summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java748
1 files changed, 369 insertions, 379 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java b/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
index 63ac96e1..47b3c9f1 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
@@ -17,6 +17,7 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.servlet.cert;
+
import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.CertificateException;
@@ -67,9 +68,10 @@ import com.netscape.cms.servlet.common.CMSTemplate;
import com.netscape.cms.servlet.common.CMSTemplateParams;
import com.netscape.cms.servlet.common.ECMSGWException;
+
/**
* Revoke a certificate with a CMC-formatted revocation request
- *
+ *
* @version $Revision$, $Date$
*/
public class CMCRevReqServlet extends CMSServlet {
@@ -82,7 +84,7 @@ public class CMCRevReqServlet extends CMSServlet {
// revocation templates.
private final static String TPL_FILE = "revocationResult.template";
public static final String CRED_CMC = "cmcRequest";
-
+
private ICertificateRepository mCertDB = null;
private String mFormPath = null;
private IRequestQueue mQueue = null;
@@ -91,26 +93,29 @@ public class CMCRevReqServlet extends CMSServlet {
private final static String REVOKE = "revoke";
private final static String ON_HOLD = "on-hold";
private final static int ON_HOLD_REASON = 6;
- private final static String LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST = "LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_5";
- private final static String LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED = "LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED_7";
-
- // http params
+ private final static String
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST =
+ "LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_5";
+ private final static String
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED =
+ "LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED_7";
+
+ // http params
public static final String SERIAL_NO = TOKEN_CERT_SERIAL;
public static final String REASON_CODE = "reasonCode";
public static final String CHALLENGE_PHRASE = "challengePhrase";
// request attributes
public static final String SERIALNO_ARRAY = "serialNoArray";
-
+
public CMCRevReqServlet() {
super();
}
- /**
+ /**
* initialize the servlet.
- *
- * @param sc servlet configuration, read from the web.xml file
- */
+ * @param sc servlet configuration, read from the web.xml file
+ */
public void init(ServletConfig sc) throws ServletException {
super.init(sc);
@@ -121,65 +126,61 @@ public class CMCRevReqServlet extends CMSServlet {
mTemplates.remove(CMSRequest.SUCCESS);
if (mAuthority instanceof ICertificateAuthority) {
- mCertDB = ((ICertificateAuthority) mAuthority)
- .getCertificateRepository();
+ mCertDB = ((ICertificateAuthority) mAuthority).getCertificateRepository();
}
if (mAuthority instanceof ICertAuthority) {
- mPublisherProcessor = ((ICertAuthority) mAuthority)
- .getPublisherProcessor();
+ mPublisherProcessor = ((ICertAuthority) mAuthority).getPublisherProcessor();
}
mQueue = mAuthority.getRequestQueue();
if (mOutputTemplatePath != null)
mFormPath = mOutputTemplatePath;
}
- /**
- * Process the HTTP request.
- *
- * <ul>
- * <li>http.param cmcRequest the base-64 encoded CMC request
- * </ul>
- *
- * @param cmsReq the object holding the request and response information
+
+ /**
+ * Process the HTTP request.
+ *
+ * <ul>
+ * <li>http.param cmcRequest the base-64 encoded CMC request
+ * </ul>
+ * @param cmsReq the object holding the request and response information
*/
protected void process(CMSRequest cmsReq) throws EBaseException {
String cmcAgentSerialNumber = null;
IArgBlock httpParams = cmsReq.getHttpParams();
HttpServletRequest req = cmsReq.getHttpReq();
- HttpServletResponse resp = cmsReq.getHttpResp();
-
+ HttpServletResponse resp = cmsReq.getHttpResp();
+
CMSTemplate form = null;
Locale[] locale = new Locale[1];
- CMS.debug("**** mFormPath = " + mFormPath);
+CMS.debug("**** mFormPath = "+mFormPath);
try {
form = getTemplate(mFormPath, req, locale);
} catch (IOException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
- throw new ECMSGWException(
- CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
+ throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
}
EBaseException error = null;
IArgBlock header = CMS.createArgBlock();
IArgBlock ctx = CMS.createArgBlock();
CMSTemplateParams argSet = new CMSTemplateParams(header, ctx);
+
String cmc = (String) httpParams.get(CRED_CMC);
if (cmc == null) {
- throw new EMissingCredential(CMS.getUserMessage(
- "CMS_AUTHENTICATION_NULL_CREDENTIAL", CRED_CMC));
+ throw new EMissingCredential(
+ CMS.getUserMessage("CMS_AUTHENTICATION_NULL_CREDENTIAL", CRED_CMC));
}
IAuthToken authToken = authenticate(cmsReq);
AuthzToken authzToken = null;
try {
- authzToken = authorize(mAclMethod, authToken, mAuthzResourceName,
- "revoke");
+ authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, "revoke");
} catch (Exception e) {
// do nothing for now
}
@@ -189,10 +190,10 @@ public class CMCRevReqServlet extends CMSServlet {
return;
}
- // IAuthToken authToken = getAuthToken(cmsReq);
- // Object subject = authToken.get(CMCAuth.TOKEN_CERT_SERIAL);
- // Object uid = authToken.get("uid");
- // ===========================
+ //IAuthToken authToken = getAuthToken(cmsReq);
+ //Object subject = authToken.get(CMCAuth.TOKEN_CERT_SERIAL);
+ //Object uid = authToken.get("uid");
+ //===========================
String authMgr = AuditFormat.NOAUTH;
BigInteger[] serialNoArray = null;
@@ -200,38 +201,36 @@ public class CMCRevReqServlet extends CMSServlet {
serialNoArray = authToken.getInBigIntegerArray(TOKEN_CERT_SERIAL);
}
- Integer reasonCode = Integer.valueOf(0);
- if (authToken != null) {
+ Integer reasonCode = Integer.valueOf(0);
+ if (authToken != null) {
reasonCode = authToken.getInInteger(REASON_CODE);
}
- RevocationReason reason = RevocationReason.fromInt(reasonCode
- .intValue());
+ RevocationReason reason = RevocationReason.fromInt(reasonCode.intValue());
String comments = "";
Date invalidityDate = null;
String revokeAll = null;
int verifiedRecordCount = 0;
int totalRecordCount = 0;
-
+
if (serialNoArray != null) {
totalRecordCount = serialNoArray.length;
verifiedRecordCount = serialNoArray.length;
}
-
+
X509CertImpl[] certs = null;
- // for audit log.
+ //for audit log.
String initiative = null;
if (mAuthMgr != null && mAuthMgr.equals("CMCAuth")) {
// request is from agent
if (authToken != null) {
- authMgr = authToken
- .getInString(AuthToken.TOKEN_AUTHMGR_INST_NAME);
+ authMgr = authToken.getInString(AuthToken.TOKEN_AUTHMGR_INST_NAME);
String agentID = authToken.getInString("userid");
- initiative = AuditFormat.FROMAGENT + " agentID: " + agentID
- + " authenticated by " + authMgr;
+ initiative = AuditFormat.FROMAGENT + " agentID: " + agentID +
+ " authenticated by " + authMgr;
}
} else {
initiative = AuditFormat.FROMUSER;
@@ -242,29 +241,24 @@ public class CMCRevReqServlet extends CMSServlet {
certs = new X509CertImpl[serialNoArray.length];
for (int i = 0; i < serialNoArray.length; i++) {
- certs[i] = ((ICertificateAuthority) mAuthority)
- .getCertificateRepository().getX509Certificate(
- serialNoArray[i]);
+ certs[i] = ((ICertificateAuthority) mAuthority).getCertificateRepository().getX509Certificate(serialNoArray[i]);
}
} else if (mAuthority instanceof IRegistrationAuthority) {
IRequest getCertsChallengeReq = null;
- getCertsChallengeReq = mQueue
- .newRequest(GETCERTS_FOR_CHALLENGE_REQUEST);
+ getCertsChallengeReq = mQueue.newRequest(
+ GETCERTS_FOR_CHALLENGE_REQUEST);
getCertsChallengeReq.setExtData(SERIALNO_ARRAY, serialNoArray);
mQueue.processRequest(getCertsChallengeReq);
RequestStatus status = getCertsChallengeReq.getRequestStatus();
if (status == RequestStatus.COMPLETE) {
- certs = getCertsChallengeReq
- .getExtDataInCertArray(IRequest.OLD_CERTS);
- header.addStringValue("request", getCertsChallengeReq
- .getRequestId().toString());
+ certs = getCertsChallengeReq.getExtDataInCertArray(IRequest.OLD_CERTS);
+ header.addStringValue("request", getCertsChallengeReq.getRequestId().toString());
mRequestID = getCertsChallengeReq.getRequestId().toString();
} else {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("ADMIN_SRVLT_FAIL_GET_CERT_CHALL_PWRD"));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_FAIL_GET_CERT_CHALL_PWRD"));
}
}
@@ -274,23 +268,23 @@ public class CMCRevReqServlet extends CMSServlet {
for (int i = 0; i < serialNoArray.length; i++) {
IArgBlock rarg = CMS.createArgBlock();
- rarg.addBigIntegerValue("serialNumber", serialNoArray[i], 16);
- rarg.addStringValue("subject", certs[i].getSubjectDN()
- .toString());
- rarg.addLongValue("validNotBefore", certs[i].getNotBefore()
- .getTime() / 1000);
- rarg.addLongValue("validNotAfter", certs[i].getNotAfter()
- .getTime() / 1000);
- // argSet.addRepeatRecord(rarg);
+ rarg.addBigIntegerValue("serialNumber",
+ serialNoArray[i], 16);
+ rarg.addStringValue("subject",
+ certs[i].getSubjectDN().toString());
+ rarg.addLongValue("validNotBefore",
+ certs[i].getNotBefore().getTime() / 1000);
+ rarg.addLongValue("validNotAfter",
+ certs[i].getNotAfter().getTime() / 1000);
+ //argSet.addRepeatRecord(rarg);
}
revokeAll = "(|(certRecordId=" + serialNoArray[0].toString() + "))";
- cmcAgentSerialNumber = authToken
- .getInString(IAuthManager.CRED_SSL_CLIENT_CERT);
- process(argSet, header, reasonCode.intValue(), invalidityDate,
- initiative, req, resp, verifiedRecordCount, revokeAll,
- totalRecordCount, comments, locale[0], cmcAgentSerialNumber);
-
+ cmcAgentSerialNumber= authToken.getInString(IAuthManager.CRED_SSL_CLIENT_CERT);
+ process(argSet, header, reasonCode.intValue(), invalidityDate, initiative, req, resp,
+ verifiedRecordCount, revokeAll, totalRecordCount,
+ comments, locale[0],cmcAgentSerialNumber);
+
} else {
header.addIntegerValue("totalRecordCount", 0);
header.addIntegerValue("verifiedRecordCount", 0);
@@ -299,56 +293,54 @@ public class CMCRevReqServlet extends CMSServlet {
try {
ServletOutputStream out = resp.getOutputStream();
- if ((serialNoArray == null) || (serialNoArray.length == 0)) {
+ if ((serialNoArray== null) || (serialNoArray.length == 0)) {
cmsReq.setStatus(CMSRequest.ERROR);
- EBaseException ee = new EBaseException(
- "No matched certificate is found");
+ EBaseException ee = new EBaseException("No matched certificate is found");
cmsReq.setError(ee);
} else {
String xmlOutput = req.getParameter("xml");
if (xmlOutput != null && xmlOutput.equals("true")) {
- outputXML(resp, argSet);
+ outputXML(resp, argSet);
} else {
- resp.setContentType("text/html");
- form.renderOutput(out, argSet);
- cmsReq.setStatus(CMSRequest.SUCCESS);
+ resp.setContentType("text/html");
+ form.renderOutput(out, argSet);
+ cmsReq.setStatus(CMSRequest.SUCCESS);
}
}
} catch (IOException e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("ADMIN_SRVLT_ERR_STREAM_TEMPLATE",
- e.toString()));
- throw new ECMSGWException(
- CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
+ CMS.getLogMessage("ADMIN_SRVLT_ERR_STREAM_TEMPLATE", e.toString()));
+ throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
}
}
/**
* get cert to revoke from agent.
*/
- private BigInteger getCertFromAgent(IArgBlock httpParams,
- X509Certificate[] certContainer) throws EBaseException {
+ private BigInteger getCertFromAgent(
+ IArgBlock httpParams, X509Certificate[] certContainer)
+ throws EBaseException {
BigInteger serialno = null;
X509Certificate cert = null;
// get serial no
serialno = httpParams.getValueAsBigInteger(SERIAL_NO, null);
if (serialno == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_SERIALNO_FOR_REVOKE"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_MISSING_SERIALNO_FOR_REVOKE"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_MISSING_SERIALNO_FOR_REVOKE"));
+ CMS.getUserMessage("CMS_GW_MISSING_SERIALNO_FOR_REVOKE"));
}
// get cert from db if we're cert authority.
if (mAuthority instanceof ICertificateAuthority) {
cert = getX509Certificate(serialno);
if (cert == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION"));
+ CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION"));
}
}
certContainer[0] = cert;
@@ -358,21 +350,23 @@ public class CMCRevReqServlet extends CMSServlet {
/**
* Revoke the specified certificate
*/
- private BigInteger getCertFromAuthMgr(AuthToken authToken,
- X509Certificate[] certContainer) throws EBaseException {
- X509CertImpl cert = authToken.getInCert(AuthToken.TOKEN_CERT);
+ private BigInteger getCertFromAuthMgr(
+ AuthToken authToken, X509Certificate[] certContainer)
+ throws EBaseException {
+ X509CertImpl cert =
+ authToken.getInCert(AuthToken.TOKEN_CERT);
if (cert == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_CERTS_REVOKE_FROM_AUTHMGR"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_MISSING_CERTS_REVOKE_FROM_AUTHMGR"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_MISSING_CERTS_REVOKE_FROM_AUTHMGR"));
+ CMS.getUserMessage("CMS_GW_MISSING_CERTS_REVOKE_FROM_AUTHMGR"));
}
- if (mAuthority instanceof ICertificateAuthority && !isCertFromCA(cert)) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION"));
+ if (mAuthority instanceof ICertificateAuthority &&
+ !isCertFromCA(cert)) {
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION"));
+ CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION"));
}
certContainer[0] = cert;
BigInteger serialno = ((X509Certificate) cert).getSerialNumber();
@@ -381,23 +375,25 @@ public class CMCRevReqServlet extends CMSServlet {
}
/**
- * get cert to revoke from ssl
+ * get cert to revoke from ssl
*/
- private BigInteger getCertFromSSL(HttpServletRequest req,
- X509CertImpl[] certContainer) throws EBaseException {
+ private BigInteger getCertFromSSL(
+ HttpServletRequest req, X509CertImpl[] certContainer)
+ throws EBaseException {
X509Certificate cert = getSSLClientCertificate(req);
if (cert == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_CERTS_REVOKE_FROM_SSL"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_MISSING_CERTS_REVOKE_FROM_SSL"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_MISSING_CERTS_REVOKE_FROM_SSL"));
+ CMS.getUserMessage("CMS_GW_MISSING_CERTS_REVOKE_FROM_SSL"));
}
- if (mAuthority instanceof ICertificateAuthority && !isCertFromCA(cert)) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION", ""));
+ if (mAuthority instanceof ICertificateAuthority &&
+ !isCertFromCA(cert)) {
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION", ""));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION"));
+ CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION"));
}
BigInteger serialno = ((X509Certificate) cert).getSerialNumber();
@@ -410,52 +406,56 @@ public class CMCRevReqServlet extends CMSServlet {
* Process cert status change request using the Certificate Management
* protocol using CMS (CMC)
* <P>
- *
+ *
* (Certificate Request - an "EE" cert status change request)
* <P>
- *
+ *
* (Certificate Request Processed - an "EE" cert status change request)
* <P>
- *
+ *
* <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used
- * when a cert status change request (e. g. - "revocation") is made (before
+ * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when
+ * a cert status change request (e. g. - "revocation") is made (before
* approval process)
- * <li>signed.audit
- * LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a
- * certificate status is changed (revoked, expired, on-hold, off-hold)
+ * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED
+ * used when a certificate status is changed (revoked, expired, on-hold,
+ * off-hold)
* </ul>
- *
* @param argSet CMS template parameters
* @param header argument block
- * @param reason revocation reason (0 - Unspecified, 1 - Key compromised, 2
- * - CA key compromised; should not be used, 3 - Affiliation
- * changed, 4 - Certificate superceded, 5 - Cessation of
- * operation, or 6 - Certificate is on hold)
+ * @param reason revocation reason (0 - Unspecified, 1 - Key compromised,
+ * 2 - CA key compromised; should not be used, 3 - Affiliation changed,
+ * 4 - Certificate superceded, 5 - Cessation of operation, or
+ * 6 - Certificate is on hold)
* @param invalidityDate certificate validity date
* @param initiative string containing the audit format
* @param req HTTP servlet request
* @param resp HTTP servlet response
* @param verifiedRecordCount number of verified records
- * @param revokeAll string containing information on all of the certificates
- * to be revoked
+ * @param revokeAll string containing information on all of the
+ * certificates to be revoked
* @param totalRecordCount total number of records (verified and unverified)
* @param comments string containing certificate comments
* @param locale the system locale
* @exception EBaseException an error has occurred
*/
private void process(CMSTemplateParams argSet, IArgBlock header,
- int reason, Date invalidityDate, String initiative,
- HttpServletRequest req, HttpServletResponse resp,
- int verifiedRecordCount, String revokeAll, int totalRecordCount,
- String comments, Locale locale, String cmcAgentSerialNumber)
- throws EBaseException {
+ int reason, Date invalidityDate,
+ String initiative,
+ HttpServletRequest req,
+ HttpServletResponse resp,
+ int verifiedRecordCount,
+ String revokeAll,
+ int totalRecordCount,
+ String comments,
+ Locale locale,String cmcAgentSerialNumber)
+ throws EBaseException {
String eeSerialNumber = null;
- if (cmcAgentSerialNumber != null) {
+ if(cmcAgentSerialNumber!=null) {
eeSerialNumber = cmcAgentSerialNumber;
- } else {
- X509CertImpl sslCert = (X509CertImpl) getSSLClientCertificate(req);
- if (sslCert != null) {
+ }else{
+ X509CertImpl sslCert = ( X509CertImpl ) getSSLClientCertificate( req );
+ if( sslCert != null ) {
eeSerialNumber = sslCert.getSerialNumber().toString();
}
}
@@ -463,11 +463,11 @@ public class CMCRevReqServlet extends CMSServlet {
boolean auditRequest = true;
String auditMessage = null;
String auditSubjectID = auditSubjectID();
- String auditRequesterID = auditRequesterID(req);
- String auditSerialNumber = auditSerialNumber(eeSerialNumber);
- String auditRequestType = auditRequestType(reason);
+ String auditRequesterID = auditRequesterID( req );
+ String auditSerialNumber = auditSerialNumber( eeSerialNumber );
+ String auditRequestType = auditRequestType( reason );
String auditApprovalStatus = ILogger.SIGNED_AUDIT_EMPTY_VALUE;
- String auditReasonNum = String.valueOf(reason);
+ String auditReasonNum = String.valueOf( reason );
try {
int count = 0;
@@ -496,9 +496,8 @@ public class CMCRevReqServlet extends CMSServlet {
}
if (mAuthority instanceof ICertificateAuthority) {
- ICertRecordList list = (ICertRecordList) mCertDB
- .findCertRecordsInList(revokeAll, null,
- totalRecordCount);
+ ICertRecordList list = (ICertRecordList) mCertDB.findCertRecordsInList(
+ revokeAll, null, totalRecordCount);
Enumeration e = list.getCertRecords(0, totalRecordCount - 1);
while (e != null && e.hasMoreElements()) {
@@ -507,18 +506,18 @@ public class CMCRevReqServlet extends CMSServlet {
IArgBlock rarg = CMS.createArgBlock();
rarg.addBigIntegerValue("serialNumber",
- cert.getSerialNumber(), 16);
+ cert.getSerialNumber(), 16);
if (rec.getStatus().equals(ICertRecord.STATUS_REVOKED)) {
- rarg.addStringValue("error", "Certificate "
- + cert.getSerialNumber().toString()
- + " is already revoked.");
+ rarg.addStringValue("error", "Certificate " +
+ cert.getSerialNumber().toString() +
+ " is already revoked.");
} else {
oldCertsV.addElement(cert);
- RevokedCertImpl revCertImpl = new RevokedCertImpl(
- cert.getSerialNumber(), CMS.getCurrentDate(),
- entryExtn);
+ RevokedCertImpl revCertImpl =
+ new RevokedCertImpl(cert.getSerialNumber(),
+ CMS.getCurrentDate(), entryExtn);
revCertImplsV.addElement(revCertImpl);
count++;
@@ -530,48 +529,42 @@ public class CMCRevReqServlet extends CMSServlet {
} else if (mAuthority instanceof IRegistrationAuthority) {
String reqIdStr = null;
- if (mRequestID != null && mRequestID.length() > 0)
+ if (mRequestID != null && mRequestID.length() > 0)
reqIdStr = mRequestID;
Vector serialNumbers = new Vector();
if (revokeAll != null && revokeAll.length() > 0) {
- for (int i = revokeAll.indexOf('='); i < revokeAll.length()
- && i > -1; i = revokeAll.indexOf('=', i)) {
+ for (int i = revokeAll.indexOf('=');
+ i < revokeAll.length() && i > -1;
+ i = revokeAll.indexOf('=', i)) {
if (i > -1) {
i++;
- while (i < revokeAll.length()
- && revokeAll.charAt(i) == ' ') {
+ while (i < revokeAll.length() && revokeAll.charAt(i) == ' ') {
i++;
}
String legalDigits = "0123456789";
int j = i;
- while (j < revokeAll.length()
- && legalDigits.indexOf(revokeAll.charAt(j)) != -1) {
+ while (j < revokeAll.length() &&
+ legalDigits.indexOf(revokeAll.charAt(j)) != -1) {
j++;
}
if (j > i) {
- serialNumbers.addElement(revokeAll.substring(i,
- j));
+ serialNumbers.addElement(revokeAll.substring(i, j));
}
}
}
}
- if (reqIdStr != null && reqIdStr.length() > 0
- && serialNumbers.size() > 0) {
- IRequest certReq = mRequestQueue.findRequest(new RequestId(
- reqIdStr));
- X509CertImpl[] certs = certReq
- .getExtDataInCertArray(IRequest.OLD_CERTS);
+ if (reqIdStr != null && reqIdStr.length() > 0 && serialNumbers.size() > 0) {
+ IRequest certReq = mRequestQueue.findRequest(new RequestId(reqIdStr));
+ X509CertImpl[] certs = certReq.getExtDataInCertArray(IRequest.OLD_CERTS);
for (int i = 0; i < certs.length; i++) {
boolean addToList = false;
for (int j = 0; j < serialNumbers.size(); j++) {
- if (certs[i]
- .getSerialNumber()
- .toString()
- .equals((String) serialNumbers.elementAt(j))) {
+ if (certs[i].getSerialNumber().toString().equals(
+ (String) serialNumbers.elementAt(j))) {
addToList = true;
break;
}
@@ -580,11 +573,11 @@ public class CMCRevReqServlet extends CMSServlet {
IArgBlock rarg = CMS.createArgBlock();
rarg.addBigIntegerValue("serialNumber",
- certs[i].getSerialNumber(), 16);
+ certs[i].getSerialNumber(), 16);
oldCertsV.addElement(certs[i]);
- RevokedCertImpl revCertImpl = new RevokedCertImpl(
- certs[i].getSerialNumber(),
+ RevokedCertImpl revCertImpl =
+ new RevokedCertImpl(certs[i].getSerialNumber(),
CMS.getCurrentDate(), entryExtn);
revCertImplsV.addElement(revCertImpl);
@@ -597,18 +590,17 @@ public class CMCRevReqServlet extends CMSServlet {
String b64eCert = req.getParameter("b64eCertificate");
if (b64eCert != null) {
- byte[] certBytes = com.netscape.osutil.OSUtil
- .AtoB(b64eCert);
+ byte[] certBytes = com.netscape.osutil.OSUtil.AtoB(b64eCert);
X509CertImpl cert = new X509CertImpl(certBytes);
IArgBlock rarg = CMS.createArgBlock();
rarg.addBigIntegerValue("serialNumber",
- cert.getSerialNumber(), 16);
+ cert.getSerialNumber(), 16);
oldCertsV.addElement(cert);
- RevokedCertImpl revCertImpl = new RevokedCertImpl(
- cert.getSerialNumber(), CMS.getCurrentDate(),
- entryExtn);
+ RevokedCertImpl revCertImpl =
+ new RevokedCertImpl(cert.getSerialNumber(),
+ CMS.getCurrentDate(), entryExtn);
revCertImplsV.addElement(revCertImpl);
count++;
@@ -628,13 +620,17 @@ public class CMCRevReqServlet extends CMSServlet {
revCertImpls[i] = (RevokedCertImpl) revCertImplsV.elementAt(i);
}
- IRequest revReq = mQueue.newRequest(IRequest.REVOCATION_REQUEST);
+ IRequest revReq =
+ mQueue.newRequest(IRequest.REVOCATION_REQUEST);
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
- auditSubjectID, ILogger.SUCCESS, auditRequesterID,
- auditSerialNumber, auditRequestType);
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
+ auditSubjectID,
+ ILogger.SUCCESS,
+ auditRequesterID,
+ auditSerialNumber,
+ auditRequestType);
audit(auditMessage);
@@ -664,35 +660,30 @@ public class CMCRevReqServlet extends CMSServlet {
Integer result = revReq.getExtDataInInteger(IRequest.RESULT);
if (result.equals(IRequest.RES_ERROR)) {
- String[] svcErrors = revReq
- .getExtDataInStringArray(IRequest.SVCERRORS);
+ String[] svcErrors =
+ revReq.getExtDataInStringArray(IRequest.SVCERRORS);
if (svcErrors != null && svcErrors.length > 0) {
for (int i = 0; i < svcErrors.length; i++) {
String err = svcErrors[i];
if (err != null) {
- // cmsReq.setErrorDescription(err);
+ //cmsReq.setErrorDescription(err);
for (int j = 0; j < count; j++) {
if (oldCerts[j] != null) {
- mLogger.log(
- ILogger.EV_AUDIT,
- ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.DOREVOKEFORMAT,
- new Object[] {
- revReq.getRequestId(),
- initiative,
- "completed with error: "
- + err,
- oldCerts[j]
- .getSubjectDN(),
- oldCerts[j]
- .getSerialNumber()
- .toString(16),
- RevocationReason
- .fromInt(reason)
- .toString() });
+ mLogger.log(ILogger.EV_AUDIT,
+ ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.DOREVOKEFORMAT,
+ new Object[] {
+ revReq.getRequestId(),
+ initiative,
+ "completed with error: " +
+ err,
+ oldCerts[j].getSubjectDN(),
+ oldCerts[j].getSerialNumber().toString(16),
+ RevocationReason.fromInt(reason).toString()}
+ );
}
}
}
@@ -704,27 +695,24 @@ public class CMCRevReqServlet extends CMSServlet {
// audit log the success.
for (int j = 0; j < count; j++) {
if (oldCerts[j] != null) {
- mLogger.log(
- ILogger.EV_AUDIT,
- ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.DOREVOKEFORMAT,
- new Object[] {
- revReq.getRequestId(),
- initiative,
- "completed",
- oldCerts[j].getSubjectDN(),
- oldCerts[j].getSerialNumber().toString(
- 16),
- RevocationReason.fromInt(reason)
- .toString() });
+ mLogger.log(ILogger.EV_AUDIT, ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.DOREVOKEFORMAT,
+ new Object[] {
+ revReq.getRequestId(),
+ initiative,
+ "completed",
+ oldCerts[j].getSubjectDN(),
+ oldCerts[j].getSerialNumber().toString(16),
+ RevocationReason.fromInt(reason).toString()}
+ );
}
}
header.addStringValue("revoked", "yes");
- Integer updateCRLResult = revReq
- .getExtDataInInteger(IRequest.CRL_UPDATE_STATUS);
+ Integer updateCRLResult =
+ revReq.getExtDataInInteger(IRequest.CRL_UPDATE_STATUS);
if (updateCRLResult != null) {
header.addStringValue("updateCRL", "yes");
@@ -732,98 +720,92 @@ public class CMCRevReqServlet extends CMSServlet {
header.addStringValue("updateCRLSuccess", "yes");
} else {
header.addStringValue("updateCRLSuccess", "no");
- String crlError = revReq
- .getExtDataInString(IRequest.CRL_UPDATE_ERROR);
+ String crlError =
+ revReq.getExtDataInString(IRequest.CRL_UPDATE_ERROR);
if (crlError != null)
- header.addStringValue("updateCRLError", crlError);
+ header.addStringValue("updateCRLError",
+ crlError);
}
// let known crl publishing status too.
- Integer publishCRLResult = revReq
- .getExtDataInInteger(IRequest.CRL_PUBLISH_STATUS);
+ Integer publishCRLResult =
+ revReq.getExtDataInInteger(IRequest.CRL_PUBLISH_STATUS);
if (publishCRLResult != null) {
if (publishCRLResult.equals(IRequest.RES_SUCCESS)) {
header.addStringValue("publishCRLSuccess", "yes");
} else {
header.addStringValue("publishCRLSuccess", "no");
- String publError = revReq
- .getExtDataInString(IRequest.CRL_PUBLISH_ERROR);
+ String publError =
+ revReq.getExtDataInString(IRequest.CRL_PUBLISH_ERROR);
if (publError != null)
header.addStringValue("publishCRLError",
- publError);
+ publError);
}
}
}
if (mAuthority instanceof ICertificateAuthority) {
// let known update and publish status of all crls.
- Enumeration otherCRLs = ((ICertificateAuthority) mAuthority)
- .getCRLIssuingPoints();
+ Enumeration otherCRLs =
+ ((ICertificateAuthority) mAuthority).getCRLIssuingPoints();
while (otherCRLs.hasMoreElements()) {
- ICRLIssuingPoint crl = (ICRLIssuingPoint) otherCRLs
- .nextElement();
+ ICRLIssuingPoint crl = (ICRLIssuingPoint)
+ otherCRLs.nextElement();
String crlId = crl.getId();
if (crlId.equals(ICertificateAuthority.PROP_MASTER_CRL))
continue;
String updateStatusStr = crl.getCrlUpdateStatusStr();
- Integer updateResult = revReq
- .getExtDataInInteger(updateStatusStr);
+ Integer updateResult = revReq.getExtDataInInteger(updateStatusStr);
if (updateResult != null) {
if (updateResult.equals(IRequest.RES_SUCCESS)) {
- CMS.debug("CMCRevReqServlet: "
- + CMS.getLogMessage(
- "ADMIN_SRVLT_ADDING_HEADER",
- updateStatusStr));
+ CMS.debug("CMCRevReqServlet: " + CMS.getLogMessage("ADMIN_SRVLT_ADDING_HEADER",
+ updateStatusStr));
header.addStringValue(updateStatusStr, "yes");
} else {
- String updateErrorStr = crl
- .getCrlUpdateErrorStr();
+ String updateErrorStr = crl.getCrlUpdateErrorStr();
- CMS.debug("CMCRevReqServlet: "
- + CMS.getLogMessage(
- "ADMIN_SRVLT_ADDING_HEADER_NO",
- updateStatusStr));
+ CMS.debug("CMCRevReqServlet: " + CMS.getLogMessage("ADMIN_SRVLT_ADDING_HEADER_NO",
+ updateStatusStr));
header.addStringValue(updateStatusStr, "no");
- String error = revReq
- .getExtDataInString(updateErrorStr);
+ String error =
+ revReq.getExtDataInString(updateErrorStr);
if (error != null)
- header.addStringValue(updateErrorStr, error);
+ header.addStringValue(updateErrorStr,
+ error);
}
- String publishStatusStr = crl
- .getCrlPublishStatusStr();
- Integer publishResult = revReq
- .getExtDataInInteger(publishStatusStr);
+ String publishStatusStr = crl.getCrlPublishStatusStr();
+ Integer publishResult =
+ revReq.getExtDataInInteger(publishStatusStr);
if (publishResult == null)
continue;
if (publishResult.equals(IRequest.RES_SUCCESS)) {
header.addStringValue(publishStatusStr, "yes");
} else {
- String publishErrorStr = crl
- .getCrlPublishErrorStr();
+ String publishErrorStr =
+ crl.getCrlPublishErrorStr();
header.addStringValue(publishStatusStr, "no");
- String error = revReq
- .getExtDataInString(publishErrorStr);
+ String error =
+ revReq.getExtDataInString(publishErrorStr);
if (error != null)
- header.addStringValue(publishErrorStr,
- error);
+ header.addStringValue(
+ publishErrorStr, error);
}
}
}
}
- if (mPublisherProcessor != null
- && mPublisherProcessor.ldapEnabled()) {
+ if (mPublisherProcessor != null && mPublisherProcessor.ldapEnabled()) {
header.addStringValue("dirEnabled", "yes");
- Integer[] ldapPublishStatus = revReq
- .getExtDataInIntegerArray("ldapPublishStatus");
+ Integer[] ldapPublishStatus =
+ revReq.getExtDataInIntegerArray("ldapPublishStatus");
int certsToUpdate = 0;
int certsUpdated = 0;
@@ -839,11 +821,12 @@ public class CMCRevReqServlet extends CMSServlet {
header.addIntegerValue("certsToUpdate", certsToUpdate);
// add crl publishing status.
- String publError = revReq
- .getExtDataInString(IRequest.CRL_PUBLISH_ERROR);
+ String publError =
+ revReq.getExtDataInString(IRequest.CRL_PUBLISH_ERROR);
if (publError != null) {
- header.addStringValue("crlPublishError", publError);
+ header.addStringValue("crlPublishError",
+ publError);
}
} else {
header.addStringValue("dirEnabled", "no");
@@ -856,32 +839,27 @@ public class CMCRevReqServlet extends CMSServlet {
// audit log the pending
for (int j = 0; j < count; j++) {
if (oldCerts[j] != null) {
- mLogger.log(
- ILogger.EV_AUDIT,
- ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.DOREVOKEFORMAT,
- new Object[] {
- revReq.getRequestId(),
- initiative,
- "pending",
- oldCerts[j].getSubjectDN(),
- oldCerts[j].getSerialNumber().toString(
- 16),
- RevocationReason.fromInt(reason)
- .toString() });
+ mLogger.log(ILogger.EV_AUDIT, ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.DOREVOKEFORMAT,
+ new Object[] {
+ revReq.getRequestId(),
+ initiative,
+ "pending",
+ oldCerts[j].getSubjectDN(),
+ oldCerts[j].getSerialNumber().toString(16),
+ RevocationReason.fromInt(reason).toString()}
+ );
}
}
} else {
- Vector errors = revReq
- .getExtDataInStringVector(IRequest.ERRORS);
+ Vector errors = revReq.getExtDataInStringVector(IRequest.ERRORS);
StringBuffer errorStr = new StringBuffer();
if (errors != null && errors.size() > 0) {
for (int ii = 0; ii < errors.size(); ii++) {
- errorStr.append(errors.elementAt(ii));
- ;
+ errorStr.append(errors.elementAt(ii));;
}
}
header.addStringValue("error", errorStr.toString());
@@ -889,20 +867,17 @@ public class CMCRevReqServlet extends CMSServlet {
// audit log the error
for (int j = 0; j < count; j++) {
if (oldCerts[j] != null) {
- mLogger.log(
- ILogger.EV_AUDIT,
- ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.DOREVOKEFORMAT,
- new Object[] {
- revReq.getRequestId(),
- initiative,
- stat.toString(),
- oldCerts[j].getSubjectDN(),
- oldCerts[j].getSerialNumber().toString(
- 16),
- RevocationReason.fromInt(reason)
- .toString() });
+ mLogger.log(ILogger.EV_AUDIT, ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.DOREVOKEFORMAT,
+ new Object[] {
+ revReq.getRequestId(),
+ initiative,
+ stat.toString(),
+ oldCerts[j].getSubjectDN(),
+ oldCerts[j].getSerialNumber().toString(16),
+ RevocationReason.fromInt(reason).toString()}
+ );
}
}
}
@@ -911,17 +886,17 @@ public class CMCRevReqServlet extends CMSServlet {
// if and only if "auditApprovalStatus" is
// "complete", "revoked", or "canceled"
if ((auditApprovalStatus.equals(RequestStatus.COMPLETE_STRING))
- || (auditApprovalStatus
- .equals(RequestStatus.REJECTED_STRING))
- || (auditApprovalStatus
- .equals(RequestStatus.CANCELED_STRING))) {
- auditMessage = CMS
- .getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
- auditSubjectID, ILogger.SUCCESS,
- auditRequesterID, auditSerialNumber,
- auditRequestType, auditReasonNum,
- auditApprovalStatus);
+ || (auditApprovalStatus.equals(RequestStatus.REJECTED_STRING))
+ || (auditApprovalStatus.equals(RequestStatus.CANCELED_STRING))) {
+ auditMessage = CMS.getLogMessage(
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
+ auditSubjectID,
+ ILogger.SUCCESS,
+ auditRequesterID,
+ auditSerialNumber,
+ auditRequestType,
+ auditReasonNum,
+ auditApprovalStatus);
audit(auditMessage);
}
@@ -931,9 +906,12 @@ public class CMCRevReqServlet extends CMSServlet {
// store a "CERT_STATUS_CHANGE_REQUEST" failure
// message in the signed audit log file
auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
- auditSubjectID, ILogger.FAILURE, auditRequesterID,
- auditSerialNumber, auditRequestType);
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
+ auditSubjectID,
+ ILogger.FAILURE,
+ auditRequesterID,
+ auditSerialNumber,
+ auditRequestType);
audit(auditMessage);
} else {
@@ -942,17 +920,18 @@ public class CMCRevReqServlet extends CMSServlet {
// if and only if "auditApprovalStatus" is
// "complete", "revoked", or "canceled"
if ((auditApprovalStatus.equals(RequestStatus.COMPLETE_STRING))
- || (auditApprovalStatus
- .equals(RequestStatus.REJECTED_STRING))
- || (auditApprovalStatus
- .equals(RequestStatus.CANCELED_STRING))) {
- auditMessage = CMS
- .getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
- auditSubjectID, ILogger.FAILURE,
- auditRequesterID, auditSerialNumber,
- auditRequestType, auditReasonNum,
- auditApprovalStatus);
+ || (auditApprovalStatus.equals(RequestStatus.REJECTED_STRING))
+ || (auditApprovalStatus.equals(RequestStatus.CANCELED_STRING)))
+ {
+ auditMessage = CMS.getLogMessage(
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
+ auditSubjectID,
+ ILogger.FAILURE,
+ auditRequesterID,
+ auditSerialNumber,
+ auditRequestType,
+ auditReasonNum,
+ auditApprovalStatus);
audit(auditMessage);
}
@@ -966,9 +945,12 @@ public class CMCRevReqServlet extends CMSServlet {
// store a "CERT_STATUS_CHANGE_REQUEST" failure
// message in the signed audit log file
auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
- auditSubjectID, ILogger.FAILURE, auditRequesterID,
- auditSerialNumber, auditRequestType);
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
+ auditSubjectID,
+ ILogger.FAILURE,
+ auditRequesterID,
+ auditSerialNumber,
+ auditRequestType);
audit(auditMessage);
} else {
@@ -977,17 +959,18 @@ public class CMCRevReqServlet extends CMSServlet {
// if and only if "auditApprovalStatus" is
// "complete", "revoked", or "canceled"
if ((auditApprovalStatus.equals(RequestStatus.COMPLETE_STRING))
- || (auditApprovalStatus
- .equals(RequestStatus.REJECTED_STRING))
- || (auditApprovalStatus
- .equals(RequestStatus.CANCELED_STRING))) {
- auditMessage = CMS
- .getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
- auditSubjectID, ILogger.FAILURE,
- auditRequesterID, auditSerialNumber,
- auditRequestType, auditReasonNum,
- auditApprovalStatus);
+ || (auditApprovalStatus.equals(RequestStatus.REJECTED_STRING))
+ || (auditApprovalStatus.equals(RequestStatus.CANCELED_STRING)))
+ {
+ auditMessage = CMS.getLogMessage(
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
+ auditSubjectID,
+ ILogger.FAILURE,
+ auditRequesterID,
+ auditSerialNumber,
+ auditRequestType,
+ auditReasonNum,
+ auditApprovalStatus);
audit(auditMessage);
}
@@ -996,16 +979,18 @@ public class CMCRevReqServlet extends CMSServlet {
throw e;
} catch (IOException e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ERROR_MARKING_CERT_REVOKED",
- e.toString()));
+ CMS.getLogMessage("CMSGW_ERROR_MARKING_CERT_REVOKED", e.toString()));
if (auditRequest) {
// store a "CERT_STATUS_CHANGE_REQUEST" failure
// message in the signed audit log file
auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
- auditSubjectID, ILogger.FAILURE, auditRequesterID,
- auditSerialNumber, auditRequestType);
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
+ auditSubjectID,
+ ILogger.FAILURE,
+ auditRequesterID,
+ auditSerialNumber,
+ auditRequestType);
audit(auditMessage);
} else {
@@ -1014,32 +999,35 @@ public class CMCRevReqServlet extends CMSServlet {
// if and only if "auditApprovalStatus" is
// "complete", "revoked", or "canceled"
if ((auditApprovalStatus.equals(RequestStatus.COMPLETE_STRING))
- || (auditApprovalStatus
- .equals(RequestStatus.REJECTED_STRING))
- || (auditApprovalStatus
- .equals(RequestStatus.CANCELED_STRING))) {
- auditMessage = CMS
- .getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
- auditSubjectID, ILogger.FAILURE,
- auditRequesterID, auditSerialNumber,
- auditRequestType, auditReasonNum,
- auditApprovalStatus);
+ || (auditApprovalStatus.equals(RequestStatus.REJECTED_STRING))
+ || (auditApprovalStatus.equals(RequestStatus.CANCELED_STRING)))
+ {
+ auditMessage = CMS.getLogMessage(
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
+ auditSubjectID,
+ ILogger.FAILURE,
+ auditRequesterID,
+ auditSerialNumber,
+ auditRequestType,
+ auditReasonNum,
+ auditApprovalStatus);
audit(auditMessage);
}
}
- throw new ECMSGWException(
- CMS.getLogMessage("CMSGW_ERROR_MARKING_CERT_REVOKED"));
+ throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_MARKING_CERT_REVOKED"));
} catch (Exception e) {
if (auditRequest) {
// store a "CERT_STATUS_CHANGE_REQUEST" failure
// message in the signed audit log file
auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
- auditSubjectID, ILogger.FAILURE, auditRequesterID,
- auditSerialNumber, auditRequestType);
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
+ auditSubjectID,
+ ILogger.FAILURE,
+ auditRequesterID,
+ auditSerialNumber,
+ auditRequestType);
audit(auditMessage);
} else {
@@ -1048,17 +1036,18 @@ public class CMCRevReqServlet extends CMSServlet {
// if and only if "auditApprovalStatus" is
// "complete", "revoked", or "canceled"
if ((auditApprovalStatus.equals(RequestStatus.COMPLETE_STRING))
- || (auditApprovalStatus
- .equals(RequestStatus.REJECTED_STRING))
- || (auditApprovalStatus
- .equals(RequestStatus.CANCELED_STRING))) {
- auditMessage = CMS
- .getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
- auditSubjectID, ILogger.FAILURE,
- auditRequesterID, auditSerialNumber,
- auditRequestType, auditReasonNum,
- auditApprovalStatus);
+ || (auditApprovalStatus.equals(RequestStatus.REJECTED_STRING))
+ || (auditApprovalStatus.equals(RequestStatus.CANCELED_STRING)))
+ {
+ auditMessage = CMS.getLogMessage(
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
+ auditSubjectID,
+ ILogger.FAILURE,
+ auditRequesterID,
+ auditSerialNumber,
+ auditRequestType,
+ auditReasonNum,
+ auditApprovalStatus);
audit(auditMessage);
}
@@ -1072,11 +1061,11 @@ public class CMCRevReqServlet extends CMSServlet {
/**
* Signed Audit Log Requester ID
- *
- * This method is called to obtain the "RequesterID" for a signed audit log
- * message.
+ *
+ * This method is called to obtain the "RequesterID" for
+ * a signed audit log message.
* <P>
- *
+ *
* @param req HTTP request
* @return id string containing the signed audit log message RequesterID
*/
@@ -1102,11 +1091,11 @@ public class CMCRevReqServlet extends CMSServlet {
/**
* Signed Audit Log Serial Number
- *
+ *
* This method is called to obtain the serial number of the certificate
* whose status is to be changed for a signed audit log message.
* <P>
- *
+ *
* @param eeSerialNumber a string containing the un-normalized serialNumber
* @return id string containing the signed audit log message RequesterID
*/
@@ -1124,8 +1113,8 @@ public class CMCRevReqServlet extends CMSServlet {
// convert it to hexadecimal
serialNumber = "0x"
- + Integer.toHexString(Integer.valueOf(serialNumber)
- .intValue());
+ + Integer.toHexString(
+ Integer.valueOf(serialNumber).intValue());
} else {
serialNumber = ILogger.SIGNED_AUDIT_EMPTY_VALUE;
}
@@ -1135,11 +1124,11 @@ public class CMCRevReqServlet extends CMSServlet {
/**
* Signed Audit Log Request Type
- *
- * This method is called to obtain the "Request Type" for a signed audit log
- * message.
+ *
+ * This method is called to obtain the "Request Type" for
+ * a signed audit log message.
* <P>
- *
+ *
* @param reason an integer denoting the revocation reason
* @return string containing REVOKE or ON_HOLD
*/
@@ -1161,3 +1150,4 @@ public class CMCRevReqServlet extends CMSServlet {
return requestType;
}
}
+
generated by cgit (git 2.34.1) at 2024-06-02 23:11:43 +0000