📄 localcertificatestoresessionbean.java
字号:
+ serno.toString(16) + "."); Iterator iter = coll.iterator(); if (iter.hasNext()) { RevokedCertInfo revinfo = null; CertificateDataLocal data = (CertificateDataLocal) iter.next(); revinfo = new RevokedCertInfo(serno, new Date(data.getRevocationDate()), data.getRevocationReason()); // Make sure we have it as NOT revoked if it isn't if (data.getStatus() != CertificateDataBean.CERT_REVOKED) { revinfo.setReason(RevokedCertInfo.NOT_REVOKED); } debug("<isRevoked() returned " + ((data.getStatus() == CertificateDataBean.CERT_REVOKED) ? "yes" : "no")); return revinfo; } } } catch (Exception e) { throw new EJBException(e); } return null; } //isRevoked /** * Retrieves the latest CRL issued by this CA. * * @param admin Administrator performing the operation * @return X509CRL or null of no CRLs have been issued. * @ejb.interface-method */ public byte[] getLastCRL(Admin admin, String issuerdn) { debug(">getLastCRL(" + issuerdn + ")"); try { int maxnumber = getLastCRLNumber(admin, issuerdn); X509CRL crl = null; try { CRLDataLocal data = crlHome.findByIssuerDNAndCRLNumber(issuerdn, maxnumber); crl = data.getCRL(); } catch (FinderException e) { crl = null; } debug("<getLastCRL()"); if (crl == null) return null; getLogSession().log(admin, crl.getIssuerDN().toString().hashCode(), LogEntry.MODULE_CA, new java.util.Date(), null, null, LogEntry.EVENT_INFO_GETLASTCRL, "Number :" + maxnumber); return crl.getEncoded(); } catch (Exception e) { getLogSession().log(admin, admin.getCaId(), LogEntry.MODULE_CA, new java.util.Date(), null, null, LogEntry.EVENT_ERROR_GETLASTCRL, "Error retrieving last crl."); throw new EJBException(e); } } //getLastCRL /** * Retrieves the information about the lastest CRL issued by this CA. * * @param admin Administrator performing the operation * @return CRLInfo of last CRL by CA. * @ejb.interface-method */ public CRLInfo getLastCRLInfo(Admin admin, String issuerdn) { debug(">getLastCRLInfo(" + issuerdn + ")"); try { int maxnumber = getLastCRLNumber(admin, issuerdn); CRLInfo crlinfo = null; try { CRLDataLocal data = crlHome.findByIssuerDNAndCRLNumber(issuerdn, maxnumber); crlinfo = new CRLInfo(data.getIssuerDN(), maxnumber, data.getThisUpdate(), data.getNextUpdate()); } catch (FinderException e) { crlinfo = null; } debug("<getLastCRLInfo()"); if (crlinfo == null) return null; return crlinfo; } catch (Exception e) { getLogSession().log(admin, issuerdn.hashCode(), LogEntry.MODULE_CA, new java.util.Date(), null, null, LogEntry.EVENT_ERROR_GETLASTCRL, "Error retrieving crl info."); throw new EJBException(e); } } //getLastCRL /** * Retrieves the highest CRLNumber issued by the CA. * * @param admin Administrator performing the operation * @param issuerdn the subjectDN of a CA certificate * @ejb.interface-method */ public int getLastCRLNumber(Admin admin, String issuerdn) { debug(">getLastCRLNumber(" + issuerdn + ")"); Connection con = null; PreparedStatement ps = null; ResultSet result = null; try { con = JDBCUtil.getDBConnection(JNDINames.DATASOURCE); ps = con.prepareStatement("select MAX(CRLNumber) from CRLData where issuerDN=?"); ps.setString(1, issuerdn); result = ps.executeQuery(); int maxnumber = 0; if (result.next()) maxnumber = result.getInt(1); debug("<getLastCRLNumber(" + maxnumber + ")"); return maxnumber; } catch (Exception e) { throw new EJBException(e); } finally { JDBCUtil.close(con, ps, result); } } //getLastCRLNumber /** * Method used to add a CertReqHistory to database * * @param admin calling the methods * @param certificate the certificate to store (Only X509Certificate used for now) * @param useradmindata the user information used when issuing the certificate. * @ejb.transaction type="Required" * @ejb.interface-method */ public void addCertReqHistoryData(Admin admin, Certificate certificate, UserDataVO useradmindata){ X509Certificate cert = (X509Certificate) certificate; debug(">addCertReqHistData(" + cert.getSerialNumber() + ", " + cert.getIssuerDN() + ", " + useradmindata.getUsername() + ")"); try { CertReqHistoryDataPK pk = new CertReqHistoryDataPK(); pk.fingerprint = CertTools.getFingerprintAsString(cert); certReqHistoryHome.create(cert,useradmindata); getLogSession().log(admin, cert, LogEntry.MODULE_CA, new java.util.Date(), useradmindata.getUsername(), cert, LogEntry.EVENT_INFO_STORECERTIFICATE, "Storing certificate request history successful."); } catch (Exception e) { getLogSession().log(admin, cert, LogEntry.MODULE_CA, new java.util.Date(), useradmindata.getUsername(), cert, LogEntry.EVENT_ERROR_STORECERTIFICATE, "Error storing certificate request history."); throw new EJBException(e); } debug("<addCertReqHistData()"); } /** * Method to remove CertReqHistory data. * @param admin * @param certFingerprint the primary key. * @ejb.transaction type="Required" * @ejb.interface-method */ public void removeCertReqHistoryData(Admin admin, String certFingerprint){ debug(">removeCertReqHistData(" + certFingerprint + ")"); try { CertReqHistoryDataPK pk = new CertReqHistoryDataPK(); pk.fingerprint = certFingerprint; getLogSession().log(admin, admin.getCaId(), LogEntry.MODULE_CA, new java.util.Date(), null, null, LogEntry.EVENT_INFO_STORECERTIFICATE, "Removal of certificate request history successful."); this.certReqHistoryHome.remove(pk); } catch (Exception e) { getLogSession().log(admin, admin.getCaId(), LogEntry.MODULE_CA, new java.util.Date(), null, null, LogEntry.EVENT_ERROR_STORECERTIFICATE, "Error removing certificate request history."); throw new EJBException(e); } debug("<removeCertReqHistData()"); } /** * Retrieves the certificate request data belonging to given certificate serialnumber and issuerdn * * @param admin * @param certificateSN serial number of the certificate * @param issuerDN * @return the CertReqHistory or null if no data is stored with the certificate. * @ejb.interface-method */ public CertReqHistory getCertReqHistory(Admin admin, BigInteger certificateSN, String issuerDN){ CertReqHistory retval = null; try{ Collection result = certReqHistoryHome.findByIssuerDNSerialNumber(issuerDN, certificateSN.toString()); if(result.iterator().hasNext()) retval = ((CertReqHistoryDataLocal) result.iterator().next()).getCertReqHistory(); }catch(FinderException fe){ // Do nothing but return null } return retval; } /** * Retrieves all cert request datas belonging to a user. * @param admin * @param username * @return a collection of CertReqHistory * @ejb.interface-method */ public List getCertReqHistory(Admin admin, String username){ ArrayList retval = new ArrayList(); try{ Collection result = certReqHistoryHome.findByUsername(username); Iterator iter = result.iterator(); while(iter.hasNext()){ retval.add(((CertReqHistoryDataLocal) iter.next()).getCertReqHistory()); } }catch(FinderException fe){ // Do nothing but return null } return retval; } /** * Adds a certificate profile to the database. * * @param admin administrator performing the task * @param certificateprofilename readable name of new certificate profile * @param certificateprofile the profile to be added * @ejb.transaction type="Required" * @ejb.interface-method */ public void addCertificateProfile(Admin admin, String certificateprofilename, CertificateProfile certificateprofile) throws CertificateProfileExistsException { addCertificateProfile(admin, findFreeCertificateProfileId(), certificateprofilename, certificateprofile); } // addCertificateProfile /** * Adds a certificate profile to the database. * * @param admin administrator performing the task * @param certificateprofileid internal ID of new certificate profile, use only if you know it's right. * @param certificateprofilename readable name of new certificate profile * @param certificateprofile the profile to be added * @ejb.transaction type="Required" * @ejb.interface-method */ public void addCertificateProfile(Admin admin, int certificateprofileid, String certificateprofilename, CertificateProfile certificateprofile) throws CertificateProfileExistsException { if (isCertificateProfileNameFixed(certificateprofilename)) { getLogSession().log(admin, admin.getCaId(), LogEntry.MODULE_CA, new java.util.Date(), null, null, LogEntry.EVENT_ERROR_CERTPROFILE, "Error adding certificaterprofile " + certificateprofilename); throw new CertificateProfileExistsException(); } if (isFreeCertificateProfileId(certificateprofileid)) { try { certprofilehome.findByCertificateProfileName(certificateprofilename); throw new CertificateProfileExistsException("Certificate Profile Name already exists."); } catch (FinderException e) { try { certprofilehome.create(new Integer(certificateprofileid), certificateprofilename, certificateprofile); getLogSession().log(admin, admin.getCaId(), LogEntry.MODULE_CA, new java.util.Date(), null, null, LogEntry.EVENT_INFO_CERTPROFILE, "New certificateprofile " + certificateprofilename + " added successfully"); } catch (Exception f) { getLogSession().log(admin, admin.getCaId(), LogEntry.MODULE_CA, new java.util.Date(), null, null, LogEntry.EVENT_ERROR_CERTPROFILE, "Error when creating new certificateprofile " + certificateprofilename); } } } } // addCertificateProfile /** * Adds a certificateprofile with the same content as the original certificateprofile, * * @param admin Administrator performing the operation * @param originalcertificateprofilename readable name of old certificate profile * @param newcertificateprofilename readable name of new certificate profile * @ejb.transaction type="Required" * @ejb.interface-method */ public void cloneCertificateProfile(Admin admin, String originalcertificateprofilename, String newcertificateprofilename) throws CertificateProfileExistsException { CertificateProfile certificateprofile = null; if (isCertificateProfileNameFixed(newcertificateprofilename)) { getLogSession().log(admin, admin.getCaId(), LogEntry.MODULE_CA, new java.util.Date(), null, null, LogEntry.EVENT_ERROR_CERTPROFILE, "Error adding certificaterprofile " + newcertificateprofilename + " using profile " + originalcertificateprofilename + " as template."); throw new CertificateProfileExistsException(); } try { certificateprofile = (CertificateProfile) getCertificateProfile(admin, originalcertificateprofilename).clone(); boolean issuperadministrator = false; try { issuperadministrator = getAuthorizationSession().isAuthorizedNoLog(admin, "/super_administrator"); } catch (AuthorizationDeniedException ade) { } if (!issuperadministrator && certificateprofile.isApplicableToAnyCA()) { // Not superadministrator, do not use ANYCA; Collection authcas = getAuthorizationSession().getAuthorizedCAIds(admin); certificateprofile.setAvailableCAs(authcas); } try { certprofilehome.findByCertificateProfileName(newcertificateprofilename); getLogSession().log(admin, admin.getCaId(), LogEntry.MODULE_CA, new java.util.Date(), null, null, LogEntry.EVENT_ERROR_CERTPROFILE, "Error adding certificaterprofile " + newcertificateprofilename + " using profile " + originalcertificateprofilename + " as template."); throw new CertificateProfileExistsException(); } catch (FinderException e) { try { certprofilehome.create(new Integer(findFreeCertificateProfileId()), newcertificateprofilename, certificateprofile); getLogSession().log(admin, admin.getCaId(), LogEntry.MODULE_CA, new java.util.Date(), null, null, LogEntry.EVENT_INFO_CERTPROFILE, "New certificateprofile " + newcertificateprofilename + " used profile " + originalcertificateprofilename + " as template."); } catch (CreateException f) { } } } catch (CloneNotSupportedException f) { } } // cloneCertificateProfile /** * Removes a certificateprofile f⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -