Package com.netscape.cms.ocsp

Class DefStore

    • Field Detail

      • logger

        public static org.slf4j.Logger logger

      • BIG_ZERO

        public static final java.math.BigInteger BIG_ZERO

      • MINUS_ONE

        public static final java.lang.Long MINUS_ONE

      • mReqCounts

        protected java.util.Hashtable<java.lang.String,​java.lang.Long> mReqCounts

      • mNotFoundGood

        protected boolean mNotFoundGood

      • mUseCache

        protected boolean mUseCache

      • mByName

        protected boolean mByName

      • mIncludeNextUpdate

        protected boolean mIncludeNextUpdate

      • mCacheCRLIssuingPoints

        protected java.util.Hashtable<java.lang.String,​com.netscape.cms.ocsp.CRLIPContainer> mCacheCRLIssuingPoints

    • Constructor Detail

      • DefStore

        public DefStore()
        Constructs the default store.

    • Method Detail

      • getExtendedPluginInfo

        public java.lang.String[] getExtendedPluginInfo​(java.util.Locale locale)
        Description copied from interface: IExtendedPluginInfo
        This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name ;[,required];;... Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use"
        Specified by:
        getExtendedPluginInfo in interface IExtendedPluginInfo

      • createRepositoryRecord

        public IRepositoryRecord createRepositoryRecord()
        Description copied from interface: IDefStore
        This method creates a an OCSP default store repository record.

        Specified by:
        createRepositoryRecord in interface IDefStore
        Returns:
        IRepositoryRecord an instance of the repository record object

      • waitOnCRLUpdate

        public boolean waitOnCRLUpdate()
        Returns to the client once the CRL is received.
        Specified by:
        waitOnCRLUpdate in interface IDefStore
        Returns:
        boolean true or false

      • includeNextUpdate

        public boolean includeNextUpdate()

      • isNotFoundGood

        public boolean isNotFoundGood()
        Description copied from interface: IDefStore
        This method checks to see if the OCSP response should return good when the certificate is not found.

        Specified by:
        isNotFoundGood in interface IDefStore
        Returns:
        boolean true or false

      • getReqCount

        public long getReqCount​(java.lang.String id)
        Description copied from interface: IDefStore
        This method retrieves the number of OCSP requests since startup.

        Specified by:
        getReqCount in interface IDefStore
        Parameters:
        id - a string associated with an OCSP request
        Returns:
        count the number of this type of OCSP requests

      • incReqCount

        public void incReqCount​(java.lang.String id)

      • deleteOldCRLs

        public void deleteOldCRLs()
                   throws EBaseException
        This store will not delete the old CRL until the new one is totally committed.
        Throws:
        EBaseException

      • getId

        public java.lang.String getId()

      • validate

        public OCSPResponse validate​(OCSPRequest request)
                      throws EBaseException
        Validate an OCSP request.
        Specified by:
        validate in interface IOCSPStore
        Parameters:
        request - an OCSP request
        Returns:
        OCSPResponse the OCSP response associated with the specified OCSP request
        Throws:
        EBaseException - an error associated with the inability to process the supplied OCSP request

      • getBaseDN

        public java.lang.String getBaseDN()

      • searchAllCRLIssuingPointRecord

        public java.util.Enumeration<ICRLIssuingPointRecord> searchAllCRLIssuingPointRecord​(int maxSize)
                                                                             throws EBaseException
        Description copied from interface: IDefStore
        This method searches all CRL issuing points.

        Specified by:
        searchAllCRLIssuingPointRecord in interface IDefStore
        Parameters:
        maxSize - specifies the largest number of hits from the search
        Returns:
        Enumeration a list of the CRL issuing points
        Throws:
        EBaseException - occurs when no CRL issuing point exists

      • searchCRLIssuingPointRecord

        public java.util.Enumeration<ICRLIssuingPointRecord> searchCRLIssuingPointRecord​(java.lang.String filter,
                                                                                 int maxSize)
                                                                          throws EBaseException
        Description copied from interface: IDefStore
        This method searches all CRL issuing points constrained by the specified filtering mechanism.

        Specified by:
        searchCRLIssuingPointRecord in interface IDefStore
        Parameters:
        filter - a string which constrains the search
        maxSize - specifies the largest number of hits from the search
        Returns:
        Enumeration a list of the CRL issuing points
        Throws:
        EBaseException - occurs when no CRL issuing point exists

      • createCRLIssuingPointRecord

        public ICRLIssuingPointRecord createCRLIssuingPointRecord​(java.lang.String name,
                                                          java.math.BigInteger crlNumber,
                                                          java.lang.Long crlSize,
                                                          java.util.Date thisUpdate,
                                                          java.util.Date nextUpdate)
        Description copied from interface: IDefStore
        This method creates a CRL issuing point record.

        Specified by:
        createCRLIssuingPointRecord in interface IDefStore
        Parameters:
        name - a string representation of this CRL issuing point record
        crlNumber - the number of this CRL issuing point record
        crlSize - the size of this CRL issuing point record
        thisUpdate - the time for this CRL issuing point record
        nextUpdate - the time for the next CRL issuing point record
        Returns:
        ICRLIssuingPointRecord this CRL issuing point record

      • deleteCRLIssuingPointRecord

        public void deleteCRLIssuingPointRecord​(java.lang.String id)
                                 throws EBaseException
        Description copied from interface: IDefStore
        This method deletes a CRL issuing point record

        Specified by:
        deleteCRLIssuingPointRecord in interface IDefStore
        Parameters:
        id - a string representation of this CRL issuing point record
        Throws:
        EBaseException - occurs when the specified CRL issuing point record cannot be deleted

      • addCRLIssuingPoint

        public void addCRLIssuingPoint​(java.lang.String name,
                               ICRLIssuingPointRecord rec)
                        throws EBaseException
        Creates a new issuing point in OCSP.
        Specified by:
        addCRLIssuingPoint in interface IDefStore
        Parameters:
        name - a string representation of this CRL issuing point record
        rec - this CRL issuing point record
        Throws:
        EBaseException - occurs when the specified CRL issuing point record cannot be added

      • addRepository

        public void addRepository​(java.lang.String name,
                          java.lang.String thisUpdate,
                          IRepositoryRecord rec)
                   throws EBaseException
        Creates a new issuing point in OCSP.
        Specified by:
        addRepository in interface IDefStore
        Parameters:
        name - a string representing the name of this request
        thisUpdate - the current request
        rec - an instance of the repository record object
        Throws:
        EBaseException - occurs when there is an error attempting to add this request to the repository

      • searchCertRecord

        public java.util.Enumeration<ICertRecord> searchCertRecord​(java.lang.String name,
                                                           java.lang.String thisUpdate,
                                                           java.lang.String filter)
                                                    throws EBaseException
        Throws:
        EBaseException

      • addCertRecord

        public void addCertRecord​(java.lang.String name,
                          java.lang.String thisUpdate,
                          java.lang.String sno,
                          ICertRecord rec)
                   throws EBaseException
        Creates a new issuing point in OCSP.
        Throws:
        EBaseException

      • getConfigParameters

        public NameValuePairs getConfigParameters()
        Description copied from interface: IOCSPStore
        This method retrieves the configuration parameters associated with this OCSP store.

        Specified by:
        getConfigParameters in interface IOCSPStore
        Returns:
        NameValuePairs all configuration items

      • setConfigParameters

        public void setConfigParameters​(NameValuePairs pairs)
                         throws EBaseException
        Description copied from interface: IOCSPStore
        This method stores the configuration parameters specified by the passed-in Name Value pairs object.

        Specified by:
        setConfigParameters in interface IOCSPStore
        Parameters:
        pairs - a name-value pair object
        Throws:
        EBaseException - an illegal name-value pair

      • updateCRL

        public void updateCRL​(java.security.cert.X509CRL crl)
               throws EBaseException
        Description copied from interface: IDefStore
        This method updates the specified CRL.

        Specified by:
        updateCRL in interface IDefStore
        Parameters:
        crl - the CRL to be updated
        Throws:
        EBaseException - occurs when the CRL cannot be updated

      • getStateCount

        public int getStateCount()
        Description copied from interface: IDefStore
        This method retrieves the number of CRL updates since startup.

        Specified by:
        getStateCount in interface IDefStore
        Returns:
        count the number of OCSP default stores