/*-
* ============LICENSE_START=======================================================
* Copyright (C) 2020 Nordix Foundation.
- * ================================================================================
- * Modification copyright 2021 Nokia
+ * Copyright (C) 2021 Nokia.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
package org.onap.oom.certservice.cmpv2client.validation;
-import static org.onap.oom.certservice.cmpv2client.impl.CmpResponseValidationHelper.checkImplicitConfirm;
-import static org.onap.oom.certservice.cmpv2client.impl.CmpResponseValidationHelper.verifyPasswordBasedProtection;
-import static org.onap.oom.certservice.cmpv2client.impl.CmpResponseValidationHelper.verifySignature;
-import java.security.PublicKey;
-import java.util.Date;
-import java.util.Objects;
-import java.util.Optional;
import org.apache.http.impl.client.CloseableHttpClient;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.cmp.CertResponse;
import org.bouncycastle.asn1.cmp.PKIHeader;
import org.bouncycastle.asn1.cmp.PKIMessage;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.onap.oom.certservice.certification.configuration.model.CaMode;
import org.onap.oom.certservice.certification.configuration.model.Cmpv2Server;
import org.onap.oom.certservice.certification.model.CsrModel;
import org.onap.oom.certservice.cmpv2client.exceptions.CmpClientException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import java.security.PublicKey;
+import java.util.Date;
+import java.util.Objects;
+import java.util.Optional;
+
+import static org.onap.oom.certservice.cmpv2client.validation.CmpResponseValidationHelper.checkImplicitConfirm;
+import static org.onap.oom.certservice.cmpv2client.validation.CmpResponseValidationHelper.verifyPasswordBasedProtection;
+import static org.onap.oom.certservice.cmpv2client.validation.CmpResponseValidationHelper.verifySignature;
+
public class CmpCertificationValidator {
private static final String DEFAULT_CA_NAME = "Certification Authority";
- private static final String DEFAULT_PROFILE = CaMode.RA.getProfile();
private static final ASN1ObjectIdentifier PASSWORD_BASED_MAC = new ASN1ObjectIdentifier("1.2.840.113533.7.66.13");
private static final Logger LOG = LoggerFactory.getLogger(CmpCertificationValidator.class);
final Date notAfter) {
String caName = CmpUtil.isNullOrEmpty(server.getCaName()) ? server.getCaName() : DEFAULT_CA_NAME;
- String profile = server.getCaMode() != null ? server.getCaMode().getProfile() : DEFAULT_PROFILE;
LOG.info(
- "Validate before creating Certificate Request for CA :{} in Mode {} ", caName, profile);
+ "Validate before creating Certificate Request for CA: {}", caName);
CmpUtil.notNull(csrModel, "CsrModel Instance");
CmpUtil.notNull(csrModel.getSubjectData(), "Subject DN");
if (notBefore != null && notAfter != null && notBefore.compareTo(notAfter) > 0) {
throw new IllegalArgumentException("Before Date is set after the After Date");
}
+ LOG.info("Validation completed successfully.");
}
public void checkCmpResponse(final PKIMessage respPkiMessage, final PublicKey publicKey, final String initAuthPassword)
}
private void logServerResponse(CertResponse certResponse) {
- if (LOG.isInfoEnabled()) {
- LOG.info("Response status code: {}", certResponse.getStatus().getStatus());
- }
+ LOG.info("Response status code: {}", certResponse.getStatus().getStatus());
if (certResponse.getStatus().getStatusString() != null) {
String serverMessage = certResponse.getStatus().getStatusString().getStringAt(0).getString();
LOG.warn("Response status text: {}", serverMessage);
Code Review / oom / platform / cert-service.git / blobdiff