package at.gv.egiz.eaaf.core.impl.credential;
import java.util.Map;
import javax.annotation.Nonnull;
import org.apache.commons.lang3.StringUtils;
import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
import lombok.Getter;
import lombok.Setter;
import lombok.extern.slf4j.Slf4j;
@Slf4j
@Getter
@Setter
public class SymmetricKeyConfiguration {
public static final String PROP_CONFIG_KEY_TYPE =
"key.type";
public static final String PROP_CONFIG_HSMFACADE_NAME =
"keystore.name";
public static final String PROP_CONFIG_HSM_KEY_ALIAS =
"key.alias";
public static final String PROP_CONFIG_SOFTWARE_KEY_PASSPHRASE =
"key.passphrase";
public static final String PROP_CONFIG_SOFTWARE_KEY_SALT =
"key.salt";
/**
* FriendlyName for this KeyStore. Mainly used for logging.
*/
private String friendlyName;
/**
* General type of the KeyStore that should be generated.
*/
private SymmetricKeyType keyType;
/**
* Name of the KeyStore in HSM Facade.
*/
private String keyStoreName;
/**
* Alias of the Key in HSM Facade keystore.
*/
private String keyAlias;
/**
* Software key passphrase.
*/
private String softKeyPassphrase;
/**
* Software key salt.
*/
private String softKeySalt;
/**
* Build a {@link SymmetricKeyConfiguration} from a configuration map.
*
* The configuration parameters defined in this class are used to load the
* configuration.
*
*
* @param config Configuration
* @param friendlyName FriendlyName for this KeyStore
* @return Configuration object for {@link EaafKeyStoreFactory}
* @throws EaafConfigurationException In case of a configuration error.
*/
public static SymmetricKeyConfiguration buildFromConfigurationMap(Map config,
String friendlyName) throws EaafConfigurationException {
final SymmetricKeyConfiguration internalConfig = new SymmetricKeyConfiguration();
internalConfig.setFriendlyName(friendlyName);
final SymmetricKeyType internalKeyStoreType = SymmetricKeyType.fromString(
getConfigurationParameter(config, PROP_CONFIG_KEY_TYPE));
if (internalKeyStoreType != null) {
internalConfig.setKeyType(internalKeyStoreType);
} else {
log.error("Symmetric Key-configuration: {} sets an unknown Keytype: {}",
friendlyName, getConfigurationParameter(config, PROP_CONFIG_KEY_TYPE));
throw new EaafConfigurationException(EaafKeyStoreFactory.ERRORCODE_01,
new Object[] { friendlyName });
}
if (internalKeyStoreType.equals(SymmetricKeyType.HSMFACADE)) {
log.trace("Set-up HSM-Facade Symmentric-Key ... ");
internalConfig.setKeyStoreName(getConfigurationParameter(config, PROP_CONFIG_HSMFACADE_NAME));
internalConfig.setKeyAlias(getConfigurationParameter(config, PROP_CONFIG_HSM_KEY_ALIAS));
} else {
log.trace("Set-up software passphrase based symmetric key ... ");
internalConfig.setSoftKeyPassphrase(getConfigurationParameter(config, PROP_CONFIG_SOFTWARE_KEY_PASSPHRASE));
internalConfig.setSoftKeySalt(getConfigurationParameter(config, PROP_CONFIG_SOFTWARE_KEY_SALT));
}
return internalConfig;
}
/**
* Set the Type of the symmetric key based on String identifier.
*
* @param keyType String based KeyStore type
* @throws EaafConfigurationException In case of an unknown KeyStore type
*/
public void setKeyType(@Nonnull String keyType) throws EaafConfigurationException {
final SymmetricKeyType internalKeyStoreType = SymmetricKeyType.fromString(keyType);
if (internalKeyStoreType != null) {
setKeyType(internalKeyStoreType);
} else {
log.error("KeyStore: {} sets an unknown KeyStore type: {}",
friendlyName, keyType);
throw new EaafConfigurationException(EaafKeyStoreFactory.ERRORCODE_01,
new Object[] { friendlyName });
}
}
/**
* Set the Type of the symmetric Key based on String identifier.
*
* @param type of tke symmetric key
*/
public void setKeyType(@Nonnull SymmetricKeyType type) {
this.keyType = type;
}
/**
* Validate the internal state of this configuration object.
*
* @throws EaafConfigurationException In case of a configuration error
*/
public void validate() throws EaafConfigurationException {
if (SymmetricKeyType.HSMFACADE.equals(keyType)) {
log.trace("Validate HSM-Facade symmetric key ... ");
checkConfigurationValue(keyStoreName, EaafKeyStoreFactory.ERRORCODE_07,
friendlyName, "Missing 'KeyStoreName' for HSM-Facade");
checkConfigurationValue(keyAlias, EaafKeyStoreFactory.ERRORCODE_07,
friendlyName, "Missing 'KeyAlias' for HSM-Facade");
} else {
log.trace("Validate passphrase based symmetric key ... ");
checkConfigurationValue(softKeyPassphrase, EaafKeyStoreFactory.ERRORCODE_07,
friendlyName, "Missing 'passphrase' for symmetric-key generation");
checkConfigurationValue(softKeySalt, EaafKeyStoreFactory.ERRORCODE_07,
friendlyName, "Missing 'salt' for symmetric-key generation");
}
}
public enum SymmetricKeyType {
PASSPHRASE("passphrase"), HSMFACADE("hsmfacade");
private final String keyType;
SymmetricKeyType(final String keyStoreType) {
this.keyType = keyStoreType;
}
/**
* Get Type of this Key.
*
* @return
*/
public String getKeyType() {
return this.keyType;
}
/**
* Get KeyType from String representation.
*
* @param s Config parameter
* @return
*/
public static SymmetricKeyType fromString(final String s) {
try {
return SymmetricKeyType.valueOf(s.toUpperCase());
} catch (IllegalArgumentException | NullPointerException e) {
return null;
}
}
@Override
public String toString() {
return getKeyType();
}
}
@Nonnull
private static String getConfigurationParameter(@Nonnull Map config,
@Nonnull String configParamKey)
throws EaafConfigurationException {
final String configValue = config.get(configParamKey);
checkConfigurationValue(configValue, EaafKeyStoreFactory.ERRORCODE_04, configParamKey);
return configValue;
}
private static void checkConfigurationValue(String configValue, String errorCode, String... params)
throws EaafConfigurationException {
if (StringUtils.isEmpty(configValue)) {
throw new EaafConfigurationException(errorCode,
params);
}
}
}