aboutsummaryrefslogtreecommitdiffstats
path: root/certService/src/main
diff options
context:
space:
mode:
authorMichal Banka <michal.banka@nokia.com>2020-03-23 15:03:10 +0100
committerMichal Banka <michal.banka@nokia.com>2020-03-24 12:45:53 +0100
commitc4047c754b96f63e5c7675969937967aa739bd2f (patch)
treedd00967d688b5984aa6a9a9b72380d9b633dab51 /certService/src/main
parent2d8221140ce7d57892e94bc87ada96a0900f9fcc (diff)
Add validation for uniqueness of CA names
Signed-off-by: Michal Banka <michal.banka@nokia.com> Change-Id: Icfa9ee0f78d360a4f640904bb9077a10f15497ed Issue-ID: AAF-1107
Diffstat (limited to 'certService/src/main')
-rw-r--r--certService/src/main/java/org/onap/aaf/certservice/certification/X509CertificateBuilder.java2
-rw-r--r--certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java9
-rw-r--r--certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServersConfigurationValidator.java (renamed from certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidator.java)26
3 files changed, 29 insertions, 8 deletions
diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/X509CertificateBuilder.java b/certService/src/main/java/org/onap/aaf/certservice/certification/X509CertificateBuilder.java
index 70591759..5b24c653 100644
--- a/certService/src/main/java/org/onap/aaf/certservice/certification/X509CertificateBuilder.java
+++ b/certService/src/main/java/org/onap/aaf/certservice/certification/X509CertificateBuilder.java
@@ -38,7 +38,7 @@ public class X509CertificateBuilder {
private static final int SECURE_NEXT_BYTES = 16;
private static final int VALID_PERIOD_IN_DAYS = 365;
- public X509v3CertificateBuilder build(PKCS10CertificationRequest csr) throws IOException {
+ X509v3CertificateBuilder build(PKCS10CertificationRequest csr) throws IOException {
return new X509v3CertificateBuilder(csr.getSubject(), createSerial(),
Date.from(LocalDateTime.now().toInstant(ZoneOffset.UTC)),
Date.from(LocalDateTime.now().plusDays(VALID_PERIOD_IN_DAYS).toInstant(ZoneOffset.UTC)),
diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java
index 696ae564..101712e2 100644
--- a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java
+++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java
@@ -25,9 +25,10 @@ import java.io.File;
import java.io.IOException;
import java.security.InvalidParameterException;
import java.util.List;
+
import org.onap.aaf.certservice.certification.configuration.model.CmpServers;
import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server;
-import org.onap.aaf.certservice.certification.configuration.validation.Cmpv2ServerConfigurationValidator;
+import org.onap.aaf.certservice.certification.configuration.validation.Cmpv2ServersConfigurationValidator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
@@ -37,17 +38,17 @@ class CmpServersConfigLoader {
private static final String LOADING_EXCEPTION_MESSAGE = "Exception occurred during CMP Servers configuration loading";
private static final String VALIDATION_EXCEPTION_MESSAGE = "Validation of CMPv2 servers configuration failed";
- private final Cmpv2ServerConfigurationValidator validator;
+ private final Cmpv2ServersConfigurationValidator validator;
@Autowired
- CmpServersConfigLoader(Cmpv2ServerConfigurationValidator validator) {
+ CmpServersConfigLoader(Cmpv2ServersConfigurationValidator validator) {
this.validator = validator;
}
List<Cmpv2Server> load(String path) throws CmpServersConfigLoadingException {
try {
List<Cmpv2Server> servers = loadConfigFromFile(path).getCmpv2Servers();
- servers.forEach(validator::validate);
+ validator.validate(servers);
return servers;
} catch (IOException e) {
throw new CmpServersConfigLoadingException(LOADING_EXCEPTION_MESSAGE, e);
diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidator.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServersConfigurationValidator.java
index 736a65d1..3cf7fdf7 100644
--- a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidator.java
+++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServersConfigurationValidator.java
@@ -27,22 +27,42 @@ import org.springframework.stereotype.Service;
import javax.validation.ConstraintViolation;
import javax.validation.Validator;
import java.security.InvalidParameterException;
+import java.util.List;
import java.util.Set;
@Service
-public class Cmpv2ServerConfigurationValidator {
+public class Cmpv2ServersConfigurationValidator {
private final Validator validator;
@Autowired
- public Cmpv2ServerConfigurationValidator(Validator validator) {
+ public Cmpv2ServersConfigurationValidator(Validator validator) {
this.validator = validator;
}
- public void validate(Cmpv2Server serverDetails) {
+ public void validate(List<Cmpv2Server> servers) {
+ servers.forEach(this::validateServer);
+ validateUniqueCaNames(servers);
+ }
+
+ private void validateServer(Cmpv2Server serverDetails) {
Set<ConstraintViolation<Cmpv2Server>> violations = validator.validate(serverDetails);
if (!violations.isEmpty()) {
throw new InvalidParameterException(violations.toString());
}
}
+
+ private void validateUniqueCaNames(List<Cmpv2Server> servers) {
+ long distinctCAs = getNumberOfUniqueCaNames(servers);
+ if (servers.size() != distinctCAs) {
+ throw new InvalidParameterException("CA names are not unique within given CMPv2 servers");
+ }
+ }
+
+ private long getNumberOfUniqueCaNames(List<Cmpv2Server> servers) {
+ return servers.stream().map(Cmpv2Server::getCaName)
+ .distinct()
+ .count();
+ }
+
}