use of org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException in project fabric-sdk-java by hyperledger.
the class HFCAAffiliation method create.
/**
* create an affiliation
*
* @param registrar The identity of the registrar (i.e. who is performing the registration).
* @param force Forces the creation of parent affiliations
* @return Response of request
* @throws AffiliationException if adding an affiliation fails.
* @throws InvalidArgumentException
*/
public HFCAAffiliationResp create(User registrar, boolean force) throws AffiliationException, InvalidArgumentException {
if (registrar == null) {
throw new InvalidArgumentException("Registrar should be a valid member");
}
String createURL = "";
try {
createURL = client.getURL(HFCA_AFFILIATION);
logger.debug(format("affiliation url: %s, registrar: %s", createURL, registrar.getName()));
Map<String, String> queryParm = new HashMap<String, String>();
queryParm.put("force", String.valueOf(force));
String body = client.toJson(affToJsonObject());
JsonObject result = client.httpPost(createURL, body, registrar);
logger.debug(format("identity url: %s, registrar: %s done.", createURL, registrar));
this.deleted = false;
return getResponse(result);
} catch (HTTPException e) {
String msg = format("[Code: %d] - Error while creating affiliation '%s' from url '%s': %s", e.getStatusCode(), this.name, createURL, e.getMessage());
AffiliationException affiliationException = new AffiliationException(msg, e);
logger.error(msg);
throw affiliationException;
} catch (Exception e) {
String msg = format("Error while creating affiliation %s url: %s %s ", this.name, createURL, e.getMessage());
AffiliationException affiliationException = new AffiliationException(msg, e);
logger.error(msg);
throw affiliationException;
}
}
use of org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException in project fabric-sdk-java by hyperledger.
the class HFCAClient method reenroll.
/**
* Re-Enroll the user with member service
*
* @param user User to be re-enrolled
* @param req Enrollment request with the following fields: hosts, profile, csr, label
* @return enrollment
* @throws EnrollmentException
* @throws InvalidArgumentException
*/
public Enrollment reenroll(User user, EnrollmentRequest req) throws EnrollmentException, InvalidArgumentException {
if (cryptoSuite == null) {
throw new InvalidArgumentException("Crypto primitives not set.");
}
if (user == null) {
throw new InvalidArgumentException("reenrollment user is missing");
}
if (user.getEnrollment() == null) {
throw new InvalidArgumentException("reenrollment user is not a valid user object");
}
logger.debug(format("re-enroll user: %s, url: %s", user.getName(), url));
try {
setUpSSL();
PublicKey publicKey = cryptoSuite.bytesToCertificate(user.getEnrollment().getCert().getBytes(StandardCharsets.UTF_8)).getPublicKey();
KeyPair keypair = new KeyPair(publicKey, user.getEnrollment().getKey());
// generate CSR
String pem = cryptoSuite.generateCertificationRequest(user.getName(), keypair);
// build request body
req.setCSR(pem);
if (caName != null && !caName.isEmpty()) {
req.setCAName(caName);
}
String body = req.toJson();
// build authentication header
JsonObject result = httpPost(url + HFCA_REENROLL, body, user);
// get new cert from response
Base64.Decoder b64dec = Base64.getDecoder();
String signedPem = new String(b64dec.decode(result.getString("Cert").getBytes(UTF_8)));
logger.debug(format("[HFCAClient] re-enroll returned pem:[%s]", signedPem));
logger.debug(format("reenroll user %s done.", user.getName()));
return new HFCAEnrollment(keypair, signedPem);
} catch (EnrollmentException ee) {
logger.error(ee.getMessage(), ee);
throw ee;
} catch (Exception e) {
EnrollmentException ee = new EnrollmentException(format("Failed to re-enroll user %s", user), e);
logger.error(e.getMessage(), e);
throw ee;
}
}
use of org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException in project fabric-sdk-java by hyperledger.
the class HFCAClient method getHFCAAffiliations.
/**
* gets all affiliations that the registrar is allowed to see
*
* @param registrar The identity of the registrar (i.e. who is performing the registration).
* @return The affiliations that were requested
* @throws AffiliationException if getting all affiliations fails
* @throws InvalidArgumentException
*/
public HFCAAffiliation getHFCAAffiliations(User registrar) throws AffiliationException, InvalidArgumentException {
if (cryptoSuite == null) {
throw new InvalidArgumentException("Crypto primitives not set.");
}
if (registrar == null) {
throw new InvalidArgumentException("Registrar should be a valid member");
}
logger.debug(format("affiliations url: %s, registrar: %s", url, registrar.getName()));
try {
JsonObject result = httpGet(HFCAAffiliation.HFCA_AFFILIATION, registrar);
HFCAAffiliation affiliations = new HFCAAffiliation(result);
logger.debug(format("affiliations url: %s, registrar: %s done.", url, registrar));
return affiliations;
} catch (HTTPException e) {
String msg = format("[HTTP Status Code: %d] - Error while getting all affiliations from url '%s': %s", e.getStatusCode(), url, e.getMessage());
AffiliationException affiliationException = new AffiliationException(msg, e);
logger.error(msg);
throw affiliationException;
} catch (Exception e) {
String msg = format("Error while getting all affiliations from url '%s': %s", url, e.getMessage());
AffiliationException affiliationException = new AffiliationException(msg, e);
logger.error(msg);
throw affiliationException;
}
}
use of org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException in project fabric-sdk-java by hyperledger.
the class HFCAClient method revokeInternal.
private String revokeInternal(User revoker, Enrollment enrollment, String reason, boolean genCRL) throws RevocationException, InvalidArgumentException {
if (cryptoSuite == null) {
throw new InvalidArgumentException("Crypto primitives not set.");
}
if (enrollment == null) {
throw new InvalidArgumentException("revokee enrollment is not set");
}
if (revoker == null) {
throw new InvalidArgumentException("revoker is not set");
}
logger.debug(format("revoke revoker: %s, reason: %s, url: %s", revoker.getName(), reason, url));
try {
setUpSSL();
// get cert from to-be-revoked enrollment
BufferedInputStream pem = new BufferedInputStream(new ByteArrayInputStream(enrollment.getCert().getBytes()));
CertificateFactory certFactory = CertificateFactory.getInstance(Config.getConfig().getCertificateFormat());
X509Certificate certificate = (X509Certificate) certFactory.generateCertificate(pem);
// get its serial number
String serial = DatatypeConverter.printHexBinary(certificate.getSerialNumber().toByteArray());
// get its aki
// 2.5.29.35 : AuthorityKeyIdentifier
byte[] extensionValue = certificate.getExtensionValue(Extension.authorityKeyIdentifier.getId());
ASN1OctetString akiOc = ASN1OctetString.getInstance(extensionValue);
String aki = DatatypeConverter.printHexBinary(AuthorityKeyIdentifier.getInstance(akiOc.getOctets()).getKeyIdentifier());
// build request body
RevocationRequest req = new RevocationRequest(caName, null, serial, aki, reason, genCRL);
String body = req.toJson();
// send revoke request
JsonObject resp = httpPost(url + HFCA_REVOKE, body, revoker);
logger.debug("revoke done");
if (genCRL) {
if (resp.isEmpty()) {
throw new RevocationException("Failed to return CRL, revoke response is empty");
}
if (resp.isNull("CRL")) {
throw new RevocationException("Failed to return CRL");
}
return resp.getString("CRL");
}
return null;
} catch (CertificateException e) {
logger.error("Cannot validate certificate. Error is: " + e.getMessage());
throw new RevocationException("Error while revoking cert. " + e.getMessage(), e);
} catch (Exception e) {
logger.error(e.getMessage(), e);
throw new RevocationException("Error while revoking the user. " + e.getMessage(), e);
}
}
use of org.hyperledger.fabric_ca.sdk.exception.InvalidArgumentException in project fabric-sdk-java by hyperledger.
the class HFCAClient method info.
/**
* Return information on the Fabric Certificate Authority.
* No credentials are needed for this API.
*
* @return {@link HFCAInfo}
* @throws InfoException
* @throws InvalidArgumentException
*/
public HFCAInfo info() throws InfoException, InvalidArgumentException {
logger.debug(format("info url:%s", url));
if (cryptoSuite == null) {
throw new InvalidArgumentException("Crypto primitives not set.");
}
setUpSSL();
try {
JsonObjectBuilder factory = Json.createObjectBuilder();
if (caName != null) {
factory.add(HFCAClient.FABRIC_CA_REQPROP, caName);
}
JsonObject body = factory.build();
String responseBody = httpPost(url + HFCA_INFO, body.toString(), (UsernamePasswordCredentials) null);
logger.debug("response:" + responseBody);
JsonReader reader = Json.createReader(new StringReader(responseBody));
JsonObject jsonst = (JsonObject) reader.read();
boolean success = jsonst.getBoolean("success");
logger.debug(format("[HFCAClient] enroll success:[%s]", success));
if (!success) {
throw new EnrollmentException(format("FabricCA failed info %s", url));
}
JsonObject result = jsonst.getJsonObject("result");
if (result == null) {
throw new InfoException(format("FabricCA info error - response did not contain a result url %s", url));
}
String caName = result.getString("CAName");
String caChain = result.getString("CAChain");
String version = null;
if (result.containsKey("Version")) {
version = result.getString("Version");
}
return new HFCAInfo(caName, caChain, version);
} catch (Exception e) {
InfoException ee = new InfoException(format("Url:%s, Failed to get info", url), e);
logger.error(e.getMessage(), e);
throw ee;
}
}
Aggregations