ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-01-29 15:44:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

This initial commit adds the ability to download all platform credentials and trust chain credentials from their respective pages in a bulk zip.

Browse Source
This commit is contained in:
Cyrus 2021-10-08 16:35:40 -04:00
parent e8b320e203
commit ee7befca81
3 changed files with 104 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

93
HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/CertificateRequestPageController.java
View File

@ -28,6 +28,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.StreamUtils;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@ -48,11 +49,13 @@ import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.stream.Collectors;
import java.util.zip.ZipEntry;
import java.util.zip.ZipOutputStream;
import static org.apache.logging.log4j.LogManager.getLogger;
/**
* Controller for the Device page.
* Controller for the Certificates list all pages.
*/
@Controller
@RequestMapping("/certificate-request")
@ -374,6 +377,94 @@ public class CertificateRequestPageController extends PageController<NoPageParam
response.getOutputStream().write(certificateAuthorityCredential.getRawBytes());
}
/**
* Handles request to download the certs by writing it to the response stream
* for download in bulk.
*
* @param response the response object (needed to update the header with the
* file name)
* @throws java.io.IOException when writing to response output stream
*/
@RequestMapping(value = "/trust-chain/bulk", method = RequestMethod.GET)
public void caBulkDownload(final HttpServletResponse response)
throws IOException {
LOGGER.info("Handling request to download all trust chain certificates");
String fileName = "trust-chain.zip";
String zipFileName;
// Set filename for download.
response.setHeader("Content-Disposition", "attachment; filename=" + fileName);
response.setContentType("application/zip");
try (ZipOutputStream zipOut = new ZipOutputStream(response.getOutputStream())) {
// get all files
for (CertificateAuthorityCredential ca : CertificateAuthorityCredential.select(certificateManager)
.getCertificates()) {
zipFileName = String.format("ca-certificate[%s].cer",
Integer.toHexString(ca.getCertificateHash()));
// configure the zip entry, the properties of the 'file'
ZipEntry zipEntry = new ZipEntry(zipFileName);
zipEntry.setSize((long) ca.getRawBytes().length * Byte.SIZE);
zipEntry.setTime(System.currentTimeMillis());
zipOut.putNextEntry(zipEntry);
// the content of the resource
StreamUtils.copy(ca.getRawBytes(), zipOut);
zipOut.closeEntry();
}
zipOut.finish();
// write cert to output stream
} catch (IllegalArgumentException ex) {
String uuidError = "Failed to parse ID from: ";
LOGGER.error(uuidError, ex);
// send a 404 error when invalid certificate
response.sendError(HttpServletResponse.SC_NOT_FOUND);
}
}
/**
* Handles request to download the certs by writing it to the response stream
* for download in bulk.
*
* @param response the response object (needed to update the header with the
* file name)
* @throws java.io.IOException when writing to response output stream
*/
@RequestMapping(value = "/platform-credentials/bulk", method = RequestMethod.GET)
public void pcBulkDownload(final HttpServletResponse response)
throws IOException {
LOGGER.info("Handling request to download all platform certificates");
String fileName = "platform_certificates.zip";
String zipFileName;
// Set filename for download.
response.setHeader("Content-Disposition", "attachment; filename=" + fileName);
response.setContentType("application/zip");
try (ZipOutputStream zipOut = new ZipOutputStream(response.getOutputStream())) {
// get all files
for (PlatformCredential pc : PlatformCredential.select(certificateManager)
.getCertificates()) {
zipFileName = String.format("Platform_Certificate[%s].cer",
Integer.toHexString(pc.getCertificateHash()));
// configure the zip entry, the properties of the 'file'
ZipEntry zipEntry = new ZipEntry(zipFileName);
zipEntry.setSize((long) pc.getRawBytes().length * Byte.SIZE);
zipEntry.setTime(System.currentTimeMillis());
zipOut.putNextEntry(zipEntry);
// the content of the resource
StreamUtils.copy(pc.getRawBytes(), zipOut);
zipOut.closeEntry();
}
zipOut.finish();
// write cert to output stream
} catch (IllegalArgumentException ex) {
String uuidError = "Failed to parse ID from: ";
LOGGER.error(uuidError, ex);
// send a 404 error when invalid certificate
response.sendError(HttpServletResponse.SC_NOT_FOUND);
}
}
/**
* Upload and processes a credential.
*

6
HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/platform-credentials.jsp
View File

@ -25,6 +25,12 @@
</my:file-chooser>
</form:form>
</div>
<div class="aca-input-box-header">
Bulk Platform Credentials Download
<a href="${portal}/certificate-request/platform-credentials/bulk">
<img src="${icons}/ic_file_download_black_24dp.png" title="Download Certificates">
</a>
</div>
<br/>
<div class="aca-data-table">
<table id="platformTable" class="display" width="100%">

6
HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/trust-chain.jsp
View File

@ -78,6 +78,12 @@
</form:form>
</div>
<br/>
<div class="aca-input-box-header">
Bulk Trust Chain CA Credentials Download
<a href="${portal}/certificate-request/trust-chain/bulk">
<img src="${icons}/ic_file_download_black_24dp.png" title="Download Certificates">
</a>
</div>
<br/>
<div class="aca-data-table">
<table id="trustChainTable" class="display" width="100%">