Example 6 with CertRequestInfo
use of ee.ria.xroad.signer.protocol.dto.CertRequestInfo in project X-Road by nordic-institute.
the class ClientsApiControllerIntegrationTest method createMockTokenInfos.
/**
* @param certificateInfo one certificate to put inside this tokenInfo
* structure
* @return
*/
private List<TokenInfo> createMockTokenInfos(CertificateInfo certificateInfo) {
List<TokenInfo> mockTokens = new ArrayList<>();
List<CertificateInfo> certificates = new ArrayList<>();
if (certificateInfo != null) {
certificates.add(certificateInfo);
}
KeyInfo keyInfo = new KeyInfo(false, null, "friendlyName", "id", "label", "publicKey", certificates, new ArrayList<CertRequestInfo>(), "signMecchanismName");
TokenInfo tokenInfo = new TokenInfo("type", "friendlyName", "id", false, false, false, "serialNumber", "label", -1, null, Arrays.asList(keyInfo), null);
mockTokens.add(tokenInfo);
return mockTokens;
}
Also used :
KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo)
ArrayList(java.util.ArrayList)
CertificateInfo(ee.ria.xroad.signer.protocol.dto.CertificateInfo)
TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo)
CertRequestInfo(ee.ria.xroad.signer.protocol.dto.CertRequestInfo)
Example 7 with CertRequestInfo
use of ee.ria.xroad.signer.protocol.dto.CertRequestInfo in project X-Road by nordic-institute.
the class TokenCertificateService method deleteCsr.
/**
* Deletes one csr
* @param csrId
* @throws KeyNotFoundException if for some reason the key linked to the csr could not
* be loaded (should not be possible)
* @throws CsrNotFoundException if csr with csrId was not found
* @throws ActionNotPossibleException if delete was not possible due to csr/key/token states
*/
public void deleteCsr(String csrId) throws KeyNotFoundException, CsrNotFoundException, ActionNotPossibleException {
// different audit fields for these events
if (auditDataHelper.dataIsForEvent(RestApiAuditEvent.DELETE_ORPHANS)) {
auditDataHelper.addListPropertyItem(RestApiAuditProperty.CERT_REQUEST_IDS, csrId);
} else if (auditDataHelper.dataIsForEvent(RestApiAuditEvent.DELETE_CSR)) {
auditDataHelper.put(RestApiAuditProperty.CSR_ID, csrId);
}
TokenInfoAndKeyId tokenInfoAndKeyId = tokenService.getTokenAndKeyIdForCertificateRequestId(csrId);
TokenInfo tokenInfo = tokenInfoAndKeyId.getTokenInfo();
KeyInfo keyInfo = tokenInfoAndKeyId.getKeyInfo();
if (auditDataHelper.dataIsForEvent(RestApiAuditEvent.DELETE_CSR)) {
auditDataHelper.put(tokenInfo);
auditDataHelper.put(keyInfo);
}
CertRequestInfo certRequestInfo = getCsr(keyInfo, csrId);
if (keyInfo.isForSigning()) {
securityHelper.verifyAuthority("DELETE_SIGN_CERT");
} else {
securityHelper.verifyAuthority("DELETE_AUTH_CERT");
}
// check that delete is possible
possibleActionsRuleEngine.requirePossibleCsrAction(PossibleActionEnum.DELETE, tokenInfo, keyInfo, certRequestInfo);
try {
signerProxyFacade.deleteCertRequest(csrId);
} catch (CodedException e) {
if (isCausedByCsrNotFound(e)) {
throw new CsrNotFoundException(e);
} else {
throw e;
}
} catch (Exception other) {
throw new SignerNotReachableException("deleting a csr failed", other);
}
}
Also used :
TokenInfoAndKeyId(ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId)
CodedException(ee.ria.xroad.common.CodedException)
KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo)
TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo)
InternalServerErrorException(org.niis.xroad.securityserver.restapi.openapi.InternalServerErrorException)
SignerNotReachableException(org.niis.xroad.restapi.service.SignerNotReachableException)
ServiceException(org.niis.xroad.restapi.service.ServiceException)
DeviationAwareRuntimeException(org.niis.xroad.restapi.exceptions.DeviationAwareRuntimeException)
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
CodedException(ee.ria.xroad.common.CodedException)
SignerNotReachableException(org.niis.xroad.restapi.service.SignerNotReachableException)
GeneratedCertRequestInfo(ee.ria.xroad.commonui.SignerProxy.GeneratedCertRequestInfo)
CertRequestInfo(ee.ria.xroad.signer.protocol.dto.CertRequestInfo)
Example 8 with CertRequestInfo
use of ee.ria.xroad.signer.protocol.dto.CertRequestInfo in project X-Road by nordic-institute.
the class OrphanRemovalService method deleteOrphans.
/**
* Deletes orphan keys, certs and csrs for given clientId
* @param clientId
* @throws OrphansNotFoundException if orphans dont exist for this client. Possible reasons
* include also that this client is still alive (not deleted).
* @throws ActionNotPossibleException if delete-cert or delete-csr was not possible action
* @throws GlobalConfOutdatedException
* if global conf is outdated. This prevents key deletion.
*/
public void deleteOrphans(ClientId clientId) throws OrphansNotFoundException, ActionNotPossibleException, GlobalConfOutdatedException {
auditDataHelper.put(clientId);
if (isAlive(clientId) || hasAliveSiblings(clientId)) {
throw new OrphansNotFoundException();
}
Orphans orphans = findOrphans(clientId);
if (orphans.isEmpty()) {
throw new OrphansNotFoundException();
}
try {
// delete the orphans
for (KeyInfo keyInfo : orphans.getKeys()) {
keyService.deleteKeyAndIgnoreWarnings(keyInfo.getId());
}
tokenCertificateService.deleteCertificates(orphans.getCerts());
for (CertRequestInfo certRequestInfo : orphans.getCsrs()) {
tokenCertificateService.deleteCsr(certRequestInfo.getId());
}
} catch (KeyNotFoundException | CsrNotFoundException | CertificateNotFoundException e) {
// we just internally looked up these items, so them not being found is an internal error
throw new RuntimeException(e);
}
}
Also used :
KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo)
CertRequestInfo(ee.ria.xroad.signer.protocol.dto.CertRequestInfo)
Example 9 with CertRequestInfo
use of ee.ria.xroad.signer.protocol.dto.CertRequestInfo in project X-Road by nordic-institute.
the class TokenCertificateSigningRequestConverterTest method convert.
@Test
public void convert() {
CertRequestInfo certRequestInfo = new CertRequestInfo("id", ClientId.create("a", "b", "c"), "subject-name");
TokenCertificateSigningRequest csr = csrConverter.convert(certRequestInfo);
assertEquals("id", csr.getId());
assertEquals("a:b:c", csr.getOwnerId());
}
Also used :
TokenCertificateSigningRequest(org.niis.xroad.securityserver.restapi.openapi.model.TokenCertificateSigningRequest)
CertRequestInfo(ee.ria.xroad.signer.protocol.dto.CertRequestInfo)
Test(org.junit.Test)
Example 10 with CertRequestInfo
use of ee.ria.xroad.signer.protocol.dto.CertRequestInfo in project X-Road by nordic-institute.
the class TokenCertificateSigningRequestConverterTest method convertWithPossibleActions.
@Test
public void convertWithPossibleActions() throws Exception {
CertRequestInfo certRequestInfo = new CertificateTestUtils.CertRequestInfoBuilder().build();
KeyInfo keyInfo = new TokenTestUtils.KeyInfoBuilder().csr(certRequestInfo).build();
TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().key(keyInfo).build();
TokenCertificateSigningRequest csr = csrConverter.convert(certRequestInfo, keyInfo, tokenInfo);
Collection<PossibleAction> actions = csr.getPossibleActions();
assertTrue(actions.contains(PossibleAction.DELETE));
assertEquals(1, actions.size());
}
Also used :
PossibleAction(org.niis.xroad.securityserver.restapi.openapi.model.PossibleAction)
KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo)
CertificateTestUtils(org.niis.xroad.securityserver.restapi.util.CertificateTestUtils)
TokenCertificateSigningRequest(org.niis.xroad.securityserver.restapi.openapi.model.TokenCertificateSigningRequest)
TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo)
CertRequestInfo(ee.ria.xroad.signer.protocol.dto.CertRequestInfo)
Test(org.junit.Test)
Aggregations
CertRequestInfo (ee.ria.xroad.signer.protocol.dto.CertRequestInfo)12
KeyInfo (ee.ria.xroad.signer.protocol.dto.KeyInfo)9
TokenInfo (ee.ria.xroad.signer.protocol.dto.TokenInfo)6
CertificateInfo (ee.ria.xroad.signer.protocol.dto.CertificateInfo)5
CodedException (ee.ria.xroad.common.CodedException)4
Test (org.junit.Test)4
TokenInfoAndKeyId (ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId)3
ArrayList (java.util.ArrayList)3
ClientId (ee.ria.xroad.common.identifier.ClientId)2
GeneratedCertRequestInfo (ee.ria.xroad.commonui.SignerProxy.GeneratedCertRequestInfo)2
TokenAndKey (ee.ria.xroad.signer.util.TokenAndKey)2
TokenCertificateSigningRequest (org.niis.xroad.securityserver.restapi.openapi.model.TokenCertificateSigningRequest)2
X_WRONG_CERT_USAGE (ee.ria.xroad.common.ErrorCodes.X_WRONG_CERT_USAGE)1
DnFieldDescription (ee.ria.xroad.common.certificateprofile.DnFieldDescription)1
DnFieldDescriptionImpl (ee.ria.xroad.common.certificateprofile.impl.DnFieldDescriptionImpl)1
Cert (ee.ria.xroad.signer.model.Cert)1
CertRequest (ee.ria.xroad.signer.model.CertRequest)1
Key (ee.ria.xroad.signer.model.Key)1
Token (ee.ria.xroad.signer.model.Token)1
KeyUsageInfo (ee.ria.xroad.signer.protocol.dto.KeyUsageInfo)1
