}
usekeyrecovery = globalConfigurationSession.getCachedGlobalConfiguration(internalUser).getEnableKeyRecovery();
if (log.isDebugEnabled()) {
log.debug("Key recovery enabled: "+ usekeyrecovery);
}
PKCS12Response retval = null;
UserDataVO userdata = null;
try{
userdata = generateUserDataVO(admin, submessage);
userdata.setPassword("foo123");
storeUserData(admin, userdata, false, UserDataConstants.STATUS_INPROCESS);
// Generate keys
KeyPair keys = generateKeys(submessage);
// Generate Certificate
X509Certificate cert = (X509Certificate) signSession.createCertificate(admin,submessage.getUsername(),"foo123", keys.getPublic());
// Generate Keystore
// Fetch CA Cert Chain.
Certificate[] chain = (Certificate[]) MessageProcessor.getCACertChain(admin, submessage.getCAName(), false, caAdminSession).toArray(new Certificate[0]);
String alias = CertTools.getPartFromDN(CertTools.getSubjectDN(cert), "CN");
if (alias == null){
alias = submessage.getUsername();
}
KeyStore pkcs12 = KeyTools.createP12(alias, keys.getPrivate(), cert, chain);
// Store Keys if requested
if (usekeyrecovery && submessage.getStoreKeys()) {
// Save generated keys to database.
keyRecoverySession.addKeyRecoveryData(admin, cert, submessage.getUsername(), keys);
}
retval = new PKCS12Response(submessage.getRequestId(),true,null,pkcs12,submessage.getPassword());
storeUserData(admin, userdata, false, UserDataConstants.STATUS_GENERATED);
} catch (ApprovalException ae) {
// there might be an already saved approval for this user or a new approval will be created,
// so catch the exception thrown when this is the case and let the method return null to leave the message in the queue to be tried the next round.
log.info("ApprovalException: "+ae.getMessage());
} catch (WaitingForApprovalException wae) {
// there might be an already saved approval for this user or a new approval will be created,
// so catch the exception thrown when this is the case and let the method return null to leave the message in the queue to be tried the next round.
log.info("WaitingForApprovalException: "+wae.getMessage());
}catch(Exception e){
// We should end up here if an approval is rejected, or some other error occur. We will then send back a failed message
log.error("Error processing ExtRAPKCS12Requset : ", e);
if (userdata != null) {
try {
storeUserData(admin, userdata, false, UserDataConstants.STATUS_FAILED);
} catch (Exception ignore) {/*ignore*/}
}
retval = new PKCS12Response(submessage.getRequestId(),false,e.getMessage(),null,null);
}
return retval;
}