implement certificateManagement service

4.x.x
hasuniea 9 years ago
parent 3a6e9f09fa
commit 2c2216e48d

@ -613,7 +613,7 @@ public class CertificateGenerator {
return null; return null;
} }
public X509Certificate getSignCertificateFromCSR(String binarySecurityToken, public X509Certificate getSignedCertificateFromCSR(String binarySecurityToken,
X509Certificate caCert, List certPropertyList) X509Certificate caCert, List certPropertyList)
throws KeystoreException { throws KeystoreException {
byte[] byteArrayBst = DatatypeConverter.parseBase64Binary(binarySecurityToken); byte[] byteArrayBst = DatatypeConverter.parseBase64Binary(binarySecurityToken);
@ -635,7 +635,7 @@ public class CertificateGenerator {
private static X509Certificate signCSR(JcaPKCS10CertificationRequest jcaRequest, private static X509Certificate signCSR(JcaPKCS10CertificationRequest jcaRequest,
PrivateKey privateKey, X509Certificate caCert, PrivateKey privateKey, X509Certificate caCert,
List certParameterList) { List certParameterList) throws KeystoreException {
String commonName = String commonName =
(String) certParameterList.get(PropertyIndex.COMMON_NAME_INDEX.getValue()); (String) certParameterList.get(PropertyIndex.COMMON_NAME_INDEX.getValue());
@ -644,7 +644,7 @@ public class CertificateGenerator {
int notAfterDays = int notAfterDays =
(Integer) certParameterList.get(PropertyIndex.NOT_AFTER_DAYS_INDEX.getValue()); (Integer) certParameterList.get(PropertyIndex.NOT_AFTER_DAYS_INDEX.getValue());
X509v3CertificateBuilder certificateBuilder; X509v3CertificateBuilder certificateBuilder;
X509Certificate signedCertificate = null; X509Certificate signedCertificate;
try { try {
ContentSigner signer; ContentSigner signer;
@ -674,16 +674,20 @@ public class CertificateGenerator {
ConfigurationUtil.PROVIDER).getCertificate( ConfigurationUtil.PROVIDER).getCertificate(
certificateBuilder.build(signer)); certificateBuilder.build(signer));
} catch (InvalidKeyException e) { } catch (InvalidKeyException e) {
//throw new CertificateGenerationException("CSR's public key is invalid", e); String errorMsg = "CSR's public key is invalid";
throw new KeystoreException(errorMsg, e);
} catch (NoSuchAlgorithmException e) { } catch (NoSuchAlgorithmException e) {
//throw new CertificateGenerationException("Certificate cannot be generated", e); String errorMsg = "Certificate cannot be generated";
throw new KeystoreException(errorMsg, e);
} catch (CertIOException e) { } catch (CertIOException e) {
// throw new CertificateGenerationException( String errorMsg = "Cannot add extension(s) to signed certificate";
// "Cannot add extension(s) to signed certificate", e); throw new KeystoreException(errorMsg, e);
} catch (OperatorCreationException e) { } catch (OperatorCreationException e) {
// throw new CertificateGenerationException("Content signer cannot be created", e); String errorMsg = "Content signer cannot be created";
throw new KeystoreException(errorMsg, e);
} catch (CertificateException e) { } catch (CertificateException e) {
//throw new CertificateGenerationException("Signed certificate cannot be generated", e); String errorMsg = "Signed certificate cannot be generated";
throw new KeystoreException(errorMsg, e);
} }
return signedCertificate; return signedCertificate;
} }

@ -54,6 +54,6 @@ public interface CertificateManagementService {
String extractChallengeToken(X509Certificate certificate); String extractChallengeToken(X509Certificate certificate);
X509Certificate getSignCertificateFromCSR(String binarySecurityToken, X509Certificate caCert, X509Certificate getSignedCertificateFromCSR(String binarySecurityToken, X509Certificate caCert,
List certParameterList) throws KeystoreException; List certParameterList) throws KeystoreException;
} }

@ -101,10 +101,9 @@ public class CertificateManagementServiceImpl implements CertificateManagementSe
return certificateGenerator.extractChallengeToken(certificate); return certificateGenerator.extractChallengeToken(certificate);
} }
public X509Certificate getSignCertificateFromCSR(String binarySecurityToken, public X509Certificate getSignedCertificateFromCSR(String binarySecurityToken,
X509Certificate caCert, List certParameterList) X509Certificate caCert, List certParameterList)
throws KeystoreException { throws KeystoreException {
return certificateGenerator.getSignCertificateFromCSR(binarySecurityToken, caCert, return certificateGenerator.getSignedCertificateFromCSR(binarySecurityToken, caCert, certParameterList);
certParameterList);
} }
} }

Loading…
Cancel
Save