/**
* Imports a certificate.
*
* @param file file
* @param clientId client id
* @throws Exception if an error occurs
*/
@Command(description = "Imports a certificate")
public void importCertificate(
@Param(name = "file", description = "Certificate file (PEM)") String file,
@Param(name = "clientId", description = "Member identifier") ClientId clientId)
throws Exception {
Map<String, Object> logData = new LinkedHashMap<>();
logData.put(CERT_FILE_NAME_PARAM, file);
logData.put(CLIENT_IDENTIFIER_PARAM, clientId);
try {
byte[] certBytes = fileToBytes(file);
ImportCertResponse response =
SignerClient.execute(
new ImportCert(certBytes, CertificateInfo.STATUS_REGISTERED, clientId));
logData.put(KEY_ID_PARAM, response.getKeyId());
AuditLogger.log(IMPORT_A_CERTIFICATE_FROM_THE_FILE, XROAD_USER, logData);
System.out.println(response.getKeyId());
} catch (Exception e) {
AuditLogger.log(IMPORT_A_CERTIFICATE_FROM_THE_FILE, XROAD_USER, e.getMessage(), logData);
System.out.println("ERROR: " + e);
}
}
/**
* Generate certificate request.
*
* @param keyId key id
* @param memberId member id
* @param usage usage
* @param subjectName subject name
* @throws Exception if an error occurs
*/
@Command(description = "Generate certificate request")
public void generateCertRequest(
@Param(name = "keyId", description = "Key ID") String keyId,
@Param(name = "memberId", description = "Member identifier") ClientId memberId,
@Param(name = "usage", description = "Key usage (a - auth, s - sign)") String usage,
@Param(name = "subjectName", description = "Subject name") String subjectName)
throws Exception {
KeyUsageInfo keyUsage = "a".equals(usage) ? KeyUsageInfo.AUTHENTICATION : KeyUsageInfo.SIGNING;
Map<String, Object> logData = new LinkedHashMap<>();
logData.put(KEY_ID_PARAM, keyId);
logData.put(CLIENT_IDENTIFIER_PARAM, memberId);
logData.put(KEY_USAGE_PARAM, keyUsage.name());
logData.put(SUBJECT_NAME_PARAM, subjectName);
GenerateCertRequestResponse response;
try {
GenerateCertRequest request = new GenerateCertRequest(keyId, memberId, keyUsage, subjectName);
response = SignerClient.execute(request);
AuditLogger.log(GENERATE_A_CERT_REQUEST_EVENT, XROAD_USER, logData);
} catch (Exception e) {
AuditLogger.log(GENERATE_A_CERT_REQUEST_EVENT, XROAD_USER, e.getMessage(), logData);
throw e;
}
bytesToFile(keyId + ".csr", response.getCertRequest());
}
/**
* Deletes a certificate.
*
* @param certId certificate id
* @throws Exception if an error occurs
*/
@Command(description = "Deletes a certificate")
public void deleteCertificate(
@Param(name = "certId", description = "Certificate ID") String certId) throws Exception {
Map<String, Object> logData = new LinkedHashMap<>();
logData.put(CERT_ID_PARAM, certId);
try {
SignerClient.execute(new DeleteCert(certId));
AuditLogger.log(DELETE_THE_CERT_EVENT, XROAD_USER, logData);
} catch (Exception e) {
AuditLogger.log(DELETE_THE_CERT_EVENT, XROAD_USER, e.getMessage(), logData);
throw e;
}
}
/**
* Deletes a key.
*
* @param keyId key id
* @throws Exception if an error occurs
*/
@Command(description = "Deletes a key")
public void deleteKey(@Param(name = "keyId", description = "Key ID") String keyId)
throws Exception {
Map<String, Object> logData = new LinkedHashMap<>();
logData.put(KEY_ID_PARAM, keyId);
try {
SignerClient.execute(new DeleteKey(keyId, true));
AuditLogger.log(DELETE_THE_KEY_EVENT, XROAD_USER, logData);
} catch (Exception e) {
AuditLogger.log(DELETE_THE_KEY_EVENT, XROAD_USER, e.getMessage(), logData);
throw e;
}
}
/**
* Log out token.
*
* @param tokenId token id
* @throws Exception if an error occurs
*/
@Command(description = "Log out token", abbrev = "lo")
public void logoutToken(@Param(name = "tokenId", description = "Token ID") String tokenId)
throws Exception {
Map<String, Object> logData = new LinkedHashMap<>();
logData.put(TOKEN_ID_PARAM, tokenId);
try {
PasswordStore.storePassword(tokenId, null);
SignerClient.execute(new ActivateToken(tokenId, false));
AuditLogger.log(LOGOUT_FROM_THE_TOKEN_EVENT, XROAD_USER, logData);
} catch (Exception e) {
AuditLogger.log(LOGOUT_FROM_THE_TOKEN_EVENT, XROAD_USER, e.getMessage(), logData);
throw e;
}
}
/**
* Log in token.
*
* @param tokenId token id
* @throws Exception if an error occurs
*/
@Command(description = "Log in token", abbrev = "li")
public void loginToken(@Param(name = "tokenId", description = "Token ID") String tokenId)
throws Exception {
char[] pin = System.console().readPassword("PIN: ");
Map<String, Object> logData = new LinkedHashMap<>();
logData.put(TOKEN_ID_PARAM, tokenId);
try {
PasswordStore.storePassword(tokenId, pin);
SignerClient.execute(new ActivateToken(tokenId, true));
AuditLogger.log(LOG_INTO_THE_TOKEN, XROAD_USER, logData);
} catch (Exception e) {
AuditLogger.log(LOG_INTO_THE_TOKEN, XROAD_USER, e.getMessage(), logData);
throw e;
}
}
/**
* Sets key friendly name.
*
* @param keyId key id
* @param friendlyName friendly name
* @throws Exception if an error occurs
*/
@Command(description = "Sets key friendly name")
public void setKeyFriendlyName(
@Param(name = "keyId", description = "Key ID") String keyId,
@Param(name = "friendlyName", description = "Friendly name") String friendlyName)
throws Exception {
Map<String, Object> logData = new LinkedHashMap<>();
logData.put(KEY_ID_PARAM, keyId);
logData.put(KEY_FRIENDLY_NAME_PARAM, friendlyName);
try {
SignerClient.execute(new SetKeyFriendlyName(keyId, friendlyName));
AuditLogger.log(SET_A_FRIENDLY_NAME_TO_THE_KEY_EVENT, XROAD_USER, logData);
} catch (Exception e) {
AuditLogger.log(SET_A_FRIENDLY_NAME_TO_THE_KEY_EVENT, XROAD_USER, e.getMessage(), logData);
throw e;
}
}
/**
* Initialize software token
*
* @throws Exception if an error occurs
*/
@Command(description = "Initialize software token")
public void initSoftwareToken() throws Exception {
char[] pin = System.console().readPassword("PIN: ");
char[] pin2 = System.console().readPassword("retype PIN: ");
if (!Arrays.equals(pin, pin2)) {
System.out.println("ERROR: PINs do not match");
return;
}
try {
SignerClient.execute(new InitSoftwareToken(pin));
AuditLogger.log(INITIALIZE_THE_SOFTWARE_TOKEN_EVENT, XROAD_USER, null);
} catch (Exception e) {
AuditLogger.log(INITIALIZE_THE_SOFTWARE_TOKEN_EVENT, XROAD_USER, e.getMessage(), null);
throw e;
}
}
/**
* Generate key on token.
*
* @param tokenId token id
* @throws Exception if an error occurs
*/
@Command(description = "Generate key on token")
public void generateKey(@Param(name = "tokenId", description = "Token ID") String tokenId)
throws Exception {
Map<String, Object> logData = new LinkedHashMap<>();
logData.put(TOKEN_ID_PARAM, tokenId);
KeyInfo response;
try {
response = SignerClient.execute(new GenerateKey(tokenId));
logData.put(KEY_ID_PARAM, response.getId());
AuditLogger.log(GENERATE_A_KEY_ON_THE_TOKEN_EVENT, XROAD_USER, logData);
} catch (Exception e) {
AuditLogger.log(GENERATE_A_KEY_ON_THE_TOKEN_EVENT, XROAD_USER, e.getMessage(), logData);
throw e;
}
System.out.println(response.getId());
}