summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/profile/constraint/ValidityConstraint.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/profile/constraint/ValidityConstraint.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/profile/constraint/ValidityConstraint.java114
1 files changed, 62 insertions, 52 deletions
diff --git a/pki/base/common/src/com/netscape/cms/profile/constraint/ValidityConstraint.java b/pki/base/common/src/com/netscape/cms/profile/constraint/ValidityConstraint.java
index 95c32221..33b1cb0d 100644
--- a/pki/base/common/src/com/netscape/cms/profile/constraint/ValidityConstraint.java
+++ b/pki/base/common/src/com/netscape/cms/profile/constraint/ValidityConstraint.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.profile.constraint;
-
import java.io.IOException;
import java.util.Date;
import java.util.Locale;
@@ -40,12 +39,10 @@ import com.netscape.cms.profile.def.NoDefault;
import com.netscape.cms.profile.def.UserValidityDefault;
import com.netscape.cms.profile.def.ValidityDefault;
-
/**
- * This class implements the validity constraint.
- * It checks if the validity in the certificate
- * template satisfies the criteria.
- *
+ * This class implements the validity constraint. It checks if the validity in
+ * the certificate template satisfies the criteria.
+ *
* @version $Revision$, $Date$
*/
public class ValidityConstraint extends EnrollConstraint {
@@ -68,20 +65,19 @@ public class ValidityConstraint extends EnrollConstraint {
}
public void init(IProfile profile, IConfigStore config)
- throws EProfileException {
+ throws EProfileException {
super.init(profile, config);
}
- public void setConfig(String name, String value)
- throws EPropertyException {
- if (name.equals(CONFIG_RANGE) ||
- name.equals(CONFIG_NOT_BEFORE_GRACE_PERIOD)) {
- try {
- Integer.parseInt(value);
- } catch (Exception e) {
+ public void setConfig(String name, String value) throws EPropertyException {
+ if (name.equals(CONFIG_RANGE)
+ || name.equals(CONFIG_NOT_BEFORE_GRACE_PERIOD)) {
+ try {
+ Integer.parseInt(value);
+ } catch (Exception e) {
throw new EPropertyException(CMS.getUserMessage(
- "CMS_INVALID_PROPERTY", name));
- }
+ "CMS_INVALID_PROPERTY", name));
+ }
}
super.setConfig(name, value);
}
@@ -92,30 +88,32 @@ public class ValidityConstraint extends EnrollConstraint {
CMS.getUserMessage(locale, "CMS_PROFILE_VALIDITY_RANGE"));
} else if (name.equals(CONFIG_NOT_BEFORE_GRACE_PERIOD)) {
return new Descriptor(IDescriptor.INTEGER, null, "0",
- CMS.getUserMessage(locale, "CMS_PROFILE_VALIDITY_NOT_BEFORE_GRACE_PERIOD"));
+ CMS.getUserMessage(locale,
+ "CMS_PROFILE_VALIDITY_NOT_BEFORE_GRACE_PERIOD"));
} else if (name.equals(CONFIG_CHECK_NOT_BEFORE)) {
return new Descriptor(IDescriptor.BOOLEAN, null, "false",
- CMS.getUserMessage(locale, "CMS_PROFILE_VALIDITY_CHECK_NOT_BEFORE"));
+ CMS.getUserMessage(locale,
+ "CMS_PROFILE_VALIDITY_CHECK_NOT_BEFORE"));
} else if (name.equals(CONFIG_CHECK_NOT_AFTER)) {
return new Descriptor(IDescriptor.BOOLEAN, null, "false",
- CMS.getUserMessage(locale, "CMS_PROFILE_VALIDITY_CHECK_NOT_AFTER"));
+ CMS.getUserMessage(locale,
+ "CMS_PROFILE_VALIDITY_CHECK_NOT_AFTER"));
}
return null;
}
/**
- * Validates the request. The request is not modified
- * during the validation.
+ * Validates the request. The request is not modified during the validation.
*/
public void validate(IRequest request, X509CertInfo info)
- throws ERejectException {
+ throws ERejectException {
CertificateValidity v = null;
try {
v = (CertificateValidity) info.get(X509CertInfo.VALIDITY);
} catch (Exception e) {
throw new ERejectException(CMS.getUserMessage(getLocale(request),
- "CMS_PROFILE_VALIDITY_NOT_FOUND"));
+ "CMS_PROFILE_VALIDITY_NOT_FOUND"));
}
Date notBefore = null;
@@ -124,7 +122,7 @@ public class ValidityConstraint extends EnrollConstraint {
} catch (IOException e) {
CMS.debug("ValidityConstraint: not before not found");
throw new ERejectException(CMS.getUserMessage(getLocale(request),
- "CMS_PROFILE_VALIDITY_NOT_FOUND"));
+ "CMS_PROFILE_VALIDITY_NOT_FOUND"));
}
Date notAfter = null;
@@ -133,33 +131,36 @@ public class ValidityConstraint extends EnrollConstraint {
} catch (IOException e) {
CMS.debug("ValidityConstraint: not after not found");
throw new ERejectException(CMS.getUserMessage(getLocale(request),
- "CMS_PROFILE_VALIDITY_NOT_FOUND"));
+ "CMS_PROFILE_VALIDITY_NOT_FOUND"));
}
if (notAfter.getTime() < notBefore.getTime()) {
- CMS.debug("ValidityConstraint: notAfter (" + notAfter + ") < notBefore (" + notBefore + ")");
+ CMS.debug("ValidityConstraint: notAfter (" + notAfter
+ + ") < notBefore (" + notBefore + ")");
throw new ERejectException(CMS.getUserMessage(getLocale(request),
- "CMS_PROFILE_NOT_AFTER_BEFORE_NOT_BEFORE"));
+ "CMS_PROFILE_NOT_AFTER_BEFORE_NOT_BEFORE"));
}
long millisDiff = notAfter.getTime() - notBefore.getTime();
- CMS.debug("ValidityConstraint: millisDiff=" + millisDiff + " notAfter=" + notAfter.getTime() + " notBefore=" + notBefore.getTime());
- long long_days = (millisDiff / 1000 ) / 86400;
- CMS.debug("ValidityConstraint: long_days: "+long_days);
- int days = (int)long_days;
- CMS.debug("ValidityConstraint: days: "+days);
+ CMS.debug("ValidityConstraint: millisDiff=" + millisDiff + " notAfter="
+ + notAfter.getTime() + " notBefore=" + notBefore.getTime());
+ long long_days = (millisDiff / 1000) / 86400;
+ CMS.debug("ValidityConstraint: long_days: " + long_days);
+ int days = (int) long_days;
+ CMS.debug("ValidityConstraint: days: " + days);
if (days > Integer.parseInt(getConfig(CONFIG_RANGE))) {
- throw new ERejectException(CMS.getUserMessage(getLocale(request),
- "CMS_PROFILE_VALIDITY_OUT_OF_RANGE",
- Integer.toString(days)));
+ throw new ERejectException(
+ CMS.getUserMessage(getLocale(request),
+ "CMS_PROFILE_VALIDITY_OUT_OF_RANGE",
+ Integer.toString(days)));
}
- // 613828
- // The validity field shall specify a notBefore value
- // that does not precede the current time and a notAfter
- // value that does not precede the value specified in
- // notBefore (test can be automated; try entering violating
+ // 613828
+ // The validity field shall specify a notBefore value
+ // that does not precede the current time and a notAfter
+ // value that does not precede the value specified in
+ // notBefore (test can be automated; try entering violating
// time values and check result).
String notBeforeCheckStr = getConfig(CONFIG_CHECK_NOT_BEFORE);
boolean notBeforeCheck;
@@ -167,7 +168,7 @@ public class ValidityConstraint extends EnrollConstraint {
if (notBeforeCheckStr == null || notBeforeCheckStr.equals("")) {
notBeforeCheckStr = "false";
}
- notBeforeCheck = Boolean.valueOf(notBeforeCheckStr).booleanValue();
+ notBeforeCheck = Boolean.valueOf(notBeforeCheckStr).booleanValue();
String notAfterCheckStr = getConfig(CONFIG_CHECK_NOT_AFTER);
boolean notAfterCheck;
@@ -175,34 +176,43 @@ public class ValidityConstraint extends EnrollConstraint {
if (notAfterCheckStr == null || notAfterCheckStr.equals("")) {
notAfterCheckStr = "false";
}
- notAfterCheck = Boolean.valueOf(notAfterCheckStr).booleanValue();
+ notAfterCheck = Boolean.valueOf(notAfterCheckStr).booleanValue();
String notBeforeGracePeriodStr = getConfig(CONFIG_NOT_BEFORE_GRACE_PERIOD);
- if (notBeforeGracePeriodStr == null || notBeforeGracePeriodStr.equals("")) {
+ if (notBeforeGracePeriodStr == null
+ || notBeforeGracePeriodStr.equals("")) {
notBeforeGracePeriodStr = "0";
}
- long notBeforeGracePeriod = Long.parseLong(notBeforeGracePeriodStr) * SECS_IN_MS;
+ long notBeforeGracePeriod = Long.parseLong(notBeforeGracePeriodStr)
+ * SECS_IN_MS;
Date current = CMS.getCurrentDate();
if (notBeforeCheck) {
if (notBefore.getTime() > (current.getTime() + notBeforeGracePeriod)) {
- CMS.debug("ValidityConstraint: notBefore (" + notBefore + ") > current + "+
- "gracePeriod (" + new Date(current.getTime() + notBeforeGracePeriod) + ")");
- throw new ERejectException(CMS.getUserMessage(getLocale(request),
- "CMS_PROFILE_NOT_BEFORE_AFTER_CURRENT"));
+ CMS.debug("ValidityConstraint: notBefore (" + notBefore
+ + ") > current + " + "gracePeriod ("
+ + new Date(current.getTime() + notBeforeGracePeriod)
+ + ")");
+ throw new ERejectException(CMS.getUserMessage(
+ getLocale(request),
+ "CMS_PROFILE_NOT_BEFORE_AFTER_CURRENT"));
}
}
if (notAfterCheck) {
if (notAfter.getTime() < current.getTime()) {
- CMS.debug("ValidityConstraint: notAfter (" + notAfter + ") < current + (" + current + ")");
- throw new ERejectException(CMS.getUserMessage(getLocale(request),
- "CMS_PROFILE_NOT_AFTER_BEFORE_CURRENT"));
+ CMS.debug("ValidityConstraint: notAfter (" + notAfter
+ + ") < current + (" + current + ")");
+ throw new ERejectException(CMS.getUserMessage(
+ getLocale(request),
+ "CMS_PROFILE_NOT_AFTER_BEFORE_CURRENT"));
}
}
}
public String getText(Locale locale) {
- return CMS.getUserMessage(locale, "CMS_PROFILE_CONSTRAINT_VALIDITY_TEXT", getConfig(CONFIG_RANGE));
+ return CMS
+ .getUserMessage(locale, "CMS_PROFILE_CONSTRAINT_VALIDITY_TEXT",
+ getConfig(CONFIG_RANGE));
}
public boolean isApplicable(IPolicyDefault def) {
generated by cgit (git 2.34.1) at 2024-05-05 11:50:39 +0000