diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/certsrv/kra')
8 files changed, 212 insertions, 211 deletions
diff --git a/pki/base/common/src/com/netscape/certsrv/kra/EKRAException.java b/pki/base/common/src/com/netscape/certsrv/kra/EKRAException.java index 869c8c60..9ab4a238 100644 --- a/pki/base/common/src/com/netscape/certsrv/kra/EKRAException.java +++ b/pki/base/common/src/com/netscape/certsrv/kra/EKRAException.java @@ -17,13 +17,16 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.kra; + import com.netscape.certsrv.base.EBaseException; + /** - * A class represents a KRA exception. This is the base exception for all the - * KRA specific exceptions. It is associated with <CODE>KRAResources</CODE>. + * A class represents a KRA exception. This is the base + * exception for all the KRA specific exceptions. It is + * associated with <CODE>KRAResources</CODE>. * <P> - * + * * @version $Revision$, $Date$ */ public class EKRAException extends EBaseException { @@ -36,12 +39,11 @@ public class EKRAException extends EBaseException { * KRA resource class name. * <P> */ - private static final String KRA_RESOURCES = KRAResources.class.getName(); + private static final String KRA_RESOURCES = KRAResources.class.getName(); /** * Constructs a KRA exception. * <P> - * * @param msgFormat constant from KRAResources. */ public EKRAException(String msgFormat) { @@ -51,7 +53,6 @@ public class EKRAException extends EBaseException { /** * Constructs a KRA exception. * <P> - * * @param msgFormat constant from KRAResources. * @param param additional parameters to the message. */ @@ -62,7 +63,6 @@ public class EKRAException extends EBaseException { /** * Constructs a KRA exception. * <P> - * * @param msgFormat constant from KRAResources. * @param e embedded exception. */ @@ -73,7 +73,6 @@ public class EKRAException extends EBaseException { /** * Constructs a KRA exception. * <P> - * * @param msgFormat constant from KRAResources. * @param params additional parameters to the message. */ @@ -84,7 +83,6 @@ public class EKRAException extends EBaseException { /** * Returns the bundle file name. * <P> - * * @return name of bundle class associated with this exception. */ protected String getBundleName() { diff --git a/pki/base/common/src/com/netscape/certsrv/kra/IJoinShares.java b/pki/base/common/src/com/netscape/certsrv/kra/IJoinShares.java index 35366c39..e130b95c 100644 --- a/pki/base/common/src/com/netscape/certsrv/kra/IJoinShares.java +++ b/pki/base/common/src/com/netscape/certsrv/kra/IJoinShares.java @@ -18,19 +18,16 @@ package com.netscape.certsrv.kra; /** - * Use Java's reflection API to leverage CMS's old Share and JoinShares - * implementations. - * + * Use Java's reflection API to leverage CMS's + * old Share and JoinShares implementations. + * * @deprecated * @version $Revision$ $Date$ */ public interface IJoinShares { public void initialize(int threshold) throws Exception; - public void addShare(int shareNum, byte[] share); - public int getShareCount(); - public byte[] recoverSecret(); } diff --git a/pki/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java b/pki/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java index 257232a4..b268073e 100644 --- a/pki/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java +++ b/pki/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.kra; + import java.util.Enumeration; import java.util.Hashtable; import java.util.Vector; @@ -37,11 +38,13 @@ import com.netscape.certsrv.security.Credential; import com.netscape.certsrv.security.IStorageKeyUnit; import com.netscape.certsrv.security.ITransportKeyUnit; + /** - * An interface represents key recovery authority. The key recovery authority is - * responsibile for archiving and recovering user encryption private keys. + * An interface represents key recovery authority. The + * key recovery authority is responsibile for archiving + * and recovering user encryption private keys. * <P> - * + * * @version $Revision$, $Date$ */ public interface IKeyRecoveryAuthority extends ISubsystem { @@ -68,7 +71,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem { /** * Returns the name of this subsystem. * <P> - * + * * @return KRA name */ public X500Name getX500Name(); @@ -76,28 +79,30 @@ public interface IKeyRecoveryAuthority extends ISubsystem { /** * Retrieves KRA request repository. * <P> - * + * * @return request repository */ public IRequestQueue getRequestQueue(); /** - * Retrieves the key repository. The key repository stores archived keys. + * Retrieves the key repository. The key repository + * stores archived keys. * <P> */ public IKeyRepository getKeyRepository(); /** * Retrieves the Replica ID repository. - * + * * @return KRA's Replica ID repository */ public IReplicaIDRepository getReplicaRepository(); /** - * Enables the auto recovery state. Once KRA is in the auto recovery state, - * no recovery agents need to be present for providing credentials. This - * feature is for enabling user-based recovery operation. + * Enables the auto recovery state. Once KRA is in the auto + * recovery state, no recovery agents need to be present for + * providing credentials. This feature is for enabling + * user-based recovery operation. * <p> * * @param cs list of agent credentials @@ -108,16 +113,17 @@ public interface IKeyRecoveryAuthority extends ISubsystem { /** * Returns the current auto recovery state. - * + * * @return true if auto recvoery state is on */ public boolean getAutoRecoveryState(); /** - * Adds credentials to the given authorizated recovery operation. In - * distributed recovery mode, recovery agent login to the agent interface - * and submit its credential for a particular recovery operation. - * + * Adds credentials to the given authorizated recovery operation. + * In distributed recovery mode, recovery agent login to the + * agent interface and submit its credential for a particular + * recovery operation. + * * @param id authorization identifier * @param creds list of credentials */ @@ -125,129 +131,131 @@ public interface IKeyRecoveryAuthority extends ISubsystem { /** * Removes a particular auto recovery operation. - * + * * @param id authorization identifier */ public void removeAutoRecovery(String id); /** - * Returns the number of required agents. In M-out-of-N recovery schema, - * only M agents are required even there are N agents. This method returns - * M. - * + * Returns the number of required agents. In M-out-of-N + * recovery schema, only M agents are required even there + * are N agents. This method returns M. + * * @return number of required agents */ public int getNoOfRequiredAgents() throws EBaseException; /** * Sets the number of required recovery agents - * + * * @param number number of agents */ public void setNoOfRequiredAgents(int number) throws EBaseException; /** * Returns the current recovery identifier. - * + * * @return recovery identifier */ public String getRecoveryID(); /** * Returns a list of recovery identifiers. - * + * * @return list of auto recovery identifiers */ public Enumeration getAutoRecoveryIDs(); /** - * Returns the storage key unit that manages the stoarge key. - * + * Returns the storage key unit that manages the + * stoarge key. + * * @return storage key unit */ public IStorageKeyUnit getStorageKeyUnit(); /** - * Returns the transport key unit that manages the transport key. - * + * Returns the transport key unit that manages the + * transport key. + * * @return transport key unit */ public ITransportKeyUnit getTransportKeyUnit(); /** - * Returns the token that generates user key pairs for supporting - * server-side keygen - * + * Returns the token that generates user key pairs for supporting server-side keygen + * * @return keygen token */ public CryptoToken getKeygenToken(); /** * Adds entropy to the token used for supporting server-side keygen - * Parameters are set in the config file - * - * @param logflag create log messages at info level to report entropy - * shortage + * Parameters are set in the config file + * @param logflag create log messages at info level to report entropy shortage */ - public void addEntropy(boolean logflag); + public void addEntropy(boolean logflag); + /** - * Returns the request listener that listens on the request completion - * event. - * + * Returns the request listener that listens on + * the request completion event. + * * @return request listener */ public IRequestListener getRequestInQListener(); /** - * Returns policy processor of the key recovery authority. - * + * Returns policy processor of the key recovery + * authority. + * * @return policy processor */ public IPolicyProcessor getPolicyProcessor(); /** * Returns the nickname of the transport certificate. - * + * * @return transport certificate nickname. */ public String getNickname(); /** * Sets the nickname of the transport certificate. - * + * * @param str nickname */ public void setNickname(String str); /** * Returns the new nickname of the transport certifiate. - * + * * @return new nickname */ public String getNewNickName() throws EBaseException; /** * Sets the new nickname of the transport certifiate. - * + * * @param name new nickname */ public void setNewNickName(String name); /** * Logs event into key recovery authority logging. - * + * * @param level log level * @param msg log message */ public void log(int level, String msg); /** - * Creates a request object to store attributes that will not be serialized. - * Currently, request queue framework will try to serialize all the - * attribute into persistent storage. Things like passwords are not + * Creates a request object to store attributes that + * will not be serialized. Currently, request queue + * framework will try to serialize all the attribute into + * persistent storage. Things like passwords are not * desirable to be stored. - * + * * @param id request id * @return volatile requests */ @@ -255,7 +263,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem { /** * Retrieves the request object. - * + * * @param id request id * @return volatile requests */ @@ -263,30 +271,32 @@ public interface IKeyRecoveryAuthority extends ISubsystem { /** * Destroys the request object. - * + * * @param id request id */ public void destroyVolatileRequest(RequestId id); - public Vector getAppAgents(String recoveryID) throws EBaseException; + public Vector getAppAgents( + String recoveryID) throws EBaseException; /** * Creates error for a specific recovery operation. - * + * * @param recoveryID recovery id * @param error error * @exception EBaseException failed to create error */ public void createError(String recoveryID, String error) - throws EBaseException; + throws EBaseException; /** * Retrieves error by recovery identifier. - * + * * @param recoveryID recovery id * @return error message */ - public String getError(String recoveryID) throws EBaseException; + public String getError(String recoveryID) + throws EBaseException; /** * Retrieves PKCS12 package by recovery identifier. @@ -294,16 +304,17 @@ public interface IKeyRecoveryAuthority extends ISubsystem { * @param recoveryID recovery id * @return pkcs12 package in bytes */ - public byte[] getPk12(String recoveryID) throws EBaseException; + public byte[] getPk12(String recoveryID) + throws EBaseException; /** * Creates PKCS12 package in memory. - * + * * @param recoveryID recovery id * @param pk12 package in bytes - */ + */ public void createPk12(String recoveryID, byte[] pk12) - throws EBaseException; + throws EBaseException; /** * Retrieves the transport certificate. diff --git a/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java b/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java index 0e348a57..5785aeb0 100644 --- a/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java +++ b/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.kra; + import java.math.BigInteger; import java.util.Hashtable; @@ -25,65 +26,63 @@ import netscape.security.x509.X509CertImpl; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.security.Credential; + /** * An interface representing a recovery service. * <P> - * + * * @version $Revision$, $Date$ */ public interface IKeyService { /** - * Retrieves number of agent required to perform key recovery operation. + * Retrieves number of agent required to perform + * key recovery operation. * * @return number of required recovery agents * @exception EBaseException failed to retrieve value */ public int getNoOfRequiredAgents() throws EBaseException; - /** - * is async recovery request status APPROVED - i.e. all required # of - * recovery agents approved - * - * @param reqID request id - * @return true if # of recovery required agents approved; false otherwise - */ + /** + * is async recovery request status APPROVED - + * i.e. all required # of recovery agents approved + * @param reqID request id + * @return true if # of recovery required agents approved; false otherwise + */ public boolean isApprovedAsyncKeyRecovery(String reqID) - throws EBaseException; + throws EBaseException; - /** - * get async recovery request initiating agent - * - * @param reqID request id - * @return agentUID - */ + /** + * get async recovery request initiating agent + * @param reqID request id + * @return agentUID + */ public String getInitAgentAsyncKeyRecovery(String reqID) - throws EBaseException; + throws EBaseException; /** * Initiate asynchronous key recovery - * * @param kid key identifier * @param cert certificate embedded in PKCS12 * @return requestId * @exception EBaseException failed to initiate async recovery */ - public String initAsyncKeyRecovery(BigInteger kid, X509CertImpl cert, - String agent) throws EBaseException; + public String initAsyncKeyRecovery(BigInteger kid, X509CertImpl cert, String agent) + throws EBaseException; /** * add approving agent in asynchronous key recovery - * * @param reqID request id * @param agentID agent id * @exception EBaseException failed to initiate async recovery */ public void addAgentAsyncKeyRecovery(String reqID, String agentID) - throws EBaseException; + throws EBaseException; /** * Performs administrator-initiated key recovery. - * + * * @param kid key identifier * @param creds list of credentials (id and password) * @param pwd password to protect PKCS12 @@ -92,84 +91,88 @@ public interface IKeyService { * @return pkcs12 * @exception EBaseException failed to perform recovery */ - public byte[] doKeyRecovery(BigInteger kid, Credential creds[], String pwd, - X509CertImpl cert, String delivery, String nickname, String agent) - throws EBaseException; + public byte[] doKeyRecovery(BigInteger kid, + Credential creds[], String pwd, X509CertImpl cert, + String delivery, String nickname, String agent) throws EBaseException; - /** - * Async Recovers key for administrators. This method is invoked by the - * agent operation of the key recovery servlet. + /** + * Async Recovers key for administrators. This method is + * invoked by the agent operation of the key recovery servlet. * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST used whenever * a user private key recovery request is made (this is when the DRM * receives the request) - * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST_PROCESSED used - * whenever a user private key recovery request is processed (this is when - * the DRM processes the request) + * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST_PROCESSED used whenever + * a user private key recovery request is processed (this is when the DRM + * processes the request) * </ul> - * - * @param reqID request id - * @param password password of the PKCS12 package subsystem + * @param reqID request id + * @param password password of the PKCS12 package + * subsystem * @exception EBaseException failed to recover key * @return a byte array containing the key */ - public byte[] doKeyRecovery(String reqID, String password) - throws EBaseException; + public byte[] doKeyRecovery( + String reqID, + String password) + throws EBaseException; /** * Retrieves recovery identifier. - * + * * @return recovery id */ public String getRecoveryID(); /** * Creates recovery parameters for the given recovery operation. - * + * * @param recoveryID recovery id * @return recovery parameters * @exception EBaseException failed to create */ - public Hashtable createRecoveryParams(String recoveryID) - throws EBaseException; + public Hashtable createRecoveryParams(String recoveryID) + throws EBaseException; /** * Destroys recovery parameters for the given recovery operation. - * + * * @param recoveryID recovery id * @exception EBaseException failed to destroy */ - public void destroyRecoveryParams(String recoveryID) throws EBaseException; + public void destroyRecoveryParams(String recoveryID) + throws EBaseException; /** * Retrieves recovery parameters for the given recovery operation. - * + * * @param recoveryID recovery id * @return recovery parameters * @exception EBaseException failed to retrieve */ - public Hashtable getRecoveryParams(String recoveryID) throws EBaseException; + public Hashtable getRecoveryParams(String recoveryID) + throws EBaseException; /** * Adds password in the distributed recovery operation. - * + * * @param recoveryID recovery id * @param uid agent uid * @param pwd agent password * @exception EBaseException failed to add */ - public void addDistributedCredential(String recoveryID, String uid, - String pwd) throws EBaseException; + public void addDistributedCredential(String recoveryID, + String uid, String pwd) throws EBaseException; /** * Retrieves credentials in the distributed recovery operation. - * + * * @param recoveryID recovery id * @return agent's credentials * @exception EBaseException failed to retrieve */ - public Credential[] getDistributedCredentials(String recoveryID) - throws EBaseException; + public Credential[] getDistributedCredentials(String recoveryID) + throws EBaseException; } diff --git a/pki/base/common/src/com/netscape/certsrv/kra/IProofOfArchival.java b/pki/base/common/src/com/netscape/certsrv/kra/IProofOfArchival.java index 20ac336e..1b484b66 100644 --- a/pki/base/common/src/com/netscape/certsrv/kra/IProofOfArchival.java +++ b/pki/base/common/src/com/netscape/certsrv/kra/IProofOfArchival.java @@ -17,14 +17,15 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.kra; + import java.math.BigInteger; import java.util.Date; + /** * An interface represents a proof of archival. * <P> * Here is the ASN1 definition of a proof of escrow: - * * <PRE> * ProofOfArchival ::= SIGNED { * SEQUENCE { @@ -45,35 +46,35 @@ public interface IProofOfArchival { /** * Retrieves version of this proof. - * + * * @return version */ public BigInteger getVersion(); /** * Retrieves the serial number. - * + * * @return serial number */ public BigInteger getSerialNumber(); /** * Retrieves the subject name. - * + * * @return subject name */ public String getSubjectName(); /** * Retrieves the issuer name. - * + * * @return issuer name */ public String getIssuerName(); /** * Returns the beginning of the escrowed perioid. - * + * * @return date of archival */ public Date getDateOfArchival(); diff --git a/pki/base/common/src/com/netscape/certsrv/kra/IShare.java b/pki/base/common/src/com/netscape/certsrv/kra/IShare.java index 92eaf319..c4d58f0a 100644 --- a/pki/base/common/src/com/netscape/certsrv/kra/IShare.java +++ b/pki/base/common/src/com/netscape/certsrv/kra/IShare.java @@ -18,16 +18,15 @@ package com.netscape.certsrv.kra; /** - * Use Java's reflection API to leverage CMS's old Share and JoinShares - * implementations. - * + * Use Java's reflection API to leverage CMS's + * old Share and JoinShares implementations. + * * @deprecated * @version $Revision$ $Date$ */ public interface IShare { public void initialize(byte[] secret, int threshold) throws Exception; - public byte[] createShare(int sharenumber); } diff --git a/pki/base/common/src/com/netscape/certsrv/kra/KRAResources.java b/pki/base/common/src/com/netscape/certsrv/kra/KRAResources.java index 0a0da2aa..40e0ee17 100644 --- a/pki/base/common/src/com/netscape/certsrv/kra/KRAResources.java +++ b/pki/base/common/src/com/netscape/certsrv/kra/KRAResources.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.kra; + import java.util.ListResourceBundle; + /** * A class represents a resource bundle for KRA subsystem. * <P> @@ -34,5 +36,6 @@ public class KRAResources extends ListResourceBundle { return contents; } - static final Object[][] contents = {}; + static final Object[][] contents = { + }; } diff --git a/pki/base/common/src/com/netscape/certsrv/kra/ProofOfArchival.java b/pki/base/common/src/com/netscape/certsrv/kra/ProofOfArchival.java index d922498e..a2742809 100644 --- a/pki/base/common/src/com/netscape/certsrv/kra/ProofOfArchival.java +++ b/pki/base/common/src/com/netscape/certsrv/kra/ProofOfArchival.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.kra; + import java.io.IOException; import java.io.InputStream; import java.io.Serializable; @@ -41,15 +42,17 @@ import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.dbs.IDBObj; + /** - * A class represents a proof of escrow. It indicates a key pairs have been - * escrowed by appropriate authority. The structure of this object is very - * similar (if not exact) to X.509 certificate. A proof of escrow is signed by - * an escrow authority. It is possible to have a CMS policy to reject the - * certificate issuance request if proof of escrow is not presented. + * A class represents a proof of escrow. It indicates a key + * pairs have been escrowed by appropriate authority. The + * structure of this object is very similar (if not exact) to + * X.509 certificate. A proof of escrow is signed by an escrow + * authority. It is possible to have a CMS policy to reject + * the certificate issuance request if proof of escrow is not + * presented. * <P> * Here is the ASN1 definition of a proof of escrow: - * * <PRE> * ProofOfEscrow ::= SIGNED { * SEQUENCE { @@ -103,14 +106,13 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { /** * Constructs a proof of escrow. * <P> - * * @param serialNo serial number of proof * @param subject subject name * @param issuer issuer name * @param dateOfArchival date of archival */ - public ProofOfArchival(BigInteger serialNo, String subject, String issuer, - Date dateOfArchival) { + public ProofOfArchival(BigInteger serialNo, String subject, + String issuer, Date dateOfArchival) { mVersion = DEFAULT_VERSION; mSerialNo = serialNo; mSubject = subject; @@ -121,7 +123,6 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { /** * Constructs proof of escrow from input stream. * <P> - * * @param in encoding source * @exception EBaseException failed to decode */ @@ -132,7 +133,6 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { /** * Sets an attribute value. * <P> - * * @param name attribute name * @param obj attribute value * @exception EBaseException failed to set attribute @@ -149,15 +149,14 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { } else if (name.equals(ATTR_DATE_OF_ARCHIVAL)) { mDateOfArchival = (Date) obj; } else { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException( + CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } } /** * Retrieves the value of an named attribute. * <P> - * * @param name attribute name * @return attribute value * @exception EBaseException failed to get attribute @@ -174,27 +173,26 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { } else if (name.equals(ATTR_DATE_OF_ARCHIVAL)) { return mDateOfArchival; } else { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException( + CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } } - + /** * Deletes an attribute. * <P> - * * @param name attribute name * @exception EBaseException failed to get attribute */ public void delete(String name) throws EBaseException { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException( + CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } - + /** * Retrieves a list of possible attribute names. * <P> - * + * * @return a list of names */ public Enumeration getElements() { @@ -209,12 +207,11 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { public Enumeration getSerializableAttrNames() { return mNames.elements(); } - + /** * Retrieves version of this proof. * <P> - * - * @return version + * @return version */ public BigInteger getVersion() { return mVersion; @@ -223,8 +220,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { /** * Retrieves the serial number. * <P> - * - * @return serial number + * @return serial number */ public BigInteger getSerialNumber() { return mSerialNo; @@ -233,7 +229,6 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { /** * Retrieves the subject name. * <P> - * * @return subject name */ public String getSubjectName() { @@ -243,7 +238,6 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { /** * Retrieves the issuer name. * <P> - * * @return issuer name */ public String getIssuerName() { @@ -253,7 +247,6 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { /** * Returns the beginning of the escrowed perioid. * <P> - * * @return date of archival */ public Date getDateOfArchival() { @@ -261,7 +254,8 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { } /** - * Encodes this proof of escrow into the given output stream. + * Encodes this proof of escrow into the given + * output stream. * <P> */ public void encode(DerOutputStream out) throws EBaseException { @@ -273,10 +267,11 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { DerOutputStream version = new DerOutputStream(); version.putInteger(new BigInt(mVersion)); - seq.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, - (byte) 0), version); + seq.write(DerValue.createTag( + DerValue.TAG_CONTEXT, true, (byte) 0), + version); } - + // serial number DerOutputStream serialno = new DerOutputStream(); @@ -294,11 +289,10 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { // issue date seq.putUTCTime(mDateOfArchival); - out.write(DerValue.tag_Sequence, seq); + out.write(DerValue.tag_Sequence, seq); } catch (IOException e) { - throw new EKRAException(CMS.getUserMessage( - "CMS_KRA_POA_DECODE_FAILED", e.toString())); + throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED", e.toString())); } } @@ -306,8 +300,9 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { * Encodes and signs this proof of escrow. * <P> */ - public void encodeAndSign(PrivateKey key, String algorithm, - String provider, DerOutputStream out) throws EBaseException { + public void encodeAndSign(PrivateKey key, String algorithm, + String provider, DerOutputStream out) + throws EBaseException { try { Signature sigEngine = null; @@ -315,7 +310,8 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { if (provider == null) { sigEngine = Signature.getInstance(algorithm); } else { - sigEngine = Signature.getInstance(algorithm, provider); + sigEngine = Signature.getInstance(algorithm, + provider); } sigEngine.initSign(key); @@ -323,7 +319,8 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { encode(tmp); - AlgorithmId sigAlgId = AlgorithmId.get(sigEngine.getAlgorithm()); + AlgorithmId sigAlgId = AlgorithmId.get( + sigEngine.getAlgorithm()); sigAlgId.encode(tmp); byte dataToSign[] = tmp.toByteArray(); @@ -335,20 +332,15 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { out.write(DerValue.tag_Sequence, tmp); return; } catch (NoSuchAlgorithmException e) { - throw new EKRAException(CMS.getUserMessage( - "CMS_KRA_POA_ENCODE_FAILED_1", e.toString())); + throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_ENCODE_FAILED_1", e.toString())); } catch (NoSuchProviderException e) { - throw new EKRAException(CMS.getUserMessage( - "CMS_KRA_POA_ENCODE_FAILED_1", e.toString())); + throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_ENCODE_FAILED_1", e.toString())); } catch (InvalidKeyException e) { - throw new EKRAException(CMS.getUserMessage( - "CMS_KRA_POA_ENCODE_FAILED_1", e.toString())); + throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_ENCODE_FAILED_1", e.toString())); } catch (SignatureException e) { - throw new EKRAException(CMS.getUserMessage( - "CMS_KRA_POA_ENCODE_FAILED_1", e.toString())); + throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_ENCODE_FAILED_1", e.toString())); } catch (IOException e) { - throw new EKRAException(CMS.getUserMessage( - "CMS_KRA_POA_ENCODE_FAILED_1", e.toString())); + throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_ENCODE_FAILED_1", e.toString())); } } @@ -365,7 +357,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { DerValue val = new DerValue(in); - DerValue seq[] = new DerValue[3]; + DerValue seq[] = new DerValue[3]; seq[0] = val.data.getDerValue(); if (seq[0].tag == DerValue.tag_Sequence) { @@ -373,15 +365,13 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { seq[1] = val.data.getDerValue(); seq[2] = val.data.getDerValue(); if (seq[1].data.available() != 0) { - throw new EKRAException( - CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED_1", - "no algorithm found")); + throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED_1", + "no algorithm found")); } if (seq[2].data.available() != 0) { - throw new EKRAException( - CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED_1", - "no signature found")); + throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED_1", + "no signature found")); } AlgorithmId algid = AlgorithmId.parse(seq[1]); @@ -393,8 +383,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { decodePOA(val, seq[0]); } } catch (IOException e) { - throw new EKRAException(CMS.getUserMessage( - "CMS_KRA_POA_DECODE_FAILED_1", e.toString())); + throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED_1", e.toString())); } } @@ -402,16 +391,15 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { * Decodes proof of escrow. * <P> */ - private void decodePOA(DerValue val, DerValue preprocessed) - throws EBaseException { + private void decodePOA(DerValue val, DerValue preprocessed) + throws EBaseException { try { DerValue tmp = null; if (preprocessed == null) { if (val.tag != DerValue.tag_Sequence) { - throw new EKRAException(CMS.getUserMessage( - "CMS_KRA_POA_DECODE_FAILED_1", - "not start with sequence")); + throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED_1", + "not start with sequence")); } tmp = val.data.getDerValue(); } else { @@ -441,7 +429,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { // mSubject = new X500Name(subject); // doesnt work mSubject = new String(subject.toByteArray()); - + // issuer DerValue issuer = val.data.getDerValue(); @@ -450,19 +438,20 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable { // date of archival mDateOfArchival = val.data.getUTCTime(); } catch (IOException e) { - throw new EKRAException(CMS.getUserMessage( - "CMS_KRA_POA_DECODE_FAILED_1", e.toString())); + throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED_1", e.toString())); } } /** - * Retrieves the string reprensetation of this proof of archival. + * Retrieves the string reprensetation of this + * proof of archival. */ public String toString() { - return "Version: " + mVersion.toString() + "\n" + "SerialNo: " - + mSerialNo.toString() + "\n" + "Subject: " + mSubject + "\n" - + "Issuer: " + mIssuer + "\n" + "DateOfArchival: " - + mDateOfArchival.toString(); + return "Version: " + mVersion.toString() + "\n" + + "SerialNo: " + mSerialNo.toString() + "\n" + + "Subject: " + mSubject + "\n" + + "Issuer: " + mIssuer + "\n" + + "DateOfArchival: " + mDateOfArchival.toString(); } } |