public IDescriptor getConfigDescriptor(Locale locale, String name) {
   if (name.equals(CONFIG_CRITICAL)) {
     return new Descriptor(
         IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_CRITICAL"));
   } else if (name.equals(CONFIG_OIDS)) {
     return new Descriptor(
         IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_OIDS"));
   }
   return null;
 }
 public IDescriptor getValueDescriptor(Locale locale, String name) {
   if (name.equals(VAL_CRITICAL)) {
     return new Descriptor(
         IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_CRITICAL"));
   } else if (name.equals(VAL_OIDS)) {
     return new Descriptor(
         IDescriptor.STRING_LIST, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_OIDS"));
   } else {
     return null;
   }
 }
  public String getValue(String name, Locale locale, X509CertInfo info) throws EPropertyException {
    if (name == null) {
      throw new EPropertyException(CMS.getUserMessage(locale, "CMS_INVALID_PROPERTY", name));
    }

    ExtendedKeyUsageExtension ext =
        (ExtendedKeyUsageExtension) getExtension(ExtendedKeyUsageExtension.OID, info);

    if (ext == null) {
      try {
        populate(null, info);

      } catch (EProfileException e) {
        throw new EPropertyException(CMS.getUserMessage(locale, "CMS_INVALID_PROPERTY", name));
      }
    }

    if (name.equals(VAL_CRITICAL)) {
      ext = (ExtendedKeyUsageExtension) getExtension(ExtendedKeyUsageExtension.OID, info);

      if (ext == null) {
        return null;
      }
      if (ext.isCritical()) {
        return "true";
      } else {
        return "false";
      }
    } else if (name.equals(VAL_OIDS)) {
      ext = (ExtendedKeyUsageExtension) getExtension(ExtendedKeyUsageExtension.OID, info);
      StringBuffer sb = new StringBuffer();
      if (ext == null) {
        return "";
      }
      Enumeration<ObjectIdentifier> e = ext.getOIDs();

      while (e.hasMoreElements()) {
        ObjectIdentifier oid = e.nextElement();

        if (!sb.toString().equals("")) {
          sb.append(",");
        }
        sb.append(oid.toString());
      }
      return sb.toString();
    } else {
      throw new EPropertyException(CMS.getUserMessage(locale, "CMS_INVALID_PROPERTY", name));
    }
  }
  public void setValue(String name, Locale locale, X509CertInfo info, String value)
      throws EPropertyException {
    ExtendedKeyUsageExtension ext = null;

    ext = (ExtendedKeyUsageExtension) getExtension(ExtendedKeyUsageExtension.OID, info);

    if (ext == null) {
      try {
        populate(null, info);

      } catch (EProfileException e) {
        throw new EPropertyException(CMS.getUserMessage(locale, "CMS_INVALID_PROPERTY", name));
      }
    }
    if (name == null) {
      throw new EPropertyException(CMS.getUserMessage(locale, "CMS_INVALID_PROPERTY", name));
    }
    if (name.equals(VAL_CRITICAL)) {
      ext = (ExtendedKeyUsageExtension) getExtension(ExtendedKeyUsageExtension.OID, info);
      boolean val = Boolean.valueOf(value).booleanValue();

      if (ext == null) {
        return;
      }
      ext.setCritical(val);
    } else if (name.equals(VAL_OIDS)) {
      ext = (ExtendedKeyUsageExtension) getExtension(ExtendedKeyUsageExtension.OID, info);
      //		ext.deleteAllOIDs();
      StringTokenizer st = new StringTokenizer(value, ",");

      if (ext == null) {
        return;
      }
      while (st.hasMoreTokens()) {
        String oid = st.nextToken();

        ext.addOID(new ObjectIdentifier(oid));
      }
    } else {
      throw new EPropertyException(CMS.getUserMessage(locale, "CMS_INVALID_PROPERTY", name));
    }
    try {
      replaceExtension(ExtendedKeyUsageExtension.OID, ext, info);
    } catch (EProfileException e) {
      CMS.debug("ExtendedKeyUsageExtDefault: setValue " + e.toString());
      throw new EPropertyException(CMS.getUserMessage(locale, "CMS_INVALID_PROPERTY", name));
    }
  }
Beispiel #5
0
  /**
   * Constructs a virtual list.
   *
   * <p>param registry the registry of attribute mappers param c the ldap connection. It has to be
   * version 3 and upper param base the base distinguished name to search from param filter search
   * filter specifying the search criteria param attrs list of attributes that you want returned in
   * the search results param sortKey the attribute to sort by param pageSize the size of a page.
   * There is a 3*pageSize buffer maintained so pageUp and pageDown won't invoke fetch from ldap
   * server
   */
  public DBVirtualList(
      IDBRegistry registry,
      LDAPConnection c,
      String base,
      String filter,
      String attrs[],
      String sortKey,
      int pageSize)
      throws EBaseException {

    CMS.debug(
        "In DBVirtualList filter attrs sortKey pageSize filter: "
            + filter
            + " attrs: "
            + Arrays.toString(attrs)
            + " pageSize "
            + pageSize);
    mRegistry = registry;
    mFilter = filter;
    try {
      mConn = (LDAPConnection) c.clone();
    } catch (Exception e) {
      throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", e.toString()));
    }
    mBase = base;
    mAttrs = attrs;
    mPageControls = new LDAPControl[2];
    setSortKey(sortKey);
    setPageSize(pageSize);
  }
Beispiel #6
0
 /**
  * Constructs a virtual list. Be sure to setPageSize() later if your pageSize is not the default
  * 10 Be sure to setSortKey() before fetchs
  *
  * <p>param registry the registry of attribute mappers param c the ldap connection. It has to be
  * version 3 and upper param base the base distinguished name to search from param filter search
  * filter specifying the search criteria param attrs list of attributes that you want returned in
  * the search results
  */
 public DBVirtualList(
     IDBRegistry registry, LDAPConnection c, String base, String filter, String attrs[])
     throws EBaseException {
   mRegistry = registry;
   mFilter = filter;
   mBase = base;
   mAttrs = attrs;
   CMS.debug(
       "In DBVirtualList filter attrs filter: " + filter + " attrs: " + Arrays.toString(attrs));
   mPageControls = new LDAPControl[2];
   try {
     mConn = (LDAPConnection) c.clone();
   } catch (Exception e) {
     throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", e.toString()));
   }
 }
Beispiel #7
0
  public DBVirtualList(
      IDBRegistry registry,
      LDAPConnection c,
      String base,
      String filter,
      String attrs[],
      String startFrom,
      String sortKey,
      int pageSize)
      throws EBaseException {

    CMS.debug(
        "In DBVirtualList filter attrs startFrom sortKey pageSize "
            + "filter: "
            + filter
            + " attrs: "
            + Arrays.toString(attrs)
            + " pageSize "
            + pageSize
            + " startFrom "
            + startFrom);
    mRegistry = registry;
    mFilter = filter;
    try {
      mConn = (LDAPConnection) c.clone();
    } catch (Exception e) {
      throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", e.toString()));
    }
    mBase = base;
    mAttrs = attrs;
    mPageControls = new LDAPControl[2];
    mJumpTo = startFrom;
    setSortKey(sortKey);
    // setPageSize(pageSize);

    if (pageSize < 0) {
      mJumpToDirection = -1;
    }
    mPageSize = pageSize;

    mBeforeCount = 0;
    mAfterCount = mPageSize;
  }
Beispiel #8
0
  /**
   * Process the HTTP request.
   *
   * <ul>
   *   <li>http.param recoveryID ID of request to recover
   * </ul>
   *
   * @param cmsReq the object holding the request and response information
   */
  public void process(CMSRequest cmsReq) throws EBaseException {

    HttpServletRequest req = cmsReq.getHttpReq();
    HttpServletResponse resp = cmsReq.getHttpResp();
    String auditMessage = null;
    String recoveryID = null;
    String agent = null;

    IAuthToken authToken = authenticate(cmsReq);

    AuthzToken authzToken = null;

    try {
      authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, "download");
    } catch (EAuthzAccessDenied e) {
      log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
    } catch (Exception e) {
      log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
    }

    if (authzToken == null) {
      cmsReq.setStatus(ICMSRequest.UNAUTHORIZED);
      return;
    }

    CMSTemplate form = null;
    Locale[] locale = new Locale[1];

    try {
      form = getTemplate(mFormPath, req, locale);
    } catch (IOException e) {
      log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", mFormPath, e.toString()));
      throw new ECMSGWException(CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"));
    }

    cmsReq.setStatus(ICMSRequest.SUCCESS);
    IArgBlock header = CMS.createArgBlock();
    IArgBlock fixed = CMS.createArgBlock();
    CMSTemplateParams argSet = new CMSTemplateParams(header, fixed);

    // get status and populate argSet
    try {
      recoveryID = req.getParameter("recoveryID");

      header.addStringValue("recoveryID", recoveryID);

      Hashtable<String, Object> params = mService.getRecoveryParams(recoveryID);

      if (params == null) {
        log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_NO_RECOVERY_TOKEN_FOUND_1", recoveryID));
        throw new ECMSGWException(CMS.getUserMessage("CMS_GW_NO_RECOVERY_TOKEN_FOUND", recoveryID));
      }

      // only the init DRM agent can get the pkcs12
      SessionContext sContext = SessionContext.getContext();
      if (sContext != null) {
        agent = (String) sContext.get(SessionContext.USER_ID);
      }

      if (agent == null) {
        CMS.debug("GetPk12::process() - agent is null!");
        throw new EBaseException("agent is null");
      }

      String initAgent = (String) params.get("agent");

      if (!agent.equals(initAgent)) {
        log(ILogger.LL_SECURITY, CMS.getLogMessage("CMSGW_INVALID_AGENT_3", recoveryID, initAgent));

        throw new ECMSGWException(
            CMS.getUserMessage("CMS_GW_INVALID_AGENT", agent, initAgent, recoveryID));
      }

      header.addStringValue("serialNumber", (String) params.get("keyID"));

      // got all approval, return pk12
      byte pkcs12[] = ((IKeyRecoveryAuthority) mService).getPk12(recoveryID);

      if (pkcs12 != null) {
        mService.destroyRecoveryParams(recoveryID);
        try {
          resp.setContentType("application/x-pkcs12");
          resp.getOutputStream().write(pkcs12);
          mRenderResult = false;

          auditMessage =
              CMS.getLogMessage(
                  LOGGING_SIGNED_AUDIT_PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS,
                  agent,
                  ILogger.SUCCESS,
                  recoveryID,
                  "");

          audit(auditMessage);

          return;
        } catch (IOException e) {
          header.addStringValue(
              OUT_ERROR, CMS.getUserMessage(locale[0], "CMS_BASE_INTERNAL_ERROR", e.toString()));
        }
      } else if (((IKeyRecoveryAuthority) mService).getError(recoveryID) != null) {
        // error in recovery process
        header.addStringValue(OUT_ERROR, ((IKeyRecoveryAuthority) mService).getError(recoveryID));
      } else {
        // pk12 hasn't been created yet. Shouldn't get here
      }
    } catch (EBaseException e) {
      header.addStringValue(OUT_ERROR, e.toString(locale[0]));
    }

    if ((agent != null) && (recoveryID != null)) {
      auditMessage =
          CMS.getLogMessage(
              LOGGING_SIGNED_AUDIT_PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE,
              agent,
              ILogger.FAILURE,
              recoveryID,
              "");

      audit(auditMessage);
    }

    try {
      ServletOutputStream out = resp.getOutputStream();

      resp.setContentType("text/html");
      form.renderOutput(out, argSet);
    } catch (IOException e) {
      log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_STREAM_TEMPLATE", e.toString()));
      throw new ECMSGWException(CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"));
    }

    cmsReq.setStatus(ICMSRequest.SUCCESS);
  }
  public String getText(Locale locale) {
    String params[] = {getConfig(CONFIG_CRITICAL), getConfig(CONFIG_OIDS)};

    return CMS.getUserMessage(locale, "CMS_PROFILE_DEF_EXTENDED_KEY_EXT", params);
  }