Example 6 with CertResponse
use of org.bouncycastle.asn1.cmp.CertResponse in project xipki by xipki.
the class X509CaCmpResponderImpl method postProcessException.
// method revokeOrUnrevokeOrRemoveCertificates
private CertResponse postProcessException(ASN1Integer certReqId, OperationException ex) {
ErrorCode code = ex.getErrorCode();
LOG.warn("generate certificate, OperationException: code={}, message={}", code.name(), ex.getErrorMessage());
String errorMessage;
switch(code) {
case DATABASE_FAILURE:
case SYSTEM_FAILURE:
errorMessage = code.name();
break;
default:
errorMessage = code.name() + ": " + ex.getErrorMessage();
break;
}
// end switch code
int failureInfo = getPKiFailureInfo(ex);
return new CertResponse(certReqId, generateRejectionStatus(failureInfo, errorMessage));
}
Also used :
CertResponse(org.bouncycastle.asn1.cmp.CertResponse)
ErrorCode(org.xipki.ca.api.OperationException.ErrorCode)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
Example 7 with CertResponse
use of org.bouncycastle.asn1.cmp.CertResponse in project xipki by xipki.
the class X509CaCmpResponderImpl method generateCertificates.
// method processP10cr
private List<CertResponse> generateCertificates(List<CertTemplateData> certTemplates, List<ASN1Integer> certReqIds, CmpRequestorInfo requestor, ASN1OctetString tid, boolean keyUpdate, PKIMessage request, CmpControl cmpControl, String msgId, AuditEvent event) {
X509Ca ca = getCa();
final int n = certTemplates.size();
List<CertResponse> ret = new ArrayList<>(n);
if (cmpControl.isGroupEnroll()) {
try {
List<X509CertificateInfo> certInfos;
if (keyUpdate) {
certInfos = ca.regenerateCertificates(certTemplates, requestor, RequestType.CMP, tid.getOctets(), msgId);
} else {
certInfos = ca.generateCertificates(certTemplates, requestor, RequestType.CMP, tid.getOctets(), msgId);
}
// save the request
Long reqDbId = null;
if (ca.getCaInfo().isSaveRequest()) {
try {
byte[] encodedRequest = request.getEncoded();
reqDbId = ca.addRequest(encodedRequest);
} catch (Exception ex) {
LOG.warn("could not save request");
}
}
for (int i = 0; i < n; i++) {
X509CertificateInfo certInfo = certInfos.get(i);
ret.add(postProcessCertInfo(certReqIds.get(i), certInfo, tid, cmpControl));
if (reqDbId != null) {
ca.addRequestCert(reqDbId, certInfo.getCert().getCertId());
}
}
} catch (OperationException ex) {
for (int i = 0; i < n; i++) {
ret.add(postProcessException(certReqIds.get(i), ex));
}
}
} else {
Long reqDbId = null;
boolean savingRequestFailed = false;
for (int i = 0; i < n; i++) {
CertTemplateData certTemplate = certTemplates.get(i);
ASN1Integer certReqId = certReqIds.get(i);
X509CertificateInfo certInfo;
try {
if (keyUpdate) {
certInfo = ca.regenerateCertificate(certTemplate, requestor, RequestType.CMP, tid.getOctets(), msgId);
} else {
certInfo = ca.generateCertificate(certTemplate, requestor, RequestType.CMP, tid.getOctets(), msgId);
}
if (ca.getCaInfo().isSaveRequest()) {
if (reqDbId == null && !savingRequestFailed) {
try {
byte[] encodedRequest = request.getEncoded();
reqDbId = ca.addRequest(encodedRequest);
} catch (Exception ex) {
savingRequestFailed = true;
LOG.warn("could not save request");
}
}
if (reqDbId != null) {
ca.addRequestCert(reqDbId, certInfo.getCert().getCertId());
}
}
ret.add(postProcessCertInfo(certReqId, certInfo, tid, cmpControl));
} catch (OperationException ex) {
ret.add(postProcessException(certReqId, ex));
}
}
}
return ret;
}
Also used :
CertResponse(org.bouncycastle.asn1.cmp.CertResponse)
X509Ca(org.xipki.ca.server.impl.X509Ca)
ArrayList(java.util.ArrayList)
X509CertificateInfo(org.xipki.ca.api.publisher.x509.X509CertificateInfo)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
IOException(java.io.IOException)
OperationException(org.xipki.ca.api.OperationException)
CaMgmtException(org.xipki.ca.server.mgmt.api.CaMgmtException)
ParseException(java.text.ParseException)
CRLException(java.security.cert.CRLException)
CRMFException(org.bouncycastle.cert.crmf.CRMFException)
InsuffientPermissionException(org.xipki.ca.api.InsuffientPermissionException)
CertTemplateData(org.xipki.ca.server.impl.CertTemplateData)
OperationException(org.xipki.ca.api.OperationException)
Aggregations
CertResponse (org.bouncycastle.asn1.cmp.CertResponse)7
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)5
DERUTF8String (org.bouncycastle.asn1.DERUTF8String)5
CMPCertificate (org.bouncycastle.asn1.cmp.CMPCertificate)4
CertRepMessage (org.bouncycastle.asn1.cmp.CertRepMessage)4
PKIStatusInfo (org.bouncycastle.asn1.cmp.PKIStatusInfo)4
IOException (java.io.IOException)3
ASN1Integer (org.bouncycastle.asn1.ASN1Integer)3
CertifiedKeyPair (org.bouncycastle.asn1.cmp.CertifiedKeyPair)3
PKIBody (org.bouncycastle.asn1.cmp.PKIBody)3
CertTemplateData (org.xipki.ca.server.impl.CertTemplateData)3
BigInteger (java.math.BigInteger)2
InvalidKeyException (java.security.InvalidKeyException)2
ArrayList (java.util.ArrayList)2
Date (java.util.Date)2
ErrorMsgContent (org.bouncycastle.asn1.cmp.ErrorMsgContent)2
PKIFreeText (org.bouncycastle.asn1.cmp.PKIFreeText)2
CmpUtf8Pairs (org.xipki.cmp.CmpUtf8Pairs)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
CRLException (java.security.cert.CRLException)1
