diff options
| author | Fraser Tweedale <ftweedal@redhat.com> | 2015-06-11 08:22:36 -0400 |
|---|---|---|
| committer | Fraser Tweedale <ftweedal@redhat.com> | 2015-10-21 19:55:36 -0400 |
| commit | 465fa069ba67d655be28e1a3b9417dff19148e9f (patch) | |
| tree | 95b15933ed1bf5b37444afaf593adfcceb522a39 /base/server/cmscore/src/com/netscape/cmscore/dbs | |
| parent | 562a49f08df2adb1a3f233a9b7490575182ece04 (diff) | |
| download | pki-465fa069ba67d655be28e1a3b9417dff19148e9f.tar.gz pki-465fa069ba67d655be28e1a3b9417dff19148e9f.tar.xz pki-465fa069ba67d655be28e1a3b9417dff19148e9f.zip | |
Store issuer DN in certificate records
Lightweight CAs mean that we may wish to filter certificates based
on the issuer. Update X509CertImplMapper to store the issuer DN in
each certificate record, using exiting schema.
Also add indices for the 'issuerName' LDAP attribute.
Diffstat (limited to 'base/server/cmscore/src/com/netscape/cmscore/dbs')
| -rw-r--r-- | base/server/cmscore/src/com/netscape/cmscore/dbs/CertDBSchema.java | 1 | ||||
| -rw-r--r-- | base/server/cmscore/src/com/netscape/cmscore/dbs/X509CertImplMapper.java | 5 |
2 files changed, 6 insertions, 0 deletions
diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/CertDBSchema.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/CertDBSchema.java index 916e83a8a..ec1de1ca8 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/dbs/CertDBSchema.java +++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/CertDBSchema.java @@ -42,6 +42,7 @@ public class CertDBSchema { public static final String LDAP_ATTR_VERSION = "version"; public static final String LDAP_ATTR_DURATION = "duration"; public static final String LDAP_ATTR_SUBJECT = "subjectName"; + public static final String LDAP_ATTR_ISSUER = "issuerName"; public static final String LDAP_ATTR_ALGORITHM = "algorithmId"; public static final String LDAP_ATTR_SIGNING_ALGORITHM = "signingAlgorithmId"; public static final String LDAP_ATTR_REVO_INFO = "revInfo"; diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/X509CertImplMapper.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/X509CertImplMapper.java index ef8577747..d67f8e5df 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/dbs/X509CertImplMapper.java +++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/X509CertImplMapper.java @@ -61,6 +61,7 @@ public class X509CertImplMapper implements IDBAttrMapper { v.addElement(CertDBSchema.LDAP_ATTR_DURATION); v.addElement(CertDBSchema.LDAP_ATTR_EXTENSION); v.addElement(CertDBSchema.LDAP_ATTR_SUBJECT); + v.addElement(CertDBSchema.LDAP_ATTR_ISSUER); v.addElement(CertDBSchema.LDAP_ATTR_SIGNED_CERT); v.addElement(CertDBSchema.LDAP_ATTR_VERSION); v.addElement(CertDBSchema.LDAP_ATTR_ALGORITHM); @@ -90,6 +91,8 @@ public class X509CertImplMapper implements IDBAttrMapper { DBSUtil.longToDB(notAfter.getTime() - notBefore.getTime()))); attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_SUBJECT, cert.getSubjectDN().getName())); + attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_ISSUER, + cert.getIssuerDN().getName())); attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_PUBLIC_KEY_DATA, cert.getPublicKey().getEncoded())); // make extension searchable Set<String> nonCritSet = cert.getNonCriticalExtensionOIDs(); @@ -300,6 +303,8 @@ public class X509CertImplMapper implements IDBAttrMapper { } } else if (suffix.equalsIgnoreCase(ICertRecord.X509CERT_SUBJECT)) { name = CertDBSchema.LDAP_ATTR_SUBJECT; + } else if (suffix.equalsIgnoreCase(ICertRecord.X509CERT_ISSUER)) { + name = CertDBSchema.LDAP_ATTR_ISSUER; } else if (suffix.equalsIgnoreCase(ICertRecord.X509CERT_PUBLIC_KEY_DATA)) { name = CertDBSchema.LDAP_ATTR_PUBLIC_KEY_DATA; } else if (suffix.equalsIgnoreCase(ICertRecord.X509CERT_DURATION)) { |