Example 36 with IllegalCmdParamException
use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.
the class CaLoadTestRevokeCmd method execute0.
@Override
protected Object execute0() throws Exception {
if (numThreads < 1) {
throw new IllegalCmdParamException("invalid number of threads " + numThreads);
}
if (!(serialNumberFile == null ^ caDbConfFile == null)) {
throw new IllegalCmdParamException("exactly one of ca-db and serial-file must be specified");
}
String description = StringUtil.concatObjectsCap(200, "issuer: ", issuerCertFile, "\ncadb: ", caDbConfFile, "\nserialNumberFile: ", serialNumberFile, "\nmaxCerts: ", maxCerts, "\n#certs/req: ", num, "\nunit: ", num, " certificate", (num > 1 ? "s" : ""), "\n");
Certificate caCert = Certificate.getInstance(IoUtil.read(issuerCertFile));
Properties props = new Properties();
props.load(new FileInputStream(IoUtil.expandFilepath(caDbConfFile)));
props.setProperty("autoCommit", "false");
props.setProperty("readOnly", "true");
props.setProperty("maximumPoolSize", "1");
props.setProperty("minimumIdle", "1");
DataSourceWrapper caDataSource = null;
Iterator<BigInteger> serialNumberIterator;
if (caDbConfFile != null) {
caDataSource = new DataSourceFactory().createDataSource("ds-" + caDbConfFile, props, securityFactory.getPasswordResolver());
serialNumberIterator = new DbGoodCertSerialIterator(caCert, caDataSource);
} else {
serialNumberIterator = new FileBigIntegerIterator(serialNumberFile, hex, false);
}
try {
CaLoadTestRevoke loadTest = new CaLoadTestRevoke(caClient, caCert, serialNumberIterator, maxCerts, num, description);
loadTest.setDuration(duration);
loadTest.setThreads(numThreads);
loadTest.test();
} finally {
if (caDataSource != null) {
caDataSource.close();
}
if (serialNumberIterator instanceof FileBigIntegerIterator) {
((FileBigIntegerIterator) serialNumberIterator).close();
}
}
return null;
}
Also used :
DataSourceFactory(org.xipki.datasource.DataSourceFactory)
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
BigInteger(java.math.BigInteger)
DataSourceWrapper(org.xipki.datasource.DataSourceWrapper)
Properties(java.util.Properties)
FileBigIntegerIterator(org.xipki.common.util.FileBigIntegerIterator)
FileInputStream(java.io.FileInputStream)
Certificate(org.bouncycastle.asn1.x509.Certificate)
Example 37 with IllegalCmdParamException
use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.
the class RemoveCertCmd method execute0.
@Override
protected Object execute0() throws Exception {
if (!(certFile == null ^ getSerialNumber() == null)) {
throw new IllegalCmdParamException("exactly one of cert and serial must be specified");
}
CertIdOrError certIdOrError;
if (certFile != null) {
X509Certificate cert = X509Util.parseCert(certFile);
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.removeCert(caName, cert, debug);
} finally {
saveRequestResponse(debug);
}
} else {
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.removeCert(caName, getSerialNumber(), debug);
} finally {
saveRequestResponse(debug);
}
}
if (certIdOrError.getError() != null) {
PkiStatusInfo error = certIdOrError.getError();
throw new CmdFailure("removing certificate failed: " + error);
} else {
println("removed certificate");
}
return null;
}
Also used :
RequestResponseDebug(org.xipki.common.RequestResponseDebug)
CmdFailure(org.xipki.console.karaf.CmdFailure)
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
CertIdOrError(org.xipki.ca.client.api.CertIdOrError)
PkiStatusInfo(org.xipki.cmp.PkiStatusInfo)
X509Certificate(java.security.cert.X509Certificate)
Example 38 with IllegalCmdParamException
use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.
the class UnrevokeCertCmd method execute0.
@Override
protected Object execute0() throws Exception {
if (!(certFile == null ^ getSerialNumber() == null)) {
throw new IllegalCmdParamException("exactly one of cert and serial must be specified");
}
CertIdOrError certIdOrError;
if (certFile != null) {
X509Certificate cert = X509Util.parseCert(certFile);
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.unrevokeCert(caName, cert, debug);
} finally {
saveRequestResponse(debug);
}
} else {
RequestResponseDebug debug = getRequestResponseDebug();
try {
certIdOrError = caClient.unrevokeCert(caName, getSerialNumber(), debug);
} finally {
saveRequestResponse(debug);
}
}
if (certIdOrError.getError() != null) {
PkiStatusInfo error = certIdOrError.getError();
throw new CmdFailure("releasing revocation failed: " + error);
} else {
println("unrevoked certificate");
}
return null;
}
Also used :
RequestResponseDebug(org.xipki.common.RequestResponseDebug)
CmdFailure(org.xipki.console.karaf.CmdFailure)
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
CertIdOrError(org.xipki.ca.client.api.CertIdOrError)
PkiStatusInfo(org.xipki.cmp.PkiStatusInfo)
X509Certificate(java.security.cert.X509Certificate)
Example 39 with IllegalCmdParamException
use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.
the class CaRevokeCmd method execute0.
@Override
protected Object execute0() throws Exception {
CrlReason crlReason = CrlReason.forNameOrText(reason);
if (!PERMITTED_REASONS.contains(crlReason)) {
throw new IllegalCmdParamException("reason " + reason + " is not permitted");
}
if (!caManager.getCaNames().contains(caName)) {
throw new IllegalCmdParamException("invalid CA name " + caName);
}
Date revocationDate = null;
revocationDate = isNotBlank(revocationDateS) ? DateUtil.parseUtcTimeyyyyMMddhhmmss(revocationDateS) : new Date();
Date invalidityDate = null;
if (isNotBlank(invalidityDateS)) {
invalidityDate = DateUtil.parseUtcTimeyyyyMMddhhmmss(invalidityDateS);
}
CertRevocationInfo revInfo = new CertRevocationInfo(crlReason, revocationDate, invalidityDate);
String msg = "CA " + caName;
try {
caManager.revokeCa(caName, revInfo);
println("revoked " + msg);
return null;
} catch (CaMgmtException ex) {
throw new CmdFailure("could not revoke " + msg + ", error: " + ex.getMessage(), ex);
}
}
Also used :
CertRevocationInfo(org.xipki.security.CertRevocationInfo)
CaMgmtException(org.xipki.ca.server.mgmt.api.CaMgmtException)
CmdFailure(org.xipki.console.karaf.CmdFailure)
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
CrlReason(org.xipki.security.CrlReason)
Date(java.util.Date)
Example 40 with IllegalCmdParamException
use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.
the class ScepUpdateCmd method execute0.
@Override
protected Object execute0() throws Exception {
Boolean realActive;
if (active != null) {
if (inactive != null) {
throw new IllegalCmdParamException("maximal one of --active and --inactive can be set");
}
realActive = Boolean.TRUE;
} else if (inactive != null) {
realActive = Boolean.FALSE;
} else {
realActive = null;
}
ChangeScepEntry entry = new ChangeScepEntry(name);
if (realActive != null) {
entry.setActive(realActive);
}
if (caName != null) {
entry.setCa(new NameId(null, caName));
}
if (responderName != null) {
entry.setResponderName(responderName);
}
if (CollectionUtil.isNonEmpty(profiles)) {
if (profiles.contains("NONE")) {
profiles.clear();
}
}
if (control != null) {
entry.setControl(control);
}
String msg = "SCEP responder " + name;
try {
caManager.changeScep(entry);
println("updated " + msg);
return null;
} catch (CaMgmtException ex) {
throw new CmdFailure("could not update " + msg + ", error: " + ex.getMessage(), ex);
}
}
Also used :
ChangeScepEntry(org.xipki.ca.server.mgmt.api.x509.ChangeScepEntry)
CaMgmtException(org.xipki.ca.server.mgmt.api.CaMgmtException)
NameId(org.xipki.ca.api.NameId)
CmdFailure(org.xipki.console.karaf.CmdFailure)
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
Aggregations
IllegalCmdParamException (org.xipki.console.karaf.IllegalCmdParamException)42
CmdFailure (org.xipki.console.karaf.CmdFailure)15
File (java.io.File)8
X509Certificate (java.security.cert.X509Certificate)6
CaMgmtException (org.xipki.ca.server.mgmt.api.CaMgmtException)6
P11Slot (org.xipki.security.pkcs11.P11Slot)6
BigInteger (java.math.BigInteger)5
RequestResponseDebug (org.xipki.common.RequestResponseDebug)5
P11ObjectIdentifier (org.xipki.security.pkcs11.P11ObjectIdentifier)5
FileInputStream (java.io.FileInputStream)4
NameId (org.xipki.ca.api.NameId)4
X509CRL (java.security.cert.X509CRL)3
Date (java.util.Date)3
LinkedList (java.util.LinkedList)3
Certificate (org.bouncycastle.asn1.x509.Certificate)3
CertIdOrError (org.xipki.ca.client.api.CertIdOrError)3
ByteArrayOutputStream (java.io.ByteArrayOutputStream)2
InputStream (java.io.InputStream)2
URL (java.net.URL)2
Key (java.security.Key)2
