Package org.ejbca.core.model.ca.store

Examples of org.ejbca.core.model.ca.store.CRLInfo


    }
    final HashID id = HashID.getFromSubjectDN(caCert);
    final String issuerDN = CertTools.getSubjectDN(caCert);
    this.rebuildlock.lock();
    try {
      final CRLInfo crlInfo = this.crlSession.getLastCRLInfo(this.admin, issuerDN, isDelta);
      if ( crlInfo==null ) {
        if (log.isDebugEnabled()) {
          log.debug("No CRL found with issuerDN '"+issuerDN+"', returning null.");
        }
        return null;
      }
      final Map<Integer, CRLEntity> usedCrls = isDelta ? this.deltaCrls : this.crls;
      final CRLEntity cachedCRL = usedCrls.get(id.key);
      if ( cachedCRL!=null && !crlInfo.getCreateDate().after(cachedCRL.crlInfo.getCreateDate()) ) {
        if (log.isDebugEnabled()) {
          log.debug("Retrieved CRL (from cache) with issuerDN '"+issuerDN+"', with CRL number "+crlInfo.getLastCRLNumber());
        }
        return cachedCRL.encoded;
      }
      final CRLEntity entry = new CRLEntity( crlInfo, this.crlSession.getLastCRL(this.admin, issuerDN, isDelta) );
      usedCrls.put(id.key, entry);
      if (log.isDebugEnabled()) {
        log.debug("Retrieved CRL (not from cache) with issuerDN '"+issuerDN+"', with CRL number "+crlInfo.getLastCRLNumber());
      }
      return entry.encoded;
    } finally {
      this.rebuildlock.unlock();
    }
View Full Code Here


    public void createCRLs(Admin admin, CA ca, CAInfo cainfo) throws CATokenOfflineException {
        final String fp = run(admin, ca);
        // If we could not create a full CRL (for example CVC CAs does not even
        // support CRLs), don't try to create a delta CRL.
        if (fp != null) {
            final CRLInfo crlInfo = crlSession.getCRLInfo(admin, fp);
            if (cainfo.getDeltaCRLPeriod() > 0) {
                runDeltaCRL(admin, ca, crlInfo.getLastCRLNumber(), crlInfo.getCreateDate().getTime());
            }
        }
    }
View Full Code Here

                                                try {
                                                        if (log.isDebugEnabled()) {
                                                                log.debug("Checking to see if CA '"+cainfo.getName()+"' ("+cainfo.getCAId()+") needs CRL generation.");
                                                        }
                                                        final String certSubjectDN = CertTools.getSubjectDN(cacert);
                                                        CRLInfo crlinfo = crlSession.getLastCRLInfo(admin,certSubjectDN,false);
                                                        if (log.isDebugEnabled()) {
                                                                if (crlinfo == null) {
                                                                        log.debug("Crlinfo was null");
                                                                } else {
                                                                        log.debug("Read crlinfo for CA: "+cainfo.getName()+", lastNumber="+crlinfo.getLastCRLNumber()+", expireDate="+crlinfo.getExpireDate());
                                                                }                                         
                                                        }
                                                        long crlissueinterval = cainfo.getCRLIssueInterval();
                                                        if (log.isDebugEnabled()) {
                                                                log.debug("crlissueinterval="+crlissueinterval);
                                                                log.debug("crloverlaptime="+cainfo.getCRLOverlapTime());                                  
                                                        }
                                                        long overlap = cainfo.getCRLOverlapTime() + addtocrloverlaptime; // Overlaptime is in minutes, default if crlissueinterval == 0
                                                        long nextUpdate = 0; // if crlinfo == 0, we will issue a crl now
                                                        if (crlinfo != null) {
                                                                // CRL issueinterval in hours. If this is 0, we should only issue a CRL when
                                                                // the old one is about to expire, i.e. when currenttime + overlaptime > expiredate
                                                                // if isseuinterval is > 0 we will issue a new CRL when currenttime > createtime + issueinterval
                                                                nextUpdate = crlinfo.getExpireDate().getTime(); // Default if crlissueinterval == 0
                                                                if (crlissueinterval > 0) {
                                                                        long u = crlinfo.getCreateDate().getTime() + crlissueinterval;
                                                                        // If this period for some reason (we missed to issue some?) is larger than when the CRL expires,
                                                                        // we need to issue one when the CRL expires
                                                                        if ((u + overlap) < nextUpdate) {
                                                                                nextUpdate = u;
                                                                                // When we issue CRLs before the real expiration date we don't use overlap
View Full Code Here

                                                } else {
                                                        if (log.isDebugEnabled()) {
                                                                log.debug("Checking to see if CA '"+cainfo.getName()+"' needs Delta CRL generation.");
                                                        }
                                                        final String certSubjectDN = CertTools.getSubjectDN(cacert);
                                                        CRLInfo deltacrlinfo = crlSession.getLastCRLInfo(admin, certSubjectDN, true);
                                                        if (log.isDebugEnabled()) {
                                                                if (deltacrlinfo == null) {
                                                                        log.debug("DeltaCrlinfo was null");
                                                                } else {
                                                                        log.debug("Read deltacrlinfo for CA: "+cainfo.getName()+", lastNumber="+deltacrlinfo.getLastCRLNumber()+", expireDate="+deltacrlinfo.getExpireDate());
                                                                }                                         
                                                        }
                                                        if((deltacrlinfo == null) || ((currenttime.getTime() + crloverlaptime) >= deltacrlinfo.getExpireDate().getTime())){
                                                                runDeltaCRL(admin, ca, -1, -1);
                                                                ret = true;
                                                        }
                                                }
                                        }
View Full Code Here

                    final Certificate cacert = !certs.isEmpty() ? certs.iterator().next(): null;
                caCertSubjectDN = cacert!=null ? CertTools.getSubjectDN(cacert) : null;
            }
                if (caCertSubjectDN!=null && cainfo instanceof X509CAInfo) { // Only create CRLs for X509 CAs
                        if ( (baseCrlNumber == -1) && (baseCrlCreateTime == -1) ) {
                                CRLInfo basecrlinfo = crlSession.getLastCRLInfo(admin, caCertSubjectDN, false);
                                baseCrlCreateTime = basecrlinfo.getCreateDate().getTime();
                                baseCrlNumber = basecrlinfo.getLastCRLNumber();                                
                        }
                        // Find all revoked certificates
                        Collection<RevokedCertInfo> revcertinfos = certificateStoreSession.listRevokedCertInfo(admin, caCertSubjectDN, baseCrlCreateTime);
                                if (log.isDebugEnabled()) {
                                        log.debug("Found "+revcertinfos.size()+" revoked certificates.");
View Full Code Here

      log.trace(">getLastCRLInfo(" + issuerdn + ", "+deltaCRL+")");
    }
    int crlnumber = 0;
    try {
      crlnumber = getLastCRLNumber(admin, issuerdn, deltaCRL);
      CRLInfo crlinfo = null;
      CRLData data = CRLData.findByIssuerDNAndCRLNumber(getEntityManager(), issuerdn, crlnumber);
      if (data != null) {
        crlinfo = new CRLInfo(data.getIssuerDN(), crlnumber, data.getThisUpdate(), data.getNextUpdate());
      } else {
        if (deltaCRL && (crlnumber == 0)) {
          if (log.isDebugEnabled()) {
            log.debug("No delta CRL exists for CA with dn '"+issuerdn+"'");
          }
View Full Code Here

  protected CRLInfo getCRLInfo(Admin admin, String fingerprint) {
    if (log.isTraceEnabled()) {
      log.trace(">getCRLInfo(" + fingerprint+")");
    }
    try {
      CRLInfo crlinfo = null;
      CRLData data = CRLData.findByFingerprint(getEntityManager(), fingerprint);
      if (data != null) {
        crlinfo = new CRLInfo(data.getIssuerDN(), data.getCrlNumber(), data.getThisUpdate(), data.getNextUpdate());
      } else {
        if (log.isDebugEnabled()) {
          log.debug("No CRL exists with fingerprint '"+fingerprint+"'");
        }
        String msg = intres.getLocalizedMessage("store.errorgetcrl", fingerprint, new Integer(0));             
View Full Code Here

          Collection<Integer> caIds = ejb.getCaSession().getAvailableCAs(getAdmin());
          for (Integer caId : caIds) {
            final CA ca = ejb.getCaSession().getCA(getAdmin(), caId);
            final StringBuilder sb = new StringBuilder();
            sb.append("\"").append(ca.getName()).append("\" \"").append(ca.getSubjectDN()).append("\"");
            final CRLInfo crlInfo = ejb.getCrlSession().getLastCRLInfo(getAdmin(), ca.getSubjectDN(), false);
            if (crlInfo != null) {
                sb.append(" CRL# ").append(crlInfo.getLastCRLNumber());
                sb.append(" issued ").append(ValidityDate.formatAsUTC(crlInfo.getCreateDate()));
                sb.append(" expires ").append(ValidityDate.formatAsUTC(crlInfo.getExpireDate()));
            } else {
              sb.append(" NO_CRL_ISSUED");
            }
            final CRLInfo deltaCrlInfo = ejb.getCrlSession().getLastCRLInfo(getAdmin(), ca.getSubjectDN(), true);
            if (deltaCrlInfo!=null) {
                sb.append(" DELTACRL# ").append(deltaCrlInfo.getLastCRLNumber());
                sb.append(" issued ").append(ValidityDate.formatAsUTC(deltaCrlInfo.getCreateDate()));
                sb.append(" expires ").append(ValidityDate.formatAsUTC(deltaCrlInfo.getExpireDate()));
            } else {
              sb.append(" NO_DELTACRL_ISSUED");
            }
            getLogger().info(sb.toString());
          }
View Full Code Here

TOP

Related Classes of org.ejbca.core.model.ca.store.CRLInfo

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.