[OOM-K8S-CERT-EXTERNAL-PROVIDER] Extend SANs support

- Extend support SANs: email, ip, uri - Fix logging filtered Csr issue Issue-ID: OOM-2559 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: Ib3f2ff2a6383ca46629e457df76c6a70f549ac1b
author: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> 2020-11-18 11:50:11 +0100
committer: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> 2020-11-18 13:56:47 +0100
commit: 37fd0c9c705fe467ffa9df6a1b3acec51e479392 (patch)
tree: 7ccb712477133c34eea731981ec64a2011402009 /certServiceK8sExternalProvider/src/cmpv2controller
parent: 944cae91430e83ddd801386a80b5333f2bff6775 (diff)
3 files changed, 53 insertions, 61 deletions
diff --git a/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger.go b/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger.go
index 649ce47f..5eeaf2e6 100644
--- a/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger.go
+++ b/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger.go
@@ -50,6 +50,9 @@ func logSupportedProperties(log leveledlogger.Logger, csr *x509.CertificateReque
 	logSupportedMultiValueProperty(log, csr.Subject.Province, "state")
 	logSupportedMultiValueProperty(log, csr.Subject.Locality, "location")
 	logSupportedMultiValueProperty(log, csr.DNSNames, "dns names")
+	logSupportedMultiValueProperty(log, csr.EmailAddresses, "email addresses")
+	logSupportedMultiValueProperty(log, mapIpAddressesToText(csr.IPAddresses), "ipAddresses")
+	logSupportedMultiValueProperty(log, mapUrisToText(csr.URIs), "uris")
 }
 
 func logSupportedMultiValueProperty(log leveledlogger.Logger, values []string, propertyName string) {
@@ -80,21 +83,6 @@ func extractUsages(usages []cmapi.KeyUsage) string {
 }
 
 func logPropertiesNotSupportedByCertService(log leveledlogger.Logger, request *cmapi.CertificateRequest, csr *x509.CertificateRequest) {
-
-	//IP addresses in SANs
-	if len(csr.IPAddresses) > 0 {
-		log.Warning(getNotSupportedMessage("ipAddresses", extractIPAddresses(csr.IPAddresses)))
-	}
-	//URIs in SANs
-	if len(csr.URIs) > 0 {
-		log.Warning(getNotSupportedMessage("uris", extractURIs(csr.URIs)))
-	}
-
-	//Email addresses in SANs
-	if len(csr.EmailAddresses) > 0 {
-		log.Warning(getNotSupportedMessage("emailAddresses", extractStringArray(csr.EmailAddresses)))
-	}
-
 	if request.Spec.IsCA == true {
 		log.Warning(getNotSupportedMessage("isCA", strconv.FormatBool(request.Spec.IsCA)))
 	}
@@ -121,20 +109,20 @@ func extractStringArray(strArray []string) string {
 	return values
 }
 
-func extractURIs(URIs []*url.URL) string {
-	values := ""
-	for _, uri := range URIs {
-		values = values + uri.String() + ", "
+func mapUrisToText(uris []*url.URL) []string {
+	urisAsText := make([]string, len(uris))
+	for i, ipAddress := range uris {
+		urisAsText[i] = ipAddress.String()
 	}
-	return values
+	return urisAsText
 }
 
-func extractIPAddresses(addresses []net.IP) string {
-	values := ""
-	for _, ipAddress := range addresses {
-		values = values + ipAddress.String() + ", "
+func mapIpAddressesToText(addresses []net.IP) []string {
+	ipsAsText := make([]string, len(addresses))
+	for i, ipAddress := range addresses {
+		ipsAsText[i] = ipAddress.String()
 	}
-	return values
+	return ipsAsText
 }
 
 func getSupportedMessage(property string, value string) string {
diff --git a/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger_test.go b/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger_test.go
index 250fab8b..0b50980b 100644
--- a/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger_test.go
+++ b/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger_test.go
@@ -40,7 +40,6 @@ import (
 var unsupportedProperties = []string{
 	"* property 'duration'",
 	"* property 'usages'",
-	"- property 'ipAddresses'",
 	"- property 'isCA'",
 	"- property 'subject.streetAddress'",
 	"- property 'subject.postalCodes'",
@@ -53,7 +52,11 @@ var supportedProperties = []string{
 	"+ property 'country'",
 	"+ property 'state'",
 	"+ property 'location'",
-	"+ property 'dns names'"}
+	"+ property 'dns names'",
+	"+ property 'ipAddresses'",
+	"+ property 'uris'",
+	"+ property 'email addresses'",
+	}
 
 const RESULT_LOG = "testdata/test_result.log"
 
diff --git a/certServiceK8sExternalProvider/src/cmpv2controller/logger/test_resource.go b/certServiceK8sExternalProvider/src/cmpv2controller/logger/test_resource.go
index c0f6f950..dcb255ea 100644
--- a/certServiceK8sExternalProvider/src/cmpv2controller/logger/test_resource.go
+++ b/certServiceK8sExternalProvider/src/cmpv2controller/logger/test_resource.go
@@ -21,43 +21,44 @@
 package logger
 
 const csrWithoutSkippedProperties = (`-----BEGIN CERTIFICATE REQUEST-----
-MIIDETCCAfkCAQAwgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
+MIIDPTCCAiUCAQAwgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
 MRYwFAYDVQQHEw1TYW4tRnJhbmNpc2NvMRkwFwYDVQQKExBMaW51eC1Gb3VuZGF0
 aW9uMQ0wCwYDVQQLEwRPTkFQMRwwGgYDVQQDExNjZXJ0aXNzdWVyLm9uYXAub3Jn
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhQiSgyYGpEfX/HuCFwT
-GHkLe1CheKz2CQzSP9an5BSdET1OgABmuJjtnXZzKpPAZCGJX2QTyDE9zvdTN0Ci
-/8WRL/m2tWUPbt8qRVW36PSKazpB+ELZjQi3rmYtmWUlRuJNfLcksK59pcD5W46t
-d9eettkex0FAcxpQE/ukhpW9r6QrmlQAQHuF1rBw6uJMGzFSPWh9XFLFbxZJyJCu
-AIycvT95bgtot3EMPwGkxAYzxtAu6D5/n65nIZ0f9BuuNFtmnoHmn/9fPUnZHA0h
-qP9kXAAU10S3gig+Na6DeZFBE1y9jCt4vmSq2ssBO24kOAHrg5GrqEsnfoSnu8Nb
-sQIDAQABoEkwRwYJKoZIhvcNAQkOMTowODApBgNVHREEIjAggglsb2NhbGhvc3SC
-E2NlcnRpc3N1ZXIub25hcC5vcmcwCwYDVR0PBAQDAgWgMA0GCSqGSIb3DQEBCwUA
-A4IBAQAWkOeJHnmtlSvlb7HbBeSGY4E9M338sKtwV4ZSvH+n5rgwamkvjhUwhycs
-UR0XgeAyD86kK6kkvVewdIanHYp1k7CuDZkU6piy8t4RhosyqUWQNWtemGYdNZCL
-cgZ1Jbj4NdIZo2EKBIEbTrm9VFt1zidYRFNGNJp8RQQds6r4qATq1NKr6ptrLuIc
-dzfOm1ZPtSn8u4H4+z1re6q18JeM0VPXBiXBtEXwQRXIEnsjCzYxdjy+QwbEmlpB
-o2hMIamWNIbskYnNkaky8eQzjJ8uIesESeanWJlrMUbzicOwQeYMPmj+Mkn1nqlK
-YFwml5XnVXXpGLHGWCswpN3CDyXi
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RKJGx0bXUz2hyWPssq5
+sZEOcC4ITkBWDx1b/g+abX1J2nTfKZK4JSRd1I/9Lz8LaiyuqacCzJ3vZ+IbvbwJ
+HjTvzakbdQgbm7TSOH4zBXUp6lN92PT+RwM5PGcipi3vcC/eT4aMohEhHH1qkNCP
+G7EC69hTnw3tyXX19euF/gAJwHeYNSHC6k2WwLYkYkkhRIndzv1vM8nBLb7C7JBE
+aAO0fq1trVEoIYdz3tNWZWs+T+Vu8fATqm1rLzKOj3bQljRluFsegrRPR2oD9Th5
+AE5nmw948higVTlXcdeoW0MiAn6pWyHzcTKhBizm+Yp4bejqx8oq+Joq7u5nue/p
+KQIDAQABoHUwcwYJKoZIhvcNAQkOMWYwZDBVBgNVHREETjBMgglsb2NhbGhvc3SC
+E2NlcnRpc3N1ZXIub25hcC5vcmeBDW9uYXBAb25hcC5vcmeHBH8AAAGGFW9uYXA6
+Ly9jbHVzdGVyLmxvY2FsLzALBgNVHQ8EBAMCBaAwDQYJKoZIhvcNAQELBQADggEB
+AI3LghPWW3P8zO5CiLIMYwbYbQt0nA0AA/iDzBh/HXE+owLXECffGhidC9oG8d1r
+ZAL+fkjU1+hBSPyk8ZIeiPGi1NDL4h+65Cobv/D3O5PEDYui98FZSykrkcLCb3Qx
+ga6ki+l3sQYP6sWyK6N1U7uX8t1g7IMbcpMO7rASNMDRWkYtlmJhit0Yd6YgvYuL
+gqH+TRiUTvm6XKby5DaTK3lz7h78lqTxVcWHlxUGTvXAEF15cqbKGy9n/4y1LQUc
+AhEFo/1MKDqMpG8FTw/EFMMzKQAXofeLGcWepXo1oDGHal8/3kYN+0c2cH4ZASp4
+N8j9VQMXik3mDiJWFtM0oWI=
 -----END CERTIFICATE REQUEST-----`)
 
 const csrWithSkippedProperties = (`-----BEGIN CERTIFICATE REQUEST-----
-MIIDgjCCAmoCAQAwgaQxCzAJBgNVBAYTAlBMMRMwEQYDVQQIEwpEb2xueVNsYXNr
-MRAwDgYDVQQHEwdXcm9jbGF3MREwDwYDVQQJEwhMb3RuaWN6YTEPMA0GA1UEERMG
-MTItMzQ1MQ0wCwYDVQQKEwRPTkFQMQ0wCwYDVQQLEwRvbmFwMRwwGgYDVQQDExNj
-ZXJ0aXNzdWVyLm9uYXAub3JnMQ4wDAYDVQQFEwUxMjM0NTCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAPdrWRYpdGY6A9YEQ8mnQdOW7wzdaNHJ83ZrMPZd
-V7jBOMvQbTw6Oe/Q4vD+Dla7FmGqlAajNIgKRiUUQLKVmASELhCYhtW7Mn91qe6l
-xuyPyOEi9o8mArJosFAfPPF0nm9FQPi2qHgyi6C52QR7cKsgNPflpKVsEx9Y+Zns
-YBqkaX16BukvcHUANgsvZ3rLUVeiOsCi2ysVcsm+4XMvF6ejoqKJ9k7Ti0VrQtqh
-e1nKlaa4uP3dreeUXBMLfKUS7QrNavpiX6wVaohVp6p/AYQ2HZurMv86Q2E5D5SC
-ReEpVuWx+r4MI8dAHbYe09ntkRGIe8mVyxHHEWLNfZiwKGsCAwEAAaCBlzCBlAYJ
-KoZIhvcNAQkOMYGGMIGDMFUGA1UdEQROMEyCCWxvY2FsaG9zdIITY2VydGlzc3Vl
-ci5vbmFwLm9yZ4ENb25hcEBvbmFwLm9yZ4cEfwAAAYYVb25hcDovL2NsdXN0ZXIu
-bG9jYWwvMAsGA1UdDwQEAwICBDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
-AwIwDQYJKoZIhvcNAQELBQADggEBAHDMw3+fVOrbVnMI2g/IP40vt1eenkoriTHX
-dnjRRFio75nCNRJdLOJ9FU3wIgdDZwGaiXdn5NDQxCe0BWcbElDJSYR/xOi7V0AM
-2L3CrRAOhr2MjwX7CaOuYWcVtrbtIMf26NLKRXYPlGgc6YeofalDnezMJ/IuRQhj
-bcm17a8owa5dH9u/rmTmlrIT7PV4JHkZIogctIcSqod6xdr1mbi8G9DMFAqV+o7W
-9kV7XDKhTqYoBIsXwfehNMu3lo72VuklIyVNiEVz4mVzpeZy2DgjRjCLt106yDHZ
-f3nco6O4y2EyexBVKq6QRFfZDUab6YcoEVvPAio01RmFrHgnxHs=
+MIIDaDCCAlACAQAwgboxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
+MRYwFAYDVQQHEw1TYW4tRnJhbmNpc2NvMRUwEwYDVQQJEwxzYW1wbGVTdHJlZXQx
+DzANBgNVBBETBjEyLTM0NTEZMBcGA1UEChMQTGludXgtRm91bmRhdGlvbjENMAsG
+A1UECxMET05BUDEcMBoGA1UEAxMTY2VydGlzc3Vlci5vbmFwLm9yZzEOMAwGA1UE
+BRMFMTIzNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOsn9B8AmR
+ZGcJ/b2pp+oeA0jQgr7wnJeDCWzF7v5k6vBSeladlERVTCBaWO5SSSVDqrhidnvv
++FpxG6LeN+Y/KQn/Hk8pQSoht3yZaTgQV352nOysIr/tI4QUwahAXH8RwvyS4CHJ
+vy1n/cJlvdiymC9z61dUx4DyHsMlZMRTldiFIs0/VKtgPPZ3hxMT1NJjg9dmyJhm
+RCZOn/cj1laIW6ie/BQJuXINf8VT3bl4mYkfc7yvrj7V3aMWKuzbr8/yMo9fpHqd
+gGQIqtmDOWOHkawkEAPqpeFLdryXcfFEFsy9iJHbr4N/5FKj4lbUaS4aVA04oigl
+RUKM8bE5uQUHAgMBAAGgaDBmBgkqhkiG9w0BCQ4xWTBXMCkGA1UdEQQiMCCCCWxv
+Y2FsaG9zdIITY2VydGlzc3Vlci5vbmFwLm9yZzALBgNVHQ8EBAMCAgQwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQACQMf4
+OcJHOD1AWmIXy5G0VYUs2qogrSX0BEWWuXRGt9vicUmesgf9YLHNlg5dOujJmEIP
+HKkks1uy5dNXMlKAZ3i1TSaVhoFap5jZiXmfKfRXb5ImL3e5146hr+1dqRnPA7rR
+4fjjz8B7HeO2TiWu2xgJnyuPHKOwalSOYhVljpEE2hjs064Vc2yovj2FcYdPbfc2
+gFQqkUSBrviuzxhK63fWtMGStv/kSc3cEylDzV45LLIUCVFKzKaqXiG8MCQjhtFI
+2ve5+9NJxPQ3SqBKUuRoTHYBC3YppY/QagepVlENeDomvku8iS2FSkkOxGspbhla
+7uR7K5JP5H9jLQbj
 -----END CERTIFICATE REQUEST-----`)
author	Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>	2020-11-18 11:50:11 +0100
committer	Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>	2020-11-18 13:56:47 +0100
commit	37fd0c9c705fe467ffa9df6a1b3acec51e479392 (patch)
tree	7ccb712477133c34eea731981ec64a2011402009 /certServiceK8sExternalProvider/src/cmpv2controller
parent	944cae91430e83ddd801386a80b5333f2bff6775 (diff)