ManifestSignatureRpc.java

/*
 * Copyright (C) 2013 Intel Corporation
 * All rights reserved.
 */
package com.intel.mtwilson.v2.vm.attestation.resource;

import com.intel.dcsg.cpg.crypto.CryptographyException;
import com.intel.dcsg.cpg.crypto.RsaCredentialX509;
import com.intel.mtwilson.v2.vm.attestation.model.ManifestSignatureInput;
import com.intel.mtwilson.launcher.ws.ext.V2;
import com.intel.mtwilson.v2.vm.attestation.model.ManifestSignature;
import javax.ws.rs.POST;
//import javax.ejb.Stateless;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import com.intel.mtwilson.My;
import com.intel.dcsg.cpg.crypto.SimpleKeystore;
import com.intel.mtwilson.jaxrs2.mediatype.DataMediaType;
import java.io.FileNotFoundException;
import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateEncodingException;
import javax.ws.rs.Consumes;
import org.apache.commons.codec.binary.Base64;

/**
 * POST /manifest-signature
 * Content-Type: application/xml
 * Request body:
 * <manifest_signature_input>
 *  <vm_image_id>123456</vm_image_id>
 *  <manifest_hash>abcdef01234567890</manifest_hash>
 * </manifest_signature_input>
 * 
 * Response body:
 * <manifest_signature>
 *  <vm_image_id>123456</vm_image_id>
 *  <manifest_hash>abcdef01234567890</manifest_hash>
 *  <customer_id>982734</customer_id>
 *  <signature>abcdef01234567890abcdef01234567890</signature>
 * </manifest_signature>
 * 
 * @author jbuhacoff
 */
@V2
//@Stateless
@Path("/manifest-signature")
public class ManifestSignatureRpc {
    private static final org.slf4j.Logger log = org.slf4j.LoggerFactory.getLogger(ManifestSignatureRpc.class);
    
    @POST
    @Consumes({MediaType.APPLICATION_JSON,MediaType.APPLICATION_XML,DataMediaType.APPLICATION_YAML,DataMediaType.TEXT_YAML})
    @Produces({MediaType.APPLICATION_JSON,MediaType.APPLICATION_XML,DataMediaType.APPLICATION_YAML,DataMediaType.TEXT_YAML})
    public ManifestSignature signImageManifest(ManifestSignatureInput input) throws KeyManagementException, FileNotFoundException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException, CertificateEncodingException, CryptographyException, InvalidKeyException, SignatureException {
        
        String vmblobXml = "<vm_manifest><customer_id>1234</customer_id><image_id>1235289</image_id><manifest_hash>aaaaaa</manifest_hash></vm_manifest>";
        
        SimpleKeystore keystore = new SimpleKeystore(My.configuration().getSamlKeystoreFile(), My.configuration().getSamlKeystorePassword());
        RsaCredentialX509 credential = keystore.getRsaCredentialX509("saml", My.configuration().getSamlKeystorePassword());
        byte[] signature = credential.signature(vmblobXml.getBytes(Charset.forName("UTF-8")));
        
        log.debug("retrieve version");
        ManifestSignature output = new ManifestSignature();
        output.setCustomerId("1234");
        output.setVmImageId("1235289");
        output.setManifestHash("aaaaaa");
        output.setDocument(vmblobXml);
        output.setSignature(Base64.encodeBase64String(signature));
        return output;
    }
    
}