diff options
15 files changed, 449 insertions, 809 deletions
diff --git a/base/common/src/com/netscape/certsrv/selftests/ISelfTest.java b/base/common/src/com/netscape/certsrv/selftests/ISelfTest.java index 24ad623e4..0ffc74b6b 100644 --- a/base/common/src/com/netscape/certsrv/selftests/ISelfTest.java +++ b/base/common/src/com/netscape/certsrv/selftests/ISelfTest.java @@ -126,8 +126,7 @@ public interface ISelfTest { * <P> * * @param logger specifies logging subsystem - * @exception ESelfTestException self test exception + * @exception Exception self test exception */ - public void runSelfTest(ILogEventListener logger) - throws ESelfTestException; + public void runSelfTest(ILogEventListener logger) throws Exception; } diff --git a/base/common/src/com/netscape/certsrv/selftests/ISelfTestSubsystem.java b/base/common/src/com/netscape/certsrv/selftests/ISelfTestSubsystem.java index 214ee1764..29adde082 100644 --- a/base/common/src/com/netscape/certsrv/selftests/ISelfTestSubsystem.java +++ b/base/common/src/com/netscape/certsrv/selftests/ISelfTestSubsystem.java @@ -206,10 +206,9 @@ public interface ISelfTestSubsystem * <P> * * @exception EMissingSelfTestException subsystem has missing name - * @exception ESelfTestException self test exception + * @exception Exception self test exception */ - public void runSelfTestsAtStartup() - throws EMissingSelfTestException, ESelfTestException; + public void runSelfTestsAtStartup() throws Exception; // // methods associated with the list of self test instances diff --git a/base/server/cms/src/com/netscape/cms/selftests/ASelfTest.java b/base/server/cms/src/com/netscape/cms/selftests/ASelfTest.java index e77ece551..c77514f35 100644 --- a/base/server/cms/src/com/netscape/cms/selftests/ASelfTest.java +++ b/base/server/cms/src/com/netscape/cms/selftests/ASelfTest.java @@ -186,8 +186,7 @@ public abstract class ASelfTest * <P> * * @param logger specifies logging subsystem - * @exception ESelfTestException self test exception + * @exception Exception self test exception */ - public abstract void runSelfTest(ILogEventListener logger) - throws ESelfTestException; + public abstract void runSelfTest(ILogEventListener logger) throws Exception; } diff --git a/base/server/cms/src/com/netscape/cms/selftests/ca/CAPresence.java b/base/server/cms/src/com/netscape/cms/selftests/ca/CAPresence.java index 83caa0099..ab491c7e7 100644 --- a/base/server/cms/src/com/netscape/cms/selftests/ca/CAPresence.java +++ b/base/server/cms/src/com/netscape/cms/selftests/ca/CAPresence.java @@ -191,72 +191,55 @@ public class CAPresence * <P> * * @param logger specifies logging subsystem - * @exception ESelfTestException self test exception + * @exception Exception self test exception */ - public void runSelfTest(ILogEventListener logger) - throws ESelfTestException { - String logMessage = null; - ICertificateAuthority ca = null; - X509CertImpl caCert = null; - X509Key caPubKey = null; - - ca = (ICertificateAuthority) CMS.getSubsystem(mCaSubId); + public void runSelfTest(ILogEventListener logger) throws Exception { + ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem(mCaSubId); if (ca == null) { // log that the CA is not installed - logMessage = CMS.getLogMessage("SELFTESTS_CA_IS_NOT_PRESENT", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } else { - // Retrieve the CA certificate - caCert = ca.getCACert(); - - if (caCert == null) { - // log that the CA is not yet initialized - logMessage = CMS.getLogMessage( - "SELFTESTS_CA_IS_NOT_INITIALIZED", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } - - // Retrieve the CA certificate public key - try { - caPubKey = (X509Key) caCert.get(X509CertImpl.PUBLIC_KEY); - - if (caPubKey == null) { - // log that something is seriously wrong with the CA - logMessage = CMS.getLogMessage("SELFTESTS_CA_IS_CORRUPT", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); + String logMessage = CMS.getLogMessage( + "SELFTESTS_CA_IS_NOT_PRESENT", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); + } - throw new ESelfTestException(logMessage); - } - } catch (CertificateParsingException e) { - // log that something is seriously wrong with the CA - mSelfTestSubsystem.log(logger, - e.toString()); + // Retrieve the CA certificate + X509CertImpl caCert = ca.getCACert(); + if (caCert == null) { + // log that the CA is not yet initialized + String logMessage = CMS.getLogMessage( + "SELFTESTS_CA_IS_NOT_INITIALIZED", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); + } - throw new ESelfTestException(e.toString()); - } + // Retrieve the CA certificate public key + X509Key caPubKey; + try { + caPubKey = (X509Key) caCert.get(X509CertImpl.PUBLIC_KEY); - // log that the CA is present - logMessage = CMS.getLogMessage("SELFTESTS_CA_IS_PRESENT", - getSelfTestName()); + } catch (CertificateParsingException e) { + // log that something is seriously wrong with the CA + mSelfTestSubsystem.log(logger, e.toString()); + throw e; + } - mSelfTestSubsystem.log(logger, - logMessage); + if (caPubKey == null) { + // log that something is seriously wrong with the CA + String logMessage = CMS.getLogMessage( + "SELFTESTS_CA_IS_CORRUPT", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); } - return; + // log that the CA is present + String logMessage = CMS.getLogMessage( + "SELFTESTS_CA_IS_PRESENT", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); } } diff --git a/base/server/cms/src/com/netscape/cms/selftests/ca/CAValidity.java b/base/server/cms/src/com/netscape/cms/selftests/ca/CAValidity.java index b1751ecb4..4d90be199 100644 --- a/base/server/cms/src/com/netscape/cms/selftests/ca/CAValidity.java +++ b/base/server/cms/src/com/netscape/cms/selftests/ca/CAValidity.java @@ -191,72 +191,56 @@ public class CAValidity * <P> * * @param logger specifies logging subsystem - * @exception ESelfTestException self test exception + * @exception Exception self test exception */ - public void runSelfTest(ILogEventListener logger) - throws ESelfTestException { - String logMessage = null; - ICertificateAuthority ca = null; - X509CertImpl caCert = null; - - ca = (ICertificateAuthority) CMS.getSubsystem(mCaSubId); + public void runSelfTest(ILogEventListener logger) throws Exception { + ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem(mCaSubId); if (ca == null) { // log that the CA is not installed - logMessage = CMS.getLogMessage("SELFTESTS_CA_IS_NOT_PRESENT", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } else { - // Retrieve the CA certificate - caCert = ca.getCACert(); - - if (caCert == null) { - // log that the CA is not yet initialized - logMessage = CMS.getLogMessage( - "SELFTESTS_CA_IS_NOT_INITIALIZED", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } - - // Retrieve the CA validity period - try { - caCert.checkValidity(); - } catch (CertificateNotYetValidException e) { - // log that the CA is not yet valid - logMessage = CMS.getLogMessage("SELFTESTS_CA_IS_NOT_YET_VALID", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } catch (CertificateExpiredException e) { - // log that the CA is expired - logMessage = CMS.getLogMessage("SELFTESTS_CA_IS_EXPIRED", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } + String logMessage = CMS.getLogMessage( + "SELFTESTS_CA_IS_NOT_PRESENT", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); + } - // log that the CA is valid - logMessage = CMS.getLogMessage("SELFTESTS_CA_IS_VALID", - getSelfTestName()); + // Retrieve the CA certificate + X509CertImpl caCert = ca.getCACert(); + if (caCert == null) { + // log that the CA is not yet initialized + String logMessage = CMS.getLogMessage( + "SELFTESTS_CA_IS_NOT_INITIALIZED", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); + } - mSelfTestSubsystem.log(logger, - logMessage); + // Retrieve the CA validity period + try { + caCert.checkValidity(); + + } catch (CertificateNotYetValidException e) { + // log that the CA is not yet valid + String logMessage = CMS.getLogMessage( + "SELFTESTS_CA_IS_NOT_YET_VALID", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw e; + + } catch (CertificateExpiredException e) { + // log that the CA is expired + String logMessage = CMS.getLogMessage( + "SELFTESTS_CA_IS_EXPIRED", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw e; } - return; + // log that the CA is valid + String logMessage = CMS.getLogMessage( + "SELFTESTS_CA_IS_VALID", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); } } diff --git a/base/server/cms/src/com/netscape/cms/selftests/common/SystemCertsVerification.java b/base/server/cms/src/com/netscape/cms/selftests/common/SystemCertsVerification.java index f5b0939f1..5c1e97bfa 100644 --- a/base/server/cms/src/com/netscape/cms/selftests/common/SystemCertsVerification.java +++ b/base/server/cms/src/com/netscape/cms/selftests/common/SystemCertsVerification.java @@ -185,29 +185,22 @@ public class SystemCertsVerification * <P> * * @param logger specifies logging subsystem - * @exception ESelfTestException self test exception + * @exception Exception self test exception */ - public void runSelfTest(ILogEventListener logger) - throws ESelfTestException { - String logMessage = null; - boolean rc = false; - - rc = CMS.verifySystemCerts(); - if (rc == true) { - logMessage = CMS.getLogMessage("SELFTESTS_COMMON_SYSTEM_CERTS_VERIFICATION_SUCCESS", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - } else { - logMessage = CMS.getLogMessage("SELFTESTS_COMMON_SYSTEM_CERTS_VERIFICATION_FAILURE", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - throw new ESelfTestException(logMessage); + public void runSelfTest(ILogEventListener logger) throws Exception { + + boolean status = CMS.verifySystemCerts(); + if (!status) { + String logMessage = CMS.getLogMessage( + "SELFTESTS_COMMON_SYSTEM_CERTS_VERIFICATION_FAILURE", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); } - return; + String logMessage = CMS.getLogMessage( + "SELFTESTS_COMMON_SYSTEM_CERTS_VERIFICATION_SUCCESS", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); } } diff --git a/base/server/cms/src/com/netscape/cms/selftests/kra/KRAPresence.java b/base/server/cms/src/com/netscape/cms/selftests/kra/KRAPresence.java index 832d2b747..ff0c3fbc2 100644 --- a/base/server/cms/src/com/netscape/cms/selftests/kra/KRAPresence.java +++ b/base/server/cms/src/com/netscape/cms/selftests/kra/KRAPresence.java @@ -188,64 +188,46 @@ public class KRAPresence * <P> * * @param logger specifies logging subsystem - * @exception ESelfTestException self test exception + * @exception Exception self test exception */ - public void runSelfTest(ILogEventListener logger) - throws ESelfTestException { - String logMessage = null; - IKeyRecoveryAuthority kra = null; - org.mozilla.jss.crypto.X509Certificate kraCert = null; - PublicKey kraPubKey = null; - - kra = (IKeyRecoveryAuthority) CMS.getSubsystem(mSubId); + public void runSelfTest(ILogEventListener logger) throws Exception { + IKeyRecoveryAuthority kra = (IKeyRecoveryAuthority) CMS.getSubsystem(mSubId); if (kra == null) { // log that the KRA is not installed - logMessage = CMS.getLogMessage("SELFTESTS_KRA_IS_NOT_PRESENT", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } else { - // Retrieve the KRA certificate - kraCert = kra.getTransportCert(); - - if (kraCert == null) { - // log that the RA is not yet initialized - logMessage = CMS.getLogMessage( - "SELFTESTS_KRA_IS_NOT_INITIALIZED", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } - - // Retrieve the KRA certificate public key - kraPubKey = kraCert.getPublicKey(); - - if (kraPubKey == null) { - // log that something is seriously wrong with the KRA - logMessage = CMS.getLogMessage("SELFTESTS_KRA_IS_CORRUPT", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } + String logMessage = CMS.getLogMessage( + "SELFTESTS_KRA_IS_NOT_PRESENT", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); + } - // log that the KRA is present - logMessage = CMS.getLogMessage("SELFTESTS_KRA_IS_PRESENT", - getSelfTestName()); + // Retrieve the KRA certificate + org.mozilla.jss.crypto.X509Certificate kraCert = kra.getTransportCert(); + if (kraCert == null) { + // log that the RA is not yet initialized + String logMessage = CMS.getLogMessage( + "SELFTESTS_KRA_IS_NOT_INITIALIZED", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); + } - mSelfTestSubsystem.log(logger, - logMessage); + // Retrieve the KRA certificate public key + PublicKey kraPubKey = kraCert.getPublicKey(); + if (kraPubKey == null) { + // log that something is seriously wrong with the KRA + String logMessage = CMS.getLogMessage( + "SELFTESTS_KRA_IS_CORRUPT", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); } - return; + // log that the KRA is present + String logMessage = CMS.getLogMessage( + "SELFTESTS_KRA_IS_PRESENT", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); } } diff --git a/base/server/cms/src/com/netscape/cms/selftests/ocsp/OCSPPresence.java b/base/server/cms/src/com/netscape/cms/selftests/ocsp/OCSPPresence.java index a3d9e3ad3..db9d237fc 100644 --- a/base/server/cms/src/com/netscape/cms/selftests/ocsp/OCSPPresence.java +++ b/base/server/cms/src/com/netscape/cms/selftests/ocsp/OCSPPresence.java @@ -192,89 +192,66 @@ public class OCSPPresence * <P> * * @param logger specifies logging subsystem - * @exception ESelfTestException self test exception + * @exception Exception self test exception */ - public void runSelfTest(ILogEventListener logger) - throws ESelfTestException { - String logMessage = null; - IOCSPAuthority ocsp = null; - ISigningUnit ocspSigningUnit = null; - X509CertImpl ocspCert = null; - X509Key ocspPubKey = null; - - ocsp = (IOCSPAuthority) CMS.getSubsystem(mOcspSubId); + public void runSelfTest(ILogEventListener logger) throws Exception { + IOCSPAuthority ocsp = (IOCSPAuthority) CMS.getSubsystem(mOcspSubId); if (ocsp == null) { // log that the OCSP is not installed - logMessage = CMS.getLogMessage("SELFTESTS_OCSP_IS_NOT_PRESENT", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } else { - // Retrieve the OCSP signing unit - ocspSigningUnit = ocsp.getSigningUnit(); - - if (ocspSigningUnit == null) { - // log that the OCSP is not yet initialized - logMessage = CMS.getLogMessage( - "SELFTESTS_OCSP_IS_NOT_INITIALIZED", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } - - // Retrieve the OCSP certificate - ocspCert = ocspSigningUnit.getCertImpl(); - - if (ocspCert == null) { - // log that the OCSP is not yet initialized - logMessage = CMS.getLogMessage( - "SELFTESTS_OCSP_IS_NOT_INITIALIZED", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } - - // Retrieve the OCSP certificate public key - try { - ocspPubKey = (X509Key) - ocspCert.get(X509CertImpl.PUBLIC_KEY); - - if (ocspPubKey == null) { - // log that something is seriously wrong with the OCSP - logMessage = CMS.getLogMessage("SELFTESTS_OCSP_IS_CORRUPT", - getSelfTestName()); + String logMessage = CMS.getLogMessage( + "SELFTESTS_OCSP_IS_NOT_PRESENT", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); + } - mSelfTestSubsystem.log(logger, - logMessage); + // Retrieve the OCSP signing unit + ISigningUnit ocspSigningUnit = ocsp.getSigningUnit(); + if (ocspSigningUnit == null) { + // log that the OCSP is not yet initialized + String logMessage = CMS.getLogMessage( + "SELFTESTS_OCSP_IS_NOT_INITIALIZED", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); + } - throw new ESelfTestException(logMessage); - } - } catch (CertificateParsingException e) { - // log that something is seriously wrong with the OCSP - mSelfTestSubsystem.log(logger, - e.toString()); + // Retrieve the OCSP certificate + X509CertImpl ocspCert = ocspSigningUnit.getCertImpl(); + if (ocspCert == null) { + // log that the OCSP is not yet initialized + String logMessage = CMS.getLogMessage( + "SELFTESTS_OCSP_IS_NOT_INITIALIZED", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); + } - throw new ESelfTestException(e.toString()); - } + // Retrieve the OCSP certificate public key + X509Key ocspPubKey; + try { + ocspPubKey = (X509Key)ocspCert.get(X509CertImpl.PUBLIC_KEY); - // log that the OCSP is present - logMessage = CMS.getLogMessage("SELFTESTS_OCSP_IS_PRESENT", - getSelfTestName()); + } catch (CertificateParsingException e) { + // log that something is seriously wrong with the OCSP + mSelfTestSubsystem.log(logger, e.toString()); + throw e; + } - mSelfTestSubsystem.log(logger, - logMessage); + if (ocspPubKey == null) { + // log that something is seriously wrong with the OCSP + String logMessage = CMS.getLogMessage( + "SELFTESTS_OCSP_IS_CORRUPT", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); } - return; + // log that the OCSP is present + String logMessage = CMS.getLogMessage( + "SELFTESTS_OCSP_IS_PRESENT", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); } } diff --git a/base/server/cms/src/com/netscape/cms/selftests/ocsp/OCSPValidity.java b/base/server/cms/src/com/netscape/cms/selftests/ocsp/OCSPValidity.java index 383779d22..6aadf842d 100644 --- a/base/server/cms/src/com/netscape/cms/selftests/ocsp/OCSPValidity.java +++ b/base/server/cms/src/com/netscape/cms/selftests/ocsp/OCSPValidity.java @@ -192,89 +192,68 @@ public class OCSPValidity * <P> * * @param logger specifies logging subsystem - * @exception ESelfTestException self test exception + * @exception Exception self test exception */ - public void runSelfTest(ILogEventListener logger) - throws ESelfTestException { + public void runSelfTest(ILogEventListener logger) throws Exception { String logMessage = null; - IOCSPAuthority ocsp = null; - ISigningUnit ocspSigningUnit = null; - X509CertImpl ocspCert = null; - - ocsp = (IOCSPAuthority) CMS.getSubsystem(mOcspSubId); + IOCSPAuthority ocsp = (IOCSPAuthority) CMS.getSubsystem(mOcspSubId); if (ocsp == null) { // log that the OCSP is not installed - logMessage = CMS.getLogMessage("SELFTESTS_OCSP_IS_NOT_PRESENT", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } else { - // Retrieve the OCSP signing unit - ocspSigningUnit = ocsp.getSigningUnit(); - - if (ocspSigningUnit == null) { - // log that the OCSP is not yet initialized - logMessage = CMS.getLogMessage( - "SELFTESTS_OCSP_IS_NOT_INITIALIZED", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } - - // Retrieve the OCSP certificate - ocspCert = ocspSigningUnit.getCertImpl(); - - if (ocspCert == null) { - // log that the OCSP is not yet initialized - logMessage = CMS.getLogMessage( - "SELFTESTS_OCSP_IS_NOT_INITIALIZED", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } - - // Retrieve the OCSP validity period - try { - ocspCert.checkValidity(); - } catch (CertificateNotYetValidException e) { - // log that the OCSP is not yet valid - logMessage = CMS.getLogMessage( - "SELFTESTS_OCSP_IS_NOT_YET_VALID", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } catch (CertificateExpiredException e) { - // log that the OCSP is expired - logMessage = CMS.getLogMessage("SELFTESTS_OCSP_IS_EXPIRED", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); + logMessage = CMS.getLogMessage( + "SELFTESTS_OCSP_IS_NOT_PRESENT", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); + } - throw new ESelfTestException(logMessage); - } + // Retrieve the OCSP signing unit + ISigningUnit ocspSigningUnit = ocsp.getSigningUnit(); + if (ocspSigningUnit == null) { + // log that the OCSP is not yet initialized + logMessage = CMS.getLogMessage( + "SELFTESTS_OCSP_IS_NOT_INITIALIZED", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); + } - // log that the OCSP is valid - logMessage = CMS.getLogMessage("SELFTESTS_OCSP_IS_VALID", - getSelfTestName()); + // Retrieve the OCSP certificate + X509CertImpl ocspCert = ocspSigningUnit.getCertImpl(); + if (ocspCert == null) { + // log that the OCSP is not yet initialized + logMessage = CMS.getLogMessage( + "SELFTESTS_OCSP_IS_NOT_INITIALIZED", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw new Exception(logMessage); + } - mSelfTestSubsystem.log(logger, - logMessage); + // Retrieve the OCSP validity period + try { + ocspCert.checkValidity(); + + } catch (CertificateNotYetValidException e) { + // log that the OCSP is not yet valid + logMessage = CMS.getLogMessage( + "SELFTESTS_OCSP_IS_NOT_YET_VALID", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw e; + + } catch (CertificateExpiredException e) { + // log that the OCSP is expired + logMessage = CMS.getLogMessage( + "SELFTESTS_OCSP_IS_EXPIRED", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw e; } - return; + // log that the OCSP is valid + logMessage = CMS.getLogMessage( + "SELFTESTS_OCSP_IS_VALID", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); } } diff --git a/base/server/cms/src/com/netscape/cms/selftests/ra/RAPresence.java b/base/server/cms/src/com/netscape/cms/selftests/ra/RAPresence.java deleted file mode 100644 index 6facd807c..000000000 --- a/base/server/cms/src/com/netscape/cms/selftests/ra/RAPresence.java +++ /dev/null @@ -1,261 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -// package statement // -/////////////////////// - -package com.netscape.cms.selftests.ra; - -/////////////////////// -// import statements // -/////////////////////// - -import java.security.PublicKey; -import java.util.Locale; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.logging.ILogEventListener; -import com.netscape.certsrv.ra.IRegistrationAuthority; -import com.netscape.certsrv.selftests.EDuplicateSelfTestException; -import com.netscape.certsrv.selftests.EInvalidSelfTestException; -import com.netscape.certsrv.selftests.EMissingSelfTestException; -import com.netscape.certsrv.selftests.ESelfTestException; -import com.netscape.certsrv.selftests.ISelfTestSubsystem; -import com.netscape.cms.selftests.ASelfTest; - -////////////////////// -// class definition // -////////////////////// - -/** - * This class implements a self test to check for RA presence. - * <P> - * - * <PRE> - * NOTE: This self-test is for Registration Authorities prior to - * Netscape Certificate Management System 7.0. It does NOT - * apply to the Registration Authority found in - * Red Hat Certificate System 7.3 or later (including - * ALL versions of Dogtag Certificate System). - * </PRE> - * <P> - * - * @deprecated - * @author mharmsen - * @author thomask - * @version $Revision$, $Date$ - */ -public class RAPresence - extends ASelfTest { - //////////////////////// - // default parameters // - //////////////////////// - - /////////////////////////// - // RAPresence parameters // - /////////////////////////// - - // parameter information - public static final String PROP_RA_SUB_ID = "RaSubId"; - private String mRaSubId = null; - - ///////////////////// - // default methods // - ///////////////////// - - //////////////////////// - // RAPresence methods // - //////////////////////// - - /** - * Initializes this subsystem with the configuration store - * associated with this instance name. - * <P> - * - * @param subsystem the associated subsystem - * @param instanceName the name of this self test instance - * @param parameters configuration store (self test parameters) - * @exception EDuplicateSelfTestException subsystem has duplicate name/value - * @exception EInvalidSelfTestException subsystem has invalid name/value - * @exception EMissingSelfTestException subsystem has missing name/value - */ - public void initSelfTest(ISelfTestSubsystem subsystem, - String instanceName, - IConfigStore parameters) - throws EDuplicateSelfTestException, - EInvalidSelfTestException, - EMissingSelfTestException { - super.initSelfTest(subsystem, instanceName, parameters); - - // retrieve mandatory parameter(s) - try { - mRaSubId = mConfig.getString(PROP_RA_SUB_ID); - if (mRaSubId != null) { - mRaSubId = mRaSubId.trim(); - } else { - mSelfTestSubsystem.log(mSelfTestSubsystem.getSelfTestLogger(), - CMS.getLogMessage( - "SELFTESTS_MISSING_VALUES", - getSelfTestName(), - mPrefix - + "." - + PROP_RA_SUB_ID)); - - throw new EMissingSelfTestException(PROP_RA_SUB_ID); - } - } catch (EBaseException e) { - mSelfTestSubsystem.log(mSelfTestSubsystem.getSelfTestLogger(), - CMS.getLogMessage( - "SELFTESTS_MISSING_NAME", - getSelfTestName(), - mPrefix - + "." - + PROP_RA_SUB_ID)); - - throw new EMissingSelfTestException(mPrefix, - PROP_RA_SUB_ID, - null); - } - - // retrieve optional parameter(s) - - return; - } - - /** - * Notifies this subsystem if it is in execution mode. - * <P> - * - * @exception ESelfTestException failed to start - */ - public void startupSelfTest() - throws ESelfTestException { - return; - } - - /** - * Stops this subsystem. The subsystem may call shutdownSelfTest - * anytime after initialization. - * <P> - */ - public void shutdownSelfTest() { - return; - } - - /** - * Returns the name associated with this self test. This method may - * return null if the self test has not been intialized. - * <P> - * - * @return instanceName of this self test - */ - public String getSelfTestName() { - return super.getSelfTestName(); - } - - /** - * Returns the root configuration storage (self test parameters) - * associated with this subsystem. - * <P> - * - * @return configuration store (self test parameters) of this subsystem - */ - public IConfigStore getSelfTestConfigStore() { - return super.getSelfTestConfigStore(); - } - - /** - * Retrieves description associated with an individual self test. - * This method may return null. - * <P> - * - * @param locale locale of the client that requests the description - * @return description of self test - */ - public String getSelfTestDescription(Locale locale) { - return CMS.getUserMessage(locale, - "CMS_SELFTESTS_RA_PRESENCE_DESCRIPTION"); - } - - /** - * Execute an individual self test. - * <P> - * - * @param logger specifies logging subsystem - * @exception ESelfTestException self test exception - */ - public void runSelfTest(ILogEventListener logger) - throws ESelfTestException { - String logMessage = null; - IRegistrationAuthority ra = null; - org.mozilla.jss.crypto.X509Certificate raCert = null; - PublicKey raPubKey = null; - - ra = (IRegistrationAuthority) CMS.getSubsystem(mRaSubId); - - if (ra == null) { - // log that the RA is not installed - logMessage = CMS.getLogMessage("SELFTESTS_RA_IS_NOT_PRESENT", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } else { - // Retrieve the RA certificate - raCert = ra.getRACert(); - - if (raCert == null) { - // log that the RA is not yet initialized - logMessage = CMS.getLogMessage( - "SELFTESTS_RA_IS_NOT_INITIALIZED", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } - - // Retrieve the RA certificate public key - raPubKey = raCert.getPublicKey(); - - if (raPubKey == null) { - // log that something is seriously wrong with the RA - logMessage = CMS.getLogMessage("SELFTESTS_RA_IS_CORRUPT", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - - throw new ESelfTestException(logMessage); - } - - // log that the RA is present - logMessage = CMS.getLogMessage("SELFTESTS_RA_IS_PRESENT", - getSelfTestName()); - - mSelfTestSubsystem.log(logger, - logMessage); - } - - return; - } -} diff --git a/base/server/cms/src/com/netscape/cms/selftests/tks/TKSKnownSessionKey.java b/base/server/cms/src/com/netscape/cms/selftests/tks/TKSKnownSessionKey.java index d5e7c11ad..1686ba564 100644 --- a/base/server/cms/src/com/netscape/cms/selftests/tks/TKSKnownSessionKey.java +++ b/base/server/cms/src/com/netscape/cms/selftests/tks/TKSKnownSessionKey.java @@ -104,7 +104,7 @@ public class TKSKnownSessionKey mMacKey = getConfigByteArray("macKey", 16); mUseSoftToken = getConfigString("useSoftToken"); - // AC: KDF SPEC CHANGE + // AC: KDF SPEC CHANGE // read CUID for the KDD field mKDD = getConfigByteArray("CUID", 10); // @@ -143,7 +143,7 @@ public class TKSKnownSessionKey getSelfTestName(), mPrefix + ".nistSP800-108KdfUseCuidAsKdd")); throw new EMissingSelfTestException("nistSP800-108KdfUseCuidAsKdd"); } - + String defKeySetMacKey = null; tks = CMS.getSubsystem(mTksSubId); if (tks != null) { @@ -175,7 +175,7 @@ public class TKSKnownSessionKey if (mSessionKey == null) { mSessionKey = SessionKey.ComputeSessionKey(mToken, mKeyName, mCardChallenge, mHostChallenge, - mKeyInfo, + mKeyInfo, mNistSP800_108KdfOnKeyVersion, // AC: KDF SPEC CHANGE - pass in configuration self-test value mNistSP800_108KdfUseCuidAsKdd, // AC: KDF SPEC CHANGE - pass in configuration self-test value mCUID, @@ -320,13 +320,12 @@ public class TKSKnownSessionKey * <P> * * @param logger specifies logging subsystem - * @exception ESelfTestException self test exception + * @exception Exception self test exception */ - public void runSelfTest(ILogEventListener logger) - throws ESelfTestException { - IConfigStore cs = CMS.getConfigStore(); - String sharedSecretName; + public void runSelfTest(ILogEventListener logger) throws Exception { + try { + IConfigStore cs = CMS.getConfigStore(); boolean useNewNames = cs.getBoolean("tks.useNewSharedSecretNames", false); if (useNewNames) { String tpsList = cs.getString("tps.list", ""); @@ -336,29 +335,39 @@ public class TKSKnownSessionKey } for (String tpsID : tpsList.split(",")) { - sharedSecretName = cs.getString("tps." + tpsID + ".nickname", ""); + String sharedSecretName = cs.getString("tps." + tpsID + ".nickname", ""); if (!sharedSecretName.isEmpty()) { CMS.debug("TKSKnownSessionKey: testing with key " + sharedSecretName); - generateSessionKey(logger, sharedSecretName); + generateSessionKey(sharedSecretName); } } + } else { // legacy systems - sharedSecretName = cs.getString("tks.tksSharedSymKeyName", "sharedSecret"); - generateSessionKey(logger, sharedSecretName); + String sharedSecretName = cs.getString("tks.tksSharedSymKeyName", "sharedSecret"); + generateSessionKey(sharedSecretName); } - } catch (EBaseException e) { - e.printStackTrace(); - CMS.debug("TKSKnownSessionKey: failed to read config file to set up test"); - String logMessage = CMS.getLogMessage("SELFTESTS_TKS_FAILED", getSelfTestName(), getSelfTestName()); + + String logMessage = CMS.getLogMessage( + "SELFTESTS_TKS_SUCCEEDED", + getSelfTestName(), + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + CMS.debug("TKSKnownSessionKey self test SUCCEEDED"); + + } catch (Exception e) { + String logMessage = CMS.getLogMessage( + "SELFTESTS_TKS_FAILED", + getSelfTestName(), + getSelfTestName()); mSelfTestSubsystem.log(logger, logMessage); - throw new ESelfTestException(logMessage); + throw e; } + return; } - private void generateSessionKey(ILogEventListener logger, String sharedSecretName) throws ESelfTestException { - String logMessage; + private void generateSessionKey(String sharedSecretName) throws Exception { String keySet = "defKeySet"; byte[] sessionKey = SessionKey.ComputeSessionKey( @@ -374,14 +383,7 @@ public class TKSKnownSessionKey // For FIPS compliance, the routine now returns a wrapped key, which can't be extracted and compared. if (sessionKey == null) { CMS.debug("TKSKnownSessionKey: generated no session key"); - CMS.debug("TKSKnownSessionKey self test FAILED"); - logMessage = CMS.getLogMessage("SELFTESTS_TKS_FAILED", getSelfTestName(), getSelfTestName()); - mSelfTestSubsystem.log(logger, logMessage); - throw new ESelfTestException(logMessage); - } else { - logMessage = CMS.getLogMessage("SELFTESTS_TKS_SUCCEEDED", getSelfTestName(), getSelfTestName()); - mSelfTestSubsystem.log(logger, logMessage); - CMS.debug("TKSKnownSessionKey self test SUCCEEDED"); + throw new Exception("No session key generated"); } } } diff --git a/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java b/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java index b8cf27cc5..b6325b71d 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java +++ b/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java @@ -3248,7 +3248,11 @@ public final class CMSAdminServlet extends AdminServlet { // store this information for console notification content += "COMPLETED SUCCESSFULLY\n"; - } catch (ESelfTestException e) { + + } catch (Exception e) { + + CMS.debug(e); + // Check to see if the self test was critical: if (mSelfTestSubsystem.isSelfTestCriticalOnDemand( instanceName)) { diff --git a/base/server/cmscore/src/com/netscape/cmscore/selftests/SelfTestSubsystem.java b/base/server/cmscore/src/com/netscape/cmscore/selftests/SelfTestSubsystem.java index ad1a1b0b8..d060f8180 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/selftests/SelfTestSubsystem.java +++ b/base/server/cmscore/src/com/netscape/cmscore/selftests/SelfTestSubsystem.java @@ -530,7 +530,11 @@ public class SelfTestSubsystem } test.runSelfTest(mLogger); - } catch (ESelfTestException e) { + + } catch (Exception e) { + + CMS.debug(e); + // Check to see if the self test was critical: if (isSelfTestCriticalOnDemand(instanceName)) { log(mLogger, @@ -810,146 +814,76 @@ public class SelfTestSubsystem * </ul> * * @exception EMissingSelfTestException subsystem has missing name - * @exception ESelfTestException self test exception + * @exception Exception self test exception */ - public void runSelfTestsAtStartup() - throws EMissingSelfTestException, ESelfTestException { - String auditMessage = null; + public void runSelfTestsAtStartup() throws Exception { - // ensure that any low-level exceptions are reported - // to the signed audit log and stored as failures - try { - if (CMS.debugOn()) { - CMS.debug("SelfTestSubsystem::runSelfTestsAtStartup():" - + " ENTERING . . ."); - } + // log that execution of startup self tests has begun + log(mLogger, + CMS.getLogMessage( + "CMSCORE_SELFTESTS_RUN_AT_STARTUP")); - // loop through all self test plugin instances - // specified to be executed at server startup - Enumeration<SelfTestOrderedInstance> instances = mStartupOrder.elements(); + // loop through all self test plugin instances + // specified to be executed at server startup + Enumeration<SelfTestOrderedInstance> instances = mStartupOrder.elements(); - while (instances.hasMoreElements()) { - SelfTestOrderedInstance instance = instances.nextElement(); + while (instances.hasMoreElements()) { + SelfTestOrderedInstance instance = instances.nextElement(); - String instanceFullName = null; - String instanceName = instance.getSelfTestName(); + String instanceFullName = null; + String instanceName = instance.getSelfTestName(); - if (instanceName != null) { - instanceName = instanceName.trim(); - instanceFullName = getFullName(mPrefix, - instanceName); - } else { - log(mLogger, - CMS.getLogMessage( - "CMSCORE_SELFTESTS_PROPERTY_NAME_IS_NULL")); + if (instanceName == null) { + log(mLogger, + CMS.getLogMessage( + "CMSCORE_SELFTESTS_PROPERTY_NAME_IS_NULL")); - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, - ILogger.SYSTEM_UID, - ILogger.FAILURE); + throw new EMissingSelfTestException(); + } - audit(auditMessage); + instanceName = instanceName.trim(); + instanceFullName = getFullName(mPrefix, instanceName); - throw new EMissingSelfTestException(); - } + if (!mSelfTestInstances.containsKey(instanceName)) { + // self test plugin instance property name is not present + log(mLogger, + CMS.getLogMessage( + "CMSCORE_SELFTESTS_PROPERTY_MISSING_NAME", + instanceFullName)); - if (mSelfTestInstances.containsKey(instanceName)) { - ISelfTest test = mSelfTestInstances.get(instanceName); - - try { - if (CMS.debugOn()) { - CMS.debug("SelfTestSubsystem::runSelfTestsAtStartup():" - + " running \"" - + test.getSelfTestName() - + "\""); - } - - test.runSelfTest(mLogger); - } catch (ESelfTestException e) { - // Check to see if the self test was critical: - if (isSelfTestCriticalAtStartup(instanceName)) { - log(mLogger, - CMS.getLogMessage( - "CMSCORE_SELFTESTS_RUN_AT_STARTUP_FAILED", - instanceFullName)); - - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, - ILogger.SYSTEM_UID, - ILogger.FAILURE); - - audit(auditMessage); - - // shutdown the system gracefully - CMS.shutdown(); - - IConfigStore cs = CMS.getConfigStore(); - String instanceID = cs.get("instanceId"); - String subsystemID = cs.get("cs.type").toLowerCase(); - - System.out.println("SelfTestSubsystem: Disabling \"" + subsystemID + "\" subsystem due to selftest failure."); - - try { - ProcessBuilder pb = new ProcessBuilder("pki-server", "subsystem-disable", "-i", instanceID, subsystemID); - Process process = pb.inheritIO().start(); - int rc = process.waitFor(); - - if (rc != 0) { - System.out.println("SelfTestSubsystem: Unable to disable \"" + subsystemID + "\". RC: " + rc); - } - - } catch (Exception e2) { - e.printStackTrace(); - } - - return; - } - } - } else { - // self test plugin instance property name is not present - log(mLogger, - CMS.getLogMessage( - "CMSCORE_SELFTESTS_PROPERTY_MISSING_NAME", - instanceFullName)); + throw new EMissingSelfTestException(instanceFullName); + } - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, - ILogger.SYSTEM_UID, - ILogger.FAILURE); + ISelfTest test = mSelfTestInstances.get(instanceName); - audit(auditMessage); + try { + CMS.debug("SelfTestSubsystem: running " + test.getSelfTestName()); + test.runSelfTest(mLogger); - throw new EMissingSelfTestException(instanceFullName); - } - } + } catch (Exception e) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, - ILogger.SYSTEM_UID, - ILogger.SUCCESS); + CMS.debug(e); - audit(auditMessage); + // Check to see if the self test was critical: + if (!isSelfTestCriticalAtStartup(instanceName)) { + continue; + } + + log(mLogger, + CMS.getLogMessage( + "CMSCORE_SELFTESTS_RUN_AT_STARTUP_FAILED", + instanceFullName)); - if (CMS.debugOn()) { - CMS.debug("SelfTestSubsystem::runSelfTestsAtStartup():" - + " EXITING."); + throw e; } - } catch (EMissingSelfTestException eAudit1) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, - ILogger.SYSTEM_UID, - ILogger.FAILURE); + } - audit(auditMessage); + // log that execution of all "critical" startup self tests + // has completed "successfully" + log(mLogger, + CMS.getLogMessage( + "CMSCORE_SELFTESTS_RUN_AT_STARTUP_SUCCEEDED")); - // rethrow the specific exception to be handled later - throw eAudit1; - } } public void log(int level, String msg) { @@ -1831,39 +1765,88 @@ public class SelfTestSubsystem * * @exception EBaseException base CMS exception */ - public void startup() - throws EBaseException { + public void startup() throws EBaseException { + // loop through all self test plugin instances Enumeration<ISelfTest> instances = mSelfTestInstances.elements(); while (instances.hasMoreElements()) { ISelfTest instance = instances.nextElement(); - instance.startupSelfTest(); } - if (!CMS.isPreOpMode()) { - // run all self test plugin instances (designated at startup) - Enumeration<SelfTestOrderedInstance> selftests = mStartupOrder.elements(); + if (CMS.isPreOpMode()) { + // do not run selftests in pre-op mode + return; + } - if (selftests.hasMoreElements()) { - // log that execution of startup self tests has begun - log(mLogger, - CMS.getLogMessage( - "CMSCORE_SELFTESTS_RUN_AT_STARTUP")); + // run all self test plugin instances (designated at startup) + Enumeration<SelfTestOrderedInstance> selftests = mStartupOrder.elements(); - // execute all startup self tests - runSelfTestsAtStartup(); + if (!selftests.hasMoreElements()) { + log(mLogger, + CMS.getLogMessage( + "CMSCORE_SELFTESTS_NOT_RUN_AT_STARTUP")); + return; + } - // log that execution of all "critical" startup self tests - // has completed "successfully" - log(mLogger, - CMS.getLogMessage( - "CMSCORE_SELFTESTS_RUN_AT_STARTUP_SUCCEEDED")); - } else { - log(mLogger, - CMS.getLogMessage( - "CMSCORE_SELFTESTS_NOT_RUN_AT_STARTUP")); + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + // execute all startup self tests + runSelfTestsAtStartup(); + + // store a message in the signed audit log file + String auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, + ILogger.SYSTEM_UID, + ILogger.SUCCESS); + + audit(auditMessage); + + } catch (EMissingSelfTestException e) { + + // store a message in the signed audit log file + String auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, + ILogger.SYSTEM_UID, + ILogger.FAILURE); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw e; + + } catch (Exception e) { + + // store a message in the signed audit log file + String auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, + ILogger.SYSTEM_UID, + ILogger.FAILURE); + + audit(auditMessage); + + // shutdown the system gracefully + CMS.shutdown(); + + IConfigStore cs = CMS.getConfigStore(); + String instanceID = cs.get("instanceId"); + String subsystemID = cs.get("cs.type").toLowerCase(); + + System.out.println("SelfTestSubsystem: Disabling \"" + subsystemID + "\" subsystem due to selftest failure."); + + try { + ProcessBuilder pb = new ProcessBuilder("pki-server", "subsystem-disable", "-i", instanceID, subsystemID); + Process process = pb.inheritIO().start(); + int rc = process.waitFor(); + + if (rc != 0) { + System.out.println("SelfTestSubsystem: Unable to disable \"" + subsystemID + "\". RC: " + rc); + } + + } catch (Exception e2) { + e.printStackTrace(); } } } diff --git a/base/tps/src/org/dogtagpki/server/tps/selftests/TPSPresence.java b/base/tps/src/org/dogtagpki/server/tps/selftests/TPSPresence.java index 65ac197e7..665f06855 100644 --- a/base/tps/src/org/dogtagpki/server/tps/selftests/TPSPresence.java +++ b/base/tps/src/org/dogtagpki/server/tps/selftests/TPSPresence.java @@ -140,48 +140,60 @@ public class TPSPresence extends ASelfTest { * <P> * * @param logger specifies logging subsystem - * @exception ESelfTestException self test exception + * @exception Exception self test exception */ - public void runSelfTest(ILogEventListener logger) - throws ESelfTestException { - String logMessage = null; + public void runSelfTest(ILogEventListener logger) throws Exception { + TPSSubsystem tps = (TPSSubsystem) CMS.getSubsystem(tpsSubId); if (tps == null) { // log that the TPS is not installed - logMessage = CMS.getLogMessage("SELFTESTS_TPS_IS_NOT_PRESENT", getSelfTestName()); + String logMessage = CMS.getLogMessage( + "SELFTESTS_TPS_IS_NOT_PRESENT", + getSelfTestName()); mSelfTestSubsystem.log(logger, logMessage); - throw new ESelfTestException(logMessage); + throw new Exception(logMessage); } // Retrieve the TPS certificate - org.mozilla.jss.crypto.X509Certificate tpsCert = null; + org.mozilla.jss.crypto.X509Certificate tpsCert; try { tpsCert = tps.getSubsystemCert(); + } catch (Exception e) { - e.printStackTrace(); // cert does not exist or is not yet configured // tpsCert will remain null + // log that the TPS is not yet initialized + String logMessage = CMS.getLogMessage( + "SELFTESTS_TPS_IS_NOT_INITIALIZED", + getSelfTestName()); + mSelfTestSubsystem.log(logger, logMessage); + throw e; } if (tpsCert == null) { // log that the TPS is not yet initialized - logMessage = CMS.getLogMessage("SELFTESTS_TPS_IS_NOT_INITIALIZED", + String logMessage = CMS.getLogMessage( + "SELFTESTS_TPS_IS_NOT_INITIALIZED", getSelfTestName()); mSelfTestSubsystem.log(logger, logMessage); - throw new ESelfTestException(logMessage); + throw new Exception(logMessage); } // Retrieve the TPS certificate public key PublicKey tpsPubKey = tpsCert.getPublicKey(); if (tpsPubKey == null) { // log that something is seriously wrong with the TPS - logMessage = CMS.getLogMessage("SELFTESTS_TPS_IS_CORRUPT", getSelfTestName()); + String logMessage = CMS.getLogMessage( + "SELFTESTS_TPS_IS_CORRUPT", + getSelfTestName()); mSelfTestSubsystem.log(logger, logMessage); - throw new ESelfTestException(logMessage); + throw new Exception(logMessage); } // log that the TPS is present - logMessage = CMS.getLogMessage("SELFTESTS_TPS_IS_PRESENT", getSelfTestName()); + String logMessage = CMS.getLogMessage( + "SELFTESTS_TPS_IS_PRESENT", + getSelfTestName()); mSelfTestSubsystem.log(logger, logMessage); } } diff --git a/base/tps/src/org/dogtagpki/server/tps/selftests/TPSValidity.java b/base/tps/src/org/dogtagpki/server/tps/selftests/TPSValidity.java index f140d6e7c..28ac38da2 100644 --- a/base/tps/src/org/dogtagpki/server/tps/selftests/TPSValidity.java +++ b/base/tps/src/org/dogtagpki/server/tps/selftests/TPSValidity.java @@ -144,54 +144,59 @@ public class TPSValidity extends ASelfTest { * <P> * * @param logger specifies logging subsystem - * @exception ESelfTestException self test exception + * @exception Exception self test exception */ - public void runSelfTest(ILogEventListener logger) - throws ESelfTestException { - String logMessage = null; - TPSSubsystem tps = (TPSSubsystem) CMS.getSubsystem(tpsSubId); + public void runSelfTest(ILogEventListener logger) throws Exception { + TPSSubsystem tps = (TPSSubsystem) CMS.getSubsystem(tpsSubId); if (tps == null) { // log that the TPS is not installed - logMessage = CMS.getLogMessage("SELFTESTS_TPS_IS_NOT_PRESENT", getSelfTestName()); + String logMessage = CMS.getLogMessage( + "SELFTESTS_TPS_IS_NOT_PRESENT", + getSelfTestName()); mSelfTestSubsystem.log(logger, logMessage); - throw new ESelfTestException(logMessage); + throw new Exception(logMessage); } // Retrieve the TPS subsystem certificate - X509CertImpl tpsCert = null; + X509CertImpl tpsCert; try { tpsCert = new X509CertImpl(tps.getSubsystemCert().getEncoded()); } catch (Exception e) { // certificate is not present or has not been configured - // tpsCert will remain null - } - - if (tpsCert == null) { // log that the TPS is not yet initialized - logMessage = CMS.getLogMessage("SELFTESTS_TPS_IS_NOT_INITIALIZED", + String logMessage = CMS.getLogMessage( + "SELFTESTS_TPS_IS_NOT_INITIALIZED", getSelfTestName()); mSelfTestSubsystem.log(logger, logMessage); - throw new ESelfTestException(logMessage); + throw e; } // Check the TPS validity period try { tpsCert.checkValidity(); + } catch (CertificateNotYetValidException e) { // log that the TPS is not yet valid - logMessage = CMS.getLogMessage("SELFTESTS_TPS_IS_NOT_YET_VALID", getSelfTestName()); + String logMessage = CMS.getLogMessage( + "SELFTESTS_TPS_IS_NOT_YET_VALID", + getSelfTestName()); mSelfTestSubsystem.log(logger, logMessage); - throw new ESelfTestException(logMessage); + throw e; + } catch (CertificateExpiredException e) { // log that the TPS is expired - logMessage = CMS.getLogMessage("SELFTESTS_TPS_IS_EXPIRED", getSelfTestName()); + String logMessage = CMS.getLogMessage( + "SELFTESTS_TPS_IS_EXPIRED", + getSelfTestName()); mSelfTestSubsystem.log(logger, logMessage); - throw new ESelfTestException(logMessage); + throw e; } // log that the TPS is valid - logMessage = CMS.getLogMessage("SELFTESTS_TPS_IS_VALID", getSelfTestName()); + String logMessage = CMS.getLogMessage( + "SELFTESTS_TPS_IS_VALID", + getSelfTestName()); mSelfTestSubsystem.log(logger, logMessage); } } |