Search in sources :

Example 1 with InvalidArgumentException

use of org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException in project fabric-sdk-java by hyperledger.

the class HFCAClient method revokeInternal.

private String revokeInternal(User revoker, String serial, String aki, String reason, boolean genCRL) throws RevocationException, InvalidArgumentException {
    if (cryptoSuite == null) {
        throw new InvalidArgumentException("Crypto primitives not set.");
    }
    if (Utils.isNullOrEmpty(serial)) {
        throw new IllegalArgumentException("Serial number id required to revoke ceritificate");
    }
    if (Utils.isNullOrEmpty(aki)) {
        throw new IllegalArgumentException("AKI is required to revoke certificate");
    }
    if (revoker == null) {
        throw new InvalidArgumentException("revoker is not set");
    }
    logger.debug(format("revoke revoker: %s, reason: %s, url: %s", revoker.getName(), reason, url));
    try {
        setUpSSL();
        // build request body
        RevocationRequest req = new RevocationRequest(caName, null, serial, aki, reason, genCRL);
        String body = req.toJson();
        // send revoke request
        JsonObject resp = httpPost(url + HFCA_REVOKE, body, revoker);
        logger.debug("revoke done");
        if (genCRL) {
            if (resp.isEmpty()) {
                throw new RevocationException("Failed to return CRL, revoke response is empty");
            }
            if (resp.isNull("CRL")) {
                throw new RevocationException("Failed to return CRL");
            }
            return resp.getString("CRL");
        }
        return null;
    } catch (CertificateException e) {
        logger.error("Cannot validate certificate. Error is: " + e.getMessage());
        throw new RevocationException("Error while revoking cert. " + e.getMessage(), e);
    } catch (Exception e) {
        logger.error(e.getMessage(), e);
        throw new RevocationException("Error while revoking the user. " + e.getMessage(), e);
    }
}
Also used : InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException) RevocationException(org.hyperledger.fabric_ca.sdk.exception.RevocationException) JsonObject(javax.json.JsonObject) CertificateException(java.security.cert.CertificateException) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException) URISyntaxException(java.net.URISyntaxException) RegistrationException(org.hyperledger.fabric_ca.sdk.exception.RegistrationException) KeyStoreException(java.security.KeyStoreException) AffiliationException(org.hyperledger.fabric_ca.sdk.exception.AffiliationException) GenerateCRLException(org.hyperledger.fabric_ca.sdk.exception.GenerateCRLException) KeyManagementException(java.security.KeyManagementException) IdentityException(org.hyperledger.fabric_ca.sdk.exception.IdentityException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) EnrollmentException(org.hyperledger.fabric_ca.sdk.exception.EnrollmentException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) RevocationException(org.hyperledger.fabric_ca.sdk.exception.RevocationException) ParseException(org.apache.http.ParseException) MalformedURLException(java.net.MalformedURLException) InfoException(org.hyperledger.fabric_ca.sdk.exception.InfoException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) HTTPException(org.hyperledger.fabric_ca.sdk.exception.HTTPException)

Example 2 with InvalidArgumentException

use of org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException in project fabric-sdk-java by hyperledger.

the class HFCAClient method setUpSSL.

private void setUpSSL() throws InvalidArgumentException {
    if (cryptoPrimitives == null) {
        try {
            cryptoPrimitives = new CryptoPrimitives();
            cryptoPrimitives.init();
        } catch (Exception e) {
            throw new InvalidArgumentException(e);
        }
    }
    if (isSSL && null == registry) {
        if (properties.containsKey("pemBytes") && properties.containsKey("pemFile")) {
            throw new InvalidArgumentException("Properties can not have both \"pemBytes\" and \"pemFile\" specified. ");
        }
        try {
            if (properties.containsKey("pemBytes")) {
                byte[] pemBytes = (byte[]) properties.get("pemBytes");
                cryptoPrimitives.addCACertificateToTrustStore(pemBytes, pemBytes.toString());
            } else {
                String pemFile = properties.getProperty("pemFile");
                if (pemFile != null) {
                    cryptoPrimitives.addCACertificateToTrustStore(new File(pemFile), pemFile);
                }
            }
            SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(cryptoPrimitives.getTrustStore(), null).build();
            ConnectionSocketFactory sf;
            if (null != properties && "true".equals(properties.getProperty("allowAllHostNames"))) {
                AllHostsSSLSocketFactory msf = new AllHostsSSLSocketFactory(cryptoPrimitives.getTrustStore());
                msf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
                sf = msf;
            } else {
                sf = new SSLConnectionSocketFactory(sslContext);
            }
            registry = RegistryBuilder.<ConnectionSocketFactory>create().register("https", sf).register("http", new PlainConnectionSocketFactory()).build();
        } catch (Exception e) {
            logger.error(e);
            throw new InvalidArgumentException(e);
        }
    }
}
Also used : SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory) PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory) InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) SSLContext(javax.net.ssl.SSLContext) PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory) File(java.io.File) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException) URISyntaxException(java.net.URISyntaxException) RegistrationException(org.hyperledger.fabric_ca.sdk.exception.RegistrationException) KeyStoreException(java.security.KeyStoreException) AffiliationException(org.hyperledger.fabric_ca.sdk.exception.AffiliationException) GenerateCRLException(org.hyperledger.fabric_ca.sdk.exception.GenerateCRLException) KeyManagementException(java.security.KeyManagementException) IdentityException(org.hyperledger.fabric_ca.sdk.exception.IdentityException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) EnrollmentException(org.hyperledger.fabric_ca.sdk.exception.EnrollmentException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) RevocationException(org.hyperledger.fabric_ca.sdk.exception.RevocationException) ParseException(org.apache.http.ParseException) MalformedURLException(java.net.MalformedURLException) InfoException(org.hyperledger.fabric_ca.sdk.exception.InfoException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) HTTPException(org.hyperledger.fabric_ca.sdk.exception.HTTPException) CryptoPrimitives(org.hyperledger.fabric.sdk.security.CryptoPrimitives)

Example 3 with InvalidArgumentException

use of org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException in project fabric-sdk-java by hyperledger.

the class HFCAClient method generateCRL.

/**
 * Generate certificate revocation list.
 *
 * @param registrar     admin user configured in CA-server
 * @param revokedBefore Restrict certificates returned to revoked before this date if not null.
 * @param revokedAfter  Restrict certificates returned to revoked after this date if not null.
 * @param expireBefore  Restrict certificates returned to expired before this date if not null.
 * @param expireAfter   Restrict certificates returned to expired after this date if not null.
 * @throws InvalidArgumentException
 */
public String generateCRL(User registrar, Date revokedBefore, Date revokedAfter, Date expireBefore, Date expireAfter) throws InvalidArgumentException, GenerateCRLException {
    if (cryptoSuite == null) {
        throw new InvalidArgumentException("Crypto primitives not set.");
    }
    if (registrar == null) {
        throw new InvalidArgumentException("registrar is not set");
    }
    try {
        setUpSSL();
        // ---------------------------------------
        JsonObjectBuilder factory = Json.createObjectBuilder();
        if (revokedBefore != null) {
            factory.add("revokedBefore", toJson(revokedBefore));
        }
        if (revokedAfter != null) {
            factory.add("revokedAfter", toJson(revokedAfter));
        }
        if (expireBefore != null) {
            factory.add("expireBefore", toJson(expireBefore));
        }
        if (expireAfter != null) {
            factory.add("expireAfter", toJson(expireAfter));
        }
        if (caName != null) {
            factory.add(HFCAClient.FABRIC_CA_REQPROP, caName);
        }
        JsonObject jsonObject = factory.build();
        StringWriter stringWriter = new StringWriter();
        JsonWriter jsonWriter = Json.createWriter(new PrintWriter(stringWriter));
        jsonWriter.writeObject(jsonObject);
        jsonWriter.close();
        String body = stringWriter.toString();
        // ---------------------------------------
        // send revoke request
        JsonObject ret = httpPost(url + HFCA_GENCRL, body, registrar);
        return ret.getString("CRL");
    } catch (Exception e) {
        logger.error(e.getMessage(), e);
        throw new GenerateCRLException(e.getMessage(), e);
    }
}
Also used : GenerateCRLException(org.hyperledger.fabric_ca.sdk.exception.GenerateCRLException) InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException) StringWriter(java.io.StringWriter) JsonObject(javax.json.JsonObject) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) JsonObjectBuilder(javax.json.JsonObjectBuilder) JsonWriter(javax.json.JsonWriter) InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException) URISyntaxException(java.net.URISyntaxException) RegistrationException(org.hyperledger.fabric_ca.sdk.exception.RegistrationException) KeyStoreException(java.security.KeyStoreException) AffiliationException(org.hyperledger.fabric_ca.sdk.exception.AffiliationException) GenerateCRLException(org.hyperledger.fabric_ca.sdk.exception.GenerateCRLException) KeyManagementException(java.security.KeyManagementException) IdentityException(org.hyperledger.fabric_ca.sdk.exception.IdentityException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) EnrollmentException(org.hyperledger.fabric_ca.sdk.exception.EnrollmentException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) RevocationException(org.hyperledger.fabric_ca.sdk.exception.RevocationException) ParseException(org.apache.http.ParseException) MalformedURLException(java.net.MalformedURLException) InfoException(org.hyperledger.fabric_ca.sdk.exception.InfoException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) HTTPException(org.hyperledger.fabric_ca.sdk.exception.HTTPException) PrintWriter(java.io.PrintWriter)

Example 4 with InvalidArgumentException

use of org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException in project fabric-sdk-java by hyperledger.

the class HFCAClient method getHFCAIdentities.

/**
 * gets all identities that the registrar is allowed to see
 *
 * @param registrar The identity of the registrar (i.e. who is performing the registration).
 * @return the identity that was requested
 * @throws IdentityException        if adding an identity fails.
 * @throws InvalidArgumentException Invalid (null) argument specified
 */
public Collection<HFCAIdentity> getHFCAIdentities(User registrar) throws IdentityException, InvalidArgumentException {
    if (registrar == null) {
        throw new InvalidArgumentException("Registrar should be a valid member");
    }
    logger.debug(format("identity  url: %s, registrar: %s", url, registrar.getName()));
    try {
        JsonObject result = httpGet(HFCAIdentity.HFCA_IDENTITY, registrar);
        Collection<HFCAIdentity> allIdentities = new ArrayList<HFCAIdentity>();
        JsonArray identities = result.getJsonArray("identities");
        if (identities != null && !identities.isEmpty()) {
            for (int i = 0; i < identities.size(); i++) {
                JsonObject identity = identities.getJsonObject(i);
                HFCAIdentity idObj = new HFCAIdentity(identity);
                allIdentities.add(idObj);
            }
        }
        logger.debug(format("identity  url: %s, registrar: %s done.", url, registrar));
        return allIdentities;
    } catch (HTTPException e) {
        String msg = format("[HTTP Status Code: %d] - Error while getting all users from url '%s': %s", e.getStatusCode(), url, e.getMessage());
        IdentityException identityException = new IdentityException(msg, e);
        logger.error(msg);
        throw identityException;
    } catch (Exception e) {
        String msg = format("Error while getting all users from url '%s': %s", url, e.getMessage());
        IdentityException identityException = new IdentityException(msg, e);
        logger.error(msg);
        throw identityException;
    }
}
Also used : JsonArray(javax.json.JsonArray) InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException) HTTPException(org.hyperledger.fabric_ca.sdk.exception.HTTPException) ArrayList(java.util.ArrayList) JsonObject(javax.json.JsonObject) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) IdentityException(org.hyperledger.fabric_ca.sdk.exception.IdentityException) InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException) URISyntaxException(java.net.URISyntaxException) RegistrationException(org.hyperledger.fabric_ca.sdk.exception.RegistrationException) KeyStoreException(java.security.KeyStoreException) AffiliationException(org.hyperledger.fabric_ca.sdk.exception.AffiliationException) GenerateCRLException(org.hyperledger.fabric_ca.sdk.exception.GenerateCRLException) KeyManagementException(java.security.KeyManagementException) IdentityException(org.hyperledger.fabric_ca.sdk.exception.IdentityException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) EnrollmentException(org.hyperledger.fabric_ca.sdk.exception.EnrollmentException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) RevocationException(org.hyperledger.fabric_ca.sdk.exception.RevocationException) ParseException(org.apache.http.ParseException) MalformedURLException(java.net.MalformedURLException) InfoException(org.hyperledger.fabric_ca.sdk.exception.InfoException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) HTTPException(org.hyperledger.fabric_ca.sdk.exception.HTTPException)

Example 5 with InvalidArgumentException

use of org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException in project fabric-sdk-java by hyperledger.

the class HFCAIdentity method read.

/**
 * read retrieves a specific identity
 *
 * @param registrar The identity of the registrar (i.e. who is performing the registration).
 * @return statusCode The HTTP status code in the response
 * @throws IdentityException    if retrieving an identity fails.
 * @throws InvalidArgumentException Invalid (null) argument specified
 */
public int read(User registrar) throws IdentityException, InvalidArgumentException {
    if (registrar == null) {
        throw new InvalidArgumentException("Registrar should be a valid member");
    }
    String readIdURL = "";
    try {
        readIdURL = HFCA_IDENTITY + "/" + enrollmentID;
        logger.debug(format("identity  url: %s, registrar: %s", readIdURL, registrar.getName()));
        JsonObject result = client.httpGet(readIdURL, registrar);
        statusCode = result.getInt("statusCode");
        if (statusCode < 400) {
            type = result.getString("type");
            maxEnrollments = result.getInt("max_enrollments");
            affiliation = result.getString("affiliation");
            JsonArray attributes = result.getJsonArray("attrs");
            Collection<Attribute> attrs = new ArrayList<Attribute>();
            if (attributes != null && !attributes.isEmpty()) {
                for (int i = 0; i < attributes.size(); i++) {
                    JsonObject attribute = attributes.getJsonObject(i);
                    Attribute attr = new Attribute(attribute.getString("name"), attribute.getString("value"), attribute.getBoolean("ecert", false));
                    attrs.add(attr);
                }
            }
            this.attrs = attrs;
            logger.debug(format("identity  url: %s, registrar: %s done.", readIdURL, registrar));
        }
        this.deleted = false;
        return statusCode;
    } catch (HTTPException e) {
        String msg = format("[Code: %d] - Error while getting user '%s' from url '%s': %s", e.getStatusCode(), getEnrollmentId(), readIdURL, e.getMessage());
        IdentityException identityException = new IdentityException(msg, e);
        logger.error(msg);
        throw identityException;
    } catch (Exception e) {
        String msg = format("Error while getting user '%s' from url '%s': %s", enrollmentID, readIdURL, e.getMessage());
        IdentityException identityException = new IdentityException(msg, e);
        logger.error(msg);
        throw identityException;
    }
}
Also used : JsonArray(javax.json.JsonArray) InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException) HTTPException(org.hyperledger.fabric_ca.sdk.exception.HTTPException) ArrayList(java.util.ArrayList) JsonObject(javax.json.JsonObject) IdentityException(org.hyperledger.fabric_ca.sdk.exception.IdentityException) InvalidArgumentException(org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException) IdentityException(org.hyperledger.fabric_ca.sdk.exception.IdentityException) HTTPException(org.hyperledger.fabric_ca.sdk.exception.HTTPException) AffiliationException(org.hyperledger.fabric_ca.sdk.exception.AffiliationException)

Aggregations

AffiliationException (org.hyperledger.fabric_ca.sdk.exception.AffiliationException)18 HTTPException (org.hyperledger.fabric_ca.sdk.exception.HTTPException)18 InvalidArgumentException (org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException)18 JsonObject (javax.json.JsonObject)17 IdentityException (org.hyperledger.fabric_ca.sdk.exception.IdentityException)14 IOException (java.io.IOException)10 MalformedURLException (java.net.MalformedURLException)10 URISyntaxException (java.net.URISyntaxException)10 KeyManagementException (java.security.KeyManagementException)10 KeyStoreException (java.security.KeyStoreException)10 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)10 UnrecoverableKeyException (java.security.UnrecoverableKeyException)10 CertificateException (java.security.cert.CertificateException)10 ParseException (org.apache.http.ParseException)10 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)10 EnrollmentException (org.hyperledger.fabric_ca.sdk.exception.EnrollmentException)10 GenerateCRLException (org.hyperledger.fabric_ca.sdk.exception.GenerateCRLException)10 InfoException (org.hyperledger.fabric_ca.sdk.exception.InfoException)10 RegistrationException (org.hyperledger.fabric_ca.sdk.exception.RegistrationException)10 RevocationException (org.hyperledger.fabric_ca.sdk.exception.RevocationException)10