Examples with X509ChangeCrlSignerEntry - org.xipki.ca.server.mgmt.api.x509.X509ChangeCrlSignerEntry

Example 1 with X509ChangeCrlSignerEntry

use of org.xipki.ca.server.mgmt.api.x509.X509ChangeCrlSignerEntry in project xipki by xipki.

the class CrlSignerCheckCmd method execute0.

@Override
protected Object execute0() throws Exception {
    X509ChangeCrlSignerEntry ey = getCrlSignerChangeEntry();
    String name = ey.getName();
    println("checking CRL signer " + name);
    X509CrlSignerEntry cs = caManager.getCrlSigner(name);
    if (cs == null) {
        throw new CmdFailure("CRL signer named '" + name + "' is not configured");
    }
    if (ey.getSignerType() != null) {
        MgmtQaShellUtil.assertEquals("signer type", ey.getSignerType(), cs.getType());
    }
    if (ey.getSignerConf() != null) {
        MgmtQaShellUtil.assertEquals("signer conf", ey.getSignerConf(), cs.getConf());
    }
    if (ey.getCrlControl() != null) {
        CrlControl ex = new CrlControl(ey.getCrlControl());
        CrlControl is = new CrlControl(cs.crlControl());
        if (!ex.equals(is)) {
            throw new CmdFailure("CRL control: is '" + is.getConf() + "', but expected '" + ex.getConf() + "'");
        }
    }
    if (ey.getBase64Cert() != null) {
        MgmtQaShellUtil.assertEquals("certificate", ey.getBase64Cert(), cs.getBase64Cert());
    }
    println(" checked CRL signer " + name);
    return null;
}

Also used : CrlControl(org.xipki.ca.server.mgmt.api.x509.CrlControl) CmdFailure(org.xipki.console.karaf.CmdFailure) X509CrlSignerEntry(org.xipki.ca.server.mgmt.api.x509.X509CrlSignerEntry) X509ChangeCrlSignerEntry(org.xipki.ca.server.mgmt.api.x509.X509ChangeCrlSignerEntry)

Example 2 with X509ChangeCrlSignerEntry

use of org.xipki.ca.server.mgmt.api.x509.X509ChangeCrlSignerEntry in project xipki by xipki.

the class CrlSignerUpdateCmd method getCrlSignerChangeEntry.

protected X509ChangeCrlSignerEntry getCrlSignerChangeEntry() throws Exception {
    String signerCertConf = null;
    if (CaManager.NULL.equalsIgnoreCase(signerCert)) {
        signerCertConf = CaManager.NULL;
    } else if (signerCert != null) {
        byte[] certBytes = IoUtil.read(signerCert);
        X509Util.parseCert(new ByteArrayInputStream(certBytes));
        signerCertConf = Base64.encodeToString(certBytes);
    }
    if (signerConf != null) {
        String tmpSignerType = signerType;
        if (tmpSignerType == null) {
            X509CrlSignerEntry entry = caManager.getCrlSigner(name);
            if (entry == null) {
                throw new IllegalCmdParamException("please specify the signerType");
            }
            tmpSignerType = entry.getType();
        }
        signerConf = ShellUtil.canonicalizeSignerConf(tmpSignerType, signerConf, passwordResolver, securityFactory);
    }
    X509ChangeCrlSignerEntry dbEntry = new X509ChangeCrlSignerEntry(name);
    dbEntry.setSignerType(signerType);
    dbEntry.setSignerConf(signerConf);
    dbEntry.setCrlControl(crlControl);
    dbEntry.setBase64Cert(signerCertConf);
    return dbEntry;
}

Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException) X509CrlSignerEntry(org.xipki.ca.server.mgmt.api.x509.X509CrlSignerEntry) X509ChangeCrlSignerEntry(org.xipki.ca.server.mgmt.api.x509.X509ChangeCrlSignerEntry)

Aggregations

X509ChangeCrlSignerEntry (org.xipki.ca.server.mgmt.api.x509.X509ChangeCrlSignerEntry)2 X509CrlSignerEntry (org.xipki.ca.server.mgmt.api.x509.X509CrlSignerEntry)2 ByteArrayInputStream (java.io.ByteArrayInputStream)1 CrlControl (org.xipki.ca.server.mgmt.api.x509.CrlControl)1 CmdFailure (org.xipki.console.karaf.CmdFailure)1 IllegalCmdParamException (org.xipki.console.karaf.IllegalCmdParamException)1