summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java277
1 files changed, 165 insertions, 112 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java b/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java
index 3a5f3f062..7f47db5f8 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.servlet.cert;
-
import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.CRLException;
@@ -50,10 +49,9 @@ import com.netscape.cms.servlet.common.CMSTemplate;
import com.netscape.cms.servlet.common.CMSTemplateParams;
import com.netscape.cms.servlet.common.ECMSGWException;
-
/**
* Decode the CRL and display it to the requester.
- *
+ *
* @version $Revision$, $Date$
*/
public class DisplayCRL extends CMSServlet {
@@ -64,8 +62,8 @@ public class DisplayCRL extends CMSServlet {
private static final long serialVersionUID = 1152016798229054027L;
private final static String INFO = "DisplayCRL";
private final static String TPL_FILE = "displayCRL.template";
- //private final static String E_TPL_FILE = "error.template";
- //private final static String OUT_ERROR = "errorDetails";
+ // private final static String E_TPL_FILE = "error.template";
+ // private final static String OUT_ERROR = "errorDetails";
private String mFormPath = null;
private ICertificateAuthority mCA = null;
@@ -78,9 +76,10 @@ public class DisplayCRL extends CMSServlet {
}
/**
- * Initialize the servlet. This servlet uses the 'displayCRL.template' file to
- * to render the response to the client.
- * @param sc servlet configuration, read from the web.xml file
+ * Initialize the servlet. This servlet uses the 'displayCRL.template' file
+ * to to render the response to the client.
+ *
+ * @param sc servlet configuration, read from the web.xml file
*/
public void init(ServletConfig sc) throws ServletException {
super.init(sc);
@@ -96,15 +95,16 @@ public class DisplayCRL extends CMSServlet {
}
/**
- * Process the HTTP request
+ * Process the HTTP request
* <ul>
- * <li>http.param crlIssuingPoint number
- * <li>http.param crlDisplayType entireCRL or crlHeader or base64Encoded or deltaCRL
- * <li>http.param pageStart which page to start displaying from
- * <li>http.param pageSize number of entries to show per page
+ * <li>http.param crlIssuingPoint number
+ * <li>http.param crlDisplayType entireCRL or crlHeader or base64Encoded or
+ * deltaCRL
+ * <li>http.param pageStart which page to start displaying from
+ * <li>http.param pageSize number of entries to show per page
* </ul>
+ *
* @param cmsReq the Request to service.
-
*/
public void process(CMSRequest cmsReq) throws EBaseException {
HttpServletRequest req = cmsReq.getHttpReq();
@@ -115,8 +115,8 @@ public class DisplayCRL extends CMSServlet {
AuthzToken authzToken = null;
try {
- authzToken = authorize(mAclMethod, authToken,
- mAuthzResourceName, "read");
+ authzToken = authorize(mAclMethod, authToken, mAuthzResourceName,
+ "read");
} catch (Exception e) {
// do nothing for now
}
@@ -132,8 +132,9 @@ public class DisplayCRL extends CMSServlet {
try {
form = getTemplate(mFormPath, req, locale);
} catch (IOException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE_1", mFormPath, e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE_1", mFormPath,
+ e.toString()));
throw new ECMSGWException(
CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
}
@@ -147,24 +148,25 @@ public class DisplayCRL extends CMSServlet {
String crlIssuingPointId = req.getParameter("crlIssuingPoint");
- process(argSet, header, req, resp, crlIssuingPointId,
- locale[0]);
+ process(argSet, header, req, resp, crlIssuingPointId, locale[0]);
try {
ServletOutputStream out = resp.getOutputStream();
String xmlOutput = req.getParameter("xml");
- if (xmlOutput != null && xmlOutput.equals("true")) {
- outputXML(resp, argSet);
- } else {
- resp.setContentType("text/html");
- form.renderOutput(out, argSet);
- cmsReq.setStatus(CMSRequest.SUCCESS);
- }
+ if (xmlOutput != null && xmlOutput.equals("true")) {
+ outputXML(resp, argSet);
+ } else {
+ resp.setContentType("text/html");
+ form.renderOutput(out, argSet);
+ cmsReq.setStatus(CMSRequest.SUCCESS);
+ }
} catch (IOException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", e.toString()));
- throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM",
+ e.toString()));
+ throw new ECMSGWException(
+ CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
}
}
@@ -172,10 +174,8 @@ public class DisplayCRL extends CMSServlet {
* Display information about a particular CRL.
*/
private void process(CMSTemplateParams argSet, IArgBlock header,
- HttpServletRequest req,
- HttpServletResponse resp,
- String crlIssuingPointId,
- Locale locale) {
+ HttpServletRequest req, HttpServletResponse resp,
+ String crlIssuingPointId, Locale locale) {
boolean updateStatus = true;
EBaseException error = null;
ICRLIssuingPoint crlIP = null;
@@ -189,27 +189,30 @@ public class DisplayCRL extends CMSServlet {
ICRLRepository crlRepository = mCA.getCRLRepository();
try {
- masterHost = CMS.getConfigStore().getString("master.ca.agent.host", "");
- masterPort = CMS.getConfigStore().getString("master.ca.agent.port", "");
- if (masterHost != null && masterHost.length() > 0 &&
- masterPort != null && masterPort.length() > 0) {
+ masterHost = CMS.getConfigStore().getString("master.ca.agent.host",
+ "");
+ masterPort = CMS.getConfigStore().getString("master.ca.agent.port",
+ "");
+ if (masterHost != null && masterHost.length() > 0
+ && masterPort != null && masterPort.length() > 0) {
clonedCA = true;
ipNames = crlRepository.getIssuingPointsNames();
}
} catch (EBaseException e) {
}
-
+
if (clonedCA) {
if (crlIssuingPointId != null) {
if (ipNames != null && ipNames.size() > 0) {
int i;
for (i = 0; i < ipNames.size(); i++) {
- String ipName = (String)ipNames.elementAt(i);
+ String ipName = (String) ipNames.elementAt(i);
if (crlIssuingPointId.equals(ipName)) {
break;
}
}
- if (i >= ipNames.size()) crlIssuingPointId = null;
+ if (i >= ipNames.size())
+ crlIssuingPointId = null;
} else {
crlIssuingPointId = null;
}
@@ -226,13 +229,15 @@ public class DisplayCRL extends CMSServlet {
isCRLCacheEnabled = ip.isCRLCacheEnabled();
break;
}
- if (!ips.hasMoreElements()) crlIssuingPointId = null;
+ if (!ips.hasMoreElements())
+ crlIssuingPointId = null;
}
}
}
if (crlIssuingPointId == null) {
header.addStringValue("error",
- "Request to unspecified or non-existing CRL issuing point: "+ipId);
+ "Request to unspecified or non-existing CRL issuing point: "
+ + ipId);
return;
}
@@ -240,36 +245,43 @@ public class DisplayCRL extends CMSServlet {
String crlDisplayType = req.getParameter("crlDisplayType");
- if (crlDisplayType == null) crlDisplayType = "cachedCRL";
+ if (crlDisplayType == null)
+ crlDisplayType = "cachedCRL";
header.addStringValue("crlDisplayType", crlDisplayType);
try {
- crlRecord =
- (ICRLIssuingPointRecord) mCA.getCRLRepository().readCRLIssuingPointRecord(crlIssuingPointId);
+ crlRecord = (ICRLIssuingPointRecord) mCA.getCRLRepository()
+ .readCRLIssuingPointRecord(crlIssuingPointId);
} catch (EBaseException e) {
header.addStringValue("error", e.toString(locale));
return;
}
if (crlRecord == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_CRL_NOT_YET_UPDATED_1", crlIssuingPointId));
- header.addStringValue("error",
- new ECMSGWException(CMS.getUserMessage(locale, "CMS_GW_CRL_NOT_YET_UPDATED")).toString());
- return;
+ log(ILogger.LL_FAILURE, CMS.getLogMessage(
+ "CMSGW_CRL_NOT_YET_UPDATED_1", crlIssuingPointId));
+ header.addStringValue(
+ "error",
+ new ECMSGWException(CMS.getUserMessage(locale,
+ "CMS_GW_CRL_NOT_YET_UPDATED")).toString());
+ return;
}
header.addStringValue("crlIssuingPoint", crlIssuingPointId);
if (crlDisplayType.equals("deltaCRL")) {
if (clonedCA) {
- header.addStringValue("crlNumber", crlRecord.getDeltaCRLNumber().toString());
+ header.addStringValue("crlNumber", crlRecord
+ .getDeltaCRLNumber().toString());
} else {
- header.addStringValue("crlNumber", crlIP.getDeltaCRLNumber().toString());
+ header.addStringValue("crlNumber", crlIP.getDeltaCRLNumber()
+ .toString());
}
} else {
if (clonedCA) {
- header.addStringValue("crlNumber", crlRecord.getCRLNumber().toString());
+ header.addStringValue("crlNumber", crlRecord.getCRLNumber()
+ .toString());
} else {
- header.addStringValue("crlNumber", crlIP.getCRLNumber().toString());
+ header.addStringValue("crlNumber", crlIP.getCRLNumber()
+ .toString());
}
}
long lCRLSize = crlRecord.getCRLSize().longValue();
@@ -283,10 +295,12 @@ public class DisplayCRL extends CMSServlet {
byte[] crlbytes = crlRecord.getCRL();
if (crlbytes == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_CRL_NOT_YET_UPDATED_1", crlIssuingPointId));
- header.addStringValue("error",
- new ECMSGWException(CMS.getUserMessage(locale, "CMS_GW_CRL_NOT_YET_UPDATED")).toString());
+ log(ILogger.LL_FAILURE, CMS.getLogMessage(
+ "CMSGW_CRL_NOT_YET_UPDATED_1", crlIssuingPointId));
+ header.addStringValue(
+ "error",
+ new ECMSGWException(CMS.getUserMessage(locale,
+ "CMS_GW_CRL_NOT_YET_UPDATED")).toString());
return;
}
@@ -298,14 +312,19 @@ public class DisplayCRL extends CMSServlet {
}
} catch (Exception e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_DECODE_CRL", e.toString()));
- header.addStringValue("error",
- new ECMSGWException(CMS.getUserMessage(locale, "CMS_GW_DECODE_CRL_FAILED")).toString());
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERR_DECODE_CRL", e.toString()));
+ header.addStringValue(
+ "error",
+ new ECMSGWException(CMS.getUserMessage(locale,
+ "CMS_GW_DECODE_CRL_FAILED")).toString());
}
}
- if (crl != null || (isCRLCacheEnabled && crlDisplayType.equals("cachedCRL"))) {
- if (crlDisplayType.equals("entireCRL") || crlDisplayType.equals("cachedCRL")) {
+ if (crl != null
+ || (isCRLCacheEnabled && crlDisplayType.equals("cachedCRL"))) {
+ if (crlDisplayType.equals("entireCRL")
+ || crlDisplayType.equals("cachedCRL")) {
ICRLPrettyPrint crlDetails = null;
if (crlDisplayType.equals("entireCRL")) {
crlDetails = CMS.getCRLPrettyPrint(crl);
@@ -320,28 +339,29 @@ public class DisplayCRL extends CMSServlet {
long lPageStart = new Long(pageStart).longValue();
long lPageSize = new Long(pageSize).longValue();
- if (lPageStart < 1) lPageStart = 1;
+ if (lPageStart < 1)
+ lPageStart = 1;
// if (lPageStart + lPageSize - lCRLSize > 1)
- // lPageStart = lCRLSize - lPageSize + 1;
+ // lPageStart = lCRLSize - lPageSize + 1;
- header.addStringValue(
- "crlPrettyPrint", crlDetails.toString(locale,
- lCRLSize, lPageStart, lPageSize));
+ header.addStringValue("crlPrettyPrint", crlDetails
+ .toString(locale, lCRLSize, lPageStart, lPageSize));
header.addLongValue("pageStart", lPageStart);
header.addLongValue("pageSize", lPageSize);
} else {
- header.addStringValue(
- "crlPrettyPrint", crlDetails.toString(locale));
+ header.addStringValue("crlPrettyPrint",
+ crlDetails.toString(locale));
}
} else if (crlDisplayType.equals("crlHeader")) {
ICRLPrettyPrint crlDetails = CMS.getCRLPrettyPrint(crl);
- header.addStringValue(
- "crlPrettyPrint", crlDetails.toString(locale, lCRLSize, 0, 0));
+ header.addStringValue("crlPrettyPrint",
+ crlDetails.toString(locale, lCRLSize, 0, 0));
} else if (crlDisplayType.equals("base64Encoded")) {
try {
byte[] ba = crl.getEncoded();
- String crlBase64Encoded = com.netscape.osutil.OSUtil.BtoA(ba);
+ String crlBase64Encoded = com.netscape.osutil.OSUtil
+ .BtoA(ba);
int length = crlBase64Encoded.length();
int i = 0;
int j = 0;
@@ -356,7 +376,8 @@ public class DisplayCRL extends CMSServlet {
if (i >= length) {
IArgBlock rarg = CMS.createArgBlock();
- rarg.addStringValue("crlBase64Encoded", crlBase64Encoded.substring(j, k));
+ rarg.addStringValue("crlBase64Encoded",
+ crlBase64Encoded.substring(j, k));
argSet.addRepeatRecord(rarg);
}
} else {
@@ -364,11 +385,13 @@ public class DisplayCRL extends CMSServlet {
IArgBlock rarg = CMS.createArgBlock();
if (k > -1) {
- rarg.addStringValue("crlBase64Encoded", crlBase64Encoded.substring(j, k));
+ rarg.addStringValue("crlBase64Encoded",
+ crlBase64Encoded.substring(j, k));
i = k + 1;
j = i;
} else {
- rarg.addStringValue("crlBase64Encoded", crlBase64Encoded.substring(j, length));
+ rarg.addStringValue("crlBase64Encoded",
+ crlBase64Encoded.substring(j, length));
i = length;
}
argSet.addRepeatRecord(rarg);
@@ -377,70 +400,93 @@ public class DisplayCRL extends CMSServlet {
} catch (CRLException e) {
}
} else if (crlDisplayType.equals("deltaCRL")) {
- if ((clonedCA && crlRecord.getDeltaCRLSize() != null &&
- crlRecord.getDeltaCRLSize().longValue() > -1) ||
- (crlIP != null && crlIP.isDeltaCRLEnabled())) {
+ if ((clonedCA && crlRecord.getDeltaCRLSize() != null && crlRecord
+ .getDeltaCRLSize().longValue() > -1)
+ || (crlIP != null && crlIP.isDeltaCRLEnabled())) {
byte[] deltaCRLBytes = crlRecord.getDeltaCRL();
if (deltaCRLBytes == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ERR_NO_DELTA_CRL", crlIssuingPointId));
- header.addStringValue("error", "Delta CRL is not available");
+ log(ILogger.LL_FAILURE, CMS.getLogMessage(
+ "CMSGW_ERR_NO_DELTA_CRL", crlIssuingPointId));
+ header.addStringValue("error",
+ "Delta CRL is not available");
} else {
X509CRLImpl deltaCRL = null;
try {
deltaCRL = new X509CRLImpl(deltaCRLBytes);
} catch (Exception e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_DECODE_DELTA_CRL", e.toString()));
- header.addStringValue("error",
- new ECMSGWException(CMS.getUserMessage(locale, "CMS_GW_DECODE_CRL_FAILED")).toString());
+ log(ILogger.LL_FAILURE, CMS.getLogMessage(
+ "CMSGW_ERR_DECODE_DELTA_CRL", e.toString()));
+ header.addStringValue(
+ "error",
+ new ECMSGWException(CMS.getUserMessage(
+ locale, "CMS_GW_DECODE_CRL_FAILED"))
+ .toString());
}
if (deltaCRL != null) {
BigInteger crlNumber = crlRecord.getCRLNumber();
- BigInteger deltaNumber = crlRecord.getDeltaCRLNumber();
- if ((clonedCA && crlNumber != null && deltaNumber != null &&
- deltaNumber.compareTo(crlNumber) >= 0) ||
- (crlIP != null && crlIP.isThisCurrentDeltaCRL(deltaCRL))) {
+ BigInteger deltaNumber = crlRecord
+ .getDeltaCRLNumber();
+ if ((clonedCA && crlNumber != null
+ && deltaNumber != null && deltaNumber
+ .compareTo(crlNumber) >= 0)
+ || (crlIP != null && crlIP
+ .isThisCurrentDeltaCRL(deltaCRL))) {
- header.addIntegerValue("deltaCRLSize",
- deltaCRL.getNumberOfRevokedCertificates());
+ header.addIntegerValue("deltaCRLSize", deltaCRL
+ .getNumberOfRevokedCertificates());
- ICRLPrettyPrint crlDetails = CMS.getCRLPrettyPrint(deltaCRL);
+ ICRLPrettyPrint crlDetails = CMS
+ .getCRLPrettyPrint(deltaCRL);
- header.addStringValue(
- "crlPrettyPrint", crlDetails.toString(locale, 0, 0, 0));
+ header.addStringValue("crlPrettyPrint",
+ crlDetails.toString(locale, 0, 0, 0));
try {
byte[] ba = deltaCRL.getEncoded();
- String crlBase64Encoded = com.netscape.osutil.OSUtil.BtoA(ba);
+ String crlBase64Encoded = com.netscape.osutil.OSUtil
+ .BtoA(ba);
int length = crlBase64Encoded.length();
int i = 0;
int j = 0;
int n = 1;
while (i < length) {
- int k = crlBase64Encoded.indexOf('\n', i);
+ int k = crlBase64Encoded.indexOf('\n',
+ i);
if (n < 100 && k > -1) {
n++;
i = k + 1;
if (i >= length) {
- IArgBlock rarg = CMS.createArgBlock();
+ IArgBlock rarg = CMS
+ .createArgBlock();
- rarg.addStringValue("crlBase64Encoded", crlBase64Encoded.substring(j, k));
+ rarg.addStringValue(
+ "crlBase64Encoded",
+ crlBase64Encoded
+ .substring(j, k));
argSet.addRepeatRecord(rarg);
}
} else {
n = 1;
- IArgBlock rarg = CMS.createArgBlock();
+ IArgBlock rarg = CMS
+ .createArgBlock();
if (k > -1) {
- rarg.addStringValue("crlBase64Encoded", crlBase64Encoded.substring(j, k));
+ rarg.addStringValue(
+ "crlBase64Encoded",
+ crlBase64Encoded
+ .substring(j, k));
i = k + 1;
j = i;
} else {
- rarg.addStringValue("crlBase64Encoded", crlBase64Encoded.substring(j, length));
+ rarg.addStringValue(
+ "crlBase64Encoded",
+ crlBase64Encoded
+ .substring(j,
+ length));
i = length;
}
argSet.addRepeatRecord(rarg);
@@ -449,25 +495,32 @@ public class DisplayCRL extends CMSServlet {
} catch (CRLException e) {
}
} else {
- header.addStringValue("error", "Current Delta CRL is not available.");
+ header.addStringValue("error",
+ "Current Delta CRL is not available.");
}
}
}
} else {
- header.addStringValue("error", "Delta CRL is not enabled for " +
- crlIssuingPointId +
- " issuing point");
+ header.addStringValue("error",
+ "Delta CRL is not enabled for " + crlIssuingPointId
+ + " issuing point");
}
}
} else if (!isCRLCacheEnabled && crlDisplayType.equals("cachedCRL")) {
- header.addStringValue("error", CMS.getUserMessage(locale, "CMS_GW_CRL_CACHE_IS_NOT_ENABLED", crlIssuingPointId));
- header.addStringValue("crlPrettyPrint", CMS.getUserMessage(locale, "CMS_GW_CRL_CACHE_IS_NOT_ENABLED", crlIssuingPointId));
+ header.addStringValue("error", CMS.getUserMessage(locale,
+ "CMS_GW_CRL_CACHE_IS_NOT_ENABLED", crlIssuingPointId));
+ header.addStringValue("crlPrettyPrint", CMS.getUserMessage(locale,
+ "CMS_GW_CRL_CACHE_IS_NOT_ENABLED", crlIssuingPointId));
} else {
- header.addStringValue("error",
- new ECMSGWException(CMS.getUserMessage(locale, "CMS_GW_DECODE_CRL_FAILED")).toString());
- header.addStringValue("crlPrettyPrint",
- new ECMSGWException(CMS.getUserMessage(locale, "CMS_GW_DECODE_CRL_FAILED")).toString());
+ header.addStringValue(
+ "error",
+ new ECMSGWException(CMS.getUserMessage(locale,
+ "CMS_GW_DECODE_CRL_FAILED")).toString());
+ header.addStringValue(
+ "crlPrettyPrint",
+ new ECMSGWException(CMS.getUserMessage(locale,
+ "CMS_GW_DECODE_CRL_FAILED")).toString());
}
return;
}
generated by cgit (git 2.34.1) at 2024-07-01 13:01:56 +0000