From a4682ceae6774956461edd03b2485bbacea445f4 Mon Sep 17 00:00:00 2001 From: mharmsen Date: Tue, 4 Oct 2011 01:17:41 +0000 Subject: Bugzilla Bug #688225 - (dogtagIPAv2.1) TRACKER: of the Dogtag fixes for freeIPA 2.1 git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/tags/IPA_v2_RHEL_6_2_20111003@2252 c9f7a03b-bd48-0410-a16d-cbbf54688b0b --- .../cmscore/authentication/VerifiedCert.java | 93 ++++++++++++++++++++++ 1 file changed, 93 insertions(+) create mode 100644 pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java (limited to 'pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java') diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java b/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java new file mode 100644 index 000000000..90963e324 --- /dev/null +++ b/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java @@ -0,0 +1,93 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.cmscore.authentication; + + +import java.util.*; +import java.math.BigInteger; + +import com.netscape.certsrv.apps.*; + + +/** + * class storing verified certificate. + * + * @version $Revision$, $Date$ + */ + +public class VerifiedCert { + public static final int CHECKED = 4; + public static final int EXPIRED = 3; + public static final int NOT_REVOKED = 2; + public static final int REVOKED = 1; + public static final int UNKNOWN = 0; + + private int mStatus = UNKNOWN; + private Date mCreated = null; + private BigInteger mSerialNumber = null; + private byte[] mCertEncoded = null; + + /** + * Constructs verified certiificate record + */ + + public VerifiedCert(BigInteger serialNumber, byte[] certEncoded, + int status) { + mStatus = status; + mSerialNumber = serialNumber; + mCertEncoded = certEncoded; + mCreated = CMS.getCurrentDate(); + } + + public int check(BigInteger serialNumber, byte[] certEncoded, + long interval, long unknownStateInterval) { + int status = UNKNOWN; + + if (mSerialNumber.equals(serialNumber)) { + if (mCertEncoded != null) { + if (certEncoded != null && + mCertEncoded.length == certEncoded.length) { + int i; + + for (i = 0; i < mCertEncoded.length; i++) { + if (mCertEncoded[i] != certEncoded[i]) + break; + } + if (i >= mCertEncoded.length) { + Date expires = new Date(mCreated.getTime() + (interval * 1000)); + Date now = CMS.getCurrentDate(); + + if (now.after(expires)) + mStatus = EXPIRED; + status = mStatus; + } + } + } else if (unknownStateInterval > 0) { + Date expires = new Date(mCreated.getTime() + (unknownStateInterval * 1000)); + Date now = CMS.getCurrentDate(); + + if (now.after(expires)) + mStatus = EXPIRED; + status = mStatus; // CHECKED + } + } + + return status; + } +} + -- cgit