public synchronized void addTrustLevels(String name, TrustLevels tl)
throws GTSInternalFault, InvalidTrustedAuthorityFault, IllegalTrustedAuthorityFault {
if (tl != null) {
String[] levels = tl.getTrustLevel();
if ((levels != null) && (levels.length > 0)) {
for (int i = 0; i < levels.length; i++) {
if (!lookup.doesTrustLevelExist(levels[i])) {
IllegalTrustedAuthorityFault fault = new IllegalTrustedAuthorityFault();
fault.setFaultString(
"The trust levels for the Trusted Authority "
+ name
+ " could not be updated, the trust level "
+ levels[i]
+ " does not exist.");
throw fault;
}
}
}
removeTrustedAuthoritysTrustLevels(name);
if ((levels != null) && (levels.length > 0)) {
Connection c = null;
try {
c = db.getConnection();
for (int i = 0; i < levels.length; i++) {
PreparedStatement s =
c.prepareStatement(
"INSERT INTO "
+ TrustedAuthorityTrustLevelsTable.TABLE_NAME
+ " SET "
+ TrustedAuthorityTrustLevelsTable.NAME
+ "= ?, "
+ TrustedAuthorityTrustLevelsTable.TRUST_LEVEL
+ "= ?");
s.setString(1, name);
s.setString(2, levels[i]);
s.execute();
s.close();
}
} catch (Exception e) {
this.log.error(
"Unexpected database error incurred in adding the trust levels for the Trusted Authority, "
+ name
+ ": "
+ e.getMessage(),
e);
try {
this.removeTrustedAuthoritysTrustLevels(name);
} catch (Exception ex) {
this.log.error(ex.getMessage(), ex);
}
GTSInternalFault fault = new GTSInternalFault();
fault.setFaultString("Unexpected error removing the TrustedAuthority " + name);
throw fault;
} finally {
db.releaseConnection(c);
}
}
}
}
public synchronized TrustedAuthority addTrustedAuthority(TrustedAuthority ta, boolean internal)
throws GTSInternalFault, IllegalTrustedAuthorityFault {
this.buildDatabase();
X509Certificate cert = checkAndExtractCertificate(ta);
if ((ta.getName() != null) && (!ta.getName().equals(cert.getSubjectDN().toString()))) {
IllegalTrustedAuthorityFault fault = new IllegalTrustedAuthorityFault();
fault.setFaultString(
"The Trusted Authority Name must match the subject of the Trusted Authority's certificate");
throw fault;
} else {
ta.setName(cert.getSubjectDN().toString());
}
if (this.doesTrustedAuthorityExist(ta.getName())) {
IllegalTrustedAuthorityFault fault = new IllegalTrustedAuthorityFault();
fault.setFaultString("The Trusted Authority " + ta.getName() + " already exists.");
throw fault;
}
X509CRL crl = checkAndExtractCRL(ta, cert);
if (ta.getTrustLevels() != null) {
if (ta.getTrustLevels().getTrustLevel() != null) {
for (int i = 0; i < ta.getTrustLevels().getTrustLevel().length; i++) {
if (!lookup.doesTrustLevelExist(ta.getTrustLevels().getTrustLevel()[i])) {
IllegalTrustedAuthorityFault fault = new IllegalTrustedAuthorityFault();
fault.setFaultString(
"The Trusted Authority "
+ ta.getName()
+ " could not be added, the trust level "
+ ta.getTrustLevels().getTrustLevel()[i]
+ " does not exist.");
throw fault;
}
}
}
}
if (ta.getStatus() == null) {
IllegalTrustedAuthorityFault fault = new IllegalTrustedAuthorityFault();
fault.setFaultString("No status specified for the Trusted Authority!!!");
throw fault;
}
if (internal) {
ta.setIsAuthority(Boolean.TRUE);
ta.setAuthorityGTS(gtsURI);
ta.setSourceGTS(gtsURI);
ta.setExpires(0);
} else {
if ((ta.getIsAuthority() == null)) {
IllegalTrustedAuthorityFault fault = new IllegalTrustedAuthorityFault();
fault.setFaultString(
"The Trusted Authority "
+ ta.getName()
+ " cannot be added because it does not specify whether or not this GTS is the authority of it.");
throw fault;
}
if (ta.getAuthorityGTS() == null) {
IllegalTrustedAuthorityFault fault = new IllegalTrustedAuthorityFault();
fault.setFaultString(
"The Trusted Authority "
+ ta.getName()
+ " cannot be added because it does not specify an authority trust service.");
throw fault;
}
if (ta.getSourceGTS() == null) {
IllegalTrustedAuthorityFault fault = new IllegalTrustedAuthorityFault();
fault.setFaultString(
"The Trusted Authority "
+ ta.getName()
+ " cannot be added because it does not specify an source trust service.");
throw fault;
}
if ((!ta.getIsAuthority().booleanValue()) && (ta.getExpires() <= 0)) {
IllegalTrustedAuthorityFault fault = new IllegalTrustedAuthorityFault();
fault.setFaultString(
"The Trusted Authority "
+ ta.getName()
+ " cannot be added because it does not specify an expiration.");
throw fault;
}
if ((ta.getIsAuthority().booleanValue()) && (!ta.getAuthorityGTS().equals(gtsURI))) {
IllegalTrustedAuthorityFault fault = new IllegalTrustedAuthorityFault();
fault.setFaultString(
"The Trusted Authority "
+ ta.getName()
+ " cannot be added, a conflict was detected, this gts ("
+ gtsURI
+ ") was specified as its authority, however the URI of another GTS ( "
+ ta.getAuthorityGTS()
+ ") was specified.");
throw fault;
}
}
insertTrustedAuthority(ta, cert, crl);
return ta;
}
