org.xipki.cmpclient

Interface CmpClient

All Superinterfaces:

AutoCloseable, Closeable

All Known Implementing Classes:

CmpClientImpl

public interface CmpClient
extends Closeable

CMP client interface.

Since:

2.0.0

Author:

Lijun Liao

Method Summary

Modifier and Type	Method and Description
X509CRL	downloadCrl(String caName, BigInteger crlNumber, org.xipki.util.ReqRespDebug debug) Downloads the CRL for the given CRL number.
X509CRL	downloadCrl(String caName, org.xipki.util.ReqRespDebug debug) Downloads the current CRL.
EnrollCertResult	enrollCert(String caName, org.bouncycastle.asn1.pkcs.CertificationRequest csr, String profile, Date notBefore, Date notAfter, org.xipki.util.ReqRespDebug debug) Enrolls a certificate.
EnrollCertResult	enrollCerts(String caName, EnrollCertRequest request, org.xipki.util.ReqRespDebug debug) Enrolls a set of certificates.
X509CRL	generateCrl(String caName, org.xipki.util.ReqRespDebug debug) Generates and downloads a new CRL.
X509Certificate	getCaCert(String caName) Returns the CA certificate.
List<X509Certificate>	getCaCertchain(String caName) Returns the CA certificate chain.
org.bouncycastle.asn1.x500.X500Name	getCaCertSubject(String caName) Returns the subject of CA certificate.
String	getCaNameByIssuer(org.bouncycastle.asn1.x500.X500Name issuer) Gets the name of the CA.
String	getCaNameForProfile(String certprofile) Returns name of CA that supports give certprofile.
Set<String>	getCaNames()
Set<CertprofileInfo>	getCertprofiles(String caName) Return set given Certprofiles supported by the CA caName.
List<X509Certificate>	getDhPocPeerCertificates(String caName) Returns the certificates held by CA for the DH KeyAgreement.
org.xipki.util.HealthCheckResult	getHealthCheckResult(String caName) Gets the health status.
boolean	init()
CertIdOrError	removeCert(String caName, BigInteger serial, org.xipki.util.ReqRespDebug debug) Removes a certificate.
CertIdOrError	removeCert(String caName, X509Certificate cert, org.xipki.util.ReqRespDebug debug) Removes a certificate.
Map<String,CertIdOrError>	removeCerts(UnrevokeOrRemoveCertRequest request, org.xipki.util.ReqRespDebug debug) Removes certificates.
CertIdOrError	revokeCert(String caName, BigInteger serial, int reason, Date invalidityTime, org.xipki.util.ReqRespDebug debug) Revokes a certificate.
CertIdOrError	revokeCert(String caName, X509Certificate cert, int reason, Date invalidityTime, org.xipki.util.ReqRespDebug debug) Revokes a certificate.
Map<String,CertIdOrError>	revokeCerts(RevokeCertRequest request, org.xipki.util.ReqRespDebug debug) Revoke a set of certificates.
CertIdOrError	unrevokeCert(String caName, BigInteger serial, org.xipki.util.ReqRespDebug debug) Unrevokes a certificate.
CertIdOrError	unrevokeCert(String caName, X509Certificate cert, org.xipki.util.ReqRespDebug debug) Unrevokes certificates.
Map<String,CertIdOrError>	unrevokeCerts(UnrevokeOrRemoveCertRequest request, org.xipki.util.ReqRespDebug debug) Unrevokes certificates.

Methods inherited from interface java.io.Closeable

close

Method Detail

init

boolean init()

getCaNames

Set<String> getCaNames()
                throws CmpClientException

Throws:

CmpClientException

getCertprofiles

Set<CertprofileInfo> getCertprofiles(String caName)
                              throws CmpClientException

Return set given Certprofiles supported by the CA caName.

Parameters:

caName - CA name. Must not be null

Returns:

the certificate profiles supported by the given CA.

Throws:

CmpClientException - if client error occurs.

enrollCert

EnrollCertResult enrollCert(String caName,
                            org.bouncycastle.asn1.pkcs.CertificationRequest csr,
                            String profile,
                            Date notBefore,
                            Date notAfter,
                            org.xipki.util.ReqRespDebug debug)
                     throws CmpClientException,
                            PkiErrorException

Enrolls a certificate.

Parameters:

caName - CA name. Could be null.

csr - CSR. Must not benull.

profile - Certificate profile name. Must not benull.

notBefore - NotBefore. Could be null.

notAfter - NotAfter. Could be null.

debug - Request/response debug control. Could be null.

Returns:

the enrolling result.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

enrollCerts

EnrollCertResult enrollCerts(String caName,
                             EnrollCertRequest request,
                             org.xipki.util.ReqRespDebug debug)
                      throws CmpClientException,
                             PkiErrorException

Enrolls a set of certificates.

Parameters:

caName - CA name. Could be null.

request - Request. Must not be null.

debug - Request/response debug control. Could be null.

Returns:

the enrolling result.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

revokeCert

CertIdOrError revokeCert(String caName,
                         BigInteger serial,
                         int reason,
                         Date invalidityTime,
                         org.xipki.util.ReqRespDebug debug)
                  throws CmpClientException,
                         PkiErrorException

Revokes a certificate.

Parameters:

caName - CA name. Could be null.

serial - Serial number of the target certificate. Must not be null.

reason - Revocation reason.

invalidityTime - Invalidity time. Could be null.

debug - Request/response debug control. Could be null.

Returns:

the revocation result.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

revokeCert

CertIdOrError revokeCert(String caName,
                         X509Certificate cert,
                         int reason,
                         Date invalidityTime,
                         org.xipki.util.ReqRespDebug debug)
                  throws CmpClientException,
                         PkiErrorException

Revokes a certificate.

Parameters:

caName - CA name. Could be null.

cert - Target certificate. Must not be null.

reason - Revocation reason.

invalidityTime - Invalidity time. Could be null.

debug - Request/response debug control. Could be null.

Returns:

the revocation result.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

revokeCerts

Map<String,CertIdOrError> revokeCerts(RevokeCertRequest request,
                                      org.xipki.util.ReqRespDebug debug)
                               throws CmpClientException,
                                      PkiErrorException

Revoke a set of certificates.

Parameters:

request - Request. Must not be null.

debug - Request/response debug control. Could be null.

Returns:

the revocation result.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

downloadCrl

X509CRL downloadCrl(String caName,
                    org.xipki.util.ReqRespDebug debug)
             throws CmpClientException,
                    PkiErrorException

Downloads the current CRL.

Parameters:

caName - CA name. Must not be null.

debug - Request/response debug control. Could be null.

Returns:

the X509 CRL. Must not be null.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

downloadCrl

X509CRL downloadCrl(String caName,
                    BigInteger crlNumber,
                    org.xipki.util.ReqRespDebug debug)
             throws CmpClientException,
                    PkiErrorException

Downloads the CRL for the given CRL number.

Parameters:

caName - CA name. Must not be null.

crlNumber - CRL number. null to download the current CRL.

debug - Request/response debug control. Could be null.

Returns:

the X509 CRL. Must not be null.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

generateCrl

X509CRL generateCrl(String caName,
                    org.xipki.util.ReqRespDebug debug)
             throws CmpClientException,
                    PkiErrorException

Generates and downloads a new CRL.

Parameters:

caName - CA name. Must not be null.

debug - Request/response debug control. Could be null.

Returns:

the X509 CRL. Must not be null.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

getCaNameByIssuer

String getCaNameByIssuer(org.bouncycastle.asn1.x500.X500Name issuer)
                  throws CmpClientException

Gets the name of the CA.

Parameters:

issuer - Issuer's subject.

Returns:

the CA name

Throws:

CmpClientException - if client error occurs.

unrevokeCert

CertIdOrError unrevokeCert(String caName,
                           BigInteger serial,
                           org.xipki.util.ReqRespDebug debug)
                    throws CmpClientException,
                           PkiErrorException

Unrevokes a certificate.

Parameters:

caName - CA name. Could be null.

serial - Serial number of the certificate. Must not be null.

debug - Request/response debug control. Could be null.

Returns:

result of the unrevocation.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

unrevokeCert

CertIdOrError unrevokeCert(String caName,
                           X509Certificate cert,
                           org.xipki.util.ReqRespDebug debug)
                    throws CmpClientException,
                           PkiErrorException

Unrevokes certificates.

Parameters:

caName - CA name. Could be null.

cert - Target certificate. Must not be null.

debug - Request/response debug control. Could be null.

Returns:

result of the unrevocation.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

unrevokeCerts

Map<String,CertIdOrError> unrevokeCerts(UnrevokeOrRemoveCertRequest request,
                                        org.xipki.util.ReqRespDebug debug)
                                 throws CmpClientException,
                                        PkiErrorException

Unrevokes certificates.

Parameters:

request - Request. Must not be null.

debug - Request/response debug control. Could be null.

Returns:

result of the unrevocation.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

removeCert

CertIdOrError removeCert(String caName,
                         BigInteger serial,
                         org.xipki.util.ReqRespDebug debug)
                  throws CmpClientException,
                         PkiErrorException

Removes a certificate.

Parameters:

caName - CA name. Could be null.

serial - Serial number of the target certificate.

debug - Request/response debug control. Could be null.

Returns:

the result of the remove

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

removeCert

CertIdOrError removeCert(String caName,
                         X509Certificate cert,
                         org.xipki.util.ReqRespDebug debug)
                  throws CmpClientException,
                         PkiErrorException

Removes a certificate.

Parameters:

caName - CA name. Could be null.

cert - Target certificate.

debug - Request/response debug control. Could be null.

Returns:

result of the removing

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

removeCerts

Map<String,CertIdOrError> removeCerts(UnrevokeOrRemoveCertRequest request,
                                      org.xipki.util.ReqRespDebug debug)
                               throws CmpClientException,
                                      PkiErrorException

Removes certificates.

Parameters:

request - Request. Must not be null.

debug - Request/response debug control. Could be null.

Returns:

the result of the removing

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

getHealthCheckResult

org.xipki.util.HealthCheckResult getHealthCheckResult(String caName)
                                               throws CmpClientException

Gets the health status.

Parameters:

caName - CA name. Must not be null.

Returns:

the health status.

Throws:

CmpClientException - if client error occurs.

getCaCert

X509Certificate getCaCert(String caName)
                   throws CmpClientException

Returns the CA certificate.

Parameters:

caName - the CA name

Returns:

the CA certificate

Throws:

CmpClientException - if client error occurs.

getCaCertchain

List<X509Certificate> getCaCertchain(String caName)
                              throws CmpClientException

Returns the CA certificate chain.

Parameters:

caName - the CA name

Returns:

the CA certificate

Throws:

CmpClientException - if client error occurs.

getCaCertSubject

org.bouncycastle.asn1.x500.X500Name getCaCertSubject(String caName)
                                              throws CmpClientException

Returns the subject of CA certificate.

Parameters:

caName - the CA name

Returns:

the subject of CA certificate

Throws:

CmpClientException - if client error occurs.

getDhPocPeerCertificates

List<X509Certificate> getDhPocPeerCertificates(String caName)
                                        throws CmpClientException

Returns the certificates held by CA for the DH KeyAgreement.

Parameters:

caName - the CA name

Returns:

the certificates held by CA for the DH KeyAgreement,

Throws:

CmpClientException - if client error occurs.

getCaNameForProfile

String getCaNameForProfile(String certprofile)
                    throws CmpClientException

Returns name of CA that supports give certprofile.

Parameters:

certprofile - The name of certprofile

Returns:

name of CA that supports give certprofile.

Throws:

CmpClientException - If more than one CA supports the certificate.