Examples with IllegalCmdParamException - org.xipki.console.karaf.IllegalCmdParamException

Example 1 with IllegalCmdParamException

use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.

the class GetCrlCmd method execute0.

@Override
protected Object execute0() throws Exception {
    if (caName != null) {
        caName = caName.toLowerCase();
    }
    Set<String> caNames = caClient.getCaNames();
    if (isEmpty(caNames)) {
        throw new IllegalCmdParamException("no CA is configured");
    }
    if (caName != null && !caNames.contains(caName)) {
        throw new IllegalCmdParamException("CA " + caName + " is not within the configured CAs " + caNames);
    }
    if (caName == null) {
        if (caNames.size() == 1) {
            caName = caNames.iterator().next();
        } else {
            throw new IllegalCmdParamException("no CA is specified, one of " + caNames + " is required");
        }
    }
    X509CRL crl = null;
    try {
        crl = retrieveCrl();
    } catch (PkiErrorException ex) {
        throw new CmdFailure("received no CRL from server: " + ex.getMessage());
    }
    if (crl == null) {
        throw new CmdFailure("received no CRL from server");
    }
    saveVerbose("saved CRL to file", new File(outFile), crl.getEncoded());
    if (!withBaseCrl.booleanValue()) {
        return null;
    }
    byte[] octetString = crl.getExtensionValue(Extension.deltaCRLIndicator.getId());
    if (octetString == null) {
        return null;
    }
    if (baseCrlOut == null) {
        baseCrlOut = outFile + "-baseCRL";
    }
    byte[] extnValue = DEROctetString.getInstance(octetString).getOctets();
    BigInteger baseCrlNumber = ASN1Integer.getInstance(extnValue).getPositiveValue();
    RequestResponseDebug debug = getRequestResponseDebug();
    try {
        crl = caClient.downloadCrl(caName, baseCrlNumber, debug);
    } catch (PkiErrorException ex) {
        throw new CmdFailure("received no baseCRL from server: " + ex.getMessage());
    } finally {
        saveRequestResponse(debug);
    }
    if (crl == null) {
        throw new CmdFailure("received no baseCRL from server");
    }
    saveVerbose("saved baseCRL to file", new File(baseCrlOut), crl.getEncoded());
    return null;
}

Also used : PkiErrorException(org.xipki.ca.client.api.PkiErrorException) X509CRL(java.security.cert.X509CRL) RequestResponseDebug(org.xipki.common.RequestResponseDebug) CmdFailure(org.xipki.console.karaf.CmdFailure) IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException) BigInteger(java.math.BigInteger) DEROctetString(org.bouncycastle.asn1.DEROctetString) File(java.io.File)

Example 2 with IllegalCmdParamException

use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.

the class CaLoadTestTemplateEnrollCmd method execute0.

@Override
protected Object execute0() throws Exception {
    if (numThreads < 1) {
        throw new IllegalCmdParamException("invalid number of threads " + numThreads);
    }
    EnrollTemplateType template = CaLoadTestTemplateEnroll.parse(new FileInputStream(templateFile));
    int size = template.getEnrollCert().size();
    String description = StringUtil.concatObjectsCap(200, "template: ", templateFile, "\nmaxRequests: ", maxRequests, "\nunit: ", size, " certificate", (size > 1 ? "s" : ""), "\n");
    CaLoadTestTemplateEnroll loadTest = new CaLoadTestTemplateEnroll(caClient, template, maxRequests, description);
    loadTest.setDuration(duration);
    loadTest.setThreads(numThreads);
    loadTest.test();
    return null;
}

Also used : EnrollTemplateType(org.xipki.ca.client.shell.loadtest.jaxb.EnrollTemplateType) IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException) FileInputStream(java.io.FileInputStream)

Example 3 with IllegalCmdParamException

use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.

the class P11SecretKeyImportCmd method execute0.

@Override
protected Object execute0() throws Exception {
    long p11KeyType;
    if ("AES".equalsIgnoreCase(keyType)) {
        p11KeyType = PKCS11Constants.CKK_AES;
    } else if ("DES3".equalsIgnoreCase(keyType)) {
        p11KeyType = PKCS11Constants.CKK_DES3;
    } else if ("GENERIC".equalsIgnoreCase(keyType)) {
        p11KeyType = PKCS11Constants.CKK_GENERIC_SECRET;
    } else {
        throw new IllegalCmdParamException("invalid keyType " + keyType);
    }
    KeyStore ks = KeyStore.getInstance("JCEKS");
    InputStream ksStream = new FileInputStream(IoUtil.expandFilepath(keyOutFile));
    char[] pwd = getPassword();
    try {
        ks.load(ksStream, pwd);
    } finally {
        ksStream.close();
    }
    byte[] keyValue = null;
    Enumeration<String> aliases = ks.aliases();
    while (aliases.hasMoreElements()) {
        String alias = aliases.nextElement();
        if (!ks.isKeyEntry(alias)) {
            continue;
        }
        Key key = ks.getKey(alias, pwd);
        if (key instanceof SecretKey) {
            keyValue = ((SecretKey) key).getEncoded();
            break;
        }
    }
    if (keyValue == null) {
        throw new IllegalCmdParamException("keystore does not contain secret key");
    }
    P11Slot slot = getSlot();
    P11ObjectIdentifier objId = slot.importSecretKey(p11KeyType, keyValue, label, getControl());
    println("imported " + keyType + " key " + objId);
    return null;
}

Also used : FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) P11Slot(org.xipki.security.pkcs11.P11Slot) KeyStore(java.security.KeyStore) FileInputStream(java.io.FileInputStream) SecretKey(javax.crypto.SecretKey) IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException) P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier) Key(java.security.Key) SecretKey(javax.crypto.SecretKey)

Example 4 with IllegalCmdParamException

use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.

the class JceksSecretKeyGenCmd method execute0.

@Override
protected Object execute0() throws Exception {
    if (!("AES".equalsIgnoreCase(keyType) || "DES3".equalsIgnoreCase(keyType) || "GENERIC".equalsIgnoreCase(keyType))) {
        throw new IllegalCmdParamException("invalid keyType " + keyType);
    }
    P12KeyGenerationResult key = new P12KeyGenerator().generateSecretKey(keyType.toUpperCase(), keysize, getKeyGenParameters());
    saveKey(key);
    return null;
}

Also used : P12KeyGenerator(org.xipki.security.pkcs12.P12KeyGenerator) P12KeyGenerationResult(org.xipki.security.pkcs12.P12KeyGenerationResult) IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)

Example 5 with IllegalCmdParamException

use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.

the class ExtractCertFromCrlCmd method execute0.

@Override
protected Object execute0() throws Exception {
    X509CRL crl = X509Util.parseCrl(crlFile);
    String oidExtnCerts = ObjectIdentifiers.id_xipki_ext_crlCertset.getId();
    byte[] extnValue = crl.getExtensionValue(oidExtnCerts);
    if (extnValue == null) {
        throw new IllegalCmdParamException("no certificate is contained in " + crlFile);
    }
    extnValue = removingTagAndLenFromExtensionValue(extnValue);
    ASN1Set asn1Set = DERSet.getInstance(extnValue);
    final int n = asn1Set.size();
    if (n == 0) {
        throw new CmdFailure("no certificate is contained in " + crlFile);
    }
    ByteArrayOutputStream out = new ByteArrayOutputStream();
    ZipOutputStream zip = new ZipOutputStream(out);
    for (int i = 0; i < n; i++) {
        ASN1Encodable asn1 = asn1Set.getObjectAt(i);
        Certificate cert;
        try {
            ASN1Sequence seq = ASN1Sequence.getInstance(asn1);
            cert = Certificate.getInstance(seq.getObjectAt(0));
        } catch (IllegalArgumentException ex) {
            // backwards compatibility
            cert = Certificate.getInstance(asn1);
        }
        byte[] certBytes = cert.getEncoded();
        String sha1FpCert = HashAlgo.SHA1.hexHash(certBytes);
        ZipEntry certZipEntry = new ZipEntry(sha1FpCert + ".der");
        zip.putNextEntry(certZipEntry);
        try {
            zip.write(certBytes);
        } finally {
            zip.closeEntry();
        }
    }
    zip.flush();
    zip.close();
    saveVerbose("extracted " + n + " certificates to", new File(outFile), out.toByteArray());
    return null;
}

Also used : X509CRL(java.security.cert.X509CRL) ZipEntry(java.util.zip.ZipEntry) DEROctetString(org.bouncycastle.asn1.DEROctetString) ByteArrayOutputStream(java.io.ByteArrayOutputStream) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ASN1Set(org.bouncycastle.asn1.ASN1Set) CmdFailure(org.xipki.console.karaf.CmdFailure) ZipOutputStream(java.util.zip.ZipOutputStream) IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) File(java.io.File) Certificate(org.bouncycastle.asn1.x509.Certificate)

Aggregations

IllegalCmdParamException (org.xipki.console.karaf.IllegalCmdParamException)42 CmdFailure (org.xipki.console.karaf.CmdFailure)15 File (java.io.File)8 X509Certificate (java.security.cert.X509Certificate)6 CaMgmtException (org.xipki.ca.server.mgmt.api.CaMgmtException)6 P11Slot (org.xipki.security.pkcs11.P11Slot)6 BigInteger (java.math.BigInteger)5 RequestResponseDebug (org.xipki.common.RequestResponseDebug)5 P11ObjectIdentifier (org.xipki.security.pkcs11.P11ObjectIdentifier)5 FileInputStream (java.io.FileInputStream)4 NameId (org.xipki.ca.api.NameId)4 X509CRL (java.security.cert.X509CRL)3 Date (java.util.Date)3 LinkedList (java.util.LinkedList)3 Certificate (org.bouncycastle.asn1.x509.Certificate)3 CertIdOrError (org.xipki.ca.client.api.CertIdOrError)3 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 InputStream (java.io.InputStream)2 URL (java.net.URL)2 Key (java.security.Key)2