/**
* Updates the signing certificate of a trust bundle.
*
* @param bundleName The name of the trust bundle to update.
* @param certData A DER encoded representation of the new signing certificate.
* @return Status of 204 if the trust bundle's signing certificate was updated, status of 400 if
* the signing certificate is invalid, or a status 404 if a trust bundle with the given name
* does not exist.
*/
@POST
@Path("{bundle}/signingCert")
@Consumes(MediaType.APPLICATION_JSON)
public Response updateSigningCert(@PathParam("bundle") String bundleName, byte[] certData) {
X509Certificate signingCert = null;
if (certData.length > 0) {
try {
signingCert = CertUtils.toX509Certificate(certData);
} catch (CertificateConversionException ex) {
log.error("Signing certificate is not in a valid format " + bundleName, ex);
return Response.status(Status.BAD_REQUEST).cacheControl(noCache).build();
}
}
// make sure the bundle exists
org.nhindirect.config.store.TrustBundle entityBundle;
try {
entityBundle = bundleDao.getTrustBundleByName(bundleName);
if (entityBundle == null)
return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error looking up bundle.", e);
return Response.serverError().cacheControl(noCache).build();
}
// now update
try {
bundleDao.updateTrustBundleSigningCertificate(entityBundle.getId(), signingCert);
return Response.noContent().cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error updating trust bundle signing certificate.", e);
return Response.serverError().cacheControl(noCache).build();
}
}
/**
* Updates multiple bundle attributes. If the URL of the bundle changes, then the bundle is
* automatically refreshed.
*
* @param bundleName The name of the bundle to update.
* @param bundleData The data of the trust bundle to update. Empty or null attributes indicate
* that the attribute should not be changed.
* @return Status of 204 if the bundle attributes were updated, status of 400 if the signing
* certificate is invalid, or a status 404 if a trust bundle with the given name does not
* exist.
*/
@POST
@Path("{bundle}/bundleAttributes")
@Consumes(MediaType.APPLICATION_JSON)
public Response updateBundleAttributes(
@PathParam("bundle") String bundleName, TrustBundle bundleData) {
// make sure the bundle exists
org.nhindirect.config.store.TrustBundle entityBundle;
try {
entityBundle = bundleDao.getTrustBundleByName(bundleName);
if (entityBundle == null)
return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error looking up bundle.", e);
return Response.serverError().cacheControl(noCache).build();
}
final String oldBundleURL = entityBundle.getBundleURL();
// if there is a signing certificate in the request, make sure it's valid
X509Certificate newSigningCert = null;
if (bundleData.getSigningCertificateData() != null) {
try {
newSigningCert = CertUtils.toX509Certificate(bundleData.getSigningCertificateData());
} catch (CertificateConversionException ex) {
log.error("Signing certificate is not in a valid format " + bundleName, ex);
return Response.status(Status.BAD_REQUEST).cacheControl(noCache).build();
}
}
// update the bundle
try {
bundleDao.updateTrustBundleAttributes(
entityBundle.getId(),
bundleData.getBundleName(),
bundleData.getBundleURL(),
newSigningCert,
bundleData.getRefreshInterval());
// if the URL changed, the bundle needs to be refreshed
if (bundleData.getBundleURL() != null
&& !bundleData.getBundleURL().isEmpty()
&& !oldBundleURL.equals(bundleData.getBundleURL())) {
entityBundle = bundleDao.getTrustBundleById(entityBundle.getId());
template.sendBody(entityBundle);
}
return Response.noContent().cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error updating trust bundle attributes.", e);
return Response.serverError().cacheControl(noCache).build();
}
}