Examples of org.ejbca.core.model.ca.caadmin.CAInfo

• org.ejbca.core.model.ca.caadmin.CAInfo
  Holds nonsensitive information about a CA. @version $Id: CAInfo.java 11009 2010-12-29 15:20:37Z jeklund $

        CAID(UserDataVO d, Admin a, HardTokenProfile hardTokenProfile, CAAdminSession caAdminSession) {
            super(d, a, hardTokenProfile);
            this.caAdminSession = caAdminSession;
        }
        protected int getFromName(String name) {
            CAInfo caInfo = caAdminSession.getCAInfo(administrator, name);
            if ( caInfo!=null ) {
                return caInfo.getCAId();
            } else {
                return 0;
            }
        }

     */
  public CrmfRAPbeTcpRequestTest(String arg0) throws CertificateException {
    super(arg0);
    CryptoProviderTools.installBCProvider();
        // Try to use AdminCA1 if it exists
        CAInfo adminca1 = caAdminSessionRemote.getCAInfo(admin, "AdminCA1");
        if (adminca1 == null) {
            Collection<Integer> caids = caSession.getAvailableCAs(admin);
            Iterator<Integer> iter = caids.iterator();
            while (iter.hasNext()) {
              caid = iter.next().intValue();
            }
        } else {
          caid = adminca1.getCAId();
        }
        if (caid == 0) {
          assertTrue("No active CA! Must have at least one active CA to run tests!", false);
        }
        CAInfo cainfo = caAdminSessionRemote.getCAInfo(admin, caid);
        Collection<Certificate> certs = cainfo.getCertificateChain();
        if (certs.size() > 0) {
            Iterator<Certificate> certiter = certs.iterator();
            Certificate cert = certiter.next();
            String subject = CertTools.getSubjectDN(cert);
            if (StringUtils.equals(subject, cainfo.getSubjectDN())) {
                // Make sure we have a BC certificate
                cacert = (X509Certificate)CertTools.getCertfromByteArray(cert.getEncoded());
            }
        } else {
            log.error("NO CACERT for caid " + caid);

  public CrmfRATcpRequestTest(String arg0) throws CertificateEncodingException, CertificateException {
    super(arg0);
    CryptoProviderTools.installBCProvider();
        // Try to use AdminCA1 if it exists
        CAInfo adminca1 = caAdminSession.getCAInfo(admin, "AdminCA1");
        if (adminca1 == null) {
            Collection<Integer> caids = caSession.getAvailableCAs(admin);
            Iterator<Integer> iter = caids.iterator();
            while (iter.hasNext()) {
              caid = iter.next().intValue();
            }
        } else {
          caid = adminca1.getCAId();
        }
        if (caid == 0) {
          assertTrue("No active CA! Must have at least one active CA to run tests!", false);
        }
        CAInfo cainfo = caAdminSession.getCAInfo(admin, caid);
        Collection<Certificate> certs = cainfo.getCertificateChain();
        if (certs.size() > 0) {
            Iterator<Certificate> certiter = certs.iterator();
            Certificate cert = certiter.next();
            String subject = CertTools.getSubjectDN(cert);
            if (StringUtils.equals(subject, cainfo.getSubjectDN())) {
                // Make sure we have a BC certificate
                cacert = (X509Certificate) CertTools.getCertfromByteArray(cert.getEncoded());
            }
        } else {
            log.error("NO CACERT for caid " + caid);

        updatePropertyOnServer(CmpConfiguration.CONFIG_RA_NAMEGENERATIONPARAMS, "CN");
        updatePropertyOnServer(CmpConfiguration.CONFIG_RA_ALLOWCUSTOMCERTSERNO, "false");

        CryptoProviderTools.installBCProvider();
        // Try to use AdminCA1 if it exists
        final CAInfo adminca1;

        adminca1 = caAdminSessionRemote.getCAInfo(admin, "AdminCA1");

        if (adminca1 == null) {
            final Collection<Integer> caids;

            caids = caSession.getAvailableCAs(admin);

            final Iterator<Integer> iter = caids.iterator();
            int tmp = 0;
            while (iter.hasNext()) {
                tmp = iter.next().intValue();
            }
            caid = tmp;
        } else {
            caid = adminca1.getCAId();
        }
        if (caid == 0) {
            assertTrue("No active CA! Must have at least one active CA to run tests!", false);
        }
        final CAInfo cainfo;

        cainfo = caAdminSessionRemote.getCAInfo(admin, caid);

        Collection<Certificate> certs = cainfo.getCertificateChain();
        if (certs.size() > 0) {
            Iterator<Certificate> certiter = certs.iterator();
            Certificate cert = certiter.next();
            String subject = CertTools.getSubjectDN(cert);
            if (StringUtils.equals(subject, cainfo.getSubjectDN())) {
                // Make sure we have a BC certificate
                try {
                    cacert = (X509Certificate) CertTools.getCertfromByteArray(cert.getEncoded());
                } catch (Exception e) {
                    throw new Error(e);

    private void setupApprovals() throws Exception {
        CryptoProviderTools.installBCProvider();

        adminusername1 = genRandomUserName();

        CAInfo cainfo = caAdminSessionRemote.getCAInfo(intAdmin, getAdminCAName());
        caid = cainfo.getCAId();

        UserDataVO userdata = new UserDataVO(adminusername1, "CN=" + adminusername1, caid, null, null, 1, SecConst.EMPTY_ENDENTITYPROFILE,
                SecConst.CERTPROFILE_FIXED_ENDUSER, SecConst.TOKEN_SOFT_P12, 0, null);
        userdata.setPassword("foo123");
        userAdminSession.addUser(intadmin, userdata, true);

  }
  private X509Certificate createCA( int signedBy, Collection<Certificate> certificateChain, Set<Integer> setOfSubjectKeyIDs ) {
    Assert.assertTrue( "Failed to created certificate.",
                       this.testCase.createTestCA(this.name, 1024, "CN="+this.name+",O=EJBCA junit,OU=CertStoreServletTest",
                                              signedBy, certificateChain) );
    final CAInfo info = getCAInfo();
    final Collection<Certificate> newCertificateChain = info.getCertificateChain();
    final X509Certificate caCert = (X509Certificate)newCertificateChain.iterator().next();
    setOfSubjectKeyIDs.add(HashID.getFromKeyID(caCert).key);
    final Iterator<CAInHierarchy> i = this.subs.iterator();
    final int caid = info.getCAId();
    while ( i.hasNext() ) {
      i.next().createCA( caid, newCertificateChain, setOfSubjectKeyIDs );
    }
    return caCert;
  }

  /**
   *  @see org.ejbca.core.model.ca.caadmin.ICAAdminSessionLocal
   */
  public CAInfoView getCAInfo(String name) throws Exception{
    CAInfoView cainfoview = null;
    CAInfo cainfo = caadminsession.getCAInfo(administrator, name);
    if(cainfo != null) {
      cainfoview = new CAInfoView(cainfo, ejbcawebbean, info.getPublisherIdToNameMap());
    }
    return cainfoview;
  }

   *  @see org.ejbca.core.ejb.ca.caadmin.CAAdminSessionBean
   */
  public CAInfoView getCAInfo(int caid) throws Exception{
    // temporate
    CAInfoView cainfoview = null;
    CAInfo cainfo = caadminsession.getCAInfo(administrator, caid);
    if(cainfo != null) {
      cainfoview = new CAInfoView(cainfo, ejbcawebbean, info.getPublisherIdToNameMap());
    }
    return cainfoview;
  }

  /**
   *  @see org.ejbca.core.ejb.ca.caadmin.CAAdminSessionBean
   */
 public void publishCA(int caid){
   CAInfo cainfo = caadminsession.getCAInfo(administrator, caid);
   Collection<Integer> publishers = cainfo.getCRLPublishers();
   // Publish ExtendedCAServices certificates as well
  Iterator<ExtendedCAServiceInfo> iter = cainfo.getExtendedCAServiceInfos().iterator();
  while(iter.hasNext()){
    ExtendedCAServiceInfo next = iter.next();
    // Only publish certificates for active services
    if (next.getStatus() == ExtendedCAServiceInfo.STATUS_ACTIVE) {
      // The OCSP certificate is the same as the CA signing certificate
      if(next instanceof XKMSCAServiceInfo){
        List<Certificate> xkmscert = ((XKMSCAServiceInfo) next).getXKMSSignerCertificatePath();
        if (xkmscert != null) {
          caadminsession.publishCACertificate(administrator, xkmscert, publishers, cainfo.getSubjectDN());
        }
      }
      if(next instanceof CmsCAServiceInfo){
        List<Certificate> cmscert = ((CmsCAServiceInfo) next).getCertificatePath();
        if (cmscert != null) {
          caadminsession.publishCACertificate(administrator, cmscert, publishers, cainfo.getSubjectDN());
        }
      }
    }
  }
    CertificateProfile certprofile = certificateProfileSession.getCertificateProfile(administrator, cainfo.getCertificateProfileId());
    // A CA certificate is published where the CRL is published and if there is a publisher noted in the certificate profile
    // (which there is probably not)
    publishers.addAll(certprofile.getPublisherList());
    caadminsession.publishCACertificate(administrator, cainfo.getCertificateChain(), publishers, cainfo.getSubjectDN());
    crlCreateSession.publishCRL(administrator, (Certificate) cainfo.getCertificateChain().iterator().next(), publishers, cainfo.getSubjectDN(), cainfo.getDeltaCRLPeriod()>0);
 }

    caadminsession.publishCACertificate(administrator, cainfo.getCertificateChain(), publishers, cainfo.getSubjectDN());
    crlCreateSession.publishCRL(administrator, (Certificate) cainfo.getCertificateChain().iterator().next(), publishers, cainfo.getSubjectDN(), cainfo.getDeltaCRLPeriod()>0);
 }

 public void renewAndRevokeXKMSCertificate(int caid) throws CATokenOfflineException, CADoesntExistsException, UnsupportedEncodingException, IllegalKeyStoreException, AuthorizationDeniedException{
     CAInfo cainfo = caadminsession.getCAInfo(administrator, caid);
    Iterator iter = cainfo.getExtendedCAServiceInfos().iterator();
    while(iter.hasNext()){
      ExtendedCAServiceInfo next = (ExtendedCAServiceInfo) iter.next();
      if(next instanceof XKMSCAServiceInfo){
        List xkmscerts = ((XKMSCAServiceInfo) next).getXKMSSignerCertificatePath();
        if (xkmscerts != null) {
          X509Certificate xkmscert = (X509Certificate)xkmscerts.get(0);
        certificatesession.revokeCertificate(administrator,xkmscert, cainfo.getCRLPublishers(), RevokedCertInfo.REVOCATION_REASON_UNSPECIFIED, cainfo.getSubjectDN());
        }
        caadminsession.initExternalCAService(administrator, caid, next);
      }
    }
   }