certificate persistance and ritrival from the database

revert-70aa11f8
inosh-perera 9 years ago
parent cd33b2bb4e
commit 3b1a3073f5

@ -75,16 +75,19 @@
org.jscep.transaction, org.jscep.transaction,
org.w3c.dom, org.w3c.dom,
org.xml.sax, org.xml.sax,
javax.sql,
javax.cache,
javax.naming,
javax.xml.bind.annotation,
javax.xml.bind, javax.xml.bind,
org.wso2.carbon.utils.*,
org.wso2.carbon.device.mgt.common.*,
org.wso2.carbon.device.mgt.core.*,
org.bouncycastle.pkcs.jcajce org.bouncycastle.pkcs.jcajce
</Import-Package> </Import-Package>
<Export-Package> <Export-Package>
!org.wso2.carbon.certificate.mgt.core.internal.*, !org.wso2.carbon.certificate.mgt.core.internal.*,
org.wso2.carbon.certificate.mgt.core.dto.*, org.wso2.carbon.certificate.mgt.core.*
org.wso2.carbon.certificate.mgt.core.exception.*,
org.wso2.carbon.certificate.mgt.core.impl.*,
org.wso2.carbon.certificate.mgt.core.service.*,
org.wso2.carbon.certificate.mgt.core.util.*
</Export-Package> </Export-Package>
</instructions> </instructions>
</configuration> </configuration>
@ -113,8 +116,8 @@
<artifactId>org.eclipse.osgi</artifactId> <artifactId>org.eclipse.osgi</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.eclipse.osgi</groupId> <groupId>org.eclipse.equinox</groupId>
<artifactId>org.eclipse.osgi.services</artifactId> <artifactId>org.eclipse.equinox.common</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.testng</groupId> <groupId>org.testng</groupId>
@ -148,6 +151,20 @@
<groupId>commons-io.wso2</groupId> <groupId>commons-io.wso2</groupId>
<artifactId>commons-io</artifactId> <artifactId>commons-io</artifactId>
</dependency> </dependency>
<dependency>
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.utils</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.core</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.common</artifactId>
</dependency>
</dependencies> </dependencies>
</project> </project>

@ -0,0 +1,76 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.config;
import org.w3c.dom.Document;
import org.wso2.carbon.certificate.mgt.core.config.datasource.DataSourceConfig;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagerUtil;
import org.wso2.carbon.utils.CarbonUtils;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.Unmarshaller;
import java.io.File;
/**
* Class responsible for the certificate manager configuration initialization
*/
public class CertificateConfigurationManager {
private CertificateManagementConfig currentPolicyConfig;
private static CertificateConfigurationManager certificateConfigurationManager;
private final String deviceMgtConfigXMLPath = CarbonUtils.getCarbonConfigDirPath() + File.separator +
CertificateManagementConstants.DEVICE_CONFIG_XML_NAME;
public static CertificateConfigurationManager getInstance() {
if (certificateConfigurationManager == null) {
synchronized (CertificateConfigurationManager.class) {
if (certificateConfigurationManager == null) {
certificateConfigurationManager = new CertificateConfigurationManager();
}
}
}
return certificateConfigurationManager;
}
public synchronized void initConfig() throws CertificateManagementException {
try {
File deviceMgtConfig = new File(deviceMgtConfigXMLPath);
Document doc = CertificateManagerUtil.convertToDocument(deviceMgtConfig);
/* Un-marshaling Device Management configuration */
JAXBContext rssContext = JAXBContext.newInstance(CertificateManagementConfig.class);
Unmarshaller unmarshaller = rssContext.createUnmarshaller();
this.currentPolicyConfig = (CertificateManagementConfig) unmarshaller.unmarshal(doc);
} catch (Exception e) {
throw new CertificateManagementException("Error occurred while initializing device config", e);
}
}
public CertificateManagementConfig getPolicyManagementConfig() {
return currentPolicyConfig;
}
public DataSourceConfig getDataSourceConfig() {
return currentPolicyConfig.getCertificateManagementRepository().getDataSourceConfig();
}
}

@ -0,0 +1,42 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.config;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
/**
* Represents Device Mgt configuration.
*/
@XmlRootElement(name = "DeviceMgtConfiguration")
public final class CertificateManagementConfig {
public void setCertificateManagementRepository(CertificateManagementRepository certificateManagementRepository) {
this.certificateManagementRepository = certificateManagementRepository;
}
private CertificateManagementRepository certificateManagementRepository;
@XmlElement(name = "ManagementRepository", nillable = false)
public CertificateManagementRepository getCertificateManagementRepository() {
return certificateManagementRepository;
}
}

@ -0,0 +1,44 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.config;
import org.wso2.carbon.certificate.mgt.core.config.datasource.DataSourceConfig;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
/**
* Class for holding management repository data
*/
@XmlRootElement(name = "ManagementRepository")
public class CertificateManagementRepository {
private DataSourceConfig dataSourceConfig;
@XmlElement(name = "DataSourceConfiguration", nillable = false)
public DataSourceConfig getDataSourceConfig() {
return dataSourceConfig;
}
public void setDataSourceConfig(DataSourceConfig dataSourceConfig) {
this.dataSourceConfig = dataSourceConfig;
}
}

@ -0,0 +1,46 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.config.datasource;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
/**
* Class for holding data source configuration in cdm-config.xml at parsing with JAXB
*/
@XmlRootElement(name = "DataSourceConfiguration")
public class DataSourceConfig {
private JNDILookupDefinition jndiLookupDefinition;
@XmlElement(name = "JndiLookupDefinition", nillable = true)
public JNDILookupDefinition getJndiLookupDefinition() {
return jndiLookupDefinition;
}
public void setJndiLookupDefinition(JNDILookupDefinition jndiLookupDefinition) {
this.jndiLookupDefinition = jndiLookupDefinition;
}
}
// CREATE TABLE IF NOT EXISTS DM_DEVICE_CERTIFICATE (
// ID INTEGER auto_increment NOT NULL,
// SERIAL_NUMBER VARCHAR(500) DEFAULT NULL,
// CERTIFICATE BLOB DEFAULT NULL,
// PRIMARY KEY (ID)
// );

@ -0,0 +1,79 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.config.datasource;
import javax.xml.bind.annotation.*;
import java.util.List;
/**
* Class for hold JndiLookupDefinition of cdm-config.xml at parsing with JAXB
*/
@XmlRootElement(name = "JndiLookupDefinition")
public class JNDILookupDefinition {
private String jndiName;
private List<JNDIProperty> jndiProperties;
@XmlElement(name = "Name", nillable = false)
public String getJndiName() {
return jndiName;
}
public void setJndiName(String jndiName) {
this.jndiName = jndiName;
}
@XmlElementWrapper(name = "Environment", nillable = false)
@XmlElement(name = "Property", nillable = false)
public List<JNDIProperty> getJndiProperties() {
return jndiProperties;
}
public void setJndiProperties(List<JNDIProperty> jndiProperties) {
this.jndiProperties = jndiProperties;
}
@XmlRootElement(name = "Property")
public static class JNDIProperty {
private String name;
private String value;
@XmlAttribute(name = "Name")
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
@XmlValue
public String getValue() {
return value;
}
public void setValue(String value) {
this.value = value;
}
}
}

@ -0,0 +1,48 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.dao;
import java.io.ByteArrayInputStream;
/**
* This class represents the key operations associated with persisting certificate related
* information.
*/
public interface CertificateDAO {
/**
* This can be used to store a certificate in the database, where it will be stored against the serial number
* of the certificate.
* @param byteArrayInputStream Holds the certificate.
* @param serialNumber Serial number of the certificate.
* @throws CertificateManagementDAOException
*/
void addCertificate(ByteArrayInputStream byteArrayInputStream, String serialNumber
) throws CertificateManagementDAOException;
/**
* Usage is to obtain a certificate stored in the database by providing the serial number.
* @param serialNumber Serial number of the certificate.
* @return representation of the certificate.
* @throws CertificateManagementDAOException
*/
byte[] retrieveCertificate(String serialNumber
) throws CertificateManagementDAOException;
}

@ -0,0 +1,78 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.dao;
/**
* Custom exception class for data access related exceptions.
*/
public class CertificateManagementDAOException extends Exception {
private String message;
private static final long serialVersionUID = 2021891706072918864L;
/**
* Constructs a new exception with the specified detail message and nested exception.
*
* @param message error message
* @param nestedException exception
*/
public CertificateManagementDAOException(String message, Exception nestedException) {
super(message, nestedException);
setErrorMessage(message);
}
/**
* Constructs a new exception with the specified detail message and cause.
*
* @param message the detail message.
* @param cause the cause of this exception.
*/
public CertificateManagementDAOException(String message, Throwable cause) {
super(message, cause);
setErrorMessage(message);
}
/**
* Constructs a new exception with the specified detail message
*
* @param message the detail message.
*/
public CertificateManagementDAOException(String message) {
super(message);
setErrorMessage(message);
}
/**
* Constructs a new exception with the specified and cause.
*
* @param cause the cause of this exception.
*/
public CertificateManagementDAOException(Throwable cause) {
super(cause);
}
public String getMessage() {
return message;
}
public void setErrorMessage(String errorMessage) {
this.message = errorMessage;
}
}

@ -0,0 +1,182 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
* either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.dao;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.config.datasource.DataSourceConfig;
import org.wso2.carbon.certificate.mgt.core.config.datasource.JNDILookupDefinition;
import org.wso2.carbon.certificate.mgt.core.dao.impl.GenericCertificateDAOImpl;
import org.wso2.carbon.device.mgt.common.DeviceManagementConstants;
import org.wso2.carbon.device.mgt.common.IllegalTransactionStateException;
import org.wso2.carbon.device.mgt.common.TransactionManagementException;
import javax.sql.DataSource;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.Hashtable;
import java.util.List;
public class CertificateManagementDAOFactory {
private static DataSource dataSource;
private static String databaseEngine;
private static final Log log = LogFactory.getLog(CertificateManagementDAOFactory.class);
private static ThreadLocal<Connection> currentConnection = new ThreadLocal<Connection>();
public static CertificateDAO getCertificateDAO() {
return new GenericCertificateDAOImpl();
}
public static void init(DataSourceConfig config) {
dataSource = resolveDataSource(config);
try {
databaseEngine = dataSource.getConnection().getMetaData().getDatabaseProductName();
} catch (SQLException e) {
log.error("Error occurred while retrieving config.datasource connection", e);
}
}
public static void init(DataSource dtSource) {
dataSource = dtSource;
try {
databaseEngine = dataSource.getConnection().getMetaData().getDatabaseProductName();
} catch (SQLException e) {
log.error("Error occurred while retrieving config.datasource connection", e);
}
}
public static void beginTransaction() throws TransactionManagementException {
Connection conn = currentConnection.get();
if (conn != null) {
throw new IllegalTransactionStateException("A transaction is already active within the context of " +
"this particular thread. Therefore, calling 'beginTransaction/openConnection' while another " +
"transaction is already active is a sign of improper transaction handling");
}
try {
conn = dataSource.getConnection();
conn.setAutoCommit(false);
currentConnection.set(conn);
} catch (SQLException e) {
throw new TransactionManagementException("Error occurred while retrieving config.datasource connection", e);
}
}
public static void openConnection() throws SQLException {
Connection conn = currentConnection.get();
if (conn != null) {
throw new IllegalTransactionStateException("A transaction is already active within the context of " +
"this particular thread. Therefore, calling 'beginTransaction/openConnection' while another " +
"transaction is already active is a sign of improper transaction handling");
}
conn = dataSource.getConnection();
currentConnection.set(conn);
}
public static Connection getConnection() throws SQLException {
Connection conn = currentConnection.get();
if (conn == null) {
throw new IllegalTransactionStateException("No connection is associated with the current transaction. " +
"This might have ideally been caused by not properly initiating the transaction via " +
"'beginTransaction'/'openConnection' methods");
}
return conn;
}
public static void commitTransaction() {
Connection conn = currentConnection.get();
if (conn == null) {
throw new IllegalTransactionStateException("No connection is associated with the current transaction. " +
"This might have ideally been caused by not properly initiating the transaction via " +
"'beginTransaction'/'openConnection' methods");
}
try {
conn.commit();
} catch (SQLException e) {
log.error("Error occurred while committing the transaction", e);
}
}
public static void rollbackTransaction() {
Connection conn = currentConnection.get();
if (conn == null) {
throw new IllegalTransactionStateException("No connection is associated with the current transaction. " +
"This might have ideally been caused by not properly initiating the transaction via " +
"'beginTransaction'/'openConnection' methods");
}
try {
conn.rollback();
} catch (SQLException e) {
log.warn("Error occurred while roll-backing the transaction", e);
}
}
public static void closeConnection() {
Connection conn = currentConnection.get();
if (conn == null) {
throw new IllegalTransactionStateException("No connection is associated with the current transaction. " +
"This might have ideally been caused by not properly initiating the transaction via " +
"'beginTransaction'/'openConnection' methods");
}
try {
conn.close();
} catch (SQLException e) {
log.warn("Error occurred while close the connection");
}
currentConnection.remove();
}
/**
* Resolve data source from the data source definition.
*
* @param config data source configuration
* @return data source resolved from the data source definition
*/
private static DataSource resolveDataSource(DataSourceConfig config) {
DataSource dataSource = null;
if (config == null) {
throw new RuntimeException(
"Device Management Repository data source configuration " + "is null and " +
"thus, is not initialized"
);
}
JNDILookupDefinition jndiConfig = config.getJndiLookupDefinition();
if (jndiConfig != null) {
if (log.isDebugEnabled()) {
log.debug("Initializing Device Management Repository data source using the JNDI " +
"Lookup Definition");
}
List<JNDILookupDefinition.JNDIProperty> jndiPropertyList =
jndiConfig.getJndiProperties();
if (jndiPropertyList != null) {
Hashtable<Object, Object> jndiProperties = new Hashtable<Object, Object>();
for (JNDILookupDefinition.JNDIProperty prop : jndiPropertyList) {
jndiProperties.put(prop.getName(), prop.getValue());
}
dataSource = CertificateManagementDAOUtil.lookupDataSource(jndiConfig.getJndiName(), jndiProperties);
} else {
dataSource = CertificateManagementDAOUtil.lookupDataSource(jndiConfig.getJndiName(), null);
}
}
return dataSource;
}
}

@ -0,0 +1,77 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.dao;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import javax.naming.InitialContext;
import javax.sql.DataSource;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Hashtable;
public class CertificateManagementDAOUtil {
private static final Log log = LogFactory.getLog(CertificateManagementDAOUtil.class);
public static DataSource lookupDataSource(String dataSourceName, final Hashtable<Object, Object> jndiProperties) {
try {
if (jndiProperties == null || jndiProperties.isEmpty()) {
return (DataSource) InitialContext.doLookup(dataSourceName);
}
final InitialContext context = new InitialContext(jndiProperties);
return (DataSource) context.doLookup(dataSourceName);
} catch (Exception e) {
throw new RuntimeException("Error in looking up data source: " + e.getMessage(), e);
}
}
public static void cleanupResources(Connection conn, PreparedStatement stmt, ResultSet rs) {
if (rs != null) {
try {
rs.close();
} catch (SQLException e) {
log.warn("Error occurred while closing result set", e);
}
}
if (stmt != null) {
try {
stmt.close();
} catch (SQLException e) {
log.warn("Error occurred while closing prepared statement", e);
}
}
if (conn != null) {
try {
conn.close();
} catch (SQLException e) {
log.warn("Error occurred while closing database connection", e);
}
}
}
public static void cleanupResources(PreparedStatement stmt, ResultSet rs) {
cleanupResources(null, stmt, rs);
}
}

@ -0,0 +1,77 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.dao.impl;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateDAO;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOUtil;
import java.io.ByteArrayInputStream;
import java.sql.*;
public class GenericCertificateDAOImpl implements CertificateDAO {
@Override
public void addCertificate(ByteArrayInputStream byteArrayInputStream, String serialNumber)
throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
try {
conn = this.getConnection();
stmt = conn.prepareStatement("INSERT INTO DM_DEVICE_CERTIFICATE (SERIAL_NUMBER, CERTIFICATE) VALUES (?,?)");
stmt.setString(1, serialNumber);
stmt.setObject(2, byteArrayInputStream);
} catch (SQLException e) {
throw new CertificateManagementDAOException("Error occurred while saving certificate with serial " +
serialNumber, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, null);
}
}
@Override
public byte[] retrieveCertificate(String serialNumber)
throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet resultSet = null;
byte[] binaryStream = null;
try {
conn = this.getConnection();
String query = "SELECT CERTIFICATE FROM DM_DEVICE_CERTIFICATE WHERE SERIAL_NUMBER = ?";
stmt = conn.prepareStatement(query);
stmt.setString(1, serialNumber);
resultSet = stmt.executeQuery();
while (resultSet.next()) {
binaryStream = resultSet.getBytes("CERTIFICATE");
}
} catch (SQLException e) {
throw new CertificateManagementDAOException(
"Unable to get the read the certificate with serial" + serialNumber, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return binaryStream;
}
private Connection getConnection() throws SQLException {
return CertificateManagementDAOFactory.getConnection();
}
}

@ -0,0 +1,56 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.exception;
public class CertificateManagementException extends Exception {
private static final long serialVersionUID = -8935643298386912220L;
private String errorMessage;
public String getErrorMessage() {
return errorMessage;
}
public void setErrorMessage(String errorMessage) {
this.errorMessage = errorMessage;
}
public CertificateManagementException(String msg, Exception nestedEx) {
super(msg, nestedEx);
setErrorMessage(msg);
}
public CertificateManagementException(String message, Throwable cause) {
super(message, cause);
setErrorMessage(message);
}
public CertificateManagementException(String msg) {
super(msg);
setErrorMessage(msg);
}
public CertificateManagementException() {
super();
}
public CertificateManagementException(Throwable cause) {
super(cause);
}
}

@ -48,11 +48,17 @@ import org.jscep.message.*;
import org.jscep.transaction.FailInfo; import org.jscep.transaction.FailInfo;
import org.jscep.transaction.Nonce; import org.jscep.transaction.Nonce;
import org.jscep.transaction.TransactionId; import org.jscep.transaction.TransactionId;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateDAO;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dto.CAStatus; import org.wso2.carbon.certificate.mgt.core.dto.CAStatus;
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse; import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException; import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.util.CommonUtil; import org.wso2.carbon.certificate.mgt.core.util.CommonUtil;
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil; import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
import org.wso2.carbon.certificate.mgt.core.util.Serializer;
import org.wso2.carbon.device.mgt.common.TransactionManagementException;
import javax.security.auth.x500.X500Principal; import javax.security.auth.x500.X500Principal;
import javax.xml.bind.DatatypeConverter; import javax.xml.bind.DatatypeConverter;
@ -517,22 +523,38 @@ public class CertificateGenerator {
} }
} }
private void saveCertInKeyStore(X509Certificate certificate) throws KeystoreException { private void saveCertInKeyStore(X509Certificate certificate)
throws KeystoreException {
if (certificate == null) { if (certificate == null) {
return; return;
} }
try { try {
KeyStoreReader keyStoreReader = new KeyStoreReader(); String serialNumber = certificate.getSerialNumber().toString();
KeyStore keyStore = keyStoreReader.loadCertificateKeyStore(); byte[] bytes = Serializer.serialize(certificate);
keyStore.setCertificateEntry(certificate.getSerialNumber().toString(), certificate); ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bytes);
CertificateDAO certificateDAO = CertificateManagementDAOFactory.getCertificateDAO();
keyStoreReader.saveCertificateKeyStore(keyStore); CertificateManagementDAOFactory.beginTransaction();
} catch (KeyStoreException e) { certificateDAO.addCertificate(byteArrayInputStream, serialNumber);
String errorMsg = "KeySKeyStoreException occurred when saving the generated certificate"; CertificateManagementDAOFactory.commitTransaction();
} catch (IOException e) {
String errorMsg = "IOException occurred when saving the generated certificate";
log.error(errorMsg, e);
CertificateManagementDAOFactory.rollbackTransaction();
throw new KeystoreException(errorMsg, e);
} catch (CertificateManagementDAOException e) {
String errorMsg = "Error occurred when saving the generated certificate";
log.error(errorMsg, e);
CertificateManagementDAOFactory.rollbackTransaction();
throw new KeystoreException(errorMsg, e);
} catch (TransactionManagementException e) {
String errorMsg = "Error occurred when saving the generated certificate";
log.error(errorMsg, e); log.error(errorMsg, e);
CertificateManagementDAOFactory.rollbackTransaction();
throw new KeystoreException(errorMsg, e); throw new KeystoreException(errorMsg, e);
}finally {
CertificateManagementDAOFactory.closeConnection();
} }
} }

@ -19,8 +19,14 @@ package org.wso2.carbon.certificate.mgt.core.impl;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateDAO;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil; import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException; import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.util.Serializer;
import org.wso2.carbon.device.mgt.common.TransactionManagementException;
import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOFactory;
import java.io.FileInputStream; import java.io.FileInputStream;
import java.io.FileNotFoundException; import java.io.FileNotFoundException;
@ -34,6 +40,8 @@ import java.security.PrivateKey;
import java.security.UnrecoverableKeyException; import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate; import java.security.cert.Certificate;
import java.security.cert.CertificateException; import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.sql.SQLException;
public class KeyStoreReader { public class KeyStoreReader {
@ -206,20 +214,26 @@ public class KeyStoreReader {
public Certificate getCertificateByAlias(String alias) throws KeystoreException { public Certificate getCertificateByAlias(String alias) throws KeystoreException {
KeyStore keystore = loadCertificateKeyStore(); Certificate raCertificate = null;
Certificate raCertificate;
try { try {
raCertificate = keystore.getCertificate(alias); CertificateManagementDAOFactory.openConnection();
} catch (KeyStoreException e) { byte[] certificateBytes = CertificateManagementDAOFactory.getCertificateDAO().retrieveCertificate(alias);
String errorMsg = "KeyStore issue occurred when retrieving RA private key"; raCertificate = (Certificate) Serializer.deserialize(certificateBytes);
} catch (CertificateManagementDAOException e) {
String errorMsg = "Error when retrieving certificate the the database for the alias " + alias;
log.error(errorMsg, e); log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e); throw new KeystoreException(errorMsg, e);
} catch (ClassNotFoundException | IOException e) {
String errorMsg = "Error when deserializing saved certificate.";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (SQLException e) {
String errorMsg = "Error when making a connection to the database.";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} finally {
CertificateManagementDAOFactory.closeConnection();
} }
if (raCertificate == null) {
throw new KeystoreException("RA certificate not found in KeyStore");
}
return raCertificate; return raCertificate;
} }

@ -0,0 +1,45 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.internal;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
public class CertificateManagementDataHolder {
private DeviceManagementProviderService deviceManagementService;
private static CertificateManagementDataHolder thisInstance = new CertificateManagementDataHolder();
private CertificateManagementDataHolder() {}
public static CertificateManagementDataHolder getInstance() {
return thisInstance;
}
public DeviceManagementProviderService getDeviceManagementService() {
return deviceManagementService;
}
public void setDeviceManagementService(DeviceManagementProviderService deviceManagementService) {
this.deviceManagementService = deviceManagementService;
}
}

@ -15,17 +15,29 @@
* specific language governing permissions and limitations * specific language governing permissions and limitations
* under the License. * under the License.
*/ */
package org.wso2.carbon.certificate.mgt.core.internal; package org.wso2.carbon.certificate.mgt.core.internal;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.osgi.framework.BundleContext; import org.osgi.framework.BundleContext;
import org.osgi.service.component.ComponentContext; import org.osgi.service.component.ComponentContext;
import org.wso2.carbon.certificate.mgt.core.config.CertificateConfigurationManager;
import org.wso2.carbon.certificate.mgt.core.config.CertificateManagementConfig;
import org.wso2.carbon.certificate.mgt.core.config.datasource.DataSourceConfig;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService; import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService;
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementServiceImpl; import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementServiceImpl;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
/** /**
* @scr.component name="org.wso2.carbon.certificate.mgt" immediate="true" * @scr.component name="org.wso2.carbon.certificate.mgt" immediate="true"
* @scr.reference name="org.wso2.carbon.device.manager"
* interface="org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService"
* cardinality="1..1"
* policy="dynamic"
* bind="setDeviceManagementService"
* unbind="unsetDeviceManagementService"
*/ */
public class CertificateManagementServiceComponent { public class CertificateManagementServiceComponent {
@ -37,11 +49,16 @@ public class CertificateManagementServiceComponent {
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
log.debug("Initializing certificate management core bundle"); log.debug("Initializing certificate management core bundle");
} }
CertificateConfigurationManager.getInstance().initConfig();
CertificateManagementConfig config = CertificateConfigurationManager.getInstance().getPolicyManagementConfig();
DataSourceConfig dsConfig = config.getCertificateManagementRepository().getDataSourceConfig();
CertificateManagementDAOFactory.init(dsConfig);
BundleContext bundleContext = componentContext.getBundleContext(); BundleContext bundleContext = componentContext.getBundleContext();
bundleContext.registerService(CertificateManagementService.class.getName(), bundleContext.registerService(CertificateManagementService.class.getName(),
CertificateManagementServiceImpl.getInstance(), null); CertificateManagementServiceImpl.getInstance(), null);
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
log.debug("Certificate management core bundle has been successfully initialized"); log.debug("Certificate management core bundle has been successfully initialized");
} }
@ -55,4 +72,18 @@ public class CertificateManagementServiceComponent {
//do nothing //do nothing
} }
protected void setDeviceManagementService(DeviceManagementProviderService deviceManagerService) {
if (log.isDebugEnabled()) {
log.debug("Setting Device Management Service");
}
CertificateManagementDataHolder.getInstance().setDeviceManagementService(deviceManagerService);
}
protected void unsetDeviceManagementService(DeviceManagementProviderService deviceManagementService) {
if (log.isDebugEnabled()) {
log.debug("Removing Device Management Service");
}
CertificateManagementDataHolder.getInstance().setDeviceManagementService(null);
}
} }

@ -0,0 +1,26 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.util;
public final class CertificateManagementConstants {
public static final String DEVICE_CONFIG_XML_NAME = "cdm-config.xml";
}

@ -0,0 +1,94 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.util;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Document;
import org.wso2.carbon.certificate.mgt.core.config.datasource.DataSourceConfig;
import org.wso2.carbon.certificate.mgt.core.config.datasource.JNDILookupDefinition;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOUtil;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import javax.sql.DataSource;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.ObjectOutputStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.List;
public class CertificateManagerUtil {
private static final Log log = LogFactory.getLog(CertificateManagerUtil.class);
public static final String GENERAL_CONFIG_RESOURCE_PATH = "general";
public static final String MONITORING_FREQUENCY = "notifierFrequency";
public static Document convertToDocument(File file) throws CertificateManagementException {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
try {
DocumentBuilder docBuilder = factory.newDocumentBuilder();
return docBuilder.parse(file);
} catch (Exception e) {
throw new CertificateManagementException("Error occurred while parsing file, while converting " +
"to a org.w3c.dom.Document : " + e.getMessage(), e);
}
}
/**
* Resolve data source from the data source definition
*
* @param config data source configuration
* @return data source resolved from the data source definition
*/
public static DataSource resolveDataSource(DataSourceConfig config) {
DataSource dataSource = null;
if (config == null) {
throw new RuntimeException("Device Management Repository data source configuration " +
"is null and thus, is not initialized");
}
JNDILookupDefinition jndiConfig = config.getJndiLookupDefinition();
if (jndiConfig != null) {
if (log.isDebugEnabled()) {
log.debug("Initializing Device Management Repository data source using the JNDI " +
"Lookup Definition");
}
List<JNDILookupDefinition.JNDIProperty> jndiPropertyList =
jndiConfig.getJndiProperties();
if (jndiPropertyList != null) {
Hashtable<Object, Object> jndiProperties = new Hashtable<Object, Object>();
for (JNDILookupDefinition.JNDIProperty prop : jndiPropertyList) {
jndiProperties.put(prop.getName(), prop.getValue());
}
dataSource =
CertificateManagementDAOUtil.lookupDataSource(jndiConfig.getJndiName(), jndiProperties);
} else {
dataSource = CertificateManagementDAOUtil.lookupDataSource(jndiConfig.getJndiName(), null);
}
}
return dataSource;
}
}

@ -0,0 +1,67 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.util;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
/**
* Serialize/deserialize a given object to and from a byte array.
*/
public class Serializer {
/**
* Serialize a given object to a byte array.
* @param object object to be deserialized.
* @return byte array representing the object.
* @throws IOException
*/
public static byte[] serialize(Object object) throws IOException {
ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
if(objectOutputStream != null) {
objectOutputStream.writeObject(object);
objectOutputStream.flush();
objectOutputStream.close();
}
if(byteArrayOutputStream != null) {
byteArrayOutputStream.close();
}
return byteArrayOutputStream.toByteArray();
}
/**
* Deserialize a given object from a byte array.
* @param bytes array of bytes that makes up an object.
* @return resulted object after deserializing.
* @throws IOException
* @throws ClassNotFoundException
*/
public static Object deserialize(byte[] bytes) throws IOException, ClassNotFoundException {
ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bytes);
ObjectInputStream objectInputStream = new ObjectInputStream(byteArrayInputStream);
if(byteArrayInputStream != null) {
byteArrayInputStream.close();
}
return objectInputStream.readObject();
}
}
Loading…
Cancel
Save