isignsessionlocal.java

一个免费的CA,基于EJB平台的,老师叫我们测试,现把之共享出来让大家参考

    * Requests for a certificate to be created for the passed public key wrapped in a certification request message (ex PKCS10). Verification of the signature (proof-of-possesion) on the request is performed, and an exception thrown if verification fails. The method queries the user database for authorization of the user.
    * @param admin Information about the administrator or admin preforming the event.
    * @param req a Certification Request message, containing the public key to be put in the created certificate. Currently no additional parameters in requests are considered! Currently no additional parameters in the PKCS10 request is considered!
    * @param responseClass The implementation class that will be used as the response message.
    * @return The newly created response message or null.
    * @throws ObjectNotFoundException if the user does not exist.
    * @throws AuthStatusException If the users status is incorrect.
    * @throws AuthLoginException If the password is incorrect.
    * @throws IllegalKeyException if the public key is of wrong type.
    * @throws SignRequestException if the provided request is invalid.
    * @throws SignRequestSignatureException if the provided client certificate was not signed by the CA.
    */
   public org.ejbca.core.protocol.IResponseMessage createCertificate( org.ejbca.core.model.log.Admin admin,org.ejbca.core.protocol.IRequestMessage req,java.lang.Class responseClass ) throws org.ejbca.core.model.ra.NotFoundException, org.ejbca.core.model.ca.AuthStatusException, org.ejbca.core.model.ca.AuthLoginException, org.ejbca.core.model.ca.IllegalKeyException, org.ejbca.core.model.ca.caadmin.CADoesntExistsException, org.ejbca.core.model.ca.SignRequestException, org.ejbca.core.model.ca.SignRequestSignatureException;

   /**
    * Requests for a certificate to be created for the passed public key with the passed key usage and using the given certificate profile. This method is primarily intended to be used when issueing hardtokens having multiple certificates per user. The method queries the user database for authorization of the user. CAs are only allowed to have certificateSign and CRLSign set.
    * @param admin Information about the administrator or admin preforming the event.
    * @param username unique username within the instance.
    * @param password password for the user.
    * @param pk the public key to be put in the created certificate.
    * @param keyusage integer with bit mask describing desired keys usage, overrides keyUsage from CertificateProfiles if allowed. Bit mask is packed in in integer using constants from CertificateData. -1 means use default keyUsage from CertificateProfile. ex. int keyusage = CertificateData.digitalSignature | CertificateData.nonRepudiation; gives digitalSignature and nonRepudiation. ex. int keyusage = CertificateData.keyCertSign | CertificateData.cRLSign; gives keyCertSign and cRLSign
    * @param certificateprofileid used to override the one set in userdata. Should be set to SecConst.PROFILE_NO_PROFILE if the usedata certificateprofileid should be used
    * @param caid used to override the one set in userdata.锟? * Should be set to SecConst.CAID_USEUSERDEFINED if the regular certificateprofileid should be used
    * @return The newly created certificate or null.
    * @throws ObjectNotFoundException if the user does not exist.
    * @throws AuthStatusException If the users status is incorrect.
    * @throws AuthLoginException If the password is incorrect.
    * @throws IllegalKeyException if the public key is of wrong type.
    */
   public java.security.cert.Certificate createCertificate( org.ejbca.core.model.log.Admin admin,java.lang.String username,java.lang.String password,java.security.PublicKey pk,int keyusage,int certificateprofileid,int caid ) throws javax.ejb.ObjectNotFoundException, org.ejbca.core.model.ca.AuthStatusException, org.ejbca.core.model.ca.AuthLoginException, org.ejbca.core.model.ca.IllegalKeyException, org.ejbca.core.model.ca.caadmin.CADoesntExistsException;

   /**
    * Requests for a certificate to be created for the passed public key wrapped in a certification request message (ex PKCS10). The username and password used to authorize is taken from the request message. Verification of the signature (proof-of-possesion) on the request is performed, and an exception thrown if verification fails. The method queries the user database for authorization of the user.
    * @param admin Information about the administrator or admin preforming the event.
    * @param req a Certification Request message, containing the public key to be put in the created certificate. Currently no additional parameters in requests are considered!
    * @param keyUsage integer with bit mask describing desired keys usage. Bit mask is packed in in integer using contants from CertificateDataBean. ex. int keyusage = CertificateDataBean.digitalSignature | CertificateDataBean.nonRepudiation; gives digitalSignature and nonRepudiation. ex. int keyusage = CertificateDataBean.keyCertSign | CertificateDataBean.cRLSign; gives keyCertSign and cRLSign. Keyusage < 0 means that default keyUsage should be used.
    * @param responseClass The implementation class that will be used as the response message.
    * @return The newly created response or null.
    * @throws ObjectNotFoundException if the user does not exist.
    * @throws AuthStatusException If the users status is incorrect.
    * @throws AuthLoginException If the password is incorrect.
    * @throws IllegalKeyException if the public key is of wrong type.
    * @throws CADoesntExistsException if the targeted CA does not exist
    * @throws SignRequestException if the provided request is invalid.
    * @throws SignRequestSignatureException if the provided client certificate was not signed by the CA.
    * @see org.ejbca.core.ejb.ca.store.CertificateDataBean
    * @see org.ejbca.core.protocol.IRequestMessage
    * @see org.ejbca.core.protocol.IResponseMessage
    * @see org.ejbca.core.protocol.X509ResponseMessage    */
   public org.ejbca.core.protocol.IResponseMessage createCertificate( org.ejbca.core.model.log.Admin admin,org.ejbca.core.protocol.IRequestMessage req,int keyUsage,java.lang.Class responseClass ) throws org.ejbca.core.model.ca.AuthStatusException, org.ejbca.core.model.ca.AuthLoginException, org.ejbca.core.model.ca.IllegalKeyException, org.ejbca.core.model.ca.caadmin.CADoesntExistsException, org.ejbca.core.model.ca.SignRequestException, org.ejbca.core.model.ca.SignRequestSignatureException, org.ejbca.core.model.ra.NotFoundException;

   /**
    * Method that generates a request failed response message. The request should already have been decrypted and verified.
    * @param admin Information about the administrator or admin preforming the event.
    * @param req a Certification Request message, containing the public key to be put in the created certificate. Currently no additional parameters in requests are considered!
    * @param responseClass The implementation class that will be used as the response message.
    * @return A decrypted and verified IReqeust message
    * @throws AuthStatusException If the users status is incorrect.
    * @throws AuthLoginException If the password is incorrect.
    * @throws CADoesntExistsException if the targeted CA does not exist
    * @throws SignRequestException if the provided request is invalid.
    * @throws SignRequestSignatureException if the the request couldn't be verified.
    * @throws IllegalKeyException
    * @see se.anatom.ejbca.protocol.IRequestMessage
    * @see se.anatom.ejbca.protocol.IResponseMessage
    * @see se.anatom.ejbca.protocol.X509ResponseMessage    */
   public org.ejbca.core.protocol.IResponseMessage createRequestFailedResponse( org.ejbca.core.model.log.Admin admin,org.ejbca.core.protocol.IRequestMessage req,java.lang.Class responseClass ) throws org.ejbca.core.model.ca.AuthLoginException, org.ejbca.core.model.ca.AuthStatusException, org.ejbca.core.model.ca.IllegalKeyException, org.ejbca.core.model.ca.caadmin.CADoesntExistsException, org.ejbca.core.model.ca.SignRequestSignatureException, org.ejbca.core.model.ca.SignRequestException;

   /**
    * Method that just decrypts and verifies a request and should be used in those cases a when encrypted information needs to be extracted and presented to an RA for approval.
    * @param admin Information about the administrator or admin preforming the event.
    * @param req a Certification Request message, containing the public key to be put in the created certificate. Currently no additional parameters in requests are considered!
    * @return A decrypted and verified IReqeust message
    * @throws AuthStatusException If the users status is incorrect.
    * @throws AuthLoginException If the password is incorrect.
    * @throws IllegalKeyException if the public key is of wrong type.
    * @throws CADoesntExistsException if the targeted CA does not exist
    * @throws SignRequestException if the provided request is invalid.
    * @throws SignRequestSignatureException if the the request couldn't be verified.
    * @see se.anatom.ejbca.protocol.IRequestMessage
    * @see se.anatom.ejbca.protocol.IResponseMessage
    * @see se.anatom.ejbca.protocol.X509ResponseMessage    */
   public org.ejbca.core.protocol.IRequestMessage decryptAndVerifyRequest( org.ejbca.core.model.log.Admin admin,org.ejbca.core.protocol.IRequestMessage req ) throws javax.ejb.ObjectNotFoundException, org.ejbca.core.model.ca.AuthStatusException, org.ejbca.core.model.ca.AuthLoginException, org.ejbca.core.model.ca.IllegalKeyException, org.ejbca.core.model.ca.caadmin.CADoesntExistsException, org.ejbca.core.model.ca.SignRequestException, org.ejbca.core.model.ca.SignRequestSignatureException;

   /**
    * Implements ISignSession::getCRL
    * @param admin Information about the administrator or admin preforming the event.
    * @param req a CRL Request message
    * @param responseClass the implementation class of the desired response
    * @return The newly created certificate or null.
    * @throws IllegalKeyException if the public key is of wrong type.
    * @throws CADoesntExistsException if the targeted CA does not exist
    * @throws SignRequestException if the provided request is invalid.
    * @throws SignRequestSignatureException if the provided client certificate was not signed by the CA.
    */
   public org.ejbca.core.protocol.IResponseMessage getCRL( org.ejbca.core.model.log.Admin admin,org.ejbca.core.protocol.IRequestMessage req,java.lang.Class responseClass ) throws org.ejbca.core.model.ca.AuthStatusException, org.ejbca.core.model.ca.AuthLoginException, org.ejbca.core.model.ca.IllegalKeyException, org.ejbca.core.model.ca.caadmin.CADoesntExistsException, org.ejbca.core.model.ca.SignRequestException, org.ejbca.core.model.ca.SignRequestSignatureException, java.io.UnsupportedEncodingException;

   /**
    * Requests for a CRL to be created with the passed (revoked) certificates.
    * @param admin Information about the administrator or admin preforming the event.
    * @param caid Id of the CA which CRL should be created.
    * @param certs vector of RevokedCertInfo object.
    * @return The newly created CRL in DER encoded byte form or null, use CerlTools.getCRLfromByteArray to convert to X509CRL.
    * @throws CATokenOfflineException
    */
   public byte[] createCRL( org.ejbca.core.model.log.Admin admin,int caid,java.util.Vector certs ) throws org.ejbca.core.model.ca.catoken.CATokenOfflineException;

   /**
    * Method that publishes the given CA certificate chain to the list of publishers. Is mainly used by CAAdminSessionBean when CA is created.
    * @param admin Information about the administrator or admin preforming the event.
    * @param certificatechain certchain of certificate to publish
    * @param usedpublishers a collection if publisher id's (Integer) indicating which publisher that should be used.
    */
   public void publishCACertificate( org.ejbca.core.model.log.Admin admin,java.util.Collection certificatechain,java.util.Collection usedpublishers ) ;

   /**
    * Method used to perform a extended CA Service, like OCSP CA Service.
    * @param admin Information about the administrator or admin preforming the event.
    * @param caid the ca that should perform the service
    * @param request a service request.
    * @return A corresponding response.
    * @throws IllegalExtendedCAServiceRequestException if the request was invalid.
    * @throws ExtendedCAServiceNotActiveException thrown when the service for the given CA isn't activated
    * @throws CADoesntExistsException The given caid doesn't exists.
    */
   public org.ejbca.core.model.ca.caadmin.extendedcaservices.ExtendedCAServiceResponse extendedService( org.ejbca.core.model.log.Admin admin,int caid,org.ejbca.core.model.ca.caadmin.extendedcaservices.ExtendedCAServiceRequest request ) throws org.ejbca.core.model.ca.caadmin.extendedcaservices.ExtendedCAServiceRequestException, org.ejbca.core.model.ca.caadmin.extendedcaservices.IllegalExtendedCAServiceRequestException, org.ejbca.core.model.ca.caadmin.extendedcaservices.ExtendedCAServiceNotActiveException, org.ejbca.core.model.ca.caadmin.CADoesntExistsException;

}