Package org.ejbca.extra.caservice.processor

Source Code of org.ejbca.extra.caservice.processor.KeyRecoveryRequestProcessor

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
/*************************************************************************
*                                                                       *
*  EJBCA: The OpenSource Certificate Authority                          *
*                                                                       *
*  This software is free software; you can redistribute it and/or       *
*  modify it under the terms of the GNU Lesser General Public           *
*  License as published by the Free Software Foundation; either         *
*  version 2.1 of the License, or any later version.                    *
*                                                                       *
*  See terms of license at gnu.org.                                     *
*                                                                       *
*************************************************************************/
package org.ejbca.extra.caservice.processor;

import java.security.KeyPair;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;

import org.apache.log4j.Logger;
import org.ejbca.core.EjbcaException;
import org.ejbca.core.model.keyrecovery.KeyRecoveryData;
import org.ejbca.core.model.log.Admin;
import org.ejbca.core.model.ra.UserDataConstants;
import org.ejbca.core.model.ra.UserDataVO;
import org.ejbca.extra.db.KeyRecoveryRequest;
import org.ejbca.extra.db.PKCS12Response;
import org.ejbca.extra.db.ExtRARequest;
import org.ejbca.extra.db.ExtRAResponse;
import org.ejbca.extra.db.ISubMessage;
import org.ejbca.util.CertTools;
import org.ejbca.util.keystore.KeyTools;

/**
*
* @author tomas
* @version $Id: KeyRecoveryRequestProcessor.java 11268 2011-01-26 23:02:58Z jeklund $
*/
public class KeyRecoveryRequestProcessor extends MessageProcessor implements ISubMessageProcessor {
    private static final Logger log = Logger.getLogger(KeyRecoveryRequestProcessor.class);

    public ISubMessage process(Admin admin, ISubMessage submessage, String errormessage) {
      if(errormessage == null){
        return processExtRAKeyRecoveryRequest(admin, (KeyRecoveryRequest) submessage);
      }else{
        return new ExtRAResponse(((ExtRARequest) submessage).getRequestId(), false, errormessage);
      }
    }

    private ISubMessage processExtRAKeyRecoveryRequest(Admin admin, KeyRecoveryRequest submessage) {
    log.debug("Processing ExtRAKeyRecoveryRequest");
    PKCS12Response retval = null;
    try{
     
      UserDataVO userdata = null;
     
      if(submessage.getReUseCertificate()){
        userdata = userAdminSession.findUser(admin,submessage.getUsername());
      }else{
        userdata = generateUserDataVO(admin, submessage);
        userdata.setPassword("foo123");
      }
     
      // Get KeyPair
      keyRecoverySession.unmarkUser(admin,submessage.getUsername());
      X509Certificate orgcert = (X509Certificate) certificateStoreSession.findCertificateByIssuerAndSerno(admin,CertTools.stringToBCDNString(submessage.getIssuerDN()), submessage.getCertificateSN());
      if(orgcert == null){
        throw new EjbcaException("Error in Key Recovery Request, couldn't find specified certificate");
      }
      if(!userAdminSession.prepareForKeyRecovery(admin, userdata.getUsername(), userdata.getEndEntityProfileId(), orgcert)){
        throw new EjbcaException("Error in Key Recovery Request, no keys saved for specified request");
      }
      KeyRecoveryData keyData = keyRecoverySession.keyRecovery(admin, submessage.getUsername(), userdata.getEndEntityProfileId());
      if(keyData == null){
        throw new EjbcaException("Error in Key Recovery Request, no keys saved for specified request");
      }     
      KeyPair savedKeys = keyData.getKeyPair();
     
      X509Certificate cert = null
      if(submessage.getReUseCertificate()){ 
        cert= orgcert;
       
      }else{
        storeUserData(admin, userdata,false, UserDataConstants.STATUS_INPROCESS);
       
        // Generate Certificate
        cert = (X509Certificate) signSession.createCertificate(admin,submessage.getUsername(),"foo123", savedKeys.getPublic());       
      }     
     
      // Generate Keystore
      // Fetch CA Cert Chain.         
      int caid = CertTools.stringToBCDNString(cert.getIssuerDN().toString()).hashCode();
      Certificate[] chain = (Certificate[]) caAdminSession.getCAInfo(admin, caid).getCertificateChain().toArray(new Certificate[0]);
      String alias = CertTools.getPartFromDN(CertTools.getSubjectDN(cert), "CN");
      if (alias == null){
        alias = submessage.getUsername();
      }               
      KeyStore pkcs12 = KeyTools.createP12(alias, savedKeys.getPrivate(), cert, chain);
     
      retval = new PKCS12Response(submessage.getRequestId(),true,null,pkcs12,submessage.getPassword());
     
    }catch(Exception e){
      log.error("Error processing ExtRAKeyRecoveryRequset : ", e);
      retval = new PKCS12Response(submessage.getRequestId(),false,e.getMessage(),null,null);
    }
   
    return retval;
  }
}
TOP

Related Classes of org.ejbca.extra.caservice.processor.KeyRecoveryRequestProcessor

  • org.ejbca.core.model.keyrecovery.KeyRecoveryData
  • org.ejbca.core.model.ra.UserDataVO
  • org.ejbca.extra.db.ExtRAResponse
  • org.ejbca.extra.db.PKCS12Response
  • org.ejbca.core.EjbcaException
  • java.security.KeyStore
  • java.security.KeyPair
  • java.security.cert.X509Certificate
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.