Package org.ejbca.core.model.ra

Examples of org.ejbca.core.model.ra.ExtendedInformation

        String staticEndOfTime = sm.format(endOfTime);
        String relativeEndOfTime = "33000:00:00"; // ~100 years
        String staticInvalid = "XXXX-XX-XX XX:XX PM";
        String relativeInvalid = "XXXXX:XXX:XXX";
        String relativeNegative = "-10:00:00";
        ExtendedInformation ei = new ExtendedInformation();
        // Use empty, should fail
        profile.setUse(EndEntityProfile.STARTTIME, 0, true);
        profile.setUse(EndEntityProfile.ENDTIME, 0, false);
        profile.setValue(EndEntityProfile.STARTTIME, 0, "");
        profile.setValue(EndEntityProfile.ENDTIME, 0, "");
        ei.setCustomData(ExtendedInformation.CUSTOM_STARTTIME, "");
        try {
          // Custom starttime can be empty or null
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        } catch (UserDoesntFullfillEndEntityProfile e) {
          assertTrue("Error: Empty start time was not checked correctly.", false);
        profile.setUse(EndEntityProfile.STARTTIME, 0, false);
        profile.setUse(EndEntityProfile.ENDTIME, 0, true);
        ei.setCustomData(ExtendedInformation.CUSTOM_ENDTIME, "");
        try {
          // Custom endtime can be empty or null
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        } catch (UserDoesntFullfillEndEntityProfile e) {
          assertTrue("Error: Empty end time was not checked correctly.", false);
        // Static times work?
        profile.setUse(EndEntityProfile.STARTTIME, 0, true);
        profile.setUse(EndEntityProfile.ENDTIME, 0, true);
        ei.setCustomData(ExtendedInformation.CUSTOM_STARTTIME, staticNow);
        ei.setCustomData(ExtendedInformation.CUSTOM_ENDTIME, staticEndOfTime);
        try {
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        } catch (UserDoesntFullfillEndEntityProfile e) {
          assertTrue("Error: Static times does not work. ("+e.getMessage()+")", false);
        // Relative times work?
        ei.setCustomData(ExtendedInformation.CUSTOM_STARTTIME, relativeNow);
        ei.setCustomData(ExtendedInformation.CUSTOM_ENDTIME, relativeEndOfTime);
        try {
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        } catch (UserDoesntFullfillEndEntityProfile e) {
          assertTrue("Error: Relative times does not work.", false);
        // Static start, rel end work?
        ei.setCustomData(ExtendedInformation.CUSTOM_STARTTIME, staticNow);
        ei.setCustomData(ExtendedInformation.CUSTOM_ENDTIME, relativeEndOfTime);
        try {
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        } catch (UserDoesntFullfillEndEntityProfile e) {
          assertTrue("Error: Static start time w relative end time does not work.", false);
        // Rel start, static end work?
        ei.setCustomData(ExtendedInformation.CUSTOM_STARTTIME, relativeNow);
        ei.setCustomData(ExtendedInformation.CUSTOM_ENDTIME, staticEndOfTime);
        try {
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        } catch (UserDoesntFullfillEndEntityProfile e) {
          assertTrue("Error: Relative start time w static end time does not work.", false);
        // Negative relative start times work?
        ei.setCustomData(ExtendedInformation.CUSTOM_STARTTIME, relativeNegative);
        ei.setCustomData(ExtendedInformation.CUSTOM_ENDTIME, staticEndOfTime);
        try {
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          assertTrue("Error: Possible to use negative start time.", false);
        } catch (UserDoesntFullfillEndEntityProfile e) {
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        // Negative relative end times work?
        ei.setCustomData(ExtendedInformation.CUSTOM_STARTTIME, staticNow);
        ei.setCustomData(ExtendedInformation.CUSTOM_ENDTIME, relativeNegative);
        try {
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          assertTrue("Error: Possible to use negative end time.", false);
        } catch (UserDoesntFullfillEndEntityProfile e) {
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        // Static end before start ok?
        ei.setCustomData(ExtendedInformation.CUSTOM_STARTTIME, staticEndOfTime);
        ei.setCustomData(ExtendedInformation.CUSTOM_ENDTIME, staticNow);
        try {
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          assertTrue("Error: Static end time before static start time allowed.", false);
        } catch (UserDoesntFullfillEndEntityProfile e) {
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        // Relative end before start ok?
        ei.setCustomData(ExtendedInformation.CUSTOM_STARTTIME, relativeEndOfTime);
        ei.setCustomData(ExtendedInformation.CUSTOM_ENDTIME, relativeNow);
        try {
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          assertTrue("Error: Relative end time before relative start time allowed.", false);
        } catch (UserDoesntFullfillEndEntityProfile e) {
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        // Invalid static start ok?
        ei.setCustomData(ExtendedInformation.CUSTOM_STARTTIME, staticInvalid);
        ei.setCustomData(ExtendedInformation.CUSTOM_ENDTIME, staticEndOfTime);
        try {
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          assertTrue("Error: Invalid static start time allowed.", false);
        } catch (UserDoesntFullfillEndEntityProfile e) {
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        // Invalid static end ok?
        ei.setCustomData(ExtendedInformation.CUSTOM_STARTTIME, staticNow);
        ei.setCustomData(ExtendedInformation.CUSTOM_ENDTIME, staticInvalid);
        try {
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          assertTrue("Error: Invalid static start time allowed.", false);
        } catch (UserDoesntFullfillEndEntityProfile e) {
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        // Invalid relative start ok?
        ei.setCustomData(ExtendedInformation.CUSTOM_STARTTIME, relativeInvalid);
        ei.setCustomData(ExtendedInformation.CUSTOM_ENDTIME, staticEndOfTime);
        try {
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          assertTrue("Error: Invalid relative start time allowed.", false);
        } catch (UserDoesntFullfillEndEntityProfile e) {
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        // Invalid relative end ok?
        ei.setCustomData(ExtendedInformation.CUSTOM_STARTTIME, relativeNow);
        ei.setCustomData(ExtendedInformation.CUSTOM_ENDTIME, staticInvalid);
        try {
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          assertTrue("Error: Invalid relative start time allowed.", false);
        } catch (UserDoesntFullfillEndEntityProfile e) {
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        // Is this Java-version parsing dates correctly?
        long magicDateTime = 1181040300000L// "12:45 PM" in US Locale
    String value1 = DateFormat.getDateTimeInstance(DateFormat.SHORT, DateFormat.SHORT, Locale.US).format(new Date(magicDateTime));
    String value2 = DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.SHORT, Locale.US).format(
        DateFormat.getDateTimeInstance(DateFormat.SHORT, DateFormat.SHORT, Locale.US).parse(value1));
    long magicDateTime2 = DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.SHORT, Locale.US).parse(value2).getTime();
    if ( magicDateTime != magicDateTime2 ) {
          assertTrue("Error: Java does not parse dates correctly. "+magicDateTime+" "+magicDateTime2+" "+value1+" "+value2, false);
        // Test allow multiple requests
        final EndEntityProfile profile = new EndEntityProfile();
        final ExtendedInformation ei = new ExtendedInformation();
        // Use empty, should fail
        profile.setUse(EndEntityProfile.ALLOWEDREQUESTS, 0, false);
        try {
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        } catch (UserDoesntFullfillEndEntityProfile e) {
          assertTrue("Error: Allowedrequests not checked correctly, should be allowed.", false);
        ei.setCustomData(ExtendedInformation.CUSTOM_REQUESTCOUNTER, "2");
        try {
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          assertTrue("Error: Allowed requests was not checked correctly, should not be allowed.", false);
        } catch (UserDoesntFullfillEndEntityProfile e) {
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        profile.setUse(EndEntityProfile.ALLOWEDREQUESTS, 0, true);
        try {
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith", "","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false, false, false, SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          log.debug("End Entity Fulfill Profile Test " + (currentSubTest++) + " = OK");
        } catch (UserDoesntFullfillEndEntityProfile e) {
          assertTrue("Error: Allowedrequests not checked correctly, should be allowed.", false);
        // New profile
        final EndEntityProfile profile = new EndEntityProfile();
        // Set so maxFailedLogins=non-modifyable required

        try {
          final ExtendedInformation ei = new ExtendedInformation();
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith","","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false,false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
          fail("Error: maxFailedLogins was not checked correctly, should not be allowed.");
        } catch (UserDoesntFullfillEndEntityProfile e) {
          // OK
        try {
          final ExtendedInformation ei = new ExtendedInformation();
          profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith","","","",SecConst.CERTPROFILE_FIXED_ENDUSER,
              false,false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1, ei);
        } catch (UserDoesntFullfillEndEntityProfile e) {
          log.error(e.getMessage(), e);
          fail("Error: maxFailedLogins was not checked correctly, should be allowed.");
View Full Code Here

      if (!emails.isEmpty()) {
        email = emails.get(0); // Use rfc822name or first SubjectDN email address as user email address if available
      } else {
        email = null;
      final ExtendedInformation ei;
      if (this.allowCustomCertSerno) {
        // Don't even try to parse out the field if it is not allowed
        BigInteger customCertSerno = crmfreq.getSubjectCertSerialNo();
        if (customCertSerno != null) {
          // If we have a custom certificate serial number in the request, we will pass it on to the UserData object
          ei = new ExtendedInformation();
          if (LOG.isDebugEnabled()) {
            LOG.debug("Custom certificate serial number: "+customCertSerno.toString(16));         
        } else {
          ei = null;
View Full Code Here

        final X509V3CertificateGenerator certgen = new X509V3CertificateGenerator();
            // Serialnumber is either random bits, where random generator is initialized by the serno generator.
          // Or a custom serial number defined in the end entity object
            final ExtendedInformation ei = subject.getExtendedinformation();
            BigInteger customSN = ei!=null ? ei.certificateSerialNumber() : null;
      if (customSN != null) {
        if (!certProfile.getAllowCertSerialNumberOverride()) {
          final String msg = intres.getLocalizedMessage("signsession.certprof_not_allowing_cert_sn_override_using_normal", customSN.toString(16));
          customSN = null;
View Full Code Here

   * @return ExtendedInformation or null if it does not exist
    public ExtendedInformation getExtendedInformation() {
      String str = (String)data.get(EXTENDEDINFORMATION);
      ExtendedInformation ret = null;
      if (str != null) {
        ret = UserDataVO.getExtendedInformation(str);
      return ret;
View Full Code Here

            String serialNo = "unknown";
      final long updateTime = new Date().getTime();
            String tag = null;
      final boolean useCustomSN;
        final ExtendedInformation ei = data.getExtendedinformation();
        useCustomSN = ei!=null && ei.certificateSerialNumber()!=null;
      final int maxRetrys;
      if ( useCustomSN ) {
        if (ca.isUseCertificateStorage() && !signSession.isUniqueCertificateSerialNumberIndex()) {
          final String msg = intres.getLocalizedMessage("signsession.not_unique_certserialnumberindex");
View Full Code Here

     * @param data user data
     * @return issuance revocation code configured on the end entity extended information, a constant from RevokedCertInfo. Default RevokedCertInfo.NOT_REVOKED.
    private int getIssuanceRevocationReason(UserDataVO data) {
      int ret = RevokedCertInfo.NOT_REVOKED;
      final ExtendedInformation ei = data.getExtendedinformation();
        if ( ei != null ) {
            final String revocationReason = ei.getCustomData(ExtendedInformation.CUSTOM_REVOCATIONREASON);
            if (revocationReason != null) {
                ret = Integer.valueOf(revocationReason);             
        if (log.isDebugEnabled()) {
View Full Code Here


Related Classes of org.ejbca.core.model.ra.ExtendedInformation

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact