diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/profile/def/SigningAlgDefault.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/profile/def/SigningAlgDefault.java | 129 |
1 files changed, 70 insertions, 59 deletions
diff --git a/pki/base/common/src/com/netscape/cms/profile/def/SigningAlgDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/SigningAlgDefault.java index 0be29373..4bca9350 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/SigningAlgDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/SigningAlgDefault.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.profile.def; + import java.util.Locale; import netscape.security.x509.AlgorithmId; @@ -33,10 +34,12 @@ import com.netscape.certsrv.property.EPropertyException; import com.netscape.certsrv.property.IDescriptor; import com.netscape.certsrv.request.IRequest; + /** - * This class implements an enrollment default policy that populates a signing - * algorithm into the certificate template. - * + * This class implements an enrollment default policy + * that populates a signing algorithm + * into the certificate template. + * * @version $Revision$, $Date$ */ public class SigningAlgDefault extends EnrollDefault { @@ -44,7 +47,8 @@ public class SigningAlgDefault extends EnrollDefault { public static final String CONFIG_ALGORITHM = "signingAlg"; public static final String VAL_ALGORITHM = "signingAlg"; - public static final String DEF_CONFIG_ALGORITHMS = "-,MD5withRSA,MD2withRSA,SHA1withRSA,SHA256withRSA,SHA512withRSA"; + public static final String DEF_CONFIG_ALGORITHMS = + "-,MD5withRSA,MD2withRSA,SHA1withRSA,SHA256withRSA,SHA512withRSA"; public SigningAlgDefault() { super(); @@ -53,83 +57,89 @@ public class SigningAlgDefault extends EnrollDefault { } public void init(IProfile profile, IConfigStore config) - throws EProfileException { + throws EProfileException { super.init(profile, config); } public IDescriptor getConfigDescriptor(Locale locale, String name) { if (name.equals(CONFIG_ALGORITHM)) { return new Descriptor(IDescriptor.CHOICE, DEF_CONFIG_ALGORITHMS, - "SHA256withRSA", CMS.getUserMessage(locale, - "CMS_PROFILE_SIGNING_ALGORITHM")); + "SHA256withRSA", + CMS.getUserMessage(locale, "CMS_PROFILE_SIGNING_ALGORITHM")); } else { return null; - } + } } - public String getSigningAlg() { - String signingAlg = getConfig(CONFIG_ALGORITHM); - // if specified, use the specified one. Otherwise, pick - // the best selection for the user - if (signingAlg == null || signingAlg.equals("") - || signingAlg.equals("-")) { - // best pick for the user - ICertificateAuthority ca = (ICertificateAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_CA); - return ca.getDefaultAlgorithm(); - } else { - return signingAlg; - } + public String getSigningAlg() + { + String signingAlg = getConfig(CONFIG_ALGORITHM); + // if specified, use the specified one. Otherwise, pick + // the best selection for the user + if (signingAlg == null || signingAlg.equals("") || + signingAlg.equals("-")) { + // best pick for the user + ICertificateAuthority ca = (ICertificateAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_CA); + return ca.getDefaultAlgorithm(); + } else { + return signingAlg; + } } - public String getDefSigningAlgorithms() { - StringBuffer allowed = new StringBuffer(); - ICertificateAuthority ca = (ICertificateAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_CA); - String algos[] = ca.getCASigningAlgorithms(); - for (int i = 0; i < algos.length; i++) { - if (allowed.length() == 0) { - allowed.append(algos[i]); - } else { - allowed.append(","); - allowed.append(algos[i]); - } + public String getDefSigningAlgorithms() + { + StringBuffer allowed = new StringBuffer(); + ICertificateAuthority ca = (ICertificateAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_CA); + String algos[] = ca.getCASigningAlgorithms(); + for (int i = 0; i < algos.length; i++) { + if (allowed.length()== 0) { + allowed.append(algos[i]); + } else { + allowed.append(","); + allowed.append(algos[i]); } - return allowed.toString(); - } + } + return allowed.toString(); + } public IDescriptor getValueDescriptor(Locale locale, String name) { if (name.equals(VAL_ALGORITHM)) { String allowed = getDefSigningAlgorithms(); - return new Descriptor(IDescriptor.CHOICE, allowed, null, + return new Descriptor(IDescriptor.CHOICE, + allowed, null, CMS.getUserMessage(locale, "CMS_PROFILE_SIGNING_ALGORITHM")); } return null; } - public void setValue(String name, Locale locale, X509CertInfo info, - String value) throws EPropertyException { - if (name == null) { - throw new EPropertyException(CMS.getUserMessage(locale, - "CMS_INVALID_PROPERTY", name)); + public void setValue(String name, Locale locale, + X509CertInfo info, String value) + throws EPropertyException { + if (name == null) { + throw new EPropertyException(CMS.getUserMessage( + locale, "CMS_INVALID_PROPERTY", name)); } if (name.equals(VAL_ALGORITHM)) { try { - info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId( + info.set(X509CertInfo.ALGORITHM_ID, + new CertificateAlgorithmId( AlgorithmId.getAlgorithmId(value))); } catch (Exception e) { CMS.debug("SigningAlgDefault: setValue " + e.toString()); - throw new EPropertyException(CMS.getUserMessage(locale, - "CMS_INVALID_PROPERTY", name)); + throw new EPropertyException(CMS.getUserMessage( + locale, "CMS_INVALID_PROPERTY", name)); } } else { - throw new EPropertyException(CMS.getUserMessage(locale, - "CMS_INVALID_PROPERTY", name)); + throw new EPropertyException(CMS.getUserMessage( + locale, "CMS_INVALID_PROPERTY", name)); } } - public String getValue(String name, Locale locale, X509CertInfo info) - throws EPropertyException { + public String getValue(String name, Locale locale, + X509CertInfo info) + throws EPropertyException { if (name == null) throw new EPropertyException("Invalid name " + name); @@ -138,26 +148,26 @@ public class SigningAlgDefault extends EnrollDefault { CertificateAlgorithmId algId = null; try { - algId = (CertificateAlgorithmId) info - .get(X509CertInfo.ALGORITHM_ID); - AlgorithmId id = (AlgorithmId) algId - .get(CertificateAlgorithmId.ALGORITHM); + algId = (CertificateAlgorithmId) + info.get(X509CertInfo.ALGORITHM_ID); + AlgorithmId id = (AlgorithmId) + algId.get(CertificateAlgorithmId.ALGORITHM); return id.toString(); } catch (Exception e) { CMS.debug("SigningAlgDefault: getValue " + e.toString()); } - throw new EPropertyException(CMS.getUserMessage(locale, - "CMS_INVALID_PROPERTY", name)); + throw new EPropertyException(CMS.getUserMessage( + locale, "CMS_INVALID_PROPERTY", name)); } else { - throw new EPropertyException(CMS.getUserMessage(locale, - "CMS_INVALID_PROPERTY", name)); + throw new EPropertyException(CMS.getUserMessage( + locale, "CMS_INVALID_PROPERTY", name)); } } public String getText(Locale locale) { - return CMS.getUserMessage(locale, "CMS_PROFILE_DEF_SIGNING_ALGORITHM", + return CMS.getUserMessage(locale, "CMS_PROFILE_DEF_SIGNING_ALGORITHM", getSigningAlg()); } @@ -165,9 +175,10 @@ public class SigningAlgDefault extends EnrollDefault { * Populates the request with this policy default. */ public void populate(IRequest request, X509CertInfo info) - throws EProfileException { + throws EProfileException { try { - info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId( + info.set(X509CertInfo.ALGORITHM_ID, + new CertificateAlgorithmId( AlgorithmId.getAlgorithmId(getSigningAlg()))); } catch (Exception e) { CMS.debug("SigningAlgDefault: populate " + e.toString()); |