diff options
Diffstat (limited to 'base/common/src/com/netscape/certsrv/ocsp/IOCSPAuthority.java')
-rw-r--r-- | base/common/src/com/netscape/certsrv/ocsp/IOCSPAuthority.java | 184 |
1 files changed, 184 insertions, 0 deletions
diff --git a/base/common/src/com/netscape/certsrv/ocsp/IOCSPAuthority.java b/base/common/src/com/netscape/certsrv/ocsp/IOCSPAuthority.java new file mode 100644 index 000000000..0219d357d --- /dev/null +++ b/base/common/src/com/netscape/certsrv/ocsp/IOCSPAuthority.java @@ -0,0 +1,184 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.ocsp; + +import netscape.security.x509.X500Name; + +import org.mozilla.jss.asn1.OBJECT_IDENTIFIER; +import org.mozilla.jss.pkix.primitive.AlgorithmIdentifier; + +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.ISubsystem; +import com.netscape.certsrv.security.ISigningUnit; +import com.netscape.cmsutil.ocsp.BasicOCSPResponse; +import com.netscape.cmsutil.ocsp.ResponderID; +import com.netscape.cmsutil.ocsp.ResponseData; + +/** + * This class represents the primary interface for the Online Certificate + * Status Protocol (OCSP) server. + * <P> + * + * @version $Revision$, $Date$ + */ +public interface IOCSPAuthority extends ISubsystem { + public static final String ID = "ocsp"; + + public final static OBJECT_IDENTIFIER OCSP_NONCE = new OBJECT_IDENTIFIER("1.3.6.1.5.5.7.48.1.2"); + + public final static String PROP_DEF_STORE_ID = "storeId"; + public final static String PROP_STORE = "store"; + public final static String PROP_SIGNING_SUBSTORE = "signing"; + public static final String PROP_NICKNAME = "certNickname"; + public final static String PROP_NEW_NICKNAME = "newNickname"; + + /** + * This method retrieves the OCSP store given its name. + * <P> + * + * @param id the string representation of an OCSP store + * @return IOCSPStore an instance of an OCSP store object + */ + public IOCSPStore getOCSPStore(String id); + + /** + * This method retrieves the signing unit. + * <P> + * + * @return ISigningUnit an instance of a signing unit object + */ + public ISigningUnit getSigningUnit(); + + /** + * This method retrieves the responder ID by its name. + * <P> + * + * @return ResponderID an instance of a responder ID + */ + public ResponderID getResponderIDByName(); + + /** + * This method retrieves the responder ID by its hash. + * <P> + * + * @return ResponderID an instance of a responder ID + */ + public ResponderID getResponderIDByHash(); + + /** + * This method retrieves the default OCSP store + * (i. e. - information from the internal database). + * <P> + * + * @return IDefStore an instance of the default OCSP store + */ + public IDefStore getDefaultStore(); + + /** + * This method sets the supplied algorithm as the default signing algorithm. + * <P> + * + * @param algorithm a string representing the requested algorithm + * @exception EBaseException if the algorithm is unknown or disallowed + */ + public void setDefaultAlgorithm(String algorithm) + throws EBaseException; + + /** + * This method retrieves the default signing algorithm. + * <P> + * + * @return String the name of the default signing algorithm + */ + public String getDefaultAlgorithm(); + + /** + * This method retrieves all potential OCSP signing algorithms. + * <P> + * + * @return String[] the names of all potential OCSP signing algorithms + */ + public String[] getOCSPSigningAlgorithms(); + + /** + * This method logs the specified message at the specified level. + * <P> + * + * @param level the log level + * @param msg the log message + */ + public void log(int level, String msg); + + /** + * This method logs the specified message at the specified level given + * the specified event. + * <P> + * + * @param event the log event + * @param level the log message + * @param msg the log message + */ + public void log(int event, int level, String msg); + + /** + * This method retrieves the X500Name of an OCSP server instance. + * <P> + * + * @return X500Name an instance of the X500 name object + */ + public X500Name getName(); + + /** + * This method retrieves an OCSP server instance digest name as a string. + * <P> + * + * @param alg the signing algorithm + * @return String the digest name of the related OCSP server + */ + public String getDigestName(AlgorithmIdentifier alg); + + /** + * This method signs the basic OCSP response data provided as a parameter. + * <P> + * + * @param rd response data + * @return BasicOCSPResponse signed response data + * @exception EBaseException error associated with an inability to sign + * the specified response data + */ + public BasicOCSPResponse sign(ResponseData rd) + throws EBaseException; + + /** + * This method compares two byte arrays to see if they are equivalent. + * <P> + * + * @param bytes the first byte array + * @param ints the second byte array + * @return boolean true or false + */ + public boolean arraysEqual(byte[] bytes, byte[] ints); + + public void incTotalTime(long inc); + + public void incSignTime(long inc); + + public void incLookupTime(long inc); + + public void incNumOCSPRequest(long inc); +} |