Examples with KeyInfo - ee.ria.xroad.signer.protocol.dto.KeyInfo

Example 31 with KeyInfo

use of ee.ria.xroad.signer.protocol.dto.KeyInfo in project X-Road by nordic-institute.

the class KeyConverterTest method isSavedToConfiguration.

@Test
public void isSavedToConfiguration() throws Exception {
    // test different combinations of keys and certs and the logic for isSavedToConfiguration
    KeyInfo info = new TokenTestUtils.KeyInfoBuilder().build();
    info.getCerts().clear();
    info.getCertRequests().clear();
    info.getCertRequests().add(createTestCsr());
    assertEquals(true, keyConverter.convert(info).getSavedToConfiguration());
    info.getCerts().clear();
    info.getCertRequests().clear();
    assertEquals(false, keyConverter.convert(info).getSavedToConfiguration());
    info.getCerts().clear();
    info.getCertRequests().clear();
    info.getCerts().add(new CertificateTestUtils.CertificateInfoBuilder().savedToConfiguration(false).build());
    info.getCerts().add(new CertificateTestUtils.CertificateInfoBuilder().savedToConfiguration(false).build());
    assertEquals(false, keyConverter.convert(info).getSavedToConfiguration());
    info.getCerts().clear();
    info.getCertRequests().clear();
    info.getCerts().add(new CertificateTestUtils.CertificateInfoBuilder().savedToConfiguration(false).build());
    info.getCerts().add(new CertificateTestUtils.CertificateInfoBuilder().savedToConfiguration(true).build());
    assertEquals(true, keyConverter.convert(info).getSavedToConfiguration());
    info.getCerts().clear();
    info.getCertRequests().clear();
    info.getCerts().add(new CertificateTestUtils.CertificateInfoBuilder().savedToConfiguration(true).build());
    info.getCerts().add(new CertificateTestUtils.CertificateInfoBuilder().savedToConfiguration(false).build());
    assertEquals(true, keyConverter.convert(info).getSavedToConfiguration());
}

Also used : KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) CertificateTestUtils(org.niis.xroad.securityserver.restapi.util.CertificateTestUtils) TokenTestUtils(org.niis.xroad.securityserver.restapi.util.TokenTestUtils) Test(org.junit.Test)

Example 32 with KeyInfo

use of ee.ria.xroad.signer.protocol.dto.KeyInfo in project X-Road by nordic-institute.

the class OrphanRemovalService method deleteOrphans.

/**
 * Deletes orphan keys, certs and csrs for given clientId
 * @param clientId
 * @throws OrphansNotFoundException if orphans dont exist for this client. Possible reasons
 * include also that this client is still alive (not deleted).
 * @throws ActionNotPossibleException if delete-cert or delete-csr was not possible action
 * @throws GlobalConfOutdatedException
 * if global conf is outdated. This prevents key deletion.
 */
public void deleteOrphans(ClientId clientId) throws OrphansNotFoundException, ActionNotPossibleException, GlobalConfOutdatedException {
    auditDataHelper.put(clientId);
    if (isAlive(clientId) || hasAliveSiblings(clientId)) {
        throw new OrphansNotFoundException();
    }
    Orphans orphans = findOrphans(clientId);
    if (orphans.isEmpty()) {
        throw new OrphansNotFoundException();
    }
    try {
        // delete the orphans
        for (KeyInfo keyInfo : orphans.getKeys()) {
            keyService.deleteKeyAndIgnoreWarnings(keyInfo.getId());
        }
        tokenCertificateService.deleteCertificates(orphans.getCerts());
        for (CertRequestInfo certRequestInfo : orphans.getCsrs()) {
            tokenCertificateService.deleteCsr(certRequestInfo.getId());
        }
    } catch (KeyNotFoundException | CsrNotFoundException | CertificateNotFoundException e) {
        // we just internally looked up these items, so them not being found is an internal error
        throw new RuntimeException(e);
    }
}

Also used : KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) CertRequestInfo(ee.ria.xroad.signer.protocol.dto.CertRequestInfo)

Example 33 with KeyInfo

use of ee.ria.xroad.signer.protocol.dto.KeyInfo in project X-Road by nordic-institute.

the class ConfProxyUtilAddSigningKey method execute.

@Override
final void execute(final CommandLine commandLine) throws Exception {
    ensureProxyExists(commandLine);
    final ConfProxyProperties conf = loadConf(commandLine);
    if (commandLine.hasOption("key-id")) {
        String keyId = commandLine.getOptionValue("k");
        addSigningKey(conf, keyId);
    } else if (commandLine.hasOption("token-id")) {
        String tokenId = commandLine.getOptionValue("t");
        KeyInfo keyInfo = SignerClient.execute(new GenerateKey(tokenId, "key-" + System.currentTimeMillis()));
        System.out.println("Generated key with ID " + keyInfo.getId());
        addSigningKey(conf, keyInfo.getId());
    } else {
        printHelp();
    }
}

Also used : KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) GenerateKey(ee.ria.xroad.signer.protocol.message.GenerateKey) ConfProxyProperties(ee.ria.xroad.confproxy.ConfProxyProperties)

Example 34 with KeyInfo

use of ee.ria.xroad.signer.protocol.dto.KeyInfo in project X-Road by nordic-institute.

the class CertificateAuthoritiesApiControllerTest method setUp.

@Before
public void setUp() throws Exception {
    KeyInfo signKeyInfo = new TokenTestUtils.KeyInfoBuilder().id(GOOD_SIGN_KEY_ID).keyUsageInfo(KeyUsageInfo.SIGNING).build();
    KeyInfo authKeyInfo = new TokenTestUtils.KeyInfoBuilder().id(GOOD_AUTH_KEY_ID).keyUsageInfo(KeyUsageInfo.AUTHENTICATION).build();
    doAnswer(invocation -> {
        Object[] args = invocation.getArguments();
        String keyId = (String) args[0];
        if (keyId.equals(GOOD_AUTH_KEY_ID)) {
            return authKeyInfo;
        } else if (keyId.equals(GOOD_SIGN_KEY_ID)) {
            return signKeyInfo;
        } else {
            throw new KeyNotFoundException("foo");
        }
    }).when(keyService).getKey(any());
    List<ApprovedCaDto> approvedCAInfos = new ArrayList<>();
    approvedCAInfos.add(ApprovedCaDto.builder().name(GENERAL_PURPOSE_CA_NAME).authenticationOnly(false).build());
    when(certificateAuthorityService.getCertificateAuthorities(any())).thenReturn(approvedCAInfos);
    when(certificateAuthorityService.getCertificateProfile(any(), any(), any(), anyBoolean())).thenReturn(new CertificateProfileInfo() {

        @Override
        public DnFieldDescription[] getSubjectFields() {
            return new DnFieldDescription[0];
        }

        @Override
        public X500Principal createSubjectDn(DnFieldValue[] values) {
            return null;
        }

        @Override
        public void validateSubjectField(DnFieldValue field) throws Exception {
        }
    });
}

Also used : DnFieldValue(ee.ria.xroad.common.certificateprofile.DnFieldValue) ApprovedCaDto(org.niis.xroad.securityserver.restapi.dto.ApprovedCaDto) ArrayList(java.util.ArrayList) TokenTestUtils(org.niis.xroad.securityserver.restapi.util.TokenTestUtils) CertificateProfileInfo(ee.ria.xroad.common.certificateprofile.CertificateProfileInfo) AccessDeniedException(org.springframework.security.access.AccessDeniedException) KeyNotFoundException(org.niis.xroad.securityserver.restapi.service.KeyNotFoundException) KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) X500Principal(javax.security.auth.x500.X500Principal) KeyNotFoundException(org.niis.xroad.securityserver.restapi.service.KeyNotFoundException) Before(org.junit.Before)

Example 35 with KeyInfo

use of ee.ria.xroad.signer.protocol.dto.KeyInfo in project X-Road by nordic-institute.

the class TokenCertificatesApiControllerIntegrationTest method setup.

@Before
public void setup() throws Exception {
    doAnswer(answer -> "key-id").when(signerProxyFacade).importCert(any(), any(), any());
    doAnswer(answer -> null).when(globalConfFacade).verifyValidity();
    doAnswer(answer -> TestUtils.INSTANCE_FI).when(globalConfFacade).getInstanceIdentifier();
    doAnswer(answer -> TestUtils.getM1Ss1ClientId()).when(globalConfFacade).getSubjectName(any(), any());
    CertificateInfo signCertificateInfo = new CertificateInfoBuilder().certificate(getMockCertificate()).certificateStatus("SAVED").build();
    CertificateInfo authCertificateInfo = new CertificateInfoBuilder().certificate(getMockAuthCertificate()).certificateStatus("SAVED").build();
    CertificateInfo unknownCertificateInfo = new CertificateInfoBuilder().certificate(getMockCertificateWithoutExtensions()).certificateStatus("SAVED").build();
    doAnswer(invocation -> {
        Object[] args = invocation.getArguments();
        String certId = (String) args[0];
        if (AUTH_CERT_HASH.equals(certId)) {
            return authCertificateInfo;
        } else if (UNKNOWN_CERT_HASH.equals(certId)) {
            return unknownCertificateInfo;
        } else {
            return signCertificateInfo;
        }
    }).when(signerProxyFacade).getCertForHash(any());
    doAnswer(answer -> "key-id").when(signerProxyFacade).getKeyIdForCertHash(any());
    TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().build();
    KeyInfo keyInfo = new TokenTestUtils.KeyInfoBuilder().id("key-id").build();
    tokenInfo.getKeyInfo().add(keyInfo);
    doAnswer(answer -> Collections.singletonList(tokenInfo)).when(signerProxyFacade).getTokens();
    TokenInfoAndKeyId tokenInfoAndKeyId = new TokenInfoAndKeyId(tokenInfo, keyInfo.getId());
    doAnswer(answer -> tokenInfoAndKeyId).when(signerProxyFacade).getTokenAndKeyIdForCertRequestId(any());
    doAnswer(answer -> tokenInfoAndKeyId).when(signerProxyFacade).getTokenAndKeyIdForCertHash(any());
    // by default all actions are possible
    doReturn(EnumSet.allOf(PossibleActionEnum.class)).when(possibleActionsRuleEngine).getPossibleCertificateActions(any(), any(), any());
}

Also used : TokenInfoAndKeyId(ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId) KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) PossibleActionEnum(org.niis.xroad.securityserver.restapi.service.PossibleActionEnum) CertificateInfo(ee.ria.xroad.signer.protocol.dto.CertificateInfo) TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo) TokenTestUtils(org.niis.xroad.securityserver.restapi.util.TokenTestUtils) CertificateInfoBuilder(org.niis.xroad.securityserver.restapi.util.CertificateTestUtils.CertificateInfoBuilder) Before(org.junit.Before)

Aggregations

KeyInfo (ee.ria.xroad.signer.protocol.dto.KeyInfo)58 TokenInfo (ee.ria.xroad.signer.protocol.dto.TokenInfo)32 CertificateInfo (ee.ria.xroad.signer.protocol.dto.CertificateInfo)17 Test (org.junit.Test)16 CodedException (ee.ria.xroad.common.CodedException)12 TokenTestUtils (org.niis.xroad.securityserver.restapi.util.TokenTestUtils)12 CertRequestInfo (ee.ria.xroad.signer.protocol.dto.CertRequestInfo)9 TokenInfoAndKeyId (ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId)9 Before (org.junit.Before)9 ArrayList (java.util.ArrayList)7 ClientId (ee.ria.xroad.common.identifier.ClientId)6 DeviationAwareRuntimeException (org.niis.xroad.restapi.exceptions.DeviationAwareRuntimeException)6 SignerNotReachableException (org.niis.xroad.restapi.service.SignerNotReachableException)6 KeyUsageInfo (ee.ria.xroad.signer.protocol.dto.KeyUsageInfo)5 HashMap (java.util.HashMap)5 ResourceNotFoundException (org.niis.xroad.restapi.openapi.ResourceNotFoundException)5 AuthKeyInfo (ee.ria.xroad.signer.protocol.dto.AuthKeyInfo)4 TokenManager.getKeyInfo (ee.ria.xroad.signer.tokenmanager.TokenManager.getKeyInfo)4 CertificateTestUtils (org.niis.xroad.securityserver.restapi.util.CertificateTestUtils)4 GeneratedCertRequestInfo (ee.ria.xroad.commonui.SignerProxy.GeneratedCertRequestInfo)3