Examples with CaMgmtException org.xipki.ca.server.mgmt.api.CaMgmtException used on opensource projects

Example 6 with CaMgmtException

use of org.xipki.ca.server.mgmt.api.CaMgmtException in project xipki by xipki.

the class CaManagerImpl method removeRequestorFromCa.

// method changeRequestor
@Override
public void removeRequestorFromCa(String requestorName, String caName) throws CaMgmtException {
    requestorName = ParamUtil.requireNonBlank("requestorName", requestorName).toLowerCase();
    caName = ParamUtil.requireNonBlank("caName", caName).toLowerCase();
    asssertMasterMode();
    if (requestorName.equals(RequestorInfo.NAME_BY_CA) || requestorName.equals(RequestorInfo.NAME_BY_USER)) {
        throw new CaMgmtException(concat("removing requestor ", requestorName, " is not permitted"));
    }
    queryExecutor.removeRequestorFromCa(requestorName, caName);
    if (caHasRequestors.containsKey(caName)) {
        Set<CaHasRequestorEntry> entries = caHasRequestors.get(caName);
        CaHasRequestorEntry entry = null;
        for (CaHasRequestorEntry m : entries) {
            if (m.getRequestorIdent().getName().equals(requestorName)) {
                entry = m;
            }
        }
        entries.remove(entry);
    }
}

Example 7 with CaMgmtException

use of org.xipki.ca.server.mgmt.api.CaMgmtException in project xipki by xipki.

the class CaManagerImpl method addRequestor.

@Override
public void addRequestor(RequestorEntry dbEntry) throws CaMgmtException {
    ParamUtil.requireNonNull("dbEntry", dbEntry);
    asssertMasterMode();
    String name = dbEntry.getIdent().getName();
    if (requestorDbEntries.containsKey(name)) {
        throw new CaMgmtException(concat("Requestor named ", name, " exists"));
    }
    RequestorEntryWrapper requestor = new RequestorEntryWrapper();
    requestor.setDbEntry(dbEntry);
    queryExecutor.addRequestor(dbEntry);
    idNameMap.addRequestor(dbEntry.getIdent());
    requestorDbEntries.put(name, dbEntry);
    requestors.put(name, requestor);
}

Example 8 with CaMgmtException

use of org.xipki.ca.server.mgmt.api.CaMgmtException in project xipki by xipki.

the class CaManagerImpl method generateRootCa.

// method getIdentifiedPublishersForCa
@Override
public X509Certificate generateRootCa(X509CaEntry caEntry, String profileName, byte[] encodedCsr, BigInteger serialNumber) throws CaMgmtException {
    ParamUtil.requireNonNull("caEntry", caEntry);
    profileName = ParamUtil.requireNonBlank("profileName", profileName).toLowerCase();
    ParamUtil.requireNonNull("encodedCsr", encodedCsr);
    int numCrls = caEntry.getNumCrls();
    List<String> crlUris = caEntry.getCrlUris();
    List<String> deltaCrlUris = caEntry.getDeltaCrlUris();
    List<String> ocspUris = caEntry.getOcspUris();
    List<String> caCertUris = caEntry.getCaCertUris();
    String signerType = caEntry.getSignerType();
    asssertMasterMode();
    if (numCrls < 0) {
        System.err.println("invalid numCrls: " + numCrls);
        return null;
    }
    int expirationPeriod = caEntry.getExpirationPeriod();
    if (expirationPeriod < 0) {
        System.err.println("invalid expirationPeriod: " + expirationPeriod);
        return null;
    }
    CertificationRequest csr;
    try {
        csr = CertificationRequest.getInstance(encodedCsr);
    } catch (Exception ex) {
        System.err.println("invalid encodedCsr");
        return null;
    }
    IdentifiedX509Certprofile certprofile = getIdentifiedCertprofile(profileName);
    if (certprofile == null) {
        throw new CaMgmtException(concat("unknown certprofile ", profileName));
    }
    BigInteger serialOfThisCert = (serialNumber != null) ? serialNumber : RandomSerialNumberGenerator.getInstance().nextSerialNumber(caEntry.getSerialNoBitLen());
    GenerateSelfSignedResult result;
    try {
        result = X509SelfSignedCertBuilder.generateSelfSigned(securityFactory, signerType, caEntry.getSignerConf(), certprofile, csr, serialOfThisCert, caCertUris, ocspUris, crlUris, deltaCrlUris, caEntry.getExtraControl());
    } catch (OperationException | InvalidConfException ex) {
        throw new CaMgmtException(concat(ex.getClass().getName(), ": ", ex.getMessage()), ex);
    }
    String signerConf = result.getSignerConf();
    X509Certificate caCert = result.getCert();
    if ("PKCS12".equalsIgnoreCase(signerType) || "JKS".equalsIgnoreCase(signerType)) {
        try {
            signerConf = canonicalizeSignerConf(signerType, signerConf, new X509Certificate[] { caCert }, securityFactory);
        } catch (Exception ex) {
            throw new CaMgmtException(concat(ex.getClass().getName(), ": ", ex.getMessage()), ex);
        }
    }
    X509CaUris caUris = new X509CaUris(caCertUris, ocspUris, crlUris, deltaCrlUris);
    String name = caEntry.getIdent().getName();
    long nextCrlNumber = caEntry.getNextCrlNumber();
    CaStatus status = caEntry.getStatus();
    X509CaEntry entry = new X509CaEntry(new NameId(null, name), caEntry.getSerialNoBitLen(), nextCrlNumber, signerType, signerConf, caUris, numCrls, expirationPeriod);
    entry.setCert(caCert);
    entry.setCmpControlName(caEntry.getCmpControlName());
    entry.setCrlSignerName(caEntry.getCrlSignerName());
    entry.setDuplicateKeyPermitted(caEntry.isDuplicateKeyPermitted());
    entry.setDuplicateSubjectPermitted(caEntry.isDuplicateSubjectPermitted());
    entry.setExtraControl(caEntry.getExtraControl());
    entry.setKeepExpiredCertInDays(caEntry.getKeepExpiredCertInDays());
    entry.setMaxValidity(caEntry.getMaxValidity());
    entry.setPermission(caEntry.getPermission());
    entry.setResponderName(caEntry.getResponderName());
    entry.setSaveRequest(caEntry.isSaveRequest());
    entry.setStatus(status);
    entry.setValidityMode(caEntry.getValidityMode());
    addCa(entry);
    return caCert;
}

Example 9 with CaMgmtException

use of org.xipki.ca.server.mgmt.api.CaMgmtException in project xipki by xipki.

the class CaManagerImpl method changeCertprofile.

// method removeCertprofile
@Override
public void changeCertprofile(String name, String type, String conf) throws CaMgmtException {
    name = ParamUtil.requireNonBlank("name", name).toLowerCase();
    if (type == null && conf == null) {
        throw new IllegalArgumentException("type and conf cannot be both null");
    }
    NameId ident = idNameMap.getCertprofile(name);
    if (ident == null) {
        String msg = concat("unknown Certprofile ", name);
        LOG.warn(msg);
        throw new CaMgmtException(msg);
    }
    asssertMasterMode();
    IdentifiedX509Certprofile profile = queryExecutor.changeCertprofile(ident, type, conf, this);
    certprofileDbEntries.remove(name);
    IdentifiedX509Certprofile oldProfile = certprofiles.remove(name);
    certprofileDbEntries.put(name, profile.getDbEntry());
    certprofiles.put(name, profile);
    if (oldProfile != null) {
        shutdownCertprofile(oldProfile);
    }
}

Example 10 with CaMgmtException

use of org.xipki.ca.server.mgmt.api.CaMgmtException in project xipki by xipki.

the class CaManagerImpl method changeRequestor.

// method removeRequestor
@Override
public void changeRequestor(String name, String base64Cert) throws CaMgmtException {
    ParamUtil.requireNonNull("base64Cert", base64Cert);
    name = ParamUtil.requireNonBlank("name", name).toLowerCase();
    asssertMasterMode();
    NameId ident = idNameMap.getRequestor(name);
    if (ident == null) {
        String msg = concat("unknown requestor ", name);
        LOG.warn(msg);
        throw new CaMgmtException(msg);
    }
    RequestorEntryWrapper requestor = queryExecutor.changeRequestor(ident, base64Cert);
    requestorDbEntries.remove(name);
    requestors.remove(name);
    requestorDbEntries.put(name, requestor.getDbEntry());
    requestors.put(name, requestor);
}