From ce4f24d8bc667654f6426aa374e280a28576318c Mon Sep 17 00:00:00 2001 From: Michal Banka Date: Fri, 20 Mar 2020 13:18:50 +0100 Subject: Removed dependency to cmpv2client adapter Signed-off-by: Michal Banka Change-Id: I14aea91ee910354e898ea1e011a2ff27df54e93c Issue-ID: AAF-1107 --- .../adapter/CertificateFactoryProvider.java | 42 ----------- .../certification/adapter/Cmpv2ClientAdapter.java | 85 ---------------------- .../adapter/RsaContentSignerBuilder.java | 46 ------------ .../adapter/X509CertificateBuilder.java | 56 -------------- 4 files changed, 229 deletions(-) delete mode 100644 certService/src/main/java/org/onap/aaf/certservice/certification/adapter/CertificateFactoryProvider.java delete mode 100644 certService/src/main/java/org/onap/aaf/certservice/certification/adapter/Cmpv2ClientAdapter.java delete mode 100644 certService/src/main/java/org/onap/aaf/certservice/certification/adapter/RsaContentSignerBuilder.java delete mode 100644 certService/src/main/java/org/onap/aaf/certservice/certification/adapter/X509CertificateBuilder.java (limited to 'certService/src/main/java/org/onap/aaf/certservice/certification/adapter') diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/CertificateFactoryProvider.java b/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/CertificateFactoryProvider.java deleted file mode 100644 index 79f59363..00000000 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/CertificateFactoryProvider.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * Cert Service - * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.aaf.certservice.certification.adapter; - -import java.io.InputStream; -import java.security.NoSuchProviderException; -import java.security.Security; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.springframework.stereotype.Component; - -@Component -public class CertificateFactoryProvider { - - static { - Security.addProvider(new BouncyCastleProvider()); - } - - X509Certificate generateCertificate(InputStream inStream) throws CertificateException, NoSuchProviderException { - return (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(inStream); - } -} diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/Cmpv2ClientAdapter.java b/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/Cmpv2ClientAdapter.java deleted file mode 100644 index 96fe4607..00000000 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/Cmpv2ClientAdapter.java +++ /dev/null @@ -1,85 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * Cert Service - * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.aaf.certservice.certification.adapter; - -import java.io.IOException; -import java.io.StringWriter; -import java.security.cert.X509Certificate; -import java.util.List; -import java.util.stream.Collectors; - -import org.bouncycastle.openssl.jcajce.JcaMiscPEMGenerator; -import org.bouncycastle.util.io.pem.PemObjectGenerator; -import org.bouncycastle.util.io.pem.PemWriter; -import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server; -import org.onap.aaf.certservice.certification.model.CertificationModel; -import org.onap.aaf.certservice.certification.model.CsrModel; -import org.onap.aaf.certservice.cmpv2client.api.CmpClient; -import org.onap.aaf.certservice.cmpv2client.exceptions.CmpClientException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; - -@Component -public class Cmpv2ClientAdapter { - - private static final Logger LOGGER = LoggerFactory.getLogger(Cmpv2ClientAdapter.class); - - private final CmpClient cmpClient; - - @Autowired - public Cmpv2ClientAdapter(CmpClient cmpClient) { - this.cmpClient = cmpClient; - } - - /** - * Uses CmpClient to call to Cmp Server and gather certificates data - * - * @param csrModel Certificate Signing Request from Service external API - * @param server Cmp Server configuration from cmpServers.json - * @return container for returned certificates - * @throws CmpClientException Exceptions which comes from Cmp Client - */ - public CertificationModel callCmpClient(CsrModel csrModel, Cmpv2Server server) - throws CmpClientException { - List> certificates = cmpClient.createCertificate(csrModel, server); - return new CertificationModel(convertFromX509CertificateListToPemList(certificates.get(0)), - convertFromX509CertificateListToPemList(certificates.get(1))); - } - - private String convertFromX509CertificateToPem(X509Certificate certificate) { - StringWriter sw = new StringWriter(); - try (PemWriter pw = new PemWriter(sw)) { - PemObjectGenerator gen = new JcaMiscPEMGenerator(certificate); - pw.writeObject(gen); - } catch (IOException e) { - LOGGER.error("Exception occurred during convert of X509 certificate", e); - } - return sw.toString(); - } - - private List convertFromX509CertificateListToPemList(List certificates) { - return certificates.stream().map(this::convertFromX509CertificateToPem).filter(cert -> !cert.isEmpty()) - .collect(Collectors.toList()); - } - -} diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/RsaContentSignerBuilder.java b/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/RsaContentSignerBuilder.java deleted file mode 100644 index bda89235..00000000 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/RsaContentSignerBuilder.java +++ /dev/null @@ -1,46 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * Cert Service - * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.aaf.certservice.certification.adapter; - -import java.io.IOException; -import java.security.PrivateKey; -import org.bouncycastle.asn1.x509.AlgorithmIdentifier; -import org.bouncycastle.crypto.util.PrivateKeyFactory; -import org.bouncycastle.operator.ContentSigner; -import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder; -import org.bouncycastle.operator.OperatorCreationException; -import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; -import org.bouncycastle.pkcs.PKCS10CertificationRequest; -import org.springframework.stereotype.Component; - -@Component -public class RsaContentSignerBuilder { - - ContentSigner build(PKCS10CertificationRequest csr, PrivateKey privateKey) - throws IOException, OperatorCreationException { - AlgorithmIdentifier sigAlgId = csr.getSignatureAlgorithm(); - AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId); - - return new BcRSAContentSignerBuilder(sigAlgId, digAlgId) - .build(PrivateKeyFactory.createKey(privateKey.getEncoded())); - } - -} diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/X509CertificateBuilder.java b/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/X509CertificateBuilder.java deleted file mode 100644 index f96cec8e..00000000 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/adapter/X509CertificateBuilder.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * Cert Service - * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.aaf.certservice.certification.adapter; - -import java.io.IOException; -import java.math.BigInteger; -import java.security.SecureRandom; -import java.time.LocalDateTime; -import java.time.ZoneOffset; -import java.util.Date; -import org.bouncycastle.asn1.ASN1Sequence; -import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; -import org.bouncycastle.cert.X509v3CertificateBuilder; -import org.bouncycastle.pkcs.PKCS10CertificationRequest; -import org.springframework.stereotype.Component; - -@Component -public class X509CertificateBuilder { - - private static final int SECURE_NEXT_BYTES = 16; - private static final int VALID_PERIOD_IN_DAYS = 365; - - X509v3CertificateBuilder build(PKCS10CertificationRequest csr) throws IOException { - return new X509v3CertificateBuilder(csr.getSubject(), createSerial(), - Date.from(LocalDateTime.now().toInstant(ZoneOffset.UTC)), - Date.from(LocalDateTime.now().plusDays(VALID_PERIOD_IN_DAYS).toInstant(ZoneOffset.UTC)), - new PKCS10CertificationRequest(csr.getEncoded()).getSubject(), - SubjectPublicKeyInfo.getInstance(ASN1Sequence.getInstance(csr.getSubjectPublicKeyInfo().getEncoded()))); - - } - - private BigInteger createSerial() { - byte[] serial = new byte[SECURE_NEXT_BYTES]; - new SecureRandom().nextBytes(serial); - return new BigInteger(serial).abs(); - } - -} -- cgit 1.2.3-korg