aboutsummaryrefslogtreecommitdiffstats
path: root/certServiceClient
diff options
context:
space:
mode:
authorPiotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>2020-06-17 14:54:51 +0200
committerPiotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>2020-06-19 10:13:08 +0200
commit0b278343630c1e3c7c92b3e5094570748692666e (patch)
tree7f859bedb889dfb46685e7ea71865fb3f62aff31 /certServiceClient
parent212038b654728b79aa647e08da2562484c63c883 (diff)
Add creation JKS artifact
Issue-ID: AAF-1152 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I8b38dc07ddbf6758e0c4c036100572b350dceab9
Diffstat (limited to 'certServiceClient')
-rw-r--r--certServiceClient/README.md2
-rw-r--r--certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitStatus.java2
-rw-r--r--certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java29
-rw-r--r--certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreator.java (renamed from certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PKCS12ArtifactsCreator.java)56
-rw-r--r--certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorFactory.java36
-rw-r--r--certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemConverter.java (renamed from certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemToPKCS12Converter.java)42
-rw-r--r--certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/PemConversionException.java (renamed from certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/PemToPKCS12ConverterException.java)8
-rw-r--r--certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProviderTest.java26
-rw-r--r--certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorTest.java (renamed from certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/PKCS12ArtifactsCreatorTest.java)49
-rw-r--r--certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/PemConverterTest.java (renamed from certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/PemToPKCS12ConverterTest.java)68
10 files changed, 208 insertions, 110 deletions
diff --git a/certServiceClient/README.md b/certServiceClient/README.md
index 56c33bdf..72521737 100644
--- a/certServiceClient/README.md
+++ b/certServiceClient/README.md
@@ -68,7 +68,7 @@ docker logs aaf-certservice-client
4 Fail in CSR generation
5 CertService HTTP unsuccessful response
6 Internal HTTP Client connection problem
-7 Fail in PKCS12 conversion
+7 Fail in PEM conversion
8 Fail in Private Key to PEM Encoding
9 Wrong TLS configuration
10 File could not be created
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitStatus.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitStatus.java
index 6e91fe84..1d321688 100644
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitStatus.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitStatus.java
@@ -27,7 +27,7 @@ public enum ExitStatus {
CSR_GENERATION_EXCEPTION(4,"Fail in CSR generation"),
CERT_SERVICE_API_CONNECTION_EXCEPTION(5,"CertService HTTP unsuccessful response"),
HTTP_CLIENT_EXCEPTION(6,"Internal HTTP Client connection problem"),
- PKCS12_CONVERSION_EXCEPTION(7,"Fail in PKCS12 conversion"),
+ PEM_CONVERSION_EXCEPTION(7,"Fail in PEM conversion"),
PK_TO_PEM_ENCODING_EXCEPTION(8,"Fail in Private Key to PEM Encoding"),
TLS_CONFIGURATION_EXCEPTION(9, "Invalid TLS configuration"),
FILE_CREATION_EXCEPTION(10, "File could not be created");
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java
index dd4df73b..d3d8a11b 100644
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java
@@ -22,33 +22,40 @@ import org.onap.aaf.certservice.client.certification.PrivateKeyToPemEncoder;
import org.onap.aaf.certservice.client.certification.writer.CertFileWriter;
public enum ArtifactsCreatorProvider {
- P12 {
+ P12("PKCS12") {
@Override
ArtifactsCreator create(String destPath) {
- return new PKCS12ArtifactsCreator(
- new CertFileWriter(destPath),
- new RandomPasswordGenerator(),
- new PemToPKCS12Converter());
+ return ConvertedArtifactsCreatorFactory.createConverter(destPath, getExtension(), getKeyStoreType());
}
},
- JKS {
+ JKS("JKS") {
@Override
ArtifactsCreator create(String destPath) {
- return null;
+ return ConvertedArtifactsCreatorFactory.createConverter(destPath, getExtension(), getKeyStoreType());
}
},
- PEM {
+ PEM("PEM"){
@Override
ArtifactsCreator create(String destPath) {
- return new PemArtifactsCreator(
- new CertFileWriter(destPath),
- new PrivateKeyToPemEncoder());
+ return new PemArtifactsCreator(new CertFileWriter(destPath), new PrivateKeyToPemEncoder());
}
};
+ private final String keyStoreType;
+ ArtifactsCreatorProvider(String keyStoreType) {
+ this.keyStoreType = keyStoreType;
+ }
public static ArtifactsCreator getCreator(String outputType, String destPath) {
return valueOf(outputType).create(destPath);
}
+ String getKeyStoreType() {
+ return keyStoreType;
+ }
+
+ String getExtension() {
+ return this.toString().toLowerCase();
+ }
+
abstract ArtifactsCreator create(String destPath);
}
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PKCS12ArtifactsCreator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreator.java
index c1e7c1c8..4e300074 100644
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PKCS12ArtifactsCreator.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreator.java
@@ -22,57 +22,63 @@ package org.onap.aaf.certservice.client.certification.conversion;
import java.security.PrivateKey;
import java.util.List;
import org.onap.aaf.certservice.client.certification.exception.CertFileWriterException;
-import org.onap.aaf.certservice.client.certification.exception.PemToPKCS12ConverterException;
+import org.onap.aaf.certservice.client.certification.exception.PemConversionException;
import org.onap.aaf.certservice.client.certification.writer.CertFileWriter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-public class PKCS12ArtifactsCreator implements ArtifactsCreator {
+public class ConvertedArtifactsCreator implements ArtifactsCreator {
- private static final Logger LOGGER = LoggerFactory.getLogger(PKCS12ArtifactsCreator.class);
+ private static final Logger LOGGER = LoggerFactory.getLogger(ConvertedArtifactsCreator.class);
private static final String CERTIFICATE_ALIAS = "certificate";
private static final String TRUSTED_CERTIFICATE_ALIAS = "trusted-certificate-";
private static final int PASSWORD_LENGTH = 24;
- private static final String KEYSTORE_P12 = "keystore.p12";
- private static final String KEYSTORE_PASS = "keystore.pass";
- private static final String TRUSTSTORE_P12 = "truststore.p12";
- private static final String TRUSTSTORE_PASS = "truststore.pass";
- private final RandomPasswordGenerator generator;
- private final PemToPKCS12Converter converter;
- private final CertFileWriter writer;
+ private static final String PASS_EXT = "pass";
+ private static final String KEYSTORE = "keystore";
+ private static final String TRUSTSTORE = "truststore";
- public PKCS12ArtifactsCreator(CertFileWriter writer, RandomPasswordGenerator generator,
- PemToPKCS12Converter converter) {
- this.generator = generator;
+ private final String fileExtension;
+ private final RandomPasswordGenerator passwordGenerator;
+ private final PemConverter converter;
+ private final CertFileWriter fileWriter;
+
+ public ConvertedArtifactsCreator(CertFileWriter fileWriter, RandomPasswordGenerator passwordGenerator,
+ PemConverter converter, String fileExtension) {
+ this.passwordGenerator = passwordGenerator;
this.converter = converter;
- this.writer = writer;
+ this.fileWriter = fileWriter;
+ this.fileExtension = fileExtension;
}
@Override
public void create(List<String> keystoreData, List<String> truststoreData, PrivateKey privateKey)
- throws PemToPKCS12ConverterException, CertFileWriterException {
+ throws PemConversionException, CertFileWriterException {
createKeystore(keystoreData,privateKey);
createTruststore(truststoreData);
}
private void createKeystore(List<String> data, PrivateKey privateKey)
- throws PemToPKCS12ConverterException, CertFileWriterException {
- Password password = generator.generate(PASSWORD_LENGTH);
+ throws PemConversionException, CertFileWriterException {
+ Password password = passwordGenerator.generate(PASSWORD_LENGTH);
+ String keystoreArtifactName = String.format("%s.%s", KEYSTORE, fileExtension);
+ String keystorePass = String.format("%s.%s", KEYSTORE, PASS_EXT);
- LOGGER.debug("Attempt to create PKCS12 keystore files and saving data. File names: {}, {}", KEYSTORE_P12, KEYSTORE_PASS);
+ LOGGER.debug("Attempt to create keystore files and saving data. File names: {}, {}", keystoreArtifactName, keystorePass);
- writer.saveData(converter.convertKeystore(data, password, CERTIFICATE_ALIAS, privateKey), KEYSTORE_P12);
- writer.saveData(getPasswordAsBytes(password), KEYSTORE_PASS);
+ fileWriter.saveData(converter.convertKeystore(data, password, CERTIFICATE_ALIAS, privateKey), keystoreArtifactName);
+ fileWriter.saveData(getPasswordAsBytes(password), keystorePass);
}
private void createTruststore(List<String> data)
- throws PemToPKCS12ConverterException, CertFileWriterException {
- Password password = generator.generate(PASSWORD_LENGTH);
+ throws PemConversionException, CertFileWriterException {
+ Password password = passwordGenerator.generate(PASSWORD_LENGTH);
+ String truststoreArtifactName = String.format("%s.%s", TRUSTSTORE, fileExtension);
+ String truststorePass = String.format("%s.%s", TRUSTSTORE, PASS_EXT);
- LOGGER.debug("Attempt to create PKCS12 truststore files and saving data. File names: {}, {}", TRUSTSTORE_P12, TRUSTSTORE_PASS);
+ LOGGER.debug("Attempt to create truststore files and saving data. File names: {}, {}", truststoreArtifactName, truststorePass);
- writer.saveData(converter.convertTruststore(data, password, TRUSTED_CERTIFICATE_ALIAS), TRUSTSTORE_P12);
- writer.saveData(getPasswordAsBytes(password), TRUSTSTORE_PASS);
+ fileWriter.saveData(converter.convertTruststore(data, password, TRUSTED_CERTIFICATE_ALIAS), truststoreArtifactName);
+ fileWriter.saveData(getPasswordAsBytes(password), truststorePass);
}
private byte[] getPasswordAsBytes(Password password) {
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorFactory.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorFactory.java
new file mode 100644
index 00000000..5a37482a
--- /dev/null
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorFactory.java
@@ -0,0 +1,36 @@
+/*============LICENSE_START=======================================================
+ * aaf-certservice-client
+ * ================================================================================
+ * Copyright (C) 2020 Nokia. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.aaf.certservice.client.certification.conversion;
+
+import org.onap.aaf.certservice.client.certification.writer.CertFileWriter;
+
+public class ConvertedArtifactsCreatorFactory {
+
+ private ConvertedArtifactsCreatorFactory() { }
+
+ public static ConvertedArtifactsCreator createConverter(String destPath, String fileExtension, String keyStoreType) {
+ return new ConvertedArtifactsCreator(
+ new CertFileWriter(destPath),
+ new RandomPasswordGenerator(),
+ new PemConverter(keyStoreType),
+ fileExtension);
+ }
+
+}
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemToPKCS12Converter.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemConverter.java
index ef1666dc..083e4bcf 100644
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemToPKCS12Converter.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemConverter.java
@@ -35,52 +35,56 @@ import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMParser;
-import org.onap.aaf.certservice.client.certification.exception.PemToPKCS12ConverterException;
+import org.onap.aaf.certservice.client.certification.exception.PemConversionException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-class PemToPKCS12Converter {
+class PemConverter {
- private static final Logger LOGGER = LoggerFactory.getLogger(PemToPKCS12Converter.class);
- private static final String PKCS12 = "PKCS12";
+ private static final Logger LOGGER = LoggerFactory.getLogger(PemConverter.class);
private static final String PASSWORD_ERROR_MSG = "Password should be min. 16 chars long and should contain only alphanumeric characters and special characters like Underscore (_), Dollar ($) and Pound (#)";
private final LoadStoreParameter EMPTY_KEYSTORE_CONFIGURATION = null;
+ private final String keyStoreType;
+
+ public PemConverter(String keyStoreType) {
+ this.keyStoreType = keyStoreType;
+ }
byte[] convertKeystore(List<String> certificateChain, Password password, String alias, PrivateKey privateKey)
- throws PemToPKCS12ConverterException {
- LOGGER.info("Conversion of PEM certificates to PKCS12 keystore");
+ throws PemConversionException {
+ LOGGER.info("Conversion of PEM certificates to " + keyStoreType + " keystore");
return convert(certificateChain, password, certs -> getKeyStore(alias, password, certs, privateKey));
}
byte[] convertTruststore(List<String> trustAnchors, Password password, String alias)
- throws PemToPKCS12ConverterException {
- LOGGER.info("Conversion of PEM certificates to PKCS12 truststore");
+ throws PemConversionException {
+ LOGGER.info("Conversion of PEM certificates to " + keyStoreType + " truststore");
return convert(trustAnchors, password, certs -> getTrustStore(alias, certs));
}
private byte[] convert(List<String> certificates, Password password, StoreEntryOperation operation)
- throws PemToPKCS12ConverterException {
+ throws PemConversionException {
checkPassword(password);
final Certificate[] X509Certificates = convertToCertificateArray(certificates);
return getKeyStoreBytes(password, operation, X509Certificates);
}
- private void checkPassword(Password password) throws PemToPKCS12ConverterException {
+ private void checkPassword(Password password) throws PemConversionException {
if (!password.isCorrectPasswordPattern()) {
LOGGER.error(PASSWORD_ERROR_MSG);
- throw new PemToPKCS12ConverterException(PASSWORD_ERROR_MSG);
+ throw new PemConversionException(PASSWORD_ERROR_MSG);
}
}
private byte[] getKeyStoreBytes(Password password, StoreEntryOperation op, Certificate[] x509Certificates)
- throws PemToPKCS12ConverterException {
+ throws PemConversionException {
try (ByteArrayOutputStream bos = new ByteArrayOutputStream()) {
KeyStore ks = op.getStore(x509Certificates);
ks.store(bos, password.toCharArray());
return bos.toByteArray();
} catch (IOException | CertificateException | NoSuchAlgorithmException | KeyStoreException e) {
- LOGGER.error("Pem to PKCS12 converter failed, exception message: {}", e.getMessage());
- throw new PemToPKCS12ConverterException(e);
+ LOGGER.error("Pem to " + keyStoreType + " converter failed, exception message: {}", e.getMessage());
+ throw new PemConversionException(e);
}
}
@@ -103,13 +107,13 @@ class PemToPKCS12Converter {
private KeyStore getKeyStoreInstance()
throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
- KeyStore ks = KeyStore.getInstance(PKCS12);
+ KeyStore ks = KeyStore.getInstance(keyStoreType);
ks.load(EMPTY_KEYSTORE_CONFIGURATION);
return ks;
}
private Certificate[] convertToCertificateArray(List<String> certificates)
- throws PemToPKCS12ConverterException {
+ throws PemConversionException {
Certificate[] parsedCertificates = new Certificate[certificates.size()];
for (String certificate : certificates) {
parsedCertificates[certificates.indexOf(certificate)] = parseCertificate(certificate);
@@ -117,17 +121,17 @@ class PemToPKCS12Converter {
return parsedCertificates;
}
- private Certificate parseCertificate(String certificate) throws PemToPKCS12ConverterException {
+ private Certificate parseCertificate(String certificate) throws PemConversionException {
try (PEMParser pem = new PEMParser(new StringReader(certificate))) {
X509CertificateHolder certHolder = Optional.ofNullable((X509CertificateHolder) pem.readObject())
.orElseThrow(
- () -> new PemToPKCS12ConverterException("The certificate couldn't be parsed correctly. " + certificate));
+ () -> new PemConversionException("The certificate couldn't be parsed correctly. " + certificate));
return new JcaX509CertificateConverter()
.setProvider(new BouncyCastleProvider())
.getCertificate(certHolder);
} catch (IOException | CertificateException e) {
LOGGER.error("Certificates conversion failed, exception message: {}", e.getMessage());
- throw new PemToPKCS12ConverterException(e);
+ throw new PemConversionException(e);
}
}
}
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/PemToPKCS12ConverterException.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/PemConversionException.java
index b98f4ace..11c448ee 100644
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/PemToPKCS12ConverterException.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/PemConversionException.java
@@ -22,13 +22,13 @@ package org.onap.aaf.certservice.client.certification.exception;
import org.onap.aaf.certservice.client.api.ExitStatus;
import org.onap.aaf.certservice.client.api.ExitableException;
-public class PemToPKCS12ConverterException extends ExitableException {
- private static final ExitStatus EXIT_STATUS = ExitStatus.PKCS12_CONVERSION_EXCEPTION;
+public class PemConversionException extends ExitableException {
+ private static final ExitStatus EXIT_STATUS = ExitStatus.PEM_CONVERSION_EXCEPTION;
- public PemToPKCS12ConverterException(Throwable e) {
+ public PemConversionException(Throwable e) {
super(e);
}
- public PemToPKCS12ConverterException(String message) {
+ public PemConversionException(String message) {
super(message);
}
diff --git a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProviderTest.java b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProviderTest.java
index 133d90d2..8a619991 100644
--- a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProviderTest.java
+++ b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProviderTest.java
@@ -20,6 +20,9 @@
package org.onap.aaf.certservice.client.certification.conversion;
import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.CsvSource;
+import org.junit.jupiter.params.provider.ValueSource;
import static org.assertj.core.api.Assertions.assertThat;
@@ -27,17 +30,19 @@ import static org.assertj.core.api.Assertions.assertThat;
class ArtifactsCreatorProviderTest {
private static final String P12 = "P12";
+ private static final String JKS = "JKS";
private static final String PEM = "PEM";
private static final String TEST_PATH = "testPath";
- @Test
- void artifactsProviderShouldReturnP12Creator(){
+ @ParameterizedTest
+ @ValueSource(strings = {JKS, P12})
+ void artifactsProviderShouldReturnConvertedCreator(String outputType){
// when
ArtifactsCreator artifactsCreator =
- ArtifactsCreatorProvider.getCreator(P12, TEST_PATH);
+ ArtifactsCreatorProvider.getCreator(outputType, TEST_PATH);
// then
- assertThat(artifactsCreator).isInstanceOf(PKCS12ArtifactsCreator.class);
+ assertThat(artifactsCreator).isInstanceOf(ConvertedArtifactsCreator.class);
}
@Test
@@ -49,4 +54,17 @@ class ArtifactsCreatorProviderTest {
// then
assertThat(artifactsCreator).isInstanceOf(PemArtifactsCreator.class);
}
+
+ @ParameterizedTest
+ @CsvSource({
+ "JKS, jks",
+ "P12, p12"})
+ void getExtensionShouldProvideExtensionBasedOnArtifactType(String artifactType, String expectedExtension){
+
+ //when
+ String actualExtension = ArtifactsCreatorProvider.valueOf(artifactType).getExtension();
+ //then
+ assertThat(actualExtension).isEqualTo(expectedExtension);
+ }
+
}
diff --git a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/PKCS12ArtifactsCreatorTest.java b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorTest.java
index 4a690e5f..2da4ab98 100644
--- a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/PKCS12ArtifactsCreatorTest.java
+++ b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorTest.java
@@ -30,10 +30,10 @@ import java.util.List;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.onap.aaf.certservice.client.certification.exception.CertFileWriterException;
-import org.onap.aaf.certservice.client.certification.exception.PemToPKCS12ConverterException;
+import org.onap.aaf.certservice.client.certification.exception.PemConversionException;
import org.onap.aaf.certservice.client.certification.writer.CertFileWriter;
-class PKCS12ArtifactsCreatorTest {
+class ConvertedArtifactsCreatorTest {
private static final int PASSWORD_LENGTH = 24;
private static final String CERTIFICATE_ALIAS = "certificate";
@@ -44,33 +44,52 @@ class PKCS12ArtifactsCreatorTest {
private static final List<String> SAMPLE_TRUSTED_CERTIFICATE_CHAIN = List.of("c", "d");
private static final byte[] SAMPLE_KEYSTORE_BYTES = "this is a keystore test".getBytes();
private static final byte[] SAMPLE_TRUSTSTORE_BYTES = "this is a truststore test".getBytes();
+ private static final String P12_EXTENSION= "p12";
private CertFileWriter certFileWriter;
private RandomPasswordGenerator passwordGenerator;
- private PemToPKCS12Converter converter;
+ private PemConverter converter;
private PrivateKey privateKey;
- private PKCS12ArtifactsCreator artifactCreator;
+ private ConvertedArtifactsCreator artifactsCreator;
@BeforeEach
void setUp() {
certFileWriter = mock(CertFileWriter.class);
passwordGenerator = mock(RandomPasswordGenerator.class);
- converter = mock(PemToPKCS12Converter.class);
+ converter = mock(PemConverter.class);
privateKey = mock(PrivateKey.class);
- artifactCreator = new PKCS12ArtifactsCreator(certFileWriter, passwordGenerator, converter);
+ artifactsCreator = new ConvertedArtifactsCreator(certFileWriter, passwordGenerator, converter, P12_EXTENSION);
}
@Test
- void artifactsCreatorShouldCauseCallOfConvertAndDataSaveMethods()
- throws PemToPKCS12ConverterException, CertFileWriterException {
+ void convertedArtifactCreatorShouldTryCreateFileWithGivenExtension()
+ throws CertFileWriterException, PemConversionException {
+ //given
+ mockPasswordGeneratorAndPemConverter();
+ final String keystore = "keystore";
+ final String testExtension = "testExt";
+ final String keystoreFileName = String.format("%s.%s", keystore, testExtension);
+ artifactsCreator = new ConvertedArtifactsCreator(certFileWriter, passwordGenerator, converter, testExtension);
+
+ //when
+ artifactsCreator.create(SAMPLE_KEYSTORE_CERTIFICATE_CHAIN, SAMPLE_TRUSTED_CERTIFICATE_CHAIN, privateKey);
+
+ //then
+ verify(certFileWriter, times(1))
+ .saveData(SAMPLE_KEYSTORE_BYTES, keystoreFileName);
+ }
+
+ @Test
+ void convertedArtifactsCreatorShouldCallConverterAndFilesCreatorMethods()
+ throws PemConversionException, CertFileWriterException {
// given
- mockPasswordGeneratorAndPKSC12Converter();
+ mockPasswordGeneratorAndPemConverter();
final String keystoreP12 = "keystore.p12";
final String keystorePass = "keystore.pass";
//when
- artifactCreator.create(SAMPLE_KEYSTORE_CERTIFICATE_CHAIN, SAMPLE_TRUSTED_CERTIFICATE_CHAIN, privateKey);
+ artifactsCreator.create(SAMPLE_KEYSTORE_CERTIFICATE_CHAIN, SAMPLE_TRUSTED_CERTIFICATE_CHAIN, privateKey);
// then
verify(converter, times(1))
@@ -84,19 +103,19 @@ class PKCS12ArtifactsCreatorTest {
}
@Test
- void artifactsCreatorShouldCallPasswordGeneratorTwice()
- throws PemToPKCS12ConverterException, CertFileWriterException {
+ void convertedArtifactsCreatorShouldCallPasswordGeneratorTwice()
+ throws PemConversionException, CertFileWriterException {
// given
- mockPasswordGeneratorAndPKSC12Converter();
+ mockPasswordGeneratorAndPemConverter();
//when
- artifactCreator.create(SAMPLE_KEYSTORE_CERTIFICATE_CHAIN, SAMPLE_TRUSTED_CERTIFICATE_CHAIN, privateKey);
+ artifactsCreator.create(SAMPLE_KEYSTORE_CERTIFICATE_CHAIN, SAMPLE_TRUSTED_CERTIFICATE_CHAIN, privateKey);
// then
verify(passwordGenerator, times(2)).generate(PASSWORD_LENGTH);
}
- private void mockPasswordGeneratorAndPKSC12Converter() throws PemToPKCS12ConverterException {
+ private void mockPasswordGeneratorAndPemConverter() throws PemConversionException {
when(passwordGenerator.generate(PASSWORD_LENGTH)).thenReturn(SAMPLE_PASSWORD);
when(converter.convertKeystore(SAMPLE_KEYSTORE_CERTIFICATE_CHAIN, SAMPLE_PASSWORD, CERTIFICATE_ALIAS, privateKey))
.thenReturn(SAMPLE_KEYSTORE_BYTES);
diff --git a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/PemToPKCS12ConverterTest.java b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/PemConverterTest.java
index 35043409..0d67fba7 100644
--- a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/PemToPKCS12ConverterTest.java
+++ b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/PemConverterTest.java
@@ -42,10 +42,12 @@ import java.security.cert.CertificateException;
import java.util.List;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.ValueSource;
import org.onap.aaf.certservice.client.certification.EncryptionAlgorithmConstants;
-import org.onap.aaf.certservice.client.certification.exception.PemToPKCS12ConverterException;
+import org.onap.aaf.certservice.client.certification.exception.PemConversionException;
-class PemToPKCS12ConverterTest {
+class PemConverterTest {
private static final String RESOURCES_PATH = "src/test/resources";
private static final String CERT1_PATH = RESOURCES_PATH + "/cert1.pem";
@@ -55,6 +57,7 @@ class PemToPKCS12ConverterTest {
private static final String EXPECTED_TRUSTSTORE_PATH = RESOURCES_PATH + "/expectedTruststore.jks";
private static final String PKCS12 = "PKCS12";
private static final String PKCS8 = "PKCS#8";
+ private static final String JKS = "JKS";
private static final String KEY_ERROR_MSG = "java.security.KeyStoreException: Key protection algorithm not found: java.lang.NullPointerException";
private static final String CERTIFICATES_ERROR_MSG = "The certificate couldn't be parsed correctly. certificate1";
private static final String PASSWORD_ERROR_MSG = "Password should be min. 16 chars long and should contain only alphanumeric characters and special characters like Underscore (_), Dollar ($) and Pound (#)";
@@ -66,15 +69,16 @@ class PemToPKCS12ConverterTest {
key = Files.readAllBytes(Path.of(KEY_PATH));
}
- @Test
- void convertKeystoreShouldReturnKeystoreWithGivenPrivateKeyAndCertificateChain()
- throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, PemToPKCS12ConverterException {
+ @ParameterizedTest
+ @ValueSource(strings = {PKCS12, JKS})
+ void convertKeystoreShouldReturnKeystoreWithGivenPrivateKeyAndCertificateChain(String conversionTarget)
+ throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, PemConversionException {
// given
final String alias = "keystore-entry";
final Password password = new Password("d9D_u8LooYaXH4G48DtN#vw0");
final List<String> certificateChain = getCertificates();
- final PemToPKCS12Converter converter = new PemToPKCS12Converter();
- final KeyStore expectedKeyStore = KeyStore.getInstance(PKCS12);
+ final PemConverter converter = new PemConverter(conversionTarget);
+ final KeyStore expectedKeyStore = KeyStore.getInstance(conversionTarget);
expectedKeyStore.load(new ByteArrayInputStream(Files.readAllBytes(Path.of(EXPECTED_KEYSTORE_PATH))),
password.toCharArray());
final Certificate[] expectedChain = expectedKeyStore.getCertificateChain(alias);
@@ -84,7 +88,7 @@ class PemToPKCS12ConverterTest {
final byte[] result = converter.convertKeystore(certificateChain, password, alias, privateKey);
// then
- final KeyStore actualKeyStore = KeyStore.getInstance(PKCS12);
+ final KeyStore actualKeyStore = KeyStore.getInstance(conversionTarget);
actualKeyStore.load(new ByteArrayInputStream(result), password.toCharArray());
final Certificate[] actualChain = actualKeyStore.getCertificateChain(alias);
@@ -93,17 +97,18 @@ class PemToPKCS12ConverterTest {
assertArrayEquals(expectedChain, actualChain);
}
- @Test
- void convertKeystoreShouldThrowPemToPKCS12ConverterExceptionBecauseOfWrongPassword() throws IOException {
+ @ParameterizedTest
+ @ValueSource(strings = {PKCS12, JKS})
+ void convertKeystoreShouldThrowPemConverterExceptionBecauseOfWrongPassword(String conversionTarget) throws IOException {
// given
final String alias = "keystore-entry";
final Password password = new Password("apple");
final List<String> certificateChain = getCertificates();
- final PemToPKCS12Converter converter = new PemToPKCS12Converter();
+ final PemConverter converter = new PemConverter(conversionTarget);
privateKeyMockSetup();
// when
- Exception exception = assertThrows(PemToPKCS12ConverterException.class, () ->
+ Exception exception = assertThrows(PemConversionException.class, () ->
converter.convertKeystore(certificateChain, password, alias, privateKey)
);
@@ -111,18 +116,19 @@ class PemToPKCS12ConverterTest {
assertEquals(PASSWORD_ERROR_MSG, exception.getMessage());
}
- @Test
- void convertTruststoreShouldReturnTruststoreWithGivenCertificatesArray()
- throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, PemToPKCS12ConverterException {
+ @ParameterizedTest
+ @ValueSource(strings = {PKCS12, JKS})
+ void convertTruststoreShouldReturnTruststoreWithGivenCertificatesArray(String conversionTarget)
+ throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, PemConversionException {
// given
- final PemToPKCS12Converter converter = new PemToPKCS12Converter();
+ final PemConverter converter = new PemConverter(conversionTarget);
final String alias = "trusted-certificate-";
final String alias1 = alias + 1;
final String alias2 = alias + 2;
final Password password = new Password("9z6oFx1epRSCuBWU4Er8i_0y");
final List<String> trustedCertificates = getCertificates();
- final KeyStore expectedTrustStore = KeyStore.getInstance(PKCS12);
+ final KeyStore expectedTrustStore = KeyStore.getInstance(conversionTarget);
expectedTrustStore.load(new ByteArrayInputStream(Files.readAllBytes(Path.of(EXPECTED_TRUSTSTORE_PATH))),
password.toCharArray());
@@ -130,7 +136,7 @@ class PemToPKCS12ConverterTest {
final byte[] result = converter.convertTruststore(trustedCertificates, password, alias);
// then
- final KeyStore actualKeyStore = KeyStore.getInstance(PKCS12);
+ final KeyStore actualKeyStore = KeyStore.getInstance(conversionTarget);
actualKeyStore.load(new ByteArrayInputStream(result), password.toCharArray());
assertTrue(actualKeyStore.containsAlias(alias1));
@@ -139,45 +145,47 @@ class PemToPKCS12ConverterTest {
assertEquals(expectedTrustStore.getCertificate(alias2), actualKeyStore.getCertificate(alias2));
}
- @Test
- void convertTruststoreShouldThrowPemToPKCS12ConverterExceptionBecauseOfWrongPassword() throws IOException {
+ @ParameterizedTest
+ @ValueSource(strings = {PKCS12, JKS})
+ void convertTruststoreShouldThrowPemConverterExceptionBecauseOfWrongPassword(String conversionTarget) throws IOException {
// given
final String alias = "trusted-certificate-";
final Password password = new Password("nokia");
final List<String> trustedCertificates = getCertificates();
- final PemToPKCS12Converter converter = new PemToPKCS12Converter();
+ final PemConverter converter = new PemConverter(conversionTarget);
// when then
assertThatThrownBy(() ->
converter.convertTruststore(trustedCertificates, password, alias))
- .isInstanceOf(PemToPKCS12ConverterException.class).hasMessage(PASSWORD_ERROR_MSG);
+ .isInstanceOf(PemConversionException.class).hasMessage(PASSWORD_ERROR_MSG);
}
@Test
- void convertKeystoreShouldThrowPemToPKCS12ConverterExceptionBecauseOfWrongPrivateKey() throws IOException {
+ void convertKeystoreShouldThrowPemConverterExceptionBecauseOfWrongPrivateKey() throws IOException {
// given
final String alias = "keystore-entry";
final Password password = new Password("d9D_u8LooYaXH4G48DtN#vw0");
final List<String> certificateChain = getCertificates();
- final PemToPKCS12Converter converter = new PemToPKCS12Converter();
+ final PemConverter converter = new PemConverter(PKCS12);
// when then
assertThatThrownBy(() -> converter.convertKeystore(certificateChain, password, alias, privateKey))
- .isInstanceOf(PemToPKCS12ConverterException.class).hasMessage(KEY_ERROR_MSG);
+ .isInstanceOf(PemConversionException.class).hasMessage(KEY_ERROR_MSG);
}
- @Test
- void convertKeystoreShouldThrowPemToPKCS12ConverterExceptionBecauseOfWrongCertificates() {
+ @ParameterizedTest
+ @ValueSource(strings = {PKCS12, JKS})
+ void convertKeystoreShouldThrowPemConverterExceptionBecauseOfWrongCertificates(String conversionTarget) {
// given
final String alias = "keystore-entry";
final Password password = new Password("d9D_u8LooYaXH4G48DtN#vw0");
final List<String> certificateChain = List.of("certificate1", "certificate2");
- final PemToPKCS12Converter converter = new PemToPKCS12Converter();
+ final PemConverter converter = new PemConverter(conversionTarget);
privateKeyMockSetup();
// when then
assertThatThrownBy(() -> converter.convertKeystore(certificateChain, password, alias, privateKey))
- .isInstanceOf(PemToPKCS12ConverterException.class).hasMessage(CERTIFICATES_ERROR_MSG);
+ .isInstanceOf(PemConversionException.class).hasMessage(CERTIFICATES_ERROR_MSG);
}
private void privateKeyMockSetup() {
@@ -194,4 +202,4 @@ class PemToPKCS12ConverterTest {
Path.of(CERT2_PATH), StandardCharsets.UTF_8)
);
}
-} \ No newline at end of file
+}