## ------------------------------------------------------------------------------------------------------ ## soap or rpc - plugin parameters ## ------------------------------------------------------------------------------------------------------ ## METHOD_NAME name of method ## COMMAND command to execute ## ENVIRONMENT environment for command to execute ## RESPONSE_TYPE input/output type of the command ( success_or_failure | ## stdin_success_or_failure | ## standard_output | ## stdin_standard_output | ## standard_output_binary | ## stdin_standard_output_binary ) ## ------------------------------------------------------------------------------------------------------ ## rpc { ## soap { ## SOAP or RPC services ## ------------------------------------------------------------------------------------------------------ ## ENV[HOME] = Base directory for op ## ENV[FILE_LOG] = Log file for command ## ENV[MSG_LOG] = Log separator ## ENV[DEBUG] = Enable debugging ## ENV[OPENSSL] = Openssl path ## ENV[ENGINE] = Openssl Engine to use ## ENV[RSIGN_CMD] = Comando per firma remota with special Openssl Engine ## ------------------------------------------------------------------------------------------------------ Method_01 { ## Creazione CA che contiene .... ## directory della CA = stringa "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" input ## durata certificato della CA in days = unsigned "xxxxxxxxxxxxxxxxxxxxxxx" input ## contenuto template openssl.cnf = stringa "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" input ## result = boolean ## NB: se contenuto openssl.cnf e' vuoto si assume un openssl.cnf di "default" (template) METHOD_NAME CREA ## ENV[CA_EXT] = Section for CA extensions ## ENV[CNF_TEMPLATE] = Template for openssl.cnf ## ENV[START_SERIAL] = Start CA serial number ENVIRONMENT "HOME=CSP/DB_CA" COMMAND CSP/LCSP_command/csp_CA.sh RESPONSE_TYPE success_or_failure } Method_02 { ## comando per ottenere lista CA METHOD_NAME LST1 ENVIRONMENT "HOME=CSP/DB_CA" COMMAND CSP/LCSP_command/csp_LIST_CA.sh RESPONSE_TYPE standard_output } Method_03 { ## comando per emissione di certificati ## nome CA = stringa "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" input ## nome policy = stringa "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" input ## contenuto pkcs10 in formato pem (delimited) = stringa "xxxxxxxxxxxxxxxxx" input ## result = x509 cert METHOD_NAME SIGP ## ENV[TMPDIR] = Temporary directory ENVIRONMENT "HOME=CSP/DB_CA \ DEBUG=1" COMMAND CSP/LCSP_command/csp_SIGN_P10.sh RESPONSE_TYPE standard_output } Method_04 { ## comando per emissione di certificati (basati su SPKAC) ## nome CA = stringa "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" input ## nome policy = stringa "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" input ## contenuto spkac in formato pem = stringa "xxxxxxxxxxxxxxxxx" input ## result = x509 cert METHOD_NAME SIGK ## ENV[TMPDIR] = Temporary directory ENVIRONMENT "HOME=CSP/DB_CA" COMMAND CSP/LCSP_command/csp_SIGN_SPACK.sh RESPONSE_TYPE standard_output } Method_05 { ## comando per ottenere lista certificati di una CA ## nome CA = stringa "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" input ## output compress = unsigned "xxxxxxxxxxxxxxxxxxxxxxx" input METHOD_NAME LST2 ENVIRONMENT "HOME=CSP/DB_CA" COMMAND CSP/LCSP_command/csp_LIST_CERTS.sh RESPONSE_TYPE standard_output } Method_06 { ## comando per rimuovere un certificato emesso precedentemente ## nome CA = stringa "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" input ## serial cert = stringa "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" input ## result = bool (failure only if not present in index.txt) METHOD_NAME DELC ENVIRONMENT "HOME=CSP/DB_CA" COMMAND CSP/LCSP_command/csp_REMOVE_CERT.sh RESPONSE_TYPE success_or_failure } Method_07 { ## comando per rimuovere dal file-system i certificati emessi di una CA ## nome CA = stringa "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" input METHOD_NAME ZERO ENVIRONMENT "HOME=CSP/DB_CA" COMMAND CSP/LCSP_command/csp_ZERO_CERTS.sh RESPONSE_TYPE success_or_failure } Method_08 { ## Emissione CRL ## directory della CA = stringa "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" input ## result = boolean METHOD_NAME EMIT ENVIRONMENT "HOME=CSP/DB_CA" COMMAND CSP/LCSP_command/csp_EMIT_CRL.sh RESPONSE_TYPE success_or_failure } Method_09 { ## comando per ottenere CRL emessa precedentemente ## nome CA = stringa "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" input METHOD_NAME GETL ENVIRONMENT "HOME=CSP/DB_CA" COMMAND CSP/LCSP_command/csp_GET_CRL.sh RESPONSE_TYPE standard_output } Method_10 { ## comando per ottenere certficato CA METHOD_NAME GETC ENVIRONMENT "HOME=CSP/DB_CA" COMMAND CSP/LCSP_command/csp_GET_CA.sh RESPONSE_TYPE standard_output } Method_11 { ## comando per revocare un certificato emesso precedentemente ## nome CA = stringa "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" input ## serial cert = stringa "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" input METHOD_NAME REVK ENVIRONMENT "HOME=CSP/DB_CA" COMMAND CSP/LCSP_command/csp_REVOKE_CERT.sh RESPONSE_TYPE success_or_failure } ##}