Search in sources :

Example 36 with TokenInfo

use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.

the class ImportCertRequestHandler method importCertificate.

private String importCertificate(X509Certificate cert, String initialStatus, ClientId memberId) throws Exception {
    String publicKey = encodeBase64(cert.getPublicKey().getEncoded());
    // Find the key based on the public key of the cert
    for (TokenInfo tokenInfo : TokenManager.listTokens()) {
        for (KeyInfo keyInfo : tokenInfo.getKeyInfo()) {
            if (matchesPublicKeyOrExistingCert(publicKey, cert, keyInfo)) {
                String keyId = keyInfo.getId();
                log.debug("Importing certificate under key '{}'", keyId);
                importCertificateToKey(keyInfo, cert, initialStatus, memberId);
                return keyId;
            }
        }
    }
    throw CodedException.tr(X_KEY_NOT_FOUND, "key_not_found_for_certificate", "Could not find key that has public key that matches the " + "public key of certificate");
}
Also used : KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo)

Example 37 with TokenInfo

use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.

the class CertificateInfoSensorTest method createTestTokenInfo.

private TokenInfo createTestTokenInfo(KeyInfo... keyInfoParams) {
    List<KeyInfo> keyInfos = new ArrayList<>();
    for (KeyInfo info : keyInfoParams) {
        keyInfos.add(info);
    }
    Map<String, String> tokenInfos = new HashMap<>();
    return new TokenInfo("type", "friendlyName", "id", false, false, false, "serialNumber", "label", -1, TokenStatusInfo.OK, Collections.unmodifiableList(keyInfos), Collections.unmodifiableMap(tokenInfos));
}
Also used : KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo)

Example 38 with TokenInfo

use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.

the class GlobalConfCheckerTest method setup.

@Before
public void setup() throws Exception {
    doAnswer(answer -> null).when(globalConfFacade).verifyValidity();
    doAnswer(answer -> null).when(globalConfFacade).reload();
    List<MemberInfo> globalMemberInfos = new ArrayList<>(Arrays.asList(TestUtils.getMemberInfo(TestUtils.INSTANCE_FI, TestUtils.MEMBER_CLASS_GOV, TestUtils.MEMBER_CODE_M1, null), TestUtils.getMemberInfo(TestUtils.INSTANCE_FI, TestUtils.MEMBER_CLASS_GOV, TestUtils.MEMBER_CODE_M2, null)));
    when(globalConfFacade.getMembers(any())).thenReturn(globalMemberInfos);
    when(globalConfFacade.getMemberName(any())).thenAnswer(invocation -> {
        ClientId clientId = (ClientId) invocation.getArguments()[0];
        Optional<MemberInfo> m = globalMemberInfos.stream().filter(g -> g.getId().equals(clientId)).findFirst();
        if (m.isPresent()) {
            return m.get().getName();
        } else {
            return null;
        }
    });
    when(globalConfFacade.getInstanceIdentifier()).thenReturn(TestUtils.INSTANCE_FI);
    when(managementRequestSenderService.sendClientRegisterRequest(any())).thenReturn(1);
    KeyInfo ownerSignKey = new TokenTestUtils.KeyInfoBuilder().id(KEY_OWNER_ID).keyUsageInfo(KeyUsageInfo.SIGNING).csr(new CertificateTestUtils.CertRequestInfoBuilder().clientId(OWNER_MEMBER).id(CERT_OWNER_HASH).build()).build();
    KeyInfo newOwnerSignKey = new TokenTestUtils.KeyInfoBuilder().id(KEY_NEW_OWNER_ID).keyUsageInfo(KeyUsageInfo.SIGNING).csr(new CertificateTestUtils.CertRequestInfoBuilder().clientId(NEW_OWNER_MEMBER).id(CERT_NEW_OWNER_HASH).build()).build();
    CertificateInfo certificateInfo = new CertificateTestUtils.CertificateInfoBuilder().id(CERT_AUTH_HASH).build();
    KeyInfo authKey = new TokenTestUtils.KeyInfoBuilder().id(KEY_AUTH_ID).keyUsageInfo(KeyUsageInfo.AUTHENTICATION).cert(certificateInfo).build();
    TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().friendlyName("fubar").key(ownerSignKey).key(newOwnerSignKey).key(authKey).build();
    Map<String, TokenInfo> tokens = new HashMap<>();
    tokens.put(tokenInfo.getId(), tokenInfo);
    when(signerProxyFacade.getTokens()).thenReturn(new ArrayList<>(tokens.values()));
    when(signerProxyFacade.execute(new GetAuthKey(any()))).thenReturn(new AuthKeyInfo(KEY_AUTH_ID, null, null, certificateInfo));
    when(globalConfService.getMemberClassesForThisInstance()).thenReturn(new HashSet<>(MEMBER_CLASSES));
}
Also used : ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) Arrays(java.util.Arrays) TspType(ee.ria.xroad.common.conf.serverconf.model.TspType) Autowired(org.springframework.beans.factory.annotation.Autowired) HashMap(java.util.HashMap) ServerConfService(org.niis.xroad.securityserver.restapi.service.ServerConfService) AuthKeyInfo(ee.ria.xroad.signer.protocol.dto.AuthKeyInfo) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) KeyUsageInfo(ee.ria.xroad.signer.protocol.dto.KeyUsageInfo) Map(java.util.Map) Mockito.doAnswer(org.mockito.Mockito.doAnswer) KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) AbstractFacadeMockingTestContext(org.niis.xroad.securityserver.restapi.config.AbstractFacadeMockingTestContext) ClientType(ee.ria.xroad.common.conf.serverconf.model.ClientType) Before(org.junit.Before) GetAuthKey(ee.ria.xroad.signer.protocol.message.GetAuthKey) IsAuthentication(ee.ria.xroad.common.conf.serverconf.IsAuthentication) TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo) Test(org.junit.Test) CertificateInfo(ee.ria.xroad.signer.protocol.dto.CertificateInfo) Mockito.when(org.mockito.Mockito.when) ClientService(org.niis.xroad.securityserver.restapi.service.ClientService) Assert.assertNotEquals(org.junit.Assert.assertNotEquals) Slf4j(lombok.extern.slf4j.Slf4j) GlobalConfService(org.niis.xroad.securityserver.restapi.service.GlobalConfService) List(java.util.List) ApprovedTSAType(ee.ria.xroad.common.conf.globalconf.sharedparameters.v2.ApprovedTSAType) MemberInfo(ee.ria.xroad.common.conf.globalconf.MemberInfo) TestUtils(org.niis.xroad.securityserver.restapi.util.TestUtils) TokenTestUtils(org.niis.xroad.securityserver.restapi.util.TokenTestUtils) SecurityServerId(ee.ria.xroad.common.identifier.SecurityServerId) Optional(java.util.Optional) ClientId(ee.ria.xroad.common.identifier.ClientId) Collections(java.util.Collections) CertificateTestUtils(org.niis.xroad.securityserver.restapi.util.CertificateTestUtils) Assert.assertEquals(org.junit.Assert.assertEquals) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) TokenTestUtils(org.niis.xroad.securityserver.restapi.util.TokenTestUtils) AuthKeyInfo(ee.ria.xroad.signer.protocol.dto.AuthKeyInfo) MemberInfo(ee.ria.xroad.common.conf.globalconf.MemberInfo) GetAuthKey(ee.ria.xroad.signer.protocol.message.GetAuthKey) AuthKeyInfo(ee.ria.xroad.signer.protocol.dto.AuthKeyInfo) KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) CertificateTestUtils(org.niis.xroad.securityserver.restapi.util.CertificateTestUtils) ClientId(ee.ria.xroad.common.identifier.ClientId) CertificateInfo(ee.ria.xroad.signer.protocol.dto.CertificateInfo) TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo) Before(org.junit.Before)

Example 39 with TokenInfo

use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.

the class KeyAndCertificateRequestServiceIntegrationTest method setup.

@Before
public void setup() throws Exception {
    TokenInfo token0 = new TokenTestUtils.TokenInfoBuilder().id(SOFTWARE_TOKEN_ID).type(TokenInfo.SOFTWARE_MODULE_TYPE).friendlyName("mock-token0").build();
    TokenInfo token1 = new TokenTestUtils.TokenInfoBuilder().id(OTHER_TOKEN_ID).type("mock-type").friendlyName("mock-token1").build();
    Map<String, TokenInfo> tokens = new HashMap<>();
    tokens.put(token0.getId(), token0);
    tokens.put(token1.getId(), token1);
    // mock related signer proxy methods
    when(signerProxyFacade.getTokens()).thenReturn(new ArrayList<>(tokens.values()));
    when(signerProxyFacade.getToken(any())).thenAnswer(invocation -> tokens.get(invocation.getArguments()[0]));
    when(signerProxyFacade.generateKey(any(), any())).thenAnswer(invocation -> {
        String tokenId = (String) invocation.getArguments()[0];
        String label = (String) invocation.getArguments()[1];
        // new keys start with usage = null
        KeyInfo keyInfo = new TokenTestUtils.KeyInfoBuilder().id(label).keyUsageInfo(null).friendlyName(label).build();
        TokenInfo token = tokens.get(tokenId);
        token.getKeyInfo().add(keyInfo);
        return keyInfo;
    });
    when(signerProxyFacade.getTokenForKeyId(any())).thenAnswer(invocation -> {
        String keyId = (String) invocation.getArguments()[0];
        return getTokenWithKey(tokens, keyId);
    });
    when(signerProxyFacade.generateCertRequest(any(), any(), any(), any(), any())).thenAnswer(invocation -> {
        // keyInfo is immutable, so we need some work to replace KeyInfo with
        // one that has correct usage
        String keyId = (String) invocation.getArguments()[0];
        KeyUsageInfo keyUsage = (KeyUsageInfo) invocation.getArguments()[2];
        KeyInfo keyInfo = getKey(tokens, keyId);
        TokenInfo tokenInfo = getTokenWithKey(tokens, keyId);
        KeyInfo copy = new TokenTestUtils.KeyInfoBuilder().keyInfo(keyInfo).keyUsageInfo(keyUsage).build();
        tokenInfo.getKeyInfo().remove(keyInfo);
        tokenInfo.getKeyInfo().add(copy);
        return new SignerProxy.GeneratedCertRequestInfo(null, null, null, null, null);
    });
    when(globalConfFacade.getApprovedCAs(any())).thenReturn(Arrays.asList(new ApprovedCAInfo(MOCK_CA, false, "ee.ria.xroad.common.certificateprofile.impl.FiVRKCertificateProfileInfoProvider")));
    ClientId ownerId = ClientId.create("FI", "GOV", "M1");
    SecurityServerId ownerSsId = SecurityServerId.create(ownerId, "TEST-INMEM-SS");
    when(currentSecurityServerId.getServerId()).thenReturn(ownerSsId);
}
Also used : ApprovedCAInfo(ee.ria.xroad.common.conf.globalconf.ApprovedCAInfo) HashMap(java.util.HashMap) SecurityServerId(ee.ria.xroad.common.identifier.SecurityServerId) TokenTestUtils(org.niis.xroad.securityserver.restapi.util.TokenTestUtils) KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) ClientId(ee.ria.xroad.common.identifier.ClientId) TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo) KeyUsageInfo(ee.ria.xroad.signer.protocol.dto.KeyUsageInfo) Before(org.junit.Before)

Example 40 with TokenInfo

use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.

the class NotificationServiceTest method getAlertsSoftTokenNotFound.

@Test
public void getAlertsSoftTokenNotFound() {
    notificationService.resetBackupRestoreRunningSince();
    assertEquals(null, notificationService.getBackupRestoreRunningSince());
    doAnswer(answer -> null).when(globalConfFacade).verifyValidity();
    TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().id(SIGN_TOKEN_ID).active(true).build();
    List<TokenInfo> allTokens = Collections.singletonList(tokenInfo);
    when(tokenService.getAllTokens()).thenReturn(allTokens);
    AlertStatus alertStatus = notificationService.getAlerts();
    assertEquals(true, alertStatus.getGlobalConfValid());
    assertEquals(true, alertStatus.getGlobalConfValidCheckSuccess());
    assertEquals(false, alertStatus.getSoftTokenPinEntered());
    assertEquals(false, alertStatus.getSoftTokenPinEnteredCheckSuccess());
}
Also used : AlertStatus(org.niis.xroad.securityserver.restapi.dto.AlertStatus) TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo) TokenTestUtils(org.niis.xroad.securityserver.restapi.util.TokenTestUtils) Test(org.junit.Test)

Aggregations

TokenInfo (ee.ria.xroad.signer.protocol.dto.TokenInfo)52 KeyInfo (ee.ria.xroad.signer.protocol.dto.KeyInfo)33 Test (org.junit.Test)19 TokenTestUtils (org.niis.xroad.securityserver.restapi.util.TokenTestUtils)16 CodedException (ee.ria.xroad.common.CodedException)14 CertificateInfo (ee.ria.xroad.signer.protocol.dto.CertificateInfo)13 SignerNotReachableException (org.niis.xroad.restapi.service.SignerNotReachableException)11 TokenInfoAndKeyId (ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId)9 ServiceException (org.niis.xroad.restapi.service.ServiceException)8 Before (org.junit.Before)7 CertRequestInfo (ee.ria.xroad.signer.protocol.dto.CertRequestInfo)6 CertificateTestUtils (org.niis.xroad.securityserver.restapi.util.CertificateTestUtils)6 ClientId (ee.ria.xroad.common.identifier.ClientId)5 HashMap (java.util.HashMap)5 DeviationAwareRuntimeException (org.niis.xroad.restapi.exceptions.DeviationAwareRuntimeException)5 Command (asg.cliche.Command)4 Utils.printTokenInfo (ee.ria.xroad.signer.console.Utils.printTokenInfo)4 KeyUsageInfo (ee.ria.xroad.signer.protocol.dto.KeyUsageInfo)4 ListTokens (ee.ria.xroad.signer.protocol.message.ListTokens)4 ArrayList (java.util.ArrayList)4