com.netscape.cms.ocsp
Class DefStore

java.lang.Object
  extended by com.netscape.cms.ocsp.DefStore
All Implemented Interfaces:
IExtendedPluginInfo, ISubsystem, IDefStore, IOCSPStore

public class DefStore
extends java.lang.Object
implements IDefStore, IExtendedPluginInfo

This is the default OCSP store that stores revocation information as certificate record (CMS internal data structure).

Version:
$Revision: 1304 $, $Date: 2010-09-20 16:38:55 -0700 (Mon, 20 Sep 2010) $

Field Summary
static java.math.BigInteger BIG_ZERO
           
protected  boolean mByName
           
protected  java.util.Hashtable mCacheCRLIssuingPoints
           
protected  boolean mIncludeNextUpdate
           
static java.lang.Long MINUS_ONE
           
protected  boolean mNotFoundGood
           
protected  java.util.Hashtable mReqCounts
           
protected  boolean mUseCache
           
 
Fields inherited from interface com.netscape.certsrv.base.IExtendedPluginInfo
HELP_TEXT, HELP_TOKEN
 
Constructor Summary
DefStore()
          Constructs the default store.
 
Method Summary
 void addCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String sno, ICertRecord rec)
          Creates a new issuing point in OCSP.
 void addCRLIssuingPoint(java.lang.String name, ICRLIssuingPointRecord rec)
          Creates a new issuing point in OCSP.
 void addRepository(java.lang.String name, java.lang.String thisUpdate, IRepositoryRecord rec)
          Creates a new issuing point in OCSP.
 ICRLIssuingPointRecord createCRLIssuingPointRecord(java.lang.String name, java.math.BigInteger crlNumber, java.lang.Long crlSize, java.util.Date thisUpdate, java.util.Date nextUpdate)
          This method creates a CRL issuing point record.
 IRepositoryRecord createRepositoryRecord()
          This method creates a an OCSP default store repository record.
 void deleteCRLIssuingPointRecord(java.lang.String id)
          This method deletes a CRL issuing point record
 void deleteOldCRLs()
          This store will not delete the old CRL until the new one is totally committed.
 void deleteOldCRLsInCA(java.lang.String caName)
           
 java.lang.String getBaseDN()
           
 NameValuePairs getConfigParameters()
          This method retrieves the configuration parameters associated with this OCSP store.
 IConfigStore getConfigStore()
          Returns the root configuration storage of this system.
 java.lang.String[] getExtendedPluginInfo(java.util.Locale locale)
          This method returns an array of strings.
 java.lang.String getId()
          Retrieves the name of this subsystem.
 long getReqCount(java.lang.String id)
          This method retrieves the number of OCSP requests since startup.
 int getStateCount()
          This method retrieves the number of CRL updates since startup.
 boolean includeNextUpdate()
           
 void incReqCount(java.lang.String id)
           
 void init(ISubsystem owner, IConfigStore config)
          Initializes this subsystem with the given configuration store.
 boolean isNotFoundGood()
          This method checks to see if the OCSP response should return good when the certificate is not found.
 void log(int event, int level, java.lang.String msg)
           
 void log(int level, java.lang.String msg)
           
 void modifyCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String sno, ModificationSet mods)
           
 void modifyCRLIssuingPointRecord(java.lang.String name, ModificationSet mods)
           
 ICertRecord readCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String sno)
           
 ICRLIssuingPointRecord readCRLIssuingPoint(java.lang.String name)
          Returns an issuing point.
 java.util.Enumeration searchAllCRLIssuingPointRecord(int maxSize)
          This method searches all CRL issuing points.
 java.util.Enumeration searchCertRecord(java.lang.String name, java.lang.String thisUpdate, java.lang.String filter)
           
 java.util.Enumeration searchCRLIssuingPointRecord(java.lang.String filter, int maxSize)
          This method searches all CRL issuing points constrained by the specified filtering mechanism.
 java.util.Enumeration searchRepository(java.lang.String name, java.lang.String filter)
           
 void setConfigParameters(NameValuePairs pairs)
          This method stores the configuration parameters specified by the passed-in Name Value pairs object.
 void setId(java.lang.String id)
          Sets specific to this subsystem.
 void shutdown()
          Stops this system.
 void startup()
          Notifies this subsystem if owner is in running mode.
 void updateCRL(java.security.cert.X509CRL crl)
          This method updates the specified CRL.
 com.netscape.cmsutil.ocsp.OCSPResponse validate(com.netscape.cmsutil.ocsp.OCSPRequest request)
          Validate an OCSP request.
 boolean waitOnCRLUpdate()
          Returns to the client once the CRL is received.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

BIG_ZERO

public static final java.math.BigInteger BIG_ZERO

MINUS_ONE

public static final java.lang.Long MINUS_ONE

mReqCounts

protected java.util.Hashtable mReqCounts

mNotFoundGood

protected boolean mNotFoundGood

mUseCache

protected boolean mUseCache

mByName

protected boolean mByName

mIncludeNextUpdate

protected boolean mIncludeNextUpdate

mCacheCRLIssuingPoints

protected java.util.Hashtable mCacheCRLIssuingPoints
Constructor Detail

DefStore

public DefStore()
Constructs the default store.

Method Detail

getExtendedPluginInfo

public java.lang.String[] getExtendedPluginInfo(java.util.Locale locale)
Description copied from interface: IExtendedPluginInfo
This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name ;[,required];;... Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use"

Specified by:
getExtendedPluginInfo in interface IExtendedPluginInfo

init

public void init(ISubsystem owner,
                 IConfigStore config)
          throws EBaseException
Description copied from interface: ISubsystem
Initializes this subsystem with the given configuration store.

Specified by:
init in interface ISubsystem
Parameters:
owner - owner of this subsystem
config - configuration store
Throws:
EBaseException - failed to initialize

createRepositoryRecord

public IRepositoryRecord createRepositoryRecord()
Description copied from interface: IDefStore
This method creates a an OCSP default store repository record.

Specified by:
createRepositoryRecord in interface IDefStore
Returns:
IRepositoryRecord an instance of the repository record object

waitOnCRLUpdate

public boolean waitOnCRLUpdate()
Returns to the client once the CRL is received.

Specified by:
waitOnCRLUpdate in interface IDefStore
Returns:
boolean true or false

includeNextUpdate

public boolean includeNextUpdate()

isNotFoundGood

public boolean isNotFoundGood()
Description copied from interface: IDefStore
This method checks to see if the OCSP response should return good when the certificate is not found.

Specified by:
isNotFoundGood in interface IDefStore
Returns:
boolean true or false

getReqCount

public long getReqCount(java.lang.String id)
Description copied from interface: IDefStore
This method retrieves the number of OCSP requests since startup.

Specified by:
getReqCount in interface IDefStore
Parameters:
id - a string associated with an OCSP request
Returns:
count the number of this type of OCSP requests

incReqCount

public void incReqCount(java.lang.String id)

deleteOldCRLs

public void deleteOldCRLs()
                   throws EBaseException
This store will not delete the old CRL until the new one is totally committed.

Throws:
EBaseException

deleteOldCRLsInCA

public void deleteOldCRLsInCA(java.lang.String caName)
                       throws EBaseException
Throws:
EBaseException

log

public void log(int event,
                int level,
                java.lang.String msg)

log

public void log(int level,
                java.lang.String msg)

startup

public void startup()
             throws EBaseException
Description copied from interface: ISubsystem
Notifies this subsystem if owner is in running mode.

Specified by:
startup in interface ISubsystem
Throws:
EBaseException - failed to start up

shutdown

public void shutdown()
Description copied from interface: ISubsystem
Stops this system. The owner may call shutdown anytime after initialization.

Specified by:
shutdown in interface ISubsystem

getConfigStore

public IConfigStore getConfigStore()
Description copied from interface: ISubsystem
Returns the root configuration storage of this system.

Specified by:
getConfigStore in interface ISubsystem
Returns:
configuration store of this subsystem

setId

public void setId(java.lang.String id)
           throws EBaseException
Description copied from interface: ISubsystem
Sets specific to this subsystem.

Specified by:
setId in interface ISubsystem
Parameters:
id - subsystem identifier
Throws:
EBaseException - failed to set id

getId

public java.lang.String getId()
Description copied from interface: ISubsystem
Retrieves the name of this subsystem.

Specified by:
getId in interface ISubsystem
Returns:
subsystem identifier

validate

public com.netscape.cmsutil.ocsp.OCSPResponse validate(com.netscape.cmsutil.ocsp.OCSPRequest request)
                                                throws EBaseException
Validate an OCSP request.

Specified by:
validate in interface IOCSPStore
Parameters:
request - an OCSP request
Returns:
OCSPResponse the OCSP response associated with the specified OCSP request
Throws:
EBaseException - an error associated with the inability to process the supplied OCSP request

getBaseDN

public java.lang.String getBaseDN()

searchAllCRLIssuingPointRecord

public java.util.Enumeration searchAllCRLIssuingPointRecord(int maxSize)
                                                     throws EBaseException
Description copied from interface: IDefStore
This method searches all CRL issuing points.

Specified by:
searchAllCRLIssuingPointRecord in interface IDefStore
Parameters:
maxSize - specifies the largest number of hits from the search
Returns:
Enumeration a list of the CRL issuing points
Throws:
EBaseException - occurs when no CRL issuing point exists

searchCRLIssuingPointRecord

public java.util.Enumeration searchCRLIssuingPointRecord(java.lang.String filter,
                                                         int maxSize)
                                                  throws EBaseException
Description copied from interface: IDefStore
This method searches all CRL issuing points constrained by the specified filtering mechanism.

Specified by:
searchCRLIssuingPointRecord in interface IDefStore
Parameters:
filter - a string which constrains the search
maxSize - specifies the largest number of hits from the search
Returns:
Enumeration a list of the CRL issuing points
Throws:
EBaseException - occurs when no CRL issuing point exists

modifyCRLIssuingPointRecord

public void modifyCRLIssuingPointRecord(java.lang.String name,
                                        ModificationSet mods)
                                 throws EBaseException
Throws:
EBaseException

readCRLIssuingPoint

public ICRLIssuingPointRecord readCRLIssuingPoint(java.lang.String name)
                                           throws EBaseException
Returns an issuing point.

Specified by:
readCRLIssuingPoint in interface IDefStore
Parameters:
name - the name of the CRL to be read
Returns:
ICRLIssuingPointRecord the CRL issuing point
Throws:
EBaseException - occurs when the specified CRL cannot be located

createCRLIssuingPointRecord

public ICRLIssuingPointRecord createCRLIssuingPointRecord(java.lang.String name,
                                                          java.math.BigInteger crlNumber,
                                                          java.lang.Long crlSize,
                                                          java.util.Date thisUpdate,
                                                          java.util.Date nextUpdate)
Description copied from interface: IDefStore
This method creates a CRL issuing point record.

Specified by:
createCRLIssuingPointRecord in interface IDefStore
Parameters:
name - a string representation of this CRL issuing point record
crlNumber - the number of this CRL issuing point record
crlSize - the size of this CRL issuing point record
thisUpdate - the time for this CRL issuing point record
nextUpdate - the time for the next CRL issuing point record
Returns:
ICRLIssuingPointRecord this CRL issuing point record

deleteCRLIssuingPointRecord

public void deleteCRLIssuingPointRecord(java.lang.String id)
                                 throws EBaseException
Description copied from interface: IDefStore
This method deletes a CRL issuing point record

Specified by:
deleteCRLIssuingPointRecord in interface IDefStore
Parameters:
id - a string representation of this CRL issuing point record
Throws:
EBaseException - occurs when the specified CRL issuing point record cannot be deleted

addCRLIssuingPoint

public void addCRLIssuingPoint(java.lang.String name,
                               ICRLIssuingPointRecord rec)
                        throws EBaseException
Creates a new issuing point in OCSP.

Specified by:
addCRLIssuingPoint in interface IDefStore
Parameters:
name - a string representation of this CRL issuing point record
rec - this CRL issuing point record
Throws:
EBaseException - occurs when the specified CRL issuing point record cannot be added

searchRepository

public java.util.Enumeration searchRepository(java.lang.String name,
                                              java.lang.String filter)
                                       throws EBaseException
Throws:
EBaseException

addRepository

public void addRepository(java.lang.String name,
                          java.lang.String thisUpdate,
                          IRepositoryRecord rec)
                   throws EBaseException
Creates a new issuing point in OCSP.

Specified by:
addRepository in interface IDefStore
Parameters:
name - a string representing the name of this request
thisUpdate - the current request
rec - an instance of the repository record object
Throws:
EBaseException - occurs when there is an error attempting to add this request to the repository

modifyCertRecord

public void modifyCertRecord(java.lang.String name,
                             java.lang.String thisUpdate,
                             java.lang.String sno,
                             ModificationSet mods)
                      throws EBaseException
Throws:
EBaseException

searchCertRecord

public java.util.Enumeration searchCertRecord(java.lang.String name,
                                              java.lang.String thisUpdate,
                                              java.lang.String filter)
                                       throws EBaseException
Throws:
EBaseException

readCertRecord

public ICertRecord readCertRecord(java.lang.String name,
                                  java.lang.String thisUpdate,
                                  java.lang.String sno)
                           throws EBaseException
Throws:
EBaseException

addCertRecord

public void addCertRecord(java.lang.String name,
                          java.lang.String thisUpdate,
                          java.lang.String sno,
                          ICertRecord rec)
                   throws EBaseException
Creates a new issuing point in OCSP.

Throws:
EBaseException

getConfigParameters

public NameValuePairs getConfigParameters()
Description copied from interface: IOCSPStore
This method retrieves the configuration parameters associated with this OCSP store.

Specified by:
getConfigParameters in interface IOCSPStore
Returns:
NameValuePairs all configuration items

setConfigParameters

public void setConfigParameters(NameValuePairs pairs)
                         throws EBaseException
Description copied from interface: IOCSPStore
This method stores the configuration parameters specified by the passed-in Name Value pairs object.

Specified by:
setConfigParameters in interface IOCSPStore
Parameters:
pairs - a name-value pair object
Throws:
EBaseException - an illegal name-value pair

updateCRL

public void updateCRL(java.security.cert.X509CRL crl)
               throws EBaseException
Description copied from interface: IDefStore
This method updates the specified CRL.

Specified by:
updateCRL in interface IDefStore
Parameters:
crl - the CRL to be updated
Throws:
EBaseException - occurs when the CRL cannot be updated

getStateCount

public int getStateCount()
Description copied from interface: IDefStore
This method retrieves the number of CRL updates since startup.

Specified by:
getStateCount in interface IDefStore
Returns:
count the number of OCSP default stores