Package org.xipki.ca.gateway.cmp
Class BaseCmpResponder
- java.lang.Object
-
- org.xipki.ca.gateway.cmp.BaseCmpResponder
-
- Direct Known Subclasses:
CmpResponder
public abstract class BaseCmpResponder extends java.lang.ObjectBase CMP responder.- Since:
- 6.0.0
- Author:
- Lijun Liao (xipki)
-
-
Field Summary
Fields Modifier and Type Field Description protected CmpControlcmpControlstatic java.lang.StringHTTP_HEADER_certprofilestatic java.lang.StringHTTP_HEADER_groupenrollprotected org.xipki.ca.gateway.PopControlpopControlprotected org.xipki.ca.sdk.SdkClientsdkprotected org.xipki.security.SecurityFactorysecurityFactorystatic java.lang.StringTYPE_ccrstatic java.lang.StringTYPE_certConfstatic java.lang.StringTYPE_crstatic java.lang.StringTYPE_errorstatic java.lang.StringTYPE_genm_cacertsstatic java.lang.StringTYPE_genm_current_crlstatic java.lang.StringTYPE_irstatic java.lang.StringTYPE_kurstatic java.lang.StringTYPE_p10crstatic java.lang.StringTYPE_pkiconfstatic java.lang.StringTYPE_rr_revokestatic java.lang.StringTYPE_rr_unrevoke
-
Constructor Summary
Constructors Modifier Constructor Description protectedBaseCmpResponder(CmpControl cmpControl, org.xipki.ca.sdk.SdkClient sdk, org.xipki.security.SecurityFactory securityFactory, org.xipki.ca.gateway.CaNameSigners signers, org.xipki.ca.gateway.RequestorAuthenticator authenticator, org.xipki.ca.gateway.PopControl popControl)
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected static voidaddErrCertResp(java.util.Map<java.lang.Integer,org.bouncycastle.asn1.cmp.CertResponse> resps, int index, org.bouncycastle.asn1.ASN1Integer certReqId, int pkiFailureInfo, java.lang.String pkiStatusText)protected static org.bouncycastle.asn1.cmp.CertRepMessagebuildErrCertResp(org.bouncycastle.asn1.ASN1Integer certReqId, int pkiFailureInfo, java.lang.String pkiStatusText)protected static org.bouncycastle.asn1.cmp.PKIBodybuildErrorMsgPkiBody(org.bouncycastle.asn1.cmp.PKIStatus pkiStatus, int failureInfo, java.lang.String statusMessage)protected voidcheckPermission(org.xipki.ca.gateway.Requestor requestor, int requiredPermission)protected abstract org.bouncycastle.asn1.cmp.PKIBodycmpEnrollCert(java.lang.String caName, java.lang.String dfltCertprofileName, boolean groupEnroll, org.bouncycastle.asn1.cmp.PKIMessage request, org.bouncycastle.asn1.cmp.PKIHeaderBuilder respHeader, org.bouncycastle.asn1.cmp.PKIHeader reqHeader, org.bouncycastle.asn1.cmp.PKIBody reqBody, org.xipki.ca.gateway.Requestor requestor, org.bouncycastle.asn1.ASN1OctetString tid, org.xipki.audit.AuditEvent event)protected org.bouncycastle.asn1.cmp.PKIBodycmpGeneralMsg(java.lang.String caName, org.bouncycastle.asn1.cmp.PKIBody reqBody, org.xipki.audit.AuditEvent event)protected abstract org.bouncycastle.asn1.cmp.PKIBodycmpUnRevokeCertificates(java.lang.String caName, org.bouncycastle.asn1.cmp.PKIMessage request, org.bouncycastle.asn1.cmp.PKIHeaderBuilder respHeader, org.bouncycastle.asn1.cmp.PKIHeader reqHeader, org.bouncycastle.asn1.cmp.PKIBody reqBody, org.xipki.ca.gateway.Requestor requestor, org.xipki.audit.AuditEvent event)protected abstract org.bouncycastle.asn1.cmp.PKIBodyconfirmCertificates(java.lang.String caName, org.bouncycastle.asn1.ASN1OctetString transactionId, org.bouncycastle.asn1.cmp.CertConfirmContent certConf)protected static org.bouncycastle.asn1.cmp.PKIStatusInfogenerateRejectionStatus(java.lang.Integer info, java.lang.String errorMessage)protected static org.bouncycastle.asn1.cmp.PKIStatusInfogenerateRejectionStatus(org.bouncycastle.asn1.cmp.PKIStatus status, java.lang.Integer info, java.lang.String errorMessage)protected static intgetPKiFailureInfo(org.xipki.util.exception.OperationException ex)protected static org.bouncycastle.asn1.x500.X500NamegetX500Name(org.bouncycastle.asn1.x509.GeneralName name)protected org.bouncycastle.asn1.cmp.CertResponsepostProcessCertInfo(org.bouncycastle.asn1.ASN1Integer certReqId, org.xipki.ca.gateway.Requestor requestor, byte[] cert, byte[] privateKeyinfo)org.bouncycastle.asn1.cmp.PKIMessageprocessPkiMessage(java.lang.String caName, org.bouncycastle.asn1.cmp.PKIMessage pkiMessage, org.xipki.security.X509Cert tlsClientCert, java.util.Map<java.lang.String,java.lang.String> parameters, org.xipki.audit.AuditEvent event)protected abstract org.bouncycastle.asn1.cmp.PKIBodyrevokePendingCertificates(java.lang.String caName, org.bouncycastle.asn1.ASN1OctetString transactionId)protected booleanverifyPop(org.bouncycastle.cert.crmf.CertificateRequestMessage certRequest, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo spki)
-
-
-
Field Detail
-
HTTP_HEADER_certprofile
public static final java.lang.String HTTP_HEADER_certprofile
- See Also:
- Constant Field Values
-
HTTP_HEADER_groupenroll
public static final java.lang.String HTTP_HEADER_groupenroll
- See Also:
- Constant Field Values
-
TYPE_ccr
public static final java.lang.String TYPE_ccr
- See Also:
- Constant Field Values
-
TYPE_certConf
public static final java.lang.String TYPE_certConf
- See Also:
- Constant Field Values
-
TYPE_ir
public static final java.lang.String TYPE_ir
- See Also:
- Constant Field Values
-
TYPE_cr
public static final java.lang.String TYPE_cr
- See Also:
- Constant Field Values
-
TYPE_error
public static final java.lang.String TYPE_error
- See Also:
- Constant Field Values
-
TYPE_genm_cacerts
public static final java.lang.String TYPE_genm_cacerts
- See Also:
- Constant Field Values
-
TYPE_genm_current_crl
public static final java.lang.String TYPE_genm_current_crl
- See Also:
- Constant Field Values
-
TYPE_kur
public static final java.lang.String TYPE_kur
- See Also:
- Constant Field Values
-
TYPE_p10cr
public static final java.lang.String TYPE_p10cr
- See Also:
- Constant Field Values
-
TYPE_pkiconf
public static final java.lang.String TYPE_pkiconf
- See Also:
- Constant Field Values
-
TYPE_rr_revoke
public static final java.lang.String TYPE_rr_revoke
- See Also:
- Constant Field Values
-
TYPE_rr_unrevoke
public static final java.lang.String TYPE_rr_unrevoke
- See Also:
- Constant Field Values
-
securityFactory
protected final org.xipki.security.SecurityFactory securityFactory
-
sdk
protected final org.xipki.ca.sdk.SdkClient sdk
-
cmpControl
protected final CmpControl cmpControl
-
popControl
protected final org.xipki.ca.gateway.PopControl popControl
-
-
Constructor Detail
-
BaseCmpResponder
protected BaseCmpResponder(CmpControl cmpControl, org.xipki.ca.sdk.SdkClient sdk, org.xipki.security.SecurityFactory securityFactory, org.xipki.ca.gateway.CaNameSigners signers, org.xipki.ca.gateway.RequestorAuthenticator authenticator, org.xipki.ca.gateway.PopControl popControl) throws java.security.NoSuchAlgorithmException
- Throws:
java.security.NoSuchAlgorithmException
-
-
Method Detail
-
cmpEnrollCert
protected abstract org.bouncycastle.asn1.cmp.PKIBody cmpEnrollCert(java.lang.String caName, java.lang.String dfltCertprofileName, boolean groupEnroll, org.bouncycastle.asn1.cmp.PKIMessage request, org.bouncycastle.asn1.cmp.PKIHeaderBuilder respHeader, org.bouncycastle.asn1.cmp.PKIHeader reqHeader, org.bouncycastle.asn1.cmp.PKIBody reqBody, org.xipki.ca.gateway.Requestor requestor, org.bouncycastle.asn1.ASN1OctetString tid, org.xipki.audit.AuditEvent event) throws org.xipki.util.exception.InsufficientPermissionException, org.xipki.ca.sdk.SdkErrorResponseException- Throws:
org.xipki.util.exception.InsufficientPermissionExceptionorg.xipki.ca.sdk.SdkErrorResponseException
-
cmpUnRevokeCertificates
protected abstract org.bouncycastle.asn1.cmp.PKIBody cmpUnRevokeCertificates(java.lang.String caName, org.bouncycastle.asn1.cmp.PKIMessage request, org.bouncycastle.asn1.cmp.PKIHeaderBuilder respHeader, org.bouncycastle.asn1.cmp.PKIHeader reqHeader, org.bouncycastle.asn1.cmp.PKIBody reqBody, org.xipki.ca.gateway.Requestor requestor, org.xipki.audit.AuditEvent event) throws org.xipki.ca.sdk.SdkErrorResponseException- Throws:
org.xipki.ca.sdk.SdkErrorResponseException
-
confirmCertificates
protected abstract org.bouncycastle.asn1.cmp.PKIBody confirmCertificates(java.lang.String caName, org.bouncycastle.asn1.ASN1OctetString transactionId, org.bouncycastle.asn1.cmp.CertConfirmContent certConf) throws org.xipki.ca.sdk.SdkErrorResponseException- Throws:
org.xipki.ca.sdk.SdkErrorResponseException
-
revokePendingCertificates
protected abstract org.bouncycastle.asn1.cmp.PKIBody revokePendingCertificates(java.lang.String caName, org.bouncycastle.asn1.ASN1OctetString transactionId) throws org.xipki.ca.sdk.SdkErrorResponseException- Throws:
org.xipki.ca.sdk.SdkErrorResponseException
-
getX500Name
protected static org.bouncycastle.asn1.x500.X500Name getX500Name(org.bouncycastle.asn1.x509.GeneralName name)
-
processPkiMessage
public org.bouncycastle.asn1.cmp.PKIMessage processPkiMessage(java.lang.String caName, org.bouncycastle.asn1.cmp.PKIMessage pkiMessage, org.xipki.security.X509Cert tlsClientCert, java.util.Map<java.lang.String,java.lang.String> parameters, org.xipki.audit.AuditEvent event)
-
generateRejectionStatus
protected static org.bouncycastle.asn1.cmp.PKIStatusInfo generateRejectionStatus(java.lang.Integer info, java.lang.String errorMessage)
-
generateRejectionStatus
protected static org.bouncycastle.asn1.cmp.PKIStatusInfo generateRejectionStatus(org.bouncycastle.asn1.cmp.PKIStatus status, java.lang.Integer info, java.lang.String errorMessage)
-
getPKiFailureInfo
protected static int getPKiFailureInfo(org.xipki.util.exception.OperationException ex)
-
checkPermission
protected void checkPermission(org.xipki.ca.gateway.Requestor requestor, int requiredPermission) throws org.xipki.util.exception.InsufficientPermissionException- Throws:
org.xipki.util.exception.InsufficientPermissionException
-
buildErrorMsgPkiBody
protected static org.bouncycastle.asn1.cmp.PKIBody buildErrorMsgPkiBody(org.bouncycastle.asn1.cmp.PKIStatus pkiStatus, int failureInfo, java.lang.String statusMessage)
-
buildErrCertResp
protected static org.bouncycastle.asn1.cmp.CertRepMessage buildErrCertResp(org.bouncycastle.asn1.ASN1Integer certReqId, int pkiFailureInfo, java.lang.String pkiStatusText)
-
addErrCertResp
protected static void addErrCertResp(java.util.Map<java.lang.Integer,org.bouncycastle.asn1.cmp.CertResponse> resps, int index, org.bouncycastle.asn1.ASN1Integer certReqId, int pkiFailureInfo, java.lang.String pkiStatusText)
-
verifyPop
protected boolean verifyPop(org.bouncycastle.cert.crmf.CertificateRequestMessage certRequest, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo spki)
-
postProcessCertInfo
protected org.bouncycastle.asn1.cmp.CertResponse postProcessCertInfo(org.bouncycastle.asn1.ASN1Integer certReqId, org.xipki.ca.gateway.Requestor requestor, byte[] cert, byte[] privateKeyinfo)
-
cmpGeneralMsg
protected org.bouncycastle.asn1.cmp.PKIBody cmpGeneralMsg(java.lang.String caName, org.bouncycastle.asn1.cmp.PKIBody reqBody, org.xipki.audit.AuditEvent event) throws org.xipki.ca.sdk.SdkErrorResponseException- Throws:
org.xipki.ca.sdk.SdkErrorResponseException
-
-