Package org.ejbca.core.model.ca.store

Examples of org.ejbca.core.model.ca.store.CertificateInfo


      if(certreqhist != null){
        CertificateProfile certprofile = certificateProfileSession.getCertificateProfile(admin,certreqhist.getUserDataVO().getCertificateProfileId());
        java.security.cert.Certificate cert = certificateStoreSession.findCertificateByFingerprint(admin, certreqhist.getFingerprint());
        if(certprofile != null){
          CertificateInfo certinfo = certificateStoreSession.getCertificateInfo(admin, certreqhist.getFingerprint());
          if(certprofile.getPublisherList().size() > 0){
            if(publisherSession.storeCertificate(admin, certprofile.getPublisherList(), cert, certreqhist.getUserDataVO().getUsername(), certreqhist.getUserDataVO().getPassword(), certreqhist.getUserDataVO().getDN(),
                certinfo.getCAFingerprint(), certinfo.getStatus() , certinfo.getType(), certinfo.getRevocationDate().getTime(), certinfo.getRevocationReason(), certinfo.getTag(), certinfo.getCertificateProfileId(), certinfo.getUpdateTime().getTime(), certreqhist.getUserDataVO().getExtendedinformation())){
            }else{
              throw new PublisherException("Error: publication failed to at least one of the defined publishers.");
            }
          }else{
            throw new PublisherException("Error no publisher defined for the given certificate.");
View Full Code Here


    return query.getResultList();
  }

  /** @return return the query results as a List. */
  public static CertificateInfo findFirstCertificateInfo(EntityManager entityManager, String issuerDN, String serialNumber) {
    CertificateInfo ret = null;
    final Query query = entityManager.createNativeQuery(
        "SELECT a.fingerprint, a.subjectDN, a.cAFingerprint, a.status, a.type, a.serialNumber, a.expireDate, a.revocationDate, a.revocationReason, "
        + "a.username, a.tag, a.certificateProfileId, a.updateTime FROM CertificateData a WHERE a.issuerDN=:issuerDN AND a.serialNumber=:serialNumber", "CertificateInfoSubset2");
    query.setParameter("issuerDN", issuerDN);
    query.setParameter("serialNumber", serialNumber);
    query.setMaxResults(1);
    final List<Object[]> resultList = (List<Object[]>) query.getResultList();
    if (!resultList.isEmpty()) {
      Object[] fields = resultList.get(0);
      // The order of the results are defined by the SqlResultSetMapping annotation
      String fingerprint = (String) fields[0];
      String subjectDN = (String) fields[1];
      String cafp = (String) fields[2];
      int status = ValueExtractor.extractIntValue(fields[3]);
      int type = ValueExtractor.extractIntValue(fields[4]);
      long expireDate = ValueExtractor.extractLongValue(fields[5]);
      long revocationDate = ValueExtractor.extractLongValue(fields[6]);
      int revocationReason = ValueExtractor.extractIntValue(fields[7]);
      String username = (String) fields[8];
      String tag = (String) fields[9];
      int cProfId = ValueExtractor.extractIntValue(fields[10]);
      long updateTime;
      if (fields[11]==null) {
        updateTime = 0// Might be null in an upgraded installation
      } else {
        updateTime = ValueExtractor.extractLongValue(fields[11]);
      }
          ret = new CertificateInfo(fingerprint, cafp, serialNumber, issuerDN, subjectDN, status, type, expireDate, revocationDate, revocationReason, username, tag, cProfId, updateTime);       
    }
    return ret;
  }
View Full Code Here

    return certificateList;
  }

  /** @return the CertificateInfo representation (all fields except the actual cert) or null if no such fingerprint exists. */
  public static CertificateInfo getCertificateInfo(EntityManager entityManager, String fingerprint) {
    CertificateInfo ret = null;
    final Query query = entityManager.createNativeQuery(
        "SELECT a.issuerDN, a.subjectDN, a.cAFingerprint, a.status, a.type, a.serialNumber, a.expireDate, a.revocationDate, a.revocationReason, "
        + "a.username, a.tag, a.certificateProfileId, a.updateTime FROM CertificateData a WHERE a.fingerprint=:fingerprint", "CertificateInfoSubset");
      query.setParameter("fingerprint", fingerprint);
    final List<Object[]> resultList = (List<Object[]>) query.getResultList();
    if (!resultList.isEmpty()) {
      Object[] fields = resultList.get(0);
      // The order of the results are defined by the SqlResultSetMapping annotation
      String issuerDN = (String) fields[0];
      String subjectDN = (String) fields[1];
      String cafp = (String) fields[2];
      int status = ValueExtractor.extractIntValue(fields[3]);
      int type = ValueExtractor.extractIntValue(fields[4]);
      String serno = (String) fields[5];
      long expireDate = ValueExtractor.extractLongValue(fields[6]);
      long revocationDate = ValueExtractor.extractLongValue(fields[7]);
      int revocationReason = ValueExtractor.extractIntValue(fields[8]);
      String username = (String) fields[9];
      String tag = (String) fields[10];
      int cProfId = ValueExtractor.extractIntValue(fields[11]);
      long updateTime;
      if (fields[12]==null) {
        updateTime = 0// Might be null in an upgraded installation
      } else {
        updateTime = ValueExtractor.extractLongValue(fields[12]);
      }
          ret = new CertificateInfo(fingerprint, cafp, serno, issuerDN, subjectDN, status, type, expireDate, revocationDate, revocationReason, username, tag, cProfId, updateTime);       
    }
    return ret;
  }
View Full Code Here

                }
                // Store CA certificate in the database if it does not exist
                long updateTime = new Date().getTime();
                int profileId = 0;
                String tag = null;
                CertificateInfo ci = certificateStoreSession.getCertificateInfo(admin, fingerprint);
                if (ci == null) {
                    // If we don't have it in the database, store it setting
                    // certificateProfileId = 0 and tag = null
                    certificateStoreSession.storeCertificate(admin, cert, name, cafp, SecConst.CERT_ACTIVE, type, profileId, tag, updateTime);
                } else {
                    updateTime = ci.getUpdateTime().getTime();
                    profileId = ci.getCertificateProfileId();
                    tag = ci.getTag();
                }
                if (usedpublishers != null) {
                    publisherSession.storeCertificate(admin, usedpublishers, cert, cafp, null, caDataDN, fingerprint, SecConst.CERT_ACTIVE, type, -1,
                            RevokedCertInfo.NOT_REVOKED, tag, profileId, updateTime, null);
                }
View Full Code Here

                final Collection<Integer> capublishers = cainfo.getCRLPublishers();
                // Store cert and CRL in ca publishers.
                if (capublishers != null) {
                    String fingerprint = CertTools.getFingerprintAsString(cacert);
                    String username = ejb.getCertStoreSession().findUsernameByCertSerno(getAdmin(), cacert.getSerialNumber(), cacert.getIssuerDN().getName());
                    CertificateInfo certinfo = ejb.getCertStoreSession().getCertificateInfo(getAdmin(), fingerprint);
                    ejb.getPublisherSession().storeCertificate(getAdmin(), capublishers, cacert, username, null, cainfo.getSubjectDN(), fingerprint, certinfo
                            .getStatus(), certinfo.getType(), certinfo.getRevocationDate().getTime(), certinfo.getRevocationReason(), certinfo.getTag(),
                            certinfo.getCertificateProfileId(), certinfo.getUpdateTime().getTime(), null);
                    getLogger().info("Certificate published for " + caname);
                    if ( crlbytes!=null && crlbytes.length>0 && crlNumber>0 ) {
                        ejb.getPublisherSession().storeCRL(getAdmin(), capublishers, crlbytes, fingerprint, crlNumber, cainfo.getSubjectDN());
                        getLogger().info("CRL with number "+crlNumber+" published for " + caname);
                    } else {
View Full Code Here

    }

    private void publishCert(UserDataVO data, CertificateProfile certProfile, X509Certificate cert) {
        try {
            String fingerprint = CertTools.getFingerprintAsString(cert);
            CertificateInfo certinfo = ejb.getCertStoreSession().getCertificateInfo(getAdmin(), fingerprint);
            final String userDataDN = data.getDN();
            ejb.getPublisherSession().storeCertificate(getAdmin(), certProfile.getPublisherList(), cert, data.getUsername(), data.getPassword(), userDataDN,
                    fingerprint, certinfo.getStatus(), certinfo.getType(), certinfo.getRevocationDate().getTime(), certinfo.getRevocationReason(), certinfo
                            .getTag(), certinfo.getCertificateProfileId(), certinfo.getUpdateTime().getTime(), null);
        } catch (Exception e) {
            // catch failure to publish one user and continue with the rest
            getLogger().error("Failed to publish certificate for user " + data.getUsername() + ", continuing with next user.");
        }
    }
View Full Code Here

                X509Certificate nextCert = (X509Certificate) userCertIter.next();                       
                try {
                  // Check that the certificate is valid
                  nextCert.checkValidity(new Date());               
                  // and not revoked 
                  CertificateInfo certInfo = certificateStoreSession.getCertificateInfo(pubAdmin, CertTools.getFingerprintAsString(nextCert));
                  if(certInfo.getRevocationReason() == RevokedCertInfo.NOT_REVOKED){
                    if(fulfillsKeyUsageAndUseKeyWith(queryKeyBindingType,nextCert)){
                      retval.add(nextCert);                     
                    }
                  }
                  if (log.isDebugEnabled()) {
                    log.debug("certificateStoreSession.getCertificateInfo " + certInfo.getRevocationReason() + " results for fingerprint \"" + CertTools.getFingerprintAsString(nextCert) + "\"");
                  }
                } catch (CertificateExpiredException e) {
                } catch (CertificateNotYetValidException e) {
                }                     
              }           
View Full Code Here

        assertNotNull("Failed to create certificate", cert);

        String fp = CertTools.getFingerprintAsString(cert);
        X509Certificate ce = (X509Certificate) certificateStoreSession.findCertificateByFingerprint(admin, fp);
        assertNotNull("Cannot find certificate with fp=" + fp, ce);
        CertificateInfo info = certificateStoreSession.getCertificateInfo(admin, fp);
        // log.info("Got certificate info for cert with fp="+fp);
        assertEquals("fingerprint does not match.", fp, info.getFingerprint());
        assertEquals("serialnumber does not match.", cert.getSerialNumber(), info.getSerialNumber());
        assertEquals("issuerdn does not match.", CertTools.getIssuerDN(cert), info.getIssuerDN());
        assertEquals("subjectdn does not match.", CertTools.getSubjectDN(cert), info.getSubjectDN());
        // The cert was just stored above with status INACTIVE
        assertEquals("status does not match.", SecConst.CERT_ACTIVE, info.getStatus());
        long seconds = (cert.getNotAfter().getTime() - new Date().getTime()) / 1000l;
        log.debug("ceritificate OK in store, expires in " + seconds + " seconds");

        // Create a new UserPasswordExpireService
        ServiceConfiguration config = new ServiceConfiguration();
        config.setActive(true);
        config.setDescription("This is a description");
        // No mailsending for this Junit test service
        config.setActionClassPath(NoAction.class.getName());
        config.setActionProperties(null);
        config.setIntervalClassPath(PeriodicalInterval.class.getName());
        Properties intervalprop = new Properties();
        // Run the service every 3:rd second
        intervalprop.setProperty(PeriodicalInterval.PROP_VALUE, "3");
        intervalprop.setProperty(PeriodicalInterval.PROP_UNIT, PeriodicalInterval.UNIT_SECONDS);
        config.setIntervalProperties(intervalprop);
        config.setWorkerClassPath(CertificateExpirationNotifierWorker.class.getName());
        Properties workerprop = new Properties();
        workerprop.setProperty(EmailSendingWorkerConstants.PROP_SENDTOADMINS, "FALSE");
        workerprop.setProperty(EmailSendingWorkerConstants.PROP_SENDTOENDUSERS, "FALSE");
        workerprop.setProperty(BaseWorker.PROP_CAIDSTOCHECK, String.valueOf(caid));
        workerprop.setProperty(BaseWorker.PROP_TIMEBEFOREEXPIRING, String.valueOf(seconds - 10));
        workerprop.setProperty(BaseWorker.PROP_TIMEUNIT, BaseWorker.UNIT_SECONDS);
        config.setWorkerProperties(workerprop);

        if (serviceSession.getService(admin, CERTIFICATE_EXPIRATION_SERVICE) == null) {
            serviceSession.addService(admin, 4711, CERTIFICATE_EXPIRATION_SERVICE, config);
        }
        serviceSession.activateServiceTimer(admin, CERTIFICATE_EXPIRATION_SERVICE);

        // The service will run... the cert should still be active after 5 seconds..
        Thread.sleep(5000);
        info = certificateStoreSession.getCertificateInfo(admin, fp);
        assertEquals("status dotes not match.", SecConst.CERT_ACTIVE, info.getStatus());
 
        // The service will run...We need some tolerance since timers cannot
        // be guaranteed to executed at the exact interval.
        Thread.sleep(4000);
        int tries = 0;
        while (info.getStatus() != SecConst.CERT_NOTIFIEDABOUTEXPIRATION && tries<5) {
          Thread.sleep(1000);
          info = certificateStoreSession.getCertificateInfo(admin, fp);
          tries++;
        }
        info = certificateStoreSession.getCertificateInfo(admin, fp);
        assertEquals("Status does not match.", SecConst.CERT_NOTIFIEDABOUTEXPIRATION, info.getStatus());
      log.debug("It took >" + (9+tries) + " seconds before the certificate was expired!");

        log.trace("<test01CreateNewUser()");
    }
View Full Code Here

       
        long date = new Date().getTime();
        ret = publisherSession.storeCertificate(admin, publishers, cert, "test05", "foo123", null, null, SecConst.CERT_ACTIVE, SecConst.CERTTYPE_ENDENTITY, -1, RevokedCertInfo.NOT_REVOKED, "foo", SecConst.CERTPROFILE_FIXED_ENDUSER, date, null);
        assertTrue("Error storing certificate to external ocsp publisher", ret);

        CertificateInfo info = certificateStoreSession.getCertificateInfo(admin, CertTools.getFingerprintAsString(cert));
        assertEquals(SecConst.CERTPROFILE_FIXED_ENDUSER, info.getCertificateProfileId());
        assertEquals("foo", info.getTag());
        assertEquals(date, info.getUpdateTime().getTime());

        date = date + 12345;
        publisherSession.revokeCertificate(admin, publishers, cert, "test05", null, null, SecConst.CERTTYPE_ENDENTITY, RevokedCertInfo.REVOCATION_REASON_CACOMPROMISE, new Date().getTime(), "foobar", 12345, date);

        info = certificateStoreSession.getCertificateInfo(admin, CertTools.getFingerprintAsString(cert));
        assertEquals(12345, info.getCertificateProfileId());
        assertEquals("foobar", info.getTag());
        assertEquals(date, info.getUpdateTime().getTime());

        // Test storing and updating CRLs as well
        publisherSession.storeCRL(admin, publishers, testcrl, "test05", 1, null);
        publisherSession.storeCRL(admin, publishers, testcrl, "test05", 1, null);
       
View Full Code Here

            caAdminSession.editCA(admin, cainfo);
            ca = caSession.getCA(admin, caid);
            // Create new CRL's
            crlCreateSession.run(admin, ca);
            // Verify that status is not archived
            CertificateInfo certinfo = certificateStoreSession.getCertificateInfo(admin, CertTools.getFingerprintAsString(cert));
            assertFalse("Non Expired Revoked Certificate was archived", certinfo.getStatus() == SecConst.CERT_ARCHIVED);
        } finally {
            // Restore CRL Period
            cainfo.setCRLPeriod(tempCRLPeriod);
            caAdminSession.editCA(admin, cainfo);
            ca = caSession.getCA(admin, caid);
View Full Code Here

TOP

Related Classes of org.ejbca.core.model.ca.store.CertificateInfo

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.