diff options
Diffstat (limited to 'pki/base/ca/src/com/netscape/ca/CMSCRLExtensions.java')
-rw-r--r-- | pki/base/ca/src/com/netscape/ca/CMSCRLExtensions.java | 416 |
1 files changed, 251 insertions, 165 deletions
diff --git a/pki/base/ca/src/com/netscape/ca/CMSCRLExtensions.java b/pki/base/ca/src/com/netscape/ca/CMSCRLExtensions.java index 51d03417..8b06486f 100644 --- a/pki/base/ca/src/com/netscape/ca/CMSCRLExtensions.java +++ b/pki/base/ca/src/com/netscape/ca/CMSCRLExtensions.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.ca; - import java.io.IOException; import java.security.cert.CertificateException; import java.util.Enumeration; @@ -56,7 +55,6 @@ import com.netscape.certsrv.logging.ILogger; import com.netscape.cms.crl.CMSIssuingDistributionPointExtension; import com.netscape.cmscore.base.SubsystemRegistry; - public class CMSCRLExtensions implements ICMSCRLExtensions { public static final String PROP_ENABLE = "enable"; public static final String PROP_EXTENSION = "extension"; @@ -65,7 +63,7 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { public static final String PROP_CRITICAL = "critical"; public static final String PROP_CRL_EXT = "CRLExtension"; public static final String PROP_CRL_ENTRY_EXT = "CRLEntryExtension"; - + private ICRLIssuingPoint mCRLIssuingPoint = null; private IConfigStore mConfig = null; @@ -90,101 +88,110 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { static { /* Default CRL Extensions */ - mDefaultCRLExtensionNames.addElement(AuthorityKeyIdentifierExtension.NAME); - mDefaultCRLExtensionNames.addElement(IssuerAlternativeNameExtension.NAME); + mDefaultCRLExtensionNames + .addElement(AuthorityKeyIdentifierExtension.NAME); + mDefaultCRLExtensionNames + .addElement(IssuerAlternativeNameExtension.NAME); mDefaultCRLExtensionNames.addElement(CRLNumberExtension.NAME); mDefaultCRLExtensionNames.addElement(DeltaCRLIndicatorExtension.NAME); - mDefaultCRLExtensionNames.addElement(IssuingDistributionPointExtension.NAME); + mDefaultCRLExtensionNames + .addElement(IssuingDistributionPointExtension.NAME); mDefaultCRLExtensionNames.addElement(FreshestCRLExtension.NAME); mDefaultCRLExtensionNames.addElement(AuthInfoAccessExtension.NAME2); /* Default CRL Entry Extensions */ mDefaultCRLEntryExtensionNames.addElement(CRLReasonExtension.NAME); - //mDefaultCRLEntryExtensionNames.addElement(HoldInstructionExtension.NAME); + // mDefaultCRLEntryExtensionNames.addElement(HoldInstructionExtension.NAME); mDefaultCRLEntryExtensionNames.addElement(InvalidityDateExtension.NAME); - //mDefaultCRLEntryExtensionNames.addElement(CertificateIssuerExtension.NAME); + // mDefaultCRLEntryExtensionNames.addElement(CertificateIssuerExtension.NAME); /* Default Enabled CRL Extensions */ mDefaultEnabledCRLExtensions.addElement(CRLNumberExtension.NAME); - //mDefaultEnabledCRLExtensions.addElement(DeltaCRLIndicatorExtension.NAME); + // mDefaultEnabledCRLExtensions.addElement(DeltaCRLIndicatorExtension.NAME); mDefaultEnabledCRLExtensions.addElement(CRLReasonExtension.NAME); mDefaultEnabledCRLExtensions.addElement(InvalidityDateExtension.NAME); /* Default Critical CRL Extensions */ - mDefaultCriticalCRLExtensions.addElement(DeltaCRLIndicatorExtension.NAME); - mDefaultCriticalCRLExtensions.addElement(IssuingDistributionPointExtension.NAME); - //mDefaultCriticalCRLExtensions.addElement(CertificateIssuerExtension.NAME); + mDefaultCriticalCRLExtensions + .addElement(DeltaCRLIndicatorExtension.NAME); + mDefaultCriticalCRLExtensions + .addElement(IssuingDistributionPointExtension.NAME); + // mDefaultCriticalCRLExtensions.addElement(CertificateIssuerExtension.NAME); /* CRL extension IDs */ mDefaultCRLExtensionIDs.put(PKIXExtensions.AuthorityKey_Id.toString(), - AuthorityKeyIdentifierExtension.NAME); - mDefaultCRLExtensionIDs.put(PKIXExtensions.IssuerAlternativeName_Id.toString(), - IssuerAlternativeNameExtension.NAME); + AuthorityKeyIdentifierExtension.NAME); + mDefaultCRLExtensionIDs.put( + PKIXExtensions.IssuerAlternativeName_Id.toString(), + IssuerAlternativeNameExtension.NAME); mDefaultCRLExtensionIDs.put(PKIXExtensions.CRLNumber_Id.toString(), - CRLNumberExtension.NAME); - mDefaultCRLExtensionIDs.put(PKIXExtensions.DeltaCRLIndicator_Id.toString(), - DeltaCRLIndicatorExtension.NAME); - mDefaultCRLExtensionIDs.put(PKIXExtensions.IssuingDistributionPoint_Id.toString(), - IssuingDistributionPointExtension.NAME); + CRLNumberExtension.NAME); + mDefaultCRLExtensionIDs.put( + PKIXExtensions.DeltaCRLIndicator_Id.toString(), + DeltaCRLIndicatorExtension.NAME); + mDefaultCRLExtensionIDs.put( + PKIXExtensions.IssuingDistributionPoint_Id.toString(), + IssuingDistributionPointExtension.NAME); mDefaultCRLExtensionIDs.put(PKIXExtensions.ReasonCode_Id.toString(), - CRLReasonExtension.NAME); - mDefaultCRLExtensionIDs.put(PKIXExtensions.HoldInstructionCode_Id.toString(), - HoldInstructionExtension.NAME); - mDefaultCRLExtensionIDs.put(PKIXExtensions.InvalidityDate_Id.toString(), - InvalidityDateExtension.NAME); - //mDefaultCRLExtensionIDs.put(PKIXExtensions.CertificateIssuer_Id.toString(), - // CertificateIssuerExtension.NAME); + CRLReasonExtension.NAME); + mDefaultCRLExtensionIDs.put( + PKIXExtensions.HoldInstructionCode_Id.toString(), + HoldInstructionExtension.NAME); + mDefaultCRLExtensionIDs.put( + PKIXExtensions.InvalidityDate_Id.toString(), + InvalidityDateExtension.NAME); + // mDefaultCRLExtensionIDs.put(PKIXExtensions.CertificateIssuer_Id.toString(), + // CertificateIssuerExtension.NAME); mDefaultCRLExtensionIDs.put(PKIXExtensions.FreshestCRL_Id.toString(), - FreshestCRLExtension.NAME); + FreshestCRLExtension.NAME); mDefaultCRLExtensionIDs.put(AuthInfoAccessExtension.ID.toString(), - AuthInfoAccessExtension.NAME2); + AuthInfoAccessExtension.NAME2); /* Class names */ - mDefaultCRLExtensionClassNames.put(AuthorityKeyIdentifierExtension.NAME, - "com.netscape.cms.crl.CMSAuthorityKeyIdentifierExtension"); + mDefaultCRLExtensionClassNames.put( + AuthorityKeyIdentifierExtension.NAME, + "com.netscape.cms.crl.CMSAuthorityKeyIdentifierExtension"); mDefaultCRLExtensionClassNames.put(IssuerAlternativeNameExtension.NAME, - "com.netscape.cms.crl.CMSIssuerAlternativeNameExtension"); + "com.netscape.cms.crl.CMSIssuerAlternativeNameExtension"); mDefaultCRLExtensionClassNames.put(CRLNumberExtension.NAME, - "com.netscape.cms.crl.CMSCRLNumberExtension"); + "com.netscape.cms.crl.CMSCRLNumberExtension"); mDefaultCRLExtensionClassNames.put(DeltaCRLIndicatorExtension.NAME, - "com.netscape.cms.crl.CMSDeltaCRLIndicatorExtension"); - mDefaultCRLExtensionClassNames.put(IssuingDistributionPointExtension.NAME, - "com.netscape.cms.crl.CMSIssuingDistributionPointExtension"); + "com.netscape.cms.crl.CMSDeltaCRLIndicatorExtension"); + mDefaultCRLExtensionClassNames.put( + IssuingDistributionPointExtension.NAME, + "com.netscape.cms.crl.CMSIssuingDistributionPointExtension"); mDefaultCRLExtensionClassNames.put(CRLReasonExtension.NAME, - "com.netscape.cms.crl.CMSCRLReasonExtension"); + "com.netscape.cms.crl.CMSCRLReasonExtension"); mDefaultCRLExtensionClassNames.put(HoldInstructionExtension.NAME, - "com.netscape.cms.crl.CMSHoldInstructionExtension"); + "com.netscape.cms.crl.CMSHoldInstructionExtension"); mDefaultCRLExtensionClassNames.put(InvalidityDateExtension.NAME, - "com.netscape.cms.crl.CMSInvalidityDateExtension"); - //mDefaultCRLExtensionClassNames.put(CertificateIssuerExtension.NAME, - // "com.netscape.cms.crl.CMSCertificateIssuerExtension"); + "com.netscape.cms.crl.CMSInvalidityDateExtension"); + // mDefaultCRLExtensionClassNames.put(CertificateIssuerExtension.NAME, + // "com.netscape.cms.crl.CMSCertificateIssuerExtension"); mDefaultCRLExtensionClassNames.put(FreshestCRLExtension.NAME, - "com.netscape.cms.crl.CMSFreshestCRLExtension"); + "com.netscape.cms.crl.CMSFreshestCRLExtension"); mDefaultCRLExtensionClassNames.put(AuthInfoAccessExtension.NAME2, - "com.netscape.cms.crl.CMSAuthInfoAccessExtension"); + "com.netscape.cms.crl.CMSAuthInfoAccessExtension"); try { OIDMap.addAttribute(DeltaCRLIndicatorExtension.class.getName(), - DeltaCRLIndicatorExtension.OID, - DeltaCRLIndicatorExtension.NAME); + DeltaCRLIndicatorExtension.OID, + DeltaCRLIndicatorExtension.NAME); } catch (CertificateException e) { } try { OIDMap.addAttribute(HoldInstructionExtension.class.getName(), - HoldInstructionExtension.OID, - HoldInstructionExtension.NAME); + HoldInstructionExtension.OID, HoldInstructionExtension.NAME); } catch (CertificateException e) { } try { OIDMap.addAttribute(InvalidityDateExtension.class.getName(), - InvalidityDateExtension.OID, - InvalidityDateExtension.NAME); + InvalidityDateExtension.OID, InvalidityDateExtension.NAME); } catch (CertificateException e) { } try { OIDMap.addAttribute(FreshestCRLExtension.class.getName(), - FreshestCRLExtension.OID, - FreshestCRLExtension.NAME); + FreshestCRLExtension.OID, FreshestCRLExtension.NAME); } catch (CertificateException e) { } } @@ -192,15 +199,16 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { /** * Constructs a CRL extensions for CRL issuing point. */ - public CMSCRLExtensions(ICRLIssuingPoint crlIssuingPoint, IConfigStore config) { + public CMSCRLExtensions(ICRLIssuingPoint crlIssuingPoint, + IConfigStore config) { boolean modifiedConfig = false; - mConfig = config; + mConfig = config; mCRLExtConfig = config.getSubStore(PROP_EXTENSION); mCRLIssuingPoint = crlIssuingPoint; - IConfigStore mFileConfig = - SubsystemRegistry.getInstance().get("MAIN").getConfigStore(); + IConfigStore mFileConfig = SubsystemRegistry.getInstance().get("MAIN") + .getConfigStore(); IConfigStore crlExtConfig = (IConfigStore) mFileConfig; StringTokenizer st = new StringTokenizer(mCRLExtConfig.getName(), "."); @@ -212,13 +220,13 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { if (newConfig != null) { crlExtConfig = newConfig; } - } + } if (crlExtConfig != null) { Enumeration<String> enumExts = crlExtConfig.getSubStoreNames(); while (enumExts.hasMoreElements()) { - String extName = enumExts.nextElement(); + String extName = enumExts.nextElement(); IConfigStore extConfig = crlExtConfig.getSubStore(extName); if (extConfig != null) { @@ -233,7 +241,9 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { try { mFileConfig.commit(true); } catch (EBaseException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_SAVE_CONF", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_SAVE_CONF", + e.toString())); } } } @@ -247,26 +257,38 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { mEnabledCRLExtensions.addElement(extName); } } catch (EPropertyNotFound e) { - extConfig.putBoolean(PROP_ENABLE, mDefaultEnabledCRLExtensions.contains(extName)); + extConfig.putBoolean(PROP_ENABLE, + mDefaultEnabledCRLExtensions.contains(extName)); modifiedConfig = true; if (mDefaultEnabledCRLExtensions.contains(extName)) { mEnabledCRLExtensions.addElement(extName); } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_NO_ENABLE", extName, mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_NO_ENABLE", extName, + mDefaultEnabledCRLExtensions.contains(extName) ? "true" + : "false")); } catch (EPropertyNotDefined e) { - extConfig.putBoolean(PROP_ENABLE, mDefaultEnabledCRLExtensions.contains(extName)); + extConfig.putBoolean(PROP_ENABLE, + mDefaultEnabledCRLExtensions.contains(extName)); modifiedConfig = true; if (mDefaultEnabledCRLExtensions.contains(extName)) { mEnabledCRLExtensions.addElement(extName); } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_UNDEFINE_ENABLE", extName, mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_UNDEFINE_ENABLE", extName, + mDefaultEnabledCRLExtensions.contains(extName) ? "true" + : "false")); } catch (EBaseException e) { - extConfig.putBoolean(PROP_ENABLE, mDefaultEnabledCRLExtensions.contains(extName)); + extConfig.putBoolean(PROP_ENABLE, + mDefaultEnabledCRLExtensions.contains(extName)); modifiedConfig = true; if (mDefaultEnabledCRLExtensions.contains(extName)) { mEnabledCRLExtensions.addElement(extName); } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INVALID_ENABLE", extName, mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_INVALID_ENABLE", extName, + mDefaultEnabledCRLExtensions.contains(extName) ? "true" + : "false")); } return modifiedConfig; } @@ -279,26 +301,38 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { mCriticalCRLExtensions.addElement(extName); } } catch (EPropertyNotFound e) { - extConfig.putBoolean(PROP_CRITICAL, mDefaultCriticalCRLExtensions.contains(extName)); + extConfig.putBoolean(PROP_CRITICAL, + mDefaultCriticalCRLExtensions.contains(extName)); modifiedConfig = true; if (mDefaultCriticalCRLExtensions.contains(extName)) { mCriticalCRLExtensions.addElement(extName); } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_NO_CRITICAL", extName, mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_NO_CRITICAL", extName, + mDefaultEnabledCRLExtensions.contains(extName) ? "true" + : "false")); } catch (EPropertyNotDefined e) { - extConfig.putBoolean(PROP_CRITICAL, mDefaultCriticalCRLExtensions.contains(extName)); + extConfig.putBoolean(PROP_CRITICAL, + mDefaultCriticalCRLExtensions.contains(extName)); modifiedConfig = true; if (mDefaultCriticalCRLExtensions.contains(extName)) { mCriticalCRLExtensions.addElement(extName); } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_UNDEFINE_CRITICAL", extName, mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_UNDEFINE_CRITICAL", extName, + mDefaultEnabledCRLExtensions.contains(extName) ? "true" + : "false")); } catch (EBaseException e) { - extConfig.putBoolean(PROP_CRITICAL, mDefaultCriticalCRLExtensions.contains(extName)); + extConfig.putBoolean(PROP_CRITICAL, + mDefaultCriticalCRLExtensions.contains(extName)); modifiedConfig = true; if (mDefaultCriticalCRLExtensions.contains(extName)) { mCriticalCRLExtensions.addElement(extName); } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INVALID_CRITICAL", extName, mDefaultEnabledCRLExtensions.contains(extName) ? "true" : "false")); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_INVALID_CRITICAL", extName, + mDefaultEnabledCRLExtensions.contains(extName) ? "true" + : "false")); } return modifiedConfig; } @@ -319,18 +353,24 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { extConfig.putString(PROP_TYPE, PROP_CRL_ENTRY_EXT); modifiedConfig = true; mCRLEntryExtensionNames.addElement(extName); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INVALID_EXT", extName, PROP_CRL_ENTRY_EXT)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_INVALID_EXT", extName, + PROP_CRL_ENTRY_EXT)); } else if (mDefaultCRLExtensionNames.contains(extName)) { extConfig.putString(PROP_TYPE, PROP_CRL_EXT); modifiedConfig = true; mCRLExtensionNames.addElement(extName); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INVALID_EXT", extName, PROP_CRL_EXT)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_INVALID_EXT", extName, + PROP_CRL_EXT)); } else { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INVALID_EXT", extName, "")); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_INVALID_EXT", extName, "")); } } } else { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_UNDEFINE_EXT", extName)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_UNDEFINE_EXT", extName)); } } catch (EPropertyNotFound e) { if (mDefaultCRLEntryExtensionNames.contains(extName)) { @@ -340,9 +380,11 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { extConfig.putString(PROP_TYPE, PROP_CRL_EXT); modifiedConfig = true; } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_MISSING_EXT", extName)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_MISSING_EXT", extName)); } catch (EBaseException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INVALID_EXT", extName, "")); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_INVALID_EXT", extName, "")); } return modifiedConfig; } @@ -357,13 +399,14 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { mCRLExtensionClassNames.put(extName, extClass); try { - Class<ICMSCRLExtension> crlExtClass = (Class<ICMSCRLExtension>) Class.forName(extClass); + Class<ICMSCRLExtension> crlExtClass = (Class<ICMSCRLExtension>) Class + .forName(extClass); if (crlExtClass != null) { - ICMSCRLExtension cmsCRLExt = crlExtClass.newInstance(); + ICMSCRLExtension cmsCRLExt = crlExtClass.newInstance(); if (cmsCRLExt != null) { - String id = cmsCRLExt.getCRLExtOID(); + String id = cmsCRLExt.getCRLExtOID(); if (id != null) { mCRLExtensionIDs.put(id, extName); @@ -371,37 +414,48 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { } } } catch (ClassCastException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INCORRECT_CLASS", extClass, e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_INCORRECT_CLASS", extClass, + e.toString())); } catch (ClassNotFoundException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_FOUND", extClass, e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_CLASS_NOT_FOUND", extClass, + e.toString())); } catch (InstantiationException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_INST", extClass, e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_CLASS_NOT_INST", extClass, + e.toString())); } catch (IllegalAccessException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_ACCESS", extClass, e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_CLASS_NOT_ACCESS", extClass, + e.toString())); } } else { if (mDefaultCRLExtensionClassNames.containsKey(extName)) { - extClass = mCRLExtensionClassNames.get(extName); + extClass = mCRLExtensionClassNames.get(extName); extConfig.putString(PROP_CLASS, extClass); modifiedConfig = true; } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_DEFINED", extName)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_CLASS_NOT_DEFINED", extName)); } } catch (EPropertyNotFound e) { if (mDefaultCRLExtensionClassNames.containsKey(extName)) { - extClass = mDefaultCRLExtensionClassNames.get(extName); + extClass = mDefaultCRLExtensionClassNames.get(extName); extConfig.putString(PROP_CLASS, extClass); modifiedConfig = true; } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_MISSING", extName)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_CLASS_MISSING", extName)); } catch (EBaseException e) { if (mDefaultCRLExtensionClassNames.containsKey(extName)) { - extClass = mDefaultCRLExtensionClassNames.get(extName); + extClass = mDefaultCRLExtensionClassNames.get(extName); extConfig.putString(PROP_CLASS, extClass); modifiedConfig = true; } - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_INVALID", extName)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_CLASS_INVALID", extName)); } return modifiedConfig; } @@ -415,9 +469,8 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { } public boolean isCRLExtensionEnabled(String extName) { - return ((mCRLExtensionNames.contains(extName) || - mCRLEntryExtensionNames.contains(extName)) && - mEnabledCRLExtensions.contains(extName)); + return ((mCRLExtensionNames.contains(extName) || mCRLEntryExtensionNames + .contains(extName)) && mEnabledCRLExtensions.contains(extName)); } public boolean isCRLExtensionCritical(String extName) { @@ -428,7 +481,7 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { String name = null; if (mCRLExtensionIDs.containsKey(id)) { - name = mCRLExtensionIDs.get(id); + name = mCRLExtensionIDs.get(id); } return name; } @@ -438,29 +491,34 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { } public Vector<String> getCRLEntryExtensionNames() { - return new Vector<String>( mCRLEntryExtensionNames); + return new Vector<String>(mCRLEntryExtensionNames); } - public void addToCRLExtensions(CRLExtensions crlExts, String extName, Extension ext) { + public void addToCRLExtensions(CRLExtensions crlExts, String extName, + Extension ext) { if (mCRLExtensionClassNames.containsKey(extName)) { - String name = mCRLExtensionClassNames.get(extName); + String name = mCRLExtensionClassNames.get(extName); try { - Class<ICMSCRLExtension > extClass = (Class<ICMSCRLExtension>) Class.forName(name); + Class<ICMSCRLExtension> extClass = (Class<ICMSCRLExtension>) Class + .forName(name); if (extClass != null) { ICMSCRLExtension cmsCRLExt = extClass.newInstance(); if (cmsCRLExt != null) { if (ext != null) { - if (isCRLExtensionCritical(extName) ^ ext.isCritical()) { - ext = (Extension) cmsCRLExt.setCRLExtensionCriticality( - ext, isCRLExtensionCritical(extName)); + if (isCRLExtensionCritical(extName) + ^ ext.isCritical()) { + ext = (Extension) cmsCRLExt + .setCRLExtensionCriticality(ext, + isCRLExtensionCritical(extName)); } } else { - ext = (Extension) cmsCRLExt.getCRLExtension(mCRLExtConfig.getSubStore(extName), - mCRLIssuingPoint, - isCRLExtensionCritical(extName)); + ext = (Extension) cmsCRLExt.getCRLExtension( + mCRLExtConfig.getSubStore(extName), + mCRLIssuingPoint, + isCRLExtensionCritical(extName)); } if (crlExts != null && ext != null) { @@ -469,15 +527,24 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { } } } catch (ClassCastException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_INCORRECT_CLASS", name, e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_INCORRECT_CLASS", name, + e.toString())); } catch (ClassNotFoundException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_FOUND", name, e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_CLASS_NOT_FOUND", name, + e.toString())); } catch (InstantiationException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_INST", name, e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_INST", + name, e.toString())); } catch (IllegalAccessException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_ACCESS", name, e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_CLASS_NOT_ACCESS", name, + e.toString())); } catch (IOException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_ADD", name, e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_CLASS_ADD", name, e.toString())); } } } @@ -485,22 +552,18 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { public NameValuePairs getConfigParams(String id) { NameValuePairs nvp = null; - if (mCRLEntryExtensionNames.contains(id) || - mCRLExtensionNames.contains(id)) { + if (mCRLEntryExtensionNames.contains(id) + || mCRLExtensionNames.contains(id)) { nvp = new NameValuePairs(); /* - if (mCRLEntryExtensionNames.contains(id)) { - nvp.add(Constants.PR_CRLEXT_IMPL_NAME, "CRLEntryExtension"); - } else { - nvp.add(Constants.PR_CRLEXT_IMPL_NAME, "CRLExtension"); - } - - if (mCRLEntryExtensionNames.contains(id)) { - nvp.add(PROP_TYPE, "CRLEntryExtension"); - } else { - nvp.add(PROP_TYPE, "CRLExtension"); - } + * if (mCRLEntryExtensionNames.contains(id)) { + * nvp.add(Constants.PR_CRLEXT_IMPL_NAME, "CRLEntryExtension"); } + * else { nvp.add(Constants.PR_CRLEXT_IMPL_NAME, "CRLExtension"); } + * + * if (mCRLEntryExtensionNames.contains(id)) { nvp.add(PROP_TYPE, + * "CRLEntryExtension"); } else { nvp.add(PROP_TYPE, + * "CRLExtension"); } */ if (mEnabledCRLExtensions.contains(id)) { @@ -515,7 +578,7 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { } if (mCRLExtensionClassNames.containsKey(id)) { - String name = mCRLExtensionClassNames.get(id); + String name = mCRLExtensionClassNames.get(id); if (name != null) { @@ -523,18 +586,26 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { Class<?> extClass = Class.forName(name); if (extClass != null) { - ICMSCRLExtension cmsCRLExt = (ICMSCRLExtension) extClass.newInstance(); + ICMSCRLExtension cmsCRLExt = (ICMSCRLExtension) extClass + .newInstance(); if (cmsCRLExt != null) { - cmsCRLExt.getConfigParams(mCRLExtConfig.getSubStore(id), nvp); + cmsCRLExt.getConfigParams( + mCRLExtConfig.getSubStore(id), nvp); } } } catch (ClassNotFoundException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_FOUND", name, e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_CLASS_NOT_FOUND", name, + e.toString())); } catch (InstantiationException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_INST", name, e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_CLASS_NOT_INST", name, + e.toString())); } catch (IllegalAccessException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_CLASS_NOT_ACCESS", name, e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_CLASS_NOT_ACCESS", name, + e.toString())); } int i = name.lastIndexOf('.'); @@ -552,13 +623,15 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { return nvp; } - public void setConfigParams(String id, NameValuePairs nvp, IConfigStore config) { - ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_CA); + public void setConfigParams(String id, NameValuePairs nvp, + IConfigStore config) { + ICertificateAuthority ca = (ICertificateAuthority) CMS + .getSubsystem(CMS.SUBSYSTEM_CA); String ipId = nvp.getValue("id"); - ICRLIssuingPoint ip = null; - if(ipId != null && ca != null) { - ip = ca.getCRLIssuingPoint(ipId); + ICRLIssuingPoint ip = null; + if (ipId != null && ca != null) { + ip = ca.getCRLIssuingPoint(ipId); } for (int i = 0; i < nvp.size(); i++) { @@ -567,8 +640,8 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { String value = p.getValue(); if (name.equals(PROP_ENABLE)) { - if (!(value.equals(Constants.TRUE) || - value.equals(Constants.FALSE))) { + if (!(value.equals(Constants.TRUE) || value + .equals(Constants.FALSE))) { continue; } if (value.equals(Constants.TRUE)) { @@ -582,8 +655,8 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { } if (name.equals(PROP_CRITICAL)) { - if (!(value.equals(Constants.TRUE) || - value.equals(Constants.FALSE))) { + if (!(value.equals(Constants.TRUE) || value + .equals(Constants.FALSE))) { continue; } if (value.equals(Constants.TRUE)) { @@ -595,68 +668,82 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { mCriticalCRLExtensions.remove(id); } } - //Sync the onlyContainsCACerts with similar property in CRLIssuingPoint - //called caCertsOnly. - if(name.equals(CMSIssuingDistributionPointExtension.PROP_CACERTS)) { + // Sync the onlyContainsCACerts with similar property in + // CRLIssuingPoint + // called caCertsOnly. + if (name.equals(CMSIssuingDistributionPointExtension.PROP_CACERTS)) { NameValuePairs crlIssuingPointPairs = null; boolean crlCACertsOnly = false; boolean issuingDistPointExtEnabled = false; - CMSCRLExtensions cmsCRLExtensions = (CMSCRLExtensions) ip.getCRLExtensions(); - if(cmsCRLExtensions != null) { - issuingDistPointExtEnabled = cmsCRLExtensions.isCRLExtensionEnabled(IssuingDistributionPointExtension.NAME); + CMSCRLExtensions cmsCRLExtensions = (CMSCRLExtensions) ip + .getCRLExtensions(); + if (cmsCRLExtensions != null) { + issuingDistPointExtEnabled = cmsCRLExtensions + .isCRLExtensionEnabled(IssuingDistributionPointExtension.NAME); } - CMS.debug("issuingDistPointExtEnabled = " + issuingDistPointExtEnabled); + CMS.debug("issuingDistPointExtEnabled = " + + issuingDistPointExtEnabled); - if (!(value.equals(Constants.TRUE) || - value.equals(Constants.FALSE))) { + if (!(value.equals(Constants.TRUE) || value + .equals(Constants.FALSE))) { continue; } - //Get value of caCertsOnly from CRLIssuingPoint - if((ip != null) && (issuingDistPointExtEnabled == true)) { + // Get value of caCertsOnly from CRLIssuingPoint + if ((ip != null) && (issuingDistPointExtEnabled == true)) { crlCACertsOnly = ip.isCACertsOnly(); CMS.debug("CRLCACertsOnly is: " + crlCACertsOnly); crlIssuingPointPairs = new NameValuePairs(); - + } String newValue = ""; boolean modifiedCRLConfig = false; - //If the CRLCACertsOnly prop is false change it to true to sync. - if(value.equals(Constants.TRUE) && (issuingDistPointExtEnabled == true)) { - if(crlCACertsOnly == false) { + // If the CRLCACertsOnly prop is false change it to true to + // sync. + if (value.equals(Constants.TRUE) + && (issuingDistPointExtEnabled == true)) { + if (crlCACertsOnly == false) { CMS.debug(" value = true and CRLCACertsOnly is already false."); - crlIssuingPointPairs.add(Constants.PR_CA_CERTS_ONLY, Constants.TRUE); + crlIssuingPointPairs.add(Constants.PR_CA_CERTS_ONLY, + Constants.TRUE); newValue = Constants.TRUE; ip.updateConfig(crlIssuingPointPairs); modifiedCRLConfig = true; } } - //If the CRLCACertsOnly prop is true change it to false to sync. - if(value.equals(Constants.FALSE) && (issuingDistPointExtEnabled == true)) { - crlIssuingPointPairs.add(Constants.PR_CA_CERTS_ONLY, Constants.FALSE); - if(ip != null) { + // If the CRLCACertsOnly prop is true change it to false to + // sync. + if (value.equals(Constants.FALSE) + && (issuingDistPointExtEnabled == true)) { + crlIssuingPointPairs.add(Constants.PR_CA_CERTS_ONLY, + Constants.FALSE); + if (ip != null) { ip.updateConfig(crlIssuingPointPairs); newValue = Constants.FALSE; modifiedCRLConfig = true; } } - - if(modifiedCRLConfig == true) { - //Commit to this CRL IssuingPoint's config store - ICertificateAuthority CA = (ICertificateAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_CA); + + if (modifiedCRLConfig == true) { + // Commit to this CRL IssuingPoint's config store + ICertificateAuthority CA = (ICertificateAuthority) CMS + .getSubsystem(CMS.SUBSYSTEM_CA); IConfigStore crlsSubStore = CA.getConfigStore(); - crlsSubStore = crlsSubStore.getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE); + crlsSubStore = crlsSubStore + .getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE); crlsSubStore = crlsSubStore.getSubStore(ipId); try { - crlsSubStore.putString(Constants.PR_CA_CERTS_ONLY,newValue); + crlsSubStore.putString(Constants.PR_CA_CERTS_ONLY, + newValue); crlsSubStore.commit(true); } catch (EBaseException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CRLEXTS_SAVE_CONF", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_CA_CRLEXTS_SAVE_CONF", e.toString())); } } } @@ -691,7 +778,6 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { private void log(int level, String msg) { mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_CA, level, - "CMSCRLExtension - " + msg); + "CMSCRLExtension - " + msg); } } - |