use of org.wso2.carbon.identity.application.common.model.CertData in project carbon-identity-framework by wso2.
the class KeyStoreAdmin method getPaginatedKeystoreInfo.
/**
* This method will list 1. Certificate aliases 2. Private key alise 3. Private key value to a
* given keystore.
*
* @param keyStoreName The name of the keystore
* @param pageNumber page number
* @return Instance of KeyStoreData
* @throws SecurityConfigException will be thrown
*/
public PaginatedKeyStoreData getPaginatedKeystoreInfo(String keyStoreName, int pageNumber) throws SecurityConfigException {
try {
if (keyStoreName == null) {
throw new Exception("keystore name cannot be null");
}
KeyStore keyStore;
String keyStoreType;
String keyStorePassword = null;
if (KeyStoreUtil.isPrimaryStore(keyStoreName)) {
KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId);
keyStore = keyMan.getPrimaryKeyStore();
ServerConfiguration serverConfig = ServerConfiguration.getInstance();
keyStoreType = serverConfig.getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIMARY_KEYSTORE_TYPE);
keyStorePassword = serverConfig.getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIVATE_KEY_PASSWORD);
} else if (isTrustStore(keyStoreName)) {
KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId);
keyStore = getTrustStore();
ServerConfiguration serverConfig = ServerConfiguration.getInstance();
keyStoreType = serverConfig.getFirstProperty(SERVER_TRUSTSTORE_TYPE);
keyStorePassword = serverConfig.getFirstProperty(SERVER_TRUSTSTORE_PASSWORD);
} else {
String path = SecurityConstants.KEY_STORES + "/" + keyStoreName;
if (!registry.resourceExists(path)) {
throw new SecurityConfigException("Key Store not found");
}
Resource resource = registry.get(path);
KeyStoreManager manager = KeyStoreManager.getInstance(tenantId);
keyStore = getKeyStore(keyStoreName);
keyStoreType = resource.getProperty(SecurityConstants.PROP_TYPE);
String encpass = resource.getProperty(SecurityConstants.PROP_PRIVATE_KEY_PASS);
if (encpass != null) {
CryptoUtil util = CryptoUtil.getDefaultCryptoUtil();
keyStorePassword = new String(util.base64DecodeAndDecrypt(encpass));
}
}
// Fill the information about the certificates
Enumeration<String> aliases = keyStore.aliases();
List<org.wso2.carbon.security.keystore.service.CertData> certDataList = new ArrayList<>();
Format formatter = new SimpleDateFormat("dd/MM/yyyy");
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (keyStore.isCertificateEntry(alias)) {
X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
certDataList.add(fillCertData(cert, alias, formatter));
}
}
// Create a cert array
CertData[] certs = certDataList.toArray(new CertData[certDataList.size()]);
// Create a KeyStoreData bean, set the name and fill in the cert information
PaginatedKeyStoreData keyStoreData = new PaginatedKeyStoreData();
keyStoreData.setKeyStoreName(keyStoreName);
keyStoreData.setPaginatedCertData(doPaging(pageNumber, certs));
keyStoreData.setKeyStoreType(keyStoreType);
List<CertData> keyDataList = new ArrayList<>();
aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (keyStore.isKeyEntry(alias)) {
X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
keyDataList.add(fillCertData(cert, alias, formatter));
}
}
// Create a cert array.
CertData[] keyCerts = keyDataList.toArray(new CertData[keyDataList.size()]);
// Create a KeyStoreData bean, set the name and fill in the cert information.
keyStoreData.setPaginatedKeyData(doPaging(pageNumber, keyCerts));
return keyStoreData;
} catch (Exception e) {
String msg = "Error has encounted while loading the keystore to the given keystore name " + keyStoreName;
log.error(msg, e);
throw new SecurityConfigException(msg);
}
}
use of org.wso2.carbon.identity.application.common.model.CertData in project carbon-identity-framework by wso2.
the class KeyStoreAdmin method extractCertificate.
/**
* Extract the encoded certificate into {@link X509Certificate}.
*
* @param certData encoded certificate.
* @return {@link X509Certificate} object.
* @throws SecurityConfigException if extracting the certificate fails.
*/
public X509Certificate extractCertificate(String certData) throws SecurityConfigException {
byte[] bytes = Base64.decode(certData);
X509Certificate cert;
try {
CertificateFactory factory = CertificateFactory.getInstance("X.509");
cert = (X509Certificate) factory.generateCertificate(new ByteArrayInputStream(bytes));
} catch (CertificateException e) {
if (log.isDebugEnabled()) {
log.debug(e.getMessage(), e);
}
throw new SecurityConfigException("Invalid format of the provided certificate file");
}
return cert;
}
use of org.wso2.carbon.identity.application.common.model.CertData in project carbon-identity-framework by wso2.
the class KeyStoreAdmin method getKeystoreInfo.
/**
* This method will list 1. Certificate aliases 2. Private key alise 3. Private key value to a
* given keystore.
*
* @param keyStoreName The name of the keystore
* @return Instance of KeyStoreData
* @throws SecurityConfigException will be thrown
*/
public KeyStoreData getKeystoreInfo(String keyStoreName) throws SecurityConfigException {
try {
if (keyStoreName == null) {
throw new Exception("keystore name cannot be null");
}
KeyStore keyStore;
String keyStoreType;
String privateKeyPassword = null;
if (KeyStoreUtil.isPrimaryStore(keyStoreName)) {
KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId);
keyStore = keyMan.getPrimaryKeyStore();
ServerConfiguration serverConfig = ServerConfiguration.getInstance();
keyStoreType = serverConfig.getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIMARY_KEYSTORE_TYPE);
privateKeyPassword = serverConfig.getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIVATE_KEY_PASSWORD);
} else if (isTrustStore(keyStoreName)) {
keyStore = getTrustStore();
ServerConfiguration serverConfig = ServerConfiguration.getInstance();
keyStoreType = serverConfig.getFirstProperty(SERVER_TRUSTSTORE_TYPE);
privateKeyPassword = serverConfig.getFirstProperty(SERVER_TRUSTSTORE_PASSWORD);
} else {
String path = SecurityConstants.KEY_STORES + "/" + keyStoreName;
if (!registry.resourceExists(path)) {
throw new SecurityConfigException("Key Store not found");
}
Resource resource = registry.get(path);
keyStore = getKeyStore(keyStoreName);
keyStoreType = resource.getProperty(SecurityConstants.PROP_TYPE);
String encpass = resource.getProperty(SecurityConstants.PROP_PRIVATE_KEY_PASS);
if (encpass != null) {
CryptoUtil util = CryptoUtil.getDefaultCryptoUtil();
privateKeyPassword = new String(util.base64DecodeAndDecrypt(encpass));
}
}
// Fill the information about the certificates
Enumeration<String> aliases = keyStore.aliases();
List<org.wso2.carbon.security.keystore.service.CertData> certDataList = new ArrayList<>();
Format formatter = new SimpleDateFormat("dd/MM/yyyy");
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (keyStore.isCertificateEntry(alias)) {
X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
certDataList.add(fillCertData(cert, alias, formatter));
}
}
// Create a cert array
CertData[] certs = certDataList.toArray(new CertData[certDataList.size()]);
// Create a KeyStoreData bean, set the name and fill in the cert information
KeyStoreData keyStoreData = new KeyStoreData();
keyStoreData.setKeyStoreName(keyStoreName);
keyStoreData.setCerts(certs);
keyStoreData.setKeyStoreType(keyStoreType);
aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
// There be only one entry in WSAS related keystores
if (keyStore.isKeyEntry(alias)) {
X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
keyStoreData.setKey(fillCertData(cert, alias, formatter));
PrivateKey key = (PrivateKey) keyStore.getKey(alias, privateKeyPassword.toCharArray());
String pemKey;
pemKey = "-----BEGIN PRIVATE KEY-----\n";
pemKey += Base64.encode(key.getEncoded());
pemKey += "\n-----END PRIVATE KEY-----";
keyStoreData.setKeyValue(pemKey);
break;
}
}
return keyStoreData;
} catch (Exception e) {
String msg = "Error has encounted while loading the keystore to the given keystore name " + keyStoreName;
log.error(msg, e);
throw new SecurityConfigException(msg);
}
}
use of org.wso2.carbon.identity.application.common.model.CertData in project carbon-identity-framework by wso2.
the class KeyStoreManagementServiceImpl method getPublicCertificate.
@Override
public Map<String, X509Certificate> getPublicCertificate(String tenantDomain) throws KeyStoreManagementException {
Map<String, X509Certificate> certData = new HashMap<>();
KeyStoreData keyStoreInfo = getKeystoreData(tenantDomain, getKeyStoreName(tenantDomain));
CertData key = keyStoreInfo.getKey();
certData.put(key.getAlias(), ((CertDataDetail) key).getCertificate());
return certData;
}
use of org.wso2.carbon.identity.application.common.model.CertData in project carbon-identity-framework by wso2.
the class KeyStoreManagementServiceImpl method getKeyStoreCertificate.
@Override
public X509Certificate getKeyStoreCertificate(String tenantDomain, String alias) throws KeyStoreManagementException {
if (StringUtils.isEmpty(alias)) {
throw handleClientException(ERROR_CODE_EMPTY_ALIAS, null);
}
KeyStoreData keyStoreInfo = getKeystoreData(tenantDomain, getKeyStoreName(tenantDomain));
CertData key = keyStoreInfo.getKey();
if (key != null && StringUtils.equals(key.getAlias(), alias)) {
return ((CertDataDetail) key).getCertificate();
}
CertData[] certDataArray = keyStoreInfo.getCerts();
for (CertData certData : certDataArray) {
String aliasFromKeyStore = certData.getAlias();
if (StringUtils.equals(aliasFromKeyStore, alias)) {
return ((CertDataDetail) certData).getCertificate();
}
}
return null;
}
Aggregations