Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -52,9 +52,9 @@
*
*/
@Component
public class SessionKeyDecrytorHelper {
public class SessionKeyDecryptorHelper {

private static final Logger LOGGER = KeymanagerLogger.getLogger(SessionKeyDecrytorHelper.class);
private static final Logger LOGGER = KeymanagerLogger.getLogger(SessionKeyDecryptorHelper.class);

/**
* {@link CryptoCoreSpec} instance for cryptographic functionalities.
Expand Down Expand Up @@ -352,7 +352,7 @@ private Object[] getPrivateKey(String referenceId, KeyAlias fetchedKeyAlias) {
String ksAlias = fetchedKeyAlias.getAlias();
Optional<io.mosip.kernel.keymanagerservice.entity.KeyStore> dbKeyStore = dbHelper.getKeyStoreFromDB(ksAlias);
if (!dbKeyStore.isPresent()) {
LOGGER.error(KeymanagerConstant.SESSIONID, KeymanagerConstant.KEYFROMDB, dbKeyStore.toString(),
LOGGER.error(KeymanagerConstant.SESSIONID, KeymanagerConstant.KEYFROMDB, KeymanagerConstant.EMPTY,
"Key in DBStore does not exist for this alias. Throwing exception");
throw new NoUniqueAliasException(KeymanagerErrorConstant.NO_UNIQUE_ALIAS.getErrorCode(),
KeymanagerErrorConstant.NO_UNIQUE_ALIAS.getErrorMessage());
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@
import io.mosip.kernel.keymanagerservice.exception.KeymanagerServiceException;
import io.mosip.kernel.keymanagerservice.exception.NoUniqueAliasException;
import io.mosip.kernel.keymanagerservice.helper.KeymanagerDBHelper;
import io.mosip.kernel.keymanagerservice.helper.SessionKeyDecrytorHelper;
import io.mosip.kernel.keymanagerservice.helper.SessionKeyDecryptorHelper;
import io.mosip.kernel.keymanagerservice.logger.KeymanagerLogger;
import io.mosip.kernel.keymanagerservice.service.KeymanagerService;
import io.mosip.kernel.keymanagerservice.util.KeymanagerUtil;
Expand Down Expand Up @@ -154,7 +154,7 @@ public class KeymanagerServiceImpl implements KeymanagerService {
CryptomanagerUtils cryptomanagerUtil;

@Autowired
SessionKeyDecrytorHelper keyDecryptorHelper;
SessionKeyDecryptorHelper keyDecryptorHelper;

@Autowired
private ECKeyPairGenRequestValidator ecKeyPairGenRequestValidator;
Expand Down Expand Up @@ -306,7 +306,7 @@ private CertificateInfo<X509Certificate> getCertificateFromDBStore(String applic
Optional<io.mosip.kernel.keymanagerservice.entity.KeyStore> keyFromDBStore = dbHelper
.getKeyStoreFromDB(currentKeyAlias.get(0).getAlias());
if (!keyFromDBStore.isPresent()) {
LOGGER.info(KeymanagerConstant.SESSIONID, KeymanagerConstant.KEYFROMDB, keyFromDBStore.toString(),
LOGGER.info(KeymanagerConstant.SESSIONID, KeymanagerConstant.KEYFROMDB, KeymanagerConstant.EMPTY,
"Key in DBStore does not exist for this alias. Throwing exception");
throw new NoUniqueAliasException(KeymanagerErrorConstant.NO_UNIQUE_ALIAS.getErrorCode(),
KeymanagerErrorConstant.NO_UNIQUE_ALIAS.getErrorMessage());
Expand Down Expand Up @@ -934,7 +934,7 @@ private KeyAlias getKeyAlias(String appId, String refId){
private Object[] getKeyDetails(Optional<io.mosip.kernel.keymanagerservice.entity.KeyStore> keyFromDBStore, String keyAlias) {

if (!keyFromDBStore.isPresent()) {
LOGGER.info(KeymanagerConstant.SESSIONID, KeymanagerConstant.KEYFROMDB, keyFromDBStore.toString(),
LOGGER.info(KeymanagerConstant.SESSIONID, KeymanagerConstant.KEYFROMDB, KeymanagerConstant.KEYALIAS,
"Key in DBStore does not exist for this alias. So fetching the certificate from HSM.");
PrivateKeyEntry signKeyEntry = keyStore.getAsymmetricKey(keyAlias);
PrivateKey signPrivateKey = signKeyEntry.getPrivateKey();
Expand All @@ -945,16 +945,16 @@ private Object[] getKeyDetails(Optional<io.mosip.kernel.keymanagerservice.entity
LOGGER.info(KeymanagerConstant.SESSIONID, KeymanagerConstant.EMPTY, KeymanagerConstant.EMPTY,
"Getting Master Key entry from keystore. for master key alias: " + keyFromDBStore.get().getMasterAlias());
PrivateKeyEntry masterKeyEntry = keyStore.getAsymmetricKey(keyFromDBStore.get().getMasterAlias());
LOGGER.info(KeymanagerConstant.SESSIONID, KeymanagerConstant.KEYFROMDB, keyFromDBStore.toString(),
"master key entry found." + masterKeyEntry);
LOGGER.info(KeymanagerConstant.SESSIONID, KeymanagerConstant.KEYFROMDB, KeymanagerConstant.EMPTY,
"master key entry found.");
PrivateKey masterPrivateKey = masterKeyEntry.getPrivateKey();
PublicKey masterPublicKey = masterKeyEntry.getCertificate().getPublicKey();
LOGGER.info(KeymanagerConstant.SESSIONID, KeymanagerConstant.EMPTY, KeymanagerConstant.EMPTY,
"Decrypt the encrypted private key using HSM master key");
byte[] decryptedPrivateKey = keymanagerUtil.decryptKey(CryptoUtil.decodeURLSafeBase64(keyFromDBStore.get().getPrivateKey()),
masterPrivateKey, masterPublicKey, keyStore.getKeystoreProviderName());
LOGGER.info(KeymanagerConstant.SESSIONID, KeymanagerConstant.KEYFROMDB, keyFromDBStore.toString(),
"Decrypted Private Key byte length: " + decryptedPrivateKey.length);
LOGGER.info(KeymanagerConstant.SESSIONID, KeymanagerConstant.KEYFROMDB, KeymanagerConstant.EMPTY,
"Private key decrypted from HSM master key.");
LOGGER.info(KeymanagerConstant.SESSIONID, KeymanagerConstant.EMPTY, KeymanagerConstant.EMPTY,
"constructing the certificate from db certificate data.");
X509Certificate x509Cert = (X509Certificate) keymanagerUtil.convertToCertificate(keyFromDBStore.get().getCertificateData());
Expand Down
Loading