mirror of
https://github.com/nsacyber/HIRS.git
synced 2025-01-19 11:16:59 +00:00
Merge pull request #630 from nsacyber/v3_server-ui-fixes
V3 server UI fixes
This commit is contained in:
Cyrus
GitHub
commit
6191c5b086
@ -3,6 +3,7 @@ package hirs.attestationca.persist.entity;
|
||||
import jakarta.persistence.Column;
|
||||
import jakarta.persistence.MappedSuperclass;
|
||||
import lombok.Getter;
|
||||
import lombok.Setter;
|
||||
import lombok.ToString;
|
||||
import org.hibernate.annotations.JdbcTypeCode;
|
||||
import org.hibernate.type.SqlTypes;
|
||||
@ -13,7 +14,6 @@ import java.util.Date;
|
||||
* An abstract archivable entity that can be deleted.
|
||||
*/
|
||||
@ToString
|
||||
@Getter
|
||||
@MappedSuperclass
|
||||
public abstract class ArchivableEntity extends AbstractEntity {
|
||||
|
||||
@ -22,6 +22,11 @@ public abstract class ArchivableEntity extends AbstractEntity {
|
||||
*/
|
||||
public static final int MAX_MESSAGE_LENGTH = 2400;
|
||||
|
||||
@Getter
|
||||
@Setter
|
||||
@Column(nullable = false)
|
||||
private boolean archiveFlag = false;
|
||||
|
||||
@Column(name = "archived_time")
|
||||
private Date archivedTime;
|
||||
|
||||
@ -55,8 +60,10 @@ public abstract class ArchivableEntity extends AbstractEntity {
|
||||
* false is archived time is already set, signifying the entity has been archived.
|
||||
*/
|
||||
public final boolean archive() {
|
||||
this.archiveFlag = false;
|
||||
if (this.archivedTime == null) {
|
||||
this.archivedTime = new Date();
|
||||
archiveFlag = true;
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
@ -79,6 +86,21 @@ public abstract class ArchivableEntity extends AbstractEntity {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the timestamp of when the entity was archived if applicable. If the
|
||||
* entity has not been resolved, then null is returned.
|
||||
*
|
||||
* @return archivedTime
|
||||
* If entity was archived, timestamp of the occurrence, null otherwise.
|
||||
*/
|
||||
public final Date getArchivedTime() {
|
||||
if (archivedTime == null) {
|
||||
return null;
|
||||
} else {
|
||||
return (Date) archivedTime.clone();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the archivedTime to null. The archivedTime being null signifies that the entity has
|
||||
* not been archived. If the time is already null then this call was unnecessary.
|
||||
@ -91,6 +113,7 @@ public abstract class ArchivableEntity extends AbstractEntity {
|
||||
if (this.archivedTime != null) {
|
||||
this.archivedTime = null;
|
||||
this.archivedDescription = null;
|
||||
archiveFlag = false;
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
|
||||
@ -1,8 +1,9 @@
|
||||
package hirs.attestationca.persist.entity.manager;
|
||||
|
||||
import hirs.attestationca.persist.entity.userdefined.certificate.CertificateAuthorityCredential;
|
||||
import org.springframework.data.domain.Page;
|
||||
import org.springframework.data.domain.Pageable;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.data.jpa.repository.Query;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
import java.util.List;
|
||||
@ -11,9 +12,8 @@ import java.util.UUID;
|
||||
@Repository
|
||||
public interface CACredentialRepository extends JpaRepository<CertificateAuthorityCredential, UUID> {
|
||||
|
||||
@Query(value = "SELECT * FROM Certificate where DTYPE='CertificateAuthorityCredential'", nativeQuery = true)
|
||||
@Override
|
||||
List<CertificateAuthorityCredential> findAll();
|
||||
List<CertificateAuthorityCredential> findByArchiveFlag(boolean archiveFlag);
|
||||
Page<CertificateAuthorityCredential> findByArchiveFlag(boolean archiveFlag, Pageable pageable);
|
||||
List<CertificateAuthorityCredential> findBySubject(String subject);
|
||||
List<CertificateAuthorityCredential> findBySubjectSorted(String subject);
|
||||
CertificateAuthorityCredential findBySubjectKeyIdentifier(byte[] subjectKeyIdentifier);
|
||||
|
||||
@ -13,7 +13,7 @@ import java.util.List;
|
||||
import java.util.UUID;
|
||||
|
||||
@Repository
|
||||
public interface CertificateRepository<T extends Certificate> extends JpaRepository<Certificate, UUID> {
|
||||
public interface CertificateRepository extends JpaRepository<Certificate, UUID> {
|
||||
|
||||
@Query(value = "SELECT * FROM Certificate where id = ?1", nativeQuery = true)
|
||||
Certificate getCertificate(UUID uuid);
|
||||
@ -22,7 +22,7 @@ public interface CertificateRepository<T extends Certificate> extends JpaReposit
|
||||
@Query(value = "SELECT * FROM Certificate where issuerSorted = ?1 AND DTYPE = ?2", nativeQuery = true)
|
||||
List<Certificate> findBySubjectSorted(String issuedSort, String dType);
|
||||
@Query(value = "SELECT * FROM Certificate where DTYPE = ?1", nativeQuery = true)
|
||||
List<T> findByAll(String dType);
|
||||
List<Certificate> findByType(String dType);
|
||||
@Query(value = "SELECT * FROM Certificate where serialNumber = ?1 AND DTYPE = ?2", nativeQuery = true)
|
||||
Certificate findBySerialNumber(BigInteger serialNumber, String dType);
|
||||
@Query(value = "SELECT * FROM Certificate where platformSerial = ?1 AND DTYPE = 'PlatformCredential'", nativeQuery = true)
|
||||
@ -32,7 +32,7 @@ public interface CertificateRepository<T extends Certificate> extends JpaReposit
|
||||
@Query(value = "SELECT * FROM Certificate where holderSerialNumber = ?1 AND DTYPE = 'PlatformCredential'", nativeQuery = true)
|
||||
List<PlatformCredential> getByHolderSerialNumber(BigInteger holderSerialNumber);
|
||||
@Query(value = "SELECT * FROM Certificate where certificateHash = ?1 AND DTYPE = ?2", nativeQuery = true)
|
||||
T findByCertificateHash(int certificateHash, String dType);
|
||||
Certificate findByCertificateHash(int certificateHash, String dType);
|
||||
EndorsementCredential findByPublicKeyModulusHexValue(String publicKeyModulusHexValue);
|
||||
IssuedAttestationCertificate findByDeviceId(UUID deviceId);
|
||||
Certificate findByCertificateHash(int certificateHash);
|
||||
|
||||
@ -1,9 +1,9 @@
|
||||
package hirs.attestationca.persist.entity.manager;
|
||||
|
||||
import hirs.attestationca.persist.entity.userdefined.certificate.EndorsementCredential;
|
||||
import hirs.attestationca.persist.entity.userdefined.certificate.PlatformCredential;
|
||||
import org.springframework.data.domain.Page;
|
||||
import org.springframework.data.domain.Pageable;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.data.jpa.repository.Query;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
import java.math.BigInteger;
|
||||
@ -13,8 +13,8 @@ import java.util.UUID;
|
||||
@Repository
|
||||
public interface EndorsementCredentialRepository extends JpaRepository<EndorsementCredential, UUID> {
|
||||
|
||||
@Override
|
||||
List<EndorsementCredential> findAll();
|
||||
List<EndorsementCredential> findByArchiveFlag(boolean archiveFlag);
|
||||
Page<EndorsementCredential> findByArchiveFlag(boolean archiveFlag, Pageable pageable);
|
||||
EndorsementCredential findByHolderSerialNumber(BigInteger holderSerialNumber);
|
||||
List<EndorsementCredential> findByDeviceId(UUID deviceId);
|
||||
}
|
||||
|
||||
@ -1,8 +1,9 @@
|
||||
package hirs.attestationca.persist.entity.manager;
|
||||
|
||||
import hirs.attestationca.persist.entity.userdefined.certificate.IssuedAttestationCertificate;
|
||||
import org.springframework.data.domain.Page;
|
||||
import org.springframework.data.domain.Pageable;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.data.jpa.repository.Query;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
import java.util.List;
|
||||
@ -11,8 +12,7 @@ import java.util.UUID;
|
||||
@Repository
|
||||
public interface IssuedCertificateRepository extends JpaRepository<IssuedAttestationCertificate, UUID> {
|
||||
|
||||
@Query(value = "SELECT * FROM Certificate where DTYPE='IssuedAttestationCertificate'", nativeQuery = true)
|
||||
@Override
|
||||
List<IssuedAttestationCertificate> findAll();
|
||||
List<IssuedAttestationCertificate> findByArchiveFlag(boolean archiveFlag);
|
||||
Page<IssuedAttestationCertificate> findByArchiveFlag(boolean archiveFlag, Pageable pageable);
|
||||
List<IssuedAttestationCertificate> findByDeviceId(UUID deviceId);
|
||||
}
|
||||
@ -1,6 +1,8 @@
|
||||
package hirs.attestationca.persist.entity.manager;
|
||||
|
||||
import hirs.attestationca.persist.entity.userdefined.certificate.PlatformCredential;
|
||||
import org.springframework.data.domain.Page;
|
||||
import org.springframework.data.domain.Pageable;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
@ -10,7 +12,7 @@ import java.util.UUID;
|
||||
@Repository
|
||||
public interface PlatformCertificateRepository extends JpaRepository<PlatformCredential, UUID> {
|
||||
|
||||
@Override
|
||||
List<PlatformCredential> findAll();
|
||||
List<PlatformCredential> findByArchiveFlag(boolean archiveFlag);
|
||||
Page<PlatformCredential> findByArchiveFlag(boolean archiveFlag, Pageable pageable);
|
||||
List<PlatformCredential> findByDeviceId(UUID deviceId);
|
||||
}
|
||||
|
||||
@ -4,6 +4,8 @@ import hirs.attestationca.persist.entity.userdefined.ReferenceManifest;
|
||||
import hirs.attestationca.persist.entity.userdefined.rim.BaseReferenceManifest;
|
||||
import hirs.attestationca.persist.entity.userdefined.rim.EventLogMeasurements;
|
||||
import hirs.attestationca.persist.entity.userdefined.rim.SupportReferenceManifest;
|
||||
import org.springframework.data.domain.Page;
|
||||
import org.springframework.data.domain.Pageable;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.data.jpa.repository.Query;
|
||||
import org.springframework.stereotype.Repository;
|
||||
@ -18,7 +20,7 @@ public interface ReferenceManifestRepository extends JpaRepository<ReferenceMani
|
||||
ReferenceManifest findByBase64Hash(String base64Hash);
|
||||
ReferenceManifest findByHexDecHashAndRimType(String hexDecHash, String rimType);
|
||||
@Query(value = "SELECT * FROM ReferenceManifest WHERE platformManufacturer = ?1 AND platformModel = ?2 AND rimType = 'Base'", nativeQuery = true)
|
||||
BaseReferenceManifest getBaseByManufacturerModel(String manufacturer, String model);
|
||||
List<BaseReferenceManifest> getBaseByManufacturerModel(String manufacturer, String model);
|
||||
@Query(value = "SELECT * FROM ReferenceManifest WHERE platformManufacturer = ?1 AND DTYPE = ?2", nativeQuery = true)
|
||||
List<BaseReferenceManifest> getByManufacturer(String manufacturer, String dType);
|
||||
@Query(value = "SELECT * FROM ReferenceManifest WHERE platformModel = ?1 AND DTYPE = ?2", nativeQuery = true)
|
||||
@ -41,4 +43,6 @@ public interface ReferenceManifestRepository extends JpaRepository<ReferenceMani
|
||||
List<SupportReferenceManifest> getSupportByManufacturerModel(String manufacturer, String model);
|
||||
@Query(value = "SELECT * FROM ReferenceManifest WHERE platformModel = ?1 AND DTYPE = 'EventLogMeasurements'", nativeQuery = true)
|
||||
EventLogMeasurements getLogByModel(String model);
|
||||
List<ReferenceManifest> findByArchiveFlag(boolean archiveFlag);
|
||||
Page<ReferenceManifest> findByArchiveFlag(boolean archiveFlag, Pageable pageable);
|
||||
}
|
||||
|
||||
@ -448,7 +448,7 @@ public class IdentityClaimProcessor extends AbstractProcessor {
|
||||
referenceManifestRepository.delete(measurements);
|
||||
}
|
||||
|
||||
BaseReferenceManifest baseRim = referenceManifestRepository
|
||||
List<BaseReferenceManifest> baseRims = referenceManifestRepository
|
||||
.getBaseByManufacturerModel(dv.getHw().getManufacturer(),
|
||||
dv.getHw().getProductName());
|
||||
measurements = temp;
|
||||
@ -456,20 +456,21 @@ public class IdentityClaimProcessor extends AbstractProcessor {
|
||||
measurements.setPlatformModel(dv.getHw().getProductName());
|
||||
measurements.setTagId(tagId);
|
||||
measurements.setDeviceName(dv.getNw().getHostname());
|
||||
if (baseRim != null) {
|
||||
measurements.setAssociatedRim(baseRim.getAssociatedRim());
|
||||
}
|
||||
measurements.archive();
|
||||
|
||||
this.referenceManifestRepository.save(measurements);
|
||||
|
||||
if (baseRim != null) {
|
||||
// pull the base versions of the swidtag and rimel and set the
|
||||
// event log hash for use during provision
|
||||
SupportReferenceManifest sBaseRim = referenceManifestRepository
|
||||
.getSupportRimEntityById(baseRim.getAssociatedRim());
|
||||
baseRim.setEventLogHash(temp.getHexDecHash());
|
||||
sBaseRim.setEventLogHash(temp.getHexDecHash());
|
||||
referenceManifestRepository.save(baseRim);
|
||||
referenceManifestRepository.save(sBaseRim);
|
||||
for (BaseReferenceManifest baseRim : baseRims) {
|
||||
if (baseRim != null) {
|
||||
// pull the base versions of the swidtag and rimel and set the
|
||||
// event log hash for use during provision
|
||||
SupportReferenceManifest sBaseRim = referenceManifestRepository
|
||||
.getSupportRimEntityById(baseRim.getAssociatedRim());
|
||||
baseRim.setEventLogHash(temp.getHexDecHash());
|
||||
sBaseRim.setEventLogHash(temp.getHexDecHash());
|
||||
referenceManifestRepository.save(baseRim);
|
||||
referenceManifestRepository.save(sBaseRim);
|
||||
}
|
||||
}
|
||||
} catch (IOException ioEx) {
|
||||
log.error(ioEx);
|
||||
|
||||
@ -235,7 +235,7 @@ public class CertificatePageController extends PageController<NoPageParams> {
|
||||
// serial number. (pc.HolderSerialNumber = ec.SerialNumber)
|
||||
if (certificateType.equals(PLATFORMCREDENTIAL)) {
|
||||
FilteredRecordsList<PlatformCredential> records = new FilteredRecordsList<>();
|
||||
org.springframework.data.domain.Page<PlatformCredential> pagedResult = this.platformCertificateRepository.findAll(paging);
|
||||
org.springframework.data.domain.Page<PlatformCredential> pagedResult = this.platformCertificateRepository.findByArchiveFlag(false, paging);
|
||||
|
||||
if (pagedResult.hasContent()) {
|
||||
records.addAll(pagedResult.getContent());
|
||||
@ -244,7 +244,7 @@ public class CertificatePageController extends PageController<NoPageParams> {
|
||||
records.setRecordsTotal(input.getLength());
|
||||
}
|
||||
|
||||
records.setRecordsFiltered(platformCertificateRepository.count());
|
||||
records.setRecordsFiltered(platformCertificateRepository.findByArchiveFlag(false).size());
|
||||
EndorsementCredential associatedEC;
|
||||
|
||||
if (!records.isEmpty()) {
|
||||
@ -268,7 +268,7 @@ public class CertificatePageController extends PageController<NoPageParams> {
|
||||
return new DataTableResponse<>(records, input);
|
||||
} else if (certificateType.equals(ENDORSEMENTCREDENTIAL)) {
|
||||
FilteredRecordsList<EndorsementCredential> records = new FilteredRecordsList<>();
|
||||
org.springframework.data.domain.Page<EndorsementCredential> pagedResult = this.endorsementCredentialRepository.findAll(paging);
|
||||
org.springframework.data.domain.Page<EndorsementCredential> pagedResult = this.endorsementCredentialRepository.findByArchiveFlag(false, paging);
|
||||
|
||||
if (pagedResult.hasContent()) {
|
||||
records.addAll(pagedResult.getContent());
|
||||
@ -277,13 +277,13 @@ public class CertificatePageController extends PageController<NoPageParams> {
|
||||
records.setRecordsTotal(input.getLength());
|
||||
}
|
||||
|
||||
records.setRecordsFiltered(endorsementCredentialRepository.count());
|
||||
records.setRecordsFiltered(endorsementCredentialRepository.findByArchiveFlag(false).size());
|
||||
|
||||
log.debug("Returning list of size: " + records.size());
|
||||
return new DataTableResponse<>(records, input);
|
||||
} else if (certificateType.equals(TRUSTCHAIN)) {
|
||||
FilteredRecordsList<CertificateAuthorityCredential> records = new FilteredRecordsList<>();
|
||||
org.springframework.data.domain.Page<CertificateAuthorityCredential> pagedResult = this.caCredentialRepository.findAll(paging);
|
||||
org.springframework.data.domain.Page<CertificateAuthorityCredential> pagedResult = this.caCredentialRepository.findByArchiveFlag(false, paging);
|
||||
|
||||
if (pagedResult.hasContent()) {
|
||||
records.addAll(pagedResult.getContent());
|
||||
@ -292,13 +292,13 @@ public class CertificatePageController extends PageController<NoPageParams> {
|
||||
records.setRecordsTotal(input.getLength());
|
||||
}
|
||||
|
||||
records.setRecordsFiltered(caCredentialRepository.count());
|
||||
records.setRecordsFiltered(caCredentialRepository.findByArchiveFlag(false).size());
|
||||
|
||||
log.debug("Returning list of size: " + records.size());
|
||||
return new DataTableResponse<>(records, input);
|
||||
} else if (certificateType.equals(ISSUEDCERTIFICATES)) {
|
||||
FilteredRecordsList<IssuedAttestationCertificate> records = new FilteredRecordsList<>();
|
||||
org.springframework.data.domain.Page<IssuedAttestationCertificate> pagedResult = this.issuedCertificateRepository.findAll(paging);
|
||||
org.springframework.data.domain.Page<IssuedAttestationCertificate> pagedResult = this.issuedCertificateRepository.findByArchiveFlag(false, paging);
|
||||
|
||||
if (pagedResult.hasContent()) {
|
||||
records.addAll(pagedResult.getContent());
|
||||
@ -307,13 +307,13 @@ public class CertificatePageController extends PageController<NoPageParams> {
|
||||
records.setRecordsTotal(input.getLength());
|
||||
}
|
||||
|
||||
records.setRecordsFiltered(issuedCertificateRepository.count());
|
||||
records.setRecordsFiltered(issuedCertificateRepository.findByArchiveFlag(false).size());
|
||||
|
||||
log.debug("Returning list of size: " + records.size());
|
||||
return new DataTableResponse<>(records, input);
|
||||
}
|
||||
|
||||
return new DataTableResponse<Certificate>(new FilteredRecordsList<>(), input);
|
||||
return new DataTableResponse<>(new FilteredRecordsList<>(), input);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -375,7 +375,7 @@ public class CertificatePageController extends PageController<NoPageParams> {
|
||||
|
||||
try {
|
||||
UUID uuid = UUID.fromString(id);
|
||||
Certificate certificate = getCertificateById(certificateType, uuid);
|
||||
Certificate certificate = certificateRepository.getReferenceById(uuid);
|
||||
if (certificate == null) {
|
||||
// Use the term "record" here to avoid user confusion b/t cert and cred
|
||||
String notFoundMessage = "Unable to locate record with ID: " + uuid;
|
||||
@ -392,14 +392,14 @@ public class CertificatePageController extends PageController<NoPageParams> {
|
||||
|
||||
for (PlatformCredential pc : sharedCertificates) {
|
||||
if (!pc.isPlatformBase()) {
|
||||
pc.archive();
|
||||
pc.archive("User requested deletion via UI of the base certificate");
|
||||
certificateRepository.save(pc);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
certificate.archive();
|
||||
certificate.archive("User requested deletion via UI");
|
||||
certificateRepository.save(certificate);
|
||||
|
||||
String deleteCompletedMessage = "Certificate successfully deleted";
|
||||
@ -512,7 +512,7 @@ public class CertificatePageController extends PageController<NoPageParams> {
|
||||
|
||||
try (ZipOutputStream zipOut = new ZipOutputStream(response.getOutputStream())) {
|
||||
// get all files
|
||||
bulkDownload(zipOut, this.certificateRepository.findByAll("CertificateAuthorityCredential"), singleFileName);
|
||||
bulkDownload(zipOut, this.certificateRepository.findByType("CertificateAuthorityCredential"), singleFileName);
|
||||
// write cert to output stream
|
||||
} catch (IllegalArgumentException ex) {
|
||||
String uuidError = "Failed to parse ID from: ";
|
||||
@ -544,7 +544,7 @@ public class CertificatePageController extends PageController<NoPageParams> {
|
||||
|
||||
try (ZipOutputStream zipOut = new ZipOutputStream(response.getOutputStream())) {
|
||||
// get all files
|
||||
bulkDownload(zipOut, this.certificateRepository.findByAll("PlatformCredential"), singleFileName);
|
||||
bulkDownload(zipOut, this.certificateRepository.findByType("PlatformCredential"), singleFileName);
|
||||
// write cert to output stream
|
||||
} catch (IllegalArgumentException ex) {
|
||||
String uuidError = "Failed to parse ID from: ";
|
||||
@ -576,7 +576,7 @@ public class CertificatePageController extends PageController<NoPageParams> {
|
||||
|
||||
try (ZipOutputStream zipOut = new ZipOutputStream(response.getOutputStream())) {
|
||||
// get all files
|
||||
bulkDownload(zipOut, this.certificateRepository.findByAll("IssuedAttestationCertificate"), singleFileName);
|
||||
bulkDownload(zipOut, this.certificateRepository.findByType("IssuedAttestationCertificate"), singleFileName);
|
||||
// write cert to output stream
|
||||
} catch (IllegalArgumentException ex) {
|
||||
String uuidError = "Failed to parse ID from: ";
|
||||
@ -607,7 +607,7 @@ public class CertificatePageController extends PageController<NoPageParams> {
|
||||
|
||||
try (ZipOutputStream zipOut = new ZipOutputStream(response.getOutputStream())) {
|
||||
// get all files
|
||||
bulkDownload(zipOut, this.certificateRepository.findByAll("EndorsementCredential"), singleFileName);
|
||||
bulkDownload(zipOut, this.certificateRepository.findByType("EndorsementCredential"), singleFileName);
|
||||
// write cert to output stream
|
||||
} catch (IllegalArgumentException ex) {
|
||||
String uuidError = "Failed to parse ID from: ";
|
||||
@ -748,21 +748,6 @@ public class CertificatePageController extends PageController<NoPageParams> {
|
||||
return associatedCertificates;
|
||||
}
|
||||
|
||||
private Certificate getCertificateById(final String certificateType, final UUID uuid) {
|
||||
switch (certificateType) {
|
||||
case PLATFORMCREDENTIAL:
|
||||
return this.platformCertificateRepository.getReferenceById(uuid);
|
||||
case ENDORSEMENTCREDENTIAL:
|
||||
return this.endorsementCredentialRepository.getReferenceById(uuid);
|
||||
case ISSUEDCERTIFICATES:
|
||||
return this.issuedCertificateRepository.getReferenceById(uuid);
|
||||
case TRUSTCHAIN:
|
||||
return this.caCredentialRepository.getReferenceById(uuid);
|
||||
default:
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Parses an uploaded file into a certificate and populates the given model
|
||||
* with error messages if parsing fails.
|
||||
@ -836,7 +821,7 @@ public class CertificatePageController extends PageController<NoPageParams> {
|
||||
log.error(failMessage, dEx);
|
||||
messages.addError(failMessage + dEx.getMessage());
|
||||
return null;
|
||||
} catch (IllegalArgumentException iaEx) {
|
||||
} catch (IllegalArgumentException | IllegalStateException iaEx) {
|
||||
final String failMessage = String.format(
|
||||
"Certificate format not recognized(%s): ", fileName);
|
||||
log.error(failMessage, iaEx);
|
||||
|
||||
@ -5,6 +5,7 @@ import hirs.attestationca.persist.entity.manager.CACredentialRepository;
|
||||
import hirs.attestationca.persist.entity.manager.CertificateRepository;
|
||||
import hirs.attestationca.persist.entity.manager.ReferenceDigestValueRepository;
|
||||
import hirs.attestationca.persist.entity.manager.ReferenceManifestRepository;
|
||||
import hirs.attestationca.persist.entity.userdefined.Certificate;
|
||||
import hirs.attestationca.persist.entity.userdefined.ReferenceManifest;
|
||||
import hirs.attestationca.persist.entity.userdefined.certificate.CertificateAuthorityCredential;
|
||||
import hirs.attestationca.persist.entity.userdefined.rim.BaseReferenceManifest;
|
||||
@ -112,9 +113,16 @@ public class ReferenceManifestDetailsPageController extends PageController<Refer
|
||||
String uuidError = "Failed to parse ID from: " + params.getId();
|
||||
messages.addError(uuidError);
|
||||
log.error(uuidError, iaEx);
|
||||
} catch (Exception ioEx) {
|
||||
} catch (CertificateException cEx) {
|
||||
log.error(cEx);
|
||||
} catch (NoSuchAlgorithmException nsEx) {
|
||||
log.error(nsEx);
|
||||
} catch (IOException ioEx) {
|
||||
log.error(ioEx);
|
||||
} catch (Exception ex) {
|
||||
log.error(ex);
|
||||
}
|
||||
|
||||
if (data.isEmpty()) {
|
||||
String notFoundMessage = "Unable to find RIM with ID: " + params.getId();
|
||||
messages.addError(notFoundMessage);
|
||||
@ -259,23 +267,15 @@ public class ReferenceManifestDetailsPageController extends PageController<Refer
|
||||
TCGEventLog logProcessor = null;
|
||||
SupportReferenceManifest support = null;
|
||||
|
||||
if (baseRim.getAssociatedRim() == null) {
|
||||
support = (SupportReferenceManifest) referenceManifestRepository
|
||||
.getByManufacturer(baseRim.getPlatformManufacturer(),
|
||||
"SupportReferenceManifest");
|
||||
if (support != null) {
|
||||
baseRim.setAssociatedRim(support.getId());
|
||||
}
|
||||
} else {
|
||||
support = referenceManifestRepository
|
||||
.getSupportRimEntityById(baseRim.getAssociatedRim());
|
||||
}
|
||||
// going to have to pull the filename and grab that from the DB
|
||||
// to get the id to make the link
|
||||
RIM_VALIDATOR.setRim(baseRim.getRimBytes());
|
||||
for (SwidResource swidRes : resources) {
|
||||
support = (SupportReferenceManifest) referenceManifestRepository.findByHexDecHash(swidRes.getHashValue());
|
||||
|
||||
if (support != null && swidRes.getHashValue()
|
||||
.equalsIgnoreCase(support.getHexDecHash())) {
|
||||
baseRim.setAssociatedRim(support.getId());
|
||||
RIM_VALIDATOR.validateSupportRimHash(support.getRimBytes(),
|
||||
swidRes.getHashValue());
|
||||
if (RIM_VALIDATOR.isSupportRimValid()) {
|
||||
@ -294,17 +294,19 @@ public class ReferenceManifestDetailsPageController extends PageController<Refer
|
||||
data.put("pcrList", support.getExpectedPCRList());
|
||||
}
|
||||
|
||||
List<CertificateAuthorityCredential> certificates = certificateRepository
|
||||
.findByAll("CertificateAuthorityCredential");
|
||||
List<Certificate> certificates = certificateRepository
|
||||
.findByType("CertificateAuthorityCredential");
|
||||
CertificateAuthorityCredential caCert;
|
||||
//Report invalid signature unless RIM_VALIDATOR validates it and cert path is valid
|
||||
data.put("signatureValid", false);
|
||||
for (CertificateAuthorityCredential cert : certificates) {
|
||||
KeyStore keystore = ValidationService.getCaChain(cert, caCertificateRepository);
|
||||
if (RIM_VALIDATOR.validateXmlSignature(cert.getX509Certificate().getPublicKey(),
|
||||
cert.getSubjectKeyIdString(), cert.getEncodedPublicKey())) {
|
||||
for (Certificate certificate : certificates) {
|
||||
caCert = (CertificateAuthorityCredential) certificate;
|
||||
KeyStore keystore = ValidationService.getCaChain(caCert, caCertificateRepository);
|
||||
if (RIM_VALIDATOR.validateXmlSignature(caCert.getX509Certificate().getPublicKey(),
|
||||
caCert.getSubjectKeyIdString(), caCert.getEncodedPublicKey())) {
|
||||
try {
|
||||
if (SupplyChainCredentialValidator.verifyCertificate(
|
||||
cert.getX509Certificate(), keystore)) {
|
||||
caCert.getX509Certificate(), keystore)) {
|
||||
data.replace("signatureValid", true);
|
||||
break;
|
||||
}
|
||||
@ -316,10 +318,11 @@ public class ReferenceManifestDetailsPageController extends PageController<Refer
|
||||
data.put("skID", RIM_VALIDATOR.getSubjectKeyIdentifier());
|
||||
try {
|
||||
if (RIM_VALIDATOR.getPublicKey() != null) {
|
||||
for (CertificateAuthorityCredential cert : certificates) {
|
||||
if (Arrays.equals(cert.getEncodedPublicKey(),
|
||||
for (Certificate certificate : certificates) {
|
||||
caCert = (CertificateAuthorityCredential) certificate;
|
||||
if (Arrays.equals(caCert.getEncodedPublicKey(),
|
||||
RIM_VALIDATOR.getPublicKey().getEncoded())) {
|
||||
data.put("issuerID", cert.getId().toString());
|
||||
data.put("issuerID", caCert.getId().toString());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -120,22 +120,20 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
|
||||
FilteredRecordsList<ReferenceManifest> records = new FilteredRecordsList<>();
|
||||
int currentPage = input.getStart() / input.getLength();
|
||||
Pageable paging = PageRequest.of(currentPage, input.getLength(), Sort.by(orderColumnName));
|
||||
org.springframework.data.domain.Page<ReferenceManifest> pagedResult = referenceManifestRepository.findAll(paging);
|
||||
org.springframework.data.domain.Page<ReferenceManifest> pagedResult = referenceManifestRepository.findByArchiveFlag(false, paging);
|
||||
int rimCount = 0;
|
||||
|
||||
if (pagedResult.hasContent()) {
|
||||
for (ReferenceManifest manifest : pagedResult.getContent()) {
|
||||
if (!manifest.getRimType().equals(ReferenceManifest.MEASUREMENT_RIM)) {
|
||||
records.add(manifest);
|
||||
rimCount++;
|
||||
}
|
||||
records.add(manifest);
|
||||
rimCount++;
|
||||
}
|
||||
records.setRecordsTotal(rimCount);
|
||||
} else {
|
||||
records.setRecordsTotal(input.getLength());
|
||||
}
|
||||
|
||||
records.setRecordsFiltered(referenceManifestRepository.count());
|
||||
records.setRecordsFiltered(referenceManifestRepository.findByArchiveFlag(false).size());
|
||||
|
||||
log.debug("Returning list of size: " + records.size());
|
||||
return new DataTableResponse<>(records, input);
|
||||
@ -220,7 +218,6 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
|
||||
|
||||
try {
|
||||
ReferenceManifest referenceManifest = getRimFromDb(id);
|
||||
List<ReferenceDigestValue> values = new LinkedList<>();
|
||||
|
||||
if (referenceManifest == null) {
|
||||
String notFoundMessage = "Unable to locate RIM with ID: " + id;
|
||||
@ -228,14 +225,8 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
|
||||
log.warn(notFoundMessage);
|
||||
} else {
|
||||
// if support rim, update associated events
|
||||
values = referenceDigestValueRepository.findBySupportRimHash(
|
||||
referenceManifest.getHexDecHash());
|
||||
|
||||
for (ReferenceDigestValue value : values) {
|
||||
referenceDigestValueRepository.delete(value);
|
||||
}
|
||||
|
||||
referenceManifestRepository.delete(referenceManifest);
|
||||
referenceManifest.archive();
|
||||
referenceManifestRepository.save(referenceManifest);
|
||||
String deleteCompletedMessage = "RIM successfully deleted";
|
||||
messages.addInfo(deleteCompletedMessage);
|
||||
log.info(deleteCompletedMessage);
|
||||
@ -422,7 +413,7 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
|
||||
baseRims.add(baseRim);
|
||||
}
|
||||
}
|
||||
} catch (IOException ioEx) {
|
||||
} catch (IOException | NullPointerException ioEx) {
|
||||
final String failMessage
|
||||
= String.format("Failed to parse uploaded file (%s): ", fileName);
|
||||
log.error(failMessage, ioEx);
|
||||
@ -475,7 +466,7 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
|
||||
if (supportRim != null && (supportRim.getId() != null
|
||||
&& !supportRim.getId().toString().equals(""))) {
|
||||
List<BaseReferenceManifest> baseRims = new LinkedList<>();
|
||||
baseRims.add(this.referenceManifestRepository
|
||||
baseRims.addAll(this.referenceManifestRepository
|
||||
.getBaseByManufacturerModel(supportRim.getPlatformManufacturer(),
|
||||
supportRim.getPlatformModel()));
|
||||
|
||||
|
||||
@ -150,7 +150,7 @@ public final class CertificateStringMapBuilder {
|
||||
final Certificate certificate,
|
||||
final CertificateRepository certificateRepository,
|
||||
final CACredentialRepository caCredentialRepository) {
|
||||
List<CertificateAuthorityCredential> issuerCertificates = new ArrayList<>();
|
||||
List<Certificate> issuerCertificates = new ArrayList<>();
|
||||
CertificateAuthorityCredential skiCA = null;
|
||||
String issuerResult;
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user