Package org.ejbca.core.model.keyrecovery

Examples of org.ejbca.core.model.keyrecovery.KeyRecoveryData


            keyRecoverySession.addKeyRecoveryData(admin1, cert, username1, keypair);

            assertTrue("Couldn't mark user for recovery in database", !keyRecoverySession.isUserMarked(admin1, username1));
            userAdminSession.prepareForKeyRecovery(admin1, username1, endEntityProfileId, cert);
            assertTrue("Couldn't mark user for recovery in database", keyRecoverySession.isUserMarked(admin1, username1));
            KeyRecoveryData data = keyRecoverySession.keyRecovery(admin1, username1, SecConst.EMPTY_ENDENTITYPROFILE);
            assertTrue("Couldn't recover keys from database", Arrays.equals(data.getKeyPair().getPrivate().getEncoded(), keypair.getPrivate().getEncoded()));
        } catch (WaitingForApprovalException ex) {
            fail("This profile should not require approvals");
        }

        // Create user with a profile that does require approvals for key
View Full Code Here


        X509Certificate orgCert = null;
        if (getUseKeyRecovery() && keyrecoverflag) {
            boolean reusecertificate = ejb.getEndEntityProfileSession().getEndEntityProfile(getAdmin(), data.getEndEntityProfileId()).getReUseKeyRecoveredCertificate();
            // Recover Keys

            KeyRecoveryData recoveryData = ejb.getKeyRecoverySession().keyRecovery(getAdmin(), data.getUsername(), data.getEndEntityProfileId());
            if (reusecertificate) {
                ejb.getKeyRecoverySession().unmarkUser(getAdmin(), data.getUsername());
            }
            if (recoveryData != null) {
                rsaKeys = recoveryData.getKeyPair();
                if (reusecertificate) {
                    orgCert = (X509Certificate) recoveryData.getCertificate();
                }
            } else {
                String errMsg = intres.getLocalizedMessage("batch.errornokeyrecoverydata", data.getUsername());
                throw new Exception(errMsg);
            }
View Full Code Here

        int tokentype = userDataVO.getTokenType();

        PublicKey certKey = null;
        PrivateKey privKey = null;
        KeyPair keyPair = null;
        KeyRecoveryData keyData = null;
        boolean reusecertificate = false;
        if(loadkeys){
          EndEntityProfile endEntityProfile = endEntityProfileSession.getEndEntityProfile(pubAdmin, userDataVO.getEndEntityProfileId());
          reusecertificate = endEntityProfile.getReUseKeyRecoveredCertificate();

          // used saved keys.
          keyData = keyRecoverySession.keyRecovery(pubAdmin, userDataVO.getUsername(), userDataVO.getEndEntityProfileId());
          keyPair = keyData.getKeyPair();
          certKey = keyPair.getPublic();
          privKey = keyPair.getPrivate();

          if(reusecertificate){
              keyRecoverySession.unmarkUser(pubAdmin,userDataVO.getUsername());
          }
        }
        else{
          // generate new keys.
          if(!reissue && (tokentype == SecConst.TOKEN_SOFT_P12 || tokentype == SecConst.TOKEN_SOFT_JKS || tokentype == SecConst.TOKEN_SOFT_PEM)){
            keyPair = KeyTools.genKeys(Integer.toString(XKMSConfig.getServerKeyLength()), "RSA");
            certKey = keyPair.getPublic();
            privKey = keyPair.getPrivate();
          }
          if(reissue || tokentype == SecConst.TOKEN_SOFT_BROWSERGEN){
            certKey = publicKey;
          }
        }

        X509Certificate cert = null;
        if(reusecertificate){
          cert = (X509Certificate) keyData.getCertificate();              
          boolean finishUser = caadminsession.getCAInfo(pubAdmin,CertTools.getIssuerDN(cert).hashCode()).getFinishUser();
          if(finishUser){                
              authenticationSession.finishUser(userDataVO);
          }
View Full Code Here

        throw new EjbcaException("Error in Key Recovery Request, couldn't find specified certificate");
      }
      if(!userAdminSession.prepareForKeyRecovery(admin, userdata.getUsername(), userdata.getEndEntityProfileId(), orgcert)){
        throw new EjbcaException("Error in Key Recovery Request, no keys saved for specified request");
      }
      KeyRecoveryData keyData = keyRecoverySession.keyRecovery(admin, submessage.getUsername(), userdata.getEndEntityProfileId());
      if(keyData == null){
        throw new EjbcaException("Error in Key Recovery Request, no keys saved for specified request");
      }     
      KeyPair savedKeys = keyData.getKeyPair();
     
      X509Certificate cert = null
      if(submessage.getReUseCertificate()){ 
        cert= orgcert;
       
View Full Code Here

        log.trace(">test02MarkAndRecoverKeyPair()");
        CryptoProviderTools.installBCProvider();
        assertFalse("Couldn't mark user for recovery in database", keyRecoverySession.isUserMarked(admin, user));
        userAdminSession.prepareForKeyRecovery(admin, user, SecConst.EMPTY_ENDENTITYPROFILE, cert);
        assertTrue("Couldn't mark user for recovery in database", keyRecoverySession.isUserMarked(admin, user));
        KeyRecoveryData data = keyRecoverySession.keyRecovery(admin, user, SecConst.EMPTY_ENDENTITYPROFILE);

        assertTrue("Couldn't recover keys from database", Arrays.equals(data.getKeyPair().getPrivate().getEncoded(), keypair.getPrivate().getEncoded()));

        log.trace("<test02MarkAndRecoverKeyPair()");
    }
View Full Code Here

    @Override
    public KeyRecoveryData keyRecovery(Admin admin, String username, int endEntityProfileId) throws AuthorizationDeniedException {
      if (log.isTraceEnabled()) {
            log.trace(">keyRecovery(user: " + username + ")");
      }
        KeyRecoveryData returnval = null;
        org.ejbca.core.ejb.keyrecovery.KeyRecoveryData krd = null;
        X509Certificate certificate = null;
        if (authorizedToKeyRecover(admin, endEntityProfileId)) {
          Collection<org.ejbca.core.ejb.keyrecovery.KeyRecoveryData> result = org.ejbca.core.ejb.keyrecovery.KeyRecoveryData.findByUserMark(entityManager, username);
          Iterator<org.ejbca.core.ejb.keyrecovery.KeyRecoveryData> i = result.iterator();
          try {
            while (i.hasNext()) {
              krd = i.next();
              if (returnval == null) {
                int caid = krd.getIssuerDN().hashCode();

                KeyRecoveryCAServiceResponse response = (KeyRecoveryCAServiceResponse) caAdminSession.extendedService(admin, caid,
                    new KeyRecoveryCAServiceRequest(KeyRecoveryCAServiceRequest.COMMAND_DECRYPTKEYS, krd.getKeyDataAsByteArray()));
                KeyPair keys = response.getKeyPair();
                certificate = (X509Certificate) certificateStoreSession.findCertificateByIssuerAndSerno(admin, krd.getIssuerDN(), krd.getCertificateSN());
                returnval = new KeyRecoveryData(krd.getCertificateSN(), krd.getIssuerDN(),
                    krd.getUsername(), krd.getMarkedAsRecoverable(), keys, certificate);
              }
              // krd.setMarkedAsRecoverable(false);
            }
            String msg = intres.getLocalizedMessage("keyrecovery.sentdata", username);             
View Full Code Here

     */
    public KeyStore generateOrKeyRecoverToken(Admin administrator, String username, String password, int caid, String keyspec,
        String keyalg, boolean createJKS, boolean loadkeys, boolean savekeys, boolean reusecertificate, int endEntityProfileId)
    throws Exception {
      log.trace(">generateOrKeyRecoverToken");
      KeyRecoveryData keyData = null;
      KeyPair rsaKeys = null;
      if (loadkeys) {
        log.debug("Recovering keys for user: "+ username);
            // used saved keys.
      keyData = keyRecoverySession.keyRecovery(administrator, username, endEntityProfileId);
        if (keyData == null) {
          throw new Exception("No key recovery data exists for user");
        }
        rsaKeys = keyData.getKeyPair();
        if (reusecertificate) {
          // TODO: Why is this only done is reusecertificate == true ??
            log.debug("Re-using old certificate for user: "+ username);
          keyRecoverySession.unmarkUser(administrator,username);
        }
      } else {
        log.debug("Generating new keys for user: "+ username);
            // generate new keys.
        rsaKeys = KeyTools.genKeys(keyspec, keyalg);
      }
      X509Certificate cert = null;
      if ((reusecertificate) && (keyData != null)) {
        cert = (X509Certificate) keyData.getCertificate();
        boolean finishUser = true;
      finishUser = caAdminSession.getCAInfo(administrator,caid).getFinishUser();
        if (finishUser) {
          UserDataVO userdata = userAdminSession.findUser(administrator, username);
        authenticationSession.finishUser(userdata);           
View Full Code Here

TOP

Related Classes of org.ejbca.core.model.keyrecovery.KeyRecoveryData

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.