/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: CRLValidator.java,v 1.3 2008/06/25 05:52:58 qcheng Exp $
*
* Portions Copyrighted 2014-2015 ForgeRock AS.
*/
/**
* This interface is for <code>CRLValidator</code> that is representing
* configued <code>X509CRLValidator</code>
*/
public class CRLValidator {
// Dir server info for CRL entry
private static boolean crlCheckEnabled = false;
static {
/*
* Setup the LDAP certificate directory service context for
* use in verification of signing certificates.
*/
if (debug.messageEnabled()) {
"CRL Check configured : " + crlCheckEnabled);
}
if (crlCheckEnabled == true) {
try {
null,
} catch (Exception e) {
}
if (debug.messageEnabled()) {
+ dirServerHost);
+ dirServerPort);
+ dirPrincipleUser);
if (dirPrinciplePasswd != null) {
} else {
}
+ crlSearchAttr);
}
}
}
/**
* Validate certificate against configured crl
* @param cert cert to be validated
* @return true if certificate is not in crl
*/
boolean checkCAStatus) {
boolean certgood = true;
try {
}
if (debug.messageEnabled()) {
} else {
}
}
return certgood = false;
}
} catch (Exception e) {
return certgood = false;
}
}
return certgood;
}
/**
* Get certificate revocation list from cofigured ldap store
* @param cert cert to be validated
* @return crl if ldap store configured with crl
*/
//Get the CN of the input certificate
return null;
}
if (debug.messageEnabled()) {
}
//Lookup the certificate in the LDAP certificate directory and compare the values.
try {
} catch (IOException e) {
}
return crl;
}
static public boolean isCRLCheckEnabled() {
return crlCheckEnabled;
}
}