Refactored CertMgt component

4.x.x
harshanl 8 years ago
parent 13126fe398
commit 08ff70bb3c

@ -148,26 +148,6 @@
<artifactId>org.wso2.carbon.logging</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.common</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.core</artifactId>
<scope>provided</scope>
<exclusions>
<exclusion>
<groupId>org.apache.axis2.wso2</groupId>
<artifactId>axis2-client</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.neethi.wso2</groupId>
<artifactId>neethi</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.certificate.mgt.core</artifactId>

@ -144,26 +144,6 @@
<artifactId>org.wso2.carbon.logging</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.common</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.core</artifactId>
<scope>provided</scope>
<exclusions>
<exclusion>
<groupId>org.apache.axis2.wso2</groupId>
<artifactId>axis2-client</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.neethi.wso2</groupId>
<artifactId>neethi</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.certificate.mgt.core</artifactId>

@ -6,15 +6,14 @@ import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.CertificateManagementAdmin
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.CertificateList;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.EnrollmentCertificate;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.ErrorResponse;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util.DeviceMgtAPIUtils;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util.CertificateMgtAPIUtils;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util.RequestValidationUtil;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService;
import org.wso2.carbon.certificate.mgt.core.service.PaginationResult;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.PaginationRequest;
import org.wso2.carbon.device.mgt.common.PaginationResult;
import javax.ws.rs.*;
import javax.ws.rs.core.Response;
@ -38,7 +37,7 @@ public class CertificateManagementAdminServiceImpl implements CertificateManagem
CertificateManagementService certificateService;
List<org.wso2.carbon.certificate.mgt.core.bean.Certificate> certificates = new ArrayList<>();
org.wso2.carbon.certificate.mgt.core.bean.Certificate certificate;
certificateService = DeviceMgtAPIUtils.getCertificateManagementService();
certificateService = CertificateMgtAPIUtils.getCertificateManagementService();
try {
for (EnrollmentCertificate enrollmentCertificate : enrollmentCertificates) {
certificate = new org.wso2.carbon.certificate.mgt.core.bean.Certificate();
@ -70,7 +69,7 @@ public class CertificateManagementAdminServiceImpl implements CertificateManagem
@HeaderParam("If-Modified-Since") String ifModifiedSince) {
RequestValidationUtil.validateSerialNumber(serialNumber);
CertificateManagementService certificateService = DeviceMgtAPIUtils.getCertificateManagementService();
CertificateManagementService certificateService = CertificateMgtAPIUtils.getCertificateManagementService();
List<CertificateResponse> certificateResponse;
try {
certificateResponse = certificateService.searchCertificates(serialNumber);
@ -96,11 +95,9 @@ public class CertificateManagementAdminServiceImpl implements CertificateManagem
@QueryParam("limit") int limit,
@HeaderParam("If-Modified-Since") String ifModifiedSince) {
RequestValidationUtil.validatePaginationInfo(offset, limit);
CertificateManagementService certificateService = DeviceMgtAPIUtils.getCertificateManagementService();
PaginationRequest paginationRequest = new PaginationRequest(offset, limit);
CertificateManagementService certificateService = CertificateMgtAPIUtils.getCertificateManagementService();
try {
PaginationResult result = certificateService.getAllCertificates(paginationRequest);
PaginationResult result = certificateService.getAllCertificates(offset, limit);
CertificateList certificates = new CertificateList();
certificates.setCount(result.getRecordsTotal());
certificates.setList((List<CertificateResponse>) result.getData());
@ -118,7 +115,7 @@ public class CertificateManagementAdminServiceImpl implements CertificateManagem
public Response removeCertificate(@PathParam("serialNumber") String serialNumber) {
RequestValidationUtil.validateSerialNumber(serialNumber);
CertificateManagementService certificateService = DeviceMgtAPIUtils.getCertificateManagementService();
CertificateManagementService certificateService = CertificateMgtAPIUtils.getCertificateManagementService();
try {
boolean status = certificateService.removeCertificate(serialNumber);
if (!status) {

@ -27,12 +27,12 @@ import org.wso2.carbon.device.mgt.core.search.mgt.SearchManagerService;
import javax.ws.rs.core.MediaType;
/**
* DMAPIUtils class provides utility function used by CDM REST-API classes.
* CertificateMgtAPIUtils class provides utility functions used by Certificate Mgt REST-API classes.
*/
public class DeviceMgtAPIUtils {
public class CertificateMgtAPIUtils {
public static final MediaType DEFAULT_CONTENT_TYPE = MediaType.APPLICATION_JSON_TYPE;
private static Log log = LogFactory.getLog(DeviceMgtAPIUtils.class);
private static Log log = LogFactory.getLog(CertificateMgtAPIUtils.class);
public static CertificateManagementService getCertificateManagementService() {

@ -34,11 +34,11 @@ import java.io.File;
*/
public class CertificateConfigurationManager {
private CertificateManagementConfig currentPolicyConfig;
private CertificateManagementConfig certificateManagementConfig;
private static CertificateConfigurationManager certificateConfigurationManager;
private final String deviceMgtConfigXMLPath = CarbonUtils.getCarbonConfigDirPath() + File.separator +
CertificateManagementConstants.DEVICE_CONFIG_XML_NAME;
private final String certMgtConfigXMLPath = CarbonUtils.getCarbonConfigDirPath() + File.separator +
CertificateManagementConstants.CERTIFICATE_CONFIG_XML_FILE;
public static CertificateConfigurationManager getInstance() {
if (certificateConfigurationManager == null) {
@ -53,24 +53,36 @@ public class CertificateConfigurationManager {
public synchronized void initConfig() throws CertificateManagementException {
try {
File deviceMgtConfig = new File(deviceMgtConfigXMLPath);
Document doc = CertificateManagerUtil.convertToDocument(deviceMgtConfig);
File certMgtConfig = new File(certMgtConfigXMLPath);
Document doc = CertificateManagerUtil.convertToDocument(certMgtConfig);
/* Un-marshaling Device Management configuration */
/* Un-marshaling Certificate Management configuration */
JAXBContext rssContext = JAXBContext.newInstance(CertificateManagementConfig.class);
Unmarshaller unmarshaller = rssContext.createUnmarshaller();
this.currentPolicyConfig = (CertificateManagementConfig) unmarshaller.unmarshal(doc);
this.certificateManagementConfig = (CertificateManagementConfig) unmarshaller.unmarshal(doc);
} catch (Exception e) {
throw new CertificateManagementException("Error occurred while initializing device config", e);
throw new CertificateManagementException("Error occurred while initializing certificate config", e);
}
}
public CertificateManagementConfig getPolicyManagementConfig() {
return currentPolicyConfig;
public CertificateManagementConfig getCertificateManagementConfig() throws CertificateManagementException {
if (certificateManagementConfig == null) {
initConfig();
}
return certificateManagementConfig;
}
public DataSourceConfig getDataSourceConfig() {
return currentPolicyConfig.getCertificateManagementRepository().getDataSourceConfig();
public DataSourceConfig getDataSourceConfig() throws CertificateManagementException {
if (certificateManagementConfig == null) {
initConfig();
}
return certificateManagementConfig.getCertificateManagementRepository().getDataSourceConfig();
}
public CertificateKeystoreConfig getCertificateKeyStoreConfig() throws CertificateManagementException {
if (certificateManagementConfig == null) {
initConfig();
}
return certificateManagementConfig.getCertificateKeystoreConfig();
}
}

@ -0,0 +1,107 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.config;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
/**
* Class for holding CertificateKeystore data.
*/
@XmlRootElement(name = "CertificateKeystore")
public class CertificateKeystoreConfig {
private String certificateKeystoreLocation;
private String certificateKeystoreType;
private String certificateKeystorePassword;
private String caCertAlias;
private String caPrivateKeyPassword;
private String raCertAlias;
private String raPrivateKeyPassword;
@XmlElement(name = "CertificateKeystoreLocation", required = true)
public String getCertificateKeystoreLocation() {
return certificateKeystoreLocation;
}
public void setCertificateKeystoreLocation(String certificateKeystoreLocation) {
if (certificateKeystoreLocation != null && certificateKeystoreLocation.toLowerCase().
contains(CertificateManagementConstants.CARBON_HOME_ENTRY)) {
certificateKeystoreLocation = certificateKeystoreLocation.replace(CertificateManagementConstants.CARBON_HOME_ENTRY,
System.getProperty(CertificateManagementConstants.CARBON_HOME));
}
this.certificateKeystoreLocation = certificateKeystoreLocation;
}
@XmlElement(name = "CertificateKeystoreType", required = true)
public String getCertificateKeystoreType() {
return certificateKeystoreType;
}
public void setCertificateKeystoreType(String certificateKeystoreType) {
this.certificateKeystoreType = certificateKeystoreType;
}
@XmlElement(name = "CertificateKeystorePassword", required = true)
public String getCertificateKeystorePassword() {
return certificateKeystorePassword;
}
public void setCertificateKeystorePassword(String certificateKeystorePassword) {
this.certificateKeystorePassword = certificateKeystorePassword;
}
@XmlElement(name = "CACertAlias", required = true)
public String getCACertAlias() {
return caCertAlias;
}
public void setCACertAlias(String caCertAlias) {
this.caCertAlias = caCertAlias;
}
@XmlElement(name = "CAPrivateKeyPassword", required = true)
public String getCAPrivateKeyPassword() {
return caPrivateKeyPassword;
}
public void setCAPrivateKeyPassword(String caPrivateKeyPassword) {
this.caPrivateKeyPassword = caPrivateKeyPassword;
}
@XmlElement(name = "RACertAlias", required = true)
public String getRACertAlias() {
return raCertAlias;
}
public void setRACertAlias(String raCertAlias) {
this.raCertAlias = raCertAlias;
}
@XmlElement(name = "RAPrivateKeyPassword", required = true)
public String getRAPrivateKeyPassword() {
return raPrivateKeyPassword;
}
public void setRAPrivateKeyPassword(String raPrivateKeyPassword) {
this.raPrivateKeyPassword = raPrivateKeyPassword;
}
}

@ -22,20 +22,39 @@ import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
/**
* Represents Device Mgt configuration.
* Represents Certificate Mgt configuration.
*/
@XmlRootElement(name = "DeviceMgtConfiguration")
@XmlRootElement(name = "CertificateConfigurations")
public final class CertificateManagementConfig {
private CertificateManagementRepository certificateManagementRepository;
private CertificateKeystoreConfig certificateKeystoreConfig;
private int defaultPageSize;
public void setCertificateManagementRepository(CertificateManagementRepository certificateManagementRepository) {
this.certificateManagementRepository = certificateManagementRepository;
}
private CertificateManagementRepository certificateManagementRepository;
@XmlElement(name = "ManagementRepository", nillable = false)
@XmlElement(name = "ManagementRepository", required = true)
public CertificateManagementRepository getCertificateManagementRepository() {
return certificateManagementRepository;
}
@XmlElement(name = "CertificateKeystore", required = true)
public CertificateKeystoreConfig getCertificateKeystoreConfig() {
return certificateKeystoreConfig;
}
public void setCertificateKeystoreConfig(CertificateKeystoreConfig certificateKeystoreConfig) {
this.certificateKeystoreConfig = certificateKeystoreConfig;
}
@XmlElement(name = "DefaultPageSize", required = true)
public int getDefaultPageSize() {
return defaultPageSize;
}
public void setDefaultPageSize(int defaultPageSize) {
this.defaultPageSize = defaultPageSize;
}
}

@ -24,14 +24,14 @@ import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
/**
* Class for holding management repository data
* Class for holding management repository data.
*/
@XmlRootElement(name = "ManagementRepository")
public class CertificateManagementRepository {
private DataSourceConfig dataSourceConfig;
@XmlElement(name = "DataSourceConfiguration", nillable = false)
@XmlElement(name = "DataSourceConfiguration", required = true)
public DataSourceConfig getDataSourceConfig() {
return dataSourceConfig;
}

@ -20,8 +20,7 @@ package org.wso2.carbon.certificate.mgt.core.dao;
import org.wso2.carbon.certificate.mgt.core.bean.Certificate;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.device.mgt.common.PaginationRequest;
import org.wso2.carbon.device.mgt.common.PaginationResult;
import org.wso2.carbon.certificate.mgt.core.service.PaginationResult;
import java.util.List;
@ -55,12 +54,13 @@ public interface CertificateDAO {
/**
* Get all the certificates in a paginated manner.
*
* @param request Request mentioning pagination details such as length and stating index.
* @param rowNum Stating index of the paginated result.
* @param limit Number of records to return.
* @return Pagination result with data and the count of results.
* @throws CertificateManagementDAOException
*
*/
PaginationResult getAllCertificates(PaginationRequest request) throws CertificateManagementDAOException;
PaginationResult getAllCertificates(int rowNum, int limit) throws CertificateManagementDAOException;
/**
* Get all the certificates.
@ -69,7 +69,7 @@ public interface CertificateDAO {
* @throws CertificateManagementDAOException
*
*/
public List<CertificateResponse> getAllCertificates() throws CertificateManagementDAOException;
List<CertificateResponse> getAllCertificates() throws CertificateManagementDAOException;
/**
* Delete a certificate identified by a serial number()
@ -79,6 +79,6 @@ public interface CertificateDAO {
*/
boolean removeCertificate(String serialNumber) throws CertificateManagementDAOException;
public List<CertificateResponse> searchCertificate(String serialNumber) throws CertificateManagementDAOException;
List<CertificateResponse> searchCertificate(String serialNumber) throws CertificateManagementDAOException;
}

@ -23,9 +23,13 @@ import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.config.datasource.DataSourceConfig;
import org.wso2.carbon.certificate.mgt.core.config.datasource.JNDILookupDefinition;
import org.wso2.carbon.certificate.mgt.core.dao.impl.GenericCertificateDAOImpl;
import org.wso2.carbon.device.mgt.common.DeviceManagementConstants;
import org.wso2.carbon.device.mgt.common.IllegalTransactionStateException;
import org.wso2.carbon.device.mgt.common.TransactionManagementException;
import org.wso2.carbon.certificate.mgt.core.dao.impl.OracleCertificateDAOImpl;
import org.wso2.carbon.certificate.mgt.core.dao.impl.PostgreSQLCertificateDAOImpl;
import org.wso2.carbon.certificate.mgt.core.dao.impl.SQLServerCertificateDAOImpl;
import org.wso2.carbon.certificate.mgt.core.exception.IllegalTransactionStateException;
import org.wso2.carbon.certificate.mgt.core.exception.TransactionManagementException;
import org.wso2.carbon.certificate.mgt.core.exception.UnsupportedDatabaseEngineException;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import javax.sql.DataSource;
import java.sql.Connection;
@ -45,9 +49,23 @@ public class CertificateManagementDAOFactory {
CONNECTION_NOT_BORROWED, CONNECTION_BORROWED, CONNECTION_CLOSED
}
public static CertificateDAO getCertificateDAO() {
return new GenericCertificateDAOImpl();
if (databaseEngine != null) {
switch (databaseEngine) {
case CertificateManagementConstants.DataBaseTypes.DB_TYPE_ORACLE:
return new OracleCertificateDAOImpl();
case CertificateManagementConstants.DataBaseTypes.DB_TYPE_MSSQL:
return new SQLServerCertificateDAOImpl();
case CertificateManagementConstants.DataBaseTypes.DB_TYPE_POSTGRESQL:
return new PostgreSQLCertificateDAOImpl();
case CertificateManagementConstants.DataBaseTypes.DB_TYPE_H2:
case CertificateManagementConstants.DataBaseTypes.DB_TYPE_MYSQL:
return new GenericCertificateDAOImpl();
default:
throw new UnsupportedDatabaseEngineException("Unsupported database engine : " + databaseEngine);
}
}
throw new IllegalStateException("Database engine has not initialized properly.");
}
public static void init(DataSourceConfig config) {
@ -72,8 +90,8 @@ public class CertificateManagementDAOFactory {
Connection conn = currentConnection.get();
if (conn != null) {
throw new IllegalTransactionStateException("A transaction is already active within the context of " +
"this particular thread. Therefore, calling 'beginTransaction/openConnection' while another " +
"transaction is already active is a sign of improper transaction handling");
"this particular thread. Therefore, calling 'beginTransaction/openConnection' while another " +
"transaction is already active is a sign of improper transaction handling");
}
try {
conn = dataSource.getConnection();

@ -0,0 +1,223 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.dao.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.bean.Certificate;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateDAO;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOUtil;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
import org.wso2.carbon.certificate.mgt.core.util.Serializer;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
/**
* This class holds the generic implementation of CertificateDAO which can be used to support ANSI db syntax.
*/
public abstract class AbstractCertificateDAOImpl implements CertificateDAO{
private static final Log log = LogFactory.getLog(GenericCertificateDAOImpl.class);
@Override
public void addCertificate(List<Certificate> certificates)
throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
try {
conn = this.getConnection();
stmt = conn.prepareStatement(
"INSERT INTO DM_DEVICE_CERTIFICATE (SERIAL_NUMBER, CERTIFICATE, TENANT_ID, USERNAME)"
+ " VALUES (?,?,?,?)");
PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.
getThreadLocalCarbonContext();
String username = threadLocalCarbonContext.getUsername();
for (Certificate certificate : certificates) {
// the serial number of the certificate used for its creation is set as its alias.
String serialNumber = certificate.getSerial();
if (serialNumber == null || serialNumber.isEmpty()) {
serialNumber = String.valueOf(certificate.getCertificate().getSerialNumber());
}
byte[] bytes = Serializer.serialize(certificate.getCertificate());
stmt.setString(1, serialNumber);
stmt.setBytes(2, bytes);
stmt.setInt(3, certificate.getTenantId());
stmt.setString(4, username);
stmt.addBatch();
}
stmt.executeBatch();
} catch (SQLException | IOException e) {
throw new CertificateManagementDAOException("Error occurred while saving certificates. "
, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, null);
}
}
@Override
public CertificateResponse retrieveCertificate(String serialNumber)
throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
conn = this.getConnection();
String query =
"SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM"
+ " DM_DEVICE_CERTIFICATE WHERE SERIAL_NUMBER = ? AND TENANT_ID = ? ";
stmt = conn.prepareStatement(query);
stmt.setString(1, serialNumber);
stmt.setInt(2, tenantId);
resultSet = stmt.executeQuery();
if (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setCertificate(certificateBytes);
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
}
} catch (SQLException e) {
String errorMsg =
"Unable to get the read the certificate with serial" + serialNumber;
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return certificateResponse;
}
@Override
public List<CertificateResponse> searchCertificate(String serialNumber)
throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse = null;
List<CertificateResponse> certificates = new ArrayList<>();
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
conn = this.getConnection();
String query =
"SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM DM_DEVICE_CERTIFICATE "
+ "WHERE SERIAL_NUMBER LIKE ? AND TENANT_ID = ? ";
stmt = conn.prepareStatement(query);
stmt.setString(1, "%" + serialNumber + "%");
stmt.setInt(2, tenantId);
resultSet = stmt.executeQuery();
while (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
certificates.add(certificateResponse);
}
} catch (SQLException e) {
String errorMsg =
"Unable to get the read the certificate with serial" + serialNumber;
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return certificates;
}
@Override
public List<CertificateResponse> getAllCertificates() throws CertificateManagementDAOException {
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse;
List<CertificateResponse> certificates = new ArrayList<>();
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
Connection conn = this.getConnection();
String sql = "SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME"
+ " FROM DM_DEVICE_CERTIFICATE WHERE TENANT_ID = ? ORDER BY ID DESC";
stmt = conn.prepareStatement(sql);
stmt.setInt(1, tenantId);
resultSet = stmt.executeQuery();
while (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
certificates.add(certificateResponse);
}
} catch (SQLException e) {
String errorMsg = "SQL error occurred while retrieving the certificates.";
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return certificates;
}
@Override
public boolean removeCertificate(String serialNumber) throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet resultSet = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
conn = this.getConnection();
String query =
"DELETE FROM DM_DEVICE_CERTIFICATE WHERE SERIAL_NUMBER = ?" +
" AND TENANT_ID = ? ";
stmt = conn.prepareStatement(query);
stmt.setString(1, serialNumber);
stmt.setInt(2, tenantId);
return stmt.executeUpdate() > 0;
} catch (SQLException e) {
String msg = "Unable to get the read the certificate with serial" + serialNumber;
log.error(msg, e);
throw new CertificateManagementDAOException(msg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
}
private Connection getConnection() throws SQLException {
return CertificateManagementDAOFactory.getConnection();
}
}

@ -20,149 +20,36 @@ package org.wso2.carbon.certificate.mgt.core.dao.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.bean.Certificate;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateDAO;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOUtil;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagerUtil;
import org.wso2.carbon.certificate.mgt.core.util.Serializer;
import org.wso2.carbon.certificate.mgt.core.service.PaginationResult;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.PaginationRequest;
import org.wso2.carbon.device.mgt.common.PaginationResult;
import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException;
import org.wso2.carbon.device.mgt.core.operation.mgt.dao.OperationManagementDAOUtil;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.sql.*;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
public class GenericCertificateDAOImpl implements CertificateDAO {
/**
* This class holds the generic implementation of CertificateDAO which can be used to support ANSI db syntax for pagination
* queries.
*/
public class GenericCertificateDAOImpl extends AbstractCertificateDAOImpl {
private static final Log log = LogFactory.getLog(GenericCertificateDAOImpl.class);
@Override
public void addCertificate(List<Certificate> certificates)
throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
try {
conn = this.getConnection();
stmt = conn.prepareStatement(
"INSERT INTO DM_DEVICE_CERTIFICATE (SERIAL_NUMBER, CERTIFICATE, TENANT_ID, USERNAME)"
+ " VALUES (?,?,?,?)");
PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.
getThreadLocalCarbonContext();
String username = threadLocalCarbonContext.getUsername();
for (Certificate certificate : certificates) {
// the serial number of the certificate used for its creation is set as its alias.
String serialNumber = certificate.getSerial();
if (serialNumber == null || serialNumber.isEmpty()) {
serialNumber = String.valueOf(certificate.getCertificate().getSerialNumber());
}
byte[] bytes = Serializer.serialize(certificate.getCertificate());
stmt.setString(1, serialNumber);
stmt.setBytes(2, bytes);
stmt.setInt(3, certificate.getTenantId());
stmt.setString(4, username);
stmt.addBatch();
}
stmt.executeBatch();
} catch (SQLException | IOException e) {
throw new CertificateManagementDAOException("Error occurred while saving certificates. "
, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, null);
}
}
@Override
public CertificateResponse retrieveCertificate(String serialNumber)
throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
conn = this.getConnection();
String query =
"SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM"
+ " DM_DEVICE_CERTIFICATE WHERE SERIAL_NUMBER = ? AND TENANT_ID = ? ";
stmt = conn.prepareStatement(query);
stmt.setString(1, serialNumber);
stmt.setInt(2, tenantId);
resultSet = stmt.executeQuery();
if (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setCertificate(certificateBytes);
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
}
} catch (SQLException e) {
String errorMsg =
"Unable to get the read the certificate with serial" + serialNumber;
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return certificateResponse;
}
@Override
public List<CertificateResponse> searchCertificate(String serialNumber)
throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse = null;
List<CertificateResponse> certificates = new ArrayList<>();
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
conn = this.getConnection();
String query =
"SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM DM_DEVICE_CERTIFICATE "
+ "WHERE SERIAL_NUMBER LIKE ? AND TENANT_ID = ? ";
stmt = conn.prepareStatement(query);
stmt.setString(1, "%" + serialNumber + "%");
stmt.setInt(2, tenantId);
resultSet = stmt.executeQuery();
while (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
certificates.add(certificateResponse);
}
} catch (SQLException e) {
String errorMsg =
"Unable to get the read the certificate with serial" + serialNumber;
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return certificates;
private Connection getConnection() throws SQLException {
return CertificateManagementDAOFactory.getConnection();
}
@Override
public PaginationResult getAllCertificates(PaginationRequest request) throws CertificateManagementDAOException {
public PaginationResult getAllCertificates(int rowNum, int limit) throws CertificateManagementDAOException {
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse;
@ -172,11 +59,11 @@ public class GenericCertificateDAOImpl implements CertificateDAO {
try {
Connection conn = this.getConnection();
String sql = "SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM "
+ "DM_DEVICE_CERTIFICATE WHERE TENANT_ID = ? ORDER BY ID DESC LIMIT ?,?";
+ "DM_DEVICE_CERTIFICATE WHERE TENANT_ID = ? ORDER BY ID DESC LIMIT ?,?";
stmt = conn.prepareStatement(sql);
stmt.setInt(1, tenantId);
stmt.setInt(2, request.getStartIndex());
stmt.setInt(3, request.getRowCount());
stmt.setInt(2, rowNum);
stmt.setInt(3, limit);
resultSet = stmt.executeQuery();
int resultCount = 0;
@ -202,67 +89,4 @@ public class GenericCertificateDAOImpl implements CertificateDAO {
}
return paginationResult;
}
@Override
public List<CertificateResponse> getAllCertificates() throws CertificateManagementDAOException {
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse;
List<CertificateResponse> certificates = new ArrayList<>();
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
Connection conn = this.getConnection();
String sql = "SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME"
+ " FROM DM_DEVICE_CERTIFICATE WHERE TENANT_ID = ? ORDER BY ID DESC";
stmt = conn.prepareStatement(sql);
stmt.setInt(1, tenantId);
resultSet = stmt.executeQuery();
while (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
certificates.add(certificateResponse);
}
} catch (SQLException e) {
String errorMsg = "SQL error occurred while retrieving the certificates.";
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return certificates;
}
@Override
public boolean removeCertificate(String serialNumber) throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet resultSet = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
conn = this.getConnection();
String query =
"DELETE FROM DM_DEVICE_CERTIFICATE WHERE SERIAL_NUMBER = ?" +
" AND TENANT_ID = ? ";
stmt = conn.prepareStatement(query);
stmt.setString(1, serialNumber);
stmt.setInt(2, tenantId);
return stmt.executeUpdate() > 0;
} catch (SQLException e) {
String msg = "Unable to get the read the certificate with serial" + serialNumber;
log.error(msg, e);
throw new CertificateManagementDAOException(msg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
}
private Connection getConnection() throws SQLException {
return CertificateManagementDAOFactory.getConnection();
}
}

@ -0,0 +1,91 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.dao.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOUtil;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
import org.wso2.carbon.certificate.mgt.core.service.PaginationResult;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
/**
* This class holds the oracle sql implementation of CertificateDAO which can be used to support Oracle specific
* db syntax.
*/
public class OracleCertificateDAOImpl extends AbstractCertificateDAOImpl {
private static final Log log = LogFactory.getLog(OracleCertificateDAOImpl.class);
@Override
public PaginationResult getAllCertificates(int rowNum, int limit) throws CertificateManagementDAOException {
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse;
List<CertificateResponse> certificates = new ArrayList<>();
PaginationResult paginationResult;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
Connection conn = this.getConnection();
String sql = "SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM "
+ "DM_DEVICE_CERTIFICATE WHERE TENANT_ID = ? ORDER BY ID DESC WHERE OFFSET >= ? AND ROWNUM <= ?";
stmt = conn.prepareStatement(sql);
stmt.setInt(1, tenantId);
stmt.setInt(2, rowNum);
stmt.setInt(3, limit);
resultSet = stmt.executeQuery();
int resultCount = 0;
while (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
certificates.add(certificateResponse);
resultCount++;
}
paginationResult = new PaginationResult();
paginationResult.setData(certificates);
paginationResult.setRecordsTotal(resultCount);
} catch (SQLException e) {
String errorMsg = "SQL error occurred while retrieving the certificates.";
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return paginationResult;
}
private Connection getConnection() throws SQLException {
return CertificateManagementDAOFactory.getConnection();
}
}

@ -0,0 +1,91 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.dao.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOUtil;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
import org.wso2.carbon.certificate.mgt.core.service.PaginationResult;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
/**
* This class holds the PostgreSQL implementation of CertificateDAO which can be used to support PostgreSQL specific
* db syntax.
*/
public class PostgreSQLCertificateDAOImpl extends AbstractCertificateDAOImpl {
private static final Log log = LogFactory.getLog(PostgreSQLCertificateDAOImpl.class);
@Override
public PaginationResult getAllCertificates(int rowNum, int limit) throws CertificateManagementDAOException {
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse;
List<CertificateResponse> certificates = new ArrayList<>();
PaginationResult paginationResult;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
Connection conn = this.getConnection();
String sql = "SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM "
+ "DM_DEVICE_CERTIFICATE WHERE TENANT_ID = ? ORDER BY ID DESC LIMIT ? OFFSET ?";
stmt = conn.prepareStatement(sql);
stmt.setInt(1, tenantId);
stmt.setInt(2, limit);
stmt.setInt(3, rowNum);
resultSet = stmt.executeQuery();
int resultCount = 0;
while (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
certificates.add(certificateResponse);
resultCount++;
}
paginationResult = new PaginationResult();
paginationResult.setData(certificates);
paginationResult.setRecordsTotal(resultCount);
} catch (SQLException e) {
String errorMsg = "SQL error occurred while retrieving the certificates.";
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return paginationResult;
}
private Connection getConnection() throws SQLException {
return CertificateManagementDAOFactory.getConnection();
}
}

@ -0,0 +1,91 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.dao.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOUtil;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
import org.wso2.carbon.certificate.mgt.core.service.PaginationResult;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
/**
* This class holds the SQLServer implementation of CertificateDAO which can be used to support SQLServer specific
* db syntax.
*/
public class SQLServerCertificateDAOImpl extends AbstractCertificateDAOImpl {
private static final Log log = LogFactory.getLog(SQLServerCertificateDAOImpl.class);
@Override
public PaginationResult getAllCertificates(int rowNum, int limit) throws CertificateManagementDAOException {
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse;
List<CertificateResponse> certificates = new ArrayList<>();
PaginationResult paginationResult;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
Connection conn = this.getConnection();
String sql = "SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM "
+ "DM_DEVICE_CERTIFICATE WHERE TENANT_ID = ? ORDER BY ID DESC OFFSET ? ROWS FETCH NEXT ? ROWS ONLY";
stmt = conn.prepareStatement(sql);
stmt.setInt(1, tenantId);
stmt.setInt(2, rowNum);
stmt.setInt(3, limit);
resultSet = stmt.executeQuery();
int resultCount = 0;
while (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
certificates.add(certificateResponse);
resultCount++;
}
paginationResult = new PaginationResult();
paginationResult.setData(certificates);
paginationResult.setRecordsTotal(resultCount);
} catch (SQLException e) {
String errorMsg = "SQL error occurred while retrieving the certificates.";
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return paginationResult;
}
private Connection getConnection() throws SQLException {
return CertificateManagementDAOFactory.getConnection();
}
}

@ -0,0 +1,44 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.exception;
public class IllegalTransactionStateException extends RuntimeException {
private static final long serialVersionUID = -3151279331929070297L;
public IllegalTransactionStateException(String msg, Exception nestedEx) {
super(msg, nestedEx);
}
public IllegalTransactionStateException(String message, Throwable cause) {
super(message, cause);
}
public IllegalTransactionStateException(String msg) {
super(msg);
}
public IllegalTransactionStateException() {
super();
}
public IllegalTransactionStateException(Throwable cause) {
super(cause);
}
}

@ -0,0 +1,44 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.exception;
public class TransactionManagementException extends Exception {
private static final long serialVersionUID = -3151279321929070297L;
public TransactionManagementException(String msg, Exception nestedEx) {
super(msg, nestedEx);
}
public TransactionManagementException(String message, Throwable cause) {
super(message, cause);
}
public TransactionManagementException(String msg) {
super(msg);
}
public TransactionManagementException() {
super();
}
public TransactionManagementException(Throwable cause) {
super(cause);
}
}

@ -0,0 +1,48 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.exception;
/**
* This runtime exception will be thrown if the server has configured with unsupported DB engine.
*/
public class UnsupportedDatabaseEngineException extends RuntimeException {
private static final long serialVersionUID = -3151279311929070297L;
public UnsupportedDatabaseEngineException(String msg, Exception nestedEx) {
super(msg, nestedEx);
}
public UnsupportedDatabaseEngineException(String message, Throwable cause) {
super(message, cause);
}
public UnsupportedDatabaseEngineException(String msg) {
super(msg);
}
public UnsupportedDatabaseEngineException() {
super();
}
public UnsupportedDatabaseEngineException(Throwable cause) {
super(cause);
}
}

@ -57,11 +57,11 @@ import org.wso2.carbon.certificate.mgt.core.dto.CAStatus;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.exception.TransactionManagementException;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import org.wso2.carbon.certificate.mgt.core.util.CommonUtil;
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
import org.wso2.carbon.certificate.mgt.core.util.Serializer;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.TransactionManagementException;
import javax.security.auth.x500.X500Principal;
import javax.xml.bind.DatatypeConverter;
@ -115,7 +115,6 @@ public class CertificateGenerator {
}
} catch (ClassNotFoundException | IOException e) {
String errorMsg = "Error while deserializing the certificate.";
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
}
@ -136,7 +135,7 @@ public class CertificateGenerator {
InputStream raInputStream = null;
try {
CertificateFactory certificateFactory = CertificateFactory.getInstance(ConfigurationUtil.X_509);
CertificateFactory certificateFactory = CertificateFactory.getInstance(CertificateManagementConstants.X_509);
caInputStream = new ByteArrayInputStream(ca);
raInputStream = new ByteArrayInputStream(ra);
@ -147,7 +146,6 @@ public class CertificateGenerator {
certificateList.add(raCert);
} catch (CertificateException e) {
String errorMsg = "Error occurred while fetching root certificates";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} finally {
if (caInputStream != null) {
@ -180,19 +178,19 @@ public class CertificateGenerator {
try {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(
ConfigurationUtil.RSA, ConfigurationUtil.PROVIDER);
keyPairGenerator.initialize(ConfigurationUtil.RSA_KEY_LENGTH, new SecureRandom());
CertificateManagementConstants.RSA, CertificateManagementConstants.PROVIDER);
keyPairGenerator.initialize(CertificateManagementConstants.RSA_KEY_LENGTH, new SecureRandom());
KeyPair pair = keyPairGenerator.generateKeyPair();
X500Principal principal = new X500Principal(ConfigurationUtil.DEFAULT_PRINCIPAL);
X500Principal principal = new X500Principal(CertificateManagementConstants.DEFAULT_PRINCIPAL);
X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(
principal, CommonUtil.generateSerialNumber(), validityBeginDate, validityEndDate,
principal, pair.getPublic());
ContentSigner contentSigner = new JcaContentSignerBuilder(ConfigurationUtil.SHA256_RSA)
.setProvider(ConfigurationUtil.PROVIDER).build(
ContentSigner contentSigner = new JcaContentSignerBuilder(CertificateManagementConstants.SHA256_RSA)
.setProvider(CertificateManagementConstants.PROVIDER).build(
pair.getPrivate());
X509Certificate certificate = new JcaX509CertificateConverter()
.setProvider(ConfigurationUtil.PROVIDER).getCertificate(
.setProvider(CertificateManagementConstants.PROVIDER).getCertificate(
certificateBuilder.build(contentSigner));
// cert.checkValidity();
@ -210,35 +208,27 @@ public class CertificateGenerator {
return certificate;
} catch (NoSuchAlgorithmException e) {
String errorMsg = "No such algorithm found when generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (NoSuchProviderException e) {
String errorMsg = "No such provider found when generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (OperatorCreationException e) {
String errorMsg = "Issue in operator creation when generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateExpiredException e) {
String errorMsg = "Certificate expired after generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateNotYetValidException e) {
String errorMsg = "Certificate not yet valid when generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateException e) {
String errorMsg = "Certificate issue occurred when generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (InvalidKeyException e) {
String errorMsg = "Invalid key used when generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (SignatureException e) {
String errorMsg = "Signature related issue occurred when generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
}
@ -257,7 +247,7 @@ public class CertificateGenerator {
X509Certificate certRA = (X509Certificate) keyStoreReader.getRACertificate();
X509Certificate certCA = (X509Certificate) keyStoreReader.getCACertificate();
CertificateFactory certificateFactory = CertificateFactory.getInstance(ConfigurationUtil.X_509);
CertificateFactory certificateFactory = CertificateFactory.getInstance(CertificateManagementConstants.X_509);
X509CertificateHolder holder = reqCerts.iterator().next();
ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(holder.getEncoded());
X509Certificate reqCert = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
@ -286,7 +276,7 @@ public class CertificateGenerator {
certRep = new CertRep(transId, senderNonce, recipientNonce, messageData);
}
PkcsPkiEnvelopeEncoder envEncoder = new PkcsPkiEnvelopeEncoder(reqCert, ConfigurationUtil.DES_EDE);
PkcsPkiEnvelopeEncoder envEncoder = new PkcsPkiEnvelopeEncoder(reqCert, CertificateManagementConstants.DES_EDE);
PkiMessageEncoder encoder = new PkiMessageEncoder(privateKeyRA, certRA, envEncoder);
CMSSignedData cmsSignedData = encoder.encode(certRep);
@ -294,23 +284,18 @@ public class CertificateGenerator {
} catch (CertificateException e) {
String errorMsg = "Certificate issue occurred when generating getPKIMessage";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (MessageEncodingException e) {
String errorMsg = "Message encoding issue occurred when generating getPKIMessage";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (IOException e) {
String errorMsg = "Input output issue occurred when generating getPKIMessage";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (MessageDecodingException e) {
String errorMsg = "Message decoding issue occurred when generating getPKIMessage";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CMSException e) {
String errorMsg = "CMS issue occurred when generating getPKIMessage";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
}
@ -386,7 +371,7 @@ public class CertificateGenerator {
Collection<X509CertificateHolder> reqCerts = reqStore.getMatches(null);
if (reqCerts != null && reqCerts.size() > 0) {
CertificateFactory certificateFactory = CertificateFactory.getInstance(ConfigurationUtil.X_509);
CertificateFactory certificateFactory = CertificateFactory.getInstance(CertificateManagementConstants.X_509);
X509CertificateHolder holder = reqCerts.iterator().next();
ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(holder.getEncoded());
X509Certificate reqCert = (X509Certificate) certificateFactory.
@ -404,15 +389,12 @@ public class CertificateGenerator {
}
} catch (CMSException e) {
String errorMsg = "CMSException when decoding certificate signature";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (IOException e) {
String errorMsg = "IOException when decoding certificate signature";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateException e) {
String errorMsg = "CertificateException when decoding certificate signature";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
@ -428,7 +410,7 @@ public class CertificateGenerator {
Date validityBeginDate = commonUtil.getValidityStartDate();
Date validityEndDate = commonUtil.getValidityEndDate();
X500Name certSubject = new X500Name(ConfigurationUtil.DEFAULT_PRINCIPAL);
X500Name certSubject = new X500Name(CertificateManagementConstants.DEFAULT_PRINCIPAL);
//X500Name certSubject = request.getSubject();
Attribute attributes[] = request.getAttributes();
@ -487,10 +469,10 @@ public class CertificateGenerator {
}
}
sigGen = new JcaContentSignerBuilder(ConfigurationUtil.SHA256_RSA)
.setProvider(ConfigurationUtil.PROVIDER).build(privateKey);
sigGen = new JcaContentSignerBuilder(CertificateManagementConstants.SHA256_RSA)
.setProvider(CertificateManagementConstants.PROVIDER).build(privateKey);
issuedCert = new JcaX509CertificateConverter().setProvider(
ConfigurationUtil.PROVIDER).getCertificate(
CertificateManagementConstants.PROVIDER).getCertificate(
certificateBuilder.build(sigGen));
org.wso2.carbon.certificate.mgt.core.bean.Certificate certificate =
new org.wso2.carbon.certificate.mgt.core.bean.Certificate();
@ -501,15 +483,12 @@ public class CertificateGenerator {
saveCertInKeyStore(certificates);
} catch (CertIOException e) {
String errorMsg = "Certificate Input output issue occurred when generating generateCertificateFromCSR";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (OperatorCreationException e) {
String errorMsg = "Operator creation issue occurred when generating generateCertificateFromCSR";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateException e) {
String errorMsg = "Certificate issue occurred when generating generateCertificateFromCSR";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
@ -540,11 +519,9 @@ public class CertificateGenerator {
return generator.generate(new CMSAbsentContent());
} catch (CertificateEncodingException e) {
String errorMsg = "Certificate encoding issue occurred when generating getMessageData";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CMSException e) {
String errorMsg = "Message decoding issue occurred when generating getMessageData";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
}
@ -563,30 +540,26 @@ public class CertificateGenerator {
String temp = new String(keyBytes);
String privateKeyPEM = temp.replace(
ConfigurationUtil.RSA_PRIVATE_KEY_BEGIN_TEXT, ConfigurationUtil.EMPTY_TEXT);
CertificateManagementConstants.RSA_PRIVATE_KEY_BEGIN_TEXT, CertificateManagementConstants.EMPTY_TEXT);
privateKeyPEM = privateKeyPEM
.replace(ConfigurationUtil.RSA_PRIVATE_KEY_END_TEXT, ConfigurationUtil.EMPTY_TEXT);
.replace(CertificateManagementConstants.RSA_PRIVATE_KEY_END_TEXT, CertificateManagementConstants.EMPTY_TEXT);
byte[] decoded = Base64.decodeBase64(privateKeyPEM);
PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(decoded);
KeyFactory keyFactory = KeyFactory.getInstance(ConfigurationUtil.RSA);
KeyFactory keyFactory = KeyFactory.getInstance(CertificateManagementConstants.RSA);
return keyFactory.generatePrivate(encodedKeySpec);
} catch (FileNotFoundException e) {
String errorMsg = "Private key file not found in getSignerKey";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (IOException e) {
String errorMsg = "Input output issue in getSignerKey";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (NoSuchAlgorithmException e) {
String errorMsg = "Algorithm not not found in getSignerKey";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (InvalidKeySpecException e) {
String errorMsg = "Invalid key found in getSignerKey";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
}
@ -595,18 +568,16 @@ public class CertificateGenerator {
X509Certificate certificate;
try {
CertificateFactory certificateFactory = CertificateFactory.getInstance(ConfigurationUtil.X_509);
CertificateFactory certificateFactory = CertificateFactory.getInstance(CertificateManagementConstants.X_509);
certificate = (X509Certificate) certificateFactory.generateCertificate(
new FileInputStream(signerCertificatePath));
return certificate;
} catch (CertificateException e) {
String errorMsg = "Certificate related issue occurred in getSigner";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (FileNotFoundException e) {
String errorMsg = "Signer certificate path not found in getSigner";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
}
@ -642,15 +613,12 @@ public class CertificateGenerator {
return scepResponse;
} catch (CertificateEncodingException e) {
String errorMsg = "Certificate encoding issue occurred in getCACert";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CMSException e) {
String errorMsg = "CMS issue occurred in getCACert";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (IOException e) {
String errorMsg = "Input output issue occurred in getCACert";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
}
@ -669,12 +637,10 @@ public class CertificateGenerator {
CertificateManagementDAOFactory.commitTransaction();
} catch (CertificateManagementDAOException e) {
String errorMsg = "Error occurred when saving the generated certificate";
log.error(errorMsg, e);
CertificateManagementDAOFactory.rollbackTransaction();
throw new KeystoreException(errorMsg, e);
} catch (TransactionManagementException e) {
String errorMsg = "Error occurred when saving the generated certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
}

@ -19,11 +19,13 @@ package org.wso2.carbon.certificate.mgt.core.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.config.CertificateConfigurationManager;
import org.wso2.carbon.certificate.mgt.core.config.CertificateKeystoreConfig;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateDAO;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.util.Serializer;
@ -54,28 +56,23 @@ public class KeyStoreReader {
InputStream is = null;
KeyStore keystore;
try {
keystore = KeyStore.getInstance(ConfigurationUtil.getConfigEntry(configEntryKeyStoreType));
is = new FileInputStream(ConfigurationUtil.getConfigEntry(configEntryKeyStorePath));
keystore.load(is, ConfigurationUtil.getConfigEntry(configEntryKeyStorePassword).toCharArray());
keystore = KeyStore.getInstance(configEntryKeyStoreType);
is = new FileInputStream(configEntryKeyStorePath);
keystore.load(is, configEntryKeyStorePassword.toCharArray());
} catch (KeyStoreException e) {
String errorMsg = "KeyStore issue occurred when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (FileNotFoundException e) {
String errorMsg = "KeyStore file not found when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (NoSuchAlgorithmException e) {
String errorMsg = "Algorithm not found when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateException e) {
String errorMsg = "CertificateException when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (IOException e) {
String errorMsg = "Input output issue occurred when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} finally {
try {
@ -94,28 +91,22 @@ public class KeyStoreReader {
String configEntryKeyStorePassword) throws KeystoreException {
FileOutputStream os = null;
try {
os = new FileOutputStream(
ConfigurationUtil.getConfigEntry(configEntryKeyStorePath));
keyStore.store(os, ConfigurationUtil.getConfigEntry(configEntryKeyStorePassword).toCharArray());
os = new FileOutputStream(configEntryKeyStorePath);
keyStore.store(os, configEntryKeyStorePassword.toCharArray());
} catch (KeyStoreException e) {
String errorMsg = "KeyStore issue occurred when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (FileNotFoundException e) {
String errorMsg = "KeyStore file not found when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (NoSuchAlgorithmException e) {
String errorMsg = "Algorithm not found when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateException e) {
String errorMsg = "CertificateException when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (IOException e) {
String errorMsg = "Input output issue occurred when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} finally {
try {
@ -130,23 +121,44 @@ public class KeyStoreReader {
KeyStore loadCertificateKeyStore() throws KeystoreException {
return loadKeyStore(ConfigurationUtil.CERTIFICATE_KEYSTORE, ConfigurationUtil.PATH_CERTIFICATE_KEYSTORE,
ConfigurationUtil.CERTIFICATE_KEYSTORE_PASSWORD);
KeyStore keyStore = null;
try {
CertificateKeystoreConfig certificateKeystoreConfig = CertificateConfigurationManager.getInstance().
getCertificateKeyStoreConfig();
keyStore = loadKeyStore(certificateKeystoreConfig.getCertificateKeystoreType(),
certificateKeystoreConfig.getCertificateKeystoreLocation(),
certificateKeystoreConfig.getCertificateKeystorePassword());
} catch (CertificateManagementException e) {
String errorMsg = "Unable to find KeyStore configuration in certificate-mgt.config file.";
throw new KeystoreException(errorMsg, e);
}
return keyStore;
}
void saveCertificateKeyStore(KeyStore keyStore) throws KeystoreException {
saveKeyStore(keyStore, ConfigurationUtil.PATH_CERTIFICATE_KEYSTORE,
ConfigurationUtil.CERTIFICATE_KEYSTORE_PASSWORD);
try {
CertificateKeystoreConfig certificateKeystoreConfig = CertificateConfigurationManager.getInstance().
getCertificateKeyStoreConfig();
saveKeyStore(keyStore, certificateKeystoreConfig.getCertificateKeystoreLocation(),
certificateKeystoreConfig.getCertificateKeystorePassword());
} catch (CertificateManagementException e) {
String errorMsg = "Unable to find KeyStore configuration in certificate-mgt.config file.";
throw new KeystoreException(errorMsg, e);
}
}
public Certificate getCACertificate() throws KeystoreException {
KeyStore keystore = loadCertificateKeyStore();
Certificate caCertificate;
try {
caCertificate = keystore.getCertificate(ConfigurationUtil.getConfigEntry(ConfigurationUtil.CA_CERT_ALIAS));
CertificateKeystoreConfig certificateKeystoreConfig = CertificateConfigurationManager.getInstance().
getCertificateKeyStoreConfig();
caCertificate = keystore.getCertificate(certificateKeystoreConfig.getCACertAlias());
} catch (KeyStoreException e) {
String errorMsg = "KeyStore issue occurred when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateManagementException e) {
String errorMsg = "Unable to find KeyStore configuration in certificate-mgt.config file.";
throw new KeystoreException(errorMsg, e);
}
@ -158,24 +170,25 @@ public class KeyStoreReader {
}
PrivateKey getCAPrivateKey() throws KeystoreException {
KeyStore keyStore = loadCertificateKeyStore();
PrivateKey caPrivateKey;
try {
caPrivateKey = (PrivateKey) (keyStore.getKey(
ConfigurationUtil.getConfigEntry(ConfigurationUtil.CA_CERT_ALIAS),
ConfigurationUtil.getConfigEntry(ConfigurationUtil.KEYSTORE_CA_CERT_PRIV_PASSWORD).toCharArray()));
CertificateKeystoreConfig certificateKeystoreConfig = CertificateConfigurationManager.getInstance().
getCertificateKeyStoreConfig();
caPrivateKey = (PrivateKey) keyStore.getKey(certificateKeystoreConfig.getCACertAlias(), certificateKeystoreConfig
.
getCAPrivateKeyPassword().toCharArray());
} catch (UnrecoverableKeyException e) {
String errorMsg = "Key is unrecoverable when retrieving CA private key";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (KeyStoreException e) {
String errorMsg = "KeyStore issue occurred when retrieving CA private key";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (NoSuchAlgorithmException e) {
String errorMsg = "Algorithm not found when retrieving CA private key";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateManagementException e) {
String errorMsg = "Unable to find KeyStore configuration in certificate-mgt.config file.";
throw new KeystoreException(errorMsg, e);
}
@ -190,10 +203,14 @@ public class KeyStoreReader {
KeyStore keystore = loadCertificateKeyStore();
Certificate raCertificate;
try {
raCertificate = keystore.getCertificate(ConfigurationUtil.getConfigEntry(ConfigurationUtil.RA_CERT_ALIAS));
CertificateKeystoreConfig certificateKeystoreConfig = CertificateConfigurationManager.getInstance().
getCertificateKeyStoreConfig();
raCertificate = keystore.getCertificate(certificateKeystoreConfig.getRACertAlias());
} catch (KeyStoreException e) {
String errorMsg = "KeyStore issue occurred when retrieving RA private key";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateManagementException e) {
String errorMsg = "Unable to find KeyStore configuration in certificate-mgt.config file.";
throw new KeystoreException(errorMsg, e);
}
@ -214,15 +231,12 @@ public class KeyStoreReader {
}
} catch (CertificateManagementDAOException e) {
String errorMsg = "Error when retrieving certificate the the database for the alias " + alias;
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (ClassNotFoundException | IOException e) {
String errorMsg = "Error when de-serializing saved certificate.";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (SQLException e) {
String errorMsg = "Error when making a connection to the database.";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} finally {
CertificateManagementDAOFactory.closeConnection();
@ -234,20 +248,21 @@ public class KeyStoreReader {
KeyStore keystore = loadCertificateKeyStore();
PrivateKey raPrivateKey;
try {
raPrivateKey = (PrivateKey) (keystore.getKey(
ConfigurationUtil.getConfigEntry(ConfigurationUtil.RA_CERT_ALIAS),
ConfigurationUtil.getConfigEntry(ConfigurationUtil.KEYSTORE_RA_CERT_PRIV_PASSWORD).toCharArray()));
CertificateKeystoreConfig certificateKeystoreConfig = CertificateConfigurationManager.getInstance().
getCertificateKeyStoreConfig();
raPrivateKey = (PrivateKey) keystore.getKey(certificateKeystoreConfig.getRACertAlias(),
certificateKeystoreConfig.getRAPrivateKeyPassword().toCharArray());
} catch (UnrecoverableKeyException e) {
String errorMsg = "Key is unrecoverable when retrieving RA private key";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (KeyStoreException e) {
String errorMsg = "KeyStore issue occurred when retrieving RA private key";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (NoSuchAlgorithmException e) {
String errorMsg = "Algorithm not found when retrieving RA private key";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateManagementException e) {
String errorMsg = "Unable to find KeyStore configuration in certificate-mgt.config file.";
throw new KeystoreException(errorMsg, e);
}
@ -274,15 +289,12 @@ public class KeyStoreReader {
} catch (CertificateManagementDAOException e) {
String errorMsg = "Error when retrieving certificate from the the database for the serial number: " +
serialNumber;
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (SQLException e) {
String errorMsg = "Error when making a connection to the database.";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (ClassNotFoundException | IOException e) {
String errorMsg = "Error when de-serializing saved certificate.";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} finally {
CertificateManagementDAOFactory.closeConnection();

@ -26,8 +26,11 @@ import org.wso2.carbon.certificate.mgt.core.config.CertificateConfigurationManag
import org.wso2.carbon.certificate.mgt.core.config.CertificateManagementConfig;
import org.wso2.carbon.certificate.mgt.core.config.datasource.DataSourceConfig;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService;
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementServiceImpl;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import org.wso2.carbon.certificate.mgt.core.util.CertificateMgtSchemaInitializer;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
/**
@ -50,15 +53,25 @@ public class CertificateManagementServiceComponent {
log.debug("Initializing certificate management core bundle");
}
CertificateConfigurationManager.getInstance().initConfig();
CertificateManagementConfig config = CertificateConfigurationManager.getInstance().getPolicyManagementConfig();
CertificateManagementConfig config = CertificateConfigurationManager.getInstance().getCertificateManagementConfig();
DataSourceConfig dsConfig = config.getCertificateManagementRepository().getDataSourceConfig();
CertificateManagementDAOFactory.init(dsConfig);
BundleContext bundleContext = componentContext.getBundleContext();
/* If -Dsetup option enabled then create Certificate management database schema */
String setupOption =
System.getProperty(CertificateManagementConstants.SETUP_PROPERTY);
if (setupOption != null) {
if (log.isDebugEnabled()) {
log.debug("-Dsetup is enabled. Certificate management repository schema initialization is about to " +
"begin");
}
this.setupDeviceManagementSchema(dsConfig);
}
bundleContext.registerService(CertificateManagementService.class.getName(),
CertificateManagementServiceImpl.getInstance(), null);
if (log.isDebugEnabled()) {
log.debug("Certificate management core bundle has been successfully initialized");
}
@ -86,4 +99,19 @@ public class CertificateManagementServiceComponent {
CertificateManagementDataHolder.getInstance().setDeviceManagementService(null);
}
private void setupDeviceManagementSchema(DataSourceConfig config) throws CertificateManagementException {
CertificateMgtSchemaInitializer initializer = new CertificateMgtSchemaInitializer(config);
log.info("Initializing Certificate management repository database schema");
try {
initializer.createRegistryDatabase();
} catch (Exception e) {
throw new CertificateManagementException(
"Error occurred while initializing Certificate Management database schema", e);
}
if (log.isDebugEnabled()) {
log.debug("Certificate management metadata repository schema has been successfully initialized");
}
}
}

@ -22,8 +22,6 @@ import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementExcep
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.device.mgt.common.PaginationRequest;
import org.wso2.carbon.device.mgt.common.PaginationResult;
import java.io.InputStream;
import java.security.PrivateKey;
@ -54,31 +52,31 @@ public interface CertificateManagementService {
boolean verifySignature(String headerSignature) throws KeystoreException;
public CertificateResponse verifyPEMSignature(X509Certificate requestCertificate) throws KeystoreException;
CertificateResponse verifyPEMSignature(X509Certificate requestCertificate) throws KeystoreException;
public CertificateResponse verifySubjectDN(String requestDN) throws KeystoreException;
CertificateResponse verifySubjectDN(String requestDN) throws KeystoreException;
public X509Certificate extractCertificateFromSignature(String headerSignature) throws KeystoreException;
X509Certificate extractCertificateFromSignature(String headerSignature) throws KeystoreException;
String extractChallengeToken(X509Certificate certificate);
X509Certificate getSignedCertificateFromCSR(String binarySecurityToken) throws KeystoreException;
public CertificateResponse getCertificateBySerial(String serial) throws KeystoreException;
CertificateResponse getCertificateBySerial(String serial) throws KeystoreException;
public void saveCertificate(List<org.wso2.carbon.certificate.mgt.core.bean.Certificate> certificate)
void saveCertificate(List<org.wso2.carbon.certificate.mgt.core.bean.Certificate> certificate)
throws KeystoreException;
public X509Certificate pemToX509Certificate(String pem) throws KeystoreException;
X509Certificate pemToX509Certificate(String pem) throws KeystoreException;
public CertificateResponse retrieveCertificate(String serialNumber) throws CertificateManagementException;
CertificateResponse retrieveCertificate(String serialNumber) throws CertificateManagementException;
public PaginationResult getAllCertificates(PaginationRequest request) throws CertificateManagementException;
PaginationResult getAllCertificates(int rowNum, int limit) throws CertificateManagementException;
boolean removeCertificate(String serialNumber) throws CertificateManagementException;
public List<CertificateResponse> getCertificates() throws CertificateManagementException;
List<CertificateResponse> getCertificates() throws CertificateManagementException;
public List<CertificateResponse> searchCertificates(String serialNumber) throws CertificateManagementException;
List<CertificateResponse> searchCertificates(String serialNumber) throws CertificateManagementException;
}

@ -27,12 +27,11 @@ import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.exception.TransactionManagementException;
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
import org.wso2.carbon.certificate.mgt.core.impl.KeyStoreReader;
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
import org.wso2.carbon.device.mgt.common.PaginationRequest;
import org.wso2.carbon.device.mgt.common.PaginationResult;
import org.wso2.carbon.device.mgt.common.TransactionManagementException;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagerUtil;
import java.io.InputStream;
import java.security.PrivateKey;
@ -81,7 +80,7 @@ public class CertificateManagementServiceImpl implements CertificateManagementSe
}
public byte[] getCACapsSCEP() {
return ConfigurationUtil.POST_BODY_CA_CAPS.getBytes();
return CertificateManagementConstants.POST_BODY_CA_CAPS.getBytes();
}
public byte[] getPKIMessageSCEP(InputStream inputStream) throws KeystoreException {
@ -144,30 +143,29 @@ public class CertificateManagementServiceImpl implements CertificateManagementSe
return certificateDAO.retrieveCertificate(serialNumber);
} catch (SQLException e) {
String msg = "Error occurred while opening a connection to the underlying data source";
log.error(msg, e);
throw new CertificateManagementException(msg, e);
} catch (CertificateManagementDAOException e) {
String msg = "Error occurred while looking up for the certificate carrying the serial number '" +
serialNumber + "' in the underlying certificate repository";
log.error(msg, e);
throw new CertificateManagementException(msg, e);
} finally {
CertificateManagementDAOFactory.closeConnection();
}
}
public PaginationResult getAllCertificates(PaginationRequest request) throws CertificateManagementException {
@Override
public PaginationResult getAllCertificates(int rowNum, int limit) throws CertificateManagementException {
try {
CertificateManagementDAOFactory.openConnection();
CertificateDAO certificateDAO = CertificateManagementDAOFactory.getCertificateDAO();
return certificateDAO.getAllCertificates(request);
return certificateDAO.getAllCertificates(rowNum, CertificateManagerUtil.validateCertificateListPageSize(limit));
} catch (SQLException e) {
String msg = "Error occurred while opening a connection to the underlying data source";
log.error(msg, e);
throw new CertificateManagementException(msg, e);
} catch (CertificateManagementDAOException e) {
String msg = "Error occurred while looking up for the list of certificates managed in the underlying " +
"certificate repository";
"certificate repository";
log.error(msg, e);
throw new CertificateManagementException(msg, e);
} finally {

@ -0,0 +1,79 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.service;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import java.io.Serializable;
import java.util.List;
/**
* This class holds necessary data to represent a paginated result.
*/
@ApiModel(value = "PaginationResult", description = "This class carries all information related Pagination Result")
public class PaginationResult implements Serializable {
private static final long serialVersionUID = 1998101711L;
@ApiModelProperty(name = "recordsTotal", value = "The total number of records that are given before filtering", required = true)
private int recordsTotal;
@ApiModelProperty(name = "recordsFiltered", value = "The total number of records that are given after filtering", required = true)
private int recordsFiltered;
@ApiModelProperty(name = "draw", value = "The draw counter that this object is a response to, from the draw parameter sent as part of the data request", required = true)
private int draw;
@ApiModelProperty(name = "data", value = "This holds the db records that matches given criteria", required = true)
private List<?> data;
public int getRecordsTotal() {
return recordsTotal;
}
public int getRecordsFiltered() {
return recordsFiltered;
}
public void setRecordsFiltered(int recordsFiltered) {
this.recordsFiltered = recordsFiltered;
}
public void setRecordsTotal(int recordsTotal) {
this.recordsTotal = recordsTotal;
}
public List<?> getData() {
return data;
}
public void setData(List<?> data) {
this.data = data;
}
public int getDraw() {
return draw;
}
public void setDraw(int draw) {
this.draw = draw;
}
}

@ -21,6 +21,34 @@ package org.wso2.carbon.certificate.mgt.core.util;
public final class CertificateManagementConstants {
public static final String DEVICE_CONFIG_XML_NAME = "cdm-config.xml";
public static final String CERTIFICATE_CONFIG_XML_FILE = "certificate-config.xml";
public static final String SETUP_PROPERTY = "setup";
public static final String CARBON_HOME = "carbon.home";
public static final String CARBON_HOME_ENTRY = "${carbon.home}";
public static final String PROVIDER = "BC";
public static final String CERTIFICATE_KEYSTORE = "CertificateKeystoreType";
public static final String RSA = "RSA";
public static final String SHA256_RSA = "SHA256WithRSAEncryption";
public static final String X_509 = "X.509";
public static final String POST_BODY_CA_CAPS = "POSTPKIOperation\nSHA-1\nDES3\n";
public static final String DES_EDE = "DESede";
public static final String CONF_LOCATION = "conf.location";
public static final String DEFAULT_PRINCIPAL = "O=WSO2, OU=Mobile, C=LK";
public static final String RSA_PRIVATE_KEY_BEGIN_TEXT = "-----BEGIN RSA PRIVATE KEY-----\n";
public static final String RSA_PRIVATE_KEY_END_TEXT = "-----END RSA PRIVATE KEY-----";
public static final String EMPTY_TEXT = "";
public static final int RSA_KEY_LENGTH = 1024;
public static final class DataBaseTypes {
private DataBaseTypes() {
throw new AssertionError();
}
public static final String DB_TYPE_MYSQL = "MySQL";
public static final String DB_TYPE_ORACLE = "Oracle";
public static final String DB_TYPE_MSSQL = "Microsoft SQL Server";
public static final String DB_TYPE_DB2 = "DB2";
public static final String DB_TYPE_H2 = "H2";
public static final String DB_TYPE_POSTGRESQL = "PostgreSQL";
}
}

@ -22,6 +22,8 @@ package org.wso2.carbon.certificate.mgt.core.util;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Document;
import org.wso2.carbon.certificate.mgt.core.config.CertificateConfigurationManager;
import org.wso2.carbon.certificate.mgt.core.config.CertificateManagementConfig;
import org.wso2.carbon.certificate.mgt.core.config.datasource.DataSourceConfig;
import org.wso2.carbon.certificate.mgt.core.config.datasource.JNDILookupDefinition;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOUtil;
@ -88,4 +90,18 @@ public class CertificateManagerUtil {
return dataSource;
}
public static int validateCertificateListPageSize(int limit) throws CertificateManagementException {
if (limit == 0) {
CertificateManagementConfig certificateManagementConfig = CertificateConfigurationManager.getInstance().
getCertificateManagementConfig();
if (certificateManagementConfig != null) {
return certificateManagementConfig.getDefaultPageSize();
} else {
throw new CertificateManagementException("Certificate-Mgt configuration has not initialized. Please check the " +
"certificate-config.xml file.");
}
}
return limit;
}
}

@ -0,0 +1,47 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.util;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.config.datasource.DataSourceConfig;
import org.wso2.carbon.utils.CarbonUtils;
import org.wso2.carbon.utils.dbcreator.DatabaseCreator;
import java.io.File;
public final class CertificateMgtSchemaInitializer extends DatabaseCreator {
private static final Log log = LogFactory.getLog(CertificateMgtSchemaInitializer.class);
private static final String setupSQLScriptBaseLocation =
CarbonUtils.getCarbonHome() + File.separator + "dbscripts" + File.separator + "certMgt" + File.separator;
public CertificateMgtSchemaInitializer(DataSourceConfig config) {
super(CertificateManagerUtil.resolveDataSource(config));
}
protected String getDbScriptLocation(String databaseType) {
String scriptName = databaseType + ".sql";
if (log.isDebugEnabled()) {
log.debug("Loading database script from :" + scriptName);
}
return setupSQLScriptBaseLocation.replaceFirst("DBTYPE", databaseType) + scriptName;
}
}

@ -28,7 +28,6 @@ public class CommonUtil {
Calendar calendar = Calendar.getInstance();
calendar.setTime(targetDate);
calendar.add(Calendar.DATE, -2);
return calendar.getTime();
}
@ -37,7 +36,6 @@ public class CommonUtil {
Calendar calendar = Calendar.getInstance();
calendar.setTime(targetDate);
calendar.add(Calendar.YEAR, 100);
return calendar.getTime();
}

@ -1,138 +0,0 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.util;
import org.w3c.dom.Document;
import org.w3c.dom.NodeList;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.xml.sax.SAXException;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import java.io.File;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
public class ConfigurationUtil {
public static final String PATH_CERTIFICATE_KEYSTORE = "CertificateKeystoreLocation";
public static final String CERTIFICATE_KEYSTORE_PASSWORD = "CertificateKeystorePassword";
public static final String KEYSTORE_CA_CERT_PRIV_PASSWORD = "CAPrivateKeyPassword";
public static final String KEYSTORE_RA_CERT_PRIV_PASSWORD = "RAPrivateKeyPassword";
public static final String CA_CERT_ALIAS = "CACertAlias";
public static final String RA_CERT_ALIAS = "RACertAlias";
public static final String SIGNATURE_ALGORITHM = "SHA1withRSA";
public static final String PROVIDER = "BC";
public static final String KEYSTORE = "Type";
public static final String CERTIFICATE_KEYSTORE = "CertificateKeystoreType";
public static final String RSA = "RSA";
public static final String UTF_8 = "UTF-8";
public static final String SHA256_RSA = "SHA256WithRSAEncryption";
public static final String X_509 = "X.509";
public static final String POST_BODY_CA_CAPS = "POSTPKIOperation\nSHA-1\nDES3\n";
public static final String DES_EDE = "DESede";
public static final String CONF_LOCATION = "conf.location";
public static final String DEFAULT_PRINCIPAL = "O=WSO2, OU=Mobile, C=LK";
public static final String RSA_PRIVATE_KEY_BEGIN_TEXT = "-----BEGIN RSA PRIVATE KEY-----\n";
public static final String RSA_PRIVATE_KEY_END_TEXT = "-----END RSA PRIVATE KEY-----";
public static final String EMPTY_TEXT = "";
public static final int RSA_KEY_LENGTH = 1024;
public static final long MILLI_SECONDS = 1000L * 60 * 60 * 24;
private static final String CARBON_HOME = "carbon.home";
private static final String CERTIFICATE_CONFIG_XML = "certificate-config.xml";
private static final String CARBON_HOME_ENTRY = "${carbon.home}";
private static final String[] certificateConfigEntryNames = { CA_CERT_ALIAS, RA_CERT_ALIAS,
CERTIFICATE_KEYSTORE, PATH_CERTIFICATE_KEYSTORE, CERTIFICATE_KEYSTORE_PASSWORD,
KEYSTORE_CA_CERT_PRIV_PASSWORD, KEYSTORE_RA_CERT_PRIV_PASSWORD };
private static ConfigurationUtil configurationUtil;
private static Map<String, String> configMap;
private static Map<String, String> readCertificateConfigurations() throws KeystoreException {
String certConfLocation = System.getProperty(CONF_LOCATION) + File.separator + CERTIFICATE_CONFIG_XML;
if (configurationUtil == null || configMap == null) {
configurationUtil = new ConfigurationUtil();
configMap = new HashMap<String, String>();
Document document;
try {
File fXmlFile = new File(certConfLocation);
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
document = documentBuilder.parse(fXmlFile);
} catch (ParserConfigurationException e) {
throw new KeystoreException("Error parsing configuration in certificate-config.xml file");
} catch (SAXException e) {
throw new KeystoreException("SAX exception in certificate-config.xml file");
} catch (IOException e) {
throw new KeystoreException("Error reading certificate-config.xml file");
}
for (String configEntry : certificateConfigEntryNames) {
NodeList elements = document.getElementsByTagName(configEntry);
if (elements != null && elements.getLength() > 0) {
configMap.put(configEntry, elements.item(0).getTextContent());
}
}
String certKeyStoreLocation = replaceCarbonHomeEnvEntry(configMap.get(PATH_CERTIFICATE_KEYSTORE));
if (certKeyStoreLocation != null) {
configMap.put(PATH_CERTIFICATE_KEYSTORE, certKeyStoreLocation);
}
}
return configMap;
}
public static String getConfigEntry(final String entry) throws KeystoreException {
Map<String, String> configurationMap = readCertificateConfigurations();
String configValue = configurationMap.get(entry);
if (configValue == null) {
throw new KeystoreException(String.format("Configuration entry %s not available", entry));
}
return configValue.trim();
}
private static String replaceCarbonHomeEnvEntry(String entry) {
if (entry != null && entry.toLowerCase().contains(CARBON_HOME_ENTRY)) {
return entry.replace(CARBON_HOME_ENTRY, System.getProperty(CARBON_HOME));
}
return null;
}
public static ConfigurationUtil getInstance() {
if (configurationUtil == null) {
synchronized (ConfigurationUtil.class) {
if (configurationUtil == null) {
configurationUtil = new ConfigurationUtil();
}
}
}
return configurationUtil;
}
}

@ -1,15 +0,0 @@
package org.wso2.carbon.certificate.mgt.core.util;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.context.PrivilegedCarbonContext;
public class TenantUtil {
private static final Log log = LogFactory.getLog(TenantUtil.class);
public static int getTenanntId(String tenantDomain) throws CertificateManagementException {
return PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
}
}

@ -6,7 +6,7 @@ import org.apache.commons.logging.LogFactory;
import org.testng.Assert;
import org.testng.annotations.Test;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import java.io.File;
import java.io.IOException;
@ -34,8 +34,8 @@ public class CertificateGeneratorTestSuite {
List<X509Certificate> rootCertificates = certificateGenerator.getRootCertificates(ca, ra);
Assert.assertNotNull(rootCertificates, "Root certificates retrieved");
Assert.assertEquals(rootCertificates.get(0).getType(), ConfigurationUtil.X_509);
Assert.assertEquals(rootCertificates.get(1).getType(), ConfigurationUtil.X_509);
Assert.assertEquals(rootCertificates.get(0).getType(), CertificateManagementConstants.X_509);
Assert.assertEquals(rootCertificates.get(1).getType(), CertificateManagementConstants.X_509);
} catch (IOException e) {
Assert.fail("Error reading byte streams for CA and RA ", e);
} catch (KeystoreException e) {

@ -41,7 +41,7 @@ public class PaginationResult implements Serializable {
@ApiModelProperty(name = "draw", value = "The draw counter that this object is a response to, from the draw parameter sent as part of the data request", required = true)
private int draw;
@ApiModelProperty(name = "data", value = "The details of the SSL certificate", required = true)
@ApiModelProperty(name = "data", value = "This holds the database records that matches given criteria", required = true)
private List<?> data;
public int getRecordsTotal() {

@ -26,7 +26,7 @@ public final class DeviceManagementConstants {
throw new AssertionError();
}
public static final String PROPERTY_SETUP = "setup";
public static final String SETUP_PROPERTY = "setup";
public static final String DEFAULT_LICENSE_CONFIG_XML_NAME = "license-config.xml";
}

@ -93,7 +93,7 @@ public class OracleDeviceDAOImpl extends AbstractDeviceDAOImpl {
isStatusProvided = true;
}
sql = sql + " ) rs ) WHERE offset >= ? AND ROWNUM <= ?";
sql = sql + " ) rs ) WHERE OFFSET >= ? AND ROWNUM <= ?";
stmt = conn.prepareStatement(sql);
stmt.setInt(1, tenantId);

@ -169,7 +169,7 @@ public class DeviceManagementServiceComponent {
/* If -Dsetup option enabled then create device management database schema */
String setupOption =
System.getProperty(DeviceManagementConstants.Common.PROPERTY_SETUP);
System.getProperty(DeviceManagementConstants.Common.SETUP_PROPERTY);
if (setupOption != null) {
if (log.isDebugEnabled()) {
log.debug("-Dsetup is enabled. Device management repository schema initialization is about to " +

@ -16,4 +16,14 @@
<!-- Registration authority private key password -->
<RAPrivateKeyPassword>racert</RAPrivateKeyPassword>
</CertificateKeystore>
<!-- Certificate Mgt DB schema -->
<ManagementRepository>
<DataSourceConfiguration>
<JndiLookupDefinition>
<Name>jdbc/DM_DS</Name>
</JndiLookupDefinition>
</DataSourceConfiguration>
</ManagementRepository>
<!-- Default page size of GET certificates API -->
<DefaultPageSize>10</DefaultPageSize>
</CertificateConfigurations>

@ -1,4 +1,4 @@
instructions.configure = \
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.certificate.mgt.server_${feature.version}/conf/wso2certs.jks,target:${installFolder}/../../resources/security/wso2certs.jks,overwrite:true);\
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.certificate.mgt.server_${feature.version}/conf/certificate-config.xml,target:${installFolder}/../../conf/certificate-config.xml,overwrite:true);\
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.certificate.mgt.server_${feature.version}/dbscripts/cdm/,target:${installFolder}/../../../dbscripts/cdm,overwrite:true);\
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.certificate.mgt.server_${feature.version}/dbscripts/,target:${installFolder}/../../../dbscripts,overwrite:true);\

@ -62,6 +62,7 @@
</Operation>
</Operations>
</TaskConfiguration>
<!-- Default Page size configuration for paginated DM APIs-->
<PaginationConfiguration>
<DeviceListPageSize>20</DeviceListPageSize>
<NotificationListPageSize>20</NotificationListPageSize>

Loading…
Cancel
Save