Package org.ejbca.extra.db

Examples of org.ejbca.extra.db.PKCS12Response


      }
    }

    private ISubMessage processExtRAKeyRecoveryRequest(Admin admin, KeyRecoveryRequest submessage) {
    log.debug("Processing ExtRAKeyRecoveryRequest");
    PKCS12Response retval = null;
    try{
     
      UserDataVO userdata = null;
     
      if(submessage.getReUseCertificate()){
        userdata = userAdminSession.findUser(admin,submessage.getUsername());
      }else{
        userdata = generateUserDataVO(admin, submessage);
        userdata.setPassword("foo123");
      }
     
      // Get KeyPair
      keyRecoverySession.unmarkUser(admin,submessage.getUsername());
      X509Certificate orgcert = (X509Certificate) certificateStoreSession.findCertificateByIssuerAndSerno(admin,CertTools.stringToBCDNString(submessage.getIssuerDN()), submessage.getCertificateSN());
      if(orgcert == null){
        throw new EjbcaException("Error in Key Recovery Request, couldn't find specified certificate");
      }
      if(!userAdminSession.prepareForKeyRecovery(admin, userdata.getUsername(), userdata.getEndEntityProfileId(), orgcert)){
        throw new EjbcaException("Error in Key Recovery Request, no keys saved for specified request");
      }
      KeyRecoveryData keyData = keyRecoverySession.keyRecovery(admin, submessage.getUsername(), userdata.getEndEntityProfileId());
      if(keyData == null){
        throw new EjbcaException("Error in Key Recovery Request, no keys saved for specified request");
      }     
      KeyPair savedKeys = keyData.getKeyPair();
     
      X509Certificate cert = null
      if(submessage.getReUseCertificate()){ 
        cert= orgcert;
       
      }else{
        storeUserData(admin, userdata,false, UserDataConstants.STATUS_INPROCESS);
       
        // Generate Certificate
        cert = (X509Certificate) signSession.createCertificate(admin,submessage.getUsername(),"foo123", savedKeys.getPublic());       
      }     
     
      // Generate Keystore
      // Fetch CA Cert Chain.         
      int caid = CertTools.stringToBCDNString(cert.getIssuerDN().toString()).hashCode();
      Certificate[] chain = (Certificate[]) caAdminSession.getCAInfo(admin, caid).getCertificateChain().toArray(new Certificate[0]);
      String alias = CertTools.getPartFromDN(CertTools.getSubjectDN(cert), "CN");
      if (alias == null){
        alias = submessage.getUsername();
      }               
      KeyStore pkcs12 = KeyTools.createP12(alias, savedKeys.getPrivate(), cert, chain);
     
      retval = new PKCS12Response(submessage.getRequestId(),true,null,pkcs12,submessage.getPassword());
     
    }catch(Exception e){
      log.error("Error processing ExtRAKeyRecoveryRequset : ", e);
      retval = new PKCS12Response(submessage.getRequestId(),false,e.getMessage(),null,null);
    }
   
    return retval;
  }
View Full Code Here


    public ISubMessage process(Admin admin, ISubMessage submessage, String errormessage) {
      if(errormessage == null){
        return processExtRAPKCS12Request(admin, (PKCS12Request) submessage);
      }else{
        return new PKCS12Response(((ExtRARequest) submessage).getRequestId(), false, errormessage, null, null);
      }
    }
View Full Code Here

      }
    usekeyrecovery  = globalConfigurationSession.getCachedGlobalConfiguration(internalUser).getEnableKeyRecovery();
      if (log.isDebugEnabled()) {
        log.debug("Key recovery enabled: "+ usekeyrecovery);
      }
    PKCS12Response retval = null;
        UserDataVO userdata = null;
    try{
            userdata = generateUserDataVO(admin, submessage);
            userdata.setPassword("foo123");
        storeUserData(admin, userdata, false, UserDataConstants.STATUS_INPROCESS);
       
        // Generate keys
        KeyPair keys = generateKeys(submessage);
        // Generate Certificate
        X509Certificate cert = (X509Certificate) signSession.createCertificate(admin,submessage.getUsername(),"foo123", keys.getPublic());
       
        // Generate Keystore
        // Fetch CA Cert Chain.         
        Certificate[] chain = (Certificate[]) MessageProcessor.getCACertChain(admin, submessage.getCAName(), false, caAdminSession).toArray(new Certificate[0]);
        String alias = CertTools.getPartFromDN(CertTools.getSubjectDN(cert), "CN");
        if (alias == null){
          alias = submessage.getUsername();
        }               
        KeyStore pkcs12 = KeyTools.createP12(alias, keys.getPrivate(), cert, chain);
       
        // Store Keys if requested
          if (usekeyrecovery && submessage.getStoreKeys()) {
              // Save generated keys to database.
              keyRecoverySession.addKeyRecoveryData(admin, cert, submessage.getUsername(), keys);
          }

        retval = new PKCS12Response(submessage.getRequestId(),true,null,pkcs12,submessage.getPassword());
          storeUserData(admin, userdata, false, UserDataConstants.STATUS_GENERATED);
    } catch (ApprovalException ae) {
      // there might be an already saved approval for this user or a new approval will be created,
      // so catch the exception thrown when this is the case and let the method return null to leave the message in the queue to be tried the next round.
      log.info("ApprovalException: "+ae.getMessage());
    } catch (WaitingForApprovalException wae) {
      // there might be an already saved approval for this user or a new approval will be created,
      // so catch the exception thrown when this is the case and let the method return null to leave the message in the queue to be tried the next round.
      log.info("WaitingForApprovalException: "+wae.getMessage());
    }catch(Exception e){
      // We should end up here if an approval is rejected, or some other error occur. We will then send back a failed message
      log.error("Error processing ExtRAPKCS12Requset : ", e);
            if (userdata != null) {
                try {
                    storeUserData(admin, userdata, false, UserDataConstants.STATUS_FAILED);                   
                } catch (Exception ignore) {/*ignore*/}
            }
      retval = new PKCS12Response(submessage.getRequestId(),false,e.getMessage(),null,null);
    }
   
    return retval;
  }
View Full Code Here

   
    SubMessages submessagesresp = msg.getSubMessages(null,null,null);
   
    assertTrue(submessagesresp.getSubMessages().size() == 1);
   
    PKCS12Response resp = (PKCS12Response) submessagesresp.getSubMessages().iterator().next();
    assertTrue(resp.getRequestId() == 200);
    assertTrue(resp.isSuccessful() == true);
    assertNotNull(resp.getKeyStore("foo123"));
    KeyStore ks = resp.getKeyStore("foo123");
    String alias = ks.aliases().nextElement();
   
    assertTrue(((X509Certificate) resp.getKeyStore("foo123").getCertificate(alias)).getSubjectDN().toString().equals("CN=PKCS12REQ"));
     
   
   
  }
View Full Code Here

   
    SubMessages submessagesresp = msg.getSubMessages(null,null,null);
   
    assertTrue(submessagesresp.getSubMessages().size() == 1);
   
    PKCS12Response resp = (PKCS12Response) submessagesresp.getSubMessages().iterator().next();
    assertTrue(resp.getRequestId() == 300);
    assertTrue(resp.isSuccessful() == true);
    assertNotNull(resp.getKeyStore("foo123"));
    //KeyStore ks = resp.getKeyStore("foo123");   
   
    X509Certificate orgCert = (X509Certificate) resp.getKeyStore("foo123").getCertificate("PKCS12REQ");
   
    assertTrue(orgCert.getSubjectDN().toString().equals("CN=PKCS12REQ"));
   
    // Generate Key Recovery request with original cert.
   
    smgs = new SubMessages(null,null,null);
    smgs.addSubMessage(ExtRAMessagesTest.genExtRAKeyRecoveryRequest(301,"SimplePKCS12Test1",true,orgCert));
   
    msghome.create("SimplePKCS12Test1", smgs);
   
        msg = waitForUser("SimplePKCS12Test1");
   
    assertNotNull(msg);
   
    submessagesresp = msg.getSubMessages(null,null,null);
   
    assertTrue(submessagesresp.getSubMessages().size() == 1);
   
    resp = (PKCS12Response) submessagesresp.getSubMessages().iterator().next();
    assertEquals(301, resp.getRequestId());
    assertTrue(resp.isSuccessful());
   
    X509Certificate keyRecCert = (X509Certificate) resp.getKeyStore("foo123").getCertificate("PKCS12REQ");
        assertTrue(keyRecCert.getSerialNumber().equals(orgCert.getSerialNumber()));
       
        // Generate Key Recovery Request with new cert
       
    smgs = new SubMessages(null,null,null);
    smgs.addSubMessage(ExtRAMessagesTest.genExtRAKeyRecoveryRequest(302,"SimplePKCS12Test1",false,orgCert));
   
    msghome.create("SimplePKCS12Test1", smgs);
   
        msg = waitForUser("SimplePKCS12Test1");
   
    assertNotNull(msg);
   
    submessagesresp = msg.getSubMessages(null,null,null);
   
    assertTrue(submessagesresp.getSubMessages().size() == 1);
   
    resp = (PKCS12Response) submessagesresp.getSubMessages().iterator().next();
    assertTrue(resp.getRequestId() == 302);
    assertTrue(resp.isSuccessful() == true);
   
    keyRecCert = (X509Certificate) resp.getKeyStore("foo123").getCertificate("KEYRECREQ");
        assertFalse(keyRecCert.getSerialNumber().equals(orgCert.getSerialNumber()));
  }
View Full Code Here

    assertTrue(submessagesresp.getSubMessages().size() == 3);
   
   
    Iterator iter = submessagesresp.getSubMessages().iterator();
    PKCS10Response resp1 = (PKCS10Response) iter.next();
    PKCS12Response resp2 = (PKCS12Response) iter.next();
    PKCS12Response resp3 = (PKCS12Response) iter.next();
    assertTrue(resp1.getRequestId() == 1);
    assertTrue(resp1.isSuccessful() == true);
    assertTrue(resp2.getRequestId() == 2);
    assertTrue(resp2.isSuccessful() == true);
    assertTrue(resp3.getRequestId() == 3);
    assertTrue(resp3.isSuccessful() == true);
  }
View Full Code Here

          respmsgs = msg.getSubMessages(raKey,cAChain,null);
        } else {
          respmsgs = msg.getSubMessages(null,null,null);
        }
        PKCS10Response pkcs10resp = (PKCS10Response) respmsgs.getSubMessages().get(0);
        PKCS12Response pkcs12resp = null;
        if (requestKeyStore) {
          pkcs12resp = (PKCS12Response) respmsgs.getSubMessages().get(1);
        }
        if (pkcs10resp.getRequestId() !=  pkcs10RequestId) {
          println("Error in PKCS10 Request requestId doesn't match responseId for user : " + username + ", request Id : " + pkcs10RequestId + " = " +  pkcs10resp.getRequestId());
        }
        if (requestKeyStore && pkcs12resp.getRequestId() !=  pkcs12RequestId) {
          println("Error in PKCS12 Request requestId doesn't match responseId for user : " + username + ", request Id : " + pkcs12RequestId + " = " +  pkcs12resp.getRequestId());
        }
        if (!pkcs10resp.isSuccessful()) {
          println("Error in PKCS10 Request for user : " + username + ", message : " + pkcs10resp.getFailInfo());
        }
        if (requestKeyStore && !pkcs12resp.isSuccessful()) {
          println("Error in PKCS12 Request for user : " + username + ", message : " + pkcs12resp.getFailInfo());                   
        }
        long endtime = new Date().getTime();
        float processtime = ((float) (endtime - starttime)) / 1000;
        if (pkcs10resp.isSuccessful() && !requestKeyStore) {          
          println("  " + username + " Generated Sucessfully in " + processtime + " seconds, Total Requests " + ++generateUserRequests);
        }
        if (requestKeyStore && pkcs10resp.isSuccessful() && pkcs12resp.isSuccessful()) {
          println("  " + username + " Generated Sucessfully in " + processtime + " seconds, Total Requests " + ++generateUserRequests);
        }
      }

    }
View Full Code Here

TOP

Related Classes of org.ejbca.extra.db.PKCS12Response

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.