summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java748
1 files changed, 379 insertions, 369 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java b/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
index 47b3c9f1..63ac96e1 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.servlet.cert;
-
import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.CertificateException;
@@ -68,10 +67,9 @@ import com.netscape.cms.servlet.common.CMSTemplate;
import com.netscape.cms.servlet.common.CMSTemplateParams;
import com.netscape.cms.servlet.common.ECMSGWException;
-
/**
* Revoke a certificate with a CMC-formatted revocation request
- *
+ *
* @version $Revision$, $Date$
*/
public class CMCRevReqServlet extends CMSServlet {
@@ -84,7 +82,7 @@ public class CMCRevReqServlet extends CMSServlet {
// revocation templates.
private final static String TPL_FILE = "revocationResult.template";
public static final String CRED_CMC = "cmcRequest";
-
+
private ICertificateRepository mCertDB = null;
private String mFormPath = null;
private IRequestQueue mQueue = null;
@@ -93,29 +91,26 @@ public class CMCRevReqServlet extends CMSServlet {
private final static String REVOKE = "revoke";
private final static String ON_HOLD = "on-hold";
private final static int ON_HOLD_REASON = 6;
- private final static String
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST =
- "LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_5";
- private final static String
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED =
- "LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED_7";
-
- // http params
+ private final static String LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST = "LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_5";
+ private final static String LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED = "LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED_7";
+
+ // http params
public static final String SERIAL_NO = TOKEN_CERT_SERIAL;
public static final String REASON_CODE = "reasonCode";
public static final String CHALLENGE_PHRASE = "challengePhrase";
// request attributes
public static final String SERIALNO_ARRAY = "serialNoArray";
-
+
public CMCRevReqServlet() {
super();
}
- /**
+ /**
* initialize the servlet.
- * @param sc servlet configuration, read from the web.xml file
- */
+ *
+ * @param sc servlet configuration, read from the web.xml file
+ */
public void init(ServletConfig sc) throws ServletException {
super.init(sc);
@@ -126,61 +121,65 @@ public class CMCRevReqServlet extends CMSServlet {
mTemplates.remove(CMSRequest.SUCCESS);
if (mAuthority instanceof ICertificateAuthority) {
- mCertDB = ((ICertificateAuthority) mAuthority).getCertificateRepository();
+ mCertDB = ((ICertificateAuthority) mAuthority)
+ .getCertificateRepository();
}
if (mAuthority instanceof ICertAuthority) {
- mPublisherProcessor = ((ICertAuthority) mAuthority).getPublisherProcessor();
+ mPublisherProcessor = ((ICertAuthority) mAuthority)
+ .getPublisherProcessor();
}
mQueue = mAuthority.getRequestQueue();
if (mOutputTemplatePath != null)
mFormPath = mOutputTemplatePath;
}
-
- /**
- * Process the HTTP request.
- *
- * <ul>
- * <li>http.param cmcRequest the base-64 encoded CMC request
- * </ul>
- * @param cmsReq the object holding the request and response information
+ /**
+ * Process the HTTP request.
+ *
+ * <ul>
+ * <li>http.param cmcRequest the base-64 encoded CMC request
+ * </ul>
+ *
+ * @param cmsReq the object holding the request and response information
*/
protected void process(CMSRequest cmsReq) throws EBaseException {
String cmcAgentSerialNumber = null;
IArgBlock httpParams = cmsReq.getHttpParams();
HttpServletRequest req = cmsReq.getHttpReq();
- HttpServletResponse resp = cmsReq.getHttpResp();
-
+ HttpServletResponse resp = cmsReq.getHttpResp();
+
CMSTemplate form = null;
Locale[] locale = new Locale[1];
-CMS.debug("**** mFormPath = "+mFormPath);
+ CMS.debug("**** mFormPath = " + mFormPath);
try {
form = getTemplate(mFormPath, req, locale);
} catch (IOException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
- throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
+ throw new ECMSGWException(
+ CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
}
EBaseException error = null;
IArgBlock header = CMS.createArgBlock();
IArgBlock ctx = CMS.createArgBlock();
CMSTemplateParams argSet = new CMSTemplateParams(header, ctx);
-
String cmc = (String) httpParams.get(CRED_CMC);
if (cmc == null) {
- throw new EMissingCredential(
- CMS.getUserMessage("CMS_AUTHENTICATION_NULL_CREDENTIAL", CRED_CMC));
+ throw new EMissingCredential(CMS.getUserMessage(
+ "CMS_AUTHENTICATION_NULL_CREDENTIAL", CRED_CMC));
}
IAuthToken authToken = authenticate(cmsReq);
AuthzToken authzToken = null;
try {
- authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, "revoke");
+ authzToken = authorize(mAclMethod, authToken, mAuthzResourceName,
+ "revoke");
} catch (Exception e) {
// do nothing for now
}
@@ -190,10 +189,10 @@ CMS.debug("**** mFormPath = "+mFormPath);
return;
}
- //IAuthToken authToken = getAuthToken(cmsReq);
- //Object subject = authToken.get(CMCAuth.TOKEN_CERT_SERIAL);
- //Object uid = authToken.get("uid");
- //===========================
+ // IAuthToken authToken = getAuthToken(cmsReq);
+ // Object subject = authToken.get(CMCAuth.TOKEN_CERT_SERIAL);
+ // Object uid = authToken.get("uid");
+ // ===========================
String authMgr = AuditFormat.NOAUTH;
BigInteger[] serialNoArray = null;
@@ -201,36 +200,38 @@ CMS.debug("**** mFormPath = "+mFormPath);
serialNoArray = authToken.getInBigIntegerArray(TOKEN_CERT_SERIAL);
}
- Integer reasonCode = Integer.valueOf(0);
- if (authToken != null) {
+ Integer reasonCode = Integer.valueOf(0);
+ if (authToken != null) {
reasonCode = authToken.getInInteger(REASON_CODE);
}
- RevocationReason reason = RevocationReason.fromInt(reasonCode.intValue());
+ RevocationReason reason = RevocationReason.fromInt(reasonCode
+ .intValue());
String comments = "";
Date invalidityDate = null;
String revokeAll = null;
int verifiedRecordCount = 0;
int totalRecordCount = 0;
-
+
if (serialNoArray != null) {
totalRecordCount = serialNoArray.length;
verifiedRecordCount = serialNoArray.length;
}
-
+
X509CertImpl[] certs = null;
- //for audit log.
+ // for audit log.
String initiative = null;
if (mAuthMgr != null && mAuthMgr.equals("CMCAuth")) {
// request is from agent
if (authToken != null) {
- authMgr = authToken.getInString(AuthToken.TOKEN_AUTHMGR_INST_NAME);
+ authMgr = authToken
+ .getInString(AuthToken.TOKEN_AUTHMGR_INST_NAME);
String agentID = authToken.getInString("userid");
- initiative = AuditFormat.FROMAGENT + " agentID: " + agentID +
- " authenticated by " + authMgr;
+ initiative = AuditFormat.FROMAGENT + " agentID: " + agentID
+ + " authenticated by " + authMgr;
}
} else {
initiative = AuditFormat.FROMUSER;
@@ -241,24 +242,29 @@ CMS.debug("**** mFormPath = "+mFormPath);
certs = new X509CertImpl[serialNoArray.length];
for (int i = 0; i < serialNoArray.length; i++) {
- certs[i] = ((ICertificateAuthority) mAuthority).getCertificateRepository().getX509Certificate(serialNoArray[i]);
+ certs[i] = ((ICertificateAuthority) mAuthority)
+ .getCertificateRepository().getX509Certificate(
+ serialNoArray[i]);
}
} else if (mAuthority instanceof IRegistrationAuthority) {
IRequest getCertsChallengeReq = null;
- getCertsChallengeReq = mQueue.newRequest(
- GETCERTS_FOR_CHALLENGE_REQUEST);
+ getCertsChallengeReq = mQueue
+ .newRequest(GETCERTS_FOR_CHALLENGE_REQUEST);
getCertsChallengeReq.setExtData(SERIALNO_ARRAY, serialNoArray);
mQueue.processRequest(getCertsChallengeReq);
RequestStatus status = getCertsChallengeReq.getRequestStatus();
if (status == RequestStatus.COMPLETE) {
- certs = getCertsChallengeReq.getExtDataInCertArray(IRequest.OLD_CERTS);
- header.addStringValue("request", getCertsChallengeReq.getRequestId().toString());
+ certs = getCertsChallengeReq
+ .getExtDataInCertArray(IRequest.OLD_CERTS);
+ header.addStringValue("request", getCertsChallengeReq
+ .getRequestId().toString());
mRequestID = getCertsChallengeReq.getRequestId().toString();
} else {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_FAIL_GET_CERT_CHALL_PWRD"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("ADMIN_SRVLT_FAIL_GET_CERT_CHALL_PWRD"));
}
}
@@ -268,23 +274,23 @@ CMS.debug("**** mFormPath = "+mFormPath);
for (int i = 0; i < serialNoArray.length; i++) {
IArgBlock rarg = CMS.createArgBlock();
- rarg.addBigIntegerValue("serialNumber",
- serialNoArray[i], 16);
- rarg.addStringValue("subject",
- certs[i].getSubjectDN().toString());
- rarg.addLongValue("validNotBefore",
- certs[i].getNotBefore().getTime() / 1000);
- rarg.addLongValue("validNotAfter",
- certs[i].getNotAfter().getTime() / 1000);
- //argSet.addRepeatRecord(rarg);
+ rarg.addBigIntegerValue("serialNumber", serialNoArray[i], 16);
+ rarg.addStringValue("subject", certs[i].getSubjectDN()
+ .toString());
+ rarg.addLongValue("validNotBefore", certs[i].getNotBefore()
+ .getTime() / 1000);
+ rarg.addLongValue("validNotAfter", certs[i].getNotAfter()
+ .getTime() / 1000);
+ // argSet.addRepeatRecord(rarg);
}
revokeAll = "(|(certRecordId=" + serialNoArray[0].toString() + "))";
- cmcAgentSerialNumber= authToken.getInString(IAuthManager.CRED_SSL_CLIENT_CERT);
- process(argSet, header, reasonCode.intValue(), invalidityDate, initiative, req, resp,
- verifiedRecordCount, revokeAll, totalRecordCount,
- comments, locale[0],cmcAgentSerialNumber);
-
+ cmcAgentSerialNumber = authToken
+ .getInString(IAuthManager.CRED_SSL_CLIENT_CERT);
+ process(argSet, header, reasonCode.intValue(), invalidityDate,
+ initiative, req, resp, verifiedRecordCount, revokeAll,
+ totalRecordCount, comments, locale[0], cmcAgentSerialNumber);
+
} else {
header.addIntegerValue("totalRecordCount", 0);
header.addIntegerValue("verifiedRecordCount", 0);
@@ -293,54 +299,56 @@ CMS.debug("**** mFormPath = "+mFormPath);
try {
ServletOutputStream out = resp.getOutputStream();
- if ((serialNoArray== null) || (serialNoArray.length == 0)) {
+ if ((serialNoArray == null) || (serialNoArray.length == 0)) {
cmsReq.setStatus(CMSRequest.ERROR);
- EBaseException ee = new EBaseException("No matched certificate is found");
+ EBaseException ee = new EBaseException(
+ "No matched certificate is found");
cmsReq.setError(ee);
} else {
String xmlOutput = req.getParameter("xml");
if (xmlOutput != null && xmlOutput.equals("true")) {
- outputXML(resp, argSet);
+ outputXML(resp, argSet);
} else {
- resp.setContentType("text/html");
- form.renderOutput(out, argSet);
- cmsReq.setStatus(CMSRequest.SUCCESS);
+ resp.setContentType("text/html");
+ form.renderOutput(out, argSet);
+ cmsReq.setStatus(CMSRequest.SUCCESS);
}
}
} catch (IOException e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("ADMIN_SRVLT_ERR_STREAM_TEMPLATE", e.toString()));
- throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
+ CMS.getLogMessage("ADMIN_SRVLT_ERR_STREAM_TEMPLATE",
+ e.toString()));
+ throw new ECMSGWException(
+ CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
}
}
/**
* get cert to revoke from agent.
*/
- private BigInteger getCertFromAgent(
- IArgBlock httpParams, X509Certificate[] certContainer)
- throws EBaseException {
+ private BigInteger getCertFromAgent(IArgBlock httpParams,
+ X509Certificate[] certContainer) throws EBaseException {
BigInteger serialno = null;
X509Certificate cert = null;
// get serial no
serialno = httpParams.getValueAsBigInteger(SERIAL_NO, null);
if (serialno == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_SERIALNO_FOR_REVOKE"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_MISSING_SERIALNO_FOR_REVOKE"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_MISSING_SERIALNO_FOR_REVOKE"));
+ CMS.getUserMessage("CMS_GW_MISSING_SERIALNO_FOR_REVOKE"));
}
// get cert from db if we're cert authority.
if (mAuthority instanceof ICertificateAuthority) {
cert = getX509Certificate(serialno);
if (cert == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION"));
+ CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION"));
}
}
certContainer[0] = cert;
@@ -350,23 +358,21 @@ CMS.debug("**** mFormPath = "+mFormPath);
/**
* Revoke the specified certificate
*/
- private BigInteger getCertFromAuthMgr(
- AuthToken authToken, X509Certificate[] certContainer)
- throws EBaseException {
- X509CertImpl cert =
- authToken.getInCert(AuthToken.TOKEN_CERT);
+ private BigInteger getCertFromAuthMgr(AuthToken authToken,
+ X509Certificate[] certContainer) throws EBaseException {
+ X509CertImpl cert = authToken.getInCert(AuthToken.TOKEN_CERT);
if (cert == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_CERTS_REVOKE_FROM_AUTHMGR"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_MISSING_CERTS_REVOKE_FROM_AUTHMGR"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_MISSING_CERTS_REVOKE_FROM_AUTHMGR"));
+ CMS.getUserMessage("CMS_GW_MISSING_CERTS_REVOKE_FROM_AUTHMGR"));
}
- if (mAuthority instanceof ICertificateAuthority &&
- !isCertFromCA(cert)) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION"));
+ if (mAuthority instanceof ICertificateAuthority && !isCertFromCA(cert)) {
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION"));
+ CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION"));
}
certContainer[0] = cert;
BigInteger serialno = ((X509Certificate) cert).getSerialNumber();
@@ -375,25 +381,23 @@ CMS.debug("**** mFormPath = "+mFormPath);
}
/**
- * get cert to revoke from ssl
+ * get cert to revoke from ssl
*/
- private BigInteger getCertFromSSL(
- HttpServletRequest req, X509CertImpl[] certContainer)
- throws EBaseException {
+ private BigInteger getCertFromSSL(HttpServletRequest req,
+ X509CertImpl[] certContainer) throws EBaseException {
X509Certificate cert = getSSLClientCertificate(req);
if (cert == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_MISSING_CERTS_REVOKE_FROM_SSL"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_MISSING_CERTS_REVOKE_FROM_SSL"));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_MISSING_CERTS_REVOKE_FROM_SSL"));
+ CMS.getUserMessage("CMS_GW_MISSING_CERTS_REVOKE_FROM_SSL"));
}
- if (mAuthority instanceof ICertificateAuthority &&
- !isCertFromCA(cert)) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION", ""));
+ if (mAuthority instanceof ICertificateAuthority && !isCertFromCA(cert)) {
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_INVALID_CERT_FOR_REVOCATION", ""));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION"));
+ CMS.getUserMessage("CMS_GW_INVALID_CERT_FOR_REVOCATION"));
}
BigInteger serialno = ((X509Certificate) cert).getSerialNumber();
@@ -406,56 +410,52 @@ CMS.debug("**** mFormPath = "+mFormPath);
* Process cert status change request using the Certificate Management
* protocol using CMS (CMC)
* <P>
- *
+ *
* (Certificate Request - an "EE" cert status change request)
* <P>
- *
+ *
* (Certificate Request Processed - an "EE" cert status change request)
* <P>
- *
+ *
* <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when
- * a cert status change request (e. g. - "revocation") is made (before
+ * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used
+ * when a cert status change request (e. g. - "revocation") is made (before
* approval process)
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED
- * used when a certificate status is changed (revoked, expired, on-hold,
- * off-hold)
+ * <li>signed.audit
+ * LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a
+ * certificate status is changed (revoked, expired, on-hold, off-hold)
* </ul>
+ *
* @param argSet CMS template parameters
* @param header argument block
- * @param reason revocation reason (0 - Unspecified, 1 - Key compromised,
- * 2 - CA key compromised; should not be used, 3 - Affiliation changed,
- * 4 - Certificate superceded, 5 - Cessation of operation, or
- * 6 - Certificate is on hold)
+ * @param reason revocation reason (0 - Unspecified, 1 - Key compromised, 2
+ * - CA key compromised; should not be used, 3 - Affiliation
+ * changed, 4 - Certificate superceded, 5 - Cessation of
+ * operation, or 6 - Certificate is on hold)
* @param invalidityDate certificate validity date
* @param initiative string containing the audit format
* @param req HTTP servlet request
* @param resp HTTP servlet response
* @param verifiedRecordCount number of verified records
- * @param revokeAll string containing information on all of the
- * certificates to be revoked
+ * @param revokeAll string containing information on all of the certificates
+ * to be revoked
* @param totalRecordCount total number of records (verified and unverified)
* @param comments string containing certificate comments
* @param locale the system locale
* @exception EBaseException an error has occurred
*/
private void process(CMSTemplateParams argSet, IArgBlock header,
- int reason, Date invalidityDate,
- String initiative,
- HttpServletRequest req,
- HttpServletResponse resp,
- int verifiedRecordCount,
- String revokeAll,
- int totalRecordCount,
- String comments,
- Locale locale,String cmcAgentSerialNumber)
- throws EBaseException {
+ int reason, Date invalidityDate, String initiative,
+ HttpServletRequest req, HttpServletResponse resp,
+ int verifiedRecordCount, String revokeAll, int totalRecordCount,
+ String comments, Locale locale, String cmcAgentSerialNumber)
+ throws EBaseException {
String eeSerialNumber = null;
- if(cmcAgentSerialNumber!=null) {
+ if (cmcAgentSerialNumber != null) {
eeSerialNumber = cmcAgentSerialNumber;
- }else{
- X509CertImpl sslCert = ( X509CertImpl ) getSSLClientCertificate( req );
- if( sslCert != null ) {
+ } else {
+ X509CertImpl sslCert = (X509CertImpl) getSSLClientCertificate(req);
+ if (sslCert != null) {
eeSerialNumber = sslCert.getSerialNumber().toString();
}
}
@@ -463,11 +463,11 @@ CMS.debug("**** mFormPath = "+mFormPath);
boolean auditRequest = true;
String auditMessage = null;
String auditSubjectID = auditSubjectID();
- String auditRequesterID = auditRequesterID( req );
- String auditSerialNumber = auditSerialNumber( eeSerialNumber );
- String auditRequestType = auditRequestType( reason );
+ String auditRequesterID = auditRequesterID(req);
+ String auditSerialNumber = auditSerialNumber(eeSerialNumber);
+ String auditRequestType = auditRequestType(reason);
String auditApprovalStatus = ILogger.SIGNED_AUDIT_EMPTY_VALUE;
- String auditReasonNum = String.valueOf( reason );
+ String auditReasonNum = String.valueOf(reason);
try {
int count = 0;
@@ -496,8 +496,9 @@ CMS.debug("**** mFormPath = "+mFormPath);
}
if (mAuthority instanceof ICertificateAuthority) {
- ICertRecordList list = (ICertRecordList) mCertDB.findCertRecordsInList(
- revokeAll, null, totalRecordCount);
+ ICertRecordList list = (ICertRecordList) mCertDB
+ .findCertRecordsInList(revokeAll, null,
+ totalRecordCount);
Enumeration e = list.getCertRecords(0, totalRecordCount - 1);
while (e != null && e.hasMoreElements()) {
@@ -506,18 +507,18 @@ CMS.debug("**** mFormPath = "+mFormPath);
IArgBlock rarg = CMS.createArgBlock();
rarg.addBigIntegerValue("serialNumber",
- cert.getSerialNumber(), 16);
+ cert.getSerialNumber(), 16);
if (rec.getStatus().equals(ICertRecord.STATUS_REVOKED)) {
- rarg.addStringValue("error", "Certificate " +
- cert.getSerialNumber().toString() +
- " is already revoked.");
+ rarg.addStringValue("error", "Certificate "
+ + cert.getSerialNumber().toString()
+ + " is already revoked.");
} else {
oldCertsV.addElement(cert);
- RevokedCertImpl revCertImpl =
- new RevokedCertImpl(cert.getSerialNumber(),
- CMS.getCurrentDate(), entryExtn);
+ RevokedCertImpl revCertImpl = new RevokedCertImpl(
+ cert.getSerialNumber(), CMS.getCurrentDate(),
+ entryExtn);
revCertImplsV.addElement(revCertImpl);
count++;
@@ -529,42 +530,48 @@ CMS.debug("**** mFormPath = "+mFormPath);
} else if (mAuthority instanceof IRegistrationAuthority) {
String reqIdStr = null;
- if (mRequestID != null && mRequestID.length() > 0)
+ if (mRequestID != null && mRequestID.length() > 0)
reqIdStr = mRequestID;
Vector serialNumbers = new Vector();
if (revokeAll != null && revokeAll.length() > 0) {
- for (int i = revokeAll.indexOf('=');
- i < revokeAll.length() && i > -1;
- i = revokeAll.indexOf('=', i)) {
+ for (int i = revokeAll.indexOf('='); i < revokeAll.length()
+ && i > -1; i = revokeAll.indexOf('=', i)) {
if (i > -1) {
i++;
- while (i < revokeAll.length() && revokeAll.charAt(i) == ' ') {
+ while (i < revokeAll.length()
+ && revokeAll.charAt(i) == ' ') {
i++;
}
String legalDigits = "0123456789";
int j = i;
- while (j < revokeAll.length() &&
- legalDigits.indexOf(revokeAll.charAt(j)) != -1) {
+ while (j < revokeAll.length()
+ && legalDigits.indexOf(revokeAll.charAt(j)) != -1) {
j++;
}
if (j > i) {
- serialNumbers.addElement(revokeAll.substring(i, j));
+ serialNumbers.addElement(revokeAll.substring(i,
+ j));
}
}
}
}
- if (reqIdStr != null && reqIdStr.length() > 0 && serialNumbers.size() > 0) {
- IRequest certReq = mRequestQueue.findRequest(new RequestId(reqIdStr));
- X509CertImpl[] certs = certReq.getExtDataInCertArray(IRequest.OLD_CERTS);
+ if (reqIdStr != null && reqIdStr.length() > 0
+ && serialNumbers.size() > 0) {
+ IRequest certReq = mRequestQueue.findRequest(new RequestId(
+ reqIdStr));
+ X509CertImpl[] certs = certReq
+ .getExtDataInCertArray(IRequest.OLD_CERTS);
for (int i = 0; i < certs.length; i++) {
boolean addToList = false;
for (int j = 0; j < serialNumbers.size(); j++) {
- if (certs[i].getSerialNumber().toString().equals(
- (String) serialNumbers.elementAt(j))) {
+ if (certs[i]
+ .getSerialNumber()
+ .toString()
+ .equals((String) serialNumbers.elementAt(j))) {
addToList = true;
break;
}
@@ -573,11 +580,11 @@ CMS.debug("**** mFormPath = "+mFormPath);
IArgBlock rarg = CMS.createArgBlock();
rarg.addBigIntegerValue("serialNumber",
- certs[i].getSerialNumber(), 16);
+ certs[i].getSerialNumber(), 16);
oldCertsV.addElement(certs[i]);
- RevokedCertImpl revCertImpl =
- new RevokedCertImpl(certs[i].getSerialNumber(),
+ RevokedCertImpl revCertImpl = new RevokedCertImpl(
+ certs[i].getSerialNumber(),
CMS.getCurrentDate(), entryExtn);
revCertImplsV.addElement(revCertImpl);
@@ -590,17 +597,18 @@ CMS.debug("**** mFormPath = "+mFormPath);
String b64eCert = req.getParameter("b64eCertificate");
if (b64eCert != null) {
- byte[] certBytes = com.netscape.osutil.OSUtil.AtoB(b64eCert);
+ byte[] certBytes = com.netscape.osutil.OSUtil
+ .AtoB(b64eCert);
X509CertImpl cert = new X509CertImpl(certBytes);
IArgBlock rarg = CMS.createArgBlock();
rarg.addBigIntegerValue("serialNumber",
- cert.getSerialNumber(), 16);
+ cert.getSerialNumber(), 16);
oldCertsV.addElement(cert);
- RevokedCertImpl revCertImpl =
- new RevokedCertImpl(cert.getSerialNumber(),
- CMS.getCurrentDate(), entryExtn);
+ RevokedCertImpl revCertImpl = new RevokedCertImpl(
+ cert.getSerialNumber(), CMS.getCurrentDate(),
+ entryExtn);
revCertImplsV.addElement(revCertImpl);
count++;
@@ -620,17 +628,13 @@ CMS.debug("**** mFormPath = "+mFormPath);
revCertImpls[i] = (RevokedCertImpl) revCertImplsV.elementAt(i);
}
- IRequest revReq =
- mQueue.newRequest(IRequest.REVOCATION_REQUEST);
+ IRequest revReq = mQueue.newRequest(IRequest.REVOCATION_REQUEST);
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
- auditSubjectID,
- ILogger.SUCCESS,
- auditRequesterID,
- auditSerialNumber,
- auditRequestType);
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
+ auditSubjectID, ILogger.SUCCESS, auditRequesterID,
+ auditSerialNumber, auditRequestType);
audit(auditMessage);
@@ -660,30 +664,35 @@ CMS.debug("**** mFormPath = "+mFormPath);
Integer result = revReq.getExtDataInInteger(IRequest.RESULT);
if (result.equals(IRequest.RES_ERROR)) {
- String[] svcErrors =
- revReq.getExtDataInStringArray(IRequest.SVCERRORS);
+ String[] svcErrors = revReq
+ .getExtDataInStringArray(IRequest.SVCERRORS);
if (svcErrors != null && svcErrors.length > 0) {
for (int i = 0; i < svcErrors.length; i++) {
String err = svcErrors[i];
if (err != null) {
- //cmsReq.setErrorDescription(err);
+ // cmsReq.setErrorDescription(err);
for (int j = 0; j < count; j++) {
if (oldCerts[j] != null) {
- mLogger.log(ILogger.EV_AUDIT,
- ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.DOREVOKEFORMAT,
- new Object[] {
- revReq.getRequestId(),
- initiative,
- "completed with error: " +
- err,
- oldCerts[j].getSubjectDN(),
- oldCerts[j].getSerialNumber().toString(16),
- RevocationReason.fromInt(reason).toString()}
- );
+ mLogger.log(
+ ILogger.EV_AUDIT,
+ ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.DOREVOKEFORMAT,
+ new Object[] {
+ revReq.getRequestId(),
+ initiative,
+ "completed with error: "
+ + err,
+ oldCerts[j]
+ .getSubjectDN(),
+ oldCerts[j]
+ .getSerialNumber()
+ .toString(16),
+ RevocationReason
+ .fromInt(reason)
+ .toString() });
}
}
}
@@ -695,24 +704,27 @@ CMS.debug("**** mFormPath = "+mFormPath);
// audit log the success.
for (int j = 0; j < count; j++) {
if (oldCerts[j] != null) {
- mLogger.log(ILogger.EV_AUDIT, ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.DOREVOKEFORMAT,
- new Object[] {
- revReq.getRequestId(),
- initiative,
- "completed",
- oldCerts[j].getSubjectDN(),
- oldCerts[j].getSerialNumber().toString(16),
- RevocationReason.fromInt(reason).toString()}
- );
+ mLogger.log(
+ ILogger.EV_AUDIT,
+ ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.DOREVOKEFORMAT,
+ new Object[] {
+ revReq.getRequestId(),
+ initiative,
+ "completed",
+ oldCerts[j].getSubjectDN(),
+ oldCerts[j].getSerialNumber().toString(
+ 16),
+ RevocationReason.fromInt(reason)
+ .toString() });
}
}
header.addStringValue("revoked", "yes");
- Integer updateCRLResult =
- revReq.getExtDataInInteger(IRequest.CRL_UPDATE_STATUS);
+ Integer updateCRLResult = revReq
+ .getExtDataInInteger(IRequest.CRL_UPDATE_STATUS);
if (updateCRLResult != null) {
header.addStringValue("updateCRL", "yes");
@@ -720,92 +732,98 @@ CMS.debug("**** mFormPath = "+mFormPath);
header.addStringValue("updateCRLSuccess", "yes");
} else {
header.addStringValue("updateCRLSuccess", "no");
- String crlError =
- revReq.getExtDataInString(IRequest.CRL_UPDATE_ERROR);
+ String crlError = revReq
+ .getExtDataInString(IRequest.CRL_UPDATE_ERROR);
if (crlError != null)
- header.addStringValue("updateCRLError",
- crlError);
+ header.addStringValue("updateCRLError", crlError);
}
// let known crl publishing status too.
- Integer publishCRLResult =
- revReq.getExtDataInInteger(IRequest.CRL_PUBLISH_STATUS);
+ Integer publishCRLResult = revReq
+ .getExtDataInInteger(IRequest.CRL_PUBLISH_STATUS);
if (publishCRLResult != null) {
if (publishCRLResult.equals(IRequest.RES_SUCCESS)) {
header.addStringValue("publishCRLSuccess", "yes");
} else {
header.addStringValue("publishCRLSuccess", "no");
- String publError =
- revReq.getExtDataInString(IRequest.CRL_PUBLISH_ERROR);
+ String publError = revReq
+ .getExtDataInString(IRequest.CRL_PUBLISH_ERROR);
if (publError != null)
header.addStringValue("publishCRLError",
- publError);
+ publError);
}
}
}
if (mAuthority instanceof ICertificateAuthority) {
// let known update and publish status of all crls.
- Enumeration otherCRLs =
- ((ICertificateAuthority) mAuthority).getCRLIssuingPoints();
+ Enumeration otherCRLs = ((ICertificateAuthority) mAuthority)
+ .getCRLIssuingPoints();
while (otherCRLs.hasMoreElements()) {
- ICRLIssuingPoint crl = (ICRLIssuingPoint)
- otherCRLs.nextElement();
+ ICRLIssuingPoint crl = (ICRLIssuingPoint) otherCRLs
+ .nextElement();
String crlId = crl.getId();
if (crlId.equals(ICertificateAuthority.PROP_MASTER_CRL))
continue;
String updateStatusStr = crl.getCrlUpdateStatusStr();
- Integer updateResult = revReq.getExtDataInInteger(updateStatusStr);
+ Integer updateResult = revReq
+ .getExtDataInInteger(updateStatusStr);
if (updateResult != null) {
if (updateResult.equals(IRequest.RES_SUCCESS)) {
- CMS.debug("CMCRevReqServlet: " + CMS.getLogMessage("ADMIN_SRVLT_ADDING_HEADER",
- updateStatusStr));
+ CMS.debug("CMCRevReqServlet: "
+ + CMS.getLogMessage(
+ "ADMIN_SRVLT_ADDING_HEADER",
+ updateStatusStr));
header.addStringValue(updateStatusStr, "yes");
} else {
- String updateErrorStr = crl.getCrlUpdateErrorStr();
+ String updateErrorStr = crl
+ .getCrlUpdateErrorStr();
- CMS.debug("CMCRevReqServlet: " + CMS.getLogMessage("ADMIN_SRVLT_ADDING_HEADER_NO",
- updateStatusStr));
+ CMS.debug("CMCRevReqServlet: "
+ + CMS.getLogMessage(
+ "ADMIN_SRVLT_ADDING_HEADER_NO",
+ updateStatusStr));
header.addStringValue(updateStatusStr, "no");
- String error =
- revReq.getExtDataInString(updateErrorStr);
+ String error = revReq
+ .getExtDataInString(updateErrorStr);
if (error != null)
- header.addStringValue(updateErrorStr,
- error);
+ header.addStringValue(updateErrorStr, error);
}
- String publishStatusStr = crl.getCrlPublishStatusStr();
- Integer publishResult =
- revReq.getExtDataInInteger(publishStatusStr);
+ String publishStatusStr = crl
+ .getCrlPublishStatusStr();
+ Integer publishResult = revReq
+ .getExtDataInInteger(publishStatusStr);
if (publishResult == null)
continue;
if (publishResult.equals(IRequest.RES_SUCCESS)) {
header.addStringValue(publishStatusStr, "yes");
} else {
- String publishErrorStr =
- crl.getCrlPublishErrorStr();
+ String publishErrorStr = crl
+ .getCrlPublishErrorStr();
header.addStringValue(publishStatusStr, "no");
- String error =
- revReq.getExtDataInString(publishErrorStr);
+ String error = revReq
+ .getExtDataInString(publishErrorStr);
if (error != null)
- header.addStringValue(
- publishErrorStr, error);
+ header.addStringValue(publishErrorStr,
+ error);
}
}
}
}
- if (mPublisherProcessor != null && mPublisherProcessor.ldapEnabled()) {
+ if (mPublisherProcessor != null
+ && mPublisherProcessor.ldapEnabled()) {
header.addStringValue("dirEnabled", "yes");
- Integer[] ldapPublishStatus =
- revReq.getExtDataInIntegerArray("ldapPublishStatus");
+ Integer[] ldapPublishStatus = revReq
+ .getExtDataInIntegerArray("ldapPublishStatus");
int certsToUpdate = 0;
int certsUpdated = 0;
@@ -821,12 +839,11 @@ CMS.debug("**** mFormPath = "+mFormPath);
header.addIntegerValue("certsToUpdate", certsToUpdate);
// add crl publishing status.
- String publError =
- revReq.getExtDataInString(IRequest.CRL_PUBLISH_ERROR);
+ String publError = revReq
+ .getExtDataInString(IRequest.CRL_PUBLISH_ERROR);
if (publError != null) {
- header.addStringValue("crlPublishError",
- publError);
+ header.addStringValue("crlPublishError", publError);
}
} else {
header.addStringValue("dirEnabled", "no");
@@ -839,27 +856,32 @@ CMS.debug("**** mFormPath = "+mFormPath);
// audit log the pending
for (int j = 0; j < count; j++) {
if (oldCerts[j] != null) {
- mLogger.log(ILogger.EV_AUDIT, ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.DOREVOKEFORMAT,
- new Object[] {
- revReq.getRequestId(),
- initiative,
- "pending",
- oldCerts[j].getSubjectDN(),
- oldCerts[j].getSerialNumber().toString(16),
- RevocationReason.fromInt(reason).toString()}
- );
+ mLogger.log(
+ ILogger.EV_AUDIT,
+ ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.DOREVOKEFORMAT,
+ new Object[] {
+ revReq.getRequestId(),
+ initiative,
+ "pending",
+ oldCerts[j].getSubjectDN(),
+ oldCerts[j].getSerialNumber().toString(
+ 16),
+ RevocationReason.fromInt(reason)
+ .toString() });
}
}
} else {
- Vector errors = revReq.getExtDataInStringVector(IRequest.ERRORS);
+ Vector errors = revReq
+ .getExtDataInStringVector(IRequest.ERRORS);
StringBuffer errorStr = new StringBuffer();
if (errors != null && errors.size() > 0) {
for (int ii = 0; ii < errors.size(); ii++) {
- errorStr.append(errors.elementAt(ii));;
+ errorStr.append(errors.elementAt(ii));
+ ;
}
}
header.addStringValue("error", errorStr.toString());
@@ -867,17 +889,20 @@ CMS.debug("**** mFormPath = "+mFormPath);
// audit log the error
for (int j = 0; j < count; j++) {
if (oldCerts[j] != null) {
- mLogger.log(ILogger.EV_AUDIT, ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.DOREVOKEFORMAT,
- new Object[] {
- revReq.getRequestId(),
- initiative,
- stat.toString(),
- oldCerts[j].getSubjectDN(),
- oldCerts[j].getSerialNumber().toString(16),
- RevocationReason.fromInt(reason).toString()}
- );
+ mLogger.log(
+ ILogger.EV_AUDIT,
+ ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.DOREVOKEFORMAT,
+ new Object[] {
+ revReq.getRequestId(),
+ initiative,
+ stat.toString(),
+ oldCerts[j].getSubjectDN(),
+ oldCerts[j].getSerialNumber().toString(
+ 16),
+ RevocationReason.fromInt(reason)
+ .toString() });
}
}
}
@@ -886,17 +911,17 @@ CMS.debug("**** mFormPath = "+mFormPath);
// if and only if "auditApprovalStatus" is
// "complete", "revoked", or "canceled"
if ((auditApprovalStatus.equals(RequestStatus.COMPLETE_STRING))
- || (auditApprovalStatus.equals(RequestStatus.REJECTED_STRING))
- || (auditApprovalStatus.equals(RequestStatus.CANCELED_STRING))) {
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
- auditSubjectID,
- ILogger.SUCCESS,
- auditRequesterID,
- auditSerialNumber,
- auditRequestType,
- auditReasonNum,
- auditApprovalStatus);
+ || (auditApprovalStatus
+ .equals(RequestStatus.REJECTED_STRING))
+ || (auditApprovalStatus
+ .equals(RequestStatus.CANCELED_STRING))) {
+ auditMessage = CMS
+ .getLogMessage(
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
+ auditSubjectID, ILogger.SUCCESS,
+ auditRequesterID, auditSerialNumber,
+ auditRequestType, auditReasonNum,
+ auditApprovalStatus);
audit(auditMessage);
}
@@ -906,12 +931,9 @@ CMS.debug("**** mFormPath = "+mFormPath);
// store a "CERT_STATUS_CHANGE_REQUEST" failure
// message in the signed audit log file
auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
- auditSubjectID,
- ILogger.FAILURE,
- auditRequesterID,
- auditSerialNumber,
- auditRequestType);
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
+ auditSubjectID, ILogger.FAILURE, auditRequesterID,
+ auditSerialNumber, auditRequestType);
audit(auditMessage);
} else {
@@ -920,18 +942,17 @@ CMS.debug("**** mFormPath = "+mFormPath);
// if and only if "auditApprovalStatus" is
// "complete", "revoked", or "canceled"
if ((auditApprovalStatus.equals(RequestStatus.COMPLETE_STRING))
- || (auditApprovalStatus.equals(RequestStatus.REJECTED_STRING))
- || (auditApprovalStatus.equals(RequestStatus.CANCELED_STRING)))
- {
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
- auditSubjectID,
- ILogger.FAILURE,
- auditRequesterID,
- auditSerialNumber,
- auditRequestType,
- auditReasonNum,
- auditApprovalStatus);
+ || (auditApprovalStatus
+ .equals(RequestStatus.REJECTED_STRING))
+ || (auditApprovalStatus
+ .equals(RequestStatus.CANCELED_STRING))) {
+ auditMessage = CMS
+ .getLogMessage(
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
+ auditSubjectID, ILogger.FAILURE,
+ auditRequesterID, auditSerialNumber,
+ auditRequestType, auditReasonNum,
+ auditApprovalStatus);
audit(auditMessage);
}
@@ -945,12 +966,9 @@ CMS.debug("**** mFormPath = "+mFormPath);
// store a "CERT_STATUS_CHANGE_REQUEST" failure
// message in the signed audit log file
auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
- auditSubjectID,
- ILogger.FAILURE,
- auditRequesterID,
- auditSerialNumber,
- auditRequestType);
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
+ auditSubjectID, ILogger.FAILURE, auditRequesterID,
+ auditSerialNumber, auditRequestType);
audit(auditMessage);
} else {
@@ -959,18 +977,17 @@ CMS.debug("**** mFormPath = "+mFormPath);
// if and only if "auditApprovalStatus" is
// "complete", "revoked", or "canceled"
if ((auditApprovalStatus.equals(RequestStatus.COMPLETE_STRING))
- || (auditApprovalStatus.equals(RequestStatus.REJECTED_STRING))
- || (auditApprovalStatus.equals(RequestStatus.CANCELED_STRING)))
- {
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
- auditSubjectID,
- ILogger.FAILURE,
- auditRequesterID,
- auditSerialNumber,
- auditRequestType,
- auditReasonNum,
- auditApprovalStatus);
+ || (auditApprovalStatus
+ .equals(RequestStatus.REJECTED_STRING))
+ || (auditApprovalStatus
+ .equals(RequestStatus.CANCELED_STRING))) {
+ auditMessage = CMS
+ .getLogMessage(
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
+ auditSubjectID, ILogger.FAILURE,
+ auditRequesterID, auditSerialNumber,
+ auditRequestType, auditReasonNum,
+ auditApprovalStatus);
audit(auditMessage);
}
@@ -979,18 +996,16 @@ CMS.debug("**** mFormPath = "+mFormPath);
throw e;
} catch (IOException e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ERROR_MARKING_CERT_REVOKED", e.toString()));
+ CMS.getLogMessage("CMSGW_ERROR_MARKING_CERT_REVOKED",
+ e.toString()));
if (auditRequest) {
// store a "CERT_STATUS_CHANGE_REQUEST" failure
// message in the signed audit log file
auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
- auditSubjectID,
- ILogger.FAILURE,
- auditRequesterID,
- auditSerialNumber,
- auditRequestType);
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
+ auditSubjectID, ILogger.FAILURE, auditRequesterID,
+ auditSerialNumber, auditRequestType);
audit(auditMessage);
} else {
@@ -999,35 +1014,32 @@ CMS.debug("**** mFormPath = "+mFormPath);
// if and only if "auditApprovalStatus" is
// "complete", "revoked", or "canceled"
if ((auditApprovalStatus.equals(RequestStatus.COMPLETE_STRING))
- || (auditApprovalStatus.equals(RequestStatus.REJECTED_STRING))
- || (auditApprovalStatus.equals(RequestStatus.CANCELED_STRING)))
- {
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
- auditSubjectID,
- ILogger.FAILURE,
- auditRequesterID,
- auditSerialNumber,
- auditRequestType,
- auditReasonNum,
- auditApprovalStatus);
+ || (auditApprovalStatus
+ .equals(RequestStatus.REJECTED_STRING))
+ || (auditApprovalStatus
+ .equals(RequestStatus.CANCELED_STRING))) {
+ auditMessage = CMS
+ .getLogMessage(
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
+ auditSubjectID, ILogger.FAILURE,
+ auditRequesterID, auditSerialNumber,
+ auditRequestType, auditReasonNum,
+ auditApprovalStatus);
audit(auditMessage);
}
}
- throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_MARKING_CERT_REVOKED"));
+ throw new ECMSGWException(
+ CMS.getLogMessage("CMSGW_ERROR_MARKING_CERT_REVOKED"));
} catch (Exception e) {
if (auditRequest) {
// store a "CERT_STATUS_CHANGE_REQUEST" failure
// message in the signed audit log file
auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
- auditSubjectID,
- ILogger.FAILURE,
- auditRequesterID,
- auditSerialNumber,
- auditRequestType);
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST,
+ auditSubjectID, ILogger.FAILURE, auditRequesterID,
+ auditSerialNumber, auditRequestType);
audit(auditMessage);
} else {
@@ -1036,18 +1048,17 @@ CMS.debug("**** mFormPath = "+mFormPath);
// if and only if "auditApprovalStatus" is
// "complete", "revoked", or "canceled"
if ((auditApprovalStatus.equals(RequestStatus.COMPLETE_STRING))
- || (auditApprovalStatus.equals(RequestStatus.REJECTED_STRING))
- || (auditApprovalStatus.equals(RequestStatus.CANCELED_STRING)))
- {
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
- auditSubjectID,
- ILogger.FAILURE,
- auditRequesterID,
- auditSerialNumber,
- auditRequestType,
- auditReasonNum,
- auditApprovalStatus);
+ || (auditApprovalStatus
+ .equals(RequestStatus.REJECTED_STRING))
+ || (auditApprovalStatus
+ .equals(RequestStatus.CANCELED_STRING))) {
+ auditMessage = CMS
+ .getLogMessage(
+ LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED,
+ auditSubjectID, ILogger.FAILURE,
+ auditRequesterID, auditSerialNumber,
+ auditRequestType, auditReasonNum,
+ auditApprovalStatus);
audit(auditMessage);
}
@@ -1061,11 +1072,11 @@ CMS.debug("**** mFormPath = "+mFormPath);
/**
* Signed Audit Log Requester ID
- *
- * This method is called to obtain the "RequesterID" for
- * a signed audit log message.
+ *
+ * This method is called to obtain the "RequesterID" for a signed audit log
+ * message.
* <P>
- *
+ *
* @param req HTTP request
* @return id string containing the signed audit log message RequesterID
*/
@@ -1091,11 +1102,11 @@ CMS.debug("**** mFormPath = "+mFormPath);
/**
* Signed Audit Log Serial Number
- *
+ *
* This method is called to obtain the serial number of the certificate
* whose status is to be changed for a signed audit log message.
* <P>
- *
+ *
* @param eeSerialNumber a string containing the un-normalized serialNumber
* @return id string containing the signed audit log message RequesterID
*/
@@ -1113,8 +1124,8 @@ CMS.debug("**** mFormPath = "+mFormPath);
// convert it to hexadecimal
serialNumber = "0x"
- + Integer.toHexString(
- Integer.valueOf(serialNumber).intValue());
+ + Integer.toHexString(Integer.valueOf(serialNumber)
+ .intValue());
} else {
serialNumber = ILogger.SIGNED_AUDIT_EMPTY_VALUE;
}
@@ -1124,11 +1135,11 @@ CMS.debug("**** mFormPath = "+mFormPath);
/**
* Signed Audit Log Request Type
- *
- * This method is called to obtain the "Request Type" for
- * a signed audit log message.
+ *
+ * This method is called to obtain the "Request Type" for a signed audit log
+ * message.
* <P>
- *
+ *
* @param reason an integer denoting the revocation reason
* @return string containing REVOKE or ON_HOLD
*/
@@ -1150,4 +1161,3 @@ CMS.debug("**** mFormPath = "+mFormPath);
return requestType;
}
}
-
generated by cgit (git 2.34.1) at 2024-05-05 12:46:37 +0000