Example 1 with CertRequestInfo
use of ee.ria.xroad.signer.protocol.dto.CertRequestInfo in project X-Road by nordic-institute.
the class OrphanRemovalServiceTest method isOrphanKey.
@Test
public void isOrphanKey() {
ClientId orphanMember = TestUtils.getClientId("FI:GOV:ORPHAN");
ClientId orphanSubsystemDeleted = TestUtils.getClientId("FI:GOV:ORPHAN:DELETED");
ClientId orphanSubsystemAlive = TestUtils.getClientId("FI:GOV:ORPHAN:ALIVE");
ClientId aliveMember = TestUtils.getClientId("FI:GOV:ALIVE");
CertificateInfo orphanMemberCert = new CertificateTestUtils.CertificateInfoBuilder().clientId(orphanMember).build();
CertRequestInfo orphanMemberCsr = new CertificateTestUtils.CertRequestInfoBuilder().clientId(orphanMember).build();
CertificateInfo orphanSubstemAliveCert = new CertificateTestUtils.CertificateInfoBuilder().clientId(orphanSubsystemAlive).build();
CertificateInfo aliveMemberCert = new CertificateTestUtils.CertificateInfoBuilder().clientId(aliveMember).build();
assertTrue(orphanRemovalService.isOrphanKey(new TokenTestUtils.KeyInfoBuilder().cert(orphanMemberCert).build(), orphanSubsystemDeleted));
assertFalse(orphanRemovalService.isOrphanKey(new TokenTestUtils.KeyInfoBuilder().cert(orphanMemberCert).build(), aliveMember));
assertTrue(orphanRemovalService.isOrphanKey(new TokenTestUtils.KeyInfoBuilder().csr(orphanMemberCsr).build(), orphanSubsystemDeleted));
assertFalse(orphanRemovalService.isOrphanKey(new TokenTestUtils.KeyInfoBuilder().build(), orphanSubsystemDeleted));
assertTrue(orphanRemovalService.isOrphanKey(new TokenTestUtils.KeyInfoBuilder().cert(orphanMemberCert).cert(orphanSubstemAliveCert).csr(orphanMemberCsr).build(), orphanSubsystemDeleted));
assertFalse(orphanRemovalService.isOrphanKey(new TokenTestUtils.KeyInfoBuilder().cert(orphanMemberCert).cert(orphanSubstemAliveCert).cert(aliveMemberCert).csr(orphanMemberCsr).build(), orphanSubsystemDeleted));
assertFalse(orphanRemovalService.isOrphanKey(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.AUTHENTICATION).cert(new CertificateTestUtils.CertificateInfoBuilder().clientId(null).build()).build(), orphanSubsystemDeleted));
}
Also used :
ClientId(ee.ria.xroad.common.identifier.ClientId)
CertificateInfo(ee.ria.xroad.signer.protocol.dto.CertificateInfo)
TokenTestUtils(org.niis.xroad.securityserver.restapi.util.TokenTestUtils)
CertRequestInfo(ee.ria.xroad.signer.protocol.dto.CertRequestInfo)
Test(org.junit.Test)
Example 2 with CertRequestInfo
use of ee.ria.xroad.signer.protocol.dto.CertRequestInfo in project X-Road by nordic-institute.
the class TokenCertificateService method getPossibleActionsForCsr.
/**
* Return possible actions for one csr
* Key not found exceptions are wrapped as RuntimeExceptions
* since them happening is considered to be internal error.
* @throws CertificateNotFoundException
*/
public EnumSet<PossibleActionEnum> getPossibleActionsForCsr(String csrId) throws CsrNotFoundException {
TokenInfoAndKeyId tokenInfoAndKeyId = null;
try {
tokenInfoAndKeyId = tokenService.getTokenAndKeyIdForCertificateRequestId(csrId);
} catch (KeyNotFoundException e) {
throw new RuntimeException("internal error", e);
}
TokenInfo tokenInfo = tokenInfoAndKeyId.getTokenInfo();
KeyInfo keyInfo = tokenInfoAndKeyId.getKeyInfo();
CertRequestInfo certRequestInfo = getCsr(keyInfo, csrId);
EnumSet<PossibleActionEnum> possibleActions = possibleActionsRuleEngine.getPossibleCsrActions(tokenInfo);
return possibleActions;
}
Also used :
TokenInfoAndKeyId(ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId)
DeviationAwareRuntimeException(org.niis.xroad.restapi.exceptions.DeviationAwareRuntimeException)
KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo)
TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo)
GeneratedCertRequestInfo(ee.ria.xroad.commonui.SignerProxy.GeneratedCertRequestInfo)
CertRequestInfo(ee.ria.xroad.signer.protocol.dto.CertRequestInfo)
Example 3 with CertRequestInfo
use of ee.ria.xroad.signer.protocol.dto.CertRequestInfo in project X-Road by nordic-institute.
the class KeyConverterTest method convert.
@Test
public void convert() throws Exception {
List<CertificateInfo> certs = new ArrayList<>();
certs.add(new CertificateTestUtils.CertificateInfoBuilder().build());
List<CertRequestInfo> csrs = new ArrayList<>();
csrs.add(new CertRequestInfo("id", ClientId.create("a", "b", "c"), "sujbect-name"));
KeyInfo info = new KeyInfo(true, KeyUsageInfo.SIGNING, "friendly-name", "id", "label", "public-key", certs, csrs, "sign-mechanism-name");
Key key = keyConverter.convert(info);
assertEquals(true, key.getAvailable());
assertNotNull(key.getCertificates());
assertEquals(1, key.getCertificates().size());
assertNotNull(key.getCertificateSigningRequests());
assertEquals(1, key.getCertificateSigningRequests().size());
assertEquals("id", key.getId());
assertEquals("label", key.getLabel());
assertEquals("friendly-name", key.getName());
assertEquals(true, key.getSavedToConfiguration());
assertEquals(KeyUsageType.SIGNING, key.getUsage());
}
Also used :
KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo)
ArrayList(java.util.ArrayList)
CertificateInfo(ee.ria.xroad.signer.protocol.dto.CertificateInfo)
Key(org.niis.xroad.securityserver.restapi.openapi.model.Key)
CertRequestInfo(ee.ria.xroad.signer.protocol.dto.CertRequestInfo)
Test(org.junit.Test)
Example 4 with CertRequestInfo
use of ee.ria.xroad.signer.protocol.dto.CertRequestInfo in project X-Road by nordic-institute.
the class CertificateInfoSensorTest method createTestKeyInfo.
private KeyInfo createTestKeyInfo(CertificateInfo caInfo) {
KeyInfo keyInfo = new KeyInfo(true, null, "friendlyName", "id", "label", "publickey", new ArrayList<CertificateInfo>(), new ArrayList<CertRequestInfo>(), "mechanismName");
keyInfo.getCerts().add(caInfo);
return keyInfo;
}
Also used :
KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo)
CertificateInfo(ee.ria.xroad.signer.protocol.dto.CertificateInfo)
CertRequestInfo(ee.ria.xroad.signer.protocol.dto.CertRequestInfo)
Example 5 with CertRequestInfo
use of ee.ria.xroad.signer.protocol.dto.CertRequestInfo in project X-Road by nordic-institute.
the class TokenManager method getCertRequestInfo.
/**
* @param keyId the key id
* @param memberId the member id
* @return the certificate request info or null if not found
*/
public static synchronized CertRequestInfo getCertRequestInfo(String keyId, ClientId memberId) {
log.trace("getCertRequestInfo({}, {})", keyId, memberId);
Key key = findKey(keyId);
return key.getCertRequests().stream().filter(c -> key.getUsage() == KeyUsageInfo.AUTHENTICATION || memberId.equals(c.getMemberId())).map(c -> c.toDTO()).findFirst().orElse(null);
}
Also used :
X509Certificate(java.security.cert.X509Certificate)
ExceptionHelper.csrWithIdNotFound(ee.ria.xroad.signer.util.ExceptionHelper.csrWithIdNotFound)
CertRequestInfo(ee.ria.xroad.signer.protocol.dto.CertRequestInfo)
Collections.unmodifiableList(java.util.Collections.unmodifiableList)
MergeResult(ee.ria.xroad.signer.tokenmanager.merge.TokenMergeStrategy.MergeResult)
BiFunction(java.util.function.BiFunction)
TokenMergeStrategy(ee.ria.xroad.signer.tokenmanager.merge.TokenMergeStrategy)
CertRequest(ee.ria.xroad.signer.model.CertRequest)
TokenInfoAndKeyId(ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId)
Key(ee.ria.xroad.signer.model.Key)
Function(java.util.function.Function)
ArrayList(java.util.ArrayList)
TokenAndKey(ee.ria.xroad.signer.util.TokenAndKey)
KeyUsageInfo(ee.ria.xroad.signer.protocol.dto.KeyUsageInfo)
Map(java.util.Map)
TokenType(ee.ria.xroad.signer.tokenmanager.token.TokenType)
KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo)
ExceptionHelper.certWithHashNotFound(ee.ria.xroad.signer.util.ExceptionHelper.certWithHashNotFound)
ExceptionHelper.certWithIdNotFound(ee.ria.xroad.signer.util.ExceptionHelper.certWithIdNotFound)
MergeOntoFileTokensStrategy(ee.ria.xroad.signer.tokenmanager.merge.MergeOntoFileTokensStrategy)
ExceptionHelper.tokenNotFound(ee.ria.xroad.signer.util.ExceptionHelper.tokenNotFound)
SignerUtil(ee.ria.xroad.signer.util.SignerUtil)
OCSPResp(org.bouncycastle.cert.ocsp.OCSPResp)
TokenStatusInfo(ee.ria.xroad.signer.protocol.dto.TokenStatusInfo)
TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo)
CertificateInfo(ee.ria.xroad.signer.protocol.dto.CertificateInfo)
Token(ee.ria.xroad.signer.model.Token)
Cert(ee.ria.xroad.signer.model.Cert)
Collectors(java.util.stream.Collectors)
X_WRONG_CERT_USAGE(ee.ria.xroad.common.ErrorCodes.X_WRONG_CERT_USAGE)
CodedException(ee.ria.xroad.common.CodedException)
Slf4j(lombok.extern.slf4j.Slf4j)
List(java.util.List)
Optional(java.util.Optional)
ClientId(ee.ria.xroad.common.identifier.ClientId)
TokenMergeAddedCertificatesListener(ee.ria.xroad.signer.tokenmanager.merge.TokenMergeAddedCertificatesListener)
ExceptionHelper.keyNotFound(ee.ria.xroad.signer.util.ExceptionHelper.keyNotFound)
SoftwareModuleType(ee.ria.xroad.signer.tokenmanager.module.SoftwareModuleType)
Key(ee.ria.xroad.signer.model.Key)
TokenAndKey(ee.ria.xroad.signer.util.TokenAndKey)
Aggregations
CertRequestInfo (ee.ria.xroad.signer.protocol.dto.CertRequestInfo)12
KeyInfo (ee.ria.xroad.signer.protocol.dto.KeyInfo)9
TokenInfo (ee.ria.xroad.signer.protocol.dto.TokenInfo)6
CertificateInfo (ee.ria.xroad.signer.protocol.dto.CertificateInfo)5
CodedException (ee.ria.xroad.common.CodedException)4
Test (org.junit.Test)4
TokenInfoAndKeyId (ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId)3
ArrayList (java.util.ArrayList)3
ClientId (ee.ria.xroad.common.identifier.ClientId)2
GeneratedCertRequestInfo (ee.ria.xroad.commonui.SignerProxy.GeneratedCertRequestInfo)2
TokenAndKey (ee.ria.xroad.signer.util.TokenAndKey)2
TokenCertificateSigningRequest (org.niis.xroad.securityserver.restapi.openapi.model.TokenCertificateSigningRequest)2
X_WRONG_CERT_USAGE (ee.ria.xroad.common.ErrorCodes.X_WRONG_CERT_USAGE)1
DnFieldDescription (ee.ria.xroad.common.certificateprofile.DnFieldDescription)1
DnFieldDescriptionImpl (ee.ria.xroad.common.certificateprofile.impl.DnFieldDescriptionImpl)1
Cert (ee.ria.xroad.signer.model.Cert)1
CertRequest (ee.ria.xroad.signer.model.CertRequest)1
Key (ee.ria.xroad.signer.model.Key)1
Token (ee.ria.xroad.signer.model.Token)1
KeyUsageInfo (ee.ria.xroad.signer.protocol.dto.KeyUsageInfo)1
