6 Internal HTTP Client connection problem
7 Fail in PKCS12 conversion
8 Fail in Private Key to PEM Encoding
-```
public class CsrFactory {
- private final Logger LOGGER = LoggerFactory.getLogger(CsrFactory.class);
+ private static final Logger LOGGER = LoggerFactory.getLogger(CsrFactory.class);
private static final String SANS_DELIMITER = ":";
private final CsrConfiguration configuration;
public String createCsrInPem(KeyPair keyPair) throws CsrGenerationException {
- PKCS10CertificationRequest request;
+ LOGGER.info("Creation of CSR has been started with following parameters: {}", configuration.toString());
String csrParameters = getMandatoryParameters().append(getOptionalParameters()).toString();
X500Principal subject = new X500Principal(csrParameters);
- request = createPKCS10Csr(subject, keyPair);
- return convertPKC10CsrToPem(request);
- }
+ PKCS10CertificationRequest request = createPKCS10Csr(subject, keyPair);
+ LOGGER.info("Creation of CSR has been completed successfully");
+ return convertPKCS10CsrToPem(request);
+ }
private StringBuilder getMandatoryParameters() {
return new StringBuilder(String.format("%s=%s, %s=%s, %s=%s, %s=%s",
return contentSigner;
}
- private String convertPKC10CsrToPem(PKCS10CertificationRequest request) throws CsrGenerationException {
+ private String convertPKCS10CsrToPem(PKCS10CertificationRequest request) throws CsrGenerationException {
final StringWriter stringWriter = new StringWriter();
try (JcaPEMWriter pemWriter = new JcaPEMWriter(stringWriter)) {
+ LOGGER.info("Conversion of CSR to PEM has been started");
pemWriter.writeObject(request);
} catch (IOException e) {
LOGGER.error("Conversion to PEM failed, exception message: {}", e.getMessage());
public KeyPair create() throws KeyPairGenerationException {
try {
+ LOGGER.info("KeyPair generation started with algorithm: {} and key size: {}", encryptionAlgorithm, keySize);
return createKeyPairGenerator().generateKeyPair();
} catch (NoSuchAlgorithmException e) {
LOGGER.error("Generation of KeyPair failed, exception message: {}" , e.getMessage());
public class PrivateKeyToPemEncoder {
- public static final String PEM_OBJECT_TYPE = "RSA PRIVATE KEY";
- private final Logger LOGGER = LoggerFactory.getLogger(PrivateKeyToPemEncoder.class);
+ private static final Logger LOGGER = LoggerFactory.getLogger(PrivateKeyToPemEncoder.class);
+ private static final String PEM_OBJECT_TYPE = "RSA PRIVATE KEY";
public String encodePrivateKeyToPem(PrivateKey pk) throws PkEncodingException {
- LOGGER.info("Encoding PrivateKey to PEM");
+ LOGGER.info("Attempt to encode private key to PEM");
StringWriter stringWriter = new StringWriter();
try (JcaPEMWriter pemWriter = new JcaPEMWriter(stringWriter)) {
pemWriter.writeObject(new PemObject(PEM_OBJECT_TYPE, pk.getEncoded()));
class PKCS12FilesCreator {
+ private static final Logger LOGGER = LoggerFactory.getLogger(PKCS12FilesCreator.class);
private static final String KEYSTORE_JKS = "keystore.jks";
private static final String KEYSTORE_PASS = "keystore.pass";
private static final String TRUSTSTORE_JKS = "truststore.jks";
private final String keystorePassPath;
private final String truststoreJksPath;
private final String truststorePassPath;
- private final Logger LOGGER = LoggerFactory.getLogger(PKCS12FilesCreator.class);
PKCS12FilesCreator(String path) {
}
void saveKeystoreData(byte[] keystoreData, String keystorePassword) throws PemToPKCS12ConverterException {
- LOGGER.debug("Creating PKCS12 keystore files and saving data. Keystore path: {}", keystoreJksPath);
+ LOGGER.debug("Attempt to create PKCS12 keystore files and saving data. Keystore path: {}", keystoreJksPath);
saveDataToLocation(keystoreData, keystoreJksPath);
saveDataToLocation(keystorePassword.getBytes(), keystorePassPath);
void saveTruststoreData(byte[] truststoreData, String truststorePassword)
throws PemToPKCS12ConverterException {
- LOGGER.debug("Creating PKCS12 truststore files and saving data. Truststore path: {}", truststoreJksPath);
+ LOGGER.debug("Attempt to create PKCS12 truststore files and saving data. Truststore path: {}", truststoreJksPath);
saveDataToLocation(truststoreData, truststoreJksPath);
saveDataToLocation(truststorePassword.getBytes(), truststorePassPath);
class PemToPKCS12Converter {
- private final static String PKCS12 = "PKCS12";
- private final static String PASSWORD_ERROR_MSG = "Password should be min. 16 chars long and should contain only alphanumeric characters and special characters like Underscore (_), Dollar ($) and Pound (#)";
+ private static final Logger LOGGER = LoggerFactory.getLogger(PemToPKCS12Converter.class);
+ private static final String PKCS12 = "PKCS12";
+ private static final String PASSWORD_ERROR_MSG = "Password should be min. 16 chars long and should contain only alphanumeric characters and special characters like Underscore (_), Dollar ($) and Pound (#)";
private final LoadStoreParameter EMPTY_KEYSTORE_CONFIGURATION = null;
- private final Logger LOGGER = LoggerFactory.getLogger(PemToPKCS12Converter.class);
byte[] convertKeystore(List<String> certificateChain, Password password, String alias, PrivateKey privateKey)
throws PemToPKCS12ConverterException {
- LOGGER.debug("Converting PEM certificates to PKCS12 keystore.");
+ LOGGER.info("Conversion of PEM certificates to PKCS12 keystore");
return convert(certificateChain, password, certs -> getKeyStore(alias, password, certs, privateKey));
}
byte[] convertTruststore(List<String> trustAnchors, Password password, String alias)
throws PemToPKCS12ConverterException {
- LOGGER.debug("Converting PEM certificates to PKCS12 truststore.");
+ LOGGER.info("Conversion of PEM certificates to PKCS12 truststore");
return convert(trustAnchors, password, certs -> getTrustStore(alias, certs));
}
import org.onap.aaf.certservice.client.configuration.EnvsForClient;
import org.onap.aaf.certservice.client.configuration.exception.ClientConfigurationException;
import org.onap.aaf.certservice.client.configuration.model.ClientConfiguration;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
public class ClientConfigurationFactory extends AbstractConfigurationFactory<ClientConfiguration> {
+ private static final Logger LOGGER = LoggerFactory.getLogger(ClientConfigurationFactory.class);
private final EnvsForClient envsForClient;
public ClientConfigurationFactory(EnvsForClient envsForClient) {
.map(configuration::setCaName)
.orElseThrow(() -> new ClientConfigurationException(ClientConfigurationEnvs.CA_NAME + " is invalid."));
+ LOGGER.info("Successful validation of Client configuration. Configuration data: {}", configuration.toString());
+
return configuration;
}
}
import org.onap.aaf.certservice.client.configuration.EnvsForCsr;
import org.onap.aaf.certservice.client.configuration.exception.CsrConfigurationException;
import org.onap.aaf.certservice.client.configuration.model.CsrConfiguration;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
public class CsrConfigurationFactory extends AbstractConfigurationFactory<CsrConfiguration> {
+ private static final Logger LOGGER = LoggerFactory.getLogger(CsrConfigurationFactory.class);
private final EnvsForCsr envsForCsr;
envsForCsr.getSubjectAlternativesName()
.map(configuration::setSubjectAlternativeNames);
+ LOGGER.info("Successful validation of CSR configuration. Configuration data: {}", configuration.toString());
+
return configuration;
}
}
package org.onap.aaf.certservice.client.configuration.model;
+import org.onap.aaf.certservice.client.configuration.ClientConfigurationEnvs;
+
public class ClientConfiguration implements ConfigurationModel {
private static final Integer DEFAULT_TIMEOUT_MS = 30000;
this.caName = caName;
return this;
}
+
+ @Override
+ public String toString() {
+ return String.format("%s: %s, %s: %s, %s: %s, %s: %s",
+ ClientConfigurationEnvs.REQUEST_URL, urlToCertService,
+ ClientConfigurationEnvs.REQUEST_TIMEOUT, requestTimeout,
+ ClientConfigurationEnvs.OUTPUT_PATH, certsOutputPath,
+ ClientConfigurationEnvs.CA_NAME, caName);
+ }
}
package org.onap.aaf.certservice.client.configuration.model;
+import org.onap.aaf.certservice.client.configuration.CsrConfigurationEnvs;
+
public class CsrConfiguration implements ConfigurationModel {
private String commonName;
this.sans = subjectAlternativeNames;
return this;
}
+
+ @Override
+ public String toString() {
+ return String.format("%s: %s, %s: %s, %s: %s, %s: %s, %s: %s, %s: %s, %s: %s",
+ CsrConfigurationEnvs.COMMON_NAME, commonName,
+ CsrConfigurationEnvs.COUNTRY, country,
+ CsrConfigurationEnvs.STATE, state,
+ CsrConfigurationEnvs.ORGANIZATION, organization,
+ CsrConfigurationEnvs.ORGANIZATION_UNIT, organizationUnit,
+ CsrConfigurationEnvs.LOCATION, location,
+ CsrConfigurationEnvs.SANS, sans);
+ }
}
public class HttpClient {
+ private static final Logger LOGGER = LoggerFactory.getLogger(HttpClient.class);
private static final String CSR_HEADER_NAME = "CSR";
private static final String PK_HEADER_NAME = "PK";
private static final String CHARSET_UTF_8 = "UTF-8";
- private final Logger LOGGER = LoggerFactory.getLogger(HttpClient.class);
-
private final Gson gson = new Gson();
private final CloseableHttpClientProvider httpClientProvider;
private final String certServiceAddress;
throws CertServiceApiResponseException, HttpClientException {
try (CloseableHttpClient httpClient = httpClientProvider.getClient()) {
- LOGGER.info("Sending request to API. Url: {}{} ", certServiceAddress, caName);
+ LOGGER.info("Attempt to send request to API, on url: {}{} ", certServiceAddress, caName);
HttpResponse httpResponse = httpClient.execute(createHttpRequest(caName, csr, encodedPk));
LOGGER.info("Received response from API");
return extractCertServiceResponse(httpResponse);