Package org.ejbca.core.model.ca.certificateprofiles

Examples of org.ejbca.core.model.ca.certificateprofiles.CertificateProfile


          
           values = endentityprofile.getValue(EndEntityProfile.AVAILCERTPROFILES,0).split(EndEntityProfile.SPLITCHAR);
           HashMap<Integer, List> certificateprofilemap = new HashMap<Integer, List>();
           for(int i=0;i < values.length;i++){            
             Integer nextcertprofileid = Integer.valueOf(values[i]);
             CertificateProfile certprofile = (CertificateProfile) certproftemp.get(nextcertprofileid);
             if(certprofile == null){
               certprofile = certificateProfileSession.getCertificateProfile(administrator,nextcertprofileid.intValue());  
               certproftemp.put(nextcertprofileid,certprofile);
             }
            
             Collection<Integer> certprofilesavailablecas = certprofile.getAvailableCAs();
             if(certprofilesavailablecas.contains(Integer.valueOf(CertificateProfile.ANYCA))){
               ArrayList<Integer> authorizedcastemp = new ArrayList<Integer>(authorizedcas);
               if(!endentityprofileallcas) {
                 authorizedcastemp.retainAll(endentityprofileavailcas);
               }
View Full Code Here


    PKCS10RequestMessage p10 = new PKCS10RequestMessage(req.getEncoded());
    p10.setUsername("foo");
    p10.setPassword("foo123");

    CertificateProfile fooCertProfile = certificateProfileSession.getCertificateProfile(admin, "FOOCERTPROFILE");
    fooCertProfile.setAllowCertSerialNumberOverride(false);
    certificateProfileSession.changeCertificateProfile(admin, "FOOCERTPROFILE", fooCertProfile);

    UserDataVO user = new UserDataVO("foo", "C=SE,O=AnaTom,CN=foo", rsacaid, null, "foo@anatom.se", SecConst.USER_ENDUSER, fooEEProfileId, fooCertProfileId,
        SecConst.TOKEN_SOFT_BROWSERGEN, 0, null);
    user.setPassword("foo123");
View Full Code Here

        }
        Map<Integer, String> idtonamemap = certificateProfileSession.getCertificateProfileIdToNameMap(admin);
        while(iter.hasNext()){
       
          Integer id = iter.next();
          CertificateProfile certprofile = certificateProfileSession.getCertificateProfile(admin,id.intValue());
          // If not superadministrator, then should only end entity profiles be added.
          if(superadministrator || certprofile.getType() == CertificateProfile.TYPE_ENDENTITY){                     
            // if default profiles, add fixed to name.
            if(id.intValue() <= SecConst.FIXED_CERTIFICATEPROFILE_BOUNDRY || (!superadministrator && certprofile.isApplicableToAnyCA())) {
        allprofilenames.put(idtonamemap.get(id) + " (FIXED)",id);  
            } else {
          allprofilenames.put(idtonamemap.get(id),id);
            }
          }
View Full Code Here

    public CertificateProfile getCertificateProfile(int id) throws AuthorizationDeniedException {
      return certificateprofiles.getCertificateProfile(id);
    }

    public void addCertificateProfile(String name) throws CertificateProfileExistsException, AuthorizationDeniedException {
       CertificateProfile profile = new CertificateProfile();
       profile.setAvailableCAs(informationmemory.getAuthorizedCAIds());
       certificateprofiles.addCertificateProfile(name, profile);
    }
View Full Code Here

    /** Returns false if certificate type is used by any user or in profiles. */
    public boolean removeCertificateProfile(String name) throws Exception{

        boolean certificateprofileused = false;
        int certificateprofileid = certificateProfileSession.getCertificateProfileId(administrator, name);       
        CertificateProfile certprofile = this.certificateProfileSession.getCertificateProfile(administrator, name);
       
        if(certprofile.getType() == CertificateProfile.TYPE_ENDENTITY){
          // Check if any users or profiles use the certificate id.
          certificateprofileused = adminsession.checkForCertificateProfileId(administrator, certificateprofileid)
                                || endEntityProfileSession.existsCertificateProfileInEndEntityProfiles(administrator, certificateprofileid)
                || hardtokensession.existsCertificateProfileInHardTokenProfiles(administrator, certificateprofileid);
        }else{
View Full Code Here

    }
    if (certificateProfileId == SecConst.CERTPROFILE_NO_PROFILE) {
      // If there is no cert req history and the cert profile was not defined in the CertificateData row, so we can't do anything about it..
      returnval = "CERTREQREPUBLISHFAILED";
    } else {
      final CertificateProfile certprofile = certificateProfileSession.getCertificateProfile(administrator, certificateProfileId);
      if (certprofile != null) {
        if (certprofile.getPublisherList().size() > 0) {
          if (publishersession.storeCertificate(administrator, certprofile.getPublisherList(), certificatedata.getCertificate(), username, password, dn,
              certinfo.getCAFingerprint(), certinfo.getStatus() , certinfo.getType(), certinfo.getRevocationDate().getTime(), certinfo.getRevocationReason(),
              certinfo.getTag(), certificateProfileId, certinfo.getUpdateTime().getTime(), ei)) {
            returnval = "CERTREPUBLISHEDSUCCESS";
          }
        } else {
View Full Code Here

    /**
     * Help function that checks if administrator is authorized to edit profile
     * with given name.
     */
    private boolean authorizedToProfileName(String profilename, boolean editcheck) {
        CertificateProfile profile = certificateProfileSession.getCertificateProfile(administrator, profilename);
        return authorizedToProfile(profile, editcheck);
    }
View Full Code Here

    /**
     * Help function that checks if administrator is authorized to edit profile
     * with given name.
     */
    private boolean authorizedToProfileId(int profileid, boolean editcheck) {
        CertificateProfile profile = certificateProfileSession.getCertificateProfile(administrator, profileid);
        return authorizedToProfile(profile, editcheck);
    }
View Full Code Here

        // Check card number extension as well
        String cardNumber = SeisCardNumberExtension.getSeisCardNumber(cert);
        assertEquals("123456789", cardNumber);

        // Change so that we allow override of validity time
        CertificateProfile prof = certificateProfileSession.getCertificateProfile(admin, cprofile);
        prof.setAllowValidityOverride(true);
        prof.setValidity(3065);
        prof.setUseCardNumber(false);
        certificateProfileSession.changeCertificateProfile(admin, "TESTVALOVERRIDE", prof);
        cal = Calendar.getInstance();
        Calendar notBefore = Calendar.getInstance();
        notBefore.add(Calendar.DAY_OF_MONTH, 2);
        cal.add(Calendar.DAY_OF_MONTH, 10);
        userAdminSession.setUserStatus(admin, "foo", UserDataConstants.STATUS_NEW);
        cert = (X509Certificate) signSession.createCertificate(admin, "foo", "foo123", rsakeys.getPublic(), -1, notBefore.getTime(), cal.getTime());
        assertNotNull("Failed to create certificate", cert);
        assertEquals(CertTools.stringToBCDNString("cn=validityoverride,c=SE"), CertTools.stringToBCDNString(dn));
        notAfter = cert.getNotAfter();
        cal = Calendar.getInstance();
        cal.add(Calendar.DAY_OF_MONTH, 11);
        // Override was enabled, the cert should have notAfter less than 11 days
        // in the future (10 to be exact)
        assertTrue(notAfter.compareTo(cal.getTime()) < 0);
        notAfter = cert.getNotBefore();
        cal = Calendar.getInstance();
        cal.add(Calendar.DAY_OF_MONTH, 1);
        // Override was enabled, the cert should have notBefore more than 1 days
        // in the future (2 to be exact)
        assertTrue(notAfter.compareTo(cal.getTime()) > 0);
        cal.add(Calendar.DAY_OF_MONTH, 2);
        assertTrue(notAfter.compareTo(cal.getTime()) < 0);

        // Check that card number extension is not present
        cardNumber = SeisCardNumberExtension.getSeisCardNumber(cert);
        assertNull(cardNumber);

        // Verify that we can not get a certificate that has notBefore befor the
        // current time
        // and that we can not get a certificate valid longer than the
        // certificate profile allows.
        prof = certificateProfileSession.getCertificateProfile(admin, cprofile);
        prof.setValidity(50);
        certificateProfileSession.changeCertificateProfile(admin, "TESTVALOVERRIDE", prof);
        notBefore = Calendar.getInstance();
        notBefore.add(Calendar.DAY_OF_MONTH, -2);
        cal = Calendar.getInstance();
        cal.add(Calendar.DAY_OF_MONTH, 200);
View Full Code Here

        X509Certificate cert = (X509Certificate) CertTools.getCertfromByteArray(resp.getResponseMessage());
        assertNotNull("Failed to create certificate", cert);
        assertEquals("CN=dnoverride,C=SE", cert.getSubjectDN().getName());

        // Change so that we allow override of validity time
        CertificateProfile prof = certificateProfileSession.getCertificateProfile(admin, cprofile);
        prof.setAllowDNOverride(true);
        certificateProfileSession.changeCertificateProfile(admin, "TESTDNOVERRIDE", prof);

        userAdminSession.changeUser(admin, user, false);
        resp = signSession.createCertificate(admin, p10, org.ejbca.core.protocol.X509ResponseMessage.class, null);
        cert = (X509Certificate) CertTools.getCertfromByteArray(resp.getResponseMessage());
View Full Code Here

TOP

Related Classes of org.ejbca.core.model.ca.certificateprofiles.CertificateProfile

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.