endentityprofile.java

一个免费的CA,基于EJB平台的,老师叫我们测试,现把之共享出来让大家参考

      }catch(Exception e){
          throw new UserDoesntFullfillEndEntityProfile("Error parsing end entity profile.");
      }
      if(availablecertprofiles == null)
           throw new UserDoesntFullfillEndEntityProfile("Error Available certificate profiles is null.");
      boolean found=false;
      for(int i=0; i < availablecertprofiles.length;i++){
          if( Integer.parseInt(availablecertprofiles[i]) == certificateprofileid)
              found=true;
      }
      
      if(!found)
          throw new UserDoesntFullfillEndEntityProfile("Couldn't find certificate profile ("+certificateprofileid+") among available certificate profiles.");

      // Check if tokentype is among available  token types.
      String[] availablesofttokentypes;
      try{
        availablesofttokentypes = getValue(AVAILKEYSTORE,0).split(SPLITCHAR);
      }catch(Exception e){
        throw new UserDoesntFullfillEndEntityProfile("Error parsing end entity profile.");
      }
      if(availablesofttokentypes == null)
          throw new UserDoesntFullfillEndEntityProfile("Error available  token types is null.");
      found=false;
      for(int i=0; i < availablesofttokentypes.length;i++){
          if( Integer.parseInt(availablesofttokentypes[i]) == tokentype)
              found=true;
      }

      // If soft token check for hardwaretoken issuer id = 0.
      if(tokentype <= SecConst.TOKEN_SOFT){
        if(hardwaretokenissuerid != 0)
           throw new UserDoesntFullfillEndEntityProfile("Soft tokens cannot have a hardware token issuer.");
      }
      // If Hard token type check if hardware token issuer is among available hardware token issuers.
      if(tokentype > SecConst.TOKEN_SOFT && getUse(AVAILTOKENISSUER, 0) ){ // Hardware token.
        String[] availablehardtokenissuers;
        try{
          availablehardtokenissuers = getValue(AVAILTOKENISSUER, 0).split(SPLITCHAR);
        }catch(Exception e){
          throw new UserDoesntFullfillEndEntityProfile("Error parsing end entity profile.");
        }
        if(availablehardtokenissuers == null)
            throw new UserDoesntFullfillEndEntityProfile("Error available hard token issuers is null.");
        found=false;
        for(int i=0; i < availablehardtokenissuers.length;i++){
            if( Integer.parseInt(availablehardtokenissuers[i]) == hardwaretokenissuerid)
                found=true;
        }
        
        if(!found)
            throw new UserDoesntFullfillEndEntityProfile("Couldn't find hard token issuers among available hard token issuers.");
      }
      
     // Check if ca id is among available ca ids.
      String[] availablecaids;
      try{
        availablecaids = getValue(AVAILCAS,0).split(SPLITCHAR);
      }catch(Exception e){
          throw new UserDoesntFullfillEndEntityProfile("Error parsing end entity profile.");
      }
      if(availablecaids == null)
          throw new UserDoesntFullfillEndEntityProfile("Error End Entity Profiles Available CAs is null.");
      found=false;
      for(int i=0; i < availablecaids.length;i++){
          int tmp = Integer.parseInt(availablecaids[i]);
          if( tmp == caid || tmp == SecConst.ALLCAS)
              found=true;
      }
      
      if(!found)
          throw new UserDoesntFullfillEndEntityProfile("Couldn't find CA among End Entity Profiles Available CAs.");      
    }
    
    public void doesPasswordFulfillEndEntityProfile(String password, boolean clearpwd)
      throws UserDoesntFullfillEndEntityProfile{
    	
		boolean fullfillsprofile = true;
		if(useAutoGeneratedPasswd()){
		  if(password !=null)
			throw new UserDoesntFullfillEndEntityProfile("Autogenerated password must have password==null");
		}else{           		            
		 if(!isModifyable(EndEntityProfile.PASSWORD,0)){
		   if(!password.equals(getValue(EndEntityProfile.PASSWORD,0)))		   
			 fullfillsprofile=false;
		 } 
		 else
		   if(isRequired(EndEntityProfile.PASSWORD,0)){
			 if((!clearpwd && password == null) || (password != null && password.trim().equals("")))			
			   fullfillsprofile=false;
		   }
		}
           
		 if(clearpwd && isRequired(EndEntityProfile.CLEARTEXTPASSWORD,0) && getValue(EndEntityProfile.CLEARTEXTPASSWORD,0).equals(EndEntityProfile.FALSE)){		 	
			 fullfillsprofile=false;
		 }
		 
		 if(!fullfillsprofile)
		   throw new UserDoesntFullfillEndEntityProfile("Password doesn't fullfill profile.");
    }

    public Object clone() throws CloneNotSupportedException {
      EndEntityProfile clone = new EndEntityProfile();
      HashMap clonedata = (HashMap) clone.saveData();

      Iterator i = (data.keySet()).iterator();
      while(i.hasNext()){
        Object key = i.next();
        clonedata.put(key,data.get(key));
      }

      clone.loadData(clonedata);
      return clone;
    }

    /** Implemtation of UpgradableDataHashMap function getLatestVersion */
    public float getLatestVersion(){
       return LATEST_VERSION;
    }

    /** Implemtation of UpgradableDataHashMap function upgrade. */

    public void upgrade() {
        log.debug(">upgrade");
    	if(Float.compare(LATEST_VERSION, getVersion()) != 0) {
			String msg = intres.getLocalizedMessage("ra.eeprofileupgrade", new Float(getVersion()));
            log.info(msg);
            // New version of the class, upgrade
            if(getVersion() < 1){
                ArrayList numberarray = (ArrayList)   data.get(NUMBERARRAY);
                while(numberarray.size() < 37){
                   numberarray.add(new Integer(0));
                }
                data.put(NUMBERARRAY,numberarray);
              }
            if(getVersion() < 2){
                ArrayList numberarray = (ArrayList)   data.get(NUMBERARRAY);
                while(numberarray.size() < 39){
                   numberarray.add(new Integer(0));
                }
                data.put(NUMBERARRAY,numberarray);
                
                addField(AVAILCAS);
                addField(DEFAULTCA);
                setRequired(AVAILCAS,0,true);
                setRequired(DEFAULTCA,0,true);
            }
            if(getVersion() < 3){
                setNotificationSubject("");
                setNotificationSender("");
                setNotificationMessage("");
            }
            
            if(getVersion() < 4){
                ArrayList numberoffields = (ArrayList)   data.get(NUMBERARRAY);                
                for(int i =numberoffields.size(); i < dataConstants.size(); i++){
                  numberoffields.add(new Integer(0));
                }               
                data.put(NUMBERARRAY,numberoffields);                
            }
            // Support for DirectoryName altname field in profile version 5
            if (getVersion() < 5) {
                addField(DnComponents.DIRECTORYNAME);
                setValue(DnComponents.DIRECTORYNAME,0,"");
                setRequired(DnComponents.DIRECTORYNAME,0,false);
                setUse(DnComponents.DIRECTORYNAME,0,true);
                setModifyable(DnComponents.DIRECTORYNAME,0,true);            	
            }
            // Support for Subject Directory Attributes field in profile version 6
            if (getVersion() < 6) {
                ArrayList numberoffields = (ArrayList)   data.get(NUMBERARRAY);                
                for(int i =numberoffields.size(); i < dataConstants.size(); i++){
                  numberoffields.add(new Integer(0));
                }               
                data.put(NUMBERARRAY,numberoffields);
                data.put(SUBJECTDIRATTRFIELDORDER,new ArrayList());
                
                for(int i=getParameterNumber(DnComponents.DATEOFBIRTH); i <= getParameterNumber(DnComponents.COUNTRYOFRESIDENCE); i++){
                	addField(getParameter(i));
                	setValue(getParameter(i),0,"");
                	setRequired(getParameter(i),0,false);
                	setUse(getParameter(i),0,false);
                	setModifyable(getParameter(i),0,true);
                }  

            }
            data.put(VERSION, new Float(LATEST_VERSION));
        }
        log.debug("<upgrade");
    }


    public static boolean isFieldImplemented(int field) {
    	String f = getParameter(field);
    	if (f == null) {
    		log.info("isFieldImplemented got call for non-implemented field: "+field);
    		return false;
    	}
    	return isFieldImplemented(f);
    }
    public static boolean isFieldImplemented(String field) {
    	boolean ret = true;
        if(field.equals(DnComponents.OTHERNAME) 
        		|| field.equals(DnComponents.X400ADDRESS) 
        		|| field.equals(DnComponents.EDIPARTNAME) 
        		|| field.equals(DnComponents.REGISTEREDID)) {
    		log.info("isFieldImplemented got call for non-implemented field: "+field);
        	ret = false;
        }
        return ret;
    }

	public static boolean isFieldOfType(int fieldNumber, String fieldString) {
		boolean ret = false;
		int number = getParameterNumber(fieldString);
		if (fieldNumber == number) {
			ret = true;
		}
		return ret;
	}


    //
    // Private Methods
    //

    
    /**
     * Used for both email and upn fields
     * 
     */
    private void checkIfDomainFullfillProfile(String field, int number, String nameAndDomain, String text) throws UserDoesntFullfillEndEntityProfile {
    	    	
    	if(!nameAndDomain.trim().equals("") && nameAndDomain.indexOf('@') == -1)
    		throw new UserDoesntFullfillEndEntityProfile("Invalid " + text + ". There must have '@' in the field.");
    	
    	String domain = nameAndDomain.substring(nameAndDomain.indexOf('@') + 1);    	    	
    	
        if(!getUse(field,number) && !nameAndDomain.trim().equals(""))
          throw new UserDoesntFullfillEndEntityProfile(text + " cannot be used in end entity profile.");
      
        if(!isModifyable(field,number) && !nameAndDomain.equals("")){
          String[] values;
          try{
            values = getValue(field, number).split(SPLITCHAR);
          }catch(Exception e){
            throw new UserDoesntFullfillEndEntityProfile("Error parsing end entity profile.");
          }
          boolean exists = false;
          for(int i = 0; i < values.length ; i++){
            if(domain.equals(values[i].trim()))
              exists = true;
          }
          if(!exists)
            throw new UserDoesntFullfillEndEntityProfile("Field " + text + " data didn't match requirement of end entity profile.");
        }
    }
    
    private void checkForIllegalChars(String str) throws UserDoesntFullfillEndEntityProfile {
    	if (StringTools.hasSqlStripChars(str)) {
    		throw new UserDoesntFullfillEndEntityProfile("Invalid " + str + ". Contains illegal characters.");    		
    	}    	
    }
    /**
     * Used for iso 3166 country codes
     * 
     */
    private void checkIfISO3166FullfillProfile(String field, int number, String country, String text) throws UserDoesntFullfillEndEntityProfile {
    	    	
    	if(!country.trim().equals("") && country.trim().length() != 2)
    		throw new UserDoesntFullfillEndEntityProfile("Invalid " + text + ". Must be of length two.");
    	
        if(!getUse(field,number) && !country.trim().equals(""))
          throw new UserDoesntFullfillEndEntityProfile(text + " cannot be used in end entity profile.");
      
        if(!isModifyable(field,number) && !country.trim().equals("")){
          String[] values;
          try{
            values = getValue(field, number).split(SPLITCHAR);
          }catch(Exception e){
            throw new UserDoesntFullfillEndEntityProfile("Error parsing end entity profile.");
          }
          boolean exists = false;
          for(int i = 0; i < values.length ; i++){
            if(country.equals(values[i].trim()))
              exists = true;
          }
          if(!exists)
            throw new UserDoesntFullfillEndEntityProfile("Field " + text + " data didn't match requirement of end entity profile.");
        }
    }
    
    /**
     * Used to check if it is an M or an F