Merge commit 'bb6363cfe62bb74a2a5e48bfc6f82feffc7001de' into CONNECT

CONNECT-Solution · May 22, 2019 · d38e7cf · d38e7cf
2 parents b182021 + bb6363c
commit d38e7cf
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 16 deletions.
diff --git a/...eral/CONNECTAdminGUI/src/main/java/gov/hhs/fha/nhinc/admingui/managed/CertficateBean.java b/...eral/CONNECTAdminGUI/src/main/java/gov/hhs/fha/nhinc/admingui/managed/CertficateBean.java
@@ -338,11 +338,11 @@ public void validateAndDeleteCertificate() throws CertificateManagerException {
             String hashToken = service.getHashToken(trustStorePasskey);
             if (deleteCertificate(hashToken)) {
                 saveHashToken(hashToken);
-                execPFHideDialog("deletePassKeyDlg");
             }
         } else {
             deleteCertificate(getHashTokenFromSession());
         }
+        execPFHideDialog("deletePassKeyDlg");
         trustStorePasskey = null;
     }
 
@@ -768,6 +768,7 @@ public void cancelImportWizard() {
 
     private void clearImportWizard() {
         alias = null;
+        oldAlias = null;
         exchangeType = null;
         commonName = null;
         organization = null;
@@ -781,6 +782,7 @@ private void clearImportWizard() {
         disableNext = new boolean[] { true, true, true, true, true, true };
         enableTab(0);
         disableImportAction = true;
+        refreshCacheForTrustStore();
     }
 
     public void next() {

diff --git a/Product/Production/Adapters/General/CONNECTAdminGUI/src/main/webapp/certificateManager.xhtml b/Product/Production/Adapters/General/CONNECTAdminGUI/src/main/webapp/certificateManager.xhtml
@@ -361,6 +361,7 @@
                                                         <li class="list-group-item"><p:commandLink
                                                                 action="#{certificateBean.resumeImportWizard(1)}"
                                                                 style="margin-right:20px;" update="@(.cssImportWizard)">
+                                                                <p:resetInput target="certTabView:importCertTabView:tabIdCreateCert" />
                                                                 <h:outputText value="Create a new Certificate" />
                                                             </p:commandLink></li>
                                                         <li class="list-group-item"><p:commandLink

diff --git a/...uct/Production/Adapters/General/CONNECTAdminGUI/src/main/webapp/deletePassKeyDialog.xhtml b/...uct/Production/Adapters/General/CONNECTAdminGUI/src/main/webapp/deletePassKeyDialog.xhtml
@@ -7,7 +7,6 @@
                 <h4>TrustStore Password</h4>
                 <div class="form-block center-block">
                     <h:form id="deletePassKeyDlgForm" class="form form-horizontal">
-                        <p:messages id="deletePassKeyErrorMsg" closable="true" autoUpdate="true" showDetail="true" />
                         <div class="form-group">
                             <h:outputLabel for="deletePasskey" class="col-sm-3 control-label" id="inputPassKeyLbl" value="Password:" />
                             <div class="col-sm-9">
@@ -22,7 +21,7 @@
                         <div class="form-group">
                             <div class="col-sm-12">
                                 <div class="form-button-row">
-                                    <p:commandButton  id="savePasskey" styleClass="btn btn-primary" value="OK" ajax="true" update=":certTabView:trustStoreForm :deletePassKeyDlgForm" actionListener="#{certificateBean.validateAndDeleteCertificate}" onclick="$(PF('deletePassKeyDlg').hide()"/>
+                                    <p:commandButton  id="savePasskey" styleClass="btn btn-primary" value="OK" ajax="true" update=":certTabView:trustStoreForm :deletePassKeyDlgForm" actionListener="#{certificateBean.validateAndDeleteCertificate}" onclick="PF('deletePassKeyDlg').hide()"/>
                                     <p:commandButton id="closePassKey" styleClass="btn btn-primary" value="Cancel" onclick="$('#deletePassKeyDlgForm\\:deletePasskey').val('');PF('deletePassKeyDlg').hide()"/>
                                 </div>
                             </div>

diff --git a/Product/Production/Common/CONNECTCoreLib/pom.xml b/Product/Production/Common/CONNECTCoreLib/pom.xml
@@ -313,7 +313,10 @@
             <version>5.1.10</version>
             <scope>test</scope>
         </dependency>
-
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcprov-jdk15on</artifactId>
+        </dependency>
 
     </dependencies>
 

diff --git a/...mon/CONNECTCoreLib/src/main/java/gov/hhs/fha/nhinc/callback/opensaml/CertificateUtil.java b/...mon/CONNECTCoreLib/src/main/java/gov/hhs/fha/nhinc/callback/opensaml/CertificateUtil.java
@@ -56,13 +56,11 @@
 import org.apache.commons.lang3.tuple.Pair;
 import org.apache.wss4j.common.crypto.DERDecoder;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.bouncycastle.asn1.DEROctetString;
+import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-/**
- *
- * @author jassmit
- */
 public class CertificateUtil {
 
     private static final Logger LOG = LoggerFactory.getLogger(CertificateUtil.class);
@@ -165,21 +163,21 @@ public static String getCertKeyIdAuthority(Pair<String, Certificate> pair) {
         }
         return getCertKeyIdAuthority((X509Certificate) pair.getValue());
     }
+
     public static String getCertKeyIdAuthority(Certificate cert) {
         return getCertKeyIdAuthority((X509Certificate) cert);
     }
+
     public static String getCertKeyIdAuthority(X509Certificate cert) {
         String authId = null;
         if (null != cert) {
             byte[] akiBytes = cert.getExtensionValue(AUTHORITY_KEY_ID);
-            try {
-                if (akiBytes != null) {
-                    DERDecoder extValA = new DERDecoder(akiBytes);
-                    extValA.skip(6);
-                    authId = Hex.encodeHexString(extValA.getBytes(20));
-                }
-            } catch (WSSecurityException e) {
-                LOG.error("Unable to decode certificate authority {}", e.getLocalizedMessage(), e);
+
+            if (akiBytes != null) {
+                byte[] octets = DEROctetString.getInstance(akiBytes).getOctets();
+                AuthorityKeyIdentifier authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(octets);
+                byte[] keyIdentifier = authorityKeyIdentifier.getKeyIdentifier();
+                authId = Hex.encodeHexString(keyIdentifier);
             }
 
             String subjId = getCertKeyIdSubject(cert);
@@ -194,6 +192,7 @@ public static String getCertKeyIdAuthority(X509Certificate cert) {
     public static String getCertKeyIdSubject(Certificate cert) {
         return getCertKeyIdSubject((X509Certificate) cert);
     }
+
     public static String getCertKeyIdSubject(X509Certificate cert) {
         String ski = null;
         if (null != cert) {
@@ -219,6 +218,7 @@ public static String getCertKeyIdSubject(X509Certificate cert) {
     public static String getCertSubjectCN(Certificate cert) {
         return getCertSubjectCN((X509Certificate) cert);
     }
+
     public static String getCertSubjectCN(X509Certificate cert) {
         if (null == cert) {
             return null;