Package com.netscape.certsrv.dbs.certdb

Interface ICertificateRepository

  • All Superinterfaces:
    IRepository
    All Known Implementing Classes:
    CertificateRepository
    public interface ICertificateRepository
extends IRepository
    An interface represents a CMS certificate repository. It stores all the issued certificate.

    Version:
    $Revision$, $Date$

    • Method Detail

      • getNextSerialNumber

        java.math.BigInteger getNextSerialNumber()
                                  throws EBaseException
        Retrieves the next certificate serial number, and also increases the serial number by one.
        Specified by:
        getNextSerialNumber in interface IRepository
        Returns:
        serial number
        Throws:
        EBaseException - failed to retrieve next serial number

      • addCertificateRecord

        void addCertificateRecord​(ICertRecord record)
                   throws EBaseException
        Adds a certificate record to the repository. Each certificate record contains four parts: certificate, meta-attributes, issue information and reovcation information.

        Parameters:
        record - X.509 certificate
        Throws:
        EBaseException - failed to add new certificate to the repository

      • getX509Certificate

        org.mozilla.jss.netscape.security.x509.X509CertImpl getX509Certificate​(java.math.BigInteger serialNo)
                                                                throws EBaseException
        Reads the certificate identified by the given serial no.
        Parameters:
        serialNo - serial number of certificate
        Returns:
        certificate
        Throws:
        EBaseException - failed to retrieve certificate

      • readCertificateRecord

        ICertRecord readCertificateRecord​(java.math.BigInteger serialNo)
                           throws EBaseException
        Reads certificate from repository.
        Parameters:
        serialNo - serial number of certificate
        Returns:
        certificate record
        Throws:
        EBaseException - failed to retrieve certificate

      • setCertStatusUpdateInterval

        void setCertStatusUpdateInterval​(IRepository requestRepo,
                                 int interval,
                                 boolean listenToCloneModifications)
        Sets certificate status update internal
        Parameters:
        requestRepo - request repository
        interval - update interval
        listenToCloneModifications - enable listening to clone modifications

      • updateCertStatus

        void updateCertStatus()
               throws EBaseException
        Updates certificate status now. This is a blocking method.
        Throws:
        EBaseException - failed to update

      • modifyCertificateRecord

        void modifyCertificateRecord​(java.math.BigInteger serialNo,
                             ModificationSet mods)
                      throws EBaseException
        Modifies certificate record.
        Parameters:
        serialNo - serial number of record
        mods - modifications
        Throws:
        EBaseException - failed to modify

      • containsCertificate

        boolean containsCertificate​(java.math.BigInteger serialNo)
                     throws EBaseException
        Checks if the certificate exists in this repository.
        Parameters:
        serialNo - serial number of certificate
        Returns:
        true if it exists
        Throws:
        EBaseException - failed to check

      • deleteCertificateRecord

        void deleteCertificateRecord​(java.math.BigInteger serialNo)
                      throws EBaseException
        Deletes certificate from this repository.
        Parameters:
        serialNo - serial number of certificate
        Throws:
        EBaseException - failed to delete

      • markAsRevoked

        void markAsRevoked​(java.math.BigInteger id,
                   IRevocationInfo info)
            throws EBaseException
        Marks certificate as revoked.
        Parameters:
        id - serial number
        info - revocation information
        Throws:
        EBaseException - failed to mark

      • markAsRevoked

        void markAsRevoked​(java.math.BigInteger id,
                   IRevocationInfo info,
                   boolean isAlreadyOnHold)
            throws EBaseException
        Marks certificate as revoked.
        Parameters:
        id - serial number
        info - revocation information
        isAlreadyOnHold - boolean to indicate if the cert was revoked onHold
        Throws:
        EBaseException - failed to mark

      • updateStatus

        void updateStatus​(java.math.BigInteger id,
                  java.lang.String status)
           throws EBaseException
        Updates certificate status.
        Parameters:
        id - serial number
        status - certificate status
        Throws:
        EBaseException - failed to update status

      • markCertificateAsRenewable

        void markCertificateAsRenewable​(ICertRecord record)
                         throws EBaseException
        Marks certificate as renewable.
        Parameters:
        record - certificate record to modify
        Throws:
        EBaseException - failed to update

      • markCertificateAsNotRenewable

        void markCertificateAsNotRenewable​(ICertRecord record)
                            throws EBaseException
        Marks certificate as not renewable.
        Parameters:
        record - certificate record to modify
        Throws:
        EBaseException - failed to update

      • markCertificateAsRenewed

        void markCertificateAsRenewed​(java.lang.String serialNo)
                       throws EBaseException
        Marks certificate as renewed.
        Parameters:
        serialNo - certificate record to modify
        Throws:
        EBaseException - failed to update

      • markCertificateAsRenewalNotified

        void markCertificateAsRenewalNotified​(java.lang.String serialNo)
                               throws EBaseException
        Marks certificate as renewed and notified.
        Parameters:
        serialNo - certificate record to modify
        Throws:
        EBaseException - failed to update

      • searchCertificates

        java.util.Enumeration<java.lang.Object> searchCertificates​(java.lang.String filter,
                                                           int maxSize)
                                                    throws EBaseException
        Finds a list of certificate records that satisifies the filter. Here is a list of filter attribute can be used: 
           certRecordId
   certMetaInfo
   certStatus
   certCreateTime
   certModifyTime
   x509Cert.notBefore
   x509Cert.notAfter
   x509Cert.subject
        The filter should follow RFC1558 LDAP filter syntax. For example, 
           (&(certRecordId=5)(x509Cert.notBefore=934398398))
        Parameters:
        filter - search filter
        maxSize - max size to return
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search

      • searchCertificates

        java.util.Enumeration<ICertRecord> searchCertificates​(java.lang.String filter,
                                                      int maxSize,
                                                      int timeLimit)
                                               throws EBaseException
        Finds a list of certificate records that satisifies the filter.
        Parameters:
        filter - search filter
        maxSize - max size to return
        timeLimit - timeout value
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search

      • searchCertificates

        java.util.Enumeration<ICertRecord> searchCertificates​(java.lang.String filter,
                                                      int maxSize,
                                                      int timeLimit,
                                                      java.lang.String sortAttribute)
                                               throws EBaseException
        Finds a list of certificate records that satisifies the filter.
        Parameters:
        filter - search filter
        maxSize - max size to return
        timeLimit - timeout value
        sortAttribute - Attribute of ICertRecord to sort the results
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search

      • searchCertificates

        java.util.Enumeration<java.lang.Object> searchCertificates​(java.lang.String filter,
                                                           int maxSize,
                                                           java.lang.String sortAttribute)
                                                    throws EBaseException
        Finds a list of certificate records that satisifies the filter.
        Parameters:
        filter - search filter
        maxSize - max size to return
        sortAttribute - Attribute of ICertRecord to sort the results
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search

      • findCertRecordsInList

        ICertRecordList findCertRecordsInList​(java.lang.String filter,
                                      java.lang.String[] attrs,
                                      int pageSize)
                               throws EBaseException
        Finds a list of certificate records that satisifies the filter.
        Parameters:
        filter - search filter
        attrs - selected attribute
        pageSize - page size
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search

      • findCertRecordsInList

        ICertRecordList findCertRecordsInList​(java.lang.String filter,
                                      java.lang.String[] attrs,
                                      java.lang.String sortKey,
                                      int pageSize)
                               throws EBaseException
        Finds a list of certificate records that satisifies the filter.
        Parameters:
        filter - search filter
        attrs - selected attribute
        sortKey - key to use for sorting the returned elements
        pageSize - page size
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search

      • findCertRecordsInList

        ICertRecordList findCertRecordsInList​(java.lang.String filter,
                                      java.lang.String[] attrs,
                                      java.lang.String jumpTo,
                                      java.lang.String sortKey,
                                      int pageSize)
                               throws EBaseException
        Finds a list of certificate records that satisifies the filter.
        Parameters:
        filter - search filter
        attrs - selected attribute
        jumpTo - jump to index
        sortKey - key to use for sorting the returned elements
        pageSize - page size
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search

      • findCertRecordsInList

        ICertRecordList findCertRecordsInList​(java.lang.String filter,
                                      java.lang.String[] attrs,
                                      java.lang.String jumpTo,
                                      boolean hardJumpTo,
                                      java.lang.String sortKey,
                                      int pageSize)
                               throws EBaseException
        Throws:
        EBaseException

      • findCertRecordsInListRawJumpto

        ICertRecordList findCertRecordsInListRawJumpto​(java.lang.String filter,
                                               java.lang.String[] attrs,
                                               java.lang.String jumpTo,
                                               java.lang.String sortKey,
                                               int pageSize)
                                        throws EBaseException
        Finds a list of certificate records that satisifies the filter.
        Parameters:
        filter - search filter
        attrs - selected attribute
        jumpTo - jump to index
        sortKey - key to use for sorting the returned elements
        pageSize - page size
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search

      • getX509Certificates

        org.mozilla.jss.netscape.security.x509.X509CertImpl[] getX509Certificates​(java.lang.String subjectDN,
                                                                          int validityType)
                                                                   throws EBaseException
        Gets all valid and unexpired certificates pertaining to a subject DN.
        Parameters:
        subjectDN - The distinguished name of the subject.
        validityType - The type of certificatese to retrieve.
        Returns:
        An array of certificates.
        Throws:
        EBaseException - on error.

      • getRevokedCertificates

        java.util.Enumeration<ICertRecord> getRevokedCertificates​(java.util.Date asOfDate)
                                                   throws EBaseException
        Retrieves all the revoked certificates that have not expired.
        Parameters:
        asOfDate - as of date
        Returns:
        a list of revoked certificates
        Throws:
        EBaseException - failed to retrieve

      • getAllRevokedCertificates

        java.util.Enumeration<ICertRecord> getAllRevokedCertificates()
                                                      throws EBaseException
        Retrieves all revoked certificates including ones that have expired or that are not yet valid.
        Returns:
        a list of revoked certificates
        Throws:
        EBaseException - failed to search

      • getAllRevokedNonExpiredCertificates

        java.util.Enumeration<ICertRecord> getAllRevokedNonExpiredCertificates()
                                                                throws EBaseException
        Retrieves all revoked but not expired certificates.
        Returns:
        a list of revoked certificates
        Throws:
        EBaseException - failed to search

      • findCertificates

        java.util.Enumeration<org.mozilla.jss.netscape.security.x509.X509CertImpl> findCertificates​(java.lang.String filter)
                                                                                     throws EBaseException
        Finds all certificates given a filter.
        Parameters:
        filter - search filter
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search

      • findCertRecords

        java.util.Enumeration<ICertRecord> findCertRecords​(java.lang.String filter)
                                            throws EBaseException
        Finds all certificate records given a filter.
        Parameters:
        filter - search filter
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search

      • getRevokedCertsByNotAfterDate

        ICertRecordList getRevokedCertsByNotAfterDate​(java.util.Date date,
                                              int pageSize)
                                       throws EBaseException
        Gets Revoked certs orderes by noAfter date, jumps to records where notAfter date is greater than current.
        Parameters:
        date - reference date
        pageSize - page size
        Returns:
        a list of certificate records
        Throws:
        EBaseException - failed to retrieve

      • getInvalidCertsByNotBeforeDate

        ICertRecordList getInvalidCertsByNotBeforeDate​(java.util.Date date,
                                               int pageSize)
                                        throws EBaseException
        Gets Invalid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.
        Parameters:
        date - reference date
        pageSize - page size
        Returns:
        a list of certificate records
        Throws:
        EBaseException - failed to retrieve

      • getValidCertsByNotAfterDate

        ICertRecordList getValidCertsByNotAfterDate​(java.util.Date date,
                                            int pageSize)
                                     throws EBaseException
        Gets valid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.
        Parameters:
        date - reference date
        pageSize - page size
        Returns:
        a list of certificate records
        Throws:
        EBaseException - failed to retrieve

      • createCertRecord

        ICertRecord createCertRecord​(java.math.BigInteger id,
                             java.security.cert.Certificate cert,
                             MetaInfo meta)
        Creates certificate record.
        Parameters:
        id - serial number
        cert - certificate
        meta - meta information
        Returns:
        certificate record

      • findCertRecs

        java.util.Enumeration<java.lang.Object> findCertRecs​(java.lang.String filter)
                                              throws EBaseException
        Finds certificate records.
        Parameters:
        filter - search filter
        Returns:
        a list of certificate records
        Throws:
        EBaseException - failed to retrieve cert records

      • getRenewableCertificates

        java.util.Hashtable<java.lang.String,​RenewableCertificateCollection> getRenewableCertificates​(java.lang.String renewalTime)
                                                                                             throws EBaseException
        Retrieves renewable certificates.
        Parameters:
        renewalTime - renewal time
        Returns:
        certificates
        Throws:
        EBaseException - failed to retrieve

      • unmarkRevoked

        void unmarkRevoked​(java.math.BigInteger id,
                   IRevocationInfo info,
                   java.util.Date revokedOn,
                   java.lang.String revokedBy)
            throws EBaseException
        Unmark a revoked certificates.
        Parameters:
        id - serial number
        info - revocation information
        revokedOn - revocation date
        revokedBy - userid
        Throws:
        EBaseException - failed to unmark

      • getValidNotPublishedCertificates

        java.util.Enumeration<ICertRecord> getValidNotPublishedCertificates​(java.lang.String from,
                                                                    java.lang.String to)
                                                             throws EBaseException
        Retrieves valid and not published certificates.
        Parameters:
        from - starting serial number
        to - ending serial number
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to retrieve

      • getExpiredPublishedCertificates

        java.util.Enumeration<ICertRecord> getExpiredPublishedCertificates​(java.lang.String from,
                                                                   java.lang.String to)
                                                            throws EBaseException
        Retrieves expired and published certificates.
        Parameters:
        from - starting serial number
        to - ending serial number
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to retrieve

      • getRevokedPublishedCertificates

        java.util.Enumeration<ICertRecord> getRevokedPublishedCertificates​(java.lang.String from,
                                                                   java.lang.String to)
                                                            throws EBaseException
        Retrieves revoked and published certificates.
        Parameters:
        from - starting serial number
        to - ending serial number
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to retrieve

      • getValidCertificates

        java.util.Enumeration<ICertRecord> getValidCertificates​(java.lang.String from,
                                                        java.lang.String to)
                                                 throws EBaseException
        Retrieves valid certificates.
        Parameters:
        from - starting serial number
        to - ending serial number
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to retrieve

      • getExpiredCertificates

        java.util.Enumeration<ICertRecord> getExpiredCertificates​(java.lang.String from,
                                                          java.lang.String to)
                                                   throws EBaseException
        Retrieves expired certificates.
        Parameters:
        from - starting serial number
        to - ending serial number
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to retrieve

      • getRevokedCertificates

        java.util.Enumeration<ICertRecord> getRevokedCertificates​(java.lang.String from,
                                                          java.lang.String to)
                                                   throws EBaseException
        Retrieves revoked certificates.
        Parameters:
        from - starting serial number
        to - ending serial number
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to retrieve

      • getModifications

        void getModifications​(netscape.ldap.LDAPEntry entry)
        Retrieves modified certificate records.
        Parameters:
        entry - LDAPEntry with modified data

      • removeCertRecords

        void removeCertRecords​(java.math.BigInteger beginS,
                       java.math.BigInteger endS)
                throws EBaseException
        Removes certificate records with this repository.
        Parameters:
        beginS - BigInteger with radix 16
        endS - BigInteger with radix 16
        Throws:
        EBaseException

      • getEnableRandomSerialNumbers

        boolean getEnableRandomSerialNumbers()
        Retrieves serial number management mode.
        Returns:
        serial number management mode, "true" indicates random serial number management, "false" indicates sequential serial number management.

      • setEnableRandomSerialNumbers

        void setEnableRandomSerialNumbers​(boolean random,
                                  boolean updateMode,
                                  boolean forceModeChange)
        Sets serial number management mode for certificates..
        Parameters:
        random - "true" sets random serial number management, "false" sequential
        updateMode - "true" updates "description" attribute in certificate repository
        forceModeChange - "true" forces certificate repository mode change

      • shutdown

        void shutdown()