use of ee.ria.xroad.signer.protocol.dto.AuthKeyInfo in project X-Road by nordic-institute.
the class GlobalConfChecker method getAuthCert.
private X509Certificate getAuthCert(SecurityServerId serverId) throws Exception {
log.debug("Get auth cert for security server '{}'", serverId);
AuthKeyInfo keyInfo = signerProxyFacade.execute(new GetAuthKey(serverId));
if (keyInfo != null && keyInfo.getCert() != null) {
return readCertificate(keyInfo.getCert().getCertificateBytes());
}
log.warn("Failed to read authentication key");
return null;
}
use of ee.ria.xroad.signer.protocol.dto.AuthKeyInfo in project X-Road by nordic-institute.
the class SignerCLI method getAuthenticationKey.
/**
* Returns suitable authentication key for security server.
*
* @param clientId client id
* @param serverCode server code
* @throws Exception if an error occurs
*/
@Command(description = "Returns suitable authentication key for security server")
public void getAuthenticationKey(@Param(name = "clientId", description = "Member identifier") ClientId clientId, @Param(name = "serverCode", description = "Security server code") String serverCode) throws Exception {
SecurityServerId serverId = SecurityServerId.create(clientId, serverCode);
AuthKeyInfo authKey = SignerClient.execute(new GetAuthKey(serverId));
System.out.println("Auth key:");
System.out.println("\tAlias:\t" + authKey.getAlias());
System.out.println("\tKeyStore:\t" + authKey.getKeyStoreFileName());
System.out.println("\tCert: " + authKey.getCert());
}
use of ee.ria.xroad.signer.protocol.dto.AuthKeyInfo in project X-Road by nordic-institute.
the class KeyConfImpl method getAuthKey.
@Override
public AuthKey getAuthKey() {
PrivateKey pkey = null;
CertChain certChain = null;
try {
SecurityServerId serverId = ServerConf.getIdentifier();
log.debug("Retrieving authentication info for security " + "server '{}'", serverId);
AuthKeyInfo keyInfo = SignerClient.execute(new GetAuthKey(serverId));
pkey = loadAuthPrivateKey(keyInfo);
if (pkey == null) {
log.warn("Failed to read authentication key");
}
certChain = getAuthCertChain(serverId.getXRoadInstance(), keyInfo.getCert().getCertificateBytes());
if (certChain == null) {
log.warn("Failed to read authentication certificate");
}
} catch (Exception e) {
log.error("Failed to get authentication key", e);
}
return new AuthKey(certChain, pkey);
}
use of ee.ria.xroad.signer.protocol.dto.AuthKeyInfo in project X-Road by nordic-institute.
the class GlobalConfCheckerTest method setup.
@Before
public void setup() throws Exception {
doAnswer(answer -> null).when(globalConfFacade).verifyValidity();
doAnswer(answer -> null).when(globalConfFacade).reload();
List<MemberInfo> globalMemberInfos = new ArrayList<>(Arrays.asList(TestUtils.getMemberInfo(TestUtils.INSTANCE_FI, TestUtils.MEMBER_CLASS_GOV, TestUtils.MEMBER_CODE_M1, null), TestUtils.getMemberInfo(TestUtils.INSTANCE_FI, TestUtils.MEMBER_CLASS_GOV, TestUtils.MEMBER_CODE_M2, null)));
when(globalConfFacade.getMembers(any())).thenReturn(globalMemberInfos);
when(globalConfFacade.getMemberName(any())).thenAnswer(invocation -> {
ClientId clientId = (ClientId) invocation.getArguments()[0];
Optional<MemberInfo> m = globalMemberInfos.stream().filter(g -> g.getId().equals(clientId)).findFirst();
if (m.isPresent()) {
return m.get().getName();
} else {
return null;
}
});
when(globalConfFacade.getInstanceIdentifier()).thenReturn(TestUtils.INSTANCE_FI);
when(managementRequestSenderService.sendClientRegisterRequest(any())).thenReturn(1);
KeyInfo ownerSignKey = new TokenTestUtils.KeyInfoBuilder().id(KEY_OWNER_ID).keyUsageInfo(KeyUsageInfo.SIGNING).csr(new CertificateTestUtils.CertRequestInfoBuilder().clientId(OWNER_MEMBER).id(CERT_OWNER_HASH).build()).build();
KeyInfo newOwnerSignKey = new TokenTestUtils.KeyInfoBuilder().id(KEY_NEW_OWNER_ID).keyUsageInfo(KeyUsageInfo.SIGNING).csr(new CertificateTestUtils.CertRequestInfoBuilder().clientId(NEW_OWNER_MEMBER).id(CERT_NEW_OWNER_HASH).build()).build();
CertificateInfo certificateInfo = new CertificateTestUtils.CertificateInfoBuilder().id(CERT_AUTH_HASH).build();
KeyInfo authKey = new TokenTestUtils.KeyInfoBuilder().id(KEY_AUTH_ID).keyUsageInfo(KeyUsageInfo.AUTHENTICATION).cert(certificateInfo).build();
TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().friendlyName("fubar").key(ownerSignKey).key(newOwnerSignKey).key(authKey).build();
Map<String, TokenInfo> tokens = new HashMap<>();
tokens.put(tokenInfo.getId(), tokenInfo);
when(signerProxyFacade.getTokens()).thenReturn(new ArrayList<>(tokens.values()));
when(signerProxyFacade.execute(new GetAuthKey(any()))).thenReturn(new AuthKeyInfo(KEY_AUTH_ID, null, null, certificateInfo));
when(globalConfService.getMemberClassesForThisInstance()).thenReturn(new HashSet<>(MEMBER_CLASSES));
}
Aggregations