2 files changed, 348 insertions, 0 deletions

diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLIssuingPointRecord.java b/pki/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLIssuingPointRecord.java
new file mode 100644
index 000000000..0923ce83e
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLIssuingPointRecord.java
@@ -0,0 +1,165 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.dbs.crldb;
+
+
+import java.util.*;
+import java.math.*;
+import java.io.*;
+import java.security.cert.*;
+import netscape.ldap.*;
+import netscape.security.x509.*;
+import netscape.security.util.*;
+import netscape.security.pkcs.*;
+import com.netscape.certsrv.base.*;
+import com.netscape.certsrv.dbs.*;
+
+
+/**
+ * An interface that defines abilities of
+ * a CRL issuing point record.
+ *
+ * @version $Revision: 14561 $, $Date: 2007-05-01 10:28:56 -0700 (Tue, 01 May 2007) $
+ */
+public interface ICRLIssuingPointRecord extends IDBObj {
+
+    public static final String ATTR_ID = "id";
+    public static final String ATTR_CRL_NUMBER = "crlNumber";
+    public static final String ATTR_DELTA_NUMBER = "deltaNumber";
+    public static final String ATTR_CRL_SIZE = "crlSize";
+    public static final String ATTR_DELTA_SIZE = "deltaSize";
+    public static final String ATTR_THIS_UPDATE = "thisUpdate";
+    public static final String ATTR_NEXT_UPDATE = "nextUpdate";
+    public static final String ATTR_FIRST_UNSAVED = "firstUnsaved";
+    public static final String ATTR_CRL = "certificaterevocationlist";
+    public static final String ATTR_CRL_CACHE = "crlCache";
+    public static final String ATTR_CA_CERT = "cACertificate";
+    public static final String ATTR_REVOKED_CERTS = "revokedCerts";
+    public static final String ATTR_UNREVOKED_CERTS = "unrevokedCerts";
+    public static final String ATTR_EXPIRED_CERTS = "expiredCerts";
+    public static final String ATTR_DELTA_CRL = "deltaCRL";
+
+    public static final String CLEAN_CACHE = "-1";
+    public static final String NEW_CACHE   = "-2";
+
+    /**
+     * Retrieve unique CRL identifier.
+     *
+     * @return unique CRL identifier
+     */
+    public String getId();
+
+    /**
+     * Retrieves current CRL number out of CRL issuing point record.
+     *
+     * @return current CRL number
+     */
+    public BigInteger getCRLNumber();
+
+    /**
+     * Retrieves CRL size measured by the number of entries.
+     *
+     * @return CRL size
+     */
+    public Long getCRLSize();
+
+    /**
+     * Retrieves this update time.
+     *
+     * @return time of this update
+     */
+    public Date getThisUpdate();
+
+    /**
+     * Retrieves next update time.
+     *
+     * @return time of next update
+     */
+    public Date getNextUpdate();
+
+    /**
+     * Retrieves current delta CRL number out of CRL issuing point record.
+     *
+     * @return current delta CRL number
+     */
+    public BigInteger getDeltaCRLNumber();
+
+    /**
+     * Retrieves delta CRL size measured by the number of entries.
+     *
+     * @return delta CRL size
+     */
+    public Long getDeltaCRLSize();
+
+    /**
+     * Retrieve Retrieve reference to the first unsaved data.
+     *
+     * @return reference to the first unsaved data
+     */
+    public String getFirstUnsaved();
+
+    /**
+     * Retrieves encoded CRL.
+     *
+     * @return encoded CRL
+     */
+    public byte[] getCRL();
+
+    /**
+     * Retrieves encoded delta CRL.
+     *
+     * @return encoded delta CRL
+     */
+    public byte[] getDeltaCRL();
+
+    /**
+     * Retrieves encoded CA certificate.
+     *
+     * @return encoded CA certificate
+     */
+    public byte[] getCACert();
+
+    /**
+     * Retrieves cache information about CRL.
+     *
+     * @return list of recently revoked certificates
+     */
+    public Hashtable getCRLCacheNoClone();
+    public Hashtable getCRLCache();
+
+    /**
+     * Retrieves cache information about revoked certificates.
+     *
+     * @return list of recently revoked certificates
+     */
+    public Hashtable getRevokedCerts();
+
+    /**
+     * Retrieves cache information about certificates released from hold.
+     *
+     * @return list of certificates recently released from hold
+     */
+    public Hashtable getUnrevokedCerts();
+
+    /**
+     * Retrieves cache information about expired certificates.
+     *
+     * @return list of recently expired certificates
+     */
+    public Hashtable getExpiredCerts();
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLRepository.java b/pki/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLRepository.java
new file mode 100644
index 000000000..e0eec12aa
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLRepository.java
@@ -0,0 +1,183 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.dbs.crldb;
+
+
+import java.math.*;
+import java.util.*;
+import java.io.*;
+import java.security.*;
+import java.security.cert.*;
+import netscape.security.x509.*;
+import netscape.ldap.*;
+import com.netscape.certsrv.*;
+import com.netscape.certsrv.base.*;
+import com.netscape.certsrv.dbs.*;
+import com.netscape.certsrv.dbs.repository.*;
+
+
+/**
+ * An interface represents a CMS CRL repository. It stores 
+ * all the CRL issuing points.
+ *
+ * @version $Revision: 14561 $, $Date: 2007-05-01 10:28:56 -0700 (Tue, 01 May 2007) $
+ */
+public interface ICRLRepository {
+
+    /**
+     * Adds CRL issuing point record.
+     *
+     * @param rec issuing point record
+     * @exception EBaseException failed to add new issuing point record
+     */
+    public void addCRLIssuingPointRecord(ICRLIssuingPointRecord rec)
+        throws EBaseException;
+
+    /**
+     * Retrieves all the issuing points' names.
+     *
+     * @return A list of issuing points' names.
+     * @exception EBaseException failed to retrieve all the issuing points' names.
+     */
+    public Vector getIssuingPointsNames() throws EBaseException;
+
+    /**
+     * Reads issuing point record.
+     *
+     * @return issuing point record
+     * @exception EBaseException failed to read issuing point record
+     */
+    public ICRLIssuingPointRecord readCRLIssuingPointRecord(String id)
+        throws EBaseException;
+
+    /**
+     * Deletes issuing point record.
+     *
+     * @param id issuing point record id
+     * @exception EBaseException failed to delete issuing point record
+     */
+    public void deleteCRLIssuingPointRecord(String id)
+        throws EBaseException;
+
+    /**
+     * Modifies issuing point record.
+     *
+     * @param id issuing point record id
+     * @param mods set of modifications
+     * @exception EBaseException failed to modify issuing point record
+     */
+    public void modifyCRLIssuingPointRecord(String id, ModificationSet mods)
+        throws EBaseException;
+
+    /**
+     * Updates CRL issuing point record.
+     *
+     * @param id issuing point record id
+     * @param newCRL encoded binary CRL
+     * @param thisUpdate time of this update
+     * @param nextUpdate time of next update
+     * @param crlNumber CRL number
+     * @param crlSize CRL size
+     * @exception EBaseException failed to update issuing point record
+     */
+    public void updateCRLIssuingPointRecord(String id, byte[] newCRL,
+        Date thisUpdate, Date nextUpdate, BigInteger crlNumber, Long crlSize)
+        throws EBaseException;
+
+    /**
+     * Updates CRL issuing point record.
+     *
+     * @param id issuing point record id
+     * @param newCRL encoded binary CRL
+     * @param thisUpdate time of this update
+     * @param nextUpdate time of next update
+     * @param crlNumber CRL number
+     * @param crlSize CRL size
+     * @param revokedCerts list of revoked certificates
+     * @param unrevokedCerts list of released from hold certificates
+     * @param expiredCerts list of expired certificates
+     * @exception EBaseException failed to update issuing point record
+     */
+    public void updateCRLIssuingPointRecord(String id, byte[] newCRL,
+        Date thisUpdate, Date nextUpdate, BigInteger crlNumber, Long crlSize,
+        Hashtable revokedCerts, Hashtable unrevokedCerts, Hashtable expiredCerts)
+        throws EBaseException;
+
+    /**
+     * Updates CRL issuing point record.
+     *
+     * @param id issuing point record id
+     * @param revokedCerts list of revoked certificates
+     * @param unrevokedCerts list of released from hold certificates
+     * @exception EBaseException failed to update issuing point record
+     */
+    public void updateRevokedCerts(String id, Hashtable revokedCerts, Hashtable unrevokedCerts)
+        throws EBaseException;
+
+    /**
+     * Updates CRL issuing point record.
+     *
+     * @param id issuing point record id
+     * @param expiredCerts list of expired certificates
+     * @exception EBaseException failed to update issuing point record
+     */
+    public void updateExpiredCerts(String id, Hashtable expiredCerts)
+        throws EBaseException;
+
+    /**
+     * Updates CRL issuing point record.
+     *
+     * @param id issuing point record id
+     * @param crlSize CRL size
+     * @param revokedCerts list of revoked certificates
+     * @param unrevokedCerts list of released from hold certificates
+     * @param expiredCerts list of expired certificates
+     * @exception EBaseException failed to update issuing point record
+     */
+    public void updateCRLCache(String id, Long crlSize,
+        Hashtable revokedCerts,
+        Hashtable unrevokedCerts,
+        Hashtable expiredCerts)
+        throws EBaseException;
+
+    /**
+     * Updates CRL issuing point record with delta-CRL.
+     *
+     * @param id issuing point record id
+     * @param deltaCRLNumber delta CRL number
+     * @param deltaCRLSize delta CRL size
+     * @param nextUpdate time of next update
+     * @param deltaCRL delta CRL in binary form
+     * @exception EBaseException failed to update issuing point record
+     */
+    public void updateDeltaCRL(String id, BigInteger deltaCRLNumber,
+                               Long deltaCRLSize, Date nextUpdate,
+                               byte[] deltaCRL)
+        throws EBaseException;
+
+    /**
+     * Updates CRL issuing point record with reference to the first
+     * unsaved data.
+     *
+     * @param id issuing point record id
+     * @param firstUnsaved reference to the first unsaved data
+     * @exception EBaseException failed to update issuing point record
+     */
+    public void updateFirstUnsaved(String id, String firstUnsaved)
+        throws EBaseException;
+}