use of org.wso2.carbon.security.keystore.service.KeyStoreData in project carbon-identity-framework by wso2.
the class KeyStoreAdmin method getPaginatedKeystoreInfo.
/**
* This method will list 1. Certificate aliases 2. Private key alise 3. Private key value to a
* given keystore.
*
* @param keyStoreName The name of the keystore
* @param pageNumber page number
* @return Instance of KeyStoreData
* @throws SecurityConfigException will be thrown
*/
public PaginatedKeyStoreData getPaginatedKeystoreInfo(String keyStoreName, int pageNumber) throws SecurityConfigException {
try {
if (keyStoreName == null) {
throw new Exception("keystore name cannot be null");
}
KeyStore keyStore;
String keyStoreType;
String keyStorePassword = null;
if (KeyStoreUtil.isPrimaryStore(keyStoreName)) {
KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId);
keyStore = keyMan.getPrimaryKeyStore();
ServerConfiguration serverConfig = ServerConfiguration.getInstance();
keyStoreType = serverConfig.getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIMARY_KEYSTORE_TYPE);
keyStorePassword = serverConfig.getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIVATE_KEY_PASSWORD);
} else if (isTrustStore(keyStoreName)) {
KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId);
keyStore = getTrustStore();
ServerConfiguration serverConfig = ServerConfiguration.getInstance();
keyStoreType = serverConfig.getFirstProperty(SERVER_TRUSTSTORE_TYPE);
keyStorePassword = serverConfig.getFirstProperty(SERVER_TRUSTSTORE_PASSWORD);
} else {
String path = SecurityConstants.KEY_STORES + "/" + keyStoreName;
if (!registry.resourceExists(path)) {
throw new SecurityConfigException("Key Store not found");
}
Resource resource = registry.get(path);
KeyStoreManager manager = KeyStoreManager.getInstance(tenantId);
keyStore = getKeyStore(keyStoreName);
keyStoreType = resource.getProperty(SecurityConstants.PROP_TYPE);
String encpass = resource.getProperty(SecurityConstants.PROP_PRIVATE_KEY_PASS);
if (encpass != null) {
CryptoUtil util = CryptoUtil.getDefaultCryptoUtil();
keyStorePassword = new String(util.base64DecodeAndDecrypt(encpass));
}
}
// Fill the information about the certificates
Enumeration<String> aliases = keyStore.aliases();
List<org.wso2.carbon.security.keystore.service.CertData> certDataList = new ArrayList<>();
Format formatter = new SimpleDateFormat("dd/MM/yyyy");
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (keyStore.isCertificateEntry(alias)) {
X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
certDataList.add(fillCertData(cert, alias, formatter));
}
}
// Create a cert array
CertData[] certs = certDataList.toArray(new CertData[certDataList.size()]);
// Create a KeyStoreData bean, set the name and fill in the cert information
PaginatedKeyStoreData keyStoreData = new PaginatedKeyStoreData();
keyStoreData.setKeyStoreName(keyStoreName);
keyStoreData.setPaginatedCertData(doPaging(pageNumber, certs));
keyStoreData.setKeyStoreType(keyStoreType);
List<CertData> keyDataList = new ArrayList<>();
aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (keyStore.isKeyEntry(alias)) {
X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
keyDataList.add(fillCertData(cert, alias, formatter));
}
}
// Create a cert array.
CertData[] keyCerts = keyDataList.toArray(new CertData[keyDataList.size()]);
// Create a KeyStoreData bean, set the name and fill in the cert information.
keyStoreData.setPaginatedKeyData(doPaging(pageNumber, keyCerts));
return keyStoreData;
} catch (Exception e) {
String msg = "Error has encounted while loading the keystore to the given keystore name " + keyStoreName;
log.error(msg, e);
throw new SecurityConfigException(msg);
}
}
use of org.wso2.carbon.security.keystore.service.KeyStoreData in project carbon-identity-framework by wso2.
the class KeyStoreAdmin method getKeyStores.
/**
* Method to retrive keystore data.
*
* @param isSuperTenant - Indication whether the querying super tennat data
* @return
* @throws SecurityConfigException
*/
public KeyStoreData[] getKeyStores(boolean isSuperTenant) throws SecurityConfigException {
CarbonUtils.checkSecurity();
KeyStoreData[] names = new KeyStoreData[0];
try {
if (registry.resourceExists(SecurityConstants.KEY_STORES)) {
Collection collection = (Collection) registry.get(SecurityConstants.KEY_STORES);
String[] ks = collection.getChildren();
List<KeyStoreData> lst = new ArrayList<>();
for (int i = 0; i < ks.length; i++) {
String fullname = ks[i];
if (RegistryResources.SecurityManagement.PRIMARY_KEYSTORE_PHANTOM_RESOURCE.equals(fullname)) {
continue;
}
Resource store = registry.get(ks[i]);
int lastIndex = fullname.lastIndexOf("/");
String name = fullname.substring(lastIndex + 1);
String type = store.getProperty(SecurityConstants.PROP_TYPE);
String provider = store.getProperty(SecurityConstants.PROP_PROVIDER);
KeyStoreData data = new KeyStoreData();
data.setKeyStoreName(name);
data.setKeyStoreType(type);
data.setProvider(provider);
String alias = store.getProperty(SecurityConstants.PROP_PRIVATE_KEY_ALIAS);
if (alias != null) {
data.setPrivateStore(true);
} else {
data.setPrivateStore(false);
}
// Dump the generated public key to the file system for sub tenants
if (!isSuperTenant) {
Association[] associations = registry.getAssociations(ks[i], SecurityConstants.ASSOCIATION_TENANT_KS_PUB_KEY);
if (associations != null && associations.length > 0) {
Resource pubKeyResource = registry.get(associations[0].getDestinationPath());
String fileName = generatePubCertFileName(ks[i], pubKeyResource.getProperty(SecurityConstants.PROP_TENANT_PUB_KEY_FILE_NAME_APPENDER));
if (MessageContext.getCurrentMessageContext() != null) {
String pubKeyFilePath = KeyStoreMgtUtil.dumpCert(MessageContext.getCurrentMessageContext().getConfigurationContext(), (byte[]) pubKeyResource.getContent(), fileName);
data.setPubKeyFilePath(pubKeyFilePath);
}
}
}
lst.add(data);
}
names = new KeyStoreData[lst.size() + 1];
Iterator<KeyStoreData> ite = lst.iterator();
int count = 0;
while (ite.hasNext()) {
names[count] = ite.next();
count++;
}
if (isSuperTenant) {
KeyStoreData data = new KeyStoreData();
ServerConfiguration config = ServerConfiguration.getInstance();
String fileName = config.getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIMARY_KEYSTORE_FILE);
String type = config.getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIMARY_KEYSTORE_TYPE);
String name = KeyStoreUtil.getKeyStoreFileName(fileName);
data.setKeyStoreName(name);
data.setKeyStoreType(type);
data.setProvider(" ");
data.setPrivateStore(true);
names[count] = data;
}
}
return names;
} catch (RegistryException e) {
String msg = "Error when getting keyStore data";
log.error(msg, e);
throw new SecurityConfigException(msg, e);
}
}
use of org.wso2.carbon.security.keystore.service.KeyStoreData in project carbon-identity-framework by wso2.
the class KeyStoreAdmin method getPrivateKey.
public Key getPrivateKey(String alias, boolean isSuperTenant) throws SecurityConfigException {
KeyStoreData[] keystores = getKeyStores(isSuperTenant);
KeyStore keyStore = null;
String privateKeyPassowrd = null;
try {
for (int i = 0; i < keystores.length; i++) {
if (KeyStoreUtil.isPrimaryStore(keystores[i].getKeyStoreName())) {
KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId);
keyStore = keyMan.getPrimaryKeyStore();
ServerConfiguration serverConfig = ServerConfiguration.getInstance();
privateKeyPassowrd = serverConfig.getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIVATE_KEY_PASSWORD);
return keyStore.getKey(alias, privateKeyPassowrd.toCharArray());
}
}
} catch (Exception e) {
String msg = "Error has encounted while loading the key for the given alias " + alias;
log.error(msg, e);
throw new SecurityConfigException(msg);
}
return null;
}
use of org.wso2.carbon.security.keystore.service.KeyStoreData in project carbon-identity-framework by wso2.
the class KeyStoreAdmin method getKeystoreInfo.
/**
* This method will list 1. Certificate aliases 2. Private key alise 3. Private key value to a
* given keystore.
*
* @param keyStoreName The name of the keystore
* @return Instance of KeyStoreData
* @throws SecurityConfigException will be thrown
*/
public KeyStoreData getKeystoreInfo(String keyStoreName) throws SecurityConfigException {
try {
if (keyStoreName == null) {
throw new Exception("keystore name cannot be null");
}
KeyStore keyStore;
String keyStoreType;
String privateKeyPassword = null;
if (KeyStoreUtil.isPrimaryStore(keyStoreName)) {
KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId);
keyStore = keyMan.getPrimaryKeyStore();
ServerConfiguration serverConfig = ServerConfiguration.getInstance();
keyStoreType = serverConfig.getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIMARY_KEYSTORE_TYPE);
privateKeyPassword = serverConfig.getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIVATE_KEY_PASSWORD);
} else if (isTrustStore(keyStoreName)) {
keyStore = getTrustStore();
ServerConfiguration serverConfig = ServerConfiguration.getInstance();
keyStoreType = serverConfig.getFirstProperty(SERVER_TRUSTSTORE_TYPE);
privateKeyPassword = serverConfig.getFirstProperty(SERVER_TRUSTSTORE_PASSWORD);
} else {
String path = SecurityConstants.KEY_STORES + "/" + keyStoreName;
if (!registry.resourceExists(path)) {
throw new SecurityConfigException("Key Store not found");
}
Resource resource = registry.get(path);
keyStore = getKeyStore(keyStoreName);
keyStoreType = resource.getProperty(SecurityConstants.PROP_TYPE);
String encpass = resource.getProperty(SecurityConstants.PROP_PRIVATE_KEY_PASS);
if (encpass != null) {
CryptoUtil util = CryptoUtil.getDefaultCryptoUtil();
privateKeyPassword = new String(util.base64DecodeAndDecrypt(encpass));
}
}
// Fill the information about the certificates
Enumeration<String> aliases = keyStore.aliases();
List<org.wso2.carbon.security.keystore.service.CertData> certDataList = new ArrayList<>();
Format formatter = new SimpleDateFormat("dd/MM/yyyy");
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (keyStore.isCertificateEntry(alias)) {
X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
certDataList.add(fillCertData(cert, alias, formatter));
}
}
// Create a cert array
CertData[] certs = certDataList.toArray(new CertData[certDataList.size()]);
// Create a KeyStoreData bean, set the name and fill in the cert information
KeyStoreData keyStoreData = new KeyStoreData();
keyStoreData.setKeyStoreName(keyStoreName);
keyStoreData.setCerts(certs);
keyStoreData.setKeyStoreType(keyStoreType);
aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
// There be only one entry in WSAS related keystores
if (keyStore.isKeyEntry(alias)) {
X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
keyStoreData.setKey(fillCertData(cert, alias, formatter));
PrivateKey key = (PrivateKey) keyStore.getKey(alias, privateKeyPassword.toCharArray());
String pemKey;
pemKey = "-----BEGIN PRIVATE KEY-----\n";
pemKey += Base64.encode(key.getEncoded());
pemKey += "\n-----END PRIVATE KEY-----";
keyStoreData.setKeyValue(pemKey);
break;
}
}
return keyStoreData;
} catch (Exception e) {
String msg = "Error has encounted while loading the keystore to the given keystore name " + keyStoreName;
log.error(msg, e);
throw new SecurityConfigException(msg);
}
}
use of org.wso2.carbon.security.keystore.service.KeyStoreData in project carbon-identity-framework by wso2.
the class Util method doFilter.
public static KeyStoreData[] doFilter(String filter, KeyStoreData[] keyStoreDataSet) {
String regPattern = filter.replace("*", ".*");
List<KeyStoreData> list = new ArrayList<>();
for (KeyStoreData keyStore : keyStoreDataSet) {
if (keyStore != null && keyStore.getKeyStoreName().toLowerCase().matches(regPattern.toLowerCase())) {
list.add(keyStore);
}
}
return list.toArray(new KeyStoreData[list.size()]);
}
Aggregations