public CaCrlReasonCompleter() { List<String> enums = new LinkedList<>(); for (CrlReason reason : CaActions.CaRevoke.PERMITTED_REASONS) { enums.add(reason.getDescription()); } setTokens(enums); }
public CertRevocationInfo(int reasonCode, Date revocationTime, Date invalidityTime) { this.revocationTime = Args.notNull(revocationTime, "revocationTime"); this.reason = CrlReason.forReasonCode(reasonCode); this.invalidityTime = invalidityTime; }
public static CertRevocationInfo fromEncoded(String encoded) { ConfPairs pairs = new ConfPairs(encoded); CrlReason reason = CrlReason.forNameOrText(pairs.value("reason")); Date revocationTime = new Date(1000L * Long.parseLong(pairs.value("revocationTime"))); String str = pairs.value("invalidityTime"); Date invalidityTime = null; if (str != null) { invalidityTime = new Date(1000L * Long.parseLong(pairs.value("invalidityTime"))); } return new CertRevocationInfo(reason, revocationTime, invalidityTime); }
public static CrlReason forNameOrText(final String text) { ParamUtil.requireNonNull("text", text); for (CrlReason value : values()) { if (value.desription.equalsIgnoreCase(text) || value.name().equalsIgnoreCase(text) || Integer.toString(value.code).equals(text)) { return value; } } throw new IllegalArgumentException("invalid CrlReason " + text); }
if (extendedRevoke && reason == CrlReason.CERTIFICATE_HOLD.getCode() && revTime.getTime() == 0) { status = "unknown (RFC6960)"; } else { status = StringUtil.concatObjects("revoked, reason = ", CrlReason.forReasonCode(reason).getDescription(), ", revocationTime = ", revTime, (invTime == null ? "" : ", invalidityTime = " + invTime));
if (currentReason != CrlReason.CERTIFICATE_HOLD) { throw new OperationException(CERT_REVOKED, "certificate is revoked but not with reason " + CrlReason.CERTIFICATE_HOLD.getDescription()); int idx = 1; ps.setLong(idx++, System.currentTimeMillis() / 1000); ps.setInt(idx++, reason.getCode());
ps.setNull(idx++, Types.INTEGER); ps.setInt(idx++, revInfo.getReason().getCode()); } else {
public ClientCrlReasonCompleter() { StringBuilder enums = new StringBuilder(); for (CrlReason reason : CrlReason.PERMITTED_CLIENT_CRLREASONS) { enums.append(reason.description()).append(","); } enums.deleteCharAt(enums.length() - 1); setTokens(enums.toString()); }
@Override public void revokeCa(String caName, CertRevocationInfo revocationInfo) throws CaMgmtException { caName = Args.toNonBlankLower(caName, "caName"); Args.notNull(revocationInfo, "revocationInfo"); asssertMasterMode(); if (!x509cas.containsKey(caName)) { throw new CaMgmtException(concat("unkown CA ", caName)); } LOG.info("revoking CA '{}'", caName); X509Ca ca = x509cas.get(caName); CertRevocationInfo currentRevInfo = ca.getCaInfo().getRevocationInfo(); if (currentRevInfo != null) { CrlReason currentReason = currentRevInfo.getReason(); if (currentReason != CrlReason.CERTIFICATE_HOLD) { throw new CaMgmtException(concat("CA ", caName, " has been revoked with reason ", currentReason.name())); } } queryExecutor.revokeCa(caName, revocationInfo); try { ca.revokeCa(revocationInfo, CaAuditConstants.MSGID_ca_mgmt); } catch (OperationException ex) { throw new CaMgmtException(concat("could not revoke CA ", ex.getMessage()), ex); } LOG.info("revoked CA '{}'", caName); auditLogPciEvent(true, concat("REVOKE CA ", caName)); } // method revokeCa
if (extendedRevoke && reason == CrlReason.CERTIFICATE_HOLD.getCode() && revTime.getTime() == 0) { status = "unknown (RFC6960)"; } else { status = StringUtil.concatObjects("revoked, reason = ", CrlReason.forReasonCode(reason).getDescription(), ", revocationTime = ", revTime, (invTime == null ? "" : ", invalidityTime = " + invTime));
throw new OperationException(CERT_REVOKED, "certificate already revoked with the requested reason " + currentReason.getDescription()); } else { revInfo.setRevocationTime(currentRevInfo.getRevocationTime()); "certificate already revoked with reason " + currentReason.getDescription()); ps.setLong(idx++, revInfo.getRevocationTime().getTime() / 1000); // revTimeSeconds setLong(ps, idx++, invTimeSeconds); ps.setInt(idx++, revInfo.getReason().getCode());
public List<BigInteger> getSuspendedCertSerials(NameId ca, long latestLastUpdate, int numEntries) throws OperationException { Args.notNull(ca, "ca"); Args.positive(numEntries, "numEntries"); final String sql = getSqlSuspendedSerials(numEntries); ResultSet rs = null; PreparedStatement ps = borrowPreparedStatement(sql); try { ps.setInt(1, ca.getId()); ps.setLong(2, latestLastUpdate + 1); ps.setInt(3, CrlReason.CERTIFICATE_HOLD.getCode()); rs = ps.executeQuery(); List<BigInteger> ret = new ArrayList<>(); while (rs.next() && ret.size() < numEntries) { String str = rs.getString("SN"); ret.add(new BigInteger(str, 16)); } return ret; } catch (SQLException ex) { throw new OperationException(DATABASE_FAILURE, datasource.translate(sql, ex).getMessage()); } finally { datasource.releaseResources(ps, rs); } } // method getSuspendedCertIds
public static CrlReason forNameOrText(String text) { Args.notNull(text, "text"); for (CrlReason value : values()) { if (value.desription.equalsIgnoreCase(text) || value.name().equalsIgnoreCase(text) || Integer.toString(value.code).equals(text)) { return value; } } throw new IllegalArgumentException("invalid CrlReason " + text); }
public CaCrlReasonCompleter() { StringBuilder enums = new StringBuilder(); for (CrlReason reason : CaRevokeCmd.PERMITTED_REASONS) { enums.append(reason.description()).append(","); } enums.deleteCharAt(enums.length() - 1); setTokens(enums.toString()); }
public String getEncoded() { ConfPairs pairs = new ConfPairs(); pairs.putPair("reason", reason.getDescription()); pairs.putPair("revocationTime", Long.toString(revocationTime.getTime() / 1000)); if (invalidityTime != null) { pairs.putPair("invalidityTime", Long.toString(invalidityTime.getTime() / 1000)); } return pairs.getEncoded(); }
@Override protected Object execute0() throws Exception { CrlReason crlReason = CrlReason.forNameOrText(reason); if (!CrlReason.PERMITTED_CLIENT_CRLREASONS.contains(crlReason)) { throw new InvalidConfException("reason " + reason + " is not permitted"); } Date invalidityDate = null; if (isNotBlank(invalidityDateS)) { invalidityDate = DateUtil.parseUtcTimeyyyyMMddhhmmss(invalidityDateS); } boolean successful = caManager.revokeCertificate(caName, getSerialNumber(), crlReason, invalidityDate); output(successful, "revoked", "could not revoke", "certificate"); return null; }
} else { revInfo = new CertRevInfoWithSerial(id, new BigInteger(serial, 16), CrlReason.REMOVE_FROM_CRL.getCode(), new Date(1000 * rs.getLong("LUPDATE")), null);
public CertRevocationInfo(final int reasonCode, final Date revocationTime, final Date invalidityTime) { this.revocationTime = ParamUtil.requireNonNull("revocationTime", revocationTime); this.reason = CrlReason.forReasonCode(reasonCode); this.invalidityTime = invalidityTime; }
sb.append("\n"); if (revocationInfo != null) { sb.append("\treason: ").append(revocationInfo.reason().description()) .append("\n"); sb.append("\trevoked at ").append(revocationInfo.revocationTime()).append("\n");
@Override public String toString() { ConfPairs pairs = new ConfPairs(); pairs.putPair(KEY_REVOCATION_REASON, targetReason.getDescription()); pairs.putPair(KEY_UNCHANGED_SINCE, unchangedSince.toString()); return pairs.getEncoded(); }