public IDescriptor getConfigDescriptor(Locale locale, String name) {
if (name.equals(CONFIG_CRITICAL)) {
return new Descriptor(
IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_CRITICAL"));
} else if (name.equals(CONFIG_OIDS)) {
return new Descriptor(
IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_OIDS"));
}
return null;
}
public IDescriptor getValueDescriptor(Locale locale, String name) {
if (name.equals(VAL_CRITICAL)) {
return new Descriptor(
IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_CRITICAL"));
} else if (name.equals(VAL_OIDS)) {
return new Descriptor(
IDescriptor.STRING_LIST, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_OIDS"));
} else {
return null;
}
}
public String getValue(String name, Locale locale, X509CertInfo info) throws EPropertyException {
if (name == null) {
throw new EPropertyException(CMS.getUserMessage(locale, "CMS_INVALID_PROPERTY", name));
}
ExtendedKeyUsageExtension ext =
(ExtendedKeyUsageExtension) getExtension(ExtendedKeyUsageExtension.OID, info);
if (ext == null) {
try {
populate(null, info);
} catch (EProfileException e) {
throw new EPropertyException(CMS.getUserMessage(locale, "CMS_INVALID_PROPERTY", name));
}
}
if (name.equals(VAL_CRITICAL)) {
ext = (ExtendedKeyUsageExtension) getExtension(ExtendedKeyUsageExtension.OID, info);
if (ext == null) {
return null;
}
if (ext.isCritical()) {
return "true";
} else {
return "false";
}
} else if (name.equals(VAL_OIDS)) {
ext = (ExtendedKeyUsageExtension) getExtension(ExtendedKeyUsageExtension.OID, info);
StringBuffer sb = new StringBuffer();
if (ext == null) {
return "";
}
Enumeration<ObjectIdentifier> e = ext.getOIDs();
while (e.hasMoreElements()) {
ObjectIdentifier oid = e.nextElement();
if (!sb.toString().equals("")) {
sb.append(",");
}
sb.append(oid.toString());
}
return sb.toString();
} else {
throw new EPropertyException(CMS.getUserMessage(locale, "CMS_INVALID_PROPERTY", name));
}
}
public void setValue(String name, Locale locale, X509CertInfo info, String value)
throws EPropertyException {
ExtendedKeyUsageExtension ext = null;
ext = (ExtendedKeyUsageExtension) getExtension(ExtendedKeyUsageExtension.OID, info);
if (ext == null) {
try {
populate(null, info);
} catch (EProfileException e) {
throw new EPropertyException(CMS.getUserMessage(locale, "CMS_INVALID_PROPERTY", name));
}
}
if (name == null) {
throw new EPropertyException(CMS.getUserMessage(locale, "CMS_INVALID_PROPERTY", name));
}
if (name.equals(VAL_CRITICAL)) {
ext = (ExtendedKeyUsageExtension) getExtension(ExtendedKeyUsageExtension.OID, info);
boolean val = Boolean.valueOf(value).booleanValue();
if (ext == null) {
return;
}
ext.setCritical(val);
} else if (name.equals(VAL_OIDS)) {
ext = (ExtendedKeyUsageExtension) getExtension(ExtendedKeyUsageExtension.OID, info);
// ext.deleteAllOIDs();
StringTokenizer st = new StringTokenizer(value, ",");
if (ext == null) {
return;
}
while (st.hasMoreTokens()) {
String oid = st.nextToken();
ext.addOID(new ObjectIdentifier(oid));
}
} else {
throw new EPropertyException(CMS.getUserMessage(locale, "CMS_INVALID_PROPERTY", name));
}
try {
replaceExtension(ExtendedKeyUsageExtension.OID, ext, info);
} catch (EProfileException e) {
CMS.debug("ExtendedKeyUsageExtDefault: setValue " + e.toString());
throw new EPropertyException(CMS.getUserMessage(locale, "CMS_INVALID_PROPERTY", name));
}
}
/**
* Constructs a virtual list.
*
* <p>param registry the registry of attribute mappers param c the ldap connection. It has to be
* version 3 and upper param base the base distinguished name to search from param filter search
* filter specifying the search criteria param attrs list of attributes that you want returned in
* the search results param sortKey the attribute to sort by param pageSize the size of a page.
* There is a 3*pageSize buffer maintained so pageUp and pageDown won't invoke fetch from ldap
* server
*/
public DBVirtualList(
IDBRegistry registry,
LDAPConnection c,
String base,
String filter,
String attrs[],
String sortKey,
int pageSize)
throws EBaseException {
CMS.debug(
"In DBVirtualList filter attrs sortKey pageSize filter: "
+ filter
+ " attrs: "
+ Arrays.toString(attrs)
+ " pageSize "
+ pageSize);
mRegistry = registry;
mFilter = filter;
try {
mConn = (LDAPConnection) c.clone();
} catch (Exception e) {
throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", e.toString()));
}
mBase = base;
mAttrs = attrs;
mPageControls = new LDAPControl[2];
setSortKey(sortKey);
setPageSize(pageSize);
}
/**
* Constructs a virtual list. Be sure to setPageSize() later if your pageSize is not the default
* 10 Be sure to setSortKey() before fetchs
*
* <p>param registry the registry of attribute mappers param c the ldap connection. It has to be
* version 3 and upper param base the base distinguished name to search from param filter search
* filter specifying the search criteria param attrs list of attributes that you want returned in
* the search results
*/
public DBVirtualList(
IDBRegistry registry, LDAPConnection c, String base, String filter, String attrs[])
throws EBaseException {
mRegistry = registry;
mFilter = filter;
mBase = base;
mAttrs = attrs;
CMS.debug(
"In DBVirtualList filter attrs filter: " + filter + " attrs: " + Arrays.toString(attrs));
mPageControls = new LDAPControl[2];
try {
mConn = (LDAPConnection) c.clone();
} catch (Exception e) {
throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", e.toString()));
}
}
public DBVirtualList(
IDBRegistry registry,
LDAPConnection c,
String base,
String filter,
String attrs[],
String startFrom,
String sortKey,
int pageSize)
throws EBaseException {
CMS.debug(
"In DBVirtualList filter attrs startFrom sortKey pageSize "
+ "filter: "
+ filter
+ " attrs: "
+ Arrays.toString(attrs)
+ " pageSize "
+ pageSize
+ " startFrom "
+ startFrom);
mRegistry = registry;
mFilter = filter;
try {
mConn = (LDAPConnection) c.clone();
} catch (Exception e) {
throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", e.toString()));
}
mBase = base;
mAttrs = attrs;
mPageControls = new LDAPControl[2];
mJumpTo = startFrom;
setSortKey(sortKey);
// setPageSize(pageSize);
if (pageSize < 0) {
mJumpToDirection = -1;
}
mPageSize = pageSize;
mBeforeCount = 0;
mAfterCount = mPageSize;
}
/**
* Process the HTTP request.
*
* <ul>
* <li>http.param recoveryID ID of request to recover
* </ul>
*
* @param cmsReq the object holding the request and response information
*/
public void process(CMSRequest cmsReq) throws EBaseException {
HttpServletRequest req = cmsReq.getHttpReq();
HttpServletResponse resp = cmsReq.getHttpResp();
String auditMessage = null;
String recoveryID = null;
String agent = null;
IAuthToken authToken = authenticate(cmsReq);
AuthzToken authzToken = null;
try {
authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, "download");
} catch (EAuthzAccessDenied e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
} catch (Exception e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
}
if (authzToken == null) {
cmsReq.setStatus(ICMSRequest.UNAUTHORIZED);
return;
}
CMSTemplate form = null;
Locale[] locale = new Locale[1];
try {
form = getTemplate(mFormPath, req, locale);
} catch (IOException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", mFormPath, e.toString()));
throw new ECMSGWException(CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"));
}
cmsReq.setStatus(ICMSRequest.SUCCESS);
IArgBlock header = CMS.createArgBlock();
IArgBlock fixed = CMS.createArgBlock();
CMSTemplateParams argSet = new CMSTemplateParams(header, fixed);
// get status and populate argSet
try {
recoveryID = req.getParameter("recoveryID");
header.addStringValue("recoveryID", recoveryID);
Hashtable<String, Object> params = mService.getRecoveryParams(recoveryID);
if (params == null) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_NO_RECOVERY_TOKEN_FOUND_1", recoveryID));
throw new ECMSGWException(CMS.getUserMessage("CMS_GW_NO_RECOVERY_TOKEN_FOUND", recoveryID));
}
// only the init DRM agent can get the pkcs12
SessionContext sContext = SessionContext.getContext();
if (sContext != null) {
agent = (String) sContext.get(SessionContext.USER_ID);
}
if (agent == null) {
CMS.debug("GetPk12::process() - agent is null!");
throw new EBaseException("agent is null");
}
String initAgent = (String) params.get("agent");
if (!agent.equals(initAgent)) {
log(ILogger.LL_SECURITY, CMS.getLogMessage("CMSGW_INVALID_AGENT_3", recoveryID, initAgent));
throw new ECMSGWException(
CMS.getUserMessage("CMS_GW_INVALID_AGENT", agent, initAgent, recoveryID));
}
header.addStringValue("serialNumber", (String) params.get("keyID"));
// got all approval, return pk12
byte pkcs12[] = ((IKeyRecoveryAuthority) mService).getPk12(recoveryID);
if (pkcs12 != null) {
mService.destroyRecoveryParams(recoveryID);
try {
resp.setContentType("application/x-pkcs12");
resp.getOutputStream().write(pkcs12);
mRenderResult = false;
auditMessage =
CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS,
agent,
ILogger.SUCCESS,
recoveryID,
"");
audit(auditMessage);
return;
} catch (IOException e) {
header.addStringValue(
OUT_ERROR, CMS.getUserMessage(locale[0], "CMS_BASE_INTERNAL_ERROR", e.toString()));
}
} else if (((IKeyRecoveryAuthority) mService).getError(recoveryID) != null) {
// error in recovery process
header.addStringValue(OUT_ERROR, ((IKeyRecoveryAuthority) mService).getError(recoveryID));
} else {
// pk12 hasn't been created yet. Shouldn't get here
}
} catch (EBaseException e) {
header.addStringValue(OUT_ERROR, e.toString(locale[0]));
}
if ((agent != null) && (recoveryID != null)) {
auditMessage =
CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE,
agent,
ILogger.FAILURE,
recoveryID,
"");
audit(auditMessage);
}
try {
ServletOutputStream out = resp.getOutputStream();
resp.setContentType("text/html");
form.renderOutput(out, argSet);
} catch (IOException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_STREAM_TEMPLATE", e.toString()));
throw new ECMSGWException(CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"));
}
cmsReq.setStatus(ICMSRequest.SUCCESS);
}
public String getText(Locale locale) {
String params[] = {getConfig(CONFIG_CRITICAL), getConfig(CONFIG_OIDS)};
return CMS.getUserMessage(locale, "CMS_PROFILE_DEF_EXTENDED_KEY_EXT", params);
}