📄 certificateprofile.java
字号:
/************************************************************************* * * * EJBCA: The OpenSource Certificate Authority * * * * This software is free software; you can redistribute it and/or * * modify it under the terms of the GNU Lesser General Public * * License as published by the Free Software Foundation; either * * version 2.1 of the License, or any later version. * * * * See terms of license at gnu.org. * * * *************************************************************************/ package se.anatom.ejbca.ca.store.certificateprofiles;import java.io.Serializable;import java.util.ArrayList;import java.util.HashMap;import java.util.Iterator;import java.util.Collection;import org.apache.log4j.Logger;import se.anatom.ejbca.util.UpgradeableDataHashMap;import se.anatom.ejbca.SecConst;/** * CertificateProfile is a basic class used to customize a certificate * configuration or be inherited by fixed certificate profiles. * * @version $Id$ */public class CertificateProfile extends UpgradeableDataHashMap implements Serializable, Cloneable { private static Logger log = Logger.getLogger(CertificateProfile.class); // Default Values public static final float LATEST_VERSION = 8; /** KeyUsage constants */ public static final int DIGITALSIGNATURE = 0; public static final int NONREPUDIATION = 1; public static final int KEYENCIPHERMENT = 2; public static final int DATAENCIPHERMENT = 3; public static final int KEYAGREEMENT = 4; public static final int KEYCERTSIGN = 5; public static final int CRLSIGN = 6; public static final int ENCIPHERONLY = 7; public static final int DECIPHERONLY = 8; /** Extended key usage constants */ public static final int ANYEXTENDEDKEYUSAGE = 0; public static final int SERVERAUTH = 1; public static final int CLIENTAUTH = 2; public static final int CODESIGNING = 3; public static final int EMAILPROTECTION = 4; public static final int IPSECENDSYSTEM = 5; public static final int IPSECTUNNEL = 6; public static final int IPSECUSER = 7; public static final int TIMESTAMPING = 8; public static final int SMARTCARDLOGON = 9; public static final int OCSPSIGNING = 10; public static final String[] EXTENDEDKEYUSAGEOIDSTRINGS = {"1.3.6.1.5.5.7.3.0", "1.3.6.1.5.5.7.3.1", "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.5", "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7", "1.3.6.1.5.5.7.3.8", "1.3.6.1.4.1.311.20.2.2", "1.3.6.1.5.5.7.3.9"}; public static final String TRUE = "true"; public static final String FALSE = "false"; public static final int TYPE_ENDENTITY = SecConst.CERTTYPE_ENDENTITY; public static final int TYPE_SUBCA = SecConst.CERTTYPE_SUBCA; public static final int TYPE_ROOTCA = SecConst.CERTTYPE_ROOTCA; public static final int NUMBER_OF_TYPES = 3; /** Supported certificate versions. */ public final static String VERSION_X509V3 = "X509v3"; public final static String CERTIFICATEPROFILENAME = "CUSTOM"; /** Constant indicating that any CA can be used with this certificate profile.*/ public final static int ANYCA = -1; // protected fields. protected static final String CERTVERSION = "certversion"; protected static final String VALIDITY = "validity"; protected static final String USEBASICCONSTRAINTS = "usebasicconstrants"; protected static final String BASICCONSTRAINTSCRITICAL = "basicconstraintscritical"; protected static final String USEKEYUSAGE = "usekeyusage"; protected static final String KEYUSAGECRITICAL = "keyusagecritical"; protected static final String USESUBJECTKEYIDENTIFIER = "usesubjectkeyidentifier"; protected static final String SUBJECTKEYIDENTIFIERCRITICAL = "subjectkeyidentifiercritical"; protected static final String USEAUTHORITYKEYIDENTIFIER = "useauthoritykeyidentifier"; protected static final String AUTHORITYKEYIDENTIFIERCRITICAL = "authoritykeyidentifiercritical"; protected static final String USECRLNUMBER = "usecrlnumber"; protected static final String CRLNUMBERCRITICAL = "crlnumbercritical"; protected static final String USESUBJECTALTERNATIVENAME = "usesubjectalternativename"; protected static final String SUBJECTALTERNATIVENAMECRITICAL = "subjectalternativenamecritical"; protected static final String USECRLDISTRIBUTIONPOINT = "usecrldistributionpoint"; protected static final String CRLDISTRIBUTIONPOINTCRITICAL = "crldistributionpointcritical"; protected static final String CRLDISTRIBUTIONPOINTURI = "crldistributionpointuri"; protected static final String USECERTIFICATEPOLICIES = "usecertificatepolicies"; protected static final String CERTIFICATEPOLICIESCRITICAL = "certificatepoliciescritical"; protected static final String CERTIFICATEPOLICYID = "certificatepolicyid"; protected static final String AVAILABLEBITLENGTHS = "availablebitlengths"; protected static final String KEYUSAGE = "keyusage"; protected static final String MINIMUMAVAILABLEBITLENGTH = "minimumavailablebitlength"; protected static final String MAXIMUMAVAILABLEBITLENGTH = "maximumavailablebitlength"; public static final String TYPE = "type"; protected static final String ALLOWKEYUSAGEOVERRIDE = "allowkeyusageoverride"; protected static final String USEEXTENDEDKEYUSAGE = "useextendedkeyusage"; protected static final String EXTENDEDKEYUSAGE = "extendedkeyusage"; protected static final String EXTENDEDKEYUSAGECRITICAL = "extendedkeyusagecritical"; protected static final String AVAILABLECAS = "availablecas"; protected static final String USEDPUBLISHERS = "usedpublishers"; protected static final String USEOCSPSERVICELOCATOR = "useocspservicelocator"; protected static final String OCSPSERVICELOCATORURI = "ocspservicelocatoruri"; // Public Methods /** * Creates a new instance of CertificateProfile */ public CertificateProfile() { setCertificateVersion(VERSION_X509V3); setValidity(730); setUseBasicConstraints(true); setBasicConstraintsCritical(true); setUseSubjectKeyIdentifier(true); setSubjectKeyIdentifierCritical(false); setUseAuthorityKeyIdentifier(true); setAuthorityKeyIdentifierCritical(false); setUseSubjectAlternativeName(true); setSubjectAlternativeNameCritical(false); setUseCRLDistributionPoint(false); setCRLDistributionPointCritical(false); setCRLDistributionPointURI(""); setUseCertificatePolicies(false); setCertificatePoliciesCritical(false); setCertificatePolicyId("2.5.29.32.0"); setType(TYPE_ENDENTITY); int[] bitlengths = {512,1024,2048,4096}; setAvailableBitLengths(bitlengths); setUseKeyUsage(true); setKeyUsage(new boolean[9]); setAllowKeyUsageOverride(true); setKeyUsageCritical(true); setUseExtendedKeyUsage(false); setExtendedKeyUsage(new ArrayList()); setExtendedKeyUsageCritical(false); ArrayList availablecas = new ArrayList(); availablecas.add(new Integer(ANYCA)); setAvailableCAs(availablecas); setPublisherList(new ArrayList()); setUseOCSPServiceLocator(false); setOCSPServiceLocatorURI(""); } // Public Methods. /** Returns the version of the certificate, should be one of the VERSION_ constants defined in CertificateProfile class. */ public String getCertificateVersion(){return (String) data.get(CERTVERSION);} /** * Returns the version of the certificate, should be one of the VERSION_ constants defined in * CertificateProfile class. * * @return DOCUMENT ME! */ public void setCertificateVersion(String version){data.put(CERTVERSION,version);} public long getValidity(){return ((Long)data.get(VALIDITY)).longValue();} public void setValidity(long validity) { data.put(VALIDITY,new Long(validity));} public boolean getUseBasicConstraints(){ return ((Boolean)data.get(USEBASICCONSTRAINTS)).booleanValue(); } public void setUseBasicConstraints(boolean usebasicconstraints) {data.put(USEBASICCONSTRAINTS, Boolean.valueOf(usebasicconstraints));} public boolean getBasicConstraintsCritical(){ return ((Boolean) data.get(BASICCONSTRAINTSCRITICAL)).booleanValue(); } public void setBasicConstraintsCritical(boolean basicconstraintscritical) { data.put(BASICCONSTRAINTSCRITICAL, Boolean.valueOf(basicconstraintscritical));} public boolean getUseKeyUsage(){ return ((Boolean) data.get(USEKEYUSAGE)).booleanValue(); } public void setUseKeyUsage(boolean usekeyusage) { data.put(USEKEYUSAGE, Boolean.valueOf(usekeyusage));} public boolean getKeyUsageCritical(){ return ((Boolean) data.get(KEYUSAGECRITICAL)).booleanValue(); } public void setKeyUsageCritical(boolean keyusagecritical) { data.put(KEYUSAGECRITICAL, Boolean.valueOf(keyusagecritical));} public boolean getUseSubjectKeyIdentifier(){ return ((Boolean) data.get(USESUBJECTKEYIDENTIFIER)).booleanValue(); } public void setUseSubjectKeyIdentifier(boolean usesubjectkeyidentifier) { data.put(USESUBJECTKEYIDENTIFIER, Boolean.valueOf(usesubjectkeyidentifier));} public boolean getSubjectKeyIdentifierCritical(){ return ((Boolean) data.get(SUBJECTKEYIDENTIFIERCRITICAL)).booleanValue(); } public void setSubjectKeyIdentifierCritical(boolean subjectkeyidentifiercritical) { data.put(SUBJECTKEYIDENTIFIERCRITICAL, Boolean.valueOf(subjectkeyidentifiercritical));} public boolean getUseAuthorityKeyIdentifier(){ return ((Boolean) data.get(USEAUTHORITYKEYIDENTIFIER)).booleanValue(); } public void setUseAuthorityKeyIdentifier(boolean useauthoritykeyidentifier) { data.put(USEAUTHORITYKEYIDENTIFIER, Boolean.valueOf(useauthoritykeyidentifier));} public boolean getAuthorityKeyIdentifierCritical(){ return ((Boolean) data.get(AUTHORITYKEYIDENTIFIERCRITICAL)).booleanValue(); } public void setAuthorityKeyIdentifierCritical(boolean authoritykeyidentifiercritical) { data.put(AUTHORITYKEYIDENTIFIERCRITICAL, Boolean.valueOf(authoritykeyidentifiercritical));} public boolean getUseSubjectAlternativeName(){ return ((Boolean) data.get(USESUBJECTALTERNATIVENAME)).booleanValue(); } public void setUseSubjectAlternativeName(boolean usesubjectalternativename) { data.put(USESUBJECTALTERNATIVENAME, Boolean.valueOf(usesubjectalternativename));} public boolean getSubjectAlternativeNameCritical(){ return ((Boolean) data.get(SUBJECTALTERNATIVENAMECRITICAL)).booleanValue(); } public void setSubjectAlternativeNameCritical(boolean subjectalternativenamecritical) { data.put(SUBJECTALTERNATIVENAMECRITICAL, Boolean.valueOf(subjectalternativenamecritical));} public boolean getUseCRLDistributionPoint(){ return ((Boolean) data.get(USECRLDISTRIBUTIONPOINT)).booleanValue(); } public void setUseCRLDistributionPoint(boolean usecrldistributionpoint) { data.put(USECRLDISTRIBUTIONPOINT, Boolean.valueOf(usecrldistributionpoint));} public boolean getCRLDistributionPointCritical(){ return ((Boolean) data.get(CRLDISTRIBUTIONPOINTCRITICAL)).booleanValue(); } public void setCRLDistributionPointCritical(boolean crldistributionpointcritical) { data.put(CRLDISTRIBUTIONPOINTCRITICAL, Boolean.valueOf(crldistributionpointcritical));} public String getCRLDistributionPointURI(){ return (String) data.get(CRLDISTRIBUTIONPOINTURI); } public void setCRLDistributionPointURI(String crldistributionpointuri) { if(crldistributionpointuri==null) data.put(CRLDISTRIBUTIONPOINTURI,""); else data.put(CRLDISTRIBUTIONPOINTURI,crldistributionpointuri); } public boolean getUseCertificatePolicies() { return ((Boolean) data.get(USECERTIFICATEPOLICIES)).booleanValue(); } public void setUseCertificatePolicies(boolean usecertificatepolicies) { data.put(USECERTIFICATEPOLICIES, Boolean.valueOf(usecertificatepolicies));} public boolean getCertificatePoliciesCritical() { return ((Boolean) data.get(CERTIFICATEPOLICIESCRITICAL)).booleanValue(); } public void setCertificatePoliciesCritical(boolean certificatepoliciescritical) { data.put(CERTIFICATEPOLICIESCRITICAL, Boolean.valueOf(certificatepoliciescritical));}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -