|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.netscape.cms.profile.constraint.EnrollConstraint
com.netscape.cms.profile.constraint.UniqueKeyConstraint
public class UniqueKeyConstraint
This constraint is to check for publickey uniqueness. The config param "allowSameKeyRenewal" enables the situation where if the publickey is not unique, and if the subject DN is the same, that is a "renewal". Another "feature" that is quoted out of this code is the "revokeDupKeyCert" option, which enables the revocation of certs that bear the same publickey as the enrolling request. Since this can potentially be abused, it is taken out and preserved in comments to allow future refinement.
Field Summary | |
---|---|
static java.lang.String |
CONFIG_ALLOW_SAME_KEY_RENEWAL
|
ICertificateAuthority |
mCA
|
Fields inherited from class com.netscape.cms.profile.constraint.EnrollConstraint |
---|
CONFIG_NAME, mConfig, mConfigNames |
Constructor Summary | |
---|---|
UniqueKeyConstraint()
|
Method Summary | |
---|---|
static java.lang.String |
escapeBinaryData(byte[] data)
|
IDescriptor |
getConfigDescriptor(java.util.Locale locale,
java.lang.String name)
Returns the descriptors of configuration parameter. |
java.lang.String |
getDefaultConfig(java.lang.String name)
|
java.lang.String |
getText(java.util.Locale locale)
make a CRL entry from a serial number and revocation reason. |
void |
init(IProfile profile,
IConfigStore config)
Initializes this constraint policy. |
boolean |
isApplicable(IPolicyDefault def)
Checks if this constraint is applicable to the given default policy. |
void |
validate(IRequest request,
netscape.security.x509.X509CertInfo info)
Validates the request. |
Methods inherited from class com.netscape.cms.profile.constraint.EnrollConstraint |
---|
addConfigName, getBoolean, getConfig, getConfigBoolean, getConfigInt, getConfigNames, getConfigStore, getExtension, getInt, getLocale, getName, getValueDescriptor, isOptional, setConfig, validate |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final java.lang.String CONFIG_ALLOW_SAME_KEY_RENEWAL
public ICertificateAuthority mCA
Constructor Detail |
---|
public UniqueKeyConstraint()
Method Detail |
---|
public void init(IProfile profile, IConfigStore config) throws EProfileException
IPolicyConstraint
init
in interface IPolicyConstraint
init
in class EnrollConstraint
profile
- owner of this policyconfig
- configuration store for this constraint
EProfileException
- failed to initializepublic IDescriptor getConfigDescriptor(java.util.Locale locale, java.lang.String name)
IConfigTemplate
getConfigDescriptor
in interface IConfigTemplate
getConfigDescriptor
in class EnrollConstraint
locale
- user localename
- configuration parameter name
public java.lang.String getDefaultConfig(java.lang.String name)
public void validate(IRequest request, netscape.security.x509.X509CertInfo info) throws ERejectException
validate
in class EnrollConstraint
request
- enrollment requestinfo
- certificate template
ERejectException
- request is rejected due
to violation of constraintpublic java.lang.String getText(java.util.Locale locale)
getText
in interface IPolicyConstraint
getText
in class EnrollConstraint
locale
- locale of the end-user
public static java.lang.String escapeBinaryData(byte[] data)
public boolean isApplicable(IPolicyDefault def)
IPolicyConstraint
isApplicable
in interface IPolicyConstraint
isApplicable
in class EnrollConstraint
def
- default policy to be checked
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |