CmpResponder (XiPKI :: ca-server 5.3.6 API)

java.lang.Object
- org.xipki.ca.server.cmp.CmpResponder

public class CmpResponder
extends Object

CMP responder.

Since:: 2.0.0
Author:: Lijun Liao

Field Summary

Fields
Modifier and Type Field and Description

protected org.xipki.security.SecurityFactory securityFactory

Fields
Modifier and Type	Field and Description
`protected org.xipki.security.SecurityFactory`	`securityFactory`

Constructor Summary

Constructors
Constructor and Description

CmpResponder(CaManagerImpl caManager, String caName)

Constructors
Constructor and Description
`CmpResponder(CaManagerImpl caManager, String caName)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected org.bouncycastle.asn1.cmp.PKIMessage`	`buildErrorPkiMessage(org.bouncycastle.asn1.ASN1OctetString tid, org.bouncycastle.asn1.cmp.PKIHeader requestHeader, int failureCode, String statusText)`
`X509CRL`	`generateCrlOnDemand(org.xipki.ca.api.mgmt.RequestorInfo.CmpRequestorInfo requestor, org.xipki.ca.api.RequestType reqType, String msgId)`
`protected org.bouncycastle.asn1.cmp.PKIStatusInfo`	`generateRejectionStatus(Integer info, String errorMessage)`
`protected org.bouncycastle.asn1.cmp.PKIStatusInfo`	`generateRejectionStatus(org.bouncycastle.asn1.cmp.PKIStatus status, Integer info, String errorMessage)`
`X509Ca`	`getCa()`
`String`	`getCaName()`
`protected org.xipki.ca.api.mgmt.CmpControl`	`getCmpControl()` Get the CMP control.
`org.bouncycastle.asn1.x509.CertificateList`	`getCrl(org.xipki.ca.api.mgmt.RequestorInfo.CmpRequestorInfo requestor, BigInteger crlNumber)`
`org.xipki.ca.api.mgmt.RequestorInfo.CmpRequestorInfo`	`getMacRequestor(org.bouncycastle.asn1.x500.X500Name requestorSender, byte[] senderKID)`
`org.xipki.ca.api.mgmt.RequestorInfo.CmpRequestorInfo`	`getRequestor(org.bouncycastle.asn1.x500.X500Name requestorSender)`
`org.xipki.ca.api.mgmt.RequestorInfo.CmpRequestorInfo`	`getRequestor(X509Certificate requestorCert)`
`X509Certificate`	`getResponderCert()`
`String`	`getResponderName()`
`org.bouncycastle.asn1.x500.X500Name`	`getResponderSubject()`
`protected org.bouncycastle.asn1.x509.GeneralName`	`getSender()`
`protected org.xipki.security.ConcurrentContentSigner`	`getSigner()`
`org.xipki.util.HealthCheckResult`	`healthCheck()`
`protected boolean`	`intendsMe(org.bouncycastle.asn1.x509.GeneralName requestRecipient)`
`boolean`	`isOnService()`
`org.bouncycastle.asn1.cmp.PKIMessage`	`processPkiMessage(org.bouncycastle.asn1.cmp.PKIMessage pkiMessage, X509Certificate tlsClientCert, Map<String,String> parameters, org.xipki.audit.AuditEvent event)`
`protected org.bouncycastle.asn1.cmp.PKIMessage`	`processPkiMessage0(org.bouncycastle.asn1.cmp.PKIMessage request, org.xipki.ca.api.mgmt.RequestorInfo requestor, org.bouncycastle.asn1.ASN1OctetString tid, org.bouncycastle.cert.cmp.GeneralPKIMessage message, String msgId, Map<String,String> parameters, org.xipki.audit.AuditEvent event)` Processes the request and returns the response.
`protected byte[]`	`randomBytes(int len)`
`protected byte[]`	`randomSalt()`
`protected byte[]`	`randomTransactionId()`
`void`	`removeCert(org.xipki.ca.api.mgmt.RequestorInfo.CmpRequestorInfo requestor, BigInteger serialNumber, org.xipki.ca.api.RequestType reqType, String msgId)`
`void`	`revokeCert(org.xipki.ca.api.mgmt.RequestorInfo.CmpRequestorInfo requestor, BigInteger serialNumber, org.xipki.security.CrlReason reason, Date invalidityDate, org.xipki.ca.api.RequestType reqType, String msgId)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

securityFactory

protected final org.xipki.security.SecurityFactory securityFactory

Constructor Detail

CmpResponder

public CmpResponder(CaManagerImpl caManager,
                    String caName)
             throws NoSuchAlgorithmException

Throws:: NoSuchAlgorithmException

Method Detail

getCa
```
public X509Ca getCa()
```

isOnService
```
public boolean isOnService()
```

healthCheck

public org.xipki.util.HealthCheckResult healthCheck()

getCaName
```
public String getCaName()
```

getResponderName
```
public String getResponderName()
```

processPkiMessage0

protected org.bouncycastle.asn1.cmp.PKIMessage processPkiMessage0(org.bouncycastle.asn1.cmp.PKIMessage request,
                                                                  org.xipki.ca.api.mgmt.RequestorInfo requestor,
                                                                  org.bouncycastle.asn1.ASN1OctetString tid,
                                                                  org.bouncycastle.cert.cmp.GeneralPKIMessage message,
                                                                  String msgId,
                                                                  Map<String,String> parameters,
                                                                  org.xipki.audit.AuditEvent event)

Processes the request and returns the response.

Parameters:: request - Original request. Will only be used for the storage. Could benull.; requestor - Requestor. Must not be null.; tid - Transaction id. Must not be null.; message - PKI message. Must not be null.; msgId - Message id. Must not be null.; parameters - Additional parameters.; event - Audit event. Must not be null.
Returns:: the response

getCmpControl

protected org.xipki.ca.api.mgmt.CmpControl getCmpControl()

Get the CMP control.

Returns:: never returns null.

getSigner

protected org.xipki.security.ConcurrentContentSigner getSigner()

getSender

protected org.bouncycastle.asn1.x509.GeneralName getSender()

intendsMe

protected boolean intendsMe(org.bouncycastle.asn1.x509.GeneralName requestRecipient)

getRequestor

public org.xipki.ca.api.mgmt.RequestorInfo.CmpRequestorInfo getRequestor(org.bouncycastle.asn1.x500.X500Name requestorSender)

getRequestor

public org.xipki.ca.api.mgmt.RequestorInfo.CmpRequestorInfo getRequestor(X509Certificate requestorCert)

getMacRequestor

public org.xipki.ca.api.mgmt.RequestorInfo.CmpRequestorInfo getMacRequestor(org.bouncycastle.asn1.x500.X500Name requestorSender,
                                                                            byte[] senderKID)

getCrl

public org.bouncycastle.asn1.x509.CertificateList getCrl(org.xipki.ca.api.mgmt.RequestorInfo.CmpRequestorInfo requestor,
                                                         BigInteger crlNumber)
                                                  throws org.xipki.ca.api.OperationException

Throws:: org.xipki.ca.api.OperationException

generateCrlOnDemand

public X509CRL generateCrlOnDemand(org.xipki.ca.api.mgmt.RequestorInfo.CmpRequestorInfo requestor,
                                   org.xipki.ca.api.RequestType reqType,
                                   String msgId)
                            throws org.xipki.ca.api.OperationException

Throws:: org.xipki.ca.api.OperationException

revokeCert

public void revokeCert(org.xipki.ca.api.mgmt.RequestorInfo.CmpRequestorInfo requestor,
                       BigInteger serialNumber,
                       org.xipki.security.CrlReason reason,
                       Date invalidityDate,
                       org.xipki.ca.api.RequestType reqType,
                       String msgId)
                throws org.xipki.ca.api.OperationException

Throws:: org.xipki.ca.api.OperationException

removeCert

public void removeCert(org.xipki.ca.api.mgmt.RequestorInfo.CmpRequestorInfo requestor,
                       BigInteger serialNumber,
                       org.xipki.ca.api.RequestType reqType,
                       String msgId)
                throws org.xipki.ca.api.OperationException

Throws:: org.xipki.ca.api.OperationException

processPkiMessage

public org.bouncycastle.asn1.cmp.PKIMessage processPkiMessage(org.bouncycastle.asn1.cmp.PKIMessage pkiMessage,
                                                              X509Certificate tlsClientCert,
                                                              Map<String,String> parameters,
                                                              org.xipki.audit.AuditEvent event)

randomTransactionId

protected byte[] randomTransactionId()

randomSalt
```
protected byte[] randomSalt()
```

randomBytes

protected byte[] randomBytes(int len)

buildErrorPkiMessage

protected org.bouncycastle.asn1.cmp.PKIMessage buildErrorPkiMessage(org.bouncycastle.asn1.ASN1OctetString tid,
                                                                    org.bouncycastle.asn1.cmp.PKIHeader requestHeader,
                                                                    int failureCode,
                                                                    String statusText)

generateRejectionStatus

protected org.bouncycastle.asn1.cmp.PKIStatusInfo generateRejectionStatus(Integer info,
                                                                          String errorMessage)

generateRejectionStatus

protected org.bouncycastle.asn1.cmp.PKIStatusInfo generateRejectionStatus(org.bouncycastle.asn1.cmp.PKIStatus status,
                                                                          Integer info,
                                                                          String errorMessage)

getResponderSubject

public org.bouncycastle.asn1.x500.X500Name getResponderSubject()

getResponderCert

public X509Certificate getResponderCert()

Class CmpResponder

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

securityFactory

Constructor Detail

CmpResponder

Method Detail

getCa

isOnService

healthCheck

getCaName

getResponderName

processPkiMessage0

getCmpControl

getSigner

getSender

intendsMe

getRequestor

getRequestor

getMacRequestor

getCrl

generateCrlOnDemand

revokeCert

removeCert

processPkiMessage

randomTransactionId

randomSalt

randomBytes

buildErrorPkiMessage

generateRejectionStatus

generateRejectionStatus

getResponderSubject

getResponderCert