diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java | 442 |
1 files changed, 229 insertions, 213 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java b/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java index 688134788..e17910451 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.cert; + import java.io.IOException; import java.math.BigInteger; import java.util.Enumeration; @@ -55,10 +56,11 @@ import com.netscape.cms.servlet.common.CMSTemplate; import com.netscape.cms.servlet.common.CMSTemplateParams; import com.netscape.cms.servlet.common.ECMSGWException; + /** - * 'Unrevoke' a certificate. (For certificates that are on-hold only, take them - * off-hold) - * + * 'Unrevoke' a certificate. (For certificates that are on-hold only, + * take them off-hold) + * * @version $Revision$, $Date$ */ public class DoUnrevoke extends CMSServlet { @@ -78,28 +80,29 @@ public class DoUnrevoke extends CMSServlet { private final static String OFF_HOLD = "off-hold"; private final static int OFF_HOLD_REASON = 6; - private final static String LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST = "LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_5"; - private final static String LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED = "LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED_7"; - + private final static String + LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST = + "LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_5"; + private final static String + LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED = + "LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED_7"; + public DoUnrevoke() { super(); } /** * initialize the servlet. - * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { super.init(sc); mFormPath = "/" + mAuthority.getId() + "/" + TPL_FILE; if (mAuthority instanceof ICertificateAuthority) { - mCertDB = ((ICertificateAuthority) mAuthority) - .getCertificateRepository(); + mCertDB = ((ICertificateAuthority) mAuthority).getCertificateRepository(); } if (mAuthority instanceof ICertAuthority) { - mPublisherProcessor = ((ICertAuthority) mAuthority) - .getPublisherProcessor(); + mPublisherProcessor = ((ICertAuthority) mAuthority).getPublisherProcessor(); } mQueue = mAuthority.getRequestQueue(); @@ -109,14 +112,14 @@ public class DoUnrevoke extends CMSServlet { } /** - * Process the HTTP request. + * Process the HTTP request. * <ul> - * <li>http.param serialNumber Decimal serial number of certificate to - * unrevoke. The certificate must be revoked with a revovcation reason 'on - * hold' for this operation to succeed. The serial number may be expressed - * as a hex number by prefixing '0x' to the serialNumber string + * <li>http.param serialNumber Decimal serial number of certificate to unrevoke. The + * certificate must be revoked with a revovcation reason 'on hold' for this + * operation to succeed. The serial number may be expressed as a hex number by + * prefixing '0x' to the serialNumber string * </ul> - * + * * @param cmsReq the object holding the request and response information */ public void process(CMSRequest cmsReq) throws EBaseException { @@ -133,10 +136,10 @@ public class DoUnrevoke extends CMSServlet { try { form = getTemplate(mFormPath, req, locale); } catch (IOException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); + CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); } IArgBlock header = CMS.createArgBlock(); @@ -146,34 +149,32 @@ public class DoUnrevoke extends CMSServlet { try { serialNumber = getSerialNumbers(req); - // for audit log. + //for audit log. IAuthToken authToken = authenticate(cmsReq); String authMgr = AuditFormat.NOAUTH; - + if (authToken != null) { - authMgr = authToken - .getInString(AuthToken.TOKEN_AUTHMGR_INST_NAME); - } else { - CMS.debug("DoUnrevoke::process() - authToken is null!"); + authMgr = + authToken.getInString(AuthToken.TOKEN_AUTHMGR_INST_NAME); + } else { + CMS.debug( "DoUnrevoke::process() - authToken is null!" ); return; } String agentID = authToken.getInString("userid"); String initiative = AuditFormat.FROMAGENT + " agentID: " + agentID - + " authenticated by " + authMgr; + + " authenticated by " + authMgr; AuthzToken authzToken = null; try { authzToken = authorize(mAclMethod, authToken, - mAuthzResourceName, "unrevoke"); + mAuthzResourceName, "unrevoke"); } catch (EAuthzAccessDenied e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", - e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); } catch (Exception e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", - e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); } if (authzToken == null) { @@ -181,14 +182,11 @@ public class DoUnrevoke extends CMSServlet { return; } - process(argSet, header, serialNumber, req, resp, locale[0], - initiative); + process(argSet, header, serialNumber, req, resp, locale[0], initiative); } catch (NumberFormatException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_INVALID_SERIAL_NUM_FORMAT")); - error = new EBaseException(CMS.getUserMessage(getLocale(req), - "CMS_BASE_INVALID_NUMBER_FORMAT")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_INVALID_SERIAL_NUM_FORMAT")); + error = new EBaseException(CMS.getUserMessage(getLocale(req),"CMS_BASE_INVALID_NUMBER_FORMAT")); } catch (EBaseException e) { error = e; } @@ -199,46 +197,44 @@ public class DoUnrevoke extends CMSServlet { if (error == null) { String xmlOutput = req.getParameter("xml"); if (xmlOutput != null && xmlOutput.equals("true")) { - outputXML(resp, argSet); + outputXML(resp, argSet); } else { - resp.setContentType("text/html"); - form.renderOutput(out, argSet); - cmsReq.setStatus(CMSRequest.SUCCESS); + resp.setContentType("text/html"); + form.renderOutput(out, argSet); + cmsReq.setStatus(CMSRequest.SUCCESS); } } else { cmsReq.setStatus(CMSRequest.ERROR); cmsReq.setError(error); } } catch (IOException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_ERR_STREAM_TEMPLATE", - e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_ERR_STREAM_TEMPLATE", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); + CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); } } + /** * Process X509 cert status change request * <P> - * - * (Certificate Request - an "agent" cert status change request to take a - * certificate off-hold) + * + * (Certificate Request - an "agent" cert status change request to take + * a certificate off-hold) * <P> - * - * (Certificate Request Processed - an "agent" cert status change request to - * take a certificate off-hold) + * + * (Certificate Request Processed - an "agent" cert status change request + * to take a certificate off-hold) * <P> - * + * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used - * when a cert status change request (e. g. - "revocation") is made (before + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when + * a cert status change request (e. g. - "revocation") is made (before * approval process) - * <li>signed.audit - * LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a - * certificate status is changed (taken off-hold) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED + * used when a certificate status is changed (taken off-hold) * </ul> - * * @param argSet CMS template parameters * @param header argument block * @param serialNumbers the serial number of the certificate @@ -249,15 +245,16 @@ public class DoUnrevoke extends CMSServlet { * @exception EBaseException an error has occurred */ private void process(CMSTemplateParams argSet, IArgBlock header, - BigInteger[] serialNumbers, HttpServletRequest req, - HttpServletResponse resp, Locale locale, String initiative) - throws EBaseException { + BigInteger[] serialNumbers, + HttpServletRequest req, + HttpServletResponse resp, + Locale locale, String initiative) + throws EBaseException { boolean auditRequest = true; String auditMessage = null; String auditSubjectID = auditSubjectID(); String auditRequesterID = auditRequesterID(req); - String auditSerialNumber = auditSerialNumber(serialNumbers[0] - .toString()); + String auditSerialNumber = auditSerialNumber(serialNumbers[0].toString()); String auditRequestType = OFF_HOLD; String auditApprovalStatus = ILogger.SIGNED_AUDIT_EMPTY_VALUE; String auditReasonNum = String.valueOf(OFF_HOLD_REASON); @@ -265,34 +262,32 @@ public class DoUnrevoke extends CMSServlet { try { StringBuffer snList = new StringBuffer(); - // certs are for old cloning and they should be removed as soon as - // possible + // certs are for old cloning and they should be removed as soon as possible X509CertImpl[] certs = new X509CertImpl[serialNumbers.length]; for (int i = 0; i < serialNumbers.length; i++) { - certs[i] = (X509CertImpl) getX509Certificate(serialNumbers[i]); - if (snList.length() > 0) - snList.append(", "); + certs[i] = (X509CertImpl)getX509Certificate(serialNumbers[i]); + if (snList.length() > 0) snList.append(", "); snList.append("0x"); snList.append(serialNumbers[i].toString(16)); } header.addStringValue("serialNumber", snList.toString()); - IRequest unrevReq = mQueue - .newRequest(IRequest.UNREVOCATION_REQUEST); + IRequest unrevReq = mQueue.newRequest(IRequest.UNREVOCATION_REQUEST); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST, - auditSubjectID, ILogger.SUCCESS, auditRequesterID, - auditSerialNumber, auditRequestType); + LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST, + auditSubjectID, + ILogger.SUCCESS, + auditRequesterID, + auditSerialNumber, + auditRequestType); audit(auditMessage); - unrevReq.setExtData(IRequest.REQ_TYPE, - IRequest.UNREVOCATION_REQUEST); + unrevReq.setExtData(IRequest.REQ_TYPE, IRequest.UNREVOCATION_REQUEST); unrevReq.setExtData(IRequest.OLD_SERIALS, serialNumbers); - unrevReq.setExtData(IRequest.REQUESTOR_TYPE, - IRequest.REQUESTOR_AGENT); + unrevReq.setExtData(IRequest.REQUESTOR_TYPE, IRequest.REQUESTOR_AGENT); // change audit processing from "REQUEST" to "REQUEST_PROCESSED" // to distinguish which type of signed audit log message to save @@ -307,8 +302,7 @@ public class DoUnrevoke extends CMSServlet { RequestStatus status = unrevReq.getRequestStatus(); String type = unrevReq.getRequestType(); - if ((status == RequestStatus.COMPLETE) - || ((type.equals(IRequest.CLA_UNCERT4CRL_REQUEST)) && (status == RequestStatus.SVC_PENDING))) { + if ((status == RequestStatus.COMPLETE) || ((type.equals(IRequest.CLA_UNCERT4CRL_REQUEST)) && (status == RequestStatus.SVC_PENDING))) { Integer result = unrevReq.getExtDataInInteger(IRequest.RESULT); @@ -316,11 +310,15 @@ public class DoUnrevoke extends CMSServlet { header.addStringValue("unrevoked", "yes"); if (certs[0] != null) { mLogger.log(ILogger.EV_AUDIT, ILogger.S_OTHER, - AuditFormat.LEVEL, - AuditFormat.DOUNREVOKEFORMAT, new Object[] { - unrevReq.getRequestId(), initiative, - "completed", certs[0].getSubjectDN(), - "0x" + serialNumbers[0].toString(16) }); + AuditFormat.LEVEL, + AuditFormat.DOUNREVOKEFORMAT, + new Object[] { + unrevReq.getRequestId(), + initiative, + "completed", + certs[0].getSubjectDN(), + "0x" + serialNumbers[0].toString(16)} + ); } } else { header.addStringValue("unrevoked", "no"); @@ -329,61 +327,60 @@ public class DoUnrevoke extends CMSServlet { if (error != null) { header.addStringValue("error", error); if (certs[0] != null) { - mLogger.log( - ILogger.EV_AUDIT, - ILogger.S_OTHER, - AuditFormat.LEVEL, - AuditFormat.DOUNREVOKEFORMAT, - new Object[] { - unrevReq.getRequestId(), - initiative, - "completed with error: " + error, - certs[0].getSubjectDN(), - "0x" - + serialNumbers[0] - .toString(16) }); + mLogger.log(ILogger.EV_AUDIT, + ILogger.S_OTHER, + AuditFormat.LEVEL, + AuditFormat.DOUNREVOKEFORMAT, + new Object[] { + unrevReq.getRequestId(), + initiative, + "completed with error: " + + error, + certs[0].getSubjectDN(), + "0x" + serialNumbers[0].toString(16)} + ); } /****************************************************/ - - /* IMPORTANT: In the event that the following */ - - /* "throw error;" statement is */ - - /* uncommented, uncomment the following */ - - /* signed audit log message, also!!! */ - + + /* IMPORTANT: In the event that the following */ + + /* "throw error;" statement is */ + + /* uncommented, uncomment the following */ + + /* signed audit log message, also!!! */ + /****************************************************/ - // // store a message in the signed audit log file - // // if and only if "auditApprovalStatus" is - // // "complete", "revoked", or "canceled" - // if( ( auditApprovalStatus.equals( - // RequestStatus.COMPLETE_STRING ) ) || - // ( auditApprovalStatus.equals( - // RequestStatus.REJECTED_STRING ) ) || - // ( auditApprovalStatus.equals( - // RequestStatus.CANCELED_STRING ) ) ) { - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED, - // auditSubjectID, - // ILogger.FAILURE, - // auditRequesterID, - // auditSerialNumber, - // auditRequestType, - // auditReasonNum, - // auditApprovalStatus ); + // // store a message in the signed audit log file + // // if and only if "auditApprovalStatus" is + // // "complete", "revoked", or "canceled" + // if( ( auditApprovalStatus.equals( + // RequestStatus.COMPLETE_STRING ) ) || + // ( auditApprovalStatus.equals( + // RequestStatus.REJECTED_STRING ) ) || + // ( auditApprovalStatus.equals( + // RequestStatus.CANCELED_STRING ) ) ) { + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED, + // auditSubjectID, + // ILogger.FAILURE, + // auditRequesterID, + // auditSerialNumber, + // auditRequestType, + // auditReasonNum, + // auditApprovalStatus ); // - // audit( auditMessage ); - // } + // audit( auditMessage ); + // } - // throw error; + // throw error; } } - Integer updateCRLResult = unrevReq - .getExtDataInInteger(IRequest.CRL_UPDATE_STATUS); + Integer updateCRLResult = + unrevReq.getExtDataInInteger(IRequest.CRL_UPDATE_STATUS); if (updateCRLResult != null) { header.addStringValue("updateCRL", "yes"); @@ -391,90 +388,91 @@ public class DoUnrevoke extends CMSServlet { header.addStringValue("updateCRLSuccess", "yes"); } else { header.addStringValue("updateCRLSuccess", "no"); - String crlError = unrevReq - .getExtDataInString(IRequest.CRL_UPDATE_ERROR); + String crlError = + unrevReq.getExtDataInString(IRequest.CRL_UPDATE_ERROR); - if (crlError != null) - header.addStringValue("updateCRLError", crlError); + if (crlError != null) + header.addStringValue("updateCRLError", + crlError); } // let known crl publishing status too. - Integer publishCRLResult = unrevReq - .getExtDataInInteger(IRequest.CRL_PUBLISH_STATUS); + Integer publishCRLResult = + unrevReq.getExtDataInInteger(IRequest.CRL_PUBLISH_STATUS); if (publishCRLResult != null) { if (publishCRLResult.equals(IRequest.RES_SUCCESS)) { header.addStringValue("publishCRLSuccess", "yes"); } else { header.addStringValue("publishCRLSuccess", "no"); - String publError = unrevReq - .getExtDataInString(IRequest.CRL_PUBLISH_ERROR); + String publError = + unrevReq.getExtDataInString(IRequest.CRL_PUBLISH_ERROR); - if (publError != null) - header.addStringValue("publishCRLError", - publError); + if (publError != null) + header.addStringValue("publishCRLError", + publError); } } } - // let known update and publish status of all crls. - Enumeration otherCRLs = ((ICertificateAuthority) mAuthority) - .getCRLIssuingPoints(); + // let known update and publish status of all crls. + Enumeration otherCRLs = + ((ICertificateAuthority) mAuthority).getCRLIssuingPoints(); while (otherCRLs.hasMoreElements()) { - ICRLIssuingPoint crl = (ICRLIssuingPoint) otherCRLs - .nextElement(); + ICRLIssuingPoint crl = (ICRLIssuingPoint) + otherCRLs.nextElement(); String crlId = crl.getId(); if (crlId.equals(ICertificateAuthority.PROP_MASTER_CRL)) continue; String updateStatusStr = crl.getCrlUpdateStatusStr(); - Integer updateResult = unrevReq - .getExtDataInInteger(updateStatusStr); + Integer updateResult = unrevReq.getExtDataInInteger(updateStatusStr); if (updateResult != null) { if (updateResult.equals(IRequest.RES_SUCCESS)) { - CMS.debug("DoUnrevoke: adding header " - + updateStatusStr + " yes "); + CMS.debug("DoUnrevoke: adding header " + + updateStatusStr + " yes "); header.addStringValue(updateStatusStr, "yes"); } else { String updateErrorStr = crl.getCrlUpdateErrorStr(); - CMS.debug("DoUnrevoke: adding header " - + updateStatusStr + " no "); + CMS.debug("DoUnrevoke: adding header " + + updateStatusStr + " no "); header.addStringValue(updateStatusStr, "no"); - String error = unrevReq - .getExtDataInString(updateErrorStr); + String error = + unrevReq.getExtDataInString(updateErrorStr); - if (error != null) - header.addStringValue(updateErrorStr, error); + if (error != null) + header.addStringValue( + updateErrorStr, error); } String publishStatusStr = crl.getCrlPublishStatusStr(); - Integer publishResult = unrevReq - .getExtDataInInteger(publishStatusStr); + Integer publishResult = + unrevReq.getExtDataInInteger(publishStatusStr); - if (publishResult == null) + if (publishResult == null) continue; if (publishResult.equals(IRequest.RES_SUCCESS)) { header.addStringValue(publishStatusStr, "yes"); } else { - String publishErrorStr = crl - .getCrlPublishErrorStr(); + String publishErrorStr = + crl.getCrlPublishErrorStr(); header.addStringValue(publishStatusStr, "no"); - String error = unrevReq - .getExtDataInString(publishErrorStr); + String error = + unrevReq.getExtDataInString(publishErrorStr); - if (error != null) - header.addStringValue(publishErrorStr, error); + if (error != null) + header.addStringValue( + publishErrorStr, error); } } } - if (mPublisherProcessor != null - && mPublisherProcessor.ldapEnabled()) { + if (mPublisherProcessor != null && mPublisherProcessor.ldapEnabled()) { header.addStringValue("dirEnabled", "yes"); - Integer[] ldapPublishStatus = unrevReq - .getExtDataInIntegerArray("ldapPublishStatus"); + Integer[] ldapPublishStatus = + unrevReq.getExtDataInIntegerArray("ldapPublishStatus"); if (ldapPublishStatus != null) { if (ldapPublishStatus[0] == IRequest.RES_SUCCESS) { @@ -492,20 +490,30 @@ public class DoUnrevoke extends CMSServlet { header.addStringValue("unrevoked", "pending"); if (certs[0] != null) { mLogger.log(ILogger.EV_AUDIT, ILogger.S_OTHER, - AuditFormat.LEVEL, AuditFormat.DOUNREVOKEFORMAT, - new Object[] { unrevReq.getRequestId(), initiative, - "pending", certs[0].getSubjectDN(), - "0x" + serialNumbers[0].toString(16) }); + AuditFormat.LEVEL, + AuditFormat.DOUNREVOKEFORMAT, + new Object[] { + unrevReq.getRequestId(), + initiative, + "pending", + certs[0].getSubjectDN(), + "0x" + serialNumbers[0].toString(16)} + ); } } else { header.addStringValue("error", "Request Status.Error"); header.addStringValue("unrevoked", "no"); if (certs[0] != null) { mLogger.log(ILogger.EV_AUDIT, ILogger.S_OTHER, - AuditFormat.LEVEL, AuditFormat.DOUNREVOKEFORMAT, - new Object[] { unrevReq.getRequestId(), initiative, - status.toString(), certs[0].getSubjectDN(), - "0x" + serialNumbers[0].toString(16) }); + AuditFormat.LEVEL, + AuditFormat.DOUNREVOKEFORMAT, + new Object[] { + unrevReq.getRequestId(), + initiative, + status.toString(), + certs[0].getSubjectDN(), + "0x" + serialNumbers[0].toString(16)} + ); } } @@ -513,17 +521,18 @@ public class DoUnrevoke extends CMSServlet { // if and only if "auditApprovalStatus" is // "complete", "revoked", or "canceled" if ((auditApprovalStatus.equals(RequestStatus.COMPLETE_STRING)) - || (auditApprovalStatus - .equals(RequestStatus.REJECTED_STRING)) - || (auditApprovalStatus - .equals(RequestStatus.CANCELED_STRING))) { - auditMessage = CMS - .getLogMessage( - LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED, - auditSubjectID, ILogger.SUCCESS, - auditRequesterID, auditSerialNumber, - auditRequestType, auditReasonNum, - auditApprovalStatus); + || (auditApprovalStatus.equals(RequestStatus.REJECTED_STRING)) + || (auditApprovalStatus.equals(RequestStatus.CANCELED_STRING)) + ) { + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED, + auditSubjectID, + ILogger.SUCCESS, + auditRequesterID, + auditSerialNumber, + auditRequestType, + auditReasonNum, + auditApprovalStatus); audit(auditMessage); } @@ -533,9 +542,12 @@ public class DoUnrevoke extends CMSServlet { // store a "CERT_STATUS_CHANGE_REQUEST" failure // message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST, - auditSubjectID, ILogger.FAILURE, auditRequesterID, - auditSerialNumber, auditRequestType); + LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST, + auditSubjectID, + ILogger.FAILURE, + auditRequesterID, + auditSerialNumber, + auditRequestType); audit(auditMessage); } else { @@ -543,18 +555,21 @@ public class DoUnrevoke extends CMSServlet { // message in the signed audit log file // if and only if "auditApprovalStatus" is // "complete", "revoked", or "canceled" - if ((auditApprovalStatus.equals(RequestStatus.COMPLETE_STRING)) - || (auditApprovalStatus - .equals(RequestStatus.REJECTED_STRING)) - || (auditApprovalStatus - .equals(RequestStatus.CANCELED_STRING))) { - auditMessage = CMS - .getLogMessage( - LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED, - auditSubjectID, ILogger.FAILURE, - auditRequesterID, auditSerialNumber, - auditRequestType, auditReasonNum, - auditApprovalStatus); + if ((auditApprovalStatus.equals( + RequestStatus.COMPLETE_STRING)) || + (auditApprovalStatus.equals( + RequestStatus.REJECTED_STRING)) || + (auditApprovalStatus.equals( + RequestStatus.CANCELED_STRING))) { + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED, + auditSubjectID, + ILogger.FAILURE, + auditRequesterID, + auditSerialNumber, + auditRequestType, + auditReasonNum, + auditApprovalStatus); audit(auditMessage); } @@ -565,7 +580,7 @@ public class DoUnrevoke extends CMSServlet { } private BigInteger[] getSerialNumbers(HttpServletRequest req) - throws NumberFormatException { + throws NumberFormatException { String serialNumString = req.getParameter("serialNumber"); StringTokenizer snList = new StringTokenizer(serialNumString, " "); @@ -586,7 +601,7 @@ public class DoUnrevoke extends CMSServlet { biList.addElement(bi); } else { throw new NumberFormatException(); - } + } } if (biList.size() < 1) { throw new NumberFormatException(); @@ -602,11 +617,11 @@ public class DoUnrevoke extends CMSServlet { /** * Signed Audit Log Requester ID - * - * This method is called to obtain the "RequesterID" for a signed audit log - * message. + * + * This method is called to obtain the "RequesterID" for + * a signed audit log message. * <P> - * + * * @param req HTTP request * @return id string containing the signed audit log message RequesterID */ @@ -632,11 +647,11 @@ public class DoUnrevoke extends CMSServlet { /** * Signed Audit Log Serial Number - * + * * This method is called to obtain the serial number of the certificate * whose status is to be changed for a signed audit log message. * <P> - * + * * @param eeSerialNumber a string containing the un-normalized serialNumber * @return id string containing the signed audit log message RequesterID */ @@ -654,8 +669,8 @@ public class DoUnrevoke extends CMSServlet { // convert it to hexadecimal serialNumber = "0x" - + Integer.toHexString(Integer.valueOf(serialNumber) - .intValue()); + + Integer.toHexString( + Integer.valueOf(serialNumber).intValue()); } else { serialNumber = ILogger.SIGNED_AUDIT_EMPTY_VALUE; } @@ -663,3 +678,4 @@ public class DoUnrevoke extends CMSServlet { return serialNumber; } } + |