1 13 14 package org.ejbca.core.protocol.xkms.generators; 15 16 import java.security.cert.X509Certificate ; 17 18 import org.apache.log4j.Logger; 19 import org.ejbca.core.model.InternalResources; 20 import org.ejbca.core.model.ra.UserDataConstants; 21 import org.ejbca.core.model.ra.UserDataVO; 22 import org.ejbca.core.protocol.xkms.common.XKMSConstants; 23 import org.ejbca.util.passgen.IPasswordGenerator; 24 import org.ejbca.util.passgen.PasswordGeneratorFactory; 25 import org.w3._2002._03.xkms_.KeyBindingAbstractType; 26 import org.w3._2002._03.xkms_.KeyBindingType; 27 import org.w3._2002._03.xkms_.ReissueRequestType; 28 import org.w3._2002._03.xkms_.ReissueResultType; 29 import org.w3c.dom.Document ; 30 31 39 40 public class ReissueResponseGenerator extends 41 KRSSResponseGenerator { 42 private static Logger log = Logger.getLogger(ReissueResponseGenerator.class); 43 44 private static final InternalResources intres = InternalResources.getInstance(); 45 46 public ReissueResponseGenerator(String remoteIP, ReissueRequestType req, Document requestDoc) { 47 super(remoteIP, req,requestDoc); 48 } 49 50 53 public ReissueResultType getResponse(boolean requestVerifies){ 54 ReissueResultType result = xkmsFactory.createReissueResultType(); 55 super.populateResponse(result, requestVerifies); 56 ReissueRequestType req = (ReissueRequestType) this.req; 57 58 59 if(resultMajor == null){ 60 if(!checkValidRespondWithRequest(req.getRespondWith(),false)){ 61 resultMajor = XKMSConstants.RESULTMAJOR_SENDER; 62 resultMinor = XKMSConstants.RESULTMINOR_MESSAGENOTSUPPORTED; 63 } 64 65 if(resultMajor == null){ 66 if(resultMajor == null){ 67 X509Certificate cert = (X509Certificate ) getPublicKeyInfo(req, false); 68 boolean isCertValid = certIsValid(cert); 69 if(isCertValid && confirmPOP(cert.getPublicKey())){ 70 UserDataVO userData = findUserData(cert); 71 if(userData != null){ 72 String password = ""; 73 boolean encryptedPassword = isPasswordEncrypted(req); 74 if(isCertValid && XKMSConfig.isAutomaticReissueAllowed()){ 75 password = setUserStatusToNew(userData); 76 }else{ 77 if(encryptedPassword){ 78 password = getEncryptedPassword(requestDoc, userData.getPassword()); 79 }else{ 80 password = getClearPassword(req, userData.getPassword()); 81 } 82 } 83 84 85 if(password != null ){ 86 X509Certificate newCert = registerReissueOrRecover(false,true, result, userData,password, cert.getPublicKey(), null); 87 if(newCert != null){ 88 KeyBindingAbstractType keyBinding = getResponseValues(req.getReissueKeyBinding(), newCert, false, true); 89 result.getKeyBinding().add((KeyBindingType) keyBinding); 90 } 91 } 92 } 93 } 94 } 95 } 96 } 97 98 if(resultMajor == null){ 99 resultMajor = XKMSConstants.RESULTMAJOR_SUCCESS; 100 } 101 102 setResult(result); 103 104 return result; 105 } 106 107 108 114 private String setUserStatusToNew(UserDataVO userdata) { 115 String retval = null; 116 try { 117 IPasswordGenerator passwordGenerator = PasswordGeneratorFactory.getInstance(PasswordGeneratorFactory.PASSWORDTYPE_LETTERSANDDIGITS); 118 String password= passwordGenerator.getNewPassword(8, 8); 119 120 userdata.setStatus(UserDataConstants.STATUS_NEW); 121 userdata.setPassword(password); 122 123 getUserAdminSession().changeUser(raAdmin, userdata, true); 124 retval = password; 125 } catch (Exception e) { 126 log.error(intres.getLocalizedMessage("xkms.errorsettinguserstatus", userdata.getUsername()),e); 127 } 128 129 return retval; 130 } 131 132 133 134 135 } 136 | Popular Tags |