com.netscape.cms.policy.extensions
Class AuthorityKeyIdentifierExt

java.lang.Object
  extended by com.netscape.cms.policy.APolicyRule
      extended by com.netscape.cms.policy.extensions.AuthorityKeyIdentifierExt
All Implemented Interfaces:
IExtendedPluginInfo, IEnrollmentPolicy, IPolicyRule, IPolicy

Deprecated.

public class AuthorityKeyIdentifierExt
extends APolicyRule
implements IEnrollmentPolicy, IExtendedPluginInfo

Authority Public Key Extension Policy Adds the subject public key id extension to certificates.

 NOTE:  The Policy Framework has been replaced by the Profile Framework.
 

Version:
$Revision: 1226 $, $Date: 2010-08-19 14:16:41 -0700 (Thu, 19 Aug 2010) $

Field Summary
protected static java.lang.String ALT_KEYID_TYPE_EMPTY
          Deprecated.  
protected static java.lang.String ALT_KEYID_TYPE_NONE
          Deprecated.  
protected static java.lang.String ALT_KEYID_TYPE_SPKISHA1
          Deprecated.  
protected static java.lang.String DEF_ALT_KEYID_TYPE
          Deprecated.  
protected static boolean DEF_CRITICAL
          Deprecated.  
protected  java.lang.String mAltKeyIdType
          Deprecated.  
protected  IConfigStore mConfig
          Deprecated.  
protected  boolean mCritical
          Deprecated.  
protected static java.util.Vector mDefaultParams
          Deprecated.  
protected  boolean mEnabled
          Deprecated.  
protected  java.util.Vector mInstanceParams
          Deprecated.  
protected  netscape.security.x509.AuthorityKeyIdentifierExtension mTheExtension
          Deprecated.  
protected static java.lang.String PROP_ALT_KEYID_TYPE
          Deprecated.  
protected static java.lang.String PROP_CRITICAL
          Deprecated.  
 
Fields inherited from class com.netscape.cms.policy.APolicyRule
DESC, mFilterExp, mInstanceName, mLogger, NAME
 
Fields inherited from interface com.netscape.certsrv.policy.IPolicyRule
PROP_ENABLE, PROP_IMPLNAME, PROP_PREDICATE
 
Fields inherited from interface com.netscape.certsrv.base.IExtendedPluginInfo
HELP_TEXT, HELP_TOKEN
 
Constructor Summary
AuthorityKeyIdentifierExt()
          Deprecated.  
 
Method Summary
 PolicyResult apply(IRequest req)
          Deprecated. Adds Authority Key Identifier Extension to a certificate.
 PolicyResult applyCert(IRequest req, netscape.security.x509.X509CertInfo certInfo)
          Deprecated.  
protected  netscape.security.x509.KeyIdentifier formKeyIdentifier(netscape.security.x509.X509CertImpl caCertImpl)
          Deprecated. Form the Key Identifier in the Authority Key Identifier extension.
 java.util.Vector getDefaultParams()
          Deprecated. Return default parameters for a policy implementation.
 java.lang.String[] getExtendedPluginInfo(java.util.Locale locale)
          Deprecated. This method returns an array of strings.
 java.util.Vector getInstanceParams()
          Deprecated. Return configured parameters for a policy rule instance.
protected  netscape.security.x509.KeyIdentifier getKeyIdentifier(netscape.security.x509.X509CertInfo certInfo)
          Deprecated. Get the Key Identifier in a subject key identifier extension from a CertInfo.
 void init(ISubsystem owner, IConfigStore config)
          Deprecated. Initializes this policy rule.
 
Methods inherited from class com.netscape.cms.policy.APolicyRule
agentApproved, createKeyIdentifier, deferred, formSHA1KeyId, formSpkiSHA1KeyId, getDescription, getInstanceName, getName, getPredicate, log, setError, setError, setError, setInstanceName, setPolicyException, setPolicyException, setPredicate
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface com.netscape.certsrv.policy.IPolicyRule
getDescription, getInstanceName, getName, getPredicate, setError, setInstanceName, setPolicyException, setPredicate
 

Field Detail

PROP_CRITICAL

protected static final java.lang.String PROP_CRITICAL
Deprecated. 
See Also:
Constant Field Values

PROP_ALT_KEYID_TYPE

protected static final java.lang.String PROP_ALT_KEYID_TYPE
Deprecated. 
See Also:
Constant Field Values

ALT_KEYID_TYPE_SPKISHA1

protected static final java.lang.String ALT_KEYID_TYPE_SPKISHA1
Deprecated. 
See Also:
Constant Field Values

ALT_KEYID_TYPE_NONE

protected static final java.lang.String ALT_KEYID_TYPE_NONE
Deprecated. 
See Also:
Constant Field Values

ALT_KEYID_TYPE_EMPTY

protected static final java.lang.String ALT_KEYID_TYPE_EMPTY
Deprecated. 
See Also:
Constant Field Values

DEF_CRITICAL

protected static final boolean DEF_CRITICAL
Deprecated. 
See Also:
Constant Field Values

DEF_ALT_KEYID_TYPE

protected static final java.lang.String DEF_ALT_KEYID_TYPE
Deprecated. 
See Also:
Constant Field Values

mEnabled

protected boolean mEnabled
Deprecated. 

mConfig

protected IConfigStore mConfig
Deprecated. 

mCritical

protected boolean mCritical
Deprecated. 

mAltKeyIdType

protected java.lang.String mAltKeyIdType
Deprecated. 

mTheExtension

protected netscape.security.x509.AuthorityKeyIdentifierExtension mTheExtension
Deprecated. 

mInstanceParams

protected java.util.Vector mInstanceParams
Deprecated. 

mDefaultParams

protected static java.util.Vector mDefaultParams
Deprecated. 
Constructor Detail

AuthorityKeyIdentifierExt

public AuthorityKeyIdentifierExt()
Deprecated. 
Method Detail

init

public void init(ISubsystem owner,
                 IConfigStore config)
          throws EBaseException
Deprecated. 
Initializes this policy rule. Reads configuration file and creates a authority key identifier extension to add. Key identifier inside the extension is constructed as the CA's subject key identifier extension if it exists. If it does not exist this can be configured to use: (1) sha-1 hash of the CA's subject public key info (what communicator expects if the CA does not have a subject key identifier extension) or (2) No extension set (3) Empty sequence in Authority Key Identifier extension.

The entries may be of the form: ca.Policy.rule..predicate= ca.Policy.rule..implName= ca.Policy.rule..enable=true

Specified by:
init in interface IPolicyRule
Specified by:
init in class APolicyRule
Parameters:
config - The config store reference
Throws:
EBaseException

apply

public PolicyResult apply(IRequest req)
Deprecated. 
Adds Authority Key Identifier Extension to a certificate. If the extension is already there, accept it if it's from the agent, else replace it.

Specified by:
apply in interface IPolicyRule
Specified by:
apply in interface IPolicy
Specified by:
apply in class APolicyRule
Parameters:
req - The request on which to apply policy.
Returns:
The policy result object.

applyCert

public PolicyResult applyCert(IRequest req,
                              netscape.security.x509.X509CertInfo certInfo)
Deprecated. 

formKeyIdentifier

protected netscape.security.x509.KeyIdentifier formKeyIdentifier(netscape.security.x509.X509CertImpl caCertImpl)
                                                          throws EBaseException
Deprecated. 
Form the Key Identifier in the Authority Key Identifier extension. from the CA's cert.

Parameters:
caCertImpl - Certificate Info
Returns:
A Key Identifier.
Throws:
EBaseException - on error

getKeyIdentifier

protected netscape.security.x509.KeyIdentifier getKeyIdentifier(netscape.security.x509.X509CertInfo certInfo)
                                                         throws EBaseException
Deprecated. 
Get the Key Identifier in a subject key identifier extension from a CertInfo.

Parameters:
certInfo - the CertInfo structure.
Returns:
Key Identifier in a Subject Key Identifier extension if any.
Throws:
EBaseException

getInstanceParams

public java.util.Vector getInstanceParams()
Deprecated. 
Return configured parameters for a policy rule instance.

Specified by:
getInstanceParams in interface IPolicyRule
Specified by:
getInstanceParams in class APolicyRule
Returns:
nvPairs A Vector of name/value pairs.

getDefaultParams

public java.util.Vector getDefaultParams()
Deprecated. 
Return default parameters for a policy implementation.

Specified by:
getDefaultParams in interface IPolicyRule
Specified by:
getDefaultParams in class APolicyRule
Returns:
nvPairs A Vector of name/value pairs.

getExtendedPluginInfo

public java.lang.String[] getExtendedPluginInfo(java.util.Locale locale)
Deprecated. 
Description copied from interface: IExtendedPluginInfo
This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name ;[,required];;... Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use"

Specified by:
getExtendedPluginInfo in interface IExtendedPluginInfo