diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java | 277 |
1 files changed, 165 insertions, 112 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java b/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java index 3a5f3f062..7f47db5f8 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.cert; - import java.io.IOException; import java.math.BigInteger; import java.security.cert.CRLException; @@ -50,10 +49,9 @@ import com.netscape.cms.servlet.common.CMSTemplate; import com.netscape.cms.servlet.common.CMSTemplateParams; import com.netscape.cms.servlet.common.ECMSGWException; - /** * Decode the CRL and display it to the requester. - * + * * @version $Revision$, $Date$ */ public class DisplayCRL extends CMSServlet { @@ -64,8 +62,8 @@ public class DisplayCRL extends CMSServlet { private static final long serialVersionUID = 1152016798229054027L; private final static String INFO = "DisplayCRL"; private final static String TPL_FILE = "displayCRL.template"; - //private final static String E_TPL_FILE = "error.template"; - //private final static String OUT_ERROR = "errorDetails"; + // private final static String E_TPL_FILE = "error.template"; + // private final static String OUT_ERROR = "errorDetails"; private String mFormPath = null; private ICertificateAuthority mCA = null; @@ -78,9 +76,10 @@ public class DisplayCRL extends CMSServlet { } /** - * Initialize the servlet. This servlet uses the 'displayCRL.template' file to - * to render the response to the client. - * @param sc servlet configuration, read from the web.xml file + * Initialize the servlet. This servlet uses the 'displayCRL.template' file + * to to render the response to the client. + * + * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { super.init(sc); @@ -96,15 +95,16 @@ public class DisplayCRL extends CMSServlet { } /** - * Process the HTTP request + * Process the HTTP request * <ul> - * <li>http.param crlIssuingPoint number - * <li>http.param crlDisplayType entireCRL or crlHeader or base64Encoded or deltaCRL - * <li>http.param pageStart which page to start displaying from - * <li>http.param pageSize number of entries to show per page + * <li>http.param crlIssuingPoint number + * <li>http.param crlDisplayType entireCRL or crlHeader or base64Encoded or + * deltaCRL + * <li>http.param pageStart which page to start displaying from + * <li>http.param pageSize number of entries to show per page * </ul> + * * @param cmsReq the Request to service. - */ public void process(CMSRequest cmsReq) throws EBaseException { HttpServletRequest req = cmsReq.getHttpReq(); @@ -115,8 +115,8 @@ public class DisplayCRL extends CMSServlet { AuthzToken authzToken = null; try { - authzToken = authorize(mAclMethod, authToken, - mAuthzResourceName, "read"); + authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, + "read"); } catch (Exception e) { // do nothing for now } @@ -132,8 +132,9 @@ public class DisplayCRL extends CMSServlet { try { form = getTemplate(mFormPath, req, locale); } catch (IOException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE_1", mFormPath, e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE_1", mFormPath, + e.toString())); throw new ECMSGWException( CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE")); } @@ -147,24 +148,25 @@ public class DisplayCRL extends CMSServlet { String crlIssuingPointId = req.getParameter("crlIssuingPoint"); - process(argSet, header, req, resp, crlIssuingPointId, - locale[0]); + process(argSet, header, req, resp, crlIssuingPointId, locale[0]); try { ServletOutputStream out = resp.getOutputStream(); String xmlOutput = req.getParameter("xml"); - if (xmlOutput != null && xmlOutput.equals("true")) { - outputXML(resp, argSet); - } else { - resp.setContentType("text/html"); - form.renderOutput(out, argSet); - cmsReq.setStatus(CMSRequest.SUCCESS); - } + if (xmlOutput != null && xmlOutput.equals("true")) { + outputXML(resp, argSet); + } else { + resp.setContentType("text/html"); + form.renderOutput(out, argSet); + cmsReq.setStatus(CMSRequest.SUCCESS); + } } catch (IOException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", e.toString())); - throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", + e.toString())); + throw new ECMSGWException( + CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE")); } } @@ -172,10 +174,8 @@ public class DisplayCRL extends CMSServlet { * Display information about a particular CRL. */ private void process(CMSTemplateParams argSet, IArgBlock header, - HttpServletRequest req, - HttpServletResponse resp, - String crlIssuingPointId, - Locale locale) { + HttpServletRequest req, HttpServletResponse resp, + String crlIssuingPointId, Locale locale) { boolean updateStatus = true; EBaseException error = null; ICRLIssuingPoint crlIP = null; @@ -189,27 +189,30 @@ public class DisplayCRL extends CMSServlet { ICRLRepository crlRepository = mCA.getCRLRepository(); try { - masterHost = CMS.getConfigStore().getString("master.ca.agent.host", ""); - masterPort = CMS.getConfigStore().getString("master.ca.agent.port", ""); - if (masterHost != null && masterHost.length() > 0 && - masterPort != null && masterPort.length() > 0) { + masterHost = CMS.getConfigStore().getString("master.ca.agent.host", + ""); + masterPort = CMS.getConfigStore().getString("master.ca.agent.port", + ""); + if (masterHost != null && masterHost.length() > 0 + && masterPort != null && masterPort.length() > 0) { clonedCA = true; ipNames = crlRepository.getIssuingPointsNames(); } } catch (EBaseException e) { } - + if (clonedCA) { if (crlIssuingPointId != null) { if (ipNames != null && ipNames.size() > 0) { int i; for (i = 0; i < ipNames.size(); i++) { - String ipName = (String)ipNames.elementAt(i); + String ipName = (String) ipNames.elementAt(i); if (crlIssuingPointId.equals(ipName)) { break; } } - if (i >= ipNames.size()) crlIssuingPointId = null; + if (i >= ipNames.size()) + crlIssuingPointId = null; } else { crlIssuingPointId = null; } @@ -226,13 +229,15 @@ public class DisplayCRL extends CMSServlet { isCRLCacheEnabled = ip.isCRLCacheEnabled(); break; } - if (!ips.hasMoreElements()) crlIssuingPointId = null; + if (!ips.hasMoreElements()) + crlIssuingPointId = null; } } } if (crlIssuingPointId == null) { header.addStringValue("error", - "Request to unspecified or non-existing CRL issuing point: "+ipId); + "Request to unspecified or non-existing CRL issuing point: " + + ipId); return; } @@ -240,36 +245,43 @@ public class DisplayCRL extends CMSServlet { String crlDisplayType = req.getParameter("crlDisplayType"); - if (crlDisplayType == null) crlDisplayType = "cachedCRL"; + if (crlDisplayType == null) + crlDisplayType = "cachedCRL"; header.addStringValue("crlDisplayType", crlDisplayType); try { - crlRecord = - (ICRLIssuingPointRecord) mCA.getCRLRepository().readCRLIssuingPointRecord(crlIssuingPointId); + crlRecord = (ICRLIssuingPointRecord) mCA.getCRLRepository() + .readCRLIssuingPointRecord(crlIssuingPointId); } catch (EBaseException e) { header.addStringValue("error", e.toString(locale)); return; } if (crlRecord == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_CRL_NOT_YET_UPDATED_1", crlIssuingPointId)); - header.addStringValue("error", - new ECMSGWException(CMS.getUserMessage(locale, "CMS_GW_CRL_NOT_YET_UPDATED")).toString()); - return; + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSGW_CRL_NOT_YET_UPDATED_1", crlIssuingPointId)); + header.addStringValue( + "error", + new ECMSGWException(CMS.getUserMessage(locale, + "CMS_GW_CRL_NOT_YET_UPDATED")).toString()); + return; } header.addStringValue("crlIssuingPoint", crlIssuingPointId); if (crlDisplayType.equals("deltaCRL")) { if (clonedCA) { - header.addStringValue("crlNumber", crlRecord.getDeltaCRLNumber().toString()); + header.addStringValue("crlNumber", crlRecord + .getDeltaCRLNumber().toString()); } else { - header.addStringValue("crlNumber", crlIP.getDeltaCRLNumber().toString()); + header.addStringValue("crlNumber", crlIP.getDeltaCRLNumber() + .toString()); } } else { if (clonedCA) { - header.addStringValue("crlNumber", crlRecord.getCRLNumber().toString()); + header.addStringValue("crlNumber", crlRecord.getCRLNumber() + .toString()); } else { - header.addStringValue("crlNumber", crlIP.getCRLNumber().toString()); + header.addStringValue("crlNumber", crlIP.getCRLNumber() + .toString()); } } long lCRLSize = crlRecord.getCRLSize().longValue(); @@ -283,10 +295,12 @@ public class DisplayCRL extends CMSServlet { byte[] crlbytes = crlRecord.getCRL(); if (crlbytes == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_CRL_NOT_YET_UPDATED_1", crlIssuingPointId)); - header.addStringValue("error", - new ECMSGWException(CMS.getUserMessage(locale, "CMS_GW_CRL_NOT_YET_UPDATED")).toString()); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSGW_CRL_NOT_YET_UPDATED_1", crlIssuingPointId)); + header.addStringValue( + "error", + new ECMSGWException(CMS.getUserMessage(locale, + "CMS_GW_CRL_NOT_YET_UPDATED")).toString()); return; } @@ -298,14 +312,19 @@ public class DisplayCRL extends CMSServlet { } } catch (Exception e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_DECODE_CRL", e.toString())); - header.addStringValue("error", - new ECMSGWException(CMS.getUserMessage(locale, "CMS_GW_DECODE_CRL_FAILED")).toString()); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERR_DECODE_CRL", e.toString())); + header.addStringValue( + "error", + new ECMSGWException(CMS.getUserMessage(locale, + "CMS_GW_DECODE_CRL_FAILED")).toString()); } } - if (crl != null || (isCRLCacheEnabled && crlDisplayType.equals("cachedCRL"))) { - if (crlDisplayType.equals("entireCRL") || crlDisplayType.equals("cachedCRL")) { + if (crl != null + || (isCRLCacheEnabled && crlDisplayType.equals("cachedCRL"))) { + if (crlDisplayType.equals("entireCRL") + || crlDisplayType.equals("cachedCRL")) { ICRLPrettyPrint crlDetails = null; if (crlDisplayType.equals("entireCRL")) { crlDetails = CMS.getCRLPrettyPrint(crl); @@ -320,28 +339,29 @@ public class DisplayCRL extends CMSServlet { long lPageStart = new Long(pageStart).longValue(); long lPageSize = new Long(pageSize).longValue(); - if (lPageStart < 1) lPageStart = 1; + if (lPageStart < 1) + lPageStart = 1; // if (lPageStart + lPageSize - lCRLSize > 1) - // lPageStart = lCRLSize - lPageSize + 1; + // lPageStart = lCRLSize - lPageSize + 1; - header.addStringValue( - "crlPrettyPrint", crlDetails.toString(locale, - lCRLSize, lPageStart, lPageSize)); + header.addStringValue("crlPrettyPrint", crlDetails + .toString(locale, lCRLSize, lPageStart, lPageSize)); header.addLongValue("pageStart", lPageStart); header.addLongValue("pageSize", lPageSize); } else { - header.addStringValue( - "crlPrettyPrint", crlDetails.toString(locale)); + header.addStringValue("crlPrettyPrint", + crlDetails.toString(locale)); } } else if (crlDisplayType.equals("crlHeader")) { ICRLPrettyPrint crlDetails = CMS.getCRLPrettyPrint(crl); - header.addStringValue( - "crlPrettyPrint", crlDetails.toString(locale, lCRLSize, 0, 0)); + header.addStringValue("crlPrettyPrint", + crlDetails.toString(locale, lCRLSize, 0, 0)); } else if (crlDisplayType.equals("base64Encoded")) { try { byte[] ba = crl.getEncoded(); - String crlBase64Encoded = com.netscape.osutil.OSUtil.BtoA(ba); + String crlBase64Encoded = com.netscape.osutil.OSUtil + .BtoA(ba); int length = crlBase64Encoded.length(); int i = 0; int j = 0; @@ -356,7 +376,8 @@ public class DisplayCRL extends CMSServlet { if (i >= length) { IArgBlock rarg = CMS.createArgBlock(); - rarg.addStringValue("crlBase64Encoded", crlBase64Encoded.substring(j, k)); + rarg.addStringValue("crlBase64Encoded", + crlBase64Encoded.substring(j, k)); argSet.addRepeatRecord(rarg); } } else { @@ -364,11 +385,13 @@ public class DisplayCRL extends CMSServlet { IArgBlock rarg = CMS.createArgBlock(); if (k > -1) { - rarg.addStringValue("crlBase64Encoded", crlBase64Encoded.substring(j, k)); + rarg.addStringValue("crlBase64Encoded", + crlBase64Encoded.substring(j, k)); i = k + 1; j = i; } else { - rarg.addStringValue("crlBase64Encoded", crlBase64Encoded.substring(j, length)); + rarg.addStringValue("crlBase64Encoded", + crlBase64Encoded.substring(j, length)); i = length; } argSet.addRepeatRecord(rarg); @@ -377,70 +400,93 @@ public class DisplayCRL extends CMSServlet { } catch (CRLException e) { } } else if (crlDisplayType.equals("deltaCRL")) { - if ((clonedCA && crlRecord.getDeltaCRLSize() != null && - crlRecord.getDeltaCRLSize().longValue() > -1) || - (crlIP != null && crlIP.isDeltaCRLEnabled())) { + if ((clonedCA && crlRecord.getDeltaCRLSize() != null && crlRecord + .getDeltaCRLSize().longValue() > -1) + || (crlIP != null && crlIP.isDeltaCRLEnabled())) { byte[] deltaCRLBytes = crlRecord.getDeltaCRL(); if (deltaCRLBytes == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_NO_DELTA_CRL", crlIssuingPointId)); - header.addStringValue("error", "Delta CRL is not available"); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSGW_ERR_NO_DELTA_CRL", crlIssuingPointId)); + header.addStringValue("error", + "Delta CRL is not available"); } else { X509CRLImpl deltaCRL = null; try { deltaCRL = new X509CRLImpl(deltaCRLBytes); } catch (Exception e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_DECODE_DELTA_CRL", e.toString())); - header.addStringValue("error", - new ECMSGWException(CMS.getUserMessage(locale, "CMS_GW_DECODE_CRL_FAILED")).toString()); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSGW_ERR_DECODE_DELTA_CRL", e.toString())); + header.addStringValue( + "error", + new ECMSGWException(CMS.getUserMessage( + locale, "CMS_GW_DECODE_CRL_FAILED")) + .toString()); } if (deltaCRL != null) { BigInteger crlNumber = crlRecord.getCRLNumber(); - BigInteger deltaNumber = crlRecord.getDeltaCRLNumber(); - if ((clonedCA && crlNumber != null && deltaNumber != null && - deltaNumber.compareTo(crlNumber) >= 0) || - (crlIP != null && crlIP.isThisCurrentDeltaCRL(deltaCRL))) { + BigInteger deltaNumber = crlRecord + .getDeltaCRLNumber(); + if ((clonedCA && crlNumber != null + && deltaNumber != null && deltaNumber + .compareTo(crlNumber) >= 0) + || (crlIP != null && crlIP + .isThisCurrentDeltaCRL(deltaCRL))) { - header.addIntegerValue("deltaCRLSize", - deltaCRL.getNumberOfRevokedCertificates()); + header.addIntegerValue("deltaCRLSize", deltaCRL + .getNumberOfRevokedCertificates()); - ICRLPrettyPrint crlDetails = CMS.getCRLPrettyPrint(deltaCRL); + ICRLPrettyPrint crlDetails = CMS + .getCRLPrettyPrint(deltaCRL); - header.addStringValue( - "crlPrettyPrint", crlDetails.toString(locale, 0, 0, 0)); + header.addStringValue("crlPrettyPrint", + crlDetails.toString(locale, 0, 0, 0)); try { byte[] ba = deltaCRL.getEncoded(); - String crlBase64Encoded = com.netscape.osutil.OSUtil.BtoA(ba); + String crlBase64Encoded = com.netscape.osutil.OSUtil + .BtoA(ba); int length = crlBase64Encoded.length(); int i = 0; int j = 0; int n = 1; while (i < length) { - int k = crlBase64Encoded.indexOf('\n', i); + int k = crlBase64Encoded.indexOf('\n', + i); if (n < 100 && k > -1) { n++; i = k + 1; if (i >= length) { - IArgBlock rarg = CMS.createArgBlock(); + IArgBlock rarg = CMS + .createArgBlock(); - rarg.addStringValue("crlBase64Encoded", crlBase64Encoded.substring(j, k)); + rarg.addStringValue( + "crlBase64Encoded", + crlBase64Encoded + .substring(j, k)); argSet.addRepeatRecord(rarg); } } else { n = 1; - IArgBlock rarg = CMS.createArgBlock(); + IArgBlock rarg = CMS + .createArgBlock(); if (k > -1) { - rarg.addStringValue("crlBase64Encoded", crlBase64Encoded.substring(j, k)); + rarg.addStringValue( + "crlBase64Encoded", + crlBase64Encoded + .substring(j, k)); i = k + 1; j = i; } else { - rarg.addStringValue("crlBase64Encoded", crlBase64Encoded.substring(j, length)); + rarg.addStringValue( + "crlBase64Encoded", + crlBase64Encoded + .substring(j, + length)); i = length; } argSet.addRepeatRecord(rarg); @@ -449,25 +495,32 @@ public class DisplayCRL extends CMSServlet { } catch (CRLException e) { } } else { - header.addStringValue("error", "Current Delta CRL is not available."); + header.addStringValue("error", + "Current Delta CRL is not available."); } } } } else { - header.addStringValue("error", "Delta CRL is not enabled for " + - crlIssuingPointId + - " issuing point"); + header.addStringValue("error", + "Delta CRL is not enabled for " + crlIssuingPointId + + " issuing point"); } } } else if (!isCRLCacheEnabled && crlDisplayType.equals("cachedCRL")) { - header.addStringValue("error", CMS.getUserMessage(locale, "CMS_GW_CRL_CACHE_IS_NOT_ENABLED", crlIssuingPointId)); - header.addStringValue("crlPrettyPrint", CMS.getUserMessage(locale, "CMS_GW_CRL_CACHE_IS_NOT_ENABLED", crlIssuingPointId)); + header.addStringValue("error", CMS.getUserMessage(locale, + "CMS_GW_CRL_CACHE_IS_NOT_ENABLED", crlIssuingPointId)); + header.addStringValue("crlPrettyPrint", CMS.getUserMessage(locale, + "CMS_GW_CRL_CACHE_IS_NOT_ENABLED", crlIssuingPointId)); } else { - header.addStringValue("error", - new ECMSGWException(CMS.getUserMessage(locale, "CMS_GW_DECODE_CRL_FAILED")).toString()); - header.addStringValue("crlPrettyPrint", - new ECMSGWException(CMS.getUserMessage(locale, "CMS_GW_DECODE_CRL_FAILED")).toString()); + header.addStringValue( + "error", + new ECMSGWException(CMS.getUserMessage(locale, + "CMS_GW_DECODE_CRL_FAILED")).toString()); + header.addStringValue( + "crlPrettyPrint", + new ECMSGWException(CMS.getUserMessage(locale, + "CMS_GW_DECODE_CRL_FAILED")).toString()); } return; } |