Search in sources :

Example 1 with CertificateException

use of org.nhindirect.config.store.CertificateException in project nhin-d by DirectProject.

the class TrustBundleServiceImpl method updateTrustBundleAttributes.

/**
     * {@inheritDoc}
     */
@Override
public void updateTrustBundleAttributes(long trustBundleId, String bundleName, String bundleUrl, Certificate signingCert, int refreshInterval) throws ConfigurationServiceException {
    final TrustBundle oldBundle = dao.getTrustBundleById(trustBundleId);
    String oldBundleURL = "";
    X509Certificate newSigningCert = null;
    // need to know if the URL changed... store off the old URL
    if (oldBundle != null)
        oldBundleURL = oldBundle.getBundleURL();
    try {
        // make sure the cert isn't null before converting to an X509Certificate
        if (signingCert != null && signingCert.toCredential() != null)
            newSigningCert = signingCert.toCredential().getCert();
        dao.updateTrustBundleAttributes(trustBundleId, bundleName, bundleUrl, newSigningCert, refreshInterval);
        // if the URL changed, the bundle needs to be refreshed
        if (!oldBundleURL.equals(bundleUrl)) {
            final TrustBundle bundle = dao.getTrustBundleById(trustBundleId);
            if (bundle != null)
                template.sendBody(bundle);
        }
    } catch (CertificateException e) {
        throw new ConfigurationServiceException(e);
    }
}
Also used : ConfigurationServiceException(org.nhindirect.config.service.ConfigurationServiceException) TrustBundle(org.nhindirect.config.store.TrustBundle) CertificateException(org.nhindirect.config.store.CertificateException) X509Certificate(java.security.cert.X509Certificate)

Example 2 with CertificateException

use of org.nhindirect.config.store.CertificateException in project nhin-d by DirectProject.

the class AnchorDaoImpl method add.

/**
     * Add an anchor
     * 
     * @param anchor 
     *            The anchor to add. 
     */
@Transactional(readOnly = false)
public void add(Anchor anchor) {
    if (log.isDebugEnabled())
        log.debug("Enter");
    if (anchor != null) {
        anchor.setCreateTime(Calendar.getInstance());
        try {
            X509Certificate cert = anchor.toCertificate();
            if (anchor.getValidStartDate() == null) {
                Calendar startDate = Calendar.getInstance();
                startDate.setTime(cert.getNotBefore());
                anchor.setValidStartDate(startDate);
            }
            if (anchor.getValidEndDate() == null) {
                Calendar endDate = Calendar.getInstance();
                endDate.setTime(cert.getNotAfter());
                anchor.setValidEndDate(endDate);
            }
            if (anchor.getStatus() == null)
                anchor.setStatus(EntityStatus.NEW);
        } catch (CertificateException e) {
        }
        if (log.isDebugEnabled())
            log.debug("Calling JPA to persist the Anchor");
        entityManager.persist(anchor);
        entityManager.flush();
        if (log.isDebugEnabled())
            log.debug("Returned from JPA: Anchor ID=" + anchor.getId());
    }
    if (log.isDebugEnabled())
        log.debug("Exit");
}
Also used : Calendar(java.util.Calendar) CertificateException(org.nhindirect.config.store.CertificateException) X509Certificate(java.security.cert.X509Certificate) Transactional(org.springframework.transaction.annotation.Transactional)

Example 3 with CertificateException

use of org.nhindirect.config.store.CertificateException in project nhin-d by DirectProject.

the class EntityModelConversion method toEntityTrustBundle.

public static org.nhindirect.config.store.TrustBundle toEntityTrustBundle(TrustBundle bundle) {
    if (bundle == null)
        return null;
    final org.nhindirect.config.store.TrustBundle retVal = new org.nhindirect.config.store.TrustBundle();
    final Collection<org.nhindirect.config.store.TrustBundleAnchor> trustAnchors = new ArrayList<org.nhindirect.config.store.TrustBundleAnchor>();
    if (bundle.getTrustBundleAnchors() != null) {
        for (TrustBundleAnchor anchor : bundle.getTrustBundleAnchors()) {
            final org.nhindirect.config.store.TrustBundleAnchor retAnchor = new org.nhindirect.config.store.TrustBundleAnchor();
            try {
                retAnchor.setData(anchor.getAnchorData());
            } catch (CertificateException e) {
                throw new CertificateConversionException(e);
            }
            // the entity object sets all other attributes based on the cert data,
            // no need to explicitly set it here
            retAnchor.setTrustBundle(retVal);
            trustAnchors.add(retAnchor);
        }
    }
    retVal.setBundleName(bundle.getBundleName());
    retVal.setBundleURL(bundle.getBundleURL());
    if (bundle.getCheckSum() == null)
        retVal.setCheckSum("");
    else
        retVal.setCheckSum(bundle.getCheckSum());
    retVal.setCreateTime(bundle.getCreateTime());
    retVal.setId(bundle.getId());
    retVal.setLastRefreshAttempt(bundle.getLastRefreshAttempt());
    if (bundle.getLastRefreshError() != null)
        retVal.setLastRefreshError(org.nhindirect.config.store.BundleRefreshError.valueOf(bundle.getLastRefreshError().toString()));
    retVal.setLastSuccessfulRefresh(bundle.getLastSuccessfulRefresh());
    retVal.setRefreshInterval(bundle.getRefreshInterval());
    if (bundle.getSigningCertificateData() != null) {
        try {
            retVal.setSigningCertificateData(bundle.getSigningCertificateData());
        } catch (CertificateException e) {
            throw new CertificateConversionException(e);
        }
    }
    retVal.setTrustBundleAnchors(trustAnchors);
    return retVal;
}
Also used : ArrayList(java.util.ArrayList) TrustBundle(org.nhindirect.config.model.TrustBundle) CertificateException(org.nhindirect.config.store.CertificateException) CertificateConversionException(org.nhindirect.config.model.exceptions.CertificateConversionException) TrustBundleAnchor(org.nhindirect.config.model.TrustBundleAnchor)

Example 4 with CertificateException

use of org.nhindirect.config.store.CertificateException in project nhin-d by DirectProject.

the class CertificateDaoImpl method save.

/*
     * (non-Javadoc)
     * 
     * @see org.nhindirect.config.store.dao.CertificateDao#save(java.util.List)
     */
@Transactional(readOnly = false)
public void save(List<Certificate> certList) {
    if (log.isDebugEnabled())
        log.debug("Enter");
    if (certList != null && certList.size() > 0) {
        for (Certificate cert : certList) {
            cert.setCreateTime(Calendar.getInstance());
            try {
                CertUtils.CertContainer container = null;
                X509Certificate xcert = null;
                try {
                    // this might be an X509Certificate or a P12 key store.. assume there is no protection for P12 key stores... 
                    container = CertUtils.toCertContainer(cert.getData());
                    xcert = container.getCert();
                } catch (Exception e) {
                // probably not a certificate but an IPKIX URL
                }
                if (cert.getValidStartDate() == null && xcert != null) {
                    Calendar startDate = Calendar.getInstance();
                    startDate.setTime(xcert.getNotBefore());
                    cert.setValidStartDate(startDate);
                }
                if (cert.getValidEndDate() == null && xcert != null) {
                    Calendar endDate = Calendar.getInstance();
                    endDate.setTime(xcert.getNotAfter());
                    cert.setValidEndDate(endDate);
                }
                if (cert.getStatus() == null)
                    cert.setStatus(EntityStatus.NEW);
                cert.setPrivateKey(container != null && (container.getKey() != null || container.getWrappedKeyData() != null));
                // if the key store protection manager is set and this is a P12 file, convert the cert data into a protected P12 file
                if (cert.isPrivateKey() && kspMgr != null && container.getKey() != null) {
                    try {
                        final String newKeystorePassPhrase = new String(kspMgr.getKeyStoreProtectionKey().getEncoded());
                        final String newPrivateKeyPassPhrase = new String(kspMgr.getPrivateKeyProtectionKey().getEncoded());
                        cert.setRawData(CertUtils.changePkcs12Protection(cert.getData(), "".toCharArray(), "".toCharArray(), newKeystorePassPhrase.toCharArray(), newPrivateKeyPassPhrase.toCharArray()));
                    } catch (Exception e) {
                        throw new RuntimeException("Error converting P12 to encrypted/protected format", e);
                    }
                }
            } catch (CertificateException e) {
            }
            if (log.isDebugEnabled())
                log.debug("Calling JPA to persist the Certificate");
            entityManager.persist(cert);
            if (log.isDebugEnabled())
                log.debug("Returned from JPA: Certificate ID=" + cert.getId());
        }
        entityManager.flush();
    }
    if (log.isDebugEnabled())
        log.debug("Exit");
}
Also used : CertUtils(org.nhindirect.config.model.utils.CertUtils) Calendar(java.util.Calendar) CertificateException(org.nhindirect.config.store.CertificateException) X509Certificate(java.security.cert.X509Certificate) CertificateConversionException(org.nhindirect.config.model.exceptions.CertificateConversionException) CertificateException(org.nhindirect.config.store.CertificateException) X509Certificate(java.security.cert.X509Certificate) Certificate(org.nhindirect.config.store.Certificate) Transactional(org.springframework.transaction.annotation.Transactional)

Aggregations

CertificateException (org.nhindirect.config.store.CertificateException)4 X509Certificate (java.security.cert.X509Certificate)3 Calendar (java.util.Calendar)2 CertificateConversionException (org.nhindirect.config.model.exceptions.CertificateConversionException)2 Transactional (org.springframework.transaction.annotation.Transactional)2 ArrayList (java.util.ArrayList)1 TrustBundle (org.nhindirect.config.model.TrustBundle)1 TrustBundleAnchor (org.nhindirect.config.model.TrustBundleAnchor)1 CertUtils (org.nhindirect.config.model.utils.CertUtils)1 ConfigurationServiceException (org.nhindirect.config.service.ConfigurationServiceException)1 Certificate (org.nhindirect.config.store.Certificate)1 TrustBundle (org.nhindirect.config.store.TrustBundle)1