org.xipki.cmp.client

Interface CmpClient

All Superinterfaces:

AutoCloseable, Closeable

All Known Implementing Classes:

CmpClientImpl

public interface CmpClient
extends Closeable

CMP client interface.

Since:

2.0.0

Author:

Lijun Liao

Method Summary

Modifier and Type	Method and Description
org.xipki.security.X509Cert	caCert(String caName, org.xipki.util.ReqRespDebug debug) Returns the CA certificate.
List<org.xipki.security.X509Cert>	caCerts(String caName, org.xipki.util.ReqRespDebug debug) Returns the CA certificate chain.
org.bouncycastle.cert.X509CRLHolder	downloadCrl(String caName, org.xipki.util.ReqRespDebug debug) Downloads the current CRL.
EnrollCertResult	enrollCert(String caName, Requestor requestor, org.bouncycastle.asn1.pkcs.CertificationRequest csr, String profile, Date notBefore, Date notAfter, org.xipki.util.ReqRespDebug debug) Enrolls a certificate.
EnrollCertResult	enrollCerts(String caName, Requestor requestor, EnrollCertRequest request, org.xipki.util.ReqRespDebug debug) Enrolls a set of certificates.
List<org.xipki.security.X509Cert>	getDhPopPeerCertificates() Returns the certificates held by CA for the DH KeyAgreement.
CertIdOrError	revokeCert(String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, BigInteger serial, int reason, Date invalidityTime, org.xipki.util.ReqRespDebug debug) Revokes a certificate.
CertIdOrError	revokeCert(String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, org.xipki.security.X509Cert cert, int reason, Date invalidityTime, org.xipki.util.ReqRespDebug debug) Revokes a certificate.
Map<String,CertIdOrError>	revokeCerts(String caName, Requestor requestor, RevokeCertRequest request, org.xipki.util.ReqRespDebug debug) Revoke a set of certificates.
CertIdOrError	unsuspendCert(String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, BigInteger serial, org.xipki.util.ReqRespDebug debug) Unsuspends a certificate.
CertIdOrError	unsuspendCert(String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, org.xipki.security.X509Cert cert, org.xipki.util.ReqRespDebug debug) Unsuspends certificates.
Map<String,CertIdOrError>	unsuspendCerts(String caName, Requestor requestor, UnrevokeCertRequest request, org.xipki.util.ReqRespDebug debug) Unsuspends certificates.

Methods inherited from interface java.io.Closeable

close

Method Detail

enrollCert

EnrollCertResult enrollCert(String caName,
                            Requestor requestor,
                            org.bouncycastle.asn1.pkcs.CertificationRequest csr,
                            String profile,
                            Date notBefore,
                            Date notAfter,
                            org.xipki.util.ReqRespDebug debug)
                     throws CmpClientException,
                            PkiErrorException

Enrolls a certificate.

Parameters:

caName - CA name. Must not be null.

csr - CSR. Must not benull.

profile - Certificate profile name. Must not benull.

notBefore - NotBefore. Could be null.

notAfter - NotAfter. Could be null.

debug - Request/response debug control. Could be null.

Returns:

the enrolling result.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

enrollCerts

EnrollCertResult enrollCerts(String caName,
                             Requestor requestor,
                             EnrollCertRequest request,
                             org.xipki.util.ReqRespDebug debug)
                      throws CmpClientException,
                             PkiErrorException

Enrolls a set of certificates.

Parameters:

caName - CA name. Must not be null.

request - Request. Must not be null.

debug - Request/response debug control. Could be null.

Returns:

the enrolling result.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

revokeCert

CertIdOrError revokeCert(String caName,
                         Requestor requestor,
                         org.xipki.security.X509Cert issuerCert,
                         BigInteger serial,
                         int reason,
                         Date invalidityTime,
                         org.xipki.util.ReqRespDebug debug)
                  throws CmpClientException,
                         PkiErrorException

Revokes a certificate.

Parameters:

caName - CA name. Must not be null.

issuerCert - Issuer's certificate. Must not be null.

serial - Serial number of the target certificate. Must not be null.

reason - Revocation reason.

invalidityTime - Invalidity time. Could be null.

debug - Request/response debug control. Could be null.

Returns:

the revocation result.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

revokeCert

CertIdOrError revokeCert(String caName,
                         Requestor requestor,
                         org.xipki.security.X509Cert issuerCert,
                         org.xipki.security.X509Cert cert,
                         int reason,
                         Date invalidityTime,
                         org.xipki.util.ReqRespDebug debug)
                  throws CmpClientException,
                         PkiErrorException

Revokes a certificate.

Parameters:

caName - CA name. Must not be null.

issuerCert - Issuer's certificate. Must not be null.

cert - Target certificate. Must not be null.

reason - Revocation reason.

invalidityTime - Invalidity time. Could be null.

debug - Request/response debug control. Could be null.

Returns:

the revocation result.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

revokeCerts

Map<String,CertIdOrError> revokeCerts(String caName,
                                      Requestor requestor,
                                      RevokeCertRequest request,
                                      org.xipki.util.ReqRespDebug debug)
                               throws CmpClientException,
                                      PkiErrorException

Revoke a set of certificates.

Parameters:

request - Request. Must not be null.

debug - Request/response debug control. Could be null.

Returns:

the revocation result.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

downloadCrl

org.bouncycastle.cert.X509CRLHolder downloadCrl(String caName,
                                                org.xipki.util.ReqRespDebug debug)
                                         throws CmpClientException,
                                                PkiErrorException

Downloads the current CRL.

Parameters:

caName - CA name. Must not be null.

debug - Request/response debug control. Could be null.

Returns:

the X509 CRL. Must not be null.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

unsuspendCert

CertIdOrError unsuspendCert(String caName,
                            Requestor requestor,
                            org.xipki.security.X509Cert issuerCert,
                            BigInteger serial,
                            org.xipki.util.ReqRespDebug debug)
                     throws CmpClientException,
                            PkiErrorException

Unsuspends a certificate.

Parameters:

caName - CA name. Must not be null.

issuerCert - Issuer's certificate. Must not be null.

serial - Serial number of the certificate. Must not be null.

debug - Request/response debug control. Could be null.

Returns:

result of action.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

unsuspendCert

CertIdOrError unsuspendCert(String caName,
                            Requestor requestor,
                            org.xipki.security.X509Cert issuerCert,
                            org.xipki.security.X509Cert cert,
                            org.xipki.util.ReqRespDebug debug)
                     throws CmpClientException,
                            PkiErrorException

Unsuspends certificates.

Parameters:

caName - CA name. Must not be null.

issuerCert - Issuer's certificate. Must not be null.

cert - Target certificate. Must not be null.

debug - Request/response debug control. Could be null.

Returns:

result of the unrevocation.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

unsuspendCerts

Map<String,CertIdOrError> unsuspendCerts(String caName,
                                         Requestor requestor,
                                         UnrevokeCertRequest request,
                                         org.xipki.util.ReqRespDebug debug)
                                  throws CmpClientException,
                                         PkiErrorException

Unsuspends certificates.

Parameters:

caName - CA name. Must not be null.

request - Request. Must not be null.

debug - Request/response debug control. Could be null.

Returns:

result of the unrevocation.

Throws:

PkiErrorException - if the response returns none-success status.

CmpClientException - if client error occurs.

caCert

org.xipki.security.X509Cert caCert(String caName,
                                   org.xipki.util.ReqRespDebug debug)
                            throws CmpClientException,
                                   PkiErrorException

Returns the CA certificate.

Parameters:

caName - the CA name

Returns:

the CA certificate

Throws:

CmpClientException - if client error occurs.

PkiErrorException

caCerts

List<org.xipki.security.X509Cert> caCerts(String caName,
                                          org.xipki.util.ReqRespDebug debug)
                                   throws CmpClientException,
                                          PkiErrorException

Returns the CA certificate chain.

Parameters:

caName - the CA name

Returns:

the CA certificate

Throws:

CmpClientException - if client error occurs.

PkiErrorException

getDhPopPeerCertificates

List<org.xipki.security.X509Cert> getDhPopPeerCertificates()
                                                    throws CmpClientException

Returns the certificates held by CA for the DH KeyAgreement.

Returns:

the certificates held by CA for the DH KeyAgreement,

Throws:

CmpClientException - if client error occurs.