Java > Open Source Codes > org > ejbca > core > model > ra > raadmin > EndEntityProfile


1 /*************************************************************************
2  * *
3  * EJBCA: The OpenSource Certificate Authority *
4  * *
5  * This software is free software; you can redistribute it and/or *
6  * modify it under the terms of the GNU Lesser General Public *
7  * License as published by the Free Software Foundation; either *
8  * version 2.1 of the License, or any later version. *
9  * *
10  * See terms of license at gnu.org. *
11  * *
12  *************************************************************************/
13  
14 package org.ejbca.core.model.ra.raadmin;
15
16 import java.util.ArrayList ;
17 import java.util.Arrays ;
18 import java.util.Collection ;
19 import java.util.Collections ;
20 import java.util.HashMap ;
21 import java.util.Iterator ;
22 import java.util.Map ;
23 import java.util.Set ;
24
25 import org.apache.commons.lang.StringUtils;
26 import org.apache.log4j.Logger;
27 import org.ejbca.core.model.InternalResources;
28 import org.ejbca.core.model.SecConst;
29 import org.ejbca.core.model.UpgradeableDataHashMap;
30 import org.ejbca.util.Base64;
31 import org.ejbca.util.StringTools;
32 import org.ejbca.util.dn.DNFieldExtractor;
33 import org.ejbca.util.dn.DnComponents;
34 import org.ejbca.util.passgen.PasswordGeneratorFactory;
35
36
37 /**
38  * The model representation of an end entity profile, used in in the ra module
39  * of ejbca web interface.
40  *
41  * The algorithm for constants in the EndEntityProfile is:
42  * Values are stored as 100*parameternumber+parameter, so the first COMMONNAME value is 105, the second 205 etc.
43  * Use flags are stored as 10000+100*parameternumber+parameter, so the first USE_COMMONNAME value is 10105, the second 10205 etc.
44  * Required flags are stored as 20000+100*parameternumber+parameter, so the first REQUIRED_COMMONNAME value is 20105, the second 20205 etc.
45  * Modifyable flags are stored as 30000+100*parameternumber+parameter, so the first MODIFYABLE_COMMONNAME value is 30105, the second 30205 etc.
46  *
47  *
48  * @author Philip Vendil
49  * @version $Id: EndEntityProfile.java,v 1.17 2007/01/16 11:43:52 anatom Exp $
50  */
51 public class EndEntityProfile extends UpgradeableDataHashMap implements java.io.Serializable , Cloneable {
52
53     private static final Logger log = Logger.getLogger(EndEntityProfile.class);
54     /** Internal localization of logs and errors */
55     private static final InternalResources intres = InternalResources.getInstance();
56
57     public static final float LATEST_VERSION = 6;
58
59     /**
60      * Determines if a de-serialized file is compatible with this class.
61      *
62      * Maintainers must change this value if and only if the new version
63      * of this class is not compatible with old versions. See Sun docs
64      * for <a HREF=http://java.sun.com/products/jdk/1.1/docs/guide
65      * /serialization/spec/version.doc.html> details. </a>
66      *
67      */
68     private static final long serialVersionUID = -8356152324295231461L;
69     
70     // Public constants
71 /** Constant values for end entity profile. */
72     private static HashMap dataConstants = new HashMap ();
73
74     // Default values
75 // These must be in a strict order that can never change
76 // Custom values configurable in a properties file will start at number 100
77 static {
78         dataConstants.put("USERNAME", new Integer (0));
79         dataConstants.put("PASSWORD", new Integer (1));
80         dataConstants.put("CLEARTEXTPASSWORD", new Integer (2));
81         // DN components
82 /* These are loaded through DnComponents instead
83         dataConstants.put(DnComponents.DNEMAIL, Integer.valueOf(3));
84         dataConstants.put(DnComponents.UID, Integer.valueOf(4));
85         dataConstants.put(DnComponents.COMMONNAME, Integer.valueOf(5));
86         dataConstants.put(DnComponents.SN, Integer.valueOf(6));
87         dataConstants.put(DnComponents.GIVENNAME, Integer.valueOf(7));
88         dataConstants.put(DnComponents.INITIALS, Integer.valueOf(8));
89         dataConstants.put(DnComponents.SURNAME, Integer.valueOf(9));
90         dataConstants.put(DnComponents.TITLE, Integer.valueOf(10));
91         dataConstants.put(DnComponents.ORGANIZATIONUNIT, Integer.valueOf(11));
92         dataConstants.put(DnComponents.ORGANIZATION, Integer.valueOf(12));
93         dataConstants.put(DnComponents.LOCALE, Integer.valueOf(13));
94         dataConstants.put(DnComponents.STATE, Integer.valueOf(14));
95         dataConstants.put(DnComponents.DOMAINCOMPONENT, Integer.valueOf(15));
96         dataConstants.put(DnComponents.COUNTRY, Integer.valueOf(16));
97
98         dataConstants.put(DnComponents.UNSTRUCTUREDADDRESS, Integer.valueOf(39));
99         dataConstants.put(DnComponents.UNSTRUCTUREDNAME, Integer.valueOf(40));
100         // AltNames
101         dataConstants.put(DnComponents.RFC822NAME, Integer.valueOf(17));
102         dataConstants.put(DnComponents.DNSNAME, Integer.valueOf(18));
103         dataConstants.put(DnComponents.IPADDRESS, Integer.valueOf(19));
104         dataConstants.put(DnComponents.OTHERNAME, Integer.valueOf(20));
105         dataConstants.put(DnComponents.UNIFORMRESOURCEID, Integer.valueOf(21));
106         dataConstants.put(DnComponents.X400ADDRESS, Integer.valueOf(22));
107         dataConstants.put(DnComponents.DIRECTORYNAME, Integer.valueOf(23));
108         dataConstants.put(DnComponents.EDIPARTNAME, Integer.valueOf(24));
109         dataConstants.put(DnComponents.REGISTEREDID, Integer.valueOf(25));
110
111         dataConstants.put(DnComponents.UPN, Integer.valueOf(36));
112
113         dataConstants.put(DnComponents.GUID, Integer.valueOf(41));
114         // Altnames end
115         // Subject directory attributes
116         dataConstants.put(DnComponents.DATEOFBIRTH, Integer.valueOf(42));
117         dataConstants.put(DnComponents.PLACEOFBIRTH, Integer.valueOf(43));
118         dataConstants.put(DnComponents.GENDER, Integer.valueOf(44));
119         dataConstants.put(DnComponents.COUNTRYOFCITIZENSHIP, Integer.valueOf(45));
120         dataConstants.put(DnComponents.COUNTRYOFRESIDENCE, Integer.valueOf(46));
121         // Subject directory attributes end
122          */
123         dataConstants.put("EMAIL", new Integer (26));
124         dataConstants.put("ADMINISTRATOR", new Integer (27));
125         dataConstants.put("KEYRECOVERABLE", new Integer (28));
126         dataConstants.put("DEFAULTCERTPROFILE", new Integer (29));
127         dataConstants.put("AVAILCERTPROFILES", new Integer (30));
128         dataConstants.put("DEFKEYSTORE", new Integer (31));
129         dataConstants.put("AVAILKEYSTORE", new Integer (32));
130         dataConstants.put("DEFAULTTOKENISSUER", new Integer (33));
131         dataConstants.put("AVAILTOKENISSUER", new Integer (34));
132         dataConstants.put("SENDNOTIFICATION", new Integer (35));
133
134         dataConstants.put("DEFAULTCA", new Integer (37));
135         dataConstants.put("AVAILCAS", new Integer (38));
136         
137         // Load all DN, altName and directoryAttributes from DnComponents.
138 dataConstants.putAll(DnComponents.getProfilenameIdMap());
139     }
140     // Type of data constants.
141 private static final int VALUE = 0;
142     private static final int USE = 1;
143     private static final int ISREQUIRED = 2;
144     private static final int MODIFYABLE = 3;
145
146     // Field constants, used in the map above
147 public static final String USERNAME = "USERNAME";
148     public static final String PASSWORD = "PASSWORD";
149     public static final String CLEARTEXTPASSWORD = "CLEARTEXTPASSWORD";
150     
151     public static final String EMAIL = "EMAIL";
152     public static final String ADMINISTRATOR = "ADMINISTRATOR";
153     public static final String KEYRECOVERABLE = "KEYRECOVERABLE";
154     public static final String DEFAULTCERTPROFILE = "DEFAULTCERTPROFILE";
155     public static final String AVAILCERTPROFILES = "AVAILCERTPROFILES";
156     public static final String DEFKEYSTORE = "DEFKEYSTORE";
157     public static final String AVAILKEYSTORE = "AVAILKEYSTORE";
158     public static final String DEFAULTTOKENISSUER = "DEFAULTTOKENISSUER";
159     public static final String AVAILTOKENISSUER = "AVAILTOKENISSUER";
160     public static final String SENDNOTIFICATION = "SENDNOTIFICATION";
161     public static final String DEFAULTCA = "DEFAULTCA";
162     public static final String AVAILCAS = "AVAILCAS";
163     
164     
165
166     public static final String SPLITCHAR = ";";
167
168     public static final String TRUE = "true";
169     public static final String FALSE = "false";
170     
171
172
173     // Constants used with field ordering
174 public static final int FIELDTYPE = 0;
175     public static final int NUMBER = 1;
176
177     // Public methods.
178 /** Creates a new instance of EndEntity Profile */
179     public EndEntityProfile() {
180       super();
181
182       // Set default required fields.
183 init(false);
184     }
185
186     /** Creates a default empty end entity profile with all standard fields added to it. */
187     public EndEntityProfile(boolean emptyprofile){
188       super();
189
190       init(emptyprofile);
191     }
192
193     private void init(boolean emptyprofile){
194       if(emptyprofile){
195         // initialize profile data
196 ArrayList numberoffields = new ArrayList (dataConstants.size());
197         for(int i =0; i < dataConstants.size(); i++){
198           numberoffields.add(new Integer (0));
199         }
200         data.put(NUMBERARRAY,numberoffields);
201         data.put(SUBJECTDNFIELDORDER,new ArrayList ());
202         data.put(SUBJECTALTNAMEFIELDORDER,new ArrayList ());
203         data.put(SUBJECTDIRATTRFIELDORDER,new ArrayList ());
204
205         Set keySet = dataConstants.keySet();
206         Iterator iter = keySet.iterator();
207         while (iter.hasNext()) {
208             String key = (String )iter.next();
209             if (key.equals(SENDNOTIFICATION) || key.equals(DnComponents.OTHERNAME)
210                 || key.equals(DnComponents.X400ADDRESS) || key.equals(DnComponents.EDIPARTNAME) || key.equals(DnComponents.REGISTEREDID)) {
211                 continue;
212             } else {
213                 addField(key);
214                 setValue(key,0,"");
215                 setRequired(key,0,false);
216                 setUse(key,0,true);
217                 setModifyable(key,0,true);
218             }
219             
220         }
221
222         setRequired(USERNAME,0,true);
223         setRequired(PASSWORD,0,true);
224         setRequired(DnComponents.COMMONNAME,0,true);
225         setRequired(DEFAULTCERTPROFILE,0,true);
226         setRequired(AVAILCERTPROFILES,0,true);
227         setRequired(DEFKEYSTORE,0,true);
228         setRequired(AVAILKEYSTORE,0,true);
229         setRequired(DEFAULTCA,0,true);
230         setRequired(AVAILCAS,0,true);
231         setValue(DEFAULTCERTPROFILE,0,"1");
232         setValue(AVAILCERTPROFILES,0,"1");
233         setValue(DEFKEYSTORE,0, "" + SecConst.TOKEN_SOFT_BROWSERGEN);
234         setValue(AVAILKEYSTORE,0, SecConst.TOKEN_SOFT_BROWSERGEN + ";" + SecConst.TOKEN_SOFT_P12 + ";" + SecConst.TOKEN_SOFT_JKS + ";" + SecConst.TOKEN_SOFT_PEM);
235         setValue(AVAILCAS,0, Integer.toString(SecConst.ALLCAS));
236         // Do not use hard token issuers by default.
237 setUse(AVAILTOKENISSUER, 0, false);
238
239       }else{
240          // initialize profile data
241 ArrayList numberoffields = new ArrayList (dataConstants.size());
242          for(int i =0; i < dataConstants.size(); i++){
243            numberoffields.add(new Integer (0));
244          }
245
246          data.put(NUMBERARRAY,numberoffields);
247          data.put(SUBJECTDNFIELDORDER,new ArrayList ());
248          data.put(SUBJECTALTNAMEFIELDORDER,new ArrayList ());
249          data.put(SUBJECTDIRATTRFIELDORDER,new ArrayList ());
250
251          addField(USERNAME);
252          addField(PASSWORD);
253          addField(DnComponents.COMMONNAME);
254          addField(EMAIL);
255          addField(DEFAULTCERTPROFILE);
256          addField(AVAILCERTPROFILES);
257          addField(DEFKEYSTORE);
258          addField(AVAILKEYSTORE);
259          addField(DEFAULTTOKENISSUER);
260          addField(AVAILTOKENISSUER);
261          addField(AVAILCAS);
262          addField(DEFAULTCA);
263          
264          setRequired(USERNAME,0,true);
265          setRequired(PASSWORD,0,true);
266          setRequired(DnComponents.COMMONNAME,0,true);
267          setRequired(DEFAULTCERTPROFILE,0,true);
268          setRequired(AVAILCERTPROFILES,0,true);
269          setRequired(DEFKEYSTORE,0,true);
270          setRequired(AVAILKEYSTORE,0,true);
271          setRequired(DEFAULTCA,0,true);
272          setRequired(AVAILCAS,0,true);
273          
274          setValue(DEFAULTCERTPROFILE,0,"1");
275          setValue(AVAILCERTPROFILES,0,"1;2;3");
276          setValue(DEFKEYSTORE,0, "" + SecConst.TOKEN_SOFT_BROWSERGEN);
277          setValue(AVAILKEYSTORE,0, SecConst.TOKEN_SOFT_BROWSERGEN + ";" + SecConst.TOKEN_SOFT_P12 + ";" + SecConst.TOKEN_SOFT_JKS + ";" + SecConst.TOKEN_SOFT_PEM);
278
279          // Do not use hard token issuers by default.
280 setUse(AVAILTOKENISSUER, 0, false);
281
282       }
283     }
284
285     public void addField(String parameter){
286         addField(getParameterNumber(parameter));
287     }
288     /**
289      * Function that adds a field to the profile.
290      *
291      * @param paramter is the field and one of the field constants.
292      */
293     public void addField(int parameter){
294       int size = getNumberOfField(parameter);
295       setValue(parameter,size,"");
296       setRequired(parameter,size,false);
297       setUse(parameter,size,true);
298       setModifyable(parameter,size,true);
299       String param = getParameter(parameter);
300       ArrayList dns = DnComponents.getDnProfileFields();
301       if(dns.contains(param)){
302         ArrayList fieldorder = (ArrayList ) data.get(SUBJECTDNFIELDORDER);
303         fieldorder.add(new Integer ((NUMBERBOUNDRARY*parameter) + size));
304         Collections.sort(fieldorder);
305       }
306       ArrayList altNames = DnComponents.getAltNameFields();
307       if(altNames.contains(param)) {
308         ArrayList fieldorder = (ArrayList ) data.get(SUBJECTALTNAMEFIELDORDER);
309         fieldorder.add(new Integer ((NUMBERBOUNDRARY*parameter) + size));
310       }
311       ArrayList dirAttrs = DnComponents.getDirAttrFields();
312       if(dirAttrs.contains(param)){
313           ArrayList fieldorder = (ArrayList ) data.get(SUBJECTDIRATTRFIELDORDER);
314           fieldorder.add(new Integer ((NUMBERBOUNDRARY*parameter) + size));
315         }
316       incrementFieldnumber(parameter);
317     }
318
319     public void removeField(String parameter, int number){
320         removeField(getParameterNumber(parameter), number);
321     }
322     /**
323      * Function that removes a field from the end entity profile.
324      *
325      * @param parameter is the field to remove.
326      * @param number is the number of field.
327      */
328     public void removeField(int parameter, int number){
329       // Remove field and move all fileds above.
330 int size = getNumberOfField(parameter);
331
332       if(size>0){
333         for(int n = number; n < size-1; n++){
334           setValue(parameter,n,getValue(parameter,n+1));
335           setRequired(parameter,n,isRequired(parameter,n+1));
336           setUse(parameter,n,getUse(parameter,n+1));
337           setModifyable(parameter,n,isModifyable(parameter,n+1));
338         }
339
340         String param = getParameter(parameter);
341         // Remove from order list.
342 ArrayList dns = DnComponents.getDnProfileFields();
343         if(dns.contains(param)){
344           ArrayList fieldorder = (ArrayList ) data.get(SUBJECTDNFIELDORDER);
345           int value = (NUMBERBOUNDRARY*parameter) + number;
346           for(int i=0; i < fieldorder.size(); i++){
347              if( value == ((Integer ) fieldorder.get(i)).intValue()){
348                 fieldorder.remove(i);
349                 break;
350              }
351           }
352         }
353
354         ArrayList altNames = DnComponents.getAltNameFields();
355         if(altNames.contains(param)) {
356           ArrayList fieldorder = (ArrayList ) data.get(SUBJECTALTNAMEFIELDORDER);
357           int value = (NUMBERBOUNDRARY*parameter) + number;
358           for(int i=0; i < fieldorder.size(); i++){
359              if( value == ((Integer ) fieldorder.get(i)).intValue()){
360                 fieldorder.remove(i);
361                 break;
362              }
363           }
364         }
365
366         ArrayList dirAttrs = DnComponents.getDirAttrFields();
367         if(dirAttrs.contains(param)){
368             ArrayList fieldorder = (ArrayList ) data.get(SUBJECTDIRATTRFIELDORDER);
369             int value = (NUMBERBOUNDRARY*parameter) + number;
370             for(int i=0; i < fieldorder.size(); i++){
371                if( value == ((Integer ) fieldorder.get(i)).intValue()){
372                   fieldorder.remove(i);
373                   break;
374                }
375             }
376           }
377
378         data.remove(new Integer ((VALUE*FIELDBOUNDRARY) + (NUMBERBOUNDRARY*number) + parameter));
379         data.remove(new Integer ((USE*FIELDBOUNDRARY) + (NUMBERBOUNDRARY*number) + parameter));
380         data.remove(new Integer ((ISREQUIRED*FIELDBOUNDRARY) + (NUMBERBOUNDRARY*number) + parameter));
381         data.remove(new Integer ((MODIFYABLE*FIELDBOUNDRARY) + (NUMBERBOUNDRARY*number) + parameter));
382
383         decrementFieldnumber(parameter);
384       }
385     }
386
387     /**
388      * Function that returns the number of one kind of field.
389      *
390      */
391     public int getNumberOfField(String parameter){
392         return getNumberOfField(getParameterNumber(parameter));
393     }
394     public int getNumberOfField(int parameter){
395         ArrayList arr = (ArrayList )data.get(NUMBERARRAY);
396         // This is an automatic upgrade function, if we have dynamically added new fields
397 if (parameter >= arr.size()) {
398             String msg = intres.getLocalizedMessage("ra.eeprofileaddfield", new Integer (parameter));
399             log.info(msg);
400             for (int i = arr.size(); i <= parameter; i++) {
401                 arr.add(new Integer (0));
402             }
403             data.put(NUMBERARRAY,arr);
404         }
405         return ((Integer ) arr.get(parameter)).intValue();
406     }
407
408     public void setValue(int parameter, int number, String value) {
409         if(value !=null){
410             value=value.trim();
411             data.put(new Integer ((VALUE*FIELDBOUNDRARY) + (NUMBERBOUNDRARY*number) + parameter), value);
412          }else{
413             data.put(new Integer ((VALUE*FIELDBOUNDRARY) + (NUMBERBOUNDRARY*number) + parameter), "");
414          }
415     }
416     public void setValue(String parameter, int number, String value) {
417         setValue(getParameterNumber(parameter), number, value);
418     }
419
420     public void setUse(int parameter, int number, boolean use){
421           data.put(new Integer ((USE*FIELDBOUNDRARY) + (NUMBERBOUNDRARY*number) + parameter), Boolean.valueOf(use));
422     }
423     public void setUse(String parameter, int number, boolean use){
424         setUse(getParameterNumber(parameter), number, use);
425     }
426
427     public void setRequired(int parameter, int number, boolean isrequired) {
428         data.put(new Integer ((ISREQUIRED*FIELDBOUNDRARY) + (NUMBERBOUNDRARY*number) + parameter), Boolean.valueOf(isrequired));
429     }
430     public void setRequired(String parameter, int number, boolean isrequired) {
431         setRequired(getParameterNumber(parameter), number, isrequired);
432     }
433
434     public void setModifyable(int parameter, int number, boolean changeable) {
435         data.put(new Integer ((MODIFYABLE*FIELDBOUNDRARY) + (NUMBERBOUNDRARY*number) + parameter), Boolean.valueOf(changeable));
436     }
437     public void setModifyable(String parameter, int number, boolean changeable) {
438         setModifyable(getParameterNumber(parameter), number, changeable);
439     }
440
441     public String getValue(int parameter, int number) {
442         String returnval = (String ) data.get(new Integer ((VALUE*FIELDBOUNDRARY) + (NUMBERBOUNDRARY*number) + parameter));
443         if(returnval != null)
444             return returnval;
445         return "";
446     }
447     public String getValue(String parameter, int number) {
448         return getValue(getParameterNumber(parameter), number);
449     }
450
451     public boolean getUse(int parameter, int number){
452         Boolean returnval = (Boolean ) data.get(new Integer ((USE*FIELDBOUNDRARY) + (NUMBERBOUNDRARY*number) + parameter));
453         if(returnval != null)
454             return returnval.booleanValue();
455         return false;
456     }
457     public boolean getUse(String parameter, int number){
458         return getUse(getParameterNumber(parameter), number);
459     }
460
461     public boolean isRequired(int parameter, int number) {
462         Boolean returnval = (Boolean ) data.get(new Integer ((ISREQUIRED*FIELDBOUNDRARY) + (NUMBERBOUNDRARY*number) + parameter));
463         if(returnval != null)
464             return returnval.booleanValue();
465         return false;
466     }
467     public boolean isRequired(String parameter, int number) {
468         return isRequired(getParameterNumber(parameter), number);
469     }
470
471     public boolean isModifyable(int parameter, int number){
472         Boolean returnval = (Boolean ) data.get(new Integer ((MODIFYABLE*FIELDBOUNDRARY) + (NUMBERBOUNDRARY*number) + parameter));
473         if(returnval != null)
474             return returnval.booleanValue();
475         return false;
476     }
477     public boolean isModifyable(String parameter, int number) {
478         return isModifyable(getParameterNumber(parameter), number);
479     }
480
481     public int getSubjectDNFieldOrderLength(){
482       return ((ArrayList ) data.get(SUBJECTDNFIELDORDER)).size();
483     }
484     public int getSubjectAltNameFieldOrderLength(){
485       return ((ArrayList ) data.get(SUBJECTALTNAMEFIELDORDER)).size();
486     }
487     public int getSubjectDirAttrFieldOrderLength(){
488         return ((ArrayList ) data.get(SUBJECTDIRATTRFIELDORDER)).size();
489       }
490
491     /** returns two int : the first is the DN field which is a constant in DN field extractor,
492      * the second is in which order the attribute is, 0 is first OU and 1 can mean second OU (if OU is specified in the first value).
493      *
494      */
495     public int[] getSubjectDNFieldsInOrder(int index){
496       int[] returnval = new int[2];
497       ArrayList fieldorder = (ArrayList ) data.get(SUBJECTDNFIELDORDER);
498       returnval[NUMBER] = ((Integer ) fieldorder.get(index)).intValue() % NUMBERBOUNDRARY;
499       returnval[FIELDTYPE] = ((Integer ) fieldorder.get(index)).intValue() / NUMBERBOUNDRARY;
500
501       return returnval;
502     }
503
504     public int[] getSubjectAltNameFieldsInOrder(int index){
505       int[] returnval = new int[2];
506       ArrayList fieldorder = (ArrayList ) data.get(SUBJECTALTNAMEFIELDORDER);
507       returnval[NUMBER] = ((Integer ) fieldorder.get(index)).intValue() % NUMBERBOUNDRARY;
508       returnval[FIELDTYPE] = ((Integer ) fieldorder.get(index)).intValue() / NUMBERBOUNDRARY;
509
510       return returnval;
511     }
512
513     public int[] getSubjectDirAttrFieldsInOrder(int index){
514         int[] returnval = new int[2];
515         ArrayList fieldorder = (ArrayList ) data.get(SUBJECTDIRATTRFIELDORDER);
516         returnval[NUMBER] = ((Integer ) fieldorder.get(index)).intValue() % NUMBERBOUNDRARY;
517         returnval[FIELDTYPE] = ((Integer ) fieldorder.get(index)).intValue() / NUMBERBOUNDRARY;
518
519         return returnval;
520       }
521
522     public Collection getAvailableCAs(){
523         ArrayList availablecaids = new ArrayList ();
524         availablecaids.addAll(Arrays.asList(getValue(AVAILCAS,0).split(SPLITCHAR)));
525         return availablecaids;
526     }
527     
528     public boolean useAutoGeneratedPasswd(){
529         return !this.getUse(EndEntityProfile.PASSWORD,0);
530     }
531     
532     public String getAutoGeneratedPasswd(){
533         return PasswordGeneratorFactory.getInstance(PasswordGeneratorFactory.PASSWORDTYPE_LETTERSANDDIGITS).getNewPassword(6,8);
534     }
535     
536     public String getNotificationSender(){
537         if(data.get(NOTIFICATIONSENDER) == null)
538             return "";
539         
540         return (String ) data.get(NOTIFICATIONSENDER);
541     }
542     
543     public void setNotificationSender(String sender){
544         data.put(NOTIFICATIONSENDER, sender);
545     }
546     
547     public String getNotificationSubject(){
548         if(data.get(NOTIFICATIONSUBJECT) == null)
549             return "";
550         
551         return (String ) data.get(NOTIFICATIONSUBJECT);
552     }
553     
554     public void setNotificationSubject(String subject){
555         data.put(NOTIFICATIONSUBJECT, subject);
556     }
557         
558     public String getNotificationMessage(){
559         if(data.get(NOTIFICATIONMESSAGE) == null)
560             return "";
561                 
562         return (String ) data.get(NOTIFICATIONMESSAGE);
563     }
564     
565     public void setNotificationMessage(String message){
566         data.put(NOTIFICATIONMESSAGE, message);
567     }
568     
569     /**
570      * @return indicationg if the keyreccovered certificate should be reused or not.
571      */
572     public boolean getReUseKeyRevoceredCertificate(){
573         if(data.get(REUSECERTIFICATE) == null){
574             return false;
575         }
576         
577         return ((Boolean ) data.get(REUSECERTIFICATE)).booleanValue();
578     }
579     
580     public void setReUseKeyRevoceredCertificate(boolean reuse){
581         data.put(REUSECERTIFICATE, new Boolean (reuse));
582     }
583     
584     /**
585      * @return indicationg if the profile checks should be reversed or not.
586      * default is false.
587      */
588     public boolean getReverseFieldChecks(){
589         if(data.get(REVERSEFFIELDCHECKS) == null){
590             return false;
591         }
592         
593         return ((Boolean ) data.get(REVERSEFFIELDCHECKS)).booleanValue();
594     }
595     
596     public void setReverseFieldChecks(boolean reverse){
597         data.put(REVERSEFFIELDCHECKS, new Boolean (reverse));
598     }
599     
600     /**
601      * @return indicationg printing of userdata should be done
602      * default is false.
603      */
604     public boolean getUsePrinting(){
605         if(data.get(PRINTINGUSE) == null){
606             return false;
607         }
608         
609         return ((Boolean ) data.get(PRINTINGUSE)).booleanValue();
610     }
611     
612     public void setUsePrinting(boolean use){
613         data.put(PRINTINGUSE, new Boolean (use));
614     }
615     
616     /**
617      * @return indicationg printing of userdata should be done
618      * default is false.
619      */
620     public boolean getPrintingDefault(){
621         if(data.get(PRINTINGDEFAULT) == null){
622             return false;
623         }
624         
625         return ((Boolean ) data.get(PRINTINGDEFAULT)).booleanValue();
626     }
627     
628     public void setPrintingDefault(boolean printDefault){
629         data.put(PRINTINGDEFAULT, new Boolean (printDefault));
630     }
631     
632     /**
633      * @return indicationg printing of userdata should be done
634      * default is false.
635      */
636     public boolean getPrintingRequired(){
637         if(data.get(PRINTINGREQUIRED) == null){
638             return false;
639         }
640         return ((Boolean ) data.get(PRINTINGREQUIRED)).booleanValue();
641     }
642     
643     public void setPrintingRequired(boolean printRequired){
644         data.put(PRINTINGREQUIRED, new Boolean (printRequired));
645     }
646     
647     /**
648      * @return the number of copies that should be printed
649      * default is 1.
650      */
651     public int getPrintedCopies(){
652         if(data.get(PRINTINGCOPIES) == null){
653             return 1;
654         }
655         
656         return ((Integer ) data.get(PRINTINGCOPIES)).intValue();
657     }
658     
659     public void setPrintedCopies(int copies){
660         data.put(PRINTINGCOPIES, new Integer (copies));
661     }
662     
663     /**
664      * @return the name of the printer that should be used
665      */
666     public String getPrinterName(){
667         if(data.get(PRINTINGPRINTERNAME) == null){
668             return "";
669         }
670         
671         return (String ) data.get(PRINTINGPRINTERNAME);
672     }
673     
674     public void setPrinterName(String printerName){
675         data.put(PRINTINGPRINTERNAME, printerName);
676     }
677     
678     /**
679      * @return filename of the uploaded
680      */
681     public String getPrinterSVGFileName(){
682         if(data.get(PRINTINGSVGFILENAME) == null){
683             return "";
684         }
685         
686         return (String ) data.get(PRINTINGSVGFILENAME);
687     }
688     
689     public void setPrinterSVGFileName(String printerSVGFileName){
690         data.put(PRINTINGSVGFILENAME, printerSVGFileName);
691     }
692     
693     /**
694      * @return the data of the SVG file, if no content have
695      * been uploaded null is returned
696      */
697     public String getPrinterSVGData(){
698         if(data.get(PRINTINGSVGDATA) == null){
699             return null;
700         }
701         
702         return new String (Base64.decode(((String ) data.get(PRINTINGSVGDATA)).getBytes()));
703     }
704     
705     public void setPrinterSVGData(String sVGData){
706         data.put(PRINTINGSVGDATA, new String (Base64.encode(sVGData.getBytes())));
707     }
708     
709     
710         
711     
712     public void doesUserFullfillEndEntityProfile(String username, String password, String dn, String subjectaltname, String subjectdirattr, String email, int certificateprofileid,
713                                                  boolean clearpwd, boolean administrator, boolean keyrecoverable, boolean sendnotification,
714                                                  int tokentype, int hardwaretokenissuerid, int caid)
715        throws UserDoesntFullfillEndEntityProfile{
716
717      if(useAutoGeneratedPasswd()){
718        if(password !=null)
719         throw new UserDoesntFullfillEndEntityProfile("Autogenerated password must have password==null");
720      }else{
721         if(!isModifyable(PASSWORD,0)){
722           if(!password.equals(getValue(PASSWORD,0)))
723             throw new UserDoesntFullfillEndEntityProfile("Password didn't match requirement of it's profile.");
724         }
725         else
726           if(isRequired(PASSWORD,0)){
727             if(password == null || password.trim().equals(""))
728               throw new UserDoesntFullfillEndEntityProfile("Password cannot be empty or null.");
729           }
730      }
731      
732       if(!getUse(CLEARTEXTPASSWORD,0) && clearpwd)
733           throw new UserDoesntFullfillEndEntityProfile("Clearpassword (used in batch proccessing) cannot be used.");
734
735       if(isRequired(CLEARTEXTPASSWORD,0)){
736         if(getValue(CLEARTEXTPASSWORD,0).equals(TRUE) && !clearpwd)
737            throw new UserDoesntFullfillEndEntityProfile("Clearpassword (used in batch proccessing) cannot be false.");
738         if(getValue(CLEARTEXTPASSWORD,0).equals(FALSE) && clearpwd)
739            throw new UserDoesntFullfillEndEntityProfile("Clearpassword (used in batch proccessing) cannot be true.");
740       }
741
742       doesUserFullfillEndEntityProfileWithoutPassword(username, dn, subjectaltname, subjectdirattr, email, certificateprofileid, administrator, keyrecoverable, sendnotification, tokentype, hardwaretokenissuerid, caid);
743
744     }
745
746     public void doesUserFullfillEndEntityProfileWithoutPassword(String username, String dn, String subjectaltname, String subjectdirattr, String email, int certificateprofileid,
747                                                                 boolean administrator, boolean keyrecoverable, boolean sendnotification,
748                                                                 int tokentype, int hardwaretokenissuerid, int caid) throws UserDoesntFullfillEndEntityProfile{
749       DNFieldExtractor subjectdnfields = new DNFieldExtractor(dn, DNFieldExtractor.TYPE_SUBJECTDN);
750       if (subjectdnfields.isIllegal()) {
751           throw new UserDoesntFullfillEndEntityProfile("Subject DN is illegal.");
752       }
753       DNFieldExtractor subjectaltnames = new DNFieldExtractor(subjectaltname, DNFieldExtractor.TYPE_SUBJECTALTNAME);
754       if (subjectaltnames.isIllegal()) {
755           throw new UserDoesntFullfillEndEntityProfile("Subject alt names are illegal.");
756       }
757       DNFieldExtractor subjectdirattrs = new DNFieldExtractor(subjectdirattr, DNFieldExtractor.TYPE_SUBJECTDIRATTR);
758       if (subjectdirattrs.isIllegal()) {
759           throw new UserDoesntFullfillEndEntityProfile("Subject directory attributes are illegal.");
760       }
761
762       // Check that no other than supported dn fields exists in the subject dn.
763 if(subjectdnfields.existsOther())
764         throw new UserDoesntFullfillEndEntityProfile("Unsupported Subject DN Field found in:" + dn);
765
766       if(subjectaltnames.existsOther())
767         throw new UserDoesntFullfillEndEntityProfile("Unsupported Subject Alternate Name Field found in:" + subjectaltname );
768
769       if(subjectdirattrs.existsOther())
770           throw new UserDoesntFullfillEndEntityProfile("Unsupported Subject Directory Attribute Field found in:" + subjectdirattr );
771
772       checkIfAllRequiredFieldsExists(subjectdnfields, subjectaltnames, subjectdirattrs, username, email);
773
774       checkIfForIllegalNumberOfFields(subjectdnfields, subjectaltnames, subjectdirattrs);
775
776       // Check contents of username.
777 checkIfDataFullfillProfile(USERNAME,0,username, "Username",null);
778
779       // Check Email address.
780 if(email == null)
781        email = "";
782      checkIfDomainFullfillProfile(EMAIL,0,email,"Email");
783
784       // Check contents of Subject DN fields.
785 HashMap subjectdnfieldnumbers = subjectdnfields.getNumberOfFields();
786       Integer [] dnids = DNFieldExtractor.getUseFields(DNFieldExtractor.TYPE_SUBJECTDN);
787       for(int i = 0; i < dnids.length; i++){
788           Integer dnid = dnids[i];
789           int nof = ((Integer )subjectdnfieldnumbers.get(dnid)).intValue();
790           if(getReverseFieldChecks()){
791               for(int j=getNumberOfField(DnComponents.dnIdToProfileName(dnid.intValue())) -1; j >= 0; j--){
792                   checkIfDataFullfillProfile(DnComponents.dnIdToProfileName(dnid.intValue()),j,subjectdnfields.getField(dnid.intValue(),--nof), DnComponents.getErrTextFromDnId(dnid.intValue()), email);
793               }
794           }else{
795               for(int j=0; j < nof; j++){
796                   checkIfDataFullfillProfile(DnComponents.dnIdToProfileName(dnid.intValue()),j,subjectdnfields.getField(dnid.intValue(),j), DnComponents.getErrTextFromDnId(dnid.intValue()), email);
797               }
798           }
799       }
800        // Check contents of Subject Alternative Name fields.
801 HashMap subjectaltnamesnumbers = subjectaltnames.getNumberOfFields();
802       Integer [] altnameids = DNFieldExtractor.getUseFields(DNFieldExtractor.TYPE_SUBJECTALTNAME);
803       for(int i = 0; i < altnameids.length; i++){
804           Integer altnameid = altnameids[i];
805           int nof = ((Integer )subjectaltnamesnumbers.get(altnameid)).intValue();
806           if(getReverseFieldChecks()){
807               for(int j=getNumberOfField(DnComponents.dnIdToProfileName(altnameid.intValue())) -1; j >= 0; j--){
808                   if(i == DNFieldExtractor.UPN){
809                       checkIfDomainFullfillProfile(DnComponents.UPN,j,subjectaltnames.getField(altnameid.intValue(),--nof),"UPN");
810                   }else{
811                       checkIfDataFullfillProfile(DnComponents.dnIdToProfileName(altnameid.intValue()),j,subjectaltnames.getField(altnameid.intValue(),--nof), DnComponents.getErrTextFromDnId(altnameid.intValue()), email);
812                   }
813               }
814           }else{
815               for(int j=0; j < nof; j++){
816                   if(altnameid.intValue() == DNFieldExtractor.UPN){
817                       checkIfDomainFullfillProfile(DnComponents.UPN,j,subjectaltnames.getField(altnameid.intValue(),j),"UPN");
818                   }else{
819                       checkIfDataFullfillProfile(DnComponents.dnIdToProfileName(altnameid.intValue()),j,subjectaltnames.getField(altnameid.intValue(),j), DnComponents.getErrTextFromDnId(altnameid.intValue()), email);
820                   }
821               }
822           }
823       }
824
825       // Check contents of Subject Directory Attributes fields.
826 HashMap subjectdirattrnumbers = subjectdirattrs.getNumberOfFields();
827       Integer [] dirattrids = DNFieldExtractor.getUseFields(DNFieldExtractor.TYPE_SUBJECTDIRATTR);
828       for(int i = 0; i < dirattrids.length; i++){
829           Integer dirattrid = dirattrids[i];
830           int nof = ((Integer )subjectdirattrnumbers.get(dirattrid)).intValue();
831           for(int j=0; j < nof; j++){
832               checkForIllegalChars(subjectdirattrs.getField(dirattrid.intValue(),j));
833               if(dirattrid.intValue() == DNFieldExtractor.COUNTRYOFCITIZENSHIP){
834                   checkIfISO3166FullfillProfile(DnComponents.COUNTRYOFCITIZENSHIP,j,subjectdirattrs.getField(dirattrid.intValue(),j),"COUNTRYOFCITIZENSHIP");
835               } else if(dirattrid.intValue() == DNFieldExtractor.COUNTRYOFRESIDENCE){
836                   checkIfISO3166FullfillProfile(DnComponents.COUNTRYOFRESIDENCE,j,subjectdirattrs.getField(dirattrid.intValue(),j),"COUNTRYOFRESIDENCE");
837               } else if(dirattrid.intValue() == DNFieldExtractor.DATEOFBIRTH){
838                   checkIfDateFullfillProfile(DnComponents.DATEOFBIRTH,j,subjectdirattrs.getField(dirattrid.intValue(),j),"DATEOFBIRTH");
839               } else if(dirattrid.intValue() == DNFieldExtractor.GENDER){
840                   checkIfGenderFullfillProfile(DnComponents.GENDER,j,subjectdirattrs.getField(dirattrid.intValue(),j),"GENDER");
841               }else{
842                   checkIfDataFullfillProfile(DnComponents.dnIdToProfileName(dirattrid.intValue()),j,subjectdirattrs.getField(dirattrid.intValue(),j), DnComponents.getErrTextFromDnId(dirattrid.intValue()), email);
843               }
844           }
845       }
846
847    // Check for administrator flag.
848 if(!getUse(ADMINISTRATOR,0) && administrator)
849           throw new UserDoesntFullfillEndEntityProfile("Administrator cannot be set.");
850
851       if(isRequired(ADMINISTRATOR,0)){
852         if(getValue(ADMINISTRATOR,0).equals(TRUE) && !administrator)
853            throw new UserDoesntFullfillEndEntityProfile("Administrator flag is required.");
854         if(getValue(ADMINISTRATOR,0).equals(FALSE) && administrator)
855            throw new UserDoesntFullfillEndEntityProfile("Administrator flag cannot be set in current end entity profile.");
856       }
857    // Check for keyrecoverable flag.
858 if(!getUse(KEYRECOVERABLE,0) && keyrecoverable)
859           throw new UserDoesntFullfillEndEntityProfile("Key Recoverable cannot be used.");
860
861       if(isRequired(KEYRECOVERABLE,0)){
862         if(getValue(KEYRECOVERABLE,0).equals(TRUE) && !keyrecoverable)
863            throw new UserDoesntFullfillEndEntityProfile("Key Recoverable is required.");
864         if(getValue(KEYRECOVERABLE,0).equals(FALSE) && keyrecoverable)
865            throw new UserDoesntFullfillEndEntityProfile("Key Recoverable cannot be set in current end entity profile.");
866       }
867
868    // Check for send notification flag.
869 if(!getUse(SENDNOTIFICATION,0) && sendnotification)
870           throw new UserDoesntFullfillEndEntityProfile("Email notification cannot be used.");
871
872       if(isRequired(SENDNOTIFICATION,0)){
873         if(getValue(SENDNOTIFICATION,0).equals(TRUE) && !sendnotification)
874            throw new UserDoesntFullfillEndEntityProfile("Email notification is required.");
875         if(getValue(SENDNOTIFICATION,0).equals(FALSE) && sendnotification)
876            throw new UserDoesntFullfillEndEntityProfile("Email notification cannot be set in current end entity profile.");
877       }
878
879       // Check if certificate profile is among available certificate profiles.
880 String [] availablecertprofiles;
881       try{
882         availablecertprofiles = getValue(AVAILCERTPROFILES,0).split(SPLITCHAR);
883       }catch(Exception e){
884           throw new UserDoesntFullfillEndEntityProfile("Error parsing end entity profile.");
885       }
886       if(availablecertprofiles == null)
887            throw new UserDoesntFullfillEndEntityProfile("Error Available certificate profiles is null.");
888       boolean found=false;
889       for(int i=0; i < availablecertprofiles.length;i++){
890           if( Integer.parseInt(availablecertprofiles[i]) == certificateprofileid)
891               found=true;
892       }
893       
894       if(!found)
895           throw new UserDoesntFullfillEndEntityProfile("Couldn't find certificate profile ("+certificateprofileid+") among available certificate profiles.");
896
897       // Check if tokentype is among available token types.
898 String [] availablesofttokentypes;
899       try{
900         availablesofttokentypes = getValue(AVAILKEYSTORE,0).split(SPLITCHAR);
901       }catch(Exception e){
902         throw new UserDoesntFullfillEndEntityProfile("Error parsing end entity profile.");
903       }
904       if(availablesofttokentypes == null)
905           throw new UserDoesntFullfillEndEntityProfile("Error available token types is null.");
906       found=false;
907       for(int i=0; i < availablesofttokentypes.length;i++){
908           if( Integer.parseInt(availablesofttokentypes[i]) == tokentype)
909               found=true;
910       }
911
912       // If soft token check for hardwaretoken issuer id = 0.
913 if(tokentype <= SecConst.TOKEN_SOFT){
914         if(hardwaretokenissuerid != 0)
915            throw new UserDoesntFullfillEndEntityProfile("Soft tokens cannot have a hardware token issuer.");
916       }
917       // If Hard token type check if hardware token issuer is among available hardware token issuers.
918 if(tokentype > SecConst.TOKEN_SOFT && getUse(AVAILTOKENISSUER, 0) ){ // Hardware token.
919 String [] availablehardtokenissuers;
920         try{
921           availablehardtokenissuers = getValue(AVAILTOKENISSUER, 0).split(SPLITCHAR);
922         }catch(Exception e){
923           throw new UserDoesntFullfillEndEntityProfile("Error parsing end entity profile.");
924         }
925         if(availablehardtokenissuers == null)
926             throw new UserDoesntFullfillEndEntityProfile("Error available hard token issuers is null.");
927         found=false;
928         for(int i=0; i < availablehardtokenissuers.length;i++){
929             if( Integer.parseInt(availablehardtokenissuers[i]) == hardwaretokenissuerid)
930                 found=true;
931         }
932         
933         if(!found)
934             throw new UserDoesntFullfillEndEntityProfile("Couldn't find hard token issuers among available hard token issuers.");
935       }
936       
937      // Check if ca id is among available ca ids.
938 String [] availablecaids;
939       try{
940         availablecaids = getValue(AVAILCAS,0).split(SPLITCHAR);
941       }catch(Exception e){
942           throw new UserDoesntFullfillEndEntityProfile("Error parsing end entity profile.");
943       }
944       if(availablecaids == null)
945           throw new UserDoesntFullfillEndEntityProfile("Error End Entity Profiles Available CAs is null.");
946       found=false;
947       for(int i=0; i < availablecaids.length;i++){
948           int tmp = Integer.parseInt(availablecaids[i]);
949           if( tmp == caid || tmp == SecConst.ALLCAS)
950               found=true;
951       }
952       
953       if(!found)
954           throw new UserDoesntFullfillEndEntityProfile("Couldn't find CA among End Entity Profiles Available CAs.");
955     }
956     
957     public void doesPasswordFulfillEndEntityProfile(String password, boolean clearpwd)
958       throws UserDoesntFullfillEndEntityProfile{
959         
960         boolean fullfillsprofile = true;
961         if(useAutoGeneratedPasswd()){
962           if(password !=null)
963             throw new UserDoesntFullfillEndEntityProfile("Autogenerated password must have password==null");
964         }else{
965          if(!isModifyable(EndEntityProfile.PASSWORD,0)){
966            if(!password.equals(getValue(EndEntityProfile.PASSWORD,0)))
967              fullfillsprofile=false;
968          }
969          else
970            if(isRequired(EndEntityProfile.PASSWORD,0)){
971              if((!clearpwd && password == null) || (password != null && password.trim().equals("")))
972                fullfillsprofile=false;
973            }
974         }
975            
976          if(clearpwd && isRequired(EndEntityProfile.CLEARTEXTPASSWORD,0) && getValue(EndEntityProfile.CLEARTEXTPASSWORD,0).equals(EndEntityProfile.FALSE)){
977              fullfillsprofile=false;
978          }
979          
980          if(!fullfillsprofile)
981            throw new UserDoesntFullfillEndEntityProfile("Password doesn't fullfill profile.");
982     }
983
984     public Object clone() throws CloneNotSupportedException {
985       EndEntityProfile clone = new EndEntityProfile();
986       HashMap clonedata = (HashMap ) clone.saveData();
987
988       Iterator i = (data.keySet()).iterator();
989       while(i.hasNext()){
990         Object key = i.next();
991         clonedata.put(key,data.get(key));
992       }
993
994       clone.loadData(clonedata);
995       return clone;
996     }
997
998     /** Implemtation of UpgradableDataHashMap function getLatestVersion */
999     public float getLatestVersion(){
1000       return LATEST_VERSION;
1001    }
1002
1003    /** Implemtation of UpgradableDataHashMap function upgrade. */
1004
1005    public void upgrade() {
1006        log.debug(">upgrade");
1007        if(Float.compare(LATEST_VERSION, getVersion()) != 0) {
1008            String msg = intres.getLocalizedMessage("ra.eeprofileupgrade", new Float (getVersion()));
1009            log.info(msg);
1010            // New version of the class, upgrade
1011 if(getVersion() < 1){
1012                ArrayList numberarray = (ArrayList ) data.get(NUMBERARRAY);
1013                while(numberarray.size() < 37){
1014                   numberarray.add(new Integer (0));
1015                }
1016                data.put(NUMBERARRAY,numberarray);
1017              }
1018            if(getVersion() < 2){
1019                ArrayList numberarray = (ArrayList ) data.get(NUMBERARRAY);
1020                while(numberarray.size() < 39){
1021                   numberarray.add(new Integer (0));
1022                }
1023                data.put(NUMBERARRAY,numberarray);
1024                
1025                addField(AVAILCAS);
1026                addField(DEFAULTCA);
1027                setRequired(AVAILCAS,0,true);
1028                setRequired(DEFAULTCA,0,true);
1029            }
1030            if(getVersion() < 3){
1031                setNotificationSubject("");
1032                setNotificationSender("");
1033                setNotificationMessage("");
1034            }
1035            
1036            if(getVersion() < 4){
1037                ArrayList numberoffields = (ArrayList ) data.get(NUMBERARRAY);
1038                for(int i =numberoffields.size(); i < dataConstants.size(); i++){
1039                  numberoffields.add(new Integer (0));
1040                }
1041                data.put(NUMBERARRAY,numberoffields);
1042            }
1043            // Support for DirectoryName altname field in profile version 5
1044 if (getVersion() < 5) {
1045                addField(DnComponents.DIRECTORYNAME);
1046                setValue(DnComponents.DIRECTORYNAME,0,"");
1047                setRequired(DnComponents.DIRECTORYNAME,0,false);
1048                setUse(DnComponents.DIRECTORYNAME,0,true);
1049                setModifyable(DnComponents.DIRECTORYNAME,0,true);
1050            }
1051            // Support for Subject Directory Attributes field in profile version 6
1052 if (getVersion() < 6) {
1053                ArrayList numberoffields = (ArrayList ) data.get(NUMBERARRAY);
1054                for(int i =numberoffields.size(); i < dataConstants.size(); i++){
1055                  numberoffields.add(new Integer (0));
1056                }
1057                data.put(NUMBERARRAY,numberoffields);
1058                data.put(SUBJECTDIRATTRFIELDORDER,new ArrayList ());
1059                
1060                for(int i=getParameterNumber(DnComponents.DATEOFBIRTH); i <= getParameterNumber(DnComponents.COUNTRYOFRESIDENCE); i++){
1061                    addField(getParameter(i));
1062                    setValue(getParameter(i),0,"");
1063                    setRequired(getParameter(i),0,false);
1064                    setUse(getParameter(i),0,false);
1065                    setModifyable(getParameter(i),0,true);
1066                }
1067
1068            }
1069            data.put(VERSION, new Float (LATEST_VERSION));
1070        }
1071        log.debug("<upgrade");
1072    }
1073
1074
1075    public static boolean isFieldImplemented(int field) {
1076        String f = getParameter(field);
1077        if (f == null) {
1078            log.info("isFieldImplemented got call for non-implemented field: "+field);
1079            return false;
1080        }
1081        return isFieldImplemented(f);
1082    }
1083    public static boolean isFieldImplemented(String field) {
1084        boolean ret = true;
1085        if(field.equals(DnComponents.OTHERNAME)
1086                || field.equals(DnComponents.X400ADDRESS)
1087                || field.equals(DnComponents.EDIPARTNAME)
1088                || field.equals(DnComponents.REGISTEREDID)) {
1089            log.info("isFieldImplemented got call for non-implemented field: "+field);
1090            ret = false;
1091        }
1092        return ret;
1093    }
1094
1095    public static boolean isFieldOfType(int fieldNumber, String fieldString) {
1096        boolean ret = false;
1097        int number = getParameterNumber(fieldString);
1098        if (fieldNumber == number) {
1099            ret = true;
1100        }
1101        return ret;
1102    }
1103
1104
1105    //
1106 // Private Methods
1107 //
1108
1109    
1110    /**
1111     * Used for both email and upn fields
1112     *
1113     */
1114    private void checkIfDomainFullfillProfile(String field, int number, String nameAndDomain, String text) throws UserDoesntFullfillEndEntityProfile {
1115                
1116        if(!nameAndDomain.trim().equals("") && nameAndDomain.indexOf('@') == -1)
1117            throw new UserDoesntFullfillEndEntityProfile("Invalid " + text + ". There must have '@' in the field.");
1118        
1119        String domain = nameAndDomain.substring(nameAndDomain.indexOf('@') + 1);
1120        
1121        if(!getUse(field,number) && !nameAndDomain.trim().equals(""))
1122          throw new UserDoesntFullfillEndEntityProfile(text + " cannot be used in end entity profile.");
1123      
1124        if(!isModifyable(field,number) && !nameAndDomain.equals("")){
1125          String [] values;
1126          try{
1127            values = getValue(field, number).split(SPLITCHAR);
1128          }catch(Exception e){
1129            throw new UserDoesntFullfillEndEntityProfile("Error parsing end entity profile.");
1130          }
1131          boolean exists = false;
1132          for(int i = 0; i < values.length ; i++){
1133            if(domain.equals(values[i].trim()))
1134              exists = true;
1135          }
1136          if(!exists)
1137            throw new UserDoesntFullfillEndEntityProfile("Field " + text + " data didn't match requirement of end entity profile.");
1138        }
1139    }
1140    
1141    private void checkForIllegalChars(String str) throws UserDoesntFullfillEndEntityProfile {
1142        if (StringTools.hasSqlStripChars(str)) {
1143            throw new UserDoesntFullfillEndEntityProfile("Invalid " + str + ". Contains illegal characters.");
1144        }
1145    }
1146    /**
1147     * Used for iso 3166 country codes
1148     *
1149     */
1150    private void checkIfISO3166FullfillProfile(String field, int number, String country, String text) throws UserDoesntFullfillEndEntityProfile {
1151                
1152        if(!country.trim().equals("") && country.trim().length() != 2)
1153            throw new UserDoesntFullfillEndEntityProfile("Invalid " + text + ". Must be of length two.");
1154        
1155        if(!getUse(field,number) && !country.trim().equals(""))
1156          throw new UserDoesntFullfillEndEntityProfile(text + " cannot be used in end entity profile.");
1157      
1158        if(!isModifyable(field,number) && !country.trim().equals("")){
1159          String [] values;
1160          try{
1161            values = getValue(field, number).split(SPLITCHAR);
1162          }catch(Exception e){
1163            throw new UserDoesntFullfillEndEntityProfile("Error parsing end entity profile.");
1164          }
1165          boolean exists = false;
1166          for(int i = 0; i < values.length ; i++){
1167            if(country.equals(values[i].trim()))
1168              exists = true;
1169          }
1170          if(!exists)
1171            throw new UserDoesntFullfillEndEntityProfile("Field " + text + " data didn't match requirement of end entity profile.");
1172        }
1173    }
1174    
1175    /**
1176     * Used to check if it is an M or an F
1177     *
1178     */
1179    private void checkIfGenderFullfillProfile(String field, int number, String gender, String text) throws UserDoesntFullfillEndEntityProfile {
1180                
1181        if(!gender.trim().equals("") && !(gender.equalsIgnoreCase("m") || gender.equalsIgnoreCase("f")))
1182            throw new UserDoesntFullfillEndEntityProfile("Invalid " + text + ". Must be M or F.");
1183        
1184        if(!getUse(field,number) && !gender.trim().equals(""))
1185          throw new UserDoesntFullfillEndEntityProfile(text + " cannot be used in end entity profile.");
1186      
1187        if(!isModifyable(field,number) && !gender.trim().equals("")){
1188          String [] values;
1189          try{
1190            values = getValue(field, number).split(SPLITCHAR);
1191          }catch(Exception e){
1192            throw new UserDoesntFullfillEndEntityProfile("Error parsing end entity profile.");
1193          }
1194          boolean exists = false;
1195          for(int i = 0; i < values.length ; i++){
1196            if(gender.equals(values[i].trim()))
1197              exists = true;
1198          }
1199          if(!exists)
1200            throw new UserDoesntFullfillEndEntityProfile("Field " + text + " data didn't match requirement of end entity profile.");
1201        }
1202    }
1203
1204    /**
1205     * Used for date strings, should be YYYYMMDD
1206     *
1207     */
1208    private void checkIfDateFullfillProfile(String field, int number, String date, String text) throws UserDoesntFullfillEndEntityProfile {
1209                
1210        if(!date.trim().equals("") && date.trim().length() != 8)
1211            throw new UserDoesntFullfillEndEntityProfile("Invalid " + text + ". Must be of length eight.");
1212        if(!date.trim().equals("") && !StringUtils.isNumeric(date.trim()))
1213            throw new UserDoesntFullfillEndEntityProfile("Invalid " + text + ". Must be only numbers.");
1214        
1215        if(!getUse(field,number) && !date.trim().equals(""))
1216          throw new UserDoesntFullfillEndEntityProfile(text + " cannot be used in end entity profile.");
1217      
1218        if(!isModifyable(field,number) && !date.trim().equals("")){
1219          String [] values;
1220          try{
1221            values = getValue(field, number).split(SPLITCHAR);
1222          }catch(Exception e){
1223            throw new UserDoesntFullfillEndEntityProfile("Error parsing end entity profile.");
1224          }
1225          boolean exists = false;
1226          for(int i = 0; i < values.length ; i++){
1227            if(date.equals(values[i].trim()))
1228              exists = true;
1229          }
1230          if(!exists)
1231            throw new UserDoesntFullfillEndEntityProfile("Field " + text + " data didn't match requirement of end entity profile.");
1232        }
1233    }
1234    
1235    private void checkIfDataFullfillProfile(String field, int number, String data, String text, String email) throws UserDoesntFullfillEndEntityProfile {
1236
1237        if(data == null && !field.equals(EMAIL))
1238            throw new UserDoesntFullfillEndEntityProfile("Field " + text + " cannot be null.");
1239
1240        if(data !=null)
1241            if(!getUse(field,number) && !data.trim().equals(""))
1242                throw new UserDoesntFullfillEndEntityProfile(text + " cannot be used in end entity profile.");
1243
1244        if(field.equals(DnComponents.DNEMAIL) || field.equals(DnComponents.RFC822NAME)){
1245            if(isRequired(field,number)){
1246                if(!data.trim().equals(email.trim()))
1247                    throw new UserDoesntFullfillEndEntityProfile("Field " + text + " data didn't match Email field.");
1248            }
1249        }
1250        else{
1251            if(!isModifyable(field,number)){
1252                String [] values;
1253                try{
1254                    values = getValue(field, number).split(SPLITCHAR);
1255                }catch(Exception e){
1256                    throw new UserDoesntFullfillEndEntityProfile("Error parsing end entity profile.");
1257                }
1258                boolean exists = false;
1259                for(int i = 0; i < values.length ; i++){
1260                    if(data.equals(values[i].trim()))
1261                        exists = true;
1262                }
1263                if(!exists)
1264                    throw new UserDoesntFullfillEndEntityProfile("Field " + text + " data didn't match requirement of end entity profile.");
1265            }
1266        }
1267    }
1268
1269    private void checkIfAllRequiredFieldsExists(DNFieldExtractor subjectdnfields, DNFieldExtractor subjectaltnames, DNFieldExtractor subjectdirattrs, String username, String email) throws UserDoesntFullfillEndEntityProfile{
1270        int size;
1271
1272        // Check if Username exists.
1273 if(isRequired(USERNAME,0)){
1274          if(username == null || username.trim().equals(""))
1275            throw new UserDoesntFullfillEndEntityProfile("Username cannot be empty or null.");
1276        }
1277
1278        // Check if required Email fields exists.
1279 if(isRequired(EMAIL,0)){
1280          if(email == null || email.trim().equals(""))
1281            throw new UserDoesntFullfillEndEntityProfile("Email address cannot be empty or null.");
1282        }
1283
1284
1285        // Check if all required subjectdn fields exists.
1286 String [] dnfields = getSubjectDNProfileFields();
1287        Integer [] dnFieldExtractorIds = (Integer [])DnComponents.getDnDnIds().toArray(new Integer [0]);
1288        for(int i = 0; i < dnfields.length; i++){
1289            if(getReverseFieldChecks()){
1290                int nof = subjectdnfields.getNumberOfFields(dnFieldExtractorIds[i].intValue());
1291                int numRequiredFields = getNumberOfRequiredFields(dnfields[i]);
1292                if(nof < numRequiredFields){
1293                  throw new UserDoesntFullfillEndEntityProfile("Subject DN field '" + dnfields[i] + "' must exist.");
1294                }
1295            }else{
1296               size = getNumberOfField(dnfields[i]);
1297               for(int j = 0; j < size; j++){
1298               if(isRequired(dnfields[i],j))
1299                 if(subjectdnfields.getField(dnFieldExtractorIds[i].intValue(),j).trim().equals(""))
1300                  throw new UserDoesntFullfillEndEntityProfile("Subject DN field '" + dnfields[i] + "' must exist.");
1301               }
1302            }
1303        }
1304        
1305        
1306
1307         // Check if all required subject alternate name fields exists.
1308 String [] altnamefields = getSubjectAltnameProfileFields();
1309        Integer [] altNameFieldExtractorIds = (Integer [])DnComponents.getAltNameDnIds().toArray(new Integer [0]);
1310        for(int i = 0; i < altnamefields.length; i++){
1311            if(getReverseFieldChecks()){
1312                int nof = subjectaltnames.getNumberOfFields(altNameFieldExtractorIds[i].intValue());
1313                int numRequiredFields = getNumberOfRequiredFields(altnamefields[i]);
1314                if(nof < numRequiredFields){
1315                    throw new UserDoesntFullfillEndEntityProfile("Subject Alternative Name field '" + altnamefields[i] + "' must exist.");
1316                }
1317            }else{
1318                size = getNumberOfField(altnamefields[i]);
1319                for(int j = 0; j < size; j++){
1320                    if(isRequired(altnamefields[i],j))
1321                        if(subjectaltnames.getField(altNameFieldExtractorIds[i].intValue(),j).trim().equals(""))
1322                            throw new UserDoesntFullfillEndEntityProfile("Subject Alterntive Name field '" + altnamefields[i] + "' must exist.");
1323                }
1324            }
1325        }
1326
1327        // Check if all required subject directory attribute fields exists.
1328 String [] dirattrfields = getSubjectDirAttrProfileFields();
1329        Integer [] dirAttrFieldExtractorIds = (Integer [])DnComponents.getDirAttrDnIds().toArray(new Integer [0]);
1330        for(int i = 0; i < dirattrfields.length; i++){
1331            size = getNumberOfField(dirattrfields[i]);
1332            for(int j = 0; j < size; j++){
1333                if(isRequired(dirattrfields[i],j))
1334                    if(subjectdirattrs.getField(dirAttrFieldExtractorIds[i].intValue(),j).trim().equals(""))
1335                        throw new UserDoesntFullfillEndEntityProfile("Subject Directory Attribute field '" + dirattrfields[i] + "' must exist.");
1336            }
1337        }
1338
1339    }
1340
1341  /**
1342   * Method calculating the number of required fields of on kind that is configured for this profile.
1343   * @param field, one of the field constants
1344   * @return The number of required fields of that kind.
1345   */
1346    private int getNumberOfRequiredFields(String field) {
1347        int retval = 0;
1348        int size = getNumberOfField(field);
1349        for(int j = 0; j < size; j++){
1350            if(isRequired(field,j)){
1351                retval++;
1352            }
1353        }
1354        
1355        return retval;
1356    }
1357
1358    private void checkIfForIllegalNumberOfFields(DNFieldExtractor subjectdnfields, DNFieldExtractor subjectaltnames, DNFieldExtractor subjectdirattrs) throws UserDoesntFullfillEndEntityProfile{
1359
1360        // Check number of subjectdn fields.
1361 String [] dnfields = getSubjectDNProfileFields();
1362        Integer [] dnFieldExtractorIds = (Integer [])DnComponents.getDnDnIds().toArray(new Integer [0]);
1363        for(int i = 0; i < dnfields.length; i++){
1364            if(getNumberOfField(dnfields[i]) < subjectdnfields.getNumberOfFields(dnFieldExtractorIds[i].intValue()))
1365              throw new UserDoesntFullfillEndEntityProfile("Wrong number of " + dnfields[i] + " fields in Subject DN.");
1366        }
1367
1368         // Check number of subject alternate name fields.
1369 String [] altnamefields = getSubjectAltnameProfileFields();
1370        Integer [] altNameFieldExtractorIds = (Integer [])DnComponents.getAltNameDnIds().toArray(new Integer [0]);
1371        for(int i = 0; i < altnamefields.length; i++){
1372          if(getNumberOfField(altnamefields[i]) < subjectaltnames.getNumberOfFields(altNameFieldExtractorIds[i].intValue()))
1373           throw new UserDoesntFullfillEndEntityProfile("Wrong number of " + altnamefields[i] + " fields in Subject Alternative Name.");
1374        }
1375
1376        // Check number of subject directory attribute fields.
1377 String [] dirattrfields = getSubjectDirAttrProfileFields();
1378        Integer [] dirAttrFieldExtractorIds = (Integer [])DnComponents.getDirAttrDnIds().toArray(new Integer [0]);
1379        for(int i = 0; i < dirattrfields.length; i++){
1380          if(getNumberOfField(dirattrfields[i]) < subjectdirattrs.getNumberOfFields(dirAttrFieldExtractorIds[i].intValue()))
1381           throw new UserDoesntFullfillEndEntityProfile("Wrong number of " + dirattrfields[i] + " fields in Subject Directory Attributes.");
1382        }
1383    }
1384
1385    /** methods for mapping the DN, AltName, DirAttr constants from string->number
1386     *
1387     */
1388    private static int getParameterNumber(String parameter) {
1389        Integer number = (Integer )dataConstants.get(parameter);
1390        if (number != null) {
1391            return number.intValue();
1392        }
1393        log.error("No parameter number for "+parameter);
1394        return -1;
1395    }
1396    /** methods for mapping the DN, AltName, DirAttr constants from number->string
1397     *
1398     */
1399    private static String getParameter(int parameterNumber) {
1400        Set set = dataConstants.entrySet();
1401        Iterator iter = set.iterator();
1402        String ret = null;
1403        while (iter.hasNext() && ret == null) {
1404            Map.Entry entry = (Map.Entry )iter.next();
1405            Integer val = (Integer )entry.getValue();
1406            if (val.intValue() == parameterNumber) {
1407                ret = (String )entry.getKey();
1408            }
1409        }
1410        if (ret == null) {
1411            log.error("No parameter for "+parameterNumber);
1412        }
1413        return ret;
1414    }
1415    
1416    private void incrementFieldnumber(int parameter){
1417      ArrayList numberarray = (ArrayList ) data.get(NUMBERARRAY);
1418      numberarray.set(parameter, new Integer (((Integer ) numberarray.get(parameter)).intValue() + 1));
1419    }
1420
1421    private void decrementFieldnumber(int parameter){
1422      ArrayList numberarray = (ArrayList ) data.get(NUMBERARRAY);
1423      numberarray.set(parameter, new Integer (((Integer ) numberarray.get(parameter)).intValue() - 1));
1424    }
1425    
1426
1427
1428    // Private Constants.
1429 private static final int FIELDBOUNDRARY = 10000;
1430    private static final int NUMBERBOUNDRARY = 100;
1431
1432    
1433    public static String [] getSubjectDNProfileFields() {
1434        return (String [])DnComponents.getDnProfileFields().toArray(new String [0]);
1435    }
1436
1437    public static String [] getSubjectAltnameProfileFields() {
1438        return (String [])DnComponents.getAltNameFields().toArray(new String [0]);
1439    }
1440
1441    public static String [] getSubjectDirAttrProfileFields() {
1442        return (String [])DnComponents.getDirAttrFields().toArray(new String [0]);
1443    }
1444
1445
1446    private static final String NUMBERARRAY = "NUMBERARRAY";
1447    private static final String SUBJECTDNFIELDORDER = "SUBJECTDNFIELDORDER";
1448    private static final String SUBJECTALTNAMEFIELDORDER = "SUBJECTALTNAMEFIELDORDER";
1449    private static final String SUBJECTDIRATTRFIELDORDER = "SUBJECTDIRATTRFIELDORDER";
1450    
1451    private static final String NOTIFICATIONSENDER = "NOTIFICATIONSENDER";
1452    private static final String NOTIFICATIONSUBJECT = "NOTIFICATIONSSUBJECT";
1453    private static final String NOTIFICATIONMESSAGE = "NOTIFICATIONSMESSAGE";
1454
1455    private static final String REUSECERTIFICATE = "REUSECERTIFICATE";
1456    private static final String REVERSEFFIELDCHECKS = "REVERSEFFIELDCHECKS";
1457    
1458    private static final String PRINTINGUSE = "PRINTINGUSE";
1459    private static final String PRINTINGDEFAULT = "PRINTINGDEFAULT";
1460    private static final String PRINTINGREQUIRED = "PRINTINGREQUIRED";
1461    private static final String PRINTINGCOPIES = "PRINTINGCOPIES";
1462    private static final String PRINTINGPRINTERNAME = "PRINTINGPRINTERNAME";
1463    private static final String PRINTINGSVGFILENAME = "PRINTINGSVGFILENAME";
1464    private static final String PRINTINGSVGDATA = "PRINTINGSVGDATA";
1465    // Private fields.
1466
1467
1468}
1469

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags