileTmp.commit(false);
}
public String getSubjectName() {
return (String) mProperties.get(Constants.PR_SUBJECT_NAME);
}
public String getNickname() {
String name = (String) mProperties.get(Constants.PR_NICKNAME);
String instanceName =
(String) mProperties.get(ConfigConstants.PR_CERT_INSTANCE_NAME);
if (name != null)
return name;
return "Remote Admin Server-Cert " + instanceName;
}
/*
public SignatureAlgorithm getSigningAlgorithm() {
SignatureAlgorithm sAlg =
(SignatureAlgorithm)mProperties.get(Constants.PR_SIGNATURE_ALGORITHM);
if (sAlg != null) {
return sAlg;
}
String alg = (String)mProperties.get(Constants.PR_KEY_TYPE);
if (alg.equals("RSA"))
return SignatureAlgorithm.RSASignatureWithMD5Digest;
else
return SignatureAlgorithm.DSASignatureWithSHA1Digest;
}
*/
public String getKeyAlgorithm() {
return (String) mProperties.get(Constants.PR_KEY_TYPE);
}
public void signed() {
}
protected KeyUsageExtension getKeyUsageExtension() throws IOException {
KeyUsageExtension extension = new KeyUsageExtension();
extension.set(KeyUsageExtension.DIGITAL_SIGNATURE, new Boolean(true));
//extension.set(KeyUsageExtension.NON_REPUDIATION, new Boolean(true));
extension.set(KeyUsageExtension.KEY_ENCIPHERMENT, new Boolean(true));
return extension;
}
}
|