Example 1 with RevocationException
use of org.hyperledger.fabric_ca.sdk.exception.RevocationException in project fabric-sdk-java by hyperledger.
the class HFCAClient method revokeInternal.
private String revokeInternal(User revoker, String serial, String aki, String reason, boolean genCRL) throws RevocationException, InvalidArgumentException {
if (cryptoSuite == null) {
throw new InvalidArgumentException("Crypto primitives not set.");
}
if (Utils.isNullOrEmpty(serial)) {
throw new IllegalArgumentException("Serial number id required to revoke ceritificate");
}
if (Utils.isNullOrEmpty(aki)) {
throw new IllegalArgumentException("AKI is required to revoke certificate");
}
if (revoker == null) {
throw new InvalidArgumentException("revoker is not set");
}
logger.debug(format("revoke revoker: %s, reason: %s, url: %s", revoker.getName(), reason, url));
try {
setUpSSL();
// build request body
RevocationRequest req = new RevocationRequest(caName, null, serial, aki, reason, genCRL);
String body = req.toJson();
// send revoke request
JsonObject resp = httpPost(url + HFCA_REVOKE, body, revoker);
logger.debug("revoke done");
if (genCRL) {
if (resp.isEmpty()) {
throw new RevocationException("Failed to return CRL, revoke response is empty");
}
if (resp.isNull("CRL")) {
throw new RevocationException("Failed to return CRL");
}
return resp.getString("CRL");
}
return null;
} catch (CertificateException e) {
logger.error("Cannot validate certificate. Error is: " + e.getMessage());
throw new RevocationException("Error while revoking cert. " + e.getMessage(), e);
} catch (Exception e) {
logger.error(e.getMessage(), e);
throw new RevocationException("Error while revoking the user. " + e.getMessage(), e);
}
}
Also used :
InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException)
RevocationException(org.hyperledger.fabric_ca.sdk.exception.RevocationException)
JsonObject(javax.json.JsonObject)
CertificateException(java.security.cert.CertificateException)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException)
URISyntaxException(java.net.URISyntaxException)
RegistrationException(org.hyperledger.fabric_ca.sdk.exception.RegistrationException)
KeyStoreException(java.security.KeyStoreException)
AffiliationException(org.hyperledger.fabric_ca.sdk.exception.AffiliationException)
GenerateCRLException(org.hyperledger.fabric_ca.sdk.exception.GenerateCRLException)
KeyManagementException(java.security.KeyManagementException)
IdentityException(org.hyperledger.fabric_ca.sdk.exception.IdentityException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
EnrollmentException(org.hyperledger.fabric_ca.sdk.exception.EnrollmentException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
RevocationException(org.hyperledger.fabric_ca.sdk.exception.RevocationException)
ParseException(org.apache.http.ParseException)
MalformedURLException(java.net.MalformedURLException)
InfoException(org.hyperledger.fabric_ca.sdk.exception.InfoException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
HTTPException(org.hyperledger.fabric_ca.sdk.exception.HTTPException)
Example 2 with RevocationException
use of org.hyperledger.fabric_ca.sdk.exception.RevocationException in project fabric-sdk-java by hyperledger.
the class HFCAClient method revokeInternal.
private String revokeInternal(User revoker, Enrollment enrollment, String reason, boolean genCRL) throws RevocationException, InvalidArgumentException {
if (cryptoSuite == null) {
throw new InvalidArgumentException("Crypto primitives not set.");
}
if (enrollment == null) {
throw new InvalidArgumentException("revokee enrollment is not set");
}
if (revoker == null) {
throw new InvalidArgumentException("revoker is not set");
}
logger.debug(format("revoke revoker: %s, reason: %s, url: %s", revoker.getName(), reason, url));
try {
setUpSSL();
// get cert from to-be-revoked enrollment
BufferedInputStream pem = new BufferedInputStream(new ByteArrayInputStream(enrollment.getCert().getBytes()));
CertificateFactory certFactory = CertificateFactory.getInstance(Config.getConfig().getCertificateFormat());
X509Certificate certificate = (X509Certificate) certFactory.generateCertificate(pem);
// get its serial number
String serial = DatatypeConverter.printHexBinary(certificate.getSerialNumber().toByteArray());
// get its aki
// 2.5.29.35 : AuthorityKeyIdentifier
byte[] extensionValue = certificate.getExtensionValue(Extension.authorityKeyIdentifier.getId());
ASN1OctetString akiOc = ASN1OctetString.getInstance(extensionValue);
String aki = DatatypeConverter.printHexBinary(AuthorityKeyIdentifier.getInstance(akiOc.getOctets()).getKeyIdentifier());
// build request body
RevocationRequest req = new RevocationRequest(caName, null, serial, aki, reason, genCRL);
String body = req.toJson();
// send revoke request
JsonObject resp = httpPost(url + HFCA_REVOKE, body, revoker);
logger.debug("revoke done");
if (genCRL) {
if (resp.isEmpty()) {
throw new RevocationException("Failed to return CRL, revoke response is empty");
}
if (resp.isNull("CRL")) {
throw new RevocationException("Failed to return CRL");
}
return resp.getString("CRL");
}
return null;
} catch (CertificateException e) {
logger.error("Cannot validate certificate. Error is: " + e.getMessage());
throw new RevocationException("Error while revoking cert. " + e.getMessage(), e);
} catch (Exception e) {
logger.error(e.getMessage(), e);
throw new RevocationException("Error while revoking the user. " + e.getMessage(), e);
}
}
Also used :
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
JsonObject(javax.json.JsonObject)
CertificateException(java.security.cert.CertificateException)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
CertificateFactory(java.security.cert.CertificateFactory)
X509Certificate(java.security.cert.X509Certificate)
InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException)
URISyntaxException(java.net.URISyntaxException)
RegistrationException(org.hyperledger.fabric_ca.sdk.exception.RegistrationException)
KeyStoreException(java.security.KeyStoreException)
AffiliationException(org.hyperledger.fabric_ca.sdk.exception.AffiliationException)
GenerateCRLException(org.hyperledger.fabric_ca.sdk.exception.GenerateCRLException)
KeyManagementException(java.security.KeyManagementException)
IdentityException(org.hyperledger.fabric_ca.sdk.exception.IdentityException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
EnrollmentException(org.hyperledger.fabric_ca.sdk.exception.EnrollmentException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
RevocationException(org.hyperledger.fabric_ca.sdk.exception.RevocationException)
ParseException(org.apache.http.ParseException)
MalformedURLException(java.net.MalformedURLException)
InfoException(org.hyperledger.fabric_ca.sdk.exception.InfoException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
HTTPException(org.hyperledger.fabric_ca.sdk.exception.HTTPException)
InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException)
BufferedInputStream(java.io.BufferedInputStream)
ByteArrayInputStream(java.io.ByteArrayInputStream)
RevocationException(org.hyperledger.fabric_ca.sdk.exception.RevocationException)
Aggregations
IOException (java.io.IOException)2
MalformedURLException (java.net.MalformedURLException)2
URISyntaxException (java.net.URISyntaxException)2
KeyManagementException (java.security.KeyManagementException)2
KeyStoreException (java.security.KeyStoreException)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2
UnrecoverableKeyException (java.security.UnrecoverableKeyException)2
CertificateException (java.security.cert.CertificateException)2
JsonObject (javax.json.JsonObject)2
ParseException (org.apache.http.ParseException)2
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)2
AffiliationException (org.hyperledger.fabric_ca.sdk.exception.AffiliationException)2
EnrollmentException (org.hyperledger.fabric_ca.sdk.exception.EnrollmentException)2
GenerateCRLException (org.hyperledger.fabric_ca.sdk.exception.GenerateCRLException)2
HTTPException (org.hyperledger.fabric_ca.sdk.exception.HTTPException)2
IdentityException (org.hyperledger.fabric_ca.sdk.exception.IdentityException)2
InfoException (org.hyperledger.fabric_ca.sdk.exception.InfoException)2
InvalidArgumentException (org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException)2
RegistrationException (org.hyperledger.fabric_ca.sdk.exception.RegistrationException)2
RevocationException (org.hyperledger.fabric_ca.sdk.exception.RevocationException)2
