Search in sources :

Example 1 with TokenInfoAndKeyId

use of ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId in project X-Road by nordic-institute.

the class TokenCertificateService method importCertificateFromToken.

/**
 * Find an existing cert from a token (e.g. HSM) by cert hash and import it to keyconf.xml. This enables the cert
 * to be used for signing messages.
 * @param hash cert hash of an existing cert
 * @return CertificateType
 * @throws CertificateNotFoundException
 * @throws InvalidCertificateException other general import failure
 * @throws GlobalConfOutdatedException
 * @throws KeyNotFoundException
 * @throws CertificateAlreadyExistsException
 * @throws WrongCertificateUsageException
 * @throws ClientNotFoundException
 * @throws CsrNotFoundException
 * @throws AuthCertificateNotSupportedException if trying to import an auth cert from a token
 * @throws ActionNotPossibleException if import was not possible due to cert/key/token states
 */
public CertificateInfo importCertificateFromToken(String hash) throws CertificateNotFoundException, InvalidCertificateException, GlobalConfOutdatedException, KeyNotFoundException, CertificateAlreadyExistsException, WrongCertificateUsageException, ClientNotFoundException, CsrNotFoundException, AuthCertificateNotSupportedException, ActionNotPossibleException {
    CertificateInfo certificateInfo = getCertificateInfo(hash);
    TokenInfoAndKeyId tokenInfoAndKeyId = tokenService.getTokenAndKeyIdForCertificateHash(hash);
    TokenInfo tokenInfo = tokenInfoAndKeyId.getTokenInfo();
    KeyInfo keyInfo = tokenInfoAndKeyId.getKeyInfo();
    auditDataHelper.put(tokenInfo);
    auditDataHelper.put(keyInfo);
    auditDataHelper.put(RestApiAuditProperty.CERT_ID, certificateInfo.getId());
    EnumSet<PossibleActionEnum> possibleActions = getPossibleActionsForCertificateInternal(hash, certificateInfo, keyInfo, tokenInfo);
    possibleActionsRuleEngine.requirePossibleAction(PossibleActionEnum.IMPORT_FROM_TOKEN, possibleActions);
    return importCertificate(certificateInfo.getCertificateBytes(), true);
}
Also used : TokenInfoAndKeyId(ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId) KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) CertificateInfo(ee.ria.xroad.signer.protocol.dto.CertificateInfo) TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo)

Example 2 with TokenInfoAndKeyId

use of ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId in project X-Road by nordic-institute.

the class TokenCertificateService method getPossibleActionsForCsr.

/**
 * Return possible actions for one csr
 * Key not found exceptions are wrapped as RuntimeExceptions
 * since them happening is considered to be internal error.
 * @throws CertificateNotFoundException
 */
public EnumSet<PossibleActionEnum> getPossibleActionsForCsr(String csrId) throws CsrNotFoundException {
    TokenInfoAndKeyId tokenInfoAndKeyId = null;
    try {
        tokenInfoAndKeyId = tokenService.getTokenAndKeyIdForCertificateRequestId(csrId);
    } catch (KeyNotFoundException e) {
        throw new RuntimeException("internal error", e);
    }
    TokenInfo tokenInfo = tokenInfoAndKeyId.getTokenInfo();
    KeyInfo keyInfo = tokenInfoAndKeyId.getKeyInfo();
    CertRequestInfo certRequestInfo = getCsr(keyInfo, csrId);
    EnumSet<PossibleActionEnum> possibleActions = possibleActionsRuleEngine.getPossibleCsrActions(tokenInfo);
    return possibleActions;
}
Also used : TokenInfoAndKeyId(ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId) DeviationAwareRuntimeException(org.niis.xroad.restapi.exceptions.DeviationAwareRuntimeException) KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo) GeneratedCertRequestInfo(ee.ria.xroad.commonui.SignerProxy.GeneratedCertRequestInfo) CertRequestInfo(ee.ria.xroad.signer.protocol.dto.CertRequestInfo)

Example 3 with TokenInfoAndKeyId

use of ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId in project X-Road by nordic-institute.

the class TokenCertificateService method auditLogTokenKeyAndCert.

/**
 * Adds audit log data for basic token, key and cert details.
 * Executes a new signer request to find out token and key details.
 * @param fullKeyDetails true: full key details are added false: only key id is added
 * @throws CertificateNotFoundException
 */
private void auditLogTokenKeyAndCert(String hash, CertificateInfo certificateInfo, boolean fullKeyDetails) throws CertificateNotFoundException {
    TokenInfoAndKeyId tokenInfoAndKeyId = null;
    try {
        tokenInfoAndKeyId = tokenService.getTokenAndKeyIdForCertificateHash(hash);
    } catch (KeyNotFoundException e) {
        // key not found for a cert that exists, should not be possible
        throw new RuntimeException(e);
    }
    TokenInfo tokenInfo = tokenInfoAndKeyId.getTokenInfo();
    KeyInfo keyInfo = tokenInfoAndKeyId.getKeyInfo();
    auditDataHelper.put(tokenInfo);
    if (fullKeyDetails) {
        auditDataHelper.put(keyInfo);
    } else {
        auditDataHelper.put(RestApiAuditProperty.KEY_ID, keyInfo.getId());
    }
    auditDataHelper.put(certificateInfo);
    auditDataHelper.put(RestApiAuditProperty.CERT_ID, certificateInfo.getId());
}
Also used : TokenInfoAndKeyId(ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId) DeviationAwareRuntimeException(org.niis.xroad.restapi.exceptions.DeviationAwareRuntimeException) KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo)

Example 4 with TokenInfoAndKeyId

use of ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId in project X-Road by nordic-institute.

the class SignerProxy method getTokenAndKeyIdForCertRequestId.

/**
 * Get TokenInfoAndKeyId for a given cert hash
 * @param certRequestId
 * @return TokenInfoAndKeyId
 * @throws Exception
 */
public static TokenInfoAndKeyId getTokenAndKeyIdForCertRequestId(String certRequestId) throws Exception {
    log.trace("Getting token and key id by cert request id '{}'", certRequestId);
    TokenInfoAndKeyId response = execute(new GetTokenInfoAndKeyIdForCertRequestId(certRequestId));
    log.trace("Token and key id with cert request id '{}' found", certRequestId);
    return response;
}
Also used : TokenInfoAndKeyId(ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId) GetTokenInfoAndKeyIdForCertRequestId(ee.ria.xroad.signer.protocol.message.GetTokenInfoAndKeyIdForCertRequestId)

Example 5 with TokenInfoAndKeyId

use of ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId in project X-Road by nordic-institute.

the class RegenerateCertRequestRequestHandler method findTokenAndKeyForCsrId.

private TokenAndKey findTokenAndKeyForCsrId(String certRequestId) {
    TokenInfoAndKeyId tokenInfoAndKeyId = TokenManager.findTokenAndKeyIdForCertRequestId(certRequestId);
    KeyInfo keyInfo = TokenManager.getKeyInfo(tokenInfoAndKeyId.getKeyId());
    return new TokenAndKey(tokenInfoAndKeyId.getTokenInfo().getId(), keyInfo);
}
Also used : TokenInfoAndKeyId(ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId) KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) TokenAndKey(ee.ria.xroad.signer.util.TokenAndKey)

Aggregations

TokenInfoAndKeyId (ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId)12 KeyInfo (ee.ria.xroad.signer.protocol.dto.KeyInfo)9 TokenInfo (ee.ria.xroad.signer.protocol.dto.TokenInfo)8 CertificateInfo (ee.ria.xroad.signer.protocol.dto.CertificateInfo)4 DeviationAwareRuntimeException (org.niis.xroad.restapi.exceptions.DeviationAwareRuntimeException)4 CertRequestInfo (ee.ria.xroad.signer.protocol.dto.CertRequestInfo)3 GeneratedCertRequestInfo (ee.ria.xroad.commonui.SignerProxy.GeneratedCertRequestInfo)2 Before (org.junit.Before)2 TokenTestUtils (org.niis.xroad.securityserver.restapi.util.TokenTestUtils)2 CodedException (ee.ria.xroad.common.CodedException)1 ClientType (ee.ria.xroad.common.conf.serverconf.model.ClientType)1 ClientId (ee.ria.xroad.common.identifier.ClientId)1 KeyUsageInfo (ee.ria.xroad.signer.protocol.dto.KeyUsageInfo)1 GetTokenInfoAndKeyIdForCertHash (ee.ria.xroad.signer.protocol.message.GetTokenInfoAndKeyIdForCertHash)1 GetTokenInfoAndKeyIdForCertRequestId (ee.ria.xroad.signer.protocol.message.GetTokenInfoAndKeyIdForCertRequestId)1 TokenAndKey (ee.ria.xroad.signer.util.TokenAndKey)1 ArrayList (java.util.ArrayList)1 Arrays (java.util.Arrays)1 Collections (java.util.Collections)1 HashMap (java.util.HashMap)1