summaryrefslogtreecommitdiffstats
path: root/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
diff options
context:
space:
mode:
Diffstat (limited to 'base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java')
-rw-r--r--base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java308
1 files changed, 0 insertions, 308 deletions
diff --git a/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java b/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
index 29e36f7fe..21ceaeee0 100644
--- a/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
+++ b/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
@@ -21,8 +21,6 @@
package com.netscape.certsrv.cert;
import java.io.Reader;
-import java.util.Calendar;
-import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.MultivaluedMap;
@@ -34,8 +32,6 @@ import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
-import com.netscape.cmsutil.ldap.LDAPUtil;
-
/**
* @author jmagne
*
@@ -44,7 +40,6 @@ import com.netscape.cmsutil.ldap.LDAPUtil;
@XmlAccessorType(XmlAccessType.FIELD)
public class CertSearchRequest {
- private final static String MATCH_EXACTLY = "exact";
//Serial Number
@XmlElement
protected boolean serialNumberRangeInUse;
@@ -555,309 +550,6 @@ public class CertSearchRequest {
public CertSearchRequest(MultivaluedMap<String, String> form) {
}
- public String buildFilter() {
- StringBuffer filter = new StringBuffer();
- buildSerialNumberRangeFilter(filter);
- buildSubjectFilter(filter);
- buildRevokedByFilter(filter);
- buildRevokedOnFilter(filter);
- buildRevocationReasonFilter(filter);
- buildIssuedByFilter(filter);
- buildIssuedOnFilter(filter);
- buildValidNotBeforeFilter(filter);
- buildValidNotAfterFilter(filter);
- buildValidityLengthFilter(filter);
- buildCertTypeFilter(filter);
-
- searchFilter = filter.toString();
-
- if (searchFilter != null && !searchFilter.equals("")) {
- searchFilter = "(&" + searchFilter + ")";
- }
-
- return searchFilter;
- }
-
- private void buildSerialNumberRangeFilter(StringBuffer filter) {
-
- if (!getSerialNumberRangeInUse()) {
- return;
- }
- boolean changed = false;
- String serialFrom = getSerialFrom();
- if (serialFrom != null && !serialFrom.equals("")) {
- filter.append("(certRecordId>=" + LDAPUtil.escapeFilter(serialFrom) + ")");
- changed = true;
- }
- String serialTo = getSerialTo();
- if (serialTo != null && !serialTo.equals("")) {
- filter.append("(certRecordId<=" + LDAPUtil.escapeFilter(serialTo) + ")");
- changed = true;
- }
- if (!changed) {
- filter.append("(certRecordId=*)");
- }
-
- }
-
- private void buildSubjectFilter(StringBuffer filter) {
- if (!getSubjectInUse()) {
- return;
- }
- StringBuffer lf = new StringBuffer();
-
- String matchStr = null;
- boolean match = getMatchExactly();
-
- if (match == true) {
- matchStr = MATCH_EXACTLY;
- }
-
- buildAVAFilter(getEmail(), "E", lf, matchStr);
- buildAVAFilter(getCommonName(), "CN", lf, matchStr);
- buildAVAFilter(getUserID(), "UID", lf, matchStr);
- buildAVAFilter(getOrgUnit(), "OU", lf, matchStr);
- buildAVAFilter(getOrg(), "O", lf, matchStr);
- buildAVAFilter(getLocality(), "L", lf, matchStr);
- buildAVAFilter(getState(), "ST", lf, matchStr);
- buildAVAFilter(getCountry(), "C", lf, matchStr);
-
- if (lf.length() == 0) {
- filter.append("(x509cert.subject=*)");
- return;
- }
- if (matchStr != null && matchStr.equals(MATCH_EXACTLY)) {
- filter.append("(&");
- filter.append(lf);
- filter.append(")");
- } else {
- filter.append("(|");
- filter.append(lf);
- filter.append(")");
- }
- }
-
- private void buildRevokedByFilter(StringBuffer filter) {
- if (!getRevokedByInUse()) {
- return;
- }
-
- String revokedBy = getRevokedBy();
- if (revokedBy == null || revokedBy.equals("")) {
- filter.append("(certRevokedBy=*)");
- } else {
- filter.append("(certRevokedBy=");
- filter.append(LDAPUtil.escapeFilter(revokedBy));
- filter.append(")");
- }
- }
-
- private void buildDateFilter(String prefix,
- String outStr, long adjustment,
- StringBuffer filter) {
- if (prefix == null || prefix.length() == 0) return;
- long epoch = 0;
- try {
- epoch = Long.parseLong(prefix);
- } catch (NumberFormatException e) {
- // exception safely ignored
- }
- Calendar from = Calendar.getInstance();
- from.setTimeInMillis(epoch);
- filter.append("(");
- filter.append(LDAPUtil.escapeFilter(outStr));
- filter.append(Long.toString(from.getTimeInMillis() + adjustment));
- filter.append(")");
- }
-
- private void buildRevokedOnFilter(StringBuffer filter) {
- if (!getRevokedOnInUse()) {
- return;
- }
- buildDateFilter(getRevokedOnFrom(), "certRevokedOn>=", 0, filter);
- buildDateFilter(getRevokedOnTo(), "certRevokedOn<=", 86399999, filter);
- }
-
- private void buildRevocationReasonFilter(StringBuffer filter) {
- if (!getRevocationReasonInUse()) {
- return;
- }
- String reasons = getRevocationReason();
- if (reasons == null) {
- return;
- }
- String queryCertFilter = null;
- StringTokenizer st = new StringTokenizer(reasons, ",");
- if (st.hasMoreTokens()) {
- filter.append("(|");
- while (st.hasMoreTokens()) {
- String token = st.nextToken();
- if (queryCertFilter == null) {
- queryCertFilter = "";
- }
- filter.append("(x509cert.certRevoInfo=");
- filter.append(LDAPUtil.escapeFilter(token));
- filter.append(")");
- }
- filter.append(")");
- }
- }
-
- private void buildIssuedByFilter(StringBuffer filter) {
- if (!getIssuedByInUse()) {
- return;
- }
- String issuedBy = getIssuedBy();
- if (issuedBy == null || issuedBy.equals("")) {
- filter.append("(certIssuedBy=*)");
- } else {
- filter.append("(certIssuedBy=");
- filter.append(LDAPUtil.escapeFilter(issuedBy));
- filter.append(")");
- }
- }
-
- private void buildIssuedOnFilter(StringBuffer filter) {
- if (!getIssuedOnInUse()) {
- return;
- }
- buildDateFilter(getIssuedOnFrom(), "certCreateTime>=", 0, filter);
- buildDateFilter(getIssuedOnTo(), "certCreateTime<=", 86399999, filter);
- }
-
- private void buildValidNotBeforeFilter(StringBuffer filter) {
- if (!getValidNotBeforeInUse()) {
- return;
- }
- buildDateFilter(validNotBeforeFrom, "x509cert.notBefore>=", 0, filter);
- buildDateFilter(validNotBeforeTo, "x509cert.notBefore<=", 86399999, filter);
-
- }
-
- private void buildValidNotAfterFilter(StringBuffer filter) {
- if (!getValidNotAfterInUse()) {
- return;
- }
- buildDateFilter(getValidNotAfterFrom(), "x509cert.notAfter>=", 0, filter);
- buildDateFilter(getValidNotAfterTo(), "x509cert.notAfter<=", 86399999, filter);
-
- }
-
- private void buildValidityLengthFilter(StringBuffer filter) {
- if (!getValidityLengthInUse()) {
- return;
- }
- String op = getValidityOperation();
- long count = 0;
- try {
- count = Long.parseLong(getValidityCount());
- } catch (NumberFormatException e) {
- // safely ignore
- }
- long unit = 0;
- try {
- unit = Long.parseLong(getValidityUnit());
- } catch (NumberFormatException e) {
- // safely ignore
- }
- filter.append("(");
- filter.append("x509cert.duration");
- filter.append(LDAPUtil.escapeFilter(op));
- filter.append(count * unit);
- filter.append(")");
- }
-
- private void buildCertTypeFilter(StringBuffer filter) {
- if (!getCertTypeInUse()) {
- return;
- }
- if (isOn(getCertTypeSSLClient())) {
- filter.append("(x509cert.nsExtension.SSLClient=on)");
- } else if (isOff(getCertTypeSSLClient())) {
- filter.append("(x509cert.nsExtension.SSLClient=off)");
- }
- if (isOn(getCertTypeSSLServer())) {
- filter.append("(x509cert.nsExtension.SSLServer=on)");
- } else if (isOff(getCertTypeSSLServer())) {
- filter.append("(x509cert.nsExtension.SSLServer=off)");
- }
- if (isOn(getCertTypeSecureEmail())) {
- filter.append("(x509cert.nsExtension.SecureEmail=on)");
- } else if (isOff(getCertTypeSecureEmail())) {
- filter.append("(x509cert.nsExtension.SecureEmail=off)");
- }
- if (isOn(getCertTypeSubSSLCA())) {
- filter.append("(x509cert.nsExtension.SubordinateSSLCA=on)");
- } else if (isOff(getCertTypeSubSSLCA())) {
- filter.append("(x509cert.nsExtension.SubordinateSSLCA=off)");
- }
- if (isOn(getCertTypeSubEmailCA())) {
- filter.append("(x509cert.nsExtension.SubordinateEmailCA=on)");
- } else if (isOff(getCertTypeSubEmailCA())) {
- filter.append("(x509cert.nsExtension.SubordinateEmailCA=off)");
- }
- }
-
- private boolean isOn(String value) {
- String inUse = value;
- if (inUse == null) {
- return false;
- }
- if (inUse.equals("on")) {
- return true;
- }
- return false;
- }
-
- private boolean isOff(String value) {
- String inUse = value;
- if (inUse == null) {
- return false;
- }
- if (inUse.equals("off")) {
- return true;
- }
- return false;
- }
-
- private void buildAVAFilter(String param,
- String avaName, StringBuffer lf, String match) {
- if (param != null && !param.equals("")) {
- if (match != null && match.equals(MATCH_EXACTLY)) {
- lf.append("(|");
- lf.append("(x509cert.subject=*");
- lf.append(avaName);
- lf.append("=");
- lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(param)));
- lf.append(",*)");
- lf.append("(x509cert.subject=*");
- lf.append(avaName);
- lf.append("=");
- lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(param)));
- lf.append(")");
- lf.append(")");
- } else {
- lf.append("(x509cert.subject=*");
- lf.append(avaName);
- lf.append("=");
- lf.append("*");
- lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(param)));
- lf.append("*)");
- }
- }
-
- }
-
- private String searchFilter = null;
-
- public String getSearchFilter() {
- return searchFilter;
- }
-
- public void setSearchFilter(String searchFilter) {
- this.searchFilter = searchFilter;
- }
-
public static CertSearchRequest valueOf(Reader reader) throws JAXBException {
JAXBContext context = JAXBContext.newInstance(CertSearchRequest.class);
Unmarshaller unmarshaller = context.createUnmarshaller();
generated by cgit (git 2.34.1) at 2024-04-19 22:03:00 +0000