summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java192
1 files changed, 91 insertions, 101 deletions
diff --git a/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java b/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java
index 9b7fa4c00..d1cc3d808 100644
--- a/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java
+++ b/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java
@@ -17,6 +17,7 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.listeners;
+
import java.io.File;
import java.io.IOException;
import java.security.cert.X509Certificate;
@@ -46,11 +47,12 @@ import com.netscape.certsrv.request.IRequest;
import com.netscape.certsrv.request.IRequestListener;
import com.netscape.certsrv.request.RequestId;
+
/**
* a listener for every completed enrollment request
* <p>
- * Here is a list of available $TOKENs for email notification templates if
- * certificate is successfully issued:
+ * Here is a list of available $TOKENs for email notification
+ templates if certificate is successfully issued:
* <UL>
* <LI>$InstanceID
* <LI>$SerialNumber
@@ -66,13 +68,13 @@ import com.netscape.certsrv.request.RequestId;
* <LI>$RecipientEmail
* </UL>
* <p>
- * Here is a list of available $TOKENs for email notification templates if
- * certificate request is revoked:
+ * Here is a list of available $TOKENs for email notification
+ templates if certificate request is revoked:
* <UL>
* <LI>$RequestId
* <LI>$InstanceID
* </UL>
- *
+ *
* @version $Revision$, $Date$
*/
public class CertificateRevokedListener implements IRequestListener {
@@ -107,7 +109,7 @@ public class CertificateRevokedListener implements IRequestListener {
}
public void init(ISubsystem sub, IConfigStore config)
- throws EListenersException, EPropertyNotFound, EBaseException {
+ throws EListenersException, EPropertyNotFound, EBaseException {
mSubsystem = (ICertAuthority) sub;
mConfig = mSubsystem.getConfigStore();
@@ -118,27 +120,27 @@ public class CertificateRevokedListener implements IRequestListener {
mSenderEmail = rc.getString(PROP_SENDER_EMAIL);
if (mSenderEmail == null) {
- throw new EListenersException(
- CMS.getLogMessage("NO_NOTIFY_SENDER_EMAIL_CONFIG_FOUND"));
+ throw new EListenersException(CMS.getLogMessage("NO_NOTIFY_SENDER_EMAIL_CONFIG_FOUND"));
}
mFormPath = rc.getString(PROP_EMAIL_TEMPLATE);
String mDir = null;
// figure out the reject email path: same dir as form path,
- // same ending as form path
+ // same ending as form path
int ridx = mFormPath.lastIndexOf(File.separator);
if (ridx == -1) {
- CMS.debug("CertificateRevokedListener: file separator: "
- + File.separator + " not found. Use default /");
+ CMS.debug("CertificateRevokedListener: file separator: " + File.separator
+ +
+ " not found. Use default /");
ridx = mFormPath.lastIndexOf("/");
mDir = mFormPath.substring(0, ridx + 1);
} else {
- mDir = mFormPath.substring(0, ridx + File.separator.length());
+ mDir = mFormPath.substring(0, ridx +
+ File.separator.length());
}
- CMS.debug("CertificateRevokedListener: template file directory: "
- + mDir);
+ CMS.debug("CertificateRevokedListener: template file directory: " + mDir);
mRejectPath = mDir + REJECT_FILE_NAME;
if (mFormPath.endsWith(".html"))
mRejectPath += ".html";
@@ -149,13 +151,12 @@ public class CertificateRevokedListener implements IRequestListener {
else if (mFormPath.endsWith(".HTM"))
mRejectPath += ".HTM";
- CMS.debug("CertificateRevokedListener: Reject file path: "
- + mRejectPath);
+ CMS.debug("CertificateRevokedListener: Reject file path: " + mRejectPath);
mDateFormat = DateFormat.getDateTimeInstance();
mSubject_Success = rc.getString(PROP_EMAIL_SUBJECT,
- "Your Certificate Request");
+ "Your Certificate Request");
mSubject = new String(mSubject_Success);
// form the cert retrieval URL for the notification
@@ -167,8 +168,7 @@ public class CertificateRevokedListener implements IRequestListener {
}
public void accept(IRequest r) {
- if (mEnabled != true)
- return;
+ if (mEnabled != true) return;
mSubject = mSubject_Success;
mReqId = r.getRequestId();
@@ -180,7 +180,7 @@ public class CertificateRevokedListener implements IRequestListener {
return;
if (rs.equals("complete") == false) {
CMS.debug("CertificateRevokedListener: Request status: " + rs);
- // revoked(r);
+ //revoked(r);
return;
}
@@ -189,19 +189,19 @@ public class CertificateRevokedListener implements IRequestListener {
return;
if ((r.getExtDataInInteger(IRequest.RESULT)).equals(IRequest.RES_ERROR)) {
- CMS.debug("CertificateRevokedListener: Request errored. "
- + "No need to email notify for enrollment request id "
- + mReqId);
+ CMS.debug("CertificateRevokedListener: Request errored. " +
+ "No need to email notify for enrollment request id " +
+ mReqId);
return;
}
-
+
if (requestType.equals(IRequest.REVOCATION_REQUEST)) {
CMS.debug("CertificateRevokedListener: accept() revocation request...");
// Get the certificate from the request
- // X509CertImpl issuedCert[] =
- // (X509CertImpl[])
- RevokedCertImpl crlentries[] = r
- .getExtDataInRevokedCertArray(IRequest.CERT_INFO);
+ //X509CertImpl issuedCert[] =
+ // (X509CertImpl[])
+ RevokedCertImpl crlentries[] =
+ r.getExtDataInRevokedCertArray(IRequest.CERT_INFO);
if (crlentries != null) {
CMS.debug("CertificateRevokedListener: Sending email notification..");
@@ -212,10 +212,11 @@ public class CertificateRevokedListener implements IRequestListener {
try {
keys.set(IEmailResolverKeys.KEY_REQUEST, r);
- keys.set(IEmailResolverKeys.KEY_CERT, crlentries[0]);
+ keys.set(IEmailResolverKeys.KEY_CERT,
+ crlentries[0]);
} catch (EBaseException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage(
- "LISTENERS_CERT_ISSUED_SET_RESOLVER", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER", e.toString()));
}
IEmailResolver er = CMS.getReqCertSANameEmailResolver();
@@ -223,29 +224,31 @@ public class CertificateRevokedListener implements IRequestListener {
try {
mEmail = er.getEmail(keys);
} catch (ENotificationException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage(
- "LISTENERS_CERT_ISSUED_EXCEPTION", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("LISTENERS_CERT_ISSUED_EXCEPTION",
+ e.toString()));
} catch (EBaseException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage(
- "LISTENERS_CERT_ISSUED_EXCEPTION", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("LISTENERS_CERT_ISSUED_EXCEPTION",
+ e.toString()));
} catch (Exception e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage(
- "LISTENERS_CERT_ISSUED_EXCEPTION", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("LISTENERS_CERT_ISSUED_EXCEPTION",
+ e.toString()));
}
-
+
// now we can mail
if ((mEmail != null) && (!mEmail.equals(""))) {
mailIt(mEmail, crlentries);
} else {
- log(ILogger.LL_FAILURE, CMS.getLogMessage(
- "LISTENERS_CERT_ISSUED_NOTIFY_ERROR", crlentries[0]
- .getSerialNumber().toString(), mReqId
- .toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("LISTENERS_CERT_ISSUED_NOTIFY_ERROR",
+ crlentries[0].getSerialNumber().toString(), mReqId.toString()));
// send failure notification to "sender"
mSubject = "Certificate Issued notification undeliverable";
mailIt(mSenderEmail, crlentries);
}
- }
+ }
}
}
@@ -268,7 +271,7 @@ public class CertificateRevokedListener implements IRequestListener {
if (!template.init()) {
return;
}
-
+
buildContentParams(crlentries, mEmail);
IEmailFormProcessor et = CMS.getEmailFormProcessor();
String c = et.getEmailContent(template.toString(), mContentParams);
@@ -278,23 +281,22 @@ public class CertificateRevokedListener implements IRequestListener {
}
mn.setContent(c);
} else {
- log(ILogger.LL_FAILURE, CMS.getLogMessage(
- "LISTENERS_CERT_ISSUED_TEMPLATE_ERROR", crlentries[0]
- .getSerialNumber().toString(), mReqId.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("LISTENERS_CERT_ISSUED_TEMPLATE_ERROR",
+ crlentries[0].getSerialNumber().toString(), mReqId.toString()));
- mn.setContent("Serial Number = " + crlentries[0].getSerialNumber()
- + "; Request ID = " + mReqId);
+ mn.setContent("Serial Number = " +
+ crlentries[0].getSerialNumber() +
+ "; Request ID = " + mReqId);
}
-
+
try {
mn.sendNotification();
} catch (ENotificationException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("OPERATION_ERROR", e.toString()));
-
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString()));
+
} catch (IOException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("OPERATION_ERROR", e.toString()));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString()));
}
}
@@ -307,8 +309,7 @@ public class CertificateRevokedListener implements IRequestListener {
keys.set(IEmailResolverKeys.KEY_REQUEST, r);
} catch (EBaseException e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER",
- e.toString()));
+ CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER", e.toString()));
}
IEmailResolver er = CMS.getReqCertSANameEmailResolver();
@@ -316,14 +317,11 @@ public class CertificateRevokedListener implements IRequestListener {
try {
mEmail = er.getEmail(keys);
} catch (ENotificationException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("OPERATION_ERROR", e.toString()));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString()));
} catch (EBaseException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("OPERATION_ERROR", e.toString()));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString()));
} catch (Exception e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("OPERATION_ERROR", e.toString()));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString()));
}
// now we can mail
@@ -343,25 +341,23 @@ public class CertificateRevokedListener implements IRequestListener {
if (!template.init()) {
return;
}
-
+
if (template.isHTML()) {
mn.setContentType("text/html");
}
// build some token data
mContentParams.put(IEmailFormProcessor.TOKEN_ID,
- mConfig.getName());
+ mConfig.getName());
mReqId = r.getRequestId();
mContentParams.put(IEmailFormProcessor.TOKEN_REQUEST_ID,
- (Object) mReqId.toString());
+ (Object) mReqId.toString());
IEmailFormProcessor et = CMS.getEmailFormProcessor();
- String c = et.getEmailContent(template.toString(),
- mContentParams);
+ String c = et.getEmailContent(template.toString(), mContentParams);
mn.setContent(c);
} else {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("LISTENERS_CERT_ISSUED_REJECTION"));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("LISTENERS_CERT_ISSUED_REJECTION"));
mn.setContent("Your Certificate Request has been revoked. Please contact your administrator for assistance");
}
@@ -369,61 +365,55 @@ public class CertificateRevokedListener implements IRequestListener {
mn.sendNotification();
} catch (ENotificationException e) {
// already logged, lets audit
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("OPERATION_ERROR", e.toString()));
-
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString()));
+
} catch (IOException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("OPERATION_ERROR", e.toString()));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString()));
}
} else {
- log(ILogger.LL_FAILURE, CMS.getLogMessage(
- "LISTENERS_CERT_ISSUED_REJECTION_NOTIFICATION",
- mReqId.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("LISTENERS_CERT_ISSUED_REJECTION_NOTIFICATION", mReqId.toString()));
}
}
private void buildContentParams(RevokedCertImpl crlentries[], String mEmail) {
- mContentParams.put(IEmailFormProcessor.TOKEN_ID, mConfig.getName());
+ mContentParams.put(IEmailFormProcessor.TOKEN_ID,
+ mConfig.getName());
mContentParams.put(IEmailFormProcessor.TOKEN_SERIAL_NUM,
- (Object) crlentries[0].getSerialNumber().toString());
+ (Object) crlentries[0].getSerialNumber().toString());
mContentParams.put(IEmailFormProcessor.TOKEN_HEX_SERIAL_NUM,
- (Object) Long.toHexString(crlentries[0].getSerialNumber()
- .longValue()));
+ (Object) Long.toHexString(crlentries[0].getSerialNumber().longValue()));
mContentParams.put(IEmailFormProcessor.TOKEN_REQUEST_ID,
- (Object) mReqId.toString());
+ (Object) mReqId.toString());
mContentParams.put(IEmailFormProcessor.TOKEN_HTTP_HOST,
- (Object) mHttpHost);
+ (Object) mHttpHost);
mContentParams.put(IEmailFormProcessor.TOKEN_HTTP_PORT,
- (Object) mHttpPort);
-
+ (Object) mHttpPort);
+
try {
RevokedCertImpl revCert = (RevokedCertImpl) crlentries[0];
- ICertificateAuthority ca = (ICertificateAuthority) CMS
- .getSubsystem(CMS.SUBSYSTEM_CA);
+ ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_CA);
ICertificateRepository certDB = ca.getCertificateRepository();
- X509Certificate cert = certDB.getX509Certificate(revCert
- .getSerialNumber());
+ X509Certificate cert = certDB.getX509Certificate(revCert.getSerialNumber());
mContentParams.put(IEmailFormProcessor.TOKEN_ISSUER_DN,
- (Object) cert.getIssuerDN().toString());
+ (Object) cert.getIssuerDN().toString());
mContentParams.put(IEmailFormProcessor.TOKEN_SUBJECT_DN,
- (Object) cert.getSubjectDN().toString());
+ (Object) cert.getSubjectDN().toString());
Date date = (Date) crlentries[0].getRevocationDate();
-
+
mContentParams.put(IEmailFormProcessor.TOKEN_REVOCATION_DATE,
- mDateFormat.format(date));
+ mDateFormat.format(date));
} catch (EBaseException e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER",
- e.toString()));
+ CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER", e.toString()));
}
mContentParams.put(IEmailFormProcessor.TOKEN_SENDER_EMAIL,
- (Object) mSenderEmail);
+ (Object) mSenderEmail);
mContentParams.put(IEmailFormProcessor.TOKEN_RECIPIENT_EMAIL,
- (Object) mEmail);
+ (Object) mEmail);
// ... and more
}
@@ -445,15 +435,15 @@ public class CertificateRevokedListener implements IRequestListener {
} else if (name.equalsIgnoreCase(PROP_EMAIL_TEMPLATE)) {
mFormPath = val;
} else {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET"));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET"));
}
}
private void log(int level, String msg) {
if (mLogger == null)
return;
- mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_OTHER, level, msg);
+ mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_OTHER,
+ level, msg);
}
}
generated by cgit (git 2.34.1) at 2024-07-03 11:09:46 +0000