Search in sources :

Example 6 with IllegalCmdParamException

use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.

the class BSpeedP11Action method getSlot.

protected P11Slot getSlot() throws XiSecurityException, P11TokenException, IllegalCmdParamException {
    P11CryptService p11Service = p11CryptServiceFactory.getP11CryptService(moduleName);
    if (p11Service == null) {
        throw new IllegalCmdParamException("undefined module " + moduleName);
    }
    P11Module module = p11Service.getModule();
    P11SlotIdentifier slotId = module.getSlotIdForIndex(slotIndex);
    return module.getSlot(slotId);
}
Also used : P11Module(org.xipki.security.pkcs11.P11Module) P11SlotIdentifier(org.xipki.security.pkcs11.P11SlotIdentifier) IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException) P11CryptService(org.xipki.security.pkcs11.P11CryptService)

Example 7 with IllegalCmdParamException

use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.

the class P11DSAKeyGenCmd method execute0.

@Override
protected Object execute0() throws Exception {
    if (plen % 1024 != 0) {
        throw new IllegalCmdParamException("plen is not multiple of 1024: " + plen);
    }
    if (qlen == null) {
        if (plen <= 1024) {
            qlen = 160;
        } else if (plen <= 2048) {
            qlen = 224;
        } else {
            qlen = 256;
        }
    }
    P11Slot slot = getSlot();
    P11ObjectIdentifier objId = slot.generateDSAKeypair(plen, qlen, label, getControl());
    finalize("DSA", objId);
    return null;
}
Also used : P11Slot(org.xipki.security.pkcs11.P11Slot) IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException) P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier)

Example 8 with IllegalCmdParamException

use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.

the class ResponderUpdateCmd method getSignerConf.

protected String getSignerConf() throws Exception {
    if (signerConf == null) {
        return signerConf;
    }
    String tmpSignerType = signerType;
    if (tmpSignerType == null) {
        ResponderEntry entry = caManager.getResponder(name);
        if (entry == null) {
            throw new IllegalCmdParamException("please specify the signerType");
        }
        tmpSignerType = entry.getType();
    }
    return ShellUtil.canonicalizeSignerConf(tmpSignerType, signerConf, passwordResolver, securityFactory);
}
Also used : IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException) ResponderEntry(org.xipki.ca.server.mgmt.api.ResponderEntry)

Example 9 with IllegalCmdParamException

use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.

the class CaUpdateCmd method getChangeCaEntry.

protected X509ChangeCaEntry getChangeCaEntry() throws Exception {
    X509ChangeCaEntry entry = new X509ChangeCaEntry(new NameId(null, caName));
    if (snBitLen != null) {
        ParamUtil.requireRange("sn-bitlen", snBitLen, 63, 159);
        entry.setSerialNoBitLen(snBitLen);
    }
    if (caStatus != null) {
        entry.setStatus(CaStatus.forName(caStatus));
    }
    if (expirationPeriod != null && expirationPeriod < 0) {
        throw new IllegalCmdParamException("invalid expirationPeriod: " + expirationPeriod);
    } else {
        entry.setExpirationPeriod(expirationPeriod);
    }
    if (keepExpiredCertInDays != null) {
        entry.setKeepExpiredCertInDays(keepExpiredCertInDays);
    }
    if (certFile != null) {
        entry.setCert(X509Util.parseCert(certFile));
    }
    if (signerConf != null) {
        String tmpSignerType = signerType;
        if (tmpSignerType == null) {
            CaEntry caEntry = caManager.getCa(caName);
            if (caEntry == null) {
                throw new IllegalCmdParamException("please specify the signerType");
            }
            tmpSignerType = caEntry.getSignerType();
        }
        signerConf = ShellUtil.canonicalizeSignerConf(tmpSignerType, signerConf, passwordResolver, securityFactory);
        entry.setSignerConf(signerConf);
    }
    if (duplicateKeyS != null) {
        boolean permitted = isEnabled(duplicateKeyS, true, "duplicate-key");
        entry.setDuplicateKeyPermitted(permitted);
    }
    if (duplicateSubjectS != null) {
        boolean permitted = isEnabled(duplicateSubjectS, true, "duplicate-subject");
        entry.setDuplicateSubjectPermitted(permitted);
    }
    if (saveReqS != null) {
        boolean saveReq = isEnabled(saveReqS, true, "save-req");
        entry.setSaveRequest(saveReq);
    }
    if (CollectionUtil.isNonEmpty(permissions)) {
        int intPermission = ShellUtil.getPermission(permissions);
        entry.setPermission(intPermission);
    }
    entry.setCrlUris(getUris(crlUris));
    entry.setDeltaCrlUris(getUris(deltaCrlUris));
    entry.setOcspUris(getUris(ocspUris));
    entry.setCaCertUris(getUris(caCertUris));
    if (validityModeS != null) {
        ValidityMode validityMode = ValidityMode.forName(validityModeS);
        entry.setValidityMode(validityMode);
    }
    if (maxValidity != null) {
        entry.setMaxValidity(CertValidity.getInstance(maxValidity));
    }
    if (crlSignerName != null) {
        entry.setCrlSignerName(crlSignerName);
    }
    if (cmpControlName != null) {
        entry.setCmpControlName(cmpControlName);
    }
    if (responderName != null) {
        entry.setResponderName(responderName);
    }
    if (extraControl != null) {
        entry.setExtraControl(new ConfPairs(extraControl).unmodifiable());
    }
    if (numCrls != null) {
        entry.setNumCrls(numCrls);
    }
    return entry;
}
Also used : X509ChangeCaEntry(org.xipki.ca.server.mgmt.api.x509.X509ChangeCaEntry) CaEntry(org.xipki.ca.server.mgmt.api.CaEntry) ValidityMode(org.xipki.ca.server.mgmt.api.ValidityMode) NameId(org.xipki.ca.api.NameId) IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException) ConfPairs(org.xipki.common.ConfPairs) X509ChangeCaEntry(org.xipki.ca.server.mgmt.api.x509.X509ChangeCaEntry)

Example 10 with IllegalCmdParamException

use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.

the class CaUnrevokeCmd method execute0.

@Override
protected Object execute0() throws Exception {
    if (!caManager.getCaNames().contains(caName)) {
        throw new IllegalCmdParamException("invalid CA name " + caName);
    }
    String msg = "CA " + caName;
    try {
        caManager.unrevokeCa(caName);
        println("unrevoked " + msg);
        return null;
    } catch (CaMgmtException ex) {
        throw new CmdFailure("could not unrevoke " + msg + ", error: " + ex.getMessage(), ex);
    }
}
Also used : CaMgmtException(org.xipki.ca.server.mgmt.api.CaMgmtException) CmdFailure(org.xipki.console.karaf.CmdFailure) IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)

Aggregations

IllegalCmdParamException (org.xipki.console.karaf.IllegalCmdParamException)42 CmdFailure (org.xipki.console.karaf.CmdFailure)15 File (java.io.File)8 X509Certificate (java.security.cert.X509Certificate)6 CaMgmtException (org.xipki.ca.server.mgmt.api.CaMgmtException)6 P11Slot (org.xipki.security.pkcs11.P11Slot)6 BigInteger (java.math.BigInteger)5 RequestResponseDebug (org.xipki.common.RequestResponseDebug)5 P11ObjectIdentifier (org.xipki.security.pkcs11.P11ObjectIdentifier)5 FileInputStream (java.io.FileInputStream)4 NameId (org.xipki.ca.api.NameId)4 X509CRL (java.security.cert.X509CRL)3 Date (java.util.Date)3 LinkedList (java.util.LinkedList)3 Certificate (org.bouncycastle.asn1.x509.Certificate)3 CertIdOrError (org.xipki.ca.client.api.CertIdOrError)3 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 InputStream (java.io.InputStream)2 URL (java.net.URL)2 Key (java.security.Key)2