Examples with X509CertWithRevocationInfo org.xipki.ca.server.impl.store.X509CertWithRevocationInfo used on opensource projects

Search in sources :

Example 6 with X509CertWithRevocationInfo

use of org.xipki.ca.server.impl.store.X509CertWithRevocationInfo in project xipki by xipki.

the class X509Ca method revokeCa.

// method shouldPublishToDeltaCrlCache
public void revokeCa(CertRevocationInfo revocationInfo, String msgId) throws OperationException {
    ParamUtil.requireNonNull("revocationInfo", revocationInfo);
    caInfo.setRevocationInfo(revocationInfo);
    if (caInfo.isSelfSigned()) {
        AuditEvent event = newPerfAuditEvent(CaAuditConstants.TYPE_revoke_cert, msgId);
        boolean successful = true;
        try {
            X509CertWithRevocationInfo ret = revokeCertificate0(caInfo.getSerialNumber(), revocationInfo.getReason(), revocationInfo.getInvalidityTime(), true, event);
            successful = (ret != null);
        } finally {
            finish(event, successful);
        }
    }
    boolean failed = false;
    for (IdentifiedX509CertPublisher publisher : publishers()) {
        NameId ident = publisher.getIdent();
        boolean successful = publisher.caRevoked(caCert, revocationInfo);
        if (successful) {
            LOG.info("published event caRevoked of CA {} to publisher {}", caIdent, ident);
        } else {
            failed = true;
            LOG.error("could not publish event caRevoked of CA {} to publisher {}", caIdent, ident);
        }
    }
    if (failed) {
        final String message = "could not event caRevoked of CA " + caIdent + " to at least one publisher";
        throw new OperationException(ErrorCode.SYSTEM_FAILURE, message);
    }
}
Also used : NameId(org.xipki.ca.api.NameId) AuditEvent(org.xipki.audit.AuditEvent) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) X509CertWithRevocationInfo(org.xipki.ca.server.impl.store.X509CertWithRevocationInfo) OperationException(org.xipki.ca.api.OperationException)

Example 7 with X509CertWithRevocationInfo

use of org.xipki.ca.server.impl.store.X509CertWithRevocationInfo in project xipki by xipki.

the class X509Ca method revokeSuspendedCert0.

private X509CertWithRevocationInfo revokeSuspendedCert0(BigInteger serialNumber, CrlReason reason, AuditEvent event) throws OperationException {
    String hexSerial = LogUtil.formatCsn(serialNumber);
    event.addEventData(CaAuditConstants.NAME_serial, hexSerial);
    event.addEventData(CaAuditConstants.NAME_reason, reason.getDescription());
    if (LOG.isInfoEnabled()) {
        LOG.info("     START revokeSuspendedCert: ca={}, serialNumber={}, reason={}", caIdent, hexSerial, reason.getDescription());
    }
    X509CertWithRevocationInfo revokedCert = certstore.revokeSuspendedCert(caIdent, serialNumber, reason, shouldPublishToDeltaCrlCache(), caIdNameMap);
    if (revokedCert == null) {
        return null;
    }
    for (IdentifiedX509CertPublisher publisher : publishers()) {
        if (!publisher.isAsyn()) {
            boolean successful;
            try {
                successful = publisher.certificateRevoked(caCert, revokedCert.getCert(), revokedCert.getCertprofile(), revokedCert.getRevInfo());
            } catch (RuntimeException ex) {
                successful = false;
                LogUtil.error(LOG, ex, "could not publish revocation of certificate to the publisher " + publisher.getIdent());
            }
            if (successful) {
                continue;
            }
        }
        // end if
        Long certId = revokedCert.getCert().getCertId();
        try {
            certstore.addToPublishQueue(publisher.getIdent(), certId.longValue(), caIdent);
        } catch (Throwable th) {
            LogUtil.error(LOG, th, "could not add entry to PublishQueue");
        }
    }
    if (LOG.isInfoEnabled()) {
        LOG.info("SUCCESSFUL revokeSuspendedCert: ca={}, serialNumber={}, reason={}", caIdent, hexSerial, reason.getDescription());
    }
    return revokedCert;
}
Also used : DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) X509CertWithRevocationInfo(org.xipki.ca.server.impl.store.X509CertWithRevocationInfo)

Aggregations

X509CertWithRevocationInfo (org.xipki.ca.server.impl.store.X509CertWithRevocationInfo)7 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)3 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)3 AuditEvent (org.xipki.audit.AuditEvent)3 OperationException (org.xipki.ca.api.OperationException)3 CertificateException (java.security.cert.CertificateException)1 X509Certificate (java.security.cert.X509Certificate)1 Date (java.util.Date)1 NameId (org.xipki.ca.api.NameId)1 X509CertWithDbId (org.xipki.ca.api.X509CertWithDbId)1 CaMgmtException (org.xipki.ca.server.mgmt.api.CaMgmtException)1 CertWithStatusInfo (org.xipki.ca.server.mgmt.api.x509.CertWithStatusInfo)1 CertRevocationInfo (org.xipki.security.CertRevocationInfo)1 CrlReason (org.xipki.security.CrlReason)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial