summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/servlet/cert/ChallengeRevocationServlet1.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/cert/ChallengeRevocationServlet1.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/cert/ChallengeRevocationServlet1.java435
1 files changed, 235 insertions, 200 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/ChallengeRevocationServlet1.java b/pki/base/common/src/com/netscape/cms/servlet/cert/ChallengeRevocationServlet1.java
index 8dff2768..807f0493 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/ChallengeRevocationServlet1.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/ChallengeRevocationServlet1.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.servlet.cert;
-
import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.CertificateException;
@@ -66,11 +65,11 @@ import com.netscape.cms.servlet.common.CMSTemplate;
import com.netscape.cms.servlet.common.CMSTemplateParams;
import com.netscape.cms.servlet.common.ECMSGWException;
-
/**
- * Takes the certificate info (serial number) and optional challenge phrase, creates a
- * revocation request and submits it to the authority subsystem for processing
- *
+ * Takes the certificate info (serial number) and optional challenge phrase,
+ * creates a revocation request and submits it to the authority subsystem for
+ * processing
+ *
* @version $Revision$, $Date$
*/
public class ChallengeRevocationServlet1 extends CMSServlet {
@@ -89,7 +88,7 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
private IPublisherProcessor mPublisherProcessor = null;
private String mRequestID = null;
- // http params
+ // http params
public static final String SERIAL_NO = TOKEN_CERT_SERIAL;
public static final String REASON_CODE = "reasonCode";
public static final String CHALLENGE_PHRASE = "challengePhrase";
@@ -102,10 +101,10 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
}
/**
- * Initialize the servlet. This servlet uses the file
- * revocationResult.template for the response
- *
- * @param sc servlet configuration, read from the web.xml file
+ * Initialize the servlet. This servlet uses the file
+ * revocationResult.template for the response
+ *
+ * @param sc servlet configuration, read from the web.xml file
*/
public void init(ServletConfig sc) throws ServletException {
super.init(sc);
@@ -116,26 +115,27 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
mTemplates.remove(CMSRequest.SUCCESS);
if (mAuthority instanceof ICertificateAuthority) {
- mCertDB = ((ICertificateAuthority) mAuthority).getCertificateRepository();
+ mCertDB = ((ICertificateAuthority) mAuthority)
+ .getCertificateRepository();
}
if (mAuthority instanceof ICertAuthority) {
- mPublisherProcessor = ((ICertAuthority) mAuthority).getPublisherProcessor();
+ mPublisherProcessor = ((ICertAuthority) mAuthority)
+ .getPublisherProcessor();
}
mQueue = mAuthority.getRequestQueue();
}
- /**
- * Process the HTTP request.
+ /**
+ * Process the HTTP request.
* <ul>
* <li>http.param REASON_CODE the revocation reason
- * <li>http.param b64eCertificate the base-64 encoded certificate to revoke
+ * <li>http.param b64eCertificate the base-64 encoded certificate to revoke
* </ul>
- *
+ *
* @param cmsReq the object holding the request and response information
*/
- protected void process(CMSRequest cmsReq)
- throws EBaseException {
+ protected void process(CMSRequest cmsReq) throws EBaseException {
IArgBlock httpParams = cmsReq.getHttpParams();
HttpServletRequest req = cmsReq.getHttpReq();
HttpServletResponse resp = cmsReq.getHttpResp();
@@ -146,8 +146,10 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
try {
form = getTemplate(mFormPath, req, locale);
} catch (IOException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
- throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
+ throw new ECMSGWException(
+ CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
}
EBaseException error = null;
@@ -159,37 +161,40 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
// for audit log
IAuthToken authToken = authenticate(cmsReq);
String authMgr = AuditFormat.NOAUTH;
-
+
BigInteger[] serialNoArray = null;
if (authToken != null) {
serialNoArray = authToken.getInBigIntegerArray(SERIAL_NO);
}
// set revocation reason, default to unspecified if not set.
- int reasonCode =
- httpParams.getValueAsInt(REASON_CODE, 0);
- // header.addIntegerValue("reason", reasonCode);
+ int reasonCode = httpParams.getValueAsInt(REASON_CODE, 0);
+ // header.addIntegerValue("reason", reasonCode);
RevocationReason reason = RevocationReason.fromInt(reasonCode);
String comments = req.getParameter(IRequest.REQUESTOR_COMMENTS);
Date invalidityDate = null;
String revokeAll = null;
- int totalRecordCount = (serialNoArray != null)? serialNoArray.length:0;
- int verifiedRecordCount = (serialNoArray != null)? serialNoArray.length:0;
+ int totalRecordCount = (serialNoArray != null) ? serialNoArray.length
+ : 0;
+ int verifiedRecordCount = (serialNoArray != null) ? serialNoArray.length
+ : 0;
X509CertImpl[] certs = null;
- //for audit log.
+ // for audit log.
String initiative = null;
- if (mAuthMgr != null && mAuthMgr.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) {
+ if (mAuthMgr != null
+ && mAuthMgr.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) {
// request is from agent
if (authToken != null) {
- authMgr = authToken.getInString(AuthToken.TOKEN_AUTHMGR_INST_NAME);
+ authMgr = authToken
+ .getInString(AuthToken.TOKEN_AUTHMGR_INST_NAME);
String agentID = authToken.getInString("userid");
- initiative = AuditFormat.FROMAGENT + " agentID: " + agentID +
- " authenticated by " + authMgr;
+ initiative = AuditFormat.FROMAGENT + " agentID: " + agentID
+ + " authenticated by " + authMgr;
}
} else {
initiative = AuditFormat.FROMUSER;
@@ -198,11 +203,11 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
AuthzToken authzToken = null;
try {
- authzToken = authorize(mAclMethod, authToken,
- mAuthzResourceName, "revoke");
+ authzToken = authorize(mAclMethod, authToken, mAuthzResourceName,
+ "revoke");
} catch (Exception e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
}
if (authzToken == null) {
@@ -215,24 +220,29 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
certs = new X509CertImpl[serialNoArray.length];
for (int i = 0; i < serialNoArray.length; i++) {
- certs[i] = ((ICertificateAuthority) mAuthority).getCertificateRepository().getX509Certificate(serialNoArray[i]);
+ certs[i] = ((ICertificateAuthority) mAuthority)
+ .getCertificateRepository().getX509Certificate(
+ serialNoArray[i]);
}
} else if (mAuthority instanceof IRegistrationAuthority) {
IRequest getCertsChallengeReq = null;
- getCertsChallengeReq = mQueue.newRequest(
- GETCERTS_FOR_CHALLENGE_REQUEST);
+ getCertsChallengeReq = mQueue
+ .newRequest(GETCERTS_FOR_CHALLENGE_REQUEST);
getCertsChallengeReq.setExtData(SERIALNO_ARRAY, serialNoArray);
mQueue.processRequest(getCertsChallengeReq);
RequestStatus status = getCertsChallengeReq.getRequestStatus();
if (status == RequestStatus.COMPLETE) {
- certs = getCertsChallengeReq.getExtDataInCertArray(IRequest.OLD_CERTS);
- header.addStringValue("request", getCertsChallengeReq.getRequestId().toString());
+ certs = getCertsChallengeReq
+ .getExtDataInCertArray(IRequest.OLD_CERTS);
+ header.addStringValue("request", getCertsChallengeReq
+ .getRequestId().toString());
mRequestID = getCertsChallengeReq.getRequestId().toString();
} else {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_FAIL_GET_CERT_CHALL_PWRD"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("ADMIN_SRVLT_FAIL_GET_CERT_CHALL_PWRD"));
}
}
@@ -242,21 +252,20 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
for (int i = 0; i < serialNoArray.length; i++) {
IArgBlock rarg = CMS.createArgBlock();
- rarg.addBigIntegerValue("serialNumber",
- serialNoArray[i], 16);
- rarg.addStringValue("subject",
- certs[i].getSubjectDN().toString());
- rarg.addLongValue("validNotBefore",
- certs[i].getNotBefore().getTime() / 1000);
- rarg.addLongValue("validNotAfter",
- certs[i].getNotAfter().getTime() / 1000);
- //argSet.addRepeatRecord(rarg);
+ rarg.addBigIntegerValue("serialNumber", serialNoArray[i], 16);
+ rarg.addStringValue("subject", certs[i].getSubjectDN()
+ .toString());
+ rarg.addLongValue("validNotBefore", certs[i].getNotBefore()
+ .getTime() / 1000);
+ rarg.addLongValue("validNotAfter", certs[i].getNotAfter()
+ .getTime() / 1000);
+ // argSet.addRepeatRecord(rarg);
}
revokeAll = "(|(certRecordId=" + serialNoArray[0].toString() + "))";
- process(argSet, header, reasonCode, invalidityDate, initiative, req, resp,
- verifiedRecordCount, revokeAll, totalRecordCount,
- comments, locale[0]);
+ process(argSet, header, reasonCode, invalidityDate, initiative,
+ req, resp, verifiedRecordCount, revokeAll,
+ totalRecordCount, comments, locale[0]);
} else {
header.addIntegerValue("totalRecordCount", 0);
header.addIntegerValue("verifiedRecordCount", 0);
@@ -265,10 +274,11 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
try {
ServletOutputStream out = resp.getOutputStream();
- if( serialNoArray == null ) {
- CMS.debug( "ChallengeRevcationServlet1::process() - " +
- " serialNoArray is null!" );
- EBaseException ee = new EBaseException( "No matched certificate is found" );
+ if (serialNoArray == null) {
+ CMS.debug("ChallengeRevcationServlet1::process() - "
+ + " serialNoArray is null!");
+ EBaseException ee = new EBaseException(
+ "No matched certificate is found");
cmsReq.setError(ee);
return;
@@ -276,37 +286,34 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
if (serialNoArray.length == 0) {
cmsReq.setStatus(CMSRequest.ERROR);
- EBaseException ee = new EBaseException("No matched certificate is found");
+ EBaseException ee = new EBaseException(
+ "No matched certificate is found");
cmsReq.setError(ee);
} else {
String xmlOutput = req.getParameter("xml");
if (xmlOutput != null && xmlOutput.equals("true")) {
- outputXML(resp, argSet);
+ outputXML(resp, argSet);
} else {
- resp.setContentType("text/html");
- form.renderOutput(out, argSet);
- cmsReq.setStatus(CMSRequest.SUCCESS);
+ resp.setContentType("text/html");
+ form.renderOutput(out, argSet);
+ cmsReq.setStatus(CMSRequest.SUCCESS);
}
}
} catch (IOException e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("ADMIN_SRVLT_ERR_STREAM_TEMPLATE", e.toString()));
- throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
+ CMS.getLogMessage("ADMIN_SRVLT_ERR_STREAM_TEMPLATE",
+ e.toString()));
+ throw new ECMSGWException(
+ CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"));
}
}
private void process(CMSTemplateParams argSet, IArgBlock header,
- int reason, Date invalidityDate,
- String initiative,
- HttpServletRequest req,
- HttpServletResponse resp,
- int verifiedRecordCount,
- String revokeAll,
- int totalRecordCount,
- String comments,
- Locale locale)
- throws EBaseException {
+ int reason, Date invalidityDate, String initiative,
+ HttpServletRequest req, HttpServletResponse resp,
+ int verifiedRecordCount, String revokeAll, int totalRecordCount,
+ String comments, Locale locale) throws EBaseException {
try {
int count = 0;
Vector oldCertsV = new Vector();
@@ -334,8 +341,9 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
}
if (mAuthority instanceof ICertificateAuthority) {
- ICertRecordList list = (ICertRecordList) mCertDB.findCertRecordsInList(
- revokeAll, null, totalRecordCount);
+ ICertRecordList list = (ICertRecordList) mCertDB
+ .findCertRecordsInList(revokeAll, null,
+ totalRecordCount);
Enumeration e = list.getCertRecords(0, totalRecordCount - 1);
while (e != null && e.hasMoreElements()) {
@@ -344,18 +352,18 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
IArgBlock rarg = CMS.createArgBlock();
rarg.addBigIntegerValue("serialNumber",
- cert.getSerialNumber(), 16);
+ cert.getSerialNumber(), 16);
if (rec.getStatus().equals(ICertRecord.STATUS_REVOKED)) {
- rarg.addStringValue("error", "Certificate " +
- cert.getSerialNumber().toString() +
- " is already revoked.");
+ rarg.addStringValue("error", "Certificate "
+ + cert.getSerialNumber().toString()
+ + " is already revoked.");
} else {
oldCertsV.addElement(cert);
- RevokedCertImpl revCertImpl =
- new RevokedCertImpl(cert.getSerialNumber(),
- CMS.getCurrentDate(), entryExtn);
+ RevokedCertImpl revCertImpl = new RevokedCertImpl(
+ cert.getSerialNumber(), CMS.getCurrentDate(),
+ entryExtn);
revCertImplsV.addElement(revCertImpl);
count++;
@@ -367,42 +375,48 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
} else if (mAuthority instanceof IRegistrationAuthority) {
String reqIdStr = null;
- if (mRequestID != null && mRequestID.length() > 0)
+ if (mRequestID != null && mRequestID.length() > 0)
reqIdStr = mRequestID;
Vector serialNumbers = new Vector();
if (revokeAll != null && revokeAll.length() > 0) {
- for (int i = revokeAll.indexOf('=');
- i < revokeAll.length() && i > -1;
- i = revokeAll.indexOf('=', i)) {
+ for (int i = revokeAll.indexOf('='); i < revokeAll.length()
+ && i > -1; i = revokeAll.indexOf('=', i)) {
if (i > -1) {
i++;
- while (i < revokeAll.length() && revokeAll.charAt(i) == ' ') {
+ while (i < revokeAll.length()
+ && revokeAll.charAt(i) == ' ') {
i++;
}
String legalDigits = "0123456789";
int j = i;
- while (j < revokeAll.length() &&
- legalDigits.indexOf(revokeAll.charAt(j)) != -1) {
+ while (j < revokeAll.length()
+ && legalDigits.indexOf(revokeAll.charAt(j)) != -1) {
j++;
}
if (j > i) {
- serialNumbers.addElement(revokeAll.substring(i, j));
+ serialNumbers.addElement(revokeAll.substring(i,
+ j));
}
}
}
}
- if (reqIdStr != null && reqIdStr.length() > 0 && serialNumbers.size() > 0) {
- IRequest certReq = mRequestQueue.findRequest(new RequestId(reqIdStr));
- X509CertImpl[] certs = certReq.getExtDataInCertArray(IRequest.OLD_CERTS);
+ if (reqIdStr != null && reqIdStr.length() > 0
+ && serialNumbers.size() > 0) {
+ IRequest certReq = mRequestQueue.findRequest(new RequestId(
+ reqIdStr));
+ X509CertImpl[] certs = certReq
+ .getExtDataInCertArray(IRequest.OLD_CERTS);
for (int i = 0; i < certs.length; i++) {
boolean addToList = false;
for (int j = 0; j < serialNumbers.size(); j++) {
- if (certs[i].getSerialNumber().toString().equals(
- (String) serialNumbers.elementAt(j))) {
+ if (certs[i]
+ .getSerialNumber()
+ .toString()
+ .equals((String) serialNumbers.elementAt(j))) {
addToList = true;
break;
}
@@ -411,11 +425,11 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
IArgBlock rarg = CMS.createArgBlock();
rarg.addBigIntegerValue("serialNumber",
- certs[i].getSerialNumber(), 16);
+ certs[i].getSerialNumber(), 16);
oldCertsV.addElement(certs[i]);
- RevokedCertImpl revCertImpl =
- new RevokedCertImpl(certs[i].getSerialNumber(),
+ RevokedCertImpl revCertImpl = new RevokedCertImpl(
+ certs[i].getSerialNumber(),
CMS.getCurrentDate(), entryExtn);
revCertImplsV.addElement(revCertImpl);
@@ -428,17 +442,18 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
String b64eCert = req.getParameter("b64eCertificate");
if (b64eCert != null) {
- byte[] certBytes = com.netscape.osutil.OSUtil.AtoB(b64eCert);
+ byte[] certBytes = com.netscape.osutil.OSUtil
+ .AtoB(b64eCert);
X509CertImpl cert = new X509CertImpl(certBytes);
IArgBlock rarg = CMS.createArgBlock();
rarg.addBigIntegerValue("serialNumber",
- cert.getSerialNumber(), 16);
+ cert.getSerialNumber(), 16);
oldCertsV.addElement(cert);
- RevokedCertImpl revCertImpl =
- new RevokedCertImpl(cert.getSerialNumber(),
- CMS.getCurrentDate(), entryExtn);
+ RevokedCertImpl revCertImpl = new RevokedCertImpl(
+ cert.getSerialNumber(), CMS.getCurrentDate(),
+ entryExtn);
revCertImplsV.addElement(revCertImpl);
count++;
@@ -458,8 +473,7 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
revCertImpls[i] = (RevokedCertImpl) revCertImplsV.elementAt(i);
}
- IRequest revReq =
- mQueue.newRequest(IRequest.REVOCATION_REQUEST);
+ IRequest revReq = mQueue.newRequest(IRequest.REVOCATION_REQUEST);
revReq.setExtData(IRequest.CERT_INFO, revCertImpls);
revReq.setExtData(IRequest.REQ_TYPE, IRequest.REVOCATION_REQUEST);
@@ -478,30 +492,35 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
Integer result = revReq.getExtDataInInteger(IRequest.RESULT);
if (result.equals(IRequest.RES_ERROR)) {
- String[] svcErrors =
- revReq.getExtDataInStringArray(IRequest.SVCERRORS);
+ String[] svcErrors = revReq
+ .getExtDataInStringArray(IRequest.SVCERRORS);
if (svcErrors != null && svcErrors.length > 0) {
for (int i = 0; i < svcErrors.length; i++) {
String err = svcErrors[i];
if (err != null) {
- //cmsReq.setErrorDescription(err);
+ // cmsReq.setErrorDescription(err);
for (int j = 0; j < count; j++) {
if (oldCerts[j] != null) {
- mLogger.log(ILogger.EV_AUDIT,
- ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.DOREVOKEFORMAT,
- new Object[] {
- revReq.getRequestId(),
- initiative,
- "completed with error: " +
- err,
- oldCerts[j].getSubjectDN(),
- oldCerts[j].getSerialNumber().toString(16),
- RevocationReason.fromInt(reason).toString()}
- );
+ mLogger.log(
+ ILogger.EV_AUDIT,
+ ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.DOREVOKEFORMAT,
+ new Object[] {
+ revReq.getRequestId(),
+ initiative,
+ "completed with error: "
+ + err,
+ oldCerts[j]
+ .getSubjectDN(),
+ oldCerts[j]
+ .getSerialNumber()
+ .toString(16),
+ RevocationReason
+ .fromInt(reason)
+ .toString() });
}
}
}
@@ -513,24 +532,27 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
// audit log the success.
for (int j = 0; j < count; j++) {
if (oldCerts[j] != null) {
- mLogger.log(ILogger.EV_AUDIT, ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.DOREVOKEFORMAT,
- new Object[] {
- revReq.getRequestId(),
- initiative,
- "completed",
- oldCerts[j].getSubjectDN(),
- oldCerts[j].getSerialNumber().toString(16),
- RevocationReason.fromInt(reason).toString()}
- );
+ mLogger.log(
+ ILogger.EV_AUDIT,
+ ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.DOREVOKEFORMAT,
+ new Object[] {
+ revReq.getRequestId(),
+ initiative,
+ "completed",
+ oldCerts[j].getSubjectDN(),
+ oldCerts[j].getSerialNumber().toString(
+ 16),
+ RevocationReason.fromInt(reason)
+ .toString() });
}
}
header.addStringValue("revoked", "yes");
- Integer updateCRLResult =
- revReq.getExtDataInInteger(IRequest.CRL_UPDATE_STATUS);
+ Integer updateCRLResult = revReq
+ .getExtDataInInteger(IRequest.CRL_UPDATE_STATUS);
if (updateCRLResult != null) {
header.addStringValue("updateCRL", "yes");
@@ -538,92 +560,98 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
header.addStringValue("updateCRLSuccess", "yes");
} else {
header.addStringValue("updateCRLSuccess", "no");
- String crlError =
- revReq.getExtDataInString(IRequest.CRL_UPDATE_ERROR);
+ String crlError = revReq
+ .getExtDataInString(IRequest.CRL_UPDATE_ERROR);
if (crlError != null)
- header.addStringValue("updateCRLError",
- crlError);
+ header.addStringValue("updateCRLError", crlError);
}
// let known crl publishing status too.
- Integer publishCRLResult =
- revReq.getExtDataInInteger(IRequest.CRL_PUBLISH_STATUS);
+ Integer publishCRLResult = revReq
+ .getExtDataInInteger(IRequest.CRL_PUBLISH_STATUS);
if (publishCRLResult != null) {
if (publishCRLResult.equals(IRequest.RES_SUCCESS)) {
header.addStringValue("publishCRLSuccess", "yes");
} else {
header.addStringValue("publishCRLSuccess", "no");
- String publError =
- revReq.getExtDataInString(IRequest.CRL_PUBLISH_ERROR);
+ String publError = revReq
+ .getExtDataInString(IRequest.CRL_PUBLISH_ERROR);
if (publError != null)
header.addStringValue("publishCRLError",
- publError);
+ publError);
}
}
}
if (mAuthority instanceof ICertificateAuthority) {
// let known update and publish status of all crls.
- Enumeration otherCRLs =
- ((ICertificateAuthority) mAuthority).getCRLIssuingPoints();
+ Enumeration otherCRLs = ((ICertificateAuthority) mAuthority)
+ .getCRLIssuingPoints();
while (otherCRLs.hasMoreElements()) {
- ICRLIssuingPoint crl = (ICRLIssuingPoint)
- otherCRLs.nextElement();
+ ICRLIssuingPoint crl = (ICRLIssuingPoint) otherCRLs
+ .nextElement();
String crlId = crl.getId();
if (crlId.equals(ICertificateAuthority.PROP_MASTER_CRL))
continue;
String updateStatusStr = crl.getCrlUpdateStatusStr();
- Integer updateResult = revReq.getExtDataInInteger(updateStatusStr);
+ Integer updateResult = revReq
+ .getExtDataInInteger(updateStatusStr);
if (updateResult != null) {
if (updateResult.equals(IRequest.RES_SUCCESS)) {
- CMS.debug("ChallengeRevcationServlet1: " + CMS.getLogMessage("ADMIN_SRVLT_ADDING_HEADER",
- updateStatusStr));
+ CMS.debug("ChallengeRevcationServlet1: "
+ + CMS.getLogMessage(
+ "ADMIN_SRVLT_ADDING_HEADER",
+ updateStatusStr));
header.addStringValue(updateStatusStr, "yes");
} else {
- String updateErrorStr = crl.getCrlUpdateErrorStr();
+ String updateErrorStr = crl
+ .getCrlUpdateErrorStr();
- CMS.debug("ChallengeRevcationServlet1: " + CMS.getLogMessage("ADMIN_SRVLT_ADDING_HEADER_NO",
- updateStatusStr));
+ CMS.debug("ChallengeRevcationServlet1: "
+ + CMS.getLogMessage(
+ "ADMIN_SRVLT_ADDING_HEADER_NO",
+ updateStatusStr));
header.addStringValue(updateStatusStr, "no");
- String error =
- revReq.getExtDataInString(updateErrorStr);
+ String error = revReq
+ .getExtDataInString(updateErrorStr);
if (error != null)
- header.addStringValue(updateErrorStr,
- error);
+ header.addStringValue(updateErrorStr, error);
}
- String publishStatusStr = crl.getCrlPublishStatusStr();
- Integer publishResult =
- revReq.getExtDataInInteger(publishStatusStr);
+ String publishStatusStr = crl
+ .getCrlPublishStatusStr();
+ Integer publishResult = revReq
+ .getExtDataInInteger(publishStatusStr);
if (publishResult == null)
continue;
if (publishResult.equals(IRequest.RES_SUCCESS)) {
header.addStringValue(publishStatusStr, "yes");
} else {
- String publishErrorStr =
- crl.getCrlPublishErrorStr();
+ String publishErrorStr = crl
+ .getCrlPublishErrorStr();
header.addStringValue(publishStatusStr, "no");
- String error =
- revReq.getExtDataInString(publishErrorStr);
+ String error = revReq
+ .getExtDataInString(publishErrorStr);
if (error != null)
- header.addStringValue(
- publishErrorStr, error);
+ header.addStringValue(publishErrorStr,
+ error);
}
}
}
}
- if (mPublisherProcessor != null && mPublisherProcessor.ldapEnabled()) {
+ if (mPublisherProcessor != null
+ && mPublisherProcessor.ldapEnabled()) {
header.addStringValue("dirEnabled", "yes");
- Integer[] ldapPublishStatus =
- revReq.getExtDataInIntegerArray("ldapPublishStatus");
+ Integer[] ldapPublishStatus = revReq
+ .getExtDataInIntegerArray("ldapPublishStatus");
int certsToUpdate = 0;
int certsUpdated = 0;
@@ -639,12 +667,11 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
header.addIntegerValue("certsToUpdate", certsToUpdate);
// add crl publishing status.
- String publError =
- revReq.getExtDataInString(IRequest.CRL_PUBLISH_ERROR);
+ String publError = revReq
+ .getExtDataInString(IRequest.CRL_PUBLISH_ERROR);
if (publError != null) {
- header.addStringValue("crlPublishError",
- publError);
+ header.addStringValue("crlPublishError", publError);
}
} else {
header.addStringValue("dirEnabled", "no");
@@ -657,22 +684,26 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
// audit log the pending
for (int j = 0; j < count; j++) {
if (oldCerts[j] != null) {
- mLogger.log(ILogger.EV_AUDIT, ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.DOREVOKEFORMAT,
- new Object[] {
- revReq.getRequestId(),
- initiative,
- "pending",
- oldCerts[j].getSubjectDN(),
- oldCerts[j].getSerialNumber().toString(16),
- RevocationReason.fromInt(reason).toString()}
- );
+ mLogger.log(
+ ILogger.EV_AUDIT,
+ ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.DOREVOKEFORMAT,
+ new Object[] {
+ revReq.getRequestId(),
+ initiative,
+ "pending",
+ oldCerts[j].getSubjectDN(),
+ oldCerts[j].getSerialNumber().toString(
+ 16),
+ RevocationReason.fromInt(reason)
+ .toString() });
}
}
} else {
- Vector errors = revReq.getExtDataInStringVector(IRequest.ERRORS);
+ Vector errors = revReq
+ .getExtDataInStringVector(IRequest.ERRORS);
StringBuffer errorStr = new StringBuffer();
if (errors != null && errors.size() > 0) {
@@ -685,17 +716,20 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
// audit log the error
for (int j = 0; j < count; j++) {
if (oldCerts[j] != null) {
- mLogger.log(ILogger.EV_AUDIT, ILogger.S_OTHER,
- AuditFormat.LEVEL,
- AuditFormat.DOREVOKEFORMAT,
- new Object[] {
- revReq.getRequestId(),
- initiative,
- stat.toString(),
- oldCerts[j].getSubjectDN(),
- oldCerts[j].getSerialNumber().toString(16),
- RevocationReason.fromInt(reason).toString()}
- );
+ mLogger.log(
+ ILogger.EV_AUDIT,
+ ILogger.S_OTHER,
+ AuditFormat.LEVEL,
+ AuditFormat.DOREVOKEFORMAT,
+ new Object[] {
+ revReq.getRequestId(),
+ initiative,
+ stat.toString(),
+ oldCerts[j].getSubjectDN(),
+ oldCerts[j].getSerialNumber().toString(
+ 16),
+ RevocationReason.fromInt(reason)
+ .toString() });
}
}
}
@@ -706,8 +740,10 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
throw e;
} catch (IOException e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ERROR_MARKING_CERT_REVOKED", e.toString()));
- throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_MARKING_CERT_REVOKED"));
+ CMS.getLogMessage("CMSGW_ERROR_MARKING_CERT_REVOKED",
+ e.toString()));
+ throw new ECMSGWException(
+ CMS.getLogMessage("CMSGW_ERROR_MARKING_CERT_REVOKED"));
} catch (Exception e) {
e.printStackTrace();
}
@@ -715,4 +751,3 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
return;
}
}
-
generated by cgit (git 2.34.1) at 2024-05-05 12:31:37 +0000