Date bDate = new Date(System.currentTimeMillis() - (10 * 60 * 1000));
Iterator<TokenCertificateRequestWS> iter = tokenRequests.iterator();
while(iter.hasNext()){
TokenCertificateRequestWS next = iter.next();
int certificateProfileId = certificateProfileSession.getCertificateProfileId(admin, next.getCertificateProfileName());
if(certificateProfileId == 0){
EjbcaWSHelper.getEjbcaException("Error the given Certificate Profile : " + next.getCertificateProfileName() + " couldn't be found.",
logger, ErrorCode.CERT_PROFILE_NOT_EXISTS, null);
}
Date eDate = null;
if(next.getValidityIdDays() != null ){
try{
long validity = Long.parseLong(next.getValidityIdDays());
eDate = new Date(System.currentTimeMillis() + (validity * 3600 *24 * 1000));
}catch (NumberFormatException e){
EjbcaWSHelper.getEjbcaException("Error : Validity in Days must be a number",
logger, ErrorCode.BAD_VALIDITY_FORMAT, null);
}
}
CAInfo cAInfo = caAdminSession.getCAInfo(admin, next.getCAName());
if(cAInfo == null){
throw EjbcaWSHelper.getEjbcaException("Error the given CA : " + next.getCAName() + " couldn't be found.",
logger, ErrorCode.CA_NOT_EXISTS, null);
}
if(!authorizationSession.isAuthorizedNoLog(admin, AccessRulesConstants.CAPREFIX + cAInfo.getCAId())) {
Authorizer.throwAuthorizationException(admin, AccessRulesConstants.CAPREFIX + cAInfo.getCAId(), null);
}
if(next.getType() == HardTokenConstants.REQUESTTYPE_PKCS10_REQUEST){
userData.setCertificateProfileId(certificateProfileId);
userData.setCAId(cAInfo.getCAId());
userData.setPassword(password);
userData.setStatus(UserDataConstants.STATUS_NEW);
userAdminSession.changeUser(admin, userData, false);
PKCS10RequestMessage pkcs10req = new PKCS10RequestMessage(next.getPkcs10Data());
java.security.cert.Certificate cert;
if(eDate == null){
cert = signSession.createCertificate(admin,userData.getUsername(),password, pkcs10req.getRequestPublicKey());
}else{
cert = signSession.createCertificate(admin,userData.getUsername(),password, pkcs10req.getRequestPublicKey(), -1, bDate, eDate);
}
genCertificates.add(cert);
retval.add(new TokenCertificateResponseWS(new Certificate(cert)));
}else
if(next.getType() == HardTokenConstants.REQUESTTYPE_KEYSTORE_REQUEST){
if(!next.getTokenType().equals(HardTokenConstants.TOKENTYPE_PKCS12)){
throw EjbcaWSHelper.getEjbcaException("Unsupported Key Store Type : " + next.getTokenType() + " only " + HardTokenConstants.TOKENTYPE_PKCS12 + " is supported",
logger, ErrorCode.NOT_SUPPORTED_KEY_STORE, null);
}
KeyPair keys = KeyTools.genKeys(next.getKeyspec(), next.getKeyalg());
userData.setCertificateProfileId(certificateProfileId);
userData.setCAId(cAInfo.getCAId());
userData.setPassword(password);
userData.setStatus(UserDataConstants.STATUS_NEW);
userAdminSession.changeUser(admin, userData, true);