Package org.xipki.cmp.client

Interface CmpClient

  • All Superinterfaces:
    java.lang.AutoCloseable, java.io.Closeable
    All Known Implementing Classes:
    CmpClientImpl
    public interface CmpClient
extends java.io.Closeable
    CMP client interface.
    Since:
    2.0.0
    Author:
    Lijun Liao (xipki)

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      org.xipki.security.X509Cert caCert​(java.lang.String caName, org.xipki.util.ReqRespDebug debug)
      Returns the CA certificate.
      java.util.List<org.xipki.security.X509Cert> caCerts​(java.lang.String caName, org.xipki.util.ReqRespDebug debug)
      Returns the CA certificate chain.
      org.bouncycastle.cert.X509CRLHolder downloadCrl​(java.lang.String caName, org.xipki.util.ReqRespDebug debug)
      Downloads the current CRL.
      EnrollCertResult enrollCert​(java.lang.String caName, Requestor requestor, org.bouncycastle.asn1.pkcs.CertificationRequest csr, java.lang.String profile, java.time.Instant notBefore, java.time.Instant notAfter, org.xipki.util.ReqRespDebug debug)
      Enrolls a certificate.
      EnrollCertResult enrollCerts​(java.lang.String caName, Requestor requestor, EnrollCertRequest request, org.xipki.util.ReqRespDebug debug)
      Enrolls a set of certificates.
      java.util.List<org.xipki.security.X509Cert> getDhPopPeerCertificates()
      Returns the certificates held by CA for the DH KeyAgreement.
      CertIdOrError revokeCert​(java.lang.String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, java.math.BigInteger serial, int reason, java.time.Instant invalidityTime, org.xipki.util.ReqRespDebug debug)
      Revokes a certificate.
      CertIdOrError revokeCert​(java.lang.String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, org.xipki.security.X509Cert cert, int reason, java.time.Instant invalidityTime, org.xipki.util.ReqRespDebug debug)
      Revokes a certificate.
      java.util.Map<java.lang.String,​CertIdOrError> revokeCerts​(java.lang.String caName, Requestor requestor, RevokeCertRequest request, org.xipki.util.ReqRespDebug debug)
      Revoke a set of certificates.
      CertIdOrError unsuspendCert​(java.lang.String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, java.math.BigInteger serial, org.xipki.util.ReqRespDebug debug)
      Unsuspends a certificate.
      CertIdOrError unsuspendCert​(java.lang.String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, org.xipki.security.X509Cert cert, org.xipki.util.ReqRespDebug debug)
      Unsuspends certificates.
      java.util.Map<java.lang.String,​CertIdOrError> unsuspendCerts​(java.lang.String caName, Requestor requestor, UnrevokeCertRequest request, org.xipki.util.ReqRespDebug debug)
      Unsuspends certificates.

      • Methods inherited from interface java.io.Closeable

        close

    • Method Detail

      • enrollCert

        EnrollCertResult enrollCert​(java.lang.String caName,
                            Requestor requestor,
                            org.bouncycastle.asn1.pkcs.CertificationRequest csr,
                            java.lang.String profile,
                            java.time.Instant notBefore,
                            java.time.Instant notAfter,
                            org.xipki.util.ReqRespDebug debug)
                     throws CmpClientException,
                            PkiErrorException
        Enrolls a certificate.
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        csr - CSR. Must not benull.
        profile - Certificate profile name. Must not benull.
        notBefore - NotBefore. Could be null.
        notAfter - NotAfter. Could be null.
        debug - Request/response debug control. Could be null.
        Returns:
        the enrolling result.
        Throws:
        PkiErrorException - if the response returns none-success status.
        CmpClientException - if client error occurs.

      • enrollCerts

        EnrollCertResult enrollCerts​(java.lang.String caName,
                             Requestor requestor,
                             EnrollCertRequest request,
                             org.xipki.util.ReqRespDebug debug)
                      throws CmpClientException,
                             PkiErrorException
        Enrolls a set of certificates.
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        request - Request. Must not be null.
        debug - Request/response debug control. Could be null.
        Returns:
        the enrolling result.
        Throws:
        PkiErrorException - if the response returns none-success status.
        CmpClientException - if client error occurs.

      • revokeCert

        CertIdOrError revokeCert​(java.lang.String caName,
                         Requestor requestor,
                         org.xipki.security.X509Cert issuerCert,
                         java.math.BigInteger serial,
                         int reason,
                         java.time.Instant invalidityTime,
                         org.xipki.util.ReqRespDebug debug)
                  throws CmpClientException,
                         PkiErrorException
        Revokes a certificate.
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        issuerCert - Issuer's certificate. Must not be null.
        serial - Serial number of the target certificate. Must not be null.
        reason - Revocation reason.
        invalidityTime - Invalidity time. Could be null.
        debug - Request/response debug control. Could be null.
        Returns:
        the revocation result.
        Throws:
        PkiErrorException - if the response returns none-success status.
        CmpClientException - if client error occurs.

      • revokeCert

        CertIdOrError revokeCert​(java.lang.String caName,
                         Requestor requestor,
                         org.xipki.security.X509Cert issuerCert,
                         org.xipki.security.X509Cert cert,
                         int reason,
                         java.time.Instant invalidityTime,
                         org.xipki.util.ReqRespDebug debug)
                  throws CmpClientException,
                         PkiErrorException
        Revokes a certificate.
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        issuerCert - Issuer's certificate. Must not be null.
        cert - Target certificate. Must not be null.
        reason - Revocation reason.
        invalidityTime - Invalidity time. Could be null.
        debug - Request/response debug control. Could be null.
        Returns:
        the revocation result.
        Throws:
        PkiErrorException - if the response returns none-success status.
        CmpClientException - if client error occurs.

      • revokeCerts

        java.util.Map<java.lang.String,​CertIdOrError> revokeCerts​(java.lang.String caName,
                                                                Requestor requestor,
                                                                RevokeCertRequest request,
                                                                org.xipki.util.ReqRespDebug debug)
                                                         throws CmpClientException,
                                                                PkiErrorException
        Revoke a set of certificates.
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        request - Request. Must not be null.
        debug - Request/response debug control. Could be null.
        Returns:
        the revocation result.
        Throws:
        PkiErrorException - if the response returns none-success status.
        CmpClientException - if client error occurs.

      • downloadCrl

        org.bouncycastle.cert.X509CRLHolder downloadCrl​(java.lang.String caName,
                                                org.xipki.util.ReqRespDebug debug)
                                         throws CmpClientException,
                                                PkiErrorException
        Downloads the current CRL.
        Parameters:
        caName - CA name. Must not be null.
        debug - Request/response debug control. Could be null.
        Returns:
        the X509 CRL. Must not be null.
        Throws:
        PkiErrorException - if the response returns none-success status.
        CmpClientException - if client error occurs.

      • unsuspendCert

        CertIdOrError unsuspendCert​(java.lang.String caName,
                            Requestor requestor,
                            org.xipki.security.X509Cert issuerCert,
                            java.math.BigInteger serial,
                            org.xipki.util.ReqRespDebug debug)
                     throws CmpClientException,
                            PkiErrorException
        Unsuspends a certificate.
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        issuerCert - Issuer's certificate. Must not be null.
        serial - Serial number of the certificate. Must not be null.
        debug - Request/response debug control. Could be null.
        Returns:
        result of action.
        Throws:
        PkiErrorException - if the response returns none-success status.
        CmpClientException - if client error occurs.

      • unsuspendCert

        CertIdOrError unsuspendCert​(java.lang.String caName,
                            Requestor requestor,
                            org.xipki.security.X509Cert issuerCert,
                            org.xipki.security.X509Cert cert,
                            org.xipki.util.ReqRespDebug debug)
                     throws CmpClientException,
                            PkiErrorException
        Unsuspends certificates.
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        issuerCert - Issuer's certificate. Must not be null.
        cert - Target certificate. Must not be null.
        debug - Request/response debug control. Could be null.
        Returns:
        result of the unrevocation.
        Throws:
        PkiErrorException - if the response returns none-success status.
        CmpClientException - if client error occurs.

      • unsuspendCerts

        java.util.Map<java.lang.String,​CertIdOrError> unsuspendCerts​(java.lang.String caName,
                                                                   Requestor requestor,
                                                                   UnrevokeCertRequest request,
                                                                   org.xipki.util.ReqRespDebug debug)
                                                            throws CmpClientException,
                                                                   PkiErrorException
        Unsuspends certificates.
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        request - Request. Must not be null.
        debug - Request/response debug control. Could be null.
        Returns:
        result of the unrevocation.
        Throws:
        PkiErrorException - if the response returns none-success status.
        CmpClientException - if client error occurs.

      • caCert

        org.xipki.security.X509Cert caCert​(java.lang.String caName,
                                   org.xipki.util.ReqRespDebug debug)
                            throws CmpClientException,
                                   PkiErrorException
        Returns the CA certificate.
        Parameters:
        caName - the CA name
        debug - Request/response debug control. Could be null.
        Returns:
        the CA certificate
        Throws:
        PkiErrorException - if the response returns none-success status.
        CmpClientException - if client error occurs.

      • caCerts

        java.util.List<org.xipki.security.X509Cert> caCerts​(java.lang.String caName,
                                                    org.xipki.util.ReqRespDebug debug)
                                             throws CmpClientException,
                                                    PkiErrorException
        Returns the CA certificate chain.
        Parameters:
        caName - the CA name
        debug - Request/response debug control. Could be null.
        Returns:
        the CA certificate
        Throws:
        PkiErrorException - if the response returns none-success status.
        CmpClientException - if client error occurs.

      • getDhPopPeerCertificates

        java.util.List<org.xipki.security.X509Cert> getDhPopPeerCertificates()
                                                              throws CmpClientException
        Returns the certificates held by CA for the DH KeyAgreement.
        Returns:
        the certificates held by CA for the DH KeyAgreement,
        Throws:
        CmpClientException - if client error occurs.