diff options
12 files changed, 374 insertions, 38 deletions
diff --git a/certService/README.md b/certService/README.md index 23cb2cf6..4780a904 100644 --- a/certService/README.md +++ b/certService/README.md @@ -84,15 +84,23 @@ curl localhost:8080/actuator/health ``` Should return {"status":"UP"} -### Running CSITs -Pull csit repository +### AAF CertService CSITs +#### CSIT repository ``` https://gerrit.onap.org/r/admin/repos/integration/csit ``` -Go to created directory and run + +####How to run tests locally +1. Checkout CSIT repository +2. Configure CSIT local environment +3. Inside CSIT directory execute ``` -sudo ./run-csit.sh plans/aaf/cert-service +sudo ./run-csit.sh plans/aaf/certservice ``` + +####Jenkins build +https://jenkins.onap.org/view/CSIT/job/aaf-master-csit-certservice/ + ### Logs locally path: diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java index a6dd5fcf..94530100 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java @@ -51,12 +51,11 @@ class CmpServersConfigLoader { try { servers = loadConfigFromFile(path).getCmpv2Servers(); servers.forEach(validator::validate); - LOGGER.info(String.format("CMP Servers configuration successfully loaded from file '%s'", path)); + LOGGER.info("CMP Servers configuration successfully loaded from file {}", path); } catch (IOException e) { LOGGER.error("Exception occurred during CMP Servers configuration loading: ", e); } catch (InvalidParameterException e) { LOGGER.error("Validation of CMPv2 servers configuration failed:", e); - throw e; } return servers; diff --git a/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoaderTest.java b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoaderTest.java index cf8c07a1..d14dc7b7 100644 --- a/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoaderTest.java +++ b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoaderTest.java @@ -39,7 +39,7 @@ import static org.assertj.core.api.Assertions.assertThat; @ContextConfiguration(classes = CertServiceApplication.class) class CmpServersConfigLoaderTest { private static final String EXISTING_CONFIG_FILENAME = "cmpServers.json"; - private static final String NONEXISTING_CONFIG_FILENAME = "nonexisting_cmpServers.json"; + private static final String NONEXISTING_CONFIG_FILENAME = "nonExisting_cmpServers.json"; private static final Map<String, String> EXPECTED_FIRST_CMP_SERVER = Map.of( "CA_NAME", "TEST", "URL", "http://127.0.0.1/ejbca/publicweb/cmp/cmp", @@ -61,7 +61,7 @@ class CmpServersConfigLoaderTest { private CmpServersConfigLoader configLoader; @Test - public void shouldLoadCmpServersConfigWhenFileAvailable() { + void shouldLoadCmpServersConfigWhenFileAvailable() { // Given String path = getClass().getClassLoader().getResource(EXISTING_CONFIG_FILENAME).getFile(); @@ -75,8 +75,8 @@ class CmpServersConfigLoaderTest { verifyThatCmpServerEquals(cmpServers.get(1), EXPECTED_SECOND_CMP_SERVER); } - @Test() - public void shouldReturnEmptyListWhenFileMissing() { + @Test + void shouldReturnEmptyListWhenFileMissing() { // When List<Cmpv2Server> cmpServers = configLoader.load(NONEXISTING_CONFIG_FILENAME); diff --git a/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigTest.java b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigTest.java index 43094f09..7184384c 100644 --- a/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigTest.java +++ b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigTest.java @@ -20,16 +20,17 @@ package org.onap.aaf.certservice.certification.configuration; +import org.bouncycastle.asn1.x500.X500Name; +import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; +import org.mockito.Mock; import org.mockito.Mockito; -import org.onap.aaf.certservice.CertServiceApplication; +import org.mockito.junit.jupiter.MockitoExtension; +import org.onap.aaf.certservice.certification.configuration.model.Authentication; +import org.onap.aaf.certservice.certification.configuration.model.CaMode; import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.test.mock.mockito.MockBean; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.TestPropertySource; -import org.springframework.test.context.junit.jupiter.SpringExtension; +import org.springframework.cloud.context.scope.refresh.RefreshScopeRefreshedEvent; import java.util.List; @@ -37,29 +38,61 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.startsWith; -@ExtendWith(SpringExtension.class) -@ContextConfiguration(classes = CertServiceApplication.class) -@TestPropertySource(properties = {"app.config.path=/fake/path/to/config"}) +@ExtendWith(MockitoExtension.class) class CmpServersConfigTest { - private static final List<Cmpv2Server> SAMPLE_CMP_SERVERS = List.of( - new Cmpv2Server(), - new Cmpv2Server() - ); + private static final String APP_CONFIG_PATH = "/fake/path/to/config"; - @MockBean + private static final List<Cmpv2Server> SAMPLE_CMP_SERVERS = generateTestConfiguration(); + + @Mock private CmpServersConfigLoader cmpServersConfigLoader; - @Autowired private CmpServersConfig cmpServersConfig; + @BeforeEach + void setUp() { + cmpServersConfig = new CmpServersConfig(APP_CONFIG_PATH, cmpServersConfigLoader); + } + + @Test + void shouldCallLoaderWithPathFromPropertiesWhenCreated() { + this.cmpServersConfig.loadConfiguration(); // Manual PostConstruct call + Mockito.verify(cmpServersConfigLoader).load(startsWith(APP_CONFIG_PATH)); + } + + @Test + void shouldReturnLoadedServersWhenGetCalled() { + // Given + Mockito.when(cmpServersConfigLoader.load(any())).thenReturn(SAMPLE_CMP_SERVERS); + this.cmpServersConfig.loadConfiguration(); // Manual PostConstruct call + + // When + List<Cmpv2Server> receivedCmpServers = this.cmpServersConfig.getCmpServers(); + + // Then + assertThat(receivedCmpServers).containsAll(SAMPLE_CMP_SERVERS); + } + @Test - public void shouldCallLoaderWithPathFromPropertiesWhenCreated() { - Mockito.verify(cmpServersConfigLoader).load(startsWith("/fake/path/to/config")); + void shouldReturnLoadedServersAfterRefreshWhenGetCalled() { + // Given + Mockito.when(cmpServersConfigLoader.load(any())).thenReturn(SAMPLE_CMP_SERVERS); + + List<Cmpv2Server> receivedCmpServers = this.cmpServersConfig.getCmpServers(); + assertThat(receivedCmpServers).isNull(); + + this.cmpServersConfig.onRefreshScope(new RefreshScopeRefreshedEvent()); + + // When + receivedCmpServers = this.cmpServersConfig.getCmpServers(); + + // Then + assertThat(receivedCmpServers).containsAll(SAMPLE_CMP_SERVERS); } @Test - public void shouldReturnLoadedServersWhenGetCalled() { + void shouldNotReturnIakAndRvWhenToStringMethodIsUsed() { // Given Mockito.when(cmpServersConfigLoader.load(any())).thenReturn(SAMPLE_CMP_SERVERS); this.cmpServersConfig.loadConfiguration(); // Manual PostConstruct call @@ -68,6 +101,35 @@ class CmpServersConfigTest { List<Cmpv2Server> receivedCmpServers = this.cmpServersConfig.getCmpServers(); // Then - assertThat(receivedCmpServers).hasSize(SAMPLE_CMP_SERVERS.size()); + receivedCmpServers.forEach((server)-> assertThat(server.toString()) + .doesNotContain( + server.getAuthentication().getIak(), + server.getAuthentication().getRv() + )); + } + + private static List<Cmpv2Server> generateTestConfiguration() { + Cmpv2Server testServer1 = new Cmpv2Server(); + testServer1.setCaName("TEST_CA1"); + testServer1.setIssuerDN(new X500Name("CN=testIssuer")); + testServer1.setUrl("http://test.ca.server"); + Authentication testAuthentication1 = new Authentication(); + testAuthentication1.setIak("testIak"); + testAuthentication1.setRv("testRv"); + testServer1.setAuthentication(testAuthentication1); + testServer1.setCaMode(CaMode.RA); + + Cmpv2Server testServer2 = new Cmpv2Server(); + testServer2.setCaName("TEST_CA2"); + testServer2.setIssuerDN(new X500Name("CN=testIssuer2")); + testServer2.setUrl("http://test.ca.server"); + Authentication testAuthentication2 = new Authentication(); + testAuthentication2.setIak("test2Iak"); + testAuthentication2.setRv("test2Rv"); + testServer2.setAuthentication(testAuthentication2); + testServer2.setCaMode(CaMode.CLIENT); + + return List.of(testServer1, testServer2); } -}
\ No newline at end of file + +} diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/CertServiceClient.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/CertServiceClient.java index f8867846..3e8f73eb 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/CertServiceClient.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/CertServiceClient.java @@ -20,6 +20,7 @@ package org.onap.aaf.certservice.client; import org.onap.aaf.certservice.client.api.ExitableException; +import org.onap.aaf.certservice.client.certification.CsrFactory; import org.onap.aaf.certservice.client.certification.KeyPairFactory; import org.onap.aaf.certservice.client.configuration.EnvsForClient; import org.onap.aaf.certservice.client.configuration.EnvsForCsr; @@ -47,10 +48,11 @@ public class CertServiceClient { ClientConfiguration clientConfiguration = new ClientConfigurationFactory(new EnvsForClient()).create(); CsrConfiguration csrConfiguration = new CsrConfigurationFactory(new EnvsForCsr()).create(); KeyPair keyPair = keyPairFactory.create(); + CsrFactory csrFactory = new CsrFactory(csrConfiguration); + String csr = csrFactory.createEncodedCsr(keyPair); } catch (ExitableException e) { appExitHandler.exit(e.applicationExitCode()); } appExitHandler.exit(SUCCESS_EXIT_CODE.getValue()); } - } diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitCode.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitCode.java index 295738f4..45f2c400 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitCode.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/api/ExitCode.java @@ -22,7 +22,8 @@ public enum ExitCode { SUCCESS_EXIT_CODE(0), CLIENT_CONFIGURATION_EXCEPTION(1), CSR_CONFIGURATION_EXCEPTION(2), - KEY_PAIR_GENERATION_EXCEPTION(3); + KEY_PAIR_GENERATION_EXCEPTION(3), + CSR_GENERATION_EXCEPTION(4); private final int value; diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/CsrFactory.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/CsrFactory.java new file mode 100644 index 00000000..f936636a --- /dev/null +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/CsrFactory.java @@ -0,0 +1,158 @@ +/*============LICENSE_START======================================================= + * aaf-certservice-client + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aaf.certservice.client.certification; + +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.asn1.x509.Extension; +import org.bouncycastle.asn1.x509.Extensions; +import org.bouncycastle.asn1.x509.ExtensionsGenerator; +import org.bouncycastle.asn1.x509.GeneralName; +import org.bouncycastle.asn1.x509.GeneralNames; +import org.bouncycastle.openssl.jcajce.JcaPEMWriter; +import org.bouncycastle.operator.ContentSigner; +import org.bouncycastle.operator.OperatorCreationException; +import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; +import org.bouncycastle.pkcs.PKCS10CertificationRequest; +import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder; + +import org.onap.aaf.certservice.client.certification.exception.CsrGenerationException; +import org.onap.aaf.certservice.client.configuration.model.CsrConfiguration; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import javax.security.auth.x500.X500Principal; +import java.io.IOException; +import java.io.StringWriter; +import java.nio.charset.StandardCharsets; +import java.security.KeyPair; +import java.util.Base64; +import java.util.Optional; + +import static org.onap.aaf.certservice.client.certification.EncryptionAlgorithmConstants.COMMON_NAME; +import static org.onap.aaf.certservice.client.certification.EncryptionAlgorithmConstants.COUNTRY; +import static org.onap.aaf.certservice.client.certification.EncryptionAlgorithmConstants.LOCATION; +import static org.onap.aaf.certservice.client.certification.EncryptionAlgorithmConstants.ORGANIZATION; +import static org.onap.aaf.certservice.client.certification.EncryptionAlgorithmConstants.ORGANIZATION_UNIT; +import static org.onap.aaf.certservice.client.certification.EncryptionAlgorithmConstants.SIGN_ALGORITHM; +import static org.onap.aaf.certservice.client.certification.EncryptionAlgorithmConstants.STATE; + + +public class CsrFactory { + + private final Logger LOGGER = LoggerFactory.getLogger(CsrFactory.class); + private static final String SANS_DELIMITER = ":"; + private final CsrConfiguration configuration; + + + public CsrFactory(CsrConfiguration configuration) { + this.configuration = configuration; + } + + + public String createEncodedCsr(KeyPair keyPair) throws CsrGenerationException { + PKCS10CertificationRequest request; + String csrParameters = getMandatoryParameters().append(getOptionalParameters()).toString(); + X500Principal subject = new X500Principal(csrParameters); + request = createPKCS10Csr(subject, keyPair); + return encodeToBase64(convertPKC10CsrToPem(request)); + } + + + private StringBuilder getMandatoryParameters() { + return new StringBuilder(String.format("%s=%s, %s=%s, %s=%s, %s=%s", + COMMON_NAME, configuration.getCommonName(), + COUNTRY, configuration.getCountry(), + STATE, configuration.getState(), + ORGANIZATION, configuration.getOrganization())); + } + + private String getOptionalParameters() { + StringBuilder optionalParameters = new StringBuilder(); + Optional.ofNullable(configuration.getOrganizationUnit()) + .filter(CsrFactory::isParameterPresent) + .map(unit -> optionalParameters.append(String.format(", %s=%s", ORGANIZATION_UNIT, unit))); + Optional.ofNullable(configuration.getLocation()) + .filter(CsrFactory::isParameterPresent) + .map(location -> optionalParameters.append(String.format(", %s=%s", LOCATION, location))); + return optionalParameters.toString(); + } + + private PKCS10CertificationRequest createPKCS10Csr(X500Principal subject, KeyPair keyPair) throws CsrGenerationException { + JcaPKCS10CertificationRequestBuilder builder = new JcaPKCS10CertificationRequestBuilder(subject, keyPair.getPublic()); + + if (isParameterPresent(configuration.getSans())) { + builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, generateSansExtension()); + } + + return builder.build(getContentSigner(keyPair)); + } + + private ContentSigner getContentSigner(KeyPair keyPair) throws CsrGenerationException { + ContentSigner contentSigner; + try { + contentSigner = new JcaContentSignerBuilder(SIGN_ALGORITHM).build(keyPair.getPrivate()); + } catch (OperatorCreationException e) { + LOGGER.error("Creation of PKCS10Csr failed, exception message: {}", e.getMessage()); + throw new CsrGenerationException(e); + + } + return contentSigner; + } + + private String convertPKC10CsrToPem(PKCS10CertificationRequest request) throws CsrGenerationException { + final StringWriter stringWriter = new StringWriter(); + try (JcaPEMWriter pemWriter = new JcaPEMWriter(stringWriter)) { + pemWriter.writeObject(request); + } catch (IOException e) { + LOGGER.error("Conversion to PEM failed, exception message: {}", e.getMessage()); + throw new CsrGenerationException(e); + } + return stringWriter.toString(); + } + + private Extensions generateSansExtension() throws CsrGenerationException { + ExtensionsGenerator generator = new ExtensionsGenerator(); + try { + generator.addExtension(Extension.subjectAlternativeName, false, createGeneralNames()); + } catch (IOException e) { + LOGGER.error("Generation of SANs parameter failed, exception message: {}", e.getMessage()); + throw new CsrGenerationException(e); + } + return generator.generate(); + } + + private GeneralNames createGeneralNames() { + String[] sansTable = this.configuration.getSans().split(SANS_DELIMITER); + int length = sansTable.length; + GeneralName[] generalNames = new GeneralName[length]; + for (int i = 0; i < length; i++) { + generalNames[i] = new GeneralName(GeneralName.dNSName, sansTable[i]); + } + return new GeneralNames(generalNames); + } + + private static Boolean isParameterPresent(String parameter) { + return parameter != null && !"".equals(parameter); + } + + private static String encodeToBase64(String csrInPem) { + return Base64.getEncoder().encodeToString(csrInPem.getBytes(StandardCharsets.UTF_8)); + } +} diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/EncryptionAlgorithmConstants.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/EncryptionAlgorithmConstants.java index 2afdbee0..96b3650c 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/EncryptionAlgorithmConstants.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/EncryptionAlgorithmConstants.java @@ -16,9 +16,22 @@ * limitations under the License. * ============LICENSE_END========================================================= */ + package org.onap.aaf.certservice.client.certification; -public class EncryptionAlgorithmConstants { +public final class EncryptionAlgorithmConstants { + + private EncryptionAlgorithmConstants() {} + public static final String RSA_ENCRYPTION_ALGORITHM = "RSA"; + public static final String SIGN_ALGORITHM = "SHA1withRSA"; public static final int KEY_SIZE = 2048; + + public static final String COMMON_NAME = "CN"; + public static final String ORGANIZATION = "O"; + public static final String ORGANIZATION_UNIT = "OU"; + public static final String LOCATION = "L"; + public static final String STATE = "ST"; + public static final String COUNTRY = "C"; + } diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/CsrGenerationException.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/CsrGenerationException.java new file mode 100644 index 00000000..c1d4afd2 --- /dev/null +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/CsrGenerationException.java @@ -0,0 +1,35 @@ +/*============LICENSE_START======================================================= + * aaf-certservice-client + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aaf.certservice.client.certification.exception; + +import org.onap.aaf.certservice.client.api.ExitCode; +import org.onap.aaf.certservice.client.api.ExitableException; + +public class CsrGenerationException extends ExitableException { + private static final ExitCode EXIT_CODE = ExitCode.CSR_GENERATION_EXCEPTION; + + public CsrGenerationException(Throwable e) { + super(e); + } + + public int applicationExitCode() { + return EXIT_CODE.getValue(); + } +} diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/configuration/model/CsrConfiguration.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/configuration/model/CsrConfiguration.java index 30caf42a..aaaf10fa 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/configuration/model/CsrConfiguration.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/configuration/model/CsrConfiguration.java @@ -29,7 +29,7 @@ public class CsrConfiguration implements ConfigurationModel { private String country; private String organizationUnit; private String location; - private String subjectAlternativeNames; + private String sans; public String getCommonName() { @@ -86,12 +86,12 @@ public class CsrConfiguration implements ConfigurationModel { return this; } - public String getSubjectAlternativeNames() { - return subjectAlternativeNames; + public String getSans() { + return sans; } public CsrConfiguration setSubjectAlternativeNames(String subjectAlternativeNames) { - this.subjectAlternativeNames = subjectAlternativeNames; + this.sans = subjectAlternativeNames; return this; } } diff --git a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/CsrFactoryTest.java b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/CsrFactoryTest.java new file mode 100644 index 00000000..16b5e03b --- /dev/null +++ b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/CsrFactoryTest.java @@ -0,0 +1,58 @@ +/*============LICENSE_START======================================================= + * aaf-certservice-client + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aaf.certservice.client.certification; + + +import org.junit.jupiter.api.Test; +import org.onap.aaf.certservice.client.certification.exception.CsrGenerationException; +import org.onap.aaf.certservice.client.certification.exception.KeyPairGenerationException; +import org.onap.aaf.certservice.client.configuration.model.CsrConfiguration; + +import java.security.KeyPair; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; + + +public class CsrFactoryTest { + + CsrConfiguration config = mock(CsrConfiguration.class); + + + + @Test + void createEncodedCsr_shouldSucceedWhenAllFieldsAreSetCorrectly() throws KeyPairGenerationException, CsrGenerationException { + + KeyPair keyPair = + new KeyPairFactory(EncryptionAlgorithmConstants.RSA_ENCRYPTION_ALGORITHM, EncryptionAlgorithmConstants.KEY_SIZE).create(); + + when(config.getCommonName()).thenReturn("onap.org"); + when(config.getSans()).thenReturn("onapexample.com:onapexample.com.pl:onapexample.pl"); + when(config.getCountry()).thenReturn("US"); + when(config.getLocation()).thenReturn("San-Francisco"); + when(config.getOrganization()).thenReturn("Linux-Foundation"); + when(config.getOrganizationUnit()).thenReturn("ONAP"); + when(config.getState()).thenReturn("California"); + + assertThat(new CsrFactory(config).createEncodedCsr(keyPair)).isNotEmpty(); + } +} + diff --git a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/configuration/model/CsrConfigurationFactoryTest.java b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/configuration/model/CsrConfigurationFactoryTest.java index 32298e9d..707094c0 100644 --- a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/configuration/model/CsrConfigurationFactoryTest.java +++ b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/configuration/model/CsrConfigurationFactoryTest.java @@ -63,7 +63,7 @@ public class CsrConfigurationFactoryTest { // then assertThat(configuration.getCommonName()).isEqualTo(COMMON_NAME_VALID); - assertThat(configuration.getSubjectAlternativeNames()).isEqualTo(SANS_VALID); + assertThat(configuration.getSans()).isEqualTo(SANS_VALID); assertThat(configuration.getCountry()).isEqualTo(COUNTRY_VALID); assertThat(configuration.getLocation()).isEqualTo(LOCATION_VALID); assertThat(configuration.getOrganization()).isEqualTo(ORGANIZATION_VALID); |