Package com.netscape.cms.ocsp
Class DefStore
- java.lang.Object
-
- com.netscape.cms.ocsp.DefStore
-
- All Implemented Interfaces:
IExtendedPluginInfo
,IDefStore
,IOCSPStore
public class DefStore extends java.lang.Object implements IDefStore, IExtendedPluginInfo
This is the default OCSP store that stores revocation information as certificate record (CMS internal data structure).- Version:
- $Revision$, $Date$
-
-
Field Summary
Fields Modifier and Type Field Description static java.math.BigInteger
BIG_ZERO
static org.slf4j.Logger
logger
protected boolean
mByName
protected java.util.Hashtable<java.lang.String,com.netscape.cms.ocsp.CRLIPContainer>
mCacheCRLIssuingPoints
protected boolean
mIncludeNextUpdate
static java.lang.Long
MINUS_ONE
protected boolean
mNotFoundGood
protected java.util.Hashtable<java.lang.String,java.lang.Long>
mReqCounts
protected boolean
mUseCache
-
Fields inherited from interface com.netscape.certsrv.base.IExtendedPluginInfo
HELP_TEXT, HELP_TOKEN
-
-
Constructor Summary
Constructors Constructor Description DefStore()
Constructs the default store.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String sno, ICertRecord rec)
Creates a new issuing point in OCSP.void
addCRLIssuingPoint(java.lang.String name, ICRLIssuingPointRecord rec)
Creates a new issuing point in OCSP.void
addRepository(java.lang.String name, java.lang.String thisUpdate, IRepositoryRecord rec)
Creates a new issuing point in OCSP.ICRLIssuingPointRecord
createCRLIssuingPointRecord(java.lang.String name, java.math.BigInteger crlNumber, java.lang.Long crlSize, java.util.Date thisUpdate, java.util.Date nextUpdate)
This method creates a CRL issuing point record.IRepositoryRecord
createRepositoryRecord()
This method creates a an OCSP default store repository record.void
deleteAllCRLsInCA(java.lang.String caName)
void
deleteCRLIssuingPointRecord(java.lang.String id)
This method deletes a CRL issuing point recordvoid
deleteCRLsInCA(java.lang.String caName, boolean oldCRLs)
void
deleteOldCRLs()
This store will not delete the old CRL until the new one is totally committed.void
deleteOldCRLsInCA(java.lang.String caName)
java.lang.String
getBaseDN()
NameValuePairs
getConfigParameters()
This method retrieves the configuration parameters associated with this OCSP store.IConfigStore
getConfigStore()
java.lang.String[]
getExtendedPluginInfo(java.util.Locale locale)
This method returns an array of strings.java.lang.String
getId()
long
getReqCount(java.lang.String id)
This method retrieves the number of OCSP requests since startup.int
getStateCount()
This method retrieves the number of CRL updates since startup.boolean
includeNextUpdate()
void
incReqCount(java.lang.String id)
void
init(IOCSPAuthority owner, IConfigStore config)
boolean
isNotFoundGood()
This method checks to see if the OCSP response should return good when the certificate is not found.void
modifyCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String sno, ModificationSet mods)
void
modifyCRLIssuingPointRecord(java.lang.String name, ModificationSet mods)
ICertRecord
readCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String sno)
ICRLIssuingPointRecord
readCRLIssuingPoint(java.lang.String name)
Returns an issuing point.java.util.Enumeration<ICRLIssuingPointRecord>
searchAllCRLIssuingPointRecord(int maxSize)
This method searches all CRL issuing points.java.util.Enumeration<ICertRecord>
searchCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String filter)
java.util.Enumeration<ICRLIssuingPointRecord>
searchCRLIssuingPointRecord(java.lang.String filter, int maxSize)
This method searches all CRL issuing points constrained by the specified filtering mechanism.java.util.Enumeration<IRepositoryRecord>
searchRepository(java.lang.String name, java.lang.String filter)
void
setConfigParameters(NameValuePairs pairs)
This method stores the configuration parameters specified by the passed-in Name Value pairs object.void
setId(java.lang.String id)
void
shutdown()
void
startup()
void
updateCRL(java.security.cert.X509CRL crl)
This method updates the specified CRL.OCSPResponse
validate(OCSPRequest request)
Validate an OCSP request.boolean
waitOnCRLUpdate()
Returns to the client once the CRL is received.
-
-
-
Field Detail
-
logger
public static org.slf4j.Logger logger
-
BIG_ZERO
public static final java.math.BigInteger BIG_ZERO
-
MINUS_ONE
public static final java.lang.Long MINUS_ONE
-
mReqCounts
protected java.util.Hashtable<java.lang.String,java.lang.Long> mReqCounts
-
mNotFoundGood
protected boolean mNotFoundGood
-
mUseCache
protected boolean mUseCache
-
mByName
protected boolean mByName
-
mIncludeNextUpdate
protected boolean mIncludeNextUpdate
-
mCacheCRLIssuingPoints
protected java.util.Hashtable<java.lang.String,com.netscape.cms.ocsp.CRLIPContainer> mCacheCRLIssuingPoints
-
-
Method Detail
-
getExtendedPluginInfo
public java.lang.String[] getExtendedPluginInfo(java.util.Locale locale)
Description copied from interface:IExtendedPluginInfo
This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name; [,required]; ;... Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use" - Specified by:
getExtendedPluginInfo
in interfaceIExtendedPluginInfo
-
init
public void init(IOCSPAuthority owner, IConfigStore config) throws EBaseException
- Specified by:
init
in interfaceIOCSPStore
- Throws:
EBaseException
-
createRepositoryRecord
public IRepositoryRecord createRepositoryRecord()
Description copied from interface:IDefStore
This method creates a an OCSP default store repository record.- Specified by:
createRepositoryRecord
in interfaceIDefStore
- Returns:
- IRepositoryRecord an instance of the repository record object
-
waitOnCRLUpdate
public boolean waitOnCRLUpdate()
Returns to the client once the CRL is received.- Specified by:
waitOnCRLUpdate
in interfaceIDefStore
- Returns:
- boolean true or false
-
includeNextUpdate
public boolean includeNextUpdate()
-
isNotFoundGood
public boolean isNotFoundGood()
Description copied from interface:IDefStore
This method checks to see if the OCSP response should return good when the certificate is not found.- Specified by:
isNotFoundGood
in interfaceIDefStore
- Returns:
- boolean true or false
-
getReqCount
public long getReqCount(java.lang.String id)
Description copied from interface:IDefStore
This method retrieves the number of OCSP requests since startup.- Specified by:
getReqCount
in interfaceIDefStore
- Parameters:
id
- a string associated with an OCSP request- Returns:
- count the number of this type of OCSP requests
-
incReqCount
public void incReqCount(java.lang.String id)
-
deleteOldCRLs
public void deleteOldCRLs() throws EBaseException
This store will not delete the old CRL until the new one is totally committed.- Throws:
EBaseException
-
deleteOldCRLsInCA
public void deleteOldCRLsInCA(java.lang.String caName) throws EBaseException
- Throws:
EBaseException
-
deleteAllCRLsInCA
public void deleteAllCRLsInCA(java.lang.String caName) throws EBaseException
- Throws:
EBaseException
-
deleteCRLsInCA
public void deleteCRLsInCA(java.lang.String caName, boolean oldCRLs) throws EBaseException
- Throws:
EBaseException
-
startup
public void startup() throws EBaseException
- Specified by:
startup
in interfaceIOCSPStore
- Throws:
EBaseException
-
shutdown
public void shutdown()
- Specified by:
shutdown
in interfaceIOCSPStore
-
getConfigStore
public IConfigStore getConfigStore()
-
setId
public void setId(java.lang.String id) throws EBaseException
- Throws:
EBaseException
-
getId
public java.lang.String getId()
-
validate
public OCSPResponse validate(OCSPRequest request) throws EBaseException
Validate an OCSP request.- Specified by:
validate
in interfaceIOCSPStore
- Parameters:
request
- an OCSP request- Returns:
- OCSPResponse the OCSP response associated with the specified OCSP request
- Throws:
EBaseException
- an error associated with the inability to process the supplied OCSP request
-
getBaseDN
public java.lang.String getBaseDN()
-
searchAllCRLIssuingPointRecord
public java.util.Enumeration<ICRLIssuingPointRecord> searchAllCRLIssuingPointRecord(int maxSize) throws EBaseException
Description copied from interface:IDefStore
This method searches all CRL issuing points.- Specified by:
searchAllCRLIssuingPointRecord
in interfaceIDefStore
- Parameters:
maxSize
- specifies the largest number of hits from the search- Returns:
- Enumeration a list of the CRL issuing points
- Throws:
EBaseException
- occurs when no CRL issuing point exists
-
searchCRLIssuingPointRecord
public java.util.Enumeration<ICRLIssuingPointRecord> searchCRLIssuingPointRecord(java.lang.String filter, int maxSize) throws EBaseException
Description copied from interface:IDefStore
This method searches all CRL issuing points constrained by the specified filtering mechanism.- Specified by:
searchCRLIssuingPointRecord
in interfaceIDefStore
- Parameters:
filter
- a string which constrains the searchmaxSize
- specifies the largest number of hits from the search- Returns:
- Enumeration a list of the CRL issuing points
- Throws:
EBaseException
- occurs when no CRL issuing point exists
-
modifyCRLIssuingPointRecord
public void modifyCRLIssuingPointRecord(java.lang.String name, ModificationSet mods) throws EBaseException
- Throws:
EBaseException
-
readCRLIssuingPoint
public ICRLIssuingPointRecord readCRLIssuingPoint(java.lang.String name) throws EBaseException
Returns an issuing point.- Specified by:
readCRLIssuingPoint
in interfaceIDefStore
- Parameters:
name
- the name of the CRL to be read- Returns:
- ICRLIssuingPointRecord the CRL issuing point
- Throws:
EBaseException
- occurs when the specified CRL cannot be located
-
createCRLIssuingPointRecord
public ICRLIssuingPointRecord createCRLIssuingPointRecord(java.lang.String name, java.math.BigInteger crlNumber, java.lang.Long crlSize, java.util.Date thisUpdate, java.util.Date nextUpdate)
Description copied from interface:IDefStore
This method creates a CRL issuing point record.- Specified by:
createCRLIssuingPointRecord
in interfaceIDefStore
- Parameters:
name
- a string representation of this CRL issuing point recordcrlNumber
- the number of this CRL issuing point recordcrlSize
- the size of this CRL issuing point recordthisUpdate
- the time for this CRL issuing point recordnextUpdate
- the time for the next CRL issuing point record- Returns:
- ICRLIssuingPointRecord this CRL issuing point record
-
deleteCRLIssuingPointRecord
public void deleteCRLIssuingPointRecord(java.lang.String id) throws EBaseException
Description copied from interface:IDefStore
This method deletes a CRL issuing point record- Specified by:
deleteCRLIssuingPointRecord
in interfaceIDefStore
- Parameters:
id
- a string representation of this CRL issuing point record- Throws:
EBaseException
- occurs when the specified CRL issuing point record cannot be deleted
-
addCRLIssuingPoint
public void addCRLIssuingPoint(java.lang.String name, ICRLIssuingPointRecord rec) throws EBaseException
Creates a new issuing point in OCSP.- Specified by:
addCRLIssuingPoint
in interfaceIDefStore
- Parameters:
name
- a string representation of this CRL issuing point recordrec
- this CRL issuing point record- Throws:
EBaseException
- occurs when the specified CRL issuing point record cannot be added
-
searchRepository
public java.util.Enumeration<IRepositoryRecord> searchRepository(java.lang.String name, java.lang.String filter) throws EBaseException
- Throws:
EBaseException
-
addRepository
public void addRepository(java.lang.String name, java.lang.String thisUpdate, IRepositoryRecord rec) throws EBaseException
Creates a new issuing point in OCSP.- Specified by:
addRepository
in interfaceIDefStore
- Parameters:
name
- a string representing the name of this requestthisUpdate
- the current requestrec
- an instance of the repository record object- Throws:
EBaseException
- occurs when there is an error attempting to add this request to the repository
-
modifyCertRecord
public void modifyCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String sno, ModificationSet mods) throws EBaseException
- Throws:
EBaseException
-
searchCertRecord
public java.util.Enumeration<ICertRecord> searchCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String filter) throws EBaseException
- Throws:
EBaseException
-
readCertRecord
public ICertRecord readCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String sno) throws EBaseException
- Throws:
EBaseException
-
addCertRecord
public void addCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String sno, ICertRecord rec) throws EBaseException
Creates a new issuing point in OCSP.- Throws:
EBaseException
-
getConfigParameters
public NameValuePairs getConfigParameters()
Description copied from interface:IOCSPStore
This method retrieves the configuration parameters associated with this OCSP store.- Specified by:
getConfigParameters
in interfaceIOCSPStore
- Returns:
- NameValuePairs all configuration items
-
setConfigParameters
public void setConfigParameters(NameValuePairs pairs) throws EBaseException
Description copied from interface:IOCSPStore
This method stores the configuration parameters specified by the passed-in Name Value pairs object.- Specified by:
setConfigParameters
in interfaceIOCSPStore
- Parameters:
pairs
- a name-value pair object- Throws:
EBaseException
- an illegal name-value pair
-
updateCRL
public void updateCRL(java.security.cert.X509CRL crl) throws EBaseException
Description copied from interface:IDefStore
This method updates the specified CRL.- Specified by:
updateCRL
in interfaceIDefStore
- Parameters:
crl
- the CRL to be updated- Throws:
EBaseException
- occurs when the CRL cannot be updated
-
getStateCount
public int getStateCount()
Description copied from interface:IDefStore
This method retrieves the number of CRL updates since startup.- Specified by:
getStateCount
in interfaceIDefStore
- Returns:
- count the number of OCSP default stores
-
-