diff options
Diffstat (limited to 'certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion')
9 files changed, 43 insertions, 100 deletions
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreator.java index 8907c481..428b85aa 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreator.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreator.java @@ -16,6 +16,7 @@ * limitations under the License. * ============LICENSE_END========================================================= */ + package org.onap.aaf.certservice.client.certification.conversion; import org.onap.aaf.certservice.client.api.ExitableException; @@ -24,6 +25,6 @@ import java.security.PrivateKey; import java.util.List; public interface ArtifactsCreator { - void create(List<String> keystoreData, List<String> truststoreData, PrivateKey privateKey) + void create(List<String> keystoreData, List<String> truststoreData, PrivateKey privateKey) throws ExitableException; } diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java deleted file mode 100644 index d3d8a11b..00000000 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java +++ /dev/null @@ -1,61 +0,0 @@ -/*============LICENSE_START======================================================= - * aaf-certservice-client - * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.onap.aaf.certservice.client.certification.conversion; - -import org.onap.aaf.certservice.client.certification.PrivateKeyToPemEncoder; -import org.onap.aaf.certservice.client.certification.writer.CertFileWriter; - -public enum ArtifactsCreatorProvider { - P12("PKCS12") { - @Override - ArtifactsCreator create(String destPath) { - return ConvertedArtifactsCreatorFactory.createConverter(destPath, getExtension(), getKeyStoreType()); - } - }, - JKS("JKS") { - @Override - ArtifactsCreator create(String destPath) { - return ConvertedArtifactsCreatorFactory.createConverter(destPath, getExtension(), getKeyStoreType()); - } - }, - PEM("PEM"){ - @Override - ArtifactsCreator create(String destPath) { - return new PemArtifactsCreator(new CertFileWriter(destPath), new PrivateKeyToPemEncoder()); - } - }; - private final String keyStoreType; - ArtifactsCreatorProvider(String keyStoreType) { - this.keyStoreType = keyStoreType; - } - - public static ArtifactsCreator getCreator(String outputType, String destPath) { - return valueOf(outputType).create(destPath); - } - - String getKeyStoreType() { - return keyStoreType; - } - - String getExtension() { - return this.toString().toLowerCase(); - } - - abstract ArtifactsCreator create(String destPath); -} diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreator.java index 4e300074..0ecee793 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreator.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreator.java @@ -19,14 +19,15 @@ package org.onap.aaf.certservice.client.certification.conversion; -import java.security.PrivateKey; -import java.util.List; import org.onap.aaf.certservice.client.certification.exception.CertFileWriterException; import org.onap.aaf.certservice.client.certification.exception.PemConversionException; import org.onap.aaf.certservice.client.certification.writer.CertFileWriter; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.security.PrivateKey; +import java.util.List; + public class ConvertedArtifactsCreator implements ArtifactsCreator { private static final Logger LOGGER = LoggerFactory.getLogger(ConvertedArtifactsCreator.class); @@ -42,8 +43,8 @@ public class ConvertedArtifactsCreator implements ArtifactsCreator { private final PemConverter converter; private final CertFileWriter fileWriter; - public ConvertedArtifactsCreator(CertFileWriter fileWriter, RandomPasswordGenerator passwordGenerator, - PemConverter converter, String fileExtension) { + ConvertedArtifactsCreator(CertFileWriter fileWriter, RandomPasswordGenerator passwordGenerator, + PemConverter converter, String fileExtension) { this.passwordGenerator = passwordGenerator; this.converter = converter; this.fileWriter = fileWriter; @@ -52,13 +53,13 @@ public class ConvertedArtifactsCreator implements ArtifactsCreator { @Override public void create(List<String> keystoreData, List<String> truststoreData, PrivateKey privateKey) - throws PemConversionException, CertFileWriterException { - createKeystore(keystoreData,privateKey); + throws PemConversionException, CertFileWriterException { + createKeystore(keystoreData, privateKey); createTruststore(truststoreData); } private void createKeystore(List<String> data, PrivateKey privateKey) - throws PemConversionException, CertFileWriterException { + throws PemConversionException, CertFileWriterException { Password password = passwordGenerator.generate(PASSWORD_LENGTH); String keystoreArtifactName = String.format("%s.%s", KEYSTORE, fileExtension); String keystorePass = String.format("%s.%s", KEYSTORE, PASS_EXT); @@ -70,7 +71,7 @@ public class ConvertedArtifactsCreator implements ArtifactsCreator { } private void createTruststore(List<String> data) - throws PemConversionException, CertFileWriterException { + throws PemConversionException, CertFileWriterException { Password password = passwordGenerator.generate(PASSWORD_LENGTH); String truststoreArtifactName = String.format("%s.%s", TRUSTSTORE, fileExtension); String truststorePass = String.format("%s.%s", TRUSTSTORE, PASS_EXT); diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorFactory.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorFactory.java index 5a37482a..586e2952 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorFactory.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorFactory.java @@ -23,7 +23,8 @@ import org.onap.aaf.certservice.client.certification.writer.CertFileWriter; public class ConvertedArtifactsCreatorFactory { - private ConvertedArtifactsCreatorFactory() { } + private ConvertedArtifactsCreatorFactory() { + } public static ConvertedArtifactsCreator createConverter(String destPath, String fileExtension, String keyStoreType) { return new ConvertedArtifactsCreator( diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java index 9275817d..6ea1a219 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java @@ -17,7 +17,6 @@ * ============LICENSE_END========================================================= */ - package org.onap.aaf.certservice.client.certification.conversion; class Password { diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemArtifactsCreator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemArtifactsCreator.java index 7a4cbfa9..4bec222f 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemArtifactsCreator.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemArtifactsCreator.java @@ -19,8 +19,6 @@ package org.onap.aaf.certservice.client.certification.conversion; -import java.security.PrivateKey; -import java.util.List; import org.onap.aaf.certservice.client.certification.PrivateKeyToPemEncoder; import org.onap.aaf.certservice.client.certification.exception.CertFileWriterException; import org.onap.aaf.certservice.client.certification.exception.PkEncodingException; @@ -28,6 +26,9 @@ import org.onap.aaf.certservice.client.certification.writer.CertFileWriter; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.security.PrivateKey; +import java.util.List; + public class PemArtifactsCreator implements ArtifactsCreator { private static final Logger LOGGER = LoggerFactory.getLogger(PemArtifactsCreator.class); @@ -45,7 +46,7 @@ public class PemArtifactsCreator implements ArtifactsCreator { @Override public void create(List<String> keystoreData, List<String> truststoreData, PrivateKey privateKey) - throws PkEncodingException, CertFileWriterException { + throws PkEncodingException, CertFileWriterException { LOGGER.debug("Attempt to create PEM private key file and saving data. File name: {}", KEY_PEM); writer.saveData(pkEncoder.encodePrivateKeyToPem(privateKey).getBytes(), KEY_PEM); diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemConverter.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemConverter.java index 083e4bcf..5e82c177 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemConverter.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemConverter.java @@ -19,6 +19,14 @@ package org.onap.aaf.certservice.client.certification.conversion; +import org.bouncycastle.cert.X509CertificateHolder; +import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.openssl.PEMParser; +import org.onap.aaf.certservice.client.certification.exception.PemConversionException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.StringReader; @@ -31,19 +39,12 @@ import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.util.List; import java.util.Optional; -import org.bouncycastle.cert.X509CertificateHolder; -import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.bouncycastle.openssl.PEMParser; -import org.onap.aaf.certservice.client.certification.exception.PemConversionException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; class PemConverter { private static final Logger LOGGER = LoggerFactory.getLogger(PemConverter.class); private static final String PASSWORD_ERROR_MSG = "Password should be min. 16 chars long and should contain only alphanumeric characters and special characters like Underscore (_), Dollar ($) and Pound (#)"; - private final LoadStoreParameter EMPTY_KEYSTORE_CONFIGURATION = null; + private static final LoadStoreParameter EMPTY_KEYSTORE_CONFIGURATION = null; private final String keyStoreType; public PemConverter(String keyStoreType) { @@ -51,19 +52,19 @@ class PemConverter { } byte[] convertKeystore(List<String> certificateChain, Password password, String alias, PrivateKey privateKey) - throws PemConversionException { + throws PemConversionException { LOGGER.info("Conversion of PEM certificates to " + keyStoreType + " keystore"); return convert(certificateChain, password, certs -> getKeyStore(alias, password, certs, privateKey)); } byte[] convertTruststore(List<String> trustAnchors, Password password, String alias) - throws PemConversionException { + throws PemConversionException { LOGGER.info("Conversion of PEM certificates to " + keyStoreType + " truststore"); return convert(trustAnchors, password, certs -> getTrustStore(alias, certs)); } private byte[] convert(List<String> certificates, Password password, StoreEntryOperation operation) - throws PemConversionException { + throws PemConversionException { checkPassword(password); final Certificate[] X509Certificates = convertToCertificateArray(certificates); return getKeyStoreBytes(password, operation, X509Certificates); @@ -77,7 +78,7 @@ class PemConverter { } private byte[] getKeyStoreBytes(Password password, StoreEntryOperation op, Certificate[] x509Certificates) - throws PemConversionException { + throws PemConversionException { try (ByteArrayOutputStream bos = new ByteArrayOutputStream()) { KeyStore ks = op.getStore(x509Certificates); ks.store(bos, password.toCharArray()); @@ -89,31 +90,31 @@ class PemConverter { } private KeyStore getKeyStore(String alias, Password password, Certificate[] certificates, PrivateKey privateKey) - throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { + throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { KeyStore ks = getKeyStoreInstance(); ks.setKeyEntry(alias, privateKey, password.toCharArray(), certificates); return ks; } private KeyStore getTrustStore(String alias, Certificate[] certificates) - throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { + throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { KeyStore ks = getKeyStoreInstance(); - long i = 1L; + long index = 1L; for (Certificate c : certificates) { - ks.setCertificateEntry(alias + i++, c); + ks.setCertificateEntry(alias + index++, c); } return ks; } private KeyStore getKeyStoreInstance() - throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { + throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { KeyStore ks = KeyStore.getInstance(keyStoreType); ks.load(EMPTY_KEYSTORE_CONFIGURATION); return ks; } private Certificate[] convertToCertificateArray(List<String> certificates) - throws PemConversionException { + throws PemConversionException { Certificate[] parsedCertificates = new Certificate[certificates.size()]; for (String certificate : certificates) { parsedCertificates[certificates.indexOf(certificate)] = parseCertificate(certificate); @@ -124,11 +125,11 @@ class PemConverter { private Certificate parseCertificate(String certificate) throws PemConversionException { try (PEMParser pem = new PEMParser(new StringReader(certificate))) { X509CertificateHolder certHolder = Optional.ofNullable((X509CertificateHolder) pem.readObject()) - .orElseThrow( - () -> new PemConversionException("The certificate couldn't be parsed correctly. " + certificate)); + .orElseThrow( + () -> new PemConversionException("The certificate couldn't be parsed correctly. " + certificate)); return new JcaX509CertificateConverter() - .setProvider(new BouncyCastleProvider()) - .getCertificate(certHolder); + .setProvider(new BouncyCastleProvider()) + .getCertificate(certHolder); } catch (IOException | CertificateException e) { LOGGER.error("Certificates conversion failed, exception message: {}", e.getMessage()); throw new PemConversionException(e); diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java index 6515ea54..8ad85d2c 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java @@ -19,10 +19,10 @@ package org.onap.aaf.certservice.client.certification.conversion; -import java.security.SecureRandom; - import org.apache.commons.lang3.RandomStringUtils; +import java.security.SecureRandom; + class RandomPasswordGenerator { private static final String ALPHA = "abcdefghijklmnopqrstuvwxyz"; diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/StoreEntryOperation.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/StoreEntryOperation.java index 6ee7817b..7a41d1fe 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/StoreEntryOperation.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/StoreEntryOperation.java @@ -30,5 +30,5 @@ import java.security.cert.CertificateException; public interface StoreEntryOperation { KeyStore getStore(Certificate[] certificates) - throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException; + throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException; } |