Search in sources :

Example 1 with EntityStatus

use of org.nhindirect.config.model.EntityStatus in project nhin-d by DirectProject.

the class CertificatesController method addCertificate.

@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/addcertificate", method = RequestMethod.POST)
public ModelAndView addCertificate(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute CertificateForm certificateForm, Model model, @RequestParam(value = "submitType") String actionPath) {
    final ModelAndView mav = new ModelAndView();
    String strid = "";
    //if (log.isDebugEnabled()) 
    log.error("Enter domain/addcertificate");
    if (actionPath.equalsIgnoreCase("cancel")) {
        if (log.isDebugEnabled())
            log.debug("trying to cancel from saveupdate");
        final SearchDomainForm form2 = (SearchDomainForm) session.getAttribute("searchDomainForm");
        model.addAttribute(form2 != null ? form2 : new SearchDomainForm());
        model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
        mav.setViewName("main");
        mav.addObject("privKeyTypeList", PrivateKeyType.getPrivKeyTypeList());
        mav.addObject("statusList", EntityStatus.getEntityStatusList());
        return mav;
    }
    if (actionPath.equalsIgnoreCase("newcertificate") || actionPath.equalsIgnoreCase("add certificate")) {
        log.debug("Attempting to add certificate");
        if (this.keyManager == null)
            log.debug("Key manager is null");
        else
            log.debug("Key manager is non-null");
        strid = "" + certificateForm.getId();
        // insert the new address into the Domain list of Addresses
        final EntityStatus estatus = certificateForm.getStatus();
        if (log.isDebugEnabled())
            log.debug("beginning to evaluate filedata");
        try {
            model.addAttribute("certerror", false);
            model.addAttribute("passphraseError", false);
            if (!certificateForm.getFileData().isEmpty()) {
                final String passphrase = (certificateForm.getKeyPassphrase() == null) ? "" : certificateForm.getKeyPassphrase();
                PrivateKeyType privKeyType = PrivateKeyType.fromString(certificateForm.getPrivKeyType());
                if ((privKeyType == PrivateKeyType.PKCS8_PASSPHRASE || privKeyType == PrivateKeyType.PKCS_12_PASSPHRASE) && StringUtils.isEmpty(passphrase)) {
                    // can't move on if a passphrase is required and one is not supplied
                    model.addAttribute("passphraseError", true);
                } else {
                    byte[] certOrP12Bytes = certificateForm.getFileData().getBytes();
                    byte[] privateKeyBytes = null;
                    if (privKeyType == PrivateKeyType.PKCS_12_PASSPHRASE || privKeyType == PrivateKeyType.PKCS_12_UNPROTECTED) {
                        log.debug("Converting byte stream to cert container");
                        // there is a private key present.. normalized it to an unproted format
                        //if (cont.getKey() != null)
                        //{
                        log.debug("Private key exists; normalizing to non-protected p12 format.");
                        certOrP12Bytes = CertUtils.changePkcs12Protection(certOrP12Bytes, passphrase.toCharArray(), passphrase.toCharArray(), "".toCharArray(), "".toCharArray());
                    //}
                    } else if (privKeyType != PrivateKeyType.NONE) {
                        // there is a private key file associated with this request
                        privateKeyBytes = certificateForm.getPrivKeyData().getBytes();
                        // get the private key... it may be different formats, so be on the watch
                        if (privKeyType == PrivateKeyType.PKCS8_PASSPHRASE) {
                            // key
                            try {
                                final EncryptedPrivateKeyInfo encryptPKInfo = new EncryptedPrivateKeyInfo(privateKeyBytes);
                                final Cipher cipher = Cipher.getInstance(encryptPKInfo.getAlgName());
                                final PBEKeySpec pbeKeySpec = new PBEKeySpec(passphrase.toCharArray());
                                final SecretKeyFactory secFac = SecretKeyFactory.getInstance(encryptPKInfo.getAlgName());
                                final Key pbeKey = secFac.generateSecret(pbeKeySpec);
                                final AlgorithmParameters algParams = encryptPKInfo.getAlgParameters();
                                cipher.init(Cipher.DECRYPT_MODE, pbeKey, algParams);
                                final KeySpec pkcs8KeySpec = encryptPKInfo.getKeySpec(cipher);
                                final KeyFactory kf = KeyFactory.getInstance("RSA");
                                privateKeyBytes = kf.generatePrivate(pkcs8KeySpec).getEncoded();
                            } catch (Exception e) {
                                return mav;
                            }
                        }
                    }
                    String owner = "";
                    final String fileType = certificateForm.getFileData().getContentType();
                    if (!fileType.matches("application/x-x509-ca-cert") && !fileType.matches("application/octet-stream") && !fileType.matches("application/x-pkcs12")) {
                        model.addAttribute("certerror", true);
                    } else {
                        final Certificate cert = new Certificate();
                        // convert the cert and key to the proper storage format
                        cert.setData(toCertDataFormat(certOrP12Bytes, privateKeyBytes, privKeyType));
                        cert.setOwner(owner);
                        cert.setStatus(org.nhindirect.config.model.EntityStatus.valueOf(estatus.toString()));
                        final ArrayList<Certificate> certlist = new ArrayList<Certificate>();
                        certlist.add(cert);
                        log.debug("Adding certificate to config store.");
                        certService.addCertificate(cert);
                        log.debug("Certificate add SUCCESSFUL");
                    }
                }
            } else {
                if (log.isDebugEnabled())
                    log.debug("DO NOT store the certificate into database BECAUSE THERE IS NO FILE");
            }
        } catch (ServiceException ed) {
            log.error(ed);
        } catch (Exception e) {
            log.error(e);
            e.printStackTrace();
        }
        // certificate form and result
        try {
            final Collection<Certificate> certs = certService.getAllCertificates();
            if (this.keyManager != null && this.keyManager instanceof MutableKeyStoreProtectionManager) {
                final KeyStore keyStore = ((MutableKeyStoreProtectionManager) keyManager).getKS();
                // the key store manager to see if they have private keys
                for (Certificate cert : certs) {
                    if (!cert.isPrivateKey()) {
                        try {
                            final X509Certificate checkCert = CertUtils.toX509Certificate(cert.getData());
                            final String alias = keyStore.getCertificateAlias(checkCert);
                            if (!StringUtils.isEmpty(alias)) {
                                // check if this entry has a private key associated with
                                // it
                                final PrivateKey privKey = (PrivateKey) keyStore.getKey(alias, "".toCharArray());
                                if (privKey != null)
                                    cert.setPrivateKey(true);
                            }
                        } catch (Exception e) {
                        }
                    }
                }
            }
            model.addAttribute("certificatesResults", certs);
            final CertificateForm cform = new CertificateForm();
            cform.setId(0);
            model.addAttribute("certificateForm", cform);
        } catch (ServiceException e1) {
            e1.printStackTrace();
        }
        model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
        final SimpleForm simple = new SimpleForm();
        simple.setId(Long.parseLong(strid));
        model.addAttribute("simpleForm", simple);
        mav.setViewName("certificates");
        // the Form's default button action
        final String action = "Update";
        model.addAttribute("action", action);
        model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
        mav.addObject("privKeyTypeList", PrivateKeyType.getPrivKeyTypeList());
        mav.addObject("statusList", EntityStatus.getEntityStatusList());
    }
    return mav;
}
Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) CertificateForm(org.nhindirect.config.ui.form.CertificateForm) SimpleForm(org.nhindirect.config.ui.form.SimpleForm) PrivateKey(java.security.PrivateKey) KeySpec(java.security.spec.KeySpec) PBEKeySpec(javax.crypto.spec.PBEKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) ModelAndView(org.springframework.web.servlet.ModelAndView) ArrayList(java.util.ArrayList) SearchDomainForm(org.nhindirect.config.ui.form.SearchDomainForm) MutableKeyStoreProtectionManager(org.nhindirect.common.crypto.MutableKeyStoreProtectionManager) EntityStatus(org.nhindirect.config.model.EntityStatus) SecretKeyFactory(javax.crypto.SecretKeyFactory) KeyFactory(java.security.KeyFactory) SecretKeyFactory(javax.crypto.SecretKeyFactory) KeyStore(java.security.KeyStore) ServiceException(org.nhindirect.common.rest.exceptions.ServiceException) IOException(java.io.IOException) CryptoException(org.nhindirect.common.crypto.exceptions.CryptoException) X509Certificate(java.security.cert.X509Certificate) PrivateKeyType(org.nhindirect.config.ui.util.PrivateKeyType) ServiceException(org.nhindirect.common.rest.exceptions.ServiceException) EncryptedPrivateKeyInfo(javax.crypto.EncryptedPrivateKeyInfo) Cipher(javax.crypto.Cipher) Key(java.security.Key) PrivateKey(java.security.PrivateKey) SecretKey(javax.crypto.SecretKey) AlgorithmParameters(java.security.AlgorithmParameters) X509Certificate(java.security.cert.X509Certificate) Certificate(org.nhindirect.config.model.Certificate) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 2 with EntityStatus

use of org.nhindirect.config.model.EntityStatus in project nhin-d by DirectProject.

the class DomainController method addAddress.

@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/addaddress", method = RequestMethod.POST)
public ModelAndView addAddress(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute AddressForm addressForm, Model model, @RequestParam(value = "submitType") String actionPath) {
    final String domAttr = (String) session.getAttribute("currentDomainName");
    ModelAndView mav = new ModelAndView();
    String strid = "";
    if (log.isDebugEnabled())
        log.debug("Enter domain/addaddress");
    Domain dom = null;
    if (actionPath.equalsIgnoreCase("newaddress") || actionPath.equalsIgnoreCase("add address")) {
        //addressForm.getId();
        strid = "" + domAttr;
        try {
            dom = domainService.getDomain(strid);
        } catch (ServiceException e) {
            e.printStackTrace();
        }
        String owner = dom.getDomainName();
        // insert the new address into the Domain list of Addresses
        final String anEmail = addressForm.getEmailAddress();
        final String displayname = addressForm.getDisplayName();
        final String endpoint = addressForm.getEndpoint();
        final EntityStatus estatus = addressForm.getaStatus();
        final String etype = addressForm.getType();
        if (log.isDebugEnabled())
            log.debug(" Trying to add address: " + anEmail);
        final Address e = new Address();
        e.setEmailAddress(anEmail);
        e.setDisplayName(displayname);
        e.setEndpoint(endpoint);
        e.setStatus(estatus);
        e.setType(etype);
        final List<Address> modAddrs = new ArrayList<Address>(dom.getAddresses());
        modAddrs.add(e);
        dom.setAddresses(modAddrs);
        try {
            domainService.updateDomain(dom);
            if (log.isDebugEnabled())
                log.debug(" After attempt to insert new email address ");
        } catch (ServiceException ed) {
            if (log.isDebugEnabled())
                log.error(ed);
        }
        // certificate and anchor forms and results
        try {
            final Collection<Certificate> certs = certService.getCertificatesByOwner(owner);
            model.addAttribute("certificatesResults", certs);
        } catch (ServiceException e1) {
        }
        try {
            final Collection<Anchor> anchors = anchorService.getAnchorsForOwner(owner, false, false, "");
            // convert Anchor to AnchorForm
            final Collection<AnchorForm> convertedanchors = convertAnchors(anchors);
            // now set anchorsResults
            model.addAttribute("anchorsResults", convertedanchors);
        } catch (Exception e1) {
        }
        try {
            CertificateForm cform = new CertificateForm();
            cform.setId(dom.getId());
            model.addAttribute("certificateForm", cform);
            AnchorForm aform = new AnchorForm();
            aform.setId(dom.getId());
            model.addAttribute("anchorForm", aform);
        } catch (Exception e1x) {
        }
        model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
        SimpleForm simple = new SimpleForm();
        //simple.setId(Long.parseLong(strid));
        simple.setDomainName(dom.getDomainName());
        model.addAttribute("simpleForm", simple);
        model.addAttribute("addressesResults", dom.getAddresses());
        mav.setViewName("domain");
        // the Form's default button action
        String action = "Update";
        DomainForm form = (DomainForm) session.getAttribute("domainForm");
        if (form == null) {
            form = new DomainForm();
            form.populate(dom);
        }
        model.addAttribute("domainForm", form);
        model.addAttribute("action", action);
        model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
        mav.addObject("privKeyTypeList", PrivateKeyType.getPrivKeyTypeList());
        mav.addObject("statusList", EntityStatus.getEntityStatusList());
    }
    AddressForm addressForm2 = new AddressForm();
    addressForm2.setDisplayName("");
    addressForm2.setEndpoint("");
    addressForm2.setEmailAddress("");
    addressForm2.setType("");
    //addressForm2.setId(Long.parseLong(strid));
    addressForm2.setDomainName(strid);
    model.addAttribute("addressForm", addressForm2);
    //return new ModelAndView("redirect:/config/domain?id="+dom.getDomainName()+"#tab1");
    return mav;
}
Also used : CertificateForm(org.nhindirect.config.ui.form.CertificateForm) SimpleForm(org.nhindirect.config.ui.form.SimpleForm) AnchorForm(org.nhindirect.config.ui.form.AnchorForm) Address(org.nhindirect.config.model.Address) ModelAndView(org.springframework.web.servlet.ModelAndView) ArrayList(java.util.ArrayList) ServiceException(org.nhindirect.common.rest.exceptions.ServiceException) IOException(java.io.IOException) ConfigurationServiceException(org.nhindirect.config.service.ConfigurationServiceException) DomainForm(org.nhindirect.config.ui.form.DomainForm) SearchDomainForm(org.nhindirect.config.ui.form.SearchDomainForm) Anchor(org.nhindirect.config.model.Anchor) TrustBundleAnchor(org.nhindirect.config.model.TrustBundleAnchor) AddressForm(org.nhindirect.config.ui.form.AddressForm) ServiceException(org.nhindirect.common.rest.exceptions.ServiceException) ConfigurationServiceException(org.nhindirect.config.service.ConfigurationServiceException) EntityStatus(org.nhindirect.config.model.EntityStatus) Domain(org.nhindirect.config.model.Domain) X509Certificate(java.security.cert.X509Certificate) Certificate(org.nhindirect.config.model.Certificate) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

IOException (java.io.IOException)2 X509Certificate (java.security.cert.X509Certificate)2 ArrayList (java.util.ArrayList)2 ServiceException (org.nhindirect.common.rest.exceptions.ServiceException)2 Certificate (org.nhindirect.config.model.Certificate)2 EntityStatus (org.nhindirect.config.model.EntityStatus)2 CertificateForm (org.nhindirect.config.ui.form.CertificateForm)2 SearchDomainForm (org.nhindirect.config.ui.form.SearchDomainForm)2 SimpleForm (org.nhindirect.config.ui.form.SimpleForm)2 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 ModelAndView (org.springframework.web.servlet.ModelAndView)2 AlgorithmParameters (java.security.AlgorithmParameters)1 Key (java.security.Key)1 KeyFactory (java.security.KeyFactory)1 KeyStore (java.security.KeyStore)1 PrivateKey (java.security.PrivateKey)1 KeySpec (java.security.spec.KeySpec)1 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)1 Cipher (javax.crypto.Cipher)1