001    /*
002     * Cumulus4j - Securing your data in the cloud - http://cumulus4j.org
003     * Copyright (C) 2011 NightLabs Consulting GmbH
004     *
005     * This program is free software: you can redistribute it and/or modify
006     * it under the terms of the GNU Affero General Public License as
007     * published by the Free Software Foundation, either version 3 of the
008     * License, or (at your option) any later version.
009     *
010     * This program is distributed in the hope that it will be useful,
011     * but WITHOUT ANY WARRANTY; without even the implied warranty of
012     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
013     * GNU Affero General Public License for more details.
014     *
015     * You should have received a copy of the GNU Affero General Public License
016     * along with this program.  If not, see <http://www.gnu.org/licenses/>.
017     */
018    package org.cumulus4j.keymanager.front.webapp;
019    
020    import java.io.IOException;
021    
022    import javax.ws.rs.Consumes;
023    import javax.ws.rs.POST;
024    import javax.ws.rs.Path;
025    import javax.ws.rs.PathParam;
026    import javax.ws.rs.Produces;
027    import javax.ws.rs.WebApplicationException;
028    import javax.ws.rs.core.MediaType;
029    import javax.ws.rs.core.Response;
030    import javax.ws.rs.core.Response.Status;
031    
032    import org.cumulus4j.keymanager.front.shared.DateDependentKeyStrategyInitParam;
033    import org.cumulus4j.keymanager.front.shared.DateDependentKeyStrategyInitResult;
034    import org.cumulus4j.keymanager.front.shared.Error;
035    import org.cumulus4j.keystore.DateDependentKeyStrategy;
036    import org.cumulus4j.keystore.KeyStore;
037    import org.cumulus4j.keystore.KeyStoreNotEmptyException;
038    import org.slf4j.Logger;
039    import org.slf4j.LoggerFactory;
040    
041    /**
042     * REST service to work with a {@link KeyStore} via the {@link DateDependentKeyStrategy}.
043     * At the moment, it only provides an initialisation method, but others might follow later.
044     *
045     * @author Marco หงุ่ยตระกูล-Schulze - marco at nightlabs dot de
046     */
047    @Path("DateDependentKeyStrategy")
048    @Consumes({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
049    @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
050    public class DateDependentKeyStrategyService extends AbstractService
051    {
052            private static final Logger logger = LoggerFactory.getLogger(DateDependentKeyStrategyService.class);
053    
054            /**
055             * Initialise a {@link KeyStore} by delegating to {@link DateDependentKeyStrategy#init(String, char[], long, long)}.
056             * @param keyStoreID identifier of the key-store to work with.
057             * @param param parameters controlling how the initialisation should behave.
058             * @return summary-result of the initialisation.
059             */
060            @Path("{keyStoreID}/init")
061            @POST
062            public DateDependentKeyStrategyInitResult init(@PathParam("keyStoreID") String keyStoreID, DateDependentKeyStrategyInitParam param)
063            {
064                    DateDependentKeyStrategyInitResult result = new DateDependentKeyStrategyInitResult();
065                    Auth auth = getAuth();
066                    try {
067                            KeyStore keyStore = keyStoreManager.getKeyStore(keyStoreID);
068                            new DateDependentKeyStrategy(keyStore).init(
069                                            auth.getUserName(), auth.getPassword(),
070                                            param.getKeyActivityPeriodMSec(), param.getKeyStorePeriodMSec()
071                            );
072    
073                            result.setGeneratedKeyCount(
074                                            keyStore.getKeyIDs(auth.getUserName(), auth.getPassword()).size()
075                            );
076    
077                            return result;
078                    } catch (KeyStoreNotEmptyException e) {
079                            logger.debug("init: " + e.toString(), e); // client error (no internal error) => debug only
080                            throw new WebApplicationException(Response.status(Status.BAD_REQUEST).entity(new Error(e)).build());
081                    } catch (IOException e) {
082                            logger.error("init: " + e.toString(), e);
083                            throw new WebApplicationException(Response.status(Status.INTERNAL_SERVER_ERROR).entity(new Error(e)).build());
084                    } catch (Exception e) {
085                            logger.error("init: " + e.toString(), e);
086                            throw new WebApplicationException(Response.status(Status.INTERNAL_SERVER_ERROR).entity(new Error(e)).build());
087                    } finally {
088                            auth.clear();
089                    }
090            }
091    }