>From 0c14124f1180c9d485a676265842e0ceeeb28e2f Mon Sep 17 00:00:00 2001 From: Fraser Tweedale Date: Tue, 12 Aug 2014 04:08:30 -0400 Subject: [PATCH] Add IECUserRolesExtInput profile input --- base/ca/shared/conf/registry.cfg | 5 +- .../cms/profile/input/IECUserRolesExtInput.java | 115 +++++++++++++++++++++ base/server/cmsbundle/src/UserMessages.properties | 5 + 3 files changed, 124 insertions(+), 1 deletion(-) create mode 100644 base/server/cms/src/com/netscape/cms/profile/input/IECUserRolesExtInput.java diff --git a/base/ca/shared/conf/registry.cfg b/base/ca/shared/conf/registry.cfg index 9cd4e6d5c89b6e9bd0323fd3fd272b4af1de9568..c4e3ab86b453bec8964d62b3fbdbac14b40f6105 100644 --- a/base/ca/shared/conf/registry.cfg +++ b/base/ca/shared/conf/registry.cfg @@ -173,7 +173,7 @@ profile.caServerCertEnrollImpl.name=Server Certificate Enrollment Profile profile.caUserCertEnrollImpl.class=com.netscape.cms.profile.common.UserCertCAEnrollProfile profile.caUserCertEnrollImpl.desc=Certificate Authority User Certificate Enrollment Profile profile.caUserCertEnrollImpl.name=User Certificate Enrollment Profile -profileInput.ids=cmcCertReqInputImpl,certReqInputImpl,keyGenInputImpl,encKeyGenInputImpl,signKeyGenInputImpl,dualKeyGenInputImpl,subjectNameInputImpl,submitterInfoInputImpl,genericInputImpl,fileSigningInputImpl,imageInputImpl,subjectDNInputImpl,nsNKeyCertReqInputImpl,nsHKeyCertReqInputImpl,serialNumRenewInputImpl,subjectAltNameExtInputImpl +profileInput.ids=cmcCertReqInputImpl,certReqInputImpl,keyGenInputImpl,encKeyGenInputImpl,signKeyGenInputImpl,dualKeyGenInputImpl,subjectNameInputImpl,submitterInfoInputImpl,genericInputImpl,fileSigningInputImpl,imageInputImpl,subjectDNInputImpl,nsNKeyCertReqInputImpl,nsHKeyCertReqInputImpl,serialNumRenewInputImpl,subjectAltNameExtInputImpl,iecUserRolesExtInputImpl profileInput.subjectAltNameExtInputImpl.class=com.netscape.cms.profile.input.SubjectAltNameExtInput profileInput.subjectAltNameExtInputImpl.desc=SAN Input profileInput.subjectAltNameExtInputImpl.name=SAN Input @@ -222,6 +222,9 @@ profileInput.subjectDNInputImpl.name=Subject DN Input profileInput.subjectNameInputImpl.class=com.netscape.cms.profile.input.SubjectNameInput profileInput.subjectNameInputImpl.desc=Subject Name Input profileInput.subjectNameInputImpl.name=Subject Name Input +profileInput.iecUserRolesExtInputImpl.class=com.netscape.cms.profile.input.IECUserRolesExtInput +profileInput.iecUserRolesExtInputImpl.desc=IECUserRoles Extension Input +profileInput.iecUserRolesExtInputImpl.name=IECUserRoles Extension Input profileOutput.ids=certOutputImpl,cmmfOutputImpl,pkcs7OutputImpl,nsNKeyOutputImpl profileOutput.certOutputImpl.class=com.netscape.cms.profile.output.CertOutput profileOutput.certOutputImpl.desc=Certificate Output diff --git a/base/server/cms/src/com/netscape/cms/profile/input/IECUserRolesExtInput.java b/base/server/cms/src/com/netscape/cms/profile/input/IECUserRolesExtInput.java new file mode 100644 index 0000000000000000000000000000000000000000..c516c8cb0115802a8c9761f6cf2aea6ca501cb2b --- /dev/null +++ b/base/server/cms/src/com/netscape/cms/profile/input/IECUserRolesExtInput.java @@ -0,0 +1,115 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2014 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +package com.netscape.cms.profile.input; + +import java.io.IOException; +import java.util.Enumeration; +import java.util.Locale; +import java.util.Vector; + +import netscape.security.extensions.IECUserRolesExtension; +import netscape.security.x509.CertificateExtensions; +import netscape.security.x509.X509CertInfo; + +import com.netscape.certsrv.apps.CMS; +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.profile.EProfileException; +import com.netscape.certsrv.profile.IProfile; +import com.netscape.certsrv.profile.IProfileContext; +import com.netscape.certsrv.profile.IProfileInput; +import com.netscape.certsrv.property.Descriptor; +import com.netscape.certsrv.property.IDescriptor; +import com.netscape.certsrv.request.IRequest; +import com.netscape.cms.profile.common.EnrollProfile; + + +/** + * This plugin accepts IEC 62351-8 IECUserRoles extension data from user. + */ +public class IECUserRolesExtInput extends EnrollInput implements IProfileInput { + public static final String VAL_USER_ROLES = "userRoles"; + public static final String VAL_OPERATION = "operation"; + public static final String VAL_STATUS_CHANGE_SEQ = "statusChangeSeq"; + + /** + * Retrieves the localizable name of this policy. + */ + public String getName(Locale locale) { + return CMS.getUserMessage(locale, "CMS_PROFILE_INPUT_IEC_USER_ROLES_EXT_NAME"); + } + + /** + * Retrieves the localizable description of this policy. + */ + public String getText(Locale locale) { + return CMS.getUserMessage(locale, "CMS_PROFILE_INPUT_IEC_USER_ROLES_EXT_TEXT"); + } + + public void populate(IProfileContext ctx, IRequest request) + throws EProfileException { + Vector roles = new Vector(); + String operation = ctx.get(VAL_OPERATION); + int op = 1; + IECUserRolesExtension ext = new IECUserRolesExtension(roles, op); + + CertificateExtensions exts = + request.getExtDataInCertExts(EnrollProfile.REQUEST_EXTENSIONS); + if (exts == null) { + throw new EProfileException("extensions not found"); + } + try { + exts.set(IECUserRolesExtension.OID, ext); + } catch (IOException e) { + CMS.debug("IECUserRolesExtInput: " + e.toString()); + throw new EProfileException("failed to set IECUserRoles extension"); + } + + request.setExtData(EnrollProfile.REQUEST_EXTENSIONS, exts); + } + + /** + * Return value names + */ + public Enumeration getValueNames() { + Vector v = new Vector(); + v.addElement(VAL_USER_ROLES); + v.addElement(VAL_OPERATION); + //v.addElement(VAL_STATUS_CHANGE_SEQ); + return v.elements(); + } + + /** + * Retrieves the descriptor of the given value + * parameter by name. + */ + public IDescriptor getValueDescriptor(Locale locale, String name) { + if (name.equals(VAL_USER_ROLES)) { + return new Descriptor(IDescriptor.STRING, null, null, + CMS.getUserMessage(locale, "CMS_PROFILE_INPUT_IEC_USER_ROLES_EXT_USER_ROLES")); + } else if (name.equals(VAL_OPERATION)) { + return new Descriptor(IDescriptor.STRING, null, null, + CMS.getUserMessage(locale, "CMS_PROFILE_INPUT_IEC_USER_ROLES_EXT_OPERATION")); + } else if (name.equals(VAL_STATUS_CHANGE_SEQ)) { + return new Descriptor(IDescriptor.INTEGER, null, null, + CMS.getUserMessage(locale, "CMS_PROFILE_INPUT_IEC_USER_ROLES_EXT_STATUS_CHANGE_SEQ")); + } + return null; + } +} diff --git a/base/server/cmsbundle/src/UserMessages.properties b/base/server/cmsbundle/src/UserMessages.properties index fe43094e6b2a0531502570bc626da557fc9061ae..ce7f950fc8d3612327483bfa10cd86378e693a7c 100644 --- a/base/server/cmsbundle/src/UserMessages.properties +++ b/base/server/cmsbundle/src/UserMessages.properties @@ -1074,6 +1074,11 @@ CMS_PROFILE_OUTPUT_CERT_B64=Certificate Base-64 Encoded CMS_PROFILE_OUTPUT_CMMF_B64=CMMF Base-64 Encoded CMS_PROFILE_OUTPUT_PKCS7_B64=PKCS #7 Base-64 Encoded CMS_PROFILE_OUTPUT_DER_B64=DER Base 64 Encoded +CMS_PROFILE_INPUT_IEC_USER_ROLES_EXT_NAME=IECUserRoles Extension Input +CMS_PROFILE_INPUT_IEC_USER_ROLES_EXT_TEXT=IECUserRoles Extension Input +CMS_PROFILE_INPUT_IEC_USER_ROLES_EXT_USER_ROLES=User Roles +CMS_PROFILE_INPUT_IEC_USER_ROLES_EXT_OPERATION=Operation (Add/Delete/Change) +CMS_PROFILE_INPUT_IEC_USER_ROLES_EXT_STATUS_CHANGE_SEQ=Status Change Sequence Number ####################################################### # Self Tests # -- 1.9.3