From 60835ed008586f85a22737d0161cb026f2dbffec Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Sat, 18 Aug 2012 02:30:44 -0500 Subject: Moved REST CLI into pki-tools. The pki-client.jar has been split and merged into pki-certsrv.jar and pki-tools.jar. The REST client classes are now packaged in com.netscape.certsrv. packages. The REST CLI classes are now packaged in com.netscape.cmstools. packages. The "pki" script has been moved into pki-tools RPM package. Ticket #215 --- .../src/com/netscape/certsrv/kra/DRMClient.java | 130 +++++++++++++++++++++ 1 file changed, 130 insertions(+) create mode 100644 base/common/src/com/netscape/certsrv/kra/DRMClient.java (limited to 'base/common/src/com/netscape/certsrv/kra') diff --git a/base/common/src/com/netscape/certsrv/kra/DRMClient.java b/base/common/src/com/netscape/certsrv/kra/DRMClient.java new file mode 100644 index 000000000..3454e0995 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/kra/DRMClient.java @@ -0,0 +1,130 @@ +package com.netscape.certsrv.kra; + +import java.net.URISyntaxException; +import java.util.Collection; +import java.util.Iterator; + +import org.jboss.resteasy.client.ClientResponse; + +import com.netscape.certsrv.cert.CertData; +import com.netscape.certsrv.client.ClientConfig; +import com.netscape.certsrv.client.PKIClient; +import com.netscape.certsrv.dbs.keydb.KeyId; +import com.netscape.certsrv.key.KeyArchivalRequest; +import com.netscape.certsrv.key.KeyData; +import com.netscape.certsrv.key.KeyDataInfo; +import com.netscape.certsrv.key.KeyDataInfos; +import com.netscape.certsrv.key.KeyRecoveryRequest; +import com.netscape.certsrv.key.KeyRequestInfo; +import com.netscape.certsrv.key.KeyRequestInfos; +import com.netscape.certsrv.key.KeyRequestResource; +import com.netscape.certsrv.key.KeyResource; +import com.netscape.certsrv.request.RequestId; +import com.netscape.certsrv.system.SystemCertResource; +import com.netscape.cmsutil.util.Utils; + +public class DRMClient extends PKIClient { + + private KeyResource keyClient; + private KeyRequestResource keyRequestClient; + private SystemCertResource systemCertClient; + + public DRMClient(ClientConfig config) throws URISyntaxException { + super(config); + + systemCertClient = createProxy(SystemCertResource.class); + keyRequestClient = createProxy(KeyRequestResource.class); + keyClient = createProxy(KeyResource.class); + } + + public String getTransportCert() { + @SuppressWarnings("unchecked") + ClientResponse response = (ClientResponse) systemCertClient + .getTransportCert(); + CertData certData = getEntity(response); + String transportCert = certData.getEncoded(); + return transportCert; + } + + public Collection listRequests(String requestState, String requestType) { + KeyRequestInfos infos = keyRequestClient.listRequests( + requestState, requestType, null, new RequestId(0), 100, 100, 10 + ); + Collection list = infos.getRequests(); + return list; + } + + public KeyRequestInfo archiveSecurityData(byte[] encoded, String clientId, String dataType) { + // create archival request + KeyArchivalRequest data = new KeyArchivalRequest(); + String req1 = Utils.base64encode(encoded); + data.setWrappedPrivateData(req1); + data.setClientId(clientId); + data.setDataType(dataType); + + KeyRequestInfo info = keyRequestClient.archiveKey(data); + return info; + } + + public KeyDataInfo getKeyData(String clientId, String status) { + KeyDataInfos infos = keyClient.listKeys(clientId, status, 100, 10); + Collection list = infos.getKeyInfos(); + Iterator iter = list.iterator(); + + while (iter.hasNext()) { + KeyDataInfo info = iter.next(); + if (info != null) { + // return the first one + return info; + } + } + return null; + } + + public KeyRequestInfo requestRecovery(KeyId keyId, byte[] rpwd, byte[] rkey, byte[] nonceData) { + // create recovery request + KeyRecoveryRequest data = new KeyRecoveryRequest(); + data.setKeyId(keyId); + if (rpwd != null) { + data.setSessionWrappedPassphrase(Utils.base64encode(rpwd)); + } + if (rkey != null) { + data.setTransWrappedSessionKey(Utils.base64encode(rkey)); + } + + if (nonceData != null) { + data.setNonceData(Utils.base64encode(nonceData)); + } + + KeyRequestInfo info = keyRequestClient.recoverKey(data); + return info; + } + + public void approveRecovery(RequestId recoveryId) { + keyRequestClient.approveRequest(recoveryId); + } + + public KeyData retrieveKey(KeyId keyId, RequestId requestId, byte[] rpwd, byte[] rkey, byte[] nonceData) { + // create recovery request + KeyRecoveryRequest data = new KeyRecoveryRequest(); + data.setKeyId(keyId); + data.setRequestId(requestId); + if (rkey != null) { + data.setTransWrappedSessionKey(Utils.base64encode(rkey)); + } + if (rpwd != null) { + data.setSessionWrappedPassphrase(Utils.base64encode(rpwd)); + } + + if (nonceData != null) { + data.setNonceData(Utils.base64encode(nonceData)); + } + + KeyData key = keyClient.retrieveKey(data); + return key; + } + + public KeyRequestInfo getRequest(RequestId id) { + return keyRequestClient.getRequestInfo(id); + } +} -- cgit