summaryrefslogtreecommitdiffstats
path: root/base/common
diff options
context:
space:
mode:
Diffstat (limited to 'base/common')
-rw-r--r--base/common/src/com/netscape/certsrv/key/KeyClient.java105
-rw-r--r--base/common/src/com/netscape/certsrv/key/KeyResource.java18
-rw-r--r--base/common/src/com/netscape/certsrv/kra/KRAClient.java142
3 files changed, 115 insertions, 150 deletions
diff --git a/base/common/src/com/netscape/certsrv/key/KeyClient.java b/base/common/src/com/netscape/certsrv/key/KeyClient.java
index 7ab87fe09..bdb84fddb 100644
--- a/base/common/src/com/netscape/certsrv/key/KeyClient.java
+++ b/base/common/src/com/netscape/certsrv/key/KeyClient.java
@@ -18,13 +18,16 @@
package com.netscape.certsrv.key;
import java.net.URISyntaxException;
+import java.util.List;
import javax.ws.rs.core.Response;
import com.netscape.certsrv.base.ResourceMessage;
import com.netscape.certsrv.client.Client;
import com.netscape.certsrv.client.PKIClient;
+import com.netscape.certsrv.dbs.keydb.KeyId;
import com.netscape.certsrv.request.RequestId;
+import com.netscape.cmsutil.util.Utils;
/**
* @author Endi S. Dewata
@@ -46,14 +49,52 @@ public class KeyClient extends Client {
public KeyInfoCollection findKeys(String clientID, String status, Integer maxSize, Integer maxTime,
Integer start, Integer size) {
- return keyClient.listKeys(clientID, status, maxSize, maxTime, start, size);
+ Response response = keyClient.listKeys(clientID, status, maxSize, maxTime, start, size);
+ return client.getEntity(response, KeyInfoCollection.class);
+ }
+
+ public KeyInfo getActiveKeyInfo(String clientID) {
+ Response response = keyClient.getActiveKeyInfo(clientID);
+ return client.getEntity(response, KeyInfo.class);
+ }
+
+ public KeyData retrieveKey(KeyId keyId, RequestId requestId, byte[] rpwd, byte[] rkey, byte[] nonceData) {
+ // create recovery request
+ KeyRecoveryRequest data = new KeyRecoveryRequest();
+ data.setKeyId(keyId);
+ data.setRequestId(requestId);
+ if (rkey != null) {
+ data.setTransWrappedSessionKey(Utils.base64encode(rkey));
+ }
+ if (rpwd != null) {
+ data.setSessionWrappedPassphrase(Utils.base64encode(rpwd));
+ }
+
+ if (nonceData != null) {
+ data.setNonceData(Utils.base64encode(nonceData));
+ }
+
+ return retrieveKey(data);
}
public KeyData retrieveKey(KeyRecoveryRequest data) {
- return keyClient.retrieveKey(data);
+ Response response = keyClient.retrieveKey(data);
+ return client.getEntity(response, KeyData.class);
+ }
+
+ public KeyRequestInfoCollection findRequests(String requestState, String requestType) {
+ return findRequests(
+ requestState,
+ requestType,
+ null,
+ new RequestId(0),
+ 100,
+ 100,
+ 10
+ );
}
- public KeyRequestInfoCollection findKeyRequests(
+ public KeyRequestInfoCollection findRequests(
String requestState,
String requestType,
String clientID,
@@ -71,15 +112,65 @@ public class KeyClient extends Client {
maxTime);
}
+ public KeyRequestInfo getRequestInfo(RequestId id) {
+ return keyRequestClient.getRequestInfo(id);
+ }
+
+ public KeyRequestResponse archiveSecurityData(byte[] encoded, String clientId, String dataType, String algorithm, int strength) {
+ // create archival request
+ KeyArchivalRequest data = new KeyArchivalRequest();
+ String req1 = Utils.base64encode(encoded);
+ data.setWrappedPrivateData(req1);
+ data.setClientId(clientId);
+ data.setDataType(dataType);
+ data.setKeyAlgorithm(algorithm);
+ data.setKeySize(strength);
+
+ return createRequest(data);
+ }
+
+ public KeyRequestResponse requestRecovery(KeyId keyId, byte[] rpwd, byte[] rkey, byte[] nonceData) {
+ // create recovery request
+ KeyRecoveryRequest data = new KeyRecoveryRequest();
+ data.setKeyId(keyId);
+ if (rpwd != null) {
+ data.setSessionWrappedPassphrase(Utils.base64encode(rpwd));
+ }
+ if (rkey != null) {
+ data.setTransWrappedSessionKey(Utils.base64encode(rkey));
+ }
+
+ if (nonceData != null) {
+ data.setNonceData(Utils.base64encode(nonceData));
+ }
+
+ return createRequest(data);
+ }
+
+ public KeyRequestResponse requestKeyRecovery(String keyId, String b64Certificate) {
+ // create key recovery request
+ KeyRecoveryRequest data = new KeyRecoveryRequest();
+ data.setKeyId(new KeyId(keyId));
+ data.setCertificate(b64Certificate);
+
+ return createRequest(data);
+ }
+
+ public KeyRequestResponse generateKey(String clientId, String keyAlgorithm, int keySize, List<String> usages) {
+ SymKeyGenerationRequest data = new SymKeyGenerationRequest();
+ data.setClientId(clientId);
+ data.setKeyAlgorithm(keyAlgorithm);
+ data.setKeySize(new Integer(keySize));
+ data.setUsages(usages);
+
+ return createRequest(data);
+ }
+
public KeyRequestResponse createRequest(ResourceMessage data) {
Response response = keyRequestClient.createRequest(data);
return client.getEntity(response, KeyRequestResponse.class);
}
- public KeyRequestInfo getRequestInfo(RequestId id) {
- return keyRequestClient.getRequestInfo(id);
- }
-
public void approveRequest(RequestId id) {
keyRequestClient.approveRequest(id);
}
diff --git a/base/common/src/com/netscape/certsrv/key/KeyResource.java b/base/common/src/com/netscape/certsrv/key/KeyResource.java
index 04d57fd2b..78ce15344 100644
--- a/base/common/src/com/netscape/certsrv/key/KeyResource.java
+++ b/base/common/src/com/netscape/certsrv/key/KeyResource.java
@@ -4,10 +4,14 @@ import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.core.Response;
+
+import org.jboss.resteasy.annotations.ClientResponseType;
import com.netscape.certsrv.acls.ACLMapping;
import com.netscape.certsrv.authentication.AuthMethodMapping;
@@ -19,14 +23,20 @@ import com.netscape.certsrv.authentication.AuthMethodMapping;
public interface KeyResource {
@GET
+ @ClientResponseType(entityType=KeyInfoCollection.class)
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
- public KeyInfoCollection listKeys(@QueryParam("clientID") String clientID,
+ public Response listKeys(@QueryParam("clientID") String clientID,
@QueryParam("status") String status,
@QueryParam("maxResults") Integer maxResults,
@QueryParam("maxTime") Integer maxTime,
@QueryParam("start") Integer start,
@QueryParam("size") Integer size);
+ @GET
+ @Path("active/{clientID}")
+ @ClientResponseType(entityType=KeyInfo.class)
+ @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
+ public Response getActiveKeyInfo(@PathParam("clientID") String clientID);
/**
* Used to retrieve a key
@@ -35,14 +45,16 @@ public interface KeyResource {
*/
@POST
@Path("retrieve")
+ @ClientResponseType(entityType=KeyData.class)
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
- public KeyData retrieveKey(KeyRecoveryRequest data);
+ public Response retrieveKey(KeyRecoveryRequest data);
// retrieval - used to test integration with a browser
@POST
@Path("retrieve")
+ @ClientResponseType(entityType=KeyData.class)
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Consumes({ MediaType.APPLICATION_FORM_URLENCODED })
- public KeyData retrieveKey(MultivaluedMap<String, String> form);
+ public Response retrieveKey(MultivaluedMap<String, String> form);
}
diff --git a/base/common/src/com/netscape/certsrv/kra/KRAClient.java b/base/common/src/com/netscape/certsrv/kra/KRAClient.java
index 52ec25349..1cdb879e6 100644
--- a/base/common/src/com/netscape/certsrv/kra/KRAClient.java
+++ b/base/common/src/com/netscape/certsrv/kra/KRAClient.java
@@ -1,39 +1,18 @@
package com.netscape.certsrv.kra;
import java.net.URISyntaxException;
-import java.util.Collection;
-import java.util.Iterator;
-import java.util.List;
-
-import javax.ws.rs.core.Response;
import com.netscape.certsrv.client.PKIClient;
import com.netscape.certsrv.client.SubsystemClient;
-import com.netscape.certsrv.dbs.keydb.KeyId;
import com.netscape.certsrv.group.GroupClient;
-import com.netscape.certsrv.key.KeyArchivalRequest;
-import com.netscape.certsrv.key.KeyData;
-import com.netscape.certsrv.key.KeyInfo;
-import com.netscape.certsrv.key.KeyInfoCollection;
-import com.netscape.certsrv.key.KeyRecoveryRequest;
-import com.netscape.certsrv.key.KeyRequestInfo;
-import com.netscape.certsrv.key.KeyRequestInfoCollection;
-import com.netscape.certsrv.key.KeyRequestResource;
-import com.netscape.certsrv.key.KeyRequestResponse;
-import com.netscape.certsrv.key.KeyResource;
-import com.netscape.certsrv.key.SymKeyGenerationRequest;
+import com.netscape.certsrv.key.KeyClient;
import com.netscape.certsrv.logging.AuditClient;
-import com.netscape.certsrv.request.RequestId;
import com.netscape.certsrv.selftests.SelfTestClient;
import com.netscape.certsrv.system.SystemCertClient;
import com.netscape.certsrv.user.UserClient;
-import com.netscape.cmsutil.util.Utils;
public class KRAClient extends SubsystemClient {
- private KeyResource keyClient;
- private KeyRequestResource keyRequestClient;
-
public KRAClient(PKIClient client) throws URISyntaxException {
super(client, "kra");
init();
@@ -43,126 +22,9 @@ public class KRAClient extends SubsystemClient {
addClient(new AuditClient(client, name));
addClient(new GroupClient(client, name));
+ addClient(new KeyClient(client, name));
addClient(new SelfTestClient(client, name));
addClient(new SystemCertClient(client, name));
addClient(new UserClient(client, name));
-
- keyRequestClient = createProxy(KeyRequestResource.class);
- keyClient = createProxy(KeyResource.class);
- }
-
- public Collection<KeyRequestInfo> listRequests(String requestState, String requestType) {
- KeyRequestInfoCollection infos = keyRequestClient.listRequests(
- requestState, requestType, null, new RequestId(0), 100, 100, 10
- );
- Collection<KeyRequestInfo> list = infos.getEntries();
- return list;
- }
-
- public KeyRequestResponse archiveSecurityData(byte[] encoded, String clientId, String dataType, String algorithm, int strength) {
- // create archival request
- KeyArchivalRequest data = new KeyArchivalRequest();
- String req1 = Utils.base64encode(encoded);
- data.setWrappedPrivateData(req1);
- data.setClientId(clientId);
- data.setDataType(dataType);
- data.setKeyAlgorithm(algorithm);
- data.setKeySize(strength);
-
- Response response = keyRequestClient.createRequest(data);
- return client.getEntity(response, KeyRequestResponse.class);
- }
-
- public KeyInfo getKeyData(String clientId, String status) {
- KeyInfoCollection infos = keyClient.listKeys(clientId, status, null, null, null, null);
- Collection<KeyInfo> list = infos.getEntries();
- Iterator<KeyInfo> iter = list.iterator();
-
- while (iter.hasNext()) {
- KeyInfo info = iter.next();
- if (info != null) {
- // return the first one
- return info;
- }
- }
- return null;
- }
-
- public KeyRequestResponse requestRecovery(KeyId keyId, byte[] rpwd, byte[] rkey, byte[] nonceData) {
- // create recovery request
- KeyRecoveryRequest data = new KeyRecoveryRequest();
- data.setKeyId(keyId);
- if (rpwd != null) {
- data.setSessionWrappedPassphrase(Utils.base64encode(rpwd));
- }
- if (rkey != null) {
- data.setTransWrappedSessionKey(Utils.base64encode(rkey));
- }
-
- if (nonceData != null) {
- data.setNonceData(Utils.base64encode(nonceData));
- }
-
- Response response = keyRequestClient.createRequest(data);
- return client.getEntity(response, KeyRequestResponse.class);
- }
-
- public void approveRecovery(RequestId recoveryId) {
- keyRequestClient.approveRequest(recoveryId);
- }
-
- public KeyData retrieveKey(KeyId keyId, RequestId requestId, byte[] rpwd, byte[] rkey, byte[] nonceData) {
- // create recovery request
- KeyRecoveryRequest data = new KeyRecoveryRequest();
- data.setKeyId(keyId);
- data.setRequestId(requestId);
- if (rkey != null) {
- data.setTransWrappedSessionKey(Utils.base64encode(rkey));
- }
- if (rpwd != null) {
- data.setSessionWrappedPassphrase(Utils.base64encode(rpwd));
- }
-
- if (nonceData != null) {
- data.setNonceData(Utils.base64encode(nonceData));
- }
-
- KeyData key = keyClient.retrieveKey(data);
- return key;
- }
-
- public KeyRequestInfo getRequest(RequestId id) {
- return keyRequestClient.getRequestInfo(id);
- }
-
- public KeyRequestResponse requestKeyRecovery(String keyId, String b64Certificate) {
- // create key recovery request
- KeyRecoveryRequest data = new KeyRecoveryRequest();
- data.setKeyId(new KeyId(keyId));
- data.setCertificate(b64Certificate);
-
- Response response = keyRequestClient.createRequest(data);
- return client.getEntity(response, KeyRequestResponse.class);
- }
-
- public KeyData recoverKey(RequestId requestId, String passphrase) {
- // recover key based on approved request
- KeyRecoveryRequest data = new KeyRecoveryRequest();
- data.setRequestId(requestId);
- data.setPassphrase(passphrase);
-
- KeyData key = keyClient.retrieveKey(data);
- return key;
- }
-
- public KeyRequestResponse generateKey(String clientId, String keyAlgorithm, int keySize, List<String> usages) {
- SymKeyGenerationRequest data = new SymKeyGenerationRequest();
- data.setClientId(clientId);
- data.setKeyAlgorithm(keyAlgorithm);
- data.setKeySize(new Integer(keySize));
- data.setUsages(usages);
-
- Response response = keyRequestClient.createRequest(data);
- return client.getEntity(response, KeyRequestResponse.class);
}
}
generated by cgit (git 2.34.1) at 2024-06-27 23:17:08 +0000