Search in sources :

Example 1 with CertIdOrError

use of org.xipki.ca.client.api.CertIdOrError in project xipki by xipki.

the class RevokeCertCmd method execute0.

@Override
protected Object execute0() throws Exception {
    if (!(certFile == null ^ getSerialNumber() == null)) {
        throw new IllegalCmdParamException("exactly one of cert and serial must be specified");
    }
    CrlReason crlReason = CrlReason.forNameOrText(reason);
    if (!CrlReason.PERMITTED_CLIENT_CRLREASONS.contains(crlReason)) {
        throw new IllegalCmdParamException("reason " + reason + " is not permitted");
    }
    CertIdOrError certIdOrError;
    Date invalidityDate = null;
    if (isNotBlank(invalidityDateS)) {
        invalidityDate = DateUtil.parseUtcTimeyyyyMMddhhmmss(invalidityDateS);
    }
    if (certFile != null) {
        X509Certificate cert = X509Util.parseCert(certFile);
        RequestResponseDebug debug = getRequestResponseDebug();
        try {
            certIdOrError = caClient.revokeCert(caName, cert, crlReason.getCode(), invalidityDate, debug);
        } finally {
            saveRequestResponse(debug);
        }
    } else {
        RequestResponseDebug debug = getRequestResponseDebug();
        try {
            certIdOrError = caClient.revokeCert(caName, getSerialNumber(), crlReason.getCode(), invalidityDate, debug);
        } finally {
            saveRequestResponse(debug);
        }
    }
    if (certIdOrError.getError() != null) {
        PkiStatusInfo error = certIdOrError.getError();
        throw new CmdFailure("revocation failed: " + error);
    } else {
        println("revoked certificate");
    }
    return null;
}
Also used : RequestResponseDebug(org.xipki.common.RequestResponseDebug) CmdFailure(org.xipki.console.karaf.CmdFailure) IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException) CertIdOrError(org.xipki.ca.client.api.CertIdOrError) PkiStatusInfo(org.xipki.cmp.PkiStatusInfo) CrlReason(org.xipki.security.CrlReason) Date(java.util.Date) X509Certificate(java.security.cert.X509Certificate)

Example 2 with CertIdOrError

use of org.xipki.ca.client.api.CertIdOrError in project xipki by xipki.

the class CaClientImpl method unrevokeCert.

private CertIdOrError unrevokeCert(CaConf ca, BigInteger serial, RequestResponseDebug debug) throws CaClientException, PkiErrorException {
    ParamUtil.requireNonNull("ca", ca);
    ParamUtil.requireNonNull("serial", serial);
    final String id = "cert-1";
    UnrevokeOrRemoveCertEntry entry = new UnrevokeOrRemoveCertEntry(id, ca.getSubject(), serial);
    if (ca.getCmpControl().isRrAkiRequired()) {
        entry.setAuthorityKeyIdentifier(ca.getSubjectKeyIdentifier());
    }
    UnrevokeOrRemoveCertRequest request = new UnrevokeOrRemoveCertRequest();
    request.addRequestEntry(entry);
    Map<String, CertIdOrError> result = unrevokeCerts(request, debug);
    return (result == null) ? null : result.get(id);
}
Also used : UnrevokeOrRemoveCertRequest(org.xipki.ca.client.api.dto.UnrevokeOrRemoveCertRequest) CertIdOrError(org.xipki.ca.client.api.CertIdOrError) UnrevokeOrRemoveCertEntry(org.xipki.ca.client.api.dto.UnrevokeOrRemoveCertEntry)

Example 3 with CertIdOrError

use of org.xipki.ca.client.api.CertIdOrError in project xipki by xipki.

the class CaClientImpl method revokeCert.

private CertIdOrError revokeCert(CaConf ca, BigInteger serial, int reason, Date invalidityDate, RequestResponseDebug debug) throws CaClientException, PkiErrorException {
    ParamUtil.requireNonNull("ca", ca);
    ParamUtil.requireNonNull("serial", serial);
    final String id = "cert-1";
    RevokeCertRequestEntry entry = new RevokeCertRequestEntry(id, ca.getSubject(), serial, reason, invalidityDate);
    if (ca.getCmpControl().isRrAkiRequired()) {
        entry.setAuthorityKeyIdentifier(ca.getSubjectKeyIdentifier());
    }
    RevokeCertRequest request = new RevokeCertRequest();
    request.addRequestEntry(entry);
    Map<String, CertIdOrError> result = revokeCerts(request, debug);
    return (result == null) ? null : result.get(id);
}
Also used : RevokeCertRequestEntry(org.xipki.ca.client.api.dto.RevokeCertRequestEntry) CertIdOrError(org.xipki.ca.client.api.CertIdOrError) RevokeCertRequest(org.xipki.ca.client.api.dto.RevokeCertRequest)

Example 4 with CertIdOrError

use of org.xipki.ca.client.api.CertIdOrError in project xipki by xipki.

the class RemoveCertCmd method execute0.

@Override
protected Object execute0() throws Exception {
    if (!(certFile == null ^ getSerialNumber() == null)) {
        throw new IllegalCmdParamException("exactly one of cert and serial must be specified");
    }
    CertIdOrError certIdOrError;
    if (certFile != null) {
        X509Certificate cert = X509Util.parseCert(certFile);
        RequestResponseDebug debug = getRequestResponseDebug();
        try {
            certIdOrError = caClient.removeCert(caName, cert, debug);
        } finally {
            saveRequestResponse(debug);
        }
    } else {
        RequestResponseDebug debug = getRequestResponseDebug();
        try {
            certIdOrError = caClient.removeCert(caName, getSerialNumber(), debug);
        } finally {
            saveRequestResponse(debug);
        }
    }
    if (certIdOrError.getError() != null) {
        PkiStatusInfo error = certIdOrError.getError();
        throw new CmdFailure("removing certificate failed: " + error);
    } else {
        println("removed certificate");
    }
    return null;
}
Also used : RequestResponseDebug(org.xipki.common.RequestResponseDebug) CmdFailure(org.xipki.console.karaf.CmdFailure) IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException) CertIdOrError(org.xipki.ca.client.api.CertIdOrError) PkiStatusInfo(org.xipki.cmp.PkiStatusInfo) X509Certificate(java.security.cert.X509Certificate)

Example 5 with CertIdOrError

use of org.xipki.ca.client.api.CertIdOrError in project xipki by xipki.

the class UnrevokeCertCmd method execute0.

@Override
protected Object execute0() throws Exception {
    if (!(certFile == null ^ getSerialNumber() == null)) {
        throw new IllegalCmdParamException("exactly one of cert and serial must be specified");
    }
    CertIdOrError certIdOrError;
    if (certFile != null) {
        X509Certificate cert = X509Util.parseCert(certFile);
        RequestResponseDebug debug = getRequestResponseDebug();
        try {
            certIdOrError = caClient.unrevokeCert(caName, cert, debug);
        } finally {
            saveRequestResponse(debug);
        }
    } else {
        RequestResponseDebug debug = getRequestResponseDebug();
        try {
            certIdOrError = caClient.unrevokeCert(caName, getSerialNumber(), debug);
        } finally {
            saveRequestResponse(debug);
        }
    }
    if (certIdOrError.getError() != null) {
        PkiStatusInfo error = certIdOrError.getError();
        throw new CmdFailure("releasing revocation failed: " + error);
    } else {
        println("unrevoked certificate");
    }
    return null;
}
Also used : RequestResponseDebug(org.xipki.common.RequestResponseDebug) CmdFailure(org.xipki.console.karaf.CmdFailure) IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException) CertIdOrError(org.xipki.ca.client.api.CertIdOrError) PkiStatusInfo(org.xipki.cmp.PkiStatusInfo) X509Certificate(java.security.cert.X509Certificate)

Aggregations

CertIdOrError (org.xipki.ca.client.api.CertIdOrError)7 X509Certificate (java.security.cert.X509Certificate)3 PkiStatusInfo (org.xipki.cmp.PkiStatusInfo)3 RequestResponseDebug (org.xipki.common.RequestResponseDebug)3 CmdFailure (org.xipki.console.karaf.CmdFailure)3 IllegalCmdParamException (org.xipki.console.karaf.IllegalCmdParamException)3 UnrevokeOrRemoveCertEntry (org.xipki.ca.client.api.dto.UnrevokeOrRemoveCertEntry)2 UnrevokeOrRemoveCertRequest (org.xipki.ca.client.api.dto.UnrevokeOrRemoveCertRequest)2 Date (java.util.Date)1 HashMap (java.util.HashMap)1 CaClientException (org.xipki.ca.client.api.CaClientException)1 EnrollCertResultEntry (org.xipki.ca.client.api.dto.EnrollCertResultEntry)1 ErrorResultEntry (org.xipki.ca.client.api.dto.ErrorResultEntry)1 ResultEntry (org.xipki.ca.client.api.dto.ResultEntry)1 RevokeCertRequest (org.xipki.ca.client.api.dto.RevokeCertRequest)1 RevokeCertRequestEntry (org.xipki.ca.client.api.dto.RevokeCertRequestEntry)1 RevokeCertResultEntry (org.xipki.ca.client.api.dto.RevokeCertResultEntry)1 CrlReason (org.xipki.security.CrlReason)1