Class DefStore

    • Constructor Summary

      Constructors 
      Constructor Description
      DefStore()
      Constructs the default store.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void addCertRecord​(java.lang.String name, java.lang.String thisUpdate, java.lang.String sno, com.netscape.certsrv.dbs.certdb.ICertRecord rec)
      Creates a new issuing point in OCSP.
      void addCRLIssuingPoint​(java.lang.String name, com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord rec)
      Creates a new issuing point in OCSP.
      void addRepository​(java.lang.String name, java.lang.String thisUpdate, com.netscape.certsrv.dbs.repository.IRepositoryRecord rec)
      Creates a new issuing point in OCSP.
      com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord createCRLIssuingPointRecord​(java.lang.String name, java.math.BigInteger crlNumber, java.lang.Long crlSize, java.util.Date thisUpdate, java.util.Date nextUpdate)
      This method creates a CRL issuing point record.
      com.netscape.certsrv.dbs.repository.IRepositoryRecord createRepositoryRecord()
      This method creates a an OCSP default store repository record.
      void deleteAllCRLsInCA​(java.lang.String caName)  
      void deleteCRLIssuingPointRecord​(java.lang.String id)
      This method deletes a CRL issuing point record
      void deleteCRLsInCA​(java.lang.String caName, boolean oldCRLs)  
      void deleteOldCRLs()
      This store will not delete the old CRL until the new one is totally committed.
      void deleteOldCRLsInCA​(java.lang.String caName)  
      java.lang.String getBaseDN()  
      com.netscape.certsrv.common.NameValuePairs getConfigParameters()
      This method retrieves the configuration parameters associated with this OCSP store.
      IConfigStore getConfigStore()  
      java.lang.String[] getExtendedPluginInfo​(java.util.Locale locale)
      This method returns an array of strings.
      java.lang.String getId()  
      long getReqCount​(java.lang.String id)
      This method retrieves the number of OCSP requests since startup.
      int getStateCount()
      This method retrieves the number of CRL updates since startup.
      boolean includeNextUpdate()  
      void incReqCount​(java.lang.String id)  
      void init​(IOCSPAuthority owner, IConfigStore config)  
      boolean isNotFoundGood()
      This method checks to see if the OCSP response should return good when the certificate is not found.
      void modifyCertRecord​(java.lang.String name, java.lang.String thisUpdate, java.lang.String sno, com.netscape.certsrv.dbs.ModificationSet mods)  
      void modifyCRLIssuingPointRecord​(java.lang.String name, com.netscape.certsrv.dbs.ModificationSet mods)  
      com.netscape.certsrv.dbs.certdb.ICertRecord readCertRecord​(java.lang.String name, java.lang.String thisUpdate, java.lang.String sno)  
      com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord readCRLIssuingPoint​(java.lang.String name)
      Returns an issuing point.
      java.util.Enumeration<com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord> searchAllCRLIssuingPointRecord​(int maxSize)
      This method searches all CRL issuing points.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> searchCertRecord​(java.lang.String name, java.lang.String thisUpdate, java.lang.String filter)  
      java.util.Enumeration<com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord> searchCRLIssuingPointRecord​(java.lang.String filter, int maxSize)
      This method searches all CRL issuing points constrained by the specified filtering mechanism.
      java.util.Enumeration<com.netscape.certsrv.dbs.repository.IRepositoryRecord> searchRepository​(java.lang.String name, java.lang.String filter)  
      void setConfigParameters​(com.netscape.certsrv.common.NameValuePairs pairs)
      This method stores the configuration parameters specified by the passed-in Name Value pairs object.
      void setId​(java.lang.String id)  
      void shutdown()  
      void startup()  
      void updateCRL​(java.security.cert.X509CRL crl)
      This method updates the specified CRL.
      OCSPResponse validate​(OCSPRequest request)
      Validate an OCSP request.
      boolean waitOnCRLUpdate()
      Returns to the client once the CRL is received.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • logger

        public static org.slf4j.Logger logger
      • BIG_ZERO

        public static final java.math.BigInteger BIG_ZERO
      • MINUS_ONE

        public static final java.lang.Long MINUS_ONE
      • mReqCounts

        protected java.util.Hashtable<java.lang.String,​java.lang.Long> mReqCounts
      • mNotFoundGood

        protected boolean mNotFoundGood
      • mUseCache

        protected boolean mUseCache
      • mByName

        protected boolean mByName
      • mIncludeNextUpdate

        protected boolean mIncludeNextUpdate
      • mCacheCRLIssuingPoints

        protected java.util.Hashtable<java.lang.String,​com.netscape.cms.ocsp.CRLIPContainer> mCacheCRLIssuingPoints
    • Constructor Detail

      • DefStore

        public DefStore()
        Constructs the default store.
    • Method Detail

      • getExtendedPluginInfo

        public java.lang.String[] getExtendedPluginInfo​(java.util.Locale locale)
        Description copied from interface: IExtendedPluginInfo
        This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name ;[,required];;... Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use"
        Specified by:
        getExtendedPluginInfo in interface IExtendedPluginInfo
      • createRepositoryRecord

        public com.netscape.certsrv.dbs.repository.IRepositoryRecord createRepositoryRecord()
        Description copied from interface: IDefStore
        This method creates a an OCSP default store repository record.

        Specified by:
        createRepositoryRecord in interface IDefStore
        Returns:
        IRepositoryRecord an instance of the repository record object
      • waitOnCRLUpdate

        public boolean waitOnCRLUpdate()
        Returns to the client once the CRL is received.
        Specified by:
        waitOnCRLUpdate in interface IDefStore
        Returns:
        boolean true or false
      • includeNextUpdate

        public boolean includeNextUpdate()
      • isNotFoundGood

        public boolean isNotFoundGood()
        Description copied from interface: IDefStore
        This method checks to see if the OCSP response should return good when the certificate is not found.

        Specified by:
        isNotFoundGood in interface IDefStore
        Returns:
        boolean true or false
      • getReqCount

        public long getReqCount​(java.lang.String id)
        Description copied from interface: IDefStore
        This method retrieves the number of OCSP requests since startup.

        Specified by:
        getReqCount in interface IDefStore
        Parameters:
        id - a string associated with an OCSP request
        Returns:
        count the number of this type of OCSP requests
      • incReqCount

        public void incReqCount​(java.lang.String id)
      • deleteOldCRLs

        public void deleteOldCRLs()
                           throws EBaseException
        This store will not delete the old CRL until the new one is totally committed.
        Throws:
        EBaseException
      • getId

        public java.lang.String getId()
      • validate

        public OCSPResponse validate​(OCSPRequest request)
                              throws EBaseException
        Validate an OCSP request.
        Specified by:
        validate in interface IOCSPStore
        Parameters:
        request - an OCSP request
        Returns:
        OCSPResponse the OCSP response associated with the specified OCSP request
        Throws:
        EBaseException - an error associated with the inability to process the supplied OCSP request
      • getBaseDN

        public java.lang.String getBaseDN()
      • searchAllCRLIssuingPointRecord

        public java.util.Enumeration<com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord> searchAllCRLIssuingPointRecord​(int maxSize)
                                                                                                                    throws EBaseException
        Description copied from interface: IDefStore
        This method searches all CRL issuing points.

        Specified by:
        searchAllCRLIssuingPointRecord in interface IDefStore
        Parameters:
        maxSize - specifies the largest number of hits from the search
        Returns:
        Enumeration a list of the CRL issuing points
        Throws:
        EBaseException - occurs when no CRL issuing point exists
      • searchCRLIssuingPointRecord

        public java.util.Enumeration<com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord> searchCRLIssuingPointRecord​(java.lang.String filter,
                                                                                                                        int maxSize)
                                                                                                                 throws EBaseException
        Description copied from interface: IDefStore
        This method searches all CRL issuing points constrained by the specified filtering mechanism.

        Specified by:
        searchCRLIssuingPointRecord in interface IDefStore
        Parameters:
        filter - a string which constrains the search
        maxSize - specifies the largest number of hits from the search
        Returns:
        Enumeration a list of the CRL issuing points
        Throws:
        EBaseException - occurs when no CRL issuing point exists
      • modifyCRLIssuingPointRecord

        public void modifyCRLIssuingPointRecord​(java.lang.String name,
                                                com.netscape.certsrv.dbs.ModificationSet mods)
                                         throws EBaseException
        Throws:
        EBaseException
      • readCRLIssuingPoint

        public com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord readCRLIssuingPoint​(java.lang.String name)
                                                                                  throws EBaseException
        Returns an issuing point.
        Specified by:
        readCRLIssuingPoint in interface IDefStore
        Parameters:
        name - the name of the CRL to be read
        Returns:
        ICRLIssuingPointRecord the CRL issuing point
        Throws:
        EBaseException - occurs when the specified CRL cannot be located
      • createCRLIssuingPointRecord

        public com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord createCRLIssuingPointRecord​(java.lang.String name,
                                                                                                 java.math.BigInteger crlNumber,
                                                                                                 java.lang.Long crlSize,
                                                                                                 java.util.Date thisUpdate,
                                                                                                 java.util.Date nextUpdate)
        Description copied from interface: IDefStore
        This method creates a CRL issuing point record.

        Specified by:
        createCRLIssuingPointRecord in interface IDefStore
        Parameters:
        name - a string representation of this CRL issuing point record
        crlNumber - the number of this CRL issuing point record
        crlSize - the size of this CRL issuing point record
        thisUpdate - the time for this CRL issuing point record
        nextUpdate - the time for the next CRL issuing point record
        Returns:
        ICRLIssuingPointRecord this CRL issuing point record
      • deleteCRLIssuingPointRecord

        public void deleteCRLIssuingPointRecord​(java.lang.String id)
                                         throws EBaseException
        Description copied from interface: IDefStore
        This method deletes a CRL issuing point record

        Specified by:
        deleteCRLIssuingPointRecord in interface IDefStore
        Parameters:
        id - a string representation of this CRL issuing point record
        Throws:
        EBaseException - occurs when the specified CRL issuing point record cannot be deleted
      • addCRLIssuingPoint

        public void addCRLIssuingPoint​(java.lang.String name,
                                       com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord rec)
                                throws EBaseException
        Creates a new issuing point in OCSP.
        Specified by:
        addCRLIssuingPoint in interface IDefStore
        Parameters:
        name - a string representation of this CRL issuing point record
        rec - this CRL issuing point record
        Throws:
        EBaseException - occurs when the specified CRL issuing point record cannot be added
      • searchRepository

        public java.util.Enumeration<com.netscape.certsrv.dbs.repository.IRepositoryRecord> searchRepository​(java.lang.String name,
                                                                                                             java.lang.String filter)
                                                                                                      throws EBaseException
        Throws:
        EBaseException
      • addRepository

        public void addRepository​(java.lang.String name,
                                  java.lang.String thisUpdate,
                                  com.netscape.certsrv.dbs.repository.IRepositoryRecord rec)
                           throws EBaseException
        Creates a new issuing point in OCSP.
        Specified by:
        addRepository in interface IDefStore
        Parameters:
        name - a string representing the name of this request
        thisUpdate - the current request
        rec - an instance of the repository record object
        Throws:
        EBaseException - occurs when there is an error attempting to add this request to the repository
      • modifyCertRecord

        public void modifyCertRecord​(java.lang.String name,
                                     java.lang.String thisUpdate,
                                     java.lang.String sno,
                                     com.netscape.certsrv.dbs.ModificationSet mods)
                              throws EBaseException
        Throws:
        EBaseException
      • searchCertRecord

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> searchCertRecord​(java.lang.String name,
                                                                                                   java.lang.String thisUpdate,
                                                                                                   java.lang.String filter)
                                                                                            throws EBaseException
        Throws:
        EBaseException
      • readCertRecord

        public com.netscape.certsrv.dbs.certdb.ICertRecord readCertRecord​(java.lang.String name,
                                                                          java.lang.String thisUpdate,
                                                                          java.lang.String sno)
                                                                   throws EBaseException
        Throws:
        EBaseException
      • addCertRecord

        public void addCertRecord​(java.lang.String name,
                                  java.lang.String thisUpdate,
                                  java.lang.String sno,
                                  com.netscape.certsrv.dbs.certdb.ICertRecord rec)
                           throws EBaseException
        Creates a new issuing point in OCSP.
        Throws:
        EBaseException
      • getConfigParameters

        public com.netscape.certsrv.common.NameValuePairs getConfigParameters()
        Description copied from interface: IOCSPStore
        This method retrieves the configuration parameters associated with this OCSP store.

        Specified by:
        getConfigParameters in interface IOCSPStore
        Returns:
        NameValuePairs all configuration items
      • setConfigParameters

        public void setConfigParameters​(com.netscape.certsrv.common.NameValuePairs pairs)
                                 throws EBaseException
        Description copied from interface: IOCSPStore
        This method stores the configuration parameters specified by the passed-in Name Value pairs object.

        Specified by:
        setConfigParameters in interface IOCSPStore
        Parameters:
        pairs - a name-value pair object
        Throws:
        EBaseException - an illegal name-value pair
      • updateCRL

        public void updateCRL​(java.security.cert.X509CRL crl)
                       throws EBaseException
        Description copied from interface: IDefStore
        This method updates the specified CRL.

        Specified by:
        updateCRL in interface IDefStore
        Parameters:
        crl - the CRL to be updated
        Throws:
        EBaseException - occurs when the CRL cannot be updated
      • getStateCount

        public int getStateCount()
        Description copied from interface: IDefStore
        This method retrieves the number of CRL updates since startup.

        Specified by:
        getStateCount in interface IDefStore
        Returns:
        count the number of OCSP default stores