* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
public static final Set<String> EMPTY = Collections.unmodifiableSet(new HashSet<>());
-
+
private final String name;
private final String env;
private MessageDigest messageDigest;
- private final String permNS;
+ private final String permNS;
private final String permType;
private final ArrayList<String> idDomains;
private String[] trustedCAs;
trustedCAs = new String[4]; // starting array
this.name = caName;
this.env = env;
- this.env_tag = env==null || env.isEmpty()?false:
+ this.env_tag = env==null || env.isEmpty()?false:
Boolean.parseBoolean(access.getProperty(CM_CA_ENV_TAG, Boolean.FALSE.toString()));
permNS=null;
String prefix = CM_CA_PREFIX + name;
throw new CertException(prefix + ".perm_type" + MUST_EXIST_TO_CREATE_CSRS_FOR + caName);
}
caIssuerDNs = Split.splitTrim(':', access.getProperty(Config.CADI_X509_ISSUERS, null));
-
+
String tag = CA.CM_CA_PREFIX+caName+CA.CM_CA_BASE_SUBJECT;
-
+
String fields = access.getProperty(tag, null);
if (fields==null) {
throw new CertException(tag + MUST_EXIST_TO_CREATE_CSRS_FOR + caName);
throw new CertException("email address is not allowed in " + CM_CA_BASE_SUBJECT);
}
}
-
+
idDomains = new ArrayList<>();
StringBuilder sb = null;
for (String s : Split.splitTrim(',', access.getProperty(CA.CM_CA_PREFIX+caName+".idDomains", ""))) {
if (sb!=null) {
access.printf(Level.INIT, "CA '%s' supports Personal Certificates for %s", caName, sb);
}
-
+
String dataDir = access.getProperty(CM_PUBLIC_DIR,null);
if (dataDir!=null) {
File data = new File(dataDir);
FileInputStream fis = new FileInputStream(crt);
try {
int read = fis.read(bytes);
- if (read>0) {
+ if (read>0) {
addTrustedCA(new String(bytes));
}
} finally {
caIssuerDNs = newsa;
}
}
-
+
protected synchronized void addTrustedCA(final String crtString) {
String crt;
if (crtString.endsWith("\n")) {
temp[trustedCAs.length]=crt;
trustedCAs = temp;
}
-
+
public String[] getCaIssuerDNs() {
return caIssuerDNs;
}
-
+
public String[] getTrustedCAs() {
return trustedCAs;
}
-
+
public boolean shouldAddEnvTag() {
- return env_tag;
+ return env_tag;
}
-
+
public String getEnv() {
return env;
}
public String getName() {
return name;
}
-
-
+
+
public String getPermNS() {
return permNS;
}
-
+
public String getPermType() {
return permType;
}
-
+
public abstract X509andChain sign(Trans trans, CSRMeta csrmeta) throws IOException, CertException;
/* (non-Javadoc)
Code Review / aaf / authz.git / blobdiff