1 /*============LICENSE_START=======================================================
2 * aaf-certservice-client
3 * ================================================================================
4 * Copyright (C) 2020 Nokia. All rights reserved.
5 * ================================================================================
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 * ============LICENSE_END=========================================================
20 package org.onap.aaf.certservice.client.certification.conversion;
22 import java.security.PrivateKey;
23 import java.util.List;
24 import org.onap.aaf.certservice.client.certification.exception.CertFileWriterException;
25 import org.onap.aaf.certservice.client.certification.exception.PemToPKCS12ConverterException;
26 import org.onap.aaf.certservice.client.certification.writer.CertFileWriter;
27 import org.slf4j.Logger;
28 import org.slf4j.LoggerFactory;
30 public class PKCS12ArtifactsCreator implements ArtifactsCreator {
32 private static final Logger LOGGER = LoggerFactory.getLogger(PKCS12ArtifactsCreator.class);
33 private static final String CERTIFICATE_ALIAS = "certificate";
34 private static final String TRUSTED_CERTIFICATE_ALIAS = "trusted-certificate-";
35 private static final int PASSWORD_LENGTH = 24;
36 private static final String KEYSTORE_P12 = "keystore.p12";
37 private static final String KEYSTORE_PASS = "keystore.pass";
38 private static final String TRUSTSTORE_P12 = "truststore.p12";
39 private static final String TRUSTSTORE_PASS = "truststore.pass";
40 private final RandomPasswordGenerator generator;
41 private final PemToPKCS12Converter converter;
42 private final CertFileWriter writer;
44 public PKCS12ArtifactsCreator(CertFileWriter writer, RandomPasswordGenerator generator,
45 PemToPKCS12Converter converter) {
46 this.generator = generator;
47 this.converter = converter;
52 public void create(List<String> keystoreData, List<String> truststoreData, PrivateKey privateKey)
53 throws PemToPKCS12ConverterException, CertFileWriterException {
54 createKeystore(keystoreData,privateKey);
55 createTruststore(truststoreData);
58 private void createKeystore(List<String> data, PrivateKey privateKey)
59 throws PemToPKCS12ConverterException, CertFileWriterException {
60 Password password = generator.generate(PASSWORD_LENGTH);
62 LOGGER.debug("Attempt to create PKCS12 keystore files and saving data. File names: {}, {}", KEYSTORE_P12, KEYSTORE_PASS);
64 writer.saveData(converter.convertKeystore(data, password, CERTIFICATE_ALIAS, privateKey), KEYSTORE_P12);
65 writer.saveData(getPasswordAsBytes(password), KEYSTORE_PASS);
68 private void createTruststore(List<String> data)
69 throws PemToPKCS12ConverterException, CertFileWriterException {
70 Password password = generator.generate(PASSWORD_LENGTH);
72 LOGGER.debug("Attempt to create PKCS12 truststore files and saving data. File names: {}, {}", TRUSTSTORE_P12, TRUSTSTORE_PASS);
74 writer.saveData(converter.convertTruststore(data, password, TRUSTED_CERTIFICATE_ALIAS), TRUSTSTORE_P12);
75 writer.saveData(getPasswordAsBytes(password), TRUSTSTORE_PASS);
78 private byte[] getPasswordAsBytes(Password password) {
79 return password.getCurrentPassword().getBytes();