📄 icertificatestoresessionremote.java
字号:
/************************************************************************* * * * EJBCA: The OpenSource Certificate Authority * * * * This software is free software; you can redistribute it and/or * * modify it under the terms of the GNU Lesser General Public * * License as published by the Free Software Foundation; either * * version 2.1 of the License, or any later version. * * * * See terms of license at gnu.org. * * * *************************************************************************/ package se.anatom.ejbca.ca.store;import java.math.BigInteger;import java.rmi.RemoteException;import java.security.cert.Certificate;import java.util.Collection;import java.util.Date;import java.util.HashMap;import se.anatom.ejbca.ca.crl.RevokedCertInfo;import se.anatom.ejbca.ca.exception.CertificateProfileExistsException;import se.anatom.ejbca.ca.store.certificateprofiles.CertificateProfile;import se.anatom.ejbca.log.Admin;/** * The CertificateStoreSession is the primary storage for certificates and CRL. The CA always puts * certificates and CRLs in the CertificateStoreSession session bean defined in ca/ejb-jar.xml. * The CertificateStoreSession is also used to retrieve and find certificates, retrieve CRLs, * check for revocation etc. the CertificateStoreSession implements the interface * ICertificateStoreSession. Remote interface for EJB. * * @version $Id: ICertificateStoreSessionRemote.java,v 1.28 2004/04/16 07:38:58 anatom Exp $ */public interface ICertificateStoreSessionRemote extends javax.ejb.EJBObject { /** * Stores a certificate. * * @param incert The certificate to be stored. * @param chainfp Fingerprint (hex) of the CAs certificate. * @param username username of end entity owning the certificate. * @param status Status of the certificate (from CertificateData). * @param type Type of certificate (from SecConst). * * @return true if storage was successful. * * @throws EJBException if a communication or other error occurs. */ public boolean storeCertificate(Admin admin, Certificate incert, String username, String cafp, int status, int type) throws RemoteException; /** * Stores a CRL * * @param incrl The DER coded CRL to be stored. * @param chainfp Fingerprint (hex) of the CAs certificate. * @param number CRL number. * * @return true if storage was successful. * * @throws EJBException if a communication or other error occurs. */ public boolean storeCRL(Admin admin, byte[] incrl, String cafp, int number) throws RemoteException; /** * Revokes a certificate (already revoked by the CA), in the database * * @param cert The DER coded Certificate that has been revoked. * @param publishers and array of publiserids (Integer) of publishers to revoke the certificate in. * * @throws EJBException if a communication or other error occurs. */ public void revokeCertificate(Admin admin, Certificate cert, Collection publishers, int reason) throws RemoteException; /** * Lists fingerprint (primary key) of ALL certificates in the database. * NOTE: Caution should be taken with this method as execution may be very * heavy indeed if many certificates exist in the database (imagine what happens if * there are millinos of certificates in the DB!). * Should only be used for testing purposes. * * @param admin Administrator performing the operation * @param issuerDN the dn of the certificates issuer. * @return Collection of fingerprints, i.e. Strings, reverse ordered by expireDate where last expireDate is first in array. * @throws EJBException if a communication or other error occurs. */ public Collection listAllCertificates(Admin admin, String issuerdn) throws RemoteException; /** * Lists certificates for a given subject signed by the given issuer. * * @param admin Administrator performing the operation * @param subjectDN the DN of the subject whos certificates will be retrieved. * @param issuerDN the dn of the certificates issuer. * @return Collection of Certificates (java.security.cert.Certificate) in no specified order or an empty Collection. * @throws EJBException if a communication or other error occurs. */ public Collection findCertificatesBySubjectAndIssuer(Admin admin, String subjectDN, String issuerDN) throws RemoteException; /** * Lists certificates for a given subject. * * @param admin Administrator performing the operation * @param subjectDN the DN of the subject whos certificates will be retrieved. * @return Collection of Certificates (java.security.cert.Certificate) in no specified order or an empty Collection. * @throws EJBException if a communication or other error occurs. */ public Collection findCertificatesBySubject(Admin admin, String subjectDN) throws RemoteException; /** * Finds a certificate specified by issuer DN and serial number. * * @param admin Administrator performing the operation * @param issuerDN issuer DN of the desired certificate. * @param serno serial number of the desired certificate! * * @return Certificate if found or null */ public Certificate findCertificateByIssuerAndSerno(Admin admin, String issuerDN, BigInteger serno) throws RemoteException; /** * Finds certificate(s) for a given serialnumber. * * @param admin Administrator performing the operation * @param serno the serialnumber of the certificate(s) that will be retrieved * * @return Certificate or null if none found. * * @throws RemoteException if a communication or other error occurs. */ public Collection findCertificatesBySerno(Admin admin, BigInteger serno) throws RemoteException; /** * Finds certificate(s) for a given usernaem. * * @param admin Administrator performing the operation * @param username the usernaem of the certificate(s) that will be retrieved * * @return Certificate or null if none found. * * @throws RemoteException if a communication or other error occurs. */ public Collection findCertificatesByUsername(Admin admin, String username) throws RemoteException; /** * Finds username for a given certificate serial number. * * @param admin Administrator performing the operation * @param serno the serialnumber of the certificate to find username for. * * @return username or null if none found. * * @throws RemoteException if a communication or other error occurs. */ public String findUsernameByCertSerno(Admin admin, BigInteger serno, String issuerdn) throws RemoteException; /** * Finds certificate which expire within a specified time. * * @param admin Administrator performing the operation * @param expireTime all certificates that expires before this date will be listed * * @return Collection of Certificates (java.security.cert.Certificate) in no specified order or * an empty Collection. * * @throws RemoteException if a communication or other error occurs. */ public Collection findCertificatesByExpireTime(Admin admin, Date expireTime) throws RemoteException; /** * Finds certificate with specified fingerprint. * * @param admin Administrator performing the operation * @return certificate or null if certificate doesn't exists * * @throws RemoteException if a communication or other error occurs. */ public Certificate findCertificateByFingerprint(Admin admin, String fingerprint) throws RemoteException; /** * The method retrives all certificates from a specific issuer * which are identified by list of serial numbers. The collection * will be empty if the issuerDN is <tt>null</tt>/empty * or the collection of serial numbers is empty. * * @param admin Administrator performing the operation * @param issuer the subjectDN of a CA certificate * @param sernos a collection of certificate serialnumbers * * @return Collection a list of certificates; never <tt>null</tt> */ public Collection findCertificatesByIssuerAndSernos(Admin admin, String issuerDN, Collection sernos) throws RemoteException; /** * Lists all certificates of a specific type and if * given from a specific issuer. * * The type is the bitwise OR value of the types listed * int {@link se.anatom.ejbca.SecConst}:<br> * <ul> * <li><tt>CERTTYPE_ENDENTITY</tt><br> * An user or machine certificate, which identifies a subject. * </li> * <li><tt>CERTTYPE_CA</tt><br> * A CA certificate which is <b>not</b> a root CA. * </li> * <li><tt>CERTTYPE_ROOTCA</tt><br> * A Root CA certificate. * </li> * </ul> * <p> * Usage examples:<br> * <ol> * <li>Get all root CA certificates * <p> * <code> * ... * ICertificateStoreSessionRemote itf = ... * Collection certs = itf.findCertificatesByType(adm, * SecConst.CERTTYPE_ROOTCA, * null); * ... * </code> * </li> * <li>Get all subordinate CA certificates for a specific * Root CA. It is assumed that the <tt>subjectDN</tt> of the * Root CA certificate is located in the variable <tt>issuer</tt>. * <p> * <code> * ... * ICertificateStoreSessionRemote itf = ... * Certficate rootCA = ... * String issuer = rootCA.getSubjectDN(); * Collection certs = itf.findCertificatesByType(adm, * SecConst.CERTTYPE_SUBCA, * issuer); * ... * </code> * </li> * <li>Get <b>all</b> CA certificates. * <p> * <code> * ... * ICertificateStoreSessionRemote itf = ... * Collection certs = itf.findCertificatesByType(adm, * SecConst.CERTTYPE_SUBCA * + CERTTYPE_ROOTCA,⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -