mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-30 01:39:05 +00:00
Merge remote-tracking branch 'origin/gradle-7-update' into total-refactor
This commit is contained in:
commit
b521be901c
@ -1,89 +1,66 @@
|
||||
apply plugin: 'war'
|
||||
apply plugin: 'checkstyle'
|
||||
plugins {
|
||||
id 'war'
|
||||
id 'java'
|
||||
}
|
||||
|
||||
tasks.withType(JavaCompile) {
|
||||
options.release = 11
|
||||
}
|
||||
|
||||
repositories {
|
||||
mavenCentral()
|
||||
}
|
||||
|
||||
evaluationDependsOn(':HIRS_Utils')
|
||||
|
||||
sourceCompatibility = 1.8
|
||||
|
||||
dependencies {
|
||||
compile project(':TPM_Utils')
|
||||
compile project(':HIRS_Structs')
|
||||
compile project(':HIRS_Utils')
|
||||
// implementation project(':TPM_Utils')
|
||||
implementation project(':HIRS_Structs')
|
||||
implementation project(':HIRS_Utils')
|
||||
implementation libs.bouncy.castle
|
||||
implementation libs.commons.codec
|
||||
implementation libs.commons.lang
|
||||
implementation libs.commons.io
|
||||
implementation libs.guava
|
||||
implementation libs.javax.jaxb
|
||||
implementation libs.spring.webmvc
|
||||
implementation libs.spring.data
|
||||
implementation libs.spring.boot
|
||||
implementation libs.spring.retry
|
||||
implementation libs.spring.plugin
|
||||
implementation libs.log4j2
|
||||
implementation libs.log4j2.web
|
||||
implementation libs.protobuf.java
|
||||
|
||||
compile libs.bouncy_castle
|
||||
compile libs.commons_codec
|
||||
compile libs.commons_lang
|
||||
compile libs.spring_webmvc
|
||||
compile libs.log4j2
|
||||
compile libs.log4j2_web
|
||||
compile libs.protobuf_java
|
||||
implementation libs.servlet.api
|
||||
|
||||
providedCompile libs.servlet_api
|
||||
testImplementation project(':HIRS_Utils').sourceSets.test.output
|
||||
testImplementation project(':HIRS_Utils').sourceSets.test.resources
|
||||
|
||||
testCompile project(':HIRS_Utils').sourceSets.test.output
|
||||
testCompile project(':HIRS_Utils').sourceSets.test.resources
|
||||
|
||||
testCompile libs.commons_lang
|
||||
testCompile libs.spring_test
|
||||
testCompile libs.mockito
|
||||
testCompile libs.testng
|
||||
testCompile libs.hsqldb
|
||||
testImplementation libs.commons.lang
|
||||
testImplementation libs.spring.test
|
||||
testImplementation libs.mockito
|
||||
testImplementation libs.testng
|
||||
testImplementation libs.hsqldb
|
||||
}
|
||||
|
||||
task generateProtoBuf(type:Exec) {
|
||||
workingDir 'config'
|
||||
|
||||
commandLine './genJavaProtoBuf.sh'
|
||||
}
|
||||
|
||||
def copyVersion = project.task('copyVersion')
|
||||
compileJava.dependsOn generateProtoBuf
|
||||
copyVersion.dependsOn compileJava
|
||||
war.dependsOn copyVersion
|
||||
|
||||
ext.configDir = new File(projectDir, 'config')
|
||||
ext.checkstyleConfigDir = "$configDir/checkstyle"
|
||||
checkstyle {
|
||||
toolVersion = '8.10.1'
|
||||
configFile = checkstyleConfigFile
|
||||
configProperties.put('basedir', checkstyleConfigDir)
|
||||
ignoreFailures = false
|
||||
showViolations = true
|
||||
}
|
||||
|
||||
war {
|
||||
from(buildDir) {
|
||||
include 'VERSION'
|
||||
into 'WEB-INF/classes'
|
||||
}
|
||||
archiveName = 'HIRS_AttestationCA.war'
|
||||
}
|
||||
|
||||
publishing {
|
||||
publications {
|
||||
maven(MavenPublication) {
|
||||
artifactId 'hirs-attestationca'
|
||||
artifact jar
|
||||
pom.withXml {
|
||||
def dependenciesNode = asNode().appendNode('dependencies')
|
||||
|
||||
configurations.runtime.allDependencies.each {
|
||||
if (it.group != null && it.name != null) {
|
||||
def dependencyNode = dependenciesNode.appendNode('dependency')
|
||||
dependencyNode.appendNode('groupId', it.group)
|
||||
dependencyNode.appendNode('artifactId', it.name)
|
||||
dependencyNode.appendNode('version', it.version)
|
||||
|
||||
if (it.excludeRules.size() > 0) {
|
||||
def exclusionsNode = dependencyNode.appendNode('exclusions')
|
||||
it.excludeRules.each { rule ->
|
||||
def exclusionNode = exclusionsNode.appendNode('exclusion')
|
||||
exclusionNode.appendNode('groupId', rule.group)
|
||||
exclusionNode.appendNode('artifactId', rule.module)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
archiveFileName = 'HIRS_AttestationCA.war'
|
||||
}
|
||||
|
@ -6,7 +6,7 @@ import hirs.attestationca.configuration.provisionerTpm2.ProvisionerTpm2;
|
||||
import hirs.attestationca.exceptions.CertificateProcessingException;
|
||||
import hirs.attestationca.exceptions.IdentityProcessingException;
|
||||
import hirs.attestationca.exceptions.UnexpectedServerException;
|
||||
import hirs.attestationca.service.SupplyChainValidationService;
|
||||
import hirs.attestationca.validation.SupplyChainValidationService;
|
||||
import hirs.data.persist.AppraisalStatus;
|
||||
import hirs.data.persist.BaseReferenceManifest;
|
||||
import hirs.data.persist.Device;
|
||||
@ -14,7 +14,6 @@ import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.data.persist.EventLogMeasurements;
|
||||
import hirs.data.persist.ReferenceDigestValue;
|
||||
import hirs.data.persist.ReferenceManifest;
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.data.persist.SupplyChainValidationSummary;
|
||||
import hirs.data.persist.SupportReferenceManifest;
|
||||
import hirs.data.persist.SwidResource;
|
||||
@ -27,14 +26,13 @@ import hirs.data.persist.info.HardwareInfo;
|
||||
import hirs.data.persist.info.NetworkInfo;
|
||||
import hirs.data.persist.info.OSInfo;
|
||||
import hirs.data.persist.info.TPMInfo;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
import hirs.data.service.DeviceRegister;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.DBManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.persist.ReferenceDigestManager;
|
||||
import hirs.persist.ReferenceEventManager;
|
||||
import hirs.persist.ReferenceManifestManager;
|
||||
import hirs.persist.TPM2ProvisionerState;
|
||||
import hirs.persist.service.CertificateService;
|
||||
import hirs.persist.service.ReferenceManifestService;
|
||||
import hirs.structs.converters.SimpleStructBuilder;
|
||||
import hirs.structs.converters.StructConverter;
|
||||
import hirs.structs.elements.aca.IdentityRequestEnvelope;
|
||||
@ -176,12 +174,10 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
*/
|
||||
private Integer validDays = 1;
|
||||
|
||||
private final CertificateManager certificateManager;
|
||||
private final ReferenceManifestManager referenceManifestManager;
|
||||
private final CertificateService certificateService;
|
||||
private final ReferenceManifestService referenceManifestService;
|
||||
private final DeviceRegister deviceRegister;
|
||||
private final DeviceManager deviceManager;
|
||||
private final DBManager<TPM2ProvisionerState> tpm2ProvisionerStateDBManager;
|
||||
private final ReferenceDigestManager referenceDigestManager;
|
||||
private final ReferenceEventManager referenceEventManager;
|
||||
private String tpmQuoteHash = "";
|
||||
private String tpmQuoteSignature = "";
|
||||
@ -192,13 +188,11 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
* @param privateKey the ACA private key
|
||||
* @param acaCertificate the ACA certificate
|
||||
* @param structConverter the struct converter
|
||||
* @param certificateManager the certificate manager
|
||||
* @param referenceManifestManager the Reference Manifest manager
|
||||
* @param certificateService the certificate service
|
||||
* @param referenceManifestService the Reference Manifest service
|
||||
* @param deviceRegister the device register
|
||||
* @param validDays the number of days issued certs are valid
|
||||
* @param deviceManager the device manager
|
||||
* @param tpm2ProvisionerStateDBManager the DBManager for persisting provisioner state
|
||||
* @param referenceDigestManager the reference digest manager
|
||||
* @param referenceEventManager the reference event manager
|
||||
*/
|
||||
@SuppressWarnings("checkstyle:parameternumber")
|
||||
@ -206,24 +200,20 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
final SupplyChainValidationService supplyChainValidationService,
|
||||
final PrivateKey privateKey, final X509Certificate acaCertificate,
|
||||
final StructConverter structConverter,
|
||||
final CertificateManager certificateManager,
|
||||
final ReferenceManifestManager referenceManifestManager,
|
||||
final CertificateService certificateService,
|
||||
final ReferenceManifestService referenceManifestService,
|
||||
final DeviceRegister deviceRegister, final int validDays,
|
||||
final DeviceManager deviceManager,
|
||||
final DBManager<TPM2ProvisionerState> tpm2ProvisionerStateDBManager,
|
||||
final ReferenceDigestManager referenceDigestManager,
|
||||
final ReferenceEventManager referenceEventManager) {
|
||||
this.supplyChainValidationService = supplyChainValidationService;
|
||||
this.privateKey = privateKey;
|
||||
this.acaCertificate = acaCertificate;
|
||||
this.structConverter = structConverter;
|
||||
this.certificateManager = certificateManager;
|
||||
this.referenceManifestManager = referenceManifestManager;
|
||||
this.certificateService = certificateService;
|
||||
this.referenceManifestService = referenceManifestService;
|
||||
this.deviceRegister = deviceRegister;
|
||||
this.validDays = validDays;
|
||||
this.deviceManager = deviceManager;
|
||||
this.tpm2ProvisionerStateDBManager = tpm2ProvisionerStateDBManager;
|
||||
this.referenceDigestManager = referenceDigestManager;
|
||||
this.referenceEventManager = referenceEventManager;
|
||||
}
|
||||
|
||||
@ -262,7 +252,7 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
byte[] ecBytesFromIdentityRequest = proof.getEndorsementCredential();
|
||||
if (ArrayUtils.isNotEmpty(ecBytesFromIdentityRequest)) {
|
||||
endorsementCredential = CredentialManagementHelper.storeEndorsementCredential(
|
||||
this.certificateManager, ecBytesFromIdentityRequest
|
||||
this.certificateService, ecBytesFromIdentityRequest
|
||||
);
|
||||
try {
|
||||
BigInteger publicKeyModulus = Certificate.getPublicKeyModulus(
|
||||
@ -291,7 +281,7 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
byte[] pcBytesFromIdentityRequest = proof.getPlatformCredential();
|
||||
if (ArrayUtils.isNotEmpty(pcBytesFromIdentityRequest)) {
|
||||
platformCredentials.add(CredentialManagementHelper.storePlatformCredential(
|
||||
this.certificateManager, pcBytesFromIdentityRequest
|
||||
this.certificateService, pcBytesFromIdentityRequest
|
||||
));
|
||||
} else if (endorsementCredential != null) {
|
||||
// if none in the identity request, look for uploaded platform credentials
|
||||
@ -453,8 +443,6 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
LOG.info("Sending nonce: " + strNonce);
|
||||
LOG.info("Persisting claim of length: " + identityClaim.length);
|
||||
|
||||
tpm2ProvisionerStateDBManager.save(new TPM2ProvisionerState(nonce, identityClaim));
|
||||
|
||||
if (scp != null && scp.isIgnoreImaEnabled()) {
|
||||
pcrQuoteMask = PCR_QUOTE_MASK.replace("10,", "");
|
||||
}
|
||||
@ -504,7 +492,7 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
if (platformCredentials.size() == 1) {
|
||||
for (PlatformCredential pc : platformCredentials) {
|
||||
if (pc != null && pc.getPlatformSerial() != null) {
|
||||
platformCredentials.addAll(PlatformCredential.select(this.certificateManager)
|
||||
platformCredentials.addAll(PlatformCredential.select(this.certificateService)
|
||||
.byBoardSerialNumber(pc.getPlatformSerial()).getCertificates());
|
||||
}
|
||||
}
|
||||
@ -635,9 +623,6 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
byte[] derEncodedAttestationCertificate = getDerEncodedCertificate(
|
||||
attestationCertificate);
|
||||
|
||||
// We validated the nonce and made use of the identity claim so state can be deleted
|
||||
tpm2ProvisionerStateDBManager.delete(tpm2ProvisionerState);
|
||||
|
||||
// Package the signed certificate into a response
|
||||
ByteString certificateBytes = ByteString
|
||||
.copyFrom(derEncodedAttestationCertificate);
|
||||
@ -811,7 +796,7 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
if (dv.getLogfileCount() > 0) {
|
||||
for (ByteString logFile : dv.getLogfileList()) {
|
||||
try {
|
||||
support = SupportReferenceManifest.select(referenceManifestManager)
|
||||
support = SupportReferenceManifest.select(referenceManifestService)
|
||||
.byHexDecHash(Hex.encodeHexString(messageDigest.digest(
|
||||
logFile.toByteArray()))).includeArchived()
|
||||
.getRIM();
|
||||
@ -829,13 +814,14 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
support.getHexDecHash().substring(
|
||||
support.getHexDecHash().length() - NUM_OF_VARIABLES)));
|
||||
support.setDeviceName(dv.getNw().getHostname());
|
||||
this.referenceManifestManager.save(support);
|
||||
this.referenceManifestService.saveRIM(support);
|
||||
} else {
|
||||
LOG.info("Client provided Support RIM already loaded in database.");
|
||||
if (support.isArchived()) {
|
||||
support.restore();
|
||||
support.resetCreateTime();
|
||||
this.referenceManifestManager.update(support);
|
||||
this.referenceManifestService.updateReferenceManifest(support,
|
||||
support.getId());
|
||||
}
|
||||
}
|
||||
} catch (IOException ioEx) {
|
||||
@ -853,7 +839,7 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
if (dv.getSwidfileCount() > 0) {
|
||||
for (ByteString swidFile : dv.getSwidfileList()) {
|
||||
try {
|
||||
dbBaseRim = BaseReferenceManifest.select(referenceManifestManager)
|
||||
dbBaseRim = BaseReferenceManifest.select(referenceManifestService)
|
||||
.byBase64Hash(Base64.getEncoder()
|
||||
.encodeToString(messageDigest
|
||||
.digest(swidFile.toByteArray())))
|
||||
@ -865,7 +851,7 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
defaultClientName),
|
||||
swidFile.toByteArray());
|
||||
dbBaseRim.setDeviceName(dv.getNw().getHostname());
|
||||
this.referenceManifestManager.save(dbBaseRim);
|
||||
this.referenceManifestService.saveRIM(dbBaseRim);
|
||||
} else {
|
||||
LOG.info("Client provided Base RIM already loaded in database.");
|
||||
/**
|
||||
@ -875,7 +861,8 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
if (dbBaseRim.isArchived()) {
|
||||
dbBaseRim.restore();
|
||||
dbBaseRim.resetCreateTime();
|
||||
this.referenceManifestManager.update(dbBaseRim);
|
||||
this.referenceManifestService.updateReferenceManifest(dbBaseRim,
|
||||
dbBaseRim.getId());
|
||||
}
|
||||
}
|
||||
} catch (IOException ioEx) {
|
||||
@ -889,7 +876,7 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
|
||||
//update Support RIMs and Base RIMs.
|
||||
for (ByteString swidFile : dv.getSwidfileList()) {
|
||||
dbBaseRim = BaseReferenceManifest.select(referenceManifestManager)
|
||||
dbBaseRim = BaseReferenceManifest.select(referenceManifestService)
|
||||
.byBase64Hash(Base64.getEncoder().encodeToString(messageDigest.digest(
|
||||
swidFile.toByteArray()))).includeArchived()
|
||||
.getRIM();
|
||||
@ -908,7 +895,7 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
|
||||
// now update support rim
|
||||
SupportReferenceManifest dbSupport = SupportReferenceManifest
|
||||
.select(referenceManifestManager)
|
||||
.select(referenceManifestService)
|
||||
.byHexDecHash(swid.getHashValue()).getRIM();
|
||||
if (dbSupport != null) {
|
||||
dbSupport.setFileName(swid.getName());
|
||||
@ -921,11 +908,13 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
dbBaseRim.setAssociatedRim(dbSupport.getId());
|
||||
dbSupport.setUpdated(true);
|
||||
dbSupport.setAssociatedRim(dbBaseRim.getId());
|
||||
this.referenceManifestManager.update(dbSupport);
|
||||
this.referenceManifestService.updateReferenceManifest(dbSupport,
|
||||
dbSupport.getId());
|
||||
listOfSavedRims.add(dbSupport);
|
||||
}
|
||||
}
|
||||
this.referenceManifestManager.update(dbBaseRim);
|
||||
this.referenceManifestService.updateReferenceManifest(dbBaseRim,
|
||||
dbBaseRim.getId());
|
||||
listOfSavedRims.add(dbBaseRim);
|
||||
}
|
||||
}
|
||||
@ -940,18 +929,18 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
EventLogMeasurements temp = new EventLogMeasurements(fileName,
|
||||
dv.getLivelog().toByteArray());
|
||||
// find previous version.
|
||||
measurements = EventLogMeasurements.select(referenceManifestManager)
|
||||
measurements = EventLogMeasurements.select(referenceManifestService)
|
||||
.byDeviceName(dv.getNw().getHostname())
|
||||
.includeArchived()
|
||||
.getRIM();
|
||||
|
||||
if (measurements != null) {
|
||||
// Find previous log and delete it
|
||||
referenceManifestManager.deleteReferenceManifest(measurements);
|
||||
referenceManifestService.deleteRIM(measurements);
|
||||
}
|
||||
|
||||
BaseReferenceManifest baseRim = BaseReferenceManifest
|
||||
.select(referenceManifestManager)
|
||||
.select(referenceManifestService)
|
||||
.byManufacturerModelBase(dv.getHw().getManufacturer(),
|
||||
dv.getHw().getProductName())
|
||||
.getRIM();
|
||||
@ -963,19 +952,19 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
if (baseRim != null) {
|
||||
measurements.setAssociatedRim(baseRim.getAssociatedRim());
|
||||
}
|
||||
this.referenceManifestManager.save(measurements);
|
||||
this.referenceManifestService.saveRIM(measurements);
|
||||
|
||||
if (baseRim != null) {
|
||||
// pull the base versions of the swidtag and rimel and set the
|
||||
// event log hash for use during provision
|
||||
SupportReferenceManifest sBaseRim = SupportReferenceManifest
|
||||
.select(referenceManifestManager)
|
||||
.select(referenceManifestService)
|
||||
.byEntityId(baseRim.getAssociatedRim())
|
||||
.getRIM();
|
||||
baseRim.setEventLogHash(temp.getHexDecHash());
|
||||
sBaseRim.setEventLogHash(temp.getHexDecHash());
|
||||
referenceManifestManager.update(baseRim);
|
||||
referenceManifestManager.update(sBaseRim);
|
||||
referenceManifestService.updateReferenceManifest(baseRim, baseRim.getId());
|
||||
referenceManifestService.updateReferenceManifest(sBaseRim, baseRim.getId());
|
||||
}
|
||||
} catch (IOException ioEx) {
|
||||
LOG.error(ioEx);
|
||||
@ -1010,7 +999,7 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
List<SupportReferenceManifest> supplementalRims = new ArrayList<>();
|
||||
List<SupportReferenceManifest> patchRims = new ArrayList<>();
|
||||
Set<SupportReferenceManifest> dbSupportRims = SupportReferenceManifest
|
||||
.select(referenceManifestManager)
|
||||
.select(referenceManifestService)
|
||||
.byManufacturerModel(manufacturer, model).getRIMs();
|
||||
List<ReferenceDigestValue> sourcedValues = referenceEventManager
|
||||
.getValueByManufacturerModel(manufacturer, model);
|
||||
@ -1144,7 +1133,7 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
EndorsementCredential credential = null;
|
||||
|
||||
try {
|
||||
credential = EndorsementCredential.select(this.certificateManager)
|
||||
credential = EndorsementCredential.select(this.certificateService)
|
||||
.byPublicKeyModulus(Certificate.getPublicKeyModulus(ekPublicKey))
|
||||
.getCertificate();
|
||||
} catch (IOException e) {
|
||||
@ -1168,7 +1157,7 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
} else {
|
||||
LOG.debug("Searching for platform credential(s) based on holder serial number: "
|
||||
+ ec.getSerialNumber());
|
||||
credentials = PlatformCredential.select(this.certificateManager)
|
||||
credentials = PlatformCredential.select(this.certificateService)
|
||||
.byHolderSerialNumber(ec.getSerialNumber())
|
||||
.getCertificates();
|
||||
if (credentials == null || credentials.isEmpty()) {
|
||||
@ -1799,11 +1788,11 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
*/
|
||||
private TPM2ProvisionerState getTpm2ProvisionerState(
|
||||
final ProvisionerTpm2.CertificateRequest request) {
|
||||
if (request.hasNonce()) {
|
||||
byte[] nonce = request.getNonce().toByteArray();
|
||||
return TPM2ProvisionerState.getTPM2ProvisionerState(tpm2ProvisionerStateDBManager,
|
||||
nonce);
|
||||
}
|
||||
// if (request.hasNonce()) {
|
||||
// byte[] nonce = request.getNonce().toByteArray();
|
||||
// return TPM2ProvisionerState.getTPM2ProvisionerState(tpm2ProvisionerStateDBManager,
|
||||
// nonce);
|
||||
// }
|
||||
return null;
|
||||
}
|
||||
|
||||
@ -1839,7 +1828,7 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
EndorsementCredential endorsementCredential = null;
|
||||
if (identityClaim.hasEndorsementCredential()) {
|
||||
endorsementCredential = CredentialManagementHelper.storeEndorsementCredential(
|
||||
this.certificateManager,
|
||||
this.certificateService,
|
||||
identityClaim.getEndorsementCredential().toByteArray());
|
||||
} else if (ekPub != null) {
|
||||
LOG.warn("Endorsement Cred was not in the identity claim from the client."
|
||||
@ -1870,7 +1859,7 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
for (ByteString platformCredential : identityClaim.getPlatformCredentialList()) {
|
||||
if (!platformCredential.isEmpty()) {
|
||||
platformCredentials.add(CredentialManagementHelper.storePlatformCredential(
|
||||
this.certificateManager, platformCredential.toByteArray()));
|
||||
this.certificateService, platformCredential.toByteArray()));
|
||||
}
|
||||
}
|
||||
} else if (endorsementCredential != null) {
|
||||
@ -1928,7 +1917,7 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
derEncodedAttestationCertificate, endorsementCredential, platformCredentials);
|
||||
|
||||
if (scp != null) {
|
||||
issuedAc = IssuedAttestationCertificate.select(certificateManager)
|
||||
issuedAc = IssuedAttestationCertificate.select(certificateService)
|
||||
.byDeviceId(device.getId()).getCertificate();
|
||||
|
||||
generateCertificate = scp.isIssueAttestationCertificate();
|
||||
@ -1947,7 +1936,7 @@ public abstract class AbstractAttestationCertificateAuthority
|
||||
}
|
||||
if (generateCertificate) {
|
||||
attCert.setDevice(device);
|
||||
certificateManager.save(attCert);
|
||||
certificateService.saveCertificate(attCert);
|
||||
}
|
||||
} catch (Exception e) {
|
||||
LOG.error("Error saving generated Attestation Certificate to database.", e);
|
||||
|
@ -1,11 +1,9 @@
|
||||
package hirs.attestationca;
|
||||
|
||||
import hirs.appraiser.SupplyChainAppraiser;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.persist.AppraiserManager;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.PolicyManager;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
import hirs.persist.service.AppraiserService;
|
||||
import hirs.persist.service.PolicyService;
|
||||
|
||||
import static hirs.attestationca.AbstractAttestationCertificateAuthority.LOG;
|
||||
|
||||
@ -21,30 +19,18 @@ public final class AcaDbInit {
|
||||
* Insert the ACA's default entries into the DB. This class is invoked after successful
|
||||
* install of the HIRS_AttestationCA RPM.
|
||||
*
|
||||
* @param appraiserManager the AppraiserManager to use to persist appraisers
|
||||
* @param deviceGroupManager the DeviceGroupManager to use to persist device groups
|
||||
* @param policyManager the PolicyManager to use to persist policies
|
||||
* @param appraiserService the AppraiserService to use to persist appraisers
|
||||
* @param policyService the PolicyService to use to persist policies
|
||||
*/
|
||||
public static synchronized void insertDefaultEntries(
|
||||
final AppraiserManager appraiserManager,
|
||||
final DeviceGroupManager deviceGroupManager,
|
||||
final PolicyManager policyManager) {
|
||||
final AppraiserService appraiserService,
|
||||
final PolicyService policyService) {
|
||||
LOG.info("Ensuring default ACA database entries are present.");
|
||||
|
||||
// Ensure the default group exists. It may have already been created by the Server RPM
|
||||
DeviceGroup defaultGroup = deviceGroupManager.getDeviceGroup(DeviceGroup.DEFAULT_GROUP);
|
||||
if (defaultGroup == null) {
|
||||
LOG.info("Default group not found; saving...");
|
||||
defaultGroup = deviceGroupManager.saveDeviceGroup(new DeviceGroup(
|
||||
DeviceGroup.DEFAULT_GROUP,
|
||||
"This is the default group"));
|
||||
LOG.info("Saved default group.");
|
||||
}
|
||||
|
||||
// If the SupplyChainAppraiser exists, do not attempt to re-save the supply chain appraiser
|
||||
// or SupplyChainPolicy
|
||||
SupplyChainAppraiser supplyChainAppraiser = (SupplyChainAppraiser)
|
||||
appraiserManager.getAppraiser(SupplyChainAppraiser.NAME);
|
||||
appraiserService.getAppraiser(SupplyChainAppraiser.NAME);
|
||||
if (supplyChainAppraiser != null) {
|
||||
LOG.info("Supply chain appraiser is present; not inserting any more entries.");
|
||||
LOG.info("ACA database initialization complete.");
|
||||
@ -54,15 +40,15 @@ public final class AcaDbInit {
|
||||
// Create the SupplyChainAppraiser
|
||||
LOG.info("Saving supply chain appraiser...");
|
||||
supplyChainAppraiser = (SupplyChainAppraiser)
|
||||
appraiserManager.saveAppraiser(new SupplyChainAppraiser());
|
||||
appraiserService.saveAppraiser(new SupplyChainAppraiser());
|
||||
|
||||
// Create the SupplyChainPolicy
|
||||
LOG.info("Saving default supply chain policy...");
|
||||
SupplyChainPolicy supplyChainPolicy = new SupplyChainPolicy(
|
||||
SupplyChainPolicy.DEFAULT_POLICY);
|
||||
policyManager.savePolicy(supplyChainPolicy);
|
||||
policyManager.setDefaultPolicy(supplyChainAppraiser, supplyChainPolicy);
|
||||
policyManager.setPolicy(supplyChainAppraiser, defaultGroup, supplyChainPolicy);
|
||||
policyService.savePolicy(supplyChainPolicy);
|
||||
policyService.setDefaultPolicy(supplyChainAppraiser, supplyChainPolicy);
|
||||
policyService.setPolicy(supplyChainAppraiser, supplyChainPolicy);
|
||||
|
||||
LOG.info("ACA database initialization complete.");
|
||||
}
|
||||
|
@ -0,0 +1,339 @@
|
||||
package hirs.attestationca;
|
||||
|
||||
import hirs.structs.converters.SimpleStructConverter;
|
||||
import hirs.structs.converters.StructConverter;
|
||||
import hirs.utils.LogConfigurationUtil;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.hibernate.jpa.HibernatePersistenceProvider;
|
||||
import org.springframework.beans.factory.BeanInitializationException;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.PropertySource;
|
||||
import org.springframework.context.annotation.PropertySources;
|
||||
import org.springframework.context.annotation.Scope;
|
||||
import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
|
||||
import org.springframework.core.env.Environment;
|
||||
import org.springframework.jdbc.datasource.DriverManagerDataSource;
|
||||
import org.springframework.orm.jpa.JpaTransactionManager;
|
||||
import org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean;
|
||||
import org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter;
|
||||
import org.springframework.transaction.annotation.EnableTransactionManagement;
|
||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
import javax.persistence.EntityManagerFactory;
|
||||
import javax.sql.DataSource;
|
||||
import java.io.IOException;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
import java.security.KeyStore;
|
||||
import java.security.KeyStoreException;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.Security;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.Properties;
|
||||
|
||||
/**
|
||||
* Provides application context configuration for the Attestation Certificate
|
||||
* Authority application. The properties are processed in order and as such, the
|
||||
* last property file read in will override properties that may had already been
|
||||
* defined previously. In other words, the 'defaults.properties' file provides a
|
||||
* basic standard of properties that can be overrode by the
|
||||
*/
|
||||
@Configuration
|
||||
@PropertySources({
|
||||
@PropertySource(value = "classpath:defaults.properties"),
|
||||
@PropertySource(value = "classpath:persistence.properties"),
|
||||
|
||||
// detects if file exists, if not, ignore errors
|
||||
@PropertySource(value = "file:/etc/hirs/aca/aca.properties",
|
||||
ignoreResourceNotFound = true)
|
||||
})
|
||||
@EnableTransactionManagement
|
||||
@ComponentScan({ "hirs.attestationca", "hirs.attestationca.service", "hirs.attestationca.rest",
|
||||
"hirs.validation", "hirs.data.service", "hirsattestationca.configuration" })
|
||||
@EnableWebMvc
|
||||
public class AttestationCertificateAuthorityConfiguration implements WebMvcConfigurer {
|
||||
|
||||
private static final Logger LOG
|
||||
= LogManager.getLogger(AttestationCertificateAuthorityConfiguration.class);
|
||||
|
||||
static {
|
||||
try {
|
||||
LogConfigurationUtil.applyConfiguration();
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
@Autowired
|
||||
private Environment environment;
|
||||
|
||||
/**
|
||||
* Creates a JPA transaction manager.
|
||||
* @return instance of the manager
|
||||
*/
|
||||
@Bean
|
||||
public JpaTransactionManager jpaTransactionManager() {
|
||||
JpaTransactionManager transactionManager = new JpaTransactionManager();
|
||||
transactionManager.setEntityManagerFactory(entityManagerFactory());
|
||||
return transactionManager;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return bean to resolve injected annotation.Value property expressions
|
||||
* for beans.
|
||||
*/
|
||||
@Bean
|
||||
public static PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer() {
|
||||
return new PropertySourcesPlaceholderConfigurer();
|
||||
}
|
||||
|
||||
/**
|
||||
* Initialization of the ACA. Detects environment and runs configuration
|
||||
* methods as required. This method is intended to be invoked by the Spring
|
||||
* application context.
|
||||
*/
|
||||
@PostConstruct
|
||||
void initialize() {
|
||||
|
||||
// ensure that Bouncy Castle is registered as a security provider
|
||||
Security.addProvider(new BouncyCastleProvider());
|
||||
|
||||
// obtain path to ACA configuration
|
||||
Path certificatesPath = Paths.get(
|
||||
environment.getRequiredProperty("aca.directories.certificates"));
|
||||
|
||||
// create base directories if they do not exist
|
||||
try {
|
||||
Files.createDirectories(certificatesPath);
|
||||
} catch (IOException e) {
|
||||
throw new BeanInitializationException(
|
||||
"Encountered error while initializing ACA directories: " + e.getMessage(), e);
|
||||
}
|
||||
|
||||
// create the ACA key store if it doesn't exist
|
||||
Path keyStorePath = Paths.get(environment.getRequiredProperty("aca.keyStore.location"));
|
||||
if (!Files.exists(keyStorePath)) {
|
||||
throw new IllegalStateException(
|
||||
String.format("ACA Key Store not found at %s. Consult the HIRS User "
|
||||
+ "Guide for ACA installation instructions.",
|
||||
environment.getRequiredProperty("aca.keyStore.location")));
|
||||
}
|
||||
}
|
||||
|
||||
private HibernateJpaVendorAdapter vendorAdaptor() {
|
||||
HibernateJpaVendorAdapter vendorAdapter = new HibernateJpaVendorAdapter();
|
||||
vendorAdapter.setShowSql(true);
|
||||
return vendorAdapter;
|
||||
}
|
||||
|
||||
/**
|
||||
* Configures a session factory bean that in turn configures the hibernate session factory.
|
||||
* Enables auto scanning of annotations such that entities do not need to be registered in a
|
||||
* hibernate configuration file.
|
||||
*
|
||||
* @return Entity Manager
|
||||
*/
|
||||
@Bean
|
||||
public EntityManagerFactory entityManagerFactory() {
|
||||
LocalContainerEntityManagerFactoryBean entityManagerFactoryBean
|
||||
= new LocalContainerEntityManagerFactoryBean();
|
||||
entityManagerFactoryBean.setJpaVendorAdapter(vendorAdaptor());
|
||||
entityManagerFactoryBean.setDataSource(dataSource());
|
||||
entityManagerFactoryBean.setPersistenceProviderClass(HibernatePersistenceProvider.class);
|
||||
entityManagerFactoryBean.setPackagesToScan("hirs");
|
||||
entityManagerFactoryBean.setJpaProperties(hibernateProperties());
|
||||
|
||||
return entityManagerFactoryBean.getObject();
|
||||
}
|
||||
|
||||
private Map<String, String> getSettings() {
|
||||
Map<String, String> settings = new HashMap<>();
|
||||
settings.put("connection.driver_class",
|
||||
environment.getRequiredProperty("persistence.db.driverClass"));
|
||||
settings.put("dialect", environment.getRequiredProperty("persistence.hibernate.dialect"));
|
||||
settings.put("hibernate.connection.url",
|
||||
environment.getRequiredProperty("persistence.db.url"));
|
||||
settings.put("hibernate.connection.username",
|
||||
environment.getRequiredProperty("persistence.db.username"));
|
||||
settings.put("hibernate.connection.password",
|
||||
environment.getRequiredProperty("persistence.db.password"));
|
||||
// settings.put("hibernate.current_session_context_class", );
|
||||
settings.put("hibernate.show_sql", environment.getRequiredProperty("hibernate.show_sql"));
|
||||
settings.put("hibernate.format_sql",
|
||||
environment.getRequiredProperty("hibernate.format_sql"));
|
||||
return settings;
|
||||
}
|
||||
|
||||
/**
|
||||
* Configures the data source to be used by the hibernate session factory.
|
||||
*
|
||||
* @return configured data source
|
||||
*/
|
||||
@Bean(destroyMethod = "close")
|
||||
public DataSource dataSource() {
|
||||
DriverManagerDataSource dataSource = new DriverManagerDataSource();
|
||||
dataSource.setUrl(
|
||||
environment.getRequiredProperty("persistence.db.url"));
|
||||
dataSource.setUsername(
|
||||
environment.getRequiredProperty("persistence.db.username"));
|
||||
dataSource.setPassword(
|
||||
environment.getRequiredProperty("persistence.db.password"));
|
||||
dataSource.setDriverClassName(
|
||||
environment.getRequiredProperty("persistence.db.driverClass"));
|
||||
|
||||
// dataSource.setMaximumPoolSize(Integer.parseInt(environment
|
||||
// .getRequiredProperty("persistence.db.maximumPoolSize"));
|
||||
// dataSource.setConnectionTimeout(Long.parseLong(environment.
|
||||
// getRequiredProperty("persistence.db.connectionTimeout"));
|
||||
// dataSource.setLeakDetectionThreshold(Long.parseLong(environment
|
||||
// .getRequiredProperty("persistence.db.leakDetectionThreshold"));
|
||||
|
||||
return dataSource;
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates properties using configuration file that will be used to configure the session
|
||||
* factory.
|
||||
*
|
||||
* @return properties for hibernate session factory
|
||||
*/
|
||||
@Bean
|
||||
public Properties hibernateProperties() {
|
||||
Properties properties = new Properties();
|
||||
// properties.put("hibernate.dialect",
|
||||
// environment.getRequiredProperty("persistence.hibernate.dialect"));
|
||||
// properties.put("hibernate.show_sql",
|
||||
// environment.getRequiredProperty("hibernate.show_sql"));
|
||||
// properties.put("hibernate.format_sql",
|
||||
// environment.getRequiredProperty("hibernate.format_sql"));
|
||||
properties.put("hibernate.hbm2ddl.auto",
|
||||
environment.getRequiredProperty("persistence.hibernate.ddl"));
|
||||
// properties.put("hibernate.current_session_context_class", "thread");
|
||||
return properties;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the {@link PrivateKey} of the ACA
|
||||
*/
|
||||
@Bean
|
||||
public PrivateKey privateKey() {
|
||||
// obtain the key store
|
||||
KeyStore keyStore = keyStore();
|
||||
|
||||
try {
|
||||
|
||||
// load the key from the key store
|
||||
PrivateKey acaKey = (PrivateKey) keyStore.getKey("aca.keyStore.alias",
|
||||
environment.getRequiredProperty("aca.keyStore.password").toCharArray());
|
||||
|
||||
// break early if the certificate is not available.
|
||||
if (acaKey == null) {
|
||||
throw new BeanInitializationException(String.format("Key with alias "
|
||||
+ "%s was not in KeyStore %s. Ensure that the KeyStore has the "
|
||||
+ "specified certificate. ",
|
||||
environment.getRequiredProperty("aca.keyStore.alias"),
|
||||
environment.getRequiredProperty("aca.keyStore.location")));
|
||||
}
|
||||
return acaKey;
|
||||
} catch (Exception e) {
|
||||
throw new BeanInitializationException("Encountered error loading ACA private key "
|
||||
+ "from key store: " + e.getMessage(), e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Bean holding the maximum retry attempts for a DB transaction.
|
||||
* @return the maximum retry count
|
||||
*/
|
||||
@Bean(name = "maxTransactionRetryAttempts")
|
||||
public int maxTransactionRetryAttempts() {
|
||||
return environment.getRequiredProperty("persistence.db.maxTransactionRetryAttempts",
|
||||
Integer.class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Bean holding the time to wait until retrying a failed transaction.
|
||||
* @return the wait time, in milliseconds
|
||||
*/
|
||||
@Bean(name = "retryWaitTimeMilliseconds")
|
||||
public long retryWaitTimeMilliseconds() {
|
||||
return environment.getRequiredProperty("persistence.db.retryWaitTimeMilliseconds",
|
||||
Long.class);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the {@link X509Certificate} of the ACA
|
||||
*/
|
||||
@Bean
|
||||
public X509Certificate acaCertificate() {
|
||||
KeyStore keyStore = keyStore();
|
||||
|
||||
try {
|
||||
X509Certificate acaCertificate = (X509Certificate) keyStore.getCertificate(
|
||||
environment.getRequiredProperty("aca.keyStore.alias"));
|
||||
|
||||
// break early if the certificate is not available.
|
||||
if (acaCertificate == null) {
|
||||
throw new BeanInitializationException(String.format("Certificate with alias "
|
||||
+ "%s was not in KeyStore %s. Ensure that the KeyStore has the "
|
||||
+ "specified certificate. ",
|
||||
environment.getRequiredProperty("aca.keyStore.alias"),
|
||||
environment.getRequiredProperty("aca.keyStore.location")));
|
||||
}
|
||||
|
||||
return acaCertificate;
|
||||
} catch (KeyStoreException e) {
|
||||
throw new BeanInitializationException("Encountered error loading ACA certificate "
|
||||
+ "from key store: " + e.getMessage(), e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the {@link java.security.KeyStore} that contains the certificates
|
||||
* for the ACA.
|
||||
*/
|
||||
@Bean
|
||||
public KeyStore keyStore() {
|
||||
Path keyStorePath = Paths.get(environment.getRequiredProperty("aca.keyStore.location"));
|
||||
|
||||
// attempt to open the key store. if that fails, log a meaningful message before failing.
|
||||
try {
|
||||
KeyStore keyStore = KeyStore.getInstance("JKS");
|
||||
keyStore.load(Files.newInputStream(keyStorePath),
|
||||
environment.getRequiredProperty("aca.keyStore.password").toCharArray());
|
||||
return keyStore;
|
||||
} catch (Exception e) {
|
||||
LOG.error(String.format(
|
||||
"Encountered error while loading ACA key store. The most common issue is "
|
||||
+ "that configured password does not work on the configured key"
|
||||
+ " store %s.", keyStorePath));
|
||||
LOG.error(String.format("Exception message: %s", e.getMessage()));
|
||||
throw new BeanInitializationException(e.getMessage(), e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Prototyped {@link StructConverter}. In other words, all instances
|
||||
* returned by this method will be configured identically, but subsequent
|
||||
* invocations will return a new instance.
|
||||
*
|
||||
* @return ready to use {@link StructConverter}.
|
||||
*/
|
||||
@Bean
|
||||
@Scope("prototype")
|
||||
public static StructConverter structConverter() {
|
||||
return new SimpleStructConverter();
|
||||
}
|
||||
|
||||
|
||||
}
|
@ -1,11 +1,11 @@
|
||||
package hirs.attestationca;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.service.CertificateService;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
@ -24,16 +24,16 @@ public final class CredentialManagementHelper {
|
||||
/**
|
||||
* Parses and stores the EK in the cert manager. If the cert is already present and archived,
|
||||
* it is unarchived.
|
||||
* @param certificateManager the certificate manager used for storage
|
||||
* @param certificateService the certificate service used for storage
|
||||
* @param endorsementBytes the raw EK bytes used for parsing
|
||||
* @return the parsed, valid EK
|
||||
* @throws IllegalArgumentException if the provided bytes are not a valid EK.
|
||||
*/
|
||||
public static EndorsementCredential storeEndorsementCredential(
|
||||
final CertificateManager certificateManager,
|
||||
final CertificateService certificateService,
|
||||
final byte[] endorsementBytes) throws IllegalArgumentException {
|
||||
|
||||
if (certificateManager == null) {
|
||||
if (certificateService == null) {
|
||||
throw new IllegalArgumentException("null certificate manager");
|
||||
}
|
||||
|
||||
@ -60,17 +60,19 @@ public final class CredentialManagementHelper {
|
||||
}
|
||||
int certificateHash = endorsementCredential.getCertificateHash();
|
||||
EndorsementCredential existingCredential =
|
||||
EndorsementCredential.select(certificateManager).includeArchived()
|
||||
EndorsementCredential.select(certificateService).includeArchived()
|
||||
.byHashCode(certificateHash).getCertificate();
|
||||
if (existingCredential == null) {
|
||||
LOG.info("No Endorsement Credential found with hash: " + certificateHash);
|
||||
return (EndorsementCredential) certificateManager.save(endorsementCredential);
|
||||
return (EndorsementCredential) certificateService
|
||||
.saveCertificate(endorsementCredential);
|
||||
} else if (existingCredential.isArchived()) {
|
||||
// if the EK is stored in the DB and it's archived, unarchive.
|
||||
LOG.info("Unarchiving credential");
|
||||
existingCredential.restore();
|
||||
existingCredential.resetCreateTime();
|
||||
certificateManager.update(existingCredential);
|
||||
certificateService.updateCertificate(existingCredential,
|
||||
existingCredential.getId());
|
||||
}
|
||||
return existingCredential;
|
||||
}
|
||||
@ -78,15 +80,15 @@ public final class CredentialManagementHelper {
|
||||
/**
|
||||
* Parses and stores the PC in the cert manager. If the cert is already present and archived,
|
||||
* it is unarchived.
|
||||
* @param certificateManager the certificate manager used for storage
|
||||
* @param certificateService the certificate service used for storage
|
||||
* @param platformBytes the raw PC bytes used for parsing
|
||||
* @return the parsed, valid PC, or null if the provided bytes are not a valid EK.
|
||||
*/
|
||||
public static PlatformCredential storePlatformCredential(
|
||||
final CertificateManager certificateManager,
|
||||
final CertificateService certificateService,
|
||||
final byte[] platformBytes) {
|
||||
|
||||
if (certificateManager == null) {
|
||||
if (certificateService == null) {
|
||||
throw new IllegalArgumentException("null certificate manager");
|
||||
}
|
||||
|
||||
@ -108,7 +110,7 @@ public final class CredentialManagementHelper {
|
||||
return null;
|
||||
}
|
||||
PlatformCredential existingCredential =
|
||||
PlatformCredential.select(certificateManager)
|
||||
PlatformCredential.select(certificateService)
|
||||
.includeArchived()
|
||||
.byHashCode(platformCredential
|
||||
.getCertificateHash())
|
||||
@ -116,7 +118,7 @@ public final class CredentialManagementHelper {
|
||||
if (existingCredential == null) {
|
||||
if (platformCredential.getPlatformSerial() != null) {
|
||||
List<PlatformCredential> certificates = PlatformCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.byBoardSerialNumber(platformCredential.getPlatformSerial())
|
||||
.getCertificates().stream().collect(Collectors.toList());
|
||||
if (!certificates.isEmpty()) {
|
||||
@ -134,12 +136,14 @@ public final class CredentialManagementHelper {
|
||||
}
|
||||
}
|
||||
}
|
||||
return (PlatformCredential) certificateManager.save(platformCredential);
|
||||
return (PlatformCredential) certificateService
|
||||
.saveCertificate(platformCredential);
|
||||
} else if (existingCredential.isArchived()) {
|
||||
// if the PC is stored in the DB and it's archived, unarchive.
|
||||
LOG.info("Unarchiving credential");
|
||||
existingCredential.restore();
|
||||
certificateManager.update(existingCredential);
|
||||
certificateService.updateCertificate(existingCredential,
|
||||
existingCredential.getId());
|
||||
return existingCredential;
|
||||
}
|
||||
|
||||
|
@ -1,16 +1,14 @@
|
||||
package hirs.attestationca;
|
||||
|
||||
import org.hibernate.SessionFactory;
|
||||
import hirs.attestationca.service.AppraiserServiceImpl;
|
||||
import hirs.attestationca.service.PolicyServiceImpl;
|
||||
import hirs.utils.HIRSProfiles;
|
||||
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
|
||||
import org.springframework.orm.hibernate4.LocalSessionFactoryBean;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.EntityManagerFactory;
|
||||
import javax.servlet.ServletContextEvent;
|
||||
import javax.servlet.ServletContextListener;
|
||||
import hirs.persist.DBAppraiserManager;
|
||||
import hirs.persist.DBDeviceGroupManager;
|
||||
import hirs.persist.DBPolicyManager;
|
||||
import hirs.persist.PersistenceConfiguration;
|
||||
import hirs.utils.HIRSProfiles;
|
||||
|
||||
/**
|
||||
* Simply holds a contextInitialized method which will be called when the web app starts.
|
||||
@ -22,15 +20,14 @@ public class InitializationListener implements ServletContextListener {
|
||||
context.getEnvironment().addActiveProfile(HIRSProfiles.SERVER);
|
||||
|
||||
// register the database configuration and refresh the context
|
||||
context.register(PersistenceConfiguration.class);
|
||||
context.register(AttestationCertificateAuthorityConfiguration.class);
|
||||
context.refresh();
|
||||
|
||||
// obtain reference to hibernate session factory
|
||||
SessionFactory sessionFactory = context.getBean(LocalSessionFactoryBean.class).getObject();
|
||||
AcaDbInit.insertDefaultEntries(
|
||||
new DBAppraiserManager(sessionFactory),
|
||||
new DBDeviceGroupManager(sessionFactory),
|
||||
new DBPolicyManager(sessionFactory)
|
||||
EntityManager entityManager = context.getBean(EntityManagerFactory.class)
|
||||
.createEntityManager();
|
||||
AcaDbInit.insertDefaultEntries(new AppraiserServiceImpl(entityManager),
|
||||
new PolicyServiceImpl()
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -0,0 +1,179 @@
|
||||
package hirs.attestationca;
|
||||
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.appraiser.AppraiserPlugin;
|
||||
import hirs.appraiser.AppraiserPluginManager;
|
||||
import hirs.appraiser.DeviceInfoAppraiser;
|
||||
import hirs.appraiser.IMAAppraiser;
|
||||
import hirs.appraiser.TPMAppraiser;
|
||||
import hirs.attestationca.configuration.PersistenceConfiguration;
|
||||
import hirs.attestationca.service.AppraiserServiceImpl;
|
||||
import hirs.attestationca.service.PolicyServiceImpl;
|
||||
import hirs.data.persist.policy.HIRSPolicy;
|
||||
import hirs.data.persist.policy.Policy;
|
||||
import hirs.data.persist.policy.TPMPolicy;
|
||||
import hirs.utils.HIRSProfiles;
|
||||
import hirs.utils.SpringContextProvider;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
|
||||
import org.springframework.context.annotation.ClassPathBeanDefinitionScanner;
|
||||
import org.springframework.core.type.filter.AssignableTypeFilter;
|
||||
import org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean;
|
||||
|
||||
import javax.persistence.EntityManagerFactory;
|
||||
import java.util.Collection;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* This class initializes the system for appraisals. This stores the requisite items in the database
|
||||
* to ensure that an appraisal can happen. For example, the system requires that a set of
|
||||
* <code>Appraiser</code>s be defined in the database. This class will initialize the set of
|
||||
* <code>Appraiser</code>s.
|
||||
*/
|
||||
public final class SystemInit {
|
||||
|
||||
private static final Logger LOGGER = LogManager.getLogger(SystemInit.class);
|
||||
private static final int ALL_MASK = 0xFFFFFF;
|
||||
private static final int NONE_MASK = 0x000000;
|
||||
|
||||
private static final String TPM_POLICY_NAME = "Test TPM Policy";
|
||||
|
||||
private SystemInit() {
|
||||
/* do nothing */
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializes the system by creating a new <code>IMAAppraiser</code> and storing it in the
|
||||
* database.
|
||||
* <p>
|
||||
* This method is currently available for command line use, but is not used within the project.
|
||||
*
|
||||
* @param args not used
|
||||
*/
|
||||
@SuppressWarnings("checkstyle:methodlength")
|
||||
public static void main(final String[] args) {
|
||||
LOGGER.info("Seeding database with initial entries...");
|
||||
// construct application context
|
||||
AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext();
|
||||
context.getEnvironment().addActiveProfile(HIRSProfiles.SERVER);
|
||||
|
||||
// create class path scanner for discovering appraiser plugins
|
||||
ClassPathBeanDefinitionScanner scanner = new ClassPathBeanDefinitionScanner(context, false);
|
||||
scanner.addIncludeFilter(new AssignableTypeFilter(AppraiserPlugin.class));
|
||||
scanner.addIncludeFilter(new AssignableTypeFilter(SpringContextProvider.class));
|
||||
scanner.addIncludeFilter(new AssignableTypeFilter(AppraiserPluginManager.class));
|
||||
|
||||
// scan for appraiser plugins
|
||||
int registeredBeanCount = scanner.scan("hirs");
|
||||
System.out.println("Beans scanned " + registeredBeanCount);
|
||||
LOGGER.info("Beans scanned: " + registeredBeanCount);
|
||||
|
||||
// register the database configuration and refresh the context
|
||||
context.register(PersistenceConfiguration.class);
|
||||
context.refresh();
|
||||
|
||||
// obtain reference to hibernate Entity Manager
|
||||
EntityManagerFactory entityManagerFactory
|
||||
= context.getBean(LocalContainerEntityManagerFactoryBean.class).getObject();
|
||||
|
||||
// initialize the managers for this initialization process
|
||||
AppraiserServiceImpl appraiserServiceImpl = new AppraiserServiceImpl(
|
||||
entityManagerFactory.createEntityManager());
|
||||
PolicyServiceImpl policyServiceImpl = new PolicyServiceImpl();
|
||||
|
||||
|
||||
LOGGER.info("Checking for DeviceInfo appraiser...");
|
||||
DeviceInfoAppraiser deviceInfoAppraiser = (DeviceInfoAppraiser)
|
||||
appraiserServiceImpl.getAppraiser(DeviceInfoAppraiser.NAME);
|
||||
if (deviceInfoAppraiser == null) {
|
||||
LOGGER.info("DeviceInfo appraiser not found; creating...");
|
||||
appraiserServiceImpl.saveAppraiser(new DeviceInfoAppraiser());
|
||||
} else {
|
||||
LOGGER.info("DeviceInfo appraiser found.");
|
||||
}
|
||||
|
||||
LOGGER.info("Checking for TPM appraiser...");
|
||||
TPMAppraiser tpmApp = (TPMAppraiser) appraiserServiceImpl.getAppraiser(TPMAppraiser.NAME);
|
||||
if (tpmApp == null) {
|
||||
LOGGER.info("TPM appraiser not found; creating...");
|
||||
tpmApp = (TPMAppraiser) appraiserServiceImpl.saveAppraiser(new TPMAppraiser());
|
||||
} else {
|
||||
LOGGER.info("TPM appraiser found.");
|
||||
}
|
||||
|
||||
// build up required appraisers set
|
||||
Set<Class<? extends Appraiser>> requiredAppraisers = new HashSet<>();
|
||||
requiredAppraisers.add(DeviceInfoAppraiser.class);
|
||||
requiredAppraisers.add(TPMAppraiser.class);
|
||||
requiredAppraisers.add(IMAAppraiser.class);
|
||||
|
||||
// obtain plugins from the context
|
||||
Collection<AppraiserPlugin> appraiserPlugins =
|
||||
context.getBeansOfType(AppraiserPlugin.class).values();
|
||||
|
||||
LOGGER.info("Total Appraiser Plugins: " + appraiserPlugins.size());
|
||||
System.out.println("Total Appraiser Plugins: " + appraiserPlugins.size());
|
||||
|
||||
// merge the appraiser plugins with the hirs policy appraisers
|
||||
for (AppraiserPlugin appraiserPlugin : appraiserPlugins) {
|
||||
// add in appraiser plugin to required appraisers list
|
||||
requiredAppraisers.add(appraiserPlugin.getClass());
|
||||
|
||||
LOGGER.info("Checking for plugin appraiser {}...", appraiserPlugin);
|
||||
Appraiser storedAppraiser = appraiserServiceImpl
|
||||
.getAppraiser(appraiserPlugin.getName());
|
||||
if (storedAppraiser == null) {
|
||||
LOGGER.info("Saving plugin appraiser {}...", appraiserPlugin);
|
||||
storedAppraiser = appraiserServiceImpl.saveAppraiser(appraiserPlugin);
|
||||
} else {
|
||||
LOGGER.info("Found plugin appraiser {}.", appraiserPlugin);
|
||||
}
|
||||
|
||||
Policy policy = appraiserPlugin.getDefaultPolicy();
|
||||
if (policy != null) {
|
||||
LOGGER.info("Saving plugin appraiser's default policy: {}", policy);
|
||||
policy = policyServiceImpl.savePolicy(policy);
|
||||
policyServiceImpl.setDefaultPolicy(storedAppraiser, policy);
|
||||
}
|
||||
}
|
||||
|
||||
// create HIRS policy
|
||||
LOGGER.info("Checking for HIRS policy...");
|
||||
HIRSPolicy hirsPolicy = (HIRSPolicy) policyServiceImpl.getPolicyByName(
|
||||
HIRSPolicy.DEFAULT_HIRS_POLICY_NAME
|
||||
);
|
||||
if (hirsPolicy == null) {
|
||||
LOGGER.info(
|
||||
"HIRS policy not found; saving with required appraisers: {}",
|
||||
requiredAppraisers
|
||||
);
|
||||
hirsPolicy = new HIRSPolicy(HIRSPolicy.DEFAULT_HIRS_POLICY_NAME);
|
||||
hirsPolicy.setRequiredAppraisers(requiredAppraisers);
|
||||
|
||||
// initialize the default policy
|
||||
policyServiceImpl.savePolicy(hirsPolicy);
|
||||
} else {
|
||||
LOGGER.info("HIRS policy found.");
|
||||
}
|
||||
|
||||
// initiate the default tpm policy
|
||||
LOGGER.info("Checking for TPM policy...");
|
||||
TPMPolicy tpmPolicy = (TPMPolicy) policyServiceImpl.getPolicyByName(TPM_POLICY_NAME);
|
||||
if (tpmPolicy == null) {
|
||||
LOGGER.info("TPM policy not found, creating...");
|
||||
tpmPolicy = new TPMPolicy(TPM_POLICY_NAME);
|
||||
tpmPolicy.setAppraiseFullReport(true);
|
||||
tpmPolicy.setAppraisePcrMask(NONE_MASK);
|
||||
tpmPolicy.setDefaultPcrAppraisalValues();
|
||||
tpmPolicy.setReportPcrMask(ALL_MASK);
|
||||
tpmPolicy = (TPMPolicy) policyServiceImpl.savePolicy(tpmPolicy);
|
||||
policyServiceImpl.setDefaultPolicy(tpmApp, tpmPolicy);
|
||||
} else {
|
||||
LOGGER.info("TPM policy found.");
|
||||
}
|
||||
|
||||
LOGGER.info("Complete.");
|
||||
}
|
||||
}
|
@ -1,290 +0,0 @@
|
||||
package hirs.attestationca.configuration;
|
||||
|
||||
import hirs.persist.DBDeviceGroupManager;
|
||||
import hirs.persist.DBDeviceManager;
|
||||
import hirs.persist.DBReferenceDigestManager;
|
||||
import hirs.persist.DBReferenceEventManager;
|
||||
import hirs.persist.DBReferenceManifestManager;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.persist.HibernateConfiguration;
|
||||
import hirs.persist.ReferenceDigestManager;
|
||||
import hirs.persist.ReferenceEventManager;
|
||||
import hirs.persist.ReferenceManifestManager;
|
||||
import hirs.structs.converters.SimpleStructConverter;
|
||||
import hirs.structs.converters.StructConverter;
|
||||
import hirs.utils.LogConfigurationUtil;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.springframework.beans.factory.BeanInitializationException;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.context.annotation.PropertySource;
|
||||
import org.springframework.context.annotation.PropertySources;
|
||||
import org.springframework.context.annotation.Scope;
|
||||
import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
|
||||
import org.springframework.core.env.Environment;
|
||||
import org.springframework.orm.hibernate4.LocalSessionFactoryBean;
|
||||
import org.springframework.web.servlet.config.annotation.DefaultServletHandlerConfigurer;
|
||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
import java.io.IOException;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
import java.security.KeyStore;
|
||||
import java.security.KeyStoreException;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.Security;
|
||||
import java.security.cert.X509Certificate;
|
||||
|
||||
/**
|
||||
* Provides application context configuration for the Attestation Certificate
|
||||
* Authority application. The properties are processed in order and as such, the
|
||||
* last property file read in will override properties that may had already been
|
||||
* defined previously. In other words, the 'defaults.properties' file provides a
|
||||
* basic standard of properties that can be overrode by the
|
||||
*/
|
||||
@Configuration
|
||||
@PropertySources({
|
||||
@PropertySource(value = "classpath:defaults.properties"),
|
||||
|
||||
// detects if file exists, if not, ignore errors
|
||||
@PropertySource(value = "file:/etc/hirs/aca/aca.properties",
|
||||
ignoreResourceNotFound = true)
|
||||
})
|
||||
@ComponentScan({ "hirs.attestationca", "hirs.attestationca.service", "hirs.attestationca.rest",
|
||||
"hirs.validation", "hirs.data.service" })
|
||||
@Import(HibernateConfiguration.class)
|
||||
@EnableWebMvc
|
||||
public class AttestationCertificateAuthorityConfiguration extends WebMvcConfigurerAdapter {
|
||||
|
||||
private static final Logger LOG
|
||||
= LogManager.getLogger(AttestationCertificateAuthorityConfiguration.class);
|
||||
|
||||
static {
|
||||
try {
|
||||
LogConfigurationUtil.applyConfiguration();
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
private static final String CLIENT_FILES_PATH = "file:/etc/hirs/aca/client-files/";
|
||||
|
||||
@Value("${aca.directories.certificates}")
|
||||
private String certificatesLocation;
|
||||
|
||||
@Value("${aca.keyStore.location}")
|
||||
private String keyStoreLocation;
|
||||
|
||||
@Value("${aca.keyStore.password:''}")
|
||||
private String keyStorePassword;
|
||||
|
||||
@Value("${aca.keyStore.alias}")
|
||||
private String keyAlias;
|
||||
|
||||
@Autowired
|
||||
private Environment environment;
|
||||
|
||||
@Autowired
|
||||
private LocalSessionFactoryBean sessionFactory;
|
||||
|
||||
/**
|
||||
* @return bean to resolve injected annotation.Value property expressions
|
||||
* for beans.
|
||||
*/
|
||||
@Bean
|
||||
public static PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer() {
|
||||
return new PropertySourcesPlaceholderConfigurer();
|
||||
}
|
||||
|
||||
/**
|
||||
* Initialization of the ACA. Detects environment and runs configuration
|
||||
* methods as required. This method is intended to be invoked by the Spring
|
||||
* application context.
|
||||
*/
|
||||
@PostConstruct
|
||||
void initialize() {
|
||||
|
||||
// ensure that Bouncy Castle is registered as a security provider
|
||||
Security.addProvider(new BouncyCastleProvider());
|
||||
|
||||
// obtain path to ACA configuration
|
||||
Path certificatesPath = Paths.get(certificatesLocation);
|
||||
|
||||
// create base directories if they do not exist
|
||||
try {
|
||||
Files.createDirectories(certificatesPath);
|
||||
} catch (IOException e) {
|
||||
throw new BeanInitializationException(
|
||||
"Encountered error while initializing ACA directories: " + e.getMessage(), e);
|
||||
}
|
||||
|
||||
// create the ACA key store if it doesn't exist
|
||||
Path keyStorePath = Paths.get(keyStoreLocation);
|
||||
if (!Files.exists(keyStorePath)) {
|
||||
throw new IllegalStateException(
|
||||
String.format("ACA Key Store not found at %s. Consult the HIRS User "
|
||||
+ "Guide for ACA installation instructions.", keyStoreLocation));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the {@link PrivateKey} of the ACA
|
||||
*/
|
||||
@Bean
|
||||
public PrivateKey privateKey() {
|
||||
|
||||
// obtain the key store
|
||||
KeyStore keyStore = keyStore();
|
||||
|
||||
try {
|
||||
|
||||
// load the key from the key store
|
||||
PrivateKey acaKey = (PrivateKey) keyStore.getKey(keyAlias,
|
||||
keyStorePassword.toCharArray());
|
||||
|
||||
// break early if the certificate is not available.
|
||||
if (acaKey == null) {
|
||||
throw new BeanInitializationException(String.format("Key with alias "
|
||||
+ "%s was not in KeyStore %s. Ensure that the KeyStore has the "
|
||||
+ "specified certificate. ", keyAlias, keyStoreLocation));
|
||||
}
|
||||
return acaKey;
|
||||
} catch (Exception e) {
|
||||
throw new BeanInitializationException("Encountered error loading ACA private key "
|
||||
+ "from key store: " + e.getMessage(), e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the {@link X509Certificate} of the ACA
|
||||
*/
|
||||
@Bean
|
||||
public X509Certificate acaCertificate() {
|
||||
KeyStore keyStore = keyStore();
|
||||
|
||||
try {
|
||||
X509Certificate acaCertificate = (X509Certificate) keyStore.getCertificate(keyAlias);
|
||||
|
||||
// break early if the certificate is not available.
|
||||
if (acaCertificate == null) {
|
||||
throw new BeanInitializationException(String.format("Certificate with alias "
|
||||
+ "%s was not in KeyStore %s. Ensure that the KeyStore has the "
|
||||
+ "specified certificate. ", keyAlias, keyStoreLocation));
|
||||
}
|
||||
|
||||
return acaCertificate;
|
||||
} catch (KeyStoreException e) {
|
||||
throw new BeanInitializationException("Encountered error loading ACA certificate "
|
||||
+ "from key store: " + e.getMessage(), e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the {@link java.security.KeyStore} that contains the certificates
|
||||
* for the ACA.
|
||||
*/
|
||||
@Bean
|
||||
public KeyStore keyStore() {
|
||||
Path keyStorePath = Paths.get(keyStoreLocation);
|
||||
|
||||
// attempt to open the key store. if that fails, log a meaningful message before failing.
|
||||
try {
|
||||
KeyStore keyStore = KeyStore.getInstance("JKS");
|
||||
keyStore.load(Files.newInputStream(keyStorePath), keyStorePassword.toCharArray());
|
||||
return keyStore;
|
||||
} catch (Exception e) {
|
||||
LOG.error(String.format(
|
||||
"Encountered error while loading ACA key store. The most common issue is "
|
||||
+ "that configured password does not work on the configured key"
|
||||
+ " store %s.", keyStorePath));
|
||||
LOG.error(String.format("Exception message: %s", e.getMessage()));
|
||||
throw new BeanInitializationException(e.getMessage(), e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Prototyped {@link StructConverter}. In other words, all instances
|
||||
* returned by this method will be configured identically, but subsequent
|
||||
* invocations will return a new instance.
|
||||
*
|
||||
* @return ready to use {@link StructConverter}.
|
||||
*/
|
||||
@Bean
|
||||
@Scope("prototype")
|
||||
public static StructConverter structConverter() {
|
||||
return new SimpleStructConverter();
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link DeviceGroupManager} ready to use.
|
||||
*
|
||||
* @return {@link DeviceGroupManager}
|
||||
*/
|
||||
@Bean
|
||||
public DeviceGroupManager deviceGroupManager() {
|
||||
return new DBDeviceGroupManager(sessionFactory.getObject());
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link DeviceManager} ready to use.
|
||||
*
|
||||
* @return {@link DeviceManager}
|
||||
*/
|
||||
@Bean
|
||||
public DeviceManager deviceManager() {
|
||||
return new DBDeviceManager(sessionFactory.getObject());
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link ReferenceManifestManager} ready to use.
|
||||
*
|
||||
* @return {@link ReferenceManifestManager}
|
||||
*/
|
||||
@Bean
|
||||
public ReferenceManifestManager referenceManifestManager() {
|
||||
return new DBReferenceManifestManager(sessionFactory.getObject());
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link ReferenceDigestManager} ready to use.
|
||||
*
|
||||
* @return {@link ReferenceDigestManager}
|
||||
*/
|
||||
@Bean
|
||||
public ReferenceDigestManager referenceDigestManager() {
|
||||
return new DBReferenceDigestManager(sessionFactory.getObject());
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link ReferenceEventManager} ready to use.
|
||||
*
|
||||
* @return {@link ReferenceEventManager}
|
||||
*/
|
||||
@Bean
|
||||
public ReferenceEventManager referenceEventManager() {
|
||||
return new DBReferenceEventManager(sessionFactory.getObject());
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addResourceHandlers(final ResourceHandlerRegistry resourceHandlerRegistry) {
|
||||
resourceHandlerRegistry.addResourceHandler("/client-files/**")
|
||||
.addResourceLocations(CLIENT_FILES_PATH);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void configureDefaultServletHandling(final DefaultServletHandlerConfigurer configurer) {
|
||||
configurer.enable();
|
||||
}
|
||||
|
||||
}
|
@ -1,6 +1,6 @@
|
||||
package hirs.utils;
|
||||
package hirs.attestationca.configuration;
|
||||
|
||||
import org.hibernate.dialect.MySQL5InnoDBDialect;
|
||||
import org.hibernate.dialect.MySQLDialect;
|
||||
|
||||
/**
|
||||
* This class is a shim on top of the standard MySQL5InnoDBDialect to set the row format
|
||||
@ -24,7 +24,7 @@ import org.hibernate.dialect.MySQL5InnoDBDialect;
|
||||
* https://dev.mysql.com/doc/refman/5.7/en/innodb-row-format-dynamic.html
|
||||
* https://dev.mysql.com/doc/refman/5.5/en/innodb-restrictions.html
|
||||
*/
|
||||
public class MySqlUtf8CompatibleDialect extends MySQL5InnoDBDialect {
|
||||
public class MySqlUtf8CompatibleDialect extends MySQLDialect {
|
||||
/**
|
||||
* Returns the table 'type' string, which specifies the storage engine (via the
|
||||
* super call) and appends the desired row format.
|
@ -0,0 +1,139 @@
|
||||
package hirs.attestationca.configuration;
|
||||
|
||||
import hirs.attestationca.AttestationCertificateAuthorityConfiguration;
|
||||
import hirs.attestationca.service.CertificateServiceImpl;
|
||||
import hirs.attestationca.service.DbServiceImpl;
|
||||
import hirs.attestationca.service.DeviceServiceImpl;
|
||||
import hirs.attestationca.service.PolicyServiceImpl;
|
||||
import hirs.attestationca.service.ReferenceDigestValueServiceImpl;
|
||||
import hirs.attestationca.service.ReferenceManifestServiceImpl;
|
||||
import hirs.persist.service.CertificateService;
|
||||
import hirs.persist.service.DeviceService;
|
||||
import hirs.persist.service.PolicyService;
|
||||
import hirs.persist.service.ReferenceDigestValueService;
|
||||
import hirs.persist.service.ReferenceManifestService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.EntityManagerFactory;
|
||||
import javax.persistence.PersistenceContext;
|
||||
|
||||
/**
|
||||
* Persistence Configuration for Spring enabled applications. Constructs a Hibernate SessionFactory
|
||||
* backed powered by a HikariCP connection pooled data source. Module-specific settings
|
||||
* need to be set in the persistence-extended.properties file on the classpath. If another module
|
||||
* such as the HIRS_Portal uses this class and doesn't have a persistence-extended.properties
|
||||
* file, the default persistence file will be used instead.
|
||||
*/
|
||||
@Configuration
|
||||
@EnableJpaRepositories("hirs.attestationca.service")
|
||||
@ComponentScan(basePackages = "hirs.data.persist")
|
||||
@Import({ AttestationCertificateAuthorityConfiguration.class })
|
||||
public class PersistenceConfiguration {
|
||||
|
||||
/**
|
||||
* The bean name to retrieve the default/general implementation of {@link }.
|
||||
*/
|
||||
public static final String DEVICE_STATE_MANAGER_BEAN_NAME = "general_db_man_bean";
|
||||
|
||||
@Autowired
|
||||
private EntityManagerFactory entityManagerFactory;
|
||||
|
||||
@PersistenceContext
|
||||
private EntityManager entityManager = entityManagerFactory.createEntityManager();
|
||||
|
||||
@Autowired
|
||||
private long retryWaitTimeMilliseconds;
|
||||
|
||||
@Autowired
|
||||
private int maxTransactionRetryAttempts;
|
||||
|
||||
/**
|
||||
* Creates a {@link hirs.persist.service.PolicyService} ready to use.
|
||||
*
|
||||
* @return {@link hirs.persist.service.PolicyService}
|
||||
*/
|
||||
@Bean
|
||||
public PolicyService policyService() {
|
||||
PolicyServiceImpl serviceImpl = new PolicyServiceImpl();
|
||||
setDbServiceRetrySettings(serviceImpl);
|
||||
return serviceImpl;
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link hirs.persist.service.DeviceService} ready to use.
|
||||
*
|
||||
* @return {@link hirs.persist.service.DeviceService}
|
||||
*/
|
||||
@Bean
|
||||
public DeviceService deviceService() {
|
||||
DeviceServiceImpl serviceImpl = new DeviceServiceImpl();
|
||||
setDbServiceRetrySettings(serviceImpl);
|
||||
return serviceImpl;
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link hirs.persist.service.CertificateService} ready to use.
|
||||
*
|
||||
* @return {@link hirs.persist.service.CertificateService}
|
||||
*/
|
||||
@Bean
|
||||
public CertificateService certificateService() {
|
||||
CertificateServiceImpl serviceImpl = new CertificateServiceImpl();
|
||||
setDbServiceRetrySettings(serviceImpl);
|
||||
return serviceImpl;
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link hirs.persist.service.ReferenceManifestService} ready to use.
|
||||
*
|
||||
* @return {@link hirs.persist.service.ReferenceManifestService}
|
||||
*/
|
||||
@Bean
|
||||
public ReferenceManifestService referenceManifestService() {
|
||||
ReferenceManifestServiceImpl serviceImpl
|
||||
= new ReferenceManifestServiceImpl();
|
||||
setDbServiceRetrySettings(serviceImpl);
|
||||
return serviceImpl;
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link hirs.persist.service.ReferenceDigestValueService} ready to use.
|
||||
*
|
||||
* @return {@link hirs.persist.service.ReferenceDigestValueService}
|
||||
*/
|
||||
@Bean
|
||||
public ReferenceDigestValueService referenceEventService() {
|
||||
ReferenceDigestValueServiceImpl serviceImpl
|
||||
= new ReferenceDigestValueServiceImpl();
|
||||
setDbServiceRetrySettings(serviceImpl);
|
||||
return serviceImpl;
|
||||
}
|
||||
//
|
||||
// /**
|
||||
// * Creates a {@link hirs.attestationca.servicemanager.DBManager}
|
||||
// * for SupplyChainValidationSummary persistence, ready for use.
|
||||
// *
|
||||
// * @return {@link hirs.attestationca.servicemanager.DBManager}
|
||||
// */
|
||||
// @Bean
|
||||
// public DbServiceImpl<SupplyChainValidationSummary> supplyChainValidationSummaryManager() {
|
||||
// DbServiceImpl<SupplyChainValidationSummary> serviceImpl
|
||||
// = new DbServiceImpl<SupplyChainValidationSummary>(entityManager);
|
||||
// setDbServiceRetrySettings(serviceImpl);
|
||||
// return serviceImpl;
|
||||
// }
|
||||
|
||||
/**
|
||||
* Apply the spring-wired retry template settings to the db manager.
|
||||
* @param dbServiceImpl the service to apply the retry settings to
|
||||
*/
|
||||
private void setDbServiceRetrySettings(final DbServiceImpl dbServiceImpl) {
|
||||
dbServiceImpl.setRetryTemplate(maxTransactionRetryAttempts, retryWaitTimeMilliseconds);
|
||||
}
|
||||
}
|
@ -0,0 +1,24 @@
|
||||
package hirs.attestationca.repository;
|
||||
|
||||
import hirs.appraiser.Appraiser;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* Setting up for new creation for CRUD operations.
|
||||
*/
|
||||
@Repository
|
||||
public interface AppraiserRepository extends JpaRepository<Appraiser, UUID> {
|
||||
|
||||
/**
|
||||
* Finds a <code>Appraiser</code>.
|
||||
* If the <code>Appraiser</code> is successfully retrieved then a reference to
|
||||
* it is returned.
|
||||
*
|
||||
* @param name the name to search by
|
||||
* @return reference to saved appraiser
|
||||
*/
|
||||
Appraiser findByName(String name);
|
||||
}
|
@ -0,0 +1,14 @@
|
||||
package hirs.attestationca.repository;
|
||||
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* Setting up for new creation for CRUD operations.
|
||||
*/
|
||||
@Repository
|
||||
public interface CertificateRepository extends JpaRepository<Certificate, UUID> {
|
||||
}
|
@ -0,0 +1,25 @@
|
||||
package hirs.attestationca.repository;
|
||||
|
||||
import hirs.data.persist.Device;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
import java.util.UUID;
|
||||
|
||||
|
||||
/**
|
||||
* Setting up for new creation for CRUD operations.
|
||||
*/
|
||||
@Repository
|
||||
public interface DeviceRepository extends JpaRepository<Device, UUID> {
|
||||
|
||||
/**
|
||||
* Finds a <code>Device</code>.
|
||||
* If the <code>Device</code> is successfully retrieved then a reference to
|
||||
* it is returned.
|
||||
*
|
||||
* @param name the name to search by
|
||||
* @return reference to saved Device
|
||||
*/
|
||||
Device findByName(String name);
|
||||
}
|
@ -0,0 +1,34 @@
|
||||
package hirs.attestationca.repository;
|
||||
|
||||
import hirs.data.persist.policy.Policy;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* Setting up for new creation for CRUD operations.
|
||||
* @param <T> super type for Policy child type
|
||||
*/
|
||||
@Repository
|
||||
public interface PolicyRepository<T extends Policy> extends JpaRepository<T, UUID> {
|
||||
|
||||
/**
|
||||
* Saves the <code>Policy</code> in the database. This creates a new
|
||||
* database session and saves the policy.
|
||||
*
|
||||
* @param policy Policy to save
|
||||
* @return reference to saved policy
|
||||
*/
|
||||
T save(T policy);
|
||||
|
||||
/**
|
||||
* Updates a <code>Policy</code>. This updates the database entries to
|
||||
* reflect the new values that should be set.
|
||||
*
|
||||
* @param policy Policy object to save
|
||||
* @param uuid UUID for the database object
|
||||
* @return a Policy object
|
||||
*/
|
||||
T updatePolicy(T policy, UUID uuid);
|
||||
}
|
@ -0,0 +1,40 @@
|
||||
package hirs.attestationca.repository;
|
||||
|
||||
import hirs.data.persist.ReferenceDigestValue;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* Setting up for new creation for CRUD operations.
|
||||
*/
|
||||
@Repository
|
||||
public interface ReferenceDigestValueRepository extends JpaRepository<ReferenceDigestValue, UUID> {
|
||||
|
||||
/**
|
||||
* Persists a new Reference Digest value.
|
||||
*
|
||||
* @param uuid associated with the base rim .
|
||||
* @return the persisted list of ReferenceDigestValue
|
||||
*/
|
||||
List<ReferenceDigestValue> findValuesByBaseRimId(UUID uuid);
|
||||
|
||||
/**
|
||||
* Persists a new Reference Digest value.
|
||||
*
|
||||
* @param uuid associated with the support rim.
|
||||
* @return the persisted list of ReferenceDigestValue
|
||||
*/
|
||||
List<ReferenceDigestValue> findValuesBySupportRimId(UUID uuid);
|
||||
|
||||
/**
|
||||
* List<String> results = session.createCriteria(User.class).add(Projections.projectionList()
|
||||
* .add(Projections.property("id")).add()....).list();
|
||||
*
|
||||
* List<Object[]> result = session.createCriteria(User.class).setProjection(Projections
|
||||
* .projectionList().add(Projections.groupProperty("lastName"))
|
||||
* .add(Projections.rowCount())).list();
|
||||
*/
|
||||
}
|
@ -0,0 +1,25 @@
|
||||
package hirs.attestationca.repository;
|
||||
|
||||
import hirs.data.persist.ReferenceManifest;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* Setting up for new creation for CRUD operations.
|
||||
* @param <T> super type for ReferenceManifest child type
|
||||
*/
|
||||
@Repository
|
||||
public interface ReferenceManifestRepository<T extends ReferenceManifest>
|
||||
extends JpaRepository<ReferenceManifest, UUID> {
|
||||
|
||||
/**
|
||||
* Saves the <code>ReferenceManifest</code> in the database. This creates a new
|
||||
* database session and saves the device.
|
||||
*
|
||||
* @param rim ReferenceManifest to save
|
||||
* @return reference to saved rim
|
||||
*/
|
||||
T saveRIM(T rim);
|
||||
}
|
@ -0,0 +1,4 @@
|
||||
/**
|
||||
* Contains class structures for the interface and base CRUD operations for hibernate.
|
||||
*/
|
||||
package hirs.attestationca.repository;
|
@ -1,15 +1,12 @@
|
||||
package hirs.attestationca.rest;
|
||||
|
||||
import hirs.attestationca.AbstractAttestationCertificateAuthority;
|
||||
import hirs.attestationca.service.SupplyChainValidationService;
|
||||
import hirs.attestationca.validation.SupplyChainValidationService;
|
||||
import hirs.data.service.DeviceRegister;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.DBManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.persist.ReferenceDigestManager;
|
||||
import hirs.persist.ReferenceEventManager;
|
||||
import hirs.persist.ReferenceManifestManager;
|
||||
import hirs.persist.TPM2ProvisionerState;
|
||||
import hirs.persist.service.CertificateService;
|
||||
import hirs.persist.service.ReferenceManifestService;
|
||||
import hirs.structs.converters.StructConverter;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
@ -38,13 +35,11 @@ public class RestfulAttestationCertificateAuthority
|
||||
* @param privateKey the ACA private key
|
||||
* @param acaCertificate the ACA certificate
|
||||
* @param structConverter the struct converter
|
||||
* @param certificateManager the certificate manager
|
||||
* @param referenceManifestManager the referenceManifestManager
|
||||
* @param certificateService the certificate service
|
||||
* @param referenceManifestService the referenceManifestManager
|
||||
* @param deviceRegister the device register
|
||||
* @param validDays the number of days issued certs are valid
|
||||
* @param deviceManager the device manager
|
||||
* @param tpm2ProvisionerStateDBManager the DBManager for persisting provisioner state
|
||||
* @param referenceDigestManager the reference digest manager
|
||||
* @param referenceEventManager the reference event manager
|
||||
*/
|
||||
@SuppressWarnings({ "checkstyle:parameternumber" })
|
||||
@ -53,18 +48,16 @@ public class RestfulAttestationCertificateAuthority
|
||||
final SupplyChainValidationService supplyChainValidationService,
|
||||
final PrivateKey privateKey, final X509Certificate acaCertificate,
|
||||
final StructConverter structConverter,
|
||||
final CertificateManager certificateManager,
|
||||
final ReferenceManifestManager referenceManifestManager,
|
||||
final CertificateService certificateService,
|
||||
final ReferenceManifestService referenceManifestService,
|
||||
final DeviceRegister deviceRegister,
|
||||
final DeviceManager deviceManager,
|
||||
final DBManager<TPM2ProvisionerState> tpm2ProvisionerStateDBManager,
|
||||
final ReferenceDigestManager referenceDigestManager,
|
||||
final ReferenceEventManager referenceEventManager,
|
||||
@Value("${aca.certificates.validity}") final int validDays) {
|
||||
super(supplyChainValidationService, privateKey, acaCertificate, structConverter,
|
||||
certificateManager, referenceManifestManager,
|
||||
certificateService, referenceManifestService,
|
||||
deviceRegister, validDays, deviceManager,
|
||||
tpm2ProvisionerStateDBManager, referenceDigestManager, referenceEventManager);
|
||||
referenceEventManager);
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -0,0 +1,113 @@
|
||||
package hirs.attestationca.service;
|
||||
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.attestationca.repository.AppraiserRepository;
|
||||
import hirs.persist.AppraiserManagerException;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.service.AppraiserService;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.retry.RetryCallback;
|
||||
import org.springframework.retry.RetryContext;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.PersistenceContext;
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* A <code>AppraiserServiceImpl</code> manages <code>Appraiser</code>s. A
|
||||
* <code>AppraiserServiceImpl</code> is used to store and manage certificates. It has
|
||||
* support for the basic create, read, update, and delete methods.
|
||||
*/
|
||||
@Service
|
||||
public class AppraiserServiceImpl extends DbServiceImpl<Appraiser>
|
||||
implements AppraiserService {
|
||||
private static final Logger LOGGER = LogManager.getLogger();
|
||||
@Autowired
|
||||
private AppraiserRepository appraiserRepository;
|
||||
@PersistenceContext
|
||||
private EntityManager entityManager;
|
||||
|
||||
/**
|
||||
* Default constructor.
|
||||
* @param entityManager entity manager for jpa hibernate events
|
||||
*/
|
||||
public AppraiserServiceImpl(final EntityManager entityManager) {
|
||||
this.entityManager = entityManager;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean archive(final UUID uuid) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Appraiser saveAppraiser(final Appraiser appraiser) throws AppraiserManagerException {
|
||||
LOGGER.debug("saving appraiser: {}", appraiser);
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<Appraiser,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public Appraiser doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return appraiserRepository.save(appraiser);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public void updateAppraiser(final Appraiser appraiser) throws AppraiserManagerException {
|
||||
LOGGER.debug("updating appraiser: {}", appraiser);
|
||||
Appraiser dBAppraiser;
|
||||
|
||||
if (appraiser.getId() == null) {
|
||||
LOGGER.debug("Appraiser not found: {}", appraiser);
|
||||
dBAppraiser = appraiser;
|
||||
} else {
|
||||
// will not return null, throws and exception
|
||||
dBAppraiser = appraiserRepository.getReferenceById(
|
||||
UUID.fromString(appraiser.getId().toString()));
|
||||
|
||||
// run through things that aren't equal and update
|
||||
|
||||
if (!dBAppraiser.getName().equals(appraiser.getName())) {
|
||||
dBAppraiser.setName(appraiser.getName());
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
saveAppraiser(dBAppraiser);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Appraiser getAppraiser(final String name) throws AppraiserManagerException {
|
||||
LOGGER.debug("retrieve appraiser: {}", name);
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<Appraiser,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public Appraiser doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return appraiserRepository.findByName(name);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public final void deleteAppraiser(final Appraiser appraiser)
|
||||
throws AppraiserManagerException {
|
||||
LOGGER.debug("Deleting appraiser by name: {}", appraiser.getName());
|
||||
|
||||
getRetryTemplate().execute(new RetryCallback<Void, DBManagerException>() {
|
||||
@Override
|
||||
public Void doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
appraiserRepository.delete(appraiser);
|
||||
appraiserRepository.flush();
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
@ -0,0 +1,210 @@
|
||||
package hirs.attestationca.service;
|
||||
|
||||
import hirs.FilteredRecordsList;
|
||||
import hirs.attestationca.repository.CertificateRepository;
|
||||
import hirs.data.persist.ArchivableEntity;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.CertificateAuthorityCredential;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.IssuedAttestationCertificate;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.persist.CertificateSelector;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.service.CertificateService;
|
||||
import hirs.persist.service.DefaultService;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.retry.RetryCallback;
|
||||
import org.springframework.retry.RetryContext;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.PersistenceContext;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* A <code>CertificateServiceImpl</code> manages <code>Certificate</code>s. A
|
||||
* <code>CertificateServiceImpl</code> is used to store and manage certificates. It has
|
||||
* support for the basic create, read, update, and delete methods.
|
||||
*/
|
||||
@Service
|
||||
public class CertificateServiceImpl extends DbServiceImpl<Certificate>
|
||||
implements DefaultService<Certificate>, CertificateService {
|
||||
|
||||
private static final Logger LOGGER = LogManager.getLogger(CertificateServiceImpl.class);
|
||||
@Autowired
|
||||
private CertificateRepository certificateRepository;
|
||||
@PersistenceContext
|
||||
private EntityManager entityManager;
|
||||
|
||||
@Override
|
||||
public Certificate saveCertificate(final Certificate certificate) {
|
||||
LOGGER.debug("Saving certificate: {}", certificate);
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<Certificate,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public Certificate doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return certificateRepository.save(certificate);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public Certificate updateCertificate(final Certificate certificate) {
|
||||
LOGGER.debug("Updating certificate: {}", certificate);
|
||||
Certificate dbCertificate;
|
||||
|
||||
if (certificate.getId() == null) {
|
||||
LOGGER.debug("Certificate not found: {}", certificate);
|
||||
dbCertificate = certificate;
|
||||
} else {
|
||||
// will not return null, throws and exception
|
||||
dbCertificate = certificateRepository.getReferenceById(certificate.getId());
|
||||
|
||||
// run through things that aren't equal and update
|
||||
|
||||
getCertificateClass(dbCertificate); // need to coming
|
||||
|
||||
}
|
||||
|
||||
return saveCertificate(dbCertificate);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Certificate updateCertificate(final Certificate certificate,
|
||||
final UUID uuid) {
|
||||
LOGGER.debug("Updating certificate: {}", certificate);
|
||||
Certificate dbCertificate;
|
||||
|
||||
if (uuid == null) {
|
||||
LOGGER.debug("Certificate not found: {}", certificate);
|
||||
dbCertificate = certificate;
|
||||
} else {
|
||||
// will not return null, throws and exception
|
||||
dbCertificate = certificateRepository.getReferenceById(uuid);
|
||||
|
||||
// run through things that aren't equal and update
|
||||
|
||||
getCertificateClass(dbCertificate); // need to coming
|
||||
|
||||
}
|
||||
|
||||
return saveCertificate(dbCertificate);
|
||||
}
|
||||
|
||||
@Override
|
||||
public <T extends Certificate> Set<T> getCertificate(
|
||||
final CertificateSelector certificateSelector) {
|
||||
return new HashSet<>(0);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<Certificate> getList() {
|
||||
LOGGER.debug("Getting all certificates...");
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<List<Certificate>,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public List<Certificate> doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return certificateRepository.findAll();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public void updateElements(final List<Certificate> certificates) {
|
||||
LOGGER.debug("Updating {} certificates...", certificates.size());
|
||||
|
||||
certificates.stream().forEach((certificate) -> {
|
||||
if (certificate != null) {
|
||||
this.updateCertificate(certificate, certificate.getId());
|
||||
}
|
||||
});
|
||||
certificateRepository.flush();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void deleteObjectById(final UUID uuid) {
|
||||
LOGGER.debug("Deleting certificate by id: {}", uuid);
|
||||
|
||||
getRetryTemplate().execute(new RetryCallback<Void,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public Void doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
certificateRepository.deleteById(uuid);
|
||||
certificateRepository.flush();
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public FilteredRecordsList getOrderedList(
|
||||
final Class<Certificate> clazz, final String columnToOrder,
|
||||
final boolean ascending, final int firstResult, final int maxResults,
|
||||
final String search, final Map<String, Boolean> searchableColumns)
|
||||
throws DBManagerException {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public FilteredRecordsList<Certificate> getOrderedList(
|
||||
final Class<Certificate> clazz, final String columnToOrder,
|
||||
final boolean ascending, final int firstResult, final int maxResults,
|
||||
final String search, final Map<String, Boolean> searchableColumns,
|
||||
final CriteriaModifier criteriaModifier)
|
||||
throws DBManagerException {
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the concrete certificate class type to query for.
|
||||
*
|
||||
* @param certificate the instance of the certificate to get type.
|
||||
* @return the certificate class type
|
||||
*/
|
||||
private Class<? extends Certificate> getCertificateClass(final Certificate certificate) {
|
||||
if (certificate instanceof PlatformCredential) {
|
||||
return PlatformCredential.class;
|
||||
} else if (certificate instanceof EndorsementCredential) {
|
||||
return EndorsementCredential.class;
|
||||
} else if (certificate instanceof CertificateAuthorityCredential) {
|
||||
return CertificateAuthorityCredential.class;
|
||||
} else if (certificate instanceof IssuedAttestationCertificate) {
|
||||
return IssuedAttestationCertificate.class;
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean archive(final UUID uuid) {
|
||||
LOGGER.debug("archiving object: {}", uuid);
|
||||
if (uuid == null) {
|
||||
LOGGER.debug("null name argument");
|
||||
return false;
|
||||
}
|
||||
Certificate target = (Certificate)
|
||||
this.certificateRepository.getReferenceById(uuid);
|
||||
if (target == null) {
|
||||
return false;
|
||||
}
|
||||
if (!(target instanceof ArchivableEntity)) {
|
||||
throw new DBManagerException("unable to archive non-archivable object");
|
||||
}
|
||||
|
||||
((ArchivableEntity) target).archive();
|
||||
this.updateCertificate(target, uuid);
|
||||
return true;
|
||||
}
|
||||
}
|
@ -0,0 +1,123 @@
|
||||
package hirs.attestationca.service;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.StaleObjectStateException;
|
||||
import org.hibernate.exception.LockAcquisitionException;
|
||||
import org.springframework.retry.RetryListener;
|
||||
import org.springframework.retry.backoff.FixedBackOffPolicy;
|
||||
import org.springframework.retry.policy.SimpleRetryPolicy;
|
||||
import org.springframework.retry.support.RetryTemplate;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.PersistenceContext;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.UUID;
|
||||
|
||||
|
||||
/**
|
||||
* @param <T> passed in type
|
||||
* Generic database manager for managing objects in a database. This provides create, read, update,
|
||||
* archive, and delete operations for managing objects in a database.
|
||||
*
|
||||
*/
|
||||
public abstract class DbServiceImpl<T> {
|
||||
private static final Logger LOGGER = LogManager.getLogger(DbServiceImpl.class);
|
||||
|
||||
/**
|
||||
* The default maximum number of retries to attempt a database transaction.
|
||||
*/
|
||||
public static final int DEFAULT_MAX_RETRY_ATTEMPTS = 10;
|
||||
/*
|
||||
* The default number of milliseconds to wait before retrying a database transaction.
|
||||
*/
|
||||
private static final long DEFAULT_RETRY_WAIT_TIME_MS = 3000;
|
||||
|
||||
// structure for retrying methods in the database
|
||||
private RetryTemplate retryTemplate;
|
||||
|
||||
@PersistenceContext
|
||||
private EntityManager entityManager;
|
||||
|
||||
/**
|
||||
* Creates a new <code>DbServiceImpl</code> that uses the default database. The
|
||||
* default database is used to store all of the objects.
|
||||
*
|
||||
*/
|
||||
public DbServiceImpl() {
|
||||
setRetryTemplate(DEFAULT_MAX_RETRY_ATTEMPTS, DEFAULT_RETRY_WAIT_TIME_MS);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a new <code>DbServiceImpl</code> that uses the default database. The
|
||||
* default database is used to store all of the objects.
|
||||
* @param entityManager entity manager for jpa hibernate events
|
||||
*
|
||||
*/
|
||||
public DbServiceImpl(final EntityManager entityManager) {
|
||||
setRetryTemplate(DEFAULT_MAX_RETRY_ATTEMPTS, DEFAULT_RETRY_WAIT_TIME_MS);
|
||||
this.entityManager = entityManager;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the parameters used to retry database transactions. The retry template will
|
||||
* retry transactions that throw a LockAcquisitionException or StaleObjectStateException.
|
||||
* @param maxTransactionRetryAttempts the maximum number of database transaction attempts
|
||||
* @param retryWaitTimeMilliseconds the transaction retry wait time in milliseconds
|
||||
*/
|
||||
public final void setRetryTemplate(final int maxTransactionRetryAttempts,
|
||||
final long retryWaitTimeMilliseconds) {
|
||||
Map<Class<? extends Throwable>, Boolean> exceptionsToRetry = new HashMap<>();
|
||||
exceptionsToRetry.put(LockAcquisitionException.class, true);
|
||||
exceptionsToRetry.put(StaleObjectStateException.class, true);
|
||||
|
||||
SimpleRetryPolicy retryPolicy = new SimpleRetryPolicy(
|
||||
maxTransactionRetryAttempts,
|
||||
exceptionsToRetry,
|
||||
true,
|
||||
false
|
||||
);
|
||||
|
||||
FixedBackOffPolicy backoffPolicy = new FixedBackOffPolicy();
|
||||
backoffPolicy.setBackOffPeriod(retryWaitTimeMilliseconds);
|
||||
this.retryTemplate = new RetryTemplate();
|
||||
this.retryTemplate.setRetryPolicy(retryPolicy);
|
||||
this.retryTemplate.setBackOffPolicy(backoffPolicy);
|
||||
}
|
||||
|
||||
/**
|
||||
* Accessor method for the retry function.
|
||||
* @return instance of the RetryTemplate
|
||||
*/
|
||||
protected RetryTemplate getRetryTemplate() {
|
||||
return this.retryTemplate;
|
||||
}
|
||||
|
||||
/**
|
||||
* Registers a retry listener to be notified of retry activity.
|
||||
* @param retryListener the retry listener
|
||||
*/
|
||||
public void addRetryListener(final RetryListener retryListener) {
|
||||
retryTemplate.registerListener(retryListener);
|
||||
}
|
||||
|
||||
/**
|
||||
* Getter for the EntityManager.
|
||||
* @return instance of the manager
|
||||
*/
|
||||
public final EntityManager getEm() {
|
||||
return entityManager;
|
||||
}
|
||||
|
||||
/**
|
||||
* Archives the named object and updates it in the database.
|
||||
*
|
||||
* @param uuid unique id of the object to archive
|
||||
* @return true if the object was successfully found and archived,
|
||||
* false if the object was not found
|
||||
* @throws hirs.persist.DBManagerException if the object is not an instance
|
||||
* of <code>ArchivableEntity</code>
|
||||
*/
|
||||
public abstract boolean archive(UUID uuid);
|
||||
}
|
@ -0,0 +1,151 @@
|
||||
package hirs.attestationca.service;
|
||||
|
||||
import hirs.FilteredRecordsList;
|
||||
import hirs.attestationca.repository.DeviceRepository;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.DeviceManagerException;
|
||||
import hirs.persist.service.DefaultService;
|
||||
import hirs.persist.service.DeviceService;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.retry.RetryCallback;
|
||||
import org.springframework.retry.RetryContext;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.PersistenceContext;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* A <code>DeviceServiceImpl</code> manages <code>Device</code>s. A
|
||||
* <code>DeviceServiceImpl</code> is used to store and manage devices. It has
|
||||
* support for the basic create, read, update, and delete methods.
|
||||
*/
|
||||
@Service
|
||||
public class DeviceServiceImpl extends DbServiceImpl<Device>
|
||||
implements DefaultService<Device>, DeviceService {
|
||||
|
||||
private static final Logger LOGGER = LogManager.getLogger(DeviceServiceImpl.class);
|
||||
@Autowired
|
||||
private DeviceRepository deviceRepository;
|
||||
@PersistenceContext
|
||||
private EntityManager entityManager;
|
||||
|
||||
@Override
|
||||
public final Device getByName(final String name) {
|
||||
LOGGER.debug("Find device by name: {}", name);
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<Device,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public Device doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return deviceRepository.findByName(name);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public final Device saveDevice(final Device device) throws DeviceManagerException {
|
||||
LOGGER.debug("Saving device: {}", device);
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<Device,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public Device doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return deviceRepository.save(device);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public final Device updateDevice(final Device device, final UUID deviceId)
|
||||
throws DeviceManagerException {
|
||||
LOGGER.debug("Updating device: {}", device);
|
||||
Device dbDevice;
|
||||
|
||||
if (deviceId == null) {
|
||||
LOGGER.debug("Device not found: {}", device);
|
||||
dbDevice = device;
|
||||
} else {
|
||||
// will not return null, throws and exception
|
||||
dbDevice = deviceRepository.getReferenceById(deviceId);
|
||||
|
||||
// run through things that aren't equal and update
|
||||
|
||||
}
|
||||
|
||||
return saveDevice(dbDevice);
|
||||
}
|
||||
|
||||
@Override
|
||||
public final List<Device> getList() {
|
||||
LOGGER.debug("Getting all devices...");
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<List<Device>, DBManagerException>() {
|
||||
@Override
|
||||
public List<Device> doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return deviceRepository.findAll();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public void updateElements(final List<Device> devices) {
|
||||
LOGGER.debug("Updating {} devices...", devices.size());
|
||||
|
||||
devices.stream().forEach((device) -> {
|
||||
if (device != null) {
|
||||
this.updateDevice(device, device.getId());
|
||||
}
|
||||
});
|
||||
deviceRepository.flush();
|
||||
}
|
||||
|
||||
@Override
|
||||
public final void deleteObjectById(final UUID uuid)
|
||||
throws DeviceManagerException {
|
||||
LOGGER.debug("Deleting deviceById: {}", uuid);
|
||||
|
||||
getRetryTemplate().execute(new RetryCallback<Void, DBManagerException>() {
|
||||
@Override
|
||||
public Void doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
deviceRepository.deleteById(uuid);
|
||||
deviceRepository.flush();
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public FilteredRecordsList getOrderedList(
|
||||
final Class<Device> clazz, final String columnToOrder,
|
||||
final boolean ascending, final int firstResult, final int maxResults,
|
||||
final String search, final Map<String, Boolean> searchableColumns)
|
||||
throws DBManagerException {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public FilteredRecordsList<Device> getOrderedList(
|
||||
final Class<Device> clazz, final String columnToOrder,
|
||||
final boolean ascending, final int firstResult, final int maxResults,
|
||||
final String search, final Map<String, Boolean> searchableColumns,
|
||||
final CriteriaModifier criteriaModifier)
|
||||
throws DBManagerException {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean archive(final UUID uuid) {
|
||||
return true;
|
||||
}
|
||||
}
|
@ -0,0 +1,231 @@
|
||||
package hirs.attestationca.service;
|
||||
|
||||
import hirs.FilteredRecordsList;
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.attestationca.repository.PolicyRepository;
|
||||
import hirs.data.persist.ArchivableEntity;
|
||||
import hirs.data.persist.policy.Policy;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.PolicyMapper;
|
||||
import hirs.persist.service.DefaultService;
|
||||
import hirs.persist.service.PolicyService;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.Session;
|
||||
import org.hibernate.Transaction;
|
||||
import org.hibernate.query.Query;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.retry.RetryCallback;
|
||||
import org.springframework.retry.RetryContext;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.PersistenceContext;
|
||||
import javax.persistence.criteria.CriteriaBuilder;
|
||||
import javax.persistence.criteria.CriteriaQuery;
|
||||
import javax.persistence.criteria.Predicate;
|
||||
import javax.persistence.criteria.Root;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* A <code>PolicyServiceImpl</code> manages <code>Policy</code>s. A
|
||||
* <code>PolicyServiceImpl</code> is used to store and manage policies. It has
|
||||
* support for the basic create, read, update, and delete methods.
|
||||
*/
|
||||
@Service
|
||||
public class PolicyServiceImpl extends DbServiceImpl<Policy>
|
||||
implements DefaultService<Policy>, PolicyService {
|
||||
|
||||
private static final Logger LOGGER = LogManager.getLogger(PolicyServiceImpl.class);
|
||||
@Autowired
|
||||
private PolicyRepository policyRepository;
|
||||
@PersistenceContext
|
||||
private EntityManager entityManager;
|
||||
|
||||
@Override
|
||||
public List<Policy> getList() {
|
||||
LOGGER.debug("Getting all policies...");
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<List<Policy>, DBManagerException>() {
|
||||
@Override
|
||||
public List<Policy> doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
policyRepository.findAll();
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public void updateElements(final List<Policy> policies) {
|
||||
LOGGER.debug("Updating {} certificates...", policies.size());
|
||||
|
||||
policies.stream().forEach((policy) -> {
|
||||
if (policy != null) {
|
||||
this.updatePolicy(policy, policy.getId());
|
||||
}
|
||||
});
|
||||
policyRepository.flush();
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
@Override
|
||||
public void deleteObjectById(final UUID uuid) {
|
||||
LOGGER.debug("Deleting policy by id: {}", uuid);
|
||||
|
||||
getRetryTemplate().execute(new RetryCallback<Void, DBManagerException>() {
|
||||
@Override
|
||||
public Void doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
policyRepository.deleteById(uuid);
|
||||
policyRepository.flush();
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
@Override
|
||||
public Policy savePolicy(final Policy policy) {
|
||||
LOGGER.debug("Saving policy: {}", policy);
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<Policy, DBManagerException>() {
|
||||
@Override
|
||||
public Policy doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return policyRepository.save(policy);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
@Override
|
||||
public Policy updatePolicy(final Policy policy, final UUID uuid) {
|
||||
LOGGER.debug("Updating policy: {}", policy);
|
||||
Policy dbPolicy;
|
||||
|
||||
if (uuid == null) {
|
||||
LOGGER.debug("Policy not found: {}", policy);
|
||||
dbPolicy = policy;
|
||||
} else {
|
||||
// will not return null, throws and exception
|
||||
dbPolicy = (Policy) policyRepository.getReferenceById(uuid);
|
||||
|
||||
// run through things that aren't equal and update
|
||||
}
|
||||
|
||||
return savePolicy(dbPolicy);
|
||||
}
|
||||
|
||||
@Override
|
||||
public final Policy getDefaultPolicy(final Appraiser appraiser) {
|
||||
if (appraiser == null) {
|
||||
LOGGER.error("cannot get default policy for null appraiser");
|
||||
return null;
|
||||
}
|
||||
|
||||
Policy ret = null;
|
||||
Transaction tx = null;
|
||||
Session session = getEm().unwrap(org.hibernate.Session.class);
|
||||
try {
|
||||
tx = session.beginTransaction();
|
||||
LOGGER.debug("retrieving policy mapper from db where appraiser = {}",
|
||||
appraiser);
|
||||
CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<PolicyMapper> criteriaQuery = criteriaBuilder
|
||||
.createQuery(PolicyMapper.class);
|
||||
Root<PolicyMapper> root = criteriaQuery.from(PolicyMapper.class);
|
||||
Predicate recordPredicate = criteriaBuilder.and(
|
||||
criteriaBuilder.equal(root.get("appraiser"), appraiser));
|
||||
criteriaQuery.select(root).where(recordPredicate);
|
||||
Query<PolicyMapper> query = session.createQuery(criteriaQuery);
|
||||
List<PolicyMapper> results = query.getResultList();
|
||||
PolicyMapper mapper = null;
|
||||
if (results != null && !results.isEmpty()) {
|
||||
mapper = results.get(0);
|
||||
}
|
||||
|
||||
if (mapper == null) {
|
||||
LOGGER.debug("no policy mapper found for appraiser {}",
|
||||
appraiser);
|
||||
} else {
|
||||
ret = mapper.getPolicy();
|
||||
}
|
||||
session.getTransaction().commit();
|
||||
} catch (Exception e) {
|
||||
final String msg = "unable to get default policy";
|
||||
LOGGER.error(msg, e);
|
||||
if (tx != null) {
|
||||
LOGGER.debug("rolling back transaction");
|
||||
tx.rollback();
|
||||
}
|
||||
throw new DBManagerException(msg, e);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Policy getPolicyByName(final String name) {
|
||||
for (Policy policy : getList()) {
|
||||
if (policy.getName().equals(name)) {
|
||||
return policy;
|
||||
}
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setPolicy(final Appraiser appraiser, final Policy policy) {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setDefaultPolicy(final Appraiser appraiser, final Policy policy) {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public FilteredRecordsList getOrderedList(
|
||||
final Class<Policy> clazz, final String columnToOrder,
|
||||
final boolean ascending, final int firstResult, final int maxResults,
|
||||
final String search, final Map<String, Boolean> searchableColumns)
|
||||
throws DBManagerException {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public FilteredRecordsList<Policy> getOrderedList(
|
||||
final Class<Policy> clazz, final String columnToOrder,
|
||||
final boolean ascending, final int firstResult, final int maxResults,
|
||||
final String search, final Map<String, Boolean> searchableColumns,
|
||||
final CriteriaModifier criteriaModifier)
|
||||
throws DBManagerException {
|
||||
return null;
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
@Override
|
||||
public boolean archive(final UUID uuid) {
|
||||
LOGGER.debug("archiving object: {}", uuid);
|
||||
if (uuid == null) {
|
||||
LOGGER.debug("null name argument");
|
||||
return false;
|
||||
}
|
||||
Policy target = (Policy)
|
||||
this.policyRepository.getReferenceById(uuid);
|
||||
if (target == null) {
|
||||
return false;
|
||||
}
|
||||
if (!(target instanceof ArchivableEntity)) {
|
||||
throw new DBManagerException("unable to archive non-archivable object");
|
||||
}
|
||||
|
||||
((ArchivableEntity) target).archive();
|
||||
this.updatePolicy(target, uuid);
|
||||
return true;
|
||||
}
|
||||
}
|
@ -0,0 +1,200 @@
|
||||
package hirs.attestationca.service;
|
||||
|
||||
import hirs.FilteredRecordsList;
|
||||
import hirs.attestationca.repository.ReferenceDigestValueRepository;
|
||||
import hirs.data.persist.ArchivableEntity;
|
||||
import hirs.data.persist.ReferenceDigestValue;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.service.DefaultService;
|
||||
import hirs.persist.service.ReferenceDigestValueService;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.retry.RetryCallback;
|
||||
import org.springframework.retry.RetryContext;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.PersistenceContext;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* A <code>ReferenceDigestValueServiceImpl</code> manages <code>Digest Value Event</code>s. A
|
||||
* <code>ReferenceDigestValueServiceImpl</code> is used to store and manage digest events. It has
|
||||
* support for the basic create, read, update, and delete methods.
|
||||
*/
|
||||
@Service
|
||||
public class ReferenceDigestValueServiceImpl extends DbServiceImpl<ReferenceDigestValue>
|
||||
implements DefaultService<ReferenceDigestValue>, ReferenceDigestValueService {
|
||||
|
||||
private static final Logger LOGGER = LogManager
|
||||
.getLogger(ReferenceDigestValueServiceImpl.class);
|
||||
@Autowired
|
||||
private ReferenceDigestValueRepository referenceDigestValueRepository;
|
||||
@PersistenceContext
|
||||
private EntityManager entityManager;
|
||||
|
||||
@Override
|
||||
public List<ReferenceDigestValue> getList() {
|
||||
LOGGER.debug("Getting all reference digest value...");
|
||||
return this.referenceDigestValueRepository.findAll();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void updateElements(final List<ReferenceDigestValue> referenceDigestValues) {
|
||||
LOGGER.debug("Updating {} reference digest values...", referenceDigestValues.size());
|
||||
|
||||
referenceDigestValues.stream().forEach((values) -> {
|
||||
if (values != null) {
|
||||
this.updateDigestValue(values, values.getId());
|
||||
}
|
||||
});
|
||||
referenceDigestValueRepository.flush();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void deleteObjectById(final UUID uuid) {
|
||||
LOGGER.debug("Deleting reference digest values by id: {}", uuid);
|
||||
|
||||
getRetryTemplate().execute(new RetryCallback<Void, DBManagerException>() {
|
||||
@Override
|
||||
public Void doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
referenceDigestValueRepository.deleteById(uuid);
|
||||
referenceDigestValueRepository.flush();
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public ReferenceDigestValue saveDigestValue(final ReferenceDigestValue digestValue) {
|
||||
LOGGER.debug("Saving reference digest value: {}", digestValue);
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<ReferenceDigestValue,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public ReferenceDigestValue doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return referenceDigestValueRepository.save(digestValue);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public ReferenceDigestValue updateDigestValue(
|
||||
final ReferenceDigestValue digestValue, final UUID uuid) {
|
||||
LOGGER.debug("Updating reference digest value: {}", digestValue);
|
||||
ReferenceDigestValue dbDigestValue;
|
||||
|
||||
if (uuid == null) {
|
||||
LOGGER.debug("Reference Digest Value not found: {}", digestValue);
|
||||
dbDigestValue = digestValue;
|
||||
} else {
|
||||
// will not return null, throws and exception
|
||||
dbDigestValue = this.referenceDigestValueRepository.getReferenceById(uuid);
|
||||
// run through things that aren't equal and update
|
||||
if (!dbDigestValue.getDigestValue().equals(digestValue.getDigestValue())) {
|
||||
dbDigestValue.setDigestValue(digestValue.getDigestValue());
|
||||
}
|
||||
|
||||
if (!dbDigestValue.getEventType().equals(digestValue.getEventType())) {
|
||||
dbDigestValue.setEventType(digestValue.getEventType());
|
||||
}
|
||||
}
|
||||
|
||||
return saveDigestValue(dbDigestValue);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<ReferenceDigestValue> getValuesByBaseRimId(final UUID uuid) {
|
||||
LOGGER.debug("Find reference digest values base on: {}", uuid);
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<List<ReferenceDigestValue>,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public List<ReferenceDigestValue> doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return referenceDigestValueRepository.findValuesByBaseRimId(uuid);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<ReferenceDigestValue> getValuesBySupportRimId(final UUID uuid) {
|
||||
LOGGER.debug("Find reference digest values base on: {}", uuid);
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<List<ReferenceDigestValue>,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public List<ReferenceDigestValue> doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return referenceDigestValueRepository.findValuesBySupportRimId(uuid);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public FilteredRecordsList getOrderedList(
|
||||
final Class<ReferenceDigestValue> clazz, final String columnToOrder,
|
||||
final boolean ascending, final int firstResult, final int maxResults,
|
||||
final String search, final Map<String, Boolean> searchableColumns)
|
||||
throws DBManagerException {
|
||||
LOGGER.debug("Getting ordered object list");
|
||||
Class<ReferenceDigestValue> searchClass = clazz;
|
||||
if (clazz == null) {
|
||||
LOGGER.debug("clazz is null");
|
||||
searchClass = ReferenceDigestValue.class;
|
||||
}
|
||||
|
||||
if (searchableColumns != null) {
|
||||
LOGGER.info(searchClass.getName() + " querying for "
|
||||
+ Arrays.toString(searchableColumns.entrySet().toArray())
|
||||
+ " with search strings \"" + search + "\"");
|
||||
}
|
||||
|
||||
//Object that will store query values
|
||||
FilteredRecordsList<ReferenceDigestValue> rdvOrderedList = new FilteredRecordsList<>();
|
||||
|
||||
// Search
|
||||
// Query keywordQuery = queryBuilder.
|
||||
|
||||
// sort
|
||||
return rdvOrderedList;
|
||||
}
|
||||
|
||||
@Override
|
||||
public FilteredRecordsList<ReferenceDigestValue> getOrderedList(
|
||||
final Class<ReferenceDigestValue> clazz, final String columnToOrder,
|
||||
final boolean ascending, final int firstResult, final int maxResults,
|
||||
final String search, final Map<String, Boolean> searchableColumns,
|
||||
final CriteriaModifier criteriaModifier)
|
||||
throws DBManagerException {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean archive(final UUID uuid) {
|
||||
LOGGER.debug("archiving object: {}", uuid);
|
||||
if (uuid == null) {
|
||||
LOGGER.debug("null name argument");
|
||||
return false;
|
||||
}
|
||||
ReferenceDigestValue target = (ReferenceDigestValue)
|
||||
this.referenceDigestValueRepository.getReferenceById(uuid);
|
||||
if (target == null) {
|
||||
return false;
|
||||
}
|
||||
if (!(target instanceof ArchivableEntity)) {
|
||||
throw new DBManagerException("unable to archive non-archivable object");
|
||||
}
|
||||
|
||||
((ArchivableEntity) target).archive();
|
||||
this.updateDigestValue(target, uuid);
|
||||
return true;
|
||||
}
|
||||
}
|
@ -0,0 +1,176 @@
|
||||
package hirs.attestationca.service;
|
||||
|
||||
import hirs.FilteredRecordsList;
|
||||
import hirs.attestationca.repository.ReferenceManifestRepository;
|
||||
import hirs.data.persist.ArchivableEntity;
|
||||
import hirs.data.persist.ReferenceManifest;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.ReferenceManifestSelector;
|
||||
import hirs.persist.service.ReferenceManifestService;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.retry.RetryCallback;
|
||||
import org.springframework.retry.RetryContext;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.PersistenceContext;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* A <code>ReferenceManifestServiceImpl</code> manages <code>ReferenceManifestService</code>s. A
|
||||
* <code>ReferenceManifestServiceImpl</code> is used to store and manage reference manifest. It has
|
||||
* support for the basic create, read, update, and delete methods.
|
||||
*/
|
||||
@Service
|
||||
public class ReferenceManifestServiceImpl extends DbServiceImpl<ReferenceManifest>
|
||||
implements ReferenceManifestService {
|
||||
|
||||
private static final Logger LOGGER = LogManager.getLogger(ReferenceManifestServiceImpl.class);
|
||||
@Autowired
|
||||
private ReferenceManifestRepository referenceManifestRepository;
|
||||
@PersistenceContext
|
||||
private EntityManager entityManager;
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
@Override
|
||||
public ReferenceManifest saveRIM(final ReferenceManifest rim) {
|
||||
LOGGER.debug("Saving reference manifest: {}", rim);
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<ReferenceManifest,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public ReferenceManifest doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return referenceManifestRepository.saveRIM(rim);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public ReferenceManifest updateReferenceManifest(final ReferenceManifest rim) {
|
||||
return updateReferenceManifest(rim, rim.getId());
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
@Override
|
||||
public ReferenceManifest updateReferenceManifest(final ReferenceManifest rim,
|
||||
final UUID uuid) {
|
||||
LOGGER.debug("Updating reference manifest: {}", rim);
|
||||
ReferenceManifest dbRim;
|
||||
|
||||
if (uuid == null) {
|
||||
LOGGER.debug("Reference Manifest not found: {}", rim);
|
||||
dbRim = rim;
|
||||
} else {
|
||||
// will not return null, throws and exception
|
||||
dbRim = (ReferenceManifest) this.referenceManifestRepository
|
||||
.getReferenceById(uuid);
|
||||
|
||||
// run through things that aren't equal and update
|
||||
|
||||
}
|
||||
|
||||
return saveRIM(dbRim);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void deleteRIM(final ReferenceManifest rim) {
|
||||
deleteObjectById(rim.getId());
|
||||
}
|
||||
|
||||
@Override
|
||||
public <T extends ReferenceManifest> Set<T> getReferenceManifest(
|
||||
final ReferenceManifestSelector referenceManifestSelector) {
|
||||
return new HashSet<>(0);
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
@Override
|
||||
public List<ReferenceManifest> getList() {
|
||||
LOGGER.debug("Getting all reference manifest...");
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<List<ReferenceManifest>,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public List<ReferenceManifest> doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return referenceManifestRepository.findAll();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public void updateElements(final List<ReferenceManifest> referenceManifests) {
|
||||
LOGGER.debug("Updating {} reference manifests...", referenceManifests.size());
|
||||
|
||||
referenceManifests.stream().forEach((rim) -> {
|
||||
if (rim != null) {
|
||||
this.updateReferenceManifest(rim, rim.getId());
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
@Override
|
||||
public void deleteObjectById(final UUID uuid) {
|
||||
LOGGER.debug("Deleting reference manifest by id: {}", uuid);
|
||||
|
||||
getRetryTemplate().execute(new RetryCallback<Void, DBManagerException>() {
|
||||
@Override
|
||||
public Void doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
referenceManifestRepository.deleteById(uuid);
|
||||
referenceManifestRepository.flush();
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public FilteredRecordsList getOrderedList(
|
||||
final Class<ReferenceManifest> clazz, final String columnToOrder,
|
||||
final boolean ascending, final int firstResult, final int maxResults,
|
||||
final String search, final Map<String, Boolean> searchableColumns)
|
||||
throws DBManagerException {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public FilteredRecordsList<ReferenceManifest> getOrderedList(
|
||||
final Class<ReferenceManifest> clazz, final String columnToOrder,
|
||||
final boolean ascending, final int firstResult, final int maxResults,
|
||||
final String search, final Map<String, Boolean> searchableColumns,
|
||||
final CriteriaModifier criteriaModifier)
|
||||
throws DBManagerException {
|
||||
return null;
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
@Override
|
||||
public boolean archive(final UUID uuid) throws DBManagerException {
|
||||
LOGGER.debug("archiving object: {}", uuid);
|
||||
if (uuid == null) {
|
||||
LOGGER.debug("null name argument");
|
||||
return false;
|
||||
}
|
||||
ReferenceManifest target = (ReferenceManifest)
|
||||
this.referenceManifestRepository.getReferenceById(uuid);
|
||||
if (target == null) {
|
||||
return false;
|
||||
}
|
||||
if (!(target instanceof ArchivableEntity)) {
|
||||
throw new DBManagerException("unable to archive non-archivable object");
|
||||
}
|
||||
|
||||
((ArchivableEntity) target).archive();
|
||||
this.updateReferenceManifest(target, uuid);
|
||||
return true;
|
||||
}
|
||||
}
|
@ -1,47 +1,35 @@
|
||||
package hirs.persist;
|
||||
package hirs.attestationca.servicemanager;
|
||||
|
||||
import com.google.common.cache.CacheBuilder;
|
||||
import com.google.common.cache.CacheLoader;
|
||||
import com.google.common.cache.LoadingCache;
|
||||
import hirs.FilteredRecordsList;
|
||||
import org.apache.commons.lang3.reflect.FieldUtils;
|
||||
import hirs.data.persist.ArchivableEntity;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.CrudManager;
|
||||
import hirs.persist.DBManagerException;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.Criteria;
|
||||
import org.hibernate.Hibernate;
|
||||
import org.hibernate.HibernateException;
|
||||
import org.hibernate.Session;
|
||||
import org.hibernate.SessionFactory;
|
||||
import org.hibernate.StatelessSession;
|
||||
import org.hibernate.Transaction;
|
||||
import org.hibernate.criterion.Conjunction;
|
||||
import org.hibernate.criterion.CriteriaSpecification;
|
||||
import org.hibernate.criterion.Criterion;
|
||||
import org.hibernate.criterion.Disjunction;
|
||||
import org.hibernate.criterion.MatchMode;
|
||||
import org.hibernate.criterion.Order;
|
||||
import org.hibernate.criterion.Projections;
|
||||
import org.hibernate.criterion.Restrictions;
|
||||
import org.hibernate.internal.SessionFactoryImpl;
|
||||
import org.hibernate.query.Query;
|
||||
import org.hibernate.service.spi.ServiceRegistryImplementor;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Entity;
|
||||
import javax.persistence.FetchType;
|
||||
import javax.persistence.ManyToMany;
|
||||
import javax.persistence.ManyToOne;
|
||||
import javax.persistence.OneToMany;
|
||||
import javax.persistence.OneToOne;
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.criteria.CriteriaBuilder;
|
||||
import javax.persistence.criteria.CriteriaQuery;
|
||||
import javax.persistence.criteria.Predicate;
|
||||
import javax.persistence.criteria.Root;
|
||||
import java.io.Serializable;
|
||||
import java.lang.reflect.Field;
|
||||
import java.lang.reflect.InvocationTargetException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.concurrent.ExecutionException;
|
||||
|
||||
import static org.hibernate.criterion.Restrictions.ilike;
|
||||
import static org.hibernate.criterion.Restrictions.sqlRestriction;
|
||||
@ -53,107 +41,44 @@ import static org.hibernate.criterion.Restrictions.sqlRestriction;
|
||||
*
|
||||
* @param <T> type of objects to manage by this manager
|
||||
*/
|
||||
@Service
|
||||
public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
|
||||
private static final Logger LOGGER = LogManager.getLogger(AbstractDbManager.class);
|
||||
private static final int MAX_CLASS_CACHE_ENTRIES = 500;
|
||||
|
||||
private final Class<T> clazz;
|
||||
private Class<T> clazz;
|
||||
|
||||
private SessionFactory factory;
|
||||
private EntityManager em;
|
||||
|
||||
/**
|
||||
* Creates a new <code>AbstractDbManager</code>.
|
||||
*
|
||||
* @param clazz Class to search for when doing Hibernate queries,
|
||||
* unfortunately class type of T cannot be determined using only T
|
||||
* @param sessionFactory the session factory to use to interact with the database
|
||||
* @param em the entity manager to use to interact with the database
|
||||
*/
|
||||
public AbstractDbManager(final Class<T> clazz, final SessionFactory sessionFactory) {
|
||||
public AbstractDbManager(final Class<T> clazz, final EntityManager em) {
|
||||
if (clazz == null) {
|
||||
LOGGER.error("AbstractDbManager cannot be instantiated with a null class");
|
||||
throw new IllegalArgumentException(
|
||||
"AbstractDbManager cannot be instantiated with a null class"
|
||||
);
|
||||
}
|
||||
if (sessionFactory == null) {
|
||||
if (em == null) {
|
||||
LOGGER.error("AbstractDbManager cannot be instantiated with a null SessionFactory");
|
||||
throw new IllegalArgumentException(
|
||||
"AbstractDbManager cannot be instantiated with a null SessionFactory"
|
||||
);
|
||||
}
|
||||
this.clazz = clazz;
|
||||
this.factory = sessionFactory;
|
||||
this.em = em;
|
||||
// this.factory = sessionFactory;
|
||||
}
|
||||
|
||||
private static final LoadingCache<Class, Set<Field>> PERSISTED_FIELDS =
|
||||
CacheBuilder.newBuilder()
|
||||
.maximumSize(MAX_CLASS_CACHE_ENTRIES)
|
||||
.build(
|
||||
new CacheLoader<Class, Set<Field>>() {
|
||||
@Override
|
||||
public Set<Field> load(final Class clazz) throws Exception {
|
||||
return getPersistedFields(clazz);
|
||||
}
|
||||
}
|
||||
);
|
||||
|
||||
private static Set<Field> getPersistedFields(final Class clazz) {
|
||||
Set<Field> fields = new HashSet<>();
|
||||
|
||||
for (Field f : clazz.getDeclaredFields()) {
|
||||
if (f.isAnnotationPresent(OneToMany.class)
|
||||
|| f.isAnnotationPresent(ManyToMany.class)
|
||||
|| f.isAnnotationPresent(ManyToOne.class)
|
||||
|| f.isAnnotationPresent(OneToOne.class)
|
||||
|| f.isAnnotationPresent(Column.class)) {
|
||||
fields.add(f);
|
||||
}
|
||||
}
|
||||
|
||||
if (clazz.getSuperclass() != Object.class) {
|
||||
fields.addAll(getPersistedFields(clazz.getSuperclass()));
|
||||
}
|
||||
|
||||
return fields;
|
||||
}
|
||||
|
||||
private static final LoadingCache<Class, Set<Field>> LAZY_LOADED_FIELDS =
|
||||
CacheBuilder.newBuilder()
|
||||
.maximumSize(MAX_CLASS_CACHE_ENTRIES)
|
||||
.build(
|
||||
new CacheLoader<Class, Set<Field>>() {
|
||||
@Override
|
||||
public Set<Field> load(final Class clazz) throws Exception {
|
||||
return getLazyFields(clazz);
|
||||
}
|
||||
}
|
||||
);
|
||||
|
||||
private static Set<Field> getLazyFields(final Class clazz) {
|
||||
Set<Field> fields = new HashSet<>();
|
||||
|
||||
for (Field f : clazz.getDeclaredFields()) {
|
||||
if (f.isAnnotationPresent(OneToMany.class)) {
|
||||
if (f.getAnnotation(OneToMany.class).fetch().equals(FetchType.LAZY)) {
|
||||
fields.add(f);
|
||||
}
|
||||
continue;
|
||||
}
|
||||
|
||||
if (f.isAnnotationPresent(ManyToMany.class)) {
|
||||
if (f.getAnnotation(ManyToMany.class).fetch().equals(FetchType.LAZY)) {
|
||||
fields.add(f);
|
||||
}
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if (clazz.getSuperclass() != Object.class) {
|
||||
fields.addAll(getLazyFields(clazz.getSuperclass()));
|
||||
}
|
||||
|
||||
return fields;
|
||||
public void setClazz(final Class<T> classToSet) {
|
||||
this.clazz = classToSet;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -162,7 +87,8 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
* @return the configured database implementation
|
||||
*/
|
||||
protected DBManager.DBImpl getConfiguredImplementation() {
|
||||
String dialect = ((SessionFactoryImpl) factory).getDialect().toString().toLowerCase();
|
||||
String dialect = ((ServiceRegistryImplementor) em).getParentServiceRegistry()
|
||||
.getParentServiceRegistry().toString().toLowerCase();
|
||||
if (dialect.contains("hsql")) {
|
||||
return DBManager.DBImpl.HSQL;
|
||||
} else if (dialect.contains("mysql")) {
|
||||
@ -186,6 +112,7 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
* @throws DBManagerException if unable to find the baseline or delete it
|
||||
* from the database
|
||||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
protected boolean doDelete(final Serializable id) throws DBManagerException {
|
||||
LOGGER.debug("deleting object: {}", id);
|
||||
if (id == null) {
|
||||
@ -195,19 +122,18 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
|
||||
boolean deleted = false;
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = em.unwrap(org.hibernate.Session.class);
|
||||
//factory.getCurrentSession();
|
||||
try {
|
||||
LOGGER.debug("retrieving object from db");
|
||||
tx = session.beginTransaction();
|
||||
Object o = session.get(clazz, id);
|
||||
if (o != null && clazz.isInstance(o)) {
|
||||
T objectOfTypeT = clazz.cast(o);
|
||||
Object obj = session.get(clazz, id);
|
||||
|
||||
T objectOfTypeT = (T) obj;
|
||||
LOGGER.debug("found object, deleting it");
|
||||
session.delete(objectOfTypeT);
|
||||
deleted = true;
|
||||
} else {
|
||||
LOGGER.debug("object not found");
|
||||
}
|
||||
|
||||
tx.commit();
|
||||
} catch (Exception e) {
|
||||
final String msg = "unable to retrieve object";
|
||||
@ -242,18 +168,33 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
|
||||
boolean deleted = false;
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = em.unwrap(org.hibernate.Session.class);
|
||||
CriteriaBuilder builder = session.getCriteriaBuilder();
|
||||
|
||||
try {
|
||||
LOGGER.debug("retrieving object from db");
|
||||
tx = session.beginTransaction();
|
||||
Object object = session.createCriteria(clazz)
|
||||
.add(Restrictions.eq("name", name)).uniqueResult();
|
||||
if (object != null && clazz.isInstance(object)) {
|
||||
T objectOfTypeT = clazz.cast(object);
|
||||
LOGGER.debug("found object, deleting it");
|
||||
session.delete(objectOfTypeT);
|
||||
// Root<T> myObjectRoot = criteria.from(this.clazz);
|
||||
// Object object = session.getSessionFactory().getCurrentSession()
|
||||
// .createCriteria(this.clazz.getClass())
|
||||
// .add(Restrictions.eq("name", name)).uniqueResult();
|
||||
//
|
||||
// T objectOfTypeT = (T) object;
|
||||
// LOGGER.debug("found object, deleting it");
|
||||
// session.delete(objectOfTypeT);
|
||||
// deleted = true;
|
||||
|
||||
|
||||
CriteriaQuery<T> criteriaQuery = builder.createQuery(clazz);
|
||||
Root<T> root = criteriaQuery.from(clazz);
|
||||
Predicate recordPredicate = builder.and(
|
||||
builder.equal(root.get("name"), name));
|
||||
criteriaQuery.select(root).where(recordPredicate).distinct(true);
|
||||
Query<T> query = session.createQuery(criteriaQuery);
|
||||
T result = query.getSingleResult();
|
||||
session.delete(result);
|
||||
deleted = true;
|
||||
}
|
||||
|
||||
tx.commit();
|
||||
} catch (Exception e) {
|
||||
final String msg = "unable to retrieve object";
|
||||
@ -279,7 +220,7 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
* @throws DBManagerException if unable to find the baseline or delete it
|
||||
* from the database
|
||||
*/
|
||||
protected boolean doDelete(final T object) throws DBManagerException {
|
||||
protected boolean doDelete(final ArchivableEntity object) throws DBManagerException {
|
||||
LOGGER.debug("deleting object: {}", object);
|
||||
if (object == null) {
|
||||
LOGGER.debug("null object argument");
|
||||
@ -287,7 +228,7 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
}
|
||||
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = em.unwrap(org.hibernate.Session.class);
|
||||
try {
|
||||
LOGGER.debug("deleting object from db");
|
||||
tx = session.beginTransaction();
|
||||
@ -311,21 +252,31 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
* @return the number of entities deleted
|
||||
* @throws DBManagerException if unable to delete the records
|
||||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
protected int doDeleteAll() throws DBManagerException {
|
||||
int numEntitiesDeleted = 0;
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = em.unwrap(org.hibernate.Session.class);
|
||||
try {
|
||||
LOGGER.debug("Deleting instances of class: {}", clazz);
|
||||
LOGGER.debug("Deleting instances of class: {}", this.clazz.getClass());
|
||||
tx = session.beginTransaction();
|
||||
List instances = session.createCriteria(clazz)
|
||||
.setResultTransformer(Criteria.DISTINCT_ROOT_ENTITY).list();
|
||||
for (Object instance : instances) {
|
||||
if (instance != null && clazz.isInstance(instance)) {
|
||||
session.delete(clazz.cast(instance));
|
||||
CriteriaBuilder builder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<T> criteriaQuery = builder.createQuery(this.clazz);
|
||||
Root<T> root = criteriaQuery.from(this.clazz);
|
||||
criteriaQuery.select(root).distinct(true);
|
||||
Query<T> query = session.createQuery(criteriaQuery);
|
||||
List<T> results = query.getResultList();
|
||||
|
||||
for (T result : results) {
|
||||
session.delete(result);
|
||||
numEntitiesDeleted++;
|
||||
}
|
||||
}
|
||||
// List instances = session.createCriteria(this.clazz.getClass())
|
||||
// .setResultTransformer(Criteria.DISTINCT_ROOT_ENTITY).list();
|
||||
// for (Object instance : instances) {
|
||||
// session.delete((T) instance);
|
||||
// numEntitiesDeleted++;
|
||||
// }
|
||||
tx.commit();
|
||||
} catch (Exception e) {
|
||||
final String msg = "unable to truncate class";
|
||||
@ -343,51 +294,61 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
* Runs a Criteria query using the given collection of Criterion over the
|
||||
* associated class.
|
||||
*
|
||||
* @param criteriaCollection the collection of Criterion to apply
|
||||
* @param predicateCollection the collection of Criterion to apply
|
||||
*
|
||||
* @return a List of objects that match the criteria
|
||||
* @throws DBManagerException if an error is encountered while performing the query or creating
|
||||
* the result objects
|
||||
*/
|
||||
protected List<T> doGetWithCriteria(final Collection<Criterion> criteriaCollection)
|
||||
protected List<T> doGetWithCriteria(final Collection<Predicate> predicateCollection)
|
||||
throws DBManagerException {
|
||||
return doGetWithCriteria(clazz, criteriaCollection);
|
||||
return doGetWithCriteria(clazz, predicateCollection);
|
||||
}
|
||||
|
||||
/**
|
||||
* Runs a Criteria query using the given collection of Criterion over the
|
||||
* associated class.
|
||||
*
|
||||
* @param <U> the specific type of class to retrieve
|
||||
* @param clazzToGet the specific type of class to retrieve
|
||||
* (should extend this class' <T> parameter)
|
||||
* @param clazzToGet the class of object to retrieve
|
||||
* @param criteriaCollection the collection of Criterion to apply
|
||||
* @param predicateCollection the collection of Criterion to apply
|
||||
*
|
||||
* @return a List of objects that match the criteria
|
||||
* @throws DBManagerException if an error is encountered while performing the query or creating
|
||||
* the result objects
|
||||
*/
|
||||
protected final <U extends T> List<U> doGetWithCriteria(
|
||||
final Class<U> clazzToGet,
|
||||
final Collection<Criterion> criteriaCollection
|
||||
protected final List<T> doGetWithCriteria(
|
||||
final Class<T> clazzToGet,
|
||||
final Collection<Predicate> predicateCollection
|
||||
) throws DBManagerException {
|
||||
LOGGER.debug("running criteria query over: {}", clazzToGet);
|
||||
if (clazzToGet == null || criteriaCollection == null) {
|
||||
if (clazzToGet == null || predicateCollection == null) {
|
||||
LOGGER.debug("null object argument");
|
||||
throw new NullPointerException("criteria or restrictions");
|
||||
}
|
||||
List<U> ret = new ArrayList<>();
|
||||
List<T> ret = new ArrayList<>();
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = em.unwrap(org.hibernate.Session.class);
|
||||
try {
|
||||
LOGGER.debug("retrieving criteria from db");
|
||||
tx = session.beginTransaction();
|
||||
Criteria criteria = session.createCriteria(clazzToGet);
|
||||
for (Criterion crit : criteriaCollection) {
|
||||
criteria.add(crit);
|
||||
CriteriaBuilder builder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<T> criteriaQuery = builder.createQuery(this.clazz);
|
||||
Root<T> root = criteriaQuery.from(this.clazz);
|
||||
criteriaQuery.select(root);
|
||||
for (Predicate predicate : predicateCollection) {
|
||||
criteriaQuery.where(predicate);
|
||||
}
|
||||
List list = criteria.list();
|
||||
for (Object o : list) {
|
||||
|
||||
Query<T> query = session.createQuery(criteriaQuery);
|
||||
List<T> results = query.getResultList();
|
||||
|
||||
// Criteria criteria = session.createCriteria(clazzToGet);
|
||||
// for (Criterion crit : criteriaCollection) {
|
||||
// criteria.add(crit);
|
||||
// }
|
||||
// List list = criteria.list();
|
||||
for (Object o : results) {
|
||||
if (o != null && clazzToGet.isInstance(o)) {
|
||||
ret.add(clazzToGet.cast(o));
|
||||
}
|
||||
@ -416,6 +377,7 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
* @throws DBManagerException if object has previously been saved or an
|
||||
* error occurs while trying to save it to the database
|
||||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
protected T doSave(final T object) throws DBManagerException {
|
||||
LOGGER.debug("saving object: {}", object);
|
||||
if (object == null) {
|
||||
@ -424,14 +386,14 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
}
|
||||
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = em.unwrap(org.hibernate.Session.class);
|
||||
try {
|
||||
LOGGER.debug("saving object in db");
|
||||
tx = session.beginTransaction();
|
||||
final Serializable id = session.save(object);
|
||||
Object o = session.get(object.getClass(), id);
|
||||
T o = (T) session.get(object.getClass(), id);
|
||||
session.getTransaction().commit();
|
||||
return clazz.cast(o);
|
||||
return o;
|
||||
} catch (Exception e) {
|
||||
final String msg = "unable to save object";
|
||||
LOGGER.error(msg, e);
|
||||
@ -458,7 +420,7 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
}
|
||||
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = em.unwrap(org.hibernate.Session.class);
|
||||
try {
|
||||
LOGGER.debug("updating object in db");
|
||||
tx = session.beginTransaction();
|
||||
@ -493,12 +455,24 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
}
|
||||
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = getSession();
|
||||
try {
|
||||
LOGGER.debug("retrieving " + clazz.toString() + " from db");
|
||||
tx = session.beginTransaction();
|
||||
T ret = clazz.cast(session.createCriteria(clazz)
|
||||
.add(Restrictions.eq("name", name)).uniqueResult());
|
||||
CriteriaBuilder builder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<T> criteriaQuery = builder.createQuery(clazz);
|
||||
Root<T> root = criteriaQuery.from(clazz);
|
||||
Predicate recordPredicate = builder.and(
|
||||
builder.equal(root.get("name"), name));
|
||||
criteriaQuery.select(root).where(recordPredicate);
|
||||
Query<T> query = session.createQuery(criteriaQuery);
|
||||
List<T> results = query.getResultList();
|
||||
T ret = null;
|
||||
if (results != null && !results.isEmpty()) {
|
||||
ret = results.get(0);
|
||||
}
|
||||
// T ret = clazz.cast(session.createCriteria(clazz)
|
||||
// .add(Restrictions.eq("name", name)).uniqueResult());
|
||||
tx.commit();
|
||||
return ret;
|
||||
} catch (Exception e) {
|
||||
@ -529,146 +503,11 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
return null;
|
||||
}
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = getSession();
|
||||
try {
|
||||
LOGGER.debug("retrieving object from db");
|
||||
tx = session.beginTransaction();
|
||||
T ret = clazz.cast(session.get(clazz, id));
|
||||
tx.commit();
|
||||
return ret;
|
||||
} catch (Exception e) {
|
||||
final String msg = "unable to retrieve object";
|
||||
LOGGER.error(msg, e);
|
||||
if (tx != null) {
|
||||
LOGGER.debug("rolling back transaction");
|
||||
tx.rollback();
|
||||
}
|
||||
throw new DBManagerException(msg, e);
|
||||
}
|
||||
}
|
||||
|
||||
private void doLoadLazyFields(final Object obj, final boolean recurse)
|
||||
throws ExecutionException, IllegalAccessException, NoSuchMethodException,
|
||||
InvocationTargetException {
|
||||
doLoadLazyFields(obj, recurse, new HashSet<>());
|
||||
}
|
||||
|
||||
private void doLoadLazyFields(final Object obj, final boolean recurse,
|
||||
final Set<Object> doNotLoad)
|
||||
throws ExecutionException, IllegalAccessException, NoSuchMethodException,
|
||||
InvocationTargetException {
|
||||
if (obj == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (!obj.getClass().isAnnotationPresent(Entity.class)) {
|
||||
return;
|
||||
}
|
||||
|
||||
doNotLoad.add(obj);
|
||||
|
||||
for (Field field : LAZY_LOADED_FIELDS.get(obj.getClass())) {
|
||||
field.setAccessible(true);
|
||||
Object fieldObj = FieldUtils.readField(obj, field.getName(), true);
|
||||
Hibernate.initialize(fieldObj);
|
||||
field.setAccessible(false);
|
||||
if (fieldObj instanceof Collection) {
|
||||
Collection.class.getMethod("size").invoke(fieldObj);
|
||||
}
|
||||
}
|
||||
|
||||
if (recurse) {
|
||||
for (Field field : PERSISTED_FIELDS.get(obj.getClass())) {
|
||||
field.setAccessible(true);
|
||||
Object fieldObj = FieldUtils.readField(obj, field.getName(), true);
|
||||
field.setAccessible(false);
|
||||
if (!doNotLoad.contains(fieldObj)) {
|
||||
if (fieldObj instanceof Collection) {
|
||||
for (Object o : (Collection) fieldObj) {
|
||||
doLoadLazyFields(o, true, doNotLoad);
|
||||
}
|
||||
} else {
|
||||
doLoadLazyFields(fieldObj, true, doNotLoad);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieves the <code>Object</code> from the database. This searches the
|
||||
* database for an entry whose name matches <code>name</code>. It then
|
||||
* reconstructs the <code>Object</code> from the database entry. It will also
|
||||
* load all the lazy fields in the given class. If the parameter <code>recurse</code>
|
||||
* is set to true, this method will recursively descend into each of the object's fields
|
||||
* to load all the lazily-loaded entities. If false, only the fields belonging to the object
|
||||
* itself will be loaded.
|
||||
*
|
||||
* @param name name of the object
|
||||
* @param recurse whether to recursively load lazy data throughout the object's structures
|
||||
* @return object if found, otherwise null.
|
||||
* @throws DBManagerException if unable to search the database or recreate
|
||||
* the <code>Object</code>
|
||||
*/
|
||||
protected T doGetAndLoadLazyFields(final String name, final boolean recurse)
|
||||
throws DBManagerException {
|
||||
LOGGER.debug("getting object: {}", name);
|
||||
if (name == null) {
|
||||
LOGGER.debug("null id argument");
|
||||
return null;
|
||||
}
|
||||
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
try {
|
||||
LOGGER.debug("retrieving " + clazz.toString() + " from db");
|
||||
tx = session.beginTransaction();
|
||||
T ret = clazz.cast(session.createCriteria(clazz)
|
||||
.add(Restrictions.eq("name", name)).uniqueResult());
|
||||
doLoadLazyFields(ret, recurse);
|
||||
tx.commit();
|
||||
return ret;
|
||||
} catch (Exception e) {
|
||||
final String msg = "unable to retrieve object";
|
||||
LOGGER.error(msg, e);
|
||||
if (tx != null) {
|
||||
LOGGER.debug("rolling back transaction");
|
||||
tx.rollback();
|
||||
}
|
||||
throw new DBManagerException(msg, e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieves the <code>Object</code> from the database. This searches the
|
||||
* database for an entry whose id matches <code>id</code>. It then
|
||||
* reconstructs the <code>Object</code> from the database entry. It will also
|
||||
* load all the lazy fields in the given class. If the parameter <code>recurse</code>
|
||||
* is set to true, this method will recursively descend into each of the object's fields
|
||||
* to load all the lazily-loaded entities. If false, only the fields belonging to the object
|
||||
* itself will be loaded.
|
||||
*
|
||||
* @param id id of the object
|
||||
* @param recurse whether to recursively load lazy data throughout the object's structures
|
||||
* @return object if found, otherwise null.
|
||||
* @throws DBManagerException if unable to search the database or recreate
|
||||
* the <code>Object</code>
|
||||
*/
|
||||
protected T doGetAndLoadLazyFields(final Serializable id, final boolean recurse)
|
||||
throws DBManagerException {
|
||||
LOGGER.debug("getting object: {}", id);
|
||||
if (id == null) {
|
||||
LOGGER.debug("null id argument");
|
||||
return null;
|
||||
}
|
||||
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
try {
|
||||
LOGGER.debug("retrieving object from db");
|
||||
tx = session.beginTransaction();
|
||||
T ret = clazz.cast(session.get(clazz, id));
|
||||
doLoadLazyFields(ret, recurse);
|
||||
T ret = (T) session.get(clazz, id);
|
||||
tx.commit();
|
||||
return ret;
|
||||
} catch (Exception e) {
|
||||
@ -690,37 +529,46 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
* managed. This class argument allows the caller to limit which types of
|
||||
* <code>T</code> should be returned.
|
||||
*
|
||||
* @param clazz class type of <code>T</code>s to search for (may be null to
|
||||
* @param entity class type of <code>T</code>s to search for (may be null to
|
||||
* use Class<T>)
|
||||
* @param additionalRestriction - an added Criterion to use in the query, null for none
|
||||
* @return list of <code>T</code> names
|
||||
* @throws DBManagerException if unable to search the database
|
||||
*/
|
||||
protected List<T> doGetList(final Class<? extends T> clazz,
|
||||
@SuppressWarnings("unchecked")
|
||||
protected List<T> doGetList(final Class<T> entity,
|
||||
final Criterion additionalRestriction)
|
||||
throws DBManagerException {
|
||||
LOGGER.debug("Getting object list");
|
||||
Class<? extends T> searchClass = clazz;
|
||||
if (clazz == null) {
|
||||
LOGGER.debug("clazz is null");
|
||||
searchClass = this.clazz;
|
||||
if (entity == null) {
|
||||
LOGGER.debug("entity is null");
|
||||
return new ArrayList<>();
|
||||
}
|
||||
|
||||
Class<T> searchClass = entity;
|
||||
List<T> objects = new ArrayList<>();
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = getSession();
|
||||
try {
|
||||
LOGGER.debug("Retrieving objects from db of class {}", searchClass.getName());
|
||||
LOGGER.debug("Retrieving objects from db of class {}", searchClass);
|
||||
tx = session.beginTransaction();
|
||||
Criteria criteria = session.createCriteria(searchClass);
|
||||
if (additionalRestriction != null) {
|
||||
criteria.add(additionalRestriction);
|
||||
}
|
||||
List list = criteria.setResultTransformer(Criteria.DISTINCT_ROOT_ENTITY).list();
|
||||
for (Object o : list) {
|
||||
if (searchClass.isInstance(o)) {
|
||||
objects.add(searchClass.cast(o));
|
||||
}
|
||||
CriteriaBuilder builder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<T> criteriaQuery = builder.createQuery(searchClass);
|
||||
Root<T> root = criteriaQuery.from(criteriaQuery.getResultType());
|
||||
Predicate recordPredicate = builder.and(
|
||||
|
||||
);
|
||||
criteriaQuery.select(root).where(recordPredicate).distinct(true);
|
||||
Query<T> query = session.createQuery(criteriaQuery);
|
||||
List<T> results = query.getResultList();
|
||||
|
||||
// Criteria criteria = session.createCriteria(searchClass);
|
||||
// if (additionalRestriction != null) {
|
||||
// criteriaQuery.add(additionalRestriction);
|
||||
// }
|
||||
// List list = criteria.setResultTransformer(Criteria.DISTINCT_ROOT_ENTITY).list();
|
||||
for (Object o : results) {
|
||||
objects.add((T) o);
|
||||
}
|
||||
tx.commit();
|
||||
LOGGER.debug("Got {} objects", objects.size());
|
||||
@ -756,12 +604,12 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
* @throws DBManagerException if unable to create the list
|
||||
*/
|
||||
@SuppressWarnings("checkstyle:parameternumber")
|
||||
protected FilteredRecordsList<T> doGetOrderedList(final Class<? extends T> clazz,
|
||||
protected FilteredRecordsList<T> doGetOrderedList(final Class<T> clazz,
|
||||
final String columnToOrder, final boolean ascending, final int firstResult,
|
||||
final int maxResults, final String search, final Map<String, Boolean> searchableColumns,
|
||||
final CriteriaModifier criteriaModifier) throws DBManagerException {
|
||||
LOGGER.debug("Getting object list");
|
||||
Class<? extends T> searchClass = clazz;
|
||||
Class<T> searchClass = clazz;
|
||||
if (clazz == null) {
|
||||
LOGGER.debug("clazz is null");
|
||||
searchClass = this.clazz;
|
||||
@ -778,20 +626,33 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
|
||||
List<T> objects = new ArrayList<>();
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
try {
|
||||
Session session = getSession();
|
||||
CriteriaBuilder builder = session.getCriteriaBuilder();
|
||||
// try {
|
||||
LOGGER.debug("updating object in db");
|
||||
tx = session.beginTransaction();
|
||||
|
||||
//Returns totalResults in the given entity
|
||||
Criteria criteria = session.createCriteria(searchClass)
|
||||
.setProjection(Projections.countDistinct("id"));
|
||||
criteriaModifier.modify(criteria);
|
||||
CriteriaQuery<Long> criteriaQuery = builder.createQuery(Long.class);
|
||||
Root<T> root = criteriaQuery.from(clazz);
|
||||
criteriaQuery.select(builder.count(criteriaQuery.from(clazz)));
|
||||
List<Predicate> predicates = new ArrayList<>();
|
||||
|
||||
Long totalResultCount = (Long) criteria.uniqueResult();
|
||||
predicates.add(builder.isNotNull(root.get("id")));
|
||||
|
||||
// is this enough to not use the id column?
|
||||
criteriaQuery.select(builder.countDistinct(root));
|
||||
criteriaQuery.where(predicates.toArray(new Predicate[]{}));
|
||||
|
||||
// Criteria criteria = session.createCriteria(searchClass)
|
||||
// .setProjection(Projections.countDistinct("id"));
|
||||
// criteriaModifier.modify(criteria);
|
||||
|
||||
// criteria.uniqueResult();
|
||||
Long totalResultCount = session.createQuery(criteriaQuery).getSingleResult();
|
||||
|
||||
Long recordsFiltered = totalResultCount;
|
||||
Conjunction and = Restrictions.conjunction();
|
||||
Conjunction restrictions = Restrictions.conjunction();
|
||||
if (totalResultCount != 0) {
|
||||
LOGGER.info("Total result count greater than 0");
|
||||
//Builds the search criteria from all of the searchable columns
|
||||
@ -808,17 +669,21 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
or.add(ilikeCast(entry.getKey(), word));
|
||||
}
|
||||
}
|
||||
and.add(or);
|
||||
restrictions.add(or); // cyrus-dev
|
||||
}
|
||||
}
|
||||
|
||||
LOGGER.info("Search columns filtered");
|
||||
//Retrieves a count of all the records after being filtered
|
||||
criteria.setProjection(Projections.countDistinct("id"))
|
||||
.add(and);
|
||||
// criteria.setProjection(Projections.countDistinct("id"))
|
||||
// .add(restrictions);
|
||||
|
||||
// criteriaQuery.add(restrictions);
|
||||
criteriaQuery.where(predicates.toArray(new Predicate[]{}));
|
||||
try {
|
||||
LOGGER.info("Get unique result from criteria object");
|
||||
recordsFiltered = (Long) criteria.uniqueResult();
|
||||
//(Long) criteria.uniqueResult();
|
||||
recordsFiltered = session.createQuery(criteriaQuery).uniqueResult();
|
||||
} catch (HibernateException e) {
|
||||
LOGGER.error(e.getMessage());
|
||||
}
|
||||
@ -828,59 +693,61 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
//Generates an inner query that handles the searching, paging,
|
||||
//and sorting of the data. The query returns distinct ids in
|
||||
//order based on these values
|
||||
Criteria uniqueSubCriteria = session.createCriteria(searchClass)
|
||||
.setProjection(
|
||||
Projections.distinct(
|
||||
Projections.property("id")))
|
||||
.add(and)
|
||||
.setFirstResult(firstResult)
|
||||
.setMaxResults(maxResults);
|
||||
criteriaModifier.modify(uniqueSubCriteria);
|
||||
if (ascending) {
|
||||
uniqueSubCriteria.addOrder(Order.asc(columnToOrder));
|
||||
} else {
|
||||
uniqueSubCriteria.addOrder(Order.desc(columnToOrder));
|
||||
}
|
||||
|
||||
List ids = uniqueSubCriteria.list();
|
||||
// session.getCriteriaBuilder().createQuery(searchClass).
|
||||
// Criteria uniqueSubCriteria = session.createCriteria(searchClass)
|
||||
// .setProjection(
|
||||
// Projections.distinct(
|
||||
// Projections.property("id")))
|
||||
// .add(restrictions)
|
||||
// .setFirstResult(firstResult)
|
||||
// .setMaxResults(maxResults);
|
||||
// criteriaModifier.modify(uniqueSubCriteria);
|
||||
// if (ascending) {
|
||||
// uniqueSubCriteria.addOrder(Order.asc(columnToOrder));
|
||||
// } else {
|
||||
// uniqueSubCriteria.addOrder(Order.desc(columnToOrder));
|
||||
// }
|
||||
//
|
||||
// List ids = uniqueSubCriteria.list();
|
||||
|
||||
//Values take the unique identities that passed all other
|
||||
//criteria and returns the desired entity. Queries needed to be
|
||||
//separated in order to keep pagination and distinct results
|
||||
Criteria finalCriteria = session.createCriteria(searchClass)
|
||||
.add(Restrictions.in("id", ids))
|
||||
.setResultTransformer(
|
||||
CriteriaSpecification.DISTINCT_ROOT_ENTITY);
|
||||
criteriaModifier.modify(finalCriteria);
|
||||
|
||||
//Checks the order and validates before returning the values
|
||||
if (ascending) {
|
||||
finalCriteria.addOrder(Order.asc(columnToOrder));
|
||||
} else {
|
||||
finalCriteria.addOrder(Order.desc(columnToOrder));
|
||||
}
|
||||
|
||||
List list = finalCriteria.list();
|
||||
for (Object o : list) {
|
||||
if (clazz.isInstance(o)) {
|
||||
objects.add(clazz.cast(o));
|
||||
}
|
||||
}
|
||||
}
|
||||
// Criteria finalCriteria = session.createCriteria(searchClass)
|
||||
// .add(Restrictions.in("id", ids))
|
||||
// .setResultTransformer(
|
||||
// CriteriaSpecification.DISTINCT_ROOT_ENTITY);
|
||||
// criteriaModifier.modify(finalCriteria);
|
||||
//
|
||||
// //Checks the order and validates before returning the values
|
||||
// if (ascending) {
|
||||
// finalCriteria.addOrder(Order.asc(columnToOrder));
|
||||
// } else {
|
||||
// finalCriteria.addOrder(Order.desc(columnToOrder));
|
||||
// }
|
||||
//
|
||||
// List list = finalCriteria.list();
|
||||
// for (Object o : list) {
|
||||
// if (clazz.isInstance(o)) {
|
||||
// objects.add(clazz.cast(o));
|
||||
// }
|
||||
// }
|
||||
// }
|
||||
//Stores results of all the queries for the JQuery Datatable
|
||||
aqr.setRecordsTotal(totalResultCount);
|
||||
aqr.setRecordsFiltered(recordsFiltered);
|
||||
aqr.addAll(objects);
|
||||
tx.commit();
|
||||
} catch (HibernateException e) {
|
||||
final String msg = "unable to update object";
|
||||
LOGGER.error(msg, e);
|
||||
if (tx != null) {
|
||||
LOGGER.debug("rolling back transaction");
|
||||
tx.rollback();
|
||||
}
|
||||
throw e;
|
||||
// } catch (HibernateException e) {
|
||||
// final String msg = "unable to update object";
|
||||
// LOGGER.error(msg, e);
|
||||
// if (tx != null) {
|
||||
// LOGGER.debug("rolling back transaction");
|
||||
// tx.rollback();
|
||||
// }
|
||||
// throw e;
|
||||
}
|
||||
|
||||
LOGGER.info(searchClass.getName() + " found " + aqr.getRecordsTotal() + " records");
|
||||
return aqr;
|
||||
}
|
||||
@ -891,18 +758,18 @@ public abstract class AbstractDbManager<T> implements CrudManager<T> {
|
||||
*
|
||||
* @return session factory
|
||||
*/
|
||||
protected final SessionFactory getFactory() {
|
||||
return factory;
|
||||
protected final Session getSession() {
|
||||
return em.unwrap(org.hibernate.Session.class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a StatelessSession that can be used for querying.
|
||||
*
|
||||
* @return stateless session
|
||||
*/
|
||||
protected final StatelessSession getStatelessSession() {
|
||||
return factory.openStatelessSession();
|
||||
}
|
||||
// /**
|
||||
// * Returns a StatelessSession that can be used for querying.
|
||||
// *
|
||||
// * @return stateless session
|
||||
// */
|
||||
// protected final StatelessSession getStatelessSession() {
|
||||
// return factory.openStatelessSession();
|
||||
// }
|
||||
|
||||
|
||||
/**
|
@ -1,16 +1,21 @@
|
||||
package hirs.persist;
|
||||
package hirs.attestationca.servicemanager;
|
||||
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.persist.AppraiserManager;
|
||||
import hirs.persist.AppraiserManagerException;
|
||||
import hirs.persist.DBManagerException;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.SessionFactory;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* This class defines a <code>ApprasierManager</code> that stores the
|
||||
* appraisers in a database.
|
||||
*/
|
||||
@Service
|
||||
public class DBAppraiserManager extends DBManager<Appraiser> implements AppraiserManager {
|
||||
private static final Logger LOGGER = LogManager.getLogger();
|
||||
|
||||
@ -19,10 +24,10 @@ public class DBAppraiserManager extends DBManager<Appraiser> implements Appraise
|
||||
* database. The default database is used to store all of the
|
||||
* <code>Appraiser</code>s.
|
||||
*
|
||||
* @param sessionFactory session factory used to access database connections
|
||||
* @param em entity manager used to access database connections
|
||||
*/
|
||||
public DBAppraiserManager(final SessionFactory sessionFactory) {
|
||||
super(Appraiser.class, sessionFactory);
|
||||
public DBAppraiserManager(final EntityManager em) {
|
||||
super(Appraiser.class, em);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -34,7 +39,7 @@ public class DBAppraiserManager extends DBManager<Appraiser> implements Appraise
|
||||
* @param appraiser
|
||||
* appraiser to save
|
||||
* @return reference to saved appraiser
|
||||
* @throws AppraiserManagerException
|
||||
* @throws hirs.persist.AppraiserManagerException
|
||||
* if appraiser has previously been saved or an error occurs
|
||||
* while trying to save it to the database
|
||||
*/
|
||||
@ -97,7 +102,7 @@ public class DBAppraiserManager extends DBManager<Appraiser> implements Appraise
|
||||
public final List<Appraiser> getAppraiserList(final Class<? extends Appraiser> clazz)
|
||||
throws AppraiserManagerException {
|
||||
LOGGER.debug("getting appraiser list");
|
||||
return getList(clazz);
|
||||
return null; //getList(clazz); cyrus-dev
|
||||
}
|
||||
|
||||
/**
|
@ -0,0 +1,187 @@
|
||||
package hirs.attestationca.servicemanager;
|
||||
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.CertificateSelector;
|
||||
import hirs.persist.DBManagerException;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.retry.RetryCallback;
|
||||
import org.springframework.retry.RetryContext;
|
||||
import org.springframework.retry.support.RetryTemplate;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import java.io.Serializable;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* This class is used to persist and retrieve {@link Certificate}s into and from a database.
|
||||
*/
|
||||
@Service
|
||||
public class DBCertificateManager extends DBManager<Certificate>
|
||||
implements CertificateManager {
|
||||
|
||||
private static final Logger LOGGER = LogManager.getLogger(DBCertificateManager.class);
|
||||
|
||||
// structure for retrying methods in the database
|
||||
private RetryTemplate retryTemplate;
|
||||
|
||||
/**
|
||||
* Creates a new {@link DBCertificateManager} that uses the default
|
||||
* database.
|
||||
*
|
||||
* @param em entity manager used to access database connections
|
||||
*/
|
||||
public DBCertificateManager(final EntityManager em) {
|
||||
super(Certificate.class, em);
|
||||
}
|
||||
|
||||
/**
|
||||
* This method does not need to be used directly as it is used by
|
||||
* {@link hirs.persist.CertificateSelector}'s
|
||||
* get methods. Regardless, it may be used to retrieve certificates
|
||||
* by other code in this
|
||||
* package, given a configured CertificateSelector.
|
||||
*
|
||||
* Example:
|
||||
*
|
||||
* <pre>
|
||||
* {@code
|
||||
* CertificateSelector certSelector =
|
||||
* new CertificateSelector(Certificate.Type.CERTIFICATE_AUTHORITY)
|
||||
* .byIssuer("CN=Some certain issuer");
|
||||
*
|
||||
* Set<Certificate> certificates = certificateManager.get(certSelector);}
|
||||
* </pre>
|
||||
*
|
||||
* @param <T> the type of certificate that will be retrieved
|
||||
* @param certificateSelector a configured {@link hirs.persist.CertificateSelector}
|
||||
* to use for querying
|
||||
* @return the resulting set of Certificates, possibly empty
|
||||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
public <T extends Certificate> Set<T> getCertificate(
|
||||
final CertificateSelector certificateSelector) {
|
||||
return new HashSet<>(0
|
||||
// (List<T>) getWithCriteria(
|
||||
// certificateSelector.getCertificateClass(),
|
||||
// Collections.singleton(certificateSelector.getCriterion())
|
||||
// )
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove a certificate from the database.
|
||||
*
|
||||
* @param certificate the certificate to delete
|
||||
* @return true if deletion was successful, false otherwise
|
||||
*/
|
||||
public boolean deleteCertificate(final Certificate certificate) {
|
||||
return delete(certificate);
|
||||
}
|
||||
|
||||
/**
|
||||
* Saves the <code>Object</code> in the database. This creates a new
|
||||
* database session and saves the object. If the <code>Object</code> had
|
||||
* previously been saved then a <code>DBManagerException</code> is thrown.
|
||||
*
|
||||
* @param object object to save
|
||||
* @return reference to saved object
|
||||
* @throws hirs.persist.DBManagerException if object has previously been saved or an
|
||||
* error occurs while trying to save it to the database
|
||||
*/
|
||||
@Override
|
||||
public Certificate saveCertificate(final Certificate object) throws DBManagerException {
|
||||
return retryTemplate.execute(new RetryCallback<Certificate, DBManagerException>() {
|
||||
@Override
|
||||
public Certificate doWithRetry(final RetryContext context) throws DBManagerException {
|
||||
return doSave(object);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Deletes the object from the database. This removes all of the database
|
||||
* entries that stored information with regards to the this object.
|
||||
* <p>
|
||||
* If the object is referenced by any other tables then this will throw a
|
||||
* <code>DBManagerException</code>.
|
||||
*
|
||||
* @param object instance of the object to delete
|
||||
* @return true if successfully found and deleted the object
|
||||
* @throws DBManagerException if unable to find the baseline or delete it
|
||||
* from the database
|
||||
*/
|
||||
public final boolean delete(final Certificate object) throws DBManagerException {
|
||||
return retryTemplate.execute(new RetryCallback<Boolean, DBManagerException>() {
|
||||
@Override
|
||||
public Boolean doWithRetry(final RetryContext context) throws DBManagerException {
|
||||
return doDelete(object);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates an object stored in the database. This updates the database
|
||||
* entries to reflect the new values that should be set.
|
||||
*
|
||||
* @param object object to update
|
||||
* @throws DBManagerException if an error occurs while trying to save it to the database
|
||||
*/
|
||||
public final void updateCertificate(final Certificate object) throws DBManagerException {
|
||||
retryTemplate.execute(new RetryCallback<Void, DBManagerException>() {
|
||||
@Override
|
||||
public Void doWithRetry(final RetryContext context) throws DBManagerException {
|
||||
doUpdate(object);
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieves the <code>Object</code> from the database. This searches the
|
||||
* database for an entry whose name matches <code>name</code>. It then
|
||||
* reconstructs the <code>Object</code> from the database entry.
|
||||
*
|
||||
* @param id id of the object
|
||||
* @return object if found, otherwise null.
|
||||
* @throws DBManagerException if unable to search the database or recreate
|
||||
* the <code>Object</code>
|
||||
*/
|
||||
public final Certificate getCertificate(final Serializable id) throws DBManagerException {
|
||||
return retryTemplate.execute(new RetryCallback<Certificate, DBManagerException>() {
|
||||
@Override
|
||||
public Certificate doWithRetry(final RetryContext context) throws DBManagerException {
|
||||
return doGet(id);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
// /**
|
||||
// * Set the parameters used to retry database transactions. The retry template will
|
||||
// * retry transactions that throw a LockAcquisitionException or StaleObjectStateException.
|
||||
// * @param maxTransactionRetryAttempts the maximum number of database transaction attempts
|
||||
// * @param retryWaitTimeMilliseconds the transaction retry wait time in milliseconds
|
||||
// */
|
||||
// public final void setRetryTemplate(final int maxTransactionRetryAttempts,
|
||||
// final long retryWaitTimeMilliseconds) {
|
||||
// Map<Class<? extends Throwable>, Boolean> exceptionsToRetry = new HashMap<>();
|
||||
// exceptionsToRetry.put(LockAcquisitionException.class, true);
|
||||
// exceptionsToRetry.put(StaleObjectStateException.class, true);
|
||||
//
|
||||
// SimpleRetryPolicy retryPolicy = new SimpleRetryPolicy(
|
||||
// maxTransactionRetryAttempts,
|
||||
// exceptionsToRetry,
|
||||
// true,
|
||||
// false
|
||||
// );
|
||||
//
|
||||
// FixedBackOffPolicy backoffPolicy = new FixedBackOffPolicy();
|
||||
// backoffPolicy.setBackOffPeriod(retryWaitTimeMilliseconds);
|
||||
// this.retryTemplate = new RetryTemplate();
|
||||
// this.retryTemplate.setRetryPolicy(retryPolicy);
|
||||
// this.retryTemplate.setBackOffPolicy(backoffPolicy);
|
||||
// }
|
||||
}
|
@ -1,31 +1,39 @@
|
||||
package hirs.persist;
|
||||
package hirs.attestationca.servicemanager;
|
||||
|
||||
import hirs.FilteredRecordsList;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.persist.DeviceManagerException;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.Criteria;
|
||||
import org.hibernate.HibernateException;
|
||||
import org.hibernate.Session;
|
||||
import org.hibernate.SessionFactory;
|
||||
import org.hibernate.Transaction;
|
||||
import org.hibernate.criterion.Restrictions;
|
||||
import org.hibernate.query.Query;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.criteria.CriteriaBuilder;
|
||||
import javax.persistence.criteria.CriteriaQuery;
|
||||
import javax.persistence.criteria.JoinType;
|
||||
import javax.persistence.criteria.Predicate;
|
||||
import javax.persistence.criteria.Root;
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* This class defines a <code>DeviceManager</code> that stores the devices
|
||||
* in a database.
|
||||
*/
|
||||
@Service
|
||||
public class DBDeviceManager extends DBManager<Device> implements
|
||||
DeviceManager {
|
||||
|
||||
@ -36,10 +44,10 @@ public class DBDeviceManager extends DBManager<Device> implements
|
||||
* database. The default database is used to store all of the
|
||||
* <code>Device</code>s.
|
||||
*
|
||||
* @param sessionFactory session factory used to access database connections
|
||||
* @param em entity manager used to access database connections
|
||||
*/
|
||||
public DBDeviceManager(final SessionFactory sessionFactory) {
|
||||
super(Device.class, sessionFactory);
|
||||
public DBDeviceManager(final EntityManager em) {
|
||||
super(Device.class, em);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -51,7 +59,7 @@ public class DBDeviceManager extends DBManager<Device> implements
|
||||
* @param device
|
||||
* device to save
|
||||
* @return reference to saved device
|
||||
* @throws DeviceManagerException
|
||||
* @throws hirs.persist.DeviceManagerException
|
||||
* if device has previously been saved or an error occurs
|
||||
* while trying to save it to the database
|
||||
*/
|
||||
@ -103,7 +111,7 @@ public class DBDeviceManager extends DBManager<Device> implements
|
||||
throws DeviceManagerException {
|
||||
LOGGER.debug("updating all devices in list");
|
||||
|
||||
Session session = getFactory().getCurrentSession();
|
||||
Session session = getSession();
|
||||
Transaction tx = session.beginTransaction();
|
||||
try {
|
||||
for (final Device device : deviceList) {
|
||||
@ -208,7 +216,8 @@ public class DBDeviceManager extends DBManager<Device> implements
|
||||
return super.getOrderedList(Device.class, columnToOrder, ascending, firstResult,
|
||||
maxResults, search, searchableColumns, modifier);
|
||||
} catch (DBManagerException e) {
|
||||
throw new AlertManagerException(e);
|
||||
LOGGER.error(e);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
/**
|
||||
@ -245,21 +254,29 @@ public class DBDeviceManager extends DBManager<Device> implements
|
||||
public final List<Device> getDefaultDevices() throws DeviceManagerException {
|
||||
Transaction tx = null;
|
||||
|
||||
Session session = getFactory().getCurrentSession();
|
||||
Session session = getSession();
|
||||
List<Device> devices = new ArrayList<>();
|
||||
try {
|
||||
LOGGER.debug("retrieving defaults devices from db");
|
||||
tx = session.beginTransaction();
|
||||
|
||||
List list = session.createCriteria(Device.class).createAlias("deviceGroup", "group")
|
||||
.add(Restrictions.eq("group.name", DeviceGroup.DEFAULT_GROUP))
|
||||
.setResultTransformer(Criteria.DISTINCT_ROOT_ENTITY)
|
||||
.list();
|
||||
for (Object o : list) {
|
||||
if (o instanceof Device) {
|
||||
devices.add((Device) o);
|
||||
}
|
||||
CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<Device> criteriaQuery = criteriaBuilder.createQuery(Device.class);
|
||||
Root<Device> root = criteriaQuery.from(Device.class);
|
||||
root.join("group.name", JoinType.LEFT).alias("group");
|
||||
Predicate recordPredicate = criteriaBuilder
|
||||
.and(criteriaBuilder.equal(root.get("group.name"), "Default Group"));
|
||||
criteriaQuery.select(root).where(recordPredicate).distinct(true);
|
||||
Query<Device> query = session.createQuery(criteriaQuery);
|
||||
List<Device> results = query.getResultList();
|
||||
if (results != null) {
|
||||
devices.addAll(results);
|
||||
}
|
||||
// List list = session.createCriteria(Device.class).createAlias("deviceGroup", "group")
|
||||
// .add(Restrictions.eq("group.name", DeviceGroup.DEFAULT_GROUP))
|
||||
// .setResultTransformer(Criteria.DISTINCT_ROOT_ENTITY)
|
||||
// .list();
|
||||
|
||||
tx.commit();
|
||||
} catch (HibernateException e) {
|
||||
final String msg = "unable to retrieve default devices";
|
||||
@ -281,9 +298,6 @@ public class DBDeviceManager extends DBManager<Device> implements
|
||||
*
|
||||
* @param name of the device to be deleted
|
||||
* @return true if successfully found and deleted, false if otherwise
|
||||
* @throws DeviceGroupManagerException
|
||||
* if unable to find the device group or delete it from the
|
||||
* database
|
||||
*/
|
||||
@Override
|
||||
public final boolean deleteDevice(final String name)
|
@ -1,11 +1,12 @@
|
||||
package hirs.persist;
|
||||
package hirs.attestationca.servicemanager;
|
||||
|
||||
import hirs.FilteredRecordsList;
|
||||
import hirs.data.persist.ArchivableEntity;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.DBManagerException;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.Criteria;
|
||||
import org.hibernate.SessionFactory;
|
||||
import org.hibernate.StaleObjectStateException;
|
||||
import org.hibernate.criterion.Criterion;
|
||||
import org.hibernate.exception.LockAcquisitionException;
|
||||
@ -15,7 +16,10 @@ import org.springframework.retry.RetryListener;
|
||||
import org.springframework.retry.backoff.FixedBackOffPolicy;
|
||||
import org.springframework.retry.policy.SimpleRetryPolicy;
|
||||
import org.springframework.retry.support.RetryTemplate;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.criteria.Predicate;
|
||||
import java.io.Serializable;
|
||||
import java.util.Collection;
|
||||
import java.util.HashMap;
|
||||
@ -23,11 +27,12 @@ import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* @param <T> passed in type
|
||||
* Generic database manager for managing objects in a database. This provides create, read, update,
|
||||
* archive, and delete operations for managing objects in a database.
|
||||
*
|
||||
* @param <T> type of objects to manage by this manager
|
||||
*/
|
||||
@Service
|
||||
public class DBManager<T> extends AbstractDbManager<T> {
|
||||
private static final Logger LOGGER = LogManager.getLogger(DBManager.class);
|
||||
|
||||
@ -63,11 +68,11 @@ public class DBManager<T> extends AbstractDbManager<T> {
|
||||
* default database is used to store all of the objects.
|
||||
*
|
||||
* @param clazz Class to search for when doing Hibernate queries
|
||||
* @param sessionFactory the session factory to use to connect to the database
|
||||
* @param em the entity manager to use to connect to the database
|
||||
* unfortunately class type of T cannot be determined using only T
|
||||
*/
|
||||
public DBManager(final Class<T> clazz, final SessionFactory sessionFactory) {
|
||||
super(clazz, sessionFactory);
|
||||
public DBManager(final Class<T> clazz, final EntityManager em) {
|
||||
super(clazz, em);
|
||||
setRetryTemplate(DEFAULT_MAX_RETRY_ATTEMPTS, DEFAULT_RETRY_WAIT_TIME_MS);
|
||||
}
|
||||
|
||||
@ -109,20 +114,21 @@ public class DBManager<T> extends AbstractDbManager<T> {
|
||||
* Runs a Criteria query using the given collection of Criterion over the
|
||||
* associated class.
|
||||
*
|
||||
* @param criteriaCollection the collection of Criterion to apply
|
||||
* @param predicateCollection the collection of Criterion to apply
|
||||
*
|
||||
* @return a List of objects that match the criteria
|
||||
* @throws DBManagerException if an error is encountered while performing the query or creating
|
||||
* @throws hirs.persist.DBManagerException if an error is encountered
|
||||
* while performing the query or creating
|
||||
* the result objects
|
||||
*/
|
||||
public final List<T> getWithCriteria(final Collection<Criterion> criteriaCollection)
|
||||
public final List<T> getWithCriteria(final Collection<Predicate> predicateCollection)
|
||||
throws DBManagerException {
|
||||
return retryTemplate.execute(
|
||||
new RetryCallback<List<T>, DBManagerException>() {
|
||||
@Override
|
||||
public List<T> doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return doGetWithCriteria(criteriaCollection);
|
||||
return doGetWithCriteria(predicateCollection);
|
||||
}
|
||||
});
|
||||
}
|
||||
@ -131,8 +137,6 @@ public class DBManager<T> extends AbstractDbManager<T> {
|
||||
* Runs a Criteria query using the given collection of Criterion over the
|
||||
* associated class.
|
||||
*
|
||||
* @param <U> the specific type of class to retrieve
|
||||
* (should extend this class' <T> parameter)
|
||||
* @param clazzToGet the class of object to retrieve
|
||||
* @param criteriaCollection the collection of Criterion to apply
|
||||
*
|
||||
@ -140,13 +144,13 @@ public class DBManager<T> extends AbstractDbManager<T> {
|
||||
* @throws DBManagerException if an error is encountered while performing the query or creating
|
||||
* the result objects
|
||||
*/
|
||||
protected final <U extends T> List<U> getWithCriteria(
|
||||
final Class<U> clazzToGet,
|
||||
final Collection<Criterion> criteriaCollection) throws DBManagerException {
|
||||
protected final List<T> getWithCriteria(
|
||||
final Class<T> clazzToGet,
|
||||
final Collection<Predicate> criteriaCollection) throws DBManagerException {
|
||||
return retryTemplate.execute(
|
||||
new RetryCallback<List<U>, DBManagerException>() {
|
||||
new RetryCallback<List<T>, DBManagerException>() {
|
||||
@Override
|
||||
public List<U> doWithRetry(final RetryContext context)
|
||||
public List<T> doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return doGetWithCriteria(clazzToGet, criteriaCollection);
|
||||
}
|
||||
@ -264,7 +268,8 @@ public class DBManager<T> extends AbstractDbManager<T> {
|
||||
return retryTemplate.execute(new RetryCallback<T, DBManagerException>() {
|
||||
@Override
|
||||
public T doWithRetry(final RetryContext context) throws DBManagerException {
|
||||
return doGetAndLoadLazyFields(name, recurse);
|
||||
return null;
|
||||
// return doGetAndLoadLazyFields(name, recurse);
|
||||
}
|
||||
});
|
||||
}
|
||||
@ -286,7 +291,8 @@ public class DBManager<T> extends AbstractDbManager<T> {
|
||||
*/
|
||||
public final T getAndLoadLazyFields(final Serializable id, final boolean recurse)
|
||||
throws DBManagerException {
|
||||
return doGetAndLoadLazyFields(id, recurse);
|
||||
return null;
|
||||
// return doGetAndLoadLazyFields(id, recurse);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -297,14 +303,14 @@ public class DBManager<T> extends AbstractDbManager<T> {
|
||||
* managed. This class argument allows the caller to limit which types of
|
||||
* <code>T</code> should be returned.
|
||||
*
|
||||
* @param clazz class type of <code>T</code>s to search for (may be null to
|
||||
* @param entity class type of <code>T</code>s to search for (may be null to
|
||||
* use Class<T>)
|
||||
* @return list of <code>T</code> names
|
||||
* @throws DBManagerException if unable to search the database
|
||||
*/
|
||||
public List<T> getList(final Class<? extends T> clazz)
|
||||
public List<T> getList(final Class<T> entity)
|
||||
throws DBManagerException {
|
||||
return getList(clazz, null);
|
||||
return getList(entity, null);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -315,19 +321,19 @@ public class DBManager<T> extends AbstractDbManager<T> {
|
||||
* managed. This class argument allows the caller to limit which types of
|
||||
* <code>T</code> should be returned.
|
||||
*
|
||||
* @param clazz class type of <code>T</code>s to search for (may be null to
|
||||
* @param entity class type of <code>T</code>s to search for (may be null to
|
||||
* use Class<T>)
|
||||
* @param additionalRestriction additional restrictions to apply to criteria.
|
||||
* @return list of <code>T</code> names
|
||||
* @throws DBManagerException if unable to search the database
|
||||
*/
|
||||
@Override
|
||||
public List<T> getList(final Class<? extends T> clazz, final Criterion additionalRestriction)
|
||||
public List<T> getList(final Class<T> entity, final Criterion additionalRestriction)
|
||||
throws DBManagerException {
|
||||
return retryTemplate.execute(new RetryCallback<List<T>, DBManagerException>() {
|
||||
@Override
|
||||
public List<T> doWithRetry(final RetryContext context) throws DBManagerException {
|
||||
return doGetList(clazz, additionalRestriction);
|
||||
return doGetList(entity, additionalRestriction);
|
||||
}
|
||||
});
|
||||
}
|
||||
@ -352,7 +358,7 @@ public class DBManager<T> extends AbstractDbManager<T> {
|
||||
*/
|
||||
@Override
|
||||
public final FilteredRecordsList getOrderedList(
|
||||
final Class<? extends T> clazz, final String columnToOrder,
|
||||
final Class<T> clazz, final String columnToOrder,
|
||||
final boolean ascending, final int firstResult,
|
||||
final int maxResults, final String search,
|
||||
final Map<String, Boolean> searchableColumns)
|
||||
@ -391,7 +397,7 @@ public class DBManager<T> extends AbstractDbManager<T> {
|
||||
*/
|
||||
@SuppressWarnings("checkstyle:parameternumber")
|
||||
public final FilteredRecordsList<T> getOrderedList(
|
||||
final Class<? extends T> clazz, final String columnToOrder,
|
||||
final Class<T> clazz, final String columnToOrder,
|
||||
final boolean ascending, final int firstResult,
|
||||
final int maxResults, final String search,
|
||||
final Map<String, Boolean> searchableColumns, final CriteriaModifier criteriaModifier)
|
||||
@ -421,7 +427,6 @@ public class DBManager<T> extends AbstractDbManager<T> {
|
||||
* @throws DBManagerException if unable to find the baseline or delete it
|
||||
* from the database
|
||||
*/
|
||||
|
||||
public final boolean delete(final String name) throws DBManagerException {
|
||||
return retryTemplate.execute(new RetryCallback<Boolean, DBManagerException>() {
|
||||
@Override
|
||||
@ -444,7 +449,7 @@ public class DBManager<T> extends AbstractDbManager<T> {
|
||||
* @throws DBManagerException if unable to find the baseline or delete it
|
||||
* from the database
|
||||
*/
|
||||
public final boolean delete(final Serializable id)
|
||||
public final boolean deleteById(final Serializable id)
|
||||
throws DBManagerException {
|
||||
return retryTemplate.execute(new RetryCallback<Boolean, DBManagerException>() {
|
||||
@Override
|
||||
@ -454,27 +459,6 @@ public class DBManager<T> extends AbstractDbManager<T> {
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Deletes the object from the database. This removes all of the database
|
||||
* entries that stored information with regards to the this object.
|
||||
* <p>
|
||||
* If the object is referenced by any other tables then this will throw a
|
||||
* <code>DBManagerException</code>.
|
||||
*
|
||||
* @param object object to delete
|
||||
* @return true if successfully found and deleted the object
|
||||
* @throws DBManagerException if unable to delete the object from the database
|
||||
*/
|
||||
@Override
|
||||
public final boolean delete(final T object) throws DBManagerException {
|
||||
return retryTemplate.execute(new RetryCallback<Boolean, DBManagerException>() {
|
||||
@Override
|
||||
public Boolean doWithRetry(final RetryContext context) throws DBManagerException {
|
||||
return doDelete(object);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Archives the named object and updates it in the database.
|
||||
*
|
@ -1,30 +1,33 @@
|
||||
package hirs.persist;
|
||||
package hirs.attestationca.servicemanager;
|
||||
|
||||
import com.google.common.base.Preconditions;
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.data.persist.baseline.Baseline;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.baseline.HasBaselines;
|
||||
import hirs.data.persist.Policy;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import hirs.data.persist.policy.Policy;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.PolicyManager;
|
||||
import hirs.persist.PolicyManagerException;
|
||||
import hirs.persist.PolicyMapper;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.Criteria;
|
||||
import org.hibernate.Session;
|
||||
import org.hibernate.SessionFactory;
|
||||
import org.hibernate.Transaction;
|
||||
import org.hibernate.criterion.Projections;
|
||||
import org.hibernate.criterion.Restrictions;
|
||||
import org.hibernate.query.Query;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.criteria.CriteriaBuilder;
|
||||
import javax.persistence.criteria.CriteriaQuery;
|
||||
import javax.persistence.criteria.Predicate;
|
||||
import javax.persistence.criteria.Root;
|
||||
import java.io.Serializable;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* This class defines a <code>PolicyManager</code> that stores policies in a
|
||||
* database.
|
||||
*/
|
||||
@Repository
|
||||
public class DBPolicyManager extends DBManager<Policy> implements PolicyManager {
|
||||
|
||||
private static final Logger LOGGER = LogManager.getLogger(DBPolicyManager.class);
|
||||
@ -34,10 +37,10 @@ public class DBPolicyManager extends DBManager<Policy> implements PolicyManager
|
||||
* parameter is used to initialize a session factory to manage all hibernate
|
||||
* sessions.
|
||||
*
|
||||
* @param factory session factory to manage connections to hibernate db
|
||||
* @param em Entity Manager to manage connections to hibernate db
|
||||
*/
|
||||
public DBPolicyManager(final SessionFactory factory) {
|
||||
super(Policy.class, factory);
|
||||
public DBPolicyManager(final EntityManager em) {
|
||||
super(Policy.class, em);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -46,7 +49,7 @@ public class DBPolicyManager extends DBManager<Policy> implements PolicyManager
|
||||
* @param policy
|
||||
* policy to save
|
||||
* @return <code>Policy</code> that was saved
|
||||
* @throws PolicyManagerException
|
||||
* @throws hirs.persist.PolicyManagerException
|
||||
* if policy has previously been saved or an error occurs while
|
||||
* trying to save it to the database
|
||||
*/
|
||||
@ -95,36 +98,7 @@ public class DBPolicyManager extends DBManager<Policy> implements PolicyManager
|
||||
public final List<Policy> getPolicyList(final Class<? extends Policy> clazz)
|
||||
throws PolicyManagerException {
|
||||
LOGGER.debug("getting policy list");
|
||||
try {
|
||||
return super.getList(clazz, Restrictions.isNull("archivedTime"));
|
||||
} catch (DBManagerException e) {
|
||||
throw new PolicyManagerException(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a list of all the policies that contain the given baseline.
|
||||
*
|
||||
* @param clazz the class of Policy to search
|
||||
* @param baseline the baseline that should be a member of returned Policies
|
||||
* @return the list of matching Policies
|
||||
*/
|
||||
@Override
|
||||
public List<Policy> getPoliciesContainingBaseline(
|
||||
final Class<? extends Policy> clazz,
|
||||
final Baseline baseline
|
||||
) {
|
||||
List<Policy> matchingPolicies = new ArrayList<>();
|
||||
List<Policy> policies = getPolicyList(clazz);
|
||||
for (Policy policy : policies) {
|
||||
if (policy instanceof HasBaselines) {
|
||||
HasBaselines policyWithBaselines = (HasBaselines) policy;
|
||||
if (policyWithBaselines.getBaselines().contains(baseline)) {
|
||||
matchingPolicies.add(policy);
|
||||
}
|
||||
}
|
||||
}
|
||||
return matchingPolicies;
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -173,6 +147,18 @@ public class DBPolicyManager extends DBManager<Policy> implements PolicyManager
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Deletes the policy given.
|
||||
*
|
||||
* @param policy {@link Policy} to be deleted
|
||||
* @return status of the deletion
|
||||
* @throws DBManagerException
|
||||
*/
|
||||
@Override
|
||||
public final boolean delete(final Policy policy) throws DBManagerException {
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the default <code>Policy</code> to use for an <code>Appraiser</code>.
|
||||
* This updates the database to reflect this change so that when this
|
||||
@ -191,20 +177,39 @@ public class DBPolicyManager extends DBManager<Policy> implements PolicyManager
|
||||
LOGGER.error("cannot set default policy on null appraiser");
|
||||
throw new NullPointerException("appraiser");
|
||||
}
|
||||
final SessionFactory factory = getFactory();
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = getSession();
|
||||
Transaction tx = session.beginTransaction();
|
||||
try {
|
||||
final Criteria criteria = session.createCriteria(DeviceGroup.class)
|
||||
.add(Restrictions.eq("name", DeviceGroup.DEFAULT_GROUP));
|
||||
DeviceGroup group = (DeviceGroup) criteria.uniqueResult();
|
||||
CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<PolicyMapper> policyMapperCriteriaQuery = criteriaBuilder
|
||||
.createQuery(PolicyMapper.class);
|
||||
Root<PolicyMapper> policyMapperRoot = policyMapperCriteriaQuery
|
||||
.from(PolicyMapper.class);
|
||||
Predicate policyPredicate = criteriaBuilder.and(
|
||||
criteriaBuilder.equal(policyMapperRoot.get("appraiser"), appraiser),
|
||||
criteriaBuilder.equal(policyMapperRoot.get("group.name"),
|
||||
"Default Group"));
|
||||
policyMapperCriteriaQuery.select(policyMapperRoot).where(policyPredicate);
|
||||
|
||||
LOGGER.debug("finding existing policy mapper from db where "
|
||||
+ "appraiser = {}", appraiser);
|
||||
final Criteria cr = session.createCriteria(PolicyMapper.class)
|
||||
.createAlias("deviceGroup", "group")
|
||||
.add(Restrictions.eq("appraiser", appraiser))
|
||||
.add(Restrictions.eq("group.name", DeviceGroup.DEFAULT_GROUP));
|
||||
final PolicyMapper mapper = (PolicyMapper) cr.uniqueResult();
|
||||
|
||||
LOGGER.debug("finding existing policy mapper from db where "
|
||||
+ "appraiser = {}", appraiser);
|
||||
PolicyMapper mapper = null;
|
||||
Query<PolicyMapper> policyMapperQuery = session.createQuery(policyMapperCriteriaQuery);
|
||||
List<PolicyMapper> policyMappers = policyMapperQuery.getResultList();
|
||||
if (policyMappers != null && !policyMappers.isEmpty()) {
|
||||
mapper = policyMappers.get(0);
|
||||
}
|
||||
// final Criteria criteria = session.createCriteria(DeviceGroup.class)
|
||||
// .add(Restrictions.eq("name", DeviceGroup.DEFAULT_GROUP));
|
||||
// DeviceGroup group = (DeviceGroup) criteria.uniqueResult();
|
||||
// final Criteria cr = session.createCriteria(PolicyMapper.class)
|
||||
// .createAlias("deviceGroup", "group")
|
||||
// .add(Restrictions.eq("appraiser", appraiser))
|
||||
// .add(Restrictions.eq("group.name", DeviceGroup.DEFAULT_GROUP));
|
||||
// final PolicyMapper mapper = (PolicyMapper) cr.uniqueResult();
|
||||
if (policy == null) {
|
||||
LOGGER.debug("policy is null so removing policy");
|
||||
if (mapper != null) {
|
||||
@ -214,7 +219,7 @@ public class DBPolicyManager extends DBManager<Policy> implements PolicyManager
|
||||
LOGGER.info("setting default policy {} on appraiser {}",
|
||||
policy, appraiser);
|
||||
if (mapper == null) {
|
||||
session.save(new PolicyMapper(appraiser, policy, group));
|
||||
session.save(new PolicyMapper(appraiser, policy));
|
||||
} else {
|
||||
mapper.setPolicy(policy);
|
||||
session.update(mapper);
|
||||
@ -247,8 +252,7 @@ public class DBPolicyManager extends DBManager<Policy> implements PolicyManager
|
||||
* If the default <code>Policy</code> has not been set then this returns
|
||||
* null.
|
||||
*
|
||||
* @param appraiser
|
||||
* appraiser
|
||||
* @param appraiser appraiser
|
||||
* @return default policy
|
||||
*/
|
||||
@Override
|
||||
@ -259,18 +263,31 @@ public class DBPolicyManager extends DBManager<Policy> implements PolicyManager
|
||||
}
|
||||
|
||||
Policy ret = null;
|
||||
final SessionFactory factory = getFactory();
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = getSession();
|
||||
try {
|
||||
tx = session.beginTransaction();
|
||||
LOGGER.debug("retrieving policy mapper from db where appraiser = {}",
|
||||
appraiser);
|
||||
final Criteria cr = session.createCriteria(PolicyMapper.class)
|
||||
.createAlias("deviceGroup", "group")
|
||||
.add(Restrictions.eq("appraiser", appraiser))
|
||||
.add(Restrictions.eq("group.name", DeviceGroup.DEFAULT_GROUP));
|
||||
final PolicyMapper mapper = (PolicyMapper) cr.uniqueResult();
|
||||
CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<PolicyMapper> criteriaQuery = criteriaBuilder
|
||||
.createQuery(PolicyMapper.class);
|
||||
Root<PolicyMapper> root = criteriaQuery.from(PolicyMapper.class);
|
||||
Predicate recordPredicate = criteriaBuilder.and(
|
||||
criteriaBuilder.equal(root.get("appraiser"), appraiser),
|
||||
criteriaBuilder.equal(root.get("group.name"), "Default Group"));
|
||||
criteriaQuery.select(root).where(recordPredicate);
|
||||
Query<PolicyMapper> query = session.createQuery(criteriaQuery);
|
||||
List<PolicyMapper> results = query.getResultList();
|
||||
PolicyMapper mapper = null;
|
||||
if (results != null && !results.isEmpty()) {
|
||||
mapper = results.get(0);
|
||||
}
|
||||
// final Criteria cr = session.createCriteria(PolicyMapper.class)
|
||||
// .createAlias("deviceGroup", "group")
|
||||
// .add(Restrictions.eq("appraiser", appraiser))
|
||||
// .add(Restrictions.eq("group.name", DeviceGroup.DEFAULT_GROUP));
|
||||
// final PolicyMapper mapper = (PolicyMapper) cr.uniqueResult();
|
||||
if (mapper == null) {
|
||||
LOGGER.debug("no policy mapper found for appraiser {}",
|
||||
appraiser);
|
||||
@ -308,36 +325,50 @@ public class DBPolicyManager extends DBManager<Policy> implements PolicyManager
|
||||
* there is none
|
||||
*/
|
||||
@Override
|
||||
public final Policy getPolicy(
|
||||
final Appraiser appraiser,
|
||||
final Device device) {
|
||||
public final Policy getPolicy(final Appraiser appraiser, final Device device) {
|
||||
Preconditions.checkArgument(appraiser != null, "Appraiser must not be null");
|
||||
Preconditions.checkArgument(device != null, "Device must not be null");
|
||||
|
||||
Policy ret = null;
|
||||
final SessionFactory factory = getFactory();
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = getSession();
|
||||
try {
|
||||
tx = session.beginTransaction();
|
||||
LOGGER.debug("retrieving policy mapper from db where appraiser = "
|
||||
+ "{} and device= {}", appraiser, device);
|
||||
final Criteria deviceCr = session.createCriteria(Device.class)
|
||||
.add(Restrictions.eq("name", device.getName()));
|
||||
final Device retrievedDevice = (Device) deviceCr.uniqueResult();
|
||||
DeviceGroup deviceGroup = null;
|
||||
if (retrievedDevice != null) {
|
||||
deviceGroup = retrievedDevice.getDeviceGroup();
|
||||
final CriteriaBuilder deviceCriteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<Device> criteriaQuery = deviceCriteriaBuilder.createQuery(Device.class);
|
||||
Root<Device> root = criteriaQuery.from(Device.class);
|
||||
Predicate recordPredicate = deviceCriteriaBuilder.and(
|
||||
deviceCriteriaBuilder.equal(root.get("name"), device.getName()));
|
||||
criteriaQuery.select(root).where(recordPredicate);
|
||||
Query<Device> query = session.createQuery(criteriaQuery);
|
||||
List<Device> results = query.getResultList();
|
||||
Device retrievedDevice = null;
|
||||
if (results != null && !results.isEmpty()) {
|
||||
retrievedDevice = results.get(0);
|
||||
}
|
||||
final Criteria cr = session.createCriteria(PolicyMapper.class)
|
||||
.add(Restrictions.eq("appraiser", appraiser))
|
||||
.add(Restrictions.eq("deviceGroup", deviceGroup));
|
||||
final PolicyMapper mapper = (PolicyMapper) cr.uniqueResult();
|
||||
if (mapper == null) {
|
||||
LOGGER.debug("no policy mapper found for appraiser {} and "
|
||||
+ "device group {}", appraiser, deviceGroup);
|
||||
// final Criteria deviceCr = session.createCriteria(Device.class)
|
||||
// .add(Restrictions.eq("name", device.getName()));
|
||||
// final Device retrievedDevice = (Device) deviceCr.uniqueResult();
|
||||
|
||||
final CriteriaBuilder policyCriteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<PolicyMapper> policyCriteriaQuery = policyCriteriaBuilder
|
||||
.createQuery(PolicyMapper.class);
|
||||
Root<PolicyMapper> policyRoot = policyCriteriaQuery.from(PolicyMapper.class);
|
||||
Predicate policyPredicate = policyCriteriaBuilder.and(
|
||||
policyCriteriaBuilder.equal(policyRoot.get("appraiser"), appraiser));
|
||||
policyCriteriaQuery.select(policyRoot).where(policyPredicate);
|
||||
Query<PolicyMapper> policyQuery = session.createQuery(policyCriteriaQuery);
|
||||
List<PolicyMapper> policyResults = policyQuery.getResultList();
|
||||
// final Criteria cr = session.createCriteria(PolicyMapper.class)
|
||||
// .add(Restrictions.eq("appraiser", appraiser))
|
||||
// .add(Restrictions.eq("deviceGroup", deviceGroup));
|
||||
// final PolicyMapper mapper = (PolicyMapper) cr.uniqueResult();
|
||||
if (policyResults == null) {
|
||||
LOGGER.debug("no policy mapper found for appraiser {}", appraiser);
|
||||
} else {
|
||||
ret = mapper.getPolicy();
|
||||
ret = policyResults.get(0).getPolicy();
|
||||
}
|
||||
session.getTransaction().commit();
|
||||
} catch (Exception e) {
|
||||
@ -360,36 +391,40 @@ public class DBPolicyManager extends DBManager<Policy> implements PolicyManager
|
||||
* policy for the given appraiser. If neither the specific policy for the
|
||||
* device group or the default policy is found, null is returned.
|
||||
*
|
||||
* @param appraiser
|
||||
* appraiser
|
||||
* @param deviceGroup
|
||||
* device group
|
||||
* @param appraiser appraiser
|
||||
* @return policy associated with the appraiser-device group pair or null if
|
||||
* there is none
|
||||
*/
|
||||
@Override
|
||||
public final Policy getPolicy(final Appraiser appraiser,
|
||||
final DeviceGroup deviceGroup) {
|
||||
public final Policy getPolicy(final Appraiser appraiser) {
|
||||
if (appraiser == null) {
|
||||
LOGGER.error("cannot get policy for null appraiser");
|
||||
return null;
|
||||
}
|
||||
|
||||
Policy ret = null;
|
||||
final SessionFactory factory = getFactory();
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = getSession();
|
||||
try {
|
||||
tx = session.beginTransaction();
|
||||
LOGGER.debug("retrieving policy mapper from db where appraiser = "
|
||||
+ "{} and device group = {}", appraiser, deviceGroup);
|
||||
final Criteria cr = session.createCriteria(PolicyMapper.class)
|
||||
.add(Restrictions.eq("appraiser", appraiser))
|
||||
.add(Restrictions.eq("deviceGroup", deviceGroup));
|
||||
final PolicyMapper mapper = (PolicyMapper) cr.uniqueResult();
|
||||
+ "{}", appraiser);
|
||||
CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<PolicyMapper> criteriaQuery = criteriaBuilder
|
||||
.createQuery(PolicyMapper.class);
|
||||
Root<PolicyMapper> root = criteriaQuery.from(PolicyMapper.class);
|
||||
Predicate recordPredicate = criteriaBuilder.and(
|
||||
criteriaBuilder.equal(root.get("appraiser"), appraiser));
|
||||
criteriaQuery.select(root).where(recordPredicate);
|
||||
Query<PolicyMapper> query = session.createQuery(criteriaQuery);
|
||||
List<PolicyMapper> results = query.getResultList();
|
||||
PolicyMapper mapper = null;
|
||||
if (results != null && !results.isEmpty()) {
|
||||
mapper = results.get(0);
|
||||
}
|
||||
|
||||
if (mapper == null) {
|
||||
LOGGER.debug("no policy mapper found for appraiser {} and "
|
||||
+ "device group {}", appraiser, deviceGroup);
|
||||
LOGGER.debug("no policy mapper found for appraiser {}", appraiser);
|
||||
} else {
|
||||
ret = mapper.getPolicy();
|
||||
}
|
||||
@ -406,9 +441,6 @@ public class DBPolicyManager extends DBManager<Policy> implements PolicyManager
|
||||
|
||||
if (ret == null) {
|
||||
String groupName = "null";
|
||||
if (deviceGroup != null) {
|
||||
groupName = deviceGroup.getName();
|
||||
}
|
||||
final String msg = String.format("unable to find policy for appraiser '%s'"
|
||||
+ " for device group '%s'", appraiser.getName(), groupName);
|
||||
LOGGER.debug(msg);
|
||||
@ -422,31 +454,34 @@ public class DBPolicyManager extends DBManager<Policy> implements PolicyManager
|
||||
* <code>DeviceGroup</code> pair. This updates the database to reflect this
|
||||
* change so that when this class is loaded it should read that property.
|
||||
*
|
||||
* @param appraiser
|
||||
* appraiser
|
||||
* @param deviceGroup
|
||||
* device group
|
||||
* @param policy
|
||||
* policy
|
||||
* @param appraiser appraiser
|
||||
* @param policy policy
|
||||
*/
|
||||
@Override
|
||||
public final void setPolicy(final Appraiser appraiser,
|
||||
final DeviceGroup deviceGroup, final Policy policy) {
|
||||
public final void setPolicy(final Appraiser appraiser, final Policy policy) {
|
||||
Preconditions.checkNotNull(appraiser, "Cannot set policy on null appraiser");
|
||||
Preconditions.checkNotNull(deviceGroup, "Cannot set policy on null device group");
|
||||
|
||||
final SessionFactory factory = getFactory();
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = getSession();
|
||||
try {
|
||||
tx = session.beginTransaction();
|
||||
LOGGER.debug("Finding existing policy mapper from db where "
|
||||
+ "appraiser = {} and device group = {}", appraiser,
|
||||
deviceGroup);
|
||||
final Criteria cr = session.createCriteria(PolicyMapper.class)
|
||||
.add(Restrictions.eq("appraiser", appraiser))
|
||||
.add(Restrictions.eq("deviceGroup", deviceGroup));
|
||||
final PolicyMapper mapper = (PolicyMapper) cr.uniqueResult();
|
||||
CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<PolicyMapper> criteriaQuery = criteriaBuilder
|
||||
.createQuery(PolicyMapper.class);
|
||||
Root<PolicyMapper> root = criteriaQuery.from(PolicyMapper.class);
|
||||
Predicate recordPredicate = criteriaBuilder.and(
|
||||
criteriaBuilder.equal(root.get("appraiser"), appraiser));
|
||||
criteriaQuery.select(root).where(recordPredicate);
|
||||
Query<PolicyMapper> query = session.createQuery(criteriaQuery);
|
||||
List<PolicyMapper> results = query.getResultList();
|
||||
PolicyMapper mapper = null;
|
||||
if (results != null && !results.isEmpty()) {
|
||||
mapper = results.get(0);
|
||||
}
|
||||
// final Criteria cr = session.createCriteria(PolicyMapper.class)
|
||||
// .add(Restrictions.eq("appraiser", appraiser))
|
||||
// .add(Restrictions.eq("deviceGroup", deviceGroup));
|
||||
// final PolicyMapper mapper = (PolicyMapper) cr.uniqueResult();
|
||||
if (policy == null) {
|
||||
LOGGER.info("Policy is null, so removing policy from device group {}");
|
||||
if (mapper != null) {
|
||||
@ -454,10 +489,9 @@ public class DBPolicyManager extends DBManager<Policy> implements PolicyManager
|
||||
}
|
||||
} else {
|
||||
LOGGER.info("Setting policy {} on appraiser {} on device "
|
||||
+ "group {}", policy, appraiser, deviceGroup);
|
||||
+ "group {}", policy, appraiser);
|
||||
if (mapper == null) {
|
||||
session.save(new PolicyMapper(appraiser, policy,
|
||||
deviceGroup));
|
||||
session.save(new PolicyMapper(appraiser, policy));
|
||||
} else {
|
||||
mapper.setPolicy(policy);
|
||||
session.update(mapper);
|
||||
@ -486,21 +520,20 @@ public class DBPolicyManager extends DBManager<Policy> implements PolicyManager
|
||||
int count = 0;
|
||||
|
||||
if (policy != null) {
|
||||
final SessionFactory factory = getFactory();
|
||||
Transaction tx = null;
|
||||
Session session = factory.getCurrentSession();
|
||||
Session session = getSession();
|
||||
try {
|
||||
tx = session.beginTransaction();
|
||||
LOGGER.debug("retrieving group use count for policy {}", policy);
|
||||
final Criteria cr = session.createCriteria(PolicyMapper.class)
|
||||
.add(Restrictions.eq("policy", policy))
|
||||
.setProjection(Projections.projectionList()
|
||||
.add(Projections.count("policy")));
|
||||
// final Criteria cr = session.createCriteria(PolicyMapper.class)
|
||||
// .add(Restrictions.eq("policy", policy))
|
||||
// .setProjection(Projections.projectionList()
|
||||
// .add(Projections.count("policy")));
|
||||
|
||||
final Object result = cr.uniqueResult();
|
||||
if (result != null && result instanceof Long) {
|
||||
count = ((Long) result).intValue();
|
||||
}
|
||||
// final Object result = cr.uniqueResult();
|
||||
// if (result != null && result instanceof Long) {
|
||||
// count = ((Long) result).intValue();
|
||||
// }
|
||||
} catch (Exception e) {
|
||||
// Log the error and return -1 to enable error handling.
|
||||
count = -1;
|
@ -1,19 +1,23 @@
|
||||
package hirs.persist;
|
||||
package hirs.attestationca.servicemanager;
|
||||
|
||||
import hirs.data.persist.info.PortalInfo;
|
||||
import hirs.data.persist.enums.PortalScheme;
|
||||
|
||||
import java.net.URI;
|
||||
import java.net.URISyntaxException;
|
||||
|
||||
import hirs.data.persist.info.PortalInfo;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.PortalInfoManager;
|
||||
import hirs.persist.PortalInfoManagerException;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.SessionFactory;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import java.net.URI;
|
||||
import java.net.URISyntaxException;
|
||||
|
||||
/**
|
||||
* A <code>DBPortalInfoManager</code> is a service (extends <code>DBManager</code>) that
|
||||
* implements the <code>PortalInfoManager</code> that stores and retrieves Portal Info objects.
|
||||
*/
|
||||
@Service
|
||||
public class DBPortalInfoManager extends DBManager<PortalInfo> implements PortalInfoManager {
|
||||
|
||||
private static final Logger LOGGER = LogManager.getLogger(DBPortalInfoManager.class);
|
||||
@ -22,10 +26,10 @@ public class DBPortalInfoManager extends DBManager<PortalInfo> implements Portal
|
||||
* Creates a new <code>DBPortalInfoManager</code>. The optional SessionFactory parameter is
|
||||
* used to manage sessions with a hibernate db.
|
||||
*
|
||||
* @param factory a hibernate session
|
||||
* @param em a hibernate session
|
||||
*/
|
||||
public DBPortalInfoManager(final SessionFactory factory) {
|
||||
super(PortalInfo.class, factory);
|
||||
public DBPortalInfoManager(final EntityManager em) {
|
||||
super(PortalInfo.class, em);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -35,7 +39,7 @@ public class DBPortalInfoManager extends DBManager<PortalInfo> implements Portal
|
||||
*
|
||||
* @param info PortalInfo to save
|
||||
* @return reference to saved PortalInfo
|
||||
* @throws PortalInfoManagerException if PortalInfo has previously been saved or an
|
||||
* @throws hirs.persist.PortalInfoManagerException if PortalInfo has previously been saved or an
|
||||
* error occurs while trying to save it to the database
|
||||
*/
|
||||
@Override
|
@ -1,17 +1,25 @@
|
||||
package hirs.persist;
|
||||
package hirs.attestationca.servicemanager;
|
||||
|
||||
import hirs.data.persist.BaseReferenceManifest;
|
||||
import hirs.data.persist.ReferenceDigestRecord;
|
||||
import hirs.data.persist.ReferenceDigestValue;
|
||||
import hirs.data.persist.ReferenceManifest;
|
||||
import hirs.data.persist.SupportReferenceManifest;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.DeviceManagerException;
|
||||
import hirs.persist.ReferenceEventManager;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.Session;
|
||||
import org.hibernate.SessionFactory;
|
||||
import org.hibernate.Transaction;
|
||||
import org.hibernate.criterion.Restrictions;
|
||||
import org.hibernate.query.Query;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.criteria.CriteriaBuilder;
|
||||
import javax.persistence.criteria.CriteriaQuery;
|
||||
import javax.persistence.criteria.Predicate;
|
||||
import javax.persistence.criteria.Root;
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
@ -22,18 +30,20 @@ import java.util.UUID;
|
||||
* This class is used to persist and retrieve {@link hirs.data.persist.ReferenceDigestValue}s into
|
||||
* and from the database.
|
||||
*/
|
||||
@Service
|
||||
public class DBReferenceEventManager extends DBManager<ReferenceDigestValue>
|
||||
implements ReferenceEventManager {
|
||||
|
||||
private static final Logger LOGGER = LogManager.getLogger(DBReferenceDigestManager.class);
|
||||
private static final Logger LOGGER = LogManager.getLogger(DBReferenceEventManager.class);
|
||||
|
||||
/**
|
||||
* Default Constructor.
|
||||
*
|
||||
* @param sessionFactory session factory used to access database connections
|
||||
* @param em entity manager used to access database connections
|
||||
*/
|
||||
public DBReferenceEventManager(final SessionFactory sessionFactory) {
|
||||
super(ReferenceDigestValue.class, sessionFactory);
|
||||
public DBReferenceEventManager(final EntityManager em) {
|
||||
super(ReferenceDigestValue.class, em);
|
||||
this.setClazz(ReferenceDigestValue.class);
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -61,20 +71,38 @@ public class DBReferenceEventManager extends DBManager<ReferenceDigestValue>
|
||||
return null;
|
||||
}
|
||||
|
||||
ReferenceDigestValue dbRecord;
|
||||
ReferenceDigestValue dbRecord = null;
|
||||
Transaction tx = null;
|
||||
Session session = getFactory().getCurrentSession();
|
||||
Session session = getSession();
|
||||
try {
|
||||
LOGGER.debug("retrieving referenceDigestValue from db");
|
||||
tx = session.beginTransaction();
|
||||
dbRecord = (ReferenceDigestValue) session.createCriteria(ReferenceDigestValue.class)
|
||||
.add(Restrictions.eq("supportRimId",
|
||||
referenceDigestValue.getSupportRimId()))
|
||||
.add(Restrictions.eq("digestValue",
|
||||
referenceDigestValue.getDigestValue()))
|
||||
.add(Restrictions.eq("eventNumber",
|
||||
referenceDigestValue.getPcrIndex()))
|
||||
.uniqueResult();
|
||||
CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<ReferenceDigestValue> criteriaQuery = criteriaBuilder
|
||||
.createQuery(ReferenceDigestValue.class);
|
||||
Root<ReferenceDigestValue> root = criteriaQuery.from(ReferenceDigestValue.class);
|
||||
Predicate recordPredicate = criteriaBuilder.and(
|
||||
criteriaBuilder.equal(root.get("supportRimId"),
|
||||
referenceDigestValue.getSupportRimId()),
|
||||
criteriaBuilder.equal(root.get("digestValue"),
|
||||
referenceDigestValue.getDigestValue()),
|
||||
criteriaBuilder.equal(root.get("eventNumber"),
|
||||
referenceDigestValue.getPcrIndex()));
|
||||
criteriaQuery.select(root).where(recordPredicate);
|
||||
Query<ReferenceDigestValue> query = session.createQuery(criteriaQuery);
|
||||
List<ReferenceDigestValue> results = query.getResultList();
|
||||
|
||||
if (results != null && !results.isEmpty()) {
|
||||
dbRecord = results.get(0);
|
||||
}
|
||||
// dbRecord = (ReferenceDigestValue) session.createCriteria(ReferenceDigestValue.class)
|
||||
// .add(Restrictions.eq("supportRimId",
|
||||
// referenceDigestValue.getSupportRimId()))
|
||||
// .add(Restrictions.eq("digestValue",
|
||||
// referenceDigestValue.getDigestValue()))
|
||||
// .add(Restrictions.eq("eventNumber",
|
||||
// referenceDigestValue.getPcrIndex()))
|
||||
// .uniqueResult();
|
||||
tx.commit();
|
||||
} catch (Exception ex) {
|
||||
final String msg = "unable to retrieve object";
|
||||
@ -113,15 +141,28 @@ public class DBReferenceEventManager extends DBManager<ReferenceDigestValue>
|
||||
return null;
|
||||
}
|
||||
|
||||
ReferenceDigestValue dbRecord;
|
||||
ReferenceDigestValue dbRecord = null;
|
||||
Transaction tx = null;
|
||||
Session session = getFactory().getCurrentSession();
|
||||
Session session = getSession();
|
||||
try {
|
||||
LOGGER.debug("retrieving referenceDigestValue from db");
|
||||
tx = session.beginTransaction();
|
||||
dbRecord = (ReferenceDigestValue) session.createCriteria(ReferenceDigestValue.class)
|
||||
.add(Restrictions.eq("id",
|
||||
referenceDigestValue.getId())).uniqueResult();
|
||||
CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<ReferenceDigestValue> criteriaQuery = criteriaBuilder
|
||||
.createQuery(ReferenceDigestValue.class);
|
||||
Root<ReferenceDigestValue> root = criteriaQuery.from(ReferenceDigestValue.class);
|
||||
Predicate recordPredicate = criteriaBuilder.and(
|
||||
criteriaBuilder.equal(root.get("id"), referenceDigestValue.getId()));
|
||||
criteriaQuery.select(root).where(recordPredicate);
|
||||
Query<ReferenceDigestValue> query = session.createQuery(criteriaQuery);
|
||||
List<ReferenceDigestValue> results = query.getResultList();
|
||||
|
||||
if (results != null && !results.isEmpty()) {
|
||||
dbRecord = results.get(0);
|
||||
}
|
||||
// dbRecord = (ReferenceDigestValue) session.createCriteria(ReferenceDigestValue.class)
|
||||
// .add(Restrictions.eq("id",
|
||||
// referenceDigestValue.getId())).uniqueResult();
|
||||
tx.commit();
|
||||
} catch (Exception ex) {
|
||||
final String msg = "unable to retrieve object";
|
||||
@ -142,15 +183,28 @@ public class DBReferenceEventManager extends DBManager<ReferenceDigestValue>
|
||||
throw new NullPointerException("null event digest argument");
|
||||
}
|
||||
|
||||
ReferenceDigestValue dbRecord;
|
||||
ReferenceDigestValue dbRecord = null;
|
||||
Transaction tx = null;
|
||||
Session session = getFactory().getCurrentSession();
|
||||
Session session = getSession();
|
||||
try {
|
||||
LOGGER.debug("retrieving referenceDigestValue from db");
|
||||
tx = session.beginTransaction();
|
||||
dbRecord = (ReferenceDigestValue) session.createCriteria(ReferenceDigestValue.class)
|
||||
.add(Restrictions.eq("digestValue",
|
||||
eventDigest)).uniqueResult();
|
||||
CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<ReferenceDigestValue> criteriaQuery = criteriaBuilder
|
||||
.createQuery(ReferenceDigestValue.class);
|
||||
Root<ReferenceDigestValue> root = criteriaQuery.from(ReferenceDigestValue.class);
|
||||
Predicate recordPredicate = criteriaBuilder.and(
|
||||
criteriaBuilder.equal(root.get("digestValue"), eventDigest));
|
||||
criteriaQuery.select(root).where(recordPredicate);
|
||||
Query<ReferenceDigestValue> query = session.createQuery(criteriaQuery);
|
||||
List<ReferenceDigestValue> results = query.getResultList();
|
||||
|
||||
if (results != null && !results.isEmpty()) {
|
||||
dbRecord = results.get(0);
|
||||
}
|
||||
// dbRecord = (ReferenceDigestValue) session.createCriteria(ReferenceDigestValue.class)
|
||||
// .add(Restrictions.eq("digestValue",
|
||||
// eventDigest)).uniqueResult();
|
||||
tx.commit();
|
||||
} catch (Exception ex) {
|
||||
final String msg = "unable to retrieve object";
|
||||
@ -311,13 +365,17 @@ public class DBReferenceEventManager extends DBManager<ReferenceDigestValue>
|
||||
@Override
|
||||
public boolean deleteEvent(final ReferenceDigestValue referenceDigestValue) {
|
||||
boolean result;
|
||||
if (referenceDigestValue == null || referenceDigestValue.getId() == null) {
|
||||
result = false;
|
||||
} else {
|
||||
LOGGER.info(String.format("Deleting reference to %s",
|
||||
referenceDigestValue.getId()));
|
||||
try {
|
||||
result = super.delete(referenceDigestValue);
|
||||
result = super.deleteById(referenceDigestValue.getId());
|
||||
} catch (DBManagerException dbMEx) {
|
||||
throw new RuntimeException(dbMEx);
|
||||
}
|
||||
}
|
||||
return result;
|
||||
}
|
||||
}
|
@ -0,0 +1,66 @@
|
||||
package hirs.attestationca.servicemanager;
|
||||
|
||||
import hirs.data.persist.ReferenceManifest;
|
||||
import hirs.persist.ReferenceManifestManager;
|
||||
import hirs.persist.ReferenceManifestSelector;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* This class is used to persist and retrieve {@link ReferenceManifest}s into
|
||||
* and from the database.
|
||||
*/
|
||||
@Service
|
||||
public class DBReferenceManifestManager extends DBManager<ReferenceManifest>
|
||||
implements ReferenceManifestManager {
|
||||
|
||||
private static final Logger LOGGER = LogManager.getLogger(DBReferenceManifestManager.class);
|
||||
|
||||
/**
|
||||
* Default Constructor.
|
||||
*
|
||||
* @param em entity manager used to access database connections
|
||||
*/
|
||||
public DBReferenceManifestManager(final EntityManager em) {
|
||||
super(ReferenceManifest.class, em);
|
||||
}
|
||||
|
||||
/**
|
||||
* This method does not need to be used directly as it is used by
|
||||
* {@link hirs.persist.ReferenceManifestSelector}'s get* methods. Regardless, it may be
|
||||
* used to retrieve ReferenceManifest by other code in this package, given a
|
||||
* configured ReferenceManifestSelector.
|
||||
*
|
||||
* @param referenceManifestSelector a configured
|
||||
* {@link hirs.persist.ReferenceManifestSelector} to use for querying
|
||||
* @return the resulting set of ReferenceManifest, possibly empty
|
||||
*/
|
||||
@Override
|
||||
@SuppressWarnings("unchecked")
|
||||
public <T extends ReferenceManifest> Set<T> get(
|
||||
final ReferenceManifestSelector referenceManifestSelector) {
|
||||
LOGGER.info("Getting the full set of Reference Manifest files.");
|
||||
// CriteriaBuilder builder = this.getFactory().getCriteriaBuilder();
|
||||
return new HashSet<>(0
|
||||
// new HashSet<>((List<T>) getWithCriteria(
|
||||
// referenceManifestSelector.getReferenceManifestClass(),
|
||||
// referenceManifestSelector.getCriterion(builder))
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove a ReferenceManifest from the database.
|
||||
*
|
||||
* @param referenceManifest the referenceManifest to delete
|
||||
* @return true if deletion was successful, false otherwise
|
||||
*/
|
||||
public boolean deleteReferenceManifest(final ReferenceManifest referenceManifest) {
|
||||
LOGGER.info(String.format("Deleting reference to %s", referenceManifest.getTagId()));
|
||||
return deleteById(referenceManifest.getId());
|
||||
}
|
||||
}
|
@ -0,0 +1,196 @@
|
||||
package hirs.attestationca.servicemanager;
|
||||
|
||||
import hirs.data.persist.Report;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.ReportManager;
|
||||
import hirs.persist.ReportManagerException;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.criterion.Conjunction;
|
||||
import org.hibernate.criterion.Disjunction;
|
||||
import org.hibernate.criterion.MatchMode;
|
||||
import org.hibernate.criterion.Restrictions;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.UUID;
|
||||
|
||||
import static org.apache.logging.log4j.LogManager.getLogger;
|
||||
import static org.hibernate.criterion.Restrictions.ilike;
|
||||
|
||||
/**
|
||||
* This class defines a <code>ReportManager</code> that stores the reports in a
|
||||
* database.
|
||||
*/
|
||||
@Service
|
||||
public class DBReportManager extends DBManager<Report> implements ReportManager {
|
||||
private static final Logger LOGGER = getLogger(DBReportManager.class);
|
||||
|
||||
/**
|
||||
* Creates a new <code>DBReportManager</code> that uses the provided sessionFactory
|
||||
* to interact with a database.
|
||||
*
|
||||
* @param em entity manager used to access database connections
|
||||
*/
|
||||
public DBReportManager(final EntityManager em) {
|
||||
super(Report.class, em);
|
||||
}
|
||||
|
||||
/**
|
||||
* Saves the <code>Report</code> in the database and returns it.
|
||||
*
|
||||
* @param report
|
||||
* report to save
|
||||
* @return <code>Report</code> that was saved
|
||||
* @throws hirs.persist.DBManagerException
|
||||
* if Report has previously been saved or an error occurs while
|
||||
* trying to save it to the database
|
||||
*/
|
||||
@Override
|
||||
public final Report saveReport(final Report report)
|
||||
throws DBManagerException {
|
||||
LOGGER.debug("Saving report: {}", report);
|
||||
try {
|
||||
return super.save(report);
|
||||
} catch (DBManagerException e) {
|
||||
throw new ReportManagerException(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a list of all <code>Report</code>s of type <code>clazz</code>.
|
||||
* This searches through the database for this information.
|
||||
*
|
||||
* All Reports will be returned without measurement records as they are
|
||||
* lazily loaded for performance. If the records of a report are necessary,
|
||||
* a method will need to be written to return the records inside of a
|
||||
* transaction.
|
||||
*
|
||||
* @param clazz
|
||||
* class type of <code>Report</code>s to return (may be null)
|
||||
* @return list of <code>Report</code>s
|
||||
* @throws ReportManagerException
|
||||
* if unable to search the database
|
||||
*/
|
||||
@Override
|
||||
public final List<Report> getReportList(final Class<?
|
||||
extends Report> clazz)
|
||||
throws ReportManagerException {
|
||||
LOGGER.debug("getting report list");
|
||||
try {
|
||||
//super.getList(Report);
|
||||
return null;
|
||||
} catch (DBManagerException e) {
|
||||
throw new ReportManagerException(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieves the <code>Report</code> from the database. This searches the
|
||||
* database for an entry whose id matches <code>id</code>. It then
|
||||
* reconstructs a <code>Report</code> object from the database entry.
|
||||
*
|
||||
* Note: <code>IMAMeasurementRecords</code> are lazily loaded so the object
|
||||
* returned will not contain them for performance purposes. If the whole
|
||||
* report needs to be retrieved a method will need to be written to return
|
||||
* the records inside of a transaction.
|
||||
*
|
||||
* @param id id of the report
|
||||
* @return report
|
||||
* @throws ReportManagerException
|
||||
* if unable to search the database or recreate the <code>Report</code>
|
||||
*/
|
||||
@Override
|
||||
public final Report getReport(final UUID id) throws ReportManagerException {
|
||||
LOGGER.debug("getting report: {}", id);
|
||||
try {
|
||||
return super.get(id);
|
||||
} catch (DBManagerException e) {
|
||||
throw new ReportManagerException(e);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public final Report getCompleteReport(final UUID id) throws ReportManagerException {
|
||||
LOGGER.debug("getting full report: {}", id);
|
||||
try {
|
||||
return super.getAndLoadLazyFields(id, true);
|
||||
} catch (DBManagerException e) {
|
||||
throw new ReportManagerException(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates a <code>Report</code>. This updates the database entries
|
||||
* to reflect the new values that should be set.
|
||||
*
|
||||
* @param report
|
||||
* report to be updated
|
||||
* @throws ReportManagerException
|
||||
* if Report an error occurs while updating the report or
|
||||
* while trying to save it to the database
|
||||
*/
|
||||
@Override
|
||||
public void updateReport(final Report report) throws ReportManagerException {
|
||||
LOGGER.debug("updating report: {}", report);
|
||||
try {
|
||||
super.update(report);
|
||||
} catch (DBManagerException e) {
|
||||
throw new ReportManagerException(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Deletes the <code>Report</code> from the database. This removes all of
|
||||
* the database entries that stored information with regards to the this
|
||||
* <code>Report</code>.
|
||||
* <p>
|
||||
* If the <code>Report</code> is referenced by any other tables then this
|
||||
* will throw a <code>ReportManagerException</code>.
|
||||
*
|
||||
* @param id
|
||||
* id of the <code>Report</code> to delete
|
||||
* @return true if successfully found and deleted the <code>Report</code>
|
||||
* @throws ReportManagerException
|
||||
* if unable to find the baseline or delete it from the
|
||||
* database
|
||||
*/
|
||||
@Override
|
||||
public final boolean deleteReport(final UUID id)
|
||||
throws ReportManagerException {
|
||||
LOGGER.debug("deleting baseline: {}", id);
|
||||
try {
|
||||
return false; //super.delete(id);
|
||||
} catch (DBManagerException e) {
|
||||
throw new ReportManagerException(e);
|
||||
}
|
||||
}
|
||||
|
||||
private Conjunction buildImaRecordSearchFilter(final String search, final
|
||||
Map<String, Boolean> searchableColumns) {
|
||||
// Search for all words in all searchable columns
|
||||
Conjunction and = Restrictions.conjunction();
|
||||
String[] searchWords = StringUtils.split(search);
|
||||
for (String word : searchWords) {
|
||||
// Every word must be in at least one column
|
||||
Disjunction or = Restrictions.disjunction();
|
||||
for (Map.Entry<String, Boolean> entry
|
||||
: searchableColumns.entrySet()) {
|
||||
if (entry.getValue()) {
|
||||
if (entry.getKey().equals("digest")) {
|
||||
or.add(ilikeHex("digest", word));
|
||||
} else {
|
||||
or.add(ilike(entry.getKey(), word,
|
||||
MatchMode.ANYWHERE));
|
||||
}
|
||||
} else {
|
||||
or.add(ilikeCast(entry.getKey(), word));
|
||||
}
|
||||
}
|
||||
and.add(or);
|
||||
}
|
||||
return and;
|
||||
}
|
||||
}
|
@ -1,13 +1,16 @@
|
||||
package hirs.persist;
|
||||
package hirs.attestationca.servicemanager;
|
||||
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.ReportRequestState;
|
||||
import hirs.persist.ReportRequestStateManager;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.SessionFactory;
|
||||
import org.hibernate.criterion.Criterion;
|
||||
import org.hibernate.criterion.Restrictions;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.criteria.CriteriaBuilder;
|
||||
import javax.persistence.criteria.Predicate;
|
||||
import javax.persistence.criteria.Root;
|
||||
import java.util.Collections;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
@ -16,6 +19,7 @@ import java.util.List;
|
||||
* This class defines a <code>ReportRequestStateManager</code> that stores ReportRequestStates in a
|
||||
* database.
|
||||
*/
|
||||
@Service
|
||||
public class DBReportRequestStateManager extends DBManager<ReportRequestState>
|
||||
implements ReportRequestStateManager {
|
||||
private static final Logger LOGGER = LogManager.getLogger(DBReportRequestStateManager.class);
|
||||
@ -24,10 +28,10 @@ public class DBReportRequestStateManager extends DBManager<ReportRequestState>
|
||||
* Creates a new <code>DBReportRequestStateManager</code> that uses the default database. The
|
||||
* default database is used to store all of the <code>ReportRequestState</code>s.
|
||||
*
|
||||
* @param sessionFactory session factory used to access database connections
|
||||
* @param em entity manager used to access database connections
|
||||
*/
|
||||
public DBReportRequestStateManager(final SessionFactory sessionFactory) {
|
||||
super(ReportRequestState.class, sessionFactory);
|
||||
public DBReportRequestStateManager(final EntityManager em) {
|
||||
super(ReportRequestState.class, em);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -38,8 +42,12 @@ public class DBReportRequestStateManager extends DBManager<ReportRequestState>
|
||||
*/
|
||||
@Override
|
||||
public final ReportRequestState getState(final Device device) {
|
||||
Criterion crit = Restrictions.eq("device", device);
|
||||
List<ReportRequestState> results = getWithCriteria(Collections.singletonList(crit));
|
||||
CriteriaBuilder builder = this.getSession().getCriteriaBuilder();
|
||||
Root<ReportRequestState> root = builder.createQuery(ReportRequestState.class)
|
||||
.from(ReportRequestState.class);
|
||||
|
||||
Predicate predicate = builder.equal(root.get("device"), device);
|
||||
List<ReportRequestState> results = getWithCriteria(Collections.singletonList(predicate));
|
||||
if (results.isEmpty()) {
|
||||
return null;
|
||||
} else {
|
||||
@ -55,8 +63,12 @@ public class DBReportRequestStateManager extends DBManager<ReportRequestState>
|
||||
*/
|
||||
@Override
|
||||
public final List<ReportRequestState> getLateDeviceStates() {
|
||||
Criterion criterion = Restrictions.le("dueDate", new Date());
|
||||
return getWithCriteria(Collections.singletonList(criterion));
|
||||
CriteriaBuilder builder = this.getSession().getCriteriaBuilder();
|
||||
Root<ReportRequestState> root = builder.createQuery(ReportRequestState.class)
|
||||
.from(ReportRequestState.class);
|
||||
|
||||
Predicate predicate = builder.lessThanOrEqualTo(root.get("dueDate"), new Date());
|
||||
return getWithCriteria(Collections.singletonList(predicate));
|
||||
}
|
||||
|
||||
/**
|
||||
@ -85,6 +97,6 @@ public class DBReportRequestStateManager extends DBManager<ReportRequestState>
|
||||
*/
|
||||
@Override
|
||||
public final void deleteState(final ReportRequestState state) {
|
||||
delete(state);
|
||||
delete(state.toString()); // cyrus-dev
|
||||
}
|
||||
}
|
@ -1,32 +1,33 @@
|
||||
package hirs.persist;
|
||||
package hirs.attestationca.servicemanager;
|
||||
|
||||
import hirs.FilteredRecordsList;
|
||||
import static org.apache.logging.log4j.LogManager.getLogger;
|
||||
import hirs.data.persist.ReportSummary;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.ReportSummaryManager;
|
||||
import hirs.persist.ReportSummaryManagerException;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.Session;
|
||||
import org.hibernate.Transaction;
|
||||
import org.hibernate.criterion.Order;
|
||||
import org.hibernate.query.Query;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.criteria.CriteriaBuilder;
|
||||
import javax.persistence.criteria.CriteriaQuery;
|
||||
import javax.persistence.criteria.Predicate;
|
||||
import javax.persistence.criteria.Root;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.UUID;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.Criteria;
|
||||
import org.hibernate.Session;
|
||||
import org.hibernate.SessionFactory;
|
||||
import org.hibernate.Transaction;
|
||||
import org.hibernate.criterion.DetachedCriteria;
|
||||
import org.hibernate.criterion.Order;
|
||||
import org.hibernate.criterion.ProjectionList;
|
||||
import org.hibernate.criterion.Projections;
|
||||
import org.hibernate.criterion.Restrictions;
|
||||
import org.hibernate.criterion.Subqueries;
|
||||
import static org.apache.logging.log4j.LogManager.getLogger;
|
||||
|
||||
/**
|
||||
* This class defines a <code>DBReportSummaryManager</code> that stores the
|
||||
* report
|
||||
* summary in a database.
|
||||
*/
|
||||
@Service
|
||||
public class DBReportSummaryManager extends DBManager<ReportSummary>
|
||||
implements ReportSummaryManager {
|
||||
|
||||
@ -38,10 +39,10 @@ public class DBReportSummaryManager extends DBManager<ReportSummary>
|
||||
* The default database is used to store all of the
|
||||
* <code>ReportSummary</code> objects.
|
||||
*
|
||||
* @param sessionFactory session factory used to access database connections
|
||||
* @param em entity manager used to access database connections
|
||||
*/
|
||||
public DBReportSummaryManager(final SessionFactory sessionFactory) {
|
||||
super(ReportSummary.class, sessionFactory);
|
||||
public DBReportSummaryManager(final EntityManager em) {
|
||||
super(ReportSummary.class, em);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -50,7 +51,7 @@ public class DBReportSummaryManager extends DBManager<ReportSummary>
|
||||
* @param report
|
||||
* report summary to save
|
||||
* @return <code>ReportSummary</code> that was saved
|
||||
* @throws ReportSummaryManagerException
|
||||
* @throws hirs.persist.ReportSummaryManagerException
|
||||
* if ReportSummary has previously been saved or an error
|
||||
* occurs while trying to save it to the database
|
||||
*/
|
||||
@ -100,11 +101,12 @@ public class DBReportSummaryManager extends DBManager<ReportSummary>
|
||||
*/
|
||||
@Override
|
||||
public final List<ReportSummary> getReportSummaryList(
|
||||
final Class<? extends ReportSummary> clazz)
|
||||
final ReportSummary clazz)
|
||||
throws ReportSummaryManagerException {
|
||||
LOGGER.debug("getting ReportSummary list");
|
||||
try {
|
||||
return super.getList(clazz);
|
||||
// this should work but there is an issue with the ReportSummary class
|
||||
return null; //super.getList(clazz);
|
||||
} catch (DBManagerException e) {
|
||||
throw new ReportSummaryManagerException(e);
|
||||
}
|
||||
@ -135,19 +137,21 @@ public class DBReportSummaryManager extends DBManager<ReportSummary>
|
||||
|
||||
List<ReportSummary> reportSummaryList = new ArrayList<>();
|
||||
Transaction tx = null;
|
||||
Session session = getFactory().getCurrentSession();
|
||||
Session session = getSession();
|
||||
try {
|
||||
LOGGER.debug("retrieving objects from db");
|
||||
tx = session.beginTransaction();
|
||||
List list = session.createCriteria(ReportSummary.class)
|
||||
.add(Restrictions.eq("clientHostname", hostname))
|
||||
.setResultTransformer(Criteria.DISTINCT_ROOT_ENTITY)
|
||||
.list();
|
||||
|
||||
for (Object o : list) {
|
||||
if (o instanceof ReportSummary) {
|
||||
reportSummaryList.add((ReportSummary) o);
|
||||
}
|
||||
CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<ReportSummary> criteriaQuery = criteriaBuilder
|
||||
.createQuery(ReportSummary.class);
|
||||
Root<ReportSummary> root = criteriaQuery.from(ReportSummary.class);
|
||||
Predicate recordPredicate = criteriaBuilder
|
||||
.and(criteriaBuilder.equal(root.get("clientHostname"), hostname));
|
||||
criteriaQuery.select(root).where(recordPredicate).distinct(true);
|
||||
Query<ReportSummary> query = session.createQuery(criteriaQuery);
|
||||
List<ReportSummary> results = query.getResultList();
|
||||
if (results != null) {
|
||||
reportSummaryList.addAll(results);
|
||||
}
|
||||
|
||||
tx.commit();
|
||||
@ -163,57 +167,6 @@ public class DBReportSummaryManager extends DBManager<ReportSummary>
|
||||
return reportSummaryList;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a list of all <code>ReportSummary</code> objects that are ordered
|
||||
* by a column and direction (ASC, DESC) that is provided by the user. This
|
||||
* method helps support the server-side processing in the JQuery DataTables.
|
||||
*
|
||||
* @param columnToOrder Column to be ordered
|
||||
* @param ascending direction of sort
|
||||
* @param firstResult starting point of first result in set
|
||||
* @param maxResults total number we want returned for display in table
|
||||
* @param search string of criteria to be matched to visible columns
|
||||
* @param searchableColumns Map of String and boolean values with column
|
||||
* headers and whether they are to. Boolean is true if field provides
|
||||
* a typical String that can be searched by Hibernate without
|
||||
* transformation.
|
||||
* @param hostname name of the device to filter on
|
||||
* @return FilteredRecordsList object with fields for DataTables
|
||||
* @throws ReportSummaryManagerException
|
||||
* if unable to create the list
|
||||
*/
|
||||
@Override
|
||||
public final FilteredRecordsList<ReportSummary> getOrderedReportSummaryList(
|
||||
final String columnToOrder, final boolean ascending, final int firstResult,
|
||||
final int maxResults, final String search,
|
||||
final Map<String, Boolean> searchableColumns,
|
||||
final String hostname) throws ReportSummaryManagerException {
|
||||
if (columnToOrder == null) {
|
||||
LOGGER.debug("null object argument");
|
||||
throw new NullPointerException("object");
|
||||
}
|
||||
|
||||
// allows filtering by specific hostname. If no hostname specified, always match.
|
||||
CriteriaModifier modifier = new CriteriaModifier() {
|
||||
@Override
|
||||
public void modify(final Criteria criteria) {
|
||||
criteria.add(Restrictions.ilike("clientHostname",
|
||||
StringUtils.defaultIfBlank(hostname, "%")));
|
||||
}
|
||||
};
|
||||
|
||||
LOGGER.debug("Getting report summary list");
|
||||
final FilteredRecordsList<ReportSummary> summaries;
|
||||
try {
|
||||
summaries = super.getOrderedList(ReportSummary.class, columnToOrder,
|
||||
ascending, firstResult, maxResults, search,
|
||||
searchableColumns, modifier);
|
||||
} catch (DBManagerException e) {
|
||||
throw new BaselineManagerException(e);
|
||||
}
|
||||
LOGGER.debug("Got {} report summaries", summaries.size());
|
||||
return summaries;
|
||||
}
|
||||
/**
|
||||
* Retrieves the <code>ReportSummary</code> from the database. This
|
||||
* searches the database for an entry whose id matches <code>id</code>.
|
||||
@ -260,14 +213,19 @@ public class DBReportSummaryManager extends DBManager<ReportSummary>
|
||||
|
||||
ReportSummary object;
|
||||
Transaction tx = null;
|
||||
Session session = getFactory().getCurrentSession();
|
||||
Session session = getSession();
|
||||
try {
|
||||
LOGGER.debug("retrieving objects from db");
|
||||
tx = session.beginTransaction();
|
||||
object = (ReportSummary) session
|
||||
.createCriteria(ReportSummary.class)
|
||||
.add(Restrictions.eq("report.id", id))
|
||||
.uniqueResult();
|
||||
CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<ReportSummary> criteriaQuery = criteriaBuilder
|
||||
.createQuery(ReportSummary.class);
|
||||
Root<ReportSummary> root = criteriaQuery.from(ReportSummary.class);
|
||||
Predicate recordPredicate = criteriaBuilder
|
||||
.and(criteriaBuilder.equal(root.get("report.id"), id));
|
||||
criteriaQuery.select(root).where(recordPredicate);
|
||||
Query<ReportSummary> query = session.createQuery(criteriaQuery);
|
||||
object = query.uniqueResult();
|
||||
tx.commit();
|
||||
} catch (Exception e) {
|
||||
final String msg = "unable to retrieve query list";
|
||||
@ -281,33 +239,6 @@ public class DBReportSummaryManager extends DBManager<ReportSummary>
|
||||
return object;
|
||||
}
|
||||
|
||||
/**
|
||||
* Deletes the <code>ReportSummary</code> from the database. This removes
|
||||
* all of the database entries that stored information with regards to the
|
||||
* this <code>ReportSummary</code>.
|
||||
* <p>
|
||||
* If the <code>ReportSummary</code> is referenced by any other tables then
|
||||
* this will throw a <code>ReportSummaryManagerException</code>.
|
||||
*
|
||||
* @param id
|
||||
* id of the <code>ReportSummary</code> to delete
|
||||
* @return true if successfully found and deleted the
|
||||
* <code>ReportSummary</code>
|
||||
* @throws ReportSummaryManagerException
|
||||
* if unable to find the baseline or delete it from the
|
||||
* database
|
||||
*/
|
||||
@Override
|
||||
public final boolean deleteReportSummary(final Long id)
|
||||
throws ReportSummaryManagerException {
|
||||
LOGGER.debug("deleting report summary: {}", id);
|
||||
try {
|
||||
return super.delete(id);
|
||||
} catch (DBManagerException e) {
|
||||
throw new ReportSummaryManagerException(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a list of <code>ReportSummary</code>s that contains the latest
|
||||
* report from each client. This searches through the database for this
|
||||
@ -324,28 +255,39 @@ public class DBReportSummaryManager extends DBManager<ReportSummary>
|
||||
|
||||
List<ReportSummary> reportSummaryList = new ArrayList<>();
|
||||
Transaction tx = null;
|
||||
Session session = getFactory().getCurrentSession();
|
||||
Session session = getSession();
|
||||
try {
|
||||
LOGGER.debug("retrieving objects from db");
|
||||
tx = session.beginTransaction();
|
||||
DetachedCriteria uniqueHosts = DetachedCriteria.forClass(
|
||||
ReportSummary.class);
|
||||
// DetachedCriteria uniqueHosts = DetachedCriteria.forClass(
|
||||
// ReportSummary.class);
|
||||
|
||||
ProjectionList properties = Projections.projectionList();
|
||||
properties.add(Projections.groupProperty("clientHostname"));
|
||||
properties.add(Projections.max("timestamp"), "timestamp");
|
||||
// ProjectionList properties = Projections.projectionList();
|
||||
// properties.add(Projections.groupProperty("clientHostname"));
|
||||
// properties.add(Projections.max("timestamp"), "timestamp");
|
||||
//
|
||||
// uniqueHosts.setProjection(properties);
|
||||
//
|
||||
// List list = session.createCriteria(ReportSummary.class)
|
||||
// .add(Subqueries.propertiesIn(
|
||||
// new String[]{"clientHostname", "timestamp"},
|
||||
// uniqueHosts))
|
||||
// .list();
|
||||
// for (Object o : list) {
|
||||
// if (o instanceof ReportSummary) {
|
||||
// reportSummaryList.add((ReportSummary) o);
|
||||
// }
|
||||
// }
|
||||
|
||||
uniqueHosts.setProjection(properties);
|
||||
|
||||
List list = session.createCriteria(ReportSummary.class)
|
||||
.add(Subqueries.propertiesIn(
|
||||
new String[]{"clientHostname", "timestamp"},
|
||||
uniqueHosts))
|
||||
.list();
|
||||
for (Object o : list) {
|
||||
if (o instanceof ReportSummary) {
|
||||
reportSummaryList.add((ReportSummary) o);
|
||||
}
|
||||
CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<ReportSummary> criteriaQuery = criteriaBuilder
|
||||
.createQuery(ReportSummary.class);
|
||||
Root<ReportSummary> root = criteriaQuery.from(ReportSummary.class);
|
||||
criteriaQuery.multiselect(root.get("clientHostname"), root.get("timestamp"));
|
||||
Query<ReportSummary> query = session.createQuery(criteriaQuery);
|
||||
List<ReportSummary> results = query.getResultList();
|
||||
if (results != null) {
|
||||
reportSummaryList.addAll(results);
|
||||
}
|
||||
tx.commit();
|
||||
} catch (Exception e) {
|
||||
@ -417,17 +359,29 @@ public class DBReportSummaryManager extends DBManager<ReportSummary>
|
||||
|
||||
ReportSummary object;
|
||||
Transaction tx = null;
|
||||
Session session = getFactory().getCurrentSession();
|
||||
Session session = getSession();
|
||||
try {
|
||||
LOGGER.debug("retrieving objects from db");
|
||||
tx = session.beginTransaction();
|
||||
//Returns a ReportSummary based on the timestamp and hostname
|
||||
object = (ReportSummary) session.createCriteria(ReportSummary.class)
|
||||
.addOrder(order)
|
||||
.add(Restrictions.eq("clientHostname", hostname))
|
||||
.setFirstResult(firstResult)
|
||||
.setMaxResults(uniqueResult)
|
||||
.uniqueResult();
|
||||
CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<ReportSummary> criteriaQuery = criteriaBuilder
|
||||
.createQuery(ReportSummary.class);
|
||||
Root<ReportSummary> root = criteriaQuery.from(ReportSummary.class);
|
||||
Predicate recordPredicate = criteriaBuilder
|
||||
.and(criteriaBuilder.equal(root.get("clientHostname"), hostname));
|
||||
criteriaQuery.select(root).where(recordPredicate);
|
||||
Query<ReportSummary> query = session.createQuery(criteriaQuery);
|
||||
query.setFirstResult(firstResult);
|
||||
query.setMaxResults(uniqueResult);
|
||||
object = query.getSingleResult();
|
||||
|
||||
// object = (ReportSummary) session.createCriteria(ReportSummary.class)
|
||||
// .addOrder(order)
|
||||
// .add(Restrictions.eq("clientHostname", hostname))
|
||||
// .setFirstResult(firstResult)
|
||||
// .setMaxResults(uniqueResult)
|
||||
// .uniqueResult();
|
||||
tx.commit();
|
||||
} catch (Exception e) {
|
||||
final String msg = "unable to retrieve query list";
|
@ -1,16 +1,20 @@
|
||||
package hirs.persist;
|
||||
package hirs.attestationca.servicemanager;
|
||||
|
||||
import hirs.persist.RepositoryManager;
|
||||
import hirs.repository.RepoPackage;
|
||||
import hirs.repository.Repository;
|
||||
import org.hibernate.SessionFactory;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import java.io.Serializable;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* This class defines a {@link RepositoryManager} that stores Repositories and RepoPackages
|
||||
* This class defines a {@link hirs.persist.RepositoryManager} that
|
||||
* stores Repositories and RepoPackages
|
||||
* in a database.
|
||||
*/
|
||||
@Service
|
||||
public class DBRepositoryManager implements RepositoryManager {
|
||||
private final DBManager<Repository> repositoryDBManager;
|
||||
private final DBManager<RepoPackage> repoPackageDBManager;
|
||||
@ -19,12 +23,12 @@ public class DBRepositoryManager implements RepositoryManager {
|
||||
* Creates a new <code>DBRepositoryManager</code> that uses the default
|
||||
* database. The default database is used to store and retrieve all objects.
|
||||
*
|
||||
* @param sessionFactory session factory used to access database connections
|
||||
* @param entityManager object used to access database connections
|
||||
*/
|
||||
public DBRepositoryManager(final SessionFactory sessionFactory) {
|
||||
public DBRepositoryManager(final EntityManager entityManager) {
|
||||
super();
|
||||
repositoryDBManager = new DBManager<>(Repository.class, sessionFactory);
|
||||
repoPackageDBManager = new DBManager<>(RepoPackage.class, sessionFactory);
|
||||
repositoryDBManager = new DBManager<>(Repository.class, entityManager);
|
||||
repoPackageDBManager = new DBManager<>(RepoPackage.class, entityManager);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -58,7 +62,7 @@ public class DBRepositoryManager implements RepositoryManager {
|
||||
* @return a list of Repositories
|
||||
*/
|
||||
@Override
|
||||
public final List<Repository> getRepositoryList(final Class<? extends Repository> clazz) {
|
||||
public final List<Repository> getRepositoryList(final Class<Repository> clazz) {
|
||||
return repositoryDBManager.getList(clazz);
|
||||
}
|
||||
|
||||
@ -91,7 +95,7 @@ public class DBRepositoryManager implements RepositoryManager {
|
||||
*/
|
||||
@Override
|
||||
public final boolean deleteRepository(final Repository<?> repository) {
|
||||
return repositoryDBManager.delete(repository);
|
||||
return repositoryDBManager.delete(repository.getName());
|
||||
}
|
||||
|
||||
/**
|
@ -0,0 +1,7 @@
|
||||
/**
|
||||
* Service objects for the DAOs; storing and retrieving objects from the
|
||||
* database.
|
||||
*/
|
||||
|
||||
package hirs.attestationca.servicemanager;
|
||||
|
@ -1,12 +1,12 @@
|
||||
package hirs.attestationca.service;
|
||||
|
||||
import java.util.Set;
|
||||
package hirs.attestationca.validation;
|
||||
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.data.persist.SupplyChainValidationSummary;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
|
||||
import java.util.Set;
|
||||
|
||||
|
||||
/**
|
@ -1,17 +1,16 @@
|
||||
package hirs.attestationca.service;
|
||||
package hirs.attestationca.validation;
|
||||
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.appraiser.SupplyChainAppraiser;
|
||||
import hirs.attestationca.configuration.PersistenceConfiguration;
|
||||
import hirs.data.persist.AppraisalStatus;
|
||||
import hirs.data.persist.ArchivableEntity;
|
||||
import hirs.data.persist.BaseReferenceManifest;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.data.persist.EventLogMeasurements;
|
||||
import hirs.data.persist.PCRPolicy;
|
||||
import hirs.data.persist.ReferenceDigestValue;
|
||||
import hirs.data.persist.ReferenceManifest;
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.data.persist.SupplyChainValidation;
|
||||
import hirs.data.persist.SupplyChainValidationSummary;
|
||||
import hirs.data.persist.SupportReferenceManifest;
|
||||
@ -21,15 +20,15 @@ import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.CertificateAuthorityCredential;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.persist.AppraiserManager;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.data.persist.policy.PCRPolicy;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
import hirs.persist.CrudManager;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.PersistenceConfiguration;
|
||||
import hirs.persist.PolicyManager;
|
||||
import hirs.persist.ReferenceDigestManager;
|
||||
import hirs.persist.ReferenceEventManager;
|
||||
import hirs.persist.ReferenceManifestManager;
|
||||
import hirs.persist.service.AppraiserService;
|
||||
import hirs.persist.service.CertificateService;
|
||||
import hirs.persist.service.PolicyService;
|
||||
import hirs.persist.service.ReferenceDigestValueService;
|
||||
import hirs.persist.service.ReferenceManifestService;
|
||||
import hirs.tpm.eventlog.TCGEventLog;
|
||||
import hirs.tpm.eventlog.TpmPcrEvent;
|
||||
import hirs.utils.BouncyCastleUtils;
|
||||
@ -76,12 +75,12 @@ import static hirs.data.persist.AppraisalStatus.Status.PASS;
|
||||
@Import(PersistenceConfiguration.class)
|
||||
public class SupplyChainValidationServiceImpl implements SupplyChainValidationService {
|
||||
|
||||
private PolicyManager policyManager;
|
||||
private AppraiserManager appraiserManager;
|
||||
private ReferenceManifestManager referenceManifestManager;
|
||||
private ReferenceDigestManager referenceDigestManager;
|
||||
private ReferenceEventManager referenceEventManager;
|
||||
private CertificateManager certificateManager;
|
||||
private PolicyService policyService;
|
||||
private AppraiserService appraiserService;
|
||||
private ReferenceManifestService referenceManifestService;
|
||||
// private ReferenceDigestValue referenceDigestManager;
|
||||
private ReferenceDigestValueService referenceDigestValueService;
|
||||
private CertificateService certificateService;
|
||||
private CredentialValidator supplyChainCredentialValidator;
|
||||
private CrudManager<SupplyChainValidationSummary> supplyChainValidatorSummaryManager;
|
||||
|
||||
@ -92,42 +91,39 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
* Constructor to set just the CertificateManager, so that cert chain validating
|
||||
* methods can be called from outside classes.
|
||||
*
|
||||
* @param certificateManager the cert manager
|
||||
* @param certificateService the cert service
|
||||
*/
|
||||
public SupplyChainValidationServiceImpl(final CertificateManager certificateManager) {
|
||||
this.certificateManager = certificateManager;
|
||||
public SupplyChainValidationServiceImpl(final CertificateService certificateService) {
|
||||
this.certificateService = certificateService;
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructor.
|
||||
*
|
||||
* @param policyManager the policy manager
|
||||
* @param appraiserManager the appraiser manager
|
||||
* @param certificateManager the cert manager
|
||||
* @param referenceManifestManager the RIM manager
|
||||
* @param policyService the policy service
|
||||
* @param appraiserService the appraiser service
|
||||
* @param certificateService the cert service
|
||||
* @param referenceManifestService the RIM service
|
||||
* @param supplyChainValidatorSummaryManager the summary manager
|
||||
* @param supplyChainCredentialValidator the credential validator
|
||||
* @param referenceDigestManager the digest manager
|
||||
* @param referenceEventManager the even manager
|
||||
* @param referenceDigestValueService the event service
|
||||
*/
|
||||
@Autowired
|
||||
@SuppressWarnings("ParameterNumberCheck")
|
||||
public SupplyChainValidationServiceImpl(
|
||||
final PolicyManager policyManager, final AppraiserManager appraiserManager,
|
||||
final CertificateManager certificateManager,
|
||||
final ReferenceManifestManager referenceManifestManager,
|
||||
final PolicyService policyService, final AppraiserService appraiserService,
|
||||
final CertificateService certificateService,
|
||||
final ReferenceManifestService referenceManifestService,
|
||||
final CrudManager<SupplyChainValidationSummary> supplyChainValidatorSummaryManager,
|
||||
final CredentialValidator supplyChainCredentialValidator,
|
||||
final ReferenceDigestManager referenceDigestManager,
|
||||
final ReferenceEventManager referenceEventManager) {
|
||||
this.policyManager = policyManager;
|
||||
this.appraiserManager = appraiserManager;
|
||||
this.certificateManager = certificateManager;
|
||||
this.referenceManifestManager = referenceManifestManager;
|
||||
final ReferenceDigestValueService referenceDigestValueService) {
|
||||
this.policyService = policyService;
|
||||
this.appraiserService = appraiserService;
|
||||
this.certificateService = certificateService;
|
||||
this.referenceManifestService = referenceManifestService;
|
||||
this.supplyChainValidatorSummaryManager = supplyChainValidatorSummaryManager;
|
||||
this.supplyChainCredentialValidator = supplyChainCredentialValidator;
|
||||
this.referenceDigestManager = referenceDigestManager;
|
||||
this.referenceEventManager = referenceEventManager;
|
||||
this.referenceDigestValueService = referenceDigestValueService;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -136,9 +132,9 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
* @return supply chain policy
|
||||
*/
|
||||
public SupplyChainPolicy getPolicy() {
|
||||
final Appraiser supplyChainAppraiser = appraiserManager.getAppraiser(
|
||||
final Appraiser supplyChainAppraiser = appraiserService.getAppraiser(
|
||||
SupplyChainAppraiser.NAME);
|
||||
return (SupplyChainPolicy) policyManager.getDefaultPolicy(
|
||||
return (SupplyChainPolicy) policyService.getDefaultPolicy(
|
||||
supplyChainAppraiser);
|
||||
}
|
||||
|
||||
@ -157,9 +153,9 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
public SupplyChainValidationSummary validateSupplyChain(final EndorsementCredential ec,
|
||||
final Set<PlatformCredential> pcs,
|
||||
final Device device) {
|
||||
final Appraiser supplyChainAppraiser = appraiserManager.getAppraiser(
|
||||
final Appraiser supplyChainAppraiser = appraiserService.getAppraiser(
|
||||
SupplyChainAppraiser.NAME);
|
||||
SupplyChainPolicy policy = (SupplyChainPolicy) policyManager.getDefaultPolicy(
|
||||
SupplyChainPolicy policy = (SupplyChainPolicy) policyService.getDefaultPolicy(
|
||||
supplyChainAppraiser);
|
||||
boolean acceptExpiredCerts = policy.isExpiredCertificateValidationEnabled();
|
||||
PlatformCredential baseCredential = null;
|
||||
@ -179,7 +175,7 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
// store the device with the credential
|
||||
if (ec != null) {
|
||||
ec.setDevice(device);
|
||||
this.certificateManager.update(ec);
|
||||
this.certificateService.updateCertificate(ec, ec.getId());
|
||||
}
|
||||
}
|
||||
|
||||
@ -208,7 +204,7 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
deltaMapping.put(pc, null);
|
||||
}
|
||||
pc.setDevice(device);
|
||||
this.certificateManager.update(pc);
|
||||
this.certificateService.updateCertificate(pc, pc.getId());
|
||||
|
||||
}
|
||||
|
||||
@ -353,7 +349,7 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
if (pc.isBase()) {
|
||||
// Grab all certs associated with this platform chain
|
||||
List<PlatformCredential> chainCertificates = PlatformCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.byBoardSerialNumber(pc.getPlatformSerial())
|
||||
.getCertificates().stream().collect(Collectors.toList());
|
||||
|
||||
@ -390,7 +386,7 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
ReferenceManifest supportReferenceManifest = null;
|
||||
EventLogMeasurements measurement = null;
|
||||
|
||||
baseReferenceManifests = BaseReferenceManifest.select(referenceManifestManager)
|
||||
baseReferenceManifests = BaseReferenceManifest.select(referenceManifestService)
|
||||
.byModel(model).getRIMs();
|
||||
|
||||
for (BaseReferenceManifest bRim : baseReferenceManifests) {
|
||||
@ -405,11 +401,11 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
failedString = "Base Reference Integrity Manifest\n";
|
||||
passed = false;
|
||||
} else {
|
||||
measurement = EventLogMeasurements.select(referenceManifestManager)
|
||||
measurement = EventLogMeasurements.select(referenceManifestService)
|
||||
.byHexDecHash(baseReferenceManifest.getEventLogHash()).getRIM();
|
||||
|
||||
if (measurement == null) {
|
||||
measurement = EventLogMeasurements.select(referenceManifestManager)
|
||||
measurement = EventLogMeasurements.select(referenceManifestService)
|
||||
.byModel(baseReferenceManifest.getPlatformModel()).getRIM();
|
||||
}
|
||||
}
|
||||
@ -433,7 +429,7 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
|
||||
//Validate signing cert
|
||||
Set<CertificateAuthorityCredential> allCerts =
|
||||
CertificateAuthorityCredential.select(certificateManager).getCertificates();
|
||||
CertificateAuthorityCredential.select(certificateService).getCertificates();
|
||||
CertificateAuthorityCredential signingCert = null;
|
||||
for (CertificateAuthorityCredential cert : allCerts) {
|
||||
signingCert = cert;
|
||||
@ -459,7 +455,7 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
}
|
||||
|
||||
for (SwidResource swidRes : resources) {
|
||||
supportReferenceManifest = SupportReferenceManifest.select(referenceManifestManager)
|
||||
supportReferenceManifest = SupportReferenceManifest.select(referenceManifestService)
|
||||
.byHexDecHash(swidRes.getHashValue()).getRIM();
|
||||
if (supportReferenceManifest != null) {
|
||||
// Removed the filename check from this if statement
|
||||
@ -537,8 +533,8 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
try {
|
||||
if (measurement.getPlatformManufacturer().equals(manufacturer)) {
|
||||
tcgMeasurementLog = new TCGEventLog(measurement.getRimBytes());
|
||||
eventValue = this.referenceEventManager
|
||||
.getValuesByRimId(baseReferenceManifest);
|
||||
eventValue = this.referenceDigestValueService
|
||||
.getValuesByBaseRimId(baseReferenceManifest.getId());
|
||||
for (ReferenceDigestValue rdv : eventValue) {
|
||||
eventValueMap.put(rdv.getDigestValue(), rdv);
|
||||
}
|
||||
@ -579,13 +575,14 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
|
||||
EventLogMeasurements eventLog = (EventLogMeasurements) measurement;
|
||||
eventLog.setOverallValidationResult(fwStatus.getAppStatus());
|
||||
this.referenceManifestManager.update(eventLog);
|
||||
this.referenceManifestService.updateReferenceManifest(eventLog, eventLog.getId());
|
||||
} else {
|
||||
fwStatus = new AppraisalStatus(FAIL, String.format("Firmware Validation failed: "
|
||||
+ "%s for %s can not be found", failedString, manufacturer));
|
||||
if (measurement != null) {
|
||||
measurement.setOverallValidationResult(fwStatus.getAppStatus());
|
||||
this.referenceManifestManager.update(measurement);
|
||||
this.referenceManifestService.updateReferenceManifest(
|
||||
measurement, measurement.getId());
|
||||
}
|
||||
}
|
||||
|
||||
@ -601,9 +598,9 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
*/
|
||||
@Override
|
||||
public SupplyChainValidationSummary validateQuote(final Device device) {
|
||||
final Appraiser supplyChainAppraiser = appraiserManager.getAppraiser(
|
||||
final Appraiser supplyChainAppraiser = appraiserService.getAppraiser(
|
||||
SupplyChainAppraiser.NAME);
|
||||
SupplyChainPolicy policy = (SupplyChainPolicy) policyManager.getDefaultPolicy(
|
||||
SupplyChainPolicy policy = (SupplyChainPolicy) policyService.getDefaultPolicy(
|
||||
supplyChainAppraiser);
|
||||
SupplyChainValidation quoteScv = null;
|
||||
SupplyChainValidationSummary summary = null;
|
||||
@ -621,7 +618,7 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
|
||||
try {
|
||||
Set<SupportReferenceManifest> supportRims = SupportReferenceManifest
|
||||
.select(this.referenceManifestManager)
|
||||
.select(this.referenceManifestService)
|
||||
.byManufacturerModel(
|
||||
device.getDeviceInfo().getHardwareInfo().getManufacturer(),
|
||||
device.getDeviceInfo().getHardwareInfo().getProductName())
|
||||
@ -632,7 +629,7 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
}
|
||||
}
|
||||
eventLog = EventLogMeasurements
|
||||
.select(this.referenceManifestManager)
|
||||
.select(this.referenceManifestService)
|
||||
.byHexDecHash(sRim.getEventLogHash()).getRIM();
|
||||
|
||||
if (sRim == null) {
|
||||
@ -664,7 +661,8 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
+ "\nPCR hash and Quote hash do not match.");
|
||||
}
|
||||
eventLog.setOverallValidationResult(fwStatus.getAppStatus());
|
||||
this.referenceManifestManager.update(eventLog);
|
||||
this.referenceManifestService.updateReferenceManifest(
|
||||
eventLog, eventLog.getId());
|
||||
}
|
||||
} catch (Exception ex) {
|
||||
LOGGER.error(ex);
|
||||
@ -781,7 +779,7 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
case FAIL:
|
||||
if (!result.getAdditionalInfo().isEmpty()) {
|
||||
pc.setComponentFailures(result.getAdditionalInfo());
|
||||
this.certificateManager.update(pc);
|
||||
this.certificateService.updateCertificate(pc, pc.getId());
|
||||
}
|
||||
return buildValidationRecord(validationType, AppraisalStatus.Status.FAIL,
|
||||
result.getMessage(), pc, Level.WARN);
|
||||
@ -817,10 +815,10 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
case FAIL:
|
||||
if (!result.getAdditionalInfo().isEmpty()) {
|
||||
base.setComponentFailures(result.getAdditionalInfo());
|
||||
this.certificateManager.update(base);
|
||||
this.certificateService.updateCertificate(base, base.getId());
|
||||
}
|
||||
// we are adding things to componentFailures
|
||||
this.certificateManager.update(delta);
|
||||
this.certificateService.updateCertificate(delta, delta.getId());
|
||||
return buildValidationRecord(validationType, AppraisalStatus.Status.FAIL,
|
||||
result.getMessage(), delta, Level.WARN);
|
||||
case ERROR:
|
||||
@ -914,7 +912,7 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
&& !credential.getAuthKeyId().isEmpty()) {
|
||||
byte[] bytes = Hex.decode(credential.getAuthKeyId());
|
||||
skiCA = CertificateAuthorityCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.bySubjectKeyIdentifier(bytes).getCertificate();
|
||||
}
|
||||
|
||||
@ -922,13 +920,13 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
if (credential.getIssuerSorted() == null
|
||||
|| credential.getIssuerSorted().isEmpty()) {
|
||||
certAuthsWithMatchingIssuer = CertificateAuthorityCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.bySubject(credential.getIssuer())
|
||||
.getCertificates();
|
||||
} else {
|
||||
//Get certificates by subject organization
|
||||
certAuthsWithMatchingIssuer = CertificateAuthorityCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.bySubjectSorted(credential.getIssuerSorted())
|
||||
.getCertificates();
|
||||
}
|
||||
@ -970,7 +968,7 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
|
||||
if (platformSerialNumber != null) {
|
||||
List<PlatformCredential> chainCertificates = PlatformCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.byBoardSerialNumber(platformSerialNumber)
|
||||
.getCertificates().stream().collect(Collectors.toList());
|
||||
|
@ -0,0 +1,5 @@
|
||||
/**
|
||||
* Contains the main functionality of the SupplyChainValidationService. Executes the actual
|
||||
* validation based on the current supply chain policy.
|
||||
*/
|
||||
package hirs.attestationca.validation;
|
28
HIRS_AttestationCA/src/main/resources/persistence.properties
Normal file
28
HIRS_AttestationCA/src/main/resources/persistence.properties
Normal file
@ -0,0 +1,28 @@
|
||||
# Properties used to create JDBC connection
|
||||
# WARNING: DO NOT USE "disableSslHostnameVerification=true" FOR A REMOTE DATABASE
|
||||
persistence.db.url = jdbc:mariadb://localhost/hirs_db?autoReconnect=true&useSSL=true&requireSSL=true&enabledSslProtocolSuites=TLSv1&disableSslHostnameVerification=true
|
||||
persistence.db.username = hirs_db
|
||||
persistence.db.password = hirs_db
|
||||
# update?
|
||||
persistence.db.driverClass = org.mariadb.jdbc.Driver
|
||||
persistence.db.maximumPoolSize = 10
|
||||
persistence.db.connectionTimeout = 30000
|
||||
persistence.db.leakDetectionThreshold = 0
|
||||
persistence.db.maxTransactionRetryAttempts = 10
|
||||
persistence.db.retryWaitTimeMilliseconds = 3000
|
||||
|
||||
# Properties used by the Hibernate Session Factory
|
||||
persistence.hibernate.dialect = hirs.attestationca.configuration.MySqlUtf8CompatibleDialect
|
||||
persistence.hibernate.ddl = update
|
||||
hibernate.show_sql = true
|
||||
hibernate.format_sql = true
|
||||
persistence.hibernate.contextClass = org.springframework.orm.hibernate5.SpringSessionContext
|
||||
persistence.hibernate.provider = org.hibernate.hikaricp.internal.HikariCPConnectionProvider
|
||||
|
||||
spring.datasource.url = jdbc:mariadb://localhost/hirs_db?autoReconnect=true&useSSL=true&requireSSL=true&enabledSslProtocolSuites=TLSv1&disableSslHostnameVerification=true
|
||||
spring.datasource.username = hirs_db
|
||||
spring.datasource.password = hirs_db
|
||||
spring.datasource.driver-class-name = org.mariadb.jdbc.Driver
|
||||
spring.jpa.generate-ddl = true
|
||||
# caching the entity manager in a persistence
|
||||
# inject the entity manger in spring using context
|
@ -132,7 +132,7 @@ public class AbstractAttestationCertificateAuthorityTest {
|
||||
public void setup() {
|
||||
aca = new AbstractAttestationCertificateAuthority(null, keyPair.getPrivate(),
|
||||
null, null, null, null, null, 1,
|
||||
null, null, null, null) {
|
||||
null, null) {
|
||||
};
|
||||
}
|
||||
|
||||
|
@ -1,13 +1,13 @@
|
||||
package hirs.attestationca;
|
||||
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.persist.service.CertificateService;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.testng.annotations.BeforeMethod;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
import java.io.FileInputStream;
|
||||
import java.io.IOException;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.persist.CertificateManager;
|
||||
|
||||
import static org.mockito.Matchers.any;
|
||||
import static org.mockito.Mockito.mock;
|
||||
@ -18,7 +18,7 @@ import static org.mockito.Mockito.verify;
|
||||
*/
|
||||
public class CredentialManagementHelperTest {
|
||||
|
||||
private CertificateManager certMan;
|
||||
private CertificateService certMan;
|
||||
|
||||
private static final String EK_HEADER_TRUNCATED
|
||||
= "/certificates/nuc-1/ek_cert_7_byte_header_removed.cer";
|
||||
@ -30,7 +30,7 @@ public class CredentialManagementHelperTest {
|
||||
*/
|
||||
@BeforeMethod
|
||||
public void setUp() {
|
||||
certMan = mock(CertificateManager.class);
|
||||
certMan = mock(CertificateService.class);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -85,7 +85,7 @@ public class CredentialManagementHelperTest {
|
||||
byte[] ekBytes = IOUtils.toByteArray(new FileInputStream(path));
|
||||
|
||||
CredentialManagementHelper.storeEndorsementCredential(certMan, ekBytes);
|
||||
verify(certMan).save(any(Certificate.class));
|
||||
verify(certMan).saveCertificate(any(Certificate.class));
|
||||
}
|
||||
|
||||
/**
|
||||
@ -99,6 +99,6 @@ public class CredentialManagementHelperTest {
|
||||
byte[] ekBytes = IOUtils.toByteArray(new FileInputStream(path));
|
||||
|
||||
CredentialManagementHelper.storeEndorsementCredential(certMan, ekBytes);
|
||||
verify(certMan).save(any(Certificate.class));
|
||||
verify(certMan).saveCertificate(any(Certificate.class));
|
||||
}
|
||||
}
|
||||
|
@ -1,5 +1,7 @@
|
||||
package hirs.attestationca;
|
||||
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import org.bouncycastle.asn1.DERSequence;
|
||||
import org.bouncycastle.asn1.DERSet;
|
||||
import org.bouncycastle.asn1.DERTaggedObject;
|
||||
@ -16,8 +18,6 @@ import java.util.Enumeration;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
|
||||
import static org.testng.Assert.assertEquals;
|
||||
import static org.testng.Assert.assertNull;
|
||||
@ -189,7 +189,7 @@ public class IssuedCertificateAttributeHelperTest {
|
||||
|
||||
DLSequence dlSequence = (DLSequence) subjectAlternativeName.getParsedValue();
|
||||
DERTaggedObject derTaggedObject = (DERTaggedObject) dlSequence.getObjectAt(0);
|
||||
DERSequence derSequence = (DERSequence) derTaggedObject.getObject();
|
||||
DERSequence derSequence = (DERSequence) derTaggedObject.getLoadedObject();
|
||||
|
||||
Enumeration enumeration = derSequence.getObjects();
|
||||
while (enumeration.hasMoreElements()) {
|
||||
|
@ -1,21 +1,19 @@
|
||||
package hirs.data.persist;
|
||||
package hirs.attestationca.data.persist;
|
||||
|
||||
import hirs.attestationca.persist.SpringPersistenceTest;
|
||||
import hirs.attestationca.servicemanager.DBReportManager;
|
||||
import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.data.persist.info.FirmwareInfo;
|
||||
import hirs.data.persist.info.HardwareInfo;
|
||||
import hirs.data.persist.info.NetworkInfo;
|
||||
import hirs.data.persist.info.OSInfo;
|
||||
import hirs.data.persist.info.TPMInfo;
|
||||
import hirs.data.persist.info.NetworkInfo;
|
||||
import hirs.data.persist.info.HardwareInfo;
|
||||
import hirs.data.persist.info.FirmwareInfo;
|
||||
import hirs.data.persist.baseline.TpmWhiteListBaseline;
|
||||
import hirs.foss.XMLCleaner;
|
||||
import hirs.persist.DBReportManager;
|
||||
import hirs.persist.ReportManager;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.Session;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.AfterClass;
|
||||
import org.testng.annotations.AfterMethod;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
@ -32,8 +30,6 @@ import java.net.InetAddress;
|
||||
import java.net.UnknownHostException;
|
||||
import java.security.cert.CertificateFactory;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
@ -71,28 +67,6 @@ public class DeviceInfoReportTest extends SpringPersistenceTest {
|
||||
LOGGER.debug("closing session factory");
|
||||
}
|
||||
|
||||
/**
|
||||
* Resets the test state to a known good state. This currently only resets
|
||||
* the database by removing all <code>Report</code> objects.
|
||||
*/
|
||||
@AfterMethod
|
||||
public final void resetTestState() {
|
||||
LOGGER.debug("reset test state");
|
||||
LOGGER.debug("deleting all reports");
|
||||
Session session = sessionFactory.getCurrentSession();
|
||||
session.beginTransaction();
|
||||
try {
|
||||
final List<?> reports = session.createCriteria(Report.class).list();
|
||||
for (Object o : reports) {
|
||||
LOGGER.debug("deleting report: {}", o);
|
||||
session.delete(o);
|
||||
}
|
||||
LOGGER.debug("all reports removed");
|
||||
} finally {
|
||||
session.getTransaction().commit();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests instantiation of a DeviceInfoReport.
|
||||
*/
|
||||
@ -218,61 +192,6 @@ public class DeviceInfoReportTest extends SpringPersistenceTest {
|
||||
EXPECTED_CLIENT_VERSION);
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that the DeviceInfoReport can search a list of baselines to find if
|
||||
* any contain the fields necessary to detect a kernel update.
|
||||
*/
|
||||
@Test
|
||||
public final void testMatchesKernelInfo() {
|
||||
final DeviceInfoReport deviceInfoReport =
|
||||
new DeviceInfoReport(networkInfo, osInfo, firmwareInfo, hardwareInfo, tpmInfo);
|
||||
final List<TpmWhiteListBaseline> tpmBaselines = Arrays.asList(
|
||||
new TpmWhiteListBaseline("Best named TPM Baseline"),
|
||||
new TpmWhiteListBaseline("Bob"),
|
||||
new TpmWhiteListBaseline("Worst named Baseline. Ever.")
|
||||
);
|
||||
final String osName = "test os name";
|
||||
final String osVersion = "test os version";
|
||||
final String manufacturer = "test manufacturer";
|
||||
final String productName = "test product name";
|
||||
final String version = "test version";
|
||||
tpmBaselines.get(1).setFirmwareInfo(createTestFirmwareInfo());
|
||||
tpmBaselines.get(1).setHardwareInfo(
|
||||
new HardwareInfo(manufacturer, productName, version, "wrong value",
|
||||
"wrong value", "wrong value"));
|
||||
tpmBaselines.get(1).setOSInfo(new OSInfo(osName, osVersion, "N/A", "not used", "ignored"));
|
||||
final boolean expected = true;
|
||||
|
||||
Assert.assertEquals(deviceInfoReport.matchesKernelInfo(tpmBaselines), expected);
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that the method will return false when even one field is mismatched.
|
||||
*/
|
||||
@Test
|
||||
public final void testMatchesKernelInfoMismatch() {
|
||||
final DeviceInfoReport deviceInfoReport =
|
||||
new DeviceInfoReport(networkInfo, osInfo, firmwareInfo, hardwareInfo, tpmInfo);
|
||||
final List<TpmWhiteListBaseline> tpmBaselines = Arrays.asList(
|
||||
new TpmWhiteListBaseline("Best named TPM Baseline"),
|
||||
new TpmWhiteListBaseline("Bob"),
|
||||
new TpmWhiteListBaseline("Worst named Baseline. Ever.")
|
||||
);
|
||||
final String osName = "test os name";
|
||||
final String osVersion = "88"; // osversion won't match
|
||||
final String manufacturer = "test manufacturer";
|
||||
final String productName = "test product name";
|
||||
final String version = "test version";
|
||||
tpmBaselines.get(2).setFirmwareInfo(createTestFirmwareInfo());
|
||||
tpmBaselines.get(2).setHardwareInfo(
|
||||
new HardwareInfo(manufacturer, productName, version, "wrong value",
|
||||
"wrong value", "wrong value"));
|
||||
tpmBaselines.get(2).setOSInfo(new OSInfo(osName, osVersion, "N/A", "not used", "ignored"));
|
||||
final boolean expected = false;
|
||||
|
||||
Assert.assertEquals(deviceInfoReport.matchesKernelInfo(tpmBaselines), expected);
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that a <code>DeviceInfoReport</code> can be saved in the
|
||||
* <code>ReportManager</code> and then deleted.
|
@ -1,5 +1,8 @@
|
||||
package hirs.data.persist;
|
||||
package hirs.attestationca.data.persist;
|
||||
|
||||
import hirs.data.persist.AppraisalStatus;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.data.persist.enums.HealthStatus;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.Test;
|
@ -1,16 +1,21 @@
|
||||
package hirs.persist;
|
||||
package hirs.attestationca.persist;
|
||||
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.appraiser.IMAAppraiser;
|
||||
import hirs.appraiser.TPMAppraiser;
|
||||
import hirs.appraiser.TestAppraiser;
|
||||
import hirs.data.persist.SpringPersistenceTest;
|
||||
import hirs.attestationca.servicemanager.DBAppraiserManager;
|
||||
import hirs.persist.AppraiserManager;
|
||||
import org.hibernate.Session;
|
||||
import org.hibernate.query.Query;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.AfterMethod;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
import javax.persistence.criteria.CriteriaBuilder;
|
||||
import javax.persistence.criteria.CriteriaQuery;
|
||||
import javax.persistence.criteria.Root;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
@ -38,9 +43,16 @@ public class DBAppraiserManagerTest extends SpringPersistenceTest {
|
||||
*/
|
||||
@AfterMethod
|
||||
public void resetTestState() {
|
||||
Session session = sessionFactory.getCurrentSession();
|
||||
Session session = sessionFactory.unwrap(org.hibernate.Session.class);
|
||||
session.beginTransaction();
|
||||
final List<?> baselines = session.createCriteria(Appraiser.class).list();
|
||||
|
||||
CriteriaBuilder builder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<Appraiser> criteriaQuery = builder.createQuery(Appraiser.class);
|
||||
Root<Appraiser> root = criteriaQuery.from(Appraiser.class);
|
||||
criteriaQuery.select(root);
|
||||
Query<Appraiser> query = session.createQuery(criteriaQuery);
|
||||
List<Appraiser> baselines = query.getResultList();
|
||||
// final List<?> baselines = session.createCriteria(Appraiser.class).list();
|
||||
for (Object o : baselines) {
|
||||
session.delete(o);
|
||||
}
|
@ -0,0 +1,87 @@
|
||||
package hirs.attestationca.persist;
|
||||
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.attestationca.servicemanager.DBDeviceManager;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.data.persist.policy.Policy;
|
||||
import hirs.persist.DBUtility;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.persist.PolicyMapper;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.AfterClass;
|
||||
import org.testng.annotations.AfterMethod;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
/**
|
||||
* Unit tests for the <code>DBDeviceGroupManager</code> class.
|
||||
*/
|
||||
public final class DBDeviceGroupManagerTest extends SpringPersistenceTest {
|
||||
private static final Logger LOGGER = LogManager.getLogger(DBDeviceGroupManagerTest.class);
|
||||
|
||||
private final String deviceGroupName = "Test Device Group";
|
||||
private final String deviceName = "Test Device";
|
||||
|
||||
/**
|
||||
* Default constructor that does nothing.
|
||||
*/
|
||||
public DBDeviceGroupManagerTest() {
|
||||
/* do nothing */
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializes a <code>SessionFactory</code>. The factory is used for an
|
||||
* in-memory database that is used for testing.
|
||||
*/
|
||||
@BeforeClass
|
||||
public void setup() {
|
||||
}
|
||||
|
||||
/**
|
||||
* Closes the <code>SessionFactory</code> from setup.
|
||||
*/
|
||||
@AfterClass
|
||||
public void tearDown() {
|
||||
}
|
||||
|
||||
/**
|
||||
* Resets the test state to a known good state. This currently only resets
|
||||
* the database by removing all <code>Device</code> and
|
||||
* <code>DeviceInfoReport</code> objects.
|
||||
*/
|
||||
@AfterMethod
|
||||
public void resetTestState() {
|
||||
DBUtility.removeAllInstances(sessionFactory, Device.class);
|
||||
DBUtility.removeAllInstances(sessionFactory, DeviceInfoReport.class);
|
||||
DBUtility.removeAllInstances(sessionFactory, PolicyMapper.class);
|
||||
DBUtility.removeAllInstances(sessionFactory, Appraiser.class);
|
||||
DBUtility.removeAllInstances(sessionFactory, Policy.class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that the <code>DBDeviceGroupManager</code> throws a
|
||||
* <code>DeviceGroupManagerException</code> if the device parameter is null.
|
||||
*/
|
||||
@Test(expectedExceptions = NullPointerException.class)
|
||||
public void testSaveNullDevice() {
|
||||
LOGGER.debug("testSaveNullDevice test started");
|
||||
final DeviceManager mgr = new DBDeviceManager(sessionFactory);
|
||||
mgr.saveDevice(null);
|
||||
Assert.fail("save did not fail");
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that the <code>DBDeviceGroupManager</code> throws a
|
||||
* <code>DeviceManagerException</code> if the device parameter is null.
|
||||
*/
|
||||
@Test(expectedExceptions = NullPointerException.class)
|
||||
public void testUpdateNullDevice() {
|
||||
LOGGER.debug("testUpdateNullDevice test started");
|
||||
final DeviceManager mgr = new DBDeviceManager(sessionFactory);
|
||||
mgr.updateDevice(null);
|
||||
Assert.fail("save did not fail");
|
||||
}
|
||||
}
|
@ -1,29 +1,28 @@
|
||||
package hirs.persist;
|
||||
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
package hirs.attestationca.persist;
|
||||
|
||||
import hirs.attestationca.data.persist.DeviceTest;
|
||||
import hirs.attestationca.servicemanager.DBDeviceManager;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.data.persist.DeviceTest;
|
||||
import hirs.data.persist.enums.HealthStatus;
|
||||
import hirs.data.persist.info.NetworkInfo;
|
||||
import hirs.data.persist.SpringPersistenceTest;
|
||||
import hirs.persist.DBUtility;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.persist.DeviceManagerException;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.AfterClass;
|
||||
import org.testng.annotations.AfterMethod;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
import java.util.HashSet;
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* <code>DBDeviceManagerTest</code> is a unit test class for the
|
||||
* <code>DBDeviceManager</code> class.
|
||||
@ -63,7 +62,6 @@ public final class DBDeviceManagerTest extends SpringPersistenceTest {
|
||||
@AfterMethod
|
||||
public void resetTestState() {
|
||||
DBUtility.removeAllInstances(sessionFactory, Device.class);
|
||||
DBUtility.removeAllInstances(sessionFactory, DeviceGroup.class);
|
||||
DBUtility.removeAllInstances(sessionFactory, DeviceInfoReport.class);
|
||||
}
|
||||
|
||||
@ -80,8 +78,6 @@ public final class DBDeviceManagerTest extends SpringPersistenceTest {
|
||||
Assert.assertEquals(DBUtility.getCount(sessionFactory, Device.class), 0);
|
||||
Assert.assertEquals(DBUtility.getCount(sessionFactory, DeviceInfoReport.class), 0);
|
||||
final Device device = DeviceTest.getTestDevice(deviceName);
|
||||
final DeviceGroup group = createGroup(DeviceGroup.DEFAULT_GROUP);
|
||||
device.setDeviceGroup(group);
|
||||
final DeviceManager mgr = new DBDeviceManager(sessionFactory);
|
||||
final Device d2 = mgr.saveDevice(device);
|
||||
Assert.assertEquals(DBUtility.getCount(sessionFactory, Device.class), 1);
|
||||
@ -95,27 +91,6 @@ public final class DBDeviceManagerTest extends SpringPersistenceTest {
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that the <code>DBDeviceManager</code> throws a
|
||||
* <code>DeviceManagerException</code> if a <code>Device</code> is saved
|
||||
* twice.
|
||||
*
|
||||
* @throws DeviceManagerException if any unexpected errors occur
|
||||
* @throws Exception
|
||||
* if any unexpected errors occur
|
||||
*/
|
||||
@Test(expectedExceptions = DeviceManagerException.class)
|
||||
public void testSaveTwice() throws DeviceManagerException, Exception {
|
||||
LOGGER.debug("testSaveTwice test started");
|
||||
final Device device = new Device(deviceName);
|
||||
final DeviceManager mgr = new DBDeviceManager(sessionFactory);
|
||||
final DeviceGroup group = createGroup(DeviceGroup.DEFAULT_GROUP);
|
||||
device.setDeviceGroup(group);
|
||||
final Device b2 = mgr.saveDevice(device);
|
||||
mgr.saveDevice(b2);
|
||||
Assert.fail("second save did not fail");
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that the <code>DBDeviceManager</code> throws a
|
||||
* <code>DeviceManagerException</code> if a <code>Device</code> is saved
|
||||
@ -149,35 +124,6 @@ public final class DBDeviceManagerTest extends SpringPersistenceTest {
|
||||
Assert.fail("save did not fail");
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that when a <code>Device</code> is deleted, the
|
||||
* <code>Device</code> is removed from the DB.
|
||||
*
|
||||
* @throws Exception if error occurs while creating test device
|
||||
*/
|
||||
@Test
|
||||
public void testDeleteDevice() throws Exception {
|
||||
LOGGER.debug("testDeleteDevice");
|
||||
Assert.assertEquals(DBUtility.getCount(sessionFactory, Device.class), 0);
|
||||
|
||||
final Device device = new Device(deviceName);
|
||||
final DeviceManager mgr = new DBDeviceManager(sessionFactory);
|
||||
final DeviceGroup group = createGroup(DeviceGroup.DEFAULT_GROUP);
|
||||
device.setDeviceGroup(group);
|
||||
final Device savedDevice = mgr.saveDevice(device);
|
||||
|
||||
Assert.assertEquals(DBUtility.getCount(sessionFactory, Device.class), 1);
|
||||
Assert.assertTrue(DBUtility.isInDatabase(sessionFactory, Device.class, deviceName));
|
||||
|
||||
final UUID deviceID = savedDevice.getId();
|
||||
Assert.assertNotNull(deviceID);
|
||||
boolean deleteSuccessful = mgr.deleteDevice(deviceName);
|
||||
Assert.assertTrue(deleteSuccessful);
|
||||
Assert.assertFalse(
|
||||
DBUtility.isInDatabase(sessionFactory, DeviceGroup.class, deviceName)
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that the <code>DBDeviceManager</code> can update a
|
||||
* <code>Device</code>.
|
||||
@ -193,8 +139,6 @@ public final class DBDeviceManagerTest extends SpringPersistenceTest {
|
||||
|
||||
LOGGER.debug("saving new device in db");
|
||||
final Device device = DeviceTest.getTestDevice(deviceName);
|
||||
final DeviceGroup group = createGroup(DeviceGroup.DEFAULT_GROUP);
|
||||
device.setDeviceGroup(group);
|
||||
final DeviceManager mgr = new DBDeviceManager(sessionFactory);
|
||||
final Device d2 = mgr.saveDevice(device);
|
||||
Assert.assertEquals(DBUtility.getCount(sessionFactory, Device.class), 1);
|
||||
@ -219,71 +163,6 @@ public final class DBDeviceManagerTest extends SpringPersistenceTest {
|
||||
Assert.assertEquals(DBUtility.getCount(sessionFactory, DeviceInfoReport.class), 1);
|
||||
}
|
||||
|
||||
/**
|
||||
* This tests that when a <code>Device</code> is updated with a null
|
||||
* <code>DeviceInfoReport</code> then the old report is removed from the
|
||||
* database.
|
||||
*
|
||||
* @throws Exception
|
||||
* if any unexpected errors occur in getting a Device
|
||||
*/
|
||||
@Test
|
||||
public void testUpdateNullReport() throws Exception {
|
||||
LOGGER.debug("testUpdate test started");
|
||||
LOGGER.debug("asserting db is empty");
|
||||
Assert.assertEquals(DBUtility.getCount(sessionFactory, Device.class), 0);
|
||||
Assert.assertEquals(DBUtility.getCount(sessionFactory, DeviceInfoReport.class), 0);
|
||||
|
||||
LOGGER.debug("saving new device in db");
|
||||
final Device device = DeviceTest.getTestDevice(deviceName);
|
||||
final DeviceGroup group = createGroup(DeviceGroup.DEFAULT_GROUP);
|
||||
device.setDeviceGroup(group);
|
||||
final DeviceManager mgr = new DBDeviceManager(sessionFactory);
|
||||
final Device d2 = mgr.saveDevice(device);
|
||||
Assert.assertEquals(DBUtility.getCount(sessionFactory, Device.class), 1);
|
||||
Assert.assertEquals(DBUtility.getCount(sessionFactory, DeviceInfoReport.class), 1);
|
||||
|
||||
LOGGER.debug("updating device will null device info");
|
||||
d2.setDeviceInfo(null);
|
||||
mgr.updateDevice(d2);
|
||||
Assert.assertEquals(DBUtility.getCount(sessionFactory, Device.class), 1);
|
||||
Assert.assertEquals(DBUtility.getCount(sessionFactory, DeviceInfoReport.class), 0);
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that the <code>DBDeviceManager</code> fails to update a
|
||||
* <code>Device</code> that has the same name as an existing
|
||||
* <code>Device</code>.
|
||||
*
|
||||
* @throws DeviceManagerException if any unexpected errors occur
|
||||
* @throws Exception
|
||||
* if any unexpected errors occur
|
||||
*/
|
||||
@Test
|
||||
public void testUpdateSameName() throws DeviceManagerException, Exception {
|
||||
LOGGER.debug("testUpdateSameName test started");
|
||||
final String name1 = "Test Device 1";
|
||||
final String name2 = "Test Device 2";
|
||||
final DeviceManager mgr = new DBDeviceManager(sessionFactory);
|
||||
final DeviceGroup group = createGroup(DeviceGroup.DEFAULT_GROUP);
|
||||
Device d1 = new Device(name1);
|
||||
Device d2 = new Device(name2);
|
||||
d1.setDeviceGroup(group);
|
||||
d2.setDeviceGroup(group);
|
||||
mgr.saveDevice(d1);
|
||||
d2 = mgr.saveDevice(d2);
|
||||
d2.setName(name1);
|
||||
DeviceManagerException expected = null;
|
||||
try {
|
||||
mgr.updateDevice(d2);
|
||||
} catch (DeviceManagerException e) {
|
||||
expected = e;
|
||||
}
|
||||
Assert.assertNotNull(expected);
|
||||
Assert.assertTrue(DBUtility.isInDatabase(sessionFactory, Device.class, name1));
|
||||
Assert.assertTrue(DBUtility.isInDatabase(sessionFactory, Device.class, name2));
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that the <code>DBDeviceManager</code> throws a
|
||||
* <code>DeviceManagerException</code> if the device parameter is null.
|
||||
@ -298,31 +177,6 @@ public final class DBDeviceManagerTest extends SpringPersistenceTest {
|
||||
Assert.fail("save did not fail");
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that the <code>DBDeviceManager</code> can successfully return a
|
||||
* <code>Device</code> from the database.
|
||||
*
|
||||
* @throws Exception
|
||||
* if any unexpected errors occur in getting a Device
|
||||
*/
|
||||
@Test
|
||||
public void testGet() throws Exception {
|
||||
LOGGER.debug("testGet test started");
|
||||
final Device device = DeviceTest.getTestDevice(deviceName);
|
||||
final DeviceManager mgr = new DBDeviceManager(sessionFactory);
|
||||
final ReportManager reportMgr = new DBReportManager(sessionFactory);
|
||||
final DeviceGroup group = createGroup(DeviceGroup.DEFAULT_GROUP);
|
||||
device.setDeviceGroup(group);
|
||||
final Device d2 = mgr.saveDevice(device);
|
||||
final UUID reportId = d2.getDeviceInfo().getId();
|
||||
final Device dbDevice = mgr.getDevice(d2.getName());
|
||||
Assert.assertEquals(dbDevice, d2);
|
||||
final DeviceInfoReport dbReport = (DeviceInfoReport) reportMgr
|
||||
.getReport(reportId);
|
||||
Assert.assertEquals(dbReport, device.getDeviceInfo());
|
||||
Assert.assertEquals(dbDevice.getHealthStatus(), HealthStatus.UNKNOWN);
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that the <code>DBDeviceManager</code> returns null when null name
|
||||
* is passed to get.
|
||||
@ -346,32 +200,6 @@ public final class DBDeviceManagerTest extends SpringPersistenceTest {
|
||||
Assert.assertNull(mgr.getDevice(unknown));
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that the <code>DBDeviceManager</code> returns a complete list of
|
||||
* all the names of the devices that it manages.
|
||||
*
|
||||
* @throws Exception
|
||||
* if any unexpected errors occur in getting a Device
|
||||
*/
|
||||
@Test
|
||||
public void testGetDeviceNameList() throws Exception {
|
||||
LOGGER.debug("testGetDeviceNameList test started");
|
||||
final DeviceManager mgr = new DBDeviceManager(sessionFactory);
|
||||
final String[] names = {"Device1", "Device2", "Device3", "Device4"};
|
||||
final List<String> namesList = new LinkedList<>();
|
||||
final DeviceGroup group = createGroup(DeviceGroup.DEFAULT_GROUP);
|
||||
|
||||
for (String name : names) {
|
||||
final Device device = DeviceTest.getTestDevice(name);
|
||||
device.setDeviceGroup(group);
|
||||
mgr.saveDevice(device);
|
||||
namesList.add(name);
|
||||
}
|
||||
final List<String> dbNames = mgr.getDeviceNameList();
|
||||
Collections.sort(dbNames);
|
||||
Assert.assertEquals(dbNames, namesList);
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that the <code>DBDeviceManager</code> returns an empty list when
|
||||
* get list is called when there are no items in the database.
|
||||
@ -392,26 +220,6 @@ public final class DBDeviceManagerTest extends SpringPersistenceTest {
|
||||
* if any unexpected errors occur in getting a Device
|
||||
*/
|
||||
|
||||
@Test
|
||||
public void testGetDeviceSet() throws Exception {
|
||||
LOGGER.debug("testGetDeviceSet test started");
|
||||
final DeviceManager mgr = new DBDeviceManager(sessionFactory);
|
||||
final String[] names = {"Device1", "Device2", "Device3", "Device4"};
|
||||
final Device[] expectedDevices = new Device[names.length];
|
||||
final DeviceGroup group = createGroup(DeviceGroup.DEFAULT_GROUP);
|
||||
for (int i = 0; i < names.length; ++i) {
|
||||
final Device device = DeviceTest.getTestDevice(names[i]);
|
||||
expectedDevices[i] = device;
|
||||
device.setDeviceGroup(group);
|
||||
mgr.saveDevice(device);
|
||||
}
|
||||
final Set<Device> devices = mgr.getDeviceList();
|
||||
Assert.assertEquals(devices.size(), expectedDevices.length);
|
||||
for (int i = 0; i < expectedDevices.length; ++i) {
|
||||
Assert.assertTrue(devices.contains(expectedDevices[i]));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that the <code>DBDeviceManager</code> returns an empty list when
|
||||
* get list is called when there are no items in the database.
|
||||
@ -424,10 +232,4 @@ public final class DBDeviceManagerTest extends SpringPersistenceTest {
|
||||
final Set<Device> devices = mgr.getDeviceList();
|
||||
Assert.assertEquals(devices, devicesList);
|
||||
}
|
||||
|
||||
private DeviceGroup createGroup(final String name) throws Exception {
|
||||
DeviceGroup group = new DeviceGroup(name);
|
||||
final DeviceGroupManager groupManager = new DBDeviceGroupManager(sessionFactory);
|
||||
return groupManager.saveDeviceGroup(group);
|
||||
}
|
||||
}
|
@ -1,7 +1,9 @@
|
||||
package hirs.persist;
|
||||
package hirs.attestationca.persist;
|
||||
|
||||
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
|
||||
import hirs.data.persist.SpringPersistenceTest;
|
||||
import hirs.attestationca.servicemanager.DBManager;
|
||||
import hirs.data.persist.LazyTestItemChild;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.DBUtility;
|
||||
import org.hibernate.LazyInitializationException;
|
||||
import org.hibernate.StaleObjectStateException;
|
||||
import org.hibernate.exception.LockAcquisitionException;
|
||||
@ -14,7 +16,6 @@ import org.testng.annotations.AfterMethod;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.BeforeMethod;
|
||||
import org.testng.annotations.Test;
|
||||
import hirs.data.persist.LazyTestItemChild;
|
||||
|
||||
import java.sql.SQLException;
|
||||
|
||||
@ -69,10 +70,7 @@ public class DBManagerTest extends SpringPersistenceTest {
|
||||
* LazyInitializationException.
|
||||
*/
|
||||
@Test(expectedExceptions = LazyInitializationException.class)
|
||||
@SuppressFBWarnings(
|
||||
value = "RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT",
|
||||
justification = "The statement is meant to throw an exception"
|
||||
)
|
||||
|
||||
public final void testGet() {
|
||||
LazyTestItemChild child = new LazyTestItemChild("Test Child");
|
||||
DBManager<LazyTestItemChild> childMan =
|
@ -1,4 +1,17 @@
|
||||
package hirs.persist;
|
||||
package hirs.attestationca.persist;
|
||||
|
||||
import hirs.attestationca.servicemanager.DBPortalInfoManager;
|
||||
import hirs.data.persist.enums.PortalScheme;
|
||||
import hirs.data.persist.info.PortalInfo;
|
||||
import hirs.persist.DBUtility;
|
||||
import hirs.persist.PortalInfoManager;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.AfterClass;
|
||||
import org.testng.annotations.AfterMethod;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
import java.lang.reflect.Field;
|
||||
import java.net.URI;
|
||||
@ -6,17 +19,6 @@ import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import hirs.data.persist.SpringPersistenceTest;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import hirs.data.persist.info.PortalInfo;
|
||||
import hirs.data.persist.enums.PortalScheme;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.AfterClass;
|
||||
import org.testng.annotations.AfterMethod;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
/**
|
||||
* Tests for the DBPortalInfoManager.
|
||||
*/
|
@ -1,17 +1,18 @@
|
||||
package hirs.persist;
|
||||
package hirs.attestationca.persist;
|
||||
|
||||
import hirs.attestationca.servicemanager.DBDeviceManager;
|
||||
import hirs.attestationca.servicemanager.DBReportRequestStateManager;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.attestationca.data.persist.DeviceTest;
|
||||
import hirs.data.persist.ReportRequestState;
|
||||
import hirs.data.persist.SpringPersistenceTest;
|
||||
import hirs.data.persist.type.ReportRequestType;
|
||||
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.DBUtility;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.AfterClass;
|
||||
import org.testng.annotations.AfterMethod;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
import hirs.data.persist.DeviceTest;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Date;
|
||||
@ -33,14 +34,10 @@ public class DBReportRequestStateManagerTest extends SpringPersistenceTest {
|
||||
*/
|
||||
@BeforeClass
|
||||
public final void setup() throws Exception {
|
||||
DeviceGroup group = new DeviceGroup(DeviceGroup.DEFAULT_GROUP);
|
||||
new DBDeviceGroupManager(sessionFactory).saveDeviceGroup(group);
|
||||
|
||||
Device testDevice;
|
||||
DBDeviceManager dbDeviceManager = new DBDeviceManager(sessionFactory);
|
||||
for (int i = 0; i < NUMBER_OF_DEVICES; i++) {
|
||||
testDevice = DeviceTest.getTestDevice("Device " + i);
|
||||
testDevice.setDeviceGroup(group);
|
||||
testDevices.add(dbDeviceManager.save(testDevice));
|
||||
}
|
||||
}
|
||||
@ -71,7 +68,7 @@ public class DBReportRequestStateManagerTest extends SpringPersistenceTest {
|
||||
DBReportRequestStateManager mgr = new DBReportRequestStateManager(sessionFactory);
|
||||
Device device = testDevices.get(0);
|
||||
ReportRequestState state = getTestReportRequestState(device);
|
||||
state.setDueDate(DeviceGroup.MINUTE_MS_INTERVAL);
|
||||
state.setDueDate(ReportRequestState.MINUTE_MS_INTERVAL);
|
||||
mgr.saveState(state);
|
||||
|
||||
ReportRequestState retrievedState = mgr.getState(device);
|
||||
@ -116,7 +113,7 @@ public class DBReportRequestStateManagerTest extends SpringPersistenceTest {
|
||||
ReportRequestState newState = getTestReportRequestState(
|
||||
testDevices.get(0)
|
||||
);
|
||||
newState.setDueDate(DeviceGroup.MINUTE_MS_INTERVAL);
|
||||
newState.setDueDate(ReportRequestState.MINUTE_MS_INTERVAL);
|
||||
mgr.update(newState);
|
||||
Assert.assertEquals(mgr.getState(testDevices.get(0)), newState);
|
||||
}
|
||||
@ -129,7 +126,7 @@ public class DBReportRequestStateManagerTest extends SpringPersistenceTest {
|
||||
public final void testUpdateExistentState() {
|
||||
DBReportRequestStateManager mgr = new DBReportRequestStateManager(sessionFactory);
|
||||
ReportRequestState deviceState = getTestReportRequestState(testDevices.get(0));
|
||||
deviceState.setDueDate(DeviceGroup.MINUTE_MS_INTERVAL);
|
||||
deviceState.setDueDate(ReportRequestState.MINUTE_MS_INTERVAL);
|
||||
ReportRequestState newState = mgr.saveState(deviceState);
|
||||
newState.setReportRequestType(ReportRequestType.ON_DEMAND_REPORT);
|
||||
mgr.update(newState);
|
||||
@ -155,7 +152,7 @@ public class DBReportRequestStateManagerTest extends SpringPersistenceTest {
|
||||
public final void testDeleteExistentState() {
|
||||
DBReportRequestStateManager mgr = new DBReportRequestStateManager(sessionFactory);
|
||||
ReportRequestState deviceState = getTestReportRequestState(testDevices.get(0));
|
||||
deviceState.setDueDate(DeviceGroup.MINUTE_MS_INTERVAL);
|
||||
deviceState.setDueDate(ReportRequestState.MINUTE_MS_INTERVAL);
|
||||
ReportRequestState state = mgr.saveState(deviceState);
|
||||
mgr.deleteState(state);
|
||||
Assert.assertEquals(mgr.getList(ReportRequestState.class).size(), 0);
|
@ -1,11 +1,11 @@
|
||||
package hirs.persist;
|
||||
package hirs.attestationca.persist;
|
||||
|
||||
import hirs.appraiser.HIRSAppraiser;
|
||||
import hirs.appraiser.IMAAppraiser;
|
||||
import hirs.attestationca.servicemanager.DBReportSummaryManager;
|
||||
import hirs.data.persist.AppraisalResult;
|
||||
import hirs.data.persist.AppraisalStatus;
|
||||
import hirs.data.persist.ReportSummary;
|
||||
|
||||
import hirs.data.persist.SpringPersistenceTest;
|
||||
import org.apache.commons.lang3.RandomStringUtils;
|
||||
import org.testng.Assert;
|
@ -0,0 +1,25 @@
|
||||
package hirs.attestationca.persist;
|
||||
|
||||
import hirs.attestationca.configuration.PersistenceConfiguration;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.test.annotation.DirtiesContext;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.testng.AbstractTestNGSpringContextTests;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
|
||||
/**
|
||||
* Base class that autowires a session factory for use of
|
||||
* any tests that need a database connection.
|
||||
*/
|
||||
@ContextConfiguration(classes = PersistenceConfiguration.class)
|
||||
@DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_CLASS)
|
||||
public class SpringPersistenceTest extends AbstractTestNGSpringContextTests {
|
||||
|
||||
/**
|
||||
* Autowired session factory.
|
||||
*/
|
||||
@SuppressWarnings("checkstyle:visibilitymodifier")
|
||||
@Autowired
|
||||
protected EntityManager sessionFactory;
|
||||
}
|
@ -1,12 +1,13 @@
|
||||
package hirs.attestationca.service;
|
||||
|
||||
import hirs.appraiser.SupplyChainAppraiser;
|
||||
import hirs.attestationca.persist.SpringPersistenceTest;
|
||||
import hirs.attestationca.servicemanager.DBCertificateManager;
|
||||
import hirs.attestationca.servicemanager.DBDeviceManager;
|
||||
import hirs.attestationca.validation.SupplyChainValidationServiceImpl;
|
||||
import hirs.data.persist.AppraisalStatus;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.data.persist.SpringPersistenceTest;
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.data.persist.SupplyChainValidation;
|
||||
import hirs.data.persist.SupplyChainValidationSummary;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
@ -14,17 +15,13 @@ import hirs.data.persist.certificate.CertificateAuthorityCredential;
|
||||
import hirs.data.persist.certificate.DeviceAssociatedCertificate;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.persist.AppraiserManager;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
import hirs.persist.CrudManager;
|
||||
import hirs.persist.DBCertificateManager;
|
||||
import hirs.persist.DBDeviceGroupManager;
|
||||
import hirs.persist.DBDeviceManager;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.persist.PolicyManager;
|
||||
import hirs.persist.ReferenceDigestManager;
|
||||
import hirs.persist.ReferenceEventManager;
|
||||
import hirs.persist.service.AppraiserService;
|
||||
import hirs.persist.service.CertificateService;
|
||||
import hirs.persist.service.PolicyService;
|
||||
import hirs.persist.service.ReferenceDigestValueService;
|
||||
import hirs.validation.CredentialValidator;
|
||||
import hirs.validation.SupplyChainCredentialValidator;
|
||||
import org.mockito.ArgumentCaptor;
|
||||
@ -77,13 +74,13 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
private static final String NUC_EC = "/certificates/nuc_ec.pem";
|
||||
|
||||
@Mock
|
||||
private PolicyManager policyManager;
|
||||
private PolicyService policyManager;
|
||||
|
||||
@Mock
|
||||
private AppraiserManager appraiserManager;
|
||||
private AppraiserService appraiserManager;
|
||||
|
||||
@Mock
|
||||
private CertificateManager certificateManager;
|
||||
private CertificateService certificateManager;
|
||||
|
||||
@Mock
|
||||
private CredentialValidator supplyChainCredentialValidator;
|
||||
@ -92,10 +89,7 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
private CrudManager<SupplyChainValidationSummary> supplyChainValidationSummaryDBManager;
|
||||
|
||||
@Mock
|
||||
private ReferenceDigestManager referenceDigestManager;
|
||||
|
||||
@Mock
|
||||
private ReferenceEventManager referenceEventManager;
|
||||
private ReferenceDigestValueService referenceEventManager;
|
||||
|
||||
@InjectMocks
|
||||
private SupplyChainValidationServiceImpl service;
|
||||
@ -166,11 +160,11 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
resultPcs.add(delta);
|
||||
|
||||
// mock credential retrieval
|
||||
when(certificateManager.get(any(EndorsementCredential.Selector.class)))
|
||||
when(certificateManager.getCertificate(any(EndorsementCredential.Selector.class)))
|
||||
.thenReturn(resultEcs);
|
||||
when(certificateManager.get(any(PlatformCredential.Selector.class)))
|
||||
when(certificateManager.getCertificate(any(PlatformCredential.Selector.class)))
|
||||
.thenReturn(resultPcs);
|
||||
when(certificateManager.get(any(CertificateAuthorityCredential.Selector.class)))
|
||||
when(certificateManager.getCertificate(any(CertificateAuthorityCredential.Selector.class)))
|
||||
.thenReturn(Collections.emptySet());
|
||||
}
|
||||
|
||||
@ -181,11 +175,9 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
public void teardown() {
|
||||
DBCertificateManager certMan = new DBCertificateManager(sessionFactory);
|
||||
DBDeviceManager deviceMan = new DBDeviceManager(sessionFactory);
|
||||
DBDeviceGroupManager groupMan = new DBDeviceGroupManager(sessionFactory);
|
||||
|
||||
certMan.deleteAll();
|
||||
deviceMan.deleteAll();
|
||||
groupMan.deleteAll();
|
||||
}
|
||||
/**
|
||||
* All validations enabled, all pass.
|
||||
@ -217,7 +209,7 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
// verify the certs were updated with the test device object and saved in the cert man
|
||||
ArgumentCaptor<DeviceAssociatedCertificate> certificatesCaptor
|
||||
= ArgumentCaptor.forClass(DeviceAssociatedCertificate.class);
|
||||
verify(certificateManager, times(3)).update(certificatesCaptor.capture());
|
||||
verify(certificateManager, times(3)).updateCertificate(certificatesCaptor.capture());
|
||||
|
||||
List<DeviceAssociatedCertificate> certificateArgs = certificatesCaptor.getAllValues();
|
||||
for (DeviceAssociatedCertificate certArg : certificateArgs) {
|
||||
@ -441,7 +433,7 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
*/
|
||||
@Test
|
||||
public final void testGetCaChain() throws URISyntaxException, IOException, KeyStoreException {
|
||||
CertificateManager realCertMan = new DBCertificateManager(sessionFactory);
|
||||
CertificateServiceImpl realCertMan = new CertificateServiceImpl();
|
||||
|
||||
// the main service in this class only uses mocked managers, we need a real DB certificate
|
||||
// manager for this test, so we make a second service.
|
||||
@ -452,7 +444,6 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
null,
|
||||
supplyChainValidationSummaryDBManager,
|
||||
supplyChainCredentialValidator,
|
||||
referenceDigestManager,
|
||||
referenceEventManager
|
||||
);
|
||||
|
||||
@ -469,9 +460,9 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
Files.readAllBytes(Paths.get(getClass().getResource(
|
||||
NUC1_EC).toURI())));
|
||||
|
||||
realCertMan.save(endorsementCredential);
|
||||
realCertMan.save(rootCa);
|
||||
realCertMan.save(globalSignCaCert);
|
||||
realCertMan.saveCertificate(endorsementCredential);
|
||||
realCertMan.saveCertificate(rootCa);
|
||||
realCertMan.saveCertificate(globalSignCaCert);
|
||||
|
||||
KeyStore ks = mostlyMockedService.getCaChain(endorsementCredential);
|
||||
|
||||
@ -488,9 +479,9 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
Assert.assertNull(ks.getCertificate(stmCaAlias));
|
||||
Assert.assertNull(ks.getCertificate(gsCaAlias));
|
||||
|
||||
realCertMan.delete(endorsementCredential);
|
||||
realCertMan.delete(rootCa);
|
||||
realCertMan.delete(globalSignCaCert);
|
||||
realCertMan.deleteObjectById(endorsementCredential.getId());
|
||||
realCertMan.deleteObjectById(rootCa.getId());
|
||||
realCertMan.deleteObjectById(globalSignCaCert.getId());
|
||||
}
|
||||
|
||||
/**
|
||||
@ -503,7 +494,7 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
@Test
|
||||
public final void testGetNotFullCaChain() throws URISyntaxException, IOException,
|
||||
KeyStoreException {
|
||||
CertificateManager realCertMan = new DBCertificateManager(sessionFactory);
|
||||
CertificateServiceImpl realCertMan = new CertificateServiceImpl();
|
||||
|
||||
// the main service in this class only uses mocked managers, we need a real DB certificate
|
||||
// manager for this test, so we make a second service.
|
||||
@ -514,7 +505,6 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
null,
|
||||
supplyChainValidationSummaryDBManager,
|
||||
supplyChainCredentialValidator,
|
||||
referenceDigestManager,
|
||||
referenceEventManager
|
||||
);
|
||||
|
||||
@ -527,8 +517,8 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
Files.readAllBytes(Paths.get(getClass().getResource(
|
||||
NUC1_EC).toURI())));
|
||||
|
||||
realCertMan.save(endorsementCredential);
|
||||
realCertMan.save(rootCa);
|
||||
realCertMan.saveCertificate(endorsementCredential);
|
||||
realCertMan.saveCertificate(rootCa);
|
||||
|
||||
KeyStore ks = mostlyMockedService.getCaChain(endorsementCredential);
|
||||
|
||||
@ -538,8 +528,8 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
Assert.assertNull(ks.getCertificate(stmCaAlias));
|
||||
Assert.assertEquals(ks.size(), 0);
|
||||
|
||||
realCertMan.delete(endorsementCredential);
|
||||
realCertMan.delete(rootCa);
|
||||
realCertMan.deleteObjectById(endorsementCredential.getId());
|
||||
realCertMan.deleteObjectById(rootCa.getId());
|
||||
}
|
||||
|
||||
/**
|
||||
@ -551,7 +541,7 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
@Test
|
||||
public final void testGetEmptyCaChain() throws URISyntaxException, IOException,
|
||||
KeyStoreException {
|
||||
CertificateManager realCertMan = new DBCertificateManager(sessionFactory);
|
||||
CertificateServiceImpl realCertMan = new CertificateServiceImpl();
|
||||
|
||||
// the main service in this class only uses mocked managers, we need a real DB certificate
|
||||
// manager for this test, so we make a second service.
|
||||
@ -562,7 +552,6 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
null,
|
||||
supplyChainValidationSummaryDBManager,
|
||||
supplyChainCredentialValidator,
|
||||
referenceDigestManager,
|
||||
referenceEventManager
|
||||
);
|
||||
|
||||
@ -570,13 +559,13 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
Files.readAllBytes(Paths.get(getClass().getResource(
|
||||
NUC1_EC).toURI())));
|
||||
|
||||
realCertMan.save(endorsementCredential);
|
||||
realCertMan.saveCertificate(endorsementCredential);
|
||||
|
||||
KeyStore ks = mostlyMockedService.getCaChain(endorsementCredential);
|
||||
|
||||
Assert.assertEquals(ks.size(), 0);
|
||||
|
||||
realCertMan.delete(endorsementCredential);
|
||||
realCertMan.deleteObjectById(endorsementCredential.getId());
|
||||
}
|
||||
|
||||
/**
|
||||
@ -589,7 +578,7 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
@Test
|
||||
public final void testGetCaChainWithExtraCerts() throws URISyntaxException, IOException,
|
||||
KeyStoreException {
|
||||
CertificateManager realCertMan = new DBCertificateManager(sessionFactory);
|
||||
CertificateServiceImpl realCertMan = new CertificateServiceImpl();
|
||||
|
||||
// the main service in this class only uses mocked managers, we need a real DB certificate
|
||||
// manager for this test, so we make a second service.
|
||||
@ -600,7 +589,6 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
null,
|
||||
supplyChainValidationSummaryDBManager,
|
||||
supplyChainCredentialValidator,
|
||||
referenceDigestManager,
|
||||
referenceEventManager
|
||||
);
|
||||
|
||||
@ -622,10 +610,10 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
Files.readAllBytes(Paths.get(getClass().getResource(
|
||||
NUC1_EC).toURI())));
|
||||
|
||||
realCertMan.save(endorsementCredential);
|
||||
realCertMan.save(rootCa);
|
||||
realCertMan.save(globalSignCaCert);
|
||||
realCertMan.save(intelCa);
|
||||
realCertMan.saveCertificate(endorsementCredential);
|
||||
realCertMan.saveCertificate(rootCa);
|
||||
realCertMan.saveCertificate(globalSignCaCert);
|
||||
realCertMan.saveCertificate(intelCa);
|
||||
|
||||
KeyStore ks = mostlyMockedService.getCaChain(endorsementCredential);
|
||||
|
||||
@ -637,10 +625,10 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
Assert.assertNull(ks.getCertificate(gsCaAlias));
|
||||
Assert.assertEquals(ks.size(), 0);
|
||||
|
||||
realCertMan.delete(endorsementCredential);
|
||||
realCertMan.delete(rootCa);
|
||||
realCertMan.delete(globalSignCaCert);
|
||||
realCertMan.delete(intelCa);
|
||||
realCertMan.deleteObjectById(endorsementCredential.getId());
|
||||
realCertMan.deleteObjectById(rootCa.getId());
|
||||
realCertMan.deleteObjectById(globalSignCaCert.getId());
|
||||
realCertMan.deleteObjectById(intelCa.getId());
|
||||
}
|
||||
|
||||
/**
|
||||
@ -651,7 +639,7 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
*/
|
||||
@Test
|
||||
public final void testGetPcCaChain() throws URISyntaxException, IOException, KeyStoreException {
|
||||
CertificateManager realCertMan = new DBCertificateManager(sessionFactory);
|
||||
CertificateServiceImpl realCertMan = new CertificateServiceImpl();
|
||||
|
||||
// the main service in this class only uses mocked managers, we need a real DB certificate
|
||||
// manager for this test, so we make a second service.
|
||||
@ -662,7 +650,6 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
null,
|
||||
supplyChainValidationSummaryDBManager,
|
||||
supplyChainCredentialValidator,
|
||||
referenceDigestManager,
|
||||
referenceEventManager
|
||||
);
|
||||
|
||||
@ -675,8 +662,8 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
Files.readAllBytes(Paths.get(getClass().getResource(
|
||||
NUC_PC).toURI())));
|
||||
|
||||
realCertMan.save(platformCredential);
|
||||
realCertMan.save(intelCa);
|
||||
realCertMan.saveCertificate(platformCredential);
|
||||
realCertMan.saveCertificate(intelCa);
|
||||
|
||||
KeyStore ks = mostlyMockedService.getCaChain(platformCredential);
|
||||
|
||||
@ -685,8 +672,8 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
Assert.assertNotNull(ks.getCertificate(intelCaAlias));
|
||||
Assert.assertEquals(ks.size(), 1);
|
||||
|
||||
realCertMan.delete(platformCredential);
|
||||
realCertMan.delete(intelCa);
|
||||
realCertMan.deleteObjectById(platformCredential.getId());
|
||||
realCertMan.deleteObjectById(intelCa.getId());
|
||||
}
|
||||
|
||||
/**
|
||||
@ -699,7 +686,7 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
@Test
|
||||
public final void testGetPcCaChainNoMatches() throws URISyntaxException, IOException,
|
||||
KeyStoreException {
|
||||
CertificateManager realCertMan = new DBCertificateManager(sessionFactory);
|
||||
CertificateServiceImpl realCertMan = new CertificateServiceImpl();
|
||||
|
||||
// the main service in this class only uses mocked managers, we need a real DB certificate
|
||||
// manager for this test, so we make a second service.
|
||||
@ -710,7 +697,6 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
null,
|
||||
supplyChainValidationSummaryDBManager,
|
||||
supplyChainCredentialValidator,
|
||||
referenceDigestManager,
|
||||
referenceEventManager
|
||||
);
|
||||
|
||||
@ -727,17 +713,17 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
Files.readAllBytes(Paths.get(getClass().getResource(
|
||||
NUC_PC).toURI())));
|
||||
|
||||
realCertMan.save(platformCredential);
|
||||
realCertMan.save(rootCa);
|
||||
realCertMan.save(globalSignCaCert);
|
||||
realCertMan.saveCertificate(platformCredential);
|
||||
realCertMan.saveCertificate(rootCa);
|
||||
realCertMan.saveCertificate(globalSignCaCert);
|
||||
|
||||
KeyStore ks = mostlyMockedService.getCaChain(platformCredential);
|
||||
|
||||
Assert.assertEquals(ks.size(), 0);
|
||||
|
||||
realCertMan.delete(platformCredential);
|
||||
realCertMan.delete(rootCa);
|
||||
realCertMan.delete(globalSignCaCert);
|
||||
realCertMan.deleteObjectById(platformCredential.getId());
|
||||
realCertMan.deleteObjectById(rootCa.getId());
|
||||
realCertMan.deleteObjectById(globalSignCaCert.getId());
|
||||
}
|
||||
|
||||
/**
|
||||
@ -753,7 +739,7 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
when(policy.isPcValidationEnabled()).thenReturn(false);
|
||||
when(policy.isPcAttributeValidationEnabled()).thenReturn(false);
|
||||
|
||||
CertificateManager realCertMan = new DBCertificateManager(sessionFactory);
|
||||
CertificateServiceImpl realCertMan = new CertificateServiceImpl();
|
||||
Device storedDevice = getStoredTestDevice();
|
||||
|
||||
SupplyChainValidationServiceImpl mostlyMockedService = new SupplyChainValidationServiceImpl(
|
||||
@ -763,7 +749,6 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
null,
|
||||
supplyChainValidationSummaryDBManager,
|
||||
new SupplyChainCredentialValidator(),
|
||||
referenceDigestManager,
|
||||
referenceEventManager
|
||||
);
|
||||
|
||||
@ -780,15 +765,15 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
GS_ROOT_CA).toURI()))
|
||||
);
|
||||
|
||||
realCertMan.save(stmTpmEkIntermediateCA);
|
||||
realCertMan.save(globalSignTpmRoot);
|
||||
realCertMan.save(stmEkRootCa);
|
||||
realCertMan.saveCertificate(stmTpmEkIntermediateCA);
|
||||
realCertMan.saveCertificate(globalSignTpmRoot);
|
||||
realCertMan.saveCertificate(stmEkRootCa);
|
||||
|
||||
EndorsementCredential nucEc = new EndorsementCredential(
|
||||
Files.readAllBytes(Paths.get(getClass().getResource(NUC_EC).toURI()))
|
||||
);
|
||||
|
||||
realCertMan.save(nucEc);
|
||||
realCertMan.saveCertificate(nucEc);
|
||||
|
||||
SupplyChainValidationSummary summary = mostlyMockedService.validateSupplyChain(
|
||||
nucEc, Collections.emptySet(), storedDevice
|
||||
@ -809,20 +794,16 @@ public class SupplyChainValidationServiceImplTest extends SpringPersistenceTest
|
||||
|
||||
Assert.assertEquals(updatedStoredEc.getDevice().getId(), storedDevice.getId());
|
||||
|
||||
realCertMan.delete(stmTpmEkIntermediateCA);
|
||||
realCertMan.delete(globalSignTpmRoot);
|
||||
realCertMan.delete(stmEkRootCa);
|
||||
realCertMan.delete(nucEc);
|
||||
realCertMan.deleteObjectById(stmTpmEkIntermediateCA.getId());
|
||||
realCertMan.deleteObjectById(globalSignTpmRoot.getId());
|
||||
realCertMan.deleteObjectById(stmEkRootCa.getId());
|
||||
realCertMan.deleteObjectById(nucEc.getId());
|
||||
}
|
||||
|
||||
private Device getStoredTestDevice() {
|
||||
DeviceManager deviceManager = new DBDeviceManager(sessionFactory);
|
||||
DeviceGroupManager deviceGroupManager = new DBDeviceGroupManager(sessionFactory);
|
||||
|
||||
DeviceGroup testGroup = new DeviceGroup("group1");
|
||||
Device testDevice = new Device("SCVSI-test");
|
||||
|
||||
testDevice.setDeviceGroup(deviceGroupManager.saveDeviceGroup(testGroup));
|
||||
return deviceManager.saveDevice(testDevice);
|
||||
}
|
||||
}
|
||||
|
@ -1,94 +1,69 @@
|
||||
apply plugin: 'checkstyle'
|
||||
apply plugin: 'findbugs'
|
||||
apply plugin: 'java'
|
||||
apply plugin: 'jacoco'
|
||||
apply plugin: 'pmd'
|
||||
apply plugin: 'war'
|
||||
plugins {
|
||||
id 'java'
|
||||
id 'war'
|
||||
}
|
||||
|
||||
sourceCompatibility = 1.8
|
||||
java {
|
||||
toolchain {
|
||||
languageVersion = JavaLanguageVersion.of(11)
|
||||
}
|
||||
}
|
||||
|
||||
repositories {
|
||||
flatDir {
|
||||
dirs 'libs'
|
||||
}
|
||||
mavenCentral()
|
||||
}
|
||||
|
||||
dependencies {
|
||||
providedCompile 'javax.servlet:javax.servlet-api:3.1.0' //libs.servlet_api
|
||||
implementation project(':HIRS_Utils')
|
||||
implementation project(':HIRS_AttestationCA')
|
||||
implementation libs.bouncy.castle
|
||||
implementation libs.servlet.api
|
||||
implementation libs.commons.io
|
||||
implementation libs.commons.lang
|
||||
implementation libs.commons.upload
|
||||
implementation libs.gson
|
||||
implementation libs.guava // for com.google.common
|
||||
implementation libs.hibernate
|
||||
implementation libs.hibernate.validator
|
||||
implementation libs.http
|
||||
implementation libs.jstl
|
||||
implementation libs.javax.validation
|
||||
implementation libs.log4j2
|
||||
implementation libs.log4j2.web
|
||||
implementation libs.pci.ids
|
||||
implementation libs.servlet.api
|
||||
implementation libs.spring.context
|
||||
implementation libs.spring.jdbc
|
||||
implementation libs.spring.orm
|
||||
implementation libs.spring.transaction
|
||||
implementation libs.spring.webmvc
|
||||
testImplementation libs.hamcrest
|
||||
|
||||
compile(project(':HIRS_Utils')) {
|
||||
exclude module: "javassist"
|
||||
}
|
||||
compile(project(':HIRS_AttestationCA'))
|
||||
|
||||
compile libs.commons_io
|
||||
compile libs.commons_lang
|
||||
compile libs.commons_upload
|
||||
compile libs.gson
|
||||
compile libs.guava // for com.google.common
|
||||
compile libs.hibernate
|
||||
compile libs.http
|
||||
compile libs.jstl
|
||||
compile libs.log4j2
|
||||
compile libs.log4j2_web
|
||||
compile libs.pci_ids
|
||||
compile 'javax.servlet:javax.servlet-api:3.1.0' //libs.servlet_api
|
||||
compile libs.spring_webmvc
|
||||
compile 'org.springframework:spring-context-support:4.3.30.RELEASE'
|
||||
compile 'org.hibernate:hibernate-validator:5.3.4.Final'
|
||||
|
||||
compileOnly libs.checkstyle
|
||||
compileOnly libs.findbugs
|
||||
|
||||
runtime fileTree(dir: 'build/plugins', include: ['*.jar'])
|
||||
|
||||
testCompile 'org.hamcrest:hamcrest-all:1.3'
|
||||
// override the servlet API for testing. Required for Spring Integration tests
|
||||
testCompile 'javax.servlet:javax.servlet-api:3.1.0'
|
||||
|
||||
testCompile libs.hsqldb
|
||||
testCompile libs.spring_test
|
||||
testCompile libs.testng
|
||||
testCompile libs.mockito
|
||||
testCompile libs.testng
|
||||
testCompile 'org.skyscreamer:jsonassert:1.2.3' // for .andExpect(content().json(json))
|
||||
|
||||
testRuntime 'com.jayway.jsonpath:json-path:2.1.0'
|
||||
}
|
||||
|
||||
test {
|
||||
useTestNG()
|
||||
testImplementation libs.servlet.api
|
||||
testImplementation libs.hsqldb
|
||||
testImplementation libs.spring.test
|
||||
testImplementation libs.testng
|
||||
testImplementation libs.mockito
|
||||
testImplementation libs.testng
|
||||
testImplementation libs.jsonassert
|
||||
testImplementation libs.jsonpath
|
||||
}
|
||||
|
||||
def copyVersion = project.task('copyVersion')
|
||||
copyVersion.dependsOn compileJava
|
||||
war.dependsOn copyVersion
|
||||
war.dependsOn addPlugins
|
||||
|
||||
war {
|
||||
from(buildDir) {
|
||||
include 'VERSION'
|
||||
into 'WEB-INF/classes'
|
||||
}
|
||||
archiveName = 'HIRS_AttestationCAPortal.war'
|
||||
archiveFileName = 'HIRS_AttestationCAPortal.war'
|
||||
}
|
||||
|
||||
ext.configDir = new File(projectDir, 'config')
|
||||
|
||||
ext.checkstyleConfigDir = "$configDir/checkstyle"
|
||||
|
||||
checkstyle {
|
||||
toolVersion = '8.10.1'
|
||||
configFile = checkstyleConfigFile
|
||||
configProperties.put('basedir', checkstyleConfigDir)
|
||||
ignoreFailures = false
|
||||
showViolations = true
|
||||
}
|
||||
|
||||
ext.findbugsConfigDir = "$configDir/findbugs"
|
||||
|
||||
findbugs {
|
||||
toolVersion = '3.0.0'
|
||||
ignoreFailures = false
|
||||
effort = 'max'
|
||||
excludeFilter = new File(findbugsConfigDir, 'suppressions.xml')
|
||||
}
|
||||
|
@ -1,14 +1,14 @@
|
||||
package hirs.attestationca.portal.datatables;
|
||||
|
||||
import hirs.FilteredRecordsList;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.OrderedQuery;
|
||||
import org.hibernate.Criteria;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import hirs.FilteredRecordsList;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.OrderedListQuerier;
|
||||
|
||||
/**
|
||||
* A class to adapt the Javascript DataTable java class abstractions to the DBManager's getting
|
||||
@ -30,8 +30,8 @@ public final class OrderedListQueryDataTableAdapter<T> {
|
||||
* @param <T> the parameter type
|
||||
* @return the filtered record list
|
||||
*/
|
||||
public static <T> FilteredRecordsList<T> getOrderedList(final Class<? extends T> clazz,
|
||||
final OrderedListQuerier<T> dbManager,
|
||||
public static <T> FilteredRecordsList<T> getOrderedList(final Class<T> clazz,
|
||||
final OrderedQuery<T> dbManager,
|
||||
final DataTableInput dataTableInput,
|
||||
final String orderColumnName) {
|
||||
|
||||
@ -54,8 +54,10 @@ public final class OrderedListQueryDataTableAdapter<T> {
|
||||
* @param <T> the parameter type
|
||||
* @return the filtered record list
|
||||
*/
|
||||
public static <T> FilteredRecordsList<T> getOrderedList(final Class<? extends T> clazz,
|
||||
final OrderedListQuerier<T> dbManager, final DataTableInput dataTableInput,
|
||||
public static <T> FilteredRecordsList<T> getOrderedList(
|
||||
final Class<T> clazz,
|
||||
final OrderedQuery<T> dbManager,
|
||||
final DataTableInput dataTableInput,
|
||||
final String orderColumnName,
|
||||
final CriteriaModifier criteriaModifier) {
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
package hirs.attestationca.portal.model;
|
||||
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
|
||||
/**
|
||||
* PolicyPage model object to demonstrate data exchange between policy.jsp page
|
||||
|
@ -0,0 +1,31 @@
|
||||
package hirs.attestationca.portal.page;
|
||||
|
||||
import hirs.attestationca.AttestationCertificateAuthorityConfiguration;
|
||||
import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
|
||||
/**
|
||||
* Simply holds a contextInitialized method which will be called when the web app starts.
|
||||
*/
|
||||
public class AcaInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
|
||||
|
||||
|
||||
@Override
|
||||
protected Class<?>[] getRootConfigClasses() {
|
||||
return new Class[] {
|
||||
AttestationCertificateAuthorityConfiguration.class
|
||||
};
|
||||
}
|
||||
|
||||
@Override
|
||||
protected Class<?>[] getServletConfigClasses() {
|
||||
return new Class[] {
|
||||
CommonPageConfiguration.class, AttestationCertificateAuthorityConfiguration.class
|
||||
};
|
||||
}
|
||||
|
||||
@Override
|
||||
protected String[] getServletMappings() {
|
||||
return new String[] {
|
||||
"/"
|
||||
};
|
||||
}
|
||||
}
|
@ -1,15 +1,20 @@
|
||||
package hirs.attestationca.portal.page;
|
||||
|
||||
import hirs.attestationca.AttestationCertificateAuthorityConfiguration;
|
||||
import hirs.attestationca.portal.datatables.DataTableView;
|
||||
import hirs.attestationca.portal.persistence.PersistenceConfiguration;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
|
||||
import org.springframework.stereotype.Repository;
|
||||
import org.springframework.transaction.annotation.EnableTransactionManagement;
|
||||
import org.springframework.web.multipart.commons.CommonsMultipartResolver;
|
||||
import org.springframework.web.servlet.ViewResolver;
|
||||
import org.springframework.web.servlet.config.annotation.DefaultServletHandlerConfigurer;
|
||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
import org.springframework.web.servlet.view.InternalResourceViewResolver;
|
||||
import org.springframework.web.servlet.view.UrlBasedViewResolver;
|
||||
|
||||
@ -19,12 +24,15 @@ import java.nio.charset.StandardCharsets;
|
||||
* Specifies the location to scan for page controllers, view resolver for JSON data, and view
|
||||
* resolver to map view names to jsp files.
|
||||
*/
|
||||
@Repository
|
||||
@Configuration
|
||||
@EnableTransactionManagement
|
||||
@EnableWebMvc
|
||||
@ComponentScan("hirs.attestationca.portal.page.controllers")
|
||||
@Import({ PersistenceConfiguration.class })
|
||||
public class CommonPageConfiguration {
|
||||
@Import({ AttestationCertificateAuthorityConfiguration.class })
|
||||
public class CommonPageConfiguration implements WebMvcConfigurer {
|
||||
|
||||
private static final String CLIENT_FILES_PATH = "file:/etc/hirs/aca/client-files/";
|
||||
|
||||
/**
|
||||
* @return bean to resolve injected annotation.Value
|
||||
@ -77,4 +85,14 @@ public class CommonPageConfiguration {
|
||||
return resolver;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addResourceHandlers(final ResourceHandlerRegistry resourceHandlerRegistry) {
|
||||
resourceHandlerRegistry.addResourceHandler("/client-files/**")
|
||||
.addResourceLocations(CLIENT_FILES_PATH);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void configureDefaultServletHandling(final DefaultServletHandlerConfigurer configurer) {
|
||||
configurer.enable();
|
||||
}
|
||||
}
|
||||
|
@ -1,14 +1,14 @@
|
||||
package hirs.attestationca.portal.page;
|
||||
|
||||
import hirs.attestationca.configuration.AttestationCertificateAuthorityConfiguration;
|
||||
import hirs.attestationca.AttestationCertificateAuthorityConfiguration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
|
||||
/**
|
||||
* Main Spring configuration class for the ACA Portal. Uses the Common page configuration,
|
||||
* as well as the ACA configuration for accessing the ACA certificate.
|
||||
*/
|
||||
@Import({ CommonPageConfiguration.class, AttestationCertificateAuthorityConfiguration.class })
|
||||
public class PageConfiguration extends WebMvcConfigurerAdapter {
|
||||
public class PageConfiguration implements WebMvcConfigurer {
|
||||
|
||||
}
|
||||
|
@ -4,13 +4,13 @@ import hirs.attestationca.portal.page.PageController;
|
||||
import hirs.attestationca.portal.page.PageMessages;
|
||||
import hirs.attestationca.portal.page.params.CertificateDetailsPageParams;
|
||||
import hirs.attestationca.portal.util.CertificateStringMapBuilder;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.service.CertificateService;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
import java.io.IOException;
|
||||
@ -22,8 +22,8 @@ import static hirs.attestationca.portal.page.Page.CERTIFICATE_DETAILS;
|
||||
/**
|
||||
* Controller for the Certificate Details page.
|
||||
*/
|
||||
@Controller
|
||||
@RequestMapping("/certificate-details")
|
||||
@RestController
|
||||
@RequestMapping(path = "/certificate-details")
|
||||
public class CertificateDetailsPageController extends PageController<CertificateDetailsPageParams> {
|
||||
|
||||
/**
|
||||
@ -31,17 +31,18 @@ public class CertificateDetailsPageController extends PageController<Certificate
|
||||
*/
|
||||
static final String INITIAL_DATA = "initialData";
|
||||
|
||||
private final CertificateManager certificateManager;
|
||||
@Autowired
|
||||
private final CertificateService certificateService;
|
||||
private static final Logger LOGGER =
|
||||
LogManager.getLogger(CertificateDetailsPageController.class);
|
||||
/**
|
||||
* Constructor providing the Page's display and routing specification.
|
||||
* @param certificateManager the certificate manager
|
||||
* @param certificateService the certificate service
|
||||
*/
|
||||
@Autowired
|
||||
public CertificateDetailsPageController(final CertificateManager certificateManager) {
|
||||
public CertificateDetailsPageController(final CertificateService certificateService) {
|
||||
super(CERTIFICATE_DETAILS);
|
||||
this.certificateManager = certificateManager;
|
||||
this.certificateService = certificateService;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -79,19 +80,19 @@ public class CertificateDetailsPageController extends PageController<Certificate
|
||||
switch (type) {
|
||||
case "certificateauthority":
|
||||
data.putAll(CertificateStringMapBuilder.getCertificateAuthorityInformation(
|
||||
uuid, certificateManager));
|
||||
uuid, certificateService));
|
||||
break;
|
||||
case "endorsement":
|
||||
data.putAll(CertificateStringMapBuilder.getEndorsementInformation(uuid,
|
||||
certificateManager));
|
||||
certificateService));
|
||||
break;
|
||||
case "platform":
|
||||
data.putAll(CertificateStringMapBuilder.getPlatformInformation(uuid,
|
||||
certificateManager));
|
||||
certificateService));
|
||||
break;
|
||||
case "issued":
|
||||
data.putAll(CertificateStringMapBuilder.getIssuedInformation(uuid,
|
||||
certificateManager));
|
||||
certificateService));
|
||||
break;
|
||||
default:
|
||||
String typeError = "Invalid certificate type: " + params.getType();
|
||||
|
@ -14,11 +14,11 @@ import hirs.data.persist.certificate.CertificateAuthorityCredential;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.IssuedAttestationCertificate;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.CrudManager;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.OrderedListQuerier;
|
||||
import hirs.persist.OrderedQuery;
|
||||
import hirs.persist.service.CertificateService;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.bouncycastle.util.encoders.DecoderException;
|
||||
import org.hibernate.Criteria;
|
||||
@ -26,14 +26,15 @@ import org.hibernate.criterion.Restrictions;
|
||||
import org.hibernate.sql.JoinType;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.util.StreamUtils;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.multipart.MultipartFile;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
|
||||
@ -57,12 +58,14 @@ import static org.apache.logging.log4j.LogManager.getLogger;
|
||||
/**
|
||||
* Controller for the Certificates list all pages.
|
||||
*/
|
||||
@Controller
|
||||
@RequestMapping("/certificate-request")
|
||||
@RestController
|
||||
@RequestMapping(path = "/certificate-request")
|
||||
public class CertificateRequestPageController extends PageController<NoPageParams> {
|
||||
|
||||
private final CertificateManager certificateManager;
|
||||
private final OrderedListQuerier<Certificate> dataTableQuerier;
|
||||
@Autowired
|
||||
private final CertificateService certificateService;
|
||||
@Autowired
|
||||
private final OrderedQuery<Certificate> dataTableQuerier;
|
||||
|
||||
private CertificateAuthorityCredential certificateAuthorityCredential;
|
||||
|
||||
@ -81,17 +84,17 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
/**
|
||||
* Constructor providing the Page's display and routing specification.
|
||||
*
|
||||
* @param certificateManager the certificate manager
|
||||
* @param certificateService the certificate service impl
|
||||
* @param crudManager the CRUD manager for certificates
|
||||
* @param acaCertificate the ACA's X509 certificate
|
||||
*/
|
||||
@Autowired
|
||||
public CertificateRequestPageController(
|
||||
final CertificateManager certificateManager,
|
||||
final CertificateService certificateService,
|
||||
final CrudManager<Certificate> crudManager,
|
||||
final X509Certificate acaCertificate) {
|
||||
super(Page.TRUST_CHAIN);
|
||||
this.certificateManager = certificateManager;
|
||||
this.certificateService = certificateService;
|
||||
this.dataTableQuerier = crudManager;
|
||||
|
||||
try {
|
||||
@ -127,6 +130,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
* redirect.
|
||||
* @return the path for the view and data model for the page.
|
||||
*/
|
||||
@GetMapping
|
||||
@RequestMapping("/{certificateType}")
|
||||
public ModelAndView initPage(@PathVariable("certificateType") final String certificateType,
|
||||
final NoPageParams params, final Model model) {
|
||||
@ -148,7 +152,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
mav = getBaseModelAndView(Page.TRUST_CHAIN);
|
||||
// Map with the ACA certificate information
|
||||
data.putAll(CertificateStringMapBuilder.getCertificateAuthorityInformation(
|
||||
certificateAuthorityCredential, this.certificateManager));
|
||||
certificateAuthorityCredential, this.certificateService));
|
||||
mav.addObject(ACA_CERT_DATA, data);
|
||||
break;
|
||||
default:
|
||||
@ -168,6 +172,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
* @return the data table
|
||||
*/
|
||||
@ResponseBody
|
||||
@GetMapping
|
||||
@RequestMapping(value = "/{certificateType}/list",
|
||||
produces = MediaType.APPLICATION_JSON_VALUE,
|
||||
method = RequestMethod.GET)
|
||||
@ -217,7 +222,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
PlatformCredential pc = (PlatformCredential) records.get(i);
|
||||
// find the EC using the PC's "holder serial number"
|
||||
associatedEC = EndorsementCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.bySerialNumber(pc.getHolderSerialNumber())
|
||||
.getCertificate();
|
||||
|
||||
@ -257,7 +262,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
|
||||
try {
|
||||
UUID uuid = UUID.fromString(id);
|
||||
Certificate certificate = getCertificateById(certificateType, uuid, certificateManager);
|
||||
Certificate certificate = getCertificateById(certificateType, uuid, certificateService);
|
||||
if (certificate == null) {
|
||||
// Use the term "record" here to avoid user confusion b/t cert and cred
|
||||
String notFoundMessage = "Unable to locate record with ID: " + uuid;
|
||||
@ -271,13 +276,13 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
List<PlatformCredential> sharedCertificates = getCertificateByBoardSN(
|
||||
certificateType,
|
||||
platformCertificate.getPlatformSerial(),
|
||||
certificateManager);
|
||||
certificateService);
|
||||
|
||||
if (sharedCertificates != null) {
|
||||
for (PlatformCredential pc : sharedCertificates) {
|
||||
if (!pc.isBase()) {
|
||||
pc.archive();
|
||||
certificateManager.update(pc);
|
||||
certificateService.updateCertificate(pc, pc.getId());
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -285,7 +290,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
}
|
||||
|
||||
certificate.archive();
|
||||
certificateManager.update(certificate);
|
||||
certificateService.updateCertificate(certificate, uuid);
|
||||
|
||||
String deleteCompletedMessage = "Certificate successfully deleted";
|
||||
messages.addInfo(deleteCompletedMessage);
|
||||
@ -325,7 +330,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
|
||||
try {
|
||||
UUID uuid = UUID.fromString(id);
|
||||
Certificate certificate = getCertificateById(certificateType, uuid, certificateManager);
|
||||
Certificate certificate = getCertificateById(certificateType, uuid, certificateService);
|
||||
if (certificate == null) {
|
||||
// Use the term "record" here to avoid user confusion b/t cert and cred
|
||||
String notFoundMessage = "Unable to locate record with ID: " + uuid;
|
||||
@ -399,7 +404,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
try (ZipOutputStream zipOut = new ZipOutputStream(response.getOutputStream())) {
|
||||
// get all files
|
||||
for (CertificateAuthorityCredential ca : CertificateAuthorityCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.getCertificates()) {
|
||||
zipFileName = String.format("ca-certificates[%s].cer",
|
||||
Integer.toHexString(ca.getCertificateHash()));
|
||||
@ -443,7 +448,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
|
||||
try (ZipOutputStream zipOut = new ZipOutputStream(response.getOutputStream())) {
|
||||
// get all files
|
||||
for (PlatformCredential pc : PlatformCredential.select(certificateManager)
|
||||
for (PlatformCredential pc : PlatformCredential.select(certificateService)
|
||||
.getCertificates()) {
|
||||
zipFileName = String.format("Platform_Certificates[%s].cer",
|
||||
Integer.toHexString(pc.getCertificateHash()));
|
||||
@ -488,7 +493,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
try (ZipOutputStream zipOut = new ZipOutputStream(response.getOutputStream())) {
|
||||
// get all files
|
||||
for (IssuedAttestationCertificate ic : IssuedAttestationCertificate
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.getCertificates()) {
|
||||
zipFileName = String.format("Issued_Certificates[%s].cer",
|
||||
Integer.toHexString(ic.getCertificateHash()));
|
||||
@ -533,7 +538,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
try (ZipOutputStream zipOut = new ZipOutputStream(response.getOutputStream())) {
|
||||
// get all files
|
||||
for (EndorsementCredential ek : EndorsementCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.getCertificates()) {
|
||||
zipFileName = String.format("Endorsement_Certificates[%s].cer",
|
||||
Integer.toHexString(ek.getCertificateHash()));
|
||||
@ -584,7 +589,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
certificateType,
|
||||
file.getOriginalFilename(),
|
||||
messages, certificate,
|
||||
certificateManager);
|
||||
certificateService);
|
||||
}
|
||||
}
|
||||
|
||||
@ -621,7 +626,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
* @param certificateType String containing the certificate type
|
||||
* @return the certificate class type
|
||||
*/
|
||||
private static Class<? extends Certificate> getCertificateClass(final String certificateType) {
|
||||
private static Class getCertificateClass(final String certificateType) {
|
||||
switch (certificateType) {
|
||||
case PLATFORMCREDENTIAL:
|
||||
return PlatformCredential.class;
|
||||
@ -661,33 +666,33 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
*
|
||||
* @param certificateType String containing the certificate type
|
||||
* @param uuid the ID of the cert
|
||||
* @param certificateManager the certificate manager to query
|
||||
* @param certificateService the certificate service to query
|
||||
* @return the certificate or null if none is found
|
||||
*/
|
||||
private Certificate getCertificateById(
|
||||
final String certificateType,
|
||||
final UUID uuid,
|
||||
final CertificateManager certificateManager) {
|
||||
final CertificateService certificateService) {
|
||||
|
||||
switch (certificateType) {
|
||||
case PLATFORMCREDENTIAL:
|
||||
return PlatformCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.byEntityId(uuid)
|
||||
.getCertificate();
|
||||
case ENDORSEMENTCREDENTIAL:
|
||||
return EndorsementCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.byEntityId(uuid)
|
||||
.getCertificate();
|
||||
case ISSUEDCERTIFICATES:
|
||||
return IssuedAttestationCertificate
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.byEntityId(uuid)
|
||||
.getCertificate();
|
||||
case TRUSTCHAIN:
|
||||
return CertificateAuthorityCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.byEntityId(uuid)
|
||||
.getCertificate();
|
||||
default:
|
||||
@ -701,30 +706,30 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
*
|
||||
* @param certificateType String containing the certificate type
|
||||
* @param certificateHash the hash of the certificate's bytes
|
||||
* @param certificateManager the certificate manager to query
|
||||
* @param certificateService the certificate service to query
|
||||
* @return the certificate or null if none is found
|
||||
*/
|
||||
private Certificate getCertificateByHash(
|
||||
final String certificateType,
|
||||
final int certificateHash,
|
||||
final CertificateManager certificateManager) {
|
||||
final CertificateService certificateService) {
|
||||
|
||||
switch (certificateType) {
|
||||
case PLATFORMCREDENTIAL:
|
||||
return PlatformCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.includeArchived()
|
||||
.byHashCode(certificateHash)
|
||||
.getCertificate();
|
||||
case ENDORSEMENTCREDENTIAL:
|
||||
return EndorsementCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.includeArchived()
|
||||
.byHashCode(certificateHash)
|
||||
.getCertificate();
|
||||
case TRUSTCHAIN:
|
||||
return CertificateAuthorityCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.includeArchived()
|
||||
.byHashCode(certificateHash)
|
||||
.getCertificate();
|
||||
@ -738,13 +743,13 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
*
|
||||
* @param certificateType String containing the certificate type
|
||||
* @param serialNumber the platform serial number
|
||||
* @param certificateManager the certificate manager to query
|
||||
* @param certificateService the certificate service to query
|
||||
* @return the certificate or null if none is found
|
||||
*/
|
||||
private List<PlatformCredential> getCertificateByBoardSN(
|
||||
final String certificateType,
|
||||
final String serialNumber,
|
||||
final CertificateManager certificateManager) {
|
||||
final CertificateService certificateService) {
|
||||
|
||||
if (serialNumber == null) {
|
||||
return null;
|
||||
@ -753,7 +758,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
switch (certificateType) {
|
||||
case PLATFORMCREDENTIAL:
|
||||
return PlatformCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.byBoardSerialNumber(serialNumber)
|
||||
.getCertificates().stream().collect(Collectors.toList());
|
||||
default:
|
||||
@ -834,7 +839,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
* be stored
|
||||
* @param messages contains any messages that will be display on the page
|
||||
* @param certificate the certificate to store
|
||||
* @param certificateManager the DB manager to use
|
||||
* @param certificateService the DB service to use
|
||||
* @return the messages for the page
|
||||
*/
|
||||
private void storeCertificate(
|
||||
@ -842,7 +847,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
final String fileName,
|
||||
final PageMessages messages,
|
||||
final Certificate certificate,
|
||||
final CertificateManager certificateManager) {
|
||||
final CertificateService certificateService) {
|
||||
|
||||
Certificate existingCertificate;
|
||||
|
||||
@ -851,7 +856,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
existingCertificate = getCertificateByHash(
|
||||
certificateType,
|
||||
certificate.getCertificateHash(),
|
||||
certificateManager);
|
||||
certificateService);
|
||||
} catch (DBManagerException e) {
|
||||
final String failMessage = "Querying for existing certificate failed ("
|
||||
+ fileName + "): ";
|
||||
@ -869,7 +874,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
List<PlatformCredential> sharedCertificates = getCertificateByBoardSN(
|
||||
certificateType,
|
||||
platformCertificate.getPlatformSerial(),
|
||||
certificateManager);
|
||||
certificateService);
|
||||
|
||||
if (sharedCertificates != null) {
|
||||
for (PlatformCredential pc : sharedCertificates) {
|
||||
@ -906,7 +911,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
}**/
|
||||
}
|
||||
|
||||
certificateManager.save(certificate);
|
||||
certificateService.saveCertificate(certificate);
|
||||
|
||||
final String successMsg
|
||||
= String.format("New certificate successfully uploaded (%s): ", fileName);
|
||||
@ -928,7 +933,7 @@ public class CertificateRequestPageController extends PageController<NoPageParam
|
||||
if (existingCertificate.isArchived()) {
|
||||
existingCertificate.restore();
|
||||
existingCertificate.resetCreateTime();
|
||||
certificateManager.update(existingCertificate);
|
||||
certificateService.updateCertificate(existingCertificate, certificate.getId());
|
||||
|
||||
final String successMsg = String.format("Pre-existing certificate "
|
||||
+ "found and unarchived (%s): ", fileName);
|
||||
|
@ -1,19 +1,26 @@
|
||||
package hirs.attestationca.portal.page.controllers;
|
||||
|
||||
import hirs.FilteredRecordsList;
|
||||
import hirs.attestationca.portal.datatables.DataTableInput;
|
||||
import hirs.attestationca.portal.datatables.DataTableResponse;
|
||||
import hirs.attestationca.portal.datatables.OrderedListQueryDataTableAdapter;
|
||||
import static hirs.attestationca.portal.page.Page.DEVICES;
|
||||
import hirs.attestationca.portal.page.PageController;
|
||||
import hirs.attestationca.portal.page.params.NoPageParams;
|
||||
import hirs.attestationca.servicemanager.DBManager;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.DeviceAssociatedCertificate;
|
||||
import hirs.persist.service.DeviceService;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.criterion.Restrictions;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
import java.util.ArrayList;
|
||||
@ -22,37 +29,34 @@ import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
|
||||
import static hirs.attestationca.portal.page.Page.DEVICES;
|
||||
import static org.apache.logging.log4j.LogManager.getLogger;
|
||||
import org.hibernate.criterion.Restrictions;
|
||||
import hirs.FilteredRecordsList;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.DeviceAssociatedCertificate;
|
||||
import hirs.persist.DBManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
|
||||
/**
|
||||
* Controller for the Device page.
|
||||
*/
|
||||
@Controller
|
||||
@RequestMapping("/devices")
|
||||
@RestController
|
||||
@RequestMapping(path = "/devices")
|
||||
public class DevicesPageController extends PageController<NoPageParams> {
|
||||
|
||||
private final DeviceManager deviceManager;
|
||||
@Autowired
|
||||
private final DeviceService deviceService;
|
||||
// this may be what I need to do for all of them
|
||||
@Autowired
|
||||
private final DBManager<Certificate> certificateDBManager;
|
||||
private static final Logger LOGGER = getLogger(DevicesPageController.class);
|
||||
|
||||
/**
|
||||
* Constructor providing the Page's display and routing specification.
|
||||
* @param deviceManager the device manager
|
||||
* @param deviceService the device manager
|
||||
* @param certificateDBManager the certificate DB manager
|
||||
*/
|
||||
@Autowired
|
||||
public DevicesPageController(
|
||||
final DeviceManager deviceManager,
|
||||
final DeviceService deviceService,
|
||||
final DBManager<Certificate> certificateDBManager) {
|
||||
super(DEVICES);
|
||||
this.deviceManager = deviceManager;
|
||||
this.deviceService = deviceService;
|
||||
this.certificateDBManager = certificateDBManager;
|
||||
}
|
||||
|
||||
@ -76,6 +80,7 @@ public class DevicesPageController extends PageController<NoPageParams> {
|
||||
* @return the data tables response, including the result set and paging information
|
||||
*/
|
||||
@ResponseBody
|
||||
@GetMapping
|
||||
@RequestMapping(value = "list", produces = MediaType.APPLICATION_JSON_VALUE,
|
||||
method = RequestMethod.GET)
|
||||
public DataTableResponse<HashMap<String, Object>> getTableData(
|
||||
@ -86,7 +91,7 @@ public class DevicesPageController extends PageController<NoPageParams> {
|
||||
// get all the devices
|
||||
FilteredRecordsList<Device> deviceList =
|
||||
OrderedListQueryDataTableAdapter.getOrderedList(Device.class,
|
||||
deviceManager, input, orderColumnName);
|
||||
deviceService, input, orderColumnName);
|
||||
|
||||
FilteredRecordsList<HashMap<String, Object>> record
|
||||
= retrieveDevicesAndAssociatedCertificates(deviceList);
|
||||
|
@ -1,24 +1,26 @@
|
||||
package hirs.attestationca.portal.page.controllers;
|
||||
|
||||
import static hirs.attestationca.portal.page.Page.HELP;
|
||||
import hirs.attestationca.portal.page.PageController;
|
||||
import hirs.attestationca.portal.page.params.NoPageParams;
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import static org.apache.logging.log4j.LogManager.getLogger;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
|
||||
import static hirs.attestationca.portal.page.Page.HELP;
|
||||
import static org.apache.logging.log4j.LogManager.getLogger;
|
||||
|
||||
/**
|
||||
* Controller for the Help page.
|
||||
*/
|
||||
@Controller
|
||||
@RequestMapping("/help")
|
||||
@RestController
|
||||
@RequestMapping(path = "/help")
|
||||
public class HelpController extends PageController<NoPageParams> {
|
||||
|
||||
@Autowired
|
||||
|
@ -6,17 +6,18 @@ import hirs.attestationca.portal.model.PolicyPageModel;
|
||||
import hirs.attestationca.portal.page.PageController;
|
||||
import hirs.attestationca.portal.page.PageMessages;
|
||||
import hirs.attestationca.portal.page.params.NoPageParams;
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.persist.AppraiserManager;
|
||||
import hirs.persist.PolicyManager;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
import hirs.persist.PolicyManagerException;
|
||||
import hirs.persist.service.AppraiserService;
|
||||
import hirs.persist.service.PolicyService;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.ModelAttribute;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
|
||||
import org.springframework.web.servlet.view.RedirectView;
|
||||
@ -31,8 +32,8 @@ import static org.apache.logging.log4j.LogManager.getLogger;
|
||||
/**
|
||||
* Controller for the Policy page.
|
||||
*/
|
||||
@Controller
|
||||
@RequestMapping("/policy")
|
||||
@RestController
|
||||
@RequestMapping(path = "/policy")
|
||||
public class PolicyPageController extends PageController<NoPageParams> {
|
||||
|
||||
private static final Logger LOGGER = getLogger(PolicyPageController.class);
|
||||
@ -45,8 +46,10 @@ public class PolicyPageController extends PageController<NoPageParams> {
|
||||
|
||||
private static final String ENABLED_EXPIRES_PARAMETER_VALUE = "expires";
|
||||
|
||||
private PolicyManager policyManager;
|
||||
private AppraiserManager appraiserManager;
|
||||
@Autowired
|
||||
private PolicyService policyService;
|
||||
@Autowired
|
||||
private AppraiserService appraiserService;
|
||||
|
||||
/**
|
||||
* Model attribute name used by initPage for the initial data passed to the
|
||||
@ -63,15 +66,15 @@ public class PolicyPageController extends PageController<NoPageParams> {
|
||||
/**
|
||||
* Constructor.
|
||||
*
|
||||
* @param policyManager the policy manager
|
||||
* @param appraiserManager the appraiser manager
|
||||
* @param policyService the policy service
|
||||
* @param appraiserService the appraiser service
|
||||
*/
|
||||
@Autowired
|
||||
public PolicyPageController(final PolicyManager policyManager,
|
||||
final AppraiserManager appraiserManager) {
|
||||
public PolicyPageController(final PolicyService policyService,
|
||||
final AppraiserService appraiserService) {
|
||||
super(POLICY);
|
||||
this.policyManager = policyManager;
|
||||
this.appraiserManager = appraiserManager;
|
||||
this.policyService = policyService;
|
||||
this.appraiserService = appraiserService;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -108,6 +111,7 @@ public class PolicyPageController extends PageController<NoPageParams> {
|
||||
* @return View containing the url and parameters
|
||||
* @throws URISyntaxException if malformed URI
|
||||
*/
|
||||
@GetMapping
|
||||
@RequestMapping(value = "update-pc-validation", method = RequestMethod.POST)
|
||||
public RedirectView updatePcVal(@ModelAttribute final PolicyPageModel ppModel,
|
||||
final RedirectAttributes attr) throws URISyntaxException {
|
||||
@ -159,6 +163,7 @@ public class PolicyPageController extends PageController<NoPageParams> {
|
||||
* @return View containing the url and parameters
|
||||
* @throws URISyntaxException if malformed URI
|
||||
*/
|
||||
@GetMapping
|
||||
@RequestMapping(value = "update-pc-attribute-validation", method = RequestMethod.POST)
|
||||
public RedirectView updatePcAttributeVal(@ModelAttribute final PolicyPageModel ppModel,
|
||||
final RedirectAttributes attr)
|
||||
@ -928,9 +933,9 @@ public class PolicyPageController extends PageController<NoPageParams> {
|
||||
* @return The default Supply Chain Policy
|
||||
*/
|
||||
private SupplyChainPolicy getDefaultPolicy() {
|
||||
final Appraiser supplyChainAppraiser = appraiserManager.getAppraiser(
|
||||
final Appraiser supplyChainAppraiser = appraiserService.getAppraiser(
|
||||
SupplyChainAppraiser.NAME);
|
||||
return (SupplyChainPolicy) policyManager.getDefaultPolicy(
|
||||
return (SupplyChainPolicy) policyService.getDefaultPolicy(
|
||||
supplyChainAppraiser);
|
||||
}
|
||||
|
||||
@ -952,13 +957,12 @@ public class PolicyPageController extends PageController<NoPageParams> {
|
||||
return policy;
|
||||
}
|
||||
|
||||
private void savePolicyAndApplySuccessMessage(final PolicyPageModel ppModel,
|
||||
final Map<String, Object> model,
|
||||
final PageMessages messages,
|
||||
final String successMessage,
|
||||
private void savePolicyAndApplySuccessMessage(
|
||||
final PolicyPageModel ppModel, final Map<String, Object> model,
|
||||
final PageMessages messages, final String successMessage,
|
||||
final SupplyChainPolicy policy) {
|
||||
// save the policy to the DB
|
||||
policyManager.updatePolicy(policy);
|
||||
policyService.updatePolicy(policy, policy.getId());
|
||||
|
||||
// Log and set the success message
|
||||
messages.addSuccess(successMessage);
|
||||
|
@ -4,7 +4,7 @@ import hirs.attestationca.portal.page.Page;
|
||||
import hirs.attestationca.portal.page.PageController;
|
||||
import hirs.attestationca.portal.page.PageMessages;
|
||||
import hirs.attestationca.portal.page.params.ReferenceManifestDetailsPageParams;
|
||||
import hirs.attestationca.service.SupplyChainValidationServiceImpl;
|
||||
import hirs.attestationca.validation.SupplyChainValidationServiceImpl;
|
||||
import hirs.data.persist.BaseReferenceManifest;
|
||||
import hirs.data.persist.EventLogMeasurements;
|
||||
import hirs.data.persist.ReferenceDigestValue;
|
||||
@ -12,11 +12,10 @@ import hirs.data.persist.ReferenceManifest;
|
||||
import hirs.data.persist.SupportReferenceManifest;
|
||||
import hirs.data.persist.SwidResource;
|
||||
import hirs.data.persist.certificate.CertificateAuthorityCredential;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.ReferenceDigestManager;
|
||||
import hirs.persist.ReferenceEventManager;
|
||||
import hirs.persist.ReferenceManifestManager;
|
||||
import hirs.persist.service.CertificateService;
|
||||
import hirs.persist.service.ReferenceDigestValueService;
|
||||
import hirs.persist.service.ReferenceManifestService;
|
||||
import hirs.tpm.eventlog.TCGEventLog;
|
||||
import hirs.tpm.eventlog.TpmPcrEvent;
|
||||
import hirs.utils.ReferenceManifestValidator;
|
||||
@ -25,9 +24,9 @@ import hirs.validation.SupplyChainValidatorException;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
import java.io.IOException;
|
||||
@ -47,15 +46,17 @@ import java.util.UUID;
|
||||
/**
|
||||
* Controller for the Reference Manifest Details page.
|
||||
*/
|
||||
@Controller
|
||||
@RequestMapping("/rim-details")
|
||||
@RestController
|
||||
@RequestMapping(path = "/rim-details")
|
||||
public class ReferenceManifestDetailsPageController
|
||||
extends PageController<ReferenceManifestDetailsPageParams> {
|
||||
|
||||
private final ReferenceManifestManager referenceManifestManager;
|
||||
private final ReferenceDigestManager referenceDigestManager;
|
||||
private final ReferenceEventManager referenceEventManager;
|
||||
private final CertificateManager certificateManager;
|
||||
@Autowired
|
||||
private final ReferenceManifestService referenceManifestService;
|
||||
@Autowired
|
||||
private final ReferenceDigestValueService referenceDigestValueService;
|
||||
@Autowired
|
||||
private final CertificateService certificateService;
|
||||
private static final ReferenceManifestValidator RIM_VALIDATOR
|
||||
= new ReferenceManifestValidator();
|
||||
private static final Logger LOGGER
|
||||
@ -64,22 +65,19 @@ public class ReferenceManifestDetailsPageController
|
||||
/**
|
||||
* Constructor providing the Page's display and routing specification.
|
||||
*
|
||||
* @param referenceManifestManager the reference manifest manager.
|
||||
* @param referenceDigestManager the reference digest manager.
|
||||
* @param referenceEventManager the reference event manager.
|
||||
* @param certificateManager the certificate manager.
|
||||
* @param referenceManifestService the reference manifest service.
|
||||
* @param referenceDigestValueService the reference event service.
|
||||
* @param certificateService the certificate service.
|
||||
*/
|
||||
@Autowired
|
||||
public ReferenceManifestDetailsPageController(
|
||||
final ReferenceManifestManager referenceManifestManager,
|
||||
final ReferenceDigestManager referenceDigestManager,
|
||||
final ReferenceEventManager referenceEventManager,
|
||||
final CertificateManager certificateManager) {
|
||||
final ReferenceManifestService referenceManifestService,
|
||||
final ReferenceDigestValueService referenceDigestValueService,
|
||||
final CertificateService certificateService) {
|
||||
super(Page.RIM_DETAILS);
|
||||
this.referenceManifestManager = referenceManifestManager;
|
||||
this.referenceDigestManager = referenceDigestManager;
|
||||
this.referenceEventManager = referenceEventManager;
|
||||
this.certificateManager = certificateManager;
|
||||
this.referenceManifestService = referenceManifestService;
|
||||
this.referenceDigestValueService = referenceDigestValueService;
|
||||
this.certificateService = certificateService;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -109,8 +107,8 @@ public class ReferenceManifestDetailsPageController
|
||||
} else {
|
||||
try {
|
||||
UUID uuid = UUID.fromString(params.getId());
|
||||
data.putAll(getRimDetailInfo(uuid, referenceManifestManager,
|
||||
referenceDigestManager, referenceEventManager, certificateManager));
|
||||
data.putAll(getRimDetailInfo(uuid, referenceManifestService,
|
||||
referenceDigestValueService, certificateService));
|
||||
} catch (IllegalArgumentException iaEx) {
|
||||
String uuidError = "Failed to parse ID from: " + params.getId();
|
||||
messages.addError(uuidError);
|
||||
@ -137,44 +135,42 @@ public class ReferenceManifestDetailsPageController
|
||||
* Gathers all information and returns it for displays.
|
||||
*
|
||||
* @param uuid database reference for the requested RIM.
|
||||
* @param referenceManifestManager the reference manifest manager.
|
||||
* @param referenceDigestManager the reference digest manager.
|
||||
* @param referenceEventManager the reference event manager.
|
||||
* @param certificateManager the certificate manager.
|
||||
* @param referenceManifestService the reference manifest service.
|
||||
* @param referenceDigestValueService the reference digest value service.
|
||||
* @param certificateService the certificate service.
|
||||
* @return mapping of the RIM information from the database.
|
||||
* @throws java.io.IOException error for reading file bytes.
|
||||
* @throws NoSuchAlgorithmException If an unknown Algorithm is encountered.
|
||||
* @throws CertificateException if a certificate doesn't parse.
|
||||
*/
|
||||
public static HashMap<String, Object> getRimDetailInfo(final UUID uuid,
|
||||
final ReferenceManifestManager referenceManifestManager,
|
||||
final ReferenceDigestManager referenceDigestManager,
|
||||
final ReferenceEventManager referenceEventManager,
|
||||
final CertificateManager certificateManager)
|
||||
final ReferenceManifestService referenceManifestService,
|
||||
final ReferenceDigestValueService referenceDigestValueService,
|
||||
final CertificateService certificateService)
|
||||
throws IOException,
|
||||
CertificateException, NoSuchAlgorithmException {
|
||||
HashMap<String, Object> data = new HashMap<>();
|
||||
|
||||
BaseReferenceManifest bRim = BaseReferenceManifest.select(referenceManifestManager)
|
||||
BaseReferenceManifest bRim = BaseReferenceManifest.select(referenceManifestService)
|
||||
.byEntityId(uuid).getRIM();
|
||||
|
||||
if (bRim != null) {
|
||||
data.putAll(getBaseRimInfo(bRim, referenceManifestManager, certificateManager));
|
||||
data.putAll(getBaseRimInfo(bRim, referenceManifestService, certificateService));
|
||||
}
|
||||
|
||||
SupportReferenceManifest sRim = SupportReferenceManifest.select(referenceManifestManager)
|
||||
SupportReferenceManifest sRim = SupportReferenceManifest.select(referenceManifestService)
|
||||
.byEntityId(uuid).getRIM();
|
||||
|
||||
if (sRim != null) {
|
||||
data.putAll(getSupportRimInfo(sRim, referenceManifestManager));
|
||||
data.putAll(getSupportRimInfo(sRim, referenceManifestService));
|
||||
}
|
||||
|
||||
EventLogMeasurements bios = EventLogMeasurements.select(referenceManifestManager)
|
||||
EventLogMeasurements bios = EventLogMeasurements.select(referenceManifestService)
|
||||
.byEntityId(uuid).getRIM();
|
||||
|
||||
if (bios != null) {
|
||||
data.putAll(getMeasurementsRimInfo(bios, referenceManifestManager,
|
||||
referenceDigestManager, referenceEventManager));
|
||||
data.putAll(getMeasurementsRimInfo(bios, referenceManifestService,
|
||||
referenceDigestValueService));
|
||||
}
|
||||
|
||||
return data;
|
||||
@ -185,8 +181,8 @@ public class ReferenceManifestDetailsPageController
|
||||
* Gathers all information and returns it for displays.
|
||||
*
|
||||
* @param baseRim established ReferenceManifest Type.
|
||||
* @param referenceManifestManager the reference manifest manager.
|
||||
* @param certificateManager the certificate manager.
|
||||
* @param referenceManifestService the reference manifest service.
|
||||
* @param certificateService the certificate service.
|
||||
* @return mapping of the RIM information from the database.
|
||||
* @throws java.io.IOException error for reading file bytes.
|
||||
* @throws NoSuchAlgorithmException If an unknown Algorithm is encountered.
|
||||
@ -194,8 +190,8 @@ public class ReferenceManifestDetailsPageController
|
||||
*/
|
||||
private static HashMap<String, Object> getBaseRimInfo(
|
||||
final BaseReferenceManifest baseRim,
|
||||
final ReferenceManifestManager referenceManifestManager,
|
||||
final CertificateManager certificateManager)
|
||||
final ReferenceManifestService referenceManifestService,
|
||||
final CertificateService certificateService)
|
||||
throws IOException, CertificateException, NoSuchAlgorithmException {
|
||||
HashMap<String, Object> data = new HashMap<>();
|
||||
|
||||
@ -228,7 +224,7 @@ public class ReferenceManifestDetailsPageController
|
||||
data.put("linkHref", baseRim.getLinkHref());
|
||||
data.put("linkHrefLink", "");
|
||||
for (BaseReferenceManifest bRim : BaseReferenceManifest
|
||||
.select(referenceManifestManager).getRIMs()) {
|
||||
.select(referenceManifestService).getRIMs()) {
|
||||
if (baseRim.getLinkHref().contains(bRim.getTagId())) {
|
||||
data.put("linkHrefLink", bRim.getId());
|
||||
}
|
||||
@ -249,7 +245,7 @@ public class ReferenceManifestDetailsPageController
|
||||
data.put("pcUriLocal", baseRim.getPcURILocal());
|
||||
data.put("rimLinkHash", baseRim.getRimLinkHash());
|
||||
if (baseRim.getRimLinkHash() != null) {
|
||||
ReferenceManifest rim = BaseReferenceManifest.select(referenceManifestManager)
|
||||
ReferenceManifest rim = BaseReferenceManifest.select(referenceManifestService)
|
||||
.byHexDecHash(baseRim.getRimLinkHash()).getRIM();
|
||||
if (rim != null) {
|
||||
data.put("rimLinkId", rim.getId());
|
||||
@ -265,14 +261,14 @@ public class ReferenceManifestDetailsPageController
|
||||
SupportReferenceManifest support = null;
|
||||
|
||||
if (baseRim.getAssociatedRim() == null) {
|
||||
support = SupportReferenceManifest.select(referenceManifestManager)
|
||||
support = SupportReferenceManifest.select(referenceManifestService)
|
||||
.byManufacturer(baseRim.getPlatformManufacturer())
|
||||
.getRIM();
|
||||
if (support != null) {
|
||||
baseRim.setAssociatedRim(support.getId());
|
||||
}
|
||||
} else {
|
||||
support = SupportReferenceManifest.select(referenceManifestManager)
|
||||
support = SupportReferenceManifest.select(referenceManifestService)
|
||||
.byEntityId(baseRim.getAssociatedRim()).getRIM();
|
||||
}
|
||||
// going to have to pull the filename and grab that from the DB
|
||||
@ -300,13 +296,13 @@ public class ReferenceManifestDetailsPageController
|
||||
}
|
||||
|
||||
Set<CertificateAuthorityCredential> certificates =
|
||||
CertificateAuthorityCredential.select(certificateManager)
|
||||
CertificateAuthorityCredential.select(certificateService)
|
||||
.getCertificates();
|
||||
//Report invalid signature unless RIM_VALIDATOR validates it and cert path is valid
|
||||
data.put("signatureValid", false);
|
||||
for (CertificateAuthorityCredential cert : certificates) {
|
||||
SupplyChainValidationServiceImpl scvsImpl =
|
||||
new SupplyChainValidationServiceImpl(certificateManager);
|
||||
new SupplyChainValidationServiceImpl(certificateService);
|
||||
KeyStore keystore = scvsImpl.getCaChain(cert);
|
||||
if (RIM_VALIDATOR.validateXmlSignature(cert)) {
|
||||
try {
|
||||
@ -339,7 +335,7 @@ public class ReferenceManifestDetailsPageController
|
||||
* Gathers all information and returns it for displays.
|
||||
*
|
||||
* @param support established ReferenceManifest Type.
|
||||
* @param referenceManifestManager the reference manifest manager.
|
||||
* @param referenceManifestService the reference manifest service.
|
||||
* @return mapping of the RIM information from the database.
|
||||
* @throws java.io.IOException error for reading file bytes.
|
||||
* @throws NoSuchAlgorithmException If an unknown Algorithm is encountered.
|
||||
@ -347,21 +343,21 @@ public class ReferenceManifestDetailsPageController
|
||||
*/
|
||||
private static HashMap<String, Object> getSupportRimInfo(
|
||||
final SupportReferenceManifest support,
|
||||
final ReferenceManifestManager referenceManifestManager)
|
||||
final ReferenceManifestService referenceManifestService)
|
||||
throws IOException, CertificateException, NoSuchAlgorithmException {
|
||||
HashMap<String, Object> data = new HashMap<>();
|
||||
EventLogMeasurements measurements = null;
|
||||
|
||||
if (support.getAssociatedRim() == null) {
|
||||
Set<BaseReferenceManifest> baseRims = BaseReferenceManifest
|
||||
.select(referenceManifestManager)
|
||||
.select(referenceManifestService)
|
||||
.byRimType(ReferenceManifest.BASE_RIM).getRIMs();
|
||||
for (BaseReferenceManifest baseRim : baseRims) {
|
||||
if (baseRim != null && baseRim.getAssociatedRim() != null
|
||||
&& baseRim.getAssociatedRim().equals(support.getId())) {
|
||||
support.setAssociatedRim(baseRim.getId());
|
||||
try {
|
||||
referenceManifestManager.update(support);
|
||||
referenceManifestService.updateReferenceManifest(support);
|
||||
} catch (DBManagerException ex) {
|
||||
LOGGER.error("Failed to update Support RIM", ex);
|
||||
}
|
||||
@ -373,7 +369,7 @@ public class ReferenceManifestDetailsPageController
|
||||
// testing this independent of the above if statement because the above
|
||||
// starts off checking if associated rim is null; that is irrelevant for
|
||||
// this statement.
|
||||
measurements = EventLogMeasurements.select(referenceManifestManager)
|
||||
measurements = EventLogMeasurements.select(referenceManifestService)
|
||||
.byHexDecHash(support.getHexDecHash()).getRIM();
|
||||
|
||||
if (support.isSwidPatch()) {
|
||||
@ -499,9 +495,8 @@ public class ReferenceManifestDetailsPageController
|
||||
* Gathers all information and returns it for displays.
|
||||
*
|
||||
* @param measurements established ReferenceManifest Type.
|
||||
* @param referenceManifestManager the reference manifest manager.
|
||||
* @param referenceDigestManager the reference digest manager.
|
||||
* @param referenceEventManager the reference event manager.
|
||||
* @param referenceManifestService the reference manifest service.
|
||||
* @param referenceDigestValueService the reference digest value service.
|
||||
* @return mapping of the RIM information from the database.
|
||||
* @throws java.io.IOException error for reading file bytes.
|
||||
* @throws NoSuchAlgorithmException If an unknown Algorithm is encountered.
|
||||
@ -509,9 +504,8 @@ public class ReferenceManifestDetailsPageController
|
||||
*/
|
||||
private static HashMap<String, Object> getMeasurementsRimInfo(
|
||||
final EventLogMeasurements measurements,
|
||||
final ReferenceManifestManager referenceManifestManager,
|
||||
final ReferenceDigestManager referenceDigestManager,
|
||||
final ReferenceEventManager referenceEventManager)
|
||||
final ReferenceManifestService referenceManifestService,
|
||||
final ReferenceDigestValueService referenceDigestValueService)
|
||||
throws IOException, CertificateException, NoSuchAlgorithmException {
|
||||
HashMap<String, Object> data = new HashMap<>();
|
||||
LinkedList<TpmPcrEvent> livelogEvents = new LinkedList<>();
|
||||
@ -530,7 +524,7 @@ public class ReferenceManifestDetailsPageController
|
||||
List<ReferenceDigestValue> eventValues = new ArrayList<>();
|
||||
if (measurements.getDeviceName() != null) {
|
||||
supports.addAll(SupportReferenceManifest
|
||||
.select(referenceManifestManager)
|
||||
.select(referenceManifestService)
|
||||
.byDeviceName(measurements
|
||||
.getDeviceName()).getRIMs());
|
||||
for (SupportReferenceManifest support : supports) {
|
||||
@ -544,16 +538,18 @@ public class ReferenceManifestDetailsPageController
|
||||
data.put("supportId", baseSupport.getId());
|
||||
|
||||
base = BaseReferenceManifest
|
||||
.select(referenceManifestManager)
|
||||
.select(referenceManifestService)
|
||||
.byEntityId(baseSupport.getAssociatedRim())
|
||||
.getRIM();
|
||||
data.put("tagId", baseSupport.getTagId());
|
||||
|
||||
if (base != null) {
|
||||
data.put("associatedRim", base.getId());
|
||||
// this was moved from outside of the null check
|
||||
// for a reason I believe
|
||||
eventValues.addAll(referenceDigestValueService
|
||||
.getValuesByBaseRimId(base.getId()));
|
||||
}
|
||||
|
||||
eventValues.addAll(referenceEventManager.getValuesByRimId(base));
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -19,7 +19,7 @@ import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.ReferenceEventManager;
|
||||
import hirs.persist.ReferenceManifestManager;
|
||||
import hirs.persist.service.ReferenceManifestService;
|
||||
import hirs.tpm.eventlog.TCGEventLog;
|
||||
import hirs.tpm.eventlog.TpmPcrEvent;
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
@ -30,13 +30,14 @@ import org.hibernate.Criteria;
|
||||
import org.hibernate.criterion.Restrictions;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.util.StreamUtils;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.multipart.MultipartFile;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
|
||||
@ -66,8 +67,8 @@ import java.util.zip.ZipOutputStream;
|
||||
/**
|
||||
* Controller for the Reference Manifest page.
|
||||
*/
|
||||
@Controller
|
||||
@RequestMapping("/reference-manifests")
|
||||
@RestController
|
||||
@RequestMapping(path = "/reference-manifests")
|
||||
public class ReferenceManifestPageController
|
||||
extends PageController<NoPageParams> {
|
||||
|
||||
@ -75,7 +76,9 @@ public class ReferenceManifestPageController
|
||||
private static final String LOG_FILE_PATTERN = "([^\\s]+(\\.(?i)(rimpcr|rimel|bin|log))$)";
|
||||
|
||||
private final BiosDateValidator biosValidator;
|
||||
private final ReferenceManifestManager referenceManifestManager;
|
||||
@Autowired
|
||||
private final ReferenceManifestService referenceManifestService;
|
||||
@Autowired
|
||||
private final ReferenceEventManager referenceEventManager;
|
||||
private static final Logger LOGGER
|
||||
= LogManager.getLogger(ReferenceManifestPageController.class);
|
||||
@ -125,15 +128,15 @@ public class ReferenceManifestPageController
|
||||
/**
|
||||
* Constructor providing the Page's display and routing specification.
|
||||
*
|
||||
* @param referenceManifestManager the reference manifest manager
|
||||
* @param referenceManifestService the reference manifest service
|
||||
* @param referenceEventManager this is the reference event manager
|
||||
*/
|
||||
@Autowired
|
||||
public ReferenceManifestPageController(
|
||||
final ReferenceManifestManager referenceManifestManager,
|
||||
final ReferenceManifestService referenceManifestService,
|
||||
final ReferenceEventManager referenceEventManager) {
|
||||
super(Page.REFERENCE_MANIFESTS);
|
||||
this.referenceManifestManager = referenceManifestManager;
|
||||
this.referenceManifestService = referenceManifestService;
|
||||
this.referenceEventManager = referenceEventManager;
|
||||
this.biosValidator = new BiosDateValidator(BIOS_RELEASE_DATE_FORMAT);
|
||||
}
|
||||
@ -161,6 +164,7 @@ public class ReferenceManifestPageController
|
||||
* information
|
||||
*/
|
||||
@ResponseBody
|
||||
@GetMapping
|
||||
@RequestMapping(value = "/list",
|
||||
produces = MediaType.APPLICATION_JSON_VALUE,
|
||||
method = RequestMethod.GET)
|
||||
@ -181,7 +185,7 @@ public class ReferenceManifestPageController
|
||||
FilteredRecordsList<ReferenceManifest> records
|
||||
= OrderedListQueryDataTableAdapter.getOrderedList(
|
||||
ReferenceManifest.class,
|
||||
referenceManifestManager,
|
||||
referenceManifestService,
|
||||
input, orderColumnName, criteriaModifier);
|
||||
|
||||
LOGGER.debug("Returning list of size: " + records.size());
|
||||
@ -242,7 +246,7 @@ public class ReferenceManifestPageController
|
||||
// Make sure we are getting the db version of the file
|
||||
updatedSupportRims.put(support.getHexDecHash(),
|
||||
SupportReferenceManifest
|
||||
.select(referenceManifestManager)
|
||||
.select(referenceManifestService)
|
||||
.byHexDecHash(support.getHexDecHash())
|
||||
.getRIM());
|
||||
}
|
||||
@ -285,7 +289,7 @@ public class ReferenceManifestPageController
|
||||
LOGGER.warn(notFoundMessage);
|
||||
} else {
|
||||
referenceManifest.archive();
|
||||
referenceManifestManager.update(referenceManifest);
|
||||
referenceManifestService.updateReferenceManifest(referenceManifest);
|
||||
|
||||
String deleteCompletedMessage = "RIM successfully deleted";
|
||||
messages.addInfo(deleteCompletedMessage);
|
||||
@ -378,9 +382,9 @@ public class ReferenceManifestPageController
|
||||
|
||||
List<ReferenceManifest> referenceManifestList = new LinkedList<>();
|
||||
referenceManifestList.addAll(BaseReferenceManifest
|
||||
.select(referenceManifestManager).getRIMs());
|
||||
.select(referenceManifestService).getRIMs());
|
||||
referenceManifestList.addAll(SupportReferenceManifest
|
||||
.select(referenceManifestManager).getRIMs());
|
||||
.select(referenceManifestService).getRIMs());
|
||||
|
||||
try (ZipOutputStream zipOut = new ZipOutputStream(response.getOutputStream())) {
|
||||
// get all files
|
||||
@ -419,16 +423,16 @@ public class ReferenceManifestPageController
|
||||
*/
|
||||
private ReferenceManifest getRimFromDb(final String id) throws IllegalArgumentException {
|
||||
UUID uuid = UUID.fromString(id);
|
||||
ReferenceManifest rim = BaseReferenceManifest.select(referenceManifestManager)
|
||||
ReferenceManifest rim = BaseReferenceManifest.select(referenceManifestService)
|
||||
.byEntityId(uuid).getRIM();
|
||||
|
||||
if (rim == null) {
|
||||
rim = SupportReferenceManifest.select(referenceManifestManager)
|
||||
rim = SupportReferenceManifest.select(referenceManifestService)
|
||||
.byEntityId(uuid).getRIM();
|
||||
}
|
||||
|
||||
if (rim == null) {
|
||||
rim = EventLogMeasurements.select(referenceManifestManager)
|
||||
rim = EventLogMeasurements.select(referenceManifestService)
|
||||
.byEntityId(uuid).getRIM();
|
||||
}
|
||||
|
||||
@ -510,7 +514,7 @@ public class ReferenceManifestPageController
|
||||
digest.digest(referenceManifest.getRimBytes()));
|
||||
}
|
||||
existingManifest = SupportReferenceManifest
|
||||
.select(referenceManifestManager)
|
||||
.select(referenceManifestService)
|
||||
.byHexDecHash(rimHash)
|
||||
.includeArchived()
|
||||
.getRIM();
|
||||
@ -520,7 +524,7 @@ public class ReferenceManifestPageController
|
||||
digest.digest(referenceManifest.getRimBytes()));
|
||||
}
|
||||
existingManifest = BaseReferenceManifest
|
||||
.select(referenceManifestManager).byBase64Hash(rimHash)
|
||||
.select(referenceManifestService).byBase64Hash(rimHash)
|
||||
.includeArchived()
|
||||
.getRIM();
|
||||
}
|
||||
@ -534,7 +538,7 @@ public class ReferenceManifestPageController
|
||||
try {
|
||||
// save the new certificate if no match is found
|
||||
if (existingManifest == null) {
|
||||
referenceManifestManager.save(referenceManifest);
|
||||
referenceManifestService.saveRIM(referenceManifest);
|
||||
|
||||
final String successMsg = String.format("RIM successfully uploaded (%s): ",
|
||||
fileName);
|
||||
@ -554,7 +558,7 @@ public class ReferenceManifestPageController
|
||||
if (existingManifest != null && existingManifest.isArchived()) {
|
||||
existingManifest.restore();
|
||||
existingManifest.resetCreateTime();
|
||||
referenceManifestManager.update(existingManifest);
|
||||
referenceManifestService.updateReferenceManifest(existingManifest);
|
||||
|
||||
final String successMsg
|
||||
= String.format("Pre-existing RIM found and unarchived (%s): ", fileName);
|
||||
@ -575,7 +579,7 @@ public class ReferenceManifestPageController
|
||||
HashMap<String, BaseReferenceManifest> tempMap = new HashMap<>();
|
||||
for (BaseReferenceManifest base : uploadedBaseRims) {
|
||||
// this is done to make sure we have the version with the UUID
|
||||
dbBaseRim = BaseReferenceManifest.select(referenceManifestManager)
|
||||
dbBaseRim = BaseReferenceManifest.select(referenceManifestService)
|
||||
.byBase64Hash(base.getBase64Hash()).getRIM();
|
||||
if (dbBaseRim != null) {
|
||||
for (SwidResource swid : dbBaseRim.parseResource()) {
|
||||
@ -594,7 +598,7 @@ public class ReferenceManifestPageController
|
||||
Map<String, SupportReferenceManifest> updatedSupportRims = new HashMap<>();
|
||||
List<String> hashValues = new LinkedList<>(dbBaseRims.keySet());
|
||||
for (String supportHash : hashValues) {
|
||||
supportRim = SupportReferenceManifest.select(referenceManifestManager)
|
||||
supportRim = SupportReferenceManifest.select(referenceManifestService)
|
||||
.byHexDecHash(supportHash).getRIM();
|
||||
// I have to assume the baseRim is from the database
|
||||
// Updating the id values, manufacturer, model
|
||||
@ -606,7 +610,7 @@ public class ReferenceManifestPageController
|
||||
supportRim.setTagId(dbBaseRim.getTagId());
|
||||
supportRim.setAssociatedRim(dbBaseRim.getId());
|
||||
supportRim.setUpdated(true);
|
||||
referenceManifestManager.update(supportRim);
|
||||
referenceManifestService.updateReferenceManifest(supportRim);
|
||||
updatedSupportRims.put(supportHash, supportRim);
|
||||
}
|
||||
}
|
||||
@ -624,7 +628,7 @@ public class ReferenceManifestPageController
|
||||
if (supportRim != null && (supportRim.getId() != null
|
||||
&& !supportRim.getId().toString().equals(""))) {
|
||||
Set<BaseReferenceManifest> baseRims = BaseReferenceManifest
|
||||
.select(referenceManifestManager)
|
||||
.select(referenceManifestService)
|
||||
.byManufacturerModel(supportRim.getPlatformManufacturer(),
|
||||
supportRim.getPlatformModel()).getRIMs();
|
||||
|
||||
|
@ -8,28 +8,26 @@ import hirs.attestationca.portal.datatables.OrderedListQueryDataTableAdapter;
|
||||
import hirs.attestationca.portal.page.Page;
|
||||
import hirs.attestationca.portal.page.PageController;
|
||||
import hirs.attestationca.portal.page.params.NoPageParams;
|
||||
import hirs.attestationca.service.ReferenceDigestValueServiceImpl;
|
||||
import hirs.attestationca.service.ReferenceManifestServiceImpl;
|
||||
import hirs.data.persist.ReferenceDigestValue;
|
||||
import hirs.data.persist.SupportReferenceManifest;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.DBReferenceDigestManager;
|
||||
import hirs.persist.DBReferenceEventManager;
|
||||
import hirs.persist.DBReferenceManifestManager;
|
||||
import hirs.persist.ReferenceDigestManager;
|
||||
import hirs.persist.ReferenceEventManager;
|
||||
import hirs.persist.ReferenceManifestManager;
|
||||
import hirs.persist.service.ReferenceManifestService;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.Criteria;
|
||||
import org.hibernate.criterion.Restrictions;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
import java.text.DateFormat;
|
||||
@ -39,17 +37,16 @@ import java.text.SimpleDateFormat;
|
||||
/**
|
||||
* Controller for the TPM Events page.
|
||||
*/
|
||||
@Controller
|
||||
@RequestMapping("/rim-database")
|
||||
@RestController
|
||||
@RequestMapping(path = "/rim-database")
|
||||
public class RimDatabasePageController
|
||||
extends PageController<NoPageParams> {
|
||||
|
||||
private static final String BIOS_RELEASE_DATE_FORMAT = "yyyy-MM-dd";
|
||||
|
||||
private final BiosDateValidator biosValidator;
|
||||
private final ReferenceManifestManager referenceManifestManager;
|
||||
private final ReferenceDigestManager referenceDigestManager;
|
||||
private final ReferenceEventManager referenceEventManager;
|
||||
private final ReferenceManifestService referenceManifestService;
|
||||
private final ReferenceDigestValueServiceImpl referenceDigestValueService;
|
||||
private static final Logger LOGGER
|
||||
= LogManager.getLogger(RimDatabasePageController.class);
|
||||
|
||||
@ -98,19 +95,16 @@ public class RimDatabasePageController
|
||||
/**
|
||||
* Constructor providing the Page's display and routing specification.
|
||||
*
|
||||
* @param referenceManifestManager the ReferenceManifestManager object
|
||||
* @param referenceDigestManager the ReferenceDigestManager object
|
||||
* @param referenceEventManager the referenceEventManager object
|
||||
* @param referenceManifestService the referenceManifestService object
|
||||
* @param referenceDigestValueService the referenceDigestValueService object
|
||||
*/
|
||||
@Autowired
|
||||
public RimDatabasePageController(
|
||||
final DBReferenceManifestManager referenceManifestManager,
|
||||
final DBReferenceDigestManager referenceDigestManager,
|
||||
final DBReferenceEventManager referenceEventManager) {
|
||||
final ReferenceManifestServiceImpl referenceManifestService,
|
||||
final ReferenceDigestValueServiceImpl referenceDigestValueService) {
|
||||
super(Page.RIM_DATABASE);
|
||||
this.referenceManifestManager = referenceManifestManager;
|
||||
this.referenceDigestManager = referenceDigestManager;
|
||||
this.referenceEventManager = referenceEventManager;
|
||||
this.referenceManifestService = referenceManifestService;
|
||||
this.referenceDigestValueService = referenceDigestValueService;
|
||||
this.biosValidator = new BiosDateValidator(BIOS_RELEASE_DATE_FORMAT);
|
||||
}
|
||||
|
||||
@ -137,6 +131,7 @@ public class RimDatabasePageController
|
||||
* information
|
||||
*/
|
||||
@ResponseBody
|
||||
@GetMapping
|
||||
@RequestMapping(value = "/list",
|
||||
produces = MediaType.APPLICATION_JSON_VALUE,
|
||||
method = RequestMethod.GET)
|
||||
@ -160,19 +155,19 @@ public class RimDatabasePageController
|
||||
FilteredRecordsList<ReferenceDigestValue> referenceDigestValues =
|
||||
OrderedListQueryDataTableAdapter.getOrderedList(
|
||||
ReferenceDigestValue.class,
|
||||
referenceEventManager,
|
||||
referenceDigestValueService,
|
||||
input, orderColumnName, criteriaModifier);
|
||||
|
||||
SupportReferenceManifest support;
|
||||
for (ReferenceDigestValue rdv : referenceDigestValues) {
|
||||
// We are updating the base rim ID field if necessary and
|
||||
if (rdv.getBaseRimId() == null) {
|
||||
support = SupportReferenceManifest.select(referenceManifestManager)
|
||||
support = SupportReferenceManifest.select(referenceManifestService)
|
||||
.byEntityId(rdv.getSupportRimId()).getRIM();
|
||||
if (support != null) {
|
||||
rdv.setBaseRimId(support.getAssociatedRim());
|
||||
try {
|
||||
referenceEventManager.updateEvent(rdv);
|
||||
referenceDigestValueService.updateDigestValue(rdv, rdv.getId());
|
||||
} catch (DBManagerException e) {
|
||||
LOGGER.error("Failed to update TPM Event with Base RIM ID");
|
||||
LOGGER.error(rdv);
|
||||
|
@ -13,20 +13,21 @@ import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.data.persist.certificate.attributes.ComponentIdentifier;
|
||||
import hirs.data.persist.certificate.attributes.V2.ComponentIdentifierV2;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.CrudManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.persist.service.CertificateService;
|
||||
import hirs.persist.service.DeviceService;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.Criteria;
|
||||
import org.hibernate.criterion.Restrictions;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
@ -52,13 +53,16 @@ import static org.apache.logging.log4j.LogManager.getLogger;
|
||||
/**
|
||||
* Controller for the Validation Reports page.
|
||||
*/
|
||||
@Controller
|
||||
@RequestMapping("/validation-reports")
|
||||
@RestController
|
||||
@RequestMapping(path = "/validation-reports")
|
||||
public class ValidationReportsPageController extends PageController<NoPageParams> {
|
||||
|
||||
@Autowired
|
||||
private final CrudManager<SupplyChainValidationSummary> supplyChainValidatorSummaryManager;
|
||||
private final CertificateManager certificateManager;
|
||||
private final DeviceManager deviceManager;
|
||||
@Autowired
|
||||
private final CertificateService certificateService;
|
||||
@Autowired
|
||||
private final DeviceService deviceService;
|
||||
|
||||
private static String systemColumnHeaders = "Verified Manufacturer,"
|
||||
+ "Model,SN,Verification Date,Device Status";
|
||||
@ -72,18 +76,18 @@ public class ValidationReportsPageController extends PageController<NoPageParams
|
||||
/**
|
||||
* Constructor providing the Page's display and routing specification.
|
||||
* @param supplyChainValidatorSummaryManager the manager
|
||||
* @param certificateManager the certificate manager
|
||||
* @param deviceManager the device manager
|
||||
* @param certificateService the certificate service
|
||||
* @param deviceService the device service
|
||||
*/
|
||||
@Autowired
|
||||
public ValidationReportsPageController(
|
||||
final CrudManager<SupplyChainValidationSummary> supplyChainValidatorSummaryManager,
|
||||
final CertificateManager certificateManager,
|
||||
final DeviceManager deviceManager) {
|
||||
final CertificateService certificateService,
|
||||
final DeviceService deviceService) {
|
||||
super(VALIDATION_REPORTS);
|
||||
this.supplyChainValidatorSummaryManager = supplyChainValidatorSummaryManager;
|
||||
this.certificateManager = certificateManager;
|
||||
this.deviceManager = deviceManager;
|
||||
this.certificateService = certificateService;
|
||||
this.deviceService = deviceService;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -105,6 +109,7 @@ public class ValidationReportsPageController extends PageController<NoPageParams
|
||||
* @return the data table response containing the supply chain summary records
|
||||
*/
|
||||
@ResponseBody
|
||||
@GetMapping
|
||||
@RequestMapping(value = "list", produces = MediaType.APPLICATION_JSON_VALUE,
|
||||
method = RequestMethod.GET)
|
||||
public DataTableResponse<SupplyChainValidationSummary> getTableData(
|
||||
@ -260,8 +265,8 @@ public class ValidationReportsPageController extends PageController<NoPageParams
|
||||
if ((createTimes.get(i).isAfter(startDate) || createTimes.get(i).isEqual(startDate))
|
||||
&& (createTimes.get(i).isBefore(endDate)
|
||||
|| createTimes.get(i).isEqual(endDate))) {
|
||||
UUID deviceId = deviceManager.getDevice(deviceNames[i]).getId();
|
||||
PlatformCredential pc = PlatformCredential.select(certificateManager)
|
||||
UUID deviceId = deviceService.getByName(deviceNames[i]).getId();
|
||||
PlatformCredential pc = PlatformCredential.select(certificateService)
|
||||
.byDeviceId(deviceId).getCertificate();
|
||||
if (jsonVersion) {
|
||||
jsonReportData.add(assembleJsonContent(pc, parseComponents(pc),
|
||||
@ -376,7 +381,7 @@ public class ValidationReportsPageController extends PageController<NoPageParams
|
||||
componentFailureString.append(pc.getComponentFailures());
|
||||
// get all the certificates associated with the platform serial
|
||||
List<PlatformCredential> chainCertificates = PlatformCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.byBoardSerialNumber(pc.getPlatformSerial())
|
||||
.getCertificates().stream().collect(Collectors.toList());
|
||||
// combine all components in each certificate
|
||||
|
@ -1,125 +0,0 @@
|
||||
package hirs.attestationca.portal.persistence;
|
||||
|
||||
import hirs.data.persist.SupplyChainValidationSummary;
|
||||
import hirs.persist.AppraiserManager;
|
||||
import hirs.persist.CrudManager;
|
||||
import hirs.persist.DBAppraiserManager;
|
||||
import hirs.persist.DBCertificateManager;
|
||||
import hirs.persist.DBDeviceGroupManager;
|
||||
import hirs.persist.DBDeviceManager;
|
||||
import hirs.persist.DBManager;
|
||||
import hirs.persist.DBPolicyManager;
|
||||
import hirs.persist.DBReferenceDigestManager;
|
||||
import hirs.persist.DBReferenceEventManager;
|
||||
import hirs.persist.DBReferenceManifestManager;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.persist.HibernateConfiguration;
|
||||
import hirs.persist.PolicyManager;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.orm.hibernate4.LocalSessionFactoryBean;
|
||||
|
||||
/**
|
||||
* Spring configuration class for persistence beans used by the Attestation CA Portal.
|
||||
*/
|
||||
@Configuration
|
||||
@Import({ HibernateConfiguration.class })
|
||||
public class PersistenceConfiguration {
|
||||
|
||||
@Autowired
|
||||
private LocalSessionFactoryBean sessionFactory;
|
||||
|
||||
|
||||
/**
|
||||
* Creates a {@link PolicyManager} ready to use.
|
||||
*
|
||||
* @return {@link PolicyManager}
|
||||
*/
|
||||
@Bean
|
||||
public PolicyManager policyManager() {
|
||||
return new DBPolicyManager(sessionFactory.getObject());
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link DeviceManager} ready to use.
|
||||
*
|
||||
* @return {@link DeviceManager}
|
||||
*/
|
||||
@Bean
|
||||
public DeviceManager deviceManager() {
|
||||
return new DBDeviceManager(sessionFactory.getObject());
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link DBCertificateManager} ready to use.
|
||||
*
|
||||
* @return {@link DBCertificateManager}
|
||||
*/
|
||||
@Bean
|
||||
public DBCertificateManager certificateManager() {
|
||||
return new DBCertificateManager(sessionFactory.getObject());
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link DBReferenceManifestManager} ready to use.
|
||||
*
|
||||
* @return {@link DBReferenceManifestManager}
|
||||
*/
|
||||
@Bean
|
||||
public DBReferenceManifestManager referenceManifestManager() {
|
||||
return new DBReferenceManifestManager(sessionFactory.getObject());
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link DBReferenceDigestManager} ready to use.
|
||||
*
|
||||
* @return {@link DBReferenceDigestManager}
|
||||
*/
|
||||
@Bean
|
||||
public DBReferenceDigestManager referenceDigestManager() {
|
||||
return new DBReferenceDigestManager(sessionFactory.getObject());
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link DBReferenceEventManager} ready to use.
|
||||
*
|
||||
* @return {@link DBReferenceEventManager}
|
||||
*/
|
||||
@Bean
|
||||
public DBReferenceEventManager referenceEventManager() {
|
||||
return new DBReferenceEventManager(sessionFactory.getObject());
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link AppraiserManager} ready to use.
|
||||
*
|
||||
* @return {@link AppraiserManager}
|
||||
*/
|
||||
@Bean
|
||||
public AppraiserManager appraiserManager() {
|
||||
return new DBAppraiserManager(sessionFactory.getObject());
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link DeviceGroupManager} ready to use.
|
||||
*
|
||||
* @return {@link DeviceGroupManager}
|
||||
*/
|
||||
@Bean
|
||||
public DeviceGroupManager deviceGroupManager() {
|
||||
return new DBDeviceGroupManager(sessionFactory.getObject());
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link DBManager} for SupplyChainValidationSummary persistence, ready for use.
|
||||
*
|
||||
* @return {@link DBManager}
|
||||
*/
|
||||
@Bean
|
||||
public CrudManager<SupplyChainValidationSummary> supplyChainValidationSummaryManager() {
|
||||
return new DBManager<>(SupplyChainValidationSummary.class, sessionFactory.getObject());
|
||||
}
|
||||
}
|
@ -1,30 +1,29 @@
|
||||
package hirs.attestationca.portal.util;
|
||||
|
||||
import hirs.persist.service.CertificateService;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.CertificateAuthorityCredential;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.IssuedAttestationCertificate;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.data.persist.certificate.attributes.ComponentIdentifier;
|
||||
import hirs.data.persist.certificate.attributes.PlatformConfiguration;
|
||||
import hirs.utils.BouncyCastleUtils;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.bouncycastle.util.encoders.Hex;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.math.BigInteger;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.Comparator;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
import java.util.List;
|
||||
import java.util.Comparator;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.Set;
|
||||
import java.util.UUID;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.CertificateAuthorityCredential;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.data.persist.certificate.IssuedAttestationCertificate;
|
||||
import hirs.data.persist.certificate.attributes.ComponentIdentifier;
|
||||
import hirs.data.persist.certificate.attributes.PlatformConfiguration;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.utils.BouncyCastleUtils;
|
||||
import org.bouncycastle.util.encoders.Hex;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* Utility class for mapping certificate information in to string maps. These are used to display
|
||||
@ -43,11 +42,11 @@ public final class CertificateStringMapBuilder {
|
||||
* Returns the general information.
|
||||
*
|
||||
* @param certificate certificate to get the general information.
|
||||
* @param certificateManager the certificate manager for retrieving certs.
|
||||
* @param certificateService the certificate service for retrieving certs.
|
||||
* @return a hash map with the general certificate information.
|
||||
*/
|
||||
public static HashMap<String, String> getGeneralCertificateInfo(
|
||||
final Certificate certificate, final CertificateManager certificateManager) {
|
||||
final Certificate certificate, final CertificateService certificateService) {
|
||||
HashMap<String, String> data = new HashMap<>();
|
||||
|
||||
if (certificate != null) {
|
||||
@ -102,7 +101,7 @@ public final class CertificateStringMapBuilder {
|
||||
//Get issuer ID if not self signed
|
||||
if (data.get("isSelfSigned").equals("false")) {
|
||||
//Get the missing certificate chain for not self sign
|
||||
Certificate missingCert = containsAllChain(certificate, certificateManager);
|
||||
Certificate missingCert = containsAllChain(certificate, certificateService);
|
||||
String issuerResult;
|
||||
|
||||
if (missingCert != null) {
|
||||
@ -111,7 +110,7 @@ public final class CertificateStringMapBuilder {
|
||||
}
|
||||
//Find all certificates that could be the issuer certificate based on subject name
|
||||
for (Certificate issuerCert : CertificateAuthorityCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.bySubjectSorted(certificate.getIssuerSorted())
|
||||
.getCertificates()) {
|
||||
|
||||
@ -141,12 +140,12 @@ public final class CertificateStringMapBuilder {
|
||||
* Recursive function that check if all the certificate chain is present.
|
||||
*
|
||||
* @param certificate certificate to get the issuer
|
||||
* @param certificateManager the certificate manager for retrieving certs.
|
||||
* @param certificateService the certificate service for retrieving certs.
|
||||
* @return a boolean indicating if it has the full chain or not.
|
||||
*/
|
||||
public static Certificate containsAllChain(
|
||||
final Certificate certificate,
|
||||
final CertificateManager certificateManager) {
|
||||
final CertificateService certificateService) {
|
||||
Set<CertificateAuthorityCredential> issuerCertificates = new HashSet<>();
|
||||
CertificateAuthorityCredential skiCA = null;
|
||||
String issuerResult;
|
||||
@ -155,7 +154,7 @@ public final class CertificateStringMapBuilder {
|
||||
&& !certificate.getAuthKeyId().isEmpty()) {
|
||||
byte[] bytes = Hex.decode(certificate.getAuthKeyId());
|
||||
skiCA = CertificateAuthorityCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.bySubjectKeyIdentifier(bytes).getCertificate();
|
||||
} else {
|
||||
LOGGER.error(String.format("Certificate (%s) for %s has no authority key identifier.",
|
||||
@ -166,12 +165,12 @@ public final class CertificateStringMapBuilder {
|
||||
if (certificate.getIssuerSorted() == null
|
||||
|| certificate.getIssuerSorted().isEmpty()) {
|
||||
//Get certificates by subject
|
||||
issuerCertificates = CertificateAuthorityCredential.select(certificateManager)
|
||||
issuerCertificates = CertificateAuthorityCredential.select(certificateService)
|
||||
.bySubject(certificate.getIssuer())
|
||||
.getCertificates();
|
||||
} else {
|
||||
//Get certificates by subject organization
|
||||
issuerCertificates = CertificateAuthorityCredential.select(certificateManager)
|
||||
issuerCertificates = CertificateAuthorityCredential.select(certificateService)
|
||||
.bySubjectSorted(certificate.getIssuerSorted())
|
||||
.getCertificates();
|
||||
}
|
||||
@ -189,7 +188,7 @@ public final class CertificateStringMapBuilder {
|
||||
issuerCert.getSubject())) {
|
||||
return null;
|
||||
}
|
||||
return containsAllChain(issuerCert, certificateManager);
|
||||
return containsAllChain(issuerCert, certificateService);
|
||||
}
|
||||
} catch (IOException e) {
|
||||
LOGGER.error(e);
|
||||
@ -204,21 +203,21 @@ public final class CertificateStringMapBuilder {
|
||||
* Returns the Certificate Authority information.
|
||||
*
|
||||
* @param uuid ID for the certificate.
|
||||
* @param certificateManager the certificate manager for retrieving certs.
|
||||
* @param certificateService the certificate service for retrieving certs.
|
||||
* @return a hash map with the endorsement certificate information.
|
||||
*/
|
||||
public static HashMap<String, String> getCertificateAuthorityInformation(final UUID uuid,
|
||||
final CertificateManager certificateManager) {
|
||||
final CertificateService certificateService) {
|
||||
CertificateAuthorityCredential certificate =
|
||||
CertificateAuthorityCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.byEntityId(uuid)
|
||||
.getCertificate();
|
||||
|
||||
String notFoundMessage = "Unable to find Certificate Authority "
|
||||
+ "Credential with ID: " + uuid;
|
||||
|
||||
return getCertificateAuthorityInfoHelper(certificateManager, certificate, notFoundMessage);
|
||||
return getCertificateAuthorityInfoHelper(certificateService, certificate, notFoundMessage);
|
||||
}
|
||||
|
||||
|
||||
@ -226,23 +225,23 @@ public final class CertificateStringMapBuilder {
|
||||
* Returns the Trust Chain credential information.
|
||||
*
|
||||
* @param certificate the certificate
|
||||
* @param certificateManager the certificate manager for retrieving certs.
|
||||
* @param certificateService the certificate service for retrieving certs.
|
||||
* @return a hash map with the endorsement certificate information.
|
||||
*/
|
||||
public static HashMap<String, String> getCertificateAuthorityInformation(
|
||||
final CertificateAuthorityCredential certificate,
|
||||
final CertificateManager certificateManager) {
|
||||
return getCertificateAuthorityInfoHelper(certificateManager, certificate,
|
||||
final CertificateService certificateService) {
|
||||
return getCertificateAuthorityInfoHelper(certificateService, certificate,
|
||||
"No cert provided for mapping");
|
||||
}
|
||||
|
||||
private static HashMap<String, String> getCertificateAuthorityInfoHelper(
|
||||
final CertificateManager certificateManager,
|
||||
final CertificateService certificateService,
|
||||
final CertificateAuthorityCredential certificate, final String notFoundMessage) {
|
||||
HashMap<String, String> data = new HashMap<>();
|
||||
|
||||
if (certificate != null) {
|
||||
data.putAll(getGeneralCertificateInfo(certificate, certificateManager));
|
||||
data.putAll(getGeneralCertificateInfo(certificate, certificateService));
|
||||
data.put("subjectKeyIdentifier",
|
||||
Arrays.toString(certificate.getSubjectKeyIdentifier()));
|
||||
//x509 credential version
|
||||
@ -259,18 +258,18 @@ public final class CertificateStringMapBuilder {
|
||||
* Returns the endorsement credential information.
|
||||
*
|
||||
* @param uuid ID for the certificate.
|
||||
* @param certificateManager the certificate manager for retrieving certs.
|
||||
* @param certificateService the certificate service for retrieving certs.
|
||||
* @return a hash map with the endorsement certificate information.
|
||||
*/
|
||||
public static HashMap<String, String> getEndorsementInformation(final UUID uuid,
|
||||
final CertificateManager certificateManager) {
|
||||
final CertificateService certificateService) {
|
||||
HashMap<String, String> data = new HashMap<>();
|
||||
EndorsementCredential certificate = EndorsementCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.byEntityId(uuid)
|
||||
.getCertificate();
|
||||
if (certificate != null) {
|
||||
data.putAll(getGeneralCertificateInfo(certificate, certificateManager));
|
||||
data.putAll(getGeneralCertificateInfo(certificate, certificateService));
|
||||
// Set extra fields
|
||||
data.put("manufacturer", certificate.getManufacturer());
|
||||
data.put("model", certificate.getModel());
|
||||
@ -302,22 +301,22 @@ public final class CertificateStringMapBuilder {
|
||||
* Returns the Platform credential information.
|
||||
*
|
||||
* @param uuid ID for the certificate.
|
||||
* @param certificateManager the certificate manager for retrieving certs.
|
||||
* @param certificateService the certificate service for retrieving certs.
|
||||
* @return a hash map with the endorsement certificate information.
|
||||
* @throws IOException when parsing the certificate
|
||||
* @throws IllegalArgumentException invalid argument on parsing the certificate
|
||||
*/
|
||||
public static HashMap<String, Object> getPlatformInformation(final UUID uuid,
|
||||
final CertificateManager certificateManager)
|
||||
final CertificateService certificateService)
|
||||
throws IllegalArgumentException, IOException {
|
||||
HashMap<String, Object> data = new HashMap<>();
|
||||
PlatformCredential certificate = PlatformCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.byEntityId(uuid)
|
||||
.getCertificate();
|
||||
|
||||
if (certificate != null) {
|
||||
data.putAll(getGeneralCertificateInfo(certificate, certificateManager));
|
||||
data.putAll(getGeneralCertificateInfo(certificate, certificateService));
|
||||
data.put("credentialType", certificate.getCredentialType());
|
||||
data.put("platformType", certificate.getPlatformType());
|
||||
data.put("manufacturer", certificate.getManufacturer());
|
||||
@ -338,7 +337,7 @@ public final class CertificateStringMapBuilder {
|
||||
data.put("holderIssuer", certificate.getHolderIssuer());
|
||||
if (certificate.isBase()) {
|
||||
EndorsementCredential ekCertificate = EndorsementCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.bySerialNumber(certificate.getHolderSerialNumber())
|
||||
.getCertificate();
|
||||
if (ekCertificate != null) {
|
||||
@ -348,7 +347,7 @@ public final class CertificateStringMapBuilder {
|
||||
if (certificate.getPlatformType() != null
|
||||
&& certificate.getPlatformType().equals("Delta")) {
|
||||
PlatformCredential holderCertificate = PlatformCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.bySerialNumber(certificate.getHolderSerialNumber())
|
||||
.getCertificate();
|
||||
if (holderCertificate != null) {
|
||||
@ -358,7 +357,7 @@ public final class CertificateStringMapBuilder {
|
||||
}
|
||||
|
||||
PlatformCredential prevCertificate = PlatformCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.byHolderSerialNumber(certificate.getSerialNumber())
|
||||
.getCertificate();
|
||||
|
||||
@ -398,7 +397,7 @@ public final class CertificateStringMapBuilder {
|
||||
if (certificate.getPlatformSerial() != null) {
|
||||
// link certificate chain
|
||||
List<PlatformCredential> chainCertificates = PlatformCredential
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.byBoardSerialNumber(certificate.getPlatformSerial())
|
||||
.getCertificates().stream().collect(Collectors.toList());
|
||||
|
||||
@ -463,18 +462,18 @@ public final class CertificateStringMapBuilder {
|
||||
* Returns the Issued Attestation Certificate information.
|
||||
*
|
||||
* @param uuid ID for the certificate.
|
||||
* @param certificateManager the certificate manager for retrieving certs.
|
||||
* @param certificateService the certificate service for retrieving certs.
|
||||
* @return a hash map with the endorsement certificate information.
|
||||
*/
|
||||
public static HashMap<String, String> getIssuedInformation(final UUID uuid,
|
||||
final CertificateManager certificateManager) {
|
||||
final CertificateService certificateService) {
|
||||
HashMap<String, String> data = new HashMap<>();
|
||||
IssuedAttestationCertificate certificate = IssuedAttestationCertificate
|
||||
.select(certificateManager)
|
||||
.select(certificateService)
|
||||
.byEntityId(uuid)
|
||||
.getCertificate();
|
||||
if (certificate != null) {
|
||||
data.putAll(getGeneralCertificateInfo(certificate, certificateManager));
|
||||
data.putAll(getGeneralCertificateInfo(certificate, certificateService));
|
||||
|
||||
// add endorsement credential ID if not null
|
||||
if (certificate.getEndorsementCredential() != null) {
|
||||
|
@ -6,7 +6,7 @@ import com.github.marandus.pciid.service.PciIdsDatabase;
|
||||
import com.google.common.base.Strings;
|
||||
import hirs.data.persist.certificate.attributes.ComponentIdentifier;
|
||||
import hirs.data.persist.certificate.attributes.V2.ComponentIdentifierV2;
|
||||
import org.bouncycastle.asn1.DERUTF8String;
|
||||
import org.bouncycastle.asn1.ASN1UTF8String;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
@ -129,8 +129,8 @@ public final class PciIds {
|
||||
final String compClassValue = component.getComponentClass().getCategoryValue();
|
||||
if (compClassValue.equals(COMPCLASS_TCG_CAT_NIC)
|
||||
|| compClassValue.equals(COMPCLASS_TCG_CAT_GFX)) {
|
||||
DERUTF8String manufacturer = translateVendor(component.getComponentManufacturer());
|
||||
DERUTF8String model = translateDevice(component.getComponentManufacturer(),
|
||||
ASN1UTF8String manufacturer = translateVendor(component.getComponentManufacturer());
|
||||
ASN1UTF8String model = translateDevice(component.getComponentManufacturer(),
|
||||
component.getComponentModel());
|
||||
|
||||
newComponent = new ComponentIdentifierV2(component.getComponentClass(),
|
||||
@ -153,15 +153,15 @@ public final class PciIds {
|
||||
/**
|
||||
* Look up the vendor name from the PCI IDs list, if the input string contains an ID.
|
||||
* If any part of this fails, return the original manufacturer value.
|
||||
* @param refManufacturer DERUTF8String, likely from a ComponentIdentifier
|
||||
* @return DERUTF8String with the discovered vendor name, or the original manufacturer value.
|
||||
* @param refManufacturer ASN1UTF8String, likely from a ComponentIdentifier
|
||||
* @return ASN1UTF8String with the discovered vendor name, or the original manufacturer value.
|
||||
*/
|
||||
public static DERUTF8String translateVendor(final DERUTF8String refManufacturer) {
|
||||
DERUTF8String manufacturer = refManufacturer;
|
||||
public static ASN1UTF8String translateVendor(final ASN1UTF8String refManufacturer) {
|
||||
ASN1UTF8String manufacturer = refManufacturer;
|
||||
if (manufacturer != null && manufacturer.getString().trim().matches("^[0-9A-Fa-f]{4}$")) {
|
||||
Vendor ven = DB.findVendor(manufacturer.getString().toLowerCase());
|
||||
if (ven != null && !Strings.isNullOrEmpty(ven.getName())) {
|
||||
manufacturer = new DERUTF8String(ven.getName());
|
||||
manufacturer = ASN1UTF8String.getInstance(ven.getName());
|
||||
}
|
||||
}
|
||||
return manufacturer;
|
||||
@ -175,10 +175,10 @@ public final class PciIds {
|
||||
* @param refModel DERUTF8String, likely from a ComponentIdentifier
|
||||
* @return DERUTF8String with the discovered device name, or the original model value.
|
||||
*/
|
||||
public static DERUTF8String translateDevice(final DERUTF8String refManufacturer,
|
||||
final DERUTF8String refModel) {
|
||||
DERUTF8String manufacturer = refManufacturer;
|
||||
DERUTF8String model = refModel;
|
||||
public static ASN1UTF8String translateDevice(final ASN1UTF8String refManufacturer,
|
||||
final ASN1UTF8String refModel) {
|
||||
ASN1UTF8String manufacturer = refManufacturer;
|
||||
ASN1UTF8String model = refModel;
|
||||
if (manufacturer != null
|
||||
&& model != null
|
||||
&& manufacturer.getString().trim().matches("^[0-9A-Fa-f]{4}$")
|
||||
@ -186,7 +186,7 @@ public final class PciIds {
|
||||
Device dev = DB.findDevice(manufacturer.getString().toLowerCase(),
|
||||
model.getString().toLowerCase());
|
||||
if (dev != null && !Strings.isNullOrEmpty(dev.getName())) {
|
||||
model = new DERUTF8String(dev.getName());
|
||||
model = ASN1UTF8String.getInstance(dev.getName());
|
||||
}
|
||||
}
|
||||
return model;
|
||||
|
@ -6,7 +6,7 @@ import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseBuilder;
|
||||
import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseType;
|
||||
import org.springframework.orm.hibernate4.LocalSessionFactoryBean;
|
||||
import org.springframework.orm.hibernate5.LocalSessionFactoryBean;
|
||||
import org.springframework.transaction.annotation.EnableTransactionManagement;
|
||||
|
||||
import javax.sql.DataSource;
|
||||
|
@ -1,43 +1,42 @@
|
||||
package hirs.attestationca.portal.page.controllers;
|
||||
|
||||
import hirs.attestationca.portal.page.Page;
|
||||
import hirs.attestationca.portal.page.PageController;
|
||||
import hirs.attestationca.portal.page.PageControllerTest;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.CertificateAuthorityCredential;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.IssuedAttestationCertificate;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.attestationca.portal.page.PageControllerTest;
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.test.annotation.DirtiesContext;
|
||||
import org.springframework.test.annotation.Rollback;
|
||||
import org.springframework.test.web.servlet.MvcResult;
|
||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.net.URISyntaxException;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
import java.security.Security;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.security.Security;
|
||||
|
||||
import static org.hamcrest.Matchers.hasProperty;
|
||||
import static org.hamcrest.Matchers.hasItem;
|
||||
|
||||
import org.springframework.test.annotation.Rollback;
|
||||
import org.springframework.test.web.servlet.MvcResult;
|
||||
import static org.hamcrest.Matchers.hasProperty;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.model;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import hirs.attestationca.portal.page.Page;
|
||||
import hirs.attestationca.portal.page.PageController;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* Integration tests that test the URL End Points of CertificateDetailsPageController.
|
||||
@ -51,9 +50,6 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
@Autowired
|
||||
private DeviceManager deviceManager;
|
||||
|
||||
@Autowired
|
||||
private DeviceGroupManager deviceGroupManager;
|
||||
|
||||
private CertificateAuthorityCredential caCertificate;
|
||||
private CertificateAuthorityCredential caRootCertificate;
|
||||
private PlatformCredential platformCredential;
|
||||
@ -96,13 +92,8 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
|
||||
Set<PlatformCredential> pcCertSet = new HashSet<>();
|
||||
|
||||
//Create new device group
|
||||
DeviceGroup group = new DeviceGroup("default");
|
||||
group = deviceGroupManager.saveDeviceGroup(group);
|
||||
|
||||
//Create new device and save it
|
||||
Device device = new Device("Test");
|
||||
device.setDeviceGroup(group);
|
||||
device = deviceManager.saveDevice(device);
|
||||
|
||||
//Upload and save EK Cert
|
||||
@ -112,7 +103,7 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
TEST_ENDORSEMENT_CREDENTIAL,
|
||||
null,
|
||||
null);
|
||||
certificateManager.save(endorsementCredential);
|
||||
certificateManager.saveCertificate(endorsementCredential);
|
||||
|
||||
//Upload and save CA Cert
|
||||
caCertificate = (CertificateAuthorityCredential)
|
||||
@ -121,7 +112,7 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
TEST_CA_CERTIFICATE,
|
||||
null,
|
||||
null);
|
||||
certificateManager.save(caCertificate);
|
||||
certificateManager.saveCertificate(caCertificate);
|
||||
|
||||
//Upload and save root Cert
|
||||
caRootCertificate = (CertificateAuthorityCredential)
|
||||
@ -130,7 +121,7 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
TEST_ROOT_CA_CERTIFICATE,
|
||||
null,
|
||||
null);
|
||||
certificateManager.save(caRootCertificate);
|
||||
certificateManager.saveCertificate(caRootCertificate);
|
||||
|
||||
//Upload and save Platform Cert
|
||||
platformCredential = (PlatformCredential)
|
||||
@ -139,7 +130,7 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
TEST_PLATFORM_CREDENTIAL,
|
||||
null,
|
||||
null);
|
||||
certificateManager.save(platformCredential);
|
||||
certificateManager.saveCertificate(platformCredential);
|
||||
|
||||
pcCertSet.add(platformCredential);
|
||||
|
||||
@ -150,7 +141,7 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
TEST_PLATFORM_CREDENTIAL_2,
|
||||
null,
|
||||
null);
|
||||
certificateManager.save(platformCredential2);
|
||||
certificateManager.saveCertificate(platformCredential2);
|
||||
|
||||
pcCertSet.add(platformCredential);
|
||||
|
||||
@ -161,7 +152,7 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
TEST_PLATFORM_CREDENTIAL_2_PCI,
|
||||
null,
|
||||
null);
|
||||
certificateManager.save(platformCertificatePCI);
|
||||
certificateManager.saveCertificate(platformCertificatePCI);
|
||||
|
||||
pcCertSet.add(platformCertificatePCI);
|
||||
|
||||
@ -173,7 +164,7 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
endorsementCredential,
|
||||
pcCertSet);
|
||||
issuedCredential.setDevice(device);
|
||||
certificateManager.save(issuedCredential);
|
||||
certificateManager.saveCertificate(issuedCredential);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -238,7 +229,6 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
@Rollback
|
||||
@SuppressWarnings("unchecked")
|
||||
public void testInitPageCertificateAuthority() throws Exception {
|
||||
|
||||
MvcResult result = getMockMvc()
|
||||
.perform(MockMvcRequestBuilders.get("/" + getPage().getViewName())
|
||||
.param("id", caCertificate.getId().toString())
|
||||
@ -246,14 +236,16 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(model().attributeExists(PolicyPageController.INITIAL_DATA))
|
||||
.andReturn();
|
||||
ModelAndView modelAndView = result.getModelAndView();
|
||||
Map<String, Object> modelMap = Collections.EMPTY_MAP;
|
||||
if (modelAndView != null) {
|
||||
modelMap = modelAndView.getModel();
|
||||
}
|
||||
|
||||
// Obtain initialData HashMap
|
||||
Map<String, String> initialData = (Map<String, String>) result
|
||||
.getModelAndView()
|
||||
.getModel()
|
||||
Map<String, String> initialData = (Map<String, String>) modelMap
|
||||
.get(PolicyPageController.INITIAL_DATA);
|
||||
Assert.assertEquals(initialData.get("issuer"), caCertificate.getIssuer());
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
@ -265,7 +257,6 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
@Rollback
|
||||
@SuppressWarnings("unchecked")
|
||||
public void testInitPagePlatform() throws Exception {
|
||||
|
||||
MvcResult result = getMockMvc()
|
||||
.perform(MockMvcRequestBuilders.get("/" + getPage().getViewName())
|
||||
.param("id", platformCredential.getId().toString())
|
||||
@ -274,15 +265,18 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
.andExpect(model().attributeExists(PolicyPageController.INITIAL_DATA))
|
||||
.andReturn();
|
||||
|
||||
ModelAndView modelAndView = result.getModelAndView();
|
||||
Map<String, Object> modelMap = Collections.EMPTY_MAP;
|
||||
if (modelAndView != null) {
|
||||
modelMap = modelAndView.getModel();
|
||||
}
|
||||
|
||||
// Obtain initialData HashMap
|
||||
Map<String, String> initialData = (Map<String, String>) result
|
||||
.getModelAndView()
|
||||
.getModel()
|
||||
Map<String, String> initialData = (Map<String, String>) modelMap
|
||||
.get(PolicyPageController.INITIAL_DATA);
|
||||
Assert.assertEquals(initialData.get("issuer"), platformCredential.getIssuer());
|
||||
Assert.assertEquals(initialData.get("credentialType"),
|
||||
((PlatformCredential) platformCredential).getCredentialType());
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
@ -294,7 +288,6 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
@Rollback
|
||||
@SuppressWarnings("unchecked")
|
||||
public void testInitPagePlatform20() throws Exception {
|
||||
|
||||
MvcResult result = getMockMvc()
|
||||
.perform(MockMvcRequestBuilders.get("/" + getPage().getViewName())
|
||||
.param("id", platformCredential2.getId().toString())
|
||||
@ -302,11 +295,14 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(model().attributeExists(PolicyPageController.INITIAL_DATA))
|
||||
.andReturn();
|
||||
ModelAndView modelAndView = result.getModelAndView();
|
||||
Map<String, Object> modelMap = Collections.EMPTY_MAP;
|
||||
if (modelAndView != null) {
|
||||
modelMap = modelAndView.getModel();
|
||||
}
|
||||
|
||||
// Obtain initialData HashMap
|
||||
Map<String, Object> initialData = (Map<String, Object>) result
|
||||
.getModelAndView()
|
||||
.getModel()
|
||||
Map<String, Object> initialData = (Map<String, Object>) modelMap
|
||||
.get(PolicyPageController.INITIAL_DATA);
|
||||
Assert.assertEquals(initialData.get("issuer"), platformCredential2.getIssuer());
|
||||
Assert.assertEquals(initialData.get("credentialType"),
|
||||
@ -320,7 +316,6 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
Assert.assertNotNull(initialData.get("platformProperties"));
|
||||
obj = (List<?>) initialData.get("platformProperties");
|
||||
Assert.assertEquals(obj.size(), 2);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
@ -332,7 +327,6 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
@Rollback
|
||||
@SuppressWarnings("unchecked")
|
||||
public void testInitPagePlatform20PCI() throws Exception {
|
||||
|
||||
MvcResult result = getMockMvc()
|
||||
.perform(MockMvcRequestBuilders.get("/" + getPage().getViewName())
|
||||
.param("id", platformCertificatePCI.getId().toString())
|
||||
@ -340,11 +334,14 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(model().attributeExists(PolicyPageController.INITIAL_DATA))
|
||||
.andReturn();
|
||||
ModelAndView modelAndView = result.getModelAndView();
|
||||
Map<String, Object> modelMap = Collections.EMPTY_MAP;
|
||||
if (modelAndView != null) {
|
||||
modelMap = modelAndView.getModel();
|
||||
}
|
||||
|
||||
// Obtain initialData HashMap
|
||||
Map<String, Object> initialData = (Map<String, Object>) result
|
||||
.getModelAndView()
|
||||
.getModel()
|
||||
Map<String, Object> initialData = (Map<String, Object>) modelMap
|
||||
.get(PolicyPageController.INITIAL_DATA);
|
||||
Assert.assertEquals(initialData.get("issuer"), platformCertificatePCI.getIssuer());
|
||||
Assert.assertEquals(initialData.get("credentialType"),
|
||||
@ -358,7 +355,6 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
Assert.assertNotNull(initialData.get("platformProperties"));
|
||||
obj = (List<?>) initialData.get("platformProperties");
|
||||
Assert.assertEquals(obj.size(), 0);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
@ -370,7 +366,6 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
@Rollback
|
||||
@SuppressWarnings("unchecked")
|
||||
public void testInitPageEndorsement() throws Exception {
|
||||
|
||||
MvcResult result = getMockMvc()
|
||||
.perform(MockMvcRequestBuilders.get("/" + getPage().getViewName())
|
||||
.param("id", endorsementCredential.getId().toString())
|
||||
@ -378,11 +373,14 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(model().attributeExists(PolicyPageController.INITIAL_DATA))
|
||||
.andReturn();
|
||||
ModelAndView modelAndView = result.getModelAndView();
|
||||
Map<String, Object> modelMap = Collections.EMPTY_MAP;
|
||||
if (modelAndView != null) {
|
||||
modelMap = modelAndView.getModel();
|
||||
}
|
||||
|
||||
// Obtain initialData HashMap
|
||||
Map<String, String> initialData = (Map<String, String>) result
|
||||
.getModelAndView()
|
||||
.getModel()
|
||||
Map<String, String> initialData = (Map<String, String>) modelMap
|
||||
.get(PolicyPageController.INITIAL_DATA);
|
||||
Assert.assertEquals(initialData.get("issuer"), endorsementCredential.getIssuer());
|
||||
Assert.assertEquals(initialData.get("manufacturer"),
|
||||
@ -397,20 +395,21 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
@Rollback
|
||||
@SuppressWarnings("unchecked")
|
||||
public void testInitPageID() throws Exception {
|
||||
|
||||
MvcResult result = getMockMvc()
|
||||
.perform(MockMvcRequestBuilders.get("/" + getPage().getViewName())
|
||||
.param("id", caCertificate.getId().toString())
|
||||
.param("type", "certificateauthority"))
|
||||
.andExpect(model().attributeExists(
|
||||
CertificateDetailsPageController.INITIAL_DATA))
|
||||
|
||||
.andReturn();
|
||||
ModelAndView modelAndView = result.getModelAndView();
|
||||
Map<String, Object> modelMap = Collections.EMPTY_MAP;
|
||||
if (modelAndView != null) {
|
||||
modelMap = modelAndView.getModel();
|
||||
}
|
||||
|
||||
// Obtain initialData HashMap
|
||||
Map<String, String> initialData = (Map<String, String>) result
|
||||
.getModelAndView()
|
||||
.getModel()
|
||||
Map<String, String> initialData = (Map<String, String>) modelMap
|
||||
.get(PolicyPageController.INITIAL_DATA);
|
||||
|
||||
Assert.assertEquals(initialData.get("issuer"), caCertificate.getIssuer());
|
||||
@ -427,7 +426,6 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
@Rollback
|
||||
@SuppressWarnings("unchecked")
|
||||
public void testInitPageIssuedAttestation() throws Exception {
|
||||
|
||||
MvcResult result = getMockMvc()
|
||||
.perform(MockMvcRequestBuilders.get("/" + getPage().getViewName())
|
||||
.param("id", issuedCredential.getId().toString())
|
||||
@ -435,11 +433,14 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(model().attributeExists(PolicyPageController.INITIAL_DATA))
|
||||
.andReturn();
|
||||
ModelAndView modelAndView = result.getModelAndView();
|
||||
Map<String, Object> modelMap = Collections.EMPTY_MAP;
|
||||
if (modelAndView != null) {
|
||||
modelMap = modelAndView.getModel();
|
||||
}
|
||||
|
||||
// Obtain initialData HashMap
|
||||
Map<String, String> initialData = (Map<String, String>) result
|
||||
.getModelAndView()
|
||||
.getModel()
|
||||
Map<String, String> initialData = (Map<String, String>) modelMap
|
||||
.get(PolicyPageController.INITIAL_DATA);
|
||||
Assert.assertEquals(initialData.get("issuer"), issuedCredential.getIssuer());
|
||||
Assert.assertEquals(initialData.get("endorsementID"),
|
||||
|
@ -1,31 +1,30 @@
|
||||
package hirs.attestationca.portal.page.controllers;
|
||||
|
||||
import hirs.attestationca.portal.page.PageControllerTest;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
import static hirs.attestationca.portal.page.Page.DEVICES;
|
||||
import java.io.IOException;
|
||||
import java.net.URISyntaxException;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
import static org.hamcrest.Matchers.hasSize;
|
||||
import hirs.data.persist.AppraisalStatus;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.test.annotation.DirtiesContext;
|
||||
import org.springframework.test.annotation.Rollback;
|
||||
import org.springframework.test.context.web.WebAppConfiguration;
|
||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.net.URISyntaxException;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
|
||||
import static hirs.attestationca.portal.page.Page.DEVICES;
|
||||
import static org.hamcrest.Matchers.hasSize;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
|
||||
/**
|
||||
* Integration tests that test the URL End Points of DevicePageController.
|
||||
@ -43,15 +42,11 @@ public class DevicesPageControllerTest extends PageControllerTest {
|
||||
private static final String TEST_PLATFORM_CREDENTIAL
|
||||
= "/platform_credentials/Intel_pc.cer";
|
||||
|
||||
private DeviceGroup group;
|
||||
private Device device;
|
||||
|
||||
@Autowired
|
||||
private DeviceManager deviceManager;
|
||||
|
||||
@Autowired
|
||||
private DeviceGroupManager deviceGroupManager;
|
||||
|
||||
@Autowired
|
||||
private CertificateManager certificateManager;
|
||||
|
||||
@ -68,32 +63,27 @@ public class DevicesPageControllerTest extends PageControllerTest {
|
||||
*/
|
||||
@BeforeClass
|
||||
public void beforeMethod() throws IOException {
|
||||
//Create new device group
|
||||
group = new DeviceGroup(DEVICE_GROUP_NAME);
|
||||
group = deviceGroupManager.saveDeviceGroup(group);
|
||||
|
||||
//Create new device and save it
|
||||
device = new Device(DEVICE_NAME);
|
||||
device.setSupplyChainStatus(AppraisalStatus.Status.PASS);
|
||||
device.setDeviceGroup(group);
|
||||
device = deviceManager.saveDevice(device);
|
||||
|
||||
//Upload and save EK Cert
|
||||
EndorsementCredential ec = (EndorsementCredential)
|
||||
getTestCertificate(EndorsementCredential.class, TEST_ENDORSEMENT_CREDENTIAL);
|
||||
ec.setDevice(device);
|
||||
certificateManager.save(ec);
|
||||
certificateManager.saveCertificate(ec);
|
||||
|
||||
//Add second EK Cert without a device
|
||||
ec = (EndorsementCredential)
|
||||
getTestCertificate(EndorsementCredential.class, TEST_ENDORSEMENT_CREDENTIAL_2);
|
||||
certificateManager.save(ec);
|
||||
certificateManager.saveCertificate(ec);
|
||||
|
||||
//Upload and save Platform Cert
|
||||
PlatformCredential pc = (PlatformCredential)
|
||||
getTestCertificate(PlatformCredential.class, TEST_PLATFORM_CREDENTIAL);
|
||||
pc.setDevice(device);
|
||||
certificateManager.save(pc);
|
||||
certificateManager.saveCertificate(pc);
|
||||
|
||||
}
|
||||
|
||||
|
@ -1,10 +1,10 @@
|
||||
package hirs.attestationca.portal.page.controllers;
|
||||
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.attestationca.portal.page.PageControllerTest;
|
||||
import hirs.attestationca.portal.page.PageMessages;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.persist.service.CertificateService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.core.io.ClassPathResource;
|
||||
import org.springframework.mock.web.MockMultipartFile;
|
||||
@ -30,7 +30,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
public class EndorsementKeyCredentialsPageControllerTest extends PageControllerTest {
|
||||
|
||||
@Autowired
|
||||
private CertificateManager certificateManager;
|
||||
private CertificateService certificateService;
|
||||
|
||||
private static final String EKCERT = "fakeIntelIntermediateCA.pem";
|
||||
private static final String BADEKCERT = "badCert.pem";
|
||||
@ -73,7 +73,7 @@ public class EndorsementKeyCredentialsPageControllerTest extends PageControllerT
|
||||
public void uploadAndArchiveNonEndorsementCert() throws Exception {
|
||||
// perform upload. Attach csv file and add HTTP parameters for the baseline name and type.
|
||||
MvcResult result = getMockMvc().perform(MockMvcRequestBuilders
|
||||
.fileUpload("/certificate-request/endorsement-key-credentials/upload")
|
||||
.multipart("/certificate-request/endorsement-key-credentials/upload")
|
||||
.file(nonEkCertFile))
|
||||
.andExpect(status().is3xxRedirection())
|
||||
.andReturn();
|
||||
@ -87,7 +87,8 @@ public class EndorsementKeyCredentialsPageControllerTest extends PageControllerT
|
||||
|
||||
// verify the cert was actually stored
|
||||
Set<Certificate> records =
|
||||
certificateManager.get(EndorsementCredential.select(certificateManager));
|
||||
certificateService.getCertificate(
|
||||
EndorsementCredential.select(certificateService));
|
||||
Assert.assertEquals(records.size(), 1);
|
||||
|
||||
Certificate cert = records.iterator().next();
|
||||
@ -99,8 +100,8 @@ public class EndorsementKeyCredentialsPageControllerTest extends PageControllerT
|
||||
.param("id", cert.getId().toString()))
|
||||
.andExpect(status().is3xxRedirection())
|
||||
.andReturn();
|
||||
records = certificateManager.get(EndorsementCredential
|
||||
.select(certificateManager).includeArchived());
|
||||
records = certificateService.getCertificate(EndorsementCredential
|
||||
.select(certificateService).includeArchived());
|
||||
Assert.assertEquals(records.size(), 1);
|
||||
|
||||
cert = records.iterator().next();
|
||||
@ -117,7 +118,7 @@ public class EndorsementKeyCredentialsPageControllerTest extends PageControllerT
|
||||
public void uploadBadEndorsementCert() throws Exception {
|
||||
// perform upload. Attach csv file and add HTTP parameters for the baseline name and type.
|
||||
MvcResult result = getMockMvc().perform(MockMvcRequestBuilders
|
||||
.fileUpload("/certificate-request/endorsement-key-credentials/upload")
|
||||
.multipart("/certificate-request/endorsement-key-credentials/upload")
|
||||
.file(badCertFile))
|
||||
.andExpect(status().is3xxRedirection())
|
||||
.andReturn();
|
||||
@ -130,7 +131,8 @@ public class EndorsementKeyCredentialsPageControllerTest extends PageControllerT
|
||||
|
||||
// verify the cert was not actually stored
|
||||
Set<Certificate> records =
|
||||
certificateManager.get(EndorsementCredential.select(certificateManager));
|
||||
certificateService.getCertificate(
|
||||
EndorsementCredential.select(certificateService));
|
||||
Assert.assertEquals(records.size(), 0);
|
||||
}
|
||||
}
|
||||
|
@ -1,33 +1,33 @@
|
||||
package hirs.attestationca.portal.page.controllers;
|
||||
|
||||
import hirs.attestationca.portal.page.PageControllerTest;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.IssuedAttestationCertificate;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import static hirs.attestationca.portal.page.Page.ISSUED_CERTIFICATES;
|
||||
import hirs.attestationca.portal.page.PageControllerTest;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.test.annotation.DirtiesContext;
|
||||
import org.springframework.test.annotation.Rollback;
|
||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.net.URISyntaxException;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
import static hirs.attestationca.portal.page.Page.ISSUED_CERTIFICATES;
|
||||
import static org.hamcrest.Matchers.hasSize;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.test.annotation.DirtiesContext;
|
||||
import org.springframework.test.annotation.Rollback;
|
||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
/**
|
||||
* Integration tests that test the URL End Points of IssuedCertificatesPageController.
|
||||
@ -47,14 +47,11 @@ public class IssuedCertificatesPageControllerTest extends PageControllerTest {
|
||||
private Set<PlatformCredential> platformCredentials;
|
||||
private IssuedAttestationCertificate issued;
|
||||
|
||||
private DeviceGroup group;
|
||||
private Device device;
|
||||
|
||||
@Autowired
|
||||
private DeviceManager deviceManager;
|
||||
|
||||
@Autowired
|
||||
private DeviceGroupManager deviceGroupManager;
|
||||
|
||||
@Autowired
|
||||
private CertificateManager certificateManager;
|
||||
@ -65,13 +62,8 @@ public class IssuedCertificatesPageControllerTest extends PageControllerTest {
|
||||
*/
|
||||
@BeforeClass
|
||||
public void beforeMethod() throws IOException {
|
||||
//Create new device grup
|
||||
group = new DeviceGroup("default");
|
||||
group = deviceGroupManager.saveDeviceGroup(group);
|
||||
|
||||
//Create new device and save it
|
||||
device = new Device("Test");
|
||||
device.setDeviceGroup(group);
|
||||
device = deviceManager.saveDevice(device);
|
||||
|
||||
//Upload and save EK Cert
|
||||
@ -82,7 +74,7 @@ public class IssuedCertificatesPageControllerTest extends PageControllerTest {
|
||||
null,
|
||||
null);
|
||||
ec.setDevice(device);
|
||||
certificateManager.save(ec);
|
||||
certificateManager.saveCertificate(ec);
|
||||
|
||||
//Set up multi-platform cert Attestation Cert
|
||||
platformCredentials = new HashSet<>();
|
||||
@ -95,7 +87,7 @@ public class IssuedCertificatesPageControllerTest extends PageControllerTest {
|
||||
null,
|
||||
null);
|
||||
pc.setDevice(device);
|
||||
certificateManager.save(pc);
|
||||
certificateManager.saveCertificate(pc);
|
||||
platformCredentials.add(pc);
|
||||
|
||||
pc = (PlatformCredential)
|
||||
@ -105,7 +97,7 @@ public class IssuedCertificatesPageControllerTest extends PageControllerTest {
|
||||
null,
|
||||
null);
|
||||
pc.setDevice(device);
|
||||
certificateManager.save(pc);
|
||||
certificateManager.saveCertificate(pc);
|
||||
platformCredentials.add(pc);
|
||||
|
||||
issued = (IssuedAttestationCertificate)
|
||||
@ -115,7 +107,7 @@ public class IssuedCertificatesPageControllerTest extends PageControllerTest {
|
||||
ec,
|
||||
platformCredentials);
|
||||
issued.setDevice(device);
|
||||
certificateManager.save(issued);
|
||||
certificateManager.saveCertificate(issued);
|
||||
|
||||
}
|
||||
|
||||
|
@ -1,10 +1,10 @@
|
||||
package hirs.attestationca.portal.page.controllers;
|
||||
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.attestationca.portal.page.PageControllerTest;
|
||||
import hirs.attestationca.portal.page.PageMessages;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.persist.service.CertificateService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.core.io.ClassPathResource;
|
||||
import org.springframework.mock.web.MockMultipartFile;
|
||||
@ -29,7 +29,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
@DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_EACH_TEST_METHOD)
|
||||
public class PlatformCredentialsPageControllerTest extends PageControllerTest {
|
||||
@Autowired
|
||||
private CertificateManager certificateManager;
|
||||
private CertificateService certificateService;
|
||||
|
||||
// A cert that is an actual PC cert file and should be parsable.
|
||||
private MockMultipartFile realPcCertFile;
|
||||
@ -82,7 +82,7 @@ public class PlatformCredentialsPageControllerTest extends PageControllerTest {
|
||||
private Certificate uploadTestCert() throws Exception {
|
||||
// perform upload. Attach csv file and add HTTP parameters for the baseline name and type.
|
||||
MvcResult result = getMockMvc().perform(MockMvcRequestBuilders
|
||||
.fileUpload("/certificate-request/platform-credentials/upload")
|
||||
.multipart("/certificate-request/platform-credentials/upload")
|
||||
.file(realPcCertFile))
|
||||
.andExpect(status().is3xxRedirection())
|
||||
.andReturn();
|
||||
@ -95,7 +95,7 @@ public class PlatformCredentialsPageControllerTest extends PageControllerTest {
|
||||
|
||||
// verify the cert was actually stored
|
||||
Set<Certificate> records =
|
||||
certificateManager.get(PlatformCredential.select(certificateManager));
|
||||
certificateService.getCertificate(PlatformCredential.select(certificateService));
|
||||
Assert.assertEquals(records.size(), 1);
|
||||
|
||||
Certificate cert = records.iterator().next();
|
||||
@ -113,8 +113,8 @@ public class PlatformCredentialsPageControllerTest extends PageControllerTest {
|
||||
.andReturn();
|
||||
|
||||
Set<Certificate> records =
|
||||
certificateManager.get(PlatformCredential
|
||||
.select(certificateManager).includeArchived());
|
||||
certificateService.getCertificate(PlatformCredential
|
||||
.select(certificateService).includeArchived());
|
||||
Assert.assertEquals(records.size(), 1);
|
||||
|
||||
Assert.assertTrue(records.iterator().next().isArchived());
|
||||
@ -133,7 +133,7 @@ public class PlatformCredentialsPageControllerTest extends PageControllerTest {
|
||||
|
||||
// upload the same cert again
|
||||
MvcResult result = getMockMvc().perform(MockMvcRequestBuilders
|
||||
.fileUpload("/certificate-request/platform-credentials/upload")
|
||||
.multipart("/certificate-request/platform-credentials/upload")
|
||||
.file(realPcCertFile))
|
||||
.andExpect(status().is3xxRedirection())
|
||||
.andReturn();
|
||||
@ -147,8 +147,8 @@ public class PlatformCredentialsPageControllerTest extends PageControllerTest {
|
||||
"Pre-existing certificate found and unarchived (" + REALPCCERT + "): ");
|
||||
|
||||
// verify the cert was actually stored
|
||||
Set<Certificate> records = certificateManager.get(PlatformCredential.select(
|
||||
certificateManager));
|
||||
Set<Certificate> records = certificateService.getCertificate(PlatformCredential.select(
|
||||
certificateService));
|
||||
Assert.assertEquals(records.size(), 1);
|
||||
|
||||
Certificate newCert = records.iterator().next();
|
||||
@ -168,12 +168,12 @@ public class PlatformCredentialsPageControllerTest extends PageControllerTest {
|
||||
public void uploadNonPlatformCert() throws Exception {
|
||||
// verify the cert was not actually stored
|
||||
Set<Certificate> originalRecords =
|
||||
certificateManager.get(PlatformCredential.select(certificateManager));
|
||||
certificateService.getCertificate(PlatformCredential.select(certificateService));
|
||||
Assert.assertEquals(originalRecords.size(), 0);
|
||||
|
||||
// perform upload. Attach csv file and add HTTP parameters for the baseline name and type.
|
||||
MvcResult result = getMockMvc().perform(MockMvcRequestBuilders
|
||||
.fileUpload("/certificate-request/platform-credentials/upload")
|
||||
.multipart("/certificate-request/platform-credentials/upload")
|
||||
.file(nonPcCertFile))
|
||||
.andExpect(status().is3xxRedirection())
|
||||
.andReturn();
|
||||
@ -186,7 +186,7 @@ public class PlatformCredentialsPageControllerTest extends PageControllerTest {
|
||||
|
||||
// verify the cert was not actually stored
|
||||
Set<Certificate> records =
|
||||
certificateManager.get(PlatformCredential.select(certificateManager));
|
||||
certificateService.getCertificate(PlatformCredential.select(certificateService));
|
||||
Assert.assertEquals(records.size(), 0);
|
||||
}
|
||||
|
||||
@ -199,7 +199,7 @@ public class PlatformCredentialsPageControllerTest extends PageControllerTest {
|
||||
public void uploadBadPlatformCert() throws Exception {
|
||||
// perform upload. Attach csv file and add HTTP parameters for the baseline name and type.
|
||||
MvcResult result = getMockMvc().perform(MockMvcRequestBuilders
|
||||
.fileUpload("/certificate-request/platform-credentials/upload")
|
||||
.multipart("/certificate-request/platform-credentials/upload")
|
||||
.file(badCertFile))
|
||||
.andExpect(status().is3xxRedirection())
|
||||
.andReturn();
|
||||
@ -212,7 +212,7 @@ public class PlatformCredentialsPageControllerTest extends PageControllerTest {
|
||||
|
||||
// verify the cert was not actually stored
|
||||
Set<Certificate> records =
|
||||
certificateManager.get(PlatformCredential.select(certificateManager));
|
||||
certificateService.getCertificate(PlatformCredential.select(certificateService));
|
||||
Assert.assertEquals(records.size(), 0);
|
||||
}
|
||||
}
|
||||
|
@ -2,28 +2,25 @@ package hirs.attestationca.portal.page.controllers;
|
||||
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.appraiser.SupplyChainAppraiser;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.persist.AppraiserManager;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.PolicyManager;
|
||||
import org.testng.Assert;
|
||||
import static hirs.attestationca.portal.page.Page.POLICY;
|
||||
|
||||
import hirs.attestationca.portal.page.PageController;
|
||||
import hirs.attestationca.portal.page.PageControllerTest;
|
||||
|
||||
import static org.hamcrest.Matchers.hasItem;
|
||||
import static org.hamcrest.Matchers.hasProperty;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
import hirs.persist.AppraiserManager;
|
||||
import hirs.persist.PolicyManager;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.test.web.servlet.ResultActions;
|
||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
import static hirs.attestationca.portal.page.Page.POLICY;
|
||||
import static org.hamcrest.Matchers.hasItem;
|
||||
import static org.hamcrest.Matchers.hasProperty;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.flash;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.model;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
import hirs.attestationca.portal.page.PageController;
|
||||
|
||||
/**
|
||||
* Integration tests that test the URL End Points of PolicyPageController.
|
||||
@ -36,9 +33,6 @@ public class PolicyPageControllerTest extends PageControllerTest {
|
||||
@Autowired
|
||||
private AppraiserManager appraiserManager;
|
||||
|
||||
@Autowired
|
||||
private DeviceGroupManager groupManager;
|
||||
|
||||
private SupplyChainPolicy policy;
|
||||
|
||||
/**
|
||||
@ -54,12 +48,6 @@ public class PolicyPageControllerTest extends PageControllerTest {
|
||||
*/
|
||||
@BeforeClass
|
||||
public void setUpPolicy() {
|
||||
|
||||
// create default group so that the policy can be applied as a default.
|
||||
if (groupManager.getDeviceGroup(DeviceGroup.DEFAULT_GROUP) == null) {
|
||||
groupManager.saveDeviceGroup(new DeviceGroup(DeviceGroup.DEFAULT_GROUP));
|
||||
}
|
||||
|
||||
appraiserManager.saveAppraiser(new SupplyChainAppraiser());
|
||||
final Appraiser supplyChainAppraiser = appraiserManager.getAppraiser(
|
||||
SupplyChainAppraiser.NAME);
|
||||
|
@ -4,7 +4,7 @@ import hirs.attestationca.portal.page.PageControllerTest;
|
||||
import hirs.attestationca.portal.page.PageMessages;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.CertificateAuthorityCredential;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.service.CertificateService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.core.io.ClassPathResource;
|
||||
import org.springframework.mock.web.MockMultipartFile;
|
||||
@ -21,8 +21,8 @@ import java.io.IOException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.Set;
|
||||
|
||||
import static org.hamcrest.Matchers.hasEntry;
|
||||
import static hirs.attestationca.portal.page.Page.TRUST_CHAIN;
|
||||
import static org.hamcrest.Matchers.hasEntry;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.model;
|
||||
@ -35,7 +35,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
public class TrustChainManagementPageControllerTest extends PageControllerTest {
|
||||
|
||||
@Autowired
|
||||
private CertificateManager certificateManager;
|
||||
private CertificateService certificateService;
|
||||
|
||||
@Autowired
|
||||
private X509Certificate acaCert;
|
||||
@ -156,7 +156,7 @@ public class TrustChainManagementPageControllerTest extends PageControllerTest {
|
||||
private Certificate uploadTestCert() throws Exception {
|
||||
// perform upload. Attach csv file and add HTTP parameters for the baseline name and type.
|
||||
MvcResult result = getMockMvc().perform(MockMvcRequestBuilders
|
||||
.fileUpload("/certificate-request/trust-chain/upload")
|
||||
.multipart("/certificate-request/trust-chain/upload")
|
||||
.file(nonCaCertFile))
|
||||
.andExpect(status().is3xxRedirection())
|
||||
.andReturn();
|
||||
@ -170,7 +170,8 @@ public class TrustChainManagementPageControllerTest extends PageControllerTest {
|
||||
|
||||
// verify the cert was actually stored
|
||||
Set<Certificate> records =
|
||||
certificateManager.get(CertificateAuthorityCredential.select(certificateManager));
|
||||
certificateService.getCertificate(
|
||||
CertificateAuthorityCredential.select(certificateService));
|
||||
Assert.assertEquals(records.size(), 1);
|
||||
|
||||
//Check the cert is not already in the archive
|
||||
@ -187,8 +188,8 @@ public class TrustChainManagementPageControllerTest extends PageControllerTest {
|
||||
.param("id", cert.getId().toString()))
|
||||
.andExpect(status().is3xxRedirection())
|
||||
.andReturn();
|
||||
Set<Certificate> records = certificateManager.get(CertificateAuthorityCredential
|
||||
.select(certificateManager).includeArchived());
|
||||
Set<Certificate> records = certificateService.getCertificate(CertificateAuthorityCredential
|
||||
.select(certificateService).includeArchived());
|
||||
Assert.assertEquals(records.size(), 1);
|
||||
|
||||
Assert.assertTrue(records.iterator().next().isArchived());
|
||||
@ -207,7 +208,7 @@ public class TrustChainManagementPageControllerTest extends PageControllerTest {
|
||||
|
||||
// upload the same certificate again
|
||||
MvcResult result = getMockMvc().perform(MockMvcRequestBuilders
|
||||
.fileUpload("/certificate-request/trust-chain/upload")
|
||||
.multipart("/certificate-request/trust-chain/upload")
|
||||
.file(nonCaCertFile))
|
||||
.andExpect(status().is3xxRedirection())
|
||||
.andReturn();
|
||||
@ -221,8 +222,8 @@ public class TrustChainManagementPageControllerTest extends PageControllerTest {
|
||||
"Pre-existing certificate found and unarchived (" + NONCACERT + "): ");
|
||||
|
||||
// verify the cert can be retrieved without looking at archived certs
|
||||
Set<Certificate> records = certificateManager.get(CertificateAuthorityCredential
|
||||
.select(certificateManager).includeArchived());
|
||||
Set<Certificate> records = certificateService.getCertificate(CertificateAuthorityCredential
|
||||
.select(certificateService).includeArchived());
|
||||
Assert.assertEquals(records.size(), 1);
|
||||
Certificate newCert = records.iterator().next();
|
||||
|
||||
@ -242,7 +243,7 @@ public class TrustChainManagementPageControllerTest extends PageControllerTest {
|
||||
public void uploadBadCaCert() throws Exception {
|
||||
// perform upload. Attach csv file and add HTTP parameters for the baseline name and type.
|
||||
MvcResult result = getMockMvc().perform(MockMvcRequestBuilders
|
||||
.fileUpload("/certificate-request/trust-chain/upload")
|
||||
.multipart("/certificate-request/trust-chain/upload")
|
||||
.file(badCertFile))
|
||||
.andExpect(status().is3xxRedirection())
|
||||
.andReturn();
|
||||
@ -255,7 +256,8 @@ public class TrustChainManagementPageControllerTest extends PageControllerTest {
|
||||
|
||||
// verify the cert was not actually stored
|
||||
Set<Certificate> records =
|
||||
certificateManager.get(CertificateAuthorityCredential.select(certificateManager));
|
||||
certificateService.getCertificate(
|
||||
CertificateAuthorityCredential.select(certificateService));
|
||||
Assert.assertEquals(records.size(), 0);
|
||||
}
|
||||
|
||||
|
@ -1,14 +1,14 @@
|
||||
package hirs.attestationca.portal.page.datatables;
|
||||
|
||||
import hirs.FilteredRecordsList;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.OrderedListQuerier;
|
||||
import hirs.attestationca.portal.datatables.Column;
|
||||
import hirs.attestationca.portal.datatables.DataTableInput;
|
||||
import hirs.attestationca.portal.datatables.Order;
|
||||
import hirs.attestationca.portal.datatables.OrderedListQueryDataTableAdapter;
|
||||
import hirs.attestationca.portal.datatables.Search;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.OrderedQuery;
|
||||
import org.mockito.ArgumentCaptor;
|
||||
import org.mockito.Captor;
|
||||
import org.mockito.Matchers;
|
||||
@ -36,7 +36,7 @@ import static org.mockito.Mockito.when;
|
||||
*/
|
||||
public class OrderedListQueryDataTableAdapterTest {
|
||||
|
||||
private OrderedListQuerier<Device> querier;
|
||||
private OrderedQuery<Device> querier;
|
||||
|
||||
private FilteredRecordsList filteredList;
|
||||
|
||||
@ -54,8 +54,8 @@ public class OrderedListQueryDataTableAdapterTest {
|
||||
// sets up the @Captor
|
||||
MockitoAnnotations.initMocks(this);
|
||||
|
||||
querier = (OrderedListQuerier<Device>)
|
||||
mock(OrderedListQuerier.class);
|
||||
querier = (OrderedQuery<Device>)
|
||||
mock(OrderedQuery .class);
|
||||
|
||||
filteredList = new FilteredRecordsList();
|
||||
|
||||
|
@ -1,6 +1,20 @@
|
||||
package hirs.provisioner.client;
|
||||
|
||||
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
|
||||
import hirs.DeviceInfoReportRequest;
|
||||
import hirs.client.collector.DeviceInfoCollector;
|
||||
import hirs.collector.CollectorException;
|
||||
import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.provisioner.CommandLineArguments;
|
||||
import hirs.structs.converters.SimpleStructBuilder;
|
||||
import hirs.structs.converters.StructConverter;
|
||||
import hirs.structs.elements.aca.IdentityRequestEnvelope;
|
||||
import hirs.structs.elements.aca.IdentityResponseEnvelope;
|
||||
import hirs.structs.elements.tpm.AsymmetricKeyParams;
|
||||
import hirs.structs.elements.tpm.AsymmetricPublicKey;
|
||||
import hirs.structs.elements.tpm.RsaSubParams;
|
||||
import hirs.structs.elements.tpm.StorePubKey;
|
||||
import hirs.tpm.tss.Tpm;
|
||||
import org.apache.commons.lang3.ArrayUtils;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
@ -25,20 +39,6 @@ import java.security.interfaces.RSAPublicKey;
|
||||
import java.security.spec.InvalidKeySpecException;
|
||||
import java.security.spec.X509EncodedKeySpec;
|
||||
import java.util.UUID;
|
||||
import hirs.DeviceInfoReportRequest;
|
||||
import hirs.client.collector.DeviceInfoCollector;
|
||||
import hirs.collector.CollectorException;
|
||||
import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.provisioner.CommandLineArguments;
|
||||
import hirs.structs.converters.SimpleStructBuilder;
|
||||
import hirs.structs.converters.StructConverter;
|
||||
import hirs.structs.elements.aca.IdentityRequestEnvelope;
|
||||
import hirs.structs.elements.aca.IdentityResponseEnvelope;
|
||||
import hirs.structs.elements.tpm.AsymmetricKeyParams;
|
||||
import hirs.structs.elements.tpm.AsymmetricPublicKey;
|
||||
import hirs.structs.elements.tpm.RsaSubParams;
|
||||
import hirs.structs.elements.tpm.StorePubKey;
|
||||
import hirs.tpm.tss.Tpm;
|
||||
|
||||
/**
|
||||
* Client implementation that uses a RestTemplate to communicate
|
||||
@ -176,10 +176,17 @@ public class RestfulClientProvisioner implements ClientProvisioner {
|
||||
RSAPublicKey getACAPublicKey() {
|
||||
// request the public key from the ACA
|
||||
ResponseEntity<byte[]> response = restTemplate.getForEntity(acaPublicKeyURL, byte[].class);
|
||||
X509EncodedKeySpec keySpec;
|
||||
byte[] body = response.getBody();
|
||||
|
||||
try {
|
||||
if (body == null) {
|
||||
throw new ProvisioningException("Encountered error: "
|
||||
+ "ResponseEntity body is null.", null);
|
||||
} else {
|
||||
// use the public key information to create encoded key specification. then create a
|
||||
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(response.getBody());
|
||||
keySpec = new X509EncodedKeySpec(body);
|
||||
}
|
||||
|
||||
// create the public key from that specification
|
||||
return (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(keySpec);
|
||||
|
@ -60,7 +60,7 @@ public class DeviceInfoCollectorTest extends PowerMockTestCase {
|
||||
final int numberOfDmiDecodeCalls = 9;
|
||||
|
||||
// the following two lines assert that collectDmiDecodeValue was called 9 times
|
||||
PowerMockito.verifyStatic(times(numberOfDmiDecodeCalls));
|
||||
PowerMockito.verifyStatic(DeviceInfoCollector.class, times(numberOfDmiDecodeCalls));
|
||||
DeviceInfoCollector.collectDmiDecodeValue(any(OSName.class), anyString());
|
||||
|
||||
Assert.assertNotNull(report.getNetworkInfo());
|
||||
|
@ -1,33 +1,21 @@
|
||||
apply plugin: 'java'
|
||||
apply plugin: 'checkstyle'
|
||||
plugins {
|
||||
id 'java'
|
||||
}
|
||||
|
||||
repositories {
|
||||
mavenCentral()
|
||||
}
|
||||
|
||||
sourceCompatibility = 1.8
|
||||
|
||||
dependencies {
|
||||
compile libs.commons_lang
|
||||
|
||||
testCompile libs.mockito
|
||||
testCompile libs.testng
|
||||
implementation libs.commons.lang
|
||||
testImplementation libs.mockito
|
||||
testImplementation libs.testng
|
||||
}
|
||||
|
||||
ext.configDir = new File(projectDir, 'config')
|
||||
ext.checkstyleConfigDir = "$configDir/checkstyle"
|
||||
|
||||
checkstyle {
|
||||
toolVersion = '5.7'
|
||||
configFile = checkstyleConfigFile
|
||||
configProperties.put('basedir', checkstyleConfigDir)
|
||||
ignoreFailures = false
|
||||
showViolations = true
|
||||
}
|
||||
|
||||
publishing {
|
||||
publications {
|
||||
maven(MavenPublication) {
|
||||
artifactId 'hirs-structs'
|
||||
from components.java
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
@ -1,141 +1,61 @@
|
||||
apply plugin: 'checkstyle'
|
||||
apply plugin: 'eclipse'
|
||||
apply plugin: 'findbugs'
|
||||
apply plugin: 'java'
|
||||
apply plugin: 'jacoco'
|
||||
apply plugin: 'pmd'
|
||||
plugins {
|
||||
id 'eclipse'
|
||||
id 'java'
|
||||
}
|
||||
|
||||
ext.configDir = new File(projectDir, 'config')
|
||||
|
||||
sourceCompatibility = 1.8
|
||||
|
||||
sourceSets {
|
||||
integrationTest {
|
||||
java.srcDir file('src/integration/java')
|
||||
compileClasspath = sourceSets.main.output + sourceSets.test.output + configurations.testRuntime
|
||||
runtimeClasspath = output + compileClasspath
|
||||
}
|
||||
tasks.withType(JavaCompile) {
|
||||
options.release = 11
|
||||
}
|
||||
|
||||
task utilsTestJar(type: Jar) {
|
||||
from sourceSets.test.output
|
||||
repositories {
|
||||
mavenCentral()
|
||||
}
|
||||
|
||||
dependencies {
|
||||
compile libs.gson // required for plugin
|
||||
compile libs.bouncy_castle
|
||||
compile libs.commons_cli
|
||||
compile libs.commons_codec
|
||||
compile libs.commons_csv
|
||||
compile libs.commons_exec
|
||||
compile libs.commons_io
|
||||
compile libs.commons_lang
|
||||
compile libs.commons_http
|
||||
compile libs.commons_valid
|
||||
compile libs.hibernate
|
||||
compile libs.hikari
|
||||
compile libs.jackson
|
||||
compile libs.jadira_usertype
|
||||
compile libs.joda_time
|
||||
compile libs.log4j2
|
||||
compile libs.mariadb
|
||||
compile libs.pci_ids
|
||||
compile libs.reflections
|
||||
compile libs.guava
|
||||
compile libs.spring_core
|
||||
compile libs.spring_retry
|
||||
compile libs.minimal_json
|
||||
compile (libs.xml_rpc_client) {
|
||||
exclude group: 'junit'
|
||||
}
|
||||
compile 'org.jboss.logging:jboss-logging:3.2.0.Final'
|
||||
compile 'org.apache.commons:commons-text:1.9'
|
||||
implementation libs.bouncy.castle
|
||||
implementation libs.checkstyle
|
||||
implementation libs.commons.cli
|
||||
implementation libs.commons.codec
|
||||
implementation libs.commons.csv
|
||||
implementation libs.commons.exec
|
||||
implementation libs.commons.io
|
||||
implementation libs.commons.lang
|
||||
implementation libs.commons.http
|
||||
implementation libs.commons.text
|
||||
implementation libs.commons.valid
|
||||
implementation libs.findbugs
|
||||
implementation libs.gson
|
||||
implementation libs.guava
|
||||
implementation libs.hibernate
|
||||
implementation libs.jackson.databind
|
||||
implementation libs.jadira.usertype
|
||||
implementation libs.javax.annotation
|
||||
implementation libs.jboss.logging
|
||||
implementation libs.joda.time
|
||||
implementation libs.log4j2.core
|
||||
implementation libs.mariadb
|
||||
implementation libs.minimal.json
|
||||
implementation libs.pci.ids
|
||||
implementation libs.reflections
|
||||
implementation libs.spring.core
|
||||
implementation libs.spring.retry
|
||||
implementation libs.spring.plugin
|
||||
implementation libs.xml.rpc.client
|
||||
|
||||
// add spring plugin, but do not pull transitive dependencies (causes conflicts)
|
||||
compile(libs.spring_plugin) {
|
||||
exclude group: "org.springframework"
|
||||
}
|
||||
|
||||
compileOnly libs.checkstyle
|
||||
compileOnly libs.findbugs
|
||||
|
||||
runtime fileTree(dir: 'build/plugins', include: ['*.jar'])
|
||||
|
||||
testCompile libs.spring_test
|
||||
testCompile libs.hsqldb
|
||||
testCompile libs.jcommander
|
||||
testCompile libs.mockito
|
||||
testCompile libs.powermock
|
||||
testCompile libs.testng
|
||||
testCompile libs.checkstyle
|
||||
testCompile libs.findbugs
|
||||
testCompile libs.commons_lang
|
||||
}
|
||||
|
||||
task generateXjcLibrary(type:Exec) {
|
||||
workingDir 'config'
|
||||
|
||||
commandLine './genXjcLibrary.sh'
|
||||
}
|
||||
|
||||
compileJava.dependsOn generateXjcLibrary
|
||||
|
||||
task importBaseline(type:JavaExec) {
|
||||
description 'Imports Baselines into the database'
|
||||
main = "hirs.persist.ImportCLI"
|
||||
if (project.hasProperty("mainArgs") ) {
|
||||
args mainArgs.split()
|
||||
}
|
||||
classpath = sourceSets.main.runtimeClasspath
|
||||
}
|
||||
|
||||
task integrationTest(type: Test) {
|
||||
testClassesDir = sourceSets.integrationTest.output.classesDir
|
||||
classpath = sourceSets.integrationTest.runtimeClasspath
|
||||
testImplementation libs.spring.test
|
||||
testImplementation libs.hsqldb
|
||||
testImplementation libs.jcommander
|
||||
testImplementation libs.mockito
|
||||
testImplementation libs.powermock
|
||||
testImplementation libs.powermock.mockito
|
||||
testImplementation libs.powermock.testng
|
||||
testImplementation libs.testng
|
||||
testImplementation libs.checkstyle
|
||||
testImplementation libs.findbugs
|
||||
testImplementation libs.commons.lang
|
||||
}
|
||||
|
||||
ext.checkstyleConfigDir = "$configDir/checkstyle"
|
||||
|
||||
checkstyle {
|
||||
toolVersion = '8.10.1'
|
||||
configFile = checkstyleConfigFile
|
||||
configProperties.put('basedir', checkstyleConfigDir)
|
||||
ignoreFailures = false
|
||||
showViolations = true
|
||||
}
|
||||
|
||||
ext.findbugsConfigDir = "$configDir/findbugs"
|
||||
|
||||
findbugs {
|
||||
toolVersion = '3.0.0'
|
||||
ignoreFailures = false
|
||||
effort = 'max'
|
||||
excludeFilter = new File(findbugsConfigDir, 'suppressions.xml')
|
||||
}
|
||||
|
||||
pmdMain {
|
||||
exclude '**/xjc/**'
|
||||
}
|
||||
|
||||
jacocoTestReport {
|
||||
reports {
|
||||
xml.enabled true
|
||||
csv.enabled true
|
||||
html.enabled true
|
||||
html.destination "${buildDir}/reports/jacoco/html"
|
||||
}
|
||||
}
|
||||
|
||||
publishing {
|
||||
publications {
|
||||
maven(MavenPublication) {
|
||||
artifactId 'hirs-utils'
|
||||
from components.java
|
||||
}
|
||||
testResources(MavenPublication) {
|
||||
artifactId 'hirs-utils-test'
|
||||
artifact utilsTestJar
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
BIN
HIRS_Utils/gradle/wrapper/gradle-wrapper.jar
vendored
Normal file
BIN
HIRS_Utils/gradle/wrapper/gradle-wrapper.jar
vendored
Normal file
Binary file not shown.
5
HIRS_Utils/gradle/wrapper/gradle-wrapper.properties
vendored
Normal file
5
HIRS_Utils/gradle/wrapper/gradle-wrapper.properties
vendored
Normal file
@ -0,0 +1,5 @@
|
||||
distributionBase=GRADLE_USER_HOME
|
||||
distributionPath=wrapper/dists
|
||||
distributionUrl=https\://services.gradle.org/distributions/gradle-7.5.1-bin.zip
|
||||
zipStoreBase=GRADLE_USER_HOME
|
||||
zipStorePath=wrapper/dists
|
240
HIRS_Utils/gradlew
vendored
Executable file
240
HIRS_Utils/gradlew
vendored
Executable file
@ -0,0 +1,240 @@
|
||||
#!/bin/sh
|
||||
|
||||
#
|
||||
# Copyright © 2015-2021 the original authors.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
##############################################################################
|
||||
#
|
||||
# Gradle start up script for POSIX generated by Gradle.
|
||||
#
|
||||
# Important for running:
|
||||
#
|
||||
# (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is
|
||||
# noncompliant, but you have some other compliant shell such as ksh or
|
||||
# bash, then to run this script, type that shell name before the whole
|
||||
# command line, like:
|
||||
#
|
||||
# ksh Gradle
|
||||
#
|
||||
# Busybox and similar reduced shells will NOT work, because this script
|
||||
# requires all of these POSIX shell features:
|
||||
# * functions;
|
||||
# * expansions «$var», «${var}», «${var:-default}», «${var+SET}»,
|
||||
# «${var#prefix}», «${var%suffix}», and «$( cmd )»;
|
||||
# * compound commands having a testable exit status, especially «case»;
|
||||
# * various built-in commands including «command», «set», and «ulimit».
|
||||
#
|
||||
# Important for patching:
|
||||
#
|
||||
# (2) This script targets any POSIX shell, so it avoids extensions provided
|
||||
# by Bash, Ksh, etc; in particular arrays are avoided.
|
||||
#
|
||||
# The "traditional" practice of packing multiple parameters into a
|
||||
# space-separated string is a well documented source of bugs and security
|
||||
# problems, so this is (mostly) avoided, by progressively accumulating
|
||||
# options in "$@", and eventually passing that to Java.
|
||||
#
|
||||
# Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS,
|
||||
# and GRADLE_OPTS) rely on word-splitting, this is performed explicitly;
|
||||
# see the in-line comments for details.
|
||||
#
|
||||
# There are tweaks for specific operating systems such as AIX, CygWin,
|
||||
# Darwin, MinGW, and NonStop.
|
||||
#
|
||||
# (3) This script is generated from the Groovy template
|
||||
# https://github.com/gradle/gradle/blob/master/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
|
||||
# within the Gradle project.
|
||||
#
|
||||
# You can find Gradle at https://github.com/gradle/gradle/.
|
||||
#
|
||||
##############################################################################
|
||||
|
||||
# Attempt to set APP_HOME
|
||||
|
||||
# Resolve links: $0 may be a link
|
||||
app_path=$0
|
||||
|
||||
# Need this for daisy-chained symlinks.
|
||||
while
|
||||
APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path
|
||||
[ -h "$app_path" ]
|
||||
do
|
||||
ls=$( ls -ld "$app_path" )
|
||||
link=${ls#*' -> '}
|
||||
case $link in #(
|
||||
/*) app_path=$link ;; #(
|
||||
*) app_path=$APP_HOME$link ;;
|
||||
esac
|
||||
done
|
||||
|
||||
APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit
|
||||
|
||||
APP_NAME="Gradle"
|
||||
APP_BASE_NAME=${0##*/}
|
||||
|
||||
# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
|
||||
DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
|
||||
|
||||
# Use the maximum available, or set MAX_FD != -1 to use that value.
|
||||
MAX_FD=maximum
|
||||
|
||||
warn () {
|
||||
echo "$*"
|
||||
} >&2
|
||||
|
||||
die () {
|
||||
echo
|
||||
echo "$*"
|
||||
echo
|
||||
exit 1
|
||||
} >&2
|
||||
|
||||
# OS specific support (must be 'true' or 'false').
|
||||
cygwin=false
|
||||
msys=false
|
||||
darwin=false
|
||||
nonstop=false
|
||||
case "$( uname )" in #(
|
||||
CYGWIN* ) cygwin=true ;; #(
|
||||
Darwin* ) darwin=true ;; #(
|
||||
MSYS* | MINGW* ) msys=true ;; #(
|
||||
NONSTOP* ) nonstop=true ;;
|
||||
esac
|
||||
|
||||
CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
|
||||
|
||||
|
||||
# Determine the Java command to use to start the JVM.
|
||||
if [ -n "$JAVA_HOME" ] ; then
|
||||
if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
|
||||
# IBM's JDK on AIX uses strange locations for the executables
|
||||
JAVACMD=$JAVA_HOME/jre/sh/java
|
||||
else
|
||||
JAVACMD=$JAVA_HOME/bin/java
|
||||
fi
|
||||
if [ ! -x "$JAVACMD" ] ; then
|
||||
die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
|
||||
|
||||
Please set the JAVA_HOME variable in your environment to match the
|
||||
location of your Java installation."
|
||||
fi
|
||||
else
|
||||
JAVACMD=java
|
||||
which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
|
||||
|
||||
Please set the JAVA_HOME variable in your environment to match the
|
||||
location of your Java installation."
|
||||
fi
|
||||
|
||||
# Increase the maximum file descriptors if we can.
|
||||
if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
|
||||
case $MAX_FD in #(
|
||||
max*)
|
||||
MAX_FD=$( ulimit -H -n ) ||
|
||||
warn "Could not query maximum file descriptor limit"
|
||||
esac
|
||||
case $MAX_FD in #(
|
||||
'' | soft) :;; #(
|
||||
*)
|
||||
ulimit -n "$MAX_FD" ||
|
||||
warn "Could not set maximum file descriptor limit to $MAX_FD"
|
||||
esac
|
||||
fi
|
||||
|
||||
# Collect all arguments for the java command, stacking in reverse order:
|
||||
# * args from the command line
|
||||
# * the main class name
|
||||
# * -classpath
|
||||
# * -D...appname settings
|
||||
# * --module-path (only if needed)
|
||||
# * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables.
|
||||
|
||||
# For Cygwin or MSYS, switch paths to Windows format before running java
|
||||
if "$cygwin" || "$msys" ; then
|
||||
APP_HOME=$( cygpath --path --mixed "$APP_HOME" )
|
||||
CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" )
|
||||
|
||||
JAVACMD=$( cygpath --unix "$JAVACMD" )
|
||||
|
||||
# Now convert the arguments - kludge to limit ourselves to /bin/sh
|
||||
for arg do
|
||||
if
|
||||
case $arg in #(
|
||||
-*) false ;; # don't mess with options #(
|
||||
/?*) t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath
|
||||
[ -e "$t" ] ;; #(
|
||||
*) false ;;
|
||||
esac
|
||||
then
|
||||
arg=$( cygpath --path --ignore --mixed "$arg" )
|
||||
fi
|
||||
# Roll the args list around exactly as many times as the number of
|
||||
# args, so each arg winds up back in the position where it started, but
|
||||
# possibly modified.
|
||||
#
|
||||
# NB: a `for` loop captures its iteration list before it begins, so
|
||||
# changing the positional parameters here affects neither the number of
|
||||
# iterations, nor the values presented in `arg`.
|
||||
shift # remove old arg
|
||||
set -- "$@" "$arg" # push replacement arg
|
||||
done
|
||||
fi
|
||||
|
||||
# Collect all arguments for the java command;
|
||||
# * $DEFAULT_JVM_OPTS, $JAVA_OPTS, and $GRADLE_OPTS can contain fragments of
|
||||
# shell script including quotes and variable substitutions, so put them in
|
||||
# double quotes to make sure that they get re-expanded; and
|
||||
# * put everything else in single quotes, so that it's not re-expanded.
|
||||
|
||||
set -- \
|
||||
"-Dorg.gradle.appname=$APP_BASE_NAME" \
|
||||
-classpath "$CLASSPATH" \
|
||||
org.gradle.wrapper.GradleWrapperMain \
|
||||
"$@"
|
||||
|
||||
# Stop when "xargs" is not available.
|
||||
if ! command -v xargs >/dev/null 2>&1
|
||||
then
|
||||
die "xargs is not available"
|
||||
fi
|
||||
|
||||
# Use "xargs" to parse quoted args.
|
||||
#
|
||||
# With -n1 it outputs one arg per line, with the quotes and backslashes removed.
|
||||
#
|
||||
# In Bash we could simply go:
|
||||
#
|
||||
# readarray ARGS < <( xargs -n1 <<<"$var" ) &&
|
||||
# set -- "${ARGS[@]}" "$@"
|
||||
#
|
||||
# but POSIX shell has neither arrays nor command substitution, so instead we
|
||||
# post-process each arg (as a line of input to sed) to backslash-escape any
|
||||
# character that might be a shell metacharacter, then use eval to reverse
|
||||
# that process (while maintaining the separation between arguments), and wrap
|
||||
# the whole thing up as a single "set" statement.
|
||||
#
|
||||
# This will of course break if any of these variables contains a newline or
|
||||
# an unmatched quote.
|
||||
#
|
||||
|
||||
eval "set -- $(
|
||||
printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" |
|
||||
xargs -n1 |
|
||||
sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' |
|
||||
tr '\n' ' '
|
||||
)" '"$@"'
|
||||
|
||||
exec "$JAVACMD" "$@"
|
@ -1,15 +1,17 @@
|
||||
package integration.hirs.repository.spacewalk;
|
||||
|
||||
import hirs.persist.PersistenceConfiguration;
|
||||
import hirs.persist.RepositoryManager;
|
||||
import hirs.repository.RepositoryException;
|
||||
import hirs.repository.RepositoryUpdateService;
|
||||
import hirs.repository.spacewalk.Credentials;
|
||||
import hirs.repository.spacewalk.SpacewalkChannel;
|
||||
import hirs.repository.spacewalk.SpacewalkChannelRepository;
|
||||
import hirs.repository.spacewalk.SpacewalkService;
|
||||
import hirs.repository.spacewalk.SpacewalkException;
|
||||
import hirs.repository.spacewalk.SpacewalkPackage;
|
||||
import hirs.repository.spacewalk.SpacewalkService;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.net.MalformedURLException;
|
||||
@ -17,10 +19,6 @@ import java.net.URL;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
|
||||
|
||||
/**
|
||||
* Console tester application that exercises the SpacewalkService test by connecting to a real
|
||||
* Spacewalk instance with username / password.
|
||||
@ -72,7 +70,7 @@ public final class SpacewalkServiceConsoleTester {
|
||||
|
||||
private static void loadBeansFromSpringContext() {
|
||||
AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext();
|
||||
context.register(PersistenceConfiguration.class);
|
||||
// context.register(null);
|
||||
context.refresh();
|
||||
|
||||
// register a shutdown hook such that components are properly shutdown when JVM is closing
|
||||
|
@ -1,52 +0,0 @@
|
||||
package hirs;
|
||||
|
||||
import com.fasterxml.jackson.core.JsonGenerator;
|
||||
import com.fasterxml.jackson.databind.JsonSerializer;
|
||||
import com.fasterxml.jackson.databind.SerializerProvider;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Date;
|
||||
|
||||
/**
|
||||
* Serializes <code>DeviceGroup</code> data for Json to process.
|
||||
*/
|
||||
public class DeviceGroupSerializer extends JsonSerializer<DeviceGroup> {
|
||||
|
||||
@Override
|
||||
public void serialize(final DeviceGroup value, final JsonGenerator gen,
|
||||
final SerializerProvider serializers) throws IOException {
|
||||
gen.writeStartObject();
|
||||
if (value.getId() != null) {
|
||||
gen.writeStringField("id", value.getId().toString());
|
||||
} else {
|
||||
gen.writeNullField("id");
|
||||
}
|
||||
gen.writeNumberField("createTime", value.getCreateTime().getTime());
|
||||
Date archivedTime = value.getArchivedTime();
|
||||
if (archivedTime != null) {
|
||||
gen.writeNumberField("archivedTime", archivedTime.getTime());
|
||||
} else {
|
||||
gen.writeNullField("archivedTime");
|
||||
}
|
||||
gen.writeStringField("archivedDescription", value.getArchivedDescription());
|
||||
gen.writeStringField("name", value.getName());
|
||||
gen.writeStringField("description", value.getDescription());
|
||||
gen.writeNumberField("periodicReportDelayThreshold",
|
||||
value.getPeriodicReportDelayThreshold());
|
||||
gen.writeBooleanField("enablePeriodicReportDelayAlert",
|
||||
value.isEnablePeriodicReportDelayAlert());
|
||||
gen.writeNumberField("onDemandReportDelayThreshold",
|
||||
value.getOnDemandReportDelayThreshold());
|
||||
gen.writeBooleanField("enableOnDemandReportDelayAlert",
|
||||
value.isEnableOnDemandReportDelayAlert());
|
||||
gen.writeBooleanField("waitForAppraisalCompletionEnabled",
|
||||
value.isWaitForAppraisalCompletionEnabled());
|
||||
gen.writeObjectField("scheduledJobInfo", value.getScheduledJobInfo());
|
||||
gen.writeNumberField("numberOfDevices", value.getNumberOfDevices());
|
||||
gen.writeNumberField("numberOfTrustedDevices", value.getNumberOfTrustedDevices());
|
||||
gen.writeStringField("healthStatus", value.getHealthStatus().toString());
|
||||
gen.writeBooleanField("archived", value.isArchived());
|
||||
gen.writeEndObject();
|
||||
}
|
||||
}
|
@ -1,102 +0,0 @@
|
||||
package hirs;
|
||||
|
||||
import static org.apache.logging.log4j.LogManager.getLogger;
|
||||
import hirs.data.persist.IMAReport;
|
||||
import hirs.data.persist.Report;
|
||||
|
||||
import javax.xml.bind.annotation.XmlElement;
|
||||
|
||||
import org.apache.logging.log4j.Logger;
|
||||
|
||||
/**
|
||||
* <code>IMAReportRequest</code> is an immutable class and extends
|
||||
* <code>ReportRequest</code> to specify parameters which define
|
||||
* the composition of the IMA report to be generated by the client.
|
||||
* For example, <code>IMAReportRequest</code> specifies whether a full IMA
|
||||
* report should be generated and submitted for appraisal or whether a delta
|
||||
* report (containing new entries since last full report) should be generated
|
||||
* and submitted. If a delta report is being requested, then an index must be
|
||||
* provided which is used to inform the client which subset of measurements
|
||||
* to include in the report.
|
||||
*/
|
||||
public final class IMAReportRequest implements ReportRequest {
|
||||
|
||||
private static final Logger LOGGER = getLogger(IMAReportRequest.class);
|
||||
|
||||
@XmlElement
|
||||
private final String bootcycleId;
|
||||
|
||||
@XmlElement
|
||||
private final int index;
|
||||
|
||||
/**
|
||||
* Default constructor required to enable marshalling and unmarshalling
|
||||
* to/from xml.
|
||||
*/
|
||||
public IMAReportRequest() {
|
||||
this(null, 0);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a new <code>IMAReportRequest</code>. The boot-cycle ID and index
|
||||
* are set. The boot-cycle ID may be null to indicate that it is unknown by
|
||||
* the appraiser and a full report should be sent. The index is the index of
|
||||
* the new IMA record to send. An index of zero indicates a full report
|
||||
* should be sent.
|
||||
* <p>
|
||||
* If the boot-cycle is null then the index must be zero. Otherwise an
|
||||
* <code>IllegalArgumentException</code> is thrown.
|
||||
*
|
||||
* @param bootcycleId
|
||||
* boot-cycle ID
|
||||
* @param i
|
||||
* value to use as IMA index
|
||||
*/
|
||||
public IMAReportRequest(final String bootcycleId, final int i) {
|
||||
LOGGER.debug("Entering constructor");
|
||||
if (i >= 0) {
|
||||
index = i;
|
||||
} else {
|
||||
String msg = "Cannot init IMAReportRequest with index less than 0";
|
||||
LOGGER.error(msg);
|
||||
throw new IllegalArgumentException(msg);
|
||||
}
|
||||
if (bootcycleId == null && i != 0) {
|
||||
String msg = "null boot-cycle ID must have index of 0";
|
||||
LOGGER.error(msg);
|
||||
throw new IllegalArgumentException(msg);
|
||||
}
|
||||
this.bootcycleId = bootcycleId;
|
||||
LOGGER.debug("Exiting constructor");
|
||||
}
|
||||
|
||||
@Override
|
||||
public Class<? extends Report> getReportType() {
|
||||
return IMAReport.class;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the boot-cycle ID. This is the last boot-cycle ID that was saved
|
||||
* by the appraiser. If this is null or different than the boot-cycle ID for
|
||||
* the collector then a full report shall be sent.
|
||||
*
|
||||
* @return boot-cycle ID
|
||||
*/
|
||||
public String getBootcycleId() {
|
||||
return bootcycleId;
|
||||
}
|
||||
|
||||
/**
|
||||
* Method returns the IMA index.
|
||||
* @return index used to specify start location of measurement entries to
|
||||
* include in IMA report
|
||||
*/
|
||||
public int getIMAIndex() {
|
||||
return index;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return String.format("(%s, %d)", bootcycleId, index);
|
||||
}
|
||||
}
|
@ -1,22 +1,20 @@
|
||||
package hirs;
|
||||
|
||||
import static org.apache.logging.log4j.LogManager.getLogger;
|
||||
|
||||
import hirs.data.persist.IntegrityReport;
|
||||
import hirs.data.persist.Report;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
|
||||
import javax.xml.bind.annotation.XmlAccessType;
|
||||
import javax.xml.bind.annotation.XmlAccessorType;
|
||||
import javax.xml.bind.annotation.XmlElement;
|
||||
import javax.xml.bind.annotation.XmlRootElement;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.Comparator;
|
||||
import java.util.List;
|
||||
|
||||
import javax.xml.bind.annotation.XmlAccessType;
|
||||
import javax.xml.bind.annotation.XmlAccessorType;
|
||||
import javax.xml.bind.annotation.XmlElement;
|
||||
import javax.xml.bind.annotation.XmlRootElement;
|
||||
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import static org.apache.logging.log4j.LogManager.getLogger;
|
||||
|
||||
/**
|
||||
* <code>IntegrityReportRequest</code> is used to manage the request of specific
|
||||
@ -42,8 +40,7 @@ public class IntegrityReportRequest implements ReportRequest {
|
||||
Collections.unmodifiableList(Arrays.asList(
|
||||
IntegrityReportRequest.class,
|
||||
DeviceInfoReportRequest.class,
|
||||
TPMReportRequest.class,
|
||||
IMAReportRequest.class
|
||||
TPMReportRequest.class
|
||||
));
|
||||
|
||||
/**
|
||||
|
@ -15,7 +15,7 @@ import javax.xml.bind.annotation.XmlTransient;
|
||||
* client and submitted to the <code>Appraiser</code> for processing.
|
||||
*/
|
||||
@XmlTransient
|
||||
@XmlSeeAlso(value = { IntegrityReportRequest.class, TPMReportRequest.class, IMAReportRequest.class,
|
||||
@XmlSeeAlso(value = { IntegrityReportRequest.class, TPMReportRequest.class,
|
||||
DeviceInfoReportRequest.class })
|
||||
public interface ReportRequest {
|
||||
|
||||
|
@ -1,151 +0,0 @@
|
||||
package hirs.alert;
|
||||
|
||||
import hirs.alert.resolve.AddToIMABaselineAlertResolver;
|
||||
import hirs.alert.resolve.AddToTPMBaselineAlertResolver;
|
||||
import hirs.alert.resolve.AlertResolver;
|
||||
import hirs.alert.resolve.IgnoreAlertResolver;
|
||||
import hirs.alert.resolve.RemoveFromIMABaselineAlertResolver;
|
||||
import hirs.alert.resolve.RemoveFromTPMBaselineAlertResolver;
|
||||
import hirs.alert.resolve.RequestNewReportAlertResolver;
|
||||
import hirs.data.persist.baseline.Baseline;
|
||||
import hirs.data.persist.baseline.SimpleImaBaseline;
|
||||
import hirs.data.persist.baseline.TpmWhiteListBaseline;
|
||||
|
||||
/**
|
||||
* Specifies actions that can be taken to resolve an Alert.
|
||||
*/
|
||||
public enum AlertResolutionAction {
|
||||
|
||||
/**
|
||||
* Take no action.
|
||||
*/
|
||||
NONE("No action taken"),
|
||||
/**
|
||||
* Ignore the given alert or alerts.
|
||||
*/
|
||||
IGNORE("Ignored Once", IgnoreAlertResolver.class),
|
||||
/**
|
||||
* Add the referenced IMA record to a baseline.
|
||||
*/
|
||||
ADD_TO_IMA_BASELINE("Added to IMA Baseline", AddToIMABaselineAlertResolver.class,
|
||||
SimpleImaBaseline.class),
|
||||
/**
|
||||
* Remove the referenced IMA record from any baselines it can be found in.
|
||||
*/
|
||||
REMOVE_FROM_IMA_BASELINE("Removed from IMA Baseline", RemoveFromIMABaselineAlertResolver.class,
|
||||
SimpleImaBaseline.class),
|
||||
/**
|
||||
* Add the referenced TPM record to a baseline.
|
||||
*/
|
||||
ADD_TO_TPM_BASELINE("Added to TPM baseline", AddToTPMBaselineAlertResolver.class,
|
||||
TpmWhiteListBaseline.class),
|
||||
/**
|
||||
* Remove the referenced TPM record from any baselines it can be found in.
|
||||
*/
|
||||
REMOVE_FROM_TPM_BASELINE("Removed from TPM Baseline", RemoveFromTPMBaselineAlertResolver.class,
|
||||
TpmWhiteListBaseline.class),
|
||||
/**
|
||||
* Request a new report.
|
||||
*/
|
||||
REQUEST_NEW_REPORT("Requested new report.", RequestNewReportAlertResolver.class);
|
||||
|
||||
private final String defaultReason;
|
||||
private final Class<? extends AlertResolver> alertResolver;
|
||||
private final Class<? extends Baseline> baselineType;
|
||||
|
||||
/**
|
||||
* Construct a new AlertResolutionAction with a reason the alert has been resolved, the class
|
||||
* that can perform the resolution, and the class of baseline operated on by this resolution.
|
||||
*
|
||||
* @param defaultReason the reason an alert can be considered resolved as a result of this
|
||||
* action
|
||||
* @param alertResolver the class that will perform the resolution action
|
||||
* @param baselineType the type of baseline operated on by this resolution action
|
||||
*/
|
||||
AlertResolutionAction(final String defaultReason,
|
||||
final Class<? extends AlertResolver> alertResolver,
|
||||
final Class<? extends Baseline> baselineType) {
|
||||
this.defaultReason = defaultReason;
|
||||
this.alertResolver = alertResolver;
|
||||
this.baselineType = baselineType;
|
||||
}
|
||||
|
||||
/**
|
||||
* Construct a new AlertResolutionAction with a reason the alert has been resolved and the class
|
||||
* that can perform the resolution.
|
||||
*
|
||||
* @param defaultReason the reason an alert can be considered resolved as a result of this
|
||||
* action
|
||||
* @param alertResolver the class that will perform the resolution action
|
||||
*/
|
||||
AlertResolutionAction(final String defaultReason,
|
||||
final Class<? extends AlertResolver> alertResolver) {
|
||||
this.defaultReason = defaultReason;
|
||||
this.baselineType = null;
|
||||
this.alertResolver = alertResolver;
|
||||
}
|
||||
|
||||
/**
|
||||
* Construct a new AlertResolutionAction with a reason the alert has been resolved.
|
||||
*
|
||||
* @param defaultReason the reason an alert can be considered resolved as a result of this
|
||||
* action
|
||||
*/
|
||||
AlertResolutionAction(final String defaultReason) {
|
||||
this.defaultReason = defaultReason;
|
||||
this.baselineType = null;
|
||||
this.alertResolver = null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a string containing a generic reason for the resolution if not provided by the user.
|
||||
*
|
||||
* @return string containing a generic reason for the resolution
|
||||
*/
|
||||
public String getDefaultReason() {
|
||||
return defaultReason;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the AlertResolver class for the action.
|
||||
*
|
||||
* @return the AlertResolver class for the action
|
||||
*/
|
||||
public Class<? extends AlertResolver> getAlertResolver() {
|
||||
return alertResolver;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the appropriate {@link Baseline} class for the action or null if the action does not
|
||||
* involve a baseline.
|
||||
*
|
||||
* @return the appropriate {@link Baseline} class for the action
|
||||
*/
|
||||
public Class<? extends Baseline> getBaselineType() {
|
||||
return baselineType;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns true if the resolution modifies a Baseline.
|
||||
*
|
||||
* @return true if the resolution modifies a Baseline
|
||||
*/
|
||||
public boolean isBaselineResolution() {
|
||||
return baselineType != null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns true if the resolution can resolve the specified Baseline.
|
||||
*
|
||||
* @param baseline the Baseline to test
|
||||
* @return true if the resolution can resolve the specified Baseline.
|
||||
*/
|
||||
public boolean canResolve(final Baseline baseline) {
|
||||
if (baseline == null || baselineType == null) {
|
||||
return false;
|
||||
} else {
|
||||
return baselineType.isAssignableFrom(baseline.getClass());
|
||||
}
|
||||
}
|
||||
|
||||
}
|
@ -1,84 +0,0 @@
|
||||
package hirs.alert;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonAutoDetect;
|
||||
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* A serializable response for a possible alert resolution option.
|
||||
*/
|
||||
@SuppressFBWarnings("URF_UNREAD_FIELD")
|
||||
@JsonAutoDetect(fieldVisibility = JsonAutoDetect.Visibility.ANY)
|
||||
public class AlertResolutionOption {
|
||||
|
||||
// the operation that will be attempted if this option is executed
|
||||
private final AlertResolutionAction action;
|
||||
|
||||
// why the chosen option is provided
|
||||
private final String reason;
|
||||
|
||||
// the names of the baselines that can be affected by this option
|
||||
private List<String> whitelistNames;
|
||||
private List<String> requiredSetNames;
|
||||
private List<String> ignoreSetNames;
|
||||
private List<String> tpmBaselineNames;
|
||||
|
||||
/**
|
||||
* Create a new <code>AlertResolutionOption</code>.
|
||||
*
|
||||
* @param action to take if this option is chosen
|
||||
* @param reason why the chosen option is provided
|
||||
*/
|
||||
public AlertResolutionOption(final AlertResolutionAction action, final String reason) {
|
||||
this.action = action;
|
||||
this.reason = reason;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the names of whitelists that can be edited by choosing this option.
|
||||
*
|
||||
* @param whitelistNames that can be edited
|
||||
*/
|
||||
public void setWhitelistNames(final List<String> whitelistNames) {
|
||||
this.whitelistNames = whitelistNames;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the names of required sets that can be edited by choosing this option.
|
||||
*
|
||||
* @param requiredSetNames that can be edited
|
||||
*/
|
||||
public void setRequiredSetNames(final List<String> requiredSetNames) {
|
||||
this.requiredSetNames = requiredSetNames;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the names of ignore sets that can be edited by choosing this option.
|
||||
*
|
||||
* @param ignoreSetNames that can be edited
|
||||
*/
|
||||
public void setIgnoreSetNames(final List<String> ignoreSetNames) {
|
||||
this.ignoreSetNames = ignoreSetNames;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the names of TPM baselines that can be edited by choosing this option.
|
||||
*
|
||||
* @param tpmBaselineNames that can be edited
|
||||
*/
|
||||
public void setTpmBaselineNames(final List<String> tpmBaselineNames) {
|
||||
this.tpmBaselineNames = tpmBaselineNames;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if the specified action matches this option's action.
|
||||
*
|
||||
* @param action the action to check
|
||||
* @return true if the specified action matches this option's action
|
||||
*/
|
||||
public boolean hasAction(final AlertResolutionAction action) {
|
||||
return action == this.action;
|
||||
}
|
||||
|
||||
}
|
@ -1,65 +0,0 @@
|
||||
package hirs.alert;
|
||||
|
||||
import hirs.data.persist.Alert;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* Describes a resolution for an alert as specified by a user.
|
||||
*/
|
||||
public class AlertResolutionRequest {
|
||||
|
||||
private final List<Alert> alerts;
|
||||
private final AlertResolutionAction action;
|
||||
private final String baselineName;
|
||||
private final String reason;
|
||||
|
||||
/**
|
||||
* Constructor for AlertResolutionRequest.
|
||||
* @param alerts the alerts being resolved
|
||||
* @param action the action to take for resolving the alerts
|
||||
* @param baselineName the baseline
|
||||
* @param reason the reason for taking the action
|
||||
*/
|
||||
public AlertResolutionRequest(final List<Alert> alerts, final AlertResolutionAction action,
|
||||
final String baselineName, final String reason) {
|
||||
this.alerts = alerts;
|
||||
this.action = action;
|
||||
this.baselineName = baselineName;
|
||||
this.reason = reason;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets an unmodifiable List of the alerts.
|
||||
* @return an unmodifiable List of the alerts
|
||||
*/
|
||||
public List<Alert> getAlerts() {
|
||||
return Collections.unmodifiableList(alerts);
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the action being taken for the alerts.
|
||||
* @return the action being taken for the alerts
|
||||
*/
|
||||
public AlertResolutionAction getAction() {
|
||||
return action;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the name of the baseline.
|
||||
* @return the name of the baseline
|
||||
*/
|
||||
public String getBaselineName() {
|
||||
return baselineName;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the reason for taking the action.
|
||||
* @return the reason for taking the action
|
||||
*/
|
||||
public String getReason() {
|
||||
return reason;
|
||||
}
|
||||
|
||||
}
|
@ -1,368 +0,0 @@
|
||||
package hirs.alert;
|
||||
|
||||
import hirs.alert.resolve.AlertResolver;
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.appraiser.IMAAppraiser;
|
||||
import hirs.appraiser.TPMAppraiser;
|
||||
import hirs.data.persist.Alert;
|
||||
import hirs.alert.resolve.AlertResolverFactory;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.IMAPolicy;
|
||||
import hirs.data.persist.baseline.ImaAcceptableRecordBaseline;
|
||||
import hirs.data.persist.baseline.ImaBaseline;
|
||||
import hirs.data.persist.baseline.ImaIgnoreSetBaseline;
|
||||
import hirs.data.persist.baseline.TPMBaseline;
|
||||
import hirs.data.persist.TPMPolicy;
|
||||
import hirs.data.persist.baseline.TpmWhiteListBaseline;
|
||||
import hirs.data.persist.enums.AlertSource;
|
||||
import hirs.data.persist.enums.AlertType;
|
||||
import hirs.persist.AppraiserManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.persist.PolicyManager;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import hirs.persist.AlertManager;
|
||||
import hirs.persist.BaselineManager;
|
||||
import hirs.persist.DeviceHealthManager;
|
||||
import hirs.persist.ImaBaselineRecordManager;
|
||||
|
||||
/**
|
||||
* A service to resolve {@link Alert}s that are no longer problematic. Determines the possible
|
||||
* actions that can be taken given a specific set of alerts and takes those actions.
|
||||
*/
|
||||
@Service
|
||||
public class AlertResolutionService {
|
||||
|
||||
private static final Logger LOGGER = LogManager.getLogger(AlertResolutionService.class);
|
||||
|
||||
@Autowired
|
||||
private DeviceManager deviceManager;
|
||||
|
||||
@Autowired
|
||||
private AppraiserManager appraiserManager;
|
||||
|
||||
@Autowired
|
||||
private PolicyManager policyManager;
|
||||
|
||||
@Autowired
|
||||
private AlertManager alertManager;
|
||||
|
||||
@Autowired
|
||||
private DeviceHealthManager deviceHealthManager;
|
||||
|
||||
@Autowired
|
||||
private BaselineManager baselineManager;
|
||||
|
||||
@Autowired
|
||||
private ImaBaselineRecordManager imaBaselineRecordManager;
|
||||
|
||||
@Autowired
|
||||
private AlertResolverFactory alertResolverFactory;
|
||||
|
||||
/**
|
||||
* This method will evaluate alerts and provide potentially useful
|
||||
* <code>AlertResolutionOption</code>s for resolution.
|
||||
*
|
||||
* @param alerts alerts to be evaluated for resolution
|
||||
* @return
|
||||
* Returns a list of <code>AlertResolutionOption</code>s based on the source,
|
||||
* type, and associated policy of the given alerts
|
||||
*/
|
||||
public List<AlertResolutionOption> getResolutionOptions(final List<Alert> alerts) {
|
||||
|
||||
// find cases where ignoring is the only option, such as nonexistent devices or groups,
|
||||
// multiple alert sources, or multiple device groups
|
||||
List<AlertResolutionOption> options = getIgnoreOnlyOptions(alerts);
|
||||
if (!options.isEmpty()) {
|
||||
return options;
|
||||
}
|
||||
|
||||
// now the alert sources and the device groups of the referenced devices should all be
|
||||
// the same, so take them from the first alert
|
||||
DeviceGroup deviceGroup = deviceManager.getDevice(alerts.get(0).getDeviceName())
|
||||
.getDeviceGroup();
|
||||
AlertSource source = alerts.get(0).getSource();
|
||||
|
||||
// build a list of resolution options specific to the alert source
|
||||
LOGGER.debug(String.format("source of alerts is %s", source.toString()));
|
||||
switch (source) {
|
||||
case IMA_APPRAISER:
|
||||
return getImaResolutionOptions(alerts, deviceGroup);
|
||||
case TPM_APPRAISER:
|
||||
return getTpmResolutionOptions(alerts, deviceGroup);
|
||||
// only the default options are supported for all other alerts
|
||||
default:
|
||||
return getDefaultOptions(alerts);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the given alerts support any actions besides ignoring. This will be the case if
|
||||
* one of the following is true:
|
||||
* <ul>
|
||||
* <li>Any of the alerts has a null device or nonexistent device name</li>
|
||||
* <li>Any of the alerts references a device with a null group</li>
|
||||
* <li>Any two alerts have different sources</li>
|
||||
* <li>Any two alerts have different device groups (and thus different policies)</li>
|
||||
* </ul>
|
||||
*
|
||||
* @param alerts the list of alerts to check
|
||||
* @return a list with an ignore option or an empty list if there might be more options
|
||||
*/
|
||||
private List<AlertResolutionOption> getIgnoreOnlyOptions(final List<Alert> alerts) {
|
||||
|
||||
List<AlertResolutionOption> options = new ArrayList<>();
|
||||
Device device = null;
|
||||
AlertSource sharedSource = null;
|
||||
AlertSource currentSource = null;
|
||||
DeviceGroup sharedDeviceGroup = null;
|
||||
DeviceGroup currentDeviceGroup = null;
|
||||
|
||||
for (Alert alert : alerts) {
|
||||
|
||||
// the device might be null if the report was malformed
|
||||
device = deviceManager.getDevice(alert.getDeviceName());
|
||||
if (device == null) {
|
||||
options.add(new AlertResolutionOption(
|
||||
AlertResolutionAction.IGNORE,
|
||||
"One or more alerts reference a nonexistent device."));
|
||||
return options;
|
||||
}
|
||||
|
||||
// the device group shouldn't be null, but we should check it
|
||||
currentDeviceGroup = device.getDeviceGroup();
|
||||
if (currentDeviceGroup == null) {
|
||||
options.add(new AlertResolutionOption(
|
||||
AlertResolutionAction.IGNORE,
|
||||
"One or more alerts reference a device with a nonexistent group."));
|
||||
return options;
|
||||
}
|
||||
|
||||
currentSource = alert.getSource();
|
||||
if (currentSource == null) {
|
||||
options.add(new AlertResolutionOption(
|
||||
AlertResolutionAction.IGNORE,
|
||||
"One or more alerts is missing an alert source."));
|
||||
return options;
|
||||
}
|
||||
|
||||
// if this is the first alert in the list
|
||||
if (sharedSource == null && sharedDeviceGroup == null) {
|
||||
sharedSource = currentSource;
|
||||
sharedDeviceGroup = currentDeviceGroup;
|
||||
|
||||
} else {
|
||||
if (!currentSource.equals(sharedSource)) {
|
||||
options.add(new AlertResolutionOption(
|
||||
AlertResolutionAction.IGNORE,
|
||||
"Multiple alerts reference different alert sources."));
|
||||
return options;
|
||||
}
|
||||
|
||||
if (!currentDeviceGroup.equals(sharedDeviceGroup)) {
|
||||
options.add(new AlertResolutionOption(
|
||||
AlertResolutionAction.IGNORE,
|
||||
"One or more alerts reference devices in different device groups."));
|
||||
return options;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// an empty options list means the alert list may be actionable
|
||||
return options;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine resolution options for alerts with IMA Appraiser as the alert source.
|
||||
* @param alertList - list of alerts that share a source and device group
|
||||
* @return a list of <code>AlertResolutionOption</code>s
|
||||
*/
|
||||
private List<AlertResolutionOption> getImaResolutionOptions(
|
||||
final List<Alert> alertList, final DeviceGroup deviceGroup) {
|
||||
|
||||
boolean canAddToBaseline = true;
|
||||
|
||||
AlertType alertType;
|
||||
for (Alert alert : alertList) {
|
||||
alertType = alert.getType();
|
||||
|
||||
// addToBaseline only helps if each alert would be fixed by adding a record
|
||||
if (!alertType.equals(AlertType.WHITELIST_MISMATCH)
|
||||
&& !alertType.equals(AlertType.REQUIRED_SET_MISMATCH)
|
||||
&& !alertType.equals(AlertType.UNKNOWN_FILE)) {
|
||||
LOGGER.debug("cannot add ima record to baseline to resolve alert because alert is"
|
||||
+ " type {}", alertType);
|
||||
canAddToBaseline = false;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
List<AlertResolutionOption> options = getDefaultOptions(alertList);
|
||||
|
||||
if (canAddToBaseline) {
|
||||
options.add(getAddToImaBaselineOption(deviceGroup));
|
||||
}
|
||||
|
||||
return options;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an <code>AlertResolutionOption</code> to add to the IMA baselines associated with the
|
||||
* given device group.
|
||||
*
|
||||
* @param deviceGroup to get IMA baselines from
|
||||
* @return option including the possible baselines to add to
|
||||
*/
|
||||
private AlertResolutionOption getAddToImaBaselineOption(final DeviceGroup deviceGroup) {
|
||||
|
||||
AlertResolutionOption option = new AlertResolutionOption(
|
||||
AlertResolutionAction.ADD_TO_IMA_BASELINE,
|
||||
"One or more alerts could be resolved by adding a record to an IMA baseline.");
|
||||
Appraiser appraiser = appraiserManager.getAppraiser(IMAAppraiser.NAME);
|
||||
IMAPolicy imaPolicy = (IMAPolicy) policyManager.getPolicy(appraiser, deviceGroup);
|
||||
|
||||
List<ImaAcceptableRecordBaseline> whitelists = new ArrayList<>(imaPolicy.getWhitelists());
|
||||
List<ImaAcceptableRecordBaseline> requiredSets =
|
||||
new ArrayList<>(imaPolicy.getRequiredSets());
|
||||
List<ImaIgnoreSetBaseline> ignoreSets = new ArrayList<>(imaPolicy.getIgnoreSets());
|
||||
|
||||
List<String> whitelistNames = new ArrayList<>();
|
||||
for (ImaBaseline whitelist : whitelists) {
|
||||
whitelistNames.add(whitelist.getName());
|
||||
}
|
||||
option.setWhitelistNames(whitelistNames);
|
||||
|
||||
List<String> requiredSetNames = new ArrayList<>();
|
||||
for (ImaBaseline requiredSet : requiredSets) {
|
||||
requiredSetNames.add(requiredSet.getName());
|
||||
}
|
||||
option.setRequiredSetNames(requiredSetNames);
|
||||
|
||||
List<String> ignoreSetNames = new ArrayList<>();
|
||||
for (ImaIgnoreSetBaseline ignoreSet : ignoreSets) {
|
||||
ignoreSetNames.add(ignoreSet.getName());
|
||||
}
|
||||
option.setIgnoreSetNames(ignoreSetNames);
|
||||
|
||||
return option;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine resolution options for alerts with TPM Appraiser as the alert source.
|
||||
* @param alertList - list of alerts that share a source and device group
|
||||
* @return a list of <code>AlertResolutionOption</code>s
|
||||
*/
|
||||
private List<AlertResolutionOption> getTpmResolutionOptions(
|
||||
final List<Alert> alertList, final DeviceGroup deviceGroup) {
|
||||
|
||||
boolean canEditBaseline = true;
|
||||
|
||||
// should only attempt to add to the baseline if all the alerts are of
|
||||
// the type WHITE_LIST_PCR_MISMATCH
|
||||
for (Alert alert : alertList) {
|
||||
if (!alert.getType().equals(AlertType.WHITE_LIST_PCR_MISMATCH)) {
|
||||
canEditBaseline = false;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
List<AlertResolutionOption> options = getDefaultOptions(alertList);
|
||||
|
||||
if (canEditBaseline) {
|
||||
options.add(getAddToTpmBaselineOption(deviceGroup));
|
||||
options.add(new AlertResolutionOption(
|
||||
AlertResolutionAction.REMOVE_FROM_TPM_BASELINE,
|
||||
"One or more alerts could be resolved by removing a record from a TPM "
|
||||
+ "baseline."));
|
||||
}
|
||||
|
||||
return options;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an <code>AlertResolutionOption</code> to add to the TPM baselines associated with the
|
||||
* given device group.
|
||||
*
|
||||
* @param deviceGroup to get TPM baselines from
|
||||
* @return option including the possible baselines to add to
|
||||
*/
|
||||
private AlertResolutionOption getAddToTpmBaselineOption(final DeviceGroup deviceGroup) {
|
||||
|
||||
AlertResolutionOption option = new AlertResolutionOption(
|
||||
AlertResolutionAction.ADD_TO_TPM_BASELINE,
|
||||
"One or more alerts could be resolved by adding a record to a TPM baseline.");
|
||||
|
||||
Appraiser appraiser = appraiserManager.getAppraiser(TPMAppraiser.NAME);
|
||||
TPMPolicy tpmPolicy = (TPMPolicy) policyManager.getPolicy(appraiser, deviceGroup);
|
||||
|
||||
List<TpmWhiteListBaseline> tpmBaselines
|
||||
= new ArrayList<>(tpmPolicy.getTpmWhiteListBaselines());
|
||||
List<String> tpmBaselineNames = new ArrayList<>();
|
||||
for (TPMBaseline baseline : tpmBaselines) {
|
||||
tpmBaselineNames.add(baseline.getName());
|
||||
}
|
||||
option.setTpmBaselineNames(tpmBaselineNames);
|
||||
|
||||
return option;
|
||||
}
|
||||
|
||||
/**
|
||||
* Build the list of default options.
|
||||
* @return a list of the options available for all alerts
|
||||
*/
|
||||
private List<AlertResolutionOption> getDefaultOptions(final List<Alert> alertList) {
|
||||
List<AlertResolutionOption> options = new ArrayList<>();
|
||||
|
||||
LOGGER.debug("adding default alert resolution options for alert source {}",
|
||||
alertList.get(0).getSource());
|
||||
// ignoring the alert and requesting a new report are always options
|
||||
options.add(new AlertResolutionOption(
|
||||
AlertResolutionAction.IGNORE,
|
||||
"Default alert resolution option"));
|
||||
options.add(new AlertResolutionOption(
|
||||
AlertResolutionAction.REQUEST_NEW_REPORT,
|
||||
"Default alert resolution option"));
|
||||
return options;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks AlertResolutionRequest parameters, then creates and invokes the appropriate
|
||||
* AlertResolver.
|
||||
*
|
||||
* @param request the AlertResolution request defining the action to be taken
|
||||
* @return AlertResolutionResults containing the resolved alerts and errors
|
||||
*/
|
||||
@SuppressWarnings("checkstyle:avoidinlineconditionals")
|
||||
public AlertResolver resolve(final AlertResolutionRequest request) {
|
||||
|
||||
// check alerts
|
||||
final List<Alert> alerts = request.getAlerts();
|
||||
if (alerts == null || alerts.isEmpty()) {
|
||||
return alertResolverFactory.getAnonymous("No alerts were provided.");
|
||||
}
|
||||
|
||||
// check if valid resolution
|
||||
final AlertResolutionAction action = request.getAction();
|
||||
List<AlertResolutionOption> options = getResolutionOptions(request.getAlerts());
|
||||
for (AlertResolutionOption option : options) {
|
||||
if (option.hasAction(action)) {
|
||||
LOGGER.info("Resolving " + alerts.size() + " alert(s) by " + action + "...");
|
||||
return alertResolverFactory.get(request).resolve();
|
||||
}
|
||||
}
|
||||
|
||||
// return error
|
||||
String msg = action + " is not a valid resolution for the specified alert";
|
||||
msg += request.getAlerts().size() == 1 ? "." : "s.";
|
||||
return alertResolverFactory.getAnonymous(msg);
|
||||
|
||||
}
|
||||
|
||||
}
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user