public static CertRevocationInfo fromEncoded(String encoded) { ConfPairs pairs = new ConfPairs(encoded); CrlReason reason = CrlReason.forNameOrText(pairs.value("reason")); Date revocationTime = new Date(1000L * Long.parseLong(pairs.value("revocationTime"))); String str = pairs.value("invalidityTime"); Date invalidityTime = null; if (str != null) { invalidityTime = new Date(1000L * Long.parseLong(pairs.value("invalidityTime"))); } return new CertRevocationInfo(reason, revocationTime, invalidityTime); }
CrlReason currentReason = currentRevInfo.getReason(); if (currentReason == CrlReason.CERTIFICATE_HOLD) { if (revInfo.getReason() == CrlReason.CERTIFICATE_HOLD) { throw new OperationException(CERT_REVOKED, "certificate already revoked with the requested reason " + currentReason.getDescription()); } else { revInfo.setRevocationTime(currentRevInfo.getRevocationTime()); revInfo.setInvalidityTime(currentRevInfo.getInvalidityTime()); if (revInfo.getInvalidityTime() != null) { invTimeSeconds = revInfo.getInvalidityTime().getTime() / 1000; ps.setLong(idx++, System.currentTimeMillis() / 1000); setBoolean(ps, idx++, true); ps.setLong(idx++, revInfo.getRevocationTime().getTime() / 1000); // revTimeSeconds setLong(ps, idx++, invTimeSeconds); ps.setInt(idx++, revInfo.getReason().getCode());
void revokeCa(X509Cert caCert, CertRevocationInfo revInfo) throws DataAccessException { Args.notNull(caCert, "caCert"); Args.notNull(revInfo, "revInfo"); int issuerId = getIssuerId(caCert); final String sql = "UPDATE ISSUER SET REV_INFO=? WHERE ID=?"; PreparedStatement ps = datasource.prepareStatement(sql); try { ps.setString(1, revInfo.getEncoded()); ps.setInt(2, issuerId); ps.executeUpdate(); } catch (SQLException ex) { throw datasource.translate(sql, ex); } finally { datasource.releaseResources(ps, null); } } // method revokeCa
setBoolean(ps, idx++, revoked); if (revoked) { long revTime = revInfo.getRevocationTime().getTime() / 1000; ps.setLong(idx++, revTime); if (revInfo.getInvalidityTime() != null) { ps.setLong(idx++, revInfo.getInvalidityTime().getTime() / 1000); } else { ps.setNull(idx++, Types.INTEGER); ps.setInt(idx++, revInfo.getReason().getCode()); } else {
sb.append("\n"); if (revocationInfo != null) { sb.append("\treason: ").append(revocationInfo.reason().description()) .append("\n"); sb.append("\trevoked at ").append(revocationInfo.revocationTime()).append("\n");
if (revocationInfo != null) { revInfoText = StringUtil.concatObjectsCap(30, "\n\treason: ", revocationInfo.getReason().getDescription(), "\n\trevoked at ", revocationInfo.getRevocationTime());
try { CertWithRevocationInfo ret = revokeCertificate0(caInfo.getSerialNumber(), revocationInfo.getReason(), revocationInfo.getInvalidityTime(), true, event); successful = (ret != null); } finally {
CrlReason currentReason = currentRevInfo.getReason(); if (!force) { if (currentReason != CrlReason.CERTIFICATE_HOLD) {
? null : CertRevocationInfo.fromEncoded(revInfo); entry.setRevocationInfo(revocationInfo);
long revTime = revInfo.getRevocationTime().getTime() / 1000; ps.setLong(idx++, revTime); if (revInfo.getInvalidityTime() != null) { ps.setLong(idx++, revInfo.getInvalidityTime().getTime() / 1000); } else { ps.setNull(idx++, Types.BIGINT); int reasonCode = (revInfo.getReason() == null) ? 0 : revInfo.getReason().getCode(); ps.setInt(idx++, reasonCode);
if (revocationInfo != null) { revInfoText = StringUtil.concatObjectsCap(30, "\n\treason: ", revocationInfo.getReason().getDescription(), "\n\trevoked at ", revocationInfo.getRevocationTime());
@Override public void revokeCa(String caName, CertRevocationInfo revocationInfo) throws CaMgmtException { caName = Args.toNonBlankLower(caName, "caName"); Args.notNull(revocationInfo, "revocationInfo"); asssertMasterMode(); if (!x509cas.containsKey(caName)) { throw new CaMgmtException(concat("unkown CA ", caName)); } LOG.info("revoking CA '{}'", caName); X509Ca ca = x509cas.get(caName); CertRevocationInfo currentRevInfo = ca.getCaInfo().getRevocationInfo(); if (currentRevInfo != null) { CrlReason currentReason = currentRevInfo.getReason(); if (currentReason != CrlReason.CERTIFICATE_HOLD) { throw new CaMgmtException(concat("CA ", caName, " has been revoked with reason ", currentReason.name())); } } queryExecutor.revokeCa(caName, revocationInfo); try { ca.revokeCa(revocationInfo, CaAuditConstants.MSGID_ca_mgmt); } catch (OperationException ex) { throw new CaMgmtException(concat("could not revoke CA ", ex.getMessage()), ex); } LOG.info("revoked CA '{}'", caName); auditLogPciEvent(true, concat("REVOKE CA ", caName)); } // method revokeCa
CertRevocationInfo revInfo = new CertRevocationInfo(revReason, new Date(revTime * 1000), invalidityTime); certInfo.setRevocationInfo(revInfo);
void revokeCa(String caName, CertRevocationInfo revocationInfo) throws CaMgmtException { Args.notBlank(caName, "caName"); Args.notNull(revocationInfo, "revocationInfo"); String sql = "UPDATE CA SET REV_INFO=? WHERE NAME=?"; PreparedStatement ps = null; try { ps = prepareStatement(sql); ps.setString(1, revocationInfo.getEncoded()); ps.setString(2, caName); if (ps.executeUpdate() == 0) { throw new CaMgmtException("could not revoke CA " + caName); } } catch (SQLException ex) { throw new CaMgmtException(datasource.translate(sql, ex)); } finally { datasource.releaseResources(ps, null); } } // method revokeCa
if (revoked) { Date invalidityTime = (revInvTime == 0) ? null : new Date(1000 * revInvTime); revInfo = new CertRevocationInfo(revReason, new Date(1000 * revTime), invalidityTime);
@Override protected Object execute0() throws Exception { CrlReason crlReason = CrlReason.forNameOrText(reason); if (!PERMITTED_REASONS.contains(crlReason)) { throw new IllegalCmdParamException("reason " + reason + " is not permitted"); } if (!caManager.getCaNames().contains(caName)) { throw new IllegalCmdParamException("invalid CA name " + caName); } Date revocationDate = null; revocationDate = isNotBlank(revocationDateS) ? DateUtil.parseUtcTimeyyyyMMddhhmmss(revocationDateS) : new Date(); Date invalidityDate = null; if (isNotBlank(invalidityDateS)) { invalidityDate = DateUtil.parseUtcTimeyyyyMMddhhmmss(invalidityDateS); } CertRevocationInfo revInfo = new CertRevocationInfo(crlReason, revocationDate, invalidityDate); boolean bo = caManager.revokeCa(caName, revInfo); output(bo, "revoked", "could not revoke", "CA " + caName); return null; } // method execute0
CertRevocationInfo revInfo = new CertRevocationInfo(revReason, new Date(revTime * 1000), invalidityTime); certInfo.setRevocationInfo(revInfo);
@Override protected Object execute0() throws Exception { CrlReason crlReason = CrlReason.forNameOrText(reason); if (!PERMITTED_REASONS.contains(crlReason)) { throw new IllegalCmdParamException("reason " + reason + " is not permitted"); } if (!caManager.getCaNames().contains(caName)) { throw new IllegalCmdParamException("invalid CA name " + caName); } Date revocationDate = null; revocationDate = isNotBlank(revocationDateS) ? DateUtil.parseUtcTimeyyyyMMddhhmmss(revocationDateS) : new Date(); Date invalidityDate = null; if (isNotBlank(invalidityDateS)) { invalidityDate = DateUtil.parseUtcTimeyyyyMMddhhmmss(invalidityDateS); } CertRevocationInfo revInfo = new CertRevocationInfo(crlReason, revocationDate, invalidityDate); String msg = "CA " + caName; try { caManager.revokeCa(caName, revInfo); println("revoked " + msg); return null; } catch (CaMgmtException ex) { throw new CmdFailure("could not revoke " + msg + ", error: " + ex.getMessage(), ex); } } // method execute0
CertRevocationInfo revInfo = new CertRevocationInfo(reason, new Date(), invalidityTime); revokedCert = certstore.revokeCert(caIdent, serialNumber, revInfo, force, shouldPublishToDeltaCrlCache(), caIdNameMap);