1 13 14 package org.ejbca.core.model.ca.certificateprofiles; 15 16 import java.io.Serializable ; 17 import java.net.MalformedURLException ; 18 import java.net.URL ; 19 import java.util.ArrayList ; 20 import java.util.Collection ; 21 import java.util.Collections ; 22 import java.util.HashMap ; 23 import java.util.Iterator ; 24 import java.util.List ; 25 26 import org.apache.commons.lang.StringUtils; 27 import org.apache.log4j.Logger; 28 import org.ejbca.core.ejb.ca.store.CertificateDataBean; 29 import org.ejbca.core.model.InternalResources; 30 import org.ejbca.core.model.UpgradeableDataHashMap; 31 import org.ejbca.util.dn.DNFieldExtractor; 32 33 34 40 public class CertificateProfile extends UpgradeableDataHashMap implements Serializable , Cloneable { 41 private static final Logger log = Logger.getLogger(CertificateProfile.class); 42 43 private static final InternalResources intres = InternalResources.getInstance(); 44 45 public static final float LATEST_VERSION = (float) 20.0; 47 48 57 private static final long serialVersionUID = -8069608639716545203L; 58 59 60 public static final int DIGITALSIGNATURE = 0; 61 public static final int NONREPUDIATION = 1; 62 public static final int KEYENCIPHERMENT = 2; 63 public static final int DATAENCIPHERMENT = 3; 64 public static final int KEYAGREEMENT = 4; 65 public static final int KEYCERTSIGN = 5; 66 public static final int CRLSIGN = 6; 67 public static final int ENCIPHERONLY = 7; 68 public static final int DECIPHERONLY = 8; 69 70 71 public static final int ANYEXTENDEDKEYUSAGE = 0; 72 public static final int SERVERAUTH = 1; 73 public static final int CLIENTAUTH = 2; 74 public static final int CODESIGNING = 3; 75 public static final int EMAILPROTECTION = 4; 76 public static final int IPSECENDSYSTEM = 5; 77 public static final int IPSECTUNNEL = 6; 78 public static final int IPSECUSER = 7; 79 public static final int TIMESTAMPING = 8; 80 public static final int SMARTCARDLOGON = 9; 81 public static final int OCSPSIGNING = 10; 82 83 public static final String [] EXTENDEDKEYUSAGEOIDSTRINGS = {"1.3.6.1.5.5.7.3.0", "1.3.6.1.5.5.7.3.1", "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", "1.3.6.1.5.5.7.3.4", 84 "1.3.6.1.5.5.7.3.5", "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7", "1.3.6.1.5.5.7.3.8", "1.3.6.1.4.1.311.20.2.2", "1.3.6.1.5.5.7.3.9"}; 85 86 87 public static final String MSTEMPL_DOMAINCONTROLLER = "DomainController"; 88 89 public static final String [] AVAILABLE_MSTEMPLATES = {MSTEMPL_DOMAINCONTROLLER}; 90 91 public static final String TRUE = "true"; 92 public static final String FALSE = "false"; 93 94 public static final int TYPE_ENDENTITY = CertificateDataBean.CERTTYPE_ENDENTITY; 95 public static final int TYPE_SUBCA = CertificateDataBean.CERTTYPE_SUBCA; 96 public static final int TYPE_ROOTCA = CertificateDataBean.CERTTYPE_ROOTCA; 97 public static final int NUMBER_OF_TYPES = 3; 98 99 100 public static final String VERSION_X509V3 = "X509v3"; 101 public static final String CERTIFICATEPROFILENAME = "CUSTOM"; 102 103 104 public static final int ANYCA = -1; 105 106 107 public static final int[] DEFAULTBITLENGTHS= {0,192,239,256,384,512,1024,2048,4096}; 108 109 protected static final String CERTVERSION = "certversion"; 111 protected static final String VALIDITY = "validity"; 112 protected static final String ALLOWVALIDITYOVERRIDE = "allowvalidityoverride"; 113 protected static final String USEBASICCONSTRAINTS = "usebasicconstrants"; 114 protected static final String BASICCONSTRAINTSCRITICAL = "basicconstraintscritical"; 115 protected static final String USEKEYUSAGE = "usekeyusage"; 116 protected static final String KEYUSAGECRITICAL = "keyusagecritical"; 117 protected static final String USESUBJECTKEYIDENTIFIER = "usesubjectkeyidentifier"; 118 protected static final String SUBJECTKEYIDENTIFIERCRITICAL = "subjectkeyidentifiercritical"; 119 protected static final String USEAUTHORITYKEYIDENTIFIER = "useauthoritykeyidentifier"; 120 protected static final String AUTHORITYKEYIDENTIFIERCRITICAL = "authoritykeyidentifiercritical"; 121 protected static final String USECRLNUMBER = "usecrlnumber"; 122 protected static final String CRLNUMBERCRITICAL = "crlnumbercritical"; 123 protected static final String USESUBJECTALTERNATIVENAME = "usesubjectalternativename"; 124 protected static final String SUBJECTALTERNATIVENAMECRITICAL = "subjectalternativenamecritical"; 125 protected static final String USECRLDISTRIBUTIONPOINT = "usecrldistributionpoint"; 126 protected static final String USEDEFAULTCRLDISTRIBUTIONPOINT = "usedefaultcrldistributionpoint"; 127 protected static final String CRLDISTRIBUTIONPOINTCRITICAL = "crldistributionpointcritical"; 128 protected static final String CRLDISTRIBUTIONPOINTURI = "crldistributionpointuri"; 129 protected static final String CRLISSUER = "crlissuer"; 130 protected static final String USECERTIFICATEPOLICIES = "usecertificatepolicies"; 131 protected static final String CERTIFICATEPOLICIESCRITICAL = "certificatepoliciescritical"; 132 protected static final String CERTIFICATEPOLICYID = "certificatepolicyid"; 133 134 protected static final String POLICY_NOTICE_CPS_URL = "policynoticecpsurl"; 135 136 protected static final String POLICY_NOTICE_UNOTICE_TEXT = "policynoticeunoticetext"; 137 protected static final String AVAILABLEBITLENGTHS = "availablebitlengths"; 138 protected static final String KEYUSAGE = "keyusage"; 139 protected static final String MINIMUMAVAILABLEBITLENGTH = "minimumavailablebitlength"; 140 protected static final String MAXIMUMAVAILABLEBITLENGTH = "maximumavailablebitlength"; 141 public static final String TYPE = "type"; 142 protected static final String ALLOWKEYUSAGEOVERRIDE = "allowkeyusageoverride"; 143 protected static final String USEEXTENDEDKEYUSAGE = "useextendedkeyusage"; 144 protected static final String EXTENDEDKEYUSAGE = "extendedkeyusage"; 145 protected static final String EXTENDEDKEYUSAGECRITICAL = "extendedkeyusagecritical"; 146 protected static final String AVAILABLECAS = "availablecas"; 147 protected static final String USEDPUBLISHERS = "usedpublishers"; 148 protected static final String USEOCSPSERVICELOCATOR = "useocspservicelocator"; 149 protected static final String USEDEFAULTOCSPSERVICELOCATOR = "usedefaultocspservicelocator"; 150 protected static final String OCSPSERVICELOCATORURI = "ocspservicelocatoruri"; 151 protected static final String USEMICROSOFTTEMPLATE = "usemicrosofttemplate"; 152 protected static final String MICROSOFTTEMPLATE = "microsofttemplate"; 153 protected static final String USECNPOSTFIX = "usecnpostfix"; 154 protected static final String CNPOSTFIX = "cnpostfix"; 155 protected static final String USESUBJECTDNSUBSET = "usesubjectdnsubset"; 156 protected static final String SUBJECTDNSUBSET = "subjectdnsubset"; 157 protected static final String USESUBJECTALTNAMESUBSET = "usesubjectaltnamesubset"; 158 protected static final String SUBJECTALTNAMESUBSET = "subjectaltnamesubset"; 159 protected static final String USEPATHLENGTHCONSTRAINT = "usepathlengthconstraint"; 160 protected static final String PATHLENGTHCONSTRAINT = "pathlengthconstraint"; 161 protected static final String USEQCSTATEMENT = "useqcstatement"; 162 protected static final String USEPKIXQCSYNTAXV2 = "usepkixqcsyntaxv2"; 163 protected static final String QCSTATEMENTCRITICAL = "useqcstatementcritical"; 164 protected static final String QCSTATEMENTRANAME = "useqcstatementraname"; 165 protected static final String QCSSEMANTICSID = "useqcsematicsid"; 166 protected static final String USEQCETSIQCCOMPLIANCE = "useqcetsiqccompliance"; 167 protected static final String USEQCETSIVALUELIMIT = "useqcetsivaluelimit"; 168 protected static final String QCETSIVALUELIMIT = "qcetsivaluelimit"; 169 protected static final String QCETSIVALUELIMITEXP = "qcetsivaluelimitexp"; 170 protected static final String QCETSIVALUELIMITCURRENCY = "qcetsivaluelimitcurrency"; 171 protected static final String USEQCETSISIGNATUREDEVICE = "useqcetsisignaturedevice"; 172 protected static final String USEQCCUSTOMSTRING = "useqccustomstring"; 173 protected static final String QCCUSTOMSTRINGOID = "qccustomstringoid"; 174 protected static final String QCCUSTOMSTRINGTEXT = "qccustomstringtext"; 175 protected static final String USESUBJECTDIRATTRIBUTES = "usesubjectdirattributes"; 176 protected static final String USEDCERTIFICATEEXTENSIONS = "usedcertificateextensions"; 177 178 180 188 public CertificateProfile() { 189 setCertificateVersion(VERSION_X509V3); 190 setValidity(730); 191 setAllowValidityOverride(false); 192 193 setUseBasicConstraints(true); 194 setBasicConstraintsCritical(true); 195 196 setUseSubjectKeyIdentifier(true); 197 setSubjectKeyIdentifierCritical(false); 198 199 setUseAuthorityKeyIdentifier(true); 200 setAuthorityKeyIdentifierCritical(false); 201 202 setUseSubjectAlternativeName(true); 203 setSubjectAlternativeNameCritical(false); 204 205 setUseCRLDistributionPoint(false); 206 setUseDefaultCRLDistributionPoint(false); 207 setCRLDistributionPointCritical(false); 208 setCRLDistributionPointURI(""); 209 210 setUseCertificatePolicies(false); 211 setCertificatePoliciesCritical(false); 212 setCertificatePolicyId("2.5.29.32.0"); 213 setCpsUrl(""); 214 setUserNoticeText(""); 215 216 setType(TYPE_ENDENTITY); 217 218 219 setAvailableBitLengths(DEFAULTBITLENGTHS); 220 221 setUseKeyUsage(true); 222 setKeyUsage(new boolean[9]); 223 setAllowKeyUsageOverride(true); 224 setKeyUsageCritical(true); 225 226 setUseExtendedKeyUsage(false); 227 setExtendedKeyUsage(new ArrayList ()); 228 setExtendedKeyUsageCritical(false); 229 230 ArrayList availablecas = new ArrayList (); 231 availablecas.add(new Integer (ANYCA)); 232 setAvailableCAs(availablecas); 233 234 setPublisherList(new ArrayList ()); 235 236 setUseOCSPServiceLocator(false); 237 setUseDefaultOCSPServiceLocator(false); 238 setOCSPServiceLocatorURI(""); 239 240 setUseMicrosoftTemplate(false); 241 setMicrosoftTemplate(""); 242 243 setUseCNPostfix(false); 244 setCNPostfix(""); 245 246 setUseSubjectDNSubSet(false); 247 setSubjectDNSubSet(new ArrayList ()); 248 setUseSubjectAltNameSubSet(false); 249 setSubjectAltNameSubSet(new ArrayList ()); 250 251 setUsePathLengthConstraint(false); 252 setPathLengthConstraint(0); 253 254 setUseQCStatement(false); 255 setUsePkixQCSyntaxV2(false); 256 setQCStatementCritical(false); 257 setQCStatementRAName(null); 258 setQCSemanticsId(null); 259 setUseQCEtsiQCCompliance(false); 260 setUseQCEtsiSignatureDevice(false); 261 setUseQCEtsiValueLimit(false); 262 setQCEtsiValueLimit(0); 263 setQCEtsiValueLimitExp(0); 264 setQCEtsiValueLimitCurrency(null); 265 setUseQCCustomString(false); 266 setQCCustomStringOid(null); 267 setQCCustomStringText(null); 268 269 setUseSubjectDirAttributes(false); 270 271 setUsedCertificateExtensions(new ArrayList ()); 272 273 } 274 275 276 277 279 public String getCertificateVersion(){return (String ) data.get(CERTVERSION);} 280 286 public void setCertificateVersion(String version){data.put(CERTVERSION,version);} 287 288 public long getValidity(){return ((Long )data.get(VALIDITY)).longValue();} 289 public void setValidity(long validity) { data.put(VALIDITY,new Long (validity));} 290 291 public boolean getAllowValidityOverride(){ return ((Boolean )data.get(ALLOWVALIDITYOVERRIDE)).booleanValue(); } 292 public void setAllowValidityOverride(boolean allowvalidityoverride) {data.put(ALLOWVALIDITYOVERRIDE, Boolean.valueOf(allowvalidityoverride));} 293 294 public boolean getUseBasicConstraints(){ return ((Boolean )data.get(USEBASICCONSTRAINTS)).booleanValue(); } 295 public void setUseBasicConstraints(boolean usebasicconstraints) {data.put(USEBASICCONSTRAINTS, Boolean.valueOf(usebasicconstraints));} 296 297 public boolean getBasicConstraintsCritical(){ return ((Boolean ) data.get(BASICCONSTRAINTSCRITICAL)).booleanValue(); } 298 public void setBasicConstraintsCritical(boolean basicconstraintscritical) { data.put(BASICCONSTRAINTSCRITICAL, Boolean.valueOf(basicconstraintscritical));} 299 300 public boolean getUseKeyUsage(){ return ((Boolean ) data.get(USEKEYUSAGE)).booleanValue(); } 301 public void setUseKeyUsage(boolean usekeyusage) { data.put(USEKEYUSAGE, Boolean.valueOf(usekeyusage));} 302 303 public boolean getKeyUsageCritical(){ return ((Boolean ) data.get(KEYUSAGECRITICAL)).booleanValue(); } 304 public void setKeyUsageCritical(boolean keyusagecritical) { data.put(KEYUSAGECRITICAL, Boolean.valueOf(keyusagecritical));} 305 306 public boolean getUseSubjectKeyIdentifier(){ return ((Boolean ) data.get(USESUBJECTKEYIDENTIFIER)).booleanValue(); } 307 public void setUseSubjectKeyIdentifier(boolean usesubjectkeyidentifier) { data.put(USESUBJECTKEYIDENTIFIER, Boolean.valueOf(usesubjectkeyidentifier));} 308 309 public boolean getSubjectKeyIdentifierCritical(){ return ((Boolean ) data.get(SUBJECTKEYIDENTIFIERCRITICAL)).booleanValue(); } 310 public void setSubjectKeyIdentifierCritical(boolean subjectkeyidentifiercritical) { data.put(SUBJECTKEYIDENTIFIERCRITICAL, Boolean.valueOf(subjectkeyidentifiercritical));} 311 312 public boolean getUseAuthorityKeyIdentifier(){ return ((Boolean ) data.get(USEAUTHORITYKEYIDENTIFIER)).booleanValue(); } 313 public void setUseAuthorityKeyIdentifier(boolean useauthoritykeyidentifier) { data.put(USEAUTHORITYKEYIDENTIFIER, Boolean.valueOf(useauthoritykeyidentifier));} 314 315 public boolean getAuthorityKeyIdentifierCritical(){ return ((Boolean ) data.get(AUTHORITYKEYIDENTIFIERCRITICAL)).booleanValue(); } 316 public void setAuthorityKeyIdentifierCritical(boolean authoritykeyidentifiercritical) { data.put(AUTHORITYKEYIDENTIFIERCRITICAL, Boolean.valueOf(authoritykeyidentifiercritical));} 317 318 public boolean getUseSubjectAlternativeName(){ return ((Boolean ) data.get(USESUBJECTALTERNATIVENAME)).booleanValue(); } 319 public void setUseSubjectAlternativeName(boolean usesubjectalternativename) { data.put(USESUBJECTALTERNATIVENAME, Boolean.valueOf(usesubjectalternativename));} 320 321 public boolean getSubjectAlternativeNameCritical(){ return ((Boolean ) data.get(SUBJECTALTERNATIVENAMECRITICAL)).booleanValue(); } 322 public void setSubjectAlternativeNameCritical(boolean subjectalternativenamecritical) { data.put(SUBJECTALTERNATIVENAMECRITICAL, Boolean.valueOf(subjectalternativenamecritical));} 323 324 public boolean getUseCRLDistributionPoint(){ return ((Boolean ) data.get(USECRLDISTRIBUTIONPOINT)).booleanValue(); } 325 public void setUseCRLDistributionPoint(boolean usecrldistributionpoint) { data.put(USECRLDISTRIBUTIONPOINT, Boolean.valueOf(usecrldistributionpoint));} 326 327 public boolean getUseDefaultCRLDistributionPoint(){ return ((Boolean ) data.get(USEDEFAULTCRLDISTRIBUTIONPOINT)).booleanValue(); } 328 public void setUseDefaultCRLDistributionPoint(boolean usedefaultcrldistributionpoint) { data.put(USEDEFAULTCRLDISTRIBUTIONPOINT, Boolean.valueOf(usedefaultcrldistributionpoint));} 329 330 public boolean getCRLDistributionPointCritical(){ return ((Boolean ) data.get(CRLDISTRIBUTIONPOINTCRITICAL)).booleanValue(); } 331 public void setCRLDistributionPointCritical(boolean crldistributionpointcritical) { data.put(CRLDISTRIBUTIONPOINTCRITICAL, Boolean.valueOf(crldistributionpointcritical));} 332 333 public String getCRLDistributionPointURI(){ return (String ) data.get(CRLDISTRIBUTIONPOINTURI); } 334 public void setCRLDistributionPointURI(String crldistributionpointuri) { 335 if(crldistributionpointuri==null) 336 data.put(CRLDISTRIBUTIONPOINTURI,""); 337 else 338 data.put(CRLDISTRIBUTIONPOINTURI,crldistributionpointuri); 339 } 340 public String getCRLIssuer(){ return (String ) data.get(CRLISSUER); } 341 public void setCRLIssuer(String crlissuer) { 342 if(crlissuer==null) 343 data.put(CRLISSUER,""); 344 else 345 data.put(CRLISSUER,crlissuer); 346 } 347 348 public boolean getUseCertificatePolicies() { return ((Boolean ) data.get(USECERTIFICATEPOLICIES)).booleanValue(); } 349 public void setUseCertificatePolicies(boolean usecertificatepolicies) { data.put(USECERTIFICATEPOLICIES, Boolean.valueOf(usecertificatepolicies));} 350 public boolean getCertificatePoliciesCritical() { return ((Boolean ) data.get(CERTIFICATEPOLICIESCRITICAL)).booleanValue(); } 351 public void setCertificatePoliciesCritical(boolean certificatepoliciescritical) { data.put(CERTIFICATEPOLICIESCRITICAL, Boolean.valueOf(certificatepoliciescritical));} 352 public String getCertificatePolicyId() { return (String ) data.get(CERTIFICATEPOLICYID); } 353 public void setCertificatePolicyId(String policyid){ 354 if(policyid == null) 355 data.put(CERTIFICATEPOLICYID,""); 356 else 357 data.put(CERTIFICATEPOLICYID,policyid); 358 } 359 public String getCpsUrl() { 360 return (String ) data.get(POLICY_NOTICE_CPS_URL); 361 } 362 public void setCpsUrl(String cpsUrl) { 363 try { 364 if (!StringUtils.isEmpty(cpsUrl)) { 365 new URL (cpsUrl); 367 data.put(POLICY_NOTICE_CPS_URL, cpsUrl); 368 } else { 369 data.put(POLICY_NOTICE_CPS_URL, ""); 370 } 371 } catch (MalformedURLException muex) { 372 log.error("CPS url has incorrect format.", muex); 373 } 374 } 375 public String getUserNoticeText() { 376 return (String ) data.get(POLICY_NOTICE_UNOTICE_TEXT); 377 } 378 public void setUserNoticeText(String userNoticeText) { 379 if(userNoticeText == null) { 380 data.put(POLICY_NOTICE_UNOTICE_TEXT, ""); 381 } else { 382 data.put(POLICY_NOTICE_UNOTICE_TEXT, userNoticeText); 383 } 384 } 385 386 public int getType(){ return ((Integer ) data.get(TYPE)).intValue(); } 387 public void setType(int type){ data.put(TYPE, new Integer (type)); } 388 public boolean isTypeCA() { return ((Integer ) data.get(TYPE)).intValue() == TYPE_SUBCA; } 389 public boolean isTypeRootCA() { return ((Integer ) data.get(TYPE)).intValue() == TYPE_ROOTCA; } 390 public boolean isTypeEndEntity() { return ((Integer ) data.get(TYPE)).intValue() == TYPE_ENDENTITY; } 391 392 public int[] getAvailableBitLengths(){ 393 ArrayList availablebitlengths = (ArrayList ) data.get(AVAILABLEBITLENGTHS); 394 int[] returnval = new int[availablebitlengths.size()]; 395 396 for(int i=0; i < availablebitlengths.size(); i++){ 397 returnval[i] = ((Integer ) availablebitlengths.get(i)).intValue(); 398 } 399 400 return returnval; 401 } 402 403 public void setAvailableBitLengths(int[] availablebitlengths){ 404 ArrayList availbitlengths = new ArrayList (availablebitlengths.length); 405 406 int minimumavailablebitlength = 99999999; 407 int maximumavailablebitlength = 0; 408 409 for(int i=0;i< availablebitlengths.length;i++){ 410 if( availablebitlengths[i] > maximumavailablebitlength) 411 maximumavailablebitlength = availablebitlengths[i]; 412 if( availablebitlengths[i] < minimumavailablebitlength) 413 minimumavailablebitlength = availablebitlengths[i]; 414 415 availbitlengths.add(new Integer (availablebitlengths[i])); 416 } 417 data.put(AVAILABLEBITLENGTHS, availbitlengths); 418 data.put(MINIMUMAVAILABLEBITLENGTH, new Integer (minimumavailablebitlength)); 419 data.put(MAXIMUMAVAILABLEBITLENGTH, new Integer (maximumavailablebitlength)); 420 } 421 422 public int getMinimumAvailableBitLength(){return ((Integer ) data.get(MINIMUMAVAILABLEBITLENGTH)).intValue();} 423 public int getMaximumAvailableBitLength(){return ((Integer ) data.get(MAXIMUMAVAILABLEBITLENGTH)).intValue();} 424 425 public boolean[] getKeyUsage(){ 426 ArrayList keyusage = (ArrayList ) data.get(KEYUSAGE); 427 boolean[] returnval = new boolean[keyusage.size()]; 428 429 for(int i=0; i < keyusage.size(); i++){ 430 returnval[i] = ((Boolean ) keyusage.get(i)).booleanValue(); 431 } 432 433 return returnval; 434 } 435 436 public boolean getKeyUsage(int keyusageconstant){ 437 return ((Boolean ) ((ArrayList ) data.get(KEYUSAGE)).get(keyusageconstant)).booleanValue(); 438 } 439 440 public void setKeyUsage(boolean[] keyusage){ 441 ArrayList keyuse = new ArrayList (keyusage.length); 442 443 for(int i=0;i< keyusage.length;i++){ 444 keyuse.add(Boolean.valueOf(keyusage[i])); 445 } 446 data.put(KEYUSAGE, keyuse); 447 } 448 449 public void setKeyUsage(int keyusageconstant, boolean value){ 450 ((ArrayList ) data.get(KEYUSAGE)).set(keyusageconstant, Boolean.valueOf(value)); 451 } 452 453 public void setAllowKeyUsageOverride(boolean override) { 454 data.put(ALLOWKEYUSAGEOVERRIDE, Boolean.valueOf(override)); 455 } 456 public boolean getAllowKeyUsageOverride() { 457 return ((Boolean ) data.get(ALLOWKEYUSAGEOVERRIDE)).booleanValue(); 458 } 459 460 public void setUseExtendedKeyUsage(boolean use) { 461 data.put(USEEXTENDEDKEYUSAGE, Boolean.valueOf(use)); 462 } 463 public boolean getUseExtendedKeyUsage() { 464 return ((Boolean ) data.get(USEEXTENDEDKEYUSAGE)).booleanValue(); 465 } 466 467 public void setExtendedKeyUsageCritical(boolean critical) { 468 data.put(EXTENDEDKEYUSAGECRITICAL, Boolean.valueOf(critical)); 469 } 470 public boolean getExtendedKeyUsageCritical() { 471 return ((Boolean ) data.get(EXTENDEDKEYUSAGECRITICAL)).booleanValue(); 472 } 473 476 public void setExtendedKeyUsage(ArrayList extendedkeyusage) { 477 data.put(EXTENDEDKEYUSAGE, extendedkeyusage); 478 } 479 482 public ArrayList getExtendedKeyUsage() { 483 return (ArrayList ) data.get(EXTENDEDKEYUSAGE); 484 } 485 486 public boolean getUseMicrosoftTemplate(){ 487 return ((Boolean ) data.get(USEMICROSOFTTEMPLATE)).booleanValue(); 488 } 489 490 public void setUseMicrosoftTemplate(boolean use){ 491 data.put(USEMICROSOFTTEMPLATE, Boolean.valueOf(use)); 492 } 493 494 public String getMicrosoftTemplate(){ 495 return (String ) data.get(MICROSOFTTEMPLATE); 496 } 497 498 public void setMicrosoftTemplate(String mstemplate){ 499 data.put(MICROSOFTTEMPLATE, mstemplate); 500 } 501 502 public boolean getUseCNPostfix(){ 503 return ((Boolean ) data.get(USECNPOSTFIX)).booleanValue(); 504 } 505 506 public void setUseCNPostfix(boolean use) { 507 data.put(USECNPOSTFIX, Boolean.valueOf(use)); 508 } 509 510 public String getCNPostfix(){ 511 return (String ) data.get(CNPOSTFIX); 512 } 513 514 public void setCNPostfix(String cnpostfix) { 515 data.put(CNPOSTFIX, cnpostfix); 516 517 } 518 519 public boolean getUseSubjectDNSubSet(){ 520 return ((Boolean ) data.get(USESUBJECTDNSUBSET)).booleanValue(); 521 } 522 523 public void setUseSubjectDNSubSet(boolean use) { 524 data.put(USESUBJECTDNSUBSET, Boolean.valueOf(use)); 525 } 526 527 532 public Collection getSubjectDNSubSet(){ 533 return (Collection ) data.get(SUBJECTDNSUBSET); 534 } 535 536 541 public void setSubjectDNSubSet(Collection subjectdns) { 542 data.put(SUBJECTDNSUBSET, subjectdns); 543 544 } 545 546 553 554 public String createSubjectDNSubSet(String dn){ 555 DNFieldExtractor extractor = new DNFieldExtractor(dn,DNFieldExtractor.TYPE_SUBJECTDN); 556 return constructUserData(extractor, getSubjectDNSubSet(), true); 557 } 558 559 public boolean getUseSubjectAltNameSubSet(){ 560 return ((Boolean ) data.get(USESUBJECTALTNAMESUBSET)).booleanValue(); 561 } 562 563 public void setUseSubjectAltNameSubSet(boolean use) { 564 data.put(USESUBJECTALTNAMESUBSET, Boolean.valueOf(use)); 565 } 566 567 572 public Collection getSubjectAltNameSubSet(){ 573 return (Collection ) data.get(SUBJECTALTNAMESUBSET); 574 } 575 576 581 public void setSubjectAltNameSubSet(Collection subjectaltnames) { 582 data.put(SUBJECTALTNAMESUBSET, subjectaltnames); 583 584 } 585 586 587 594 public String createSubjectAltNameSubSet(String subjectaltname){ 595 DNFieldExtractor extractor = new DNFieldExtractor(subjectaltname,DNFieldExtractor.TYPE_SUBJECTALTNAME); 596 return constructUserData(extractor, getSubjectAltNameSubSet(), false); 597 } 598 599 605 protected String constructUserData(DNFieldExtractor extractor, Collection usefields, boolean subjectdn){ 606 String retval = ""; 607 608 if(usefields instanceof List ){ 609 Collections.sort((List ) usefields); 610 } 611 Iterator iter = usefields.iterator(); 612 String dnField = null; 613 while(iter.hasNext()){ 614 Integer next = (Integer ) iter.next(); 615 dnField = extractor.getFieldString(next.intValue()); 616 if (StringUtils.isNotEmpty(dnField)) { 617 if(retval.length() == 0) 618 retval += dnField; else 620 retval += "," + dnField; 621 } 622 } 623 624 625 log.debug("CertificateProfile: constructed DN or AltName: " + retval ); 626 return retval; 627 } 628 629 632 public ArrayList getExtendedKeyUsageAsOIDStrings(){ 633 ArrayList returnval = new ArrayList (); 634 ArrayList eku = (ArrayList ) data.get(EXTENDEDKEYUSAGE); 635 Iterator i = eku.iterator(); 636 while(i.hasNext()) 637 returnval.add(EXTENDEDKEYUSAGEOIDSTRINGS[((Integer ) i.next()).intValue()]); 638 639 640 return returnval; 641 } 642 643 649 public Collection getAvailableCAs(){ 650 return (Collection ) data.get(AVAILABLECAS); 651 } 652 653 658 659 public void setAvailableCAs(Collection availablecas){ 660 data.put(AVAILABLECAS, availablecas); 661 } 662 663 public boolean isApplicableToAnyCA(){ 664 return ((Collection ) data.get(AVAILABLECAS)).contains(new Integer (ANYCA)); 665 } 666 667 671 672 public Collection getPublisherList(){ 673 return (Collection ) data.get(USEDPUBLISHERS); 674 } 675 676 682 683 public void setPublisherList(Collection publisher){ 684 data.put(USEDPUBLISHERS, publisher); 685 } 686 687 691 public boolean getUsePathLengthConstraint(){ 692 return ((Boolean ) data.get(USEPATHLENGTHCONSTRAINT)).booleanValue(); 693 } 694 695 699 public void setUsePathLengthConstraint(boolean use) { 700 data.put(USEPATHLENGTHCONSTRAINT, Boolean.valueOf(use)); 701 } 702 703 public int getPathLengthConstraint(){ 704 return ((Integer ) data.get(PATHLENGTHCONSTRAINT)).intValue(); 705 } 706 707 708 public void setPathLengthConstraint(int pathlength) { 709 data.put(PATHLENGTHCONSTRAINT, new Integer (pathlength)); 710 } 711 712 public boolean getUseOCSPServiceLocator(){ return ((Boolean ) data.get(USEOCSPSERVICELOCATOR)).booleanValue(); } 713 public void setUseOCSPServiceLocator(boolean useocspservicelocator) { data.put(USEOCSPSERVICELOCATOR, Boolean.valueOf(useocspservicelocator));} 714 715 public boolean getUseDefaultOCSPServiceLocator(){ return ((Boolean ) data.get(USEDEFAULTOCSPSERVICELOCATOR)).booleanValue(); } 716 public void setUseDefaultOCSPServiceLocator(boolean usedefaultocspservicelocator) { data.put(USEDEFAULTOCSPSERVICELOCATOR, Boolean.valueOf(usedefaultocspservicelocator));} 717 718 public String getOCSPServiceLocatorURI(){ return (String ) data.get(OCSPSERVICELOCATORURI); } 719 public void setOCSPServiceLocatorURI(String ocspservicelocatoruri) { 720 if(ocspservicelocatoruri==null) 721 data.put(OCSPSERVICELOCATORURI,""); 722 else 723 data.put(OCSPSERVICELOCATORURI,ocspservicelocatoruri); 724 } 725 726 public boolean getUseQCStatement(){ return ((Boolean ) data.get(USEQCSTATEMENT)).booleanValue(); } 727 public void setUseQCStatement(boolean useqcstatement) { data.put(USEQCSTATEMENT, Boolean.valueOf(useqcstatement));} 728 public boolean getUsePkixQCSyntaxV2(){ return ((Boolean ) data.get(USEPKIXQCSYNTAXV2)).booleanValue(); } 729 public void setUsePkixQCSyntaxV2(boolean pkixqcsyntaxv2) { data.put(USEPKIXQCSYNTAXV2, Boolean.valueOf(pkixqcsyntaxv2));} 730 public boolean getQCStatementCritical() { return ((Boolean ) data.get(QCSTATEMENTCRITICAL)).booleanValue(); } 731 public void setQCStatementCritical(boolean qcstatementcritical) { data.put(QCSTATEMENTCRITICAL, Boolean.valueOf(qcstatementcritical));} 732 733 public String getQCStatementRAName(){ return (String ) data.get(QCSTATEMENTRANAME); } 734 public void setQCStatementRAName(String qcstatementraname) { 735 if(qcstatementraname==null) 736 data.put(QCSTATEMENTRANAME,""); 737 else 738 data.put(QCSTATEMENTRANAME,qcstatementraname); 739 } 740 public String getQCSemanticsId(){ return (String ) data.get(QCSSEMANTICSID); } 741 public void setQCSemanticsId(String qcsemanticsid) { 742 if(qcsemanticsid==null) 743 data.put(QCSSEMANTICSID,""); 744 else 745 data.put(QCSSEMANTICSID,qcsemanticsid); 746 } 747 public boolean getUseQCEtsiQCCompliance(){ return ((Boolean ) data.get(USEQCETSIQCCOMPLIANCE)).booleanValue(); } 748 public void setUseQCEtsiQCCompliance(boolean useqcetsiqccompliance) { data.put(USEQCETSIQCCOMPLIANCE, Boolean.valueOf(useqcetsiqccompliance));} 749 public boolean getUseQCEtsiValueLimit(){ return ((Boolean ) data.get(USEQCETSIVALUELIMIT)).booleanValue(); } 750 public void setUseQCEtsiValueLimit(boolean useqcetsivaluelimit) { data.put(USEQCETSIVALUELIMIT, Boolean.valueOf(useqcetsivaluelimit));} 751 public int getQCEtsiValueLimit(){return ((Integer ) data.get(QCETSIVALUELIMIT)).intValue();} 752 public void setQCEtsiValueLimit(int qcetsivaluelimit){data.put(QCETSIVALUELIMIT, new Integer (qcetsivaluelimit));} 753 public int getQCEtsiValueLimitExp(){return ((Integer ) data.get(QCETSIVALUELIMITEXP)).intValue();} 754 public void setQCEtsiValueLimitExp(int qcetsivaluelimitexp){data.put(QCETSIVALUELIMITEXP, new Integer (qcetsivaluelimitexp));} 755 public String getQCEtsiValueLimitCurrency(){ return (String ) data.get(QCETSIVALUELIMITCURRENCY); } 756 public void setQCEtsiValueLimitCurrency(String qcetsicaluelimitcurrency) { 757 if(qcetsicaluelimitcurrency==null) 758 data.put(QCETSIVALUELIMITCURRENCY,""); 759 else 760 data.put(QCETSIVALUELIMITCURRENCY,qcetsicaluelimitcurrency); 761 } 762 public boolean getUseQCEtsiSignatureDevice(){ return ((Boolean ) data.get(USEQCETSISIGNATUREDEVICE)).booleanValue(); } 763 public void setUseQCEtsiSignatureDevice(boolean useqcetsisignaturedevice) { data.put(USEQCETSISIGNATUREDEVICE, Boolean.valueOf(useqcetsisignaturedevice));} 764 765 public boolean getUseQCCustomString(){ return ((Boolean ) data.get(USEQCCUSTOMSTRING)).booleanValue(); } 766 public void setUseQCCustomString(boolean useqccustomstring) { data.put(USEQCCUSTOMSTRING, Boolean.valueOf(useqccustomstring));} 767 public String getQCCustomStringOid(){ return (String ) data.get(QCCUSTOMSTRINGOID); } 768 public void setQCCustomStringOid(String qccustomstringoid) { 769 if(qccustomstringoid==null) 770 data.put(QCCUSTOMSTRINGOID,""); 771 else 772 data.put(QCCUSTOMSTRINGOID,qccustomstringoid); 773 } 774 public String getQCCustomStringText(){ return (String ) data.get(QCCUSTOMSTRINGTEXT); } 775 public void setQCCustomStringText(String qccustomstringtext) { 776 if(qccustomstringtext==null) 777 data.put(QCCUSTOMSTRINGTEXT,""); 778 else 779 data.put(QCCUSTOMSTRINGTEXT,qccustomstringtext); 780 } 781 782 public boolean getUseSubjectDirAttributes(){ return ((Boolean ) data.get(USESUBJECTDIRATTRIBUTES)).booleanValue(); } 783 public void setUseSubjectDirAttributes(boolean use) { data.put(USESUBJECTDIRATTRIBUTES, Boolean.valueOf(use));} 784 785 791 public List getUsedCertificateExtensions(){ 792 if(data.get(USEDCERTIFICATEEXTENSIONS) == null){ 793 return new ArrayList (); 794 } 795 796 return (List ) data.get(USEDCERTIFICATEEXTENSIONS); 797 } 798 799 804 public void setUsedCertificateExtensions(List usedCertificateExtensions) { 805 if(usedCertificateExtensions==null) 806 data.put(USEDCERTIFICATEEXTENSIONS,new ArrayList ()); 807 else 808 data.put(USEDCERTIFICATEEXTENSIONS,usedCertificateExtensions); 809 } 810 811 public Object clone() throws CloneNotSupportedException { 812 CertificateProfile clone = new CertificateProfile(); 813 HashMap clonedata = (HashMap ) clone.saveData(); 814 815 Iterator i = (data.keySet()).iterator(); 816 while(i.hasNext()){ 817 Object key = i.next(); 818 clonedata.put(key, data.get(key)); 819 } 820 821 clone.loadData(clonedata); 822 return clone; 823 } 824 825 826 public float getLatestVersion(){ 827 return LATEST_VERSION; 828 } 829 830 833 public void upgrade(){ 834 log.debug(">upgrade"); 835 if(Float.compare(LATEST_VERSION, getVersion()) != 0) { 836 String msg = intres.getLocalizedMessage("certprofile.upgrade", new Float (getVersion())); 838 log.info(msg); 839 840 if(data.get(ALLOWKEYUSAGEOVERRIDE) == null) 841 data.put(ALLOWKEYUSAGEOVERRIDE, Boolean.TRUE); 842 if(data.get(USEEXTENDEDKEYUSAGE) ==null) 843 data.put(USEEXTENDEDKEYUSAGE, Boolean.FALSE); 844 if(data.get(EXTENDEDKEYUSAGE) ==null) 845 data.put(EXTENDEDKEYUSAGE, new ArrayList ()); 846 if(data.get(EXTENDEDKEYUSAGECRITICAL) == null) 847 data.put(EXTENDEDKEYUSAGECRITICAL, Boolean.FALSE); 848 if(data.get(AVAILABLECAS) == null){ 849 ArrayList availablecas = new ArrayList (); 850 availablecas.add(new Integer (ANYCA)); 851 data.put(AVAILABLECAS, availablecas); 852 } 853 if(data.get(USEDPUBLISHERS) == null){ 854 data.put(USEDPUBLISHERS, new ArrayList ()); 855 } 856 if(data.get(USEOCSPSERVICELOCATOR) == null){ 857 setUseOCSPServiceLocator(false); 858 setOCSPServiceLocatorURI(""); 859 } 860 861 if(data.get(USEMICROSOFTTEMPLATE) == null){ 862 setUseMicrosoftTemplate(false); 863 setMicrosoftTemplate(""); 864 } 865 866 if(data.get(USECNPOSTFIX) == null){ 867 setUseCNPostfix(false); 868 setCNPostfix(""); 869 } 870 871 if(data.get(USESUBJECTDNSUBSET) == null){ 872 setUseSubjectDNSubSet(false); 873 setSubjectDNSubSet(new ArrayList ()); 874 setUseSubjectAltNameSubSet(false); 875 setSubjectAltNameSubSet(new ArrayList ()); 876 } 877 878 if(data.get(USEPATHLENGTHCONSTRAINT) == null){ 879 setUsePathLengthConstraint(false); 880 setPathLengthConstraint(0); 881 } 882 883 if(data.get(USEQCSTATEMENT) == null){ 884 setUseQCStatement(false); 885 setUsePkixQCSyntaxV2(false); 886 setQCStatementCritical(false); 887 setQCStatementRAName(null); 888 setQCSemanticsId(null); 889 setUseQCEtsiQCCompliance(false); 890 setUseQCEtsiSignatureDevice(false); 891 setUseQCEtsiValueLimit(false); 892 setQCEtsiValueLimit(0); 893 setQCEtsiValueLimitExp(0); 894 setQCEtsiValueLimitCurrency(null); 895 } 896 897 if(data.get(USEDEFAULTCRLDISTRIBUTIONPOINT) == null){ 898 setUseDefaultCRLDistributionPoint(false); 899 setUseDefaultOCSPServiceLocator(false); 900 } 901 902 if (data.get(POLICY_NOTICE_UNOTICE_TEXT) == null) { 903 setUserNoticeText(null); } 905 if (data.get(POLICY_NOTICE_CPS_URL) == null) { 906 setCpsUrl(null); } 908 if (data.get(USEQCCUSTOMSTRING) == null) { 909 setUseQCCustomString(false); 910 setQCCustomStringOid(null); 911 setQCCustomStringText(null); 912 } 913 if (data.get(USESUBJECTDIRATTRIBUTES) == null) { 914 setUseSubjectDirAttributes(false); 915 } 916 if(data.get(ALLOWVALIDITYOVERRIDE) == null) { 917 setAllowValidityOverride(false); 918 } 919 920 if(data.get(CRLISSUER) == null) { 921 setCRLIssuer(null); } 923 924 data.put(VERSION, new Float (LATEST_VERSION)); 925 } 926 log.debug("<upgrade"); 927 } 928 929 } | Popular Tags |