Examples with IllegalCmdParamException org.xipki.console.karaf.IllegalCmdParamException used on opensource projects

Example 11 with IllegalCmdParamException

use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.

the class CaAddOrGenAction method getCaEntry.

protected X509CaEntry getCaEntry() throws Exception {
    ParamUtil.requireRange("sn-bitlen", snBitLen, 63, 159);
    if (nextCrlNumber < 1) {
        throw new IllegalCmdParamException("invalid CRL number: " + nextCrlNumber);
    }
    if (numCrls < 0) {
        throw new IllegalCmdParamException("invalid numCrls: " + numCrls);
    }
    if (expirationPeriod < 0) {
        throw new IllegalCmdParamException("invalid expirationPeriod: " + expirationPeriod);
    }
    if ("PKCS12".equalsIgnoreCase(signerType) || "JKS".equalsIgnoreCase(signerType)) {
        signerConf = ShellUtil.canonicalizeSignerConf(signerType, signerConf, passwordResolver, securityFactory);
    }
    X509CaUris caUris = new X509CaUris(caCertUris, ocspUris, crlUris, deltaCrlUris);
    X509CaEntry entry = new X509CaEntry(new NameId(null, caName), snBitLen, nextCrlNumber, signerType, signerConf, caUris, numCrls.intValue(), expirationPeriod.intValue());
    entry.setKeepExpiredCertInDays(keepExpiredCertInDays.intValue());
    boolean duplicateKeyPermitted = isEnabled(duplicateKeyS, true, "duplicate-key");
    entry.setDuplicateKeyPermitted(duplicateKeyPermitted);
    boolean duplicateSubjectPermitted = isEnabled(duplicateSubjectS, true, "duplicate-subject");
    entry.setDuplicateSubjectPermitted(duplicateSubjectPermitted);
    boolean saveReq = isEnabled(saveReqS, false, "save-req");
    entry.setSaveRequest(saveReq);
    ValidityMode validityMode = ValidityMode.forName(validityModeS);
    entry.setValidityMode(validityMode);
    CaStatus status = CaStatus.forName(caStatus);
    entry.setStatus(status);
    if (crlSignerName != null) {
        entry.setCrlSignerName(crlSignerName);
    }
    if (responderName != null) {
        entry.setResponderName(responderName);
    }
    CertValidity tmpMaxValidity = CertValidity.getInstance(maxValidity);
    entry.setMaxValidity(tmpMaxValidity);
    entry.setKeepExpiredCertInDays(keepExpiredCertInDays);
    if (cmpControlName != null) {
        entry.setCmpControlName(cmpControlName);
    }
    int intPermission = ShellUtil.getPermission(permissions);
    entry.setPermission(intPermission);
    if (extraControl != null) {
        extraControl = extraControl.trim();
    }
    if (StringUtil.isNotBlank(extraControl)) {
        entry.setExtraControl(new ConfPairs(extraControl).unmodifiable());
    }
    return entry;
}

Example 12 with IllegalCmdParamException

use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.

the class ProfileUpdateCmd method execute0.

@Override
protected Object execute0() throws Exception {
    if (type == null && conf == null && confFile == null) {
        throw new IllegalCmdParamException("nothing to update");
    }
    if (conf == null && confFile != null) {
        conf = new String(IoUtil.read(confFile));
    }
    String msg = "certificate profile " + name;
    try {
        caManager.changeCertprofile(name, type, conf);
        println("updated " + msg);
        return null;
    } catch (CaMgmtException ex) {
        throw new CmdFailure("could not update " + msg + ", error: " + ex.getMessage(), ex);
    }
}

Example 13 with IllegalCmdParamException

use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.

the class GetCaCertCmd method execute0.

@Override
protected Object execute0() throws Exception {
    if (caName != null) {
        caName = caName.toLowerCase();
    }
    Set<String> caNames = caClient.getCaNames();
    if (isEmpty(caNames)) {
        throw new CmdFailure("no CA is configured");
    }
    if (caName != null && !caNames.contains(caName)) {
        throw new IllegalCmdParamException("CA " + caName + " is not within the configured CAs " + caNames);
    }
    if (caName == null) {
        if (caNames.size() == 1) {
            caName = caNames.iterator().next();
        } else {
            throw new IllegalCmdParamException("no CA is specified, one of " + caNames + " is required");
        }
    }
    Certificate caCert;
    try {
        caCert = caClient.getCaCert(caName);
    } catch (Exception ex) {
        throw new CmdFailure("Error while retrieving CA certificate: " + ex.getMessage());
    }
    if (caCert == null) {
        throw new CmdFailure("received no CA certificate");
    }
    saveVerbose("saved CA certificate to file", new File(outFile), caCert.getEncoded());
    return null;
}

Example 14 with IllegalCmdParamException

use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.

the class HealthCmd method execute0.

@Override
protected Object execute0() throws Exception {
    if (caName != null) {
        caName = caName.toLowerCase();
    }
    Set<String> caNames = caClient.getCaNames();
    if (isEmpty(caNames)) {
        throw new IllegalCmdParamException("no CA is configured");
    }
    if (caName != null && !caNames.contains(caName)) {
        throw new IllegalCmdParamException("CA " + caName + " is not within the configured CAs " + caNames);
    }
    if (caName == null) {
        if (caNames.size() == 1) {
            caName = caNames.iterator().next();
        } else {
            throw new IllegalCmdParamException("no CA is specified, one of " + caNames + " is required");
        }
    }
    HealthCheckResult healthResult = caClient.getHealthCheckResult(caName);
    String str = StringUtil.concat("healthy status for CA ", caName, ": ", (healthResult.isHealthy() ? "healthy" : "not healthy"));
    if (verbose) {
        str = StringUtil.concat(str, "\n", healthResult.toJsonMessage(true));
    }
    System.out.println(str);
    return null;
}

Example 15 with IllegalCmdParamException

use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.

the class RevokeCertCmd method execute0.

@Override
protected Object execute0() throws Exception {
    if (!(certFile == null ^ getSerialNumber() == null)) {
        throw new IllegalCmdParamException("exactly one of cert and serial must be specified");
    }
    CrlReason crlReason = CrlReason.forNameOrText(reason);
    if (!CrlReason.PERMITTED_CLIENT_CRLREASONS.contains(crlReason)) {
        throw new IllegalCmdParamException("reason " + reason + " is not permitted");
    }
    CertIdOrError certIdOrError;
    Date invalidityDate = null;
    if (isNotBlank(invalidityDateS)) {
        invalidityDate = DateUtil.parseUtcTimeyyyyMMddhhmmss(invalidityDateS);
    }
    if (certFile != null) {
        X509Certificate cert = X509Util.parseCert(certFile);
        RequestResponseDebug debug = getRequestResponseDebug();
        try {
            certIdOrError = caClient.revokeCert(caName, cert, crlReason.getCode(), invalidityDate, debug);
        } finally {
            saveRequestResponse(debug);
        }
    } else {
        RequestResponseDebug debug = getRequestResponseDebug();
        try {
            certIdOrError = caClient.revokeCert(caName, getSerialNumber(), crlReason.getCode(), invalidityDate, debug);
        } finally {
            saveRequestResponse(debug);
        }
    }
    if (certIdOrError.getError() != null) {
        PkiStatusInfo error = certIdOrError.getError();
        throw new CmdFailure("revocation failed: " + error);
    } else {
        println("revoked certificate");
    }
    return null;
}