Examples with Certificate com.intel.mtwilson.datatypes.Certificate used on opensource projects

Example 1 with Certificate

use of com.intel.mtwilson.datatypes.Certificate in project OpenAttestation by OpenAttestation.

the class CertificateRepository method search.

@Override
public //    @RequiresPermissions("tag_certificates:search") 
CertificateCollection search(CertificateFilterCriteria criteria) {
    log.debug("Certificate:Search - Got request to search for the Certificates.");
    CertificateCollection objCollection = new CertificateCollection();
    try (JooqContainer jc = TagJdbi.jooq()) {
        DSLContext jooq = jc.getDslContext();
        SelectQuery sql = jooq.select().from(MW_TAG_CERTIFICATE).getQuery();
        if (criteria.filter) {
            if (criteria.id != null) {
                // when uuid is stored in database as the standard UUID string format (36 chars)
                sql.addConditions(MW_TAG_CERTIFICATE.ID.equalIgnoreCase(criteria.id.toString()));
            }
            if (criteria.subjectEqualTo != null && criteria.subjectEqualTo.length() > 0) {
                sql.addConditions(MW_TAG_CERTIFICATE.SUBJECT.equalIgnoreCase(criteria.subjectEqualTo));
            }
            if (criteria.subjectContains != null && criteria.subjectContains.length() > 0) {
                sql.addConditions(MW_TAG_CERTIFICATE.SUBJECT.lower().contains(criteria.subjectContains.toLowerCase()));
            }
            if (criteria.issuerEqualTo != null && criteria.issuerEqualTo.length() > 0) {
                sql.addConditions(MW_TAG_CERTIFICATE.ISSUER.equalIgnoreCase(criteria.issuerEqualTo));
            }
            if (criteria.issuerContains != null && criteria.issuerContains.length() > 0) {
                sql.addConditions(MW_TAG_CERTIFICATE.ISSUER.lower().contains(criteria.issuerContains.toLowerCase()));
            }
            if (criteria.sha1 != null) {
                sql.addConditions(MW_TAG_CERTIFICATE.SHA1.equalIgnoreCase(criteria.sha1.toHexString()));
            }
            if (criteria.sha256 != null) {
                sql.addConditions(MW_TAG_CERTIFICATE.SHA256.equalIgnoreCase(criteria.sha256.toHexString()));
            }
            if (criteria.validOn != null) {
                sql.addConditions(MW_TAG_CERTIFICATE.NOTBEFORE.lessOrEqual(new Timestamp(criteria.validOn.getTime())));
                sql.addConditions(MW_TAG_CERTIFICATE.NOTAFTER.greaterOrEqual(new Timestamp(criteria.validOn.getTime())));
            }
            if (criteria.validBefore != null) {
                sql.addConditions(MW_TAG_CERTIFICATE.NOTAFTER.greaterOrEqual(new Timestamp(criteria.validBefore.getTime())));
            }
            if (criteria.validAfter != null) {
                sql.addConditions(MW_TAG_CERTIFICATE.NOTBEFORE.lessOrEqual(new Timestamp(criteria.validAfter.getTime())));
            }
            if (criteria.revoked != null) {
                sql.addConditions(MW_TAG_CERTIFICATE.REVOKED.equal(criteria.revoked));
            }
        }
        sql.addOrderBy(MW_TAG_CERTIFICATE.SUBJECT);
        Result<Record> result = sql.fetch();
        log.debug("Got {} records", result.size());
        for (Record r : result) {
            Certificate certObj = new Certificate();
            try {
                certObj.setId(UUID.valueOf(r.getValue(MW_TAG_CERTIFICATE.ID)));
                // unlike other table queries, here we can get all the info from the certificate itself... except for the revoked flag
                certObj.setCertificate((byte[]) r.getValue(MW_TAG_CERTIFICATE.CERTIFICATE));
                certObj.setIssuer(r.getValue(MW_TAG_CERTIFICATE.ISSUER));
                certObj.setSubject(r.getValue(MW_TAG_CERTIFICATE.SUBJECT));
                certObj.setNotBefore(r.getValue(MW_TAG_CERTIFICATE.NOTBEFORE));
                certObj.setNotAfter(r.getValue(MW_TAG_CERTIFICATE.NOTAFTER));
                certObj.setSha1(Sha1Digest.valueOf(r.getValue(MW_TAG_CERTIFICATE.SHA1)));
                certObj.setSha256(Sha256Digest.valueOf(r.getValue(MW_TAG_CERTIFICATE.SHA256)));
                certObj.setRevoked(r.getValue(MW_TAG_CERTIFICATE.REVOKED));
                log.debug("Certificate:Search - Created certificate record in search result {}", certObj.getId().toString());
                objCollection.getCertificates().add(certObj);
            } catch (Exception e) {
                log.error("Certificate:Search - Cannot load certificate #{}", r.getValue(MW_TAG_CERTIFICATE.ID), e);
            }
        }
        sql.close();
    } catch (Exception ex) {
        log.error("Certificate:Search - Error during certificate search.", ex);
        throw new RepositorySearchException(ex, criteria);
    }
    log.debug("Certificate:Search - Returning back {} of results.", objCollection.getCertificates().size());
    return objCollection;
}

Example 2 with Certificate

use of com.intel.mtwilson.datatypes.Certificate in project OpenAttestation by OpenAttestation.

the class CertificateRepository method delete.

@Override
public //    @RequiresPermissions("tag_certificates:delete,search") 
void delete(CertificateFilterCriteria criteria) {
    log.debug("Certificate:Delete - Got request to delete certificate by search criteria.");
    CertificateCollection objCollection = search(criteria);
    try {
        for (Certificate obj : objCollection.getCertificates()) {
            CertificateLocator locator = new CertificateLocator();
            locator.id = obj.getId();
            delete(locator);
        }
    } catch (RepositoryException re) {
        throw re;
    } catch (Exception ex) {
        log.error("Certificate:Delete - Error during Certificate deletion.", ex);
        throw new RepositoryDeleteException(ex);
    }
}

Example 3 with Certificate

use of com.intel.mtwilson.datatypes.Certificate in project OpenAttestation by OpenAttestation.

the class CertificateRepository method retrieve.

@Override
public //    @RequiresPermissions("tag_certificates:retrieve") 
Certificate retrieve(CertificateLocator locator) {
    log.debug("Retrieving Certificate");
    if (locator == null || locator.id == null) {
        return null;
    }
    log.debug("Certificate:Retrieve - Got request to retrieve user with id {}.", locator.id);
    try (CertificateDAO dao = TagJdbi.certificateDao()) {
        Certificate obj = dao.findById(locator.id);
        if (obj != null)
            return obj;
    } catch (Exception ex) {
        log.error("Certificate:Retrieve - Error during certificate retrieval.", ex);
        throw new RepositoryRetrieveException(ex, locator);
    }
    return null;
}

Example 4 with Certificate

use of com.intel.mtwilson.datatypes.Certificate in project OpenAttestation by OpenAttestation.

the class CertificateRepository method create.

@Override
public //    @RequiresPermissions("tag_certificates:create") 
void create(Certificate item) {
    log.debug("Certificate:Create - Got request to create a new Certificate {}.", item.getId().toString());
    CertificateLocator locator = new CertificateLocator();
    locator.id = item.getId();
    try (CertificateDAO dao = TagJdbi.certificateDao()) {
        Certificate newCert = dao.findById(item.getId());
        if (newCert == null) {
            newCert = Certificate.valueOf(item.getCertificate());
            dao.insert(item.getId(), newCert.getCertificate(), newCert.getSha1().toHexString(), newCert.getSha256().toHexString(), newCert.getSubject(), newCert.getIssuer(), newCert.getNotBefore(), newCert.getNotAfter());
            log.debug("Certificate:Create - Created the Certificate {} successfully.", item.getId().toString());
        } else {
            log.error("Certificate:Create - Certificate {} will not be created since a duplicate Certificate already exists.", item.getId().toString());
            throw new RepositoryCreateConflictException(locator);
        }
    } catch (RepositoryException re) {
        throw re;
    } catch (Exception ex) {
        log.error("Certificate:Create - Error during certificate creation.", ex);
        throw new RepositoryCreateException(ex, locator);
    }
    //Store tag values from Certificate
    try {
        log.info("Tags from certificate will now be stored");
        KvAttributeRepository repository = new KvAttributeRepository();
        KvAttribute kvAttrib = new KvAttribute();
        if (kvAttrib == null || repository == null)
            log.debug("kvAttrib or repository Obj is null, unable to store certificate tags");
        else {
            List<Attribute> certAttributes = X509AttributeCertificate.valueOf(item.getCertificate()).getAttribute();
            for (Attribute attr : certAttributes) {
                for (ASN1Encodable value : attr.getAttributeValues()) {
                    if (attr.getAttrType().toString().equals(UTF8NameValueMicroformat.OID)) {
                        UTF8NameValueMicroformat microformat = new UTF8NameValueMicroformat(DERUTF8String.getInstance(value));
                        // Check if that tag with same value already exists
                        KvAttributeFilterCriteria criteria = new KvAttributeFilterCriteria();
                        criteria.nameEqualTo = microformat.getName();
                        criteria.valueEqualTo = microformat.getValue();
                        KvAttributeCollection results = repository.search(criteria);
                        if (results.getDocuments().isEmpty()) {
                            kvAttrib.setId(new UUID());
                            kvAttrib.setName(microformat.getName());
                            kvAttrib.setValue(microformat.getValue());
                            repository.create(kvAttrib);
                        } else
                            log.debug("Tag with Name:{} & Value:{} is already stored.", microformat.getName(), microformat.getValue());
                    }
                }
            }
        }
    } catch (Exception e) {
        log.error("Certificate:Create - Error during attribute scan", e);
    }
}

Example 5 with Certificate

use of com.intel.mtwilson.datatypes.Certificate in project OpenAttestation by OpenAttestation.

the class MtWilsonImportTagCertificate method run.

@Override
@RequiresPermissions("tag_certificates:import")
public void run() {
    log.debug("RPC:MtWilsonImportTagCertificate - Got request to deploy certificate with ID {}.", certificateId);
    CertificateLocator locator = new CertificateLocator();
    locator.id = certificateId;
    try (CertificateDAO dao = TagJdbi.certificateDao()) {
        Certificate obj = dao.findById(certificateId);
        if (obj != null) {
            log.debug("RPC:MtWilsonImportTagCertificate - Sha1 of the certificate about to be deployed is {}.", obj.getSha1());
            AssetTagCertCreateRequest request = new AssetTagCertCreateRequest();
            request.setCertificate(obj.getCertificate());
            Global.mtwilson().importAssetTagCertificate(request);
            log.info("RPC:MtWilsonImportTagCertificate - Certificate with id {} has been deployed successfully.");
        } else {
            log.error("RPC:MtWilsonImportTagCertificate - Specified Certificate with id {} is not valid.", certificateId);
            throw new RepositoryInvalidInputException(locator);
        }
    } catch (RepositoryException re) {
        throw re;
    } catch (Exception ex) {
        log.error("RPC:MtWilsonImportTagCertificate - Error during certificate deployment.", ex);
        throw new RepositoryException(ex);
    }
}