def User_Supplied_Extension_Default(root, PolicySet, ExtOID):
javaclass = "userExtensionDefaultImpl"
result = common.check_policy(PolicySet, javaclass)
if result is False:
# Get Policy ID
pvalue = get_policyId(PolicySet)
# Description
s1 = "This default populates a User-Supplied Extension (%s) to the request.", ExtOID
# Policy Value
Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue)
# Policy Definition
Policy_definition = etree.SubElement(
Policy_Value, "def", id="User Supplied Extension Default", classid="userExtensionDefaultImpl"
)
Policy_description = etree.SubElement(Policy_definition, "description").text = s1
# Policy Attributes
User_Supplied_Extension_Default_attributes = [("userExtOID", "string", "readonly", "Object Identifier", "NULL")]
# Policy Params
User_Supplied_Extension_Default_params = [("userExtOID", ExtOID)]
common.policy_parameters(Policy_definition, User_Supplied_Extension_Default_params)
# No Constraint
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
userExtOID_param = Policy_Value.find('./def/params[@name="userExtOID"]/value')
userExtOID_param.text = ExtOID
def Netscape_Certificate_Type_Extension_Default(root, PolicySet, extlist):
javaclass = "nsCertTypeExtDefaultImpl"
result = common.check_policy(PolicySet, javaclass)
if result is False:
# Get Policy ID
pvalue = get_policyId(PolicySet)
# Description
Netscape_Certificate_Type_Extension_Default_description = (
"This default populates a Netscape Certificate Type Extension"
)
# Policy Value
Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue)
# Policy Definition
Policy_definition = etree.SubElement(
Policy_Value, "def", id="Netscape Certificate Type Extension Default", classId="nsCertTypeExtDefaultImpl"
)
Policy_description = etree.SubElement(
Policy_definition, "description"
).text = Netscape_Certificate_Type_Extension_Default_description
# Policy Attributes
Netscape_Certificate_Type_Extension_Default_attributes = [
("nsCertCritical", "boolean", "NULL", "Criticality", "false"),
("nsCertSSLClient", "boolean", "NULL", "SSL Client", "false"),
("nsCertSSLServer", "boolean", "NULL", "SSL Server", "false"),
("nsCertEmail", "boolean", "NULL", "Email", "false"),
("nsCertObjectSigning", "boolean", "NULL", "Object Signing", "false"),
("nsCertSSLCA", "boolean", "NULL", "SSL CA", "false"),
("nsCertEmailCA", "boolean", "NULL", "Email CA", "false"),
("nsCertObjectSigningCA", "boolean", "NULL", "Object Signing CA", "false"),
]
# Policy Parameters
Netscape_Certificate_Type_Extension_Default_params = [
("nsCertCritical", common.check_ext_key_usage(extlist, "nsCertCritical")),
("nsCertSSLClient", common.check_ext_key_usage(extlist, "nsCertSSLClient")),
("nsCertSSLServer", common.check_ext_key_usage(extlist, "nsCertSSLServer")),
("nsCertEmail", common.check_ext_key_usage(extlist, "nsCertEmail")),
("nsCertObjectSigning", common.check_ext_key_usage(extlist, "nsCertObjectSigning")),
("nsCertSSLCA", common.check_ext_key_usage(extlist, "nsCertSSLCA")),
("nsCertEmailCA", common.check_ext_key_usage(extlist, "nsCertEmailCA")),
("nsCertObjectSigningCA", common.check_ext_key_usage(extlist, "nsCertObjectSigningCA")),
]
common.policy_parameters(Policy_definition, Netscape_Certificate_Type_Extension_Default_params)
# Constraints
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
for v in extlist:
result = Policy_Value.find('./def/params[@name="%s"]' % v)
result[0].text = "true"
def Subject_Alt_Name_Constraint(root, PolicySet, altType, altPattern):
javaclass = 'subjectAltNameExtDefaultImpl'
result = common.check_policy(PolicySet, javaclass)
if result is False:
#Get Policy ID
pvalue = get_policyId(PolicySet)
#Description
s1 = 'This default populates a Subject Alternative Name Extension (2.5.29.17) to the request.'
s2 = 'The default values are Criticality=false, Record #0{Pattern:$request.requestor_email$,Pattern Type:RFC822Name,Enable:true}'
Subject_Alt_Name_Constraint_description = s1 + s2
# Policy Value
Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue)
# Policy Definition
Policy_definition = etree.SubElement(
Policy_Value,
'def',
id='Subject Alt Name Constraint',
classId='subjectAltNameExtDefaultImpl')
Policy_description = etree.SubElement(
Policy_definition,
'description').text = Subject_Alt_Name_Constraint_description
# Policy Attributes
Subject_Alt_Name_Constraint_attributes = [
('subjAltNameExtCritical', 'boolean', 'NULL', 'Criticality',
'false'),
('subjAltNames', 'string_list', 'NULL', 'General Names', 'NULL')
]
common.policy_attributes(Policy_definition,
Subject_Alt_Name_Constraint_attributes)
# Policy Parameters
Subject_Alt_Name_Constraint_params = [
('subjAltNameExtCritical', 'false'), ('subjAltNameNumGNs', '1'),
('subjAltExtType_0', altType), ('subjAltExtPattern_0', altPattern),
('subjAltExtGNEnable_0', 'true')
]
common.policy_parameters(Policy_definition,
Subject_Alt_Name_Constraint_params)
# constraints
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
subjAltExtType_0_param = Policy_Value.find(
'./def/params[@name="subjAltExtType_0"]/value')
subjAltExtType_0_param.text = altType
subjAltExtPattern_0_param = Policy_Value.find(
'./def/params[@name="subjAltExtPattern_0"]/value')
subjAltExtPattern_0_param.text = altPattern
def crl_Distribution_Points_Ext_Default(root, PolicySet, crlurl):
javaclass = 'crlDistributionPointsExtDefaultImpl'
result = common.check_policy(PolicySet, javaclass)
if result is False:
#Get Policy ID
pvalue = get_policyId(PolicySet)
#Description
s1 = 'This default populates a CRL Distribution Points Extension (2.5.29.31) to the request'
s2 = 'The default values are Criticality=false, Record #0{Point Type:URIName,Point Name:http://localhost.localdomain:9180/ca/ee/ca/getCRL'
s3 = '?crlIssuingPoint=MasterCRL&op=getCRL&crlDisplayType=cachedCRL&submit=Submit,Reasons:,Issuer Type'
s4 = ':,Issuer Name:,Enable:true}'
clrDistribution_Point_Name = 'http://localhost.localdomain:9180/ca/ee/ca/getCRL?crlIssuingPoint=MasterCRL&op=getCRL&crlDisplayType=cachedCRL&submit=Submit'
# Policy Value
Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue)
Policy_definition = etree.SubElement(
Policy_Value,
'def',
id='crlDistributionPointsExtDefaultImpl',
classId='crlDistributionPointsExtDefaultImpl')
Policy_description = etree.SubElement(
Policy_definition, 'description').text = s1 + s2 + s3 + s4
# Policy Attributes
crl_Distribution_Points_Ext_Default_attributes = [
('crlDistPointsCritical', 'boolean', 'NULL', 'Criticality',
'false'),
('crlDistPointsValue', 'string_list', 'NULL',
'CRL Distribution Points', 'NULL')
]
# Params
crl_Distribution_Points_Ext_Default_params = [
('crlDistPointsNum', '1'), ('crlDistPointsPointType_0', 'URIName'),
('crlDistPointsPointName_0', crlurl),
('crlDistPointsReasons_0', 'NULL'),
('crlDistPointsIssuerType_0', 'NULL'),
('crlDistPointsIssuerName_0', 'NULL'),
('crlDistPointsEnable_0', 'true')
]
common.policy_parameters(Policy_definition,
crl_Distribution_Points_Ext_Default_params)
#No Constraint
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
crlDistPointsPointName_value = Policy_Value.find(
'./def/params[@name="crlDistPointsPointName_0"]/value')
crlDistPointsPointName_value[0].text = crlurl
def AIA_Extension_Default(root, PolicySet):
''' This Function defines AIA Extension Default Policy '''
javaclass = 'authInfoAccessExtDefaultImpl'
result = common.check_policy(PolicySet, javaclass)
if result is False:
#Get Policy ID
pvalue = get_policyId(PolicySet)
s1 = 'This default populates a Authority Info Access Extension (1.3.6.1.5.5.7.1.1) to the request. '
s2 = 'The default values are Criticality=false,Record #0{Method:1.3.6.1.5.5.7.48.1,Location Type:URIName,Location:,Enable:true}'
AIA_Extension_description = s1 + s2
# Policy Value
Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue)
# Policy Definition
Policy_definition = etree.SubElement(
Policy_Value,
'def',
id='AIA Extension Default',
classId='authInfoAccessExtDefaultImpl')
Policy_description = etree.SubElement(
Policy_definition, 'description').text = AIA_Extension_description
# Policy Attributes
AIA_Extension_Default_attributes = [
('authInfoAccessCritical', 'boolean', 'NULL', 'Criticality',
'false'),
('authInfoAccessGeneralNames', 'string_list', 'NULL',
'General Names', 'NULL')
]
common.policy_attributes(Policy_definition,
AIA_Extension_Default_attributes)
# Policy Parameters
AIA_Extension_Default_params = [
('authInfoAccessCritical', 'false'), ('authInfoAccessNumADs', '1'),
('authInfoAccessADMethod_0', '1.3.6.1.5.5.7.48.1'),
('authInfoAccessADLocationType_0', 'URIName'),
('authInfoAccessADLocation_0', ''),
('authInfoAccessADEnable_0', 'true')
]
common.policy_parameters(Policy_definition,
AIA_Extension_Default_params)
# Constraint
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def Subject_Alt_Name_Constraint(root, PolicySet, altType, altPattern):
javaclass = "subjectAltNameExtDefaultImpl"
result = common.check_policy(PolicySet, javaclass)
if result is False:
# Get Policy ID
pvalue = get_policyId(PolicySet)
# Description
s1 = "This default populates a Subject Alternative Name Extension (2.5.29.17) to the request."
s2 = "The default values are Criticality=false, Record #0{Pattern:$request.requestor_email$,Pattern Type:RFC822Name,Enable:true}"
Subject_Alt_Name_Constraint_description = s1 + s2
# Policy Value
Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue)
# Policy Definition
Policy_definition = etree.SubElement(
Policy_Value, "def", id="Subject Alt Name Constraint", classId="subjectAltNameExtDefaultImpl"
)
Policy_description = etree.SubElement(
Policy_definition, "description"
).text = Subject_Alt_Name_Constraint_description
# Policy Attributes
Subject_Alt_Name_Constraint_attributes = [
("subjAltNameExtCritical", "boolean", "NULL", "Criticality", "false"),
("subjAltNames", "string_list", "NULL", "General Names", "NULL"),
]
common.policy_attributes(Policy_definition, Subject_Alt_Name_Constraint_attributes)
# Policy Parameters
Subject_Alt_Name_Constraint_params = [
("subjAltNameExtCritical", "false"),
("subjAltNameNumGNs", "1"),
("subjAltExtType_0", altType),
("subjAltExtPattern_0", altPattern),
("subjAltExtGNEnable_0", "true"),
]
common.policy_parameters(Policy_definition, Subject_Alt_Name_Constraint_params)
# constraints
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
subjAltExtType_0_param = Policy_Value.find('./def/params[@name="subjAltExtType_0"]/value')
subjAltExtType_0_param.text = altType
subjAltExtPattern_0_param = Policy_Value.find('./def/params[@name="subjAltExtPattern_0"]/value')
subjAltExtPattern_0_param.text = altPattern
def Extended_Key_Usage_Extension_Default(root, PolicySet):
javaclass = 'extendedKeyUsageExtDefaultImpl'
result = common.check_policy(PolicySet, javaclass)
if result is False:
#Get Policy ID
pvalue = get_policyId(PolicySet)
#Description
s1 = 'This default populates an Extended Key Usage Extension () to the request.'
s2 = 'The default values are Criticality=false, OIDs=1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4'
Extended_Key_Usage_Extension_Default_Description = s1 + s2
# policy Value
Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue)
# Policy Definition
Policy_definition = etree.SubElement(
Policy_Value,
'def',
id='Extended Key Usage Extension Default',
classId='extendedKeyUsageExtDefaultImpl')
Policy_description = etree.SubElement(
Policy_definition, 'description'
).text = Extended_Key_Usage_Extension_Default_Description
# Policy Attributes
Extended_Key_Usage_Extension_Default_attributes = [
('exKeyUsageCritical', 'boolean', 'NULL', 'Criticality', 'false'),
('exKeyUsageOIDs', 'string_list', 'NULL',
'Comma-Separated list of Object Identifiers', 'false')
]
common.policy_attributes(
Policy_definition, Extended_Key_Usage_Extension_Default_attributes)
# Policy Parameters
Extended_Key_Usage_Extension_Default_params = [
('exKeyUsageCritical', 'false'),
('exKeyUsageOIDs', '1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4')
]
common.policy_parameters(Policy_definition,
Extended_Key_Usage_Extension_Default_params)
# Constraint
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def crl_Distribution_Points_Ext_Default(root, PolicySet, crlurl):
javaclass = "crlDistributionPointsExtDefaultImpl"
result = common.check_policy(PolicySet, javaclass)
if result is False:
# Get Policy ID
pvalue = get_policyId(PolicySet)
# Description
s1 = "This default populates a CRL Distribution Points Extension (2.5.29.31) to the request"
s2 = "The default values are Criticality=false, Record #0{Point Type:URIName,Point Name:http://localhost.localdomain:9180/ca/ee/ca/getCRL"
s3 = "?crlIssuingPoint=MasterCRL&op=getCRL&crlDisplayType=cachedCRL&submit=Submit,Reasons:,Issuer Type"
s4 = ":,Issuer Name:,Enable:true}"
clrDistribution_Point_Name = "http://localhost.localdomain:9180/ca/ee/ca/getCRL?crlIssuingPoint=MasterCRL&op=getCRL&crlDisplayType=cachedCRL&submit=Submit"
# Policy Value
Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue)
Policy_definition = etree.SubElement(
Policy_Value, "def", id="crlDistributionPointsExtDefaultImpl", classId="crlDistributionPointsExtDefaultImpl"
)
Policy_description = etree.SubElement(Policy_definition, "description").text = s1 + s2 + s3 + s4
# Policy Attributes
crl_Distribution_Points_Ext_Default_attributes = [
("crlDistPointsCritical", "boolean", "NULL", "Criticality", "false"),
("crlDistPointsValue", "string_list", "NULL", "CRL Distribution Points", "NULL"),
]
# Params
crl_Distribution_Points_Ext_Default_params = [
("crlDistPointsNum", "1"),
("crlDistPointsPointType_0", "URIName"),
("crlDistPointsPointName_0", crlurl),
("crlDistPointsReasons_0", "NULL"),
("crlDistPointsIssuerType_0", "NULL"),
("crlDistPointsIssuerName_0", "NULL"),
("crlDistPointsEnable_0", "true"),
]
common.policy_parameters(Policy_definition, crl_Distribution_Points_Ext_Default_params)
# No Constraint
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
crlDistPointsPointName_value = Policy_Value.find('./def/params[@name="crlDistPointsPointName_0"]/value')
crlDistPointsPointName_value[0].text = crlurl
def AIA_Extension_Default(root, PolicySet):
""" This Function defines AIA Extension Default Policy """
javaclass = "authInfoAccessExtDefaultImpl"
result = common.check_policy(PolicySet, javaclass)
if result is False:
# Get Policy ID
pvalue = get_policyId(PolicySet)
s1 = "This default populates a Authority Info Access Extension (1.3.6.1.5.5.7.1.1) to the request. "
s2 = "The default values are Criticality=false,Record #0{Method:1.3.6.1.5.5.7.48.1,Location Type:URIName,Location:,Enable:true}"
AIA_Extension_description = s1 + s2
# Policy Value
Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue)
# Policy Definition
Policy_definition = etree.SubElement(
Policy_Value, "def", id="AIA Extension Default", classId="authInfoAccessExtDefaultImpl"
)
Policy_description = etree.SubElement(Policy_definition, "description").text = AIA_Extension_description
# Policy Attributes
AIA_Extension_Default_attributes = [
("authInfoAccessCritical", "boolean", "NULL", "Criticality", "false"),
("authInfoAccessGeneralNames", "string_list", "NULL", "General Names", "NULL"),
]
common.policy_attributes(Policy_definition, AIA_Extension_Default_attributes)
# Policy Parameters
AIA_Extension_Default_params = [
("authInfoAccessCritical", "false"),
("authInfoAccessNumADs", "1"),
("authInfoAccessADMethod_0", "1.3.6.1.5.5.7.48.1"),
("authInfoAccessADLocationType_0", "URIName"),
("authInfoAccessADLocation_0", ""),
("authInfoAccessADEnable_0", "true"),
]
common.policy_parameters(Policy_definition, AIA_Extension_Default_params)
# Constraint
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def Extended_Key_Usage_Extension_Default(root, PolicySet):
javaclass = "extendedKeyUsageExtDefaultImpl"
result = common.check_policy(PolicySet, javaclass)
if result is False:
# Get Policy ID
pvalue = get_policyId(PolicySet)
# Description
s1 = "This default populates an Extended Key Usage Extension () to the request."
s2 = "The default values are Criticality=false, OIDs=1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4"
Extended_Key_Usage_Extension_Default_Description = s1 + s2
# policy Value
Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue)
# Policy Definition
Policy_definition = etree.SubElement(
Policy_Value, "def", id="Extended Key Usage Extension Default", classId="extendedKeyUsageExtDefaultImpl"
)
Policy_description = etree.SubElement(
Policy_definition, "description"
).text = Extended_Key_Usage_Extension_Default_Description
# Policy Attributes
Extended_Key_Usage_Extension_Default_attributes = [
("exKeyUsageCritical", "boolean", "NULL", "Criticality", "false"),
("exKeyUsageOIDs", "string_list", "NULL", "Comma-Separated list of Object Identifiers", "false"),
]
common.policy_attributes(Policy_definition, Extended_Key_Usage_Extension_Default_attributes)
# Policy Parameters
Extended_Key_Usage_Extension_Default_params = [
("exKeyUsageCritical", "false"),
("exKeyUsageOIDs", "1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4"),
]
common.policy_parameters(Policy_definition, Extended_Key_Usage_Extension_Default_params)
# Constraint
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def Generic_Extension(root, PolicySet):
javaclass = 'genericExtDefaultImpl'
result = common.check_policy(PolicySet, javaclass)
if result is False:
#Get Policy ID
pvalue = get_policyId(PolicySet)
#Description
s1 = 'This default populates a Generic Extension to the request. The default values are Criticality=, OID=1.2.840.113549.1.9.15,'
s2 = ' OID=1.2.840.113549.1.9.15, Value='
s3 = '3067300B06092A864886F70D010105300B06092A864886F70D01010B300B06092A864886F70D01010C300B06092A864886F70D01010D300A06082A864886F70D0307300B0609608648016503040102300B060960864801650304012A300B06092A864886F70D010101'
Generic_Extension_description = s1 + s2 + s3
# Policy Value
Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue)
# Policy Definition
Policy_definition = etree.SubElement(Policy_Value,
'def',
id='Generic Extension',
classId='genericExtDefaultImpl')
Policy_description = etree.SubElement(
Policy_definition,
'description').text = Generic_Extension_description
# Policy Attributes
Generic_Extension_attributes = [('genericExtCritical', 'boolean',
'NULL', 'Criticality', 'false'),
('genericExtData', 'string_list',
'NULL', 'Extension Value', 'NULL')]
# Policy Parameters
Generic_Extension_params = [('genericExtCritical', ''),
('genericExtOID', '1.2.840.113549.1.9.15'),
('genericExtData', s3)]
common.policy_parameters(Policy_definition, Generic_Extension_params)
# Constraints
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def Subject_Key_Identifier_Extension_Default(root, PolicySet):
""" This function defines Subject Key Identifier Extension Default Policy """
javaclass = "subjectKeyIdentifierExtDefaultImpl"
result = common.check_policy(PolicySet, javaclass)
if result is False:
# Get Policy ID
pvalue = get_policyId(PolicySet)
# Description
Subject_Key_Identifier_Extension_Default_description = (
"This default populates a Subject Key Identifier Extension (2.5.29.14) to the request."
)
# Policy Value
Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue)
# Policy Definition
Policy_definition = etree.SubElement(
Policy_Value,
"def",
id="Subject Key Identifier Extension Default",
classId="subjectKeyIdentifierExtDefaultImpl",
)
Policy_description = etree.SubElement(
Policy_definition, "description"
).text = Subject_Key_Identifier_Extension_Default_description
# Policy Attributes
Subject_Key_Identifier_Extension_Default_attributes = [
("critical", "string", "readonly", "Criticality", "NULL"),
("keyid", "string", "readonly", "Key ID", "NULL"),
]
common.policy_attributes(Policy_definition, Subject_Key_Identifier_Extension_Default_attributes)
# Policy Parameters
# None
# Constraint Definition
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def Subject_Key_Identifier_Extension_Default(root, PolicySet):
''' This function defines Subject Key Identifier Extension Default Policy '''
javaclass = 'subjectKeyIdentifierExtDefaultImpl'
result = common.check_policy(PolicySet, javaclass)
if result is False:
# Get Policy ID
pvalue = get_policyId(PolicySet)
# Description
Subject_Key_Identifier_Extension_Default_description = 'This default populates a Subject Key Identifier Extension (2.5.29.14) to the request.'
# Policy Value
Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue)
# Policy Definition
Policy_definition = etree.SubElement(
Policy_Value,
'def',
id='Subject Key Identifier Extension Default',
classId='subjectKeyIdentifierExtDefaultImpl')
Policy_description = etree.SubElement(
Policy_definition, 'description'
).text = Subject_Key_Identifier_Extension_Default_description
# Policy Attributes
Subject_Key_Identifier_Extension_Default_attributes = [
('critical', 'string', 'readonly', 'Criticality', 'NULL'),
('keyid', 'string', 'readonly', 'Key ID', 'NULL')
]
common.policy_attributes(
Policy_definition,
Subject_Key_Identifier_Extension_Default_attributes)
# Policy Parameters
# None
# Constraint Definition
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def User_Supplied_Extension_Default(root, PolicySet, ExtOID):
javaclass = 'userExtensionDefaultImpl'
result = common.check_policy(PolicySet, javaclass)
if result is False:
# Get Policy ID
pvalue = get_policyId(PolicySet)
# Description
s1 = 'This default populates a User-Supplied Extension (%s) to the request.', ExtOID
# Policy Value
Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue)
# Policy Definition
Policy_definition = etree.SubElement(
Policy_Value,
'def',
id='User Supplied Extension Default',
classid='userExtensionDefaultImpl')
Policy_description = etree.SubElement(Policy_definition,
'description').text = s1
# Policy Attributes
User_Supplied_Extension_Default_attributes = [
('userExtOID', 'string', 'readonly', 'Object Identifier', 'NULL')
]
# Policy Params
User_Supplied_Extension_Default_params = [('userExtOID', ExtOID)]
common.policy_parameters(Policy_definition,
User_Supplied_Extension_Default_params)
# No Constraint
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
userExtOID_param = Policy_Value.find(
'./def/params[@name="userExtOID"]/value')
userExtOID_param.text = ExtOID
def Generic_Extension(root, PolicySet):
javaclass = "genericExtDefaultImpl"
result = common.check_policy(PolicySet, javaclass)
if result is False:
# Get Policy ID
pvalue = get_policyId(PolicySet)
# Description
s1 = "This default populates a Generic Extension to the request. The default values are Criticality=, OID=1.2.840.113549.1.9.15,"
s2 = " OID=1.2.840.113549.1.9.15, Value="
s3 = "3067300B06092A864886F70D010105300B06092A864886F70D01010B300B06092A864886F70D01010C300B06092A864886F70D01010D300A06082A864886F70D0307300B0609608648016503040102300B060960864801650304012A300B06092A864886F70D010101"
Generic_Extension_description = s1 + s2 + s3
# Policy Value
Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue)
# Policy Definition
Policy_definition = etree.SubElement(
Policy_Value, "def", id="Generic Extension", classId="genericExtDefaultImpl"
)
Policy_description = etree.SubElement(Policy_definition, "description").text = Generic_Extension_description
# Policy Attributes
Generic_Extension_attributes = [
("genericExtCritical", "boolean", "NULL", "Criticality", "false"),
("genericExtData", "string_list", "NULL", "Extension Value", "NULL"),
]
# Policy Parameters
Generic_Extension_params = [
("genericExtCritical", ""),
("genericExtOID", "1.2.840.113549.1.9.15"),
("genericExtData", s3),
]
common.policy_parameters(Policy_definition, Generic_Extension_params)
# Constraints
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def Netscape_Certificate_Type_Extension_Default(root, PolicySet, extlist):
javaclass = 'nsCertTypeExtDefaultImpl'
result = common.check_policy(PolicySet, javaclass)
if result is False:
#Get Policy ID
pvalue = get_policyId(PolicySet)
# Description
Netscape_Certificate_Type_Extension_Default_description = 'This default populates a Netscape Certificate Type Extension'
# Policy Value
Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue)
# Policy Definition
Policy_definition = etree.SubElement(
Policy_Value,
'def',
id='Netscape Certificate Type Extension Default',
classId='nsCertTypeExtDefaultImpl')
Policy_description = etree.SubElement(
Policy_definition, 'description'
).text = Netscape_Certificate_Type_Extension_Default_description
# Policy Attributes
Netscape_Certificate_Type_Extension_Default_attributes = [
('nsCertCritical', 'boolean', 'NULL', 'Criticality', 'false'),
('nsCertSSLClient', 'boolean', 'NULL', 'SSL Client', 'false'),
('nsCertSSLServer', 'boolean', 'NULL', 'SSL Server', 'false'),
('nsCertEmail', 'boolean', 'NULL', 'Email', 'false'),
('nsCertObjectSigning', 'boolean', 'NULL', 'Object Signing',
'false'), ('nsCertSSLCA', 'boolean', 'NULL', 'SSL CA', 'false'),
('nsCertEmailCA', 'boolean', 'NULL', 'Email CA', 'false'),
('nsCertObjectSigningCA', 'boolean', 'NULL', 'Object Signing CA',
'false')
]
# Policy Parameters
Netscape_Certificate_Type_Extension_Default_params = [
('nsCertCritical',
common.check_ext_key_usage(extlist, 'nsCertCritical')),
('nsCertSSLClient',
common.check_ext_key_usage(extlist, 'nsCertSSLClient')),
('nsCertSSLServer',
common.check_ext_key_usage(extlist, 'nsCertSSLServer')),
('nsCertEmail', common.check_ext_key_usage(extlist,
'nsCertEmail')),
('nsCertObjectSigning',
common.check_ext_key_usage(extlist, 'nsCertObjectSigning')),
('nsCertSSLCA', common.check_ext_key_usage(extlist,
'nsCertSSLCA')),
('nsCertEmailCA',
common.check_ext_key_usage(extlist, 'nsCertEmailCA')),
('nsCertObjectSigningCA',
common.check_ext_key_usage(extlist, 'nsCertObjectSigningCA'))
]
common.policy_parameters(
Policy_definition,
Netscape_Certificate_Type_Extension_Default_params)
# Constraints
constraints.noConstraintImpl(Policy_Value)
else:
Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
for v in extlist:
result = Policy_Value.find("./def/params[@name=\"%s\"]" % v)
result[0].text = 'true'
