diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java')
| -rw-r--r-- | pki/base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java | 164 |
1 files changed, 81 insertions, 83 deletions
diff --git a/pki/base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java b/pki/base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java index dab45fdb1..f317db9b1 100644 --- a/pki/base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java +++ b/pki/base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.ca; - import java.math.BigInteger; import java.util.Date; import java.util.Set; @@ -34,19 +33,18 @@ import com.netscape.certsrv.base.ISubsystem; import com.netscape.certsrv.common.NameValuePairs; import com.netscape.certsrv.dbs.IElementProcessor; - /** - * This class encapsulates CRL issuing mechanism. CertificateAuthority - * contains a map of CRLIssuingPoint indexed by string ids. Each issuing - * point contains information about CRL issuing and publishing parameters - * as well as state information which includes last issued CRL, next CRL - * serial number, time of the next update etc. - * If autoUpdateInterval is set to non-zero value then worker thread - * is created that will perform CRL update at scheduled intervals. Update - * can also be triggered by invoking updateCRL method directly. Another + * This class encapsulates CRL issuing mechanism. CertificateAuthority + * contains a map of CRLIssuingPoint indexed by string ids. Each issuing + * point contains information about CRL issuing and publishing parameters + * as well as state information which includes last issued CRL, next CRL + * serial number, time of the next update etc. + * If autoUpdateInterval is set to non-zero value then worker thread + * is created that will perform CRL update at scheduled intervals. Update + * can also be triggered by invoking updateCRL method directly. Another * parameter minUpdateInterval can be used to prevent CRL * from being updated too often - * + * * @version $Revision$, $Date$ */ @@ -75,105 +73,105 @@ public interface ICRLIssuingPoint { /** * Returns true if CRL issuing point is enabled. - * + * * @return true if CRL issuing point is enabled */ public boolean isCRLIssuingPointEnabled(); /** * Returns true if CRL generation is enabled. - * + * * @return true if CRL generation is enabled */ public boolean isCRLGenerationEnabled(); /** * Enables or disables CRL issuing point according to parameter. - * + * * @param enable if true enables CRL issuing point */ public void enableCRLIssuingPoint(boolean enable); /** * Returns CRL update status. - * + * * @return CRL update status */ public String getCrlUpdateStatusStr(); /** * Returns CRL update error. - * + * * @return CRL update error */ public String getCrlUpdateErrorStr(); /** * Returns CRL publishing status. - * + * * @return CRL publishing status */ public String getCrlPublishStatusStr(); /** * Returns CRL publishing error. - * + * * @return CRL publishing error */ public String getCrlPublishErrorStr(); /** * Returns CRL issuing point initialization status. - * + * * @return status of CRL issuing point initialization */ public int isCRLIssuingPointInitialized(); /** * Checks if manual update is set. - * + * * @return true if manual update is set */ public boolean isManualUpdateSet(); /** * Checks if expired certificates are included in CRL. - * + * * @return true if expired certificates are included in CRL */ public boolean areExpiredCertsIncluded(); /** * Checks if CRL includes CA certificates only. - * + * * @return true if CRL includes CA certificates only */ public boolean isCACertsOnly(); /** * Checks if CRL includes profile certificates only. - * + * * @return true if CRL includes profile certificates only */ public boolean isProfileCertsOnly(); /** * Checks if CRL issuing point includes this profile. - * + * * @return true if CRL issuing point includes this profile */ public boolean checkCurrentProfile(String id); /** * Initializes CRL issuing point. - * - * @param ca certificate authority that holds CRL issuing point + * + * @param ca certificate authority that holds CRL issuing point * @param id CRL issuing point id * @param config configuration sub-store for CRL issuing point * @exception EBaseException thrown if initialization failed */ - public void init(ISubsystem ca, String id, IConfigStore config) - throws EBaseException; + public void init(ISubsystem ca, String id, IConfigStore config) + throws EBaseException; /** * This method is called during shutdown. @@ -183,21 +181,21 @@ public interface ICRLIssuingPoint { /** * Returns internal id of this CRL issuing point. - * + * * @return internal id of this CRL issuing point */ public String getId(); /** * Returns internal description of this CRL issuing point. - * + * * @return internal description of this CRL issuing point */ public String getDescription(); /** * Sets internal description of this CRL issuing point. - * + * * @param description description for this CRL issuing point. */ public void setDescription(String description); @@ -205,21 +203,21 @@ public interface ICRLIssuingPoint { /** * Returns DN of the directory entry where CRLs from this issuing point * are published. - * + * * @return DN of the directory entry where CRLs are published. */ public String getPublishDN(); /** * Returns signing algorithm. - * + * * @return signing algorithm */ public String getSigningAlgorithm(); /** * Returns signing algorithm used in last signing operation.. - * + * * @return last signing algorithm */ public String getLastSigningAlgorithm(); @@ -227,14 +225,14 @@ public interface ICRLIssuingPoint { /** * Returns current CRL generation schema for this CRL issuing point. * <P> - * + * * @return current CRL generation schema for this CRL issuing point */ public int getCRLSchema(); /** * Returns current CRL number of this CRL issuing point. - * + * * @return current CRL number of this CRL issuing point */ public BigInteger getCRLNumber(); @@ -242,56 +240,56 @@ public interface ICRLIssuingPoint { /** * Returns current delta CRL number of this CRL issuing point. * <P> - * + * * @return current delta CRL number of this CRL issuing point */ public BigInteger getDeltaCRLNumber(); /** * Returns next CRL number of this CRL issuing point. - * + * * @return next CRL number of this CRL issuing point */ public BigInteger getNextCRLNumber(); /** * Returns number of entries in the current CRL. - * + * * @return number of entries in the current CRL */ public long getCRLSize(); /** * Returns number of entries in delta CRL - * + * * @return number of entries in delta CRL */ public long getDeltaCRLSize(); /** * Returns time of the last update. - * + * * @return last CRL update time */ public Date getLastUpdate(); /** * Returns time of the next update. - * + * * @return next CRL update time */ public Date getNextUpdate(); /** * Returns time of the next delta CRL update. - * + * * @return next delta CRL update time */ public Date getNextDeltaUpdate(); /** * Returns all the revoked certificates from the CRL cache. - * + * * @param start first requested CRL entry * @param end next after last requested CRL entry * @return set of all the revoked certificates or null if there are none. @@ -300,7 +298,7 @@ public interface ICRLIssuingPoint { /** * Returns certificate authority. - * + * * @return certificate authority */ public ISubsystem getCertificateAuthority(); @@ -308,14 +306,14 @@ public interface ICRLIssuingPoint { /** * Schedules immediate CRL manual-update * and sets signature algorithm to be used for signing. - * + * * @param signatureAlgorithm signature algorithm to be used for signing */ - public void setManualUpdate(String signatureAlgorithm); + public void setManualUpdate(String signatureAlgorithm); /** * Returns auto update interval in milliseconds. - * + * * @return auto update interval in milliseconds */ public long getAutoUpdateInterval(); @@ -323,14 +321,14 @@ public interface ICRLIssuingPoint { /** * Returns true if CRL is updated for every change * of revocation status of any certificate. - * + * * @return true if CRL update is always triggered by revocation operation */ public boolean getAlwaysUpdate(); /** * Returns next update grace period in minutes. - * + * * @return next update grace period in minutes */ public long getNextUpdateGracePeriod(); @@ -338,7 +336,7 @@ public interface ICRLIssuingPoint { /** * Returns filter used to build CRL based on information stored * in local directory. - * + * * @return filter used to search local directory */ public String getFilter(); @@ -348,30 +346,31 @@ public interface ICRLIssuingPoint { * Calls certificate record processor to get necessary data * from certificate records. * This also regenerates CRL cache. - * + * * @param cp certificate record processor * @exception EBaseException if an error occurred in the database. */ public void processRevokedCerts(IElementProcessor cp) - throws EBaseException; + throws EBaseException; /** * Returns date of revoked certificate or null * if certificated is not listed as revoked. - * + * * @param serialNumber serial number of certificate to be checked * @param checkDeltaCache true if delta CRL cache suppose to be - * included in checking process + * included in checking process * @param includeExpiredCerts true if delta CRL cache with expired - * certificates suppose to be included in checking process + * certificates suppose to be included in checking process * @return date of revoked certificate or null */ public Date getRevocationDateFromCache(BigInteger serialNumber, boolean checkDeltaCache, boolean includeExpiredCerts); + /** * Returns split times from CRL generation. - * + * * @return split times from CRL generation in milliseconds */ public Vector<Long> getSplitTimes(); @@ -379,13 +378,13 @@ public interface ICRLIssuingPoint { /** * Generates CRL now based on cache or local directory if cache * is not available. It also publishes CRL if it is required. - * + * * @param signingAlgorithm signing algorithm to be used for CRL signing * @exception EBaseException if an error occurred during - * CRL generation or publishing + * CRL generation or publishing */ - public void updateCRLNow(String signingAlgorithm) - throws EBaseException; + public void updateCRLNow(String signingAlgorithm) + throws EBaseException; /** * Clears CRL cache @@ -399,21 +398,21 @@ public interface ICRLIssuingPoint { /** * Returns number of recently revoked certificates. - * + * * @return number of recently revoked certificates */ public int getNumberOfRecentlyRevokedCerts(); /** * Returns number of recently unrevoked certificates. - * + * * @return number of recently unrevoked certificates */ public int getNumberOfRecentlyUnrevokedCerts(); /** * Returns number of recently expired and revoked certificates. - * + * * @return number of recently expired and revoked certificates */ public int getNumberOfRecentlyExpiredCerts(); @@ -421,7 +420,7 @@ public interface ICRLIssuingPoint { /** * Converts list of extensions supplied by revocation request * to list of extensions required to be placed in CRL. - * + * * @param exts list of extensions supplied by revocation request * @return list of extensions required to be placed in CRL */ @@ -429,7 +428,7 @@ public interface ICRLIssuingPoint { /** * Adds revoked certificate to delta-CRL cache. - * + * * @param serialNumber serial number of revoked certificate * @param revokedCert revocation information supplied by revocation request */ @@ -437,7 +436,7 @@ public interface ICRLIssuingPoint { /** * Adds revoked certificate to delta-CRL cache. - * + * * @param serialNumber serial number of revoked certificate * @param revokedCert revocation information supplied by revocation request * @param requestId revocation request id @@ -447,14 +446,14 @@ public interface ICRLIssuingPoint { /** * Adds unrevoked certificate to delta-CRL cache. - * + * * @param serialNumber serial number of unrevoked certificate */ public void addUnrevokedCert(BigInteger serialNumber); /** * Adds unrevoked certificate to delta-CRL cache. - * + * * @param serialNumber serial number of unrevoked certificate * @param requestId unrevocation request id */ @@ -462,7 +461,7 @@ public interface ICRLIssuingPoint { /** * Adds expired and revoked certificate to delta-CRL cache. - * + * * @param serialNumber serial number of expired and revoked certificate */ public void addExpiredCert(BigInteger serialNumber); @@ -475,7 +474,7 @@ public interface ICRLIssuingPoint { /** * Updates issuing point configuration according to supplied data * in name value pairs. - * + * * @param params name value pairs defining new issuing point configuration * @return true if configuration is updated successfully */ @@ -483,35 +482,35 @@ public interface ICRLIssuingPoint { /** * Returns true if delta-CRL is enabled. - * + * * @return true if delta-CRL is enabled */ public boolean isDeltaCRLEnabled(); /** * Returns true if CRL cache is enabled. - * + * * @return true if CRL cache is enabled */ public boolean isCRLCacheEnabled(); /** * Returns true if CRL cache is empty. - * + * * @return true if CRL cache is empty */ public boolean isCRLCacheEmpty(); /** * Returns true if CRL cache testing is enabled. - * + * * @return true if CRL cache testing is enabled */ public boolean isCRLCacheTestingEnabled(); /** * Returns true if supplied delta-CRL is matching current delta-CRL. - * + * * @param deltaCRL delta-CRL to verify against current delta-CRL * @return true if supplied delta-CRL is matching current delta-CRL */ @@ -519,7 +518,7 @@ public interface ICRLIssuingPoint { /** * Returns status of CRL generation. - * + * * @return one of the following according to CRL generation status: * CRL_UPDATE_DONE, CRL_UPDATE_STARTED, and CRL_PUBLISHING_STARTED */ @@ -528,18 +527,17 @@ public interface ICRLIssuingPoint { /** * Generates CRL now based on cache or local directory if cache * is not available. It also publishes CRL if it is required. - * CRL is signed by default signing algorithm. - * + * CRL is signed by default signing algorithm. + * * @exception EBaseException if an error occurred during - * CRL generation or publishing + * CRL generation or publishing */ - public void updateCRLNow() throws EBaseException; + public void updateCRLNow() throws EBaseException; /** * Returns list of CRL extensions. - * + * * @return list of CRL extensions */ public ICMSCRLExtensions getCRLExtensions(); } - |