summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cmscore/dbs/KeyRepository.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/dbs/KeyRepository.java')
-rw-r--r--pki/base/common/src/com/netscape/cmscore/dbs/KeyRepository.java255
1 files changed, 130 insertions, 125 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/KeyRepository.java b/pki/base/common/src/com/netscape/cmscore/dbs/KeyRepository.java
index f684718c..fc2d2c10 100644
--- a/pki/base/common/src/com/netscape/cmscore/dbs/KeyRepository.java
+++ b/pki/base/common/src/com/netscape/cmscore/dbs/KeyRepository.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmscore.dbs;
-
import java.math.BigInteger;
import java.security.PublicKey;
import java.util.Date;
@@ -39,12 +38,11 @@ import com.netscape.certsrv.dbs.keydb.IKeyRecordList;
import com.netscape.certsrv.dbs.keydb.IKeyRepository;
import com.netscape.certsrv.dbs.repository.IRepository;
-
/**
* A class represents a Key repository. This is the container of
* archived keys.
* <P>
- *
+ *
* @author thomask
* @version $Revision$, $Date$
*/
@@ -62,12 +60,12 @@ public class KeyRepository extends Repository implements IKeyRepository {
* Constructs a key repository. It checks if the key repository
* does exist. If not, it creates the repository.
* <P>
- *
+ *
* @param service db service
* @exception EBaseException failed to setup key repository
*/
public KeyRepository(IDBSubsystem service, int increment, String baseDN)
- throws EDBException {
+ throws EDBException {
super(service, increment, baseDN);
mBaseDN = baseDN;
mDBService = service;
@@ -81,55 +79,55 @@ public class KeyRepository extends Repository implements IKeyRepository {
if (!reg.isObjectClassRegistered(KeyRecord.class.getName())) {
reg.registerObjectClass(KeyRecord.class.getName(),
- keyRecordOC);
+ keyRecordOC);
}
if (!reg.isAttributeRegistered(KeyRecord.ATTR_ID)) {
reg.registerAttribute(KeyRecord.ATTR_ID, new
- BigIntegerMapper(KeyDBSchema.LDAP_ATTR_SERIALNO));
+ BigIntegerMapper(KeyDBSchema.LDAP_ATTR_SERIALNO));
}
if (!reg.isAttributeRegistered(KeyRecord.ATTR_ALGORITHM)) {
reg.registerAttribute(KeyRecord.ATTR_ALGORITHM, new
- StringMapper(KeyDBSchema.LDAP_ATTR_ALGORITHM));
+ StringMapper(KeyDBSchema.LDAP_ATTR_ALGORITHM));
}
if (!reg.isAttributeRegistered(KeyRecord.ATTR_STATE)) {
reg.registerAttribute(KeyRecord.ATTR_STATE, new
- KeyStateMapper(KeyDBSchema.LDAP_ATTR_STATE));
+ KeyStateMapper(KeyDBSchema.LDAP_ATTR_STATE));
}
if (!reg.isAttributeRegistered(KeyRecord.ATTR_KEY_SIZE)) {
reg.registerAttribute(KeyRecord.ATTR_KEY_SIZE, new
- IntegerMapper(KeyDBSchema.LDAP_ATTR_KEY_SIZE));
+ IntegerMapper(KeyDBSchema.LDAP_ATTR_KEY_SIZE));
}
if (!reg.isAttributeRegistered(KeyRecord.ATTR_OWNER_NAME)) {
reg.registerAttribute(KeyRecord.ATTR_OWNER_NAME, new
- StringMapper(KeyDBSchema.LDAP_ATTR_OWNER_NAME));
+ StringMapper(KeyDBSchema.LDAP_ATTR_OWNER_NAME));
}
if (!reg.isAttributeRegistered(KeyRecord.ATTR_PRIVATE_KEY_DATA)) {
reg.registerAttribute(KeyRecord.ATTR_PRIVATE_KEY_DATA, new
- ByteArrayMapper(KeyDBSchema.LDAP_ATTR_PRIVATE_KEY_DATA));
+ ByteArrayMapper(KeyDBSchema.LDAP_ATTR_PRIVATE_KEY_DATA));
}
if (!reg.isAttributeRegistered(KeyRecord.ATTR_PUBLIC_KEY_DATA)) {
reg.registerAttribute(KeyRecord.ATTR_PUBLIC_KEY_DATA, new
- PublicKeyMapper(KeyDBSchema.LDAP_ATTR_PUBLIC_KEY_DATA));
+ PublicKeyMapper(KeyDBSchema.LDAP_ATTR_PUBLIC_KEY_DATA));
}
if (!reg.isAttributeRegistered(KeyRecord.ATTR_DATE_OF_RECOVERY)) {
reg.registerAttribute(KeyRecord.ATTR_DATE_OF_RECOVERY, new
- DateArrayMapper(KeyDBSchema.LDAP_ATTR_DATE_OF_RECOVERY));
+ DateArrayMapper(KeyDBSchema.LDAP_ATTR_DATE_OF_RECOVERY));
}
if (!reg.isAttributeRegistered(KeyRecord.ATTR_CREATE_TIME)) {
reg.registerAttribute(KeyRecord.ATTR_CREATE_TIME, new
- DateMapper(KeyDBSchema.LDAP_ATTR_CREATE_TIME));
+ DateMapper(KeyDBSchema.LDAP_ATTR_CREATE_TIME));
}
if (!reg.isAttributeRegistered(KeyRecord.ATTR_MODIFY_TIME)) {
reg.registerAttribute(KeyRecord.ATTR_MODIFY_TIME, new
- DateMapper(KeyDBSchema.LDAP_ATTR_MODIFY_TIME));
+ DateMapper(KeyDBSchema.LDAP_ATTR_MODIFY_TIME));
}
if (!reg.isAttributeRegistered(KeyRecord.ATTR_META_INFO)) {
reg.registerAttribute(KeyRecord.ATTR_META_INFO, new
- MetaInfoMapper(KeyDBSchema.LDAP_ATTR_META_INFO));
+ MetaInfoMapper(KeyDBSchema.LDAP_ATTR_META_INFO));
}
if (!reg.isAttributeRegistered(KeyRecord.ATTR_ARCHIVED_BY)) {
reg.registerAttribute(KeyRecord.ATTR_ARCHIVED_BY, new
- StringMapper(KeyDBSchema.LDAP_ATTR_ARCHIVED_BY));
+ StringMapper(KeyDBSchema.LDAP_ATTR_ARCHIVED_BY));
}
}
@@ -147,7 +145,7 @@ public class KeyRepository extends Repository implements IKeyRepository {
CMS.debug("In setKeyStatusUpdateInterval mKeyStatusUpdateThread " + mKeyStatusUpdateThread);
if (mKeyStatusUpdateThread == null) {
CMS.debug("In setKeyStatusUpdateInterval about to create KeyStatusUpdateThread ");
- mKeyStatusUpdateThread = new KeyStatusUpdateThread(this, requestRepo, "KeyStatusUpdateThread");
+ mKeyStatusUpdateThread = new KeyStatusUpdateThread(this, requestRepo, "KeyStatusUpdateThread");
mKeyStatusUpdateThread.setInterval(interval);
mKeyStatusUpdateThread.start();
} else {
@@ -171,15 +169,14 @@ public class KeyRepository extends Repository implements IKeyRepository {
/**
* Removes all objects with this repository.
*/
- public void removeAllObjects() throws EBaseException
- {
+ public void removeAllObjects() throws EBaseException {
String filter = "(" + KeyRecord.ATTR_OWNER_NAME + "=*" + ")";
IKeyRecordList list = findKeyRecordsInList(filter,
null, "serialno", 10);
int size = list.getSize();
Enumeration<IKeyRecord> e = list.getKeyRecords(0, size - 1);
while (e.hasMoreElements()) {
- IKeyRecord rec = e.nextElement();
+ IKeyRecord rec = e.nextElement();
deleteKeyRecord(rec.getSerialNumber());
}
}
@@ -187,7 +184,7 @@ public class KeyRepository extends Repository implements IKeyRepository {
/**
* Archives a key to the repository.
* <P>
- *
+ *
* @param record key record
* @exception EBaseException failed to archive key
*/
@@ -196,34 +193,38 @@ public class KeyRepository extends Repository implements IKeyRepository {
try {
String name = "cn" + "=" +
- ((KeyRecord) record).getSerialNumber().toString() + "," + getDN();
+ ((KeyRecord) record).getSerialNumber().toString() + "," + getDN();
- if (s != null) s.add(name, (KeyRecord) record);
- } finally {
- if (s != null) s.close();
+ if (s != null)
+ s.add(name, (KeyRecord) record);
+ } finally {
+ if (s != null)
+ s.close();
}
}
/**
* Recovers an archived key by serial number.
* <P>
- *
+ *
* @param serialNo serial number
* @return key record
* @exception EBaseException failed to recover key
*/
public IKeyRecord readKeyRecord(BigInteger serialNo)
- throws EBaseException {
+ throws EBaseException {
IDBSSession s = mDBService.createSession();
KeyRecord rec = null;
try {
String name = "cn" + "=" +
- serialNo.toString() + "," + getDN();
+ serialNo.toString() + "," + getDN();
- if (s != null) rec = (KeyRecord) s.read(name);
- } finally {
- if (s != null) s.close();
+ if (s != null)
+ rec = (KeyRecord) s.read(name);
+ } finally {
+ if (s != null)
+ s.close();
}
return rec;
}
@@ -231,26 +232,27 @@ public class KeyRepository extends Repository implements IKeyRepository {
/**
* Recovers an archived key by owner name.
* <P>
- *
+ *
* @param ownerName owner name
* @return key record
* @exception EBaseException failed to recover key
*/
public IKeyRecord readKeyRecord(X500Name ownerName)
- throws EBaseException {
+ throws EBaseException {
IDBSSession s = mDBService.createSession();
KeyRecord keyRec = null;
try {
if (ownerName != null) {
String filter = "(" + KeyRecord.ATTR_OWNER_NAME + "=" +
- ownerName.toString() + ")";
+ ownerName.toString() + ")";
IDBSearchResults res = s.search(getDN(), filter);
keyRec = (KeyRecord) res.nextElement();
- }
- } finally {
- if (s != null) s.close();
+ }
+ } finally {
+ if (s != null)
+ s.close();
}
return keyRec;
}
@@ -259,7 +261,7 @@ public class KeyRepository extends Repository implements IKeyRepository {
* Recovers archived key using public key.
*/
public IKeyRecord readKeyRecord(PublicKey publicKey)
- throws EBaseException {
+ throws EBaseException {
// XXX - setup binary search attributes
byte data[] = publicKey.getEncoded();
@@ -270,39 +272,40 @@ public class KeyRepository extends Repository implements IKeyRepository {
try {
String filter = "(" + KeyRecord.ATTR_PUBLIC_KEY_DATA + "=" +
- escapeBinaryData(data) + ")";
- if( s != null ) {
+ escapeBinaryData(data) + ")";
+ if (s != null) {
IDBSearchResults res = s.search(getDN(), filter);
rec = (KeyRecord) res.nextElement();
}
- } finally {
- if (s != null) s.close();
+ } finally {
+ if (s != null)
+ s.close();
}
return rec;
}
-
/**
* Recovers archived key using b64 encoded cert
*/
public IKeyRecord readKeyRecord(String cert)
- throws EBaseException {
+ throws EBaseException {
IDBSSession s = mDBService.createSession();
KeyRecord rec = null;
try {
- String filter = "(publicKey=x509cert#\"" +cert+"\")";
-CMS.debug("filter= " + filter);
+ String filter = "(publicKey=x509cert#\"" + cert + "\")";
+ CMS.debug("filter= " + filter);
- if( s != null ) {
+ if (s != null) {
IDBSearchResults res = s.search(getDN(), filter);
rec = (KeyRecord) res.nextElement();
}
- } finally {
- if (s != null) s.close();
+ } finally {
+ if (s != null)
+ s.close();
}
return rec;
}
@@ -311,32 +314,36 @@ CMS.debug("filter= " + filter);
* Modifies key record.
*/
public void modifyKeyRecord(BigInteger serialNo, ModificationSet mods)
- throws EBaseException {
+ throws EBaseException {
IDBSSession s = mDBService.createSession();
try {
String name = "cn" + "=" +
- serialNo.toString() + "," + getDN();
+ serialNo.toString() + "," + getDN();
mods.add(KeyRecord.ATTR_MODIFY_TIME, Modification.MOD_REPLACE,
- new Date());
- if (s != null) s.modify(name, mods);
- } finally {
- if (s != null) s.close();
+ new Date());
+ if (s != null)
+ s.modify(name, mods);
+ } finally {
+ if (s != null)
+ s.close();
}
}
public void deleteKeyRecord(BigInteger serialNo)
- throws EBaseException {
+ throws EBaseException {
IDBSSession s = mDBService.createSession();
try {
String name = "cn" + "=" +
- serialNo.toString() + "," + getDN();
+ serialNo.toString() + "," + getDN();
- if (s != null) s.delete(name);
- } finally {
- if (s != null) s.close();
+ if (s != null)
+ s.delete(name);
+ } finally {
+ if (s != null)
+ s.close();
}
}
@@ -353,7 +360,7 @@ CMS.debug("filter= " + filter);
}
public Enumeration<Object> searchKeys(String filter, int maxSize)
- throws EBaseException {
+ throws EBaseException {
IDBSSession s = mDBService.createSession();
Enumeration<Object> e = null;
@@ -367,7 +374,7 @@ CMS.debug("filter= " + filter);
}
public Enumeration<Object> searchKeys(String filter, int maxSize, int timeLimit)
- throws EBaseException {
+ throws EBaseException {
IDBSSession s = mDBService.createSession();
Enumeration<Object> e = null;
@@ -384,14 +391,14 @@ CMS.debug("filter= " + filter);
* Retrieves key record list.
*/
public IKeyRecordList findKeyRecordsInList(String filter,
- String attrs[], int pageSize) throws EBaseException {
+ String attrs[], int pageSize) throws EBaseException {
return findKeyRecordsInList(filter, attrs, IKeyRecord.ATTR_ID,
- pageSize);
+ pageSize);
}
public IKeyRecordList findKeyRecordsInList(String filter,
- String attrs[], String sortKey, int pageSize)
- throws EBaseException {
+ String attrs[], String sortKey, int pageSize)
+ throws EBaseException {
IDBSSession s = mDBService.createSession();
IKeyRecordList list = null;
@@ -399,18 +406,19 @@ CMS.debug("filter= " + filter);
if (s != null) {
list = new KeyRecordList(
s.createVirtualList(getDN(), "(&(objectclass=" +
- KeyRecord.class.getName() + ")" + filter + ")",
- attrs, sortKey, pageSize));
+ KeyRecord.class.getName() + ")" + filter + ")",
+ attrs, sortKey, pageSize));
}
- } finally {
- if (s != null) s.close();
+ } finally {
+ if (s != null)
+ s.close();
}
return list;
}
public IKeyRecordList findKeyRecordsInList(String filter,
- String attrs[],String jumpTo, String sortKey, int pageSize)
- throws EBaseException {
+ String attrs[], String jumpTo, String sortKey, int pageSize)
+ throws EBaseException {
IDBSSession s = mDBService.createSession();
IKeyRecordList list = null;
@@ -419,86 +427,85 @@ CMS.debug("filter= " + filter);
String jumpToVal = null;
if (len > 9) {
- jumpToVal = Integer.toString(len) + jumpTo;
- } else {
- jumpToVal = "0" + Integer.toString(len) + jumpTo;
+ jumpToVal = Integer.toString(len) + jumpTo;
+ } else {
+ jumpToVal = "0" + Integer.toString(len) + jumpTo;
}
try {
if (s != null) {
list = new KeyRecordList(
s.createVirtualList(getDN(), "(&(objectclass=" +
- KeyRecord.class.getName() + ")" + filter + ")",
- attrs,jumpToVal, sortKey, pageSize));
+ KeyRecord.class.getName() + ")" + filter + ")",
+ attrs, jumpToVal, sortKey, pageSize));
}
} finally {
- if (s != null) s.close();
+ if (s != null)
+ s.close();
}
return list;
}
- public BigInteger getLastSerialNumberInRange(BigInteger serial_low_bound, BigInteger serial_upper_bound) throws
- EBaseException {
+ public BigInteger getLastSerialNumberInRange(BigInteger serial_low_bound, BigInteger serial_upper_bound) throws
+ EBaseException {
- CMS.debug("KeyRepository: in getLastSerialNumberInRange: low " + serial_low_bound + " high " + serial_upper_bound);
+ CMS.debug("KeyRepository: in getLastSerialNumberInRange: low " + serial_low_bound + " high " + serial_upper_bound);
- if(serial_low_bound == null || serial_upper_bound == null || serial_low_bound.compareTo(serial_upper_bound) >= 0)
- {
- return null;
- }
+ if (serial_low_bound == null || serial_upper_bound == null || serial_low_bound.compareTo(serial_upper_bound) >= 0) {
+ return null;
+ }
- String ldapfilter = "(" + "serialno" + "=*" + ")";
- String[] attrs = null;
+ String ldapfilter = "(" + "serialno" + "=*" + ")";
+ String[] attrs = null;
- KeyRecordList recList = (KeyRecordList) findKeyRecordsInList(ldapfilter,attrs,serial_upper_bound.toString(10),"serialno", 5 * -1);
+ KeyRecordList recList = (KeyRecordList) findKeyRecordsInList(ldapfilter, attrs, serial_upper_bound.toString(10), "serialno", 5 * -1);
- int size = recList.getSize();
+ int size = recList.getSize();
- CMS.debug("KeyRepository: getLastSerialNumberInRange: recList size " + size);
+ CMS.debug("KeyRepository: getLastSerialNumberInRange: recList size " + size);
- if (size <= 0) {
- CMS.debug("KeyRepository: getLastSerialNumberInRange: index may be empty");
+ if (size <= 0) {
+ CMS.debug("KeyRepository: getLastSerialNumberInRange: index may be empty");
- BigInteger ret = new BigInteger(serial_low_bound.toString(10));
+ BigInteger ret = new BigInteger(serial_low_bound.toString(10));
- ret = ret.add(new BigInteger("-1"));
+ ret = ret.add(new BigInteger("-1"));
- CMS.debug("KeyRepository: getLastSerialNumberInRange returning: " + ret );
- return ret;
- }
- int ltSize = recList.getSizeBeforeJumpTo();
+ CMS.debug("KeyRepository: getLastSerialNumberInRange returning: " + ret);
+ return ret;
+ }
+ int ltSize = recList.getSizeBeforeJumpTo();
- CMS.debug("KeyRepository:getLastSerialNumberInRange: ltSize " + ltSize);
+ CMS.debug("KeyRepository:getLastSerialNumberInRange: ltSize " + ltSize);
- int i;
- KeyRecord curRec = null;
+ int i;
+ KeyRecord curRec = null;
- for (i = 0; i < 5; i++) {
- curRec = (KeyRecord) recList.getKeyRecord(i);
+ for (i = 0; i < 5; i++) {
+ curRec = (KeyRecord) recList.getKeyRecord(i);
- if (curRec != null) {
+ if (curRec != null) {
- BigInteger serial = curRec.getSerialNumber();
+ BigInteger serial = curRec.getSerialNumber();
- CMS.debug("KeyRepository: getLastCertRecordSerialNo: serialno " + serial);
+ CMS.debug("KeyRepository: getLastCertRecordSerialNo: serialno " + serial);
- if( ((serial.compareTo(serial_low_bound) == 0) || (serial.compareTo(serial_low_bound) == 1) ) &&
- ((serial.compareTo(serial_upper_bound) == 0) || (serial.compareTo(serial_upper_bound) == -1) ))
- {
- CMS.debug("KeyRepository: getLastSerialNumberInRange returning: " + serial);
- return serial;
- }
- } else {
- CMS.debug("KeyRepository: getLastSerialNumberInRange:found null from getCertRecord");
- }
- }
+ if (((serial.compareTo(serial_low_bound) == 0) || (serial.compareTo(serial_low_bound) == 1)) &&
+ ((serial.compareTo(serial_upper_bound) == 0) || (serial.compareTo(serial_upper_bound) == -1))) {
+ CMS.debug("KeyRepository: getLastSerialNumberInRange returning: " + serial);
+ return serial;
+ }
+ } else {
+ CMS.debug("KeyRepository: getLastSerialNumberInRange:found null from getCertRecord");
+ }
+ }
- BigInteger ret = new BigInteger(serial_low_bound.toString(10));
+ BigInteger ret = new BigInteger(serial_low_bound.toString(10));
- ret = ret.add(new BigInteger("-1"));
+ ret = ret.add(new BigInteger("-1"));
- CMS.debug("KeyRepository: getLastSerialNumberInRange returning: " + ret );
- return ret ;
+ CMS.debug("KeyRepository: getLastSerialNumberInRange returning: " + ret);
+ return ret;
}
@@ -538,7 +545,7 @@ class KeyStatusUpdateThread extends Thread {
CMS.debug("Starting key checkRanges");
_kr.checkRanges();
CMS.debug("key checkRanges done");
-
+
CMS.debug("Starting request checkRanges");
_rr.checkRanges();
CMS.debug("request checkRanges done");
@@ -553,5 +560,3 @@ class KeyStatusUpdateThread extends Thread {
}
}
}
-
-