diff options
author | Michal Banka <michal.banka@nokia.com> | 2020-03-17 16:46:56 +0100 |
---|---|---|
committer | Michal Banka <michal.banka@nokia.com> | 2020-03-18 11:30:45 +0100 |
commit | 8252e258b55d09a389a37d9880b97f16fd4d9275 (patch) | |
tree | 3cf2856ce20c3b4278e552090ba88584a6a4dfa7 /certService/src/main/java/org/onap/aaf/certservice/certification | |
parent | c85a8965e876fde2089582a6468eb02ce18bafd5 (diff) |
Remove CSRMeta class dependency
Signed-off-by: Michal Banka <michal.banka@nokia.com>
Change-Id: If3458612629dd84f95bf9ba1e0778e65696bb13d
Issue-ID: AAF-1107
Diffstat (limited to 'certService/src/main/java/org/onap/aaf/certservice/certification')
3 files changed, 8 insertions, 99 deletions
diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/Cmpv2ClientAdapter.java b/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/Cmpv2ClientAdapter.java index c9e61b02..2477c421 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/Cmpv2ClientAdapter.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/Cmpv2ClientAdapter.java @@ -29,6 +29,7 @@ import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import java.util.List; import java.util.stream.Collectors; + import org.bouncycastle.cert.X509CertificateHolder; import org.bouncycastle.cert.X509v3CertificateBuilder; import org.bouncycastle.openssl.jcajce.JcaMiscPEMGenerator; @@ -54,17 +55,15 @@ public class Cmpv2ClientAdapter { private static final Logger LOGGER = LoggerFactory.getLogger(Cmpv2ClientAdapter.class); private final CmpClient cmpClient; - private final CsrMetaBuilder csrMetaBuilder; private final RsaContentSignerBuilder rsaContentSignerBuilder; private final X509CertificateBuilder x509CertificateBuilder; private final CertificateFactoryProvider certificateFactoryProvider; @Autowired - public Cmpv2ClientAdapter(CmpClient cmpClient, CsrMetaBuilder csrMetaBuilder, - RsaContentSignerBuilder rsaContentSignerBuilder, X509CertificateBuilder x509CertificateBuilder, + public Cmpv2ClientAdapter(CmpClient cmpClient, RsaContentSignerBuilder rsaContentSignerBuilder, + X509CertificateBuilder x509CertificateBuilder, CertificateFactoryProvider certificateFactoryProvider) { this.cmpClient = cmpClient; - this.csrMetaBuilder = csrMetaBuilder; this.rsaContentSignerBuilder = rsaContentSignerBuilder; this.x509CertificateBuilder = x509CertificateBuilder; this.certificateFactoryProvider = certificateFactoryProvider; @@ -82,7 +81,7 @@ public class Cmpv2ClientAdapter { public CertificationModel callCmpClient(CsrModel csrModel, Cmpv2Server server) throws CmpClientException, Cmpv2ClientAdapterException { List<List<X509Certificate>> certificates = cmpClient.createCertificate(server.getCaName(), - server.getCaMode().getProfile(), csrMetaBuilder.build(csrModel, server), + server.getCaMode().getProfile(), csrModel, server, convertCsrToX509Certificate(csrModel.getCsr(), csrModel.getPrivateKey())); return new CertificationModel(convertFromX509CertificateListToPemList(certificates.get(0)), convertFromX509CertificateListToPemList(certificates.get(1))); @@ -106,7 +105,7 @@ public class Cmpv2ClientAdapter { ContentSigner signer = rsaContentSignerBuilder.build(csr, privateKey); X509CertificateHolder holder = certificateGenerator.build(signer); return certificateFactoryProvider - .generateCertificate(new ByteArrayInputStream(holder.toASN1Structure().getEncoded())); + .generateCertificate(new ByteArrayInputStream(holder.toASN1Structure().getEncoded())); } catch (IOException | CertificateException | OperatorCreationException | NoSuchProviderException e) { throw new Cmpv2ClientAdapterException(e); } @@ -114,7 +113,7 @@ public class Cmpv2ClientAdapter { private List<String> convertFromX509CertificateListToPemList(List<X509Certificate> certificates) { return certificates.stream().map(this::convertFromX509CertificateToPem).filter(cert -> !cert.isEmpty()) - .collect(Collectors.toList()); + .collect(Collectors.toList()); } } diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/CsrMetaBuilder.java b/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/CsrMetaBuilder.java deleted file mode 100644 index cf35efa1..00000000 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/CsrMetaBuilder.java +++ /dev/null @@ -1,90 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * Cert Service - * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.aaf.certservice.certification.adapter; - -import java.security.KeyPair; -import java.util.Arrays; -import java.util.Optional; -import java.util.stream.Collectors; - -import org.bouncycastle.asn1.x500.AttributeTypeAndValue; -import org.bouncycastle.asn1.x500.style.BCStyle; -import org.bouncycastle.asn1.x500.style.IETFUtils; -import org.bouncycastle.cert.CertException; -import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server; -import org.onap.aaf.certservice.certification.model.CsrModel; -import org.onap.aaf.certservice.cmpv2client.external.CsrMeta; -import org.onap.aaf.certservice.cmpv2client.external.Rdn; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.stereotype.Component; - -@Component -class CsrMetaBuilder { - - private static final Logger LOGGER = LoggerFactory.getLogger(CsrMetaBuilder.class); - - /** - * Creates CSRMeta from CsrModel and Cmpv2Server - * - * @param csrModel Certificate Signing Request from Service external API - * @param server Cmp Server configuration from cmpServers.json - * @return AAF native model for CSR metadata - */ - CsrMeta build(CsrModel csrModel, Cmpv2Server server) { - CsrMeta csrMeta = createCsrMeta(csrModel); - addSans(csrModel, csrMeta); - csrMeta.setKeyPair(new KeyPair(csrModel.getPublicKey(), csrModel.getPrivateKey())); - csrMeta.setPassword(server.getAuthentication().getIak()); - csrMeta.setIssuerName(server.getIssuerDN()); - csrMeta.setCaUrl(server.getUrl()); - csrMeta.setName(csrModel.getSubjectData()); - csrMeta.setSenderKid(server.getAuthentication().getRv()); - return csrMeta; - } - - private CsrMeta createCsrMeta(CsrModel csrModel) { - return new CsrMeta((Arrays.stream(csrModel.getSubjectData().getRDNs()).map(this::convertFromBcRdn) - .filter(Optional::isPresent).map(Optional::get).collect(Collectors.toList()))); - } - - private void addSans(CsrModel csrModel, CsrMeta csrMeta) { - csrModel.getSans().forEach(csrMeta::addSan); - } - - private Optional<Rdn> convertFromBcRdn(org.bouncycastle.asn1.x500.RDN rdn) { - Rdn result = null; - try { - result = convertRdn(rdn); - } catch (CertException e) { - LOGGER.error("Exception occurred during convert of RDN", e); - } - return Optional.ofNullable(result); - } - - private Rdn convertRdn(org.bouncycastle.asn1.x500.RDN rdn) throws CertException { - AttributeTypeAndValue rdnData = rdn.getFirst(); - String tag = BCStyle.INSTANCE.oidToDisplayName(rdnData.getType()); - String value = IETFUtils.valueToString(rdnData.getValue()); - return new Rdn(tag, value); - } - -} diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/model/CsrModel.java b/certService/src/main/java/org/onap/aaf/certservice/certification/model/CsrModel.java index a29658f4..d81da10a 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/model/CsrModel.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/model/CsrModel.java @@ -55,8 +55,8 @@ public class CsrModel { private final PublicKey publicKey; private final List<String> sans; - CsrModel(PKCS10CertificationRequest csr, X500Name subjectData, PrivateKey privateKey, PublicKey publicKey, - List<String> sans) { + public CsrModel(PKCS10CertificationRequest csr, X500Name subjectData, PrivateKey privateKey, PublicKey publicKey, + List<String> sans) { this.csr = csr; this.subjectData = subjectData; this.privateKey = privateKey; |