use of org.xipki.ca.client.api.CertIdOrError in project xipki by xipki.
the class RevokeCertCmd method execute0.
@Override
protected Object execute0() throws Exception {
if (!(certFile == null ^ getSerialNumber() == null)) {
throw new IllegalCmdParamException("exactly one of cert and serial must be specified");
}
CrlReason crlReason = CrlReason.forNameOrText(reason);
if (!CrlReason.PERMITTED_CLIENT_CRLREASONS.contains(crlReason)) {
throw new IllegalCmdParamException("reason " + reason + " is not permitted");
}
CertIdOrError certIdOrError;
Date invalidityDate = null;
if (isNotBlank(invalidityDateS)) {
invalidityDate = DateUtil.parseUtcTimeyyyyMMddhhmmss(invalidityDateS);
}
if (certFile != null) {
X509Certificate cert = X509Util.parseCert(certFile);
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.revokeCert(caName, cert, crlReason.getCode(), invalidityDate, debug);
} finally {
saveRequestResponse(debug);
}
} else {
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.revokeCert(caName, getSerialNumber(), crlReason.getCode(), invalidityDate, debug);
} finally {
saveRequestResponse(debug);
}
}
if (certIdOrError.getError() != null) {
PkiStatusInfo error = certIdOrError.getError();
throw new CmdFailure("revocation failed: " + error);
} else {
println("revoked certificate");
}
return null;
}
use of org.xipki.ca.client.api.CertIdOrError in project xipki by xipki.
the class CaClientImpl method unrevokeCert.
private CertIdOrError unrevokeCert(CaConf ca, BigInteger serial, RequestResponseDebug debug) throws CaClientException, PkiErrorException {
ParamUtil.requireNonNull("ca", ca);
ParamUtil.requireNonNull("serial", serial);
final String id = "cert-1";
UnrevokeOrRemoveCertEntry entry = new UnrevokeOrRemoveCertEntry(id, ca.getSubject(), serial);
if (ca.getCmpControl().isRrAkiRequired()) {
entry.setAuthorityKeyIdentifier(ca.getSubjectKeyIdentifier());
}
UnrevokeOrRemoveCertRequest request = new UnrevokeOrRemoveCertRequest();
request.addRequestEntry(entry);
Map<String, CertIdOrError> result = unrevokeCerts(request, debug);
return (result == null) ? null : result.get(id);
}
use of org.xipki.ca.client.api.CertIdOrError in project xipki by xipki.
the class CaClientImpl method revokeCert.
private CertIdOrError revokeCert(CaConf ca, BigInteger serial, int reason, Date invalidityDate, RequestResponseDebug debug) throws CaClientException, PkiErrorException {
ParamUtil.requireNonNull("ca", ca);
ParamUtil.requireNonNull("serial", serial);
final String id = "cert-1";
RevokeCertRequestEntry entry = new RevokeCertRequestEntry(id, ca.getSubject(), serial, reason, invalidityDate);
if (ca.getCmpControl().isRrAkiRequired()) {
entry.setAuthorityKeyIdentifier(ca.getSubjectKeyIdentifier());
}
RevokeCertRequest request = new RevokeCertRequest();
request.addRequestEntry(entry);
Map<String, CertIdOrError> result = revokeCerts(request, debug);
return (result == null) ? null : result.get(id);
}
use of org.xipki.ca.client.api.CertIdOrError in project xipki by xipki.
the class RemoveCertCmd method execute0.
@Override
protected Object execute0() throws Exception {
if (!(certFile == null ^ getSerialNumber() == null)) {
throw new IllegalCmdParamException("exactly one of cert and serial must be specified");
}
CertIdOrError certIdOrError;
if (certFile != null) {
X509Certificate cert = X509Util.parseCert(certFile);
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.removeCert(caName, cert, debug);
} finally {
saveRequestResponse(debug);
}
} else {
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.removeCert(caName, getSerialNumber(), debug);
} finally {
saveRequestResponse(debug);
}
}
if (certIdOrError.getError() != null) {
PkiStatusInfo error = certIdOrError.getError();
throw new CmdFailure("removing certificate failed: " + error);
} else {
println("removed certificate");
}
return null;
}
use of org.xipki.ca.client.api.CertIdOrError in project xipki by xipki.
the class UnrevokeCertCmd method execute0.
@Override
protected Object execute0() throws Exception {
if (!(certFile == null ^ getSerialNumber() == null)) {
throw new IllegalCmdParamException("exactly one of cert and serial must be specified");
}
CertIdOrError certIdOrError;
if (certFile != null) {
X509Certificate cert = X509Util.parseCert(certFile);
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.unrevokeCert(caName, cert, debug);
} finally {
saveRequestResponse(debug);
}
} else {
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.unrevokeCert(caName, getSerialNumber(), debug);
} finally {
saveRequestResponse(debug);
}
}
if (certIdOrError.getError() != null) {
PkiStatusInfo error = certIdOrError.getError();
throw new CmdFailure("releasing revocation failed: " + error);
} else {
println("unrevoked certificate");
}
return null;
}
Aggregations