diff options
Diffstat (limited to 'certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification')
16 files changed, 67 insertions, 56 deletions
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/ArtifactsCreatorProvider.java index d3d8a11b..06a4cc6e 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreatorProvider.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/ArtifactsCreatorProvider.java @@ -16,9 +16,12 @@ * limitations under the License. * ============LICENSE_END========================================================= */ -package org.onap.aaf.certservice.client.certification.conversion; -import org.onap.aaf.certservice.client.certification.PrivateKeyToPemEncoder; +package org.onap.aaf.certservice.client.certification; + +import org.onap.aaf.certservice.client.certification.conversion.ArtifactsCreator; +import org.onap.aaf.certservice.client.certification.conversion.ConvertedArtifactsCreatorFactory; +import org.onap.aaf.certservice.client.certification.conversion.PemArtifactsCreator; import org.onap.aaf.certservice.client.certification.writer.CertFileWriter; public enum ArtifactsCreatorProvider { @@ -34,18 +37,20 @@ public enum ArtifactsCreatorProvider { return ConvertedArtifactsCreatorFactory.createConverter(destPath, getExtension(), getKeyStoreType()); } }, - PEM("PEM"){ + PEM("PEM") { @Override ArtifactsCreator create(String destPath) { return new PemArtifactsCreator(new CertFileWriter(destPath), new PrivateKeyToPemEncoder()); } }; + private final String keyStoreType; + ArtifactsCreatorProvider(String keyStoreType) { this.keyStoreType = keyStoreType; } - public static ArtifactsCreator getCreator(String outputType, String destPath) { + public static ArtifactsCreator get(String outputType, String destPath) { return valueOf(outputType).create(destPath); } diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/CsrFactory.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/CsrFactory.java index a7fb3f35..e381a8ce 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/CsrFactory.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/CsrFactory.java @@ -31,7 +31,6 @@ import org.bouncycastle.operator.OperatorCreationException; import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; import org.bouncycastle.pkcs.PKCS10CertificationRequest; import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder; - import org.onap.aaf.certservice.client.certification.exception.CsrGenerationException; import org.onap.aaf.certservice.client.configuration.model.CsrConfiguration; import org.slf4j.Logger; diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/EncryptionAlgorithmConstants.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/EncryptionAlgorithmConstants.java index 96b3650c..63ede568 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/EncryptionAlgorithmConstants.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/EncryptionAlgorithmConstants.java @@ -21,7 +21,8 @@ package org.onap.aaf.certservice.client.certification; public final class EncryptionAlgorithmConstants { - private EncryptionAlgorithmConstants() {} + private EncryptionAlgorithmConstants() { + } public static final String RSA_ENCRYPTION_ALGORITHM = "RSA"; public static final String SIGN_ALGORITHM = "SHA1withRSA"; diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/KeyPairFactory.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/KeyPairFactory.java index e7d63e2f..e997cd0d 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/KeyPairFactory.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/KeyPairFactory.java @@ -16,6 +16,7 @@ * limitations under the License. * ============LICENSE_END========================================================= */ + package org.onap.aaf.certservice.client.certification; import org.onap.aaf.certservice.client.certification.exception.KeyPairGenerationException; diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/PrivateKeyToPemEncoder.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/PrivateKeyToPemEncoder.java index 7391b119..fa6485e5 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/PrivateKeyToPemEncoder.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/PrivateKeyToPemEncoder.java @@ -21,17 +21,16 @@ package org.onap.aaf.certservice.client.certification; - -import java.io.IOException; -import java.io.StringWriter; -import java.security.PrivateKey; - import org.bouncycastle.openssl.jcajce.JcaPEMWriter; import org.bouncycastle.util.io.pem.PemObject; import org.onap.aaf.certservice.client.certification.exception.PkEncodingException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.io.IOException; +import java.io.StringWriter; +import java.security.PrivateKey; + public class PrivateKeyToPemEncoder { private static final Logger LOGGER = LoggerFactory.getLogger(PrivateKeyToPemEncoder.class); diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreator.java index 8907c481..428b85aa 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreator.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ArtifactsCreator.java @@ -16,6 +16,7 @@ * limitations under the License. * ============LICENSE_END========================================================= */ + package org.onap.aaf.certservice.client.certification.conversion; import org.onap.aaf.certservice.client.api.ExitableException; @@ -24,6 +25,6 @@ import java.security.PrivateKey; import java.util.List; public interface ArtifactsCreator { - void create(List<String> keystoreData, List<String> truststoreData, PrivateKey privateKey) + void create(List<String> keystoreData, List<String> truststoreData, PrivateKey privateKey) throws ExitableException; } diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreator.java index 4e300074..0ecee793 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreator.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreator.java @@ -19,14 +19,15 @@ package org.onap.aaf.certservice.client.certification.conversion; -import java.security.PrivateKey; -import java.util.List; import org.onap.aaf.certservice.client.certification.exception.CertFileWriterException; import org.onap.aaf.certservice.client.certification.exception.PemConversionException; import org.onap.aaf.certservice.client.certification.writer.CertFileWriter; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.security.PrivateKey; +import java.util.List; + public class ConvertedArtifactsCreator implements ArtifactsCreator { private static final Logger LOGGER = LoggerFactory.getLogger(ConvertedArtifactsCreator.class); @@ -42,8 +43,8 @@ public class ConvertedArtifactsCreator implements ArtifactsCreator { private final PemConverter converter; private final CertFileWriter fileWriter; - public ConvertedArtifactsCreator(CertFileWriter fileWriter, RandomPasswordGenerator passwordGenerator, - PemConverter converter, String fileExtension) { + ConvertedArtifactsCreator(CertFileWriter fileWriter, RandomPasswordGenerator passwordGenerator, + PemConverter converter, String fileExtension) { this.passwordGenerator = passwordGenerator; this.converter = converter; this.fileWriter = fileWriter; @@ -52,13 +53,13 @@ public class ConvertedArtifactsCreator implements ArtifactsCreator { @Override public void create(List<String> keystoreData, List<String> truststoreData, PrivateKey privateKey) - throws PemConversionException, CertFileWriterException { - createKeystore(keystoreData,privateKey); + throws PemConversionException, CertFileWriterException { + createKeystore(keystoreData, privateKey); createTruststore(truststoreData); } private void createKeystore(List<String> data, PrivateKey privateKey) - throws PemConversionException, CertFileWriterException { + throws PemConversionException, CertFileWriterException { Password password = passwordGenerator.generate(PASSWORD_LENGTH); String keystoreArtifactName = String.format("%s.%s", KEYSTORE, fileExtension); String keystorePass = String.format("%s.%s", KEYSTORE, PASS_EXT); @@ -70,7 +71,7 @@ public class ConvertedArtifactsCreator implements ArtifactsCreator { } private void createTruststore(List<String> data) - throws PemConversionException, CertFileWriterException { + throws PemConversionException, CertFileWriterException { Password password = passwordGenerator.generate(PASSWORD_LENGTH); String truststoreArtifactName = String.format("%s.%s", TRUSTSTORE, fileExtension); String truststorePass = String.format("%s.%s", TRUSTSTORE, PASS_EXT); diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorFactory.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorFactory.java index 5a37482a..586e2952 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorFactory.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/ConvertedArtifactsCreatorFactory.java @@ -23,7 +23,8 @@ import org.onap.aaf.certservice.client.certification.writer.CertFileWriter; public class ConvertedArtifactsCreatorFactory { - private ConvertedArtifactsCreatorFactory() { } + private ConvertedArtifactsCreatorFactory() { + } public static ConvertedArtifactsCreator createConverter(String destPath, String fileExtension, String keyStoreType) { return new ConvertedArtifactsCreator( diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java index 9275817d..6ea1a219 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java @@ -17,7 +17,6 @@ * ============LICENSE_END========================================================= */ - package org.onap.aaf.certservice.client.certification.conversion; class Password { diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemArtifactsCreator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemArtifactsCreator.java index 7a4cbfa9..4bec222f 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemArtifactsCreator.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemArtifactsCreator.java @@ -19,8 +19,6 @@ package org.onap.aaf.certservice.client.certification.conversion; -import java.security.PrivateKey; -import java.util.List; import org.onap.aaf.certservice.client.certification.PrivateKeyToPemEncoder; import org.onap.aaf.certservice.client.certification.exception.CertFileWriterException; import org.onap.aaf.certservice.client.certification.exception.PkEncodingException; @@ -28,6 +26,9 @@ import org.onap.aaf.certservice.client.certification.writer.CertFileWriter; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.security.PrivateKey; +import java.util.List; + public class PemArtifactsCreator implements ArtifactsCreator { private static final Logger LOGGER = LoggerFactory.getLogger(PemArtifactsCreator.class); @@ -45,7 +46,7 @@ public class PemArtifactsCreator implements ArtifactsCreator { @Override public void create(List<String> keystoreData, List<String> truststoreData, PrivateKey privateKey) - throws PkEncodingException, CertFileWriterException { + throws PkEncodingException, CertFileWriterException { LOGGER.debug("Attempt to create PEM private key file and saving data. File name: {}", KEY_PEM); writer.saveData(pkEncoder.encodePrivateKeyToPem(privateKey).getBytes(), KEY_PEM); diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemConverter.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemConverter.java index 083e4bcf..5e82c177 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemConverter.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/PemConverter.java @@ -19,6 +19,14 @@ package org.onap.aaf.certservice.client.certification.conversion; +import org.bouncycastle.cert.X509CertificateHolder; +import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.openssl.PEMParser; +import org.onap.aaf.certservice.client.certification.exception.PemConversionException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.StringReader; @@ -31,19 +39,12 @@ import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.util.List; import java.util.Optional; -import org.bouncycastle.cert.X509CertificateHolder; -import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.bouncycastle.openssl.PEMParser; -import org.onap.aaf.certservice.client.certification.exception.PemConversionException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; class PemConverter { private static final Logger LOGGER = LoggerFactory.getLogger(PemConverter.class); private static final String PASSWORD_ERROR_MSG = "Password should be min. 16 chars long and should contain only alphanumeric characters and special characters like Underscore (_), Dollar ($) and Pound (#)"; - private final LoadStoreParameter EMPTY_KEYSTORE_CONFIGURATION = null; + private static final LoadStoreParameter EMPTY_KEYSTORE_CONFIGURATION = null; private final String keyStoreType; public PemConverter(String keyStoreType) { @@ -51,19 +52,19 @@ class PemConverter { } byte[] convertKeystore(List<String> certificateChain, Password password, String alias, PrivateKey privateKey) - throws PemConversionException { + throws PemConversionException { LOGGER.info("Conversion of PEM certificates to " + keyStoreType + " keystore"); return convert(certificateChain, password, certs -> getKeyStore(alias, password, certs, privateKey)); } byte[] convertTruststore(List<String> trustAnchors, Password password, String alias) - throws PemConversionException { + throws PemConversionException { LOGGER.info("Conversion of PEM certificates to " + keyStoreType + " truststore"); return convert(trustAnchors, password, certs -> getTrustStore(alias, certs)); } private byte[] convert(List<String> certificates, Password password, StoreEntryOperation operation) - throws PemConversionException { + throws PemConversionException { checkPassword(password); final Certificate[] X509Certificates = convertToCertificateArray(certificates); return getKeyStoreBytes(password, operation, X509Certificates); @@ -77,7 +78,7 @@ class PemConverter { } private byte[] getKeyStoreBytes(Password password, StoreEntryOperation op, Certificate[] x509Certificates) - throws PemConversionException { + throws PemConversionException { try (ByteArrayOutputStream bos = new ByteArrayOutputStream()) { KeyStore ks = op.getStore(x509Certificates); ks.store(bos, password.toCharArray()); @@ -89,31 +90,31 @@ class PemConverter { } private KeyStore getKeyStore(String alias, Password password, Certificate[] certificates, PrivateKey privateKey) - throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { + throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { KeyStore ks = getKeyStoreInstance(); ks.setKeyEntry(alias, privateKey, password.toCharArray(), certificates); return ks; } private KeyStore getTrustStore(String alias, Certificate[] certificates) - throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { + throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { KeyStore ks = getKeyStoreInstance(); - long i = 1L; + long index = 1L; for (Certificate c : certificates) { - ks.setCertificateEntry(alias + i++, c); + ks.setCertificateEntry(alias + index++, c); } return ks; } private KeyStore getKeyStoreInstance() - throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { + throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { KeyStore ks = KeyStore.getInstance(keyStoreType); ks.load(EMPTY_KEYSTORE_CONFIGURATION); return ks; } private Certificate[] convertToCertificateArray(List<String> certificates) - throws PemConversionException { + throws PemConversionException { Certificate[] parsedCertificates = new Certificate[certificates.size()]; for (String certificate : certificates) { parsedCertificates[certificates.indexOf(certificate)] = parseCertificate(certificate); @@ -124,11 +125,11 @@ class PemConverter { private Certificate parseCertificate(String certificate) throws PemConversionException { try (PEMParser pem = new PEMParser(new StringReader(certificate))) { X509CertificateHolder certHolder = Optional.ofNullable((X509CertificateHolder) pem.readObject()) - .orElseThrow( - () -> new PemConversionException("The certificate couldn't be parsed correctly. " + certificate)); + .orElseThrow( + () -> new PemConversionException("The certificate couldn't be parsed correctly. " + certificate)); return new JcaX509CertificateConverter() - .setProvider(new BouncyCastleProvider()) - .getCertificate(certHolder); + .setProvider(new BouncyCastleProvider()) + .getCertificate(certHolder); } catch (IOException | CertificateException e) { LOGGER.error("Certificates conversion failed, exception message: {}", e.getMessage()); throw new PemConversionException(e); diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java index 6515ea54..8ad85d2c 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java @@ -19,10 +19,10 @@ package org.onap.aaf.certservice.client.certification.conversion; -import java.security.SecureRandom; - import org.apache.commons.lang3.RandomStringUtils; +import java.security.SecureRandom; + class RandomPasswordGenerator { private static final String ALPHA = "abcdefghijklmnopqrstuvwxyz"; diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/StoreEntryOperation.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/StoreEntryOperation.java index 6ee7817b..7a41d1fe 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/StoreEntryOperation.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/StoreEntryOperation.java @@ -30,5 +30,5 @@ import java.security.cert.CertificateException; public interface StoreEntryOperation { KeyStore getStore(Certificate[] certificates) - throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException; + throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException; } diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/KeyPairGenerationException.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/KeyPairGenerationException.java index ec6fbb9c..11030ff3 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/KeyPairGenerationException.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/KeyPairGenerationException.java @@ -16,6 +16,7 @@ * limitations under the License. * ============LICENSE_END========================================================= */ + package org.onap.aaf.certservice.client.certification.exception; import org.onap.aaf.certservice.client.api.ExitStatus; diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/PemConversionException.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/PemConversionException.java index 11c448ee..4d1cdaa6 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/PemConversionException.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/exception/PemConversionException.java @@ -28,6 +28,7 @@ public class PemConversionException extends ExitableException { public PemConversionException(Throwable e) { super(e); } + public PemConversionException(String message) { super(message); } diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/writer/CertFileWriter.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/writer/CertFileWriter.java index 400c0b72..2829517c 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/writer/CertFileWriter.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/writer/CertFileWriter.java @@ -19,14 +19,14 @@ package org.onap.aaf.certservice.client.certification.writer; -import java.io.FileOutputStream; -import java.io.IOException; - -import java.nio.file.Path; import org.onap.aaf.certservice.client.certification.exception.CertFileWriterException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.io.FileOutputStream; +import java.io.IOException; +import java.nio.file.Path; + public class CertFileWriter { private static final Logger LOGGER = LoggerFactory.getLogger(CertFileWriter.class); @@ -36,11 +36,11 @@ public class CertFileWriter { this.destPath = destPath; } -public void saveData(byte[] data, String filename) throws CertFileWriterException { + public void saveData(byte[] data, String filename) throws CertFileWriterException { LOGGER.debug("Attempt to save file {} in path {}", filename, destPath); try (FileOutputStream outputStream = new FileOutputStream(Path.of(destPath, filename).toString())) { outputStream.write(data); - } catch (IOException e) { + } catch (IOException e) { LOGGER.error("File creation failed, exception message: {}", e.getMessage()); throw new CertFileWriterException(e); } |