Example 61 with CmdFailure
use of org.xipki.console.karaf.CmdFailure in project xipki by xipki.
the class CrlSignerCheckCmd method execute0.
@Override
protected Object execute0() throws Exception {
X509ChangeCrlSignerEntry ey = getCrlSignerChangeEntry();
String name = ey.getName();
println("checking CRL signer " + name);
X509CrlSignerEntry cs = caManager.getCrlSigner(name);
if (cs == null) {
throw new CmdFailure("CRL signer named '" + name + "' is not configured");
}
if (ey.getSignerType() != null) {
MgmtQaShellUtil.assertEquals("signer type", ey.getSignerType(), cs.getType());
}
if (ey.getSignerConf() != null) {
MgmtQaShellUtil.assertEquals("signer conf", ey.getSignerConf(), cs.getConf());
}
if (ey.getCrlControl() != null) {
CrlControl ex = new CrlControl(ey.getCrlControl());
CrlControl is = new CrlControl(cs.crlControl());
if (!ex.equals(is)) {
throw new CmdFailure("CRL control: is '" + is.getConf() + "', but expected '" + ex.getConf() + "'");
}
}
if (ey.getBase64Cert() != null) {
MgmtQaShellUtil.assertEquals("certificate", ey.getBase64Cert(), cs.getBase64Cert());
}
println(" checked CRL signer " + name);
return null;
}
Also used :
CrlControl(org.xipki.ca.server.mgmt.api.x509.CrlControl)
CmdFailure(org.xipki.console.karaf.CmdFailure)
X509CrlSignerEntry(org.xipki.ca.server.mgmt.api.x509.X509CrlSignerEntry)
X509ChangeCrlSignerEntry(org.xipki.ca.server.mgmt.api.x509.X509ChangeCrlSignerEntry)
Example 62 with CmdFailure
use of org.xipki.console.karaf.CmdFailure in project xipki by xipki.
the class P12CertExportCmd method execute0.
@Override
protected Object execute0() throws Exception {
KeyStore ks = getKeyStore();
String keyname = null;
Enumeration<String> aliases = ks.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (ks.isKeyEntry(alias)) {
keyname = alias;
break;
}
}
if (keyname == null) {
throw new CmdFailure("could not find private key");
}
X509Certificate cert = (X509Certificate) ks.getCertificate(keyname);
saveVerbose("saved certificate to file", new File(outFile), cert.getEncoded());
return null;
}
Also used :
CmdFailure(org.xipki.console.karaf.CmdFailure)
KeyStore(java.security.KeyStore)
File(java.io.File)
X509Certificate(java.security.cert.X509Certificate)
Example 63 with CmdFailure
use of org.xipki.console.karaf.CmdFailure in project xipki by xipki.
the class UserUpdateCmd method execute0.
@Override
protected Object execute0() throws Exception {
Boolean realActive;
if (active != null) {
if (inactive != null) {
throw new IllegalCmdParamException("maximal one of --active and --inactive can be set");
}
realActive = Boolean.TRUE;
} else if (inactive != null) {
realActive = Boolean.FALSE;
} else {
realActive = null;
}
ChangeUserEntry entry = new ChangeUserEntry(new NameId(null, name));
if (realActive != null) {
entry.setActive(realActive);
}
if ("CONSOLE".equalsIgnoreCase(password)) {
password = new String(readPassword());
}
if (password != null) {
entry.setPassword(password);
}
String msg = "user " + name;
try {
caManager.changeUser(entry);
println("changed " + msg);
return null;
} catch (CaMgmtException ex) {
throw new CmdFailure("could not change " + msg + ", error: " + ex.getMessage(), ex);
}
}
Also used :
CaMgmtException(org.xipki.ca.server.mgmt.api.CaMgmtException)
NameId(org.xipki.ca.api.NameId)
CmdFailure(org.xipki.console.karaf.CmdFailure)
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
ChangeUserEntry(org.xipki.ca.server.mgmt.api.ChangeUserEntry)
Example 64 with CmdFailure
use of org.xipki.console.karaf.CmdFailure in project xipki by xipki.
the class GetCrlCmd method execute0.
@Override
protected Object execute0() throws Exception {
CaEntry ca = caManager.getCa(caName);
if (ca == null) {
throw new CmdFailure("CA " + caName + " not available");
}
X509CRL crl = null;
try {
crl = retrieveCrl();
} catch (Exception ex) {
throw new CmdFailure("received no CRL from server: " + ex.getMessage());
}
if (crl == null) {
throw new CmdFailure("received no CRL from server");
}
saveVerbose("saved CRL to file", new File(outFile), crl.getEncoded());
if (withBaseCrl.booleanValue()) {
byte[] octetString = crl.getExtensionValue(Extension.deltaCRLIndicator.getId());
if (octetString != null) {
if (baseCrlOut == null) {
baseCrlOut = outFile + "-baseCRL";
}
byte[] extnValue = DEROctetString.getInstance(octetString).getOctets();
BigInteger baseCrlNumber = ASN1Integer.getInstance(extnValue).getPositiveValue();
try {
crl = caManager.getCrl(caName, baseCrlNumber);
} catch (Exception ex) {
throw new CmdFailure("received no baseCRL from server: " + ex.getMessage());
}
if (crl == null) {
throw new CmdFailure("received no baseCRL from server");
} else {
saveVerbose("saved baseCRL to file", new File(baseCrlOut), crl.getEncoded());
}
}
}
return null;
}
Also used :
CaEntry(org.xipki.ca.server.mgmt.api.CaEntry)
X509CRL(java.security.cert.X509CRL)
CmdFailure(org.xipki.console.karaf.CmdFailure)
BigInteger(java.math.BigInteger)
File(java.io.File)
Example 65 with CmdFailure
use of org.xipki.console.karaf.CmdFailure in project xipki by xipki.
the class RevokeCertCmd method execute0.
@Override
protected Object execute0() throws Exception {
CrlReason crlReason = CrlReason.forNameOrText(reason);
if (!CrlReason.PERMITTED_CLIENT_CRLREASONS.contains(crlReason)) {
throw new InvalidConfException("reason " + reason + " is not permitted");
}
Date invalidityDate = null;
if (isNotBlank(invalidityDateS)) {
invalidityDate = DateUtil.parseUtcTimeyyyyMMddhhmmss(invalidityDateS);
}
BigInteger serialNo = getSerialNumber();
String msg = "certificate (serial number = 0x" + serialNo.toString(16) + ")";
try {
caManager.revokeCertificate(caName, serialNo, crlReason, invalidityDate);
println("revoked " + msg);
return null;
} catch (CaMgmtException ex) {
throw new CmdFailure("could not revoke " + msg + ", error: " + ex.getMessage(), ex);
}
}
Also used :
CaMgmtException(org.xipki.ca.server.mgmt.api.CaMgmtException)
CmdFailure(org.xipki.console.karaf.CmdFailure)
InvalidConfException(org.xipki.common.InvalidConfException)
BigInteger(java.math.BigInteger)
CrlReason(org.xipki.security.CrlReason)
Date(java.util.Date)
Aggregations
CmdFailure (org.xipki.console.karaf.CmdFailure)99
CaMgmtException (org.xipki.ca.server.mgmt.api.CaMgmtException)52
File (java.io.File)20
X509Certificate (java.security.cert.X509Certificate)20
IllegalCmdParamException (org.xipki.console.karaf.IllegalCmdParamException)15
BigInteger (java.math.BigInteger)9
NameId (org.xipki.ca.api.NameId)9
X509CRL (java.security.cert.X509CRL)7
ArrayList (java.util.ArrayList)6
Date (java.util.Date)6
CaEntry (org.xipki.ca.server.mgmt.api.CaEntry)6
RequestResponseDebug (org.xipki.common.RequestResponseDebug)6
PublisherEntry (org.xipki.ca.server.mgmt.api.PublisherEntry)5
ScepClient (org.xipki.scep.client.ScepClient)4
DEROctetString (org.bouncycastle.asn1.DEROctetString)3
CertificationRequest (org.bouncycastle.asn1.pkcs.CertificationRequest)3
X500Name (org.bouncycastle.asn1.x500.X500Name)3
Client (org.jscep.client.Client)3
CertprofileEntry (org.xipki.ca.server.mgmt.api.CertprofileEntry)3
X509CrlSignerEntry (org.xipki.ca.server.mgmt.api.x509.X509CrlSignerEntry)3
