2 * ============LICENSE_START=======================================================
3 * Copyright (C) 2020 Nordix Foundation.
4 * ================================================================================
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
17 * SPDX-License-Identifier: Apache-2.0
18 * ============LICENSE_END=========================================================
21 package org.onap.oom.certservice.cmpv2client.api;
23 import java.util.Date;
25 import org.onap.oom.certservice.certification.configuration.model.Cmpv2Server;
26 import org.onap.oom.certservice.certification.model.CsrModel;
27 import org.onap.oom.certservice.cmpv2client.exceptions.CmpClientException;
28 import org.onap.oom.certservice.cmpv2client.model.Cmpv2CertificationModel;
31 * This class represent CmpV2Client Interface for obtaining X.509 Digital Certificates in a Public
32 * Key Infrastructure (PKI), making use of Certificate Management Protocol (CMPv2) operating on
33 * newest version: cmp2000(2).
35 public interface CmpClient {
38 * Requests for a External Root CA Certificate to be created for the passed public keyPair wrapped
39 * in a CSRMeta with common details, accepts self-signed certificate. Basic Authentication using
40 * IAK/RV, Verification of the signature (proof-of-possession) on the request is performed and an
41 * Exception thrown if verification fails or issue encountered in fetching certificate from CA.
43 * @param csrModel Certificate Signing Request model. Must not be {@code null}.
44 * @param server CMPv2 Server. Must not be {@code null}.
45 * @param notBefore An optional validity to set in the created certificate, Certificate not valid
47 * @param notAfter An optional validity to set in the created certificate, Certificate not valid
49 * @return model for certification containing certificate chain and trusted certificates
50 * @throws CmpClientException if client error occurs.
52 Cmpv2CertificationModel createCertificate(
57 throws CmpClientException;
60 * Requests for a External Root CA Certificate to be created for the passed public keyPair wrapped
61 * in a CSRMeta with common details, accepts self-signed certificate. Basic Authentication using
62 * IAK/RV, Verification of the signature (proof-of-possession) on the request is performed and an
63 * Exception thrown if verification fails or issue encountered in fetching certificate from CA.
65 * @param csrModel Certificate Signing Request Model. Must not be {@code null}.
66 * @param server CMPv2 server. Must not be {@code null}.
67 * @return model for certification containing certificate chain and trusted certificates
68 * @throws CmpClientException if client error occurs.
70 Cmpv2CertificationModel createCertificate(
73 throws CmpClientException;