diff options
author | Joanna Jeremicz <joanna.jeremicz@nokia.com> | 2020-06-17 10:48:20 +0200 |
---|---|---|
committer | Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> | 2020-06-18 12:39:07 +0200 |
commit | 212038b654728b79aa647e08da2562484c63c883 (patch) | |
tree | 56d0ddea09c5bcea18553b9cd0c3773f9270564d /certServiceClient/src/main | |
parent | 04d9cae7bf2a54a8bb05cb36ca54d4555987903e (diff) |
Add PEM artifacts creation
with unit tests
Issue-ID: AAF-1152
Change-Id: I95afd62330f3111f916507d628d142262ff951cc
Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com>
Diffstat (limited to 'certServiceClient/src/main')
8 files changed, 194 insertions, 106 deletions
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitStatus.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitStatus.java index 78ecc778..6e91fe84 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitStatus.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitStatus.java @@ -29,7 +29,8 @@ public enum ExitStatus { HTTP_CLIENT_EXCEPTION(6,"Internal HTTP Client connection problem"), PKCS12_CONVERSION_EXCEPTION(7,"Fail in PKCS12 conversion"), PK_TO_PEM_ENCODING_EXCEPTION(8,"Fail in Private Key to PEM Encoding"), - TLS_CONFIGURATION_EXCEPTION(9, "Invalid TLS configuration"); + TLS_CONFIGURATION_EXCEPTION(9, "Invalid TLS configuration"), + FILE_CREATION_EXCEPTION(10, "File could not be created"); private final int value; private final String message; diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java index 4ed86a4d..dd4df73b 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java @@ -18,42 +18,37 @@ */ package org.onap.aaf.certservice.client.certification.conversion; +import org.onap.aaf.certservice.client.certification.PrivateKeyToPemEncoder; +import org.onap.aaf.certservice.client.certification.writer.CertFileWriter; + public enum ArtifactsCreatorProvider { - P12("P12") { + P12 { @Override - ArtifactsCreator create(String outputPath) { + ArtifactsCreator create(String destPath) { return new PKCS12ArtifactsCreator( - new PKCS12FilesCreator(outputPath), + new CertFileWriter(destPath), new RandomPasswordGenerator(), new PemToPKCS12Converter()); } }, - JKS("JKS") { + JKS { @Override - ArtifactsCreator create(String outputPath) { + ArtifactsCreator create(String destPath) { return null; } }, - PEM("PEM") { + PEM { @Override - ArtifactsCreator create(String outputPath) { - return null; + ArtifactsCreator create(String destPath) { + return new PemArtifactsCreator( + new CertFileWriter(destPath), + new PrivateKeyToPemEncoder()); } }; - private final String name; - - ArtifactsCreatorProvider(String name) { - this.name = name; - } - - public static ArtifactsCreator getCreator(String outputType, String outputPath) { - return valueOf(outputType).create(outputPath); - } - - public String getName() { - return name; + public static ArtifactsCreator getCreator(String outputType, String destPath) { + return valueOf(outputType).create(destPath); } - abstract ArtifactsCreator create(String outputPath); + abstract ArtifactsCreator create(String destPath); } diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PKCS12ArtifactsCreator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PKCS12ArtifactsCreator.java index c07dfd11..c1e7c1c8 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PKCS12ArtifactsCreator.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PKCS12ArtifactsCreator.java @@ -21,41 +21,61 @@ package org.onap.aaf.certservice.client.certification.conversion; import java.security.PrivateKey; import java.util.List; +import org.onap.aaf.certservice.client.certification.exception.CertFileWriterException; import org.onap.aaf.certservice.client.certification.exception.PemToPKCS12ConverterException; +import org.onap.aaf.certservice.client.certification.writer.CertFileWriter; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; public class PKCS12ArtifactsCreator implements ArtifactsCreator { + private static final Logger LOGGER = LoggerFactory.getLogger(PKCS12ArtifactsCreator.class); private static final String CERTIFICATE_ALIAS = "certificate"; private static final String TRUSTED_CERTIFICATE_ALIAS = "trusted-certificate-"; private static final int PASSWORD_LENGTH = 24; + private static final String KEYSTORE_P12 = "keystore.p12"; + private static final String KEYSTORE_PASS = "keystore.pass"; + private static final String TRUSTSTORE_P12 = "truststore.p12"; + private static final String TRUSTSTORE_PASS = "truststore.pass"; private final RandomPasswordGenerator generator; private final PemToPKCS12Converter converter; - private final PKCS12FilesCreator creator; + private final CertFileWriter writer; - public PKCS12ArtifactsCreator(PKCS12FilesCreator creator, RandomPasswordGenerator generator, + public PKCS12ArtifactsCreator(CertFileWriter writer, RandomPasswordGenerator generator, PemToPKCS12Converter converter) { this.generator = generator; this.converter = converter; - this.creator = creator; + this.writer = writer; } @Override - public void create(List<String> keystoreData, List<String> truststoreData, PrivateKey privateKey) throws PemToPKCS12ConverterException { + public void create(List<String> keystoreData, List<String> truststoreData, PrivateKey privateKey) + throws PemToPKCS12ConverterException, CertFileWriterException { createKeystore(keystoreData,privateKey); createTruststore(truststoreData); } private void createKeystore(List<String> data, PrivateKey privateKey) - throws PemToPKCS12ConverterException { + throws PemToPKCS12ConverterException, CertFileWriterException { Password password = generator.generate(PASSWORD_LENGTH); - creator.saveKeystoreData(converter.convertKeystore(data, password, CERTIFICATE_ALIAS, privateKey), - password.getCurrentPassword()); + + LOGGER.debug("Attempt to create PKCS12 keystore files and saving data. File names: {}, {}", KEYSTORE_P12, KEYSTORE_PASS); + + writer.saveData(converter.convertKeystore(data, password, CERTIFICATE_ALIAS, privateKey), KEYSTORE_P12); + writer.saveData(getPasswordAsBytes(password), KEYSTORE_PASS); } private void createTruststore(List<String> data) - throws PemToPKCS12ConverterException { + throws PemToPKCS12ConverterException, CertFileWriterException { Password password = generator.generate(PASSWORD_LENGTH); - creator.saveTruststoreData(converter.convertTruststore(data, password, TRUSTED_CERTIFICATE_ALIAS), - password.getCurrentPassword()); + + LOGGER.debug("Attempt to create PKCS12 truststore files and saving data. File names: {}, {}", TRUSTSTORE_P12, TRUSTSTORE_PASS); + + writer.saveData(converter.convertTruststore(data, password, TRUSTED_CERTIFICATE_ALIAS), TRUSTSTORE_P12); + writer.saveData(getPasswordAsBytes(password), TRUSTSTORE_PASS); + } + + private byte[] getPasswordAsBytes(Password password) { + return password.getCurrentPassword().getBytes(); } } diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PKCS12FilesCreator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PKCS12FilesCreator.java deleted file mode 100644 index 9b0cfb78..00000000 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PKCS12FilesCreator.java +++ /dev/null @@ -1,73 +0,0 @@ -/*============LICENSE_START======================================================= - * aaf-certservice-client - * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.aaf.certservice.client.certification.conversion; - -import java.io.FileOutputStream; -import java.io.IOException; -import java.nio.file.Path; - -import org.onap.aaf.certservice.client.certification.exception.PemToPKCS12ConverterException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -class PKCS12FilesCreator { - - private static final Logger LOGGER = LoggerFactory.getLogger(PKCS12FilesCreator.class); - private static final String KEYSTORE_JKS = "keystore.jks"; - private static final String KEYSTORE_PASS = "keystore.pass"; - private static final String TRUSTSTORE_JKS = "truststore.jks"; - private static final String TRUSTSTORE_PASS = "truststore.pass"; - private final String keystoreJksPath; - private final String keystorePassPath; - private final String truststoreJksPath; - private final String truststorePassPath; - - - PKCS12FilesCreator(String path) { - keystoreJksPath = Path.of(path, KEYSTORE_JKS).toString(); - keystorePassPath = Path.of(path, KEYSTORE_PASS).toString(); - truststoreJksPath = Path.of(path, TRUSTSTORE_JKS).toString(); - truststorePassPath = Path.of(path, TRUSTSTORE_PASS).toString(); - } - - void saveKeystoreData(byte[] keystoreData, String keystorePassword) throws PemToPKCS12ConverterException { - LOGGER.debug("Attempt to create PKCS12 keystore files and saving data. Keystore path: {}", keystoreJksPath); - - saveDataToLocation(keystoreData, keystoreJksPath); - saveDataToLocation(keystorePassword.getBytes(), keystorePassPath); - } - - void saveTruststoreData(byte[] truststoreData, String truststorePassword) - throws PemToPKCS12ConverterException { - LOGGER.debug("Attempt to create PKCS12 truststore files and saving data. Truststore path: {}", truststoreJksPath); - - saveDataToLocation(truststoreData, truststoreJksPath); - saveDataToLocation(truststorePassword.getBytes(), truststorePassPath); - } - - private void saveDataToLocation(byte[] data, String path) throws PemToPKCS12ConverterException { - try (FileOutputStream fos = new FileOutputStream(path)) { - fos.write(data); - } catch (IOException e) { - LOGGER.error("PKCS12 files creation failed, exception message: {}", e.getMessage()); - throw new PemToPKCS12ConverterException(e); - } - } -} diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemArtifactsCreator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemArtifactsCreator.java new file mode 100644 index 00000000..7a4cbfa9 --- /dev/null +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemArtifactsCreator.java @@ -0,0 +1,62 @@ +/*============LICENSE_START======================================================= + * aaf-certservice-client + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aaf.certservice.client.certification.conversion; + +import java.security.PrivateKey; +import java.util.List; +import org.onap.aaf.certservice.client.certification.PrivateKeyToPemEncoder; +import org.onap.aaf.certservice.client.certification.exception.CertFileWriterException; +import org.onap.aaf.certservice.client.certification.exception.PkEncodingException; +import org.onap.aaf.certservice.client.certification.writer.CertFileWriter; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class PemArtifactsCreator implements ArtifactsCreator { + private static final Logger LOGGER = LoggerFactory.getLogger(PemArtifactsCreator.class); + + private static final String KEY_PEM = "key.pem"; + private static final String KEYSTORE_PEM = "keystore.pem"; + private static final String TRUSTSTORE_PEM = "truststore.pem"; + + private final CertFileWriter writer; + private final PrivateKeyToPemEncoder pkEncoder; + + public PemArtifactsCreator(CertFileWriter writer, PrivateKeyToPemEncoder pkEncoder) { + this.writer = writer; + this.pkEncoder = pkEncoder; + } + + @Override + public void create(List<String> keystoreData, List<String> truststoreData, PrivateKey privateKey) + throws PkEncodingException, CertFileWriterException { + LOGGER.debug("Attempt to create PEM private key file and saving data. File name: {}", KEY_PEM); + writer.saveData(pkEncoder.encodePrivateKeyToPem(privateKey).getBytes(), KEY_PEM); + + LOGGER.debug("Attempt to create PEM keystore file and saving data. File name: {}", KEYSTORE_PEM); + writer.saveData(getDataAsBytes(keystoreData), KEYSTORE_PEM); + + LOGGER.debug("Attempt to create PEM truststore file and saving data. File name: {}", TRUSTSTORE_PEM); + writer.saveData(getDataAsBytes(truststoreData), TRUSTSTORE_PEM); + } + + private byte[] getDataAsBytes(List<String> data) { + return String.join("\n", data).getBytes(); + } +} diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/CertFileWriterException.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/CertFileWriterException.java new file mode 100644 index 00000000..e723ca11 --- /dev/null +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/CertFileWriterException.java @@ -0,0 +1,35 @@ +/*============LICENSE_START======================================================= + * aaf-certservice-client + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aaf.certservice.client.certification.exception; + +import org.onap.aaf.certservice.client.api.ExitStatus; +import org.onap.aaf.certservice.client.api.ExitableException; + +public class CertFileWriterException extends ExitableException { + + public CertFileWriterException(Throwable e) { + super(e); + } + + @Override + public ExitStatus applicationExitStatus() { + return ExitStatus.FILE_CREATION_EXCEPTION; + } +} diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/writer/CertFileWriter.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/writer/CertFileWriter.java new file mode 100644 index 00000000..400c0b72 --- /dev/null +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/writer/CertFileWriter.java @@ -0,0 +1,48 @@ +/*============LICENSE_START======================================================= + * aaf-certservice-client + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aaf.certservice.client.certification.writer; + +import java.io.FileOutputStream; +import java.io.IOException; + +import java.nio.file.Path; +import org.onap.aaf.certservice.client.certification.exception.CertFileWriterException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class CertFileWriter { + + private static final Logger LOGGER = LoggerFactory.getLogger(CertFileWriter.class); + private final String destPath; + + public CertFileWriter(String destPath) { + this.destPath = destPath; + } + +public void saveData(byte[] data, String filename) throws CertFileWriterException { + LOGGER.debug("Attempt to save file {} in path {}", filename, destPath); + try (FileOutputStream outputStream = new FileOutputStream(Path.of(destPath, filename).toString())) { + outputStream.write(data); + } catch (IOException e) { + LOGGER.error("File creation failed, exception message: {}", e.getMessage()); + throw new CertFileWriterException(e); + } + } +} diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/configuration/factory/AbstractConfigurationFactory.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/configuration/factory/AbstractConfigurationFactory.java index 70faa6b4..a54c9263 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/configuration/factory/AbstractConfigurationFactory.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/configuration/factory/AbstractConfigurationFactory.java @@ -59,7 +59,7 @@ public abstract class AbstractConfigurationFactory<T extends ConfigurationModel> public boolean isOutputTypeValid(String outputType) { return Arrays.stream(ArtifactsCreatorProvider.values()) - .map(ArtifactsCreatorProvider::getName) + .map(ArtifactsCreatorProvider::toString) .anyMatch(name -> name.equals(outputType)); } |