Class LazyOpensslCRLStoreSpi
- java.lang.Object
-
- java.security.cert.CertStoreSpi
-
- eu.emi.security.authn.x509.helpers.crl.AbstractCRLStoreSPI
-
- eu.emi.security.authn.x509.helpers.crl.LazyOpensslCRLStoreSpi
-
public class LazyOpensslCRLStoreSpi extends AbstractCRLStoreSPI
Handles an Openssl-like CRL store. CRLs are loaded on demand from disk and cached in memory, for no longer then updateInterval parameter.This class is thread safe.
-
-
Field Summary
Fields Modifier and Type Field Description private java.util.Map<java.lang.String,CachedElement<java.util.List<java.security.cert.X509CRL>>>
cachedCRLsByHash
private java.io.File
directory
private boolean
openssl1Mode
private static java.lang.String
SUFFIX
-
Fields inherited from class eu.emi.security.authn.x509.helpers.crl.AbstractCRLStoreSPI
factory, observers, params, updateInterval
-
-
Constructor Summary
Constructors Constructor Description LazyOpensslCRLStoreSpi(java.lang.String path, long crlUpdateInterval, ObserversHandler observers, boolean openssl1Mode)
Creates a new CRL store.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
dispose()
private java.util.Collection<java.security.cert.X509CRL>
filterByIssuer(javax.security.auth.x500.X500Principal issuer, java.util.Collection<java.security.cert.X509CRL> all)
protected java.util.Collection<java.security.cert.X509CRL>
getCRLForIssuer(javax.security.auth.x500.X500Principal issuer)
protected java.util.Collection<java.security.cert.X509CRL>
getCRLWithMatcher(java.security.cert.CRLSelector selectorRaw)
long
getUpdateInterval()
protected java.security.cert.X509CRL
loadCRL(java.io.File file)
protected java.security.cert.X509CRL
reloadCRL(java.io.File location)
void
setUpdateInterval(long newInterval)
-
Methods inherited from class eu.emi.security.authn.x509.helpers.crl.AbstractCRLStoreSPI
engineGetCertificates, engineGetCRLs, notifyObservers
-
-
-
-
Field Detail
-
SUFFIX
private static final java.lang.String SUFFIX
- See Also:
- Constant Field Values
-
directory
private final java.io.File directory
-
openssl1Mode
private final boolean openssl1Mode
-
cachedCRLsByHash
private java.util.Map<java.lang.String,CachedElement<java.util.List<java.security.cert.X509CRL>>> cachedCRLsByHash
-
-
Constructor Detail
-
LazyOpensslCRLStoreSpi
public LazyOpensslCRLStoreSpi(java.lang.String path, long crlUpdateInterval, ObserversHandler observers, boolean openssl1Mode) throws java.security.InvalidAlgorithmParameterException
Creates a new CRL store.- Parameters:
path
- pathcrlUpdateInterval
- crl update intervalobservers
- observers handleropenssl1Mode
- openssl 1 mode- Throws:
java.security.InvalidAlgorithmParameterException
- invalid algorithm parameter exception
-
-
Method Detail
-
loadCRL
protected java.security.cert.X509CRL loadCRL(java.io.File file) throws java.io.IOException, java.security.cert.CRLException, java.net.URISyntaxException
- Throws:
java.io.IOException
java.security.cert.CRLException
java.net.URISyntaxException
-
setUpdateInterval
public void setUpdateInterval(long newInterval)
- Specified by:
setUpdateInterval
in classAbstractCRLStoreSPI
-
getUpdateInterval
public long getUpdateInterval()
-
dispose
public void dispose()
- Specified by:
dispose
in classAbstractCRLStoreSPI
-
reloadCRL
protected java.security.cert.X509CRL reloadCRL(java.io.File location)
-
filterByIssuer
private java.util.Collection<java.security.cert.X509CRL> filterByIssuer(javax.security.auth.x500.X500Principal issuer, java.util.Collection<java.security.cert.X509CRL> all)
-
getCRLForIssuer
protected java.util.Collection<java.security.cert.X509CRL> getCRLForIssuer(javax.security.auth.x500.X500Principal issuer)
- Specified by:
getCRLForIssuer
in classAbstractCRLStoreSPI
-
getCRLWithMatcher
protected java.util.Collection<java.security.cert.X509CRL> getCRLWithMatcher(java.security.cert.CRLSelector selectorRaw)
- Specified by:
getCRLWithMatcher
in classAbstractCRLStoreSPI
-
-