com.netscape.cms.ocsp

Class DefStore

java.lang.Object

com.netscape.cms.ocsp.DefStore

All Implemented Interfaces:

IExtendedPluginInfo, ISubsystem, IDefStore, IOCSPStore

public class DefStore
extends java.lang.Object
implements IDefStore, IExtendedPluginInfo

This is the default OCSP store that stores revocation information as certificate record (CMS internal data structure).

Version:

$Revision$, $Date$

Field Summary

Fields

Modifier and Type	Field and Description
static java.math.BigInteger	BIG_ZERO
protected boolean	mByName
protected java.util.Hashtable<java.lang.String,com.netscape.cms.ocsp.CRLIPContainer>	mCacheCRLIssuingPoints
protected boolean	mIncludeNextUpdate
static java.lang.Long	MINUS_ONE
protected boolean	mNotFoundGood
protected java.util.Hashtable<java.lang.String,java.lang.Long>	mReqCounts
protected boolean	mUseCache

Fields inherited from interface com.netscape.certsrv.base.IExtendedPluginInfo

HELP_TEXT, HELP_TOKEN

Constructor Summary

Constructors

Constructor and Description
DefStore() Constructs the default store.

Method Summary

Modifier and Type	Method and Description
void	addCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String sno, ICertRecord rec) Creates a new issuing point in OCSP.
void	addCRLIssuingPoint(java.lang.String name, ICRLIssuingPointRecord rec) Creates a new issuing point in OCSP.
void	addRepository(java.lang.String name, java.lang.String thisUpdate, IRepositoryRecord rec) Creates a new issuing point in OCSP.
ICRLIssuingPointRecord	createCRLIssuingPointRecord(java.lang.String name, java.math.BigInteger crlNumber, java.lang.Long crlSize, java.util.Date thisUpdate, java.util.Date nextUpdate) This method creates a CRL issuing point record.
IRepositoryRecord	createRepositoryRecord() This method creates a an OCSP default store repository record.
void	deleteAllCRLsInCA(java.lang.String caName)
void	deleteCRLIssuingPointRecord(java.lang.String id) This method deletes a CRL issuing point record
void	deleteCRLsInCA(java.lang.String caName, boolean oldCRLs)
void	deleteOldCRLs() This store will not delete the old CRL until the new one is totally committed.
void	deleteOldCRLsInCA(java.lang.String caName)
java.lang.String	getBaseDN()
NameValuePairs	getConfigParameters() This method retrieves the configuration parameters associated with this OCSP store.
IConfigStore	getConfigStore() Returns the root configuration storage of this system.
java.lang.String[]	getExtendedPluginInfo(java.util.Locale locale) This method returns an array of strings.
java.lang.String	getId() Retrieves the name of this subsystem.
long	getReqCount(java.lang.String id) This method retrieves the number of OCSP requests since startup.
int	getStateCount() This method retrieves the number of CRL updates since startup.
boolean	includeNextUpdate()
void	incReqCount(java.lang.String id)
void	init(ISubsystem owner, IConfigStore config) Initializes this subsystem with the given configuration store.
boolean	isNotFoundGood() This method checks to see if the OCSP response should return good when the certificate is not found.
void	log(int event, int level, java.lang.String msg)
void	log(int level, java.lang.String msg)
void	modifyCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String sno, ModificationSet mods)
void	modifyCRLIssuingPointRecord(java.lang.String name, ModificationSet mods)
ICertRecord	readCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String sno)
ICRLIssuingPointRecord	readCRLIssuingPoint(java.lang.String name) Returns an issuing point.
java.util.Enumeration<ICRLIssuingPointRecord>	searchAllCRLIssuingPointRecord(int maxSize) This method searches all CRL issuing points.
java.util.Enumeration<ICertRecord>	searchCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String filter)
java.util.Enumeration<ICRLIssuingPointRecord>	searchCRLIssuingPointRecord(java.lang.String filter, int maxSize) This method searches all CRL issuing points constrained by the specified filtering mechanism.
java.util.Enumeration<IRepositoryRecord>	searchRepository(java.lang.String name, java.lang.String filter)
void	setConfigParameters(NameValuePairs pairs) This method stores the configuration parameters specified by the passed-in Name Value pairs object.
void	setId(java.lang.String id) Sets specific to this subsystem.
void	shutdown() Stops this system.
void	startup() Notifies this subsystem if owner is in running mode.
void	updateCRL(java.security.cert.X509CRL crl) This method updates the specified CRL.
OCSPResponse	validate(OCSPRequest request) Validate an OCSP request.
boolean	waitOnCRLUpdate() Returns to the client once the CRL is received.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

BIG_ZERO

public static final java.math.BigInteger BIG_ZERO

MINUS_ONE

public static final java.lang.Long MINUS_ONE

mReqCounts

protected java.util.Hashtable<java.lang.String,java.lang.Long> mReqCounts

mNotFoundGood

protected boolean mNotFoundGood

mUseCache

protected boolean mUseCache

mByName

protected boolean mByName

mIncludeNextUpdate

protected boolean mIncludeNextUpdate

mCacheCRLIssuingPoints

protected java.util.Hashtable<java.lang.String,com.netscape.cms.ocsp.CRLIPContainer> mCacheCRLIssuingPoints

Constructor Detail

DefStore

public DefStore()

Constructs the default store.

Method Detail

getExtendedPluginInfo

public java.lang.String[] getExtendedPluginInfo(java.util.Locale locale)

Description copied from interface: IExtendedPluginInfo

This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name ;[,required];;... Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use"

Specified by:

getExtendedPluginInfo in interface IExtendedPluginInfo

init

public void init(ISubsystem owner,
                 IConfigStore config)
          throws EBaseException

Description copied from interface: ISubsystem

Initializes this subsystem with the given configuration store.

Specified by:

init in interface ISubsystem

Parameters:

owner - owner of this subsystem

config - configuration store

Throws:

EBaseException - failed to initialize

createRepositoryRecord

public IRepositoryRecord createRepositoryRecord()

Description copied from interface: IDefStore

This method creates a an OCSP default store repository record.

Specified by:

createRepositoryRecord in interface IDefStore

Returns:

IRepositoryRecord an instance of the repository record object

waitOnCRLUpdate

public boolean waitOnCRLUpdate()

Returns to the client once the CRL is received.

Specified by:

waitOnCRLUpdate in interface IDefStore

Returns:

boolean true or false

includeNextUpdate

public boolean includeNextUpdate()

isNotFoundGood

public boolean isNotFoundGood()

Description copied from interface: IDefStore

This method checks to see if the OCSP response should return good when the certificate is not found.

Specified by:

isNotFoundGood in interface IDefStore

Returns:

boolean true or false

getReqCount

public long getReqCount(java.lang.String id)

Description copied from interface: IDefStore

This method retrieves the number of OCSP requests since startup.

Specified by:

getReqCount in interface IDefStore

Parameters:

id - a string associated with an OCSP request

Returns:

count the number of this type of OCSP requests

incReqCount

public void incReqCount(java.lang.String id)

deleteOldCRLs

public void deleteOldCRLs()
                   throws EBaseException

This store will not delete the old CRL until the new one is totally committed.

Throws:

EBaseException

deleteOldCRLsInCA

public void deleteOldCRLsInCA(java.lang.String caName)
                       throws EBaseException

Throws:

EBaseException

deleteAllCRLsInCA

public void deleteAllCRLsInCA(java.lang.String caName)
                       throws EBaseException

Throws:

EBaseException

deleteCRLsInCA

public void deleteCRLsInCA(java.lang.String caName,
                           boolean oldCRLs)
                    throws EBaseException

Throws:

EBaseException

log

public void log(int event,
                int level,
                java.lang.String msg)

log

public void log(int level,
                java.lang.String msg)

startup

public void startup()
             throws EBaseException

Description copied from interface: ISubsystem

Notifies this subsystem if owner is in running mode.

Specified by:

startup in interface ISubsystem

Throws:

EBaseException - failed to start up

shutdown

public void shutdown()

Description copied from interface: ISubsystem

Stops this system. The owner may call shutdown anytime after initialization.

Specified by:

shutdown in interface ISubsystem

getConfigStore

public IConfigStore getConfigStore()

Description copied from interface: ISubsystem

Returns the root configuration storage of this system.

Specified by:

getConfigStore in interface ISubsystem

Returns:

configuration store of this subsystem

setId

public void setId(java.lang.String id)
           throws EBaseException

Description copied from interface: ISubsystem

Sets specific to this subsystem.

Specified by:

setId in interface ISubsystem

Parameters:

id - subsystem identifier

Throws:

EBaseException - failed to set id

getId

public java.lang.String getId()

Description copied from interface: ISubsystem

Retrieves the name of this subsystem.

Specified by:

getId in interface ISubsystem

Returns:

subsystem identifier

validate

public OCSPResponse validate(OCSPRequest request)
                      throws EBaseException

Validate an OCSP request.

Specified by:

validate in interface IOCSPStore

Parameters:

request - an OCSP request

Returns:

OCSPResponse the OCSP response associated with the specified OCSP request

Throws:

EBaseException - an error associated with the inability to process the supplied OCSP request

getBaseDN

public java.lang.String getBaseDN()

searchAllCRLIssuingPointRecord

public java.util.Enumeration<ICRLIssuingPointRecord> searchAllCRLIssuingPointRecord(int maxSize)
                                                                             throws EBaseException

Description copied from interface: IDefStore

This method searches all CRL issuing points.

Specified by:

searchAllCRLIssuingPointRecord in interface IDefStore

Parameters:

maxSize - specifies the largest number of hits from the search

Returns:

Enumeration a list of the CRL issuing points

Throws:

EBaseException - occurs when no CRL issuing point exists

searchCRLIssuingPointRecord

public java.util.Enumeration<ICRLIssuingPointRecord> searchCRLIssuingPointRecord(java.lang.String filter,
                                                                                 int maxSize)
                                                                          throws EBaseException

Description copied from interface: IDefStore

This method searches all CRL issuing points constrained by the specified filtering mechanism.

Specified by:

searchCRLIssuingPointRecord in interface IDefStore

Parameters:

filter - a string which constrains the search

maxSize - specifies the largest number of hits from the search

Returns:

Enumeration a list of the CRL issuing points

Throws:

EBaseException - occurs when no CRL issuing point exists

modifyCRLIssuingPointRecord

public void modifyCRLIssuingPointRecord(java.lang.String name,
                                        ModificationSet mods)
                                 throws EBaseException

Throws:

EBaseException

readCRLIssuingPoint

public ICRLIssuingPointRecord readCRLIssuingPoint(java.lang.String name)
                                           throws EBaseException

Returns an issuing point.

Specified by:

readCRLIssuingPoint in interface IDefStore

Parameters:

name - the name of the CRL to be read

Returns:

ICRLIssuingPointRecord the CRL issuing point

Throws:

EBaseException - occurs when the specified CRL cannot be located

createCRLIssuingPointRecord

public ICRLIssuingPointRecord createCRLIssuingPointRecord(java.lang.String name,
                                                          java.math.BigInteger crlNumber,
                                                          java.lang.Long crlSize,
                                                          java.util.Date thisUpdate,
                                                          java.util.Date nextUpdate)

Description copied from interface: IDefStore

This method creates a CRL issuing point record.

Specified by:

createCRLIssuingPointRecord in interface IDefStore

Parameters:

name - a string representation of this CRL issuing point record

crlNumber - the number of this CRL issuing point record

crlSize - the size of this CRL issuing point record

thisUpdate - the time for this CRL issuing point record

nextUpdate - the time for the next CRL issuing point record

Returns:

ICRLIssuingPointRecord this CRL issuing point record

deleteCRLIssuingPointRecord

public void deleteCRLIssuingPointRecord(java.lang.String id)
                                 throws EBaseException

Description copied from interface: IDefStore

This method deletes a CRL issuing point record

Specified by:

deleteCRLIssuingPointRecord in interface IDefStore

Parameters:

id - a string representation of this CRL issuing point record

Throws:

EBaseException - occurs when the specified CRL issuing point record cannot be deleted

addCRLIssuingPoint

public void addCRLIssuingPoint(java.lang.String name,
                               ICRLIssuingPointRecord rec)
                        throws EBaseException

Creates a new issuing point in OCSP.

Specified by:

addCRLIssuingPoint in interface IDefStore

Parameters:

name - a string representation of this CRL issuing point record

rec - this CRL issuing point record

Throws:

EBaseException - occurs when the specified CRL issuing point record cannot be added

searchRepository

public java.util.Enumeration<IRepositoryRecord> searchRepository(java.lang.String name,
                                                                 java.lang.String filter)
                                                          throws EBaseException

Throws:

EBaseException

addRepository

public void addRepository(java.lang.String name,
                          java.lang.String thisUpdate,
                          IRepositoryRecord rec)
                   throws EBaseException

Creates a new issuing point in OCSP.

Specified by:

addRepository in interface IDefStore

Parameters:

name - a string representing the name of this request

thisUpdate - the current request

rec - an instance of the repository record object

Throws:

EBaseException - occurs when there is an error attempting to add this request to the repository

modifyCertRecord

public void modifyCertRecord(java.lang.String name,
                             java.lang.String thisUpdate,
                             java.lang.String sno,
                             ModificationSet mods)
                      throws EBaseException

Throws:

EBaseException

searchCertRecord

public java.util.Enumeration<ICertRecord> searchCertRecord(java.lang.String name,
                                                           java.lang.String thisUpdate,
                                                           java.lang.String filter)
                                                    throws EBaseException

Throws:

EBaseException

readCertRecord

public ICertRecord readCertRecord(java.lang.String name,
                                  java.lang.String thisUpdate,
                                  java.lang.String sno)
                           throws EBaseException

Throws:

EBaseException

addCertRecord

public void addCertRecord(java.lang.String name,
                          java.lang.String thisUpdate,
                          java.lang.String sno,
                          ICertRecord rec)
                   throws EBaseException

Creates a new issuing point in OCSP.

Throws:

EBaseException

getConfigParameters

public NameValuePairs getConfigParameters()

Description copied from interface: IOCSPStore

This method retrieves the configuration parameters associated with this OCSP store.

Specified by:

getConfigParameters in interface IOCSPStore

Returns:

NameValuePairs all configuration items

setConfigParameters

public void setConfigParameters(NameValuePairs pairs)
                         throws EBaseException

Description copied from interface: IOCSPStore

This method stores the configuration parameters specified by the passed-in Name Value pairs object.

Specified by:

setConfigParameters in interface IOCSPStore

Parameters:

pairs - a name-value pair object

Throws:

EBaseException - an illegal name-value pair

updateCRL

public void updateCRL(java.security.cert.X509CRL crl)
               throws EBaseException

Description copied from interface: IDefStore

This method updates the specified CRL.

Specified by:

updateCRL in interface IDefStore

Parameters:

crl - the CRL to be updated

Throws:

EBaseException - occurs when the CRL cannot be updated

getStateCount

public int getStateCount()

Description copied from interface: IDefStore

This method retrieves the number of CRL updates since startup.

Specified by:

getStateCount in interface IDefStore

Returns:

count the number of OCSP default stores