com.netscape.certsrv.dbs.certdb

Interface ICertificateRepository

All Superinterfaces:

IRepository

public interface ICertificateRepository
extends IRepository

An interface represents a CMS certificate repository. It stores all the issued certificate.

Version:

$Revision$, $Date$

Field Summary

Fields

Modifier and Type	Field and Description
static int	ALL_CERTS
static int	ALL_UNREVOKED_CERTS
static int	ALL_VALID_CERTS

Method Summary

Modifier and Type	Method and Description
void	addCertificateRecord(ICertRecord record) Adds a certificate record to the repository.
boolean	containsCertificate(java.math.BigInteger serialNo) Checks if the certificate exists in this repository.
ICertRecord	createCertRecord(java.math.BigInteger id, java.security.cert.Certificate cert, MetaInfo meta) Creates certificate record.
void	deleteCertificateRecord(java.math.BigInteger serialNo) Deletes certificate from this repository.
java.util.Enumeration<netscape.security.x509.X509CertImpl>	findCertificates(java.lang.String filter) Finds all certificates given a filter.
java.util.Enumeration<ICertRecord>	findCertRecords(java.lang.String filter) Finds all certificate records given a filter.
ICertRecordList	findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, int pageSize) Finds a list of certificate records that satisifies the filter.
ICertRecordList	findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, boolean hardJumpTo, java.lang.String sortKey, int pageSize)
ICertRecordList	findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, java.lang.String sortKey, int pageSize) Finds a list of certificate records that satisifies the filter.
ICertRecordList	findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, java.lang.String sortKey, int pageSize) Finds a list of certificate records that satisifies the filter.
ICertRecordList	findCertRecordsInListRawJumpto(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, java.lang.String sortKey, int pageSize) Finds a list of certificate records that satisifies the filter.
java.util.Enumeration<java.lang.Object>	findCertRecs(java.lang.String filter) Finds certificate records.
java.util.Enumeration<ICertRecord>	getAllRevokedCertificates() Retrieves all revoked certificates including ones that have expired or that are not yet valid.
java.util.Enumeration<ICertRecord>	getAllRevokedNonExpiredCertificates() Retrieves all revoked but not expired certificates.
boolean	getEnableRandomSerialNumbers() Retrieves serial number management mode.
java.util.Enumeration<ICertRecord>	getExpiredCertificates(java.lang.String from, java.lang.String to) Retrieves expired certificates.
java.util.Enumeration<ICertRecord>	getExpiredPublishedCertificates(java.lang.String from, java.lang.String to) Retrieves expired and published certificates.
ICertRecordList	getInvalidCertsByNotBeforeDate(java.util.Date date, int pageSize) Gets Invalid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.
void	getModifications(netscape.ldap.LDAPEntry entry) Retrieves modified certificate records.
java.math.BigInteger	getNextSerialNumber() Retrieves the next certificate serial number, and also increases the serial number by one.
java.util.Hashtable<java.lang.String,RenewableCertificateCollection>	getRenewableCertificates(java.lang.String renewalTime) Retrieves renewable certificates.
java.util.Enumeration<ICertRecord>	getRevokedCertificates(java.util.Date asOfDate) Retrieves all the revoked certificates that have not expired.
java.util.Enumeration<ICertRecord>	getRevokedCertificates(java.lang.String from, java.lang.String to) Retrieves revoked certificates.
ICertRecordList	getRevokedCertsByNotAfterDate(java.util.Date date, int pageSize) Gets Revoked certs orderes by noAfter date, jumps to records where notAfter date is greater than current.
java.util.Enumeration<ICertRecord>	getRevokedPublishedCertificates(java.lang.String from, java.lang.String to) Retrieves revoked and published certificates.
java.util.Enumeration<ICertRecord>	getValidCertificates(java.lang.String from, java.lang.String to) Retrieves valid certificates.
ICertRecordList	getValidCertsByNotAfterDate(java.util.Date date, int pageSize) Gets valid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.
java.util.Enumeration<ICertRecord>	getValidNotPublishedCertificates(java.lang.String from, java.lang.String to) Retrieves valid and not published certificates.
netscape.security.x509.X509CertImpl	getX509Certificate(java.math.BigInteger serialNo) Reads the certificate identified by the given serial no.
netscape.security.x509.X509CertImpl[]	getX509Certificates(java.lang.String subjectDN, int validityType) Gets all valid and unexpired certificates pertaining to a subject DN.
void	markAsRevoked(java.math.BigInteger id, IRevocationInfo info) Marks certificate as revoked.
void	markAsRevoked(java.math.BigInteger id, IRevocationInfo info, boolean isAlreadyOnHold)
void	markCertificateAsNotRenewable(ICertRecord record) Marks certificate as not renewable.
void	markCertificateAsRenewable(ICertRecord record) Marks certificate as renewable.
void	markCertificateAsRenewalNotified(java.lang.String serialNo) Marks certificate as renewed and notified.
void	markCertificateAsRenewed(java.lang.String serialNo) Marks certificate as renewed.
void	modifyCertificateRecord(java.math.BigInteger serialNo, ModificationSet mods) Modifies certificate record.
ICertRecord	readCertificateRecord(java.math.BigInteger serialNo) Reads certificate from repository.
void	removeCertRecords(java.math.BigInteger beginS, java.math.BigInteger endS) Removes certificate records with this repository.
java.util.Enumeration<java.lang.Object>	searchCertificates(java.lang.String filter, int maxSize) Finds a list of certificate records that satisifies the filter.
java.util.Enumeration<ICertRecord>	searchCertificates(java.lang.String filter, int maxSize, int timeLimit) Finds a list of certificate records that satisifies the filter.
java.util.Enumeration<ICertRecord>	searchCertificates(java.lang.String filter, int maxSize, int timeLimit, java.lang.String sortAttribute) Finds a list of certificate records that satisifies the filter.
java.util.Enumeration<java.lang.Object>	searchCertificates(java.lang.String filter, int maxSize, java.lang.String sortAttribute) Finds a list of certificate records that satisifies the filter.
void	setCertStatusUpdateInterval(IRepository requestRepo, int interval, boolean listenToCloneModifications) Sets certificate status update internal
void	setEnableRandomSerialNumbers(boolean random, boolean updateMode, boolean forceModeChange) Sets serial number management mode for certificates..
void	shutdown()
void	unmarkRevoked(java.math.BigInteger id, IRevocationInfo info, java.util.Date revokedOn, java.lang.String revokedBy) Unmark a revoked certificates.
void	updateCertStatus() Updates certificate status now.
void	updateStatus(java.math.BigInteger id, java.lang.String status) Updates certificate status.

Methods inherited from interface com.netscape.certsrv.dbs.repository.IRepository

checkRanges, getTheSerialNumber, resetSerialNumber, setEnableSerialMgmt, setMaxSerial, setNextMaxSerial

Field Detail

ALL_CERTS

static final int ALL_CERTS

See Also:

Constant Field Values

ALL_VALID_CERTS

static final int ALL_VALID_CERTS

See Also:

Constant Field Values

ALL_UNREVOKED_CERTS

static final int ALL_UNREVOKED_CERTS

See Also:

Constant Field Values

Method Detail

getNextSerialNumber

java.math.BigInteger getNextSerialNumber()
                                  throws EBaseException

Retrieves the next certificate serial number, and also increases the serial number by one.

Specified by:

getNextSerialNumber in interface IRepository

Returns:

serial number

Throws:

EBaseException - failed to retrieve next serial number

addCertificateRecord

void addCertificateRecord(ICertRecord record)
                   throws EBaseException

Adds a certificate record to the repository. Each certificate record contains four parts: certificate, meta-attributes, issue information and reovcation information.

Parameters:

record - X.509 certificate

Throws:

EBaseException - failed to add new certificate to the repository

getX509Certificate

netscape.security.x509.X509CertImpl getX509Certificate(java.math.BigInteger serialNo)
                                                throws EBaseException

Reads the certificate identified by the given serial no.

Parameters:

serialNo - serial number of certificate

Returns:

certificate

Throws:

EBaseException - failed to retrieve certificate

readCertificateRecord

ICertRecord readCertificateRecord(java.math.BigInteger serialNo)
                           throws EBaseException

Reads certificate from repository.

Parameters:

serialNo - serial number of certificate

Returns:

certificate record

Throws:

EBaseException - failed to retrieve certificate

setCertStatusUpdateInterval

void setCertStatusUpdateInterval(IRepository requestRepo,
                                 int interval,
                                 boolean listenToCloneModifications)

Sets certificate status update internal

Parameters:

requestRepo - request repository

interval - update interval

listenToCloneModifications - enable listening to clone modifications

updateCertStatus

void updateCertStatus()
               throws EBaseException

Updates certificate status now. This is a blocking method.

Throws:

EBaseException - failed to update

modifyCertificateRecord

void modifyCertificateRecord(java.math.BigInteger serialNo,
                             ModificationSet mods)
                      throws EBaseException

Modifies certificate record.

Parameters:

serialNo - serial number of record

mods - modifications

Throws:

EBaseException - failed to modify

containsCertificate

boolean containsCertificate(java.math.BigInteger serialNo)
                     throws EBaseException

Checks if the certificate exists in this repository.

Parameters:

serialNo - serial number of certificate

Returns:

true if it exists

Throws:

EBaseException - failed to check

deleteCertificateRecord

void deleteCertificateRecord(java.math.BigInteger serialNo)
                      throws EBaseException

Deletes certificate from this repository.

Parameters:

serialNo - serial number of certificate

Throws:

EBaseException - failed to delete

markAsRevoked

void markAsRevoked(java.math.BigInteger id,
                   IRevocationInfo info)
            throws EBaseException

Marks certificate as revoked.

Parameters:

id - serial number

info - revocation information

isAlreadyOnHold - boolean to indicate if the cert was revoked onHold

Throws:

EBaseException - failed to mark

markAsRevoked

void markAsRevoked(java.math.BigInteger id,
                   IRevocationInfo info,
                   boolean isAlreadyOnHold)
            throws EBaseException

Throws:

EBaseException

updateStatus

void updateStatus(java.math.BigInteger id,
                  java.lang.String status)
           throws EBaseException

Updates certificate status.

Parameters:

id - serial number

status - certificate status

Throws:

EBaseException - failed to update status

markCertificateAsRenewable

void markCertificateAsRenewable(ICertRecord record)
                         throws EBaseException

Marks certificate as renewable.

Parameters:

record - certificate record to modify

Throws:

EBaseException - failed to update

markCertificateAsNotRenewable

void markCertificateAsNotRenewable(ICertRecord record)
                            throws EBaseException

Marks certificate as not renewable.

Parameters:

record - certificate record to modify

Throws:

EBaseException - failed to update

markCertificateAsRenewed

void markCertificateAsRenewed(java.lang.String serialNo)
                       throws EBaseException

Marks certificate as renewed.

Parameters:

serialNo - certificate record to modify

Throws:

EBaseException - failed to update

markCertificateAsRenewalNotified

void markCertificateAsRenewalNotified(java.lang.String serialNo)
                               throws EBaseException

Marks certificate as renewed and notified.

Parameters:

serialNo - certificate record to modify

Throws:

EBaseException - failed to update

searchCertificates

java.util.Enumeration<java.lang.Object> searchCertificates(java.lang.String filter,
                                                           int maxSize)
                                                    throws EBaseException

Finds a list of certificate records that satisifies the filter. Here is a list of filter attribute can be used:

   certRecordId
   certMetaInfo
   certStatus
   certCreateTime
   certModifyTime
   x509Cert.notBefore
   x509Cert.notAfter
   x509Cert.subject
 

The filter should follow RFC1558 LDAP filter syntax. For example,

   (&(certRecordId=5)(x509Cert.notBefore=934398398))
 

Parameters:

filter - search filter

maxSize - max size to return

Returns:

a list of certificates

Throws:

EBaseException - failed to search

searchCertificates

java.util.Enumeration<ICertRecord> searchCertificates(java.lang.String filter,
                                                      int maxSize,
                                                      int timeLimit)
                                               throws EBaseException

Finds a list of certificate records that satisifies the filter.

Parameters:

filter - search filter

maxSize - max size to return

timeLimit - timeout value

Returns:

a list of certificates

Throws:

EBaseException - failed to search

searchCertificates

java.util.Enumeration<ICertRecord> searchCertificates(java.lang.String filter,
                                                      int maxSize,
                                                      int timeLimit,
                                                      java.lang.String sortAttribute)
                                               throws EBaseException

Finds a list of certificate records that satisifies the filter.

Parameters:

filter - search filter

maxSize - max size to return

timeLimit - timeout value

sortAttribute - Attribute of ICertRecord to sort the results

Returns:

a list of certificates

Throws:

EBaseException - failed to search

searchCertificates

java.util.Enumeration<java.lang.Object> searchCertificates(java.lang.String filter,
                                                           int maxSize,
                                                           java.lang.String sortAttribute)
                                                    throws EBaseException

Finds a list of certificate records that satisifies the filter.

Parameters:

filter - search filter

maxSize - max size to return

sortAttribute - Attribute of ICertRecord to sort the results

Returns:

a list of certificates

Throws:

EBaseException - failed to search

findCertRecordsInList

ICertRecordList findCertRecordsInList(java.lang.String filter,
                                      java.lang.String[] attrs,
                                      int pageSize)
                               throws EBaseException

Finds a list of certificate records that satisifies the filter.

Parameters:

filter - search filter

attrs - selected attribute

pageSize - page size

Returns:

a list of certificates

Throws:

EBaseException - failed to search

findCertRecordsInList

ICertRecordList findCertRecordsInList(java.lang.String filter,
                                      java.lang.String[] attrs,
                                      java.lang.String sortKey,
                                      int pageSize)
                               throws EBaseException

Finds a list of certificate records that satisifies the filter.

Parameters:

filter - search filter

attrs - selected attribute

sortKey - key to use for sorting the returned elements

pageSize - page size

Returns:

a list of certificates

Throws:

EBaseException - failed to search

findCertRecordsInList

ICertRecordList findCertRecordsInList(java.lang.String filter,
                                      java.lang.String[] attrs,
                                      java.lang.String jumpTo,
                                      java.lang.String sortKey,
                                      int pageSize)
                               throws EBaseException

Finds a list of certificate records that satisifies the filter.

Parameters:

filter - search filter

attrs - selected attribute

jumpTo - jump to index

sortKey - key to use for sorting the returned elements

pageSize - page size

Returns:

a list of certificates

Throws:

EBaseException - failed to search

findCertRecordsInList

ICertRecordList findCertRecordsInList(java.lang.String filter,
                                      java.lang.String[] attrs,
                                      java.lang.String jumpTo,
                                      boolean hardJumpTo,
                                      java.lang.String sortKey,
                                      int pageSize)
                               throws EBaseException

Throws:

EBaseException

findCertRecordsInListRawJumpto

ICertRecordList findCertRecordsInListRawJumpto(java.lang.String filter,
                                               java.lang.String[] attrs,
                                               java.lang.String jumpTo,
                                               java.lang.String sortKey,
                                               int pageSize)
                                        throws EBaseException

Finds a list of certificate records that satisifies the filter.

Parameters:

filter - search filter

attrs - selected attribute

jumpTo - jump to index

sortKey - key to use for sorting the returned elements

pageSize - page size

Returns:

a list of certificates

Throws:

EBaseException - failed to search

getX509Certificates

netscape.security.x509.X509CertImpl[] getX509Certificates(java.lang.String subjectDN,
                                                          int validityType)
                                                   throws EBaseException

Gets all valid and unexpired certificates pertaining to a subject DN.

Parameters:

subjectDN - The distinguished name of the subject.

validityType - The type of certificatese to retrieve.

Returns:

An array of certificates.

Throws:

EBaseException - on error.

getRevokedCertificates

java.util.Enumeration<ICertRecord> getRevokedCertificates(java.util.Date asOfDate)
                                                   throws EBaseException

Retrieves all the revoked certificates that have not expired.

Parameters:

asOfDate - as of date

Returns:

a list of revoked certificates

Throws:

EBaseException - failed to retrieve

getAllRevokedCertificates

java.util.Enumeration<ICertRecord> getAllRevokedCertificates()
                                                      throws EBaseException

Retrieves all revoked certificates including ones that have expired or that are not yet valid.

Returns:

a list of revoked certificates

Throws:

EBaseException - failed to search

getAllRevokedNonExpiredCertificates

java.util.Enumeration<ICertRecord> getAllRevokedNonExpiredCertificates()
                                                                throws EBaseException

Retrieves all revoked but not expired certificates.

Returns:

a list of revoked certificates

Throws:

EBaseException - failed to search

findCertificates

java.util.Enumeration<netscape.security.x509.X509CertImpl> findCertificates(java.lang.String filter)
                                                                     throws EBaseException

Finds all certificates given a filter.

Parameters:

filter - search filter

Returns:

a list of certificates

Throws:

EBaseException - failed to search

findCertRecords

java.util.Enumeration<ICertRecord> findCertRecords(java.lang.String filter)
                                            throws EBaseException

Finds all certificate records given a filter.

Parameters:

filter - search filter

Returns:

a list of certificates

Throws:

EBaseException - failed to search

getRevokedCertsByNotAfterDate

ICertRecordList getRevokedCertsByNotAfterDate(java.util.Date date,
                                              int pageSize)
                                       throws EBaseException

Gets Revoked certs orderes by noAfter date, jumps to records where notAfter date is greater than current.

Parameters:

date - reference date

pageSize - page size

Returns:

a list of certificate records

Throws:

EBaseException - failed to retrieve

getInvalidCertsByNotBeforeDate

ICertRecordList getInvalidCertsByNotBeforeDate(java.util.Date date,
                                               int pageSize)
                                        throws EBaseException

Gets Invalid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.

Parameters:

date - reference date

pageSize - page size

Returns:

a list of certificate records

Throws:

EBaseException - failed to retrieve

getValidCertsByNotAfterDate

ICertRecordList getValidCertsByNotAfterDate(java.util.Date date,
                                            int pageSize)
                                     throws EBaseException

Gets valid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.

Parameters:

date - reference date

pageSize - page size

Returns:

a list of certificate records

Throws:

EBaseException - failed to retrieve

createCertRecord

ICertRecord createCertRecord(java.math.BigInteger id,
                             java.security.cert.Certificate cert,
                             MetaInfo meta)

Creates certificate record.

Parameters:

id - serial number

cert - certificate

meta - meta information

Returns:

certificate record

findCertRecs

java.util.Enumeration<java.lang.Object> findCertRecs(java.lang.String filter)
                                              throws EBaseException

Finds certificate records.

Parameters:

filter - search filter

Returns:

a list of certificate records

Throws:

EBaseException - failed to retrieve cert records

getRenewableCertificates

java.util.Hashtable<java.lang.String,RenewableCertificateCollection> getRenewableCertificates(java.lang.String renewalTime)
                                                                                       throws EBaseException

Retrieves renewable certificates.

Parameters:

renewalTime - renewal time

Returns:

certificates

Throws:

EBaseException - failed to retrieve

unmarkRevoked

void unmarkRevoked(java.math.BigInteger id,
                   IRevocationInfo info,
                   java.util.Date revokedOn,
                   java.lang.String revokedBy)
            throws EBaseException

Unmark a revoked certificates.

Parameters:

id - serial number

info - revocation information

revokedOn - revocation date

revokedBy - userid

Throws:

EBaseException - failed to unmark

getValidNotPublishedCertificates

java.util.Enumeration<ICertRecord> getValidNotPublishedCertificates(java.lang.String from,
                                                                    java.lang.String to)
                                                             throws EBaseException

Retrieves valid and not published certificates.

Parameters:

from - starting serial number

to - ending serial number

Returns:

a list of certificates

Throws:

EBaseException - failed to retrieve

getExpiredPublishedCertificates

java.util.Enumeration<ICertRecord> getExpiredPublishedCertificates(java.lang.String from,
                                                                   java.lang.String to)
                                                            throws EBaseException

Retrieves expired and published certificates.

Parameters:

from - starting serial number

to - ending serial number

Returns:

a list of certificates

Throws:

EBaseException - failed to retrieve

getRevokedPublishedCertificates

java.util.Enumeration<ICertRecord> getRevokedPublishedCertificates(java.lang.String from,
                                                                   java.lang.String to)
                                                            throws EBaseException

Retrieves revoked and published certificates.

Parameters:

from - starting serial number

to - ending serial number

Returns:

a list of certificates

Throws:

EBaseException - failed to retrieve

getValidCertificates

java.util.Enumeration<ICertRecord> getValidCertificates(java.lang.String from,
                                                        java.lang.String to)
                                                 throws EBaseException

Retrieves valid certificates.

Parameters:

from - starting serial number

to - ending serial number

Returns:

a list of certificates

Throws:

EBaseException - failed to retrieve

getExpiredCertificates

java.util.Enumeration<ICertRecord> getExpiredCertificates(java.lang.String from,
                                                          java.lang.String to)
                                                   throws EBaseException

Retrieves expired certificates.

Parameters:

from - starting serial number

to - ending serial number

Returns:

a list of certificates

Throws:

EBaseException - failed to retrieve

getRevokedCertificates

java.util.Enumeration<ICertRecord> getRevokedCertificates(java.lang.String from,
                                                          java.lang.String to)
                                                   throws EBaseException

Retrieves revoked certificates.

Parameters:

from - starting serial number

to - ending serial number

Returns:

a list of certificates

Throws:

EBaseException - failed to retrieve

getModifications

void getModifications(netscape.ldap.LDAPEntry entry)

Retrieves modified certificate records.

Parameters:

entry - LDAPEntry with modified data

removeCertRecords

void removeCertRecords(java.math.BigInteger beginS,
                       java.math.BigInteger endS)
                throws EBaseException

Removes certificate records with this repository.

Parameters:

beginS - BigInteger with radix 16

endS - BigInteger with radix 16

Throws:

EBaseException

getEnableRandomSerialNumbers

boolean getEnableRandomSerialNumbers()

Retrieves serial number management mode.

Returns:

serial number management mode, "true" indicates random serial number management, "false" indicates sequential serial number management.

setEnableRandomSerialNumbers

void setEnableRandomSerialNumbers(boolean random,
                                  boolean updateMode,
                                  boolean forceModeChange)

Sets serial number management mode for certificates..

Parameters:

random - "true" sets random serial number management, "false" sequential

updateMode - "true" updates "description" attribute in certificate repository

forceModeChange - "true" forces certificate repository mode change

shutdown

void shutdown()