Example 1 with AuthKeyInfo
use of ee.ria.xroad.signer.protocol.dto.AuthKeyInfo in project X-Road by nordic-institute.
the class GlobalConfChecker method getAuthCert.
private X509Certificate getAuthCert(SecurityServerId serverId) throws Exception {
log.debug("Get auth cert for security server '{}'", serverId);
AuthKeyInfo keyInfo = signerProxyFacade.execute(new GetAuthKey(serverId));
if (keyInfo != null && keyInfo.getCert() != null) {
return readCertificate(keyInfo.getCert().getCertificateBytes());
}
log.warn("Failed to read authentication key");
return null;
}
Also used :
AuthKeyInfo(ee.ria.xroad.signer.protocol.dto.AuthKeyInfo)
GetAuthKey(ee.ria.xroad.signer.protocol.message.GetAuthKey)
Example 2 with AuthKeyInfo
use of ee.ria.xroad.signer.protocol.dto.AuthKeyInfo in project X-Road by nordic-institute.
the class SignerCLI method getAuthenticationKey.
/**
* Returns suitable authentication key for security server.
*
* @param clientId client id
* @param serverCode server code
* @throws Exception if an error occurs
*/
@Command(description = "Returns suitable authentication key for security server")
public void getAuthenticationKey(@Param(name = "clientId", description = "Member identifier") ClientId clientId, @Param(name = "serverCode", description = "Security server code") String serverCode) throws Exception {
SecurityServerId serverId = SecurityServerId.create(clientId, serverCode);
AuthKeyInfo authKey = SignerClient.execute(new GetAuthKey(serverId));
System.out.println("Auth key:");
System.out.println("\tAlias:\t" + authKey.getAlias());
System.out.println("\tKeyStore:\t" + authKey.getKeyStoreFileName());
System.out.println("\tCert: " + authKey.getCert());
}
Also used :
AuthKeyInfo(ee.ria.xroad.signer.protocol.dto.AuthKeyInfo)
GetAuthKey(ee.ria.xroad.signer.protocol.message.GetAuthKey)
SecurityServerId(ee.ria.xroad.common.identifier.SecurityServerId)
Command(asg.cliche.Command)
Example 3 with AuthKeyInfo
use of ee.ria.xroad.signer.protocol.dto.AuthKeyInfo in project X-Road by nordic-institute.
the class KeyConfImpl method getAuthKey.
@Override
public AuthKey getAuthKey() {
PrivateKey pkey = null;
CertChain certChain = null;
try {
SecurityServerId serverId = ServerConf.getIdentifier();
log.debug("Retrieving authentication info for security " + "server '{}'", serverId);
AuthKeyInfo keyInfo = SignerClient.execute(new GetAuthKey(serverId));
pkey = loadAuthPrivateKey(keyInfo);
if (pkey == null) {
log.warn("Failed to read authentication key");
}
certChain = getAuthCertChain(serverId.getXRoadInstance(), keyInfo.getCert().getCertificateBytes());
if (certChain == null) {
log.warn("Failed to read authentication certificate");
}
} catch (Exception e) {
log.error("Failed to get authentication key", e);
}
return new AuthKey(certChain, pkey);
}
Also used :
AuthKeyInfo(ee.ria.xroad.signer.protocol.dto.AuthKeyInfo)
PrivateKey(java.security.PrivateKey)
CertChain(ee.ria.xroad.common.cert.CertChain)
GetAuthKey(ee.ria.xroad.signer.protocol.message.GetAuthKey)
SecurityServerId(ee.ria.xroad.common.identifier.SecurityServerId)
AuthKey(ee.ria.xroad.common.conf.globalconf.AuthKey)
GetAuthKey(ee.ria.xroad.signer.protocol.message.GetAuthKey)
CodedException(ee.ria.xroad.common.CodedException)
Example 4 with AuthKeyInfo
use of ee.ria.xroad.signer.protocol.dto.AuthKeyInfo in project X-Road by nordic-institute.
the class GlobalConfCheckerTest method setup.
@Before
public void setup() throws Exception {
doAnswer(answer -> null).when(globalConfFacade).verifyValidity();
doAnswer(answer -> null).when(globalConfFacade).reload();
List<MemberInfo> globalMemberInfos = new ArrayList<>(Arrays.asList(TestUtils.getMemberInfo(TestUtils.INSTANCE_FI, TestUtils.MEMBER_CLASS_GOV, TestUtils.MEMBER_CODE_M1, null), TestUtils.getMemberInfo(TestUtils.INSTANCE_FI, TestUtils.MEMBER_CLASS_GOV, TestUtils.MEMBER_CODE_M2, null)));
when(globalConfFacade.getMembers(any())).thenReturn(globalMemberInfos);
when(globalConfFacade.getMemberName(any())).thenAnswer(invocation -> {
ClientId clientId = (ClientId) invocation.getArguments()[0];
Optional<MemberInfo> m = globalMemberInfos.stream().filter(g -> g.getId().equals(clientId)).findFirst();
if (m.isPresent()) {
return m.get().getName();
} else {
return null;
}
});
when(globalConfFacade.getInstanceIdentifier()).thenReturn(TestUtils.INSTANCE_FI);
when(managementRequestSenderService.sendClientRegisterRequest(any())).thenReturn(1);
KeyInfo ownerSignKey = new TokenTestUtils.KeyInfoBuilder().id(KEY_OWNER_ID).keyUsageInfo(KeyUsageInfo.SIGNING).csr(new CertificateTestUtils.CertRequestInfoBuilder().clientId(OWNER_MEMBER).id(CERT_OWNER_HASH).build()).build();
KeyInfo newOwnerSignKey = new TokenTestUtils.KeyInfoBuilder().id(KEY_NEW_OWNER_ID).keyUsageInfo(KeyUsageInfo.SIGNING).csr(new CertificateTestUtils.CertRequestInfoBuilder().clientId(NEW_OWNER_MEMBER).id(CERT_NEW_OWNER_HASH).build()).build();
CertificateInfo certificateInfo = new CertificateTestUtils.CertificateInfoBuilder().id(CERT_AUTH_HASH).build();
KeyInfo authKey = new TokenTestUtils.KeyInfoBuilder().id(KEY_AUTH_ID).keyUsageInfo(KeyUsageInfo.AUTHENTICATION).cert(certificateInfo).build();
TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().friendlyName("fubar").key(ownerSignKey).key(newOwnerSignKey).key(authKey).build();
Map<String, TokenInfo> tokens = new HashMap<>();
tokens.put(tokenInfo.getId(), tokenInfo);
when(signerProxyFacade.getTokens()).thenReturn(new ArrayList<>(tokens.values()));
when(signerProxyFacade.execute(new GetAuthKey(any()))).thenReturn(new AuthKeyInfo(KEY_AUTH_ID, null, null, certificateInfo));
when(globalConfService.getMemberClassesForThisInstance()).thenReturn(new HashSet<>(MEMBER_CLASSES));
}
Also used :
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
Arrays(java.util.Arrays)
TspType(ee.ria.xroad.common.conf.serverconf.model.TspType)
Autowired(org.springframework.beans.factory.annotation.Autowired)
HashMap(java.util.HashMap)
ServerConfService(org.niis.xroad.securityserver.restapi.service.ServerConfService)
AuthKeyInfo(ee.ria.xroad.signer.protocol.dto.AuthKeyInfo)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
KeyUsageInfo(ee.ria.xroad.signer.protocol.dto.KeyUsageInfo)
Map(java.util.Map)
Mockito.doAnswer(org.mockito.Mockito.doAnswer)
KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo)
AbstractFacadeMockingTestContext(org.niis.xroad.securityserver.restapi.config.AbstractFacadeMockingTestContext)
ClientType(ee.ria.xroad.common.conf.serverconf.model.ClientType)
Before(org.junit.Before)
GetAuthKey(ee.ria.xroad.signer.protocol.message.GetAuthKey)
IsAuthentication(ee.ria.xroad.common.conf.serverconf.IsAuthentication)
TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo)
Test(org.junit.Test)
CertificateInfo(ee.ria.xroad.signer.protocol.dto.CertificateInfo)
Mockito.when(org.mockito.Mockito.when)
ClientService(org.niis.xroad.securityserver.restapi.service.ClientService)
Assert.assertNotEquals(org.junit.Assert.assertNotEquals)
Slf4j(lombok.extern.slf4j.Slf4j)
GlobalConfService(org.niis.xroad.securityserver.restapi.service.GlobalConfService)
List(java.util.List)
ApprovedTSAType(ee.ria.xroad.common.conf.globalconf.sharedparameters.v2.ApprovedTSAType)
MemberInfo(ee.ria.xroad.common.conf.globalconf.MemberInfo)
TestUtils(org.niis.xroad.securityserver.restapi.util.TestUtils)
TokenTestUtils(org.niis.xroad.securityserver.restapi.util.TokenTestUtils)
SecurityServerId(ee.ria.xroad.common.identifier.SecurityServerId)
Optional(java.util.Optional)
ClientId(ee.ria.xroad.common.identifier.ClientId)
Collections(java.util.Collections)
CertificateTestUtils(org.niis.xroad.securityserver.restapi.util.CertificateTestUtils)
Assert.assertEquals(org.junit.Assert.assertEquals)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
TokenTestUtils(org.niis.xroad.securityserver.restapi.util.TokenTestUtils)
AuthKeyInfo(ee.ria.xroad.signer.protocol.dto.AuthKeyInfo)
MemberInfo(ee.ria.xroad.common.conf.globalconf.MemberInfo)
GetAuthKey(ee.ria.xroad.signer.protocol.message.GetAuthKey)
AuthKeyInfo(ee.ria.xroad.signer.protocol.dto.AuthKeyInfo)
KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo)
CertificateTestUtils(org.niis.xroad.securityserver.restapi.util.CertificateTestUtils)
ClientId(ee.ria.xroad.common.identifier.ClientId)
CertificateInfo(ee.ria.xroad.signer.protocol.dto.CertificateInfo)
TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo)
Before(org.junit.Before)
Aggregations
AuthKeyInfo (ee.ria.xroad.signer.protocol.dto.AuthKeyInfo)4
GetAuthKey (ee.ria.xroad.signer.protocol.message.GetAuthKey)4
SecurityServerId (ee.ria.xroad.common.identifier.SecurityServerId)3
Command (asg.cliche.Command)1
CodedException (ee.ria.xroad.common.CodedException)1
CertChain (ee.ria.xroad.common.cert.CertChain)1
AuthKey (ee.ria.xroad.common.conf.globalconf.AuthKey)1
MemberInfo (ee.ria.xroad.common.conf.globalconf.MemberInfo)1
ApprovedTSAType (ee.ria.xroad.common.conf.globalconf.sharedparameters.v2.ApprovedTSAType)1
IsAuthentication (ee.ria.xroad.common.conf.serverconf.IsAuthentication)1
ClientType (ee.ria.xroad.common.conf.serverconf.model.ClientType)1
TspType (ee.ria.xroad.common.conf.serverconf.model.TspType)1
ClientId (ee.ria.xroad.common.identifier.ClientId)1
CertificateInfo (ee.ria.xroad.signer.protocol.dto.CertificateInfo)1
KeyInfo (ee.ria.xroad.signer.protocol.dto.KeyInfo)1
KeyUsageInfo (ee.ria.xroad.signer.protocol.dto.KeyUsageInfo)1
TokenInfo (ee.ria.xroad.signer.protocol.dto.TokenInfo)1
PrivateKey (java.security.PrivateKey)1
ArrayList (java.util.ArrayList)1
Arrays (java.util.Arrays)1
