Package org.xipki.ca.server.db

Class CertStore

  • public class CertStore
extends CertStoreBase
    CA cert store.
    Since:
    2.0.0
    Author:
    Lijun Liao (xipki)

    • Field Detail

      • datasource

        protected final org.xipki.datasource.DataSourceWrapper datasource

    • Constructor Detail

      • CertStore

        public CertStore​(org.xipki.datasource.DataSourceWrapper datasource,
                 org.xipki.datasource.DataSourceWrapper caConfDatasource,
                 UniqueIdGenerator idGenerator,
                 org.xipki.password.PasswordResolver passwordResolver)
          throws org.xipki.datasource.DataAccessException,
                 org.xipki.ca.api.mgmt.CaMgmtException
        Throws:
        org.xipki.datasource.DataAccessException
        org.xipki.ca.api.mgmt.CaMgmtException

    • Method Detail

      • removeCa

        public void removeCa​(String name)
              throws org.xipki.ca.api.mgmt.CaMgmtException
        Throws:
        org.xipki.ca.api.mgmt.CaMgmtException

      • removeCertProfile

        public void removeCertProfile​(String name)
                       throws org.xipki.ca.api.mgmt.CaMgmtException
        Throws:
        org.xipki.ca.api.mgmt.CaMgmtException

      • removeRequestor

        public void removeRequestor​(String name)
                     throws org.xipki.ca.api.mgmt.CaMgmtException
        Throws:
        org.xipki.ca.api.mgmt.CaMgmtException

      • addCertProfile

        public void addCertProfile​(org.xipki.ca.api.NameId ident)
                    throws org.xipki.ca.api.mgmt.CaMgmtException
        Throws:
        org.xipki.ca.api.mgmt.CaMgmtException

      • addRequestor

        public void addRequestor​(org.xipki.ca.api.NameId ident)
                  throws org.xipki.ca.api.mgmt.CaMgmtException
        Throws:
        org.xipki.ca.api.mgmt.CaMgmtException

      • addCa

        public void addCa​(org.xipki.ca.api.NameId ident,
                  org.xipki.security.X509Cert caCert)
           throws org.xipki.ca.api.mgmt.CaMgmtException
        Throws:
        org.xipki.ca.api.mgmt.CaMgmtException

      • revokeCa

        public void revokeCa​(String caName,
                     org.xipki.security.CertRevocationInfo revocationInfo)
              throws org.xipki.ca.api.mgmt.CaMgmtException
        Throws:
        org.xipki.ca.api.mgmt.CaMgmtException

      • unrevokeCa

        public void unrevokeCa​(String caName)
                throws org.xipki.ca.api.mgmt.CaMgmtException
        Throws:
        org.xipki.ca.api.mgmt.CaMgmtException

      • addCert

        public boolean addCert​(org.xipki.ca.api.CertificateInfo certInfo,
                       boolean saveKeypair)

      • getMaxFullCrlNumber

        public long getMaxFullCrlNumber​(org.xipki.ca.api.NameId ca)
                         throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getMaxCrlNumber

        public long getMaxCrlNumber​(org.xipki.ca.api.NameId ca)
                     throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getThisUpdateOfCurrentCrl

        public long getThisUpdateOfCurrentCrl​(org.xipki.ca.api.NameId ca,
                                      boolean deltaCrl)
                               throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • addCrl

        public void addCrl​(org.xipki.ca.api.NameId ca,
                   org.bouncycastle.cert.X509CRLHolder crl)
            throws org.xipki.util.exception.OperationException,
                   CRLException
        Throws:
        org.xipki.util.exception.OperationException
        CRLException

      • revokeCert

        public org.xipki.ca.api.mgmt.CertWithRevocationInfo revokeCert​(org.xipki.ca.api.NameId ca,
                                                               BigInteger serialNumber,
                                                               org.xipki.security.CertRevocationInfo revInfo,
                                                               boolean force,
                                                               CaIdNameMap idNameMap)
                                                        throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • revokeSuspendedCert

        public org.xipki.ca.api.mgmt.CertWithRevocationInfo revokeSuspendedCert​(org.xipki.ca.api.NameId ca,
                                                                        CertStore.SerialWithId serialNumber,
                                                                        org.xipki.security.CrlReason reason,
                                                                        CaIdNameMap idNameMap)
                                                                 throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • unsuspendCert

        public org.xipki.ca.api.CertWithDbId unsuspendCert​(org.xipki.ca.api.NameId ca,
                                                   BigInteger serialNumber,
                                                   boolean force,
                                                   CaIdNameMap idNamMap)
                                            throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • removeCert

        public void removeCert​(long id)
                throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getCountOfCerts

        public long getCountOfCerts​(org.xipki.ca.api.NameId ca,
                            boolean onlyRevoked)
                     throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getCountOfCerts

        public long getCountOfCerts​(long notBeforeSince)
                     throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getSerialNumbers

        public List<CertStore.SerialWithId> getSerialNumbers​(org.xipki.ca.api.NameId ca,
                                                     long startId,
                                                     int numEntries,
                                                     boolean onlyRevoked)
                                              throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getExpiredUnrevokedSerialNumbers

        public List<CertStore.SerialWithId> getExpiredUnrevokedSerialNumbers​(org.xipki.ca.api.NameId ca,
                                                                     long expiredAt,
                                                                     int numEntries)
                                                              throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getSuspendedCertSerials

        public List<CertStore.SerialWithId> getSuspendedCertSerials​(org.xipki.ca.api.NameId ca,
                                                            Instant latestLastUpdate,
                                                            int numEntries)
                                                     throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getEncodedCrl

        public byte[] getEncodedCrl​(org.xipki.ca.api.NameId ca,
                            BigInteger crlNumber)
                     throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • cleanupCrls

        public int cleanupCrls​(org.xipki.ca.api.NameId ca,
                       int numCrls)
                throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getCertForId

        public org.xipki.ca.api.CertificateInfo getCertForId​(org.xipki.ca.api.NameId ca,
                                                     org.xipki.security.X509Cert caCert,
                                                     long certId,
                                                     CaIdNameMap idNameMap)
                                              throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getCertWithRevocationInfo

        public org.xipki.ca.api.mgmt.CertWithRevocationInfo getCertWithRevocationInfo​(long certId,
                                                                              CaIdNameMap idNameMap)
                                                                       throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getCertWithRevocationInfo

        public org.xipki.ca.api.mgmt.CertWithRevocationInfo getCertWithRevocationInfo​(int caId,
                                                                              BigInteger serial,
                                                                              CaIdNameMap idNameMap)
                                                                       throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getCertWithRevocationInfoBySubject

        public org.xipki.ca.api.mgmt.CertWithRevocationInfo getCertWithRevocationInfoBySubject​(int caId,
                                                                                       org.bouncycastle.asn1.x500.X500Name subject,
                                                                                       byte[] san,
                                                                                       CaIdNameMap idNameMap)
                                                                                throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getCertId

        public long getCertId​(org.xipki.ca.api.NameId ca,
                      BigInteger serial)
               throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getCertInfo

        public org.xipki.ca.api.CertificateInfo getCertInfo​(org.xipki.ca.api.NameId ca,
                                                    org.xipki.security.X509Cert caCert,
                                                    BigInteger serial,
                                                    CaIdNameMap idNameMap)
                                             throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getCert

        public org.xipki.security.X509Cert getCert​(org.bouncycastle.asn1.x500.X500Name subjectName,
                                           String transactionId)
                                    throws org.xipki.util.exception.OperationException
        Get certificate for given subject and transactionId.
        Parameters:
        subjectName - Subject of Certificate or requested Subject.
        transactionId - the transactionId
        Returns:
        certificate for given subject and transactionId.
        Throws:
        org.xipki.util.exception.OperationException - If error occurs.

      • listCerts

        public List<org.xipki.ca.api.mgmt.CertListInfo> listCerts​(org.xipki.ca.api.NameId ca,
                                                          org.bouncycastle.asn1.x500.X500Name subjectPattern,
                                                          Instant validFrom,
                                                          Instant validTo,
                                                          org.xipki.ca.api.mgmt.CertListOrderBy orderBy,
                                                          int numEntries)
                                                   throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getRevokedCerts

        public List<CertRevInfoWithSerial> getRevokedCerts​(org.xipki.ca.api.NameId ca,
                                                   Instant notExpiredAt,
                                                   long startId,
                                                   int numEntries)
                                            throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getCertsForDeltaCrl

        public List<CertRevInfoWithSerial> getCertsForDeltaCrl​(org.xipki.ca.api.NameId ca,
                                                       BigInteger baseCrlNumber,
                                                       Instant notExpiredAt)
                                                throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • getCertStatusForSubject

        public CertStore.CertStatus getCertStatusForSubject​(org.xipki.ca.api.NameId ca,
                                                    org.bouncycastle.asn1.x500.X500Name subject)
                                             throws org.xipki.util.exception.OperationException
        Throws:
        org.xipki.util.exception.OperationException

      • isHealthy

        public boolean isHealthy()

      • buildSelectFirstSql

        protected String buildSelectFirstSql​(String coreSql)

      • buildSelectFirstSql

        protected String buildSelectFirstSql​(String orderBy,
                                     String coreSql)

      • colBool

        protected static org.xipki.ca.server.db.QueryExecutor.SqlColumn colBool​(String name,
                                                                        Boolean value)

      • colInt

        protected static org.xipki.ca.server.db.QueryExecutor.SqlColumn colInt​(String name,
                                                                       Integer value)

      • colLong

        protected static org.xipki.ca.server.db.QueryExecutor.SqlColumn colLong​(String name,
                                                                        Long value)

      • colStr

        protected static org.xipki.ca.server.db.QueryExecutor.SqlColumn colStr​(String name,
                                                                       String value)

      • colStr

        protected static org.xipki.ca.server.db.QueryExecutor.SqlColumn colStr​(String name,
                                                                       String value,
                                                                       boolean sensitive,
                                                                       boolean signerConf)

      • col2Bool

        protected static org.xipki.ca.server.db.QueryExecutor.SqlColumn2 col2Bool​(Boolean value)

      • col2Int

        protected static org.xipki.ca.server.db.QueryExecutor.SqlColumn2 col2Int​(Integer value)

      • col2Long

        protected static org.xipki.ca.server.db.QueryExecutor.SqlColumn2 col2Long​(Long value)

      • col2Str

        protected static org.xipki.ca.server.db.QueryExecutor.SqlColumn2 col2Str​(String value)

      • col2Timestamp

        protected static org.xipki.ca.server.db.QueryExecutor.SqlColumn2 col2Timestamp​(Timestamp value)

      • execUpdateStmt

        protected int execUpdateStmt​(String sql)
                      throws org.xipki.datasource.DataAccessException
        Throws:
        org.xipki.datasource.DataAccessException

      • execUpdatePrepStmt

        protected int execUpdatePrepStmt​(String sql,
                                 org.xipki.ca.server.db.QueryExecutor.SqlColumn2... params)
                          throws org.xipki.datasource.DataAccessException
        Throws:
        org.xipki.datasource.DataAccessException

      • execQueryStmt

        protected List<org.xipki.ca.server.db.ResultRow> execQueryStmt​(String sql)
                                                        throws org.xipki.datasource.DataAccessException
        Throws:
        org.xipki.datasource.DataAccessException

      • execQuery1PrepStmt

        protected org.xipki.ca.server.db.ResultRow execQuery1PrepStmt​(String sql,
                                                              org.xipki.ca.server.db.QueryExecutor.SqlColumn2... params)
                                                       throws org.xipki.datasource.DataAccessException
        Throws:
        org.xipki.datasource.DataAccessException

      • execQueryPrepStmt

        protected List<org.xipki.ca.server.db.ResultRow> execQueryPrepStmt​(String sql,
                                                                   org.xipki.ca.server.db.QueryExecutor.SqlColumn2... params)
                                                            throws org.xipki.datasource.DataAccessException
        Throws:
        org.xipki.datasource.DataAccessException

      • buildPrepStmt

        protected PreparedStatement buildPrepStmt​(String sql,
                                          org.xipki.ca.server.db.QueryExecutor.SqlColumn2... columns)
                                   throws org.xipki.datasource.DataAccessException
        Throws:
        org.xipki.datasource.DataAccessException