use of ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId in project X-Road by nordic-institute.
the class TokenCertificateService method importCertificateFromToken.
/**
* Find an existing cert from a token (e.g. HSM) by cert hash and import it to keyconf.xml. This enables the cert
* to be used for signing messages.
* @param hash cert hash of an existing cert
* @return CertificateType
* @throws CertificateNotFoundException
* @throws InvalidCertificateException other general import failure
* @throws GlobalConfOutdatedException
* @throws KeyNotFoundException
* @throws CertificateAlreadyExistsException
* @throws WrongCertificateUsageException
* @throws ClientNotFoundException
* @throws CsrNotFoundException
* @throws AuthCertificateNotSupportedException if trying to import an auth cert from a token
* @throws ActionNotPossibleException if import was not possible due to cert/key/token states
*/
public CertificateInfo importCertificateFromToken(String hash) throws CertificateNotFoundException, InvalidCertificateException, GlobalConfOutdatedException, KeyNotFoundException, CertificateAlreadyExistsException, WrongCertificateUsageException, ClientNotFoundException, CsrNotFoundException, AuthCertificateNotSupportedException, ActionNotPossibleException {
CertificateInfo certificateInfo = getCertificateInfo(hash);
TokenInfoAndKeyId tokenInfoAndKeyId = tokenService.getTokenAndKeyIdForCertificateHash(hash);
TokenInfo tokenInfo = tokenInfoAndKeyId.getTokenInfo();
KeyInfo keyInfo = tokenInfoAndKeyId.getKeyInfo();
auditDataHelper.put(tokenInfo);
auditDataHelper.put(keyInfo);
auditDataHelper.put(RestApiAuditProperty.CERT_ID, certificateInfo.getId());
EnumSet<PossibleActionEnum> possibleActions = getPossibleActionsForCertificateInternal(hash, certificateInfo, keyInfo, tokenInfo);
possibleActionsRuleEngine.requirePossibleAction(PossibleActionEnum.IMPORT_FROM_TOKEN, possibleActions);
return importCertificate(certificateInfo.getCertificateBytes(), true);
}
use of ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId in project X-Road by nordic-institute.
the class TokenCertificateService method getPossibleActionsForCsr.
/**
* Return possible actions for one csr
* Key not found exceptions are wrapped as RuntimeExceptions
* since them happening is considered to be internal error.
* @throws CertificateNotFoundException
*/
public EnumSet<PossibleActionEnum> getPossibleActionsForCsr(String csrId) throws CsrNotFoundException {
TokenInfoAndKeyId tokenInfoAndKeyId = null;
try {
tokenInfoAndKeyId = tokenService.getTokenAndKeyIdForCertificateRequestId(csrId);
} catch (KeyNotFoundException e) {
throw new RuntimeException("internal error", e);
}
TokenInfo tokenInfo = tokenInfoAndKeyId.getTokenInfo();
KeyInfo keyInfo = tokenInfoAndKeyId.getKeyInfo();
CertRequestInfo certRequestInfo = getCsr(keyInfo, csrId);
EnumSet<PossibleActionEnum> possibleActions = possibleActionsRuleEngine.getPossibleCsrActions(tokenInfo);
return possibleActions;
}
use of ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId in project X-Road by nordic-institute.
the class TokenCertificateService method auditLogTokenKeyAndCert.
/**
* Adds audit log data for basic token, key and cert details.
* Executes a new signer request to find out token and key details.
* @param fullKeyDetails true: full key details are added false: only key id is added
* @throws CertificateNotFoundException
*/
private void auditLogTokenKeyAndCert(String hash, CertificateInfo certificateInfo, boolean fullKeyDetails) throws CertificateNotFoundException {
TokenInfoAndKeyId tokenInfoAndKeyId = null;
try {
tokenInfoAndKeyId = tokenService.getTokenAndKeyIdForCertificateHash(hash);
} catch (KeyNotFoundException e) {
// key not found for a cert that exists, should not be possible
throw new RuntimeException(e);
}
TokenInfo tokenInfo = tokenInfoAndKeyId.getTokenInfo();
KeyInfo keyInfo = tokenInfoAndKeyId.getKeyInfo();
auditDataHelper.put(tokenInfo);
if (fullKeyDetails) {
auditDataHelper.put(keyInfo);
} else {
auditDataHelper.put(RestApiAuditProperty.KEY_ID, keyInfo.getId());
}
auditDataHelper.put(certificateInfo);
auditDataHelper.put(RestApiAuditProperty.CERT_ID, certificateInfo.getId());
}
use of ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId in project X-Road by nordic-institute.
the class SignerProxy method getTokenAndKeyIdForCertRequestId.
/**
* Get TokenInfoAndKeyId for a given cert hash
* @param certRequestId
* @return TokenInfoAndKeyId
* @throws Exception
*/
public static TokenInfoAndKeyId getTokenAndKeyIdForCertRequestId(String certRequestId) throws Exception {
log.trace("Getting token and key id by cert request id '{}'", certRequestId);
TokenInfoAndKeyId response = execute(new GetTokenInfoAndKeyIdForCertRequestId(certRequestId));
log.trace("Token and key id with cert request id '{}' found", certRequestId);
return response;
}
use of ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId in project X-Road by nordic-institute.
the class RegenerateCertRequestRequestHandler method findTokenAndKeyForCsrId.
private TokenAndKey findTokenAndKeyForCsrId(String certRequestId) {
TokenInfoAndKeyId tokenInfoAndKeyId = TokenManager.findTokenAndKeyIdForCertRequestId(certRequestId);
KeyInfo keyInfo = TokenManager.getKeyInfo(tokenInfoAndKeyId.getKeyId());
return new TokenAndKey(tokenInfoAndKeyId.getTokenInfo().getId(), keyInfo);
}
Aggregations