Package org.xipki.cmp.client.internal

Class CmpClientImpl

  • All Implemented Interfaces:
    java.io.Closeable, java.lang.AutoCloseable, CmpClient
    public final class CmpClientImpl
extends java.lang.Object
implements CmpClient
    Implementation of the interface CmpClient.
    Since:
    2.0.0
    Author:
    Lijun Liao (xipki)

    • Constructor Summary

      Constructors 
      Constructor Description
      CmpClientImpl()  

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      org.xipki.security.X509Cert caCert​(java.lang.String caName, org.xipki.util.ReqRespDebug debug)
      Returns the CA certificate.
      java.util.List<org.xipki.security.X509Cert> caCerts​(java.lang.String caName, org.xipki.util.ReqRespDebug debug)
      Returns the CA certificate chain.
      void close()  
      org.bouncycastle.cert.X509CRLHolder downloadCrl​(java.lang.String caName, org.xipki.util.ReqRespDebug debug)
      Downloads the current CRL.
      EnrollCertResult enrollCert​(java.lang.String caName, Requestor requestor, org.bouncycastle.asn1.pkcs.CertificationRequest csr, java.lang.String profile, java.time.Instant notBefore, java.time.Instant notAfter, org.xipki.util.ReqRespDebug debug)
      Enrolls a certificate.
      EnrollCertResult enrollCerts​(java.lang.String caName, Requestor requestor, EnrollCertRequest request, org.xipki.util.ReqRespDebug debug)
      Enrolls a set of certificates.
      java.util.List<org.xipki.security.X509Cert> getDhPopPeerCertificates()
      Returns the certificates held by CA for the DH KeyAgreement.
      void init()  
      CertIdOrError revokeCert​(java.lang.String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, java.math.BigInteger serial, int reason, java.time.Instant invalidityDate, org.xipki.util.ReqRespDebug debug)
      Revokes a certificate.
      CertIdOrError revokeCert​(java.lang.String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, org.xipki.security.X509Cert cert, int reason, java.time.Instant invalidityDate, org.xipki.util.ReqRespDebug debug)
      Revokes a certificate.
      java.util.Map<java.lang.String,​CertIdOrError> revokeCerts​(java.lang.String caName, Requestor requestor, RevokeCertRequest request, org.xipki.util.ReqRespDebug debug)
      Revoke a set of certificates.
      void setConfFile​(java.lang.String confFile)  
      void setSecurityFactory​(org.xipki.security.SecurityFactory securityFactory)  
      CertIdOrError unsuspendCert​(java.lang.String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, java.math.BigInteger serial, org.xipki.util.ReqRespDebug debug)
      Unsuspends a certificate.
      CertIdOrError unsuspendCert​(java.lang.String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, org.xipki.security.X509Cert cert, org.xipki.util.ReqRespDebug debug)
      Unsuspends certificates.
      java.util.Map<java.lang.String,​CertIdOrError> unsuspendCerts​(java.lang.String caName, Requestor requestor, UnrevokeCertRequest request, org.xipki.util.ReqRespDebug debug)
      Unsuspends certificates.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • CmpClientImpl

        public CmpClientImpl()

    • Method Detail

      • setSecurityFactory

        public void setSecurityFactory​(org.xipki.security.SecurityFactory securityFactory)

      • setConfFile

        public void setConfFile​(java.lang.String confFile)

      • init

        public void init()
          throws java.lang.Exception
        Throws:
        java.lang.Exception

      • close

        public void close()
        Specified by:
        close in interface java.lang.AutoCloseable
        Specified by:
        close in interface java.io.Closeable

      • enrollCert

        public EnrollCertResult enrollCert​(java.lang.String caName,
                                   Requestor requestor,
                                   org.bouncycastle.asn1.pkcs.CertificationRequest csr,
                                   java.lang.String profile,
                                   java.time.Instant notBefore,
                                   java.time.Instant notAfter,
                                   org.xipki.util.ReqRespDebug debug)
                            throws CmpClientException,
                                   PkiErrorException
        Description copied from interface: CmpClient
        Enrolls a certificate.
        Specified by:
        enrollCert in interface CmpClient
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        csr - CSR. Must not benull.
        profile - Certificate profile name. Must not benull.
        notBefore - NotBefore. Could be null.
        notAfter - NotAfter. Could be null.
        debug - Request/response debug control. Could be null.
        Returns:
        the enrolling result.
        Throws:
        CmpClientException - if client error occurs.
        PkiErrorException - if the response returns none-success status.

      • enrollCerts

        public EnrollCertResult enrollCerts​(java.lang.String caName,
                                    Requestor requestor,
                                    EnrollCertRequest request,
                                    org.xipki.util.ReqRespDebug debug)
                             throws CmpClientException,
                                    PkiErrorException
        Description copied from interface: CmpClient
        Enrolls a set of certificates.
        Specified by:
        enrollCerts in interface CmpClient
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        request - Request. Must not be null.
        debug - Request/response debug control. Could be null.
        Returns:
        the enrolling result.
        Throws:
        CmpClientException - if client error occurs.
        PkiErrorException - if the response returns none-success status.

      • revokeCert

        public CertIdOrError revokeCert​(java.lang.String caName,
                                Requestor requestor,
                                org.xipki.security.X509Cert issuerCert,
                                org.xipki.security.X509Cert cert,
                                int reason,
                                java.time.Instant invalidityDate,
                                org.xipki.util.ReqRespDebug debug)
                         throws CmpClientException,
                                PkiErrorException
        Description copied from interface: CmpClient
        Revokes a certificate.
        Specified by:
        revokeCert in interface CmpClient
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        issuerCert - Issuer's certificate. Must not be null.
        cert - Target certificate. Must not be null.
        reason - Revocation reason.
        invalidityDate - Invalidity time. Could be null.
        debug - Request/response debug control. Could be null.
        Returns:
        the revocation result.
        Throws:
        CmpClientException - if client error occurs.
        PkiErrorException - if the response returns none-success status.

      • revokeCert

        public CertIdOrError revokeCert​(java.lang.String caName,
                                Requestor requestor,
                                org.xipki.security.X509Cert issuerCert,
                                java.math.BigInteger serial,
                                int reason,
                                java.time.Instant invalidityDate,
                                org.xipki.util.ReqRespDebug debug)
                         throws CmpClientException,
                                PkiErrorException
        Description copied from interface: CmpClient
        Revokes a certificate.
        Specified by:
        revokeCert in interface CmpClient
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        issuerCert - Issuer's certificate. Must not be null.
        serial - Serial number of the target certificate. Must not be null.
        reason - Revocation reason.
        invalidityDate - Invalidity time. Could be null.
        debug - Request/response debug control. Could be null.
        Returns:
        the revocation result.
        Throws:
        CmpClientException - if client error occurs.
        PkiErrorException - if the response returns none-success status.

      • revokeCerts

        public java.util.Map<java.lang.String,​CertIdOrError> revokeCerts​(java.lang.String caName,
                                                                       Requestor requestor,
                                                                       RevokeCertRequest request,
                                                                       org.xipki.util.ReqRespDebug debug)
                                                                throws CmpClientException,
                                                                       PkiErrorException
        Description copied from interface: CmpClient
        Revoke a set of certificates.
        Specified by:
        revokeCerts in interface CmpClient
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        request - Request. Must not be null.
        debug - Request/response debug control. Could be null.
        Returns:
        the revocation result.
        Throws:
        CmpClientException - if client error occurs.
        PkiErrorException - if the response returns none-success status.

      • downloadCrl

        public org.bouncycastle.cert.X509CRLHolder downloadCrl​(java.lang.String caName,
                                                       org.xipki.util.ReqRespDebug debug)
                                                throws CmpClientException,
                                                       PkiErrorException
        Description copied from interface: CmpClient
        Downloads the current CRL.
        Specified by:
        downloadCrl in interface CmpClient
        Parameters:
        caName - CA name. Must not be null.
        debug - Request/response debug control. Could be null.
        Returns:
        the X509 CRL. Must not be null.
        Throws:
        CmpClientException - if client error occurs.
        PkiErrorException - if the response returns none-success status.

      • unsuspendCert

        public CertIdOrError unsuspendCert​(java.lang.String caName,
                                   Requestor requestor,
                                   org.xipki.security.X509Cert issuerCert,
                                   org.xipki.security.X509Cert cert,
                                   org.xipki.util.ReqRespDebug debug)
                            throws CmpClientException,
                                   PkiErrorException
        Description copied from interface: CmpClient
        Unsuspends certificates.
        Specified by:
        unsuspendCert in interface CmpClient
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        issuerCert - Issuer's certificate. Must not be null.
        cert - Target certificate. Must not be null.
        debug - Request/response debug control. Could be null.
        Returns:
        result of the unrevocation.
        Throws:
        CmpClientException - if client error occurs.
        PkiErrorException - if the response returns none-success status.

      • unsuspendCert

        public CertIdOrError unsuspendCert​(java.lang.String caName,
                                   Requestor requestor,
                                   org.xipki.security.X509Cert issuerCert,
                                   java.math.BigInteger serial,
                                   org.xipki.util.ReqRespDebug debug)
                            throws CmpClientException,
                                   PkiErrorException
        Description copied from interface: CmpClient
        Unsuspends a certificate.
        Specified by:
        unsuspendCert in interface CmpClient
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        issuerCert - Issuer's certificate. Must not be null.
        serial - Serial number of the certificate. Must not be null.
        debug - Request/response debug control. Could be null.
        Returns:
        result of action.
        Throws:
        CmpClientException - if client error occurs.
        PkiErrorException - if the response returns none-success status.

      • unsuspendCerts

        public java.util.Map<java.lang.String,​CertIdOrError> unsuspendCerts​(java.lang.String caName,
                                                                          Requestor requestor,
                                                                          UnrevokeCertRequest request,
                                                                          org.xipki.util.ReqRespDebug debug)
                                                                   throws CmpClientException,
                                                                          PkiErrorException
        Description copied from interface: CmpClient
        Unsuspends certificates.
        Specified by:
        unsuspendCerts in interface CmpClient
        Parameters:
        caName - CA name. Must not be null.
        requestor - Requestor, the actor which requests the operation. Must not be null.
        request - Request. Must not be null.
        debug - Request/response debug control. Could be null.
        Returns:
        result of the unrevocation.
        Throws:
        CmpClientException - if client error occurs.
        PkiErrorException - if the response returns none-success status.

      • caCert

        public org.xipki.security.X509Cert caCert​(java.lang.String caName,
                                          org.xipki.util.ReqRespDebug debug)
                                   throws CmpClientException,
                                          PkiErrorException
        Description copied from interface: CmpClient
        Returns the CA certificate.
        Specified by:
        caCert in interface CmpClient
        Parameters:
        caName - the CA name
        debug - Request/response debug control. Could be null.
        Returns:
        the CA certificate
        Throws:
        CmpClientException - if client error occurs.
        PkiErrorException - if the response returns none-success status.

      • caCerts

        public java.util.List<org.xipki.security.X509Cert> caCerts​(java.lang.String caName,
                                                           org.xipki.util.ReqRespDebug debug)
                                                    throws CmpClientException,
                                                           PkiErrorException
        Description copied from interface: CmpClient
        Returns the CA certificate chain.
        Specified by:
        caCerts in interface CmpClient
        Parameters:
        caName - the CA name
        debug - Request/response debug control. Could be null.
        Returns:
        the CA certificate
        Throws:
        CmpClientException - if client error occurs.
        PkiErrorException - if the response returns none-success status.

      • getDhPopPeerCertificates

        public java.util.List<org.xipki.security.X509Cert> getDhPopPeerCertificates()
        Description copied from interface: CmpClient
        Returns the certificates held by CA for the DH KeyAgreement.
        Specified by:
        getDhPopPeerCertificates in interface CmpClient
        Returns:
        the certificates held by CA for the DH KeyAgreement,