Examples with NameId org.xipki.ca.api.NameId used on opensource projects

Example 11 with NameId

use of org.xipki.ca.api.NameId in project xipki by xipki.

the class X509Ca method unrevokeCa.

// method revokeCa
public void unrevokeCa(String msgId) throws OperationException {
    caInfo.setRevocationInfo(null);
    if (caInfo.isSelfSigned()) {
        AuditEvent event = newPerfAuditEvent(CaAuditConstants.TYPE_unrevoke_cert, msgId);
        boolean successful = true;
        try {
            unrevokeCertificate0(caInfo.getSerialNumber(), true, event);
            successful = true;
        } finally {
            finish(event, successful);
        }
    }
    boolean failed = false;
    for (IdentifiedX509CertPublisher publisher : publishers()) {
        NameId ident = publisher.getIdent();
        boolean successful = publisher.caUnrevoked(caCert);
        if (successful) {
            LOG.info("published event caUnrevoked of CA {} to publisher {}", caIdent, ident);
        } else {
            failed = true;
            LOG.error("could not publish event caUnrevoked of CA {} to publisher {}", caIdent, ident);
        }
    }
    if (failed) {
        final String message = "could not event caUnrevoked of CA " + caIdent + " to at least one publisher";
        throw new OperationException(ErrorCode.SYSTEM_FAILURE, message);
    }
}

Example 12 with NameId

use of org.xipki.ca.api.NameId in project xipki by xipki.

the class CaManagerImpl method addCertprofileToCa.

// method removeCertprofileFromCa
@Override
public void addCertprofileToCa(String profileName, String caName) throws CaMgmtException {
    profileName = ParamUtil.requireNonBlank("profileName", profileName).toLowerCase();
    caName = ParamUtil.requireNonBlank("caName", caName).toLowerCase();
    asssertMasterMode();
    NameId ident = idNameMap.getCertprofile(profileName);
    if (ident == null) {
        String msg = concat("unknown CertProfile ", profileName);
        LOG.warn(msg);
        throw new CaMgmtException(msg);
    }
    NameId caIdent = idNameMap.getCa(caName);
    if (caIdent == null) {
        String msg = concat("unknown CA ", caName);
        LOG.warn(msg);
        throw new CaMgmtException(msg);
    }
    Set<String> set = caHasProfiles.get(caName);
    if (set == null) {
        set = new HashSet<>();
        caHasProfiles.put(caName, set);
    } else {
        if (set.contains(profileName)) {
            String msg = concat("CertProfile ", profileName, " already associated with CA ", caName);
            LOG.warn(msg);
            throw new CaMgmtException(msg);
        }
    }
    if (!certprofiles.containsKey(profileName)) {
        throw new CaMgmtException(concat("certprofile '", profileName, "' is faulty"));
    }
    queryExecutor.addCertprofileToCa(ident, caIdent);
    set.add(profileName);
}

Example 13 with NameId

use of org.xipki.ca.api.NameId in project xipki by xipki.

the class CaManagerImpl method initRequestors.

private void initRequestors() throws CaMgmtException {
    if (requestorsInitialized) {
        return;
    }
    idNameMap.clearRequestor();
    requestorDbEntries.clear();
    requestors.clear();
    List<String> names = queryExecutor.namesFromTable("REQUESTOR");
    for (String name : names) {
        if (RequestorInfo.NAME_BY_CA.equals(name)) {
            Integer id = queryExecutor.getRequestorId(name);
            NameId ident = new NameId(id, name);
            byCaRequestor = new ByCaRequestorInfo(ident);
            idNameMap.addRequestor(ident);
        } else if (RequestorInfo.NAME_BY_USER.equals(name)) {
            Integer id = queryExecutor.getRequestorId(name);
            byUserRequestorId = new NameId(id, name);
            idNameMap.addRequestor(byUserRequestorId);
        } else {
            RequestorEntry requestorDbEntry = queryExecutor.createRequestor(name);
            if (requestorDbEntry == null) {
                continue;
            }
            idNameMap.addRequestor(requestorDbEntry.getIdent());
            requestorDbEntries.put(name, requestorDbEntry);
            RequestorEntryWrapper requestor = new RequestorEntryWrapper();
            requestor.setDbEntry(requestorDbEntry);
            requestors.put(name, requestor);
        }
    }
    requestorsInitialized = true;
}

Example 14 with NameId

use of org.xipki.ca.api.NameId in project xipki by xipki.

the class UserAddCmd method execute0.

@Override
protected Object execute0() throws Exception {
    if (password == null) {
        password = new String(readPassword());
    }
    AddUserEntry userEntry = new AddUserEntry(new NameId(null, name), !inactive, password);
    String msg = "user " + name;
    try {
        caManager.addUser(userEntry);
        println("added " + msg);
        return null;
    } catch (CaMgmtException ex) {
        throw new CmdFailure("could not add " + msg + ", error: " + ex.getMessage(), ex);
    }
}

Example 15 with NameId

use of org.xipki.ca.api.NameId in project xipki by xipki.

the class CaUpdateCmd method getChangeCaEntry.

protected X509ChangeCaEntry getChangeCaEntry() throws Exception {
    X509ChangeCaEntry entry = new X509ChangeCaEntry(new NameId(null, caName));
    if (snBitLen != null) {
        ParamUtil.requireRange("sn-bitlen", snBitLen, 63, 159);
        entry.setSerialNoBitLen(snBitLen);
    }
    if (caStatus != null) {
        entry.setStatus(CaStatus.forName(caStatus));
    }
    if (expirationPeriod != null && expirationPeriod < 0) {
        throw new IllegalCmdParamException("invalid expirationPeriod: " + expirationPeriod);
    } else {
        entry.setExpirationPeriod(expirationPeriod);
    }
    if (keepExpiredCertInDays != null) {
        entry.setKeepExpiredCertInDays(keepExpiredCertInDays);
    }
    if (certFile != null) {
        entry.setCert(X509Util.parseCert(certFile));
    }
    if (signerConf != null) {
        String tmpSignerType = signerType;
        if (tmpSignerType == null) {
            CaEntry caEntry = caManager.getCa(caName);
            if (caEntry == null) {
                throw new IllegalCmdParamException("please specify the signerType");
            }
            tmpSignerType = caEntry.getSignerType();
        }
        signerConf = ShellUtil.canonicalizeSignerConf(tmpSignerType, signerConf, passwordResolver, securityFactory);
        entry.setSignerConf(signerConf);
    }
    if (duplicateKeyS != null) {
        boolean permitted = isEnabled(duplicateKeyS, true, "duplicate-key");
        entry.setDuplicateKeyPermitted(permitted);
    }
    if (duplicateSubjectS != null) {
        boolean permitted = isEnabled(duplicateSubjectS, true, "duplicate-subject");
        entry.setDuplicateSubjectPermitted(permitted);
    }
    if (saveReqS != null) {
        boolean saveReq = isEnabled(saveReqS, true, "save-req");
        entry.setSaveRequest(saveReq);
    }
    if (CollectionUtil.isNonEmpty(permissions)) {
        int intPermission = ShellUtil.getPermission(permissions);
        entry.setPermission(intPermission);
    }
    entry.setCrlUris(getUris(crlUris));
    entry.setDeltaCrlUris(getUris(deltaCrlUris));
    entry.setOcspUris(getUris(ocspUris));
    entry.setCaCertUris(getUris(caCertUris));
    if (validityModeS != null) {
        ValidityMode validityMode = ValidityMode.forName(validityModeS);
        entry.setValidityMode(validityMode);
    }
    if (maxValidity != null) {
        entry.setMaxValidity(CertValidity.getInstance(maxValidity));
    }
    if (crlSignerName != null) {
        entry.setCrlSignerName(crlSignerName);
    }
    if (cmpControlName != null) {
        entry.setCmpControlName(cmpControlName);
    }
    if (responderName != null) {
        entry.setResponderName(responderName);
    }
    if (extraControl != null) {
        entry.setExtraControl(new ConfPairs(extraControl).unmodifiable());
    }
    if (numCrls != null) {
        entry.setNumCrls(numCrls);
    }
    return entry;
}