diff options
author | Michal Banka <michal.banka@nokia.com> | 2020-03-23 15:03:10 +0100 |
---|---|---|
committer | Michal Banka <michal.banka@nokia.com> | 2020-03-24 12:45:53 +0100 |
commit | c4047c754b96f63e5c7675969937967aa739bd2f (patch) | |
tree | dd00967d688b5984aa6a9a9b72380d9b633dab51 /certService/src/main/java | |
parent | 2d8221140ce7d57892e94bc87ada96a0900f9fcc (diff) |
Add validation for uniqueness of CA names
Signed-off-by: Michal Banka <michal.banka@nokia.com>
Change-Id: Icfa9ee0f78d360a4f640904bb9077a10f15497ed
Issue-ID: AAF-1107
Diffstat (limited to 'certService/src/main/java')
-rw-r--r-- | certService/src/main/java/org/onap/aaf/certservice/certification/X509CertificateBuilder.java | 2 | ||||
-rw-r--r-- | certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java | 9 | ||||
-rw-r--r-- | certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServersConfigurationValidator.java (renamed from certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidator.java) | 26 |
3 files changed, 29 insertions, 8 deletions
diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/X509CertificateBuilder.java b/certService/src/main/java/org/onap/aaf/certservice/certification/X509CertificateBuilder.java index 70591759..5b24c653 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/X509CertificateBuilder.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/X509CertificateBuilder.java @@ -38,7 +38,7 @@ public class X509CertificateBuilder { private static final int SECURE_NEXT_BYTES = 16; private static final int VALID_PERIOD_IN_DAYS = 365; - public X509v3CertificateBuilder build(PKCS10CertificationRequest csr) throws IOException { + X509v3CertificateBuilder build(PKCS10CertificationRequest csr) throws IOException { return new X509v3CertificateBuilder(csr.getSubject(), createSerial(), Date.from(LocalDateTime.now().toInstant(ZoneOffset.UTC)), Date.from(LocalDateTime.now().plusDays(VALID_PERIOD_IN_DAYS).toInstant(ZoneOffset.UTC)), diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java index 696ae564..101712e2 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java @@ -25,9 +25,10 @@ import java.io.File; import java.io.IOException; import java.security.InvalidParameterException; import java.util.List; + import org.onap.aaf.certservice.certification.configuration.model.CmpServers; import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server; -import org.onap.aaf.certservice.certification.configuration.validation.Cmpv2ServerConfigurationValidator; +import org.onap.aaf.certservice.certification.configuration.validation.Cmpv2ServersConfigurationValidator; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; @@ -37,17 +38,17 @@ class CmpServersConfigLoader { private static final String LOADING_EXCEPTION_MESSAGE = "Exception occurred during CMP Servers configuration loading"; private static final String VALIDATION_EXCEPTION_MESSAGE = "Validation of CMPv2 servers configuration failed"; - private final Cmpv2ServerConfigurationValidator validator; + private final Cmpv2ServersConfigurationValidator validator; @Autowired - CmpServersConfigLoader(Cmpv2ServerConfigurationValidator validator) { + CmpServersConfigLoader(Cmpv2ServersConfigurationValidator validator) { this.validator = validator; } List<Cmpv2Server> load(String path) throws CmpServersConfigLoadingException { try { List<Cmpv2Server> servers = loadConfigFromFile(path).getCmpv2Servers(); - servers.forEach(validator::validate); + validator.validate(servers); return servers; } catch (IOException e) { throw new CmpServersConfigLoadingException(LOADING_EXCEPTION_MESSAGE, e); diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidator.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServersConfigurationValidator.java index 736a65d1..3cf7fdf7 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidator.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServersConfigurationValidator.java @@ -27,22 +27,42 @@ import org.springframework.stereotype.Service; import javax.validation.ConstraintViolation; import javax.validation.Validator; import java.security.InvalidParameterException; +import java.util.List; import java.util.Set; @Service -public class Cmpv2ServerConfigurationValidator { +public class Cmpv2ServersConfigurationValidator { private final Validator validator; @Autowired - public Cmpv2ServerConfigurationValidator(Validator validator) { + public Cmpv2ServersConfigurationValidator(Validator validator) { this.validator = validator; } - public void validate(Cmpv2Server serverDetails) { + public void validate(List<Cmpv2Server> servers) { + servers.forEach(this::validateServer); + validateUniqueCaNames(servers); + } + + private void validateServer(Cmpv2Server serverDetails) { Set<ConstraintViolation<Cmpv2Server>> violations = validator.validate(serverDetails); if (!violations.isEmpty()) { throw new InvalidParameterException(violations.toString()); } } + + private void validateUniqueCaNames(List<Cmpv2Server> servers) { + long distinctCAs = getNumberOfUniqueCaNames(servers); + if (servers.size() != distinctCAs) { + throw new InvalidParameterException("CA names are not unique within given CMPv2 servers"); + } + } + + private long getNumberOfUniqueCaNames(List<Cmpv2Server> servers) { + return servers.stream().map(Cmpv2Server::getCaName) + .distinct() + .count(); + } + } |