Return-Path: Delivered-To: apmail-geronimo-scm-archive@www.apache.org Received: (qmail 63745 invoked from network); 17 Nov 2006 20:06:40 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 17 Nov 2006 20:06:40 -0000 Received: (qmail 5124 invoked by uid 500); 17 Nov 2006 20:06:49 -0000 Delivered-To: apmail-geronimo-scm-archive@geronimo.apache.org Received: (qmail 5086 invoked by uid 500); 17 Nov 2006 20:06:49 -0000 Mailing-List: contact scm-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list scm@geronimo.apache.org Received: (qmail 4897 invoked by uid 99); 17 Nov 2006 20:06:48 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 17 Nov 2006 12:06:48 -0800 X-ASF-Spam-Status: No, hits=-9.4 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 17 Nov 2006 12:06:33 -0800 Received: by eris.apache.org (Postfix, from userid 65534) id 8E2531A985C; Fri, 17 Nov 2006 12:05:35 -0800 (PST) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r476291 [7/9] - in /geronimo/server/trunk: applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/ca/ applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/ca/ applications/geronimo-ca... Date: Fri, 17 Nov 2006 20:05:29 -0000 To: scm@geronimo.apache.org From: vamsic007@apache.org X-Mailer: svnmailer-1.1.0 Message-Id: <20061117200535.8E2531A985C@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Modified: geronimo/server/trunk/configs/ca-helper-tomcat/src/site/site.xml URL: http://svn.apache.org/viewvc/geronimo/server/trunk/configs/ca-helper-tomcat/src/site/site.xml?view=diff&rev=476291&r1=476290&r2=476291 ============================================================================== --- geronimo/server/trunk/configs/ca-helper-tomcat/src/site/site.xml (original) +++ geronimo/server/trunk/configs/ca-helper-tomcat/src/site/site.xml Fri Nov 17 12:05:24 2006 @@ -1,35 +1,35 @@ - - - - - - - - - - ${parentProject} - - ${modules} - - ${reports} - - - - - - + + + + + + + + + + ${parentProject} + + ${modules} + + ${reports} + + + + + + Propchange: geronimo/server/trunk/configs/ca-helper-tomcat/src/site/site.xml ------------------------------------------------------------------------------ svn:eol-style = native Propchange: geronimo/server/trunk/configs/ca-helper-tomcat/src/site/site.xml ------------------------------------------------------------------------------ svn:keywords = Date Revision Propchange: geronimo/server/trunk/configs/ca-helper-tomcat/src/site/site.xml ------------------------------------------------------------------------------ svn:mime-type = text/xml Modified: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateRequestStore.java URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateRequestStore.java?view=diff&rev=476291&r1=476290&r2=476291 ============================================================================== --- geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateRequestStore.java (original) +++ geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateRequestStore.java Fri Nov 17 12:05:24 2006 @@ -1,95 +1,95 @@ -/** - * - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.geronimo.management.geronimo; - -import java.math.BigInteger; - -/** - * Management interface for dealing with a specific CertificateRequestStore - * - * @version $Rev$ $Date$ - */ -public interface CertificateRequestStore { - /** - * This method returns the ids of all certificate requests in the store. - */ - public String[] getAllRequestIds(); - - /** - * This method returns the ids of all certificate requests with verification due. - */ - public String[] getVerificatonDueRequestIds(); - - /** - * This method returns the ids of all certificate requests that are verified. - */ - public String[] getVerifiedRequestIds(); - - /** - * This method returns the certificate request text corresponding to a specified id. - * @param id Id of the certificate request. - */ - public String getRequest(String id); - - /** - * This method deletes a certificate request with the specified id. - * @param id Id of the certificate request to be deleted. - * @return True if the request is deleted succssfully - */ - public boolean deleteRequest(String id); - - /** - * This method stores the given certificate request under the given id. If a request with the id - * exists in the store, it will generate a new id and store the request under that id. - * @param id Id under which the certificate request is to be stored - * @param csrText Certificate Request text - * @return Id under which the certificate request is stored - */ - public String storeRequest(String id, String csrText); - - /** - * This method sets the status of the specifed certificate request as verified. - * @param id Id of the certificate request - * @return True if the status is set successfully. - */ - public boolean setRequestVerified(String id); - - /** - * This method sets the status of a certificate request as fulfilled. - * @param id Id of the certificate request - * @param sNo Serial number of the certificate issued against the certificate request. - * @return True if the operation is successfull. - */ - public boolean setRequestFulfilled(String id, BigInteger sNo); - - /** - * This method returns the Serial number of the certificate issued against the certificate request - * specified by the given id. - * @param id Id of the certificate request - * @return Serial number of the certificate issued. - * @return null if there is no such certificate request or the certificate request is not fulfilled. - */ - public BigInteger getSerialNumberForRequest(String id); - - /** - * This method removes the certificate request id from the status list. - * @param id Id of the certificate request to be removed. - * @param sNo Serial number of certificate issued against the certificate request whose Id is to be removed. - */ - public void removeRequestStatus(String id, BigInteger sNo); -} +/** + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.geronimo.management.geronimo; + +import java.math.BigInteger; + +/** + * Management interface for dealing with a specific CertificateRequestStore + * + * @version $Rev$ $Date$ + */ +public interface CertificateRequestStore { + /** + * This method returns the ids of all certificate requests in the store. + */ + public String[] getAllRequestIds(); + + /** + * This method returns the ids of all certificate requests with verification due. + */ + public String[] getVerificatonDueRequestIds(); + + /** + * This method returns the ids of all certificate requests that are verified. + */ + public String[] getVerifiedRequestIds(); + + /** + * This method returns the certificate request text corresponding to a specified id. + * @param id Id of the certificate request. + */ + public String getRequest(String id); + + /** + * This method deletes a certificate request with the specified id. + * @param id Id of the certificate request to be deleted. + * @return True if the request is deleted succssfully + */ + public boolean deleteRequest(String id); + + /** + * This method stores the given certificate request under the given id. If a request with the id + * exists in the store, it will generate a new id and store the request under that id. + * @param id Id under which the certificate request is to be stored + * @param csrText Certificate Request text + * @return Id under which the certificate request is stored + */ + public String storeRequest(String id, String csrText); + + /** + * This method sets the status of the specifed certificate request as verified. + * @param id Id of the certificate request + * @return True if the status is set successfully. + */ + public boolean setRequestVerified(String id); + + /** + * This method sets the status of a certificate request as fulfilled. + * @param id Id of the certificate request + * @param sNo Serial number of the certificate issued against the certificate request. + * @return True if the operation is successfull. + */ + public boolean setRequestFulfilled(String id, BigInteger sNo); + + /** + * This method returns the Serial number of the certificate issued against the certificate request + * specified by the given id. + * @param id Id of the certificate request + * @return Serial number of the certificate issued. + * @return null if there is no such certificate request or the certificate request is not fulfilled. + */ + public BigInteger getSerialNumberForRequest(String id); + + /** + * This method removes the certificate request id from the status list. + * @param id Id of the certificate request to be removed. + * @param sNo Serial number of certificate issued against the certificate request whose Id is to be removed. + */ + public void removeRequestStatus(String id, BigInteger sNo); +} Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateRequestStore.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateRequestStore.java ------------------------------------------------------------------------------ svn:keywords = Date Author Id Revision HeadURL Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateRequestStore.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Modified: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateStore.java URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateStore.java?view=diff&rev=476291&r1=476290&r2=476291 ============================================================================== --- geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateStore.java (original) +++ geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateStore.java Fri Nov 17 12:05:24 2006 @@ -1,85 +1,85 @@ -/** - * - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.geronimo.management.geronimo; - -import java.math.BigInteger; -import java.security.cert.Certificate; - -/** - * Management interface for dealing with a specific Certificate Store - * - * @version $Rev$ $Date$ - */ -public interface CertificateStore { - /** - * This method stores a given certificate. - * - * @param cert Certificate to be stored - */ - public void storeCertificate(Certificate cert) throws CertificateStoreException; - - /** - * This method returns a Certificate with a given serial number (if it exists in the store) - * - * @param sNo Serial Number of the certificate to be retrieved. - */ - public Certificate getCertificate(BigInteger sNo) throws CertificateStoreException; - - /** - * This method returns base64 encoded certificate with a given serial number (if it exists in the store) - * - * @param sNo Serial Number of the certificate to be retrieved. - */ - public String getCertificateBase64Text(BigInteger sNo) throws CertificateStoreException; - - /** - * This method returns the highest certificate serial number in the store. - */ - public BigInteger getHighestSerialNumber() throws CertificateStoreException; - - /** - * This method returns the 'highest certificate serial number plus ONE' and increments the highest - * serial number in the store. - */ - public BigInteger getNextSerialNumber() throws CertificateStoreException; - - /** - * This method checks if a certificate with a given serial number exists in the store. - * - * @param sNo Serial number of the certificate to be checked - */ - public boolean containsCertificate(BigInteger sNo); - - /** - * This method stores the CA's certificate in the store. - * @param cert CA's certificate - */ - public boolean storeCACertificate(Certificate cert) throws CertificateStoreException; - - /** - * This method returns the CA's certificate stored in the store. - */ - public Certificate getCACertificate() throws CertificateStoreException; - - /** - * This method stores the challenge phrase against the specified certificate serial number - * @param sNo Serial number of the certificate - * @param challenge Challenge phrase - */ - public boolean setCertificateChallenge(BigInteger sNo, String challenge) throws CertificateStoreException; -} +/** + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.geronimo.management.geronimo; + +import java.math.BigInteger; +import java.security.cert.Certificate; + +/** + * Management interface for dealing with a specific Certificate Store + * + * @version $Rev$ $Date$ + */ +public interface CertificateStore { + /** + * This method stores a given certificate. + * + * @param cert Certificate to be stored + */ + public void storeCertificate(Certificate cert) throws CertificateStoreException; + + /** + * This method returns a Certificate with a given serial number (if it exists in the store) + * + * @param sNo Serial Number of the certificate to be retrieved. + */ + public Certificate getCertificate(BigInteger sNo) throws CertificateStoreException; + + /** + * This method returns base64 encoded certificate with a given serial number (if it exists in the store) + * + * @param sNo Serial Number of the certificate to be retrieved. + */ + public String getCertificateBase64Text(BigInteger sNo) throws CertificateStoreException; + + /** + * This method returns the highest certificate serial number in the store. + */ + public BigInteger getHighestSerialNumber() throws CertificateStoreException; + + /** + * This method returns the 'highest certificate serial number plus ONE' and increments the highest + * serial number in the store. + */ + public BigInteger getNextSerialNumber() throws CertificateStoreException; + + /** + * This method checks if a certificate with a given serial number exists in the store. + * + * @param sNo Serial number of the certificate to be checked + */ + public boolean containsCertificate(BigInteger sNo); + + /** + * This method stores the CA's certificate in the store. + * @param cert CA's certificate + */ + public boolean storeCACertificate(Certificate cert) throws CertificateStoreException; + + /** + * This method returns the CA's certificate stored in the store. + */ + public Certificate getCACertificate() throws CertificateStoreException; + + /** + * This method stores the challenge phrase against the specified certificate serial number + * @param sNo Serial number of the certificate + * @param challenge Challenge phrase + */ + public boolean setCertificateChallenge(BigInteger sNo, String challenge) throws CertificateStoreException; +} Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateStore.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateStore.java ------------------------------------------------------------------------------ svn:keywords = Date Author Id Revision HeadURL Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateStore.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Modified: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateStoreException.java URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateStoreException.java?view=diff&rev=476291&r1=476290&r2=476291 ============================================================================== --- geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateStoreException.java (original) +++ geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateStoreException.java Fri Nov 17 12:05:24 2006 @@ -1,33 +1,33 @@ -/** - * - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.geronimo.management.geronimo; - -/** - * Exception indicating that a CertificateStore operation was unsuccessful. - * - * @version $Rev$ $Date$ - */ -public class CertificateStoreException extends Exception { - public CertificateStoreException(String message) { - super(message); - } - - public CertificateStoreException(String message, Throwable cause) { - super(message, cause); - } -} +/** + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.geronimo.management.geronimo; + +/** + * Exception indicating that a CertificateStore operation was unsuccessful. + * + * @version $Rev$ $Date$ + */ +public class CertificateStoreException extends Exception { + public CertificateStoreException(String message) { + super(message); + } + + public CertificateStoreException(String message, Throwable cause) { + super(message, cause); + } +} Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateStoreException.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateStoreException.java ------------------------------------------------------------------------------ svn:keywords = Date Author Id Revision HeadURL Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificateStoreException.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Modified: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificationAuthority.java URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificationAuthority.java?view=diff&rev=476291&r1=476290&r2=476291 ============================================================================== --- geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificationAuthority.java (original) +++ geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificationAuthority.java Fri Nov 17 12:05:24 2006 @@ -1,120 +1,120 @@ -/** - * - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.geronimo.management.geronimo; - -import java.math.BigInteger; -import java.security.PublicKey; -import java.security.cert.Certificate; -import java.util.Date; - -import javax.security.auth.x500.X500Principal; - -import org.apache.geronimo.management.geronimo.CertificationAuthorityException; - -/** - * Management interface for dealing with a specific CertificationAuthority. - * - * @version $Rev$ $Date$ - */ -public interface CertificationAuthority { - - /** - * This method checks if the CA is locked. - * @return true if CA is locked, false otherwise. - */ - public abstract boolean isLocked(); - - /** - * This method locks the CA. - */ - public abstract void lock(); - - /** - * This method unlocks the CA. - * @param password Password to unlock the CA. - */ - public abstract void unlock(char[] password) throws CertificationAuthorityException; - - /** - * This method returns CA's name. - * @throws Exception if CA is locked. - */ - public abstract X500Principal getName() throws CertificationAuthorityException; - - /** - * This method returns CA's own certificate. - * @throws Exception if CA is locked. - */ - public abstract Certificate getCertificate() throws CertificationAuthorityException; - - /** - * This method makes the CA issue a self-signed certificate with given details. This method is usually - * called while initializing the CA. - * - * @param sNo Serial number for self-signed certificate - * @param validFromDate Certificate validity period start date - * @param validToDate Certificate validity period end date - * @param algorithm Signature algorithm for self-signed certificate - */ - public abstract void issueOwnCertificate(BigInteger sNo, Date validFromDate, Date validToDate, String algorithm) throws CertificationAuthorityException; - - /** - * This method issues a certificate. - * - * @param subject Subject name - * @param publicKey Subject's public key - * @param sNo Serial number for the certificate to be issued - * @param validFromDate Certificate validity period start date - * @param validToDate Certificate validity period end date - * @param algorithm Signature algorithm for the certificate - * @return newly issued certificate - */ - public abstract Certificate issueCertificate(X500Principal subject, PublicKey publicKey, BigInteger sNo, Date validFromDate, Date validToDate, String algorithm) throws CertificationAuthorityException; - - /** - * This method returns the highest serial number used by the CA. - */ - public abstract BigInteger getHighestSerialNumber() throws CertificationAuthorityException; - - /** - * This method checks if a Certificate with a given serial number is already issued. - * @param sNo The serial number of the the certificate to be looked for - * @return true if a certificate with the specified serial number has already been issued - */ - public abstract boolean isCertificateIssued(BigInteger sNo) throws CertificationAuthorityException; - - /** - * This method returns the next serial number that can be used to issue a certificate and increments the - * highest serial number. - */ - public abstract BigInteger getNextSerialNumber() throws CertificationAuthorityException; - - /** - * This method retrieves a certificate with the specified serial number. - * @param sNo The serial number of the certificate to be retrieved - * @return java.security.cert.Certificate instance of the certificate - */ - public abstract Certificate getCertificate(BigInteger sNo) throws CertificationAuthorityException; - - /** - * This method retrieves a certificate with the specified serial number. - * @param sNo The serial number of the certificate to be retrieved - * @return base64 encoded certificate text - */ - public abstract String getCertificateBase64Text(BigInteger sNo) throws CertificationAuthorityException; -} +/** + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.geronimo.management.geronimo; + +import java.math.BigInteger; +import java.security.PublicKey; +import java.security.cert.Certificate; +import java.util.Date; + +import javax.security.auth.x500.X500Principal; + +import org.apache.geronimo.management.geronimo.CertificationAuthorityException; + +/** + * Management interface for dealing with a specific CertificationAuthority. + * + * @version $Rev$ $Date$ + */ +public interface CertificationAuthority { + + /** + * This method checks if the CA is locked. + * @return true if CA is locked, false otherwise. + */ + public abstract boolean isLocked(); + + /** + * This method locks the CA. + */ + public abstract void lock(); + + /** + * This method unlocks the CA. + * @param password Password to unlock the CA. + */ + public abstract void unlock(char[] password) throws CertificationAuthorityException; + + /** + * This method returns CA's name. + * @throws Exception if CA is locked. + */ + public abstract X500Principal getName() throws CertificationAuthorityException; + + /** + * This method returns CA's own certificate. + * @throws Exception if CA is locked. + */ + public abstract Certificate getCertificate() throws CertificationAuthorityException; + + /** + * This method makes the CA issue a self-signed certificate with given details. This method is usually + * called while initializing the CA. + * + * @param sNo Serial number for self-signed certificate + * @param validFromDate Certificate validity period start date + * @param validToDate Certificate validity period end date + * @param algorithm Signature algorithm for self-signed certificate + */ + public abstract void issueOwnCertificate(BigInteger sNo, Date validFromDate, Date validToDate, String algorithm) throws CertificationAuthorityException; + + /** + * This method issues a certificate. + * + * @param subject Subject name + * @param publicKey Subject's public key + * @param sNo Serial number for the certificate to be issued + * @param validFromDate Certificate validity period start date + * @param validToDate Certificate validity period end date + * @param algorithm Signature algorithm for the certificate + * @return newly issued certificate + */ + public abstract Certificate issueCertificate(X500Principal subject, PublicKey publicKey, BigInteger sNo, Date validFromDate, Date validToDate, String algorithm) throws CertificationAuthorityException; + + /** + * This method returns the highest serial number used by the CA. + */ + public abstract BigInteger getHighestSerialNumber() throws CertificationAuthorityException; + + /** + * This method checks if a Certificate with a given serial number is already issued. + * @param sNo The serial number of the the certificate to be looked for + * @return true if a certificate with the specified serial number has already been issued + */ + public abstract boolean isCertificateIssued(BigInteger sNo) throws CertificationAuthorityException; + + /** + * This method returns the next serial number that can be used to issue a certificate and increments the + * highest serial number. + */ + public abstract BigInteger getNextSerialNumber() throws CertificationAuthorityException; + + /** + * This method retrieves a certificate with the specified serial number. + * @param sNo The serial number of the certificate to be retrieved + * @return java.security.cert.Certificate instance of the certificate + */ + public abstract Certificate getCertificate(BigInteger sNo) throws CertificationAuthorityException; + + /** + * This method retrieves a certificate with the specified serial number. + * @param sNo The serial number of the certificate to be retrieved + * @return base64 encoded certificate text + */ + public abstract String getCertificateBase64Text(BigInteger sNo) throws CertificationAuthorityException; +} Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificationAuthority.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificationAuthority.java ------------------------------------------------------------------------------ svn:keywords = Date Author Id Revision HeadURL Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificationAuthority.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Modified: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificationAuthorityException.java URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificationAuthorityException.java?view=diff&rev=476291&r1=476290&r2=476291 ============================================================================== --- geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificationAuthorityException.java (original) +++ geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificationAuthorityException.java Fri Nov 17 12:05:24 2006 @@ -1,33 +1,33 @@ -/** - * - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.geronimo.management.geronimo; - -/** - * Exception indicating that a CertificationAuthority operation was unsuccessful. - * - * @version $Rev$ $Date$ - */ -public class CertificationAuthorityException extends Exception { - public CertificationAuthorityException(String message) { - super(message); - } - - public CertificationAuthorityException(String message, Throwable cause) { - super(message, cause); - } -} +/** + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.geronimo.management.geronimo; + +/** + * Exception indicating that a CertificationAuthority operation was unsuccessful. + * + * @version $Rev$ $Date$ + */ +public class CertificationAuthorityException extends Exception { + public CertificationAuthorityException(String message) { + super(message); + } + + public CertificationAuthorityException(String message, Throwable cause) { + super(message, cause); + } +} Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificationAuthorityException.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificationAuthorityException.java ------------------------------------------------------------------------------ svn:keywords = Date Author Id Revision HeadURL Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/CertificationAuthorityException.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeyNotFoundException.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeyNotFoundException.java ------------------------------------------------------------------------------ svn:keywords = Date Author Id Revision HeadURL Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeyNotFoundException.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreException.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreException.java ------------------------------------------------------------------------------ svn:keywords = Date Author Id Revision HeadURL Propchange: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreException.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Modified: geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ca/FileCertificateRequestStore.java URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ca/FileCertificateRequestStore.java?view=diff&rev=476291&r1=476290&r2=476291 ============================================================================== --- geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ca/FileCertificateRequestStore.java (original) +++ geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ca/FileCertificateRequestStore.java Fri Nov 17 12:05:24 2006 @@ -1,323 +1,323 @@ -/** - * - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.geronimo.security.ca; - -import java.io.File; -import java.io.FileInputStream; -import java.io.FileOutputStream; -import java.io.FilenameFilter; -import java.math.BigInteger; -import java.net.URI; -import java.util.ArrayList; -import java.util.Iterator; -import java.util.Map; -import java.util.Properties; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.apache.geronimo.gbean.AbstractName; -import org.apache.geronimo.gbean.GBeanInfo; -import org.apache.geronimo.gbean.GBeanInfoBuilder; -import org.apache.geronimo.gbean.GBeanLifecycle; -import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory; -import org.apache.geronimo.kernel.Kernel; -import org.apache.geronimo.management.geronimo.CertificateRequestStore; -import org.apache.geronimo.system.serverinfo.ServerInfo; - -/** - * A certificate request store implementation using disk files. - * - * @version $Rev$ $Date$ - */ -public class FileCertificateRequestStore implements CertificateRequestStore, GBeanLifecycle { - private final static Log log = LogFactory.getLog(FileCertificateRequestStore.class); - - // File name to store certificate request status - private static final String CSR_STATUS_FILENAME = "csr-status.properties"; - // File header for certificate request status file - private static final String CSR_STATUS_FILE_HEADER = "CSR Status File"; - // Status showing the request as received - private static final String STATUS_RECEIVED = "R"; - // Status showing the request as verified - private static final String STATUS_VERIFIED = "V"; - // Prefix for certificate request files - private static final String CERT_REQ_FILE_PREFIX = "csr"; - // Extension for certificate request files - private static final String CERT_REQ_FILE_SUFFIX = ".txt"; - - private ServerInfo serverInfo; - private Kernel kernel; - private AbstractName abstractName; - private URI directoryPath; - private File dir; - private Properties requestStatus; - - /** - * Constructor - */ - public FileCertificateRequestStore(ServerInfo serverInfo, URI directoryPath, Kernel kernel, AbstractName abstractName) { - this.serverInfo = serverInfo; - this.kernel = kernel; - this.abstractName = abstractName; - this.directoryPath = directoryPath; - } - - /** - * This method deletes a certificate request with the specified id. - * @param id Id of the certificate request to be deleted. - * @return True if the request is deleted succssfully - */ - public boolean deleteRequest(String id) { - if(requestStatus.containsKey(id)) { - requestStatus.remove(id); - storeRequestStatusFile(); - } - return new File(dir, id+CERT_REQ_FILE_SUFFIX).delete(); - } - - /** - * This method returns the ids of all certificate requests in the store. - */ - public String[] getAllRequestIds() { - File[] results = dir.listFiles(new FilenameFilter(){ - public boolean accept(File dir, String name) { - return name.endsWith(CERT_REQ_FILE_SUFFIX); - }}); - String[] reqIds = new String[results.length]; - int suffixLength = CERT_REQ_FILE_SUFFIX.length(); - for(int i = 0; i < results.length; ++i) { - String name = results[i].getName(); - reqIds[i] = name.substring(0, name.length() - suffixLength); - } - return reqIds; - } - - /** - * This method returns the ids of all certificate requests with verification due. - */ - public String[] getVerificatonDueRequestIds() { - ArrayList ids = new ArrayList(); - for(Iterator itr = requestStatus.entrySet().iterator(); itr.hasNext();) { - Map.Entry entry = (Map.Entry) itr.next(); - if(entry.getValue().equals(STATUS_RECEIVED)) { - ids.add(entry.getKey()); - } - } - - return (String[]) ids.toArray(new String[0]); - } - - /** - * This method returns the ids of all certificate requests that are verified. - */ - public String[] getVerifiedRequestIds() { - ArrayList ids = new ArrayList(); - for(Iterator itr = requestStatus.entrySet().iterator(); itr.hasNext();) { - Map.Entry entry = (Map.Entry) itr.next(); - if(entry.getValue().equals(STATUS_VERIFIED)) { - ids.add(entry.getKey()); - } - } - - return (String[]) ids.toArray(new String[0]); - } - - /** - * This method sets the status of the specifed certificate request as verified. - * @param id Id of the certificate request - * @return True if the status is set successfully. - */ - public boolean setRequestVerified(String id) { - if(requestStatus.containsKey(id)) { - requestStatus.setProperty(id, STATUS_VERIFIED); - storeRequestStatusFile(); - return true; - } else { - return false; - } - } - - /** - * This method sets the status of a certificate request as fulfilled. - * @param id Id of the certificate request - * @param sNo Serial number of the certificate issued against the certificate request. - * @return True if the operation is successfull. - */ - public boolean setRequestFulfilled(String id, BigInteger sNo) { - if(requestStatus.containsKey(id)) { - deleteRequest(id); - requestStatus.setProperty(id, sNo.toString()); - storeRequestStatusFile(); - return true; - } else { - return false; - } - } - - /** - * This method returns the certificate request text corresponding to a specified id. - * @param id Id of the certificate request. - */ - public String getRequest(String id) { - try { - FileInputStream fin = new FileInputStream(new File(dir, id+CERT_REQ_FILE_SUFFIX)); - byte[] data = new byte[fin.available()]; - fin.read(data); - fin.close(); - return new String(data); - } catch (Exception e) { - log.error("Error reading CSR. id = "+id, e); - } - return null; - } - - /** - * This method stores the given certificate request under the given id. If a request with the id - * exists in the store, it will generate a new id and store the request under that id. - * @param id Id under which the certificate request is to be stored - * @param csrText Certificate Request text - * @return Id under which the certificate request is stored - */ - public String storeRequest(String id, String csr) { - try { - File csrFile = null; - if(id == null || new File(dir, id+CERT_REQ_FILE_SUFFIX).exists()) { - csrFile = File.createTempFile(CERT_REQ_FILE_PREFIX, CERT_REQ_FILE_SUFFIX, dir); - id = csrFile.getName().substring(0, csrFile.getName().length() - CERT_REQ_FILE_SUFFIX.length()); - } else { - csrFile = new File(dir, id+CERT_REQ_FILE_SUFFIX); - } - FileOutputStream fout = new FileOutputStream(csrFile); - fout.write(csr.getBytes()); - requestStatus.setProperty(id, STATUS_RECEIVED); - storeRequestStatusFile(); - fout.close(); - return id; - } catch(Exception e) { - log.error("Error storing CSR. id = "+id, e); - } - return null; - } - - /** - * This method returns the Serial number of the certificate issued against the certificate request - * specified by the given id. - * @param id Id of the certificate request - * @return Serial number of the certificate issued. - * @return null if there is no such certificate request or the certificate request is not fulfilled. - */ - public BigInteger getSerialNumberForRequest(String id) { - BigInteger sNo = null; - try { - sNo = new BigInteger(requestStatus.getProperty(id)); - } catch(NumberFormatException e) { - // happens if the certificate request is not fulfilled - } - return sNo; - } - - /** - * This method removes the certificate request id from the status list. - * @param id Id of the certificate request to be removed. - * @param sNo Serial number of certificate issued against the certificate request whose Id is to be removed. - */ - public void removeRequestStatus(String id, BigInteger sNo) { - if(id != null && requestStatus.containsKey(id)) { - requestStatus.remove(id); - storeRequestStatusFile(); - } else if(sNo != null && requestStatus.containsValue(sNo.toString())) { - String sNoTemp = sNo.toString(); - for(Iterator itr = requestStatus.entrySet().iterator(); itr.hasNext(); ) { - Map.Entry entry = (Map.Entry)itr.next(); - if(sNoTemp.equals(entry.getValue())) { - requestStatus.remove(entry.getKey()); - break; - } - } - storeRequestStatusFile(); - } - } - - public void doFail() { - } - - public void doStart() throws Exception { - serverInfo.resolveServer(directoryPath); - URI dirURI; - if (serverInfo != null) { - dirURI = serverInfo.resolve(directoryPath); - } else { - dirURI = directoryPath; - } - if (!dirURI.getScheme().equals("file")) { - throw new IllegalStateException("FileCertificateRequestStore must have a root that's a local directory (not " + dirURI + ")"); - } - dir = new File(dirURI); - if(!dir.exists()) { - dir.mkdirs(); - log.debug("Created directory "+dir.getAbsolutePath()); - } else if(!dir.isDirectory() || !dir.canRead()) { - throw new IllegalStateException("FileCertificateRequestStore must have a root that's a valid readable directory (not " + dir.getAbsolutePath() + ")"); - } - log.debug("CertificateRequestStore directory is " + dir.getAbsolutePath()); - File statusFile = new File(dir, CSR_STATUS_FILENAME); - if(!statusFile.exists()) { - statusFile.createNewFile(); - log.debug("Created request status file "+statusFile.getAbsolutePath()); - } - requestStatus = new Properties(); - FileInputStream fin = new FileInputStream(statusFile); - requestStatus.load(fin); - fin.close(); - } - - public void doStop() throws Exception { - } - public static final GBeanInfo GBEAN_INFO; - - static { - GBeanInfoBuilder infoFactory = GBeanInfoBuilder.createStatic(FileCertificateRequestStore.class, "CertificateRequestStore"); - infoFactory.addAttribute("directoryPath", URI.class, true, false); - infoFactory.addAttribute("kernel", Kernel.class, false); - infoFactory.addAttribute("abstractName", AbstractName.class, false); - infoFactory.addReference("ServerInfo", ServerInfo.class, NameFactory.GERONIMO_SERVICE); - infoFactory.addInterface(CertificateRequestStore.class); - infoFactory.setConstructor(new String[]{"ServerInfo", "directoryPath", "kernel", "abstractName"}); - - GBEAN_INFO = infoFactory.getBeanInfo(); - } - - public static GBeanInfo getGBeanInfo() { - return GBEAN_INFO; - } - - /** - * This methods stores the certificate request status file to disk. - */ - private void storeRequestStatusFile() { - File statusFile = new File(dir, CSR_STATUS_FILENAME); - FileOutputStream fout = null; - try { - fout = new FileOutputStream(statusFile); - requestStatus.store(fout, CSR_STATUS_FILE_HEADER); - fout.close(); - } catch (Exception e) { - log.error("Errors while storing request status file "+statusFile.getAbsolutePath(), e); - } - } -} +/** + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.geronimo.security.ca; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.io.FilenameFilter; +import java.math.BigInteger; +import java.net.URI; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.Map; +import java.util.Properties; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.geronimo.gbean.AbstractName; +import org.apache.geronimo.gbean.GBeanInfo; +import org.apache.geronimo.gbean.GBeanInfoBuilder; +import org.apache.geronimo.gbean.GBeanLifecycle; +import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory; +import org.apache.geronimo.kernel.Kernel; +import org.apache.geronimo.management.geronimo.CertificateRequestStore; +import org.apache.geronimo.system.serverinfo.ServerInfo; + +/** + * A certificate request store implementation using disk files. + * + * @version $Rev$ $Date$ + */ +public class FileCertificateRequestStore implements CertificateRequestStore, GBeanLifecycle { + private final static Log log = LogFactory.getLog(FileCertificateRequestStore.class); + + // File name to store certificate request status + private static final String CSR_STATUS_FILENAME = "csr-status.properties"; + // File header for certificate request status file + private static final String CSR_STATUS_FILE_HEADER = "CSR Status File"; + // Status showing the request as received + private static final String STATUS_RECEIVED = "R"; + // Status showing the request as verified + private static final String STATUS_VERIFIED = "V"; + // Prefix for certificate request files + private static final String CERT_REQ_FILE_PREFIX = "csr"; + // Extension for certificate request files + private static final String CERT_REQ_FILE_SUFFIX = ".txt"; + + private ServerInfo serverInfo; + private Kernel kernel; + private AbstractName abstractName; + private URI directoryPath; + private File dir; + private Properties requestStatus; + + /** + * Constructor + */ + public FileCertificateRequestStore(ServerInfo serverInfo, URI directoryPath, Kernel kernel, AbstractName abstractName) { + this.serverInfo = serverInfo; + this.kernel = kernel; + this.abstractName = abstractName; + this.directoryPath = directoryPath; + } + + /** + * This method deletes a certificate request with the specified id. + * @param id Id of the certificate request to be deleted. + * @return True if the request is deleted succssfully + */ + public boolean deleteRequest(String id) { + if(requestStatus.containsKey(id)) { + requestStatus.remove(id); + storeRequestStatusFile(); + } + return new File(dir, id+CERT_REQ_FILE_SUFFIX).delete(); + } + + /** + * This method returns the ids of all certificate requests in the store. + */ + public String[] getAllRequestIds() { + File[] results = dir.listFiles(new FilenameFilter(){ + public boolean accept(File dir, String name) { + return name.endsWith(CERT_REQ_FILE_SUFFIX); + }}); + String[] reqIds = new String[results.length]; + int suffixLength = CERT_REQ_FILE_SUFFIX.length(); + for(int i = 0; i < results.length; ++i) { + String name = results[i].getName(); + reqIds[i] = name.substring(0, name.length() - suffixLength); + } + return reqIds; + } + + /** + * This method returns the ids of all certificate requests with verification due. + */ + public String[] getVerificatonDueRequestIds() { + ArrayList ids = new ArrayList(); + for(Iterator itr = requestStatus.entrySet().iterator(); itr.hasNext();) { + Map.Entry entry = (Map.Entry) itr.next(); + if(entry.getValue().equals(STATUS_RECEIVED)) { + ids.add(entry.getKey()); + } + } + + return (String[]) ids.toArray(new String[0]); + } + + /** + * This method returns the ids of all certificate requests that are verified. + */ + public String[] getVerifiedRequestIds() { + ArrayList ids = new ArrayList(); + for(Iterator itr = requestStatus.entrySet().iterator(); itr.hasNext();) { + Map.Entry entry = (Map.Entry) itr.next(); + if(entry.getValue().equals(STATUS_VERIFIED)) { + ids.add(entry.getKey()); + } + } + + return (String[]) ids.toArray(new String[0]); + } + + /** + * This method sets the status of the specifed certificate request as verified. + * @param id Id of the certificate request + * @return True if the status is set successfully. + */ + public boolean setRequestVerified(String id) { + if(requestStatus.containsKey(id)) { + requestStatus.setProperty(id, STATUS_VERIFIED); + storeRequestStatusFile(); + return true; + } else { + return false; + } + } + + /** + * This method sets the status of a certificate request as fulfilled. + * @param id Id of the certificate request + * @param sNo Serial number of the certificate issued against the certificate request. + * @return True if the operation is successfull. + */ + public boolean setRequestFulfilled(String id, BigInteger sNo) { + if(requestStatus.containsKey(id)) { + deleteRequest(id); + requestStatus.setProperty(id, sNo.toString()); + storeRequestStatusFile(); + return true; + } else { + return false; + } + } + + /** + * This method returns the certificate request text corresponding to a specified id. + * @param id Id of the certificate request. + */ + public String getRequest(String id) { + try { + FileInputStream fin = new FileInputStream(new File(dir, id+CERT_REQ_FILE_SUFFIX)); + byte[] data = new byte[fin.available()]; + fin.read(data); + fin.close(); + return new String(data); + } catch (Exception e) { + log.error("Error reading CSR. id = "+id, e); + } + return null; + } + + /** + * This method stores the given certificate request under the given id. If a request with the id + * exists in the store, it will generate a new id and store the request under that id. + * @param id Id under which the certificate request is to be stored + * @param csrText Certificate Request text + * @return Id under which the certificate request is stored + */ + public String storeRequest(String id, String csr) { + try { + File csrFile = null; + if(id == null || new File(dir, id+CERT_REQ_FILE_SUFFIX).exists()) { + csrFile = File.createTempFile(CERT_REQ_FILE_PREFIX, CERT_REQ_FILE_SUFFIX, dir); + id = csrFile.getName().substring(0, csrFile.getName().length() - CERT_REQ_FILE_SUFFIX.length()); + } else { + csrFile = new File(dir, id+CERT_REQ_FILE_SUFFIX); + } + FileOutputStream fout = new FileOutputStream(csrFile); + fout.write(csr.getBytes()); + requestStatus.setProperty(id, STATUS_RECEIVED); + storeRequestStatusFile(); + fout.close(); + return id; + } catch(Exception e) { + log.error("Error storing CSR. id = "+id, e); + } + return null; + } + + /** + * This method returns the Serial number of the certificate issued against the certificate request + * specified by the given id. + * @param id Id of the certificate request + * @return Serial number of the certificate issued. + * @return null if there is no such certificate request or the certificate request is not fulfilled. + */ + public BigInteger getSerialNumberForRequest(String id) { + BigInteger sNo = null; + try { + sNo = new BigInteger(requestStatus.getProperty(id)); + } catch(NumberFormatException e) { + // happens if the certificate request is not fulfilled + } + return sNo; + } + + /** + * This method removes the certificate request id from the status list. + * @param id Id of the certificate request to be removed. + * @param sNo Serial number of certificate issued against the certificate request whose Id is to be removed. + */ + public void removeRequestStatus(String id, BigInteger sNo) { + if(id != null && requestStatus.containsKey(id)) { + requestStatus.remove(id); + storeRequestStatusFile(); + } else if(sNo != null && requestStatus.containsValue(sNo.toString())) { + String sNoTemp = sNo.toString(); + for(Iterator itr = requestStatus.entrySet().iterator(); itr.hasNext(); ) { + Map.Entry entry = (Map.Entry)itr.next(); + if(sNoTemp.equals(entry.getValue())) { + requestStatus.remove(entry.getKey()); + break; + } + } + storeRequestStatusFile(); + } + } + + public void doFail() { + } + + public void doStart() throws Exception { + serverInfo.resolveServer(directoryPath); + URI dirURI; + if (serverInfo != null) { + dirURI = serverInfo.resolve(directoryPath); + } else { + dirURI = directoryPath; + } + if (!dirURI.getScheme().equals("file")) { + throw new IllegalStateException("FileCertificateRequestStore must have a root that's a local directory (not " + dirURI + ")"); + } + dir = new File(dirURI); + if(!dir.exists()) { + dir.mkdirs(); + log.debug("Created directory "+dir.getAbsolutePath()); + } else if(!dir.isDirectory() || !dir.canRead()) { + throw new IllegalStateException("FileCertificateRequestStore must have a root that's a valid readable directory (not " + dir.getAbsolutePath() + ")"); + } + log.debug("CertificateRequestStore directory is " + dir.getAbsolutePath()); + File statusFile = new File(dir, CSR_STATUS_FILENAME); + if(!statusFile.exists()) { + statusFile.createNewFile(); + log.debug("Created request status file "+statusFile.getAbsolutePath()); + } + requestStatus = new Properties(); + FileInputStream fin = new FileInputStream(statusFile); + requestStatus.load(fin); + fin.close(); + } + + public void doStop() throws Exception { + } + public static final GBeanInfo GBEAN_INFO; + + static { + GBeanInfoBuilder infoFactory = GBeanInfoBuilder.createStatic(FileCertificateRequestStore.class, "CertificateRequestStore"); + infoFactory.addAttribute("directoryPath", URI.class, true, false); + infoFactory.addAttribute("kernel", Kernel.class, false); + infoFactory.addAttribute("abstractName", AbstractName.class, false); + infoFactory.addReference("ServerInfo", ServerInfo.class, NameFactory.GERONIMO_SERVICE); + infoFactory.addInterface(CertificateRequestStore.class); + infoFactory.setConstructor(new String[]{"ServerInfo", "directoryPath", "kernel", "abstractName"}); + + GBEAN_INFO = infoFactory.getBeanInfo(); + } + + public static GBeanInfo getGBeanInfo() { + return GBEAN_INFO; + } + + /** + * This methods stores the certificate request status file to disk. + */ + private void storeRequestStatusFile() { + File statusFile = new File(dir, CSR_STATUS_FILENAME); + FileOutputStream fout = null; + try { + fout = new FileOutputStream(statusFile); + requestStatus.store(fout, CSR_STATUS_FILE_HEADER); + fout.close(); + } catch (Exception e) { + log.error("Errors while storing request status file "+statusFile.getAbsolutePath(), e); + } + } +} Propchange: geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ca/FileCertificateRequestStore.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ca/FileCertificateRequestStore.java ------------------------------------------------------------------------------ svn:keywords = Date Revision Propchange: geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ca/FileCertificateRequestStore.java ------------------------------------------------------------------------------ svn:mime-type = text/plain