// --- BEGIN COPYRIGHT BLOCK ---
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; version 2 of the License.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License along
// with this program; if not, write to the Free Software Foundation, Inc.,
// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
//
// (C) 2007 Red Hat, Inc.
// All rights reserved.
// --- END COPYRIGHT BLOCK ---
package com.netscape.certsrv.ca;
import java.util.Enumeration;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import netscape.security.x509.CertificateChain;
import netscape.security.x509.CertificateVersion;
import netscape.security.x509.X500Name;
import netscape.security.x509.X509CRLImpl;
import netscape.security.x509.X509CertImpl;
import netscape.security.x509.X509CertInfo;
import org.mozilla.jss.crypto.SignatureAlgorithm;
import com.netscape.certsrv.base.EBaseException;
import com.netscape.certsrv.base.IConfigStore;
import com.netscape.certsrv.base.ISubsystem;
import com.netscape.certsrv.dbs.certdb.ICertificateRepository;
import com.netscape.certsrv.dbs.crldb.ICRLRepository;
import com.netscape.certsrv.dbs.replicadb.IReplicaIDRepository;
import com.netscape.certsrv.policy.IPolicyProcessor;
import com.netscape.certsrv.publish.IPublisherProcessor;
import com.netscape.certsrv.request.IRequestListener;
import com.netscape.certsrv.request.IRequestNotifier;
import com.netscape.certsrv.request.IRequestQueue;
import com.netscape.certsrv.request.IService;
import com.netscape.certsrv.security.ISigningUnit;
/**
* An interface represents a Certificate Authority that is
* responsible for certificate specific operations.
*
*
* @version $Revision$, $Date$
*/
public interface ICertificateAuthority extends ISubsystem {
public static final String ID = "ca";
public static final String PROP_CERTDB_INC = "certdbInc";
public static final String PROP_CRLDB_INC = "crldbInc";
public static final String PROP_REGISTRATION = "Registration";
public static final String PROP_POLICY = "Policy";
public static final String PROP_GATEWAY = "gateway";
public static final String PROP_CLASS = "class";
public static final String PROP_TYPE = "type";
public static final String PROP_IMPL = "impl";
public static final String PROP_PLUGIN = "plugin";
public static final String PROP_INSTANCE = "instance";
public static final String PROP_LISTENER_SUBSTORE = "listener";
public final static String PROP_LDAP_PUBLISH_SUBSTORE = "ldappublish";
public final static String PROP_PUBLISH_SUBSTORE = "publish";
public final static String PROP_ENABLE_PUBLISH = "enablePublish";
public final static String PROP_ENABLE_LDAP_PUBLISH = "enableLdapPublish";
public final static String PROP_X509CERT_VERSION = "X509CertVersion";
public final static String PROP_ENABLE_PAST_CATIME = "enablePastCATime";
public final static String PROP_DEF_VALIDITY = "DefaultIssueValidity";
public final static String PROP_FAST_SIGNING = "fastSigning";
public static final String PROP_ENABLE_ADMIN_ENROLL =
"enableAdminEnroll";
public final static String PROP_CRL_SUBSTORE = "crl";
// make this public so agent gateway can access for now.
public final static String PROP_CRL_PAGE_SIZE = "pageSize";
public final static String PROP_MASTER_CRL = "MasterCRL";
public final static String PROP_CRLEXT_SUBSTORE = "extension";
public final static String PROP_ISSUING_CLASS =
"com.netscape.cmscore.ca.CRLIssuingPoint";
public final static String PROP_EXPIREDCERTS_CLASS =
"com.netscape.cmscore.ca.CRLWithExpiredCerts";
public final static String PROP_NOTIFY_SUBSTORE = "notification";
public final static String PROP_CERT_ISSUED_SUBSTORE = "certIssued";
public final static String PROP_CERT_REVOKED_SUBSTORE = "certRevoked";
public final static String PROP_REQ_IN_Q_SUBSTORE = "requestInQ";
public final static String PROP_PUB_QUEUE_SUBSTORE = "publishingQueue";
public final static String PROP_ISSUER_NAME = "name";
public final static String PROP_CA_NAMES = "CAs";
public final static String PROP_DBS_SUBSTORE = "dbs";
public final static String PROP_SIGNING_SUBSTORE = "signing";
public final static String PROP_CA_CHAIN_NUM = "certchainNum";
public final static String PROP_CA_CHAIN = "certchain";
public final static String PROP_CA_CERT = "cert";
public final static String PROP_ENABLE_OCSP = "ocsp";
public final static String PROP_OCSP_SIGNING_SUBSTORE = "ocsp_signing";
public final static String PROP_CRL_SIGNING_SUBSTORE = "crl_signing";
public final static String PROP_ID = "id";
public final static String PROP_CERTDB_TRANS_MAXRECORDS = "transitMaxRecords";
public final static String PROP_CERTDB_TRANS_PAGESIZE = "transitRecordPageSize";
/**
* Retrieves the certificate repository where all the locally
* issued certificates are kept.
*
* @return CA's certificate repository
*/
public ICertificateRepository getCertificateRepository();
/**
* Retrieves the request queue of this certificate authority.
*
* @return CA's request queue
*/
public IRequestQueue getRequestQueue();
/**
* Retrieves the policy processor of this certificate authority.
* @deprecated
* @return CA's policy processor
*/
public IPolicyProcessor getPolicyProcessor();
public boolean noncesEnabled();
public Map