diff options
Diffstat (limited to 'certService/src/main/java/org/onap/aaf/certservice/certification')
-rw-r--r-- | certService/src/main/java/org/onap/aaf/certservice/certification/CsrModelFactory.java | 42 | ||||
-rw-r--r-- | certService/src/main/java/org/onap/aaf/certservice/certification/PKCS10CertificationRequestFactory.java | 38 | ||||
-rw-r--r-- | certService/src/main/java/org/onap/aaf/certservice/certification/PemObjectFactory.java | 9 | ||||
-rw-r--r-- | certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/CertificationExceptionController.java | 56 | ||||
-rw-r--r-- | certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/CsrDecryptionException.java | 3 | ||||
-rw-r--r-- | certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/DecryptionException.java | 3 | ||||
-rw-r--r-- | certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/KeyDecryptionException.java (renamed from certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/PemDecryptionException.java) | 8 |
7 files changed, 137 insertions, 22 deletions
diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/CsrModelFactory.java b/certService/src/main/java/org/onap/aaf/certservice/certification/CsrModelFactory.java index c1262e1e..6794bd6b 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/CsrModelFactory.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/CsrModelFactory.java @@ -20,13 +20,13 @@ package org.onap.aaf.certservice.certification; -import java.io.IOException; import java.util.Base64; import org.bouncycastle.pkcs.PKCS10CertificationRequest; import org.bouncycastle.util.io.pem.PemObject; import org.onap.aaf.certservice.certification.exceptions.CsrDecryptionException; -import org.onap.aaf.certservice.certification.exceptions.PemDecryptionException; +import org.onap.aaf.certservice.certification.exceptions.DecryptionException; +import org.onap.aaf.certservice.certification.exceptions.KeyDecryptionException; import org.onap.aaf.certservice.certification.model.CsrModel; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -37,22 +37,35 @@ import org.springframework.stereotype.Service; public class CsrModelFactory { private static final Logger LOGGER = LoggerFactory.getLogger(CsrModelFactory.class); - private final PemObjectFactory pemObjectFactory = new PemObjectFactory(); + private final PemObjectFactory pemObjectFactory + = new PemObjectFactory(); + private final PKCS10CertificationRequestFactory certificationRequestFactory + = new PKCS10CertificationRequestFactory(); + public CsrModel createCsrModel(StringBase64 csr, StringBase64 privateKey) - throws CsrDecryptionException, PemDecryptionException { + throws DecryptionException { LOGGER.debug("Decoded CSR: \n{}", csr); + PKCS10CertificationRequest decodedCsr = decodeCsr(csr); + PemObject decodedPrivateKey = decodePrivateKey(privateKey); + return new CsrModel(decodedCsr, decodedPrivateKey); + } - try { - PemObject pemObject = pemObjectFactory.createPemObject(csr.asString()); - PKCS10CertificationRequest decodedCsr = new PKCS10CertificationRequest( - pemObject.getContent() - ); - PemObject decodedPrivateKey = pemObjectFactory.createPemObject(privateKey.asString()); - return new CsrModel(decodedCsr, decodedPrivateKey); - } catch (IOException e) { - throw new CsrDecryptionException("Incorrect CSR, decryption failed", e); - } + private PemObject decodePrivateKey(StringBase64 privateKey) + throws KeyDecryptionException { + return pemObjectFactory.createPemObject(privateKey.asString()).orElseThrow( + () -> new KeyDecryptionException("Incorrect Key, decryption failed") + ); + } + + private PKCS10CertificationRequest decodeCsr(StringBase64 csr) + throws CsrDecryptionException { + return pemObjectFactory.createPemObject(csr.asString()) + .flatMap( + certificationRequestFactory::createKCS10CertificationRequest + ).orElseThrow( + () -> new CsrDecryptionException("Incorrect CSR, decryption failed") + ); } public static class StringBase64 { @@ -67,6 +80,7 @@ public class CsrModelFactory { return new String(decoder.decode(value)); } } + } diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/PKCS10CertificationRequestFactory.java b/certService/src/main/java/org/onap/aaf/certservice/certification/PKCS10CertificationRequestFactory.java new file mode 100644 index 00000000..8f89de2f --- /dev/null +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/PKCS10CertificationRequestFactory.java @@ -0,0 +1,38 @@ +/* + * ============LICENSE_START======================================================= + * PROJECT + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aaf.certservice.certification; + +import org.bouncycastle.pkcs.PKCS10CertificationRequest; +import org.bouncycastle.util.io.pem.PemObject; + +import java.io.IOException; +import java.util.Optional; + +public class PKCS10CertificationRequestFactory { + + public Optional<PKCS10CertificationRequest> createKCS10CertificationRequest(PemObject pemObject) { + try { + return Optional.of(new PKCS10CertificationRequest(pemObject.getContent())); + } catch (IOException e) { + return Optional.empty(); + } + } +} diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/PemObjectFactory.java b/certService/src/main/java/org/onap/aaf/certservice/certification/PemObjectFactory.java index 61ea0aaf..514101b9 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/PemObjectFactory.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/PemObjectFactory.java @@ -22,22 +22,21 @@ package org.onap.aaf.certservice.certification; import java.io.IOException; import java.io.StringReader; +import java.util.Optional; import org.bouncycastle.util.io.pem.PemObject; import org.bouncycastle.util.io.pem.PemReader; -import org.onap.aaf.certservice.certification.exceptions.PemDecryptionException; - public class PemObjectFactory { - public PemObject createPemObject(String pem) throws PemDecryptionException { + public Optional<PemObject> createPemObject(String pem) { try (StringReader stringReader = new StringReader(pem); PemReader pemReader = new PemReader(stringReader)) { - return pemReader.readPemObject(); + return Optional.ofNullable(pemReader.readPemObject()); } catch (IOException e) { - throw new PemDecryptionException("Unable to create PEM", e); + return Optional.empty(); } } diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/CertificationExceptionController.java b/certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/CertificationExceptionController.java new file mode 100644 index 00000000..7d2c43ed --- /dev/null +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/CertificationExceptionController.java @@ -0,0 +1,56 @@ +/* + * ============LICENSE_START======================================================= + * PROJECT + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aaf.certservice.certification.exceptions; + +import com.google.gson.Gson; +import org.onap.aaf.certservice.certification.model.ErrorResponseModel; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.ControllerAdvice; +import org.springframework.web.bind.annotation.ExceptionHandler; + +@ControllerAdvice +public class CertificationExceptionController { + + private static final Logger LOGGER = LoggerFactory.getLogger(CertificationExceptionController.class); + + @ExceptionHandler(value = CsrDecryptionException.class) + public ResponseEntity<String> handle(CsrDecryptionException exception) { + LOGGER.error("Exception occurred during decoding certificate sign request:", exception); + return getErrorResponseEntity("Wrong certificate signing request (CSR) format"); + } + + @ExceptionHandler(value = KeyDecryptionException.class) + public ResponseEntity<String> handle(KeyDecryptionException exception) { + LOGGER.error("Exception occurred during decoding key:", exception); + return getErrorResponseEntity("Wrong key (PK) format"); + } + + private ResponseEntity<String> getErrorResponseEntity(String errorMessage) { + ErrorResponseModel errorResponse = new ErrorResponseModel(errorMessage); + return new ResponseEntity<>( + new Gson().toJson(errorResponse), + HttpStatus.BAD_REQUEST + ); + } +} diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/CsrDecryptionException.java b/certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/CsrDecryptionException.java index 2f3f3659..929fbdb6 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/CsrDecryptionException.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/CsrDecryptionException.java @@ -24,4 +24,7 @@ public class CsrDecryptionException extends DecryptionException { public CsrDecryptionException(String message, Throwable cause) { super(message, cause); } + public CsrDecryptionException(String message) { + super(message); + } } diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/DecryptionException.java b/certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/DecryptionException.java index 67249cd5..8f5f48e6 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/DecryptionException.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/DecryptionException.java @@ -24,4 +24,7 @@ public class DecryptionException extends Exception { public DecryptionException(String message, Throwable cause) { super(message, cause); } + public DecryptionException(String message) { + super(message); + } } diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/PemDecryptionException.java b/certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/KeyDecryptionException.java index 564660e5..15d53935 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/PemDecryptionException.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/exceptions/KeyDecryptionException.java @@ -20,9 +20,11 @@ package org.onap.aaf.certservice.certification.exceptions; -public class PemDecryptionException extends DecryptionException { - public PemDecryptionException(String message, Throwable cause) { +public class KeyDecryptionException extends DecryptionException { + public KeyDecryptionException(String message, Throwable cause) { super(message, cause); } - + public KeyDecryptionException(String message) { + super(message); + } } |