Examples with KeyInfo ee.ria.xroad.signer.protocol.dto.KeyInfo used on opensource projects

Example 41 with KeyInfo

use of ee.ria.xroad.signer.protocol.dto.KeyInfo in project X-Road by nordic-institute.

the class ImportCertRequestHandler method importCertificate.

private String importCertificate(X509Certificate cert, String initialStatus, ClientId memberId) throws Exception {
    String publicKey = encodeBase64(cert.getPublicKey().getEncoded());
    // Find the key based on the public key of the cert
    for (TokenInfo tokenInfo : TokenManager.listTokens()) {
        for (KeyInfo keyInfo : tokenInfo.getKeyInfo()) {
            if (matchesPublicKeyOrExistingCert(publicKey, cert, keyInfo)) {
                String keyId = keyInfo.getId();
                log.debug("Importing certificate under key '{}'", keyId);
                importCertificateToKey(keyInfo, cert, initialStatus, memberId);
                return keyId;
            }
        }
    }
    throw CodedException.tr(X_KEY_NOT_FOUND, "key_not_found_for_certificate", "Could not find key that has public key that matches the " + "public key of certificate");
}

Example 42 with KeyInfo

use of ee.ria.xroad.signer.protocol.dto.KeyInfo in project X-Road by nordic-institute.

the class TokenManagerMergeTest method shouldAddOcspResponse.

@Test
public void shouldAddOcspResponse() throws IOException {
    assertTrue("test setup failure", Files.exists(ADDED_KEY_FILE_PATH));
    final String testKeyId = "70726f6475636572";
    KeyInfo beforeKeyInfo = TokenManager.getKeyInfo(testKeyId);
    assertNotNull("test setup failure", beforeKeyInfo);
    final String testCertId = "e82e0b2b184d4387c2afd83708d4cfeaeb872cf7";
    CertificateInfo beforeCertInfo = TokenManager.getCertificateInfo(testCertId);
    assertNotNull("test setup failure", beforeCertInfo);
    // assert no ocsp response exists before test
    assertNull("test setup failure", beforeCertInfo.getOcspBytes());
    OCSPResp shouldMatchResponse = mock(OCSPResp.class);
    final byte[] shouldMatchOcspResponseBytes = "some example string  11 2 34".getBytes();
    when(shouldMatchResponse.getEncoded()).thenReturn(shouldMatchOcspResponseBytes);
    TokenManager.setOcspResponse(testCertId, shouldMatchResponse);
    final int beforeCertCount = TokenManager.getAllCerts().size();
    Files.copy(ADDED_KEY_CERT_FILE_PATH, testingFile.toPath(), StandardCopyOption.REPLACE_EXISTING);
    TokenManager.merge(addedCerts -> {
    });
    // make sure the merge actually reads the file, otherwise the ocsp response will of course be there
    assertEquals("merge did not add expected cert", beforeCertCount + 1, TokenManager.getAllCerts().size());
    assertArrayEquals("ocsp response bytes does not match", shouldMatchOcspResponseBytes, TokenManager.getCertificateInfo(testCertId).getOcspBytes());
}

Example 43 with KeyInfo

use of ee.ria.xroad.signer.protocol.dto.KeyInfo in project X-Road by nordic-institute.

the class TokenManager method getKeyInfo.

/**
 * @param clientId the client id
 * @return the list of keys for the given client id
 */
public static synchronized List<KeyInfo> getKeyInfo(ClientId clientId) {
    log.trace("getKeyInfo({})", clientId);
    List<KeyInfo> keyInfo = new ArrayList<>();
    for (Token token : currentTokens) {
        if (token.isInActive()) {
            // Ignore inactive (not usable) tokens
            continue;
        }
        for (Key key : token.getKeys()) {
            if (!key.isValidForSigning()) {
                // Ignore authentication keys
                continue;
            }
            for (Cert cert : key.getCerts()) {
                if (cert.isInvalid()) {
                    // Ignore inactive and invalid certificates
                    continue;
                }
                if (certBelongsToMember(cert.toDTO(), clientId)) {
                    log.debug("Found key '{}' for client '{}'", key.getId(), cert.getMemberId());
                    keyInfo.add(key.toDTO());
                }
            }
        }
    }
    return keyInfo;
}

Example 44 with KeyInfo

use of ee.ria.xroad.signer.protocol.dto.KeyInfo in project X-Road by nordic-institute.

the class SoftwareTokenWorker method updateKeys.

private void updateKeys() throws Exception {
    for (KeyInfo keyInfo : listKeys(tokenId)) {
        String keyId = keyInfo.getId();
        setKeyAvailable(keyId, true);
        if (privateKeys.containsKey(keyId)) {
            continue;
        }
        try {
            initializePrivateKey(keyId);
        } catch (Exception e) {
            setKeyAvailable(keyId, false);
            log.trace("Failed to load private key from key store", e);
        }
    }
}

Example 45 with KeyInfo

use of ee.ria.xroad.signer.protocol.dto.KeyInfo in project X-Road by nordic-institute.

the class SignerProxy method generateKey.

/**
 * Generate a new key for the token with the given ID.
 * @param tokenId ID of the token
 * @param keyLabel label of the key
 * @return generated key KeyInfo object
 * @throws Exception if any errors occur
 */
public static KeyInfo generateKey(String tokenId, String keyLabel) throws Exception {
    log.trace("Generating key for token '{}'", tokenId);
    KeyInfo keyInfo = execute(new GenerateKey(tokenId, keyLabel));
    log.trace("Received key with keyId '{}' and public key '{}'", keyInfo.getId(), keyInfo.getPublicKey());
    return keyInfo;
}