Add creation JKS artifact

Issue-ID: AAF-1152 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I8b38dc07ddbf6758e0c4c036100572b350dceab9
author: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> 2020-06-17 14:54:51 +0200
committer: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> 2020-06-19 10:13:08 +0200
commit: 0b278343630c1e3c7c92b3e5094570748692666e (patch)
tree: 7f859bedb889dfb46685e7ea71865fb3f62aff31 /certServiceClient/src/main
parent: 212038b654728b79aa647e08da2562484c63c883 (diff)
6 files changed, 113 insertions, 60 deletions
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitStatus.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitStatus.java
index 6e91fe84..1d321688 100644
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitStatus.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitStatus.java
@@ -27,7 +27,7 @@ public enum ExitStatus {
     CSR_GENERATION_EXCEPTION(4,"Fail in CSR generation"),
     CERT_SERVICE_API_CONNECTION_EXCEPTION(5,"CertService HTTP unsuccessful response"),
     HTTP_CLIENT_EXCEPTION(6,"Internal HTTP Client connection problem"),
-    PKCS12_CONVERSION_EXCEPTION(7,"Fail in PKCS12 conversion"),
+    PEM_CONVERSION_EXCEPTION(7,"Fail in PEM conversion"),
     PK_TO_PEM_ENCODING_EXCEPTION(8,"Fail in Private Key to PEM Encoding"),
     TLS_CONFIGURATION_EXCEPTION(9, "Invalid TLS configuration"),
     FILE_CREATION_EXCEPTION(10, "File could not be created");
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java
index dd4df73b..d3d8a11b 100644
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java
@@ -22,33 +22,40 @@ import org.onap.aaf.certservice.client.certification.PrivateKeyToPemEncoder;
 import org.onap.aaf.certservice.client.certification.writer.CertFileWriter;
 
 public enum ArtifactsCreatorProvider {
-    P12 {
+    P12("PKCS12") {
         @Override
         ArtifactsCreator create(String destPath) {
-            return new PKCS12ArtifactsCreator(
-                    new CertFileWriter(destPath),
-                    new RandomPasswordGenerator(),
-                    new PemToPKCS12Converter());
+            return ConvertedArtifactsCreatorFactory.createConverter(destPath, getExtension(), getKeyStoreType());
         }
     },
-    JKS {
+    JKS("JKS") {
         @Override
         ArtifactsCreator create(String destPath) {
-            return null;
+            return ConvertedArtifactsCreatorFactory.createConverter(destPath, getExtension(), getKeyStoreType());
         }
     },
-    PEM {
+    PEM("PEM"){
         @Override
         ArtifactsCreator create(String destPath) {
-            return new PemArtifactsCreator(
-                    new CertFileWriter(destPath),
-                    new PrivateKeyToPemEncoder());
+            return new PemArtifactsCreator(new CertFileWriter(destPath), new PrivateKeyToPemEncoder());
         }
     };
+    private final String keyStoreType;
+    ArtifactsCreatorProvider(String keyStoreType) {
+        this.keyStoreType = keyStoreType;
+    }
 
     public static ArtifactsCreator getCreator(String outputType, String destPath) {
         return valueOf(outputType).create(destPath);
     }
 
+    String getKeyStoreType() {
+        return keyStoreType;
+    }
+
+    String getExtension() {
+        return this.toString().toLowerCase();
+    }
+
     abstract ArtifactsCreator create(String destPath);
 }
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PKCS12ArtifactsCreator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreator.java
index c1e7c1c8..4e300074 100644
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PKCS12ArtifactsCreator.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreator.java
@@ -22,57 +22,63 @@ package org.onap.aaf.certservice.client.certification.conversion;
 import java.security.PrivateKey;
 import java.util.List;
 import org.onap.aaf.certservice.client.certification.exception.CertFileWriterException;
-import org.onap.aaf.certservice.client.certification.exception.PemToPKCS12ConverterException;
+import org.onap.aaf.certservice.client.certification.exception.PemConversionException;
 import org.onap.aaf.certservice.client.certification.writer.CertFileWriter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-public class PKCS12ArtifactsCreator implements ArtifactsCreator {
+public class ConvertedArtifactsCreator implements ArtifactsCreator {
 
-    private static final Logger LOGGER = LoggerFactory.getLogger(PKCS12ArtifactsCreator.class);
+    private static final Logger LOGGER = LoggerFactory.getLogger(ConvertedArtifactsCreator.class);
     private static final String CERTIFICATE_ALIAS = "certificate";
     private static final String TRUSTED_CERTIFICATE_ALIAS = "trusted-certificate-";
     private static final int PASSWORD_LENGTH = 24;
-    private static final String KEYSTORE_P12 = "keystore.p12";
-    private static final String KEYSTORE_PASS = "keystore.pass";
-    private static final String TRUSTSTORE_P12 = "truststore.p12";
-    private static final String TRUSTSTORE_PASS = "truststore.pass";
-    private final RandomPasswordGenerator generator;
-    private final PemToPKCS12Converter converter;
-    private final CertFileWriter writer;
+    private static final String PASS_EXT = "pass";
+    private static final String KEYSTORE = "keystore";
+    private static final String TRUSTSTORE = "truststore";
 
-    public PKCS12ArtifactsCreator(CertFileWriter writer, RandomPasswordGenerator generator,
-                                  PemToPKCS12Converter converter) {
-        this.generator = generator;
+    private final String fileExtension;
+    private final RandomPasswordGenerator passwordGenerator;
+    private final PemConverter converter;
+    private final CertFileWriter fileWriter;
+
+    public ConvertedArtifactsCreator(CertFileWriter fileWriter, RandomPasswordGenerator passwordGenerator,
+                                     PemConverter converter, String fileExtension) {
+        this.passwordGenerator = passwordGenerator;
         this.converter = converter;
-        this.writer = writer;
+        this.fileWriter = fileWriter;
+        this.fileExtension = fileExtension;
     }
 
     @Override
     public void create(List<String> keystoreData, List<String> truststoreData, PrivateKey privateKey)
-        throws PemToPKCS12ConverterException, CertFileWriterException {
+        throws PemConversionException, CertFileWriterException {
         createKeystore(keystoreData,privateKey);
         createTruststore(truststoreData);
     }
 
     private void createKeystore(List<String> data, PrivateKey privateKey)
-        throws PemToPKCS12ConverterException, CertFileWriterException {
-        Password password = generator.generate(PASSWORD_LENGTH);
+        throws PemConversionException, CertFileWriterException {
+        Password password = passwordGenerator.generate(PASSWORD_LENGTH);
+        String keystoreArtifactName = String.format("%s.%s", KEYSTORE, fileExtension);
+        String keystorePass = String.format("%s.%s", KEYSTORE, PASS_EXT);
 
-        LOGGER.debug("Attempt to create PKCS12 keystore files and saving data. File names: {}, {}", KEYSTORE_P12, KEYSTORE_PASS);
+        LOGGER.debug("Attempt to create keystore files and saving data. File names: {}, {}", keystoreArtifactName, keystorePass);
 
-        writer.saveData(converter.convertKeystore(data, password, CERTIFICATE_ALIAS, privateKey), KEYSTORE_P12);
-        writer.saveData(getPasswordAsBytes(password), KEYSTORE_PASS);
+        fileWriter.saveData(converter.convertKeystore(data, password, CERTIFICATE_ALIAS, privateKey), keystoreArtifactName);
+        fileWriter.saveData(getPasswordAsBytes(password), keystorePass);
     }
 
     private void createTruststore(List<String> data)
-        throws PemToPKCS12ConverterException, CertFileWriterException {
-        Password password = generator.generate(PASSWORD_LENGTH);
+        throws PemConversionException, CertFileWriterException {
+        Password password = passwordGenerator.generate(PASSWORD_LENGTH);
+        String truststoreArtifactName = String.format("%s.%s", TRUSTSTORE, fileExtension);
+        String truststorePass = String.format("%s.%s", TRUSTSTORE, PASS_EXT);
 
-        LOGGER.debug("Attempt to create PKCS12 truststore files and saving data. File names: {}, {}", TRUSTSTORE_P12, TRUSTSTORE_PASS);
+        LOGGER.debug("Attempt to create truststore files and saving data. File names: {}, {}", truststoreArtifactName, truststorePass);
 
-        writer.saveData(converter.convertTruststore(data, password, TRUSTED_CERTIFICATE_ALIAS), TRUSTSTORE_P12);
-        writer.saveData(getPasswordAsBytes(password), TRUSTSTORE_PASS);
+        fileWriter.saveData(converter.convertTruststore(data, password, TRUSTED_CERTIFICATE_ALIAS), truststoreArtifactName);
+        fileWriter.saveData(getPasswordAsBytes(password), truststorePass);
     }
 
     private byte[] getPasswordAsBytes(Password password) {
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorFactory.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorFactory.java
new file mode 100644
index 00000000..5a37482a
--- /dev/null
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorFactory.java
@@ -0,0 +1,36 @@
+/*============LICENSE_START=======================================================
+ * aaf-certservice-client
+ * ================================================================================
+ * Copyright (C) 2020 Nokia. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.aaf.certservice.client.certification.conversion;
+
+import org.onap.aaf.certservice.client.certification.writer.CertFileWriter;
+
+public class ConvertedArtifactsCreatorFactory {
+
+    private ConvertedArtifactsCreatorFactory() { }
+
+    public static ConvertedArtifactsCreator createConverter(String destPath, String fileExtension, String keyStoreType) {
+        return new ConvertedArtifactsCreator(
+                new CertFileWriter(destPath),
+                new RandomPasswordGenerator(),
+                new PemConverter(keyStoreType),
+                fileExtension);
+    }
+
+}
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemToPKCS12Converter.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemConverter.java
index ef1666dc..083e4bcf 100644
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemToPKCS12Converter.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemConverter.java
@@ -35,52 +35,56 @@ import org.bouncycastle.cert.X509CertificateHolder;
 import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.bouncycastle.openssl.PEMParser;
-import org.onap.aaf.certservice.client.certification.exception.PemToPKCS12ConverterException;
+import org.onap.aaf.certservice.client.certification.exception.PemConversionException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-class PemToPKCS12Converter {
+class PemConverter {
 
-    private static final Logger LOGGER = LoggerFactory.getLogger(PemToPKCS12Converter.class);
-    private static final String PKCS12 = "PKCS12";
+    private static final Logger LOGGER = LoggerFactory.getLogger(PemConverter.class);
     private static final String PASSWORD_ERROR_MSG = "Password should be min. 16 chars long and should contain only alphanumeric characters and special characters like Underscore (_), Dollar ($) and Pound (#)";
     private final LoadStoreParameter EMPTY_KEYSTORE_CONFIGURATION = null;
+    private final String keyStoreType;
+
+    public PemConverter(String keyStoreType) {
+        this.keyStoreType = keyStoreType;
+    }
 
     byte[] convertKeystore(List<String> certificateChain, Password password, String alias, PrivateKey privateKey)
-        throws PemToPKCS12ConverterException {
-        LOGGER.info("Conversion of PEM certificates to PKCS12 keystore");
+    throws PemConversionException {
+        LOGGER.info("Conversion of PEM certificates to " + keyStoreType + " keystore");
         return convert(certificateChain, password, certs -> getKeyStore(alias, password, certs, privateKey));
     }
 
     byte[] convertTruststore(List<String> trustAnchors, Password password, String alias)
-        throws PemToPKCS12ConverterException {
-        LOGGER.info("Conversion of PEM certificates to PKCS12 truststore");
+    throws PemConversionException {
+        LOGGER.info("Conversion of PEM certificates to " + keyStoreType + " truststore");
         return convert(trustAnchors, password, certs -> getTrustStore(alias, certs));
     }
 
     private byte[] convert(List<String> certificates, Password password, StoreEntryOperation operation)
-        throws PemToPKCS12ConverterException {
+        throws PemConversionException {
         checkPassword(password);
         final Certificate[] X509Certificates = convertToCertificateArray(certificates);
         return getKeyStoreBytes(password, operation, X509Certificates);
     }
 
-    private void checkPassword(Password password) throws PemToPKCS12ConverterException {
+    private void checkPassword(Password password) throws PemConversionException {
         if (!password.isCorrectPasswordPattern()) {
             LOGGER.error(PASSWORD_ERROR_MSG);
-            throw new PemToPKCS12ConverterException(PASSWORD_ERROR_MSG);
+            throw new PemConversionException(PASSWORD_ERROR_MSG);
         }
     }
 
     private byte[] getKeyStoreBytes(Password password, StoreEntryOperation op, Certificate[] x509Certificates)
-        throws PemToPKCS12ConverterException {
+        throws PemConversionException {
         try (ByteArrayOutputStream bos = new ByteArrayOutputStream()) {
             KeyStore ks = op.getStore(x509Certificates);
             ks.store(bos, password.toCharArray());
             return bos.toByteArray();
         } catch (IOException | CertificateException | NoSuchAlgorithmException | KeyStoreException e) {
-            LOGGER.error("Pem to PKCS12 converter failed, exception message: {}", e.getMessage());
-            throw new PemToPKCS12ConverterException(e);
+            LOGGER.error("Pem to " + keyStoreType + " converter failed, exception message: {}", e.getMessage());
+            throw new PemConversionException(e);
         }
     }
 
@@ -103,13 +107,13 @@ class PemToPKCS12Converter {
 
     private KeyStore getKeyStoreInstance()
         throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
-        KeyStore ks = KeyStore.getInstance(PKCS12);
+        KeyStore ks = KeyStore.getInstance(keyStoreType);
         ks.load(EMPTY_KEYSTORE_CONFIGURATION);
         return ks;
     }
 
     private Certificate[] convertToCertificateArray(List<String> certificates)
-        throws PemToPKCS12ConverterException {
+        throws PemConversionException {
         Certificate[] parsedCertificates = new Certificate[certificates.size()];
         for (String certificate : certificates) {
             parsedCertificates[certificates.indexOf(certificate)] = parseCertificate(certificate);
@@ -117,17 +121,17 @@ class PemToPKCS12Converter {
         return parsedCertificates;
     }
 
-    private Certificate parseCertificate(String certificate) throws PemToPKCS12ConverterException {
+    private Certificate parseCertificate(String certificate) throws PemConversionException {
         try (PEMParser pem = new PEMParser(new StringReader(certificate))) {
             X509CertificateHolder certHolder = Optional.ofNullable((X509CertificateHolder) pem.readObject())
                 .orElseThrow(
-                    () -> new PemToPKCS12ConverterException("The certificate couldn't be parsed correctly. " + certificate));
+                    () -> new PemConversionException("The certificate couldn't be parsed correctly. " + certificate));
             return new JcaX509CertificateConverter()
                 .setProvider(new BouncyCastleProvider())
                 .getCertificate(certHolder);
         } catch (IOException | CertificateException e) {
             LOGGER.error("Certificates conversion failed, exception message: {}", e.getMessage());
-            throw new PemToPKCS12ConverterException(e);
+            throw new PemConversionException(e);
         }
     }
 }
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/PemToPKCS12ConverterException.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/PemConversionException.java
index b98f4ace..11c448ee 100644
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/PemToPKCS12ConverterException.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/PemConversionException.java
@@ -22,13 +22,13 @@ package org.onap.aaf.certservice.client.certification.exception;
 import org.onap.aaf.certservice.client.api.ExitStatus;
 import org.onap.aaf.certservice.client.api.ExitableException;
 
-public class PemToPKCS12ConverterException extends ExitableException {
-    private static final ExitStatus EXIT_STATUS = ExitStatus.PKCS12_CONVERSION_EXCEPTION;
+public class PemConversionException extends ExitableException {
+    private static final ExitStatus EXIT_STATUS = ExitStatus.PEM_CONVERSION_EXCEPTION;
 
-    public PemToPKCS12ConverterException(Throwable e) {
+    public PemConversionException(Throwable e) {
         super(e);
     }
-    public PemToPKCS12ConverterException(String message) {
+    public PemConversionException(String message) {
         super(message);
     }
author	Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>	2020-06-17 14:54:51 +0200
committer	Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>	2020-06-19 10:13:08 +0200
commit	0b278343630c1e3c7c92b3e5094570748692666e (patch)
tree	7f859bedb889dfb46685e7ea71865fb3f62aff31 /certServiceClient/src/main
parent	212038b654728b79aa647e08da2562484c63c883 (diff)