public class CmpResponder extends Object
| Modifier and Type | Field and Description |
|---|---|
protected org.xipki.security.SecurityFactory |
securityFactory |
| Constructor and Description |
|---|
CmpResponder(CaManagerImpl caManager,
String caName) |
| Modifier and Type | Method and Description |
|---|---|
protected org.bouncycastle.asn1.cmp.PKIMessage |
buildErrorPkiMessage(org.bouncycastle.asn1.ASN1OctetString tid,
org.bouncycastle.asn1.cmp.PKIHeader requestHeader,
int failureCode,
String statusText) |
X509CRL |
generateCrlOnDemand(CmpRequestorInfo requestor,
org.xipki.ca.api.RequestType reqType,
String msgId) |
protected org.bouncycastle.asn1.cmp.PKIStatusInfo |
generateRejectionStatus(Integer info,
String errorMessage) |
protected org.bouncycastle.asn1.cmp.PKIStatusInfo |
generateRejectionStatus(org.bouncycastle.asn1.cmp.PKIStatus status,
Integer info,
String errorMessage) |
X509Ca |
getCa() |
String |
getCaName() |
protected org.xipki.ca.api.mgmt.CmpControl |
getCmpControl()
TODO.
|
org.bouncycastle.asn1.x509.CertificateList |
getCrl(CmpRequestorInfo requestor,
BigInteger crlNumber) |
CmpRequestorInfo |
getMacRequestor(org.bouncycastle.asn1.x500.X500Name requestorSender,
byte[] senderKID) |
CmpRequestorInfo |
getRequestor(org.bouncycastle.asn1.x500.X500Name requestorSender) |
CmpRequestorInfo |
getRequestor(X509Certificate requestorCert) |
X509Certificate |
getResponderCert() |
String |
getResponderName() |
org.bouncycastle.asn1.x500.X500Name |
getResponderSubject() |
protected org.bouncycastle.asn1.x509.GeneralName |
getSender() |
protected org.xipki.security.ConcurrentContentSigner |
getSigner() |
org.xipki.util.HealthCheckResult |
healthCheck() |
protected boolean |
intendsMe(org.bouncycastle.asn1.x509.GeneralName requestRecipient) |
boolean |
isOnService() |
org.bouncycastle.asn1.cmp.PKIMessage |
processPkiMessage(org.bouncycastle.asn1.cmp.PKIMessage pkiMessage,
X509Certificate tlsClientCert,
Map<String,String> parameters,
org.xipki.audit.AuditEvent event) |
protected org.bouncycastle.asn1.cmp.PKIMessage |
processPkiMessage0(org.bouncycastle.asn1.cmp.PKIMessage request,
org.xipki.ca.api.mgmt.RequestorInfo requestor,
org.bouncycastle.asn1.ASN1OctetString tid,
org.bouncycastle.cert.cmp.GeneralPKIMessage message,
String msgId,
Map<String,String> parameters,
org.xipki.audit.AuditEvent event)
Processes the request and returns the response.
|
protected byte[] |
randomBytes(int len) |
protected byte[] |
randomSalt() |
protected byte[] |
randomTransactionId() |
void |
removeCert(CmpRequestorInfo requestor,
BigInteger serialNumber,
org.xipki.ca.api.RequestType reqType,
String msgId) |
void |
revokeCert(CmpRequestorInfo requestor,
BigInteger serialNumber,
org.xipki.security.CrlReason reason,
Date invalidityDate,
org.xipki.ca.api.RequestType reqType,
String msgId) |
public CmpResponder(CaManagerImpl caManager, String caName) throws NoSuchAlgorithmException
NoSuchAlgorithmExceptionpublic X509Ca getCa()
public boolean isOnService()
public org.xipki.util.HealthCheckResult healthCheck()
public String getCaName()
public String getResponderName()
protected org.bouncycastle.asn1.cmp.PKIMessage processPkiMessage0(org.bouncycastle.asn1.cmp.PKIMessage request,
org.xipki.ca.api.mgmt.RequestorInfo requestor,
org.bouncycastle.asn1.ASN1OctetString tid,
org.bouncycastle.cert.cmp.GeneralPKIMessage message,
String msgId,
Map<String,String> parameters,
org.xipki.audit.AuditEvent event)
request - Original request. Will only be used for the storage. Could benull.requestor - Requestor. Must not be null.tid - Transaction id. Must not be null.message - PKI message. Must not be null.msgId - Message id. Must not be null.parameters - Additional parameters.event - Audit event. Must not be null.protected org.xipki.ca.api.mgmt.CmpControl getCmpControl()
null.protected org.xipki.security.ConcurrentContentSigner getSigner()
protected org.bouncycastle.asn1.x509.GeneralName getSender()
protected boolean intendsMe(org.bouncycastle.asn1.x509.GeneralName requestRecipient)
public CmpRequestorInfo getRequestor(org.bouncycastle.asn1.x500.X500Name requestorSender)
public CmpRequestorInfo getRequestor(X509Certificate requestorCert)
public CmpRequestorInfo getMacRequestor(org.bouncycastle.asn1.x500.X500Name requestorSender, byte[] senderKID)
public org.bouncycastle.asn1.x509.CertificateList getCrl(CmpRequestorInfo requestor, BigInteger crlNumber) throws org.xipki.ca.api.OperationException
org.xipki.ca.api.OperationExceptionpublic X509CRL generateCrlOnDemand(CmpRequestorInfo requestor, org.xipki.ca.api.RequestType reqType, String msgId) throws org.xipki.ca.api.OperationException
org.xipki.ca.api.OperationExceptionpublic void revokeCert(CmpRequestorInfo requestor, BigInteger serialNumber, org.xipki.security.CrlReason reason, Date invalidityDate, org.xipki.ca.api.RequestType reqType, String msgId) throws org.xipki.ca.api.OperationException
org.xipki.ca.api.OperationExceptionpublic void removeCert(CmpRequestorInfo requestor, BigInteger serialNumber, org.xipki.ca.api.RequestType reqType, String msgId) throws org.xipki.ca.api.OperationException
org.xipki.ca.api.OperationExceptionpublic org.bouncycastle.asn1.cmp.PKIMessage processPkiMessage(org.bouncycastle.asn1.cmp.PKIMessage pkiMessage,
X509Certificate tlsClientCert,
Map<String,String> parameters,
org.xipki.audit.AuditEvent event)
protected byte[] randomTransactionId()
protected byte[] randomSalt()
protected byte[] randomBytes(int len)
protected org.bouncycastle.asn1.cmp.PKIMessage buildErrorPkiMessage(org.bouncycastle.asn1.ASN1OctetString tid,
org.bouncycastle.asn1.cmp.PKIHeader requestHeader,
int failureCode,
String statusText)
protected org.bouncycastle.asn1.cmp.PKIStatusInfo generateRejectionStatus(Integer info, String errorMessage)
protected org.bouncycastle.asn1.cmp.PKIStatusInfo generateRejectionStatus(org.bouncycastle.asn1.cmp.PKIStatus status,
Integer info,
String errorMessage)
public org.bouncycastle.asn1.x500.X500Name getResponderSubject()
public X509Certificate getResponderCert()
Copyright © 2018. All rights reserved.