Added an additional catch statement to the parsing of Certificates that are PEM in case of a DecoderException for Base64.decode method. Instead of going to a blank page with the error, the ACA catches the exception and states on the page in which the file was uploaded to.

2025-02-20 01:36:15 +00:00 · 2021-06-10 11:19:38 -04:00 · 2021-06-10 11:19:38 -04:00 · 1ec644eccc
commit 1ec644eccc
parent 71ec0cbd97
1 changed files with 30 additions and 22 deletions
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/CertificateRequestPageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/CertificateRequestPageController.java
@ -1,5 +1,6 @@
 package hirs.attestationca.portal.page.controllers;

+import hirs.FilteredRecordsList;
 import hirs.attestationca.portal.datatables.DataTableInput;
 import hirs.attestationca.portal.datatables.DataTableResponse;
 import hirs.attestationca.portal.datatables.OrderedListQueryDataTableAdapter;
@ -8,26 +9,6 @@ import hirs.attestationca.portal.page.PageController;
 import hirs.attestationca.portal.page.PageMessages;
 import hirs.attestationca.portal.page.params.NoPageParams;
 import hirs.attestationca.portal.util.CertificateStringMapBuilder;
-import java.io.IOException;
-import java.net.URISyntaxException;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.UUID;
-import javax.servlet.http.HttpServletResponse;
-import org.apache.logging.log4j.Logger;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Controller;
-import org.springframework.ui.Model;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.servlet.ModelAndView;
-
-import static org.apache.logging.log4j.LogManager.getLogger;
-import org.hibernate.Criteria;
-import org.hibernate.criterion.Restrictions;
-import org.hibernate.sql.JoinType;
-import hirs.FilteredRecordsList;
 import hirs.data.persist.certificate.Certificate;
 import hirs.data.persist.certificate.CertificateAuthorityCredential;
 import hirs.data.persist.certificate.EndorsementCredential;
@ -38,17 +19,38 @@ import hirs.persist.CriteriaModifier;
 import hirs.persist.CrudManager;
 import hirs.persist.DBManagerException;
 import hirs.persist.OrderedListQuerier;
-import java.util.List;
-import java.util.stream.Collectors;
+import org.apache.logging.log4j.Logger;
+import org.bouncycastle.util.encoders.DecoderException;
+import org.hibernate.Criteria;
+import org.hibernate.criterion.Restrictions;
+import org.hibernate.sql.JoinType;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.MediaType;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.multipart.MultipartFile;
+import org.springframework.web.servlet.ModelAndView;
 import org.springframework.web.servlet.mvc.support.RedirectAttributes;
 import org.springframework.web.servlet.view.RedirectView;

+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.UUID;
+import java.util.stream.Collectors;
+
+import static org.apache.logging.log4j.LogManager.getLogger;
+
 /**
 * Controller for the Device page.
 */
@ -627,6 +629,12 @@ public class CertificateRequestPageController extends PageController<NoPageParam
            LOGGER.error(failMessage, e);
            messages.addError(failMessage + e.getMessage());
            return null;
+        } catch (DecoderException dEx) {
+            final String failMessage = String.format(
+                    "Failed to parse uploaded pem file (%s): ", fileName);
+            LOGGER.error(failMessage, dEx);
+            messages.addError(failMessage + dEx.getMessage());
+            return null;
        } catch (IllegalArgumentException e) {
            final String failMessage = String.format(
                    "Certificate format not recognized(%s): ", fileName);