Example 1 with CertIdOrError
use of org.xipki.ca.client.api.CertIdOrError in project xipki by xipki.
the class RevokeCertCmd method execute0.
@Override
protected Object execute0() throws Exception {
if (!(certFile == null ^ getSerialNumber() == null)) {
throw new IllegalCmdParamException("exactly one of cert and serial must be specified");
}
CrlReason crlReason = CrlReason.forNameOrText(reason);
if (!CrlReason.PERMITTED_CLIENT_CRLREASONS.contains(crlReason)) {
throw new IllegalCmdParamException("reason " + reason + " is not permitted");
}
CertIdOrError certIdOrError;
Date invalidityDate = null;
if (isNotBlank(invalidityDateS)) {
invalidityDate = DateUtil.parseUtcTimeyyyyMMddhhmmss(invalidityDateS);
}
if (certFile != null) {
X509Certificate cert = X509Util.parseCert(certFile);
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.revokeCert(caName, cert, crlReason.getCode(), invalidityDate, debug);
} finally {
saveRequestResponse(debug);
}
} else {
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.revokeCert(caName, getSerialNumber(), crlReason.getCode(), invalidityDate, debug);
} finally {
saveRequestResponse(debug);
}
}
if (certIdOrError.getError() != null) {
PkiStatusInfo error = certIdOrError.getError();
throw new CmdFailure("revocation failed: " + error);
} else {
println("revoked certificate");
}
return null;
}
Also used :
RequestResponseDebug(org.xipki.common.RequestResponseDebug)
CmdFailure(org.xipki.console.karaf.CmdFailure)
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
CertIdOrError(org.xipki.ca.client.api.CertIdOrError)
PkiStatusInfo(org.xipki.cmp.PkiStatusInfo)
CrlReason(org.xipki.security.CrlReason)
Date(java.util.Date)
X509Certificate(java.security.cert.X509Certificate)
Example 2 with CertIdOrError
use of org.xipki.ca.client.api.CertIdOrError in project xipki by xipki.
the class CaClientImpl method unrevokeCert.
private CertIdOrError unrevokeCert(CaConf ca, BigInteger serial, RequestResponseDebug debug) throws CaClientException, PkiErrorException {
ParamUtil.requireNonNull("ca", ca);
ParamUtil.requireNonNull("serial", serial);
final String id = "cert-1";
UnrevokeOrRemoveCertEntry entry = new UnrevokeOrRemoveCertEntry(id, ca.getSubject(), serial);
if (ca.getCmpControl().isRrAkiRequired()) {
entry.setAuthorityKeyIdentifier(ca.getSubjectKeyIdentifier());
}
UnrevokeOrRemoveCertRequest request = new UnrevokeOrRemoveCertRequest();
request.addRequestEntry(entry);
Map<String, CertIdOrError> result = unrevokeCerts(request, debug);
return (result == null) ? null : result.get(id);
}
Also used :
UnrevokeOrRemoveCertRequest(org.xipki.ca.client.api.dto.UnrevokeOrRemoveCertRequest)
CertIdOrError(org.xipki.ca.client.api.CertIdOrError)
UnrevokeOrRemoveCertEntry(org.xipki.ca.client.api.dto.UnrevokeOrRemoveCertEntry)
Example 3 with CertIdOrError
use of org.xipki.ca.client.api.CertIdOrError in project xipki by xipki.
the class CaClientImpl method revokeCert.
private CertIdOrError revokeCert(CaConf ca, BigInteger serial, int reason, Date invalidityDate, RequestResponseDebug debug) throws CaClientException, PkiErrorException {
ParamUtil.requireNonNull("ca", ca);
ParamUtil.requireNonNull("serial", serial);
final String id = "cert-1";
RevokeCertRequestEntry entry = new RevokeCertRequestEntry(id, ca.getSubject(), serial, reason, invalidityDate);
if (ca.getCmpControl().isRrAkiRequired()) {
entry.setAuthorityKeyIdentifier(ca.getSubjectKeyIdentifier());
}
RevokeCertRequest request = new RevokeCertRequest();
request.addRequestEntry(entry);
Map<String, CertIdOrError> result = revokeCerts(request, debug);
return (result == null) ? null : result.get(id);
}
Also used :
RevokeCertRequestEntry(org.xipki.ca.client.api.dto.RevokeCertRequestEntry)
CertIdOrError(org.xipki.ca.client.api.CertIdOrError)
RevokeCertRequest(org.xipki.ca.client.api.dto.RevokeCertRequest)
Example 4 with CertIdOrError
use of org.xipki.ca.client.api.CertIdOrError in project xipki by xipki.
the class RemoveCertCmd method execute0.
@Override
protected Object execute0() throws Exception {
if (!(certFile == null ^ getSerialNumber() == null)) {
throw new IllegalCmdParamException("exactly one of cert and serial must be specified");
}
CertIdOrError certIdOrError;
if (certFile != null) {
X509Certificate cert = X509Util.parseCert(certFile);
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.removeCert(caName, cert, debug);
} finally {
saveRequestResponse(debug);
}
} else {
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.removeCert(caName, getSerialNumber(), debug);
} finally {
saveRequestResponse(debug);
}
}
if (certIdOrError.getError() != null) {
PkiStatusInfo error = certIdOrError.getError();
throw new CmdFailure("removing certificate failed: " + error);
} else {
println("removed certificate");
}
return null;
}
Also used :
RequestResponseDebug(org.xipki.common.RequestResponseDebug)
CmdFailure(org.xipki.console.karaf.CmdFailure)
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
CertIdOrError(org.xipki.ca.client.api.CertIdOrError)
PkiStatusInfo(org.xipki.cmp.PkiStatusInfo)
X509Certificate(java.security.cert.X509Certificate)
Example 5 with CertIdOrError
use of org.xipki.ca.client.api.CertIdOrError in project xipki by xipki.
the class UnrevokeCertCmd method execute0.
@Override
protected Object execute0() throws Exception {
if (!(certFile == null ^ getSerialNumber() == null)) {
throw new IllegalCmdParamException("exactly one of cert and serial must be specified");
}
CertIdOrError certIdOrError;
if (certFile != null) {
X509Certificate cert = X509Util.parseCert(certFile);
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.unrevokeCert(caName, cert, debug);
} finally {
saveRequestResponse(debug);
}
} else {
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.unrevokeCert(caName, getSerialNumber(), debug);
} finally {
saveRequestResponse(debug);
}
}
if (certIdOrError.getError() != null) {
PkiStatusInfo error = certIdOrError.getError();
throw new CmdFailure("releasing revocation failed: " + error);
} else {
println("unrevoked certificate");
}
return null;
}
Also used :
RequestResponseDebug(org.xipki.common.RequestResponseDebug)
CmdFailure(org.xipki.console.karaf.CmdFailure)
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
CertIdOrError(org.xipki.ca.client.api.CertIdOrError)
PkiStatusInfo(org.xipki.cmp.PkiStatusInfo)
X509Certificate(java.security.cert.X509Certificate)
Aggregations
CertIdOrError (org.xipki.ca.client.api.CertIdOrError)7
X509Certificate (java.security.cert.X509Certificate)3
PkiStatusInfo (org.xipki.cmp.PkiStatusInfo)3
RequestResponseDebug (org.xipki.common.RequestResponseDebug)3
CmdFailure (org.xipki.console.karaf.CmdFailure)3
IllegalCmdParamException (org.xipki.console.karaf.IllegalCmdParamException)3
UnrevokeOrRemoveCertEntry (org.xipki.ca.client.api.dto.UnrevokeOrRemoveCertEntry)2
UnrevokeOrRemoveCertRequest (org.xipki.ca.client.api.dto.UnrevokeOrRemoveCertRequest)2
Date (java.util.Date)1
HashMap (java.util.HashMap)1
CaClientException (org.xipki.ca.client.api.CaClientException)1
EnrollCertResultEntry (org.xipki.ca.client.api.dto.EnrollCertResultEntry)1
ErrorResultEntry (org.xipki.ca.client.api.dto.ErrorResultEntry)1
ResultEntry (org.xipki.ca.client.api.dto.ResultEntry)1
RevokeCertRequest (org.xipki.ca.client.api.dto.RevokeCertRequest)1
RevokeCertRequestEntry (org.xipki.ca.client.api.dto.RevokeCertRequestEntry)1
RevokeCertResultEntry (org.xipki.ca.client.api.dto.RevokeCertResultEntry)1
CrlReason (org.xipki.security.CrlReason)1
