From baaa87d10ff52a1a4b53a96b732cf0656907911e Mon Sep 17 00:00:00 2001
From: 3keyroman <46850604+3keyroman@users.noreply.github.com>
Date: Mon, 15 May 2023 14:44:50 +0200
Subject: [PATCH] Fix attributes handling and content type (#31)

---
 Dockerfile                                               | 4 ++--
 pom.xml                                                  | 2 +-
 .../keystore/service/impl/LocationServiceImpl.java       | 9 ++++++---
 3 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 7cd7045..58722ff 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -16,12 +16,12 @@ MAINTAINER CZERTAINLY <support@czertainly.com>
 # add non root user czertainly
 RUN addgroup --system --gid 10001 czertainly && adduser --system --home /opt/czertainly --uid 10001 --ingroup czertainly czertainly
 
-RUN mkdir ~/.ssh && touch ~/.ssh/known_hosts
-
 COPY --from=build /home/app/docker /
 COPY --from=build /home/app/target/*.jar /opt/czertainly/app.jar
 
 WORKDIR /opt/czertainly
+# this should be improved, user should defined known_hosts and it will be read-only
+RUN mkdir .ssh && touch .ssh/known_hosts && chown czertainly: .ssh/known_hosts && chmod 600 .ssh/known_hosts
 
 ENV JDBC_URL=
 ENV JDBC_USERNAME=
diff --git a/pom.xml b/pom.xml
index b3b858a..e7a8c8f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -24,7 +24,7 @@
         <dependency>
             <groupId>com.czertainly</groupId>
             <artifactId>interfaces</artifactId>
-            <version>2.7.0</version>
+            <version>2.7.2-SNAPSHOT</version>
         </dependency>
 
         <dependency>
diff --git a/src/main/java/com/czertainly/provider/entity/keystore/service/impl/LocationServiceImpl.java b/src/main/java/com/czertainly/provider/entity/keystore/service/impl/LocationServiceImpl.java
index a5e3afa..fd21a54 100644
--- a/src/main/java/com/czertainly/provider/entity/keystore/service/impl/LocationServiceImpl.java
+++ b/src/main/java/com/czertainly/provider/entity/keystore/service/impl/LocationServiceImpl.java
@@ -108,6 +108,7 @@ public LocationDetailResponseDto getLocationDetail(String entityUuid, LocationDe
             DataAttribute aliasAttribute = new DataAttribute();
             aliasAttribute.setName(AttributeConstants.ATTRIBUTE_ALIAS_NAME);
             aliasAttribute.setContent(List.of(new StringAttributeContent(cert.getAlias())));
+            aliasAttribute.setContentType(AttributeContentType.STRING);
             pushAttributes.add(aliasAttribute);
 
             certificateLocationDto.setPushAttributes(pushAttributes);
@@ -117,16 +118,19 @@ public LocationDetailResponseDto getLocationDetail(String entityUuid, LocationDe
                 DataAttribute subjectDnAttribute = new DataAttribute();
                 subjectDnAttribute.setName(AttributeConstants.ATTRIBUTE_DN_NAME);
                 subjectDnAttribute.setContent(List.of(new StringAttributeContent(cert.getCertificate().getSubjectDN().toString())));
+                subjectDnAttribute.setContentType(AttributeContentType.STRING);
                 csrAttributes.add(subjectDnAttribute);
 
                 PublicKey pubk = cert.getCertificate().getPublicKey();
                 DataAttribute keyAlgorithmAttribute = new DataAttribute();
                 keyAlgorithmAttribute.setName(AttributeConstants.ATTRIBUTE_KEY_ALG_NAME);
                 keyAlgorithmAttribute.setContent(List.of(new StringAttributeContent(pubk.getAlgorithm())));
+                keyAlgorithmAttribute.setContentType(AttributeContentType.STRING);
                 csrAttributes.add(keyAlgorithmAttribute);
 
                 DataAttribute keyLengthAttribute = new DataAttribute();
                 keyLengthAttribute.setName(AttributeConstants.ATTRIBUTE_KEY_SIZE_NAME);
+                keyLengthAttribute.setContentType(AttributeContentType.STRING);
                 if (pubk instanceof RSAPublicKey) {
                     RSAPublicKey rsaPubk = (RSAPublicKey) pubk;
                     keyLengthAttribute.setContent(List.of(new StringAttributeContent(String.valueOf(rsaPubk.getModulus().bitLength()))));
@@ -144,6 +148,7 @@ public LocationDetailResponseDto getLocationDetail(String entityUuid, LocationDe
                 DataAttribute signatureAlgorithmAttribute = new DataAttribute();
                 signatureAlgorithmAttribute.setName(AttributeConstants.ATTRIBUTE_SIG_ALG_NAME);
                 signatureAlgorithmAttribute.setContent(List.of(new StringAttributeContent(cert.getCertificate().getSigAlgName())));
+                signatureAlgorithmAttribute.setContentType(AttributeContentType.STRING);
                 csrAttributes.add(signatureAlgorithmAttribute);
 
                 // alias include
@@ -178,8 +183,6 @@ public PushCertificateResponseDto pushCertificateToLocation(String entityUuid, P
 
         PushCertificateResponseDto responseDto = new PushCertificateResponseDto();
 
-        responseDto.setCertificateMetadata(List.of(getAliasMetadata(alias)));
-
         String filename = "/tmp/" + generateRandomFilename();
 
         // let's check we have the certificate as input
@@ -216,7 +219,7 @@ public PushCertificateResponseDto pushCertificateToLocation(String entityUuid, P
             if (certs.isEmpty()) {
                 throw new LocationException(response);
             } else {
-                responseDto.setCertificateMetadata(List.of(getEntryTypeMetadata(certs.get(0).isKeyEntry())));
+                responseDto.setCertificateMetadata(List.of(getAliasMetadata(alias), getEntryTypeMetadata(certs.get(0).isKeyEntry())));
                 responseDto.setWithKey(certs.get(0).isKeyEntry());
             }