Search in sources :

Example 6 with CmdFailure

use of org.xipki.console.karaf.CmdFailure in project xipki by xipki.

the class ExtractCertFromCrlCmd method execute0.

@Override
protected Object execute0() throws Exception {
    X509CRL crl = X509Util.parseCrl(crlFile);
    String oidExtnCerts = ObjectIdentifiers.id_xipki_ext_crlCertset.getId();
    byte[] extnValue = crl.getExtensionValue(oidExtnCerts);
    if (extnValue == null) {
        throw new IllegalCmdParamException("no certificate is contained in " + crlFile);
    }
    extnValue = removingTagAndLenFromExtensionValue(extnValue);
    ASN1Set asn1Set = DERSet.getInstance(extnValue);
    final int n = asn1Set.size();
    if (n == 0) {
        throw new CmdFailure("no certificate is contained in " + crlFile);
    }
    ByteArrayOutputStream out = new ByteArrayOutputStream();
    ZipOutputStream zip = new ZipOutputStream(out);
    for (int i = 0; i < n; i++) {
        ASN1Encodable asn1 = asn1Set.getObjectAt(i);
        Certificate cert;
        try {
            ASN1Sequence seq = ASN1Sequence.getInstance(asn1);
            cert = Certificate.getInstance(seq.getObjectAt(0));
        } catch (IllegalArgumentException ex) {
            // backwards compatibility
            cert = Certificate.getInstance(asn1);
        }
        byte[] certBytes = cert.getEncoded();
        String sha1FpCert = HashAlgo.SHA1.hexHash(certBytes);
        ZipEntry certZipEntry = new ZipEntry(sha1FpCert + ".der");
        zip.putNextEntry(certZipEntry);
        try {
            zip.write(certBytes);
        } finally {
            zip.closeEntry();
        }
    }
    zip.flush();
    zip.close();
    saveVerbose("extracted " + n + " certificates to", new File(outFile), out.toByteArray());
    return null;
}
Also used : X509CRL(java.security.cert.X509CRL) ZipEntry(java.util.zip.ZipEntry) DEROctetString(org.bouncycastle.asn1.DEROctetString) ByteArrayOutputStream(java.io.ByteArrayOutputStream) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ASN1Set(org.bouncycastle.asn1.ASN1Set) CmdFailure(org.xipki.console.karaf.CmdFailure) ZipOutputStream(java.util.zip.ZipOutputStream) IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) File(java.io.File) Certificate(org.bouncycastle.asn1.x509.Certificate)

Example 7 with CmdFailure

use of org.xipki.console.karaf.CmdFailure in project xipki by xipki.

the class P11CertExportCmd method execute0.

@Override
protected Object execute0() throws Exception {
    P11Slot slot = getSlot();
    P11ObjectIdentifier objIdentifier = getObjectIdentifier();
    X509Certificate cert = slot.exportCert(objIdentifier);
    if (cert == null) {
        throw new CmdFailure("could not export certificate " + objIdentifier);
    }
    saveVerbose("saved certificate to file", new File(outFile), cert.getEncoded());
    return null;
}
Also used : CmdFailure(org.xipki.console.karaf.CmdFailure) P11Slot(org.xipki.security.pkcs11.P11Slot) P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier) File(java.io.File) X509Certificate(java.security.cert.X509Certificate)

Example 8 with CmdFailure

use of org.xipki.console.karaf.CmdFailure in project xipki by xipki.

the class RequestorInfoCmd method execute0.

@Override
protected Object execute0() throws Exception {
    StringBuilder sb = new StringBuilder();
    if (name == null) {
        Set<String> names = caManager.getRequestorNames();
        int size = names.size();
        if (size == 0 || size == 1) {
            sb.append((size == 0) ? "no" : "1");
            sb.append(" CMP requestor is configured\n");
        } else {
            sb.append(size).append(" CMP requestors are configured:\n");
        }
        List<String> sorted = new ArrayList<>(names);
        Collections.sort(sorted);
        for (String entry : sorted) {
            sb.append("\t").append(entry).append("\n");
        }
    } else {
        RequestorEntry entry = caManager.getRequestor(name);
        if (entry == null) {
            throw new CmdFailure("could not find CMP requestor '" + name + "'");
        } else {
            sb.append(entry.toString(verbose.booleanValue()));
        }
    }
    println(sb.toString());
    return null;
}
Also used : CmdFailure(org.xipki.console.karaf.CmdFailure) RequestorEntry(org.xipki.ca.server.mgmt.api.RequestorEntry) ArrayList(java.util.ArrayList)

Example 9 with CmdFailure

use of org.xipki.console.karaf.CmdFailure in project xipki by xipki.

the class ResponderUpdateCmd method execute0.

@Override
protected Object execute0() throws Exception {
    String cert = null;
    if (CaManager.NULL.equalsIgnoreCase(certFile)) {
        cert = CaManager.NULL;
    } else if (certFile != null) {
        byte[] certBytes = IoUtil.read(certFile);
        X509Util.parseCert(new ByteArrayInputStream(certBytes));
        cert = Base64.encodeToString(certBytes);
    }
    String msg = "CMP responder " + name;
    try {
        caManager.changeResponder(name, signerType, getSignerConf(), cert);
        println("updated " + msg);
        return null;
    } catch (CaMgmtException ex) {
        throw new CmdFailure("could not update " + msg + ", error: " + ex.getMessage(), ex);
    }
}
Also used : CaMgmtException(org.xipki.ca.server.mgmt.api.CaMgmtException) ByteArrayInputStream(java.io.ByteArrayInputStream) CmdFailure(org.xipki.console.karaf.CmdFailure)

Example 10 with CmdFailure

use of org.xipki.console.karaf.CmdFailure in project xipki by xipki.

the class ScepInfoCmd method execute0.

@Override
protected Object execute0() throws Exception {
    if (name == null) {
        println(StringUtil.concatObjects("SCEPs: ", caManager.getScepNames()));
    } else {
        ScepEntry scep = caManager.getScepEntry(name);
        if (scep == null) {
            throw new CmdFailure("could not find SCEP '" + name + "'");
        }
        println(scep.toString());
    }
    return null;
}
Also used : CmdFailure(org.xipki.console.karaf.CmdFailure) ScepEntry(org.xipki.ca.server.mgmt.api.x509.ScepEntry)

Aggregations

CmdFailure (org.xipki.console.karaf.CmdFailure)99 CaMgmtException (org.xipki.ca.server.mgmt.api.CaMgmtException)52 File (java.io.File)20 X509Certificate (java.security.cert.X509Certificate)20 IllegalCmdParamException (org.xipki.console.karaf.IllegalCmdParamException)15 BigInteger (java.math.BigInteger)9 NameId (org.xipki.ca.api.NameId)9 X509CRL (java.security.cert.X509CRL)7 ArrayList (java.util.ArrayList)6 Date (java.util.Date)6 CaEntry (org.xipki.ca.server.mgmt.api.CaEntry)6 RequestResponseDebug (org.xipki.common.RequestResponseDebug)6 PublisherEntry (org.xipki.ca.server.mgmt.api.PublisherEntry)5 ScepClient (org.xipki.scep.client.ScepClient)4 DEROctetString (org.bouncycastle.asn1.DEROctetString)3 CertificationRequest (org.bouncycastle.asn1.pkcs.CertificationRequest)3 X500Name (org.bouncycastle.asn1.x500.X500Name)3 Client (org.jscep.client.Client)3 CertprofileEntry (org.xipki.ca.server.mgmt.api.CertprofileEntry)3 X509CrlSignerEntry (org.xipki.ca.server.mgmt.api.x509.X509CrlSignerEntry)3