/*
* ============LICENSE_START=======================================================
- * PROJECT
+ * Cert Service
* ================================================================================
- * Copyright (C) 2020 Nokia. All rights reserved.
+ * Copyright (C) 2020-2021 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.onap.oom.certservice.certification.CertificationModelFactory;
+import org.onap.oom.certservice.certification.exception.CertificateDecryptionException;
import org.onap.oom.certservice.certification.exception.DecryptionException;
import org.onap.oom.certservice.certification.exception.ErrorResponseModel;
+import org.onap.oom.certservice.certification.model.CertificateUpdateModel;
import org.onap.oom.certservice.certification.model.CertificationModel;
import org.onap.oom.certservice.cmpv2client.exceptions.CmpClientException;
import org.slf4j.Logger;
@Parameter(description = "Private key in form of PEM object encoded in Base64 (with header and footer).")
@RequestHeader("PK") String encodedPrivateKey
) throws DecryptionException, CmpClientException {
- caName = caName.replaceAll("[\n|\r|\t]", "_");
+ caName = replaceWhiteSpaceChars(caName);
LOGGER.info("Received certificate signing request for CA named: {}", caName);
CertificationModel certificationModel = certificationModelFactory
.createCertificationModel(encodedCsr, encodedPrivateKey, caName);
return new ResponseEntity<>(certificationModel, HttpStatus.OK);
}
+ /**
+ * Request for updating certificate by given CA.
+ *
+ * @param caName the name of Certification Authority that will sign root certificate
+ * @param encodedCsr Certificate Sign Request encoded in Base64 form
+ * @param encodedPrivateKey Private key for CSR, needed for PoP, encoded in Base64 form
+ * @param encodedOldCert Certificate (signed by Certification Authority) that should be renewed
+ * @param encodedOldPrivateKey Old private key corresponding with old certificate
+ * @return JSON containing trusted certificates and certificate chain
+ */
+ @GetMapping(value = "v1/certificate-update/{caName}", produces = "application/json")
+ public ResponseEntity<CertificationModel> updateCertificate(
+ @PathVariable String caName,
+ @RequestHeader("CSR") String encodedCsr,
+ @RequestHeader("PK") String encodedPrivateKey,
+ @RequestHeader("OLD_CERT") String encodedOldCert,
+ @RequestHeader("OLD_PK") String encodedOldPrivateKey
+ ) throws DecryptionException, CmpClientException, CertificateDecryptionException {
+ caName = replaceWhiteSpaceChars(caName);
+ LOGGER.info("Received certificate update request for CA named: {}", caName);
+ CertificateUpdateModel certificateUpdateModel = new CertificateUpdateModel.CertificateUpdateModelBuilder()
+ .setEncodedCsr(encodedCsr)
+ .setEncodedPrivateKey(encodedPrivateKey)
+ .setEncodedOldCert(encodedOldCert)
+ .setEncodedOldPrivateKey(encodedOldPrivateKey)
+ .setCaName(caName)
+ .build();
+ CertificationModel certificationModel = certificationModelFactory
+ .createCertificationModel(certificateUpdateModel);
+ return new ResponseEntity<>(certificationModel, HttpStatus.OK);
+ }
+
+ private String replaceWhiteSpaceChars(String text) {
+ return text.replaceAll("[\n\r\t]", "_");
+ }
}