diff options
Diffstat (limited to 'pki/base/ca/src/com/netscape/ca')
4 files changed, 142 insertions, 67 deletions
diff --git a/pki/base/ca/src/com/netscape/ca/CAService.java b/pki/base/ca/src/com/netscape/ca/CAService.java index e6c302ff0..23b00a103 100644 --- a/pki/base/ca/src/com/netscape/ca/CAService.java +++ b/pki/base/ca/src/com/netscape/ca/CAService.java @@ -368,7 +368,8 @@ public class CAService implements ICAService, IService { // short cut profile-based request if (isProfileRequest(request)) { try { - CMS.debug("CAServic: x0 requestStatus=" + request.getRequestStatus().toString() + " instance=" + request); + CMS.debug("CAServic: x0 requestStatus=" + request.getRequestStatus().toString() + " instance=" + + request); serviceProfileRequest(request); request.setExtData(IRequest.RESULT, IRequest.RES_SUCCESS); CMS.debug("CAServic: x1 requestStatus=" + request.getRequestStatus().toString()); @@ -935,7 +936,8 @@ public class CAService implements ICAService, IService { modSet.add(ICertRecord.ATTR_META_INFO, Modification.MOD_REPLACE, oldMeta); mCA.getCertificateRepository().modifyCertificateRecord(oldSerialNo, modSet); - mCA.log(ILogger.LL_INFO, CMS.getLogMessage("CMSCORE_CA_MARK_SERIAL", oldSerialNo.toString(16), newSerialNo.toString(16))); + mCA.log(ILogger.LL_INFO, + CMS.getLogMessage("CMSCORE_CA_MARK_SERIAL", oldSerialNo.toString(16), newSerialNo.toString(16))); if (Debug.ON) { CertRecord check = (CertRecord) mCA.getCertificateRepository().readCertificateRecord(oldSerialNo); @@ -950,7 +952,8 @@ public class CAService implements ICAService, IService { } } } catch (EBaseException e) { - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_NO_STORE_SERIAL", cert.getSerialNumber().toString(16))); + mCA.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_NO_STORE_SERIAL", cert.getSerialNumber().toString(16))); if (Debug.ON) e.printStackTrace(); throw e; @@ -1035,7 +1038,8 @@ public class CAService implements ICAService, IService { } } } catch (EBaseException e) { - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_ERROR_REVOCATION", serialno.toString(), e.toString())); + mCA.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_ERROR_REVOCATION", serialno.toString(), e.toString())); //e.printStackTrace(); throw e; } @@ -1268,7 +1272,8 @@ class serviceIssue implements IServant { request.getExtDataInCertInfoArray(IRequest.CERT_INFO); if (certinfos == null || certinfos[0] == null) { - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CERT_REQUEST_NOT_FOUND", request.getRequestId().toString())); + mCA.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CERT_REQUEST_NOT_FOUND", request.getRequestId().toString())); throw new ECAException(CMS.getUserMessage("CMS_CA_MISSING_INFO_IN_ISSUEREQ")); } String challengePassword = @@ -1282,7 +1287,8 @@ class serviceIssue implements IServant { try { certs[i] = mService.issueX509Cert(rid, certinfos[i]); } catch (EBaseException e) { - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_ISSUE_ERROR", Integer.toString(i), rid, e.toString())); + mCA.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_ISSUE_ERROR", Integer.toString(i), rid, e.toString())); throw e; } } @@ -1294,7 +1300,8 @@ class serviceIssue implements IServant { mService.storeX509Cert(rid, certs[i], crmfReqId, challengePassword); } catch (EBaseException e) { e.printStackTrace(); - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_STORE_ERROR", Integer.toString(i), rid, e.toString())); + mCA.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_STORE_ERROR", Integer.toString(i), rid, e.toString())); ex = e; // save to throw later. break; } @@ -1309,7 +1316,8 @@ class serviceIssue implements IServant { try { mCA.getCertificateRepository().deleteCertificateRecord(serialNo); } catch (EBaseException e) { - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_DELETE_CERT_ERROR", serialNo.toString(), e.toString())); + mCA.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_DELETE_CERT_ERROR", serialNo.toString(), e.toString())); } } throw ex; @@ -1337,7 +1345,8 @@ class serviceRenewal implements IServant { request.getExtDataInCertInfoArray(IRequest.CERT_INFO); if (certinfos == null || certinfos[0] == null) { - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CERT_REQUEST_NOT_FOUND", request.getRequestId().toString())); + mCA.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CERT_REQUEST_NOT_FOUND", request.getRequestId().toString())); throw new ECAException( CMS.getUserMessage("CMS_CA_MISSING_INFO_IN_RENEWREQ")); } @@ -1426,7 +1435,8 @@ class serviceRenewal implements IServant { if (cert == null) { // something wrong - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_MISSING_RENEWED", serial.toString())); + mCA.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_MISSING_RENEWED", serial.toString())); svcerrors[i] = new ECAException( CMS.getUserMessage("CMS_CA_ERROR_GETTING_RENEWED_CERT", oldSerialNo.toString(), serial.toString())).toString(); @@ -1464,7 +1474,8 @@ class serviceRenewal implements IServant { mService.storeX509Cert(rid, issuedCerts[i], true, oldSerialNo); } catch (ECAException e) { svcerrors[i] = e.toString(); - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CANNOT_RENEW", Integer.toString(i), request.getRequestId().toString())); + mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CANNOT_RENEW", Integer.toString(i), request + .getRequestId().toString())); } } @@ -1687,7 +1698,8 @@ class serviceRevoke implements IServant { crlentries.length == 0 || crlentries[0] == null) { // XXX should this be an error ? - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRL_NOT_FOUND", request.getRequestId().toString())); + mCA.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRL_NOT_FOUND", request.getRequestId().toString())); throw new ECAException(CMS.getUserMessage("CMS_CA_MISSING_INFO_IN_REVREQ")); } @@ -1700,7 +1712,8 @@ class serviceRevoke implements IServant { mService.revokeCert(crlentries[i], request.getRequestId().toString()); revokedCerts[i] = crlentries[i]; } catch (ECAException e) { - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CANNOT_REVOKE", Integer.toString(i), request.getRequestId().toString(), e.toString())); + mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CANNOT_REVOKE", Integer.toString(i), request + .getRequestId().toString(), e.toString())); revokedCerts[i] = null; if (svcerrors == null) { svcerrors = new String[revokedCerts.length]; @@ -1804,7 +1817,8 @@ class serviceUnrevoke implements IServant { } mService.unrevokeCert(oldSerialNo[i], request.getRequestId().toString()); } catch (ECAException e) { - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_UNREVOKE_FAILED", oldSerialNo[i].toString(), request.getRequestId().toString())); + mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_UNREVOKE_FAILED", oldSerialNo[i].toString(), + request.getRequestId().toString())); if (svcerrors == null) { svcerrors = new String[oldSerialNo.length]; } @@ -1880,7 +1894,8 @@ class serviceGetCRL implements IServant { throws EBaseException { try { ICRLIssuingPointRecord crlRec = - (ICRLIssuingPointRecord) mCA.getCRLRepository().readCRLIssuingPointRecord(ICertificateAuthority.PROP_MASTER_CRL); + (ICRLIssuingPointRecord) mCA.getCRLRepository().readCRLIssuingPointRecord( + ICertificateAuthority.PROP_MASTER_CRL); X509CRLImpl crl = new X509CRLImpl(crlRec.getCRL()); request.setExtData(IRequest.CRL, crl.getEncoded()); @@ -1889,7 +1904,8 @@ class serviceGetCRL implements IServant { throw new ECAException( CMS.getUserMessage("CMS_CA_CRL_ISSUEPT_NOT_FOUND", e.toString())); } catch (CRLException e) { - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_GETCRL_INST_CRL", ICertificateAuthority.PROP_MASTER_CRL)); + mCA.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_GETCRL_INST_CRL", ICertificateAuthority.PROP_MASTER_CRL)); throw new ECAException( CMS.getUserMessage("CMS_CA_CRL_ISSUEPT_NOGOOD", ICertificateAuthority.PROP_MASTER_CRL)); } catch (X509ExtensionException e) { @@ -1990,7 +2006,8 @@ class serviceCert4Crl implements IServant { IRequest.REVOKED_CERT_RECORDS); if (revokedCertIds == null || revokedCertIds.length == 0) { - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CERT4CRL_NO_ENTRY", request.getRequestId().toString())); + mCA.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CERT4CRL_NO_ENTRY", request.getRequestId().toString())); throw new ECAException(CMS.getUserMessage("CMS_CA_MISSING_INFO_IN_CLAREQ")); } @@ -2005,7 +2022,8 @@ class serviceCert4Crl implements IServant { revokedCertRecs.length == 0 || revokedCertRecs[0] == null) { // XXX should this be an error ? - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CERT4CRL_NO_ENTRY", request.getRequestId().toString())); + mCA.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CERT4CRL_NO_ENTRY", request.getRequestId().toString())); throw new ECAException(CMS.getUserMessage("CMS_CA_MISSING_INFO_IN_CLAREQ")); } @@ -2036,7 +2054,8 @@ class serviceCert4Crl implements IServant { } } catch (ECAException e) { - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CERT4CRL_NO_REC", Integer.toString(i), request.getRequestId().toString(), e.toString())); + mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CERT4CRL_NO_REC", Integer.toString(i), + request.getRequestId().toString(), e.toString())); recordedCerts[i] = null; if (svcerrors == null) { svcerrors = new String[recordedCerts.length]; @@ -2092,7 +2111,8 @@ class serviceUnCert4Crl implements IServant { } } } catch (EBaseException e) { - mCA.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_DELETE_CERT_ERROR", oldSerialNo[i].toString(), e.toString())); + mCA.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_DELETE_CERT_ERROR", oldSerialNo[i].toString(), e.toString())); if (svcerrors == null) { svcerrors = new String[oldSerialNo.length]; } diff --git a/pki/base/ca/src/com/netscape/ca/CMSCRLExtensions.java b/pki/base/ca/src/com/netscape/ca/CMSCRLExtensions.java index 8bcba3561..d5458684a 100644 --- a/pki/base/ca/src/com/netscape/ca/CMSCRLExtensions.java +++ b/pki/base/ca/src/com/netscape/ca/CMSCRLExtensions.java @@ -250,21 +250,27 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { if (mDefaultEnabledCRLExtensions.contains(extName)) { mEnabledCRLExtensions.addElement(extName); } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_NO_ENABLE", extName, mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_NO_ENABLE", extName, + mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); } catch (EPropertyNotDefined e) { extConfig.putBoolean(PROP_ENABLE, mDefaultEnabledCRLExtensions.contains(extName)); modifiedConfig = true; if (mDefaultEnabledCRLExtensions.contains(extName)) { mEnabledCRLExtensions.addElement(extName); } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_UNDEFINE_ENABLE", extName, mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_UNDEFINE_ENABLE", extName, + mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); } catch (EBaseException e) { extConfig.putBoolean(PROP_ENABLE, mDefaultEnabledCRLExtensions.contains(extName)); modifiedConfig = true; if (mDefaultEnabledCRLExtensions.contains(extName)) { mEnabledCRLExtensions.addElement(extName); } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INVALID_ENABLE", extName, mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INVALID_ENABLE", extName, + mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); } return modifiedConfig; } @@ -282,21 +288,27 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { if (mDefaultCriticalCRLExtensions.contains(extName)) { mCriticalCRLExtensions.addElement(extName); } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_NO_CRITICAL", extName, mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_NO_CRITICAL", extName, + mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); } catch (EPropertyNotDefined e) { extConfig.putBoolean(PROP_CRITICAL, mDefaultCriticalCRLExtensions.contains(extName)); modifiedConfig = true; if (mDefaultCriticalCRLExtensions.contains(extName)) { mCriticalCRLExtensions.addElement(extName); } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_UNDEFINE_CRITICAL", extName, mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_UNDEFINE_CRITICAL", extName, + mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); } catch (EBaseException e) { extConfig.putBoolean(PROP_CRITICAL, mDefaultCriticalCRLExtensions.contains(extName)); modifiedConfig = true; if (mDefaultCriticalCRLExtensions.contains(extName)) { mCriticalCRLExtensions.addElement(extName); } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INVALID_CRITICAL", extName, mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INVALID_CRITICAL", extName, + mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); } return modifiedConfig; } @@ -317,12 +329,14 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { extConfig.putString(PROP_TYPE, PROP_CRL_ENTRY_EXT); modifiedConfig = true; mCRLEntryExtensionNames.addElement(extName); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INVALID_EXT", extName, PROP_CRL_ENTRY_EXT)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INVALID_EXT", extName, PROP_CRL_ENTRY_EXT)); } else if (mDefaultCRLExtensionNames.contains(extName)) { extConfig.putString(PROP_TYPE, PROP_CRL_EXT); modifiedConfig = true; mCRLExtensionNames.addElement(extName); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INVALID_EXT", extName, PROP_CRL_EXT)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INVALID_EXT", extName, PROP_CRL_EXT)); } else { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INVALID_EXT", extName, "")); } @@ -370,13 +384,17 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { } } } catch (ClassCastException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INCORRECT_CLASS", extClass, e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INCORRECT_CLASS", extClass, e.toString())); } catch (ClassNotFoundException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_FOUND", extClass, e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_FOUND", extClass, e.toString())); } catch (InstantiationException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_INST", extClass, e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_INST", extClass, e.toString())); } catch (IllegalAccessException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_ACCESS", extClass, e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_ACCESS", extClass, e.toString())); } } else { @@ -414,7 +432,8 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { } public boolean isCRLExtensionEnabled(String extName) { - return ((mCRLExtensionNames.contains(extName) || mCRLEntryExtensionNames.contains(extName)) && mEnabledCRLExtensions.contains(extName)); + return ((mCRLExtensionNames.contains(extName) || mCRLEntryExtensionNames.contains(extName)) && mEnabledCRLExtensions + .contains(extName)); } public boolean isCRLExtensionCritical(String extName) { @@ -528,11 +547,14 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { } } } catch (ClassNotFoundException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_FOUND", name, e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_FOUND", name, e.toString())); } catch (InstantiationException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_INST", name, e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_INST", name, e.toString())); } catch (IllegalAccessException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_ACCESS", name, e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_ACCESS", name, e.toString())); } int i = name.lastIndexOf('.'); @@ -601,7 +623,8 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { CMSCRLExtensions cmsCRLExtensions = (CMSCRLExtensions) ip.getCRLExtensions(); if (cmsCRLExtensions != null) { - issuingDistPointExtEnabled = cmsCRLExtensions.isCRLExtensionEnabled(IssuingDistributionPointExtension.NAME); + issuingDistPointExtEnabled = cmsCRLExtensions + .isCRLExtensionEnabled(IssuingDistributionPointExtension.NAME); } CMS.debug("issuingDistPointExtEnabled = " + issuingDistPointExtEnabled); diff --git a/pki/base/ca/src/com/netscape/ca/CRLIssuingPoint.java b/pki/base/ca/src/com/netscape/ca/CRLIssuingPoint.java index 4c794e98e..0e98955f2 100644 --- a/pki/base/ca/src/com/netscape/ca/CRLIssuingPoint.java +++ b/pki/base/ca/src/com/netscape/ca/CRLIssuingPoint.java @@ -737,7 +737,8 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { mCMSCRLExtensions = new CMSCRLExtensions(this, config); mExtendedNextUpdate = ((mUpdateSchema > 1 || (mEnableDailyUpdates && mExtendedTimeList)) && isDeltaCRLEnabled()) ? - config.getBoolean(Constants.PR_EXTENDED_NEXT_UPDATE, true) : + config.getBoolean(Constants.PR_EXTENDED_NEXT_UPDATE, true) + : false; // Get serial number ranges if any. @@ -879,10 +880,14 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { x509crl = null; } catch (EBaseException e) { x509crl = null; - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_CRL", mCRLNumber.toString(), e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_CRL", mCRLNumber.toString(), + e.toString())); } catch (OutOfMemoryError e) { x509crl = null; - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_CRL", mCRLNumber.toString(), e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_CRL", mCRLNumber.toString(), + e.toString())); } } } @@ -1594,7 +1599,8 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { } } if (t - mMinUpdateInterval > last) { - if (mExtendedNextUpdate && (!fromLastUpdate) && (!(mEnableDailyUpdates && mExtendedTimeList)) && (!delta) && + if (mExtendedNextUpdate && (!fromLastUpdate) && (!(mEnableDailyUpdates && mExtendedTimeList)) + && (!delta) && isDeltaEnabled && mUpdateSchema > 1) { i += mUpdateSchema - ((i + m) % mUpdateSchema); } @@ -1680,7 +1686,8 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { next = nextUpdate; } - CMS.debug("findNextUpdate: " + ((new Date(next)).toString()) + ((fromLastUpdate) ? " delay: " + (next - now) : "")); + CMS.debug("findNextUpdate: " + ((new Date(next)).toString()) + + ((fromLastUpdate) ? " delay: " + (next - now) : "")); return (fromLastUpdate) ? next - now : next; } @@ -2146,7 +2153,8 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { mCRLRepository.updateRevokedCerts(mId, mRevokedCerts, mUnrevokedCerts); mFirstUnsaved = ICRLIssuingPointRecord.CLEAN_CACHE; } catch (EBaseException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_ISSUING_STORE_REVOKED_CERT", mId, e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_ISSUING_STORE_REVOKED_CERT", mId, e.toString())); } } } @@ -2168,7 +2176,8 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { mCRLRepository.updateRevokedCerts(mId, mRevokedCerts, mUnrevokedCerts); mFirstUnsaved = ICRLIssuingPointRecord.CLEAN_CACHE; } catch (EBaseException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_ISSUING_STORE_UNREVOKED_CERT", mId, e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_ISSUING_STORE_UNREVOKED_CERT", mId, e.toString())); } } } @@ -2198,7 +2207,8 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { try { mCRLRepository.updateExpiredCerts(mId, mExpiredCerts); } catch (EBaseException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_ISSUING_STORE_EXPIRED_CERT", mId, e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_ISSUING_STORE_EXPIRED_CERT", mId, e.toString())); } } } @@ -2221,7 +2231,8 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { public boolean isDeltaCRLEnabled() { return (mAllowExtensions && mEnableCRLCache && mCMSCRLExtensions.isCRLExtensionEnabled(DeltaCRLIndicatorExtension.NAME) && - mCMSCRLExtensions.isCRLExtensionEnabled(CRLNumberExtension.NAME) && mCMSCRLExtensions.isCRLExtensionEnabled(CRLReasonExtension.NAME)); + mCMSCRLExtensions.isCRLExtensionEnabled(CRLNumberExtension.NAME) && mCMSCRLExtensions + .isCRLExtensionEnabled(CRLReasonExtension.NAME)); } public boolean isThisCurrentDeltaCRL(X509CRLImpl deltaCRL) { @@ -2328,7 +2339,8 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { Boolean.toString(isCRLCacheEnabled()), Boolean.toString(mEnableCacheRecovery), Boolean.toString(mCRLCacheIsCleared), - "" + mCRLCerts.size() + "," + mRevokedCerts.size() + "," + mUnrevokedCerts.size() + "," + mExpiredCerts.size() + "" + "" + mCRLCerts.size() + "," + mRevokedCerts.size() + "," + mUnrevokedCerts.size() + "," + + mExpiredCerts.size() + "" } ); mUpdatingCRL = CRL_UPDATE_STARTED; @@ -2383,11 +2395,14 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { mSplits[0] -= System.currentTimeMillis(); @SuppressWarnings("unchecked") - Hashtable<BigInteger, RevokedCertificate> clonedRevokedCerts = (Hashtable<BigInteger, RevokedCertificate>) mRevokedCerts.clone(); + Hashtable<BigInteger, RevokedCertificate> clonedRevokedCerts = (Hashtable<BigInteger, RevokedCertificate>) mRevokedCerts + .clone(); @SuppressWarnings("unchecked") - Hashtable<BigInteger, RevokedCertificate> clonedUnrevokedCerts = (Hashtable<BigInteger, RevokedCertificate>) mUnrevokedCerts.clone(); + Hashtable<BigInteger, RevokedCertificate> clonedUnrevokedCerts = (Hashtable<BigInteger, RevokedCertificate>) mUnrevokedCerts + .clone(); @SuppressWarnings("unchecked") - Hashtable<BigInteger, RevokedCertificate> clonedExpiredCerts = (Hashtable<BigInteger, RevokedCertificate>) mExpiredCerts.clone(); + Hashtable<BigInteger, RevokedCertificate> clonedExpiredCerts = (Hashtable<BigInteger, RevokedCertificate>) mExpiredCerts + .clone(); mSplits[0] += System.currentTimeMillis(); @@ -2426,7 +2441,8 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { if (isDeltaCRLEnabled()) { mSplits[1] -= System.currentTimeMillis(); @SuppressWarnings("unchecked") - Hashtable<BigInteger, RevokedCertificate> deltaCRLCerts = (Hashtable<BigInteger, RevokedCertificate>) clonedRevokedCerts.clone(); + Hashtable<BigInteger, RevokedCertificate> deltaCRLCerts = (Hashtable<BigInteger, RevokedCertificate>) clonedRevokedCerts + .clone(); deltaCRLCerts.putAll(clonedUnrevokedCerts); if (mIncludeExpiredCertsOneExtraTime) { @@ -2469,7 +2485,8 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { if (mConfigStore.getBoolean("noCRLIfNoRevokedCert", false)) { if (deltaCRLCerts.size() == 0) { CMS.debug("CRLIssuingPoint: No Revoked Certificates Found And noCRLIfNoRevokedCert is set to true - No Delta CRL Generated"); - throw new EBaseException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", "No Revoked Certificates")); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", + "No Revoked Certificates")); } } X509CRLImpl crl = new X509CRLImpl(mCA.getCRLX500Name(), @@ -2534,10 +2551,12 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { newX509DeltaCRL = null; if (Debug.on()) Debug.printStackTrace(e); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_DELTA", mCRLNumber.toString(), e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_DELTA", mCRLNumber.toString(), e.toString())); } catch (OutOfMemoryError e) { newX509DeltaCRL = null; - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_DELTA", mCRLNumber.toString(), e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_DELTA", mCRLNumber.toString(), e.toString())); } } else { mDeltaCRLSize = -1; @@ -2636,7 +2655,8 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { if (mConfigStore.getBoolean("noCRLIfNoRevokedCert", false)) { if (mCRLCerts.size() == 0) { CMS.debug("CRLIssuingPoint: No Revoked Certificates Found And noCRLIfNoRevokedCert is set to true - No CRL Generated"); - throw new EBaseException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", "No Revoked Certificates")); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", + "No Revoked Certificates")); } } CMS.debug("before new X509CRLImpl"); @@ -2696,7 +2716,8 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { splitTimes += ","; splitTimes += Long.toString(mSplits[i]); } - splitTimes += "," + Long.toString(deltaTime) + "," + Long.toString(crlTime) + "," + Long.toString(totalTime) + ")"; + splitTimes += "," + Long.toString(deltaTime) + "," + Long.toString(crlTime) + "," + + Long.toString(totalTime) + ")"; mLogger.log(ILogger.EV_AUDIT, ILogger.S_OTHER, AuditFormat.LEVEL, CMS.getLogMessage("CMSCORE_CA_CA_CRL_UPDATED"), @@ -2751,11 +2772,13 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { } catch (EBaseException e) { newX509CRL = null; mUpdatingCRL = CRL_UPDATE_DONE; - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_CRL", mCRLNumber.toString(), e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_CRL", mCRLNumber.toString(), e.toString())); } catch (OutOfMemoryError e) { newX509CRL = null; mUpdatingCRL = CRL_UPDATE_DONE; - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_CRL", mCRLNumber.toString(), e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_CRL", mCRLNumber.toString(), e.toString())); } } @@ -2962,7 +2985,8 @@ class CertRecProcessor implements IElementProcessor { private boolean mIssuingDistPointEnabled = false; private BitArray mOnlySomeReasons = null; - public CertRecProcessor(Hashtable<BigInteger, RevokedCertificate> crlCerts, CRLIssuingPoint ip, ILogger logger, boolean allowExtensions) { + public CertRecProcessor(Hashtable<BigInteger, RevokedCertificate> crlCerts, CRLIssuingPoint ip, ILogger logger, + boolean allowExtensions) { mCRLCerts = crlCerts; mLogger = logger; mIP = ip; diff --git a/pki/base/ca/src/com/netscape/ca/CertificateAuthority.java b/pki/base/ca/src/com/netscape/ca/CertificateAuthority.java index 8eae04760..0ae915d2f 100644 --- a/pki/base/ca/src/com/netscape/ca/CertificateAuthority.java +++ b/pki/base/ca/src/com/netscape/ca/CertificateAuthority.java @@ -1561,36 +1561,44 @@ public class CertificateAuthority implements ICertificateAuthority, ICertAuthori if (nc != null && nc.size() > 0) { // Initialize Certificate Issued notification listener - String certificateIssuedListenerClassName = nc.getString("certificateIssuedListenerClassName", "com.netscape.cms.listeners.CertificateIssuedListener"); + String certificateIssuedListenerClassName = nc.getString("certificateIssuedListenerClassName", + "com.netscape.cms.listeners.CertificateIssuedListener"); try { - mCertIssuedListener = (IRequestListener) Class.forName(certificateIssuedListenerClassName).newInstance(); + mCertIssuedListener = (IRequestListener) Class.forName(certificateIssuedListenerClassName) + .newInstance(); mCertIssuedListener.init(this, nc); } catch (Exception e1) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CA_REGISTER_LISTENER", certificateIssuedListenerClassName)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CA_REGISTER_LISTENER", certificateIssuedListenerClassName)); } // Initialize Revoke Request notification listener - String certificateRevokedListenerClassName = nc.getString("certificateIssuedListenerClassName", "com.netscape.cms.listeners.CertificateRevokedListener"); + String certificateRevokedListenerClassName = nc.getString("certificateIssuedListenerClassName", + "com.netscape.cms.listeners.CertificateRevokedListener"); try { - mCertRevokedListener = (IRequestListener) Class.forName(certificateRevokedListenerClassName).newInstance(); + mCertRevokedListener = (IRequestListener) Class.forName(certificateRevokedListenerClassName) + .newInstance(); mCertRevokedListener.init(this, nc); } catch (Exception e1) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CA_REGISTER_LISTENER", certificateRevokedListenerClassName)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CA_REGISTER_LISTENER", certificateRevokedListenerClassName)); } // Initialize Request In Queue notification listener IConfigStore rq = nc.getSubStore(PROP_REQ_IN_Q_SUBSTORE); - String requestInQListenerClassName = nc.getString("certificateIssuedListenerClassName", "com.netscape.cms.listeners.RequestInQListener"); + String requestInQListenerClassName = nc.getString("certificateIssuedListenerClassName", + "com.netscape.cms.listeners.RequestInQListener"); try { mReqInQListener = (IRequestListener) Class.forName(requestInQListenerClassName).newInstance(); mReqInQListener.init(this, nc); } catch (Exception e1) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CA_REGISTER_REQ_LISTENER", requestInQListenerClassName)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CA_REGISTER_REQ_LISTENER", requestInQListenerClassName)); } // Initialize extra listeners |