private void asssertMasterMode() throws CaMgmtException { if (!masterMode) { throw new CaMgmtException("operation not allowed in slave mode"); } }
private static <T extends MgmtResponse> T parse(byte[] bytes, Class<?> clazz) throws CaMgmtException { try { return JSON.parseObject(bytes, clazz); } catch (RuntimeException ex) { throw new CaMgmtException("cannot parse response " + clazz + " from byte[]", ex); } }
private static CaMgmtException logAndCreateException(String msg) { LOG.error(msg); return new CaMgmtException(msg); }
private Statement createStatement() throws CaMgmtException { try { return datasource.createStatement(); } catch (DataAccessException ex) { throw new CaMgmtException(ex); } } // method createStatement
private X509Certificate parseCert(byte[] certBytes) throws CaMgmtException { try { return X509Util.parseCert(certBytes); } catch (CertificateException ex) { throw new CaMgmtException("could not parse X.509 certificate", ex); } }
public X509Ca getX509Ca(String name) throws CaMgmtException { name = Args.toNonBlankLower(name, "name"); X509Ca ca = x509cas.get(name); if (ca == null) { throw new CaMgmtException("unknown CA " + name); } return ca; }
private PreparedStatement prepareStatement(String sql) throws CaMgmtException { try { return datasource.prepareStatement(sql); } catch (DataAccessException ex) { throw new CaMgmtException(ex); } } // method prepareStatement
public X509Ca getX509Ca(NameId ident) throws CaMgmtException { Args.notNull(ident, "ident"); X509Ca ca = x509cas.get(ident.getName()); if (ca == null) { throw new CaMgmtException("unknown CA " + ident); } return ca; }
private int getNonNullIdForName(String sql, String name) throws CaMgmtException { Integer id = getIdForName(sql, name); if (id != null) { return id.intValue(); } throw new CaMgmtException(concat("Found no entry named ",name)); }
private X509Certificate generateCert(String b64Cert) throws CaMgmtException { if (b64Cert == null) { return null; } byte[] encodedCert = Base64.decode(b64Cert); try { return X509Util.parseCert(encodedCert); } catch (CertificateException ex) { throw new CaMgmtException(ex); } } // method generateCert
@Override public void refreshTokenForSignerType(String signerType) throws CaMgmtException { try { securityFactory.refreshTokenForSignerType(signerType); } catch (XiSecurityException ex) { throw new CaMgmtException("could not refresh token for signer type " + signerType + ": " + ex.getMessage(), ex); } }
@Override public void unrevokeCertificate(String caName, BigInteger serialNumber) throws CaMgmtException { caName = Args.toNonBlankLower(caName, "caName"); Args.notNull(serialNumber, "serialNumber"); X509Ca ca = getX509Ca(caName); try { if (ca.unrevokeCert(serialNumber, CaAuditConstants.MSGID_ca_mgmt) == null) { throw new CaMgmtException("could not unrevoke non-existing certificate"); } } catch (OperationException ex) { throw new CaMgmtException(ex.getMessage(), ex); } } // method unrevokeCertificate
private X509CRL parseCrl(byte[] respBytes) throws CaMgmtException { MgmtResponse.ByteArray resp = parse(respBytes, MgmtResponse.ByteArray.class); try { return X509Util.parseCrl(resp.getResult()); } catch (CertificateException | CRLException ex) { throw new CaMgmtException("could not parse X.509 CRL", ex); } }
@Override public CertWithRevocationInfo getCert(String caName, BigInteger serialNumber) throws CaMgmtException { caName = Args.toNonBlankLower(caName, "caName"); Args.notNull(serialNumber, "serialNumber"); X509Ca ca = getX509Ca(caName); try { return ca.getCertWithRevocationInfo(serialNumber); } catch (CertificateException | OperationException ex) { throw new CaMgmtException(ex.getMessage(), ex); } }
@Override public void removeUser(String username) throws CaMgmtException { username = Args.toNonBlankLower(username, "username"); asssertMasterMode(); if (!queryExecutor.deleteRowWithName(username, "TUSER")) { throw new CaMgmtException("unknown user " + username); } }
SignerEntryWrapper createSigner(MgmtEntry.Signer entry) throws CaMgmtException { Args.notNull(entry, "entry"); SignerEntryWrapper ret = new SignerEntryWrapper(); ret.setDbEntry(entry); try { ret.initSigner(securityFactory); } catch (ObjectCreationException ex) { final String message = "createSigner"; LOG.debug(message, ex); throw new CaMgmtException(ex.getMessage()); } return ret; } // method createSigner
@Override public X509CRL generateCrlOnDemand(String caName) throws CaMgmtException { caName = Args.toNonBlankLower(caName, "caName"); X509Ca ca = getX509Ca(caName); try { return ca.generateCrlOnDemand(CaAuditConstants.MSGID_ca_mgmt); } catch (OperationException ex) { throw new CaMgmtException(ex.getMessage(), ex); } } // method generateCrlOnDemand
@Override public byte[] getCertRequest(String caName, BigInteger serialNumber) throws CaMgmtException { caName = Args.toNonBlankLower(caName, "caName"); Args.notNull(serialNumber, "serialNumber"); X509Ca ca = getX509Ca(caName); try { return ca.getCertRequest(serialNumber); } catch (OperationException ex) { throw new CaMgmtException(ex.getMessage(), ex); } }
@Override public List<CertListInfo> listCertificates(String caName, X500Name subjectPattern, Date validFrom, Date validTo, CertListOrderBy orderBy, int numEntries) throws CaMgmtException { caName = Args.toNonBlankLower(caName, "caName"); Args.range(numEntries, "numEntries", 1, 1000); X509Ca ca = getX509Ca(caName); try { return ca.listCerts(subjectPattern, validFrom, validTo, orderBy, numEntries); } catch (OperationException ex) { throw new CaMgmtException(ex.getMessage(), ex); } }
@Override public MgmtEntry.Ca getCa(String caName) throws CaMgmtException { MgmtRequest.Name req = new MgmtRequest.Name(caName); byte[] respBytes = transmit(MgmtAction.getCa, req); MgmtResponse.GetCa resp = parse(respBytes, MgmtResponse.GetCa.class); try { return resp.getResult().toCaEntry(); } catch (CertificateException | InvalidConfException ex) { throw new CaMgmtException("could not convert CaEntryWrapper to CaEntry", ex); } }