Search in sources :

Example 1 with CertificateDAO

use of com.intel.mtwilson.tag.dao.jdbi.CertificateDAO in project OpenAttestation by OpenAttestation.

the class CertificateRepository method retrieve.

@Override
public //    @RequiresPermissions("tag_certificates:retrieve") 
Certificate retrieve(CertificateLocator locator) {
    log.debug("Retrieving Certificate");
    if (locator == null || locator.id == null) {
        return null;
    }
    log.debug("Certificate:Retrieve - Got request to retrieve user with id {}.", locator.id);
    try (CertificateDAO dao = TagJdbi.certificateDao()) {
        Certificate obj = dao.findById(locator.id);
        if (obj != null)
            return obj;
    } catch (Exception ex) {
        log.error("Certificate:Retrieve - Error during certificate retrieval.", ex);
        throw new RepositoryRetrieveException(ex, locator);
    }
    return null;
}
Also used : CertificateDAO(com.intel.mtwilson.tag.dao.jdbi.CertificateDAO) RepositoryRetrieveException(com.intel.mtwilson.tag.repository.RepositoryRetrieveException) RepositoryCreateException(com.intel.mtwilson.tag.repository.RepositoryCreateException) RepositoryDeleteException(com.intel.mtwilson.tag.repository.RepositoryDeleteException) RepositoryStoreException(com.intel.mtwilson.tag.repository.RepositoryStoreException) RepositoryStoreConflictException(com.intel.mtwilson.tag.repository.RepositoryStoreConflictException) RepositoryRetrieveException(com.intel.mtwilson.tag.repository.RepositoryRetrieveException) RepositoryException(com.intel.mtwilson.tag.repository.RepositoryException) RepositorySearchException(com.intel.mtwilson.tag.repository.RepositorySearchException) RepositoryCreateConflictException(com.intel.mtwilson.tag.repository.RepositoryCreateConflictException) Certificate(com.intel.mtwilson.datatypes.Certificate) X509AttributeCertificate(com.intel.mtwilson.datatypes.X509AttributeCertificate)

Example 2 with CertificateDAO

use of com.intel.mtwilson.tag.dao.jdbi.CertificateDAO in project OpenAttestation by OpenAttestation.

the class CertificateRepository method create.

@Override
public //    @RequiresPermissions("tag_certificates:create") 
void create(Certificate item) {
    log.debug("Certificate:Create - Got request to create a new Certificate {}.", item.getId().toString());
    CertificateLocator locator = new CertificateLocator();
    locator.id = item.getId();
    try (CertificateDAO dao = TagJdbi.certificateDao()) {
        Certificate newCert = dao.findById(item.getId());
        if (newCert == null) {
            newCert = Certificate.valueOf(item.getCertificate());
            dao.insert(item.getId(), newCert.getCertificate(), newCert.getSha1().toHexString(), newCert.getSha256().toHexString(), newCert.getSubject(), newCert.getIssuer(), newCert.getNotBefore(), newCert.getNotAfter());
            log.debug("Certificate:Create - Created the Certificate {} successfully.", item.getId().toString());
        } else {
            log.error("Certificate:Create - Certificate {} will not be created since a duplicate Certificate already exists.", item.getId().toString());
            throw new RepositoryCreateConflictException(locator);
        }
    } catch (RepositoryException re) {
        throw re;
    } catch (Exception ex) {
        log.error("Certificate:Create - Error during certificate creation.", ex);
        throw new RepositoryCreateException(ex, locator);
    }
    //Store tag values from Certificate
    try {
        log.info("Tags from certificate will now be stored");
        KvAttributeRepository repository = new KvAttributeRepository();
        KvAttribute kvAttrib = new KvAttribute();
        if (kvAttrib == null || repository == null)
            log.debug("kvAttrib or repository Obj is null, unable to store certificate tags");
        else {
            List<Attribute> certAttributes = X509AttributeCertificate.valueOf(item.getCertificate()).getAttribute();
            for (Attribute attr : certAttributes) {
                for (ASN1Encodable value : attr.getAttributeValues()) {
                    if (attr.getAttrType().toString().equals(UTF8NameValueMicroformat.OID)) {
                        UTF8NameValueMicroformat microformat = new UTF8NameValueMicroformat(DERUTF8String.getInstance(value));
                        // Check if that tag with same value already exists
                        KvAttributeFilterCriteria criteria = new KvAttributeFilterCriteria();
                        criteria.nameEqualTo = microformat.getName();
                        criteria.valueEqualTo = microformat.getValue();
                        KvAttributeCollection results = repository.search(criteria);
                        if (results.getDocuments().isEmpty()) {
                            kvAttrib.setId(new UUID());
                            kvAttrib.setName(microformat.getName());
                            kvAttrib.setValue(microformat.getValue());
                            repository.create(kvAttrib);
                        } else
                            log.debug("Tag with Name:{} & Value:{} is already stored.", microformat.getName(), microformat.getValue());
                    }
                }
            }
        }
    } catch (Exception e) {
        log.error("Certificate:Create - Error during attribute scan", e);
    }
}
Also used : CertificateLocator(com.intel.mtwilson.datatypes.CertificateLocator) CertificateDAO(com.intel.mtwilson.tag.dao.jdbi.CertificateDAO) KvAttribute(com.intel.mtwilson.datatypes.KvAttribute) Attribute(org.bouncycastle.asn1.x509.Attribute) KvAttribute(com.intel.mtwilson.datatypes.KvAttribute) RepositoryException(com.intel.mtwilson.tag.repository.RepositoryException) RepositoryCreateConflictException(com.intel.mtwilson.tag.repository.RepositoryCreateConflictException) RepositoryCreateException(com.intel.mtwilson.tag.repository.RepositoryCreateException) RepositoryDeleteException(com.intel.mtwilson.tag.repository.RepositoryDeleteException) RepositoryStoreException(com.intel.mtwilson.tag.repository.RepositoryStoreException) RepositoryStoreConflictException(com.intel.mtwilson.tag.repository.RepositoryStoreConflictException) RepositoryRetrieveException(com.intel.mtwilson.tag.repository.RepositoryRetrieveException) RepositoryException(com.intel.mtwilson.tag.repository.RepositoryException) RepositorySearchException(com.intel.mtwilson.tag.repository.RepositorySearchException) RepositoryCreateConflictException(com.intel.mtwilson.tag.repository.RepositoryCreateConflictException) KvAttributeCollection(com.intel.mtwilson.datatypes.KvAttributeCollection) KvAttributeRepository(com.intel.mtwilson.tag.repository.KvAttributeRepository) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) KvAttributeFilterCriteria(com.intel.mtwilson.datatypes.KvAttributeFilterCriteria) UUID(com.intel.mtwilson.util.io.UUID) UTF8NameValueMicroformat(com.intel.mtwilson.datatypes.UTF8NameValueMicroformat) Certificate(com.intel.mtwilson.datatypes.Certificate) X509AttributeCertificate(com.intel.mtwilson.datatypes.X509AttributeCertificate) RepositoryCreateException(com.intel.mtwilson.tag.repository.RepositoryCreateException)

Example 3 with CertificateDAO

use of com.intel.mtwilson.tag.dao.jdbi.CertificateDAO in project OpenAttestation by OpenAttestation.

the class MtWilsonImportTagCertificate method run.

@Override
@RequiresPermissions("tag_certificates:import")
public void run() {
    log.debug("RPC:MtWilsonImportTagCertificate - Got request to deploy certificate with ID {}.", certificateId);
    CertificateLocator locator = new CertificateLocator();
    locator.id = certificateId;
    try (CertificateDAO dao = TagJdbi.certificateDao()) {
        Certificate obj = dao.findById(certificateId);
        if (obj != null) {
            log.debug("RPC:MtWilsonImportTagCertificate - Sha1 of the certificate about to be deployed is {}.", obj.getSha1());
            AssetTagCertCreateRequest request = new AssetTagCertCreateRequest();
            request.setCertificate(obj.getCertificate());
            Global.mtwilson().importAssetTagCertificate(request);
            log.info("RPC:MtWilsonImportTagCertificate - Certificate with id {} has been deployed successfully.");
        } else {
            log.error("RPC:MtWilsonImportTagCertificate - Specified Certificate with id {} is not valid.", certificateId);
            throw new RepositoryInvalidInputException(locator);
        }
    } catch (RepositoryException re) {
        throw re;
    } catch (Exception ex) {
        log.error("RPC:MtWilsonImportTagCertificate - Error during certificate deployment.", ex);
        throw new RepositoryException(ex);
    }
}
Also used : CertificateLocator(com.intel.mtwilson.datatypes.CertificateLocator) CertificateDAO(com.intel.mtwilson.tag.dao.jdbi.CertificateDAO) AssetTagCertCreateRequest(com.intel.mtwilson.datatypes.AssetTagCertCreateRequest) RepositoryException(com.intel.mtwilson.tag.repository.RepositoryException) RepositoryInvalidInputException(com.intel.mtwilson.tag.repository.RepositoryInvalidInputException) RepositoryInvalidInputException(com.intel.mtwilson.tag.repository.RepositoryInvalidInputException) RepositoryException(com.intel.mtwilson.tag.repository.RepositoryException) Certificate(com.intel.mtwilson.datatypes.Certificate) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions)

Example 4 with CertificateDAO

use of com.intel.mtwilson.tag.dao.jdbi.CertificateDAO in project OpenAttestation by OpenAttestation.

the class RevokeTagCertificate method revokeCert.

@POST
public //@RequiresPermissions("tag_certificates:delete")         
void revokeCert(@QueryParam("certId") String certId) {
    log.debug("RPC: RevokeTagCertificate - Got request to revocation of certificate: {}", certId);
    setCertificateId(UUID.valueOf(certId));
    try (CertificateDAO dao = TagJdbi.certificateDao()) {
        CertificateLocator locator = new CertificateLocator();
        locator.id = certificateId;
        Certificate obj = dao.findById(certificateId);
        if (obj != null) {
            // tries jvm properties, environment variables, then mtwilson.properties;  you can set location of mtwilson.properties with -Dmtwilson.home=/path/to/dir
            org.apache.commons.configuration.Configuration conf = ConfigurationUtil.getConfiguration();
            ApiClient mtwilson = new ApiClient(conf);
            log.debug("RPC: RevokeTagCertificate - Sha1 of the certificate about to be revoked is {}.", obj.getSha1());
            dao.updateRevoked(certificateId, true);
            AssetTagCertRevokeRequest request = new AssetTagCertRevokeRequest();
            request.setSha1OfAssetCert(obj.getSha1().toByteArray());
            mtwilson.revokeAssetTagCertificate(request);
            //Global.mtwilson().revokeAssetTagCertificate(request);
            log.info("RPC: RevokeTagCertificate - Certificate with id {} has been revoked successfully.");
        } else {
            log.error("RPC: RevokeTagCertificate - Certificate with id {} does not exist.", certificateId);
            throw new RepositoryInvalidInputException(locator);
        }
    } catch (RepositoryException re) {
        throw re;
    } catch (Exception ex) {
        log.error("RPC: RevokeTagCertificate - Error during certificate revocation.", ex);
        throw new RepositoryException(ex);
    }
}
Also used : CertificateLocator(com.intel.mtwilson.datatypes.CertificateLocator) AssetTagCertRevokeRequest(com.intel.mtwilson.datatypes.AssetTagCertRevokeRequest) CertificateDAO(com.intel.mtwilson.tag.dao.jdbi.CertificateDAO) RepositoryException(com.intel.mtwilson.tag.repository.RepositoryException) ApiClient(com.intel.mtwilson.ApiClient) RepositoryInvalidInputException(com.intel.mtwilson.tag.repository.RepositoryInvalidInputException) RepositoryInvalidInputException(com.intel.mtwilson.tag.repository.RepositoryInvalidInputException) RepositoryException(com.intel.mtwilson.tag.repository.RepositoryException) WebApplicationException(javax.ws.rs.WebApplicationException) Certificate(com.intel.mtwilson.datatypes.Certificate) POST(javax.ws.rs.POST)

Example 5 with CertificateDAO

use of com.intel.mtwilson.tag.dao.jdbi.CertificateDAO in project OpenAttestation by OpenAttestation.

the class CertificateRepository method store.

@Override
public //    @RequiresPermissions("tag_certificates:store") 
void store(Certificate item) {
    log.debug("Certificate:Store - Got request to update Certificate with id {}.", item.getId().toString());
    // will be used if we need to throw an exception
    CertificateLocator locator = new CertificateLocator();
    locator.id = item.getId();
    try (CertificateDAO dao = TagJdbi.certificateDao()) {
        Certificate obj = dao.findById(item.getId());
        // Allowing the user to only edit the revoked field.
        if (obj != null) {
            dao.updateRevoked(item.getId(), item.isRevoked());
            log.debug("Certificate:Store - Updated the Certificate {} successfully.", item.getId().toString());
        } else {
            log.error("Certificate:Store - Certificate will not be updated since it does not exist.");
            throw new RepositoryStoreConflictException(locator);
        }
    } catch (RepositoryException re) {
        throw re;
    } catch (Exception ex) {
        log.error("Certificate:Store - Error during Certificate update.", ex);
        throw new RepositoryStoreException(ex, locator);
    }
}
Also used : CertificateLocator(com.intel.mtwilson.datatypes.CertificateLocator) CertificateDAO(com.intel.mtwilson.tag.dao.jdbi.CertificateDAO) RepositoryException(com.intel.mtwilson.tag.repository.RepositoryException) RepositoryStoreConflictException(com.intel.mtwilson.tag.repository.RepositoryStoreConflictException) RepositoryCreateException(com.intel.mtwilson.tag.repository.RepositoryCreateException) RepositoryDeleteException(com.intel.mtwilson.tag.repository.RepositoryDeleteException) RepositoryStoreException(com.intel.mtwilson.tag.repository.RepositoryStoreException) RepositoryStoreConflictException(com.intel.mtwilson.tag.repository.RepositoryStoreConflictException) RepositoryRetrieveException(com.intel.mtwilson.tag.repository.RepositoryRetrieveException) RepositoryException(com.intel.mtwilson.tag.repository.RepositoryException) RepositorySearchException(com.intel.mtwilson.tag.repository.RepositorySearchException) RepositoryCreateConflictException(com.intel.mtwilson.tag.repository.RepositoryCreateConflictException) Certificate(com.intel.mtwilson.datatypes.Certificate) X509AttributeCertificate(com.intel.mtwilson.datatypes.X509AttributeCertificate) RepositoryStoreException(com.intel.mtwilson.tag.repository.RepositoryStoreException)

Aggregations

Certificate (com.intel.mtwilson.datatypes.Certificate)6 CertificateDAO (com.intel.mtwilson.tag.dao.jdbi.CertificateDAO)6 RepositoryException (com.intel.mtwilson.tag.repository.RepositoryException)6 CertificateLocator (com.intel.mtwilson.datatypes.CertificateLocator)4 X509AttributeCertificate (com.intel.mtwilson.datatypes.X509AttributeCertificate)4 RepositoryCreateConflictException (com.intel.mtwilson.tag.repository.RepositoryCreateConflictException)4 RepositoryCreateException (com.intel.mtwilson.tag.repository.RepositoryCreateException)4 RepositoryDeleteException (com.intel.mtwilson.tag.repository.RepositoryDeleteException)4 RepositoryRetrieveException (com.intel.mtwilson.tag.repository.RepositoryRetrieveException)4 RepositorySearchException (com.intel.mtwilson.tag.repository.RepositorySearchException)4 RepositoryStoreConflictException (com.intel.mtwilson.tag.repository.RepositoryStoreConflictException)4 RepositoryStoreException (com.intel.mtwilson.tag.repository.RepositoryStoreException)4 RepositoryInvalidInputException (com.intel.mtwilson.tag.repository.RepositoryInvalidInputException)2 ApiClient (com.intel.mtwilson.ApiClient)1 AssetTagCertCreateRequest (com.intel.mtwilson.datatypes.AssetTagCertCreateRequest)1 AssetTagCertRevokeRequest (com.intel.mtwilson.datatypes.AssetTagCertRevokeRequest)1 KvAttribute (com.intel.mtwilson.datatypes.KvAttribute)1 KvAttributeCollection (com.intel.mtwilson.datatypes.KvAttributeCollection)1 KvAttributeFilterCriteria (com.intel.mtwilson.datatypes.KvAttributeFilterCriteria)1 UTF8NameValueMicroformat (com.intel.mtwilson.datatypes.UTF8NameValueMicroformat)1