com.netscape.cms.profile.common
Class EnrollProfile

java.lang.Object
  extended by com.netscape.cms.profile.common.BasicProfile
      extended by com.netscape.cms.profile.common.EnrollProfile
All Implemented Interfaces:
IEnrollProfile, IProfile
Direct Known Subclasses:
CAEnrollProfile, RAEnrollProfile

public abstract class EnrollProfile
extends BasicProfile
implements IEnrollProfile

This class implements a generic enrollment profile.

Version:
$Revision: 1259 $, $Date: 2010-09-02 20:05:03 -0700 (Thu, 02 Sep 2010) $

Field Summary
 
Fields inherited from class com.netscape.cms.profile.common.BasicProfile
mAuthenticator, mAuthInstanceId, mAuthzAcl, mConfig, mId, mInputIds, mInputNames, mInputs, mOutputIds, mOutputs, mOwner, mPolicySet, mRegistry, mSignedAuditLogger, mUpdaterIds, mUpdaters, PROP_CLASS_ID, PROP_CONSTRAINT, PROP_DEFAULT, PROP_DESC, PROP_ENABLE, PROP_ENABLE_BY, PROP_GENERIC_EXT_DEFAULT, PROP_INPUT, PROP_INPUT_LIST, PROP_INSTANCE_ID, PROP_IS_RENEWAL, PROP_NAME, PROP_NO_CONSTRAINT, PROP_NO_DEFAULT, PROP_OUTPUT, PROP_OUTPUT_LIST, PROP_PARAMS, PROP_POLICY_LIST, PROP_UPDATER_LIST, PROP_VISIBLE, PROP_XML_OUTPUT
 
Fields inherited from interface com.netscape.certsrv.profile.IEnrollProfile
CTX_CERT_REQUEST, CTX_CERT_REQUEST_TYPE, CTX_RENEWAL, CTX_RENEWAL_SEQ_NUM, REQ_TYPE_CMC, REQ_TYPE_CRMF, REQ_TYPE_KEYGEN, REQ_TYPE_PKCS10, REQUEST_ARCHIVE_OPTIONS, REQUEST_CERTINFO, REQUEST_EXTENSIONS, REQUEST_ISSUED_CERT, REQUEST_KEY, REQUEST_LOCALE, REQUEST_SEQ_NUM, REQUEST_SIGNING_ALGORITHM, REQUEST_SUBJECT_NAME, REQUEST_VALIDITY
 
Constructor Summary
EnrollProfile()
           
 
Method Summary
protected  java.lang.String auditProfileID()
          Signed Audit Log Profile ID This method is inherited by all extended "EnrollProfile"s, and is called to obtain the "ProfileID" for a signed audit log message.
protected  java.lang.String auditRequesterID(IRequest request)
          Signed Audit Log Requester ID This method is inherited by all extended "EnrollProfile"s, and is called to obtain the "RequesterID" for a signed audit log message.
 IProfileContext createContext()
          Retrieves profile context.
 IRequest createEnrollmentRequest()
           
 IRequest[] createRequests(IProfileContext context, java.util.Locale locale)
          Creates request.
abstract  void execute(IRequest request)
          Process a request after validation.
 void fillCertReqMsg(java.util.Locale locale, org.mozilla.jss.pkix.crmf.CertReqMsg certReqMsg, netscape.security.x509.X509CertInfo info, IRequest req)
           
 void fillKeyGen(java.util.Locale locale, netscape.security.util.DerInputStream derIn, netscape.security.x509.X509CertInfo info, IRequest req)
           
 void fillNSHKEY(java.util.Locale locale, java.lang.String tcuid, java.lang.String skey, netscape.security.x509.X509CertInfo info, IRequest req)
           
 void fillNSNKEY(java.util.Locale locale, java.lang.String sn, java.lang.String skey, netscape.security.x509.X509CertInfo info, IRequest req)
           
 void fillPKCS10(java.util.Locale locale, netscape.security.pkcs.PKCS10 pkcs10, netscape.security.x509.X509CertInfo info, IRequest req)
           
 void fillTaggedRequest(java.util.Locale locale, org.mozilla.jss.pkix.cmc.TaggedRequest tagreq, netscape.security.x509.X509CertInfo info, IRequest req)
           
abstract  IAuthority getAuthority()
           
abstract  netscape.security.x509.X500Name getIssuerName()
           
 java.util.Locale getLocale(IRequest request)
           
protected  org.mozilla.jss.pkix.crmf.PKIArchiveOptions getPKIArchiveOptions(org.mozilla.jss.pkix.primitive.AVA ava)
           
 java.lang.String getPolicySetId(IRequest req)
          Perform simple policy set assignment.
 java.lang.String getRequestorDN(IRequest request)
          Retrieves a localized string that represents requestor's distinguished name.
 IRequestQueue getRequestQueue()
          Retrieves the request queue that is associated with this profile.
 java.lang.String normalizeCertReq(java.lang.String s)
           
 org.mozilla.jss.pkix.cmc.TaggedRequest[] parseCMC(java.util.Locale locale, java.lang.String certreq)
           
 org.mozilla.jss.pkix.crmf.CertReqMsg[] parseCRMF(java.util.Locale locale, java.lang.String certreq)
           
 netscape.security.util.DerInputStream parseKeyGen(java.util.Locale locale, java.lang.String certreq)
           
 netscape.security.pkcs.PKCS10 parsePKCS10(java.util.Locale locale, java.lang.String certreq)
           
 void populate(IRequest request)
          Passes the request to the set of default policies that populate the profile information against the profile.
 void populateInput(IProfileContext ctx, IRequest request)
          Populate input
 void setDefaultCertInfo(IRequest req)
          Set Default X509CertInfo in the request.
 void submit(IAuthToken token, IRequest request)
          This method is called after the user submits the request from the end-entity page.
 byte[] toByteArray(org.mozilla.jss.pkix.crmf.PKIArchiveOptions options)
           
 org.mozilla.jss.pkix.crmf.PKIArchiveOptions toPKIArchiveOptions(byte[] options)
           
 void validate(IRequest request)
          Passes the request to the set of constraint policies that validate the request against the profile.
 void verifyPOP(java.util.Locale locale, org.mozilla.jss.pkix.crmf.CertReqMsg certReqMsg)
           
 
Methods inherited from class com.netscape.cms.profile.common.BasicProfile
addInputName, audit, auditSubjectID, createProfileInput, createProfileInput, createProfileOutput, createProfileOutput, createProfilePolicy, createProfilePolicy, deleteProfileInput, deleteProfileOutput, deleteProfilePolicy, getApprovedBy, getAuthenticator, getAuthenticatorId, getAuthzAcl, getConfigStore, getDescription, getId, getInput, getInputDescriptor, getInputNames, getName, getPolicies, getProfileInput, getProfileInputIds, getProfileOutput, getProfileOutputIds, getProfilePolicies, getProfilePolicy, getProfilePolicyIds, getProfilePolicySetIds, getProfileUpdater, getProfileUpdaterIds, init, isEnable, isRenewal, isVisible, isXmlOutput, setAuthenticatorId, setDescription, setId, setInput, setName, setVisible
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface com.netscape.certsrv.profile.IProfile
createProfileInput, createProfileOutput, createProfilePolicy, deleteProfileInput, deleteProfileOutput, deleteProfilePolicy, getApprovedBy, getAuthenticator, getAuthenticatorId, getAuthzAcl, getConfigStore, getDescription, getId, getName, getProfileInput, getProfileInputIds, getProfileOutput, getProfileOutputIds, getProfilePolicies, getProfilePolicy, getProfilePolicyIds, getProfilePolicySetIds, init, isRenewal, isVisible, isXmlOutput, setAuthenticatorId, setDescription, setId, setName, setVisible
 

Constructor Detail

EnrollProfile

public EnrollProfile()
Method Detail

getAuthority

public abstract IAuthority getAuthority()

getRequestQueue

public IRequestQueue getRequestQueue()
Description copied from interface: IProfile
Retrieves the request queue that is associated with this profile. The request queue is for creating new requests.

Specified by:
getRequestQueue in interface IProfile
Returns:
request queue

createContext

public IProfileContext createContext()
Description copied from interface: IProfile
Retrieves profile context. The context stores information about the requestor before the actual request is created.

Specified by:
createContext in interface IProfile
Specified by:
createContext in class BasicProfile
Returns:
profile context.

createRequests

public IRequest[] createRequests(IProfileContext context,
                                 java.util.Locale locale)
                          throws EProfileException
Creates request.

Specified by:
createRequests in interface IProfile
Specified by:
createRequests in class BasicProfile
Parameters:
context - profile context
locale - user locale
Returns:
a list of requests
Throws:
EProfileException - failed to create requests

getIssuerName

public abstract netscape.security.x509.X500Name getIssuerName()

setDefaultCertInfo

public void setDefaultCertInfo(IRequest req)
                        throws EProfileException
Description copied from interface: IEnrollProfile
Set Default X509CertInfo in the request.

Specified by:
setDefaultCertInfo in interface IEnrollProfile
Parameters:
req - profile-based certificate request.
Throws:
EProfileException - failed to set the X509CertInfo.

createEnrollmentRequest

public IRequest createEnrollmentRequest()
                                 throws EProfileException
Throws:
EProfileException

execute

public abstract void execute(IRequest request)
                      throws EProfileException
Description copied from interface: IProfile
Process a request after validation.

Specified by:
execute in interface IProfile
Overrides:
execute in class BasicProfile
Parameters:
request - request to be processed
Throws:
EProfileException - failed to process

getPolicySetId

public java.lang.String getPolicySetId(IRequest req)
Perform simple policy set assignment.

Specified by:
getPolicySetId in interface IProfile
Parameters:
req - request
Returns:
policy set id

getRequestorDN

public java.lang.String getRequestorDN(IRequest request)
Description copied from interface: IProfile
Retrieves a localized string that represents requestor's distinguished name. This string displayed in the request listing user interface.

Specified by:
getRequestorDN in interface IProfile
Overrides:
getRequestorDN in class BasicProfile
Parameters:
request - request
Returns:
distringuished name of the request owner

submit

public void submit(IAuthToken token,
                   IRequest request)
            throws EDeferException,
                   EProfileException
This method is called after the user submits the request from the end-entity page.

Specified by:
submit in interface IProfile
Parameters:
token - authentication token
request - request to be processed
Throws:
EDeferException - defer request
EProfileException - failed to submit

parseCMC

public org.mozilla.jss.pkix.cmc.TaggedRequest[] parseCMC(java.util.Locale locale,
                                                         java.lang.String certreq)
                                                  throws EProfileException
Throws:
EProfileException

fillTaggedRequest

public void fillTaggedRequest(java.util.Locale locale,
                              org.mozilla.jss.pkix.cmc.TaggedRequest tagreq,
                              netscape.security.x509.X509CertInfo info,
                              IRequest req)
                       throws EProfileException
Throws:
EProfileException

parseCRMF

public org.mozilla.jss.pkix.crmf.CertReqMsg[] parseCRMF(java.util.Locale locale,
                                                        java.lang.String certreq)
                                                 throws EProfileException
Throws:
EProfileException

getPKIArchiveOptions

protected org.mozilla.jss.pkix.crmf.PKIArchiveOptions getPKIArchiveOptions(org.mozilla.jss.pkix.primitive.AVA ava)

toPKIArchiveOptions

public org.mozilla.jss.pkix.crmf.PKIArchiveOptions toPKIArchiveOptions(byte[] options)

toByteArray

public byte[] toByteArray(org.mozilla.jss.pkix.crmf.PKIArchiveOptions options)

fillCertReqMsg

public void fillCertReqMsg(java.util.Locale locale,
                           org.mozilla.jss.pkix.crmf.CertReqMsg certReqMsg,
                           netscape.security.x509.X509CertInfo info,
                           IRequest req)
                    throws EProfileException
Throws:
EProfileException

parsePKCS10

public netscape.security.pkcs.PKCS10 parsePKCS10(java.util.Locale locale,
                                                 java.lang.String certreq)
                                          throws EProfileException
Throws:
EProfileException

fillPKCS10

public void fillPKCS10(java.util.Locale locale,
                       netscape.security.pkcs.PKCS10 pkcs10,
                       netscape.security.x509.X509CertInfo info,
                       IRequest req)
                throws EProfileException
Throws:
EProfileException

fillNSNKEY

public void fillNSNKEY(java.util.Locale locale,
                       java.lang.String sn,
                       java.lang.String skey,
                       netscape.security.x509.X509CertInfo info,
                       IRequest req)
                throws EProfileException
Throws:
EProfileException

fillNSHKEY

public void fillNSHKEY(java.util.Locale locale,
                       java.lang.String tcuid,
                       java.lang.String skey,
                       netscape.security.x509.X509CertInfo info,
                       IRequest req)
                throws EProfileException
Throws:
EProfileException

parseKeyGen

public netscape.security.util.DerInputStream parseKeyGen(java.util.Locale locale,
                                                         java.lang.String certreq)
                                                  throws EProfileException
Throws:
EProfileException

fillKeyGen

public void fillKeyGen(java.util.Locale locale,
                       netscape.security.util.DerInputStream derIn,
                       netscape.security.x509.X509CertInfo info,
                       IRequest req)
                throws EProfileException
Throws:
EProfileException

normalizeCertReq

public java.lang.String normalizeCertReq(java.lang.String s)

getLocale

public java.util.Locale getLocale(IRequest request)

populateInput

public void populateInput(IProfileContext ctx,
                          IRequest request)
                   throws EProfileException
Populate input

(either all "agent" profile cert requests NOT made through a connector, or all "EE" profile cert requests NOT made through a connector)

Specified by:
populateInput in interface IProfile
Overrides:
populateInput in class BasicProfile
Parameters:
ctx - profile context
request - the certificate request
Throws:
EProfileException - an error related to this profile has occurred

populate

public void populate(IRequest request)
              throws EProfileException
Description copied from class: BasicProfile
Passes the request to the set of default policies that populate the profile information against the profile.

Specified by:
populate in interface IProfile
Overrides:
populate in class BasicProfile
Parameters:
request - request
Throws:
EProfileException - failed to populate default values

validate

public void validate(IRequest request)
              throws ERejectException
Passes the request to the set of constraint policies that validate the request against the profile.

Specified by:
validate in interface IProfile
Overrides:
validate in class BasicProfile
Parameters:
request - request
Throws:
ERejectException - validation violation

auditRequesterID

protected java.lang.String auditRequesterID(IRequest request)
Signed Audit Log Requester ID This method is inherited by all extended "EnrollProfile"s, and is called to obtain the "RequesterID" for a signed audit log message.

Parameters:
request - the actual request
Returns:
id string containing the signed audit log message RequesterID

auditProfileID

protected java.lang.String auditProfileID()
Signed Audit Log Profile ID This method is inherited by all extended "EnrollProfile"s, and is called to obtain the "ProfileID" for a signed audit log message.

Returns:
id string containing the signed audit log message ProfileID

verifyPOP

public void verifyPOP(java.util.Locale locale,
                      org.mozilla.jss.pkix.crmf.CertReqMsg certReqMsg)
               throws EProfileException
Throws:
EProfileException