*/
public KeyStore generateOrKeyRecoverToken(Admin administrator, String username, String password, int caid, String keyspec,
String keyalg, boolean createJKS, boolean loadkeys, boolean savekeys, boolean reusecertificate, int endEntityProfileId)
throws Exception {
log.trace(">generateOrKeyRecoverToken");
KeyRecoveryData keyData = null;
KeyPair rsaKeys = null;
if (loadkeys) {
log.debug("Recovering keys for user: "+ username);
// used saved keys.
keyData = keyRecoverySession.keyRecovery(administrator, username, endEntityProfileId);
if (keyData == null) {
throw new Exception("No key recovery data exists for user");
}
rsaKeys = keyData.getKeyPair();
if (reusecertificate) {
// TODO: Why is this only done is reusecertificate == true ??
log.debug("Re-using old certificate for user: "+ username);
keyRecoverySession.unmarkUser(administrator,username);
}
} else {
log.debug("Generating new keys for user: "+ username);
// generate new keys.
rsaKeys = KeyTools.genKeys(keyspec, keyalg);
}
X509Certificate cert = null;
if ((reusecertificate) && (keyData != null)) {
cert = (X509Certificate) keyData.getCertificate();
boolean finishUser = true;
finishUser = caAdminSession.getCAInfo(administrator,caid).getFinishUser();
if (finishUser) {
UserDataVO userdata = userAdminSession.findUser(administrator, username);
authenticationSession.finishUser(userdata);