zervo/seb-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

SEBSERV-377 fixed

Browse source
This commit is contained in:
anhefti 2023-03-08 12:06:19 +01:00
parent 53461921e0
commit b17cab29f9
1 changed files with 22 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/dao/impl/CertificateDAOImpl.java
View file

@ -12,10 +12,10 @@ import static org.mybatis.dynamic.sql.SqlBuilder.isEqualTo;
import static org.mybatis.dynamic.sql.SqlBuilder.isIn; import static org.mybatis.dynamic.sql.SqlBuilder.isIn;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.KeyStoreException; import java.security.KeyStoreException;
import java.security.PrivateKey; import java.security.PrivateKey;
import java.security.cert.Certificate; import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
@ -232,6 +232,7 @@ public class CertificateDAOImpl implements CertificateDAO {
try { try {
final X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject(); final X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();
final RDN cn = x500name.getRDNs(BCStyle.CN)[0]; final RDN cn = x500name.getRDNs(BCStyle.CN)[0];
final String dn = IETFUtils.valueToString(cn.getFirst().getValue()); final String dn = IETFUtils.valueToString(cn.getFirst().getValue());
if (StringUtils.isBlank(dn)) { if (StringUtils.isBlank(dn)) {
@ -239,9 +240,24 @@ public class CertificateDAOImpl implements CertificateDAO {
} else { } else {
return dn.replace(" ", "_").toLowerCase(Locale.ENGLISH); return dn.replace(" ", "_").toLowerCase(Locale.ENGLISH);
} }
} catch (final CertificateEncodingException e) { } catch (final Exception e) {
log.warn("Error while trying to get alias from certificate subject name. Use serial number as alias"); log.error("Error while trying to get alias from certificate subject name: {}", e.getMessage());
return String.valueOf(certificate.getSerialNumber()); try {
final String name = certificate.getSubjectDN().getName();
if (StringUtils.isNotBlank(name)) {
final String al = name.replace(" ", "").replace(",", "_").replace("=", "-");
log.info("Certificate import: DN name as alias: {}", al);
return al;
} else {
final BigInteger serialNumber = certificate.getSerialNumber();
log.info("Certificate import: Use serial number as alias: {}", serialNumber);
return String.valueOf(serialNumber);
}
} catch (final Exception ee) {
final BigInteger serialNumber = certificate.getSerialNumber();
log.info("Certificate import: Use serial number as alias: {}", serialNumber);
return String.valueOf(serialNumber);
}
} }
} }
@ -277,6 +293,8 @@ public class CertificateDAOImpl implements CertificateDAO {
if (keyUsage[5]) { if (keyUsage[5]) {
result.add(CertificateType.KEY_CERT_SIGN); result.add(CertificateType.KEY_CERT_SIGN);
} }
} else {
result.add(CertificateType.DIGITAL_SIGNATURE);
} }
final String alias = certificates.keyStore.engineGetCertificateAlias(cert); final String alias = certificates.keyStore.engineGetCertificateAlias(cert);