Track last update time in TrustListManager

eclipse · Aug 28, 2023 · 17a206c · 17a206c
1 parent e58d638
commit 17a206c
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 0 deletions.
diff --git a/...ore/src/main/java/org/eclipse/milo/opcua/stack/core/security/DefaultTrustListManager.java b/...ore/src/main/java/org/eclipse/milo/opcua/stack/core/security/DefaultTrustListManager.java
@@ -37,11 +37,13 @@
 import java.util.Optional;
 import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.atomic.AtomicReference;
 import java.util.stream.Collectors;
 
 import io.netty.buffer.ByteBufUtil;
 import org.eclipse.milo.opcua.stack.core.UaException;
 import org.eclipse.milo.opcua.stack.core.types.builtin.ByteString;
+import org.eclipse.milo.opcua.stack.core.types.builtin.DateTime;
 import org.eclipse.milo.opcua.stack.core.util.CertificateUtil;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -59,6 +61,8 @@ public class DefaultTrustListManager implements TrustListManager, AutoCloseable
 
     private static final Logger LOGGER = LoggerFactory.getLogger(DefaultTrustListManager.class);
 
+    private final AtomicReference<DateTime> lastUpdateTime = new AtomicReference<>(DateTime.MIN_VALUE);
+
     private final Set<X509Certificate> issuerCertificates = ConcurrentHashMap.newKeySet();
     private final Set<X509CRL> issuerCrls = ConcurrentHashMap.newKeySet();
 
@@ -155,6 +159,8 @@ public DefaultTrustListManager(File baseDir) throws IOException {
         synchronizeIssuerCrls();
         synchronizeTrustedCerts();
         synchronizeTrustedCrls();
+
+        lastUpdateTime.set(DateTime.now());
     }
 
     /**
@@ -217,48 +223,62 @@ public synchronized void setIssuerCrls(List<X509CRL> issuerCrls) {
         replaceCrlsInDir(issuerCrls, issuerCrlDir);
 
         synchronizeIssuerCrls();
+
+        lastUpdateTime.set(DateTime.now());
     }
 
     @Override
     public synchronized void setTrustedCrls(List<X509CRL> trustedCrls) {
         replaceCrlsInDir(trustedCrls, trustedCrlDir);
 
         synchronizeTrustedCrls();
+
+        lastUpdateTime.set(DateTime.now());
     }
 
     @Override
     public synchronized void setIssuerCertificates(List<X509Certificate> issuerCertificates) {
         replaceCertificatesInDir(issuerCertificates, issuerCertsDir);
 
         synchronizeIssuerCerts();
+
+        lastUpdateTime.set(DateTime.now());
     }
 
     @Override
     public synchronized void setTrustedCertificates(List<X509Certificate> trustedCertificates) {
         replaceCertificatesInDir(trustedCertificates, trustedCertsDir);
 
         synchronizeTrustedCerts();
+
+        lastUpdateTime.set(DateTime.now());
     }
 
     @Override
     public synchronized void addIssuerCertificate(X509Certificate certificate) {
         issuerCertificates.add(certificate);
 
         writeCertificateToDir(certificate, issuerCertsDir);
+
+        lastUpdateTime.set(DateTime.now());
     }
 
     @Override
     public synchronized void addTrustedCertificate(X509Certificate certificate) {
         trustedCertificates.add(certificate);
 
         writeCertificateToDir(certificate, trustedCertsDir);
+
+        lastUpdateTime.set(DateTime.now());
     }
 
     @Override
     public synchronized void addRejectedCertificate(X509Certificate certificate) {
         pruneOldRejectedCertificates();
 
         writeCertificateToDir(certificate, rejectedDir);
+
+        lastUpdateTime.set(DateTime.now());
     }
 
     @Override
@@ -267,6 +287,8 @@ public synchronized boolean removeIssuerCertificate(ByteString thumbprint) {
 
         synchronizeIssuerCerts();
 
+        lastUpdateTime.set(DateTime.now());
+
         return found;
     }
 
@@ -276,6 +298,8 @@ public synchronized boolean removeTrustedCertificate(ByteString thumbprint) {
 
         synchronizeTrustedCerts();
 
+        lastUpdateTime.set(DateTime.now());
+
         return found;
     }
 
@@ -316,6 +340,11 @@ public File getRejectedDir() {
         return rejectedDir;
     }
 
+    @Override
+    public DateTime getLastUpdateTime() {
+        return lastUpdateTime.get();
+    }
+
     private synchronized boolean deleteCertificateFile(File certificateDir, ByteString thumbprint) {
         File[] files = certificateDir.listFiles();
         if (files == null) files = new File[0];

diff --git a/...stack-core/src/main/java/org/eclipse/milo/opcua/stack/core/security/TrustListManager.java b/...stack-core/src/main/java/org/eclipse/milo/opcua/stack/core/security/TrustListManager.java
@@ -15,6 +15,7 @@
 import java.util.List;
 
 import org.eclipse.milo.opcua.stack.core.types.builtin.ByteString;
+import org.eclipse.milo.opcua.stack.core.types.builtin.DateTime;
 
 public interface TrustListManager {
 
@@ -126,4 +127,11 @@ public interface TrustListManager {
      */
     boolean removeRejectedCertificate(ByteString thumbprint);
 
+    /**
+     * Get the last time the Trust List was updated.
+     *
+     * @return the last time the Trust List was updated.
+     */
+    DateTime getLastUpdateTime();
+
 }