data = userAdminSession.findUser(admin, submessage.getUsername());
} catch (AuthorizationDeniedException e) {
log.info("External RA admin was denied access to a user: " + e.getMessage());
}
if (data == null) {
return new KeyStoreRetrievalResponse(((ExtRARequest) submessage).getRequestId(), false, "No such user.", null, null);
}
// Find out if are doing key recovery
int endEntityProfileId = data.getEndEntityProfileId(); // TODO should probably also be used to get keysize and algorithm in the future..
boolean usekeyrecovery = globalConfigurationSession.getCachedGlobalConfiguration(admin).getEnableKeyRecovery();
boolean savekeys = data.getKeyRecoverable() && usekeyrecovery && (data.getStatus() != UserDataConstants.STATUS_KEYRECOVERY);
boolean loadkeys = (data.getStatus() == UserDataConstants.STATUS_KEYRECOVERY) && usekeyrecovery;
boolean reusecertificate = endEntityProfileSession.getEndEntityProfile(admin, endEntityProfileId).getReUseKeyRecoveredCertificate();
// Generate or recover keystore and save it in the configured format
GenerateToken tgen = new GenerateToken(authenticationSession, userAdminSession, caAdminSession, keyRecoverySession, signSession);
byte[] buf = null;
int tokentype = data.getTokenType();
boolean createJKS = (tokentype == SecConst.TOKEN_SOFT_JKS);
KeyStore ks = tgen.generateOrKeyRecoverToken(admin, submessage.getUsername(), submessage.getPassword(), data.getCAId(), "2048", AlgorithmConstants.KEYALGORITHM_RSA,
createJKS, loadkeys, savekeys, reusecertificate, endEntityProfileId);
if (tokentype == SecConst.TOKEN_SOFT_PEM) {
buf = KeyTools.getSinglePemFromKeyStore(ks, submessage.getPassword().toCharArray());
} else if (tokentype == SecConst.TOKEN_SOFT_P12 || tokentype == SecConst.TOKEN_SOFT_JKS) {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
ks.store(baos, submessage.getPassword().toCharArray());
buf = baos.toByteArray();
} else {
return new KeyStoreRetrievalResponse(submessage.getRequestId(), false, "Unknown token type.", null, null);
}
return new KeyStoreRetrievalResponse(submessage.getRequestId(), true, null, tokentype, buf);
} catch (Exception e) {
log.debug("External RA request generated an error: " + e.getMessage());
return new KeyStoreRetrievalResponse(submessage.getRequestId(), false, "Error " + e.getMessage(), null, null);
}
}