public Key getPrivateKey(String alias, boolean isSuperTenant) throws SecurityConfigException { KeyStoreData[] keystores = getKeyStores(isSuperTenant); KeyStore keyStore = null; String privateKeyPassowrd = null; try { for (int i = 0; i < keystores.length; i++) { if (KeyStoreUtil.isPrimaryStore(keystores[i].getKeyStoreName())) { KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId); keyStore = keyMan.getPrimaryKeyStore(); ServerConfiguration serverConfig = ServerConfiguration.getInstance(); privateKeyPassowrd = serverConfig .getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIVATE_KEY_PASSWORD); return keyStore.getKey(alias, privateKeyPassowrd.toCharArray()); } } } catch (Exception e) { String msg = "Error has encounted while loading the key for the given alias " + alias; log.error(msg, e); throw new SecurityConfigException(msg); } return null; }
public Properties getServerCryptoProperties(String privateStore, String[] trustedCertStores) throws Exception { Properties props = new Properties(); int tenantId = ((UserRegistry) registry).getTenantId(); if (trustedCertStores != null && trustedCertStores.length > 0) { StringBuilder trustString = new StringBuilder(); for (String trustedCertStore : trustedCertStores) { if (trustString.length() > 0) { trustString.append(","); } trustString.append(trustedCertStore); } props.setProperty(ServerCrypto.PROP_ID_TRUST_STORES, trustString.toString()); } if (privateStore != null) { props.setProperty(ServerCrypto.PROP_ID_PRIVATE_STORE, privateStore); KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId); KeyStore ks = keyMan.getKeyStore(privateStore); String privKeyAlias = KeyStoreUtil.getPrivateKeyAlias(ks); props.setProperty(ServerCrypto.PROP_ID_DEFAULT_ALIAS, privKeyAlias); props.setProperty(USER, privKeyAlias); } if (privateStore != null || (trustedCertStores != null && trustedCertStores.length > 0)) { //Set the tenant-ID in the properties props.setProperty(ServerCrypto.PROP_ID_TENANT_ID, Integer.toString(tenantId)); } return props; }
private String getSuperTenantKeyStoreName() { String keyStoreFileLocation = ServerConfiguration.getInstance() .getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIMARY_KEYSTORE_FILE); return KeyStoreUtil.getKeyStoreFileName(keyStoreFileLocation); } }
boolean superTenant = MultitenantConstants.SUPER_TENANT_ID == CarbonContext .getThreadLocalCarbonContext().getTenantId() ? true : false; if (superTenant && KeyStoreUtil.isPrimaryStore(keystores[i].getKeyStoreName())) { keyStoreName = keystores[i].getKeyStoreName(); privateKeyAlias = KeyStoreUtil.getPrivateKeyAlias(KeyStoreManager.getInstance( MultitenantConstants.SUPER_TENANT_ID).getKeyStore(keyStoreName)); break;
if (KeyStoreUtil.isPrimaryStore(keystores[i].getKeyStoreName())) { keyStoreName = keystores[i].getKeyStoreName(); privateKeyAlias = KeyStoreUtil.getPrivateKeyAlias(KeyStoreManager.getInstance( MultitenantConstants.SUPER_TENANT_ID) .getKeyStore(keyStoreName)); KeyStore keyStore = KeyStoreManager.getInstance(tenantId).getKeyStore(keyStoreName); if (keyStore != null) { privateKeyAlias = KeyStoreUtil.getPrivateKeyAlias(keyStore); keyPassword = KeyStoreManager.getInstance(tenantId).getKeyStorePassword(keyStoreName); } else {
public Key getPrivateKey(String alias, boolean isSuperTenant) throws SecurityConfigException { KeyStoreData[] keystores = getKeyStores(isSuperTenant); KeyStore keyStore = null; String privateKeyPassowrd = null; try { for (int i = 0; i < keystores.length; i++) { if (KeyStoreUtil.isPrimaryStore(keystores[i].getKeyStoreName())) { KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId); keyStore = keyMan.getPrimaryKeyStore(); ServerConfiguration serverConfig = ServerConfiguration.getInstance(); privateKeyPassowrd = serverConfig .getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIVATE_KEY_PASSWORD); return keyStore.getKey(alias, privateKeyPassowrd.toCharArray()); } } } catch (Exception e) { String msg = "Error has encounted while loading the key for the given alias " + alias; log.error(msg, e); throw new SecurityConfigException(msg); } return null; }
public Properties getServerCryptoProperties(String privateStore, String[] trustedCertStores) throws Exception { Properties props = new Properties(); int tenantId = ((UserRegistry) registry).getTenantId(); if (trustedCertStores != null && trustedCertStores.length > 0) { StringBuilder trustString = new StringBuilder(); for (String trustedCertStore : trustedCertStores) { if (trustString.length() > 0) { trustString.append(","); } trustString.append(trustedCertStore); } props.setProperty(ServerCrypto.PROP_ID_TRUST_STORES, trustString.toString()); } if (privateStore != null) { props.setProperty(ServerCrypto.PROP_ID_PRIVATE_STORE, privateStore); KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId); KeyStore ks = keyMan.getKeyStore(privateStore); String privKeyAlias = KeyStoreUtil.getPrivateKeyAlias(ks); props.setProperty(ServerCrypto.PROP_ID_DEFAULT_ALIAS, privKeyAlias); props.setProperty(USER, privKeyAlias); } if (privateStore != null || (trustedCertStores != null && trustedCertStores.length > 0)) { //Set the tenant-ID in the properties props.setProperty(ServerCrypto.PROP_ID_TENANT_ID, Integer.toString(tenantId)); } return props; }
String type = config .getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIMARY_KEYSTORE_TYPE); String name = KeyStoreUtil.getKeyStoreFileName(fileName); data.setKeyStoreName(name); data.setKeyStoreType(type);
public void deleteStore(String keyStoreName) throws SecurityConfigException { try { String keyStoreNameTrim = keyStoreName.trim(); if (keyStoreName == null || keyStoreNameTrim.length() == 0) { throw new SecurityConfigException("Key Store name can't be null"); } if (KeyStoreUtil.isPrimaryStore(keyStoreName)) { throw new SecurityConfigException("Not allowed to delete the primary key store : " + keyStoreName); } String path = SecurityConstants.KEY_STORES + "/" + keyStoreName; boolean isFound = false; Association[] assocs = registry.getAllAssociations(path); if (assocs.length > 0) { isFound = true; } if (isFound) { throw new SecurityConfigException("Key store : " + keyStoreName + " is already in use and can't be deleted"); } registry.delete(path); } catch (RegistryException e) { String msg = "Error when deleting a keyStore"; log.error(msg, e); throw new SecurityConfigException(msg, e); } }
KeyStore ks = keyMan.getKeyStore(privateStore); String privKeyAlias = KeyStoreUtil.getPrivateKeyAlias(ks); props.setProperty(ServerCrypto.PROP_ID_DEFAULT_ALIAS, privKeyAlias); props.setProperty(USER, privKeyAlias);
String type = config .getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIMARY_KEYSTORE_TYPE); String name = KeyStoreUtil.getKeyStoreFileName(fileName); data.setKeyStoreName(name); data.setKeyStoreType(type);
public Key getPrivateKey(String alias, boolean isSuperTenant) throws SecurityConfigException { KeyStoreData[] keystores = getKeyStores(isSuperTenant); KeyStore keyStore = null; String privateKeyPassowrd = null; try { for (int i = 0; i < keystores.length; i++) { if (KeyStoreUtil.isPrimaryStore(keystores[i].getKeyStoreName())) { KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId); keyStore = keyMan.getPrimaryKeyStore(); ServerConfiguration serverConfig = ServerConfiguration.getInstance(); privateKeyPassowrd = serverConfig .getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIVATE_KEY_PASSWORD); return keyStore.getKey(alias, privateKeyPassowrd.toCharArray()); } } } catch (Exception e) { String msg = "Error has encounted while loading the key for the given alias " + alias; log.error(msg, e); throw new SecurityConfigException(msg); } return null; }
String type = config .getFirstProperty(RegistryResources.SecurityManagement.SERVER_PRIMARY_KEYSTORE_TYPE); String name = KeyStoreUtil.getKeyStoreFileName(fileName); data.setKeyStoreName(name); data.setKeyStoreType(type);
public void addTrustStore(byte[] content, String filename, String password, String provider, String type) throws SecurityConfigException { if (filename == null) { throw new SecurityConfigException("Key Store name can't be null"); } try { if (KeyStoreUtil.isPrimaryStore(filename)) { throw new SecurityConfigException("Key store " + filename + " already available"); } String path = SecurityConstants.KEY_STORES + "/" + filename; if (registry.resourceExists(path)) { throw new SecurityConfigException("Key store " + filename + " already available"); } KeyStore keyStore = KeyStore.getInstance(type); keyStore.load(new ByteArrayInputStream(content), password.toCharArray()); CryptoUtil cryptoUtil = CryptoUtil.getDefaultCryptoUtil(); Resource resource = registry.newResource(); resource.addProperty(SecurityConstants.PROP_PASSWORD, cryptoUtil .encryptAndBase64Encode(password.getBytes())); resource.addProperty(SecurityConstants.PROP_PROVIDER, provider); resource.addProperty(SecurityConstants.PROP_TYPE, type); resource.setContent(content); registry.put(path, resource); } catch (SecurityConfigException e) { throw e; } catch (Exception e) { String msg = "Error when adding a trustStore"; log.error(msg, e); throw new SecurityConfigException(msg, e); } }
public void addTrustStore(byte[] content, String filename, String password, String provider, String type) throws SecurityConfigException { if (filename == null) { throw new SecurityConfigException("Key Store name can't be null"); } try { if (KeyStoreUtil.isPrimaryStore(filename)) { throw new SecurityConfigException("Key store " + filename + " already available"); } String path = SecurityConstants.KEY_STORES + "/" + filename; if (registry.resourceExists(path)) { throw new SecurityConfigException("Key store " + filename + " already available"); } KeyStore keyStore = KeyStore.getInstance(type); keyStore.load(new ByteArrayInputStream(content), password.toCharArray()); CryptoUtil cryptoUtil = CryptoUtil.getDefaultCryptoUtil(); Resource resource = registry.newResource(); resource.addProperty(SecurityConstants.PROP_PASSWORD, cryptoUtil .encryptAndBase64Encode(password.getBytes())); resource.addProperty(SecurityConstants.PROP_PROVIDER, provider); resource.addProperty(SecurityConstants.PROP_TYPE, type); resource.setContent(content); registry.put(path, resource); } catch (SecurityConfigException e) { throw e; } catch (Exception e) { String msg = "Error when adding a trustStore"; log.error(msg, e); throw new SecurityConfigException(msg, e); } }
public void addTrustStore(byte[] content, String filename, String password, String provider, String type) throws SecurityConfigException { if (filename == null) { throw new SecurityConfigException("Key Store name can't be null"); } try { if (KeyStoreUtil.isPrimaryStore(filename)) { throw new SecurityConfigException("Key store " + filename + " already available"); } String path = SecurityConstants.KEY_STORES + "/" + filename; if (registry.resourceExists(path)) { throw new SecurityConfigException("Key store " + filename + " already available"); } KeyStore keyStore = KeyStore.getInstance(type); keyStore.load(new ByteArrayInputStream(content), password.toCharArray()); CryptoUtil cryptoUtil = CryptoUtil.getDefaultCryptoUtil(); Resource resource = registry.newResource(); resource.addProperty(SecurityConstants.PROP_PASSWORD, cryptoUtil .encryptAndBase64Encode(password.getBytes())); resource.addProperty(SecurityConstants.PROP_PROVIDER, provider); resource.addProperty(SecurityConstants.PROP_TYPE, type); resource.setContent(content); registry.put(path, resource); } catch (SecurityConfigException e) { throw e; } catch (Exception e) { String msg = "Error when adding a trustStore"; log.error(msg, e); throw new SecurityConfigException(msg, e); } }
if (KeyStoreUtil.isPrimaryStore(filename)) { throw new SecurityConfigException("Key store " + filename + " already available");
public void deleteStore(String keyStoreName) throws SecurityConfigException { try { if (StringUtils.isBlank(keyStoreName)) { throw new SecurityConfigException("Key Store name can't be null"); } if (KeyStoreUtil.isPrimaryStore(keyStoreName)) { throw new SecurityConfigException("Not allowed to delete the primary key store : " + keyStoreName); } if (isTrustStore(keyStoreName)) { throw new SecurityConfigException("Not allowed to delete the trust store : " + keyStoreName); } String path = SecurityConstants.KEY_STORES + "/" + keyStoreName; boolean isFound = false; Association[] assocs = registry.getAllAssociations(path); if (assocs.length > 0) { isFound = true; } if (isFound) { throw new SecurityConfigException("Key store : " + keyStoreName + " is already in use and can't be deleted"); } registry.delete(path); } catch (RegistryException e) { String msg = "Error when deleting a keyStore"; log.error(msg, e); throw new SecurityConfigException(msg, e); } }
if (KeyStoreUtil.isPrimaryStore(filename)) { throw new SecurityConfigException("Key store " + filename + " already available");
public void deleteStore(String keyStoreName) throws SecurityConfigException { try { if (StringUtils.isBlank(keyStoreName)) { throw new SecurityConfigException("Key Store name can't be null"); } if (KeyStoreUtil.isPrimaryStore(keyStoreName)) { throw new SecurityConfigException("Not allowed to delete the primary key store : " + keyStoreName); } if (isTrustStore(keyStoreName)) { throw new SecurityConfigException("Not allowed to delete the trust store : " + keyStoreName); } String path = SecurityConstants.KEY_STORES + "/" + keyStoreName; boolean isFound = false; Association[] assocs = registry.getAllAssociations(path); if (assocs.length > 0) { isFound = true; } if (isFound) { throw new SecurityConfigException("Key store : " + keyStoreName + " is already in use and can't be deleted"); } registry.delete(path); } catch (RegistryException e) { String msg = "Error when deleting a keyStore"; log.error(msg, e); throw new SecurityConfigException(msg, e); } }