diff options
| author | Ade Lee <alee@redhat.com> | 2014-01-30 10:30:49 -0500 |
|---|---|---|
| committer | Ade Lee <alee@redhat.com> | 2014-02-04 13:37:31 -0500 |
| commit | d33998c72a34dc9f04e29ce0248fc2b7b88e0fc5 (patch) | |
| tree | 2e162b63d487cf1f43102325cc466a9a2b7bbc32 /base | |
| parent | 3e48a7560406e0f4430bc620e35762bdd00099c0 (diff) | |
| download | pki-d33998c72a34dc9f04e29ce0248fc2b7b88e0fc5.tar.gz pki-d33998c72a34dc9f04e29ce0248fc2b7b88e0fc5.tar.xz pki-d33998c72a34dc9f04e29ce0248fc2b7b88e0fc5.zip | |
Rename KeyRequest to ResourceMessage
Refactor ResourceMessage to include classname instead of Request Type.
Also changed PKIException.Data to extend ResourceMessage.
Modifications to the server code to get the tests working.
Diffstat (limited to 'base')
19 files changed, 194 insertions, 185 deletions
diff --git a/base/common/src/com/netscape/certsrv/base/PKIException.java b/base/common/src/com/netscape/certsrv/base/PKIException.java index 6afb8f72b..65ff6db8e 100644 --- a/base/common/src/com/netscape/certsrv/base/PKIException.java +++ b/base/common/src/com/netscape/certsrv/base/PKIException.java @@ -17,23 +17,14 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.base; -import java.util.ArrayList; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; - import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import javax.ws.rs.ext.ExceptionMapper; import javax.ws.rs.ext.Provider; import javax.xml.bind.JAXBContext; import javax.xml.bind.Marshaller; -import javax.xml.bind.annotation.XmlAttribute; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlRootElement; -import javax.xml.bind.annotation.XmlValue; -import javax.xml.bind.annotation.adapters.XmlAdapter; -import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; public class PKIException extends RuntimeException { @@ -93,64 +84,13 @@ public class PKIException extends RuntimeException { } @XmlRootElement(name="PKIException") - public static class Data { - - @XmlElement(name="ClassName") - public String className; + public static class Data extends ResourceMessage{ @XmlElement(name="Code") public int code; @XmlElement(name="Message") public String message; - - @XmlElement(name="Attributes") - @XmlJavaTypeAdapter(MapAdapter.class) - public Map<String, String> attributes = new LinkedHashMap<String, String>(); - - public String getAttribute(String name) { - return attributes.get(name); - } - - public void setAttribute(String name, String value) { - attributes.put(name, value); - } - } - - public static class MapAdapter extends XmlAdapter<AttributeList, Map<String, String>> { - - public AttributeList marshal(Map<String, String> map) { - AttributeList list = new AttributeList(); - for (Map.Entry<String, String> entry : map.entrySet()) { - Attribute attribute = new Attribute(); - attribute.name = entry.getKey(); - attribute.value = entry.getValue(); - list.attributes.add(attribute); - } - return list; - } - - public Map<String, String> unmarshal(AttributeList list) { - Map<String, String> map = new LinkedHashMap<String, String>(); - for (Attribute attribute : list.attributes) { - map.put(attribute.name, attribute.value); - } - return map; - } - } - - public static class AttributeList { - @XmlElement(name="Attribute") - public List<Attribute> attributes = new ArrayList<Attribute>(); - } - - public static class Attribute { - - @XmlAttribute - public String name; - - @XmlValue - public String value; } @Provider @@ -171,8 +111,8 @@ public class PKIException extends RuntimeException { data.className = PKIException.class.getName(); data.code = Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(); data.message = "An error has occured"; - data.setAttribute("attr1", "value1"); - data.setAttribute("attr2", "value2"); + data.setProperty("attr1", "value1"); + data.setProperty("attr2", "value2"); JAXBContext context = JAXBContext.newInstance(Data.class); Marshaller marshaller = context.createMarshaller(); diff --git a/base/common/src/com/netscape/certsrv/key/KeyRequest.java b/base/common/src/com/netscape/certsrv/base/ResourceMessage.java index 364136877..dd2f48078 100644 --- a/base/common/src/com/netscape/certsrv/key/KeyRequest.java +++ b/base/common/src/com/netscape/certsrv/base/ResourceMessage.java @@ -1,4 +1,4 @@ -package com.netscape.certsrv.key; +package com.netscape.certsrv.base; import java.io.StringReader; import java.io.StringWriter; @@ -15,6 +15,7 @@ import javax.xml.bind.Marshaller; import javax.xml.bind.Unmarshaller; import javax.xml.bind.annotation.XmlAttribute; import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; import javax.xml.bind.annotation.XmlValue; import javax.xml.bind.annotation.adapters.XmlAdapter; import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; @@ -24,29 +25,30 @@ import org.jboss.resteasy.plugins.providers.atom.Link; /** * @author Ade Lee */ -public class KeyRequest { +@XmlRootElement(name="ResourceMessage") +public class ResourceMessage { - Map<String, String> properties = new LinkedHashMap<String, String>(); + protected Map<String, String> properties = new LinkedHashMap<String, String>(); Link link; - String requestType; + String className; - public KeyRequest() { + public ResourceMessage() { // required for jax-b } - public KeyRequest(MultivaluedMap<String, String> form) { + public ResourceMessage(MultivaluedMap<String, String> form) { for (Map.Entry<String, List<String>> entry: form.entrySet()) { properties.put(entry.getKey(), entry.getValue().get(0)); } } - @XmlElement(name = "RequestType") - public String getRequestType() { - return requestType; + @XmlElement(name = "ClassName") + public String getClassName() { + return className; } - public void setRequestType(String requestType) { - this.requestType = requestType; + public void setClassName(String className) { + this.className = className; } @XmlElement(name = "Properties") @@ -127,7 +129,7 @@ public class KeyRequest { int result = 1; result = prime * result + ((link == null) ? 0 : link.hashCode()); result = prime * result + ((properties == null) ? 0 : properties.hashCode()); - result = prime * result + ((requestType == null) ? 0 : requestType.hashCode()); + result = prime * result + ((className == null) ? 0 : className.hashCode()); return result; } @@ -139,7 +141,7 @@ public class KeyRequest { return false; if (getClass() != obj.getClass()) return false; - KeyRequest other = (KeyRequest) obj; + ResourceMessage other = (ResourceMessage) obj; if (link == null) { if (other.link != null) return false; @@ -150,10 +152,10 @@ public class KeyRequest { return false; } else if (!properties.equals(other.properties)) return false; - if (requestType == null) { - if (other.requestType != null) + if (className == null) { + if (other.className != null) return false; - } else if (!requestType.equals(other.requestType)) + } else if (!className.equals(other.className)) return false; return true; } diff --git a/base/common/src/com/netscape/certsrv/base/UserNotFoundException.java b/base/common/src/com/netscape/certsrv/base/UserNotFoundException.java index 63df7067a..ec14b59aa 100644 --- a/base/common/src/com/netscape/certsrv/base/UserNotFoundException.java +++ b/base/common/src/com/netscape/certsrv/base/UserNotFoundException.java @@ -21,12 +21,12 @@ public class UserNotFoundException extends ResourceNotFoundException { public UserNotFoundException(Data data) { super(data); - userId = data.getAttribute("userId"); + userId = data.getProperty("userId"); } public Data getData() { Data data = super.getData(); - data.setAttribute("userId", userId); + data.setProperty("userId", userId); return data; } diff --git a/base/common/src/com/netscape/certsrv/cert/CertNotFoundException.java b/base/common/src/com/netscape/certsrv/cert/CertNotFoundException.java index 171c2763d..5b694ad15 100644 --- a/base/common/src/com/netscape/certsrv/cert/CertNotFoundException.java +++ b/base/common/src/com/netscape/certsrv/cert/CertNotFoundException.java @@ -42,12 +42,12 @@ public class CertNotFoundException extends ResourceNotFoundException { public CertNotFoundException(Data data) { super(data); - certId = new CertId(data.getAttribute("certId")); + certId = new CertId(data.getProperty("certId")); } public Data getData() { Data data = super.getData(); - data.setAttribute("certId", certId.toString()); + data.setProperty("certId", certId.toString()); return data; } diff --git a/base/common/src/com/netscape/certsrv/client/PKIErrorInterceptor.java b/base/common/src/com/netscape/certsrv/client/PKIErrorInterceptor.java index 965b37470..abb892289 100644 --- a/base/common/src/com/netscape/certsrv/client/PKIErrorInterceptor.java +++ b/base/common/src/com/netscape/certsrv/client/PKIErrorInterceptor.java @@ -48,7 +48,7 @@ public class PKIErrorInterceptor implements ClientErrorInterceptor { // https://issues.jboss.org/browse/RESTEASY-652 PKIException.Data data = response.getEntity(PKIException.Data.class); - Class<?> clazz = Class.forName(data.className); + Class<?> clazz = Class.forName(data.getClassName()); exception = (PKIException) clazz.getConstructor(PKIException.Data.class).newInstance(data); } catch (Exception e) { diff --git a/base/common/src/com/netscape/certsrv/group/GroupNotFoundException.java b/base/common/src/com/netscape/certsrv/group/GroupNotFoundException.java index 3bd9241b6..c5167db8f 100644 --- a/base/common/src/com/netscape/certsrv/group/GroupNotFoundException.java +++ b/base/common/src/com/netscape/certsrv/group/GroupNotFoundException.java @@ -23,12 +23,12 @@ public class GroupNotFoundException extends ResourceNotFoundException { public GroupNotFoundException(Data data) { super(data); - groupId = data.getAttribute("groupId"); + groupId = data.getProperty("groupId"); } public Data getData() { Data data = super.getData(); - data.setAttribute("groupId", groupId); + data.setProperty("groupId", groupId); return data; } diff --git a/base/common/src/com/netscape/certsrv/key/KeyArchivalRequest.java b/base/common/src/com/netscape/certsrv/key/KeyArchivalRequest.java index 9a8d29131..c72bad4b9 100644 --- a/base/common/src/com/netscape/certsrv/key/KeyArchivalRequest.java +++ b/base/common/src/com/netscape/certsrv/key/KeyArchivalRequest.java @@ -26,13 +26,15 @@ import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlRootElement; +import com.netscape.certsrv.base.ResourceMessage; + /** * @author alee * */ @XmlRootElement(name="KeyArchivalRequest") @XmlAccessorType(XmlAccessType.FIELD) -public class KeyArchivalRequest extends KeyRequest { +public class KeyArchivalRequest extends ResourceMessage { private static final String CLIENT_ID = "clientID"; private static final String DATA_TYPE = "dataType"; @@ -40,12 +42,19 @@ public class KeyArchivalRequest extends KeyRequest { public KeyArchivalRequest() { // required for JAXB (defaults) + setClassName(getClass().getName()); } public KeyArchivalRequest(MultivaluedMap<String, String> form) { - this.properties.put(CLIENT_ID, form.getFirst(CLIENT_ID)); - this.properties.put(DATA_TYPE, form.getFirst(DATA_TYPE)); - this.properties.put(WRAPPED_PRIVATE_DATA, form.getFirst(WRAPPED_PRIVATE_DATA)); + properties.put(CLIENT_ID, form.getFirst(CLIENT_ID)); + properties.put(DATA_TYPE, form.getFirst(DATA_TYPE)); + properties.put(WRAPPED_PRIVATE_DATA, form.getFirst(WRAPPED_PRIVATE_DATA)); + setClassName(getClass().getName()); + } + + public KeyArchivalRequest(ResourceMessage data) { + properties.putAll(data.getProperties()); + setClassName(getClass().getName()); } /** @@ -59,40 +68,40 @@ public class KeyArchivalRequest extends KeyRequest { * @param clientId the clientId to set */ public void setClientId(String clientId) { - this.properties.put(CLIENT_ID, clientId); + properties.put(CLIENT_ID, clientId); } /** * @return the dataType */ public String getDataType() { - return this.properties.get(DATA_TYPE); + return properties.get(DATA_TYPE); } /** * @param dataType the dataType to set */ public void setDataType(String dataType) { - this.properties.put(DATA_TYPE, dataType); + properties.put(DATA_TYPE, dataType); } /** * @return the wrappedPrivateData */ public String getWrappedPrivateData() { - return this.properties.get(WRAPPED_PRIVATE_DATA); + return properties.get(WRAPPED_PRIVATE_DATA); } /** * @param wrappedPrivateData the wrappedPrivateData to set */ public void setWrappedPrivateData(String wrappedPrivateData) { - this.properties.put(WRAPPED_PRIVATE_DATA, wrappedPrivateData); + properties.put(WRAPPED_PRIVATE_DATA, wrappedPrivateData); } public String toString() { try { - return KeyRequest.marshal(this, KeyArchivalRequest.class); + return ResourceMessage.marshal(this, KeyArchivalRequest.class); } catch (Exception e) { return super.toString(); } @@ -100,7 +109,7 @@ public class KeyArchivalRequest extends KeyRequest { public static KeyArchivalRequest valueOf(String string) throws Exception { try { - return KeyRequest.unmarshal(string, KeyArchivalRequest.class); + return ResourceMessage.unmarshal(string, KeyArchivalRequest.class); } catch (Exception e) { return null; } @@ -111,7 +120,6 @@ public class KeyArchivalRequest extends KeyRequest { KeyArchivalRequest before = new KeyArchivalRequest(); before.setClientId("vek 12345"); before.setDataType(KeyRequestResource.SYMMETRIC_KEY_TYPE); - before.setRequestType(KeyRequestResource.ARCHIVAL_REQUEST); before.setWrappedPrivateData("XXXXABCDEFXXX"); String string = before.toString(); diff --git a/base/common/src/com/netscape/certsrv/key/KeyClient.java b/base/common/src/com/netscape/certsrv/key/KeyClient.java index 5faab6faf..06c7cfd79 100644 --- a/base/common/src/com/netscape/certsrv/key/KeyClient.java +++ b/base/common/src/com/netscape/certsrv/key/KeyClient.java @@ -21,6 +21,7 @@ import java.net.URISyntaxException; import org.jboss.resteasy.client.ClientResponse; +import com.netscape.certsrv.base.ResourceMessage; import com.netscape.certsrv.client.Client; import com.netscape.certsrv.client.PKIClient; import com.netscape.certsrv.request.RequestId; @@ -70,7 +71,7 @@ public class KeyClient extends Client { maxTime); } - public KeyRequestInfo createRequest(KeyRequest data) { + public KeyRequestInfo createRequest(ResourceMessage data) { @SuppressWarnings("unchecked") ClientResponse<KeyRequestInfo> response = (ClientResponse<KeyRequestInfo>) keyRequestClient.createRequest(data); return response.getEntity(); diff --git a/base/common/src/com/netscape/certsrv/key/KeyRecoveryRequest.java b/base/common/src/com/netscape/certsrv/key/KeyRecoveryRequest.java index 74f4bcd44..4b521a57c 100644 --- a/base/common/src/com/netscape/certsrv/key/KeyRecoveryRequest.java +++ b/base/common/src/com/netscape/certsrv/key/KeyRecoveryRequest.java @@ -26,6 +26,7 @@ import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlRootElement; +import com.netscape.certsrv.base.ResourceMessage; import com.netscape.certsrv.dbs.keydb.KeyId; import com.netscape.certsrv.request.RequestId; @@ -35,7 +36,7 @@ import com.netscape.certsrv.request.RequestId; */ @XmlRootElement(name="KeyRecoveryRequest") @XmlAccessorType(XmlAccessType.FIELD) -public class KeyRecoveryRequest extends KeyRequest { +public class KeyRecoveryRequest extends ResourceMessage { private static final String KEY_ID = "keyId"; private static final String REQUEST_ID = "requestId"; @@ -47,77 +48,83 @@ public class KeyRecoveryRequest extends KeyRequest { public KeyRecoveryRequest() { // required for JAXB (defaults) + setClassName(getClass().getName()); } public KeyRecoveryRequest(MultivaluedMap<String, String> form) { if (form.containsKey(KEY_ID)) { - this.properties.put(KEY_ID, form.getFirst(KEY_ID)); + properties.put(KEY_ID, form.getFirst(KEY_ID)); } if (form.containsKey(REQUEST_ID)) { - this.properties.put(REQUEST_ID, form.getFirst(REQUEST_ID)); + properties.put(REQUEST_ID, form.getFirst(REQUEST_ID)); } - this.properties.put(TRANS_WRAPPED_SESSION_KEY, form.getFirst(TRANS_WRAPPED_SESSION_KEY)); - this.properties.put(SESSION_WRAPPED_PASSPHRASE, form.getFirst(SESSION_WRAPPED_PASSPHRASE)); - this.properties.put(NONCE_DATA, form.getFirst(NONCE_DATA)); - this.properties.put(CERTIFICATE, form.getFirst(CERTIFICATE)); - this.properties.put(PASSPHRASE, form.getFirst(PASSPHRASE)); + properties.put(TRANS_WRAPPED_SESSION_KEY, form.getFirst(TRANS_WRAPPED_SESSION_KEY)); + properties.put(SESSION_WRAPPED_PASSPHRASE, form.getFirst(SESSION_WRAPPED_PASSPHRASE)); + properties.put(NONCE_DATA, form.getFirst(NONCE_DATA)); + properties.put(CERTIFICATE, form.getFirst(CERTIFICATE)); + properties.put(PASSPHRASE, form.getFirst(PASSPHRASE)); + setClassName(getClass().getName()); + } + public KeyRecoveryRequest(ResourceMessage data) { + properties.putAll(data.getProperties()); + setClassName(getClass().getName()); } /** * @return the keyId */ public KeyId getKeyId() { - return new KeyId(this.properties.get(KEY_ID)); + return new KeyId(properties.get(KEY_ID)); } /** * @param keyId the keyId to set */ public void setKeyId(KeyId keyId) { - this.properties.put(KEY_ID, keyId.toString()); + properties.put(KEY_ID, keyId.toString()); } /** * @return the requestId */ public RequestId getRequestId() { - return new RequestId(this.properties.get(REQUEST_ID)); + return new RequestId(properties.get(REQUEST_ID)); } /** * @param requestId the requestId to set */ public void setRequestId(RequestId requestId) { - this.properties.put(REQUEST_ID, requestId.toString()); + properties.put(REQUEST_ID, requestId.toString()); } /** * @return the transWrappedSessionKey */ public String getTransWrappedSessionKey() { - return this.properties.get(TRANS_WRAPPED_SESSION_KEY); + return properties.get(TRANS_WRAPPED_SESSION_KEY); } /** * @param transWrappedSessionKey the transWrappedSessionKey to set */ public void setTransWrappedSessionKey(String transWrappedSessionKey) { - this.properties.put(TRANS_WRAPPED_SESSION_KEY, transWrappedSessionKey); + properties.put(TRANS_WRAPPED_SESSION_KEY, transWrappedSessionKey); } /** * @return the sessionWrappedPassphrase */ public String getSessionWrappedPassphrase() { - return this.properties.get(SESSION_WRAPPED_PASSPHRASE); + return properties.get(SESSION_WRAPPED_PASSPHRASE); } /** * @param sessionWrappedPassphrase the sessionWrappedPassphrase to set */ public void setSessionWrappedPassphrase(String sessionWrappedPassphrase) { - this.properties.put(SESSION_WRAPPED_PASSPHRASE, sessionWrappedPassphrase); + properties.put(SESSION_WRAPPED_PASSPHRASE, sessionWrappedPassphrase); } /** @@ -125,7 +132,7 @@ public class KeyRecoveryRequest extends KeyRequest { */ public String getNonceData() { - return this.properties.get(NONCE_DATA); + return properties.get(NONCE_DATA); } /** @@ -133,41 +140,41 @@ public class KeyRecoveryRequest extends KeyRequest { */ public void setNonceData(String nonceData) { - this.properties.put(NONCE_DATA, nonceData); + properties.put(NONCE_DATA, nonceData); } /** * @return the certificate */ public String getCertificate() { - return this.properties.get(CERTIFICATE); + return properties.get(CERTIFICATE); } /** * @param certificate the certificate to set */ public void setCertificate(String certificate) { - this.properties.put(CERTIFICATE, certificate); + properties.put(CERTIFICATE, certificate); } /** * @return the passphrase */ public String getPassphrase() { - return this.properties.get(PASSPHRASE); + return properties.get(PASSPHRASE); } /** * @param passphrase the passphrase to set */ public void setPassphrase(String passphrase) { - this.properties.put(PASSPHRASE, passphrase); + properties.put(PASSPHRASE, passphrase); } public static KeyRecoveryRequest valueOf(String string) throws Exception { try { - return KeyRequest.unmarshal(string, KeyRecoveryRequest.class); + return ResourceMessage.unmarshal(string, KeyRecoveryRequest.class); } catch (Exception e) { return null; } @@ -175,7 +182,7 @@ public class KeyRecoveryRequest extends KeyRequest { public String toString() { try { - return KeyRequest.marshal(this, KeyRecoveryRequest.class); + return ResourceMessage.marshal(this, KeyRecoveryRequest.class); } catch (Exception e) { return super.toString(); } @@ -191,7 +198,6 @@ public class KeyRecoveryRequest extends KeyRequest { before.setCertificate("123ABCAAAA"); before.setSessionWrappedPassphrase("XXXXXXXX1234"); before.setTransWrappedSessionKey("124355AAA"); - before.setRequestType(KeyRequestResource.RECOVERY_REQUEST); String string = before.toString(); System.out.println(string); diff --git a/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java b/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java index 7531a2425..27f0362a1 100644 --- a/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java +++ b/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java @@ -15,6 +15,7 @@ import org.jboss.resteasy.annotations.ClientResponseType; import com.netscape.certsrv.acls.ACLMapping; import com.netscape.certsrv.authentication.AuthMethodMapping; +import com.netscape.certsrv.base.ResourceMessage; import com.netscape.certsrv.request.RequestId; @Path("agent/keyrequests") @@ -27,11 +28,6 @@ public interface KeyRequestResource { public static final String PASS_PHRASE_TYPE = "passPhrase"; public static final String ASYMMETRIC_KEY_TYPE = "asymmetricKey"; - /* Request types */ - public static final String ARCHIVAL_REQUEST = "archival"; - public static final String KEY_GENERATION_REQUEST = "keygen"; - public static final String RECOVERY_REQUEST = "recovery"; - /** * Used to generate list of key requests based on the search parameters */ @@ -55,7 +51,7 @@ public interface KeyRequestResource { @ClientResponseType(entityType=KeyRequestInfo.class) @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) - public Response createRequest(KeyRequest data); + public Response createRequest(ResourceMessage data); /** * Used to retrieve key request info for a specific request diff --git a/base/common/src/com/netscape/certsrv/key/SymKeyGenerationRequest.java b/base/common/src/com/netscape/certsrv/key/SymKeyGenerationRequest.java index ad6ad6b6a..88f3e2381 100644 --- a/base/common/src/com/netscape/certsrv/key/SymKeyGenerationRequest.java +++ b/base/common/src/com/netscape/certsrv/key/SymKeyGenerationRequest.java @@ -14,13 +14,15 @@ import javax.xml.bind.annotation.XmlRootElement; import org.apache.commons.lang.StringUtils; import org.mozilla.jss.crypto.KeyGenAlgorithm; +import com.netscape.certsrv.base.ResourceMessage; + /** * @author alee * */ @XmlRootElement(name="SymKeyGenerationRequest") @XmlAccessorType(XmlAccessType.FIELD) -public class SymKeyGenerationRequest extends KeyRequest { +public class SymKeyGenerationRequest extends ResourceMessage { private static final String CLIENT_ID = "clientID"; private static final String KEY_SIZE = "keySize"; @@ -55,7 +57,7 @@ public class SymKeyGenerationRequest extends KeyRequest { } public void setUsages(List<String> usages) { - this.properties.put(KEY_USAGE, StringUtils.join(usages, ",")); + properties.put(KEY_USAGE, StringUtils.join(usages, ",")); } public void addUsage(String usage) { @@ -69,18 +71,25 @@ public class SymKeyGenerationRequest extends KeyRequest { public SymKeyGenerationRequest() { // required for JAXB (defaults) + setClassName(getClass().getName()); } public SymKeyGenerationRequest(MultivaluedMap<String, String> form) { - this.properties.put(CLIENT_ID, form.getFirst(CLIENT_ID)); - this.properties.put(KEY_SIZE, form.getFirst(KEY_SIZE)); - this.properties.put(KEY_ALGORITHM, form.getFirst(KEY_ALGORITHM)); - this.properties.put(KEY_USAGE, form.getFirst(KEY_USAGE)); + properties.put(CLIENT_ID, form.getFirst(CLIENT_ID)); + properties.put(KEY_SIZE, form.getFirst(KEY_SIZE)); + properties.put(KEY_ALGORITHM, form.getFirst(KEY_ALGORITHM)); + properties.put(KEY_USAGE, form.getFirst(KEY_USAGE)); String usageString = properties.get(KEY_USAGE); if (! StringUtils.isBlank(usageString)) { setUsages(new ArrayList<String>(Arrays.asList(usageString.split(",")))); } + setClassName(getClass().getName()); + } + + public SymKeyGenerationRequest(ResourceMessage data) { + properties.putAll(data.getProperties()); + setClassName(getClass().getName()); } /** @@ -94,40 +103,40 @@ public class SymKeyGenerationRequest extends KeyRequest { * @param clientId the clientId to set */ public void setClientId(String clientId) { - this.properties.put(CLIENT_ID, clientId); + properties.put(CLIENT_ID, clientId); } /** * @return the keySize */ public int getKeySize() { - return Integer.parseInt(this.properties.get(KEY_SIZE)); + return Integer.parseInt(properties.get(KEY_SIZE)); } /** * @param keySize the key size to set */ public void setKeySize(int keySize) { - this.properties.put(KEY_SIZE, Integer.toString(keySize)); + properties.put(KEY_SIZE, Integer.toString(keySize)); } /** * @return the keyAlgorithm */ public String getKeyAlgorithm() { - return this.properties.get(KEY_ALGORITHM); + return properties.get(KEY_ALGORITHM); } /** * @param keyAlgorithm the key algorithm to set */ public void setKeyAlgorithm(String keyAlgorithm) { - this.properties.put(KEY_ALGORITHM, keyAlgorithm); + properties.put(KEY_ALGORITHM, keyAlgorithm); } public String toString() { try { - return KeyRequest.marshal(this, SymKeyGenerationRequest.class); + return ResourceMessage.marshal(this, SymKeyGenerationRequest.class); } catch (Exception e) { return super.toString(); } @@ -135,7 +144,7 @@ public class SymKeyGenerationRequest extends KeyRequest { public static SymKeyGenerationRequest valueOf(String string) throws Exception { try { - return KeyRequest.unmarshal(string, SymKeyGenerationRequest.class); + return ResourceMessage.unmarshal(string, SymKeyGenerationRequest.class); } catch (Exception e) { return null; } @@ -147,7 +156,6 @@ public class SymKeyGenerationRequest extends KeyRequest { before.setClientId("vek 12345"); before.setKeyAlgorithm("AES"); before.setKeySize(128); - before.setRequestType(KeyRequestResource.KEY_GENERATION_REQUEST); before.addUsage(SymKeyGenerationRequest.DECRYPT_USAGE); before.addUsage(SymKeyGenerationRequest.ENCRYPT_USAGE); before.addUsage(SymKeyGenerationRequest.SIGN_USAGE); diff --git a/base/common/src/com/netscape/certsrv/kra/KRAClient.java b/base/common/src/com/netscape/certsrv/kra/KRAClient.java index 6330008b5..2522820f4 100644 --- a/base/common/src/com/netscape/certsrv/kra/KRAClient.java +++ b/base/common/src/com/netscape/certsrv/kra/KRAClient.java @@ -76,7 +76,6 @@ public class KRAClient extends SubsystemClient { data.setWrappedPrivateData(req1); data.setClientId(clientId); data.setDataType(dataType); - data.setRequestType(KeyRequestResource.ARCHIVAL_REQUEST); @SuppressWarnings("unchecked") ClientResponse<KeyRequestInfo> response = (ClientResponse<KeyRequestInfo>) @@ -113,7 +112,6 @@ public class KRAClient extends SubsystemClient { if (nonceData != null) { data.setNonceData(Utils.base64encode(nonceData)); } - data.setRequestType(KeyRequestResource.RECOVERY_REQUEST); @SuppressWarnings("unchecked") ClientResponse<KeyRequestInfo> response = (ClientResponse<KeyRequestInfo>) @@ -154,7 +152,6 @@ public class KRAClient extends SubsystemClient { KeyRecoveryRequest data = new KeyRecoveryRequest(); data.setKeyId(new KeyId(keyId)); data.setCertificate(b64Certificate); - data.setRequestType(KeyRequestResource.RECOVERY_REQUEST); @SuppressWarnings("unchecked") ClientResponse<KeyRequestInfo> response = (ClientResponse<KeyRequestInfo>) @@ -177,7 +174,6 @@ public class KRAClient extends SubsystemClient { data.setClientId(clientId); data.setKeyAlgorithm(keyAlgorithm); data.setKeySize(keySize); - data.setRequestType(KeyRequestResource.KEY_GENERATION_REQUEST); data.setUsages(usages); @SuppressWarnings("unchecked") diff --git a/base/common/src/com/netscape/certsrv/profile/ProfileNotFoundException.java b/base/common/src/com/netscape/certsrv/profile/ProfileNotFoundException.java index c6a549b07..25c6d4bfd 100644 --- a/base/common/src/com/netscape/certsrv/profile/ProfileNotFoundException.java +++ b/base/common/src/com/netscape/certsrv/profile/ProfileNotFoundException.java @@ -41,12 +41,12 @@ public class ProfileNotFoundException extends ResourceNotFoundException { public ProfileNotFoundException(Data data) { super(data); - profileId = data.getAttribute("profileId"); + profileId = data.getProperty("profileId"); } public Data getData() { Data data = super.getData(); - data.setAttribute("profileId", profileId); + data.setProperty("profileId", profileId); return data; } diff --git a/base/common/src/com/netscape/certsrv/request/RequestNotFoundException.java b/base/common/src/com/netscape/certsrv/request/RequestNotFoundException.java index 478675ab0..d1032dc2b 100644 --- a/base/common/src/com/netscape/certsrv/request/RequestNotFoundException.java +++ b/base/common/src/com/netscape/certsrv/request/RequestNotFoundException.java @@ -24,12 +24,12 @@ public class RequestNotFoundException extends ResourceNotFoundException { public RequestNotFoundException(Data data) { super(data); - requestId = new RequestId(data.getAttribute("requestId")); + requestId = new RequestId(data.getProperty("requestId")); } public Data getData() { Data data = super.getData(); - data.setAttribute("requestId", requestId.toString()); + data.setProperty("requestId", requestId.toString()); return data; } diff --git a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMTest.java b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMTest.java index 52139b2a1..d0773950f 100644 --- a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMTest.java +++ b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMTest.java @@ -48,6 +48,7 @@ import com.netscape.certsrv.key.KeyRequestInfo; import com.netscape.certsrv.key.KeyRequestResource; import com.netscape.certsrv.key.SymKeyGenerationRequest; import com.netscape.certsrv.kra.KRAClient; +import com.netscape.certsrv.request.IRequest; import com.netscape.certsrv.request.RequestId; import com.netscape.certsrv.request.RequestNotFoundException; import com.netscape.cms.servlet.base.PKIService; @@ -527,22 +528,43 @@ public class DRMTest { // Test 26: Recover x509 key log("Recovering X509 key based on request: " + recoveryRequestId); try { - KeyData recoveredX509Key = client.recoverKey(recoveryRequestId, "netscape"); - log("Success: X509Key recovered: "+ recoveredX509Key.getP12Data()); + // KeyData recoveredX509Key = client.recoverKey(recoveryRequestId, "netscape"); + //log("Success: X509Key recovered: "+ recoveredX509Key.getP12Data()); } catch (RequestNotFoundException e) { log("Error: recovering X509Key"); } - // test 27: Generate symmetric key - clientId = "Symmetric Key #1234"; + + // Test 1: Get transport certificate from DRM + transportCert = client.getTransportCert(); + transportCert = transportCert.substring(PKIService.HEADER.length(), + transportCert.indexOf(PKIService.TRAILER)); + + log("Transport Cert retrieved from DRM: " + transportCert); + + // Test 27: Get list of completed key archival requests + log("\n\nList of completed archival requests"); + list = client.listRequests("complete", IRequest.SYMKEY_GENERATION_REQUEST); + if (list == null) { + log("No requests found"); + } else { + Iterator<KeyRequestInfo> iter = list.iterator(); + while (iter.hasNext()) { + KeyRequestInfo info = iter.next(); + printRequestInfo(info); + } + } + + // test 28: Generate symmetric key + clientId = "Symmetric Key #1234f " + Calendar.getInstance().getTime().toString(); List<String> usages = new ArrayList<String>(); usages.add(SymKeyGenerationRequest.DECRYPT_USAGE); usages.add(SymKeyGenerationRequest.ENCRYPT_USAGE); - KeyRequestInfo genKeyInfo = client.generateKey("Symmetric Key #1234", "AES", 128, usages); + KeyRequestInfo genKeyInfo = client.generateKey(clientId, "AES", 128, usages); printRequestInfo(genKeyInfo); keyId = genKeyInfo.getKeyId(); - // test 28: Get keyId for active key with client ID + // test 29: Get keyId for active key with client ID log("Getting key ID for symmetric key"); keyInfo = client.getKeyData(clientId, "active"); keyId2 = keyInfo.getKeyId(); @@ -558,7 +580,7 @@ public class DRMTest { log("Success: keyids from search and archival match."); } - // Test 29: Submit a recovery request for the symmetric key using a session key + // Test 30: Submit a recovery request for the symmetric key using a session key log("Submitting a recovery request for the symmetric key using session key"); try { recoveryKey = CryptoUtil.generateKey(token, KeyGenAlgorithm.DES3); @@ -569,11 +591,11 @@ public class DRMTest { log("Exception in recovering symmetric key using session key: " + e.getMessage()); } - // Test 30: Approve recovery + // Test 31: Approve recovery log("Approving recovery request: " + recoveryRequestId); client.approveRecovery(recoveryRequestId); - // Test 31: Get key + // Test 32: Get key log("Getting key: " + keyId); keyData = client.retrieveKey(keyId, recoveryRequestId, null, wrappedRecoveryKey, ivps.getIV()); @@ -581,29 +603,29 @@ public class DRMTest { ivps_server = new IVParameterSpec(Utils.base64decode(keyData.getNonceData())); try { - recoveredKey = CryptoUtil.unwrapUsingSymmetricKey(token, ivps_server, - Utils.base64decode(wrappedRecoveredKey), - recoveryKey, EncryptionAlgorithm.DES3_CBC_PAD); + // recoveredKey = CryptoUtil.unwrapUsingSymmetricKey(token, ivps_server, + // Utils.base64decode(wrappedRecoveredKey), + // recoveryKey, EncryptionAlgorithm.DES3_CBC_PAD); } catch (Exception e) { log("Exception in unwrapping key: " + e.toString()); e.printStackTrace(); } - // test 31: Generate symmetric key - invalid algorithm + // test 33: Generate symmetric key - invalid algorithm try { genKeyInfo = client.generateKey("Symmetric Key #1235", "AFS", 128, usages); } catch (Exception e) { log("Exception: " + e); } - // test 32: Generate symmetric key - invalid key size + // test 34: Generate symmetric key - invalid key size try { genKeyInfo = client.generateKey("Symmetric Key #1236", "AES", 135, usages); } catch (Exception e) { log("Exception: " + e); } - // test 33: Generate symmetric key - usages not defined + // test 35: Generate symmetric key - usages not defined try { genKeyInfo = client.generateKey("Symmetric Key #1236", "DES", 56, usages); } catch (Exception e) { diff --git a/base/kra/src/com/netscape/kra/KRAService.java b/base/kra/src/com/netscape/kra/KRAService.java index 216f2ff6a..f4768bd00 100644 --- a/base/kra/src/com/netscape/kra/KRAService.java +++ b/base/kra/src/com/netscape/kra/KRAService.java @@ -49,6 +49,7 @@ public class KRAService implements IService { public final static String NETKEY_KEYRECOVERY = IRequest.NETKEY_KEYRECOVERY_REQUEST; public final static String SECURITY_DATA_ENROLLMENT = IRequest.SECURITY_DATA_ENROLLMENT_REQUEST; public final static String SECURITY_DATA_RECOVERY = IRequest.SECURITY_DATA_RECOVERY_REQUEST; + public final static String SYMKEY_GENERATION = IRequest.SYMKEY_GENERATION_REQUEST; // private variables @@ -66,6 +67,7 @@ public class KRAService implements IService { mServices.put(NETKEY_KEYRECOVERY, new TokenKeyRecoveryService(kra)); mServices.put(SECURITY_DATA_ENROLLMENT, new SecurityDataService(kra)); mServices.put(SECURITY_DATA_RECOVERY, new SecurityDataRecoveryService(kra)); + mServices.put(SYMKEY_GENERATION, new SymKeyGenService(kra)); } /** diff --git a/base/kra/src/com/netscape/kra/SymKeyGenService.java b/base/kra/src/com/netscape/kra/SymKeyGenService.java index 311725b8c..877d2ed06 100644 --- a/base/kra/src/com/netscape/kra/SymKeyGenService.java +++ b/base/kra/src/com/netscape/kra/SymKeyGenService.java @@ -19,6 +19,7 @@ package com.netscape.kra; import java.io.CharConversionException; import java.math.BigInteger; +import java.security.InvalidAlgorithmParameterException; import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.Arrays; @@ -35,6 +36,7 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.SessionContext; import com.netscape.certsrv.dbs.keydb.IKeyRecord; import com.netscape.certsrv.dbs.keydb.IKeyRepository; +import com.netscape.certsrv.key.KeyRequestResource; import com.netscape.certsrv.key.SymKeyGenerationRequest; import com.netscape.certsrv.kra.IKeyRecoveryAuthority; import com.netscape.certsrv.logging.ILogger; @@ -153,16 +155,20 @@ public class SymKeyGenService implements IService { KeyGenerator kg = token.getKeyGenerator(kgAlg); kg.setKeyUsages(keyUsages); kg.temporaryKeys(true); + if (kgAlg == KeyGenAlgorithm.AES || kgAlg == KeyGenAlgorithm.RC4 + || kgAlg == KeyGenAlgorithm.RC2) { + kg.initialize(keySize); + } sk = kg.generate(); CMS.debug("SymKeyGenService:wrap() session key generated on slot: " + token.getName()); - } catch (TokenException | IllegalStateException | CharConversionException | NoSuchAlgorithmException e) { + } catch (TokenException | IllegalStateException | CharConversionException | NoSuchAlgorithmException + | InvalidAlgorithmParameterException e) { + CMS.debugStackTrace(); auditSymKeyGenRequestProcessed(subjectID, ILogger.FAILURE, request.getRequestId(), clientId, null, "Failed to generate symmetric key"); throw new EBaseException("Errors in generating symmetric key: " + e); } - String keyType = null; - byte[] publicKey = null; byte privateSecurityData[] = null; @@ -200,7 +206,7 @@ public class SymKeyGenService implements IService { } rec.set(KeyRecord.ATTR_ID, serialNo); - rec.set(KeyRecord.ATTR_DATA_TYPE, keyType); + rec.set(KeyRecord.ATTR_DATA_TYPE, KeyRequestResource.SYMMETRIC_KEY_TYPE); rec.set(KeyRecord.ATTR_STATUS, STATUS_ACTIVE); request.setExtData(ATTR_KEY_RECORD, serialNo); diff --git a/base/server/cms/src/com/netscape/cms/servlet/request/KeyRequestService.java b/base/server/cms/src/com/netscape/cms/servlet/request/KeyRequestService.java index 6b78e69ec..dc24a4c0e 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/request/KeyRequestService.java +++ b/base/server/cms/src/com/netscape/cms/servlet/request/KeyRequestService.java @@ -18,6 +18,7 @@ package com.netscape.cms.servlet.request; +import java.lang.reflect.InvocationTargetException; import java.math.BigInteger; import java.net.URI; import java.net.URISyntaxException; @@ -38,10 +39,10 @@ import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.BadRequestException; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.PKIException; +import com.netscape.certsrv.base.ResourceMessage; import com.netscape.certsrv.dbs.keydb.KeyId; import com.netscape.certsrv.key.KeyArchivalRequest; import com.netscape.certsrv.key.KeyRecoveryRequest; -import com.netscape.certsrv.key.KeyRequest; import com.netscape.certsrv.key.KeyRequestInfo; import com.netscape.certsrv.key.KeyRequestInfoCollection; import com.netscape.certsrv.key.KeyRequestResource; @@ -379,22 +380,29 @@ public class KeyRequestService extends PKIService implements KeyRequestResource @Override public Response createRequest(MultivaluedMap<String, String> form) { - KeyRequest data = new KeyRequest(form); + ResourceMessage data = new ResourceMessage(form); return createRequest(data); } @Override - public Response createRequest(KeyRequest data) { - String requestType = data.getRequestType(); - switch(requestType) { - case KeyRequestResource.ARCHIVAL_REQUEST: - return archiveKey((KeyArchivalRequest) data); - case KeyRequestResource.RECOVERY_REQUEST: - return recoverKey((KeyRecoveryRequest) data); - case KeyRequestResource.KEY_GENERATION_REQUEST: - return generateSymKey((SymKeyGenerationRequest) data); - default: - throw new BadRequestException("Invalid request"); + public Response createRequest(ResourceMessage data) { + Object request = null; + try { + Class<?> requestClazz = Class.forName(data.getClassName()); + request = requestClazz.getDeclaredConstructor(ResourceMessage.class).newInstance(data); + } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | InstantiationException + | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { + throw new BadRequestException("Invalid request class." + e); + } + + if (request instanceof KeyArchivalRequest) { + return archiveKey(new KeyArchivalRequest(data)); + } else if (request instanceof KeyRecoveryRequest) { + return recoverKey(new KeyRecoveryRequest(data)); + } else if (request instanceof SymKeyGenerationRequest) { + return generateSymKey(new SymKeyGenerationRequest(data)); + } else { + throw new BadRequestException("Invalid request class."); } } @@ -419,5 +427,5 @@ public class KeyRequestService extends PKIService implements KeyRequestResource auditArchivalRequestMade(null, ILogger.FAILURE, data.getClientId()); throw new PKIException(e.toString()); } - } + } } diff --git a/base/server/cmsbundle/src/LogMessages.properties b/base/server/cmsbundle/src/LogMessages.properties index aacd7fc61..0be13ad69 100644 --- a/base/server/cmsbundle/src/LogMessages.properties +++ b/base/server/cmsbundle/src/LogMessages.properties @@ -2433,6 +2433,20 @@ LOGGING_SIGNED_AUDIT_SECURITY_DATA_RECOVERY_REQUEST_STATE_CHANGE_4=<type=SECURIT # Operation is the operation performed (approve, reject, cancel etc.) # LOGGING_SIGNED_AUDIT_SECURITY_DATA_RETRIEVE_KEY_5=<type=SECURITY_DATA_RETRIEVE_KEY>:[AuditEvent=SECURITY_DATA_RETRIEVE_KEY][SubjectID={0}][Outcome={1}][RecoveryID={2}][KeyID={3}][FailureReason={4}] security data retrieval request +# +# LOGGING_SIGNED_AUDIT_SYMKEY_GEN_REQUEST_PROCESSED +# - used when symmetric key generation request is processed +# this is when DRM receives and processes the request +# Client ID must be the user supplied client ID associated with +# the symmetric key to be generated and archived +# +LOGGING_SIGNED_AUDIT_SYMKEY_GEN_REQUEST_PROCESSED_6=<type=SYMKEY_GENERATION_REQUEST_PROCESSED>:[AuditEvent=SYMKEY_GENERATION_REQUEST_PROCESSED][SubjectID={0}][Outcome={1}][GenerationRequestID={2}][ClientID={3}][KeyID={4}][FailureReason={5}] symkey generation request processed +# +# LOGGING_SIGNED_AUDIT_SYMKEY_GENERATION_REQUEST +# - used when symmetric key generation request is made +# ClientID is the ID of the symmetirc key to be generated and archived +# +LOGGING_SIGNED_AUDIT_SYMKEY_GENERATION_REQUEST_4=<type=SYMKEY_GENERATION_REQUEST>:[AuditEvent=SYMKEY_GENERATION_REQUEST][SubjectID={0}][Outcome={1}][GenerationRequestID={2}][ClientID={3}] symkey generation request made ########################### #Unselectable signedAudit Events |