use of org.nhindirect.config.store.CertificateException in project nhin-d by DirectProject.
the class TrustBundleServiceImpl method updateTrustBundleAttributes.
/**
* {@inheritDoc}
*/
@Override
public void updateTrustBundleAttributes(long trustBundleId, String bundleName, String bundleUrl, Certificate signingCert, int refreshInterval) throws ConfigurationServiceException {
final TrustBundle oldBundle = dao.getTrustBundleById(trustBundleId);
String oldBundleURL = "";
X509Certificate newSigningCert = null;
// need to know if the URL changed... store off the old URL
if (oldBundle != null)
oldBundleURL = oldBundle.getBundleURL();
try {
// make sure the cert isn't null before converting to an X509Certificate
if (signingCert != null && signingCert.toCredential() != null)
newSigningCert = signingCert.toCredential().getCert();
dao.updateTrustBundleAttributes(trustBundleId, bundleName, bundleUrl, newSigningCert, refreshInterval);
// if the URL changed, the bundle needs to be refreshed
if (!oldBundleURL.equals(bundleUrl)) {
final TrustBundle bundle = dao.getTrustBundleById(trustBundleId);
if (bundle != null)
template.sendBody(bundle);
}
} catch (CertificateException e) {
throw new ConfigurationServiceException(e);
}
}
use of org.nhindirect.config.store.CertificateException in project nhin-d by DirectProject.
the class AnchorDaoImpl method add.
/**
* Add an anchor
*
* @param anchor
* The anchor to add.
*/
@Transactional(readOnly = false)
public void add(Anchor anchor) {
if (log.isDebugEnabled())
log.debug("Enter");
if (anchor != null) {
anchor.setCreateTime(Calendar.getInstance());
try {
X509Certificate cert = anchor.toCertificate();
if (anchor.getValidStartDate() == null) {
Calendar startDate = Calendar.getInstance();
startDate.setTime(cert.getNotBefore());
anchor.setValidStartDate(startDate);
}
if (anchor.getValidEndDate() == null) {
Calendar endDate = Calendar.getInstance();
endDate.setTime(cert.getNotAfter());
anchor.setValidEndDate(endDate);
}
if (anchor.getStatus() == null)
anchor.setStatus(EntityStatus.NEW);
} catch (CertificateException e) {
}
if (log.isDebugEnabled())
log.debug("Calling JPA to persist the Anchor");
entityManager.persist(anchor);
entityManager.flush();
if (log.isDebugEnabled())
log.debug("Returned from JPA: Anchor ID=" + anchor.getId());
}
if (log.isDebugEnabled())
log.debug("Exit");
}
use of org.nhindirect.config.store.CertificateException in project nhin-d by DirectProject.
the class EntityModelConversion method toEntityTrustBundle.
public static org.nhindirect.config.store.TrustBundle toEntityTrustBundle(TrustBundle bundle) {
if (bundle == null)
return null;
final org.nhindirect.config.store.TrustBundle retVal = new org.nhindirect.config.store.TrustBundle();
final Collection<org.nhindirect.config.store.TrustBundleAnchor> trustAnchors = new ArrayList<org.nhindirect.config.store.TrustBundleAnchor>();
if (bundle.getTrustBundleAnchors() != null) {
for (TrustBundleAnchor anchor : bundle.getTrustBundleAnchors()) {
final org.nhindirect.config.store.TrustBundleAnchor retAnchor = new org.nhindirect.config.store.TrustBundleAnchor();
try {
retAnchor.setData(anchor.getAnchorData());
} catch (CertificateException e) {
throw new CertificateConversionException(e);
}
// the entity object sets all other attributes based on the cert data,
// no need to explicitly set it here
retAnchor.setTrustBundle(retVal);
trustAnchors.add(retAnchor);
}
}
retVal.setBundleName(bundle.getBundleName());
retVal.setBundleURL(bundle.getBundleURL());
if (bundle.getCheckSum() == null)
retVal.setCheckSum("");
else
retVal.setCheckSum(bundle.getCheckSum());
retVal.setCreateTime(bundle.getCreateTime());
retVal.setId(bundle.getId());
retVal.setLastRefreshAttempt(bundle.getLastRefreshAttempt());
if (bundle.getLastRefreshError() != null)
retVal.setLastRefreshError(org.nhindirect.config.store.BundleRefreshError.valueOf(bundle.getLastRefreshError().toString()));
retVal.setLastSuccessfulRefresh(bundle.getLastSuccessfulRefresh());
retVal.setRefreshInterval(bundle.getRefreshInterval());
if (bundle.getSigningCertificateData() != null) {
try {
retVal.setSigningCertificateData(bundle.getSigningCertificateData());
} catch (CertificateException e) {
throw new CertificateConversionException(e);
}
}
retVal.setTrustBundleAnchors(trustAnchors);
return retVal;
}
use of org.nhindirect.config.store.CertificateException in project nhin-d by DirectProject.
the class CertificateDaoImpl method save.
/*
* (non-Javadoc)
*
* @see org.nhindirect.config.store.dao.CertificateDao#save(java.util.List)
*/
@Transactional(readOnly = false)
public void save(List<Certificate> certList) {
if (log.isDebugEnabled())
log.debug("Enter");
if (certList != null && certList.size() > 0) {
for (Certificate cert : certList) {
cert.setCreateTime(Calendar.getInstance());
try {
CertUtils.CertContainer container = null;
X509Certificate xcert = null;
try {
// this might be an X509Certificate or a P12 key store.. assume there is no protection for P12 key stores...
container = CertUtils.toCertContainer(cert.getData());
xcert = container.getCert();
} catch (Exception e) {
// probably not a certificate but an IPKIX URL
}
if (cert.getValidStartDate() == null && xcert != null) {
Calendar startDate = Calendar.getInstance();
startDate.setTime(xcert.getNotBefore());
cert.setValidStartDate(startDate);
}
if (cert.getValidEndDate() == null && xcert != null) {
Calendar endDate = Calendar.getInstance();
endDate.setTime(xcert.getNotAfter());
cert.setValidEndDate(endDate);
}
if (cert.getStatus() == null)
cert.setStatus(EntityStatus.NEW);
cert.setPrivateKey(container != null && (container.getKey() != null || container.getWrappedKeyData() != null));
// if the key store protection manager is set and this is a P12 file, convert the cert data into a protected P12 file
if (cert.isPrivateKey() && kspMgr != null && container.getKey() != null) {
try {
final String newKeystorePassPhrase = new String(kspMgr.getKeyStoreProtectionKey().getEncoded());
final String newPrivateKeyPassPhrase = new String(kspMgr.getPrivateKeyProtectionKey().getEncoded());
cert.setRawData(CertUtils.changePkcs12Protection(cert.getData(), "".toCharArray(), "".toCharArray(), newKeystorePassPhrase.toCharArray(), newPrivateKeyPassPhrase.toCharArray()));
} catch (Exception e) {
throw new RuntimeException("Error converting P12 to encrypted/protected format", e);
}
}
} catch (CertificateException e) {
}
if (log.isDebugEnabled())
log.debug("Calling JPA to persist the Certificate");
entityManager.persist(cert);
if (log.isDebugEnabled())
log.debug("Returned from JPA: Certificate ID=" + cert.getId());
}
entityManager.flush();
}
if (log.isDebugEnabled())
log.debug("Exit");
}
Aggregations