limal-ca-mgm: RevokeCertificateAndCreateCRL.cpp

00001 #include <blocxx/Logger.hpp>
00002 #include <blocxx/AppenderLogger.hpp>
00003 #include <blocxx/CerrLogger.hpp>
00004 #include <blocxx/CerrAppender.hpp>
00005 #include <blocxx/String.hpp>
00006 #include <blocxx/PerlRegEx.hpp>
00007 #include <limal/Logger.hpp>
00008 #include <limal/PathInfo.hpp>
00009 #include <limal/ca-mgm/CA.hpp>
00010 #include <limal/ca-mgm/CRLReason.hpp>
00011 
00012 #include <iostream>
00013 #include <fstream>
00014 #include <unistd.h>
00015 
00016 using namespace blocxx;
00017 using namespace limal;
00018 using namespace limal::ca_mgm;
00019 using namespace std;
00020 
00021 int main()
00022 {
00023     try
00024     {
00025         blocxx::StringArray cat;
00026         cat.push_back("FATAL");
00027         cat.push_back("ERROR");
00028         cat.push_back("INFO");
00029         //cat.push_back("DEBUG");
00030 
00031         // Logging
00032         LoggerRef l = limal::Logger::createCerrLogger(
00033                                                       "RevokeCertificate",
00034                                                       LogAppender::ALL_COMPONENTS,
00035                                                       cat,
00036                                                       "%-5p %c - %m"
00037                                                       );
00038         limal::Logger::setDefaultLogger(l);
00039         
00040         CA ca("Test_CA1", "system", "./TestRepos/");
00041 
00042         // ------------------------ get request defaults -------------------
00043 
00044         RequestGenerationData rgd = ca.getRequestDefaults(E_Server_Req);
00045 
00046         List<RDNObject> dnl = rgd.getSubjectDN().getDN();
00047         List<RDNObject>::iterator dnit;
00048         
00049         // ------------------------ fill the Subject (DN) -------------------
00050 
00051         for(dnit = dnl.begin(); dnit != dnl.end(); ++dnit)
00052         {
00053             cout << "DN Key " << (*dnit).getType() << endl;
00054             
00055             if((*dnit).getType() == "countryName")
00056             {
00057                 (*dnit).setRDNValue("DE");
00058             }
00059             else if((*dnit).getType() == "commonName")
00060             {
00061                 (*dnit).setRDNValue("Test Certificate for revocation 2");
00062             }
00063             else if((*dnit).getType() == "emailAddress")
00064             {
00065                 (*dnit).setRDNValue("suse@suse.de");
00066             }
00067         }
00068         
00069         DNObject dn(dnl);
00070         rgd.setSubjectDN(dn);
00071 
00072         // ------------------------ get issue defaults ---------------------
00073 
00074         CertificateIssueData cid = ca.getIssueDefaults(E_Server_Cert);
00075 
00076         // ------------------------ create a certificate -------------------
00077 
00078         blocxx::String c = ca.createCertificate("system", rgd, cid,
00079                                                 E_Server_Cert);
00080 
00081         cout << "RETURN Certificate " << endl;
00082 
00083         // ------------------------ set a CRL reason -----------------------
00084 
00085         CRLReason reason("certificateHold");
00086         reason.setHoldInstruction("holdInstructionCallIssuer");
00087 
00088         // ------------------------ revoke the certificate -----------------
00089 
00090         ca.revokeCertificate(c, reason);
00091 
00092         // ------------------------ get CRL defaults -----------------------
00093 
00094         CRLGenerationData cgd = ca.getCRLDefaults();
00095         
00096         // ------------------------ create a CRL ---------------------------
00097 
00098         ca.createCRL(cgd);
00099 
00100         // The CRL is now available at './TestRepos/Test_CA1/crl/crl.pem'
00101 
00102     }
00103     catch(Exception& e)
00104     {
00105         cerr << e << endl;
00106     }
00107 
00108     return 0;
00109 }
00110 
00111 /* vim: set ts=8 sts=8 sw=8 ai noet: */