[OOM-K8S-CERT-EXTERNAL-PROVIDER] Filter not supported CSR properties

Align EJBCA config with OOM Issue-ID: OOM-2559 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: I8ab73c84415e1ea1b09b6210ffbf84386315f9eb
author: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> 2020-10-29 14:03:25 +0100
committer: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> 2020-11-02 15:15:18 +0100
commit: 9879e0147fc076114c7226bd6130d25c14770639 (patch)
tree: 2a43ea6723cfc4e4caf325155061bdb90d5990e1 /certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go
parent: a622e8871c9bea86aff16ffe5ae021abe08326fe (diff)
1 files changed, 12 insertions, 2 deletions
diff --git a/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go b/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go
index 60610d32..14cb228f 100644
--- a/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go
+++ b/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go
@@ -35,6 +35,7 @@ import (
 
 	"onap.org/oom-certservice/k8s-external-provider/src/certserviceclient"
 	"onap.org/oom-certservice/k8s-external-provider/src/cmpv2api"
+	"onap.org/oom-certservice/k8s-external-provider/src/cmpv2provisioner/csr"
 )
 
 var collection = new(sync.Map)
@@ -83,7 +84,11 @@ func Store(namespacedName types.NamespacedName, provisioner *CertServiceCA) {
 	collection.Store(namespacedName, provisioner)
 }
 
-func (ca *CertServiceCA) Sign(ctx context.Context, certificateRequest *certmanager.CertificateRequest, privateKeyBytes []byte) ([]byte, []byte, error) {
+func (ca *CertServiceCA) Sign(
+	ctx context.Context,
+	certificateRequest *certmanager.CertificateRequest,
+	privateKeyBytes []byte,
+) (signedCertificateChain []byte, trustedCertificates []byte, err error) {
 	log := ctrl.Log.WithName("certservice-provisioner")
 	log.Info("Signing certificate: ", "cert-name", certificateRequest.Name)
 
@@ -92,7 +97,12 @@ func (ca *CertServiceCA) Sign(ctx context.Context, certificateRequest *certmanag
 	csrBytes := certificateRequest.Spec.Request
 	log.Info("Csr PEM: ", "bytes", csrBytes)
 
-	response, err := ca.certServiceClient.GetCertificates(csrBytes, privateKeyBytes)
+	filteredCsrBytes, err := csr.FilterFieldsFromCSR(csrBytes, privateKeyBytes)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	response, err := ca.certServiceClient.GetCertificates(filteredCsrBytes, privateKeyBytes)
 	if err != nil {
 		return nil, nil, err
 	}
author	Remigiusz Janeczek <remigiusz.janeczek@nokia.com>	2020-10-29 14:03:25 +0100
committer	Remigiusz Janeczek <remigiusz.janeczek@nokia.com>	2020-11-02 15:15:18 +0100
commit	9879e0147fc076114c7226bd6130d25c14770639 (patch)
tree	2a43ea6723cfc4e4caf325155061bdb90d5990e1 /certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go
parent	a622e8871c9bea86aff16ffe5ae021abe08326fe (diff)