eu.emi.security.authn.x509.helpers.crl
Class PlainCRLStoreSpi

java.lang.Object
  extended by java.security.cert.CertStoreSpi
      extended by eu.emi.security.authn.x509.helpers.crl.AbstractCRLStoreSPI
          extended by eu.emi.security.authn.x509.helpers.crl.PlainCRLStoreSpi
Direct Known Subclasses:
OpensslCRLStoreSpi

public class PlainCRLStoreSpi
extends AbstractCRLStoreSPI

Handles an in-memory CRL store.

CRLs may be provided as URLs or local files. If the CRL is provided as a local file (i.e. is not an absolute URL) then it can contain wildcard characters ('*', '?'). In case of wildcard locations, the actual file list is regenerated on each update.

All CRLs are loaded and parsed to establish CA->CRL mapping. This mapping is updated after the updateInterval time is passed.

Faulty CRL locations together with the respective errors can be obtained by using a listener.

It is possible to pass more then one location of CRLs of the same CA.

The class is implemented in an asynchronous mode: CRLs are resolved on regular intervals (or only once on startup). The CRL searching is independent of the updates. It can block to download, read and subsequently parse a CRL if it is not present in the in-memory cache.

CRLs downloaded from a remote URL (http or ftp) can be cached on a local disk. If the update task can not download the CRL which was previously cached on disk, then the version from disk is returned.

This class is thread safe.

Author:
K. Benedyczak

Field Summary
 
Fields inherited from class eu.emi.security.authn.x509.helpers.crl.AbstractCRLStoreSPI
factory, observers, params, updateInterval
 
Constructor Summary
PlainCRLStoreSpi(CRLParameters params, Timer t, ObserversHandler observers)
          Creates a new CRL store.
 
Method Summary
protected  void addCRL(X509CRL crl, URL location)
           
 void dispose()
          After calling this method no notification will be produced and subsequent updates won't be scheduled.
protected  Collection<X509CRL> getCRLForIssuer(X500Principal issuer)
           
 List<String> getLocations()
           
 long getUpdateInterval()
           
protected  X509CRL loadCRL(URL url)
           
protected  X509CRL reloadCRL(URL location)
           
 void setUpdateInterval(long newInterval)
           
 void start()
          Initiates the store operation (the initial update and subsequent refreshes)
 
Methods inherited from class eu.emi.security.authn.x509.helpers.crl.AbstractCRLStoreSPI
engineGetCertificates, engineGetCRLs, notifyObservers
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PlainCRLStoreSpi

public PlainCRLStoreSpi(CRLParameters params,
                        Timer t,
                        ObserversHandler observers)
                 throws InvalidAlgorithmParameterException
Creates a new CRL store. The store will be empty until the start() method is called.

Parameters:
params -
t -
observers -
Throws:
InvalidAlgorithmParameterException
Method Detail

start

public void start()
Initiates the store operation (the initial update and subsequent refreshes)


loadCRL

protected X509CRL loadCRL(URL url)
                   throws IOException,
                          CRLException,
                          URISyntaxException
Throws:
IOException
CRLException
URISyntaxException

getLocations

public List<String> getLocations()

setUpdateInterval

public void setUpdateInterval(long newInterval)
Specified by:
setUpdateInterval in class AbstractCRLStoreSPI

getUpdateInterval

public long getUpdateInterval()

reloadCRL

protected X509CRL reloadCRL(URL location)

addCRL

protected void addCRL(X509CRL crl,
                      URL location)

getCRLForIssuer

protected Collection<X509CRL> getCRLForIssuer(X500Principal issuer)
Specified by:
getCRLForIssuer in class AbstractCRLStoreSPI

dispose

public void dispose()
After calling this method no notification will be produced and subsequent updates won't be scheduled. However one next update may be run.

Specified by:
dispose in class AbstractCRLStoreSPI


Copyright © 2012-2013 European Middleware Initiative. All Rights Reserved.