Search in sources :

Example 26 with CaMgmtException

use of org.xipki.ca.server.mgmt.api.CaMgmtException in project xipki by xipki.

the class CaManagerQueryExecutor method namesFromTable.

List<String> namesFromTable(String table, String nameColumn) throws CaMgmtException {
    final String sql = concat("SELECT ", nameColumn, " FROM ", table);
    Statement stmt = null;
    ResultSet rs = null;
    try {
        stmt = createStatement();
        rs = stmt.executeQuery(sql);
        List<String> names = new LinkedList<>();
        while (rs.next()) {
            String name = rs.getString(nameColumn);
            if (StringUtil.isNotBlank(name)) {
                names.add(name);
            }
        }
        return names;
    } catch (SQLException ex) {
        throw new CaMgmtException(datasource, sql, ex);
    } finally {
        datasource.releaseResources(stmt, rs);
    }
}
Also used : CaMgmtException(org.xipki.ca.server.mgmt.api.CaMgmtException) SQLException(java.sql.SQLException) PreparedStatement(java.sql.PreparedStatement) Statement(java.sql.Statement) ResultSet(java.sql.ResultSet) LinkedList(java.util.LinkedList)

Example 27 with CaMgmtException

use of org.xipki.ca.server.mgmt.api.CaMgmtException in project xipki by xipki.

the class CaManagerQueryExecutor method addCmpControl.

// method addCertprofileToCa
void addCmpControl(CmpControlEntry dbEntry) throws CaMgmtException {
    ParamUtil.requireNonNull("dbEntry", dbEntry);
    final String name = dbEntry.getName();
    final String sql = "INSERT INTO CMPCONTROL (NAME,CONF) VALUES (?,?)";
    PreparedStatement ps = null;
    try {
        ps = prepareStatement(sql);
        int idx = 1;
        ps.setString(idx++, name);
        ps.setString(idx++, dbEntry.getConf());
        if (ps.executeUpdate() == 0) {
            throw new CaMgmtException("could not add CMP control " + name);
        }
        LOG.info("added CMP control: {}", dbEntry);
    } catch (SQLException ex) {
        throw new CaMgmtException(datasource, sql, ex);
    } finally {
        datasource.releaseResources(ps, null);
    }
}
Also used : CaMgmtException(org.xipki.ca.server.mgmt.api.CaMgmtException) SQLException(java.sql.SQLException) PreparedStatement(java.sql.PreparedStatement)

Example 28 with CaMgmtException

use of org.xipki.ca.server.mgmt.api.CaMgmtException in project xipki by xipki.

the class CaManagerQueryExecutor method addPublisherToCa.

// method addPublisher
void addPublisherToCa(NameId publisher, NameId ca) throws CaMgmtException {
    final String sql = "INSERT INTO CA_HAS_PUBLISHER (CA_ID,PUBLISHER_ID) VALUES (?,?)";
    PreparedStatement ps = null;
    try {
        ps = prepareStatement(sql);
        ps.setInt(1, ca.getId());
        ps.setInt(2, publisher.getId());
        if (ps.executeUpdate() == 0) {
            throw new CaMgmtException("could not add publisher " + publisher + " to CA " + ca);
        }
        LOG.info("added publisher '{}' to CA '{}'", publisher, ca);
    } catch (SQLException ex) {
        throw new CaMgmtException(datasource, sql, ex);
    } finally {
        datasource.releaseResources(ps, null);
    }
}
Also used : CaMgmtException(org.xipki.ca.server.mgmt.api.CaMgmtException) SQLException(java.sql.SQLException) PreparedStatement(java.sql.PreparedStatement)

Example 29 with CaMgmtException

use of org.xipki.ca.server.mgmt.api.CaMgmtException in project xipki by xipki.

the class CaManagerQueryExecutor method changeResponder.

// method changeRequestor
ResponderEntryWrapper changeResponder(String name, String type, String conf, String base64Cert, CaManagerImpl caManager, SecurityFactory securityFactory) throws CaMgmtException {
    ParamUtil.requireNonBlank("name", name);
    ParamUtil.requireNonNull("caManager", caManager);
    StringBuilder sqlBuilder = new StringBuilder();
    sqlBuilder.append("UPDATE RESPONDER SET ");
    AtomicInteger index = new AtomicInteger(1);
    Integer idxType = addToSqlIfNotNull(sqlBuilder, index, type, "TYPE");
    Integer idxCert = addToSqlIfNotNull(sqlBuilder, index, base64Cert, "CERT");
    Integer idxConf = addToSqlIfNotNull(sqlBuilder, index, conf, "CONF");
    sqlBuilder.deleteCharAt(sqlBuilder.length() - 1);
    sqlBuilder.append(" WHERE NAME=?");
    if (index.get() == 1) {
        throw new IllegalArgumentException("nothing to change");
    }
    ResponderEntry dbEntry = createResponder(name);
    String tmpType = (type != null) ? type : dbEntry.getType();
    String tmpConf;
    if (conf == null) {
        tmpConf = dbEntry.getConf();
    } else {
        tmpConf = CaManagerImpl.canonicalizeSignerConf(tmpType, conf, null, securityFactory);
    }
    String tmpBase64Cert;
    if (base64Cert == null) {
        tmpBase64Cert = dbEntry.getBase64Cert();
    } else {
        tmpBase64Cert = base64Cert;
    }
    ResponderEntry newDbEntry = new ResponderEntry(name, tmpType, tmpConf, tmpBase64Cert);
    ResponderEntryWrapper responder = caManager.createResponder(newDbEntry);
    final String sql = sqlBuilder.toString();
    StringBuilder sb = new StringBuilder();
    PreparedStatement ps = null;
    try {
        ps = prepareStatement(sql);
        if (idxType != null) {
            String txt = tmpType;
            ps.setString(idxType, txt);
            sb.append("type: '").append(txt).append("'; ");
        }
        if (idxConf != null) {
            String txt = getRealString(tmpConf);
            sb.append("conf: '").append(SignerConf.toString(txt, false, true));
            ps.setString(idxConf, txt);
        }
        if (idxCert != null) {
            String txt = getRealString(tmpBase64Cert);
            sb.append("cert: '");
            if (txt == null) {
                sb.append("null");
            } else {
                try {
                    String subject = canonicalizName(X509Util.parseBase64EncodedCert(txt).getSubjectX500Principal());
                    sb.append(subject);
                } catch (CertificateException ex) {
                    sb.append("ERROR");
                }
            }
            sb.append("'; ");
            ps.setString(idxCert, txt);
        }
        ps.setString(index.get(), name);
        if (ps.executeUpdate() == 0) {
            throw new CaMgmtException("could not change responder " + name);
        }
        if (sb.length() > 0) {
            sb.deleteCharAt(sb.length() - 1).deleteCharAt(sb.length() - 1);
        }
        LOG.info("changed responder: {}", sb);
        return responder;
    } catch (SQLException ex) {
        throw new CaMgmtException(datasource, sql, ex);
    } finally {
        datasource.releaseResources(ps, null);
    }
}
Also used : AtomicInteger(java.util.concurrent.atomic.AtomicInteger) CaMgmtException(org.xipki.ca.server.mgmt.api.CaMgmtException) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) SQLException(java.sql.SQLException) ResponderEntry(org.xipki.ca.server.mgmt.api.ResponderEntry) PreparedStatement(java.sql.PreparedStatement) CertificateException(java.security.cert.CertificateException) ResponderEntryWrapper(org.xipki.ca.server.impl.cmp.ResponderEntryWrapper)

Example 30 with CaMgmtException

use of org.xipki.ca.server.mgmt.api.CaMgmtException in project xipki by xipki.

the class CaManagerQueryExecutor method changeCrlSigner.

// method changeResponder
X509CrlSignerEntryWrapper changeCrlSigner(String name, String signerType, String signerConf, String base64Cert, String crlControl, CaManagerImpl caManager, SecurityFactory securityFactory) throws CaMgmtException {
    ParamUtil.requireNonBlank("name", name);
    ParamUtil.requireNonNull("caManager", caManager);
    StringBuilder sqlBuilder = new StringBuilder();
    sqlBuilder.append("UPDATE CRLSIGNER SET ");
    AtomicInteger index = new AtomicInteger(1);
    Integer idxSignerType = addToSqlIfNotNull(sqlBuilder, index, signerType, "SIGNER_TYPE");
    Integer idxSignerCert = addToSqlIfNotNull(sqlBuilder, index, base64Cert, "SIGNER_CERT");
    Integer idxCrlControl = addToSqlIfNotNull(sqlBuilder, index, crlControl, "CRL_CONTROL");
    Integer idxSignerConf = addToSqlIfNotNull(sqlBuilder, index, signerConf, "SIGNER_CONF");
    sqlBuilder.deleteCharAt(sqlBuilder.length() - 1);
    sqlBuilder.append(" WHERE NAME=?");
    if (index.get() == 1) {
        throw new IllegalArgumentException("nothing to change");
    }
    X509CrlSignerEntry dbEntry = createCrlSigner(name);
    String tmpSignerType = (signerType == null) ? dbEntry.getType() : signerType;
    String tmpCrlControl = crlControl;
    String tmpSignerConf;
    String tmpBase64Cert;
    if ("CA".equalsIgnoreCase(tmpSignerType)) {
        tmpSignerConf = null;
        tmpBase64Cert = null;
    } else {
        if (signerConf == null) {
            tmpSignerConf = dbEntry.getConf();
        } else {
            tmpSignerConf = CaManagerImpl.canonicalizeSignerConf(tmpSignerType, signerConf, null, securityFactory);
        }
        if (base64Cert == null) {
            tmpBase64Cert = dbEntry.getBase64Cert();
        } else {
            tmpBase64Cert = base64Cert;
        }
    }
    if (tmpCrlControl == null) {
        tmpCrlControl = dbEntry.crlControl();
    } else {
        // validate crlControl
        try {
            new CrlControl(tmpCrlControl);
        } catch (InvalidConfException ex) {
            throw new CaMgmtException(concat("invalid CRL control '", tmpCrlControl, "'"));
        }
    }
    try {
        dbEntry = new X509CrlSignerEntry(name, tmpSignerType, tmpSignerConf, tmpBase64Cert, tmpCrlControl);
    } catch (InvalidConfException ex) {
        throw new CaMgmtException(ex);
    }
    X509CrlSignerEntryWrapper crlSigner = caManager.createX509CrlSigner(dbEntry);
    final String sql = sqlBuilder.toString();
    PreparedStatement ps = null;
    try {
        StringBuilder sb = new StringBuilder();
        ps = prepareStatement(sql);
        if (idxSignerType != null) {
            sb.append("signerType: '").append(tmpSignerType).append("'; ");
            ps.setString(idxSignerType, tmpSignerType);
        }
        if (idxSignerConf != null) {
            String txt = getRealString(tmpSignerConf);
            sb.append("signerConf: '").append(SignerConf.toString(txt, false, true)).append("'; ");
            ps.setString(idxSignerConf, txt);
        }
        if (idxSignerCert != null) {
            String txt = getRealString(tmpBase64Cert);
            String subject = null;
            if (txt != null) {
                try {
                    subject = canonicalizName(X509Util.parseBase64EncodedCert(txt).getSubjectX500Principal());
                } catch (CertificateException ex) {
                    subject = "ERROR";
                }
            }
            sb.append("signerCert: '").append(subject).append("'; ");
            ps.setString(idxSignerCert, txt);
        }
        if (idxCrlControl != null) {
            sb.append("crlControl: '").append(tmpCrlControl).append("'; ");
            ps.setString(idxCrlControl, tmpCrlControl);
        }
        ps.setString(index.get(), name);
        if (ps.executeUpdate() == 0) {
            throw new CaMgmtException("could not change CRL signer " + name);
        }
        if (sb.length() > 0) {
            sb.deleteCharAt(sb.length() - 1).deleteCharAt(sb.length() - 1);
        }
        LOG.info("changed CRL signer '{}': {}", name, sb);
        return crlSigner;
    } catch (SQLException ex) {
        throw new CaMgmtException(datasource, sql, ex);
    } finally {
        datasource.releaseResources(ps, null);
    }
}
Also used : CrlControl(org.xipki.ca.server.mgmt.api.x509.CrlControl) SQLException(java.sql.SQLException) InvalidConfException(org.xipki.common.InvalidConfException) PreparedStatement(java.sql.PreparedStatement) CertificateException(java.security.cert.CertificateException) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) CaMgmtException(org.xipki.ca.server.mgmt.api.CaMgmtException) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) X509CrlSignerEntry(org.xipki.ca.server.mgmt.api.x509.X509CrlSignerEntry)

Aggregations

CaMgmtException (org.xipki.ca.server.mgmt.api.CaMgmtException)157 PreparedStatement (java.sql.PreparedStatement)63 SQLException (java.sql.SQLException)63 CmdFailure (org.xipki.console.karaf.CmdFailure)52 NameId (org.xipki.ca.api.NameId)31 ResultSet (java.sql.ResultSet)24 OperationException (org.xipki.ca.api.OperationException)18 AtomicInteger (java.util.concurrent.atomic.AtomicInteger)16 InvalidConfException (org.xipki.common.InvalidConfException)11 DataAccessException (org.xipki.datasource.DataAccessException)11 CertificateEncodingException (java.security.cert.CertificateEncodingException)9 CaHasRequestorEntry (org.xipki.ca.server.mgmt.api.CaHasRequestorEntry)9 CertificateException (java.security.cert.CertificateException)8 ObjectCreationException (org.xipki.common.ObjectCreationException)8 X509Certificate (java.security.cert.X509Certificate)7 Date (java.util.Date)7 X509CaEntry (org.xipki.ca.server.mgmt.api.x509.X509CaEntry)7 IOException (java.io.IOException)6 Statement (java.sql.Statement)6 CaHasUserEntry (org.xipki.ca.server.mgmt.api.CaHasUserEntry)6