diff options
author | Ade Lee <alee@redhat.com> | 2012-01-11 12:57:53 -0500 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2012-01-11 13:49:04 -0500 |
commit | 10cfe7756e967ac91c66d33b392aeab9cf3780fb (patch) | |
tree | d5ac9b58442265d2ce5ef60e31f041ddacba1b4f /pki/base/common/src/com/netscape/cmscore/authentication | |
parent | edcb24f65cc3700e75d0a1d14dc2483f210b0ee4 (diff) | |
download | pki-10cfe7756e967ac91c66d33b392aeab9cf3780fb.tar.gz pki-10cfe7756e967ac91c66d33b392aeab9cf3780fb.tar.xz pki-10cfe7756e967ac91c66d33b392aeab9cf3780fb.zip |
Formatting (no line wrap in comments or code)
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/authentication')
8 files changed, 243 insertions, 240 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/AuthSubsystem.java b/pki/base/common/src/com/netscape/cmscore/authentication/AuthSubsystem.java index 252d69d6a..e015c5e6c 100644 --- a/pki/base/common/src/com/netscape/cmscore/authentication/AuthSubsystem.java +++ b/pki/base/common/src/com/netscape/cmscore/authentication/AuthSubsystem.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.authentication; - import java.util.Enumeration; import java.util.Hashtable; import java.util.Vector; @@ -40,11 +39,10 @@ import com.netscape.certsrv.base.ISubsystem; import com.netscape.certsrv.logging.ILogger; import com.netscape.cmscore.util.Debug; - /** * Default authentication subsystem * <P> - * + * * @author cfu * @author lhsiao * @version $Revision$, $Date$ @@ -75,27 +73,28 @@ public class AuthSubsystem implements IAuthSubsystem { /** * Initializes the authentication subsystem from the config store. * Load Authentication manager plugins, create and initialize - * initialize authentication manager instances. + * initialize authentication manager instances. + * * @param owner The owner of this module. * @param config The configuration store. */ public void init(ISubsystem owner, IConfigStore config) - throws EBaseException { + throws EBaseException { try { mLogger = CMS.getLogger(); mConfig = config; - + // hardcode admin and agent plugins required for the server to be // functional. AuthMgrPlugin newPlugin = null; - newPlugin = new AuthMgrPlugin(PASSWDUSERDB_PLUGIN_ID, + newPlugin = new AuthMgrPlugin(PASSWDUSERDB_PLUGIN_ID, PasswdUserDBAuthentication.class.getName()); newPlugin.setVisible(false); mAuthMgrPlugins.put(PASSWDUSERDB_PLUGIN_ID, newPlugin); - newPlugin = new AuthMgrPlugin(CERTUSERDB_PLUGIN_ID, + newPlugin = new AuthMgrPlugin(CERTUSERDB_PLUGIN_ID, CertUserDBAuthentication.class.getName()); newPlugin.setVisible(false); mAuthMgrPlugins.put(CERTUSERDB_PLUGIN_ID, newPlugin); @@ -128,7 +127,7 @@ public class AuthSubsystem implements IAuthSubsystem { while (mImpls.hasMoreElements()) { String id = (String) mImpls.nextElement(); String pluginPath = c.getString(id + "." + PROP_CLASS); - + AuthMgrPlugin plugin = new AuthMgrPlugin(id, pluginPath); mAuthMgrPlugins.put(id, plugin); @@ -143,8 +142,8 @@ public class AuthSubsystem implements IAuthSubsystem { IAuthManager passwdUserDBAuth = new PasswdUserDBAuthentication(); passwdUserDBAuth.init(PASSWDUSERDB_AUTHMGR_ID, PASSWDUSERDB_PLUGIN_ID, null); - mAuthMgrInsts.put(PASSWDUSERDB_AUTHMGR_ID, new - AuthManagerProxy(true, passwdUserDBAuth)); + mAuthMgrInsts.put(PASSWDUSERDB_AUTHMGR_ID, new + AuthManagerProxy(true, passwdUserDBAuth)); if (Debug.ON) { Debug.trace("loaded password based auth manager"); } @@ -164,7 +163,7 @@ public class AuthSubsystem implements IAuthSubsystem { if (Debug.ON) { Debug.trace("loaded challenge phrase auth manager"); } - + IAuthManager cmcAuth = new com.netscape.cms.authentication.CMCAuth(); cmcAuth.init(CMCAUTH_AUTHMGR_ID, CMCAUTH_PLUGIN_ID, config); @@ -172,7 +171,7 @@ public class AuthSubsystem implements IAuthSubsystem { if (Debug.ON) { Debug.trace("loaded cmc auth manager"); } - + // #56659 // IAuthManager nullAuth = new NullAuthentication(); @@ -197,8 +196,8 @@ public class AuthSubsystem implements IAuthSubsystem { while (instances.hasMoreElements()) { String insName = (String) instances.nextElement(); String implName = c.getString(insName + "." + PROP_PLUGIN); - AuthMgrPlugin plugin = - (AuthMgrPlugin) mAuthMgrPlugins.get(implName); + AuthMgrPlugin plugin = + (AuthMgrPlugin) mAuthMgrPlugins.get(implName); if (plugin == null) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_CANT_FIND_PLUGIN", implName)); @@ -211,8 +210,8 @@ public class AuthSubsystem implements IAuthSubsystem { IAuthManager authMgrInst = null; try { - authMgrInst = (IAuthManager) - Class.forName(className).newInstance(); + authMgrInst = (IAuthManager) + Class.forName(className).newInstance(); IConfigStore authMgrConfig = c.getSubStore(insName); authMgrInst.init(insName, implName, authMgrConfig); @@ -221,16 +220,13 @@ public class AuthSubsystem implements IAuthSubsystem { log(ILogger.LL_INFO, CMS.getLogMessage("CMSCORE_AUTH_ADD_AUTH_INSTANCE", insName)); } catch (ClassNotFoundException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_AUTHSUB_ERROR", e.toString())); - throw new - EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className)); + throw new EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className)); } catch (IllegalAccessException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_AUTHSUB_ERROR", e.toString())); - throw new - EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className)); + throw new EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className)); } catch (InstantiationException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_AUTHSUB_ERROR", e.toString())); - throw new - EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className)); + throw new EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className)); } catch (EBaseException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_AUTH_INIT_ERROR", insName, e.toString())); // Skip the authenticaiton instance if @@ -245,8 +241,8 @@ public class AuthSubsystem implements IAuthSubsystem { // fix the problem via console } // add manager instance to list. - mAuthMgrInsts.put(insName, new - AuthManagerProxy(isEnable, authMgrInst)); + mAuthMgrInsts.put(insName, new + AuthManagerProxy(isEnable, authMgrInst)); if (Debug.ON) { Debug.trace("loaded auth instance " + insName + " impl " + implName); } @@ -262,23 +258,24 @@ public class AuthSubsystem implements IAuthSubsystem { /** * Authenticate to the named authentication manager instance * <p> + * * @param authCred authentication credentials subject to the - * requirements of each authentication manager + * requirements of each authentication manager * @param authMgrName name of the authentication manager instance - * @return authentication token with individualized authenticated - * information. + * @return authentication token with individualized authenticated + * information. * @exception EMissingCredential If a required credential for the - * authentication manager is missing. + * authentication manager is missing. * @exception EInvalidCredentials If the credentials cannot be authenticated * @exception EAuthMgrNotFound The auth manager is not found. * @exception EBaseException If an internal error occurred. */ public IAuthToken authenticate( - IAuthCredentials authCred, String authMgrInstName) - throws EMissingCredential, EInvalidCredentials, + IAuthCredentials authCred, String authMgrInstName) + throws EMissingCredential, EInvalidCredentials, EAuthMgrNotFound, EBaseException { AuthManagerProxy proxy = (AuthManagerProxy) - mAuthMgrInsts.get(authMgrInstName); + mAuthMgrInsts.get(authMgrInstName); if (proxy == null) { throw new EAuthMgrNotFound(CMS.getUserMessage("CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", authMgrInstName)); @@ -296,10 +293,10 @@ public class AuthSubsystem implements IAuthSubsystem { /** * Gets a list of required authentication credential names - * of the specified authentication manager. + * of the specified authentication manager. */ public String[] getRequiredCreds(String authMgrInstName) - throws EAuthMgrNotFound { + throws EAuthMgrNotFound { IAuthManager authMgrInst = get(authMgrInstName); if (authMgrInst == null) { @@ -309,13 +306,14 @@ public class AuthSubsystem implements IAuthSubsystem { } /** - * Gets configuration parameters for the given + * Gets configuration parameters for the given * authentication manager plugin. + * * @param implName Name of the authentication plugin. * @return Hashtable of required parameters. */ public String[] getConfigParams(String implName) - throws EAuthMgrPluginNotFound, EBaseException { + throws EAuthMgrPluginNotFound, EBaseException { // is this a registered implname? AuthMgrPlugin plugin = (AuthMgrPlugin) mAuthMgrPlugins.get(implName); @@ -334,21 +332,19 @@ public class AuthSubsystem implements IAuthSubsystem { return (authMgrInst.getConfigParams()); } catch (InstantiationException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_INSTANCE_NOT_CREATED", e.toString())); - throw new - EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className)); + throw new EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className)); } catch (ClassNotFoundException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_INSTANCE_NOT_CREATED", e.toString())); - throw new - EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className)); + throw new EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className)); } catch (IllegalAccessException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_INSTANCE_NOT_CREATED", e.toString())); - throw new - EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className)); + throw new EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className)); } } /** * Add an authentication manager instance. + * * @param name name of the authentication manager instance * @param authMgr the authentication manager instance to be added */ @@ -366,6 +362,7 @@ public class AuthSubsystem implements IAuthSubsystem { /** * Gets the authentication manager instance of the specified name. + * * @param name name of the authentication manager instance * @return the named authentication manager instance */ @@ -385,7 +382,7 @@ public class AuthSubsystem implements IAuthSubsystem { Enumeration<String> e = mAuthMgrInsts.keys(); while (e.hasMoreElements()) { - IAuthManager p = get( e.nextElement()); + IAuthManager p = get(e.nextElement()); if (p != null) { inst.addElement(p); @@ -409,9 +406,9 @@ public class AuthSubsystem implements IAuthSubsystem { } /** - * Retrieve a single auth manager instance + * Retrieve a single auth manager instance */ - + /* getconfigparams above should be recoded to use this func */ public IAuthManager getAuthManagerPlugin(String name) { AuthMgrPlugin plugin = (AuthMgrPlugin) mAuthMgrPlugins.get(name); @@ -429,16 +426,18 @@ public class AuthSubsystem implements IAuthSubsystem { /** * Retrieves id (name) of this subsystem. + * * @return name of the authentication subsystem */ public String getId() { return (mId); } - + /** * Sets id string to this subsystem. * <p> - * Use with caution. Should not do it when sharing with others + * Use with caution. Should not do it when sharing with others + * * @param id name to be applied to an authentication sybsystem */ public void setId(String id) throws EBaseException { @@ -455,12 +454,11 @@ public class AuthSubsystem implements IAuthSubsystem { } /** - * shuts down authentication managers one by one. + * shuts down authentication managers one by one. * <P> */ public void shutdown() { - for (Enumeration<String> e = mAuthMgrInsts.keys(); - e.hasMoreElements();) { + for (Enumeration<String> e = mAuthMgrInsts.keys(); e.hasMoreElements();) { IAuthManager mgr = (IAuthManager) get((String) e.nextElement()); @@ -486,7 +484,7 @@ public class AuthSubsystem implements IAuthSubsystem { /** * Returns the root configuration storage of this system. * <P> - * + * * @return configuration store of this subsystem */ public IConfigStore getConfigStore() { @@ -495,6 +493,7 @@ public class AuthSubsystem implements IAuthSubsystem { /** * gets the named authentication manager + * * @param name of the authentication manager * @return the named authentication manager */ @@ -509,7 +508,7 @@ public class AuthSubsystem implements IAuthSubsystem { if (mLogger == null) return; mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_AUTHENTICATION, - level, msg); + level, msg); } } diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java b/pki/base/common/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java index c82142942..b2fc49b5d 100644 --- a/pki/base/common/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java +++ b/pki/base/common/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.authentication; - import java.security.cert.X509Certificate; import netscape.security.x509.X509CertImpl; @@ -38,13 +37,12 @@ import com.netscape.certsrv.usrgrp.ICertUserLocator; import com.netscape.cmscore.usrgrp.ExactMatchCertUserLocator; import com.netscape.cmscore.usrgrp.User; - /** - * Certificate server agent authentication. - * Maps a SSL client authenticate certificate to a user (agent) entry in the - * internal database. + * Certificate server agent authentication. + * Maps a SSL client authenticate certificate to a user (agent) entry in the + * internal database. * <P> - * + * * @author lhsiao * @author cfu * @version $Revision$, $Date$ @@ -81,15 +79,15 @@ public class CertUserDBAuthentication implements IAuthManager { /** * initializes the CertUserDBAuthentication auth manager * <p> - * called by AuthSubsystem init() method, when initializing - * all available authentication managers. + * called by AuthSubsystem init() method, when initializing all available authentication managers. + * * @param owner - The authentication subsystem that hosts this - * auth manager + * auth manager * @param config - The configuration store used by the - * authentication subsystem + * authentication subsystem */ public void init(String name, String implName, IConfigStore config) - throws EBaseException { + throws EBaseException { mName = name; mImplName = implName; mConfig = config; @@ -112,7 +110,7 @@ public class CertUserDBAuthentication implements IAuthManager { mCULocator = new ExactMatchCertUserLocator(); log(ILogger.LL_INFO, CMS.getLogMessage("INIT_DONE", name)); } - + /** * Gets the name of this authentication manager. */ @@ -126,28 +124,28 @@ public class CertUserDBAuthentication implements IAuthManager { public String getImplName() { return mImplName; } - + /** * authenticates user(agent) by certificate * <p> - * called by other subsystems or their servlets to authenticate - * users (agents) + * called by other subsystems or their servlets to authenticate users (agents) + * * @param authCred - authentication credential that contains - * an usrgrp.Certificates of the user (agent) + * an usrgrp.Certificates of the user (agent) * @return the authentication token that contains the following - * + * * @exception com.netscape.certsrv.base.EAuthsException any - * authentication failure or insufficient credentials + * authentication failure or insufficient credentials * @see com.netscape.certsrv.authentication.AuthToken * @see com.netscape.certsrv.usrgrp.Certificates */ public IAuthToken authenticate(IAuthCredentials authCred) - throws EMissingCredential, EInvalidCredentials, EBaseException { + throws EMissingCredential, EInvalidCredentials, EBaseException { CMS.debug("CertUserDBAuth: started"); AuthToken authToken = new AuthToken(this); CMS.debug("CertUserDBAuth: Retrieving client certificate"); - X509Certificate[] x509Certs = - (X509Certificate[]) authCred.get(CRED_CERT); + X509Certificate[] x509Certs = + (X509Certificate[]) authCred.get(CRED_CERT); if (x509Certs == null) { CMS.debug("CertUserDBAuth: no client certificate found"); @@ -198,7 +196,7 @@ public class CertUserDBAuthentication implements IAuthManager { authToken.set(TOKEN_USER_DN, user.getUserDN()); authToken.set(TOKEN_USERID, user.getUserID()); authToken.set(TOKEN_UID, user.getUserID()); - authToken.set(CRED_CERT, certs); + authToken.set(CRED_CERT, certs); log(ILogger.LL_INFO, CMS.getLogMessage("CMS_AUTH_AUTHENTICATED", user.getUserID())); CMS.debug("authenticated " + user.getUserDN()); @@ -208,10 +206,11 @@ public class CertUserDBAuthentication implements IAuthManager { /** * get the list of authentication credential attribute names - * required by this authentication manager. Generally used by - * the servlets that handle agent operations to authenticate its - * users. It calls this method to know which are the - * required credentials from the user (e.g. Javascript form data) + * required by this authentication manager. Generally used by + * the servlets that handle agent operations to authenticate its + * users. It calls this method to know which are the + * required credentials from the user (e.g. Javascript form data) + * * @return attribute names in Vector */ public String[] getRequiredCreds() { @@ -220,14 +219,15 @@ public class CertUserDBAuthentication implements IAuthManager { /** * get the list of configuration parameter names - * required by this authentication manager. Generally used by - * the Certificate Server Console to display the table for - * configuration purposes. CertUserDBAuthentication is currently not - * exposed in this case, so this method is not to be used. + * required by this authentication manager. Generally used by + * the Certificate Server Console to display the table for + * configuration purposes. CertUserDBAuthentication is currently not + * exposed in this case, so this method is not to be used. + * * @return configuration parameter names in Hashtable of Vectors - * where each hashtable entry's key is the substore name, value is a - * Vector of parameter names. If no substore, the parameter name - * is the Hashtable key itself, with value same as key. + * where each hashtable entry's key is the substore name, value is a + * Vector of parameter names. If no substore, the parameter name + * is the Hashtable key itself, with value same as key. */ public String[] getConfigParams() { return (mConfigParams); @@ -241,7 +241,8 @@ public class CertUserDBAuthentication implements IAuthManager { /** * gets the configuretion substore used by this authentication - * manager + * manager + * * @return configuration store */ public IConfigStore getConfigStore() { @@ -252,7 +253,7 @@ public class CertUserDBAuthentication implements IAuthManager { if (mLogger == null) return; mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_AUTHENTICATION, - level, msg); + level, msg); } } diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java b/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java index 38901f3be..f2eb5afe1 100644 --- a/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java +++ b/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.authentication; - import java.math.BigInteger; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; @@ -50,14 +49,13 @@ import com.netscape.cmscore.dbs.CertRecord; import com.netscape.cmscore.dbs.CertificateRepository; import com.netscape.cmscore.util.Debug; - /** * Challenge phrase based authentication. * Maps a certificate to the request in the * internal database and further compares the challenge phrase with * that from the EE input. * <P> - * + * * @author cfu chrisho * @version $Revision$, $Date$ */ @@ -69,7 +67,7 @@ public class ChallengePhraseAuthentication implements IAuthManager { /* required credentials */ public static final String CRED_CERT_SERIAL = IAuthManager.CRED_CERT_SERIAL_TO_REVOKE; public static final String CRED_CHALLENGE = "challengePhrase"; - protected String[] mRequiredCreds = { CRED_CERT_SERIAL, CRED_CHALLENGE}; + protected String[] mRequiredCreds = { CRED_CERT_SERIAL, CRED_CHALLENGE }; /* config parameters to pass to console (none) */ protected static String[] mConfigParams = null; @@ -98,14 +96,14 @@ public class ChallengePhraseAuthentication implements IAuthManager { /** * initializes the ChallengePhraseAuthentication auth manager * <p> - * called by AuthSubsystem init() method, when initializing - * all available authentication managers. + * called by AuthSubsystem init() method, when initializing all available authentication managers. + * * @param name The name of this authentication manager instance. * @param implName The name of the authentication manager plugin. * @param config The configuration store for this authentication manager. */ public void init(String name, String implName, IConfigStore config) - throws EBaseException { + throws EBaseException { mName = name; mImplName = implName; mConfig = config; @@ -118,7 +116,7 @@ public class ChallengePhraseAuthentication implements IAuthManager { log(ILogger.LL_INFO, CMS.getLogMessage("INIT_DONE", name)); } - + /** * Gets the name of this authentication manager. */ @@ -132,24 +130,24 @@ public class ChallengePhraseAuthentication implements IAuthManager { public String getImplName() { return mImplName; } - + /** * authenticates revocation of a certification by a challenge phrase * <p> - * called by other subsystems or their servlets to authenticate - * a revocation request + * called by other subsystems or their servlets to authenticate a revocation request + * * @param authCred - authentication credential that contains - * a Certificate to revoke + * a Certificate to revoke * @return the authentication token that contains the request id - * + * * @exception EMissingCredential If a required credential for this - * authentication manager is missing. + * authentication manager is missing. * @exception EInvalidCredentials If credentials cannot be authenticated. * @exception EBaseException If an internal error occurred. * @see com.netscape.certsrv.authentication.AuthToken */ public IAuthToken authenticate(IAuthCredentials authCred) - throws EMissingCredential, EInvalidCredentials, EBaseException { + throws EMissingCredential, EInvalidCredentials, EBaseException { mCA = (ICertificateAuthority) SubsystemRegistry.getInstance().get("ca"); @@ -186,7 +184,7 @@ public class ChallengePhraseAuthentication implements IAuthManager { serialNum = new BigInteger(serialNumString); } - + } catch (NumberFormatException e) { throw new EAuthUserError(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_ATTRIBUTE_VALUE", "Invalid serial number.")); } @@ -240,7 +238,7 @@ public class ChallengePhraseAuthentication implements IAuthManager { if (samepwd) { bigIntArray = new BigInteger[1]; bigIntArray[0] = record.getSerialNumber(); - } else + } else throw new EAuthUserError(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_ATTRIBUTE_VALUE", "Invalid password.")); } else { @@ -283,7 +281,7 @@ public class ChallengePhraseAuthentication implements IAuthManager { if (bigIntArray != null && bigIntArray.length > 0) { if (Debug.ON) { Debug.trace("challenge authentication serialno array not null"); - for (int i = 0; i < bigIntArray.length; i++) + for (int i = 0; i < bigIntArray.length; i++) Debug.trace("challenge auth serialno " + bigIntArray[i]); } } @@ -295,8 +293,8 @@ public class ChallengePhraseAuthentication implements IAuthManager { return authToken; } - private boolean compareChallengePassword(CertRecord record, String pwd) - throws EBaseException { + private boolean compareChallengePassword(CertRecord record, String pwd) + throws EBaseException { MetaInfo metaInfo = (MetaInfo) record.get(CertRecord.ATTR_META_INFO); if (metaInfo == null) { @@ -312,8 +310,8 @@ public class ChallengePhraseAuthentication implements IAuthManager { String hashpwd = hashPassword(pwd); // got metaInfo - String challengeString = - (String) metaInfo.get(CertRecord.META_CHALLENGE_PHRASE); + String challengeString = + (String) metaInfo.get(CertRecord.META_CHALLENGE_PHRASE); if (challengeString == null) { if (Debug.ON) { @@ -330,16 +328,17 @@ public class ChallengePhraseAuthentication implements IAuthManager { "Incorrect challenge phrase password used for revocation"); throw new EInvalidCredentials(); */ - } else + } else return true; } /** * get the list of authentication credential attribute names - * required by this authentication manager. Generally used by - * the servlets that handle agent operations to authenticate its - * users. It calls this method to know which are the - * required credentials from the user (e.g. Javascript form data) + * required by this authentication manager. Generally used by + * the servlets that handle agent operations to authenticate its + * users. It calls this method to know which are the + * required credentials from the user (e.g. Javascript form data) + * * @return attribute names in Vector */ public String[] getRequiredCreds() { @@ -348,14 +347,15 @@ public class ChallengePhraseAuthentication implements IAuthManager { /** * get the list of configuration parameter names - * required by this authentication manager. Generally used by - * the Certificate Server Console to display the table for - * configuration purposes. ChallengePhraseAuthentication is currently not - * exposed in this case, so this method is not to be used. + * required by this authentication manager. Generally used by + * the Certificate Server Console to display the table for + * configuration purposes. ChallengePhraseAuthentication is currently not + * exposed in this case, so this method is not to be used. + * * @return configuration parameter names in Hashtable of Vectors - * where each hashtable entry's key is the substore name, value is a - * Vector of parameter names. If no substore, the parameter name - * is the Hashtable key itself, with value same as key. + * where each hashtable entry's key is the substore name, value is a + * Vector of parameter names. If no substore, the parameter name + * is the Hashtable key itself, with value same as key. */ public String[] getConfigParams() { return (mConfigParams); @@ -369,7 +369,8 @@ public class ChallengePhraseAuthentication implements IAuthManager { /** * gets the configuretion substore used by this authentication - * manager + * manager + * * @return configuration store */ public IConfigStore getConfigStore() { @@ -380,7 +381,7 @@ public class ChallengePhraseAuthentication implements IAuthManager { if (mLogger == null) return; mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_AUTHENTICATION, - level, msg); + level, msg); } private IRequestQueue getReqQueue() { @@ -388,15 +389,15 @@ public class ChallengePhraseAuthentication implements IAuthManager { try { IRegistrationAuthority ra = (IRegistrationAuthority) - SubsystemRegistry.getInstance().get("ra"); + SubsystemRegistry.getInstance().get("ra"); if (ra != null) { queue = ra.getRequestQueue(); mRequestor = IRequest.REQUESTOR_RA; } } catch (Exception e) { - log(ILogger.LL_FAILURE, - " cannot get access to the request queue."); + log(ILogger.LL_FAILURE, + " cannot get access to the request queue."); } return queue; diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/NullAuthentication.java b/pki/base/common/src/com/netscape/cmscore/authentication/NullAuthentication.java index e9bcbcb6b..e124f1407 100644 --- a/pki/base/common/src/com/netscape/cmscore/authentication/NullAuthentication.java +++ b/pki/base/common/src/com/netscape/cmscore/authentication/NullAuthentication.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.authentication; - import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.authentication.AuthToken; import com.netscape.certsrv.authentication.EInvalidCredentials; @@ -29,10 +28,10 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.IConfigStore; import com.netscape.certsrv.logging.ILogger; - /** * This authentication does nothing but just returns an empty authToken. * <P> + * * @author chrisho * @version $Revision$, $Date$ */ @@ -53,15 +52,15 @@ public class NullAuthentication implements IAuthManager { /** * initializes the NullAuthentication auth manager * <p> - * called by AuthSubsystem init() method, when initializing - * all available authentication managers. + * called by AuthSubsystem init() method, when initializing all available authentication managers. + * * @param name - Name assigned to this authentication manager instance. * @param implName - Name of the authentication plugin. * @param config - The configuration store used by the - * authentication subsystem. + * authentication subsystem. */ public void init(String name, String implName, IConfigStore config) - throws EBaseException { + throws EBaseException { mName = name; mImplName = implName; mConfig = config; @@ -73,20 +72,21 @@ public class NullAuthentication implements IAuthManager { * authenticates nothing * <p> * called by other subsystems or their servlets to authenticate administrators - * @param authCred Authentication credentials. - * "uid" and "pwd" are required. + * + * @param authCred Authentication credentials. + * "uid" and "pwd" are required. * @return the authentication token (authToken) that contains the following - * userdn = [userdn, in case of success]<br> - * authMgrName = [authMgrName]<br> - * @exception com.netscape.certsrv.base.MissingCredential If either - * "uid" or "pwd" is missing from the given credentials. - * @exception com.netscape.certsrv.base.InvalidCredentials If the - * the credentials failed to authenticate. - * @exception com.netscape.certsrv.base.EBaseException If an internal - * error occurred. + * userdn = [userdn, in case of success]<br> + * authMgrName = [authMgrName]<br> + * @exception com.netscape.certsrv.base.MissingCredential If either + * "uid" or "pwd" is missing from the given credentials. + * @exception com.netscape.certsrv.base.InvalidCredentials If the + * the credentials failed to authenticate. + * @exception com.netscape.certsrv.base.EBaseException If an internal + * error occurred. */ public IAuthToken authenticate(IAuthCredentials authCred) - throws EMissingCredential, EInvalidCredentials, EBaseException { + throws EMissingCredential, EInvalidCredentials, EBaseException { AuthToken authToken = new AuthToken(this); authToken.set("authType", "NOAUTH"); @@ -110,9 +110,10 @@ public class NullAuthentication implements IAuthManager { /** * get the list of authentication credential attribute names - * required by this authentication manager. Generally used by - * servlets that use this authentication manager, to retrieve - * required credentials from the user (e.g. Javascript form data) + * required by this authentication manager. Generally used by + * servlets that use this authentication manager, to retrieve + * required credentials from the user (e.g. Javascript form data) + * * @return attribute names in Vector */ public String[] getRequiredCreds() { @@ -121,8 +122,9 @@ public class NullAuthentication implements IAuthManager { /** * Get the list of configuration parameter names - * required by this authentication manager. In this case, an empty list. - * @return String array of configuration parameters. + * required by this authentication manager. In this case, an empty list. + * + * @return String array of configuration parameters. */ public String[] getConfigParams() { return (mConfigParams); @@ -136,7 +138,8 @@ public class NullAuthentication implements IAuthManager { /** * gets the configuration substore used by this authentication - * manager + * manager + * * @return configuration store */ public IConfigStore getConfigStore() { @@ -145,6 +148,7 @@ public class NullAuthentication implements IAuthManager { /** * Log a message. + * * @param level The logging level. * @param msg The message to log. */ @@ -152,6 +156,6 @@ public class NullAuthentication implements IAuthManager { if (mLogger == null) return; mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_AUTHENTICATION, - level, msg); + level, msg); } } diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/PasswdUserDBAuthentication.java b/pki/base/common/src/com/netscape/cmscore/authentication/PasswdUserDBAuthentication.java index 88dc72969..f20bd5f07 100644 --- a/pki/base/common/src/com/netscape/cmscore/authentication/PasswdUserDBAuthentication.java +++ b/pki/base/common/src/com/netscape/cmscore/authentication/PasswdUserDBAuthentication.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.authentication; - import netscape.ldap.LDAPConnection; import netscape.ldap.LDAPEntry; import netscape.ldap.LDAPException; @@ -43,13 +42,13 @@ import com.netscape.cmscore.ldapconn.LdapConnInfo; import com.netscape.cmscore.usrgrp.UGSubsystem; import com.netscape.cmscore.util.Debug; - /** - * Certificate Server admin authentication. + * Certificate Server admin authentication. * Used to authenticate administrators in the Certificate Server Console. - * Authentications by checking the uid and password against the + * Authentications by checking the uid and password against the * database. * <P> + * * @author lhsiao, cfu * @version $Revision$, $Date$ */ @@ -81,15 +80,15 @@ public class PasswdUserDBAuthentication implements IAuthManager { /** * initializes the PasswdUserDBAuthentication auth manager * <p> - * called by AuthSubsystem init() method, when initializing - * all available authentication managers. + * called by AuthSubsystem init() method, when initializing all available authentication managers. + * * @param name - Name assigned to this authentication manager instance. * @param implName - Name of the authentication plugin. * @param config - The configuration store used by the - * authentication subsystem. + * authentication subsystem. */ public void init(String name, String implName, IConfigStore config) - throws EBaseException { + throws EBaseException { mName = name; mImplName = implName; mConfig = config; @@ -111,20 +110,21 @@ public class PasswdUserDBAuthentication implements IAuthManager { * authenticates administratrators by LDAP uid/pwd * <p> * called by other subsystems or their servlets to authenticate administrators - * @param authCred Authentication credentials. - * "uid" and "pwd" are required. + * + * @param authCred Authentication credentials. + * "uid" and "pwd" are required. * @return the authentication token (authToken) that contains the following - * userdn = [userdn, in case of success]<br> - * authMgrName = [authMgrName]<br> - * @exception com.netscape.certsrv.base.MissingCredential If either - * "uid" or "pwd" is missing from the given credentials. - * @exception com.netscape.certsrv.base.InvalidCredentials If the - * the credentials failed to authenticate. - * @exception com.netscape.certsrv.base.EBaseException If an internal - * error occurred. + * userdn = [userdn, in case of success]<br> + * authMgrName = [authMgrName]<br> + * @exception com.netscape.certsrv.base.MissingCredential If either + * "uid" or "pwd" is missing from the given credentials. + * @exception com.netscape.certsrv.base.InvalidCredentials If the + * the credentials failed to authenticate. + * @exception com.netscape.certsrv.base.EBaseException If an internal + * error occurred. */ public IAuthToken authenticate(IAuthCredentials authCred) - throws EMissingCredential, EInvalidCredentials, EBaseException { + throws EMissingCredential, EInvalidCredentials, EBaseException { AuthToken authToken = new AuthToken(this); // make sure the required credentials are provided @@ -171,32 +171,32 @@ public class PasswdUserDBAuthentication implements IAuthManager { log(ILogger.LL_SECURITY, CMS.getLogMessage("CMSCORE_AUTH_AUTH_FAILED", uid, e.toString())); throw new EInvalidCredentials(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_CREDENTIAL")); } finally { - if (conn != null) + if (conn != null) mConnFactory.returnConn(conn); - if (anonConn != null) + if (anonConn != null) mAnonConnFactory.returnConn(anonConn); } UGSubsystem ug = UGSubsystem.getInstance(); authToken.set(TOKEN_USERDN, userdn); - authToken.set(CRED_UID, uid); // return original uid for info + authToken.set(CRED_UID, uid); // return original uid for info IUser user = null; try { user = ug.getUser(uid); } catch (EBaseException e) { - if (Debug.ON) + if (Debug.ON) e.printStackTrace(); - // not a user in our user/group database. + // not a user in our user/group database. log(ILogger.LL_SECURITY, CMS.getLogMessage("CMSCORE_AUTH_UID_NOT_FOUND", uid, e.toString())); throw new EInvalidCredentials(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_CREDENTIAL")); } authToken.set(TOKEN_USERDN, user.getUserDN()); authToken.set(TOKEN_USERID, user.getUserID()); log(ILogger.LL_INFO, CMS.getLogMessage("CMS_AUTH_AUTHENTICATED", uid)); - + return authToken; } @@ -216,9 +216,10 @@ public class PasswdUserDBAuthentication implements IAuthManager { /** * get the list of authentication credential attribute names - * required by this authentication manager. Generally used by - * servlets that use this authentication manager, to retrieve - * required credentials from the user (e.g. Javascript form data) + * required by this authentication manager. Generally used by + * servlets that use this authentication manager, to retrieve + * required credentials from the user (e.g. Javascript form data) + * * @return attribute names in Vector */ public String[] getRequiredCreds() { @@ -227,8 +228,9 @@ public class PasswdUserDBAuthentication implements IAuthManager { /** * Get the list of configuration parameter names - * required by this authentication manager. In this case, an empty list. - * @return String array of configuration parameters. + * required by this authentication manager. In this case, an empty list. + * + * @return String array of configuration parameters. */ public String[] getConfigParams() { return (mConfigParams); @@ -249,7 +251,8 @@ public class PasswdUserDBAuthentication implements IAuthManager { /** * gets the configuretion substore used by this authentication - * manager + * manager + * * @return configuration store */ public IConfigStore getConfigStore() { @@ -258,6 +261,7 @@ public class PasswdUserDBAuthentication implements IAuthManager { /** * Log a message. + * * @param level The logging level. * @param msg The message to log. */ @@ -265,6 +269,6 @@ public class PasswdUserDBAuthentication implements IAuthManager { if (mLogger == null) return; mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_AUTHENTICATION, - level, msg); + level, msg); } } diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/SSLClientCertAuthentication.java b/pki/base/common/src/com/netscape/cmscore/authentication/SSLClientCertAuthentication.java index 569275376..13533200d 100644 --- a/pki/base/common/src/com/netscape/cmscore/authentication/SSLClientCertAuthentication.java +++ b/pki/base/common/src/com/netscape/cmscore/authentication/SSLClientCertAuthentication.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.authentication; - // ldap java sdk // cert server imports. @@ -47,10 +46,10 @@ import com.netscape.certsrv.request.IRequestQueue; import com.netscape.certsrv.request.RequestStatus; import com.netscape.cmscore.util.Debug; - /** * SSL client based authentication. * <P> + * * @author chrisho * @version $Revision$, $Date$ */ @@ -75,8 +74,8 @@ public class SSLClientCertAuthentication implements IAuthManager { * for instances of this implementation can be configured through the * console. */ - protected static String[] mConfigParams = - new String[] {}; + protected static String[] mConfigParams = + new String[] {}; /** * Default constructor, initialization must follow. @@ -86,7 +85,7 @@ public class SSLClientCertAuthentication implements IAuthManager { } public void init(String name, String implName, IConfigStore config) - throws EBaseException { + throws EBaseException { mName = name; mImplName = implName; mConfig = config; @@ -95,18 +94,18 @@ public class SSLClientCertAuthentication implements IAuthManager { } public IAuthToken authenticate(IAuthCredentials authCred) - throws EMissingCredential, EInvalidCredentials, EBaseException { + throws EMissingCredential, EInvalidCredentials, EBaseException { AuthToken authToken = new AuthToken(this); CMS.debug("SSLCertAuth: Retrieving client certificates"); X509Certificate[] x509Certs = - (X509Certificate[]) authCred.get(CRED_CERT); + (X509Certificate[]) authCred.get(CRED_CERT); if (x509Certs == null) { CMS.debug("SSLCertAuth: No client certificate found"); - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_AUTH_MISSING_CERT")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_AUTH_MISSING_CERT")); throw new EMissingCredential(CMS.getUserMessage("CMS_AUTHENTICATION_NULL_CREDENTIAL", CRED_CERT)); } CMS.debug("SSLCertAuth: Got client certificate"); @@ -118,7 +117,7 @@ public class SSLClientCertAuthentication implements IAuthManager { } X509CertImpl clientCert = (X509CertImpl) x509Certs[0]; - + BigInteger serialNum = null; try { @@ -128,7 +127,7 @@ public class SSLClientCertAuthentication implements IAuthManager { throw new EAuthUserError(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_ATTRIBUTE_VALUE", "Invalid serial number.")); } - String clientCertIssuerDN = clientCert.getIssuerDN().toString(); + String clientCertIssuerDN = clientCert.getIssuerDN().toString(); BigInteger[] bigIntArray = null; if (mCertDB != null) { /* is CA */ @@ -145,13 +144,13 @@ public class SSLClientCertAuthentication implements IAuthManager { String status = record.getStatus(); if (status.equals("VALID")) { - + X509CertImpl cacert = mCA.getCACert(); Principal p = cacert.getSubjectDN(); if (!p.toString().equals(clientCertIssuerDN)) { - throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ISSUER_NAME")); - } + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ISSUER_NAME")); + } } else { throw new EBaseException( CMS.getUserMessage("CMS_BASE_INVALID_CERT_STATUS", status)); @@ -182,30 +181,30 @@ public class SSLClientCertAuthentication implements IAuthManager { RequestStatus status = getCertStatusReq.getRequestStatus(); if (status == RequestStatus.COMPLETE) { - String certStatus = - getCertStatusReq.getExtDataInString(IRequest.CERT_STATUS); + String certStatus = + getCertStatusReq.getExtDataInString(IRequest.CERT_STATUS); - if (certStatus == null) { - String[] params = {"null status"}; + if (certStatus == null) { + String[] params = { "null status" }; throw new EBaseException( CMS.getUserMessage("CMS_BASE_INVALID_CERT_STATUS", params)); } else if (certStatus.equals("INVALIDCERTROOT")) { - throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ISSUER_NAME")); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ISSUER_NAME")); } else if (!certStatus.equals("VALID")) { - String[] params = {status.toString()}; + String[] params = { status.toString() }; throw new EBaseException( CMS.getUserMessage("CMS_BASE_INVALID_CERT_STATUS", params)); } } else { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_AUTH_INCOMPLETE_REQUEST")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_AUTH_INCOMPLETE_REQUEST")); throw new EBaseException(CMS.getUserMessage("CMS_BASE_REQUEST_IN_BAD_STATE")); } } else { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_AUTH_FAILED_GET_QUEUE")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_AUTH_FAILED_GET_QUEUE")); throw new EBaseException(CMS.getUserMessage("CMS_BASE_GET_QUEUE_FAILED")); } } // else, ra @@ -222,10 +221,10 @@ public class SSLClientCertAuthentication implements IAuthManager { } /** - * Returns a list of configuration parameter names. - * The list is passed to the configuration console so instances of + * Returns a list of configuration parameter names. + * The list is passed to the configuration console so instances of * this implementation can be configured through the console. - * + * * @return String array of configuration parameter names. */ public String[] getConfigParams() { @@ -234,6 +233,7 @@ public class SSLClientCertAuthentication implements IAuthManager { /** * Returns array of required credentials for this authentication manager. + * * @return Array of required credentials. */ public String[] getRequiredCreds() { @@ -244,15 +244,15 @@ public class SSLClientCertAuthentication implements IAuthManager { if (mLogger == null) return; mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_AUTHENTICATION, - level, msg); + level, msg); } private IRequestQueue getReqQueue() { IRequestQueue queue = null; try { - IRegistrationAuthority ra = - (IRegistrationAuthority) CMS.getSubsystem("ra"); + IRegistrationAuthority ra = + (IRegistrationAuthority) CMS.getSubsystem("ra"); if (ra != null) { queue = ra.getRequestQueue(); @@ -260,7 +260,7 @@ public class SSLClientCertAuthentication implements IAuthManager { } } catch (Exception e) { log(ILogger.LL_FAILURE, - " cannot get access to the request queue."); + " cannot get access to the request queue."); } return queue; @@ -268,6 +268,7 @@ public class SSLClientCertAuthentication implements IAuthManager { /** * Gets the configuration substore used by this authentication manager + * * @return configuration store */ public IConfigStore getConfigStore() { @@ -288,4 +289,3 @@ public class SSLClientCertAuthentication implements IAuthManager { return mImplName; } } - diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java b/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java index 69192f3f0..173d69f89 100644 --- a/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java +++ b/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java @@ -17,16 +17,14 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.authentication; - import java.math.BigInteger; import java.util.Date; import com.netscape.certsrv.apps.CMS; - -/** +/** * class storing verified certificate. - * + * * @version $Revision$, $Date$ */ @@ -45,9 +43,9 @@ public class VerifiedCert { /** * Constructs verified certiificate record */ - + public VerifiedCert(BigInteger serialNumber, byte[] certEncoded, - int status) { + int status) { mStatus = status; mSerialNumber = serialNumber; mCertEncoded = certEncoded; @@ -55,13 +53,13 @@ public class VerifiedCert { } public int check(BigInteger serialNumber, byte[] certEncoded, - long interval, long unknownStateInterval) { + long interval, long unknownStateInterval) { int status = UNKNOWN; - + if (mSerialNumber.equals(serialNumber)) { if (mCertEncoded != null) { if (certEncoded != null && - mCertEncoded.length == certEncoded.length) { + mCertEncoded.length == certEncoded.length) { int i; for (i = 0; i < mCertEncoded.length; i++) { @@ -90,4 +88,3 @@ public class VerifiedCert { return status; } } - diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCerts.java b/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCerts.java index ca0f63e55..52ce91fdf 100644 --- a/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCerts.java +++ b/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCerts.java @@ -17,15 +17,13 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.authentication; - import java.math.BigInteger; import netscape.security.x509.X509CertImpl; - -/** +/** * class storing verified certificates. - * + * * @version $Revision$, $Date$ */ @@ -38,11 +36,11 @@ public class VerifiedCerts { private VerifiedCert[] mVCerts = null; private long mInterval = 0; private long mUnknownStateInterval = 0; - + /** * Constructs verified certiificates list */ - + public VerifiedCerts(int size, long interval) { mVCerts = new VerifiedCert[size]; mInterval = interval; @@ -64,8 +62,8 @@ public class VerifiedCerts { } catch (Exception e) { } if ((certEncoded != null || - (status == VerifiedCert.CHECKED && mUnknownStateInterval > 0)) - && mInterval > 0) { + (status == VerifiedCert.CHECKED && mUnknownStateInterval > 0)) + && mInterval > 0) { update(cert.getSerialNumber(), certEncoded, status); } } @@ -75,7 +73,7 @@ public class VerifiedCerts { if ((status == VerifiedCert.NOT_REVOKED || status == VerifiedCert.REVOKED || (status == VerifiedCert.CHECKED && mUnknownStateInterval > 0)) - && mInterval > 0) { + && mInterval > 0) { if (mLast == mNext && mFirst == mNext) { // empty mVCerts[mNext] = new VerifiedCert(serialNumber, certEncoded, status); mNext = next(mNext); @@ -94,8 +92,8 @@ public class VerifiedCerts { public int check(X509CertImpl cert) { int status = VerifiedCert.UNKNOWN; - - if (mLast != mNext && mInterval > 0) { // if not empty and + + if (mLast != mNext && mInterval > 0) { // if not empty and if (cert != null) { byte[] certEncoded = null; @@ -116,10 +114,10 @@ public class VerifiedCerts { int status = VerifiedCert.UNKNOWN; int i = mLast; - if (mVCerts != null && mLast != mNext && mInterval > 0) { // if not empty and - while (status == VerifiedCert.UNKNOWN) { - if (mVCerts[i] == null) - return status; + if (mVCerts != null && mLast != mNext && mInterval > 0) { // if not empty and + while (status == VerifiedCert.UNKNOWN) { + if (mVCerts[i] == null) + return status; status = mVCerts[i].check(serialNumber, certEncoded, mInterval, mUnknownStateInterval); if (status == VerifiedCert.EXPIRED) { @@ -158,4 +156,3 @@ public class VerifiedCerts { return i; } } - |