use of org.xipki.ca.server.mgmt.api.CaMgmtException in project xipki by xipki.
the class CaManagerQueryExecutor method namesFromTable.
List<String> namesFromTable(String table, String nameColumn) throws CaMgmtException {
final String sql = concat("SELECT ", nameColumn, " FROM ", table);
Statement stmt = null;
ResultSet rs = null;
try {
stmt = createStatement();
rs = stmt.executeQuery(sql);
List<String> names = new LinkedList<>();
while (rs.next()) {
String name = rs.getString(nameColumn);
if (StringUtil.isNotBlank(name)) {
names.add(name);
}
}
return names;
} catch (SQLException ex) {
throw new CaMgmtException(datasource, sql, ex);
} finally {
datasource.releaseResources(stmt, rs);
}
}
use of org.xipki.ca.server.mgmt.api.CaMgmtException in project xipki by xipki.
the class CaManagerQueryExecutor method addCmpControl.
// method addCertprofileToCa
void addCmpControl(CmpControlEntry dbEntry) throws CaMgmtException {
ParamUtil.requireNonNull("dbEntry", dbEntry);
final String name = dbEntry.getName();
final String sql = "INSERT INTO CMPCONTROL (NAME,CONF) VALUES (?,?)";
PreparedStatement ps = null;
try {
ps = prepareStatement(sql);
int idx = 1;
ps.setString(idx++, name);
ps.setString(idx++, dbEntry.getConf());
if (ps.executeUpdate() == 0) {
throw new CaMgmtException("could not add CMP control " + name);
}
LOG.info("added CMP control: {}", dbEntry);
} catch (SQLException ex) {
throw new CaMgmtException(datasource, sql, ex);
} finally {
datasource.releaseResources(ps, null);
}
}
use of org.xipki.ca.server.mgmt.api.CaMgmtException in project xipki by xipki.
the class CaManagerQueryExecutor method addPublisherToCa.
// method addPublisher
void addPublisherToCa(NameId publisher, NameId ca) throws CaMgmtException {
final String sql = "INSERT INTO CA_HAS_PUBLISHER (CA_ID,PUBLISHER_ID) VALUES (?,?)";
PreparedStatement ps = null;
try {
ps = prepareStatement(sql);
ps.setInt(1, ca.getId());
ps.setInt(2, publisher.getId());
if (ps.executeUpdate() == 0) {
throw new CaMgmtException("could not add publisher " + publisher + " to CA " + ca);
}
LOG.info("added publisher '{}' to CA '{}'", publisher, ca);
} catch (SQLException ex) {
throw new CaMgmtException(datasource, sql, ex);
} finally {
datasource.releaseResources(ps, null);
}
}
use of org.xipki.ca.server.mgmt.api.CaMgmtException in project xipki by xipki.
the class CaManagerQueryExecutor method changeResponder.
// method changeRequestor
ResponderEntryWrapper changeResponder(String name, String type, String conf, String base64Cert, CaManagerImpl caManager, SecurityFactory securityFactory) throws CaMgmtException {
ParamUtil.requireNonBlank("name", name);
ParamUtil.requireNonNull("caManager", caManager);
StringBuilder sqlBuilder = new StringBuilder();
sqlBuilder.append("UPDATE RESPONDER SET ");
AtomicInteger index = new AtomicInteger(1);
Integer idxType = addToSqlIfNotNull(sqlBuilder, index, type, "TYPE");
Integer idxCert = addToSqlIfNotNull(sqlBuilder, index, base64Cert, "CERT");
Integer idxConf = addToSqlIfNotNull(sqlBuilder, index, conf, "CONF");
sqlBuilder.deleteCharAt(sqlBuilder.length() - 1);
sqlBuilder.append(" WHERE NAME=?");
if (index.get() == 1) {
throw new IllegalArgumentException("nothing to change");
}
ResponderEntry dbEntry = createResponder(name);
String tmpType = (type != null) ? type : dbEntry.getType();
String tmpConf;
if (conf == null) {
tmpConf = dbEntry.getConf();
} else {
tmpConf = CaManagerImpl.canonicalizeSignerConf(tmpType, conf, null, securityFactory);
}
String tmpBase64Cert;
if (base64Cert == null) {
tmpBase64Cert = dbEntry.getBase64Cert();
} else {
tmpBase64Cert = base64Cert;
}
ResponderEntry newDbEntry = new ResponderEntry(name, tmpType, tmpConf, tmpBase64Cert);
ResponderEntryWrapper responder = caManager.createResponder(newDbEntry);
final String sql = sqlBuilder.toString();
StringBuilder sb = new StringBuilder();
PreparedStatement ps = null;
try {
ps = prepareStatement(sql);
if (idxType != null) {
String txt = tmpType;
ps.setString(idxType, txt);
sb.append("type: '").append(txt).append("'; ");
}
if (idxConf != null) {
String txt = getRealString(tmpConf);
sb.append("conf: '").append(SignerConf.toString(txt, false, true));
ps.setString(idxConf, txt);
}
if (idxCert != null) {
String txt = getRealString(tmpBase64Cert);
sb.append("cert: '");
if (txt == null) {
sb.append("null");
} else {
try {
String subject = canonicalizName(X509Util.parseBase64EncodedCert(txt).getSubjectX500Principal());
sb.append(subject);
} catch (CertificateException ex) {
sb.append("ERROR");
}
}
sb.append("'; ");
ps.setString(idxCert, txt);
}
ps.setString(index.get(), name);
if (ps.executeUpdate() == 0) {
throw new CaMgmtException("could not change responder " + name);
}
if (sb.length() > 0) {
sb.deleteCharAt(sb.length() - 1).deleteCharAt(sb.length() - 1);
}
LOG.info("changed responder: {}", sb);
return responder;
} catch (SQLException ex) {
throw new CaMgmtException(datasource, sql, ex);
} finally {
datasource.releaseResources(ps, null);
}
}
use of org.xipki.ca.server.mgmt.api.CaMgmtException in project xipki by xipki.
the class CaManagerQueryExecutor method changeCrlSigner.
// method changeResponder
X509CrlSignerEntryWrapper changeCrlSigner(String name, String signerType, String signerConf, String base64Cert, String crlControl, CaManagerImpl caManager, SecurityFactory securityFactory) throws CaMgmtException {
ParamUtil.requireNonBlank("name", name);
ParamUtil.requireNonNull("caManager", caManager);
StringBuilder sqlBuilder = new StringBuilder();
sqlBuilder.append("UPDATE CRLSIGNER SET ");
AtomicInteger index = new AtomicInteger(1);
Integer idxSignerType = addToSqlIfNotNull(sqlBuilder, index, signerType, "SIGNER_TYPE");
Integer idxSignerCert = addToSqlIfNotNull(sqlBuilder, index, base64Cert, "SIGNER_CERT");
Integer idxCrlControl = addToSqlIfNotNull(sqlBuilder, index, crlControl, "CRL_CONTROL");
Integer idxSignerConf = addToSqlIfNotNull(sqlBuilder, index, signerConf, "SIGNER_CONF");
sqlBuilder.deleteCharAt(sqlBuilder.length() - 1);
sqlBuilder.append(" WHERE NAME=?");
if (index.get() == 1) {
throw new IllegalArgumentException("nothing to change");
}
X509CrlSignerEntry dbEntry = createCrlSigner(name);
String tmpSignerType = (signerType == null) ? dbEntry.getType() : signerType;
String tmpCrlControl = crlControl;
String tmpSignerConf;
String tmpBase64Cert;
if ("CA".equalsIgnoreCase(tmpSignerType)) {
tmpSignerConf = null;
tmpBase64Cert = null;
} else {
if (signerConf == null) {
tmpSignerConf = dbEntry.getConf();
} else {
tmpSignerConf = CaManagerImpl.canonicalizeSignerConf(tmpSignerType, signerConf, null, securityFactory);
}
if (base64Cert == null) {
tmpBase64Cert = dbEntry.getBase64Cert();
} else {
tmpBase64Cert = base64Cert;
}
}
if (tmpCrlControl == null) {
tmpCrlControl = dbEntry.crlControl();
} else {
// validate crlControl
try {
new CrlControl(tmpCrlControl);
} catch (InvalidConfException ex) {
throw new CaMgmtException(concat("invalid CRL control '", tmpCrlControl, "'"));
}
}
try {
dbEntry = new X509CrlSignerEntry(name, tmpSignerType, tmpSignerConf, tmpBase64Cert, tmpCrlControl);
} catch (InvalidConfException ex) {
throw new CaMgmtException(ex);
}
X509CrlSignerEntryWrapper crlSigner = caManager.createX509CrlSigner(dbEntry);
final String sql = sqlBuilder.toString();
PreparedStatement ps = null;
try {
StringBuilder sb = new StringBuilder();
ps = prepareStatement(sql);
if (idxSignerType != null) {
sb.append("signerType: '").append(tmpSignerType).append("'; ");
ps.setString(idxSignerType, tmpSignerType);
}
if (idxSignerConf != null) {
String txt = getRealString(tmpSignerConf);
sb.append("signerConf: '").append(SignerConf.toString(txt, false, true)).append("'; ");
ps.setString(idxSignerConf, txt);
}
if (idxSignerCert != null) {
String txt = getRealString(tmpBase64Cert);
String subject = null;
if (txt != null) {
try {
subject = canonicalizName(X509Util.parseBase64EncodedCert(txt).getSubjectX500Principal());
} catch (CertificateException ex) {
subject = "ERROR";
}
}
sb.append("signerCert: '").append(subject).append("'; ");
ps.setString(idxSignerCert, txt);
}
if (idxCrlControl != null) {
sb.append("crlControl: '").append(tmpCrlControl).append("'; ");
ps.setString(idxCrlControl, tmpCrlControl);
}
ps.setString(index.get(), name);
if (ps.executeUpdate() == 0) {
throw new CaMgmtException("could not change CRL signer " + name);
}
if (sb.length() > 0) {
sb.deleteCharAt(sb.length() - 1).deleteCharAt(sb.length() - 1);
}
LOG.info("changed CRL signer '{}': {}", name, sb);
return crlSigner;
} catch (SQLException ex) {
throw new CaMgmtException(datasource, sql, ex);
} finally {
datasource.releaseResources(ps, null);
}
}
Aggregations