Examples with CertificateSerial org.candlepin.model.CertificateSerial used on opensource projects

Example 1 with CertificateSerial

use of org.candlepin.model.CertificateSerial in project candlepin by candlepin.

the class ConsumerImporter method store.

public void store(Owner owner, ConsumerDTO consumer, ConflictOverrides forcedConflicts, IdentityCertificate idcert) throws SyncDataFormatException {
    if (consumer.getUuid() == null) {
        throw new SyncDataFormatException(i18n.tr("No ID for upstream subscription management application."));
    }
    // Make sure no other owner is already using this upstream UUID:
    Owner alreadyUsing = curator.lookupWithUpstreamUuid(consumer.getUuid());
    if (alreadyUsing != null && !alreadyUsing.getKey().equals(owner.getKey())) {
        log.error("Cannot import manifest for org: {}", owner.getKey());
        log.error("Upstream distributor {} already in used by org: {}", consumer.getUuid(), alreadyUsing.getKey());
        // delete their manifest after which it could be used elsewhere.
        throw new SyncDataFormatException(i18n.tr("This subscription management application has already been imported by another owner."));
    }
    if (owner.getUpstreamUuid() != null && !owner.getUpstreamUuid().equals(consumer.getUuid())) {
        if (!forcedConflicts.isForced(Importer.Conflict.DISTRIBUTOR_CONFLICT)) {
            throw new ImportConflictException(i18n.tr("Owner has already imported from another subscription management application."), Importer.Conflict.DISTRIBUTOR_CONFLICT);
        } else {
            log.warn("Forcing import from a new distributor for org: {}", owner.getKey());
            log.warn("Old distributor UUID: {}", owner.getUpstreamUuid());
            log.warn("New distributor UUID: {}", consumer.getUuid());
        }
    }
    /*
         * WARNING: Strange quirk here, we create a certificate serial object here which does not
         * match the actual serial of the identity certificate. Presumably this is to prevent
         * potential conflicts with a serial that came from somewhere else. This is consistent with
         * importing entitlement certs (as subscription certs).
         */
    if (idcert != null) {
        CertificateSerial cs = new CertificateSerial();
        cs.setCollected(idcert.getSerial().isCollected());
        cs.setExpiration(idcert.getSerial().getExpiration());
        cs.setUpdated(idcert.getSerial().getUpdated());
        cs.setCreated(idcert.getSerial().getCreated());
        serialCurator.create(cs);
        idcert.setId(null);
        idcert.setSerial(cs);
        idCertCurator.create(idcert);
    }
    // create an UpstreamConsumer from the imported ConsumerDto
    ConsumerType type = new ConsumerType();
    populateEntity(type, consumer.getType());
    Owner ownerToUse = new Owner();
    if (consumer.getOwner() != null) {
        populateEntity(ownerToUse, consumer.getOwner());
    }
    UpstreamConsumer uc = new UpstreamConsumer(consumer.getName(), ownerToUse, type, consumer.getUuid());
    uc.setWebUrl(consumer.getUrlWeb());
    uc.setApiUrl(consumer.getUrlApi());
    uc.setIdCert(idcert);
    uc.setContentAccessMode(consumer.getContentAccessMode());
    owner.setUpstreamConsumer(uc);
    curator.merge(owner);
}

Example 2 with CertificateSerial

use of org.candlepin.model.CertificateSerial in project candlepin by candlepin.

the class DefaultIdentityCertServiceAdapter method generate.

private IdentityCertificate generate(Consumer consumer) throws GeneralSecurityException, IOException {
    Calendar cal = Calendar.getInstance();
    cal.add(Calendar.HOUR, -1);
    Date startDate = cal.getTime();
    Date endDate = this.endDateGenerator.apply(new Date());
    CertificateSerial serial = new CertificateSerial(endDate);
    // We need the sequence generated id before we create the EntitlementCertificate,
    // otherwise we could have used cascading create
    serialCurator.create(serial);
    String dn = createDN(consumer);
    IdentityCertificate identityCert = new IdentityCertificate();
    KeyPair keyPair = keyPairCurator.getConsumerKeyPair(consumer);
    X509Certificate x509cert = pki.createX509Certificate(dn, null, null, startDate, endDate, keyPair, BigInteger.valueOf(serial.getId()), consumer.getName());
    identityCert.setCert(new String(pki.getPemEncoded(x509cert)));
    identityCert.setKey(new String(pki.getPemEncoded(keyPair.getPrivate())));
    identityCert.setSerial(serial);
    consumer.setIdCert(identityCert);
    return idCertCurator.create(identityCert);
}

Example 3 with CertificateSerial

use of org.candlepin.model.CertificateSerial in project candlepin by candlepin.

the class CrlFileUtil method syncCRLWithDB.

@Transactional
public boolean syncCRLWithDB(File file) throws IOException {
    List<BigInteger> revoke = new LinkedList<>();
    List<CertificateSerial> serials = this.certificateSerialCurator.retrieveTobeCollectedSerials().list();
    for (CertificateSerial serial : serials) {
        revoke.add(serial.getSerial());
        serial.setCollected(true);
    }
    List<BigInteger> unrevoke = new LinkedList<>();
    for (CertificateSerial serial : this.certificateSerialCurator.getExpiredSerials()) {
        unrevoke.add(serial.getSerial());
    }
    if (revoke.size() > 0 || unrevoke.size() > 0) {
        this.updateCRLFile(file, revoke, unrevoke);
        // Store the state of the newly-revoked serials as "collected"
        this.certificateSerialCurator.saveOrUpdateAll(serials, true, true);
    }
    return true;
}

Example 4 with CertificateSerial

use of org.candlepin.model.CertificateSerial in project candlepin by candlepin.

the class SubscriptionReconcilerTest method createEntitlementCertificate.

protected EntitlementCertificate createEntitlementCertificate(String key, String cert) {
    EntitlementCertificate toReturn = new EntitlementCertificate();
    CertificateSerial certSerial = new CertificateSerial(new Date());
    certSerial.setCollected(true);
    certSerial.setUpdated(new Date());
    certSerial.setCreated(new Date());
    toReturn.setKeyAsBytes(key.getBytes());
    toReturn.setCertAsBytes(cert.getBytes());
    toReturn.setSerial(certSerial);
    return toReturn;
}

Example 5 with CertificateSerial

use of org.candlepin.model.CertificateSerial in project candlepin by candlepin.

the class DefaultIdentityCertServiceAdapterTest method testGenerate.

@Test
public void testGenerate() throws GeneralSecurityException, IOException {
    Consumer consumer = mock(Consumer.class);
    when(consumer.getId()).thenReturn("42");
    when(consumer.getUuid()).thenReturn(Util.generateUUID());
    KeyPair kp = createKeyPair();
    when(kpc.getConsumerKeyPair(consumer)).thenReturn(kp);
    when(idcur.find(consumer.getId())).thenReturn(null);
    when(csc.create(any(CertificateSerial.class))).thenAnswer(new Answer<CertificateSerial>() {

        public CertificateSerial answer(InvocationOnMock invocation) {
            Object[] args = invocation.getArguments();
            CertificateSerial cs = (CertificateSerial) args[0];
            cs.setId(42L);
            return cs;
        }
    });
    when(pki.getPemEncoded(any(X509Certificate.class))).thenReturn("x509cert".getBytes());
    when(pki.getPemEncoded(any(PrivateKey.class))).thenReturn("priv".getBytes());
    when(idcur.create(any(IdentityCertificate.class))).thenAnswer(new Answer<IdentityCertificate>() {

        public IdentityCertificate answer(InvocationOnMock invocation) {
            Object[] args = invocation.getArguments();
            IdentityCertificate ic = (IdentityCertificate) args[0];
            ic.setId("42");
            return ic;
        }
    });
    IdentityCertificate ic = dicsa.generateIdentityCert(consumer);
    assertNotNull(ic);
    assertEquals("priv", ic.getKey());
    assertEquals("x509cert", ic.getCert());
    assertNotNull(ic.getCertAsBytes());
    assertNotNull(ic.getKeyAsBytes());
    verify(consumer).setIdCert(ic);
    verify(csc).create(any(CertificateSerial.class));
}