📄 localcertificatestoresessionbean.java
字号:
} //findCertificatesByExpireTimeWithLimit /** * Finds a certificate specified by issuer DN and serial number. * * @param admin Administrator performing the operation * @param issuerDN issuer DN of the desired certificate. * @param serno serial number of the desired certificate! * @return Certificate if found or null * @ejb.interface-method */ public Certificate findCertificateByIssuerAndSerno(Admin admin, String issuerDN, BigInteger serno) { return CertificateDataUtil.findCertificateByIssuerAndSerno(admin, issuerDN, serno, certHome, adapter); } //findCertificateByIssuerAndSerno /** * Implements ICertificateStoreSession::findCertificatesByIssuerAndSernos. * <p/> * The method retrives all certificates from a specific issuer * which are identified by list of serial numbers. The collection * will be empty if the issuerDN is <tt>null</tt>/empty * or the collection of serial numbers is empty. * * @param admin * @param issuerDN the subjectDN of a CA certificate * @param sernos a collection of certificate serialnumbers * @return Collection a list of certificates; never <tt>null</tt> * @ejb.interface-method */ public Collection findCertificatesByIssuerAndSernos(Admin admin, String issuerDN, Collection sernos) { debug(">findCertificateByIssuerAndSernos()"); Connection con = null; PreparedStatement ps = null; ResultSet result = null; ArrayList vect = null; if (null == admin) { throw new IllegalArgumentException(); } if (null == issuerDN || issuerDN.length() <= 0 || null == sernos || sernos.isEmpty()) { return new ArrayList(); } String dn = CertTools.stringToBCDNString(issuerDN); debug("Looking for cert with (transformed)DN: " + dn); try { final StringBuffer sb = new StringBuffer(); { Iterator iter = sernos.iterator(); while (iter.hasNext()) { sb.append(", '"); // Make sure this is really a BigInteger passed in as (untrusted param) BigInteger serno = (BigInteger) iter.next(); sb.append(serno.toString()); sb.append("'"); } } /* * to save the repeating if-statement in the above * Closure not to add ', ' as the first characters * in the StringBuffer we remove the two chars here :) */ sb.delete(0, ", ".length()); con = JDBCUtil.getDBConnection(JNDINames.DATASOURCE); ps = con.prepareStatement("SELECT DISTINCT fingerprint" + " FROM CertificateData WHERE" + " issuerDN = ?" + " AND serialNumber IN (" + sb.toString() + ")"); ps.setString(1, dn); result = ps.executeQuery(); vect = new ArrayList(); while (result.next()) { Certificate cert = findCertificateByFingerprint(admin, result.getString(1)); if (cert != null) { vect.add(cert); } } debug("<findCertificateByIssuerAndSernos()"); return vect; } catch (Exception fe) { throw new EJBException(fe); } finally { JDBCUtil.close(con, ps, result); } } // findCertificateByIssuerAndSernos /** * Finds certificate(s) for a given serialnumber. * * @param admin Administrator performing the operation * @param serno the serialnumber of the certificate(s) that will be retrieved * @return Certificate or null if none found. * @ejb.interface-method */ public Collection findCertificatesBySerno(Admin admin, BigInteger serno) { debug(">findCertificateBySerno(), serno=" + serno); try { Collection coll = certHome.findBySerialNumber(serno.toString()); ArrayList ret = new ArrayList(); if (coll != null) { Iterator iter = coll.iterator(); while (iter.hasNext()) { ret.add(((CertificateDataLocal) iter.next()).getCertificate()); } } debug("<findCertificateBySerno(), serno=" + serno); return ret; } catch (javax.ejb.FinderException fe) { throw new EJBException(fe); } } // findCertificateBySerno /** * Finds username for a given certificate serial number. * * @param admin Administrator performing the operation * @param serno the serialnumber of the certificate to find username for. * @return username or null if none found. * @ejb.interface-method */ public String findUsernameByCertSerno(Admin admin, BigInteger serno, String issuerdn) { if (log.isDebugEnabled()) { debug(">findUsernameByCertSerno(), serno: " + serno.toString(16) + ", issuerdn: " + issuerdn); } String dn = CertTools.stringToBCDNString(issuerdn); try { Collection coll = certHome.findByIssuerDNSerialNumber(dn, serno.toString()); String ret = null; if (coll != null) { Iterator iter = coll.iterator(); while (iter.hasNext()) { ret = ((CertificateDataLocal) iter.next()).getUsername(); } } debug("<findUsernameByCertSerno(), ret=" + ret); return ret; } catch (javax.ejb.FinderException fe) { throw new EJBException(fe); } } // findUsernameByCertSerno /** * Finds certificate(s) for a given usernaem. * * @param admin Administrator performing the operation * @param username the usernaem of the certificate(s) that will be retrieved * @return Collection of Certificates (in no specified order) or null if none found. * @ejb.interface-method */ public Collection findCertificatesByUsername(Admin admin, String username) { debug(">findCertificateBySerno(), username=" + username); try { // Strip dangerous chars username = StringTools.strip(username); Collection coll = certHome.findByUsername(username); ArrayList ret = new ArrayList(); if (coll != null) { Iterator iter = coll.iterator(); while (iter.hasNext()) { ret.add(((CertificateDataLocal) iter.next()).getCertificate()); } } debug("<findCertificateBySerno(), username=" + username); return ret; } catch (javax.ejb.FinderException fe) { throw new EJBException(fe); } } // findCertificateByUsername /** * @ejb.interface-method */ public CertificateInfo getCertificateInfo(Admin admin, String fingerprint) { debug(">getCertificateInfo()"); CertificateInfo ret = null; try { CertificateDataLocal res = certHome.findByPrimaryKey(new CertificateDataPK(fingerprint)); ret = new CertificateInfo(res.getFingerprint(), res.getCaFingerprint(), res.getSerialNumber(), res.getIssuerDN(), res.getSubjectDN(), res.getStatus(), res.getType(), res.getExpireDate(), res.getRevocationDate(), res.getRevocationReason()); debug("<getCertificateInfo()"); } catch (FinderException fe) { // Return null; } catch (Exception e) { String msg = intres.getLocalizedMessage("store.errorcertinfo", fingerprint); log.error(msg); throw new EJBException(e); } return ret; } // getCertificateInfo /** * @ejb.interface-method */ public Certificate findCertificateByFingerprint(Admin admin, String fingerprint) { return CertificateDataUtil.findCertificateByFingerprint(admin, fingerprint, certHome, adapter); } // findCertificateByFingerprint /** * Lists all active (status = 20) certificates of a specific type and if * given from a specific issuer. * <p/> * The type is the bitwise OR value of the types listed * int {@link org.ejbca.core.ejb.ca.store.CertificateDataBean}:<br> * <ul> * <li><tt>CERTTYPE_ENDENTITY</tt><br> * An user or machine certificate, which identifies a subject. * </li> * <li><tt>CERTTYPE_CA</tt><br> * A CA certificate which is <b>not</b> a root CA. * </li> * <li><tt>CERTTYPE_ROOTCA</tt><br> * A Root CA certificate. * </li> * </ul> * <p/> * Usage examples:<br> * <ol> * <li>Get all root CA certificates * <p/> * <code> * ... * ICertificateStoreSessionRemote itf = ... * Collection certs = itf.findCertificatesByType(adm, * CertificateDataBean.CERTTYPE_ROOTCA, * null); * ... * </code> * </li> * <li>Get all subordinate CA certificates for a specific * Root CA. It is assumed that the <tt>subjectDN</tt> of the * Root CA certificate is located in the variable <tt>issuer</tt>. * <p/> * <code> * ... * ICertificateStoreSessionRemote itf = ... * Certficate rootCA = ... * String issuer = rootCA.getSubjectDN(); * Collection certs = itf.findCertificatesByType(adm, * CertificateDataBean.CERTTYPE_SUBCA, * issuer); * ... * </code> * </li> * <li>Get <b>all</b> CA certificates. * <p/> * <code> * ... * ICertificateStoreSessionRemote itf = ... * Collection certs = itf.findCertificatesByType(adm, * CertificateDataBean.CERTTYPE_SUBCA * + CERTTYPE_ROOTCA, * null); * ... * </code> * </li> * </ol> * * @param admin * @param issuerDN get all certificates issued by a specific issuer. * If <tt>null</tt> or empty return certificates regardless of * the issuer. * @param type CERTTYPE_* types from CertificateDataBean * @return Collection Collection of X509Certificate, never <tt>null</tt> * @ejb.interface-method */ public Collection findCertificatesByType(Admin admin, int type, String issuerDN) { return CertificateDataUtil.findCertificatesByType(admin, type, issuerDN, certHome, adapter); } // findCertificatesByType /**⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -