use of org.xipki.ca.api.NameId in project xipki by xipki.
the class X509Ca method unrevokeCa.
// method revokeCa
public void unrevokeCa(String msgId) throws OperationException {
caInfo.setRevocationInfo(null);
if (caInfo.isSelfSigned()) {
AuditEvent event = newPerfAuditEvent(CaAuditConstants.TYPE_unrevoke_cert, msgId);
boolean successful = true;
try {
unrevokeCertificate0(caInfo.getSerialNumber(), true, event);
successful = true;
} finally {
finish(event, successful);
}
}
boolean failed = false;
for (IdentifiedX509CertPublisher publisher : publishers()) {
NameId ident = publisher.getIdent();
boolean successful = publisher.caUnrevoked(caCert);
if (successful) {
LOG.info("published event caUnrevoked of CA {} to publisher {}", caIdent, ident);
} else {
failed = true;
LOG.error("could not publish event caUnrevoked of CA {} to publisher {}", caIdent, ident);
}
}
if (failed) {
final String message = "could not event caUnrevoked of CA " + caIdent + " to at least one publisher";
throw new OperationException(ErrorCode.SYSTEM_FAILURE, message);
}
}
use of org.xipki.ca.api.NameId in project xipki by xipki.
the class CaManagerImpl method addCertprofileToCa.
// method removeCertprofileFromCa
@Override
public void addCertprofileToCa(String profileName, String caName) throws CaMgmtException {
profileName = ParamUtil.requireNonBlank("profileName", profileName).toLowerCase();
caName = ParamUtil.requireNonBlank("caName", caName).toLowerCase();
asssertMasterMode();
NameId ident = idNameMap.getCertprofile(profileName);
if (ident == null) {
String msg = concat("unknown CertProfile ", profileName);
LOG.warn(msg);
throw new CaMgmtException(msg);
}
NameId caIdent = idNameMap.getCa(caName);
if (caIdent == null) {
String msg = concat("unknown CA ", caName);
LOG.warn(msg);
throw new CaMgmtException(msg);
}
Set<String> set = caHasProfiles.get(caName);
if (set == null) {
set = new HashSet<>();
caHasProfiles.put(caName, set);
} else {
if (set.contains(profileName)) {
String msg = concat("CertProfile ", profileName, " already associated with CA ", caName);
LOG.warn(msg);
throw new CaMgmtException(msg);
}
}
if (!certprofiles.containsKey(profileName)) {
throw new CaMgmtException(concat("certprofile '", profileName, "' is faulty"));
}
queryExecutor.addCertprofileToCa(ident, caIdent);
set.add(profileName);
}
use of org.xipki.ca.api.NameId in project xipki by xipki.
the class CaManagerImpl method initRequestors.
private void initRequestors() throws CaMgmtException {
if (requestorsInitialized) {
return;
}
idNameMap.clearRequestor();
requestorDbEntries.clear();
requestors.clear();
List<String> names = queryExecutor.namesFromTable("REQUESTOR");
for (String name : names) {
if (RequestorInfo.NAME_BY_CA.equals(name)) {
Integer id = queryExecutor.getRequestorId(name);
NameId ident = new NameId(id, name);
byCaRequestor = new ByCaRequestorInfo(ident);
idNameMap.addRequestor(ident);
} else if (RequestorInfo.NAME_BY_USER.equals(name)) {
Integer id = queryExecutor.getRequestorId(name);
byUserRequestorId = new NameId(id, name);
idNameMap.addRequestor(byUserRequestorId);
} else {
RequestorEntry requestorDbEntry = queryExecutor.createRequestor(name);
if (requestorDbEntry == null) {
continue;
}
idNameMap.addRequestor(requestorDbEntry.getIdent());
requestorDbEntries.put(name, requestorDbEntry);
RequestorEntryWrapper requestor = new RequestorEntryWrapper();
requestor.setDbEntry(requestorDbEntry);
requestors.put(name, requestor);
}
}
requestorsInitialized = true;
}
use of org.xipki.ca.api.NameId in project xipki by xipki.
the class UserAddCmd method execute0.
@Override
protected Object execute0() throws Exception {
if (password == null) {
password = new String(readPassword());
}
AddUserEntry userEntry = new AddUserEntry(new NameId(null, name), !inactive, password);
String msg = "user " + name;
try {
caManager.addUser(userEntry);
println("added " + msg);
return null;
} catch (CaMgmtException ex) {
throw new CmdFailure("could not add " + msg + ", error: " + ex.getMessage(), ex);
}
}
use of org.xipki.ca.api.NameId in project xipki by xipki.
the class CaUpdateCmd method getChangeCaEntry.
protected X509ChangeCaEntry getChangeCaEntry() throws Exception {
X509ChangeCaEntry entry = new X509ChangeCaEntry(new NameId(null, caName));
if (snBitLen != null) {
ParamUtil.requireRange("sn-bitlen", snBitLen, 63, 159);
entry.setSerialNoBitLen(snBitLen);
}
if (caStatus != null) {
entry.setStatus(CaStatus.forName(caStatus));
}
if (expirationPeriod != null && expirationPeriod < 0) {
throw new IllegalCmdParamException("invalid expirationPeriod: " + expirationPeriod);
} else {
entry.setExpirationPeriod(expirationPeriod);
}
if (keepExpiredCertInDays != null) {
entry.setKeepExpiredCertInDays(keepExpiredCertInDays);
}
if (certFile != null) {
entry.setCert(X509Util.parseCert(certFile));
}
if (signerConf != null) {
String tmpSignerType = signerType;
if (tmpSignerType == null) {
CaEntry caEntry = caManager.getCa(caName);
if (caEntry == null) {
throw new IllegalCmdParamException("please specify the signerType");
}
tmpSignerType = caEntry.getSignerType();
}
signerConf = ShellUtil.canonicalizeSignerConf(tmpSignerType, signerConf, passwordResolver, securityFactory);
entry.setSignerConf(signerConf);
}
if (duplicateKeyS != null) {
boolean permitted = isEnabled(duplicateKeyS, true, "duplicate-key");
entry.setDuplicateKeyPermitted(permitted);
}
if (duplicateSubjectS != null) {
boolean permitted = isEnabled(duplicateSubjectS, true, "duplicate-subject");
entry.setDuplicateSubjectPermitted(permitted);
}
if (saveReqS != null) {
boolean saveReq = isEnabled(saveReqS, true, "save-req");
entry.setSaveRequest(saveReq);
}
if (CollectionUtil.isNonEmpty(permissions)) {
int intPermission = ShellUtil.getPermission(permissions);
entry.setPermission(intPermission);
}
entry.setCrlUris(getUris(crlUris));
entry.setDeltaCrlUris(getUris(deltaCrlUris));
entry.setOcspUris(getUris(ocspUris));
entry.setCaCertUris(getUris(caCertUris));
if (validityModeS != null) {
ValidityMode validityMode = ValidityMode.forName(validityModeS);
entry.setValidityMode(validityMode);
}
if (maxValidity != null) {
entry.setMaxValidity(CertValidity.getInstance(maxValidity));
}
if (crlSignerName != null) {
entry.setCrlSignerName(crlSignerName);
}
if (cmpControlName != null) {
entry.setCmpControlName(cmpControlName);
}
if (responderName != null) {
entry.setResponderName(responderName);
}
if (extraControl != null) {
entry.setExtraControl(new ConfPairs(extraControl).unmodifiable());
}
if (numCrls != null) {
entry.setNumCrls(numCrls);
}
return entry;
}
Aggregations