CertCache.java
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.synapse.transport.certificatevalidation.cache;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.commons.jmx.MBeanRegistrar;
import org.apache.synapse.transport.certificatevalidation.Constants;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
/**
* This is a cache to store a certificate against a unique string (can be a serial number). This is a singleton since
* more than one cache of this kind should not be allowed. This cache can be used by any place where certificate
* caching is needed.
*/
public class CertCache implements ManageableCache {
private static volatile CertCache cache;
private static volatile Map<String, CertCacheValue> hashMap = new ConcurrentHashMap<String, CertCacheValue>();
private static volatile Iterator<Map.Entry<String, CertCacheValue>> iterator = hashMap.entrySet().iterator();
private static volatile CacheManager cacheManager;
private static final Log log = LogFactory.getLog(CertCache.class);
private CertCache() {
}
public static CertCache getCache() {
//Double-checked locking
if (cache == null) {
synchronized (CertCache.class) {
if (cache == null) {
cache = new CertCache();
cacheManager = new CacheManager(cache, Constants.CACHE_DEFAULT_ALLOCATED_SIZE,
Constants.CACHE_DEFAULT_DELAY_MINS);
}
}
}
return cache;
}
public synchronized X509Certificate getCacheValue(String serialNumber) {
CertCacheValue cacheValue = hashMap.get(serialNumber);
if (cacheValue != null) {
return cacheValue.getValue();
} else
return null;
}
@Override
public ManageableCacheValue getNextCacheValue() {
if (iterator.hasNext()) {
return hashMap.get(iterator.next().getKey());
} else {
resetIterator();
return null;
}
}
@Override
public int getCacheSize() {
return hashMap.size();
}
@Override
public void resetIterator() {
iterator = hashMap.entrySet().iterator();
}
public static void resetCache() {
hashMap.clear();
}
public synchronized void setCacheValue(String serialNumber, X509Certificate cert) {
CertCacheValue cacheValue = new CertCacheValue(serialNumber, cert);
if (log.isDebugEnabled()) {
log.debug("Before set - HashMap size " + hashMap.size());
}
hashMap.put(serialNumber, cacheValue);
if (log.isDebugEnabled()) {
log.debug("After set - HashMap size " + hashMap.size());
}
}
public synchronized void removeCacheValue(String serialNumber) {
if (log.isDebugEnabled()) {
log.debug("Before remove - HashMap size " + hashMap.size());
}
hashMap.remove(serialNumber);
if (log.isDebugEnabled()) {
log.debug("After remove - HashMap size " + hashMap.size());
}
}
/**
* This is the wrapper class of the actual cache value.
*/
private class CertCacheValue implements ManageableCacheValue {
private final String serialNumber;
private final X509Certificate issuerCertificate;
private final long timeStamp = System.currentTimeMillis();
public CertCacheValue(String serialNumber, X509Certificate issuerCertificate) {
this.serialNumber = serialNumber;
this.issuerCertificate = issuerCertificate;
}
public X509Certificate getValue() {
return issuerCertificate;
}
public String getKey() {
return serialNumber;
}
public boolean isValid() {
// Will be always return true since we only set defined data.
return true;
}
public long getTimeStamp() {
return timeStamp;
}
/**
* Used by cacheManager to remove invalid entries.
*/
public void removeThisCacheValue() {
removeCacheValue(serialNumber);
}
public void updateCacheWithNewValue() {
// No implementation needed since there are no scenarios of the cache value being invalid.
}
}
}