aboutsummaryrefslogtreecommitdiffstats
path: root/certService
diff options
context:
space:
mode:
authorMichal Banka <michal.banka@nokia.com>2020-03-23 15:03:10 +0100
committerMichal Banka <michal.banka@nokia.com>2020-03-24 12:45:53 +0100
commitc4047c754b96f63e5c7675969937967aa739bd2f (patch)
treedd00967d688b5984aa6a9a9b72380d9b633dab51 /certService
parent2d8221140ce7d57892e94bc87ada96a0900f9fcc (diff)
Add validation for uniqueness of CA names
Signed-off-by: Michal Banka <michal.banka@nokia.com> Change-Id: Icfa9ee0f78d360a4f640904bb9077a10f15497ed Issue-ID: AAF-1107
Diffstat (limited to 'certService')
-rw-r--r--certService/src/main/java/org/onap/aaf/certservice/certification/X509CertificateBuilder.java2
-rw-r--r--certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java9
-rw-r--r--certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServersConfigurationValidator.java (renamed from certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidator.java)26
-rw-r--r--certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoaderTest.java7
-rw-r--r--certService/src/test/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServersConfigurationValidatorTest.java (renamed from certService/src/test/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidatorTest.java)40
5 files changed, 65 insertions, 19 deletions
diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/X509CertificateBuilder.java b/certService/src/main/java/org/onap/aaf/certservice/certification/X509CertificateBuilder.java
index 70591759..5b24c653 100644
--- a/certService/src/main/java/org/onap/aaf/certservice/certification/X509CertificateBuilder.java
+++ b/certService/src/main/java/org/onap/aaf/certservice/certification/X509CertificateBuilder.java
@@ -38,7 +38,7 @@ public class X509CertificateBuilder {
private static final int SECURE_NEXT_BYTES = 16;
private static final int VALID_PERIOD_IN_DAYS = 365;
- public X509v3CertificateBuilder build(PKCS10CertificationRequest csr) throws IOException {
+ X509v3CertificateBuilder build(PKCS10CertificationRequest csr) throws IOException {
return new X509v3CertificateBuilder(csr.getSubject(), createSerial(),
Date.from(LocalDateTime.now().toInstant(ZoneOffset.UTC)),
Date.from(LocalDateTime.now().plusDays(VALID_PERIOD_IN_DAYS).toInstant(ZoneOffset.UTC)),
diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java
index 696ae564..101712e2 100644
--- a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java
+++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java
@@ -25,9 +25,10 @@ import java.io.File;
import java.io.IOException;
import java.security.InvalidParameterException;
import java.util.List;
+
import org.onap.aaf.certservice.certification.configuration.model.CmpServers;
import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server;
-import org.onap.aaf.certservice.certification.configuration.validation.Cmpv2ServerConfigurationValidator;
+import org.onap.aaf.certservice.certification.configuration.validation.Cmpv2ServersConfigurationValidator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
@@ -37,17 +38,17 @@ class CmpServersConfigLoader {
private static final String LOADING_EXCEPTION_MESSAGE = "Exception occurred during CMP Servers configuration loading";
private static final String VALIDATION_EXCEPTION_MESSAGE = "Validation of CMPv2 servers configuration failed";
- private final Cmpv2ServerConfigurationValidator validator;
+ private final Cmpv2ServersConfigurationValidator validator;
@Autowired
- CmpServersConfigLoader(Cmpv2ServerConfigurationValidator validator) {
+ CmpServersConfigLoader(Cmpv2ServersConfigurationValidator validator) {
this.validator = validator;
}
List<Cmpv2Server> load(String path) throws CmpServersConfigLoadingException {
try {
List<Cmpv2Server> servers = loadConfigFromFile(path).getCmpv2Servers();
- servers.forEach(validator::validate);
+ validator.validate(servers);
return servers;
} catch (IOException e) {
throw new CmpServersConfigLoadingException(LOADING_EXCEPTION_MESSAGE, e);
diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidator.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServersConfigurationValidator.java
index 736a65d1..3cf7fdf7 100644
--- a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidator.java
+++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServersConfigurationValidator.java
@@ -27,22 +27,42 @@ import org.springframework.stereotype.Service;
import javax.validation.ConstraintViolation;
import javax.validation.Validator;
import java.security.InvalidParameterException;
+import java.util.List;
import java.util.Set;
@Service
-public class Cmpv2ServerConfigurationValidator {
+public class Cmpv2ServersConfigurationValidator {
private final Validator validator;
@Autowired
- public Cmpv2ServerConfigurationValidator(Validator validator) {
+ public Cmpv2ServersConfigurationValidator(Validator validator) {
this.validator = validator;
}
- public void validate(Cmpv2Server serverDetails) {
+ public void validate(List<Cmpv2Server> servers) {
+ servers.forEach(this::validateServer);
+ validateUniqueCaNames(servers);
+ }
+
+ private void validateServer(Cmpv2Server serverDetails) {
Set<ConstraintViolation<Cmpv2Server>> violations = validator.validate(serverDetails);
if (!violations.isEmpty()) {
throw new InvalidParameterException(violations.toString());
}
}
+
+ private void validateUniqueCaNames(List<Cmpv2Server> servers) {
+ long distinctCAs = getNumberOfUniqueCaNames(servers);
+ if (servers.size() != distinctCAs) {
+ throw new InvalidParameterException("CA names are not unique within given CMPv2 servers");
+ }
+ }
+
+ private long getNumberOfUniqueCaNames(List<Cmpv2Server> servers) {
+ return servers.stream().map(Cmpv2Server::getCaName)
+ .distinct()
+ .count();
+ }
+
}
diff --git a/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoaderTest.java b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoaderTest.java
index 61970050..87964295 100644
--- a/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoaderTest.java
+++ b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoaderTest.java
@@ -39,7 +39,7 @@ import org.springframework.test.context.junit.jupiter.SpringExtension;
class CmpServersConfigLoaderTest {
private static final String EXISTING_CONFIG_FILENAME = "cmpServers.json";
private static final String INVALID_CONFIG_FILENAME = "invalidCmpServers.json";
- private static final String NONEXISTENT_CONFIG_FILENAME = "nonExisting_cmpServers.json";
+ private static final String NONEXISTENT_CONFIG_FILENAME = "nonExistingCmpServers.json";
private static final Map<String, String> EXPECTED_FIRST_CMP_SERVER = Map.of(
"CA_NAME", "TEST",
@@ -99,10 +99,11 @@ class CmpServersConfigLoaderTest {
// Then
assertThat(exception.getMessage()).contains("Validation of CMPv2 servers configuration failed");
+ assertThat(exception.getCause().getMessage()).contains("authentication");
}
- private String getResourcePath(String invalidConfigFilename) {
- return getClass().getClassLoader().getResource(invalidConfigFilename).getFile();
+ private String getResourcePath(String configFilename) {
+ return getClass().getClassLoader().getResource(configFilename).getFile();
}
private void verifyThatCmpServerEquals(Cmpv2Server cmpv2Server, Map<String, String> expected) {
diff --git a/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidatorTest.java b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServersConfigurationValidatorTest.java
index 1c021b43..6db77753 100644
--- a/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidatorTest.java
+++ b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServersConfigurationValidatorTest.java
@@ -20,8 +20,6 @@
package org.onap.aaf.certservice.certification.configuration.validation;
-import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
-import static org.junit.jupiter.api.Assertions.assertThrows;
import org.bouncycastle.asn1.x500.X500Name;
import org.junit.jupiter.api.BeforeEach;
@@ -35,28 +33,47 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit.jupiter.SpringExtension;
+import java.security.InvalidParameterException;
+import java.util.ArrayList;
+import java.util.List;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
@ExtendWith(SpringExtension.class)
@ContextConfiguration(classes = CertServiceApplication.class)
-class Cmpv2ServerConfigurationValidatorTest {
+class Cmpv2ServersConfigurationValidatorTest {
private static final String EMPTY_STRING = "";
@Autowired
- private Cmpv2ServerConfigurationValidator validator;
+ private Cmpv2ServersConfigurationValidator validator;
private Authentication authentication;
private Cmpv2Server server;
+ private List<Cmpv2Server> servers;
@BeforeEach
private void init() {
setAuthentication();
setServerConfiguration();
+ servers = new ArrayList<>();
+ servers.add(server);
}
@Test
- void shouldNotThrowExceptionWhenServerConfigurationIsValid() {
+ void shouldThrowExceptionWhenCaNamesAreNotUnique() {
+ // Given
+ servers.add(server);
+
+ // When
+ Exception exception = assertThrows(
+ InvalidParameterException.class,
+ () -> validator.validate(servers));
+
// Then
- assertDoesNotThrow(() -> validator.validate(server));
+ assertThat(exception.getMessage()).contains("CA names are not unique within given CMPv2 servers");
}
@Test
@@ -168,8 +185,14 @@ class Cmpv2ServerConfigurationValidatorTest {
assertExceptionIsThrown();
}
+ @Test
+ void shouldNotThrowExceptionWhenServerConfigurationIsValid() {
+ // Then
+ assertDoesNotThrow(() -> validator.validate(servers));
+ }
+
private void assertExceptionIsThrown() {
- assertThrows(IllegalArgumentException.class, () -> validator.validate(server));
+ assertThrows(IllegalArgumentException.class, () -> validator.validate(servers));
}
private void setServerConfiguration() {
@@ -186,4 +209,5 @@ class Cmpv2ServerConfigurationValidatorTest {
authentication.setRv("testRV");
authentication.setIak("testIAK");
}
-}
+
+} \ No newline at end of file