1package OpenXPKI::Server::Workflow::Activity::NICE::GenerateKey;
2
3use strict;
4use base qw( OpenXPKI::Server::Workflow::Activity );
5
6use OpenXPKI::Server::Context qw( CTX );
7use OpenXPKI::Exception;
8use OpenXPKI::Debug;
9use Data::Dumper;
10use OpenXPKI::Server::NICE::Factory;
11
12sub execute {
13
14    my $self       = shift;
15    my $workflow   = shift;
16    my $context    = $workflow->context();
17
18    my $params = $self->param();
19    delete $params->{'target_key'} if (defined $params->{'target_key'});
20
21    my $key_alg = $params->{'key_alg'};
22    my $key_gen_params = $params->{'key_gen_params'};
23    my $password = $params->{'password'};
24    my $transport = {
25        password => $params->{'password'},
26        algorithm => $params->{'enc_alg'},
27    };
28    delete $params->{'key_alg'};
29    delete $params->{'password'};
30    delete $params->{'enc_alg'};
31    delete $params->{'key_gen_params'};
32
33    CTX('log')->audit('key')->info("generating private key via NICE");
34
35    ##! 32: 'NICE generatekey parameters ' . Dumper $params
36    my $nice_backend = OpenXPKI::Server::NICE::Factory->getHandler( $self );
37
38    my $private_key = $nice_backend->generateKey( '', $key_alg, $key_gen_params, $transport, $params );
39
40    ##! 32: 'NICE key result ' . Dumper $private_key
41    my $target_key = $self->param('target_key') || 'private_key';
42    $context->param($target_key => $private_key);
43
44    if (!$private_key) {
45        my $error = $nice_backend->get_last_error() || 'I18N_OPENXPKI_UI_UNABLE_TO_GENERATE_PRIVATE_KEY';
46        CTX('log')->application()->error($error);
47        $context->param( 'error_code' =>  $error );
48    }
49
50    return 1;
51}
52
531;
54__END__
55
56=head1 Name
57
58OpenXPKI::Server::Workflow::Activity::NICE::GenerateKey
59
60=head1 Description
61
62Parameters which are common for all backends are given below, any additional
63parameter set in the activity is handed over as additional parameter hash
64to the backend class.
65
66The result of the call is written to target key, depending on the
67implementation this can be the key itself or any other data structure.
68
69If the backend does not return a key, the error message is written to
70I<error_code> and the target_key is empty.
71
72=head1 Configuration
73
74=head2 Activity Parameters
75
76=over
77
78=item key_alg
79
80Mapped unmodified to key_alg of the api method, set to 'rsa' of not set.
81
82=item enc_alg
83
84Mapped unmodified to key_alg of the api method, set to 'aes256' of not set.
85
86=item password
87
88Password to encrypt the key with, mandatory.
89
90=item key_gen_params
91
92If parameter is given, it must be a hash. The values given in the key
93I<curve_name> and I<key_length> are mapped to the api method as is. Other
94keys are silently ignored, no defaults are applied (default key lenght for
95RSA/DSA is set in the API method).
96
97=item target_key
98
99The context value to write the result key to. Default is private_key.
100
101=back
102