Package eu.europa.esig.dss.spi.x509.revocation

Class RepositoryRevocationSource<R extends Revocation>

java.lang.Object
eu.europa.esig.dss.spi.x509.revocation.RepositoryRevocationSource<R>
Type Parameters:
R - CRL or OCSP
All Implemented Interfaces:
MultipleRevocationSource<R>, RevocationSource<R>, Serializable
Direct Known Subclasses:
JdbcRevocationSource
public abstract class RepositoryRevocationSource<R extends Revocation> extends Object implements RevocationSource<R>, MultipleRevocationSource<R>
Allows storing and retrieving of revocation data to/from a repository (e.g. database)
See Also:

  • Field Details

    • proxiedSource

      protected OnlineRevocationSource<R extends Revocation> proxiedSource
      Data source used to access a revocation token that is not present in the repository

  • Constructor Details

    • RepositoryRevocationSource

      protected RepositoryRevocationSource()
      Default constructor instantiating object with null values

  • Method Details

    • initRevocationTokenKeys

      protected abstract List<String> initRevocationTokenKeys(CertificateToken certificateToken)
      Initialize a list of revocation token keys String from the given CertificateToken
      Parameters:
      certificateToken - CertificateToken
      Returns:
      list of String revocation keys

    • findRevocation

      @Deprecated protected RevocationToken<R> findRevocation(String key, CertificateToken certificateToken, CertificateToken issuerCertToken)
      Deprecated.
      since 5.12. Use findRevocations(final String key, final CertificateToken certificateToken, final CertificateToken issuerCertToken) method.
      Finds a RevocationToken in the cache
      Parameters:
      key - the key String
      certificateToken - CertificateToken
      issuerCertToken - CertificateToken
      Returns:
      RevocationToken object

    • findRevocations

      protected abstract List<RevocationToken<R>> findRevocations(String key, CertificateToken certificateToken, CertificateToken issuerCertToken)
      Finds a list of RevocationTokens in the cache for the given certificateToken with the corresponding key
      Parameters:
      key - the key String
      certificateToken - CertificateToken
      issuerCertToken - CertificateToken
      Returns:
      a list of RevocationToken objects

    • insertRevocation

      protected abstract void insertRevocation(String revocationKey, RevocationToken<R> token)
      Inserts a new RevocationToken into the cache
      Parameters:
      revocationKey - String
      token - RevocationToken

    • updateRevocation

      protected abstract void updateRevocation(String revocationKey, RevocationToken<R> token)
      Updates the RevocationToken into cache
      Parameters:
      revocationKey - String
      token - RevocationToken

    • removeRevocation

      protected abstract void removeRevocation(String revocationKey)
      Removes the RevocationToken from cache with the given key
      Parameters:
      revocationKey - String

    • setDefaultNextUpdateDelay

      public void setDefaultNextUpdateDelay(Long defaultNextUpdateDelay)
      Sets the default next update delay for the cached files in seconds. If more time has passed from the revocation token's thisUpdate and next update time is not specified, then a fresh copy is downloaded and cached, otherwise a cached copy is used. If revocation.nextUpdate = null, then nextUpdate = revocation.thisUpdate + defaultNextUpdateDelay
      Parameters:
      defaultNextUpdateDelay - long value (seconds)

    • setMaxNextUpdateDelay

      public void setMaxNextUpdateDelay(Long maxNextUpdateDelay)
      Sets the maximum allowed nextUpdate delay for cached files in seconds. Allows to force refresh in case of long periods between revocation publication (eg : 6 months for ARL). If revocation.nextUpdate > revocation.thisUpdate + maxNextUpdateDelay, then nextUpdate = revocation.thisUpdate + maxNextUpdateDelay
      Parameters:
      maxNextUpdateDelay - long value (seconds)

    • setProxySource

      public void setProxySource(OnlineRevocationSource<R> proxiedSource)
      The proxied revocation source to be called if the data is not available in the cache
      Parameters:
      proxiedSource - the proxiedSource to set

    • setRemoveExpired

      public void setRemoveExpired(boolean removeExpired)
      Sets whether the expired revocation data shall be removed from the cache Default : TRUE (expired revocation data is being removed from the cache)
      Parameters:
      removeExpired - the removeExpired to set

    • getRevocationToken

      public RevocationToken<R> getRevocationToken(CertificateToken certificateToken, CertificateToken issuerCertificateToken)
      Description copied from interface: RevocationSource
      This method retrieves a RevocationToken for the certificateToken
      Specified by:
      getRevocationToken in interface RevocationSource<R extends Revocation>
      Parameters:
      certificateToken - The CertificateToken for which the request is made
      issuerCertificateToken - The CertificateToken which is the issuer of the certificateToken
      Returns:
      an instance of RevocationToken

    • getRevocationToken

      public RevocationToken<R> getRevocationToken(CertificateToken certificateToken, CertificateToken issuerCertificateToken, boolean forceRefresh)
      Retrieves a revocation token for the given CertificateToken
      Parameters:
      certificateToken - CertificateToken
      issuerCertificateToken - CertificateToken of the issuer of certificateToken
      forceRefresh - if true, explicitly skips the cache
      Returns:
      RevocationToken

    • getRevocationTokens

      public List<RevocationToken<R>> getRevocationTokens(CertificateToken certificateToken, CertificateToken issuerCertificateToken)
      Description copied from interface: MultipleRevocationSource
      This method retrieves a list of RevocationToken for the certificateToken
      Specified by:
      getRevocationTokens in interface MultipleRevocationSource<R extends Revocation>
      Parameters:
      certificateToken - The CertificateToken for which the request is made
      issuerCertificateToken - The CertificateToken which is the issuer of the certificateToken
      Returns:
      a list of RevocationToken

    • getRevocationTokens

      public List<RevocationToken<R>> getRevocationTokens(CertificateToken certificateToken, CertificateToken issuerCertificateToken, boolean forceRefresh)
      Retrieves a list of revocation token for the given CertificateToken
      Parameters:
      certificateToken - CertificateToken
      issuerCertificateToken - CertificateToken of the issuer of certificateToken
      forceRefresh - if true, explicitly skips the cache
      Returns:
      a list of RevocationTokens

    • getRevocationTokenKey

      protected abstract String getRevocationTokenKey(CertificateToken certificateToken, String urlString)
      Gets a unique revocation token identifier used to store the revocation token for this certificateToken within a repository
      Parameters:
      certificateToken - CertificateToken
      urlString - String representing a URL used to download the revocation token from
      Returns:
      String revocation token key