com.netscape.cms.profile.common

Class EnrollProfile

java.lang.Object

com.netscape.cms.profile.common.BasicProfile

com.netscape.cms.profile.common.EnrollProfile

All Implemented Interfaces:

IEnrollProfile, IProfile

Direct Known Subclasses:

CAEnrollProfile

public abstract class EnrollProfile
extends BasicProfile
implements IEnrollProfile

This class implements a generic enrollment profile.

Version:

$Revision$, $Date$

Field Summary

Fields inherited from class com.netscape.cms.profile.common.BasicProfile

mAuthenticator, mAuthInstanceId, mAuthzAcl, mConfig, mId, mInputIds, mInputNames, mInputs, mOutputIds, mOutputs, mOwner, mPolicySet, mRegistry, mSignedAuditLogger, mUpdaterIds, mUpdaters, PROP_CLASS_ID, PROP_CONSTRAINT, PROP_DEFAULT, PROP_DESC, PROP_ENABLE, PROP_ENABLE_BY, PROP_GENERIC_EXT_DEFAULT, PROP_INPUT, PROP_INPUT_LIST, PROP_INSTANCE_ID, PROP_IS_RENEWAL, PROP_NAME, PROP_NO_CONSTRAINT, PROP_NO_DEFAULT, PROP_OUTPUT, PROP_OUTPUT_LIST, PROP_PARAMS, PROP_POLICY_LIST, PROP_UPDATER_LIST, PROP_VISIBLE, PROP_XML_OUTPUT

Fields inherited from interface com.netscape.certsrv.profile.IEnrollProfile

CTX_CERT_REQUEST, CTX_CERT_REQUEST_TYPE, CTX_RENEWAL, CTX_RENEWAL_SEQ_NUM, REQ_TYPE_CMC, REQ_TYPE_CRMF, REQ_TYPE_KEYGEN, REQ_TYPE_PKCS10, REQUEST_ALGORITHM_OID, REQUEST_ALGORITHM_PARAMS, REQUEST_ARCHIVE_OPTIONS, REQUEST_AUTHORITY_ID, REQUEST_CERTINFO, REQUEST_EXTENSIONS, REQUEST_ISSUED_CERT, REQUEST_KEY, REQUEST_LOCALE, REQUEST_SECURITY_DATA, REQUEST_SEQ_NUM, REQUEST_SESSION_KEY, REQUEST_SIGNING_ALGORITHM, REQUEST_SUBJECT_NAME, REQUEST_TRANSPORT_CERT, REQUEST_VALIDITY

Constructor Summary

Constructors

Constructor and Description
EnrollProfile()

Method Summary

Modifier and Type	Method and Description
protected java.lang.String	auditProfileID() Signed Audit Log Profile ID This method is inherited by all extended "EnrollProfile"s, and is called to obtain the "ProfileID" for a signed audit log message.
protected java.lang.String	auditRequesterID(IRequest request) Signed Audit Log Requester ID This method is inherited by all extended "EnrollProfile"s, and is called to obtain the "RequesterID" for a signed audit log message.
IProfileContext	createContext() Retrieves profile context.
IRequest	createEnrollmentRequest()
IRequest[]	createRequests(IProfileContext ctx, java.util.Locale locale) Creates request.
abstract void	execute(IRequest request) Process a request after validation.
void	fillCertReqMsg(java.util.Locale locale, org.mozilla.jss.pkix.crmf.CertReqMsg certReqMsg, netscape.security.x509.X509CertInfo info, IRequest req)
void	fillKeyGen(java.util.Locale locale, netscape.security.util.DerInputStream derIn, netscape.security.x509.X509CertInfo info, IRequest req)
void	fillNSHKEY(java.util.Locale locale, java.lang.String tcuid, java.lang.String skey, netscape.security.x509.X509CertInfo info, IRequest req)
void	fillNSNKEY(java.util.Locale locale, java.lang.String sn, java.lang.String skey, netscape.security.x509.X509CertInfo info, IRequest req)
void	fillPKCS10(java.util.Locale locale, netscape.security.pkcs.PKCS10 pkcs10, netscape.security.x509.X509CertInfo info, IRequest req)
void	fillTaggedRequest(java.util.Locale locale, org.mozilla.jss.pkix.cmc.TaggedRequest tagreq, netscape.security.x509.X509CertInfo info, IRequest req)
abstract IAuthority	getAuthority()
abstract netscape.security.x509.X500Name	getIssuerName()
java.util.Locale	getLocale(IRequest request)
protected org.mozilla.jss.pkix.crmf.PKIArchiveOptions	getPKIArchiveOptions(org.mozilla.jss.pkix.primitive.AVA ava)
java.lang.String	getPolicySetId(IRequest req) Perform simple policy set assignment.
java.lang.String	getRequestorDN(IRequest request) Retrieves a localized string that represents requestor's distinguished name.
IRequestQueue	getRequestQueue() Retrieves the request queue that is associated with this profile.
java.lang.String	normalizeCertReq(java.lang.String s)
org.mozilla.jss.pkix.cmc.TaggedRequest[]	parseCMC(java.util.Locale locale, java.lang.String certreq)
org.mozilla.jss.pkix.crmf.CertReqMsg[]	parseCRMF(java.util.Locale locale, java.lang.String certreq)
netscape.security.util.DerInputStream	parseKeyGen(java.util.Locale locale, java.lang.String certreq)
netscape.security.pkcs.PKCS10	parsePKCS10(java.util.Locale locale, java.lang.String certreq)
void	populate(IRequest request) Passes the request to the set of default policies that populate the profile information against the profile.
void	populateInput(IProfileContext ctx, IRequest request) Populate input
void	setDefaultCertInfo(IRequest req) Set Default X509CertInfo in the request.
void	submit(IAuthToken token, IRequest request) This method is called after the user submits the request from the end-entity page.
byte[]	toByteArray(org.mozilla.jss.pkix.crmf.PKIArchiveOptions options)
org.mozilla.jss.pkix.crmf.PKIArchiveOptions	toPKIArchiveOptions(byte[] options)
void	validate(IRequest request) Passes the request to the set of constraint policies that validate the request against the profile.
void	verifyPOP(java.util.Locale locale, org.mozilla.jss.pkix.crmf.CertReqMsg certReqMsg)

Methods inherited from class com.netscape.cms.profile.common.BasicProfile

addInputName, audit, auditSubjectID, createProfileInput, createProfileInput, createProfileOutput, createProfileOutput, createProfilePolicy, createProfilePolicy, deleteAllProfileInputs, deleteAllProfileOutputs, deleteAllProfilePolicies, deleteProfileInput, deleteProfileOutput, deleteProfilePolicy, getApprovedBy, getAuthenticator, getAuthenticatorId, getAuthzAcl, getConfigStore, getDescription, getId, getInput, getInputDescriptor, getInputNames, getName, getPolicies, getProfileInput, getProfileInputIds, getProfileOutput, getProfileOutputIds, getProfilePolicies, getProfilePolicy, getProfilePolicyIds, getProfilePolicySetIds, getProfileUpdater, getProfileUpdaterIds, init, isEnable, isRenewal, isVisible, isXmlOutput, setAuthenticatorId, setAuthzAcl, setDescription, setId, setInput, setName, setRenewal, setVisible, setXMLOutput

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.netscape.certsrv.profile.IProfile

createProfileInput, createProfileOutput, createProfilePolicy, deleteAllProfileInputs, deleteAllProfileOutputs, deleteAllProfilePolicies, deleteProfileInput, deleteProfileOutput, deleteProfilePolicy, getApprovedBy, getAuthenticator, getAuthenticatorId, getAuthzAcl, getConfigStore, getDescription, getId, getName, getProfileInput, getProfileInputIds, getProfileOutput, getProfileOutputIds, getProfilePolicies, getProfilePolicy, getProfilePolicyIds, getProfilePolicySetIds, init, isRenewal, isVisible, isXmlOutput, setAuthenticatorId, setAuthzAcl, setDescription, setId, setName, setRenewal, setVisible, setXMLOutput

Constructor Detail

EnrollProfile

public EnrollProfile()

Method Detail

getAuthority

public abstract IAuthority getAuthority()

getRequestQueue

public IRequestQueue getRequestQueue()

Description copied from interface: IProfile

Retrieves the request queue that is associated with this profile. The request queue is for creating new requests.

Specified by:

getRequestQueue in interface IProfile

Returns:

request queue

createContext

public IProfileContext createContext()

Description copied from interface: IProfile

Retrieves profile context. The context stores information about the requestor before the actual request is created.

Specified by:

createContext in interface IProfile

Specified by:

createContext in class BasicProfile

Returns:

profile context.

createRequests

public IRequest[] createRequests(IProfileContext ctx,
                                 java.util.Locale locale)
                          throws EProfileException

Creates request.

Specified by:

createRequests in interface IProfile

Specified by:

createRequests in class BasicProfile

Parameters:

ctx - profile context

locale - user locale

Returns:

a list of requests

Throws:

EProfileException - failed to create requests

getIssuerName

public abstract netscape.security.x509.X500Name getIssuerName()

setDefaultCertInfo

public void setDefaultCertInfo(IRequest req)
                        throws EProfileException

Description copied from interface: IEnrollProfile

Set Default X509CertInfo in the request.

Specified by:

setDefaultCertInfo in interface IEnrollProfile

Parameters:

req - profile-based certificate request.

Throws:

EProfileException - failed to set the X509CertInfo.

createEnrollmentRequest

public IRequest createEnrollmentRequest()
                                 throws EProfileException

Throws:

EProfileException

execute

public abstract void execute(IRequest request)
                      throws EProfileException

Description copied from interface: IProfile

Process a request after validation.

Specified by:

execute in interface IProfile

Overrides:

execute in class BasicProfile

Parameters:

request - request to be processed

Throws:

EProfileException - failed to process

getPolicySetId

public java.lang.String getPolicySetId(IRequest req)

Perform simple policy set assignment.

Specified by:

getPolicySetId in interface IProfile

Parameters:

req - request

Returns:

policy set id

getRequestorDN

public java.lang.String getRequestorDN(IRequest request)

Description copied from interface: IProfile

Retrieves a localized string that represents requestor's distinguished name. This string displayed in the request listing user interface.

Specified by:

getRequestorDN in interface IProfile

Overrides:

getRequestorDN in class BasicProfile

Parameters:

request - request

Returns:

distringuished name of the request owner

submit

public void submit(IAuthToken token,
                   IRequest request)
            throws EDeferException,
                   EProfileException

This method is called after the user submits the request from the end-entity page.

Specified by:

submit in interface IProfile

Parameters:

token - authentication token

request - request to be processed

Throws:

EDeferException - defer request

EProfileException - failed to submit

parseCMC

public org.mozilla.jss.pkix.cmc.TaggedRequest[] parseCMC(java.util.Locale locale,
                                                         java.lang.String certreq)
                                                  throws EProfileException

Throws:

EProfileException

fillTaggedRequest

public void fillTaggedRequest(java.util.Locale locale,
                              org.mozilla.jss.pkix.cmc.TaggedRequest tagreq,
                              netscape.security.x509.X509CertInfo info,
                              IRequest req)
                       throws EProfileException

Throws:

EProfileException

parseCRMF

public org.mozilla.jss.pkix.crmf.CertReqMsg[] parseCRMF(java.util.Locale locale,
                                                        java.lang.String certreq)
                                                 throws EProfileException

Throws:

EProfileException

getPKIArchiveOptions

protected org.mozilla.jss.pkix.crmf.PKIArchiveOptions getPKIArchiveOptions(org.mozilla.jss.pkix.primitive.AVA ava)

toPKIArchiveOptions

public org.mozilla.jss.pkix.crmf.PKIArchiveOptions toPKIArchiveOptions(byte[] options)

toByteArray

public byte[] toByteArray(org.mozilla.jss.pkix.crmf.PKIArchiveOptions options)

fillCertReqMsg

public void fillCertReqMsg(java.util.Locale locale,
                           org.mozilla.jss.pkix.crmf.CertReqMsg certReqMsg,
                           netscape.security.x509.X509CertInfo info,
                           IRequest req)
                    throws EProfileException

Throws:

EProfileException

parsePKCS10

public netscape.security.pkcs.PKCS10 parsePKCS10(java.util.Locale locale,
                                                 java.lang.String certreq)
                                          throws EProfileException

Throws:

EProfileException

fillPKCS10

public void fillPKCS10(java.util.Locale locale,
                       netscape.security.pkcs.PKCS10 pkcs10,
                       netscape.security.x509.X509CertInfo info,
                       IRequest req)
                throws EProfileException

Throws:

EProfileException

fillNSNKEY

public void fillNSNKEY(java.util.Locale locale,
                       java.lang.String sn,
                       java.lang.String skey,
                       netscape.security.x509.X509CertInfo info,
                       IRequest req)
                throws EProfileException

Throws:

EProfileException

fillNSHKEY

public void fillNSHKEY(java.util.Locale locale,
                       java.lang.String tcuid,
                       java.lang.String skey,
                       netscape.security.x509.X509CertInfo info,
                       IRequest req)
                throws EProfileException

Throws:

EProfileException

parseKeyGen

public netscape.security.util.DerInputStream parseKeyGen(java.util.Locale locale,
                                                         java.lang.String certreq)
                                                  throws EProfileException

Throws:

EProfileException

fillKeyGen

public void fillKeyGen(java.util.Locale locale,
                       netscape.security.util.DerInputStream derIn,
                       netscape.security.x509.X509CertInfo info,
                       IRequest req)
                throws EProfileException

Throws:

EProfileException

normalizeCertReq

public java.lang.String normalizeCertReq(java.lang.String s)

getLocale

public java.util.Locale getLocale(IRequest request)

populateInput

public void populateInput(IProfileContext ctx,
                          IRequest request)
                   throws EProfileException

Populate input

(either all "agent" profile cert requests NOT made through a connector, or all "EE" profile cert requests NOT made through a connector)

• signed.audit LOGGING_SIGNED_AUDIT_PROFILE_CERT_REQUEST used when a profile cert request is made (before approval process)

Specified by:

populateInput in interface IProfile

Overrides:

populateInput in class BasicProfile

Parameters:

ctx - profile context

request - the certificate request

Throws:

EProfileException - an error related to this profile has occurred

populate

public void populate(IRequest request)
              throws EProfileException

Description copied from class: BasicProfile

Passes the request to the set of default policies that populate the profile information against the profile.

Specified by:

populate in interface IProfile

Overrides:

populate in class BasicProfile

Parameters:

request - request

Throws:

EProfileException - failed to populate default values

validate

public void validate(IRequest request)
              throws ERejectException

Passes the request to the set of constraint policies that validate the request against the profile.

Specified by:

validate in interface IProfile

Overrides:

validate in class BasicProfile

Parameters:

request - request

Throws:

ERejectException - validation violation

auditRequesterID

protected java.lang.String auditRequesterID(IRequest request)

Signed Audit Log Requester ID This method is inherited by all extended "EnrollProfile"s, and is called to obtain the "RequesterID" for a signed audit log message.

Parameters:

request - the actual request

Returns:

id string containing the signed audit log message RequesterID

auditProfileID

protected java.lang.String auditProfileID()

Signed Audit Log Profile ID This method is inherited by all extended "EnrollProfile"s, and is called to obtain the "ProfileID" for a signed audit log message.

Returns:

id string containing the signed audit log message ProfileID

verifyPOP

public void verifyPOP(java.util.Locale locale,
                      org.mozilla.jss.pkix.crmf.CertReqMsg certReqMsg)
               throws EProfileException

Throws:

EProfileException