From 2512d60868bf25f91e4aa4b857d4ba373579f0fd Mon Sep 17 00:00:00 2001 From: Tomasz Wrobel Date: Wed, 19 Aug 2020 10:38:43 +0200 Subject: [PATCH] Add Certification merge logic Issue-ID: DCAEGEN2-2253 Signed-off-by: Tomasz Wrobel Change-Id: I4157ce71373b41d9f7ee03b76d407ec7a2b17ec3 --- trustStoreMerger/Dockerfile | 3 + trustStoreMerger/pom.xml | 4 + .../oom/truststoremerger/TrustStoreMerger.java | 45 ++++-- .../truststoremerger/api/CertificateConstants.java | 29 ++++ .../truststoremerger/api/ConfigurationEnvs.java | 4 +- .../onap/oom/truststoremerger/api/ExitStatus.java | 10 +- .../truststoremerger/api/ExitableException.java | 3 +- .../certification/file/TruststoreFileFactory.java | 99 +++++++++++++ .../TruststoreFilesListProvider.java | 21 +-- .../AliasConflictException.java} | 16 +-- .../file/exception/CreateBackupException.java | 30 ++++ .../file/exception/KeystoreInstanceException.java | 30 ++++ .../LoadTruststoreException.java} | 19 +-- .../file/exception/MissingTruststoreException.java | 30 ++++ .../PasswordReaderException.java | 6 +- .../TruststoreDataOperationException.java | 30 ++++ .../TruststoreFileFactoryException.java | 6 +- .../exception/WriteTruststoreFileException.java | 31 ++++ .../certification/file/model/JavaTruststore.java | 58 ++++++++ .../certification/file/model/PemTruststore.java | 58 ++++++++ .../certification/file/model/Truststore.java | 62 ++++++++ .../CertificateController.java} | 19 +-- .../CertificateStoreControllerFactory.java | 61 ++++++++ .../certification/file/provider/FileManager.java | 11 +- .../provider/JavaCertificateStoreController.java | 156 ++++++++++++++++++++ .../file/provider/PasswordReader.java | 3 +- .../file/provider/PemCertificateController.java | 155 ++++++++++++++++++++ .../file/provider/TruststoreFileFactory.java | 84 ----------- .../entry/CertificateWithAlias.java} | 24 ++-- .../entry/CertificateWithAliasFactory.java} | 17 +-- .../file/provider/entry/PemAliasGenerator.java | 42 ++++++ .../certification/path/EnvProvider.java | 7 + .../path/TruststoresPathsProvider.java | 16 +-- .../configuration/MergerConfigurationFactory.java | 8 +- .../file/TestCertificateProvider.java | 157 +++++++++++++++++++++ .../file/model/JavaTruststoreTest.java | 116 +++++++++++++++ .../file/model/PemTruststoreTest.java | 149 +++++++++++++++++++ .../certification/file/model/TruststoreTest.java | 60 ++++++++ .../file/provider/FileManagerTest.java | 11 +- .../JavaCertificateStoreControllerTest.java | 59 ++++++++ .../file/provider/PasswordReaderTest.java | 1 + .../provider/PemCertificateControllerTest.java | 95 +++++++++++++ ...FactoryTest.java => TruststoreFactoryTest.java} | 42 +++--- .../provider/TruststoreFilesListProviderTest.java | 49 +++---- .../file/provider/entry/PemAliasGeneratorTest.java | 58 ++++++++ .../path/TruststoresPathsProviderTest.java | 8 +- .../src/test/resources/empty-truststore.pem | 1 + trustStoreMerger/src/test/resources/keystore.p12 | Bin 0 -> 2873 bytes .../src/test/resources/truststore-jks-uniq.jks | Bin 0 -> 1530 bytes .../test/resources/truststore-with-private-key.pem | 56 ++++++++ 50 files changed, 1815 insertions(+), 244 deletions(-) create mode 100644 trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/CertificateConstants.java create mode 100644 trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/TruststoreFileFactory.java rename trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/{provider => }/TruststoreFilesListProvider.java (61%) rename trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/{TruststoreFileWithPassword.java => exception/AliasConflictException.java} (71%) create mode 100644 trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/CreateBackupException.java create mode 100644 trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/KeystoreInstanceException.java rename trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/{PemTruststore.java => exception/LoadTruststoreException.java} (70%) create mode 100644 trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/MissingTruststoreException.java rename trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/{provider => exception}/PasswordReaderException.java (86%) create mode 100644 trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/TruststoreDataOperationException.java rename trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/{provider => exception}/TruststoreFileFactoryException.java (85%) create mode 100644 trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/WriteTruststoreFileException.java create mode 100644 trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/model/JavaTruststore.java create mode 100644 trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/model/PemTruststore.java create mode 100644 trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/model/Truststore.java rename trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/{TruststoreFile.java => provider/CertificateController.java} (67%) create mode 100644 trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/CertificateStoreControllerFactory.java create mode 100644 trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/JavaCertificateStoreController.java create mode 100644 trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/PemCertificateController.java delete mode 100644 trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFileFactory.java rename trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/{JksTruststore.java => provider/entry/CertificateWithAlias.java} (68%) rename trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/{P12Truststore.java => provider/entry/CertificateWithAliasFactory.java} (69%) create mode 100644 trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/entry/PemAliasGenerator.java create mode 100644 trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/TestCertificateProvider.java create mode 100644 trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/model/JavaTruststoreTest.java create mode 100644 trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/model/PemTruststoreTest.java create mode 100644 trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/model/TruststoreTest.java create mode 100644 trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/JavaCertificateStoreControllerTest.java create mode 100644 trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/PemCertificateControllerTest.java rename trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/{TruststoreFileFactoryTest.java => TruststoreFactoryTest.java} (70%) create mode 100644 trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/entry/PemAliasGeneratorTest.java create mode 100644 trustStoreMerger/src/test/resources/empty-truststore.pem create mode 100644 trustStoreMerger/src/test/resources/keystore.p12 create mode 100644 trustStoreMerger/src/test/resources/truststore-jks-uniq.jks create mode 100644 trustStoreMerger/src/test/resources/truststore-with-private-key.pem diff --git a/trustStoreMerger/Dockerfile b/trustStoreMerger/Dockerfile index 63d15c42..8f0f2481 100644 --- a/trustStoreMerger/Dockerfile +++ b/trustStoreMerger/Dockerfile @@ -10,4 +10,7 @@ USER truststoreMerger:onap COPY target/oom-truststore-merger-${VERSION}.jar ./opt/onap/oom/truststoremerger/oom-truststore-merger.jar +#Run as root allow to manage certificates provided by other containers. It should be change in future +USER root + ENTRYPOINT ["java","-jar","./opt/onap/oom/truststoremerger/oom-truststore-merger.jar"] diff --git a/trustStoreMerger/pom.xml b/trustStoreMerger/pom.xml index 201365ca..fd2aff05 100644 --- a/trustStoreMerger/pom.xml +++ b/trustStoreMerger/pom.xml @@ -165,5 +165,9 @@ org.springframework.boot spring-boot-starter-log4j2 + + org.bouncycastle + bcpkix-jdk15on + diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/TrustStoreMerger.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/TrustStoreMerger.java index 98c67ba8..c8cc84df 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/TrustStoreMerger.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/TrustStoreMerger.java @@ -21,11 +21,12 @@ package org.onap.oom.truststoremerger; import org.onap.oom.truststoremerger.api.ExitStatus; import org.onap.oom.truststoremerger.api.ExitableException; -import org.onap.oom.truststoremerger.certification.file.TruststoreFile; +import org.onap.oom.truststoremerger.certification.file.provider.entry.CertificateWithAlias; +import org.onap.oom.truststoremerger.certification.file.model.Truststore; import org.onap.oom.truststoremerger.certification.file.provider.FileManager; import org.onap.oom.truststoremerger.certification.file.provider.PasswordReader; -import org.onap.oom.truststoremerger.certification.file.provider.TruststoreFileFactory; -import org.onap.oom.truststoremerger.certification.file.provider.TruststoreFilesListProvider; +import org.onap.oom.truststoremerger.certification.file.TruststoreFileFactory; +import org.onap.oom.truststoremerger.certification.file.TruststoreFilesListProvider; import org.onap.oom.truststoremerger.certification.path.EnvProvider; import org.onap.oom.truststoremerger.certification.path.TruststoresPathsProvider; import org.onap.oom.truststoremerger.configuration.MergerConfiguration; @@ -33,9 +34,15 @@ import org.onap.oom.truststoremerger.configuration.MergerConfigurationFactory; import org.onap.oom.truststoremerger.certification.path.PathValidator; import java.util.List; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; class TrustStoreMerger { + private static final Logger LOGGER = LoggerFactory.getLogger(TrustStoreMerger.class); + private static final int FIRST_TRUSTSTORE_INDEX = 0; + private static final int SECOND_TRUSTSTORE_INDEX = 1; + private final AppExitHandler appExitHandler; TrustStoreMerger(AppExitHandler appExitHandler) { @@ -47,28 +54,42 @@ class TrustStoreMerger { mergeTruststores(); appExitHandler.exit(ExitStatus.SUCCESS); } catch (ExitableException e) { + LOGGER.error("Truststore Merger fails in execution: ", e); appExitHandler.exit(e.applicationExitStatus()); } } private void mergeTruststores() throws ExitableException { MergerConfiguration configuration = loadConfiguration(); - List truststoreFilesList = getTruststoreFilesList(configuration); + List truststoreFilesList = getTruststoreFilesList(configuration); + + Truststore baseFile = truststoreFilesList.get(FIRST_TRUSTSTORE_INDEX); + baseFile.createBackup(); + + for (int i = SECOND_TRUSTSTORE_INDEX; i < truststoreFilesList.size(); i++) { + List certificateWrappers = truststoreFilesList.get(i).getCertificates(); + baseFile.addCertificate(certificateWrappers); + } + + baseFile.saveFile(); } private MergerConfiguration loadConfiguration() throws ExitableException { - TruststoresPathsProvider truststoresPathsProvider = new TruststoresPathsProvider(new EnvProvider(), new PathValidator()); + TruststoresPathsProvider truststoresPathsProvider = new TruststoresPathsProvider(new EnvProvider(), + new PathValidator()); MergerConfigurationFactory factory = new MergerConfigurationFactory(truststoresPathsProvider); return factory.createConfiguration(); } - private List getTruststoreFilesList(MergerConfiguration configuration) throws ExitableException { - TruststoreFileFactory truststoreFileFactory = new TruststoreFileFactory(new FileManager(), new PasswordReader()); - TruststoreFilesListProvider truststoreFilesListProvider = new TruststoreFilesListProvider(truststoreFileFactory); + private List getTruststoreFilesList(MergerConfiguration configuration) throws ExitableException { + TruststoreFileFactory truststoreFileFactory = new TruststoreFileFactory(new FileManager(), + new PasswordReader()); + TruststoreFilesListProvider truststoreFilesListProvider = new TruststoreFilesListProvider( + truststoreFileFactory); return truststoreFilesListProvider - .getTruststoreFilesList( - configuration.getTruststoreFilePaths(), - configuration.getTruststoreFilePasswordPaths() - ); + .getTruststoreFilesList( + configuration.getTruststoreFilePaths(), + configuration.getTruststoreFilePasswordPaths() + ); } } diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/CertificateConstants.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/CertificateConstants.java new file mode 100644 index 00000000..68c5d13c --- /dev/null +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/CertificateConstants.java @@ -0,0 +1,29 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.api; + +public class CertificateConstants { + + public static final String JKS_INSTANCE = "JKS"; + public static final String PKCS12_INSTANCE = "PKCS12"; + public static final String X_509_CERTIFICATE = "X.509"; + public static final String BOUNCY_CASTLE_PROVIDER = "BC"; + +} diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/ConfigurationEnvs.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/ConfigurationEnvs.java index 13c8c726..f6f8bbba 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/ConfigurationEnvs.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/ConfigurationEnvs.java @@ -21,6 +21,6 @@ package org.onap.oom.truststoremerger.api; public class ConfigurationEnvs { - public static final String TRUSTSTORES_ENV = "TRUSTSTORES"; - public static final String TRUSTSTORES_PASSWORDS_ENV = "TRUSTSTORES_PASSWORDS"; + public static final String TRUSTSTORES_PATHS_ENV = "TRUSTSTORES_PATHS"; + public static final String TRUSTSTORES_PASSWORDS_PATHS_ENV = "TRUSTSTORES_PASSWORDS_PATHS"; } diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/ExitStatus.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/ExitStatus.java index d0c3b2f0..b9111bf9 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/ExitStatus.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/ExitStatus.java @@ -25,7 +25,15 @@ public enum ExitStatus { TRUSTSTORES_PATHS_PROVIDER_EXCEPTION(1, "Invalid paths in environment variables"), MERGER_CONFIGURATION_EXCEPTION(2, "Invalid merger configuration"), TRUSTSTORE_FILE_FACTORY_EXCEPTION(3, "Invalid truststore file-password pair"), - PASSWORD_READER_EXCEPTION(4, "Cannot read password from file"); + PASSWORD_READER_EXCEPTION(4, "Cannot read password from file"), + CREATE_BACKUP_EXCEPTION(5, "Cannot create backup file"), + KEYSTORE_INSTANCE_EXCEPTION(6, "Cannot initialize keystore instance"), + TRUSTSTORE_LOAD_FILE_EXCEPTION(7, "Cannot load truststore file"), + TRUSTSTORE_DATA_OPERATION_EXCEPTION(8, "Cannot operate on truststore data"), + MISSING_TRUSTSTORE_EXCEPTION(9, "Missing truststore certificates in provided file"), + ALIAS_CONFLICT_EXCEPTION(10, "Alias conflict detected"), + WRITE_TRUSTSTORE_FILE_EXCEPTION(11, "Cannot save truststore file"); + private final int value; private final String message; diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/ExitableException.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/ExitableException.java index 3cc46730..ec28d466 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/ExitableException.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/api/ExitableException.java @@ -35,5 +35,6 @@ public class ExitableException extends Exception { public ExitStatus applicationExitStatus() { return exitStatus; - }; + } + } diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/TruststoreFileFactory.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/TruststoreFileFactory.java new file mode 100644 index 00000000..d93409b6 --- /dev/null +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/TruststoreFileFactory.java @@ -0,0 +1,99 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file; + +import org.onap.oom.truststoremerger.certification.file.model.JavaTruststore; +import org.onap.oom.truststoremerger.certification.file.model.PemTruststore; +import org.onap.oom.truststoremerger.certification.file.model.Truststore; + +import java.io.File; +import org.onap.oom.truststoremerger.certification.file.exception.KeystoreInstanceException; +import org.onap.oom.truststoremerger.certification.file.exception.LoadTruststoreException; +import org.onap.oom.truststoremerger.certification.file.exception.PasswordReaderException; +import org.onap.oom.truststoremerger.certification.file.exception.TruststoreFileFactoryException; +import org.onap.oom.truststoremerger.certification.file.provider.CertificateStoreControllerFactory; +import org.onap.oom.truststoremerger.certification.file.provider.FileManager; +import org.onap.oom.truststoremerger.certification.file.provider.JavaCertificateStoreController; +import org.onap.oom.truststoremerger.certification.file.provider.PasswordReader; +import org.onap.oom.truststoremerger.certification.file.provider.PemCertificateController; + +public class TruststoreFileFactory { + + private static final String JKS_EXTENSION = ".jks"; + private static final String P12_EXTENSION = ".p12"; + private static final String PEM_EXTENSION = ".pem"; + private static final String FILE_DOES_NOT_EXIST_MSG_TEMPLATE = "File: %s does not exist"; + private static final String UNKNOWN_TRUSTSTORE_TYPE_MSG_TEMPLATE = "Unknown truststore extension type: %s"; + + private final FileManager fileManager; + private final PasswordReader passwordReader; + private final CertificateStoreControllerFactory certificateStoreControllerFactory = + new CertificateStoreControllerFactory(); + + public TruststoreFileFactory(FileManager fileManager, PasswordReader passwordReader) { + this.fileManager = fileManager; + this.passwordReader = passwordReader; + } + + public Truststore create(String truststoreFilePath, String truststorePasswordPath) + throws TruststoreFileFactoryException, PasswordReaderException, KeystoreInstanceException, LoadTruststoreException { + File truststoreFile = new File(truststoreFilePath); + if (!fileManager.checkIfFileExists(truststoreFile)) { + throw new TruststoreFileFactoryException(String.format(FILE_DOES_NOT_EXIST_MSG_TEMPLATE, truststoreFile)); + } + return createTypedTruststore(truststoreFile, truststorePasswordPath); + } + + private Truststore createTypedTruststore(File truststoreFile, String truststorePasswordPath) + throws KeystoreInstanceException, PasswordReaderException, LoadTruststoreException, TruststoreFileFactoryException { + String extension = fileManager.getExtension(truststoreFile); + switch (extension) { + case JKS_EXTENSION: + return createJksTruststore(truststoreFile, truststorePasswordPath); + case P12_EXTENSION: + return createP12Truststore(truststoreFile, truststorePasswordPath); + case PEM_EXTENSION: + return createPemTruststore(truststoreFile); + default: + throw new TruststoreFileFactoryException( + String.format(UNKNOWN_TRUSTSTORE_TYPE_MSG_TEMPLATE, extension)); + } + } + + private JavaTruststore createJksTruststore(File truststoreFile, String truststorePasswordPath) + throws PasswordReaderException, LoadTruststoreException, KeystoreInstanceException { + String password = passwordReader.readPassword(new File(truststorePasswordPath)); + JavaCertificateStoreController storeController = certificateStoreControllerFactory + .createLoadedJksCertificateStoreController(truststoreFile, password); + return new JavaTruststore(truststoreFile, storeController); + } + + private JavaTruststore createP12Truststore(File truststoreFile, String truststorePasswordPath) + throws LoadTruststoreException, KeystoreInstanceException, PasswordReaderException { + String password = passwordReader.readPassword(new File(truststorePasswordPath)); + JavaCertificateStoreController storeController = certificateStoreControllerFactory + .createLoadedPkcs12CertificateStoreController(truststoreFile, password); + return new JavaTruststore(truststoreFile, storeController); + } + + private PemTruststore createPemTruststore(File truststoreFile) { + return new PemTruststore(truststoreFile, new PemCertificateController(truststoreFile)); + } +} diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFilesListProvider.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/TruststoreFilesListProvider.java similarity index 61% rename from trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFilesListProvider.java rename to trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/TruststoreFilesListProvider.java index 2f5356d5..92e3c2a8 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFilesListProvider.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/TruststoreFilesListProvider.java @@ -17,13 +17,16 @@ * ============LICENSE_END========================================================= */ -package org.onap.oom.truststoremerger.certification.file.provider; +package org.onap.oom.truststoremerger.certification.file; -import org.onap.oom.truststoremerger.certification.file.TruststoreFile; +import org.onap.oom.truststoremerger.certification.file.model.Truststore; import java.util.ArrayList; -import java.util.Iterator; import java.util.List; +import org.onap.oom.truststoremerger.certification.file.exception.KeystoreInstanceException; +import org.onap.oom.truststoremerger.certification.file.exception.LoadTruststoreException; +import org.onap.oom.truststoremerger.certification.file.exception.PasswordReaderException; +import org.onap.oom.truststoremerger.certification.file.exception.TruststoreFileFactoryException; public class TruststoreFilesListProvider { @@ -33,16 +36,16 @@ public class TruststoreFilesListProvider { this.truststoreFileFactory = truststoreFileFactory; } - public List getTruststoreFilesList(List truststoreFilePaths, - List truststoreFilePasswordPaths) - throws PasswordReaderException, TruststoreFileFactoryException { - List truststoreFilesList = new ArrayList<>(); + public List getTruststoreFilesList(List truststoreFilePaths, + List truststoreFilePasswordPaths) + throws LoadTruststoreException, PasswordReaderException, TruststoreFileFactoryException, KeystoreInstanceException { + List truststoreFilesList = new ArrayList<>(); for (int i = 0; i < truststoreFilePaths.size(); i++) { String truststorePath = truststoreFilePaths.get(i); String passwordPath = truststoreFilePasswordPaths.get(i); - TruststoreFile truststoreFile = truststoreFileFactory.create(truststorePath, passwordPath); - truststoreFilesList.add(truststoreFile); + Truststore truststore = truststoreFileFactory.create(truststorePath, passwordPath); + truststoreFilesList.add(truststore); } return truststoreFilesList; diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/TruststoreFileWithPassword.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/AliasConflictException.java similarity index 71% rename from trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/TruststoreFileWithPassword.java rename to trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/AliasConflictException.java index 484f2d4f..a4102d9f 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/TruststoreFileWithPassword.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/AliasConflictException.java @@ -17,19 +17,15 @@ * ============LICENSE_END========================================================= */ -package org.onap.oom.truststoremerger.certification.file; +package org.onap.oom.truststoremerger.certification.file.exception; -import java.io.File; +import org.onap.oom.truststoremerger.api.ExitStatus; +import org.onap.oom.truststoremerger.api.ExitableException; -public abstract class TruststoreFileWithPassword extends TruststoreFile { - private String password; +public class AliasConflictException extends ExitableException { - TruststoreFileWithPassword(File truststoreFile, String password) { - super(truststoreFile); - this.password = password; + public AliasConflictException(String message) { + super(message, ExitStatus.ALIAS_CONFLICT_EXCEPTION); } - public String getPassword(){ - return password; - }; } diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/CreateBackupException.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/CreateBackupException.java new file mode 100644 index 00000000..a21f7013 --- /dev/null +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/CreateBackupException.java @@ -0,0 +1,30 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.exception; + +import org.onap.oom.truststoremerger.api.ExitStatus; +import org.onap.oom.truststoremerger.api.ExitableException; + +public class CreateBackupException extends ExitableException { + + public CreateBackupException(Exception e) { + super(e, ExitStatus.CREATE_BACKUP_EXCEPTION); + } +} diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/KeystoreInstanceException.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/KeystoreInstanceException.java new file mode 100644 index 00000000..c5bcc3ca --- /dev/null +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/KeystoreInstanceException.java @@ -0,0 +1,30 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.exception; + +import org.onap.oom.truststoremerger.api.ExitStatus; +import org.onap.oom.truststoremerger.api.ExitableException; + +public class KeystoreInstanceException extends ExitableException { + + public KeystoreInstanceException(Throwable e) { + super(e, ExitStatus.KEYSTORE_INSTANCE_EXCEPTION); + } +} diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/PemTruststore.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/LoadTruststoreException.java similarity index 70% rename from trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/PemTruststore.java rename to trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/LoadTruststoreException.java index ca2ac85d..b8bb53fa 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/PemTruststore.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/LoadTruststoreException.java @@ -17,21 +17,14 @@ * ============LICENSE_END========================================================= */ -package org.onap.oom.truststoremerger.certification.file; +package org.onap.oom.truststoremerger.certification.file.exception; -import java.io.File; -import java.security.cert.Certificate; -import java.util.Collections; -import java.util.List; +import org.onap.oom.truststoremerger.api.ExitStatus; +import org.onap.oom.truststoremerger.api.ExitableException; -public class PemTruststore extends TruststoreFile { +public class LoadTruststoreException extends ExitableException { - public PemTruststore(File truststoreFile) { - super(truststoreFile); - } - - @Override - public List getCertificates() { - return Collections.emptyList(); + public LoadTruststoreException(Throwable e) { + super(e, ExitStatus.TRUSTSTORE_LOAD_FILE_EXCEPTION); } } diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/MissingTruststoreException.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/MissingTruststoreException.java new file mode 100644 index 00000000..c502d6b6 --- /dev/null +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/MissingTruststoreException.java @@ -0,0 +1,30 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.exception; + +import org.onap.oom.truststoremerger.api.ExitStatus; +import org.onap.oom.truststoremerger.api.ExitableException; + +public class MissingTruststoreException extends ExitableException { + + public MissingTruststoreException(String message) { + super(message, ExitStatus.MISSING_TRUSTSTORE_EXCEPTION); + } +} diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/PasswordReaderException.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/PasswordReaderException.java similarity index 86% rename from trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/PasswordReaderException.java rename to trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/PasswordReaderException.java index 2928f0c5..d601d229 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/PasswordReaderException.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/PasswordReaderException.java @@ -17,13 +17,13 @@ * ============LICENSE_END========================================================= */ -package org.onap.oom.truststoremerger.certification.file.provider; +package org.onap.oom.truststoremerger.certification.file.exception; import org.onap.oom.truststoremerger.api.ExitStatus; import org.onap.oom.truststoremerger.api.ExitableException; -class PasswordReaderException extends ExitableException { - PasswordReaderException(String message) { +public class PasswordReaderException extends ExitableException { + public PasswordReaderException(String message) { super(message, ExitStatus.PASSWORD_READER_EXCEPTION); } } diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/TruststoreDataOperationException.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/TruststoreDataOperationException.java new file mode 100644 index 00000000..cf848f79 --- /dev/null +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/TruststoreDataOperationException.java @@ -0,0 +1,30 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.exception; + +import org.onap.oom.truststoremerger.api.ExitStatus; +import org.onap.oom.truststoremerger.api.ExitableException; + +public class TruststoreDataOperationException extends ExitableException { + + public TruststoreDataOperationException(Exception e) { + super(e, ExitStatus.TRUSTSTORE_DATA_OPERATION_EXCEPTION); + } +} diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFileFactoryException.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/TruststoreFileFactoryException.java similarity index 85% rename from trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFileFactoryException.java rename to trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/TruststoreFileFactoryException.java index 43342c83..18349fd4 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFileFactoryException.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/TruststoreFileFactoryException.java @@ -17,13 +17,13 @@ * ============LICENSE_END========================================================= */ -package org.onap.oom.truststoremerger.certification.file.provider; +package org.onap.oom.truststoremerger.certification.file.exception; import org.onap.oom.truststoremerger.api.ExitStatus; import org.onap.oom.truststoremerger.api.ExitableException; -class TruststoreFileFactoryException extends ExitableException { - TruststoreFileFactoryException(String message) { +public class TruststoreFileFactoryException extends ExitableException { + public TruststoreFileFactoryException(String message) { super(message, ExitStatus.TRUSTSTORE_FILE_FACTORY_EXCEPTION); } diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/WriteTruststoreFileException.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/WriteTruststoreFileException.java new file mode 100644 index 00000000..a5e02b3c --- /dev/null +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/exception/WriteTruststoreFileException.java @@ -0,0 +1,31 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + + +package org.onap.oom.truststoremerger.certification.file.exception; + +import org.onap.oom.truststoremerger.api.ExitStatus; +import org.onap.oom.truststoremerger.api.ExitableException; + +public class WriteTruststoreFileException extends ExitableException { + + public WriteTruststoreFileException(Exception e) { + super(e, ExitStatus.WRITE_TRUSTSTORE_FILE_EXCEPTION); + } +} diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/model/JavaTruststore.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/model/JavaTruststore.java new file mode 100644 index 00000000..d46fba1e --- /dev/null +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/model/JavaTruststore.java @@ -0,0 +1,58 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.model; + +import java.io.File; +import java.util.List; +import org.onap.oom.truststoremerger.api.ExitableException; +import org.onap.oom.truststoremerger.certification.file.provider.entry.CertificateWithAlias; +import org.onap.oom.truststoremerger.certification.file.exception.WriteTruststoreFileException; +import org.onap.oom.truststoremerger.certification.file.provider.JavaCertificateStoreController; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class JavaTruststore extends Truststore { + + private static final Logger LOGGER = LoggerFactory.getLogger(JavaTruststore.class); + private final JavaCertificateStoreController storeController; + + public JavaTruststore(File truststoreFile, JavaCertificateStoreController storeController) { + super(truststoreFile); + this.storeController = storeController; + } + + @Override + public List getCertificates() throws ExitableException { + LOGGER.debug("Attempt ro read certificates from file: {} ", this.getFile().getPath()); + return storeController.getNotEmptyCertificateList(); + } + + @Override + public void addCertificate(List certificates) throws ExitableException { + LOGGER.debug("Attempt to add certificates for saving to file"); + storeController.addCertificates(certificates); + } + + @Override + public void saveFile() throws WriteTruststoreFileException { + LOGGER.debug("Attempt to save file: {}", this.getFile().getPath()); + storeController.saveFile(); + } +} diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/model/PemTruststore.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/model/PemTruststore.java new file mode 100644 index 00000000..36195267 --- /dev/null +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/model/PemTruststore.java @@ -0,0 +1,58 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.model; + +import java.io.File; +import java.util.List; +import org.onap.oom.truststoremerger.api.ExitableException; +import org.onap.oom.truststoremerger.certification.file.provider.entry.CertificateWithAlias; +import org.onap.oom.truststoremerger.certification.file.provider.PemCertificateController; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class PemTruststore extends Truststore { + + private static final Logger LOGGER = LoggerFactory.getLogger(PemTruststore.class); + private final PemCertificateController pemCertificateController; + + public PemTruststore(File truststoreFile, PemCertificateController pemCertificateController) { + super(truststoreFile); + this.pemCertificateController = pemCertificateController; + } + + @Override + public List getCertificates() throws ExitableException { + LOGGER.debug("Attempt ro read certificates from file: {}", this.getFile().getPath()); + return pemCertificateController.getNotEmptyCertificateList(); + } + + @Override + public void addCertificate(List certificates) throws ExitableException { + LOGGER.debug("Attempt to add certificates for saving to file"); + pemCertificateController.addCertificates(certificates); + } + + @Override + public void saveFile() throws ExitableException { + LOGGER.debug("Attempt to save file: {}", this.getFile().getPath()); + pemCertificateController.saveFile(); + } + +} diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/model/Truststore.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/model/Truststore.java new file mode 100644 index 00000000..153805a7 --- /dev/null +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/model/Truststore.java @@ -0,0 +1,62 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.model; + +import java.io.File; +import java.io.FileOutputStream; +import java.nio.file.Files; +import java.util.List; +import org.onap.oom.truststoremerger.api.ExitableException; +import org.onap.oom.truststoremerger.certification.file.provider.entry.CertificateWithAlias; +import org.onap.oom.truststoremerger.certification.file.exception.CreateBackupException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public abstract class Truststore { + + private static final Logger LOGGER = LoggerFactory.getLogger(Truststore.class); + private static final String BACKUP_EXTENSION = ".bak"; + private final File file; + + Truststore(File file) { + this.file = file; + } + + public abstract List getCertificates() throws ExitableException; + + public abstract void addCertificate(List certificates) throws ExitableException; + + public abstract void saveFile() throws ExitableException; + + public File getFile() { + return file; + } + + public void createBackup() throws CreateBackupException { + LOGGER.debug("Create backup of file: {}", file.getPath()); + String backupFilePath = file.getAbsolutePath() + BACKUP_EXTENSION; + try (FileOutputStream fileOutputStream = new FileOutputStream(backupFilePath)) { + Files.copy(file.toPath(), fileOutputStream); + } catch (Exception e) { + LOGGER.error("Cannot create backup of file: {} ", getFile().getPath()); + throw new CreateBackupException(e); + } + } +} diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/TruststoreFile.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/CertificateController.java similarity index 67% rename from trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/TruststoreFile.java rename to trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/CertificateController.java index 88b1b5a8..f2ed2c45 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/TruststoreFile.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/CertificateController.java @@ -17,22 +17,17 @@ * ============LICENSE_END========================================================= */ -package org.onap.oom.truststoremerger.certification.file; +package org.onap.oom.truststoremerger.certification.file.provider; -import java.io.File; -import java.security.cert.Certificate; import java.util.List; +import org.onap.oom.truststoremerger.api.ExitableException; +import org.onap.oom.truststoremerger.certification.file.provider.entry.CertificateWithAlias; -public abstract class TruststoreFile { - private File truststoreFile; +public interface CertificateController { - TruststoreFile(File truststoreFile) { - this.truststoreFile = truststoreFile; - } + List getNotEmptyCertificateList() throws ExitableException; - public abstract List getCertificates(); + void addCertificates(List certificates) throws ExitableException; - public File getTruststoreFile() { - return truststoreFile; - }; + void saveFile() throws ExitableException; } diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/CertificateStoreControllerFactory.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/CertificateStoreControllerFactory.java new file mode 100644 index 00000000..66e2aed2 --- /dev/null +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/CertificateStoreControllerFactory.java @@ -0,0 +1,61 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.provider; + +import static org.onap.oom.truststoremerger.api.CertificateConstants.JKS_INSTANCE; +import static org.onap.oom.truststoremerger.api.CertificateConstants.PKCS12_INSTANCE; + +import java.io.File; +import java.security.KeyStore; +import java.security.KeyStoreException; +import org.onap.oom.truststoremerger.certification.file.exception.KeystoreInstanceException; +import org.onap.oom.truststoremerger.certification.file.exception.LoadTruststoreException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class CertificateStoreControllerFactory { + + private static final Logger LOGGER = LoggerFactory.getLogger(CertificateStoreControllerFactory.class); + + public JavaCertificateStoreController createLoadedJksCertificateStoreController(File certFile, String certPassword) + throws LoadTruststoreException, KeystoreInstanceException { + return createLoadedCertificateStoreController(certFile, certPassword, JKS_INSTANCE); + } + + public JavaCertificateStoreController createLoadedPkcs12CertificateStoreController(File certFile, String certPassword) + throws KeystoreInstanceException, LoadTruststoreException { + return createLoadedCertificateStoreController(certFile, certPassword, PKCS12_INSTANCE); + } + + private JavaCertificateStoreController createLoadedCertificateStoreController(File certFile, String certPassword, + String instanceType) + throws LoadTruststoreException, KeystoreInstanceException { + try { + JavaCertificateStoreController javaCertificateStoreController = new JavaCertificateStoreController( + KeyStore.getInstance(instanceType), certFile, certPassword); + javaCertificateStoreController.loadFile(); + return javaCertificateStoreController; + } catch (KeyStoreException e) { + LOGGER.error("Cannot initialize Java Keystore instance"); + throw new KeystoreInstanceException(e); + } + } +} + diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/FileManager.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/FileManager.java index 901c13ab..12029ade 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/FileManager.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/FileManager.java @@ -22,17 +22,18 @@ package org.onap.oom.truststoremerger.certification.file.provider; import java.io.File; public class FileManager { - private static final int NOT_FOUND_INDEX=-1; - String getExtension(File file) { + private static final int INDEX_NOT_FOUND = -1; + + public String getExtension(File file) { int extStartIndex = file.getName().lastIndexOf("."); - if (extStartIndex == NOT_FOUND_INDEX) { + if (extStartIndex == INDEX_NOT_FOUND) { return ""; } - return file.getName().substring(extStartIndex); + return file.getName().substring(extStartIndex).toLowerCase(); } - boolean checkIfFileExists(File file){ + public boolean checkIfFileExists(File file) { return file.exists(); } diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/JavaCertificateStoreController.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/JavaCertificateStoreController.java new file mode 100644 index 00000000..1c20fd38 --- /dev/null +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/JavaCertificateStoreController.java @@ -0,0 +1,156 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.provider; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import org.onap.oom.truststoremerger.api.ExitableException; +import org.onap.oom.truststoremerger.certification.file.provider.entry.CertificateWithAlias; +import org.onap.oom.truststoremerger.certification.file.provider.entry.CertificateWithAliasFactory; +import org.onap.oom.truststoremerger.certification.file.exception.AliasConflictException; +import org.onap.oom.truststoremerger.certification.file.exception.TruststoreDataOperationException; +import org.onap.oom.truststoremerger.certification.file.exception.LoadTruststoreException; +import org.onap.oom.truststoremerger.certification.file.exception.MissingTruststoreException; +import org.onap.oom.truststoremerger.certification.file.exception.WriteTruststoreFileException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class JavaCertificateStoreController implements CertificateController { + + private static final Logger LOGGER = LoggerFactory.getLogger(JavaCertificateStoreController.class); + + private final CertificateWithAliasFactory factory = new CertificateWithAliasFactory(); + private final KeyStore keyStore; + private final File storeFile; + private final String password; + + + public JavaCertificateStoreController(KeyStore keyStore, File storeFile, String password) { + this.keyStore = keyStore; + this.storeFile = storeFile; + this.password = password; + } + + public List getNotEmptyCertificateList() throws ExitableException { + List aliases = getTruststoreAliasesList(); + if (aliases.isEmpty()) { + throw new MissingTruststoreException("Missing certificate aliases in file: " + storeFile.getPath()); + } + return getWrappedCertificates(aliases); + } + + public void addCertificates(List certificatesWithAliases) + throws ExitableException { + if (getTruststoreAliasesList().isEmpty()){ + throw new MissingTruststoreException("Missing certificate aliases in file: " + storeFile.getPath()); + } + for (CertificateWithAlias certificate : certificatesWithAliases) { + addCertificate(certificate); + } + } + + public void saveFile() throws WriteTruststoreFileException { + try (FileOutputStream outputStream = new FileOutputStream(this.storeFile)) { + keyStore.store(outputStream, this.password.toCharArray()); + } catch (Exception e) { + LOGGER.error("Cannot write truststore file"); + throw new WriteTruststoreFileException(e); + } + } + + public void loadFile() throws LoadTruststoreException { + try { + keyStore.load(new FileInputStream(this.storeFile), this.password.toCharArray()); + } catch (Exception e) { + LOGGER.error("Cannot load file: {}", this.storeFile.getPath()); + throw new LoadTruststoreException(e); + } + } + + private void addCertificate(CertificateWithAlias certificate) + throws TruststoreDataOperationException, AliasConflictException { + if (hasAliasConflict(certificate)) { + LOGGER.error("Alias conflict detected"); + throw new AliasConflictException("Alias conflict detected. Alias conflicted: " + certificate.getAlias()); + } + try { + keyStore.setCertificateEntry(certificate.getAlias(), certificate.getCertificate()); + } catch (KeyStoreException e) { + LOGGER.error("Cannot merge certificate with alias: {}", certificate.getAlias()); + throw new TruststoreDataOperationException(e); + } + } + + private boolean hasAliasConflict(CertificateWithAlias certificate) throws TruststoreDataOperationException { + try { + return keyStore.containsAlias(certificate.getAlias()); + } catch (KeyStoreException e) { + LOGGER.error("Cannot check alias conflict"); + throw new TruststoreDataOperationException(e); + } + } + + private List getWrappedCertificates(List aliases) + throws TruststoreDataOperationException { + + List certificateWrapped = new ArrayList<>(); + + for (String alias : aliases) { + certificateWrapped.add(createWrappedCertificate(alias)); + } + return certificateWrapped; + } + + private CertificateWithAlias createWrappedCertificate(String alias) throws TruststoreDataOperationException { + try { + return factory.createCertificateWithAlias(keyStore.getCertificate(alias), alias); + } catch (KeyStoreException e) { + LOGGER.warn("Cannot get certificate with alias: {} ", alias); + throw new TruststoreDataOperationException(e); + } + } + + private List getTruststoreAliasesList() throws TruststoreDataOperationException { + try { + List aliases = Collections.list(keyStore.aliases()); + return getFilteredAlias(aliases); + } catch (KeyStoreException e) { + LOGGER.warn("Cannot read truststore aliases"); + throw new TruststoreDataOperationException(e); + } + } + + private List getFilteredAlias(List aliases) throws KeyStoreException { + List filteredAlias = new ArrayList<>(); + for (String alias : aliases) { + if (keyStore.isCertificateEntry(alias)) { + filteredAlias.add(alias); + } + } + return filteredAlias; + } + +} diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/PasswordReader.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/PasswordReader.java index db42f3bd..d7da53b0 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/PasswordReader.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/PasswordReader.java @@ -22,11 +22,12 @@ package org.onap.oom.truststoremerger.certification.file.provider; import java.io.File; import java.io.IOException; import java.nio.file.Files; +import org.onap.oom.truststoremerger.certification.file.exception.PasswordReaderException; public class PasswordReader { private static final String COULD_NOT_READ_PASSWORD_FROM_FILE_MSG_TEMPLATE = "Could not read password from file: %s"; - String readPassword(File file) throws PasswordReaderException { + public String readPassword(File file) throws PasswordReaderException { try { return Files.readString(file.toPath()); } catch (IOException e) { diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/PemCertificateController.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/PemCertificateController.java new file mode 100644 index 00000000..9ff42b87 --- /dev/null +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/PemCertificateController.java @@ -0,0 +1,155 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.provider; + +import static org.onap.oom.truststoremerger.api.CertificateConstants.BOUNCY_CASTLE_PROVIDER; +import static org.onap.oom.truststoremerger.api.CertificateConstants.X_509_CERTIFICATE; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.StringWriter; +import java.security.Security; +import java.security.cert.Certificate; +import java.security.cert.CertificateFactory; +import java.util.ArrayList; +import java.util.List; +import java.util.stream.Collectors; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.openssl.jcajce.JcaMiscPEMGenerator; +import org.bouncycastle.util.io.pem.PemObjectGenerator; +import org.bouncycastle.util.io.pem.PemWriter; +import org.onap.oom.truststoremerger.certification.file.provider.entry.CertificateWithAlias; +import org.onap.oom.truststoremerger.certification.file.provider.entry.CertificateWithAliasFactory; +import org.onap.oom.truststoremerger.certification.file.exception.MissingTruststoreException; +import org.onap.oom.truststoremerger.certification.file.exception.TruststoreDataOperationException; +import org.onap.oom.truststoremerger.certification.file.exception.WriteTruststoreFileException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class PemCertificateController implements CertificateController { + + private static final Logger LOGGER = LoggerFactory.getLogger(PemCertificateController.class); + + private static final boolean APPEND_TO_FILE = true; + + private final CertificateWithAliasFactory factory = new CertificateWithAliasFactory(); + private final List certificatesToBeSaved = new ArrayList<>(); + private final File file; + + public PemCertificateController(File file) { + this.file = file; + } + + public List getNotEmptyCertificateList() + throws TruststoreDataOperationException, MissingTruststoreException { + if (isFileWithoutPemCertificate()) { + throw new MissingTruststoreException("File does not contain any certificate"); + } + List extractedCertificate = extractCertificatesFromFile(); + return wrapCertificates(extractedCertificate); + } + + public void addCertificates(List certificates) + throws TruststoreDataOperationException, MissingTruststoreException { + if (isFileWithoutPemCertificate()) { + LOGGER.error("File does not contain any certificate. File path: {} ", this.file.getPath()); + throw new MissingTruststoreException("File does not contain any certificate"); + } + certificatesToBeSaved.addAll(certificates); + } + + public void saveFile() throws WriteTruststoreFileException, TruststoreDataOperationException { + List certificates = certificatesToBeSaved.stream() + .map(CertificateWithAlias::getCertificate) + .collect(Collectors.toList()); + String certificatesAsString = transformToStringInPemFormat(certificates); + appendToFile(certificatesAsString); + } + + boolean isFileWithoutPemCertificate() throws TruststoreDataOperationException { + List certificateList = extractCertificatesFromFile(); + return certificateList.isEmpty(); + } + + String transformToStringInPemFormat(List certificates) throws TruststoreDataOperationException { + StringWriter sw = new StringWriter(); + List generators = transformToPemGenerators(certificates); + try (PemWriter pemWriter = new PemWriter(sw)) { + for (PemObjectGenerator generator : generators) { + pemWriter.writeObject(generator); + } + } catch (IOException e) { + LOGGER.error("Cannot convert certificates to PEM format"); + throw new TruststoreDataOperationException(e); + } + return sw.toString(); + } + + + private List extractCertificatesFromFile() throws TruststoreDataOperationException { + try (FileInputStream inputStream = new FileInputStream(this.file)) { + Security.addProvider(new BouncyCastleProvider()); + CertificateFactory factory = CertificateFactory.getInstance(X_509_CERTIFICATE, BOUNCY_CASTLE_PROVIDER); + return new ArrayList<>(factory.generateCertificates(inputStream)); + } catch (Exception e) { + LOGGER.error("Cannot read certificates from file: {}", this.file.getPath()); + throw new TruststoreDataOperationException(e); + } + } + + + private List transformToPemGenerators(List certificates) + throws TruststoreDataOperationException { + List generators = new ArrayList<>(); + for (Certificate certificate : certificates) { + PemObjectGenerator generator = createPemGenerator(certificate); + generators.add(generator); + } + return generators; + } + + private JcaMiscPEMGenerator createPemGenerator(Certificate certificate) + throws TruststoreDataOperationException { + try { + return new JcaMiscPEMGenerator(certificate); + } catch (IOException e) { + LOGGER.error("Cannot convert Certificate Object to PemGenerator Object"); + throw new TruststoreDataOperationException(e); + } + } + + private List wrapCertificates(List rawCertificates) { + return rawCertificates.stream() + .map(factory::createPemCertificate) + .collect(Collectors.toList()); + } + + private void appendToFile(String certificatesAsString) throws WriteTruststoreFileException { + try { + FileOutputStream fileOutputStream = new FileOutputStream(this.file, APPEND_TO_FILE); + fileOutputStream.write(certificatesAsString.getBytes()); + } catch (Exception e) { + LOGGER.error("Cannot write certificates to file"); + throw new WriteTruststoreFileException(e); + } + } +} diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFileFactory.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFileFactory.java deleted file mode 100644 index e63e7c33..00000000 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFileFactory.java +++ /dev/null @@ -1,84 +0,0 @@ -/*============LICENSE_START======================================================= - * oom-truststore-merger - * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.oom.truststoremerger.certification.file.provider; - -import org.onap.oom.truststoremerger.certification.file.JksTruststore; -import org.onap.oom.truststoremerger.certification.file.P12Truststore; -import org.onap.oom.truststoremerger.certification.file.PemTruststore; -import org.onap.oom.truststoremerger.certification.file.TruststoreFile; - -import java.io.File; - -public class TruststoreFileFactory { - - private static final String JKS_EXTENSION = ".jks"; - private static final String P12_EXTENSION = ".p12"; - private static final String PEM_EXTENSION = ".pem"; - private static final String FILE_DOES_NOT_EXIST_MSG_TEMPLATE = "File: %s does not exist"; - private static final String UNKNOWN_TRUSTSTORE_TYPE_MSG_TEMPLATE = "Unknown truststore extension type: %s"; - - private final FileManager fileManager; - private final PasswordReader passwordReader; - - public TruststoreFileFactory(FileManager fileManager, PasswordReader passwordReader) { - this.fileManager = fileManager; - this.passwordReader = passwordReader; - } - - TruststoreFile create(String truststoreFilePath, String truststorePasswordPath) - throws TruststoreFileFactoryException, PasswordReaderException { - File truststoreFile = new File(truststoreFilePath); - if (!fileManager.checkIfFileExists(truststoreFile)) { - throw new TruststoreFileFactoryException(String.format(FILE_DOES_NOT_EXIST_MSG_TEMPLATE, truststoreFile)); - } - return createTypedTruststore(truststoreFile, truststorePasswordPath); - } - - private TruststoreFile createTypedTruststore(File truststoreFile, String truststorePasswordPath) - throws PasswordReaderException, TruststoreFileFactoryException { - String extension = fileManager.getExtension(truststoreFile); - switch (extension) { - case JKS_EXTENSION: - return createJksTruststore(truststoreFile, truststorePasswordPath); - case P12_EXTENSION: - return createP12Truststore(truststoreFile, truststorePasswordPath); - case PEM_EXTENSION: - return createPemTruststore(truststoreFile); - default: - throw new TruststoreFileFactoryException(String.format(UNKNOWN_TRUSTSTORE_TYPE_MSG_TEMPLATE, extension)); - } - } - - private JksTruststore createJksTruststore(File truststoreFile, String truststorePasswordPath) - throws PasswordReaderException { - String password = passwordReader.readPassword(new File(truststorePasswordPath)); - return new JksTruststore(truststoreFile, password); - } - - private P12Truststore createP12Truststore(File truststoreFile, String truststorePasswordPath) - throws PasswordReaderException { - String password = passwordReader.readPassword(new File(truststorePasswordPath)); - return new P12Truststore(truststoreFile, password); - } - - private PemTruststore createPemTruststore(File truststoreFile) { - return new PemTruststore(truststoreFile); - } -} diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/JksTruststore.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/entry/CertificateWithAlias.java similarity index 68% rename from trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/JksTruststore.java rename to trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/entry/CertificateWithAlias.java index b977daee..decc3977 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/JksTruststore.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/entry/CertificateWithAlias.java @@ -17,21 +17,25 @@ * ============LICENSE_END========================================================= */ -package org.onap.oom.truststoremerger.certification.file; +package org.onap.oom.truststoremerger.certification.file.provider.entry; -import java.io.File; import java.security.cert.Certificate; -import java.util.Collections; -import java.util.List; -public class JksTruststore extends TruststoreFileWithPassword { +public class CertificateWithAlias { - public JksTruststore(File truststoreFile, String password) { - super(truststoreFile, password); + private final Certificate certificate; + private final String alias; + + public CertificateWithAlias(Certificate certificate, String alias) { + this.certificate = certificate; + this.alias = alias; + } + + public String getAlias() { + return this.alias; } - @Override - public List getCertificates() { - return Collections.emptyList(); + public Certificate getCertificate() { + return this.certificate; } } diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/P12Truststore.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/entry/CertificateWithAliasFactory.java similarity index 69% rename from trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/P12Truststore.java rename to trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/entry/CertificateWithAliasFactory.java index 8527cce5..0889650e 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/P12Truststore.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/entry/CertificateWithAliasFactory.java @@ -17,22 +17,17 @@ * ============LICENSE_END========================================================= */ -package org.onap.oom.truststoremerger.certification.file; +package org.onap.oom.truststoremerger.certification.file.provider.entry; -import java.io.File; import java.security.cert.Certificate; -import java.util.Collections; -import java.util.List; -public class P12Truststore extends TruststoreFileWithPassword { +public class CertificateWithAliasFactory { - public P12Truststore(File truststoreFile, String password) { - super(truststoreFile, password); + public CertificateWithAlias createCertificateWithAlias(Certificate certificate, String alias) { + return new CertificateWithAlias(certificate, alias); } - @Override - public List getCertificates() { - return Collections.emptyList(); + public CertificateWithAlias createPemCertificate(Certificate certificate) { + return new CertificateWithAlias(certificate, PemAliasGenerator.getInstance().getAlias()); } - } diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/entry/PemAliasGenerator.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/entry/PemAliasGenerator.java new file mode 100644 index 00000000..56faa1f6 --- /dev/null +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/file/provider/entry/PemAliasGenerator.java @@ -0,0 +1,42 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.provider.entry; + + +import java.util.concurrent.atomic.AtomicInteger; + +public class PemAliasGenerator { + + private static final String PREFIX_ALIAS_NAME = "pem-trusted-certificate-"; + private static final PemAliasGenerator INSTANCE = new PemAliasGenerator(); + private static AtomicInteger counter = new AtomicInteger(0); + + private PemAliasGenerator() { + } + + public static PemAliasGenerator getInstance() { + return INSTANCE; + } + + public String getAlias() { + + return PREFIX_ALIAS_NAME + counter.getAndIncrement(); + } +} diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/path/EnvProvider.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/path/EnvProvider.java index 4bb763da..a1998b86 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/path/EnvProvider.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/path/EnvProvider.java @@ -21,9 +21,16 @@ package org.onap.oom.truststoremerger.certification.path; import java.util.Optional; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + public class EnvProvider { + private static final Logger LOGGER = LoggerFactory.getLogger(EnvProvider.class); + Optional getEnv(String name) { + String value = System.getenv(name); + LOGGER.info("Read variable: {} , value: {}", name, value); return Optional.ofNullable(System.getenv(name)); } } diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/path/TruststoresPathsProvider.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/path/TruststoresPathsProvider.java index f8e85d49..9d86a8b9 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/path/TruststoresPathsProvider.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/certification/path/TruststoresPathsProvider.java @@ -19,8 +19,8 @@ package org.onap.oom.truststoremerger.certification.path; -import static org.onap.oom.truststoremerger.api.ConfigurationEnvs.TRUSTSTORES_ENV; -import static org.onap.oom.truststoremerger.api.ConfigurationEnvs.TRUSTSTORES_PASSWORDS_ENV; +import static org.onap.oom.truststoremerger.api.ConfigurationEnvs.TRUSTSTORES_PATHS_ENV; +import static org.onap.oom.truststoremerger.api.ConfigurationEnvs.TRUSTSTORES_PASSWORDS_PATHS_ENV; import java.util.Arrays; import java.util.List; @@ -31,8 +31,8 @@ public class TruststoresPathsProvider { private static final String DELIMITER = ":"; private static final int NEGATIVE_SPLIT_LIMIT = -1; - private EnvProvider envProvider; - private PathValidator pathValidator; + private final EnvProvider envProvider; + private final PathValidator pathValidator; public TruststoresPathsProvider(EnvProvider envProvider, PathValidator pathValidator) { this.envProvider = envProvider; @@ -40,20 +40,20 @@ public class TruststoresPathsProvider { } public List getTruststores() throws TruststoresPathsProviderException { - return envProvider.getEnv(TRUSTSTORES_ENV) + return envProvider.getEnv(TRUSTSTORES_PATHS_ENV) .filter(Predicate.not(String::isEmpty)) .map(this::splitToList) .filter(this::validateTruststores) .orElseThrow(() -> new TruststoresPathsProviderException( - TRUSTSTORES_ENV + " environment variable does not contain valid truststores paths")); + TRUSTSTORES_PATHS_ENV + " environment variable does not contain valid truststores paths")); } public List getTruststoresPasswords() throws TruststoresPathsProviderException { - return envProvider.getEnv(TRUSTSTORES_PASSWORDS_ENV) + return envProvider.getEnv(TRUSTSTORES_PASSWORDS_PATHS_ENV) .map(this::splitToList) .filter(this::validateTruststoresPasswords) .orElseThrow(() -> new TruststoresPathsProviderException( - TRUSTSTORES_PASSWORDS_ENV + " environment variable does not contain valid passwords paths")); + TRUSTSTORES_PASSWORDS_PATHS_ENV + " environment variable does not contain valid passwords paths")); } private boolean validateTruststores(List truststores) { diff --git a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/configuration/MergerConfigurationFactory.java b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/configuration/MergerConfigurationFactory.java index 7a2fdc10..acd9a840 100644 --- a/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/configuration/MergerConfigurationFactory.java +++ b/trustStoreMerger/src/main/java/org/onap/oom/truststoremerger/configuration/MergerConfigurationFactory.java @@ -22,8 +22,8 @@ package org.onap.oom.truststoremerger.configuration; import org.onap.oom.truststoremerger.certification.path.TruststoresPathsProvider; import org.onap.oom.truststoremerger.certification.path.TruststoresPathsProviderException; -import static org.onap.oom.truststoremerger.api.ConfigurationEnvs.TRUSTSTORES_ENV; -import static org.onap.oom.truststoremerger.api.ConfigurationEnvs.TRUSTSTORES_PASSWORDS_ENV; +import static org.onap.oom.truststoremerger.api.ConfigurationEnvs.TRUSTSTORES_PATHS_ENV; +import static org.onap.oom.truststoremerger.api.ConfigurationEnvs.TRUSTSTORES_PASSWORDS_PATHS_ENV; import java.util.List; @@ -42,8 +42,8 @@ public class MergerConfigurationFactory { if (truststores.size() != truststoresPasswords.size()) { throw new MergerConfigurationException( - "Size of " + TRUSTSTORES_ENV - + " does not match size of " + TRUSTSTORES_PASSWORDS_ENV + " environment variables"); + "Size of " + TRUSTSTORES_PATHS_ENV + + " does not match size of " + TRUSTSTORES_PASSWORDS_PATHS_ENV + " environment variables"); } return new MergerConfiguration(truststores, truststoresPasswords); diff --git a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/TestCertificateProvider.java b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/TestCertificateProvider.java new file mode 100644 index 00000000..c971ca17 --- /dev/null +++ b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/TestCertificateProvider.java @@ -0,0 +1,157 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file; + +import java.io.File; +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.nio.file.StandardCopyOption; +import org.onap.oom.truststoremerger.certification.file.exception.KeystoreInstanceException; +import org.onap.oom.truststoremerger.certification.file.exception.LoadTruststoreException; +import org.onap.oom.truststoremerger.certification.file.model.JavaTruststore; +import org.onap.oom.truststoremerger.certification.file.model.PemTruststore; +import org.onap.oom.truststoremerger.certification.file.provider.JavaCertificateStoreController; +import org.onap.oom.truststoremerger.certification.file.provider.CertificateStoreControllerFactory; +import org.onap.oom.truststoremerger.certification.file.provider.PemCertificateController; + +public class TestCertificateProvider { + + public static final String SAMPLE_P12_TRUSTSTORE_FILE_PATH = "src/test/resources/truststore-p12.p12"; + public static final String SAMPLE_P12_TRUSTSTORE_PASSWORD = "88y9v5D8H3SG6bZWRVHDfOAo"; + public static final String TMP_P12_TRUSTSTORE_FILE_PATH = "src/test/resources/tmp-truststore-p12.p12"; + + public static final String SAMPLE_P12_KEYSTORE_FILE_PATH = "src/test/resources/keystore.p12"; + public static final String SAMPLE_P12_KEYSTORE_PASSWORD = "Foh49MJNYI7S_pEzE9gvUDSu"; + + public static final String SAMPLE_JKS_TRUSTSTORE_FILE_PATH = "src/test/resources/truststore-jks.jks"; + public static final String SAMPLE_JKS_TRUSTSTORE_UNIQUE_ALIAS_FILE_PATH = "src/test/resources/truststore-jks-uniq.jks"; + public static final String SAMPLE_JKS_TRUSTSTORE_PASSWORD = "EOyuFbuYDyq_EhpboM72RHua"; + public static final String TMP_JKS_TRUSTSTORE_FILE_PATH = "src/test/resources/tmp-truststore-jks.jks"; + + public static final String SAMPLE_PEM_TRUSTSTORE_FILE_PATH = "src/test/resources/truststore.pem"; + public static final String EMPTY_PEM_TRUSTSTORE_FILE_PATH = "src/test/resources/empty-truststore.pem"; + public static final String TMP_PEM_TRUSTSTORE_FILE_PATH = "src/test/resources/tmp-truststore.pem"; + public static final String SAMPLE_PEM_TRUSTSTORE_WITH_PRIVATE_KEY_FILE_PATH = "src/test/resources/truststore-with-private-key.pem"; + + private static final CertificateStoreControllerFactory certificateStoreControllerFactory = new CertificateStoreControllerFactory(); + + public static JavaTruststore getSampleP12Truststore() throws LoadTruststoreException, KeystoreInstanceException { + return createP12TruststoreInstance(SAMPLE_P12_TRUSTSTORE_FILE_PATH, SAMPLE_P12_TRUSTSTORE_PASSWORD); + } + + public static JavaTruststore getSampleP12Keystore() throws LoadTruststoreException, KeystoreInstanceException { + return createP12TruststoreInstance(SAMPLE_P12_KEYSTORE_FILE_PATH, SAMPLE_P12_KEYSTORE_PASSWORD); + } + + public static JavaTruststore createTmpP12TruststoreFile() + throws IOException, LoadTruststoreException, KeystoreInstanceException { + copyFile(SAMPLE_P12_TRUSTSTORE_FILE_PATH, TMP_P12_TRUSTSTORE_FILE_PATH); + return createP12TruststoreInstance(TMP_P12_TRUSTSTORE_FILE_PATH, SAMPLE_P12_TRUSTSTORE_PASSWORD); + } + + public static JavaTruststore getTmpP12TruststoreFile() throws LoadTruststoreException, KeystoreInstanceException { + return createP12TruststoreInstance(TMP_P12_TRUSTSTORE_FILE_PATH, SAMPLE_P12_TRUSTSTORE_PASSWORD); + } + + private static JavaTruststore createP12TruststoreInstance(String filePath, String password) + throws LoadTruststoreException, KeystoreInstanceException { + File certFile = getFile(filePath); + JavaCertificateStoreController storeController = certificateStoreControllerFactory + .createLoadedPkcs12CertificateStoreController(certFile, password); + return new JavaTruststore(certFile, storeController); + } + + public static PemTruststore getSamplePemTruststoreFile() { + return getPemTruststoreInstance(SAMPLE_PEM_TRUSTSTORE_FILE_PATH); + } + + public static PemTruststore getEmptyPemTruststoreFile() { + return getPemTruststoreInstance(EMPTY_PEM_TRUSTSTORE_FILE_PATH); + } + + public static PemTruststore createEmptyTmpPemTruststoreFile() throws IOException { + copyFile(EMPTY_PEM_TRUSTSTORE_FILE_PATH, TMP_PEM_TRUSTSTORE_FILE_PATH); + return getPemTruststoreInstance(TMP_PEM_TRUSTSTORE_FILE_PATH); + } + + public static PemTruststore createTmpPemTruststoreFile() throws IOException { + copyFile(SAMPLE_PEM_TRUSTSTORE_FILE_PATH, TMP_PEM_TRUSTSTORE_FILE_PATH); + return getPemTruststoreInstance(TMP_PEM_TRUSTSTORE_FILE_PATH); + } + + public static PemTruststore getTmpPemTruststoreFile() { + return getPemTruststoreInstance(TMP_PEM_TRUSTSTORE_FILE_PATH); + } + + public static PemTruststore getPemWithPrivateKeyTruststoreFile() { + return getPemTruststoreInstance(SAMPLE_PEM_TRUSTSTORE_WITH_PRIVATE_KEY_FILE_PATH); + } + + public static String getExpectedPemCertificateAsString() throws IOException { + Path samplePemFilePath = Paths.get(SAMPLE_PEM_TRUSTSTORE_FILE_PATH); + return Files.readString(samplePemFilePath); + } + + public static JavaTruststore getSampleJksTruststoreFile() + throws LoadTruststoreException, KeystoreInstanceException { + return createJKSTruststoreInstance(SAMPLE_JKS_TRUSTSTORE_FILE_PATH, SAMPLE_JKS_TRUSTSTORE_PASSWORD); + } + + public static JavaTruststore getSampleJksTruststoreFileWithUniqueAlias() + throws LoadTruststoreException, KeystoreInstanceException { + return createJKSTruststoreInstance(SAMPLE_JKS_TRUSTSTORE_UNIQUE_ALIAS_FILE_PATH, + SAMPLE_JKS_TRUSTSTORE_PASSWORD); + } + + public static JavaTruststore createTmpJksTruststoreFileWithUniqAlias() + throws IOException, LoadTruststoreException, KeystoreInstanceException { + copyFile(SAMPLE_JKS_TRUSTSTORE_UNIQUE_ALIAS_FILE_PATH, TMP_JKS_TRUSTSTORE_FILE_PATH); + return createJKSTruststoreInstance(TMP_JKS_TRUSTSTORE_FILE_PATH, SAMPLE_JKS_TRUSTSTORE_PASSWORD); + } + + public static void removeTemporaryFiles() throws IOException { + Files.deleteIfExists(Paths.get(TMP_PEM_TRUSTSTORE_FILE_PATH)); + Files.deleteIfExists(Paths.get(TMP_JKS_TRUSTSTORE_FILE_PATH)); + Files.deleteIfExists(Paths.get(TMP_P12_TRUSTSTORE_FILE_PATH)); + } + + private static JavaTruststore createJKSTruststoreInstance(String filePath, String password) + throws LoadTruststoreException, KeystoreInstanceException { + File certFile = getFile(filePath); + JavaCertificateStoreController storeController = certificateStoreControllerFactory + .createLoadedJksCertificateStoreController(certFile, password); + return new JavaTruststore(certFile, storeController); + } + + private static PemTruststore getPemTruststoreInstance(String tmpPemTruststoreFilePath) { + File file = getFile(tmpPemTruststoreFilePath); + return new PemTruststore(file, new PemCertificateController(file)); + } + + private static void copyFile(String sourcePath, String destPath) throws IOException { + Files.copy(Paths.get(sourcePath), Paths.get(destPath), StandardCopyOption.REPLACE_EXISTING); + } + + private static File getFile(String path) { + return new File(path); + } +} diff --git a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/model/JavaTruststoreTest.java b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/model/JavaTruststoreTest.java new file mode 100644 index 00000000..eccf36bc --- /dev/null +++ b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/model/JavaTruststoreTest.java @@ -0,0 +1,116 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.model; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.onap.oom.truststoremerger.api.CertificateConstants.X_509_CERTIFICATE; + +import java.io.IOException; +import java.security.cert.Certificate; +import java.util.List; +import org.junit.jupiter.api.AfterAll; +import org.junit.jupiter.api.Test; +import org.onap.oom.truststoremerger.api.ExitableException; +import org.onap.oom.truststoremerger.certification.file.provider.entry.CertificateWithAlias; +import org.onap.oom.truststoremerger.certification.file.TestCertificateProvider; + + +class JavaTruststoreTest { + public static final int FIRST_ELEMENT = 0; + private static final int EXPECTED_ONE = 1; + public static final int EXPECTED_THREE = 3; + + @Test + void jksTruststoreShouldReadCertificatesFromFile() throws ExitableException { + + //given + JavaTruststore jksTruststoreFile = TestCertificateProvider.getSampleJksTruststoreFile(); + + //when + List certificates = jksTruststoreFile.getCertificates(); + Certificate certificate = certificates.get(FIRST_ELEMENT).getCertificate(); + + //then + assertThat(certificates).hasSize(EXPECTED_ONE); + assertThat(certificate.getType()).isEqualTo(X_509_CERTIFICATE); + } + + @Test + void jksTruststoreShouldAddDifferentCertificates() throws Exception { + + //given + JavaTruststore jksTruststore = TestCertificateProvider.createTmpJksTruststoreFileWithUniqAlias(); + List p12certificates = TestCertificateProvider.getSampleP12Truststore() + .getCertificates(); + List pemCertificates = TestCertificateProvider.getSamplePemTruststoreFile() + .getCertificates(); + + //when + jksTruststore.addCertificate(p12certificates); + jksTruststore.addCertificate(pemCertificates); + + //then + assertThat(jksTruststore.getCertificates()).hasSize(EXPECTED_THREE); + + } + + @Test + void p12TruststoreShouldReadCertificatesFromFile() throws ExitableException { + //given + JavaTruststore p12Truststore = TestCertificateProvider.getSampleP12Truststore(); + + //when + List certificatesWithAliases = p12Truststore.getCertificates(); + Certificate certificate = certificatesWithAliases.get(FIRST_ELEMENT).getCertificate(); + + //then + assertThat(certificatesWithAliases).hasSize(EXPECTED_ONE); + assertThat(certificate.getType()).isEqualTo(X_509_CERTIFICATE); + } + + + @Test + void p12TruststoreShouldAddDifferentCertificates() throws Exception { + //given + JavaTruststore p12Truststore = TestCertificateProvider.createTmpP12TruststoreFile(); + List jksTruststoreCertificates = TestCertificateProvider + .getSampleJksTruststoreFileWithUniqueAlias() + .getCertificates(); + List pemTruststoreCertificates = TestCertificateProvider.getSamplePemTruststoreFile() + .getCertificates(); + + //when + p12Truststore.addCertificate(jksTruststoreCertificates); + p12Truststore.addCertificate(pemTruststoreCertificates); + p12Truststore.saveFile(); + + + //then + JavaTruststore p12TruststoreSaved = TestCertificateProvider.getTmpP12TruststoreFile(); + assertThat(p12TruststoreSaved.getCertificates()).hasSize(EXPECTED_THREE); + } + + + + @AfterAll + static void removeTemporaryFiles() throws IOException { + TestCertificateProvider.removeTemporaryFiles(); + } +} diff --git a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/model/PemTruststoreTest.java b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/model/PemTruststoreTest.java new file mode 100644 index 00000000..e7ffa093 --- /dev/null +++ b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/model/PemTruststoreTest.java @@ -0,0 +1,149 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.model; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; +import static org.onap.oom.truststoremerger.api.CertificateConstants.X_509_CERTIFICATE; + +import java.io.IOException; +import java.security.cert.Certificate; +import java.security.cert.CertificateEncodingException; +import java.util.ArrayList; +import java.util.List; +import org.junit.jupiter.api.AfterAll; +import org.junit.jupiter.api.Test; +import org.onap.oom.truststoremerger.api.ExitableException; +import org.onap.oom.truststoremerger.certification.file.provider.entry.CertificateWithAlias; +import org.onap.oom.truststoremerger.certification.file.provider.entry.CertificateWithAliasFactory; +import org.onap.oom.truststoremerger.certification.file.TestCertificateProvider; +import org.onap.oom.truststoremerger.certification.file.exception.MissingTruststoreException; +import org.onap.oom.truststoremerger.certification.file.exception.TruststoreDataOperationException; +import org.onap.oom.truststoremerger.certification.file.exception.WriteTruststoreFileException; + +class PemTruststoreTest { + + public static final int EXPECTED_ONE = 1; + public static final int EXPECTED_THREE = 3; + public static final int FIRST_ELEMENT = 0; + + private final CertificateWithAliasFactory factory = new CertificateWithAliasFactory(); + + @Test + void pemTruststoreShouldReadCertificatesFromFile() throws ExitableException { + + //given + PemTruststore pemTruststore = TestCertificateProvider.getSamplePemTruststoreFile(); + + //when + List certificates = pemTruststore.getCertificates(); + Certificate certificate = certificates.get(FIRST_ELEMENT).getCertificate(); + //then + + assertThat(certificates).hasSize(EXPECTED_ONE); + assertThat(certificate.getType()).isEqualTo(X_509_CERTIFICATE); + } + + @Test + void pemTruststoreShouldAddDifferentCertificates() throws IOException, ExitableException { + + //given + PemTruststore tmpPemTruststoreFile = TestCertificateProvider.createTmpPemTruststoreFile(); + List jksTruststoreCertificates = TestCertificateProvider + .getSampleJksTruststoreFileWithUniqueAlias().getCertificates(); + List p12TruststoreCertificates = TestCertificateProvider.getSampleP12Truststore() + .getCertificates(); + + //when + tmpPemTruststoreFile.addCertificate(jksTruststoreCertificates); + tmpPemTruststoreFile.addCertificate(p12TruststoreCertificates); + tmpPemTruststoreFile.saveFile(); + + PemTruststore tmpPemTruststoreSaved = TestCertificateProvider.getTmpPemTruststoreFile(); + List addedCertificates = tmpPemTruststoreSaved.getCertificates(); + Certificate certificate = addedCertificates.get(FIRST_ELEMENT).getCertificate(); + + //then + assertThat(addedCertificates).hasSize(EXPECTED_THREE); + assertThat(certificate.getType()).isEqualTo(X_509_CERTIFICATE); + + } + + @Test + void privateKeyIsSkippedWhileReadingCertificates() throws ExitableException { + //given + PemTruststore pemTruststore = TestCertificateProvider.getPemWithPrivateKeyTruststoreFile(); + + //when + List certificate = pemTruststore.getCertificates(); + //then + + assertThat(certificate).hasSize(EXPECTED_ONE); + } + + @Test + void shouldThrowExceptionWhenCannotSaveFile() throws IOException, ExitableException { + //given + PemTruststore tmpPemTruststoreFile = TestCertificateProvider.createTmpPemTruststoreFile(); + List pemTruststoreCertificates = + TestCertificateProvider.getSamplePemTruststoreFile().getCertificates(); + //when + tmpPemTruststoreFile.addCertificate(pemTruststoreCertificates); + tmpPemTruststoreFile.getFile().setWritable(false); + //then + assertThatExceptionOfType(WriteTruststoreFileException.class) + .isThrownBy(tmpPemTruststoreFile::saveFile); + + } + + @Test + void shouldThrowExceptionWhenFileNotContainsCertificate() throws IOException { + //given + PemTruststore tmpPemTruststoreFile = TestCertificateProvider.createEmptyTmpPemTruststoreFile(); + //when//then + assertThatExceptionOfType(MissingTruststoreException.class) + .isThrownBy(tmpPemTruststoreFile::getCertificates); + } + + @Test + void shouldThrowExceptionWhenCannotConvertCertificateToPem() throws Exception { + //given + PemTruststore pemTruststore = TestCertificateProvider.createTmpPemTruststoreFile(); + Certificate certificate = mock(Certificate.class); + + when(certificate.getEncoded()).thenThrow(new CertificateEncodingException()); + + List certificatesWithAliases = new ArrayList<>(); + certificatesWithAliases.add(factory.createPemCertificate(certificate)); + pemTruststore.addCertificate(certificatesWithAliases); + + //when //then + assertThatExceptionOfType(TruststoreDataOperationException.class) + .isThrownBy(pemTruststore::saveFile); + } + + @AfterAll + static void removeTemporaryFiles() throws IOException { + TestCertificateProvider.removeTemporaryFiles(); + } + +} diff --git a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/model/TruststoreTest.java b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/model/TruststoreTest.java new file mode 100644 index 00000000..eea1f9c7 --- /dev/null +++ b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/model/TruststoreTest.java @@ -0,0 +1,60 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.model; + +import java.io.File; +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Paths; +import org.junit.jupiter.api.AfterAll; +import org.junit.jupiter.api.Test; +import org.onap.oom.truststoremerger.certification.file.exception.CreateBackupException; +import org.onap.oom.truststoremerger.certification.file.provider.PemCertificateController; + +import static org.assertj.core.api.Assertions.assertThat; + +class TruststoreTest { + + private static final String PEM_FILE_PATH = "src/test/resources/truststore.pem"; + private static final String PEM_BACKUP_FILE_PATH = "src/test/resources/truststore.pem.bak"; + private static final String BACKUP_EXTENSION = ".bak"; + + + @Test + void createBackupShouldCreateFileWithExtension() throws CreateBackupException { + //given + File pemFile = new File(PEM_FILE_PATH); + Truststore truststore = new PemTruststore(pemFile, new PemCertificateController(pemFile)); + //when + truststore.createBackup(); + + //then + File backupFile = new File(PEM_BACKUP_FILE_PATH); + assertThat(backupFile.getName().endsWith(BACKUP_EXTENSION)).isTrue(); + assertThat(backupFile.isFile()).isTrue(); + } + + + @AfterAll + static void removeBackupFile() throws IOException { + Files.deleteIfExists(Paths.get(PEM_BACKUP_FILE_PATH)); + } + +} diff --git a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/FileManagerTest.java b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/FileManagerTest.java index d348dd7e..c649ba68 100644 --- a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/FileManagerTest.java +++ b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/FileManagerTest.java @@ -33,12 +33,13 @@ class FileManagerTest { @ParameterizedTest @CsvSource(value = { - "opt/app/truststore.jks:.jks", - "opt/app/truststore.p12:.p12", - "opt/app/truststore.pem:.pem", - "opt/app/truststore:''", + "opt/app/truststore.jks:.jks", + "opt/app/truststore.p12:.p12", + "opt/app/truststore.pem:.pem", + "opt/app/truststore.PEM:.pem", + "opt/app/truststore:''", }, delimiter = ':') - void shouldReturnCorrectExtension(String filePath, String expectedExtension){ + void shouldReturnCorrectExtension(String filePath, String expectedExtension) { String extension = fileManager.getExtension(new File(filePath)); assertThat(extension).isEqualTo(expectedExtension); } diff --git a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/JavaCertificateStoreControllerTest.java b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/JavaCertificateStoreControllerTest.java new file mode 100644 index 00000000..8ee77ef2 --- /dev/null +++ b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/JavaCertificateStoreControllerTest.java @@ -0,0 +1,59 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.provider; + +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.onap.oom.truststoremerger.certification.file.TestCertificateProvider.getSampleJksTruststoreFile; + +import java.util.List; +import org.junit.jupiter.api.Test; +import org.onap.oom.truststoremerger.api.ExitableException; +import org.onap.oom.truststoremerger.certification.file.provider.entry.CertificateWithAlias; +import org.onap.oom.truststoremerger.certification.file.TestCertificateProvider; +import org.onap.oom.truststoremerger.certification.file.exception.AliasConflictException; +import org.onap.oom.truststoremerger.certification.file.exception.MissingTruststoreException; +import org.onap.oom.truststoremerger.certification.file.model.JavaTruststore; + +class JavaCertificateStoreControllerTest { + + + @Test + void throwExceptionWhenAliasConflictDetected() throws Exception { + //given + JavaTruststore p12Truststore = TestCertificateProvider.getSampleP12Truststore(); + List jksTruststoreCertificates = getSampleJksTruststoreFile().getCertificates(); + + //when //then + assertThatExceptionOfType(AliasConflictException.class) + .isThrownBy(() -> p12Truststore.addCertificate(jksTruststoreCertificates)); + } + + + @Test + void throwExceptionWhenFileNotContainsTruststoreEntry() throws ExitableException { + //given + JavaTruststore p12Truststore = TestCertificateProvider.getSampleP12Keystore(); + + //when//then + assertThatExceptionOfType(MissingTruststoreException.class) + .isThrownBy(p12Truststore::getCertificates); + } + +} diff --git a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/PasswordReaderTest.java b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/PasswordReaderTest.java index 712935ac..40eda4dd 100644 --- a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/PasswordReaderTest.java +++ b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/PasswordReaderTest.java @@ -22,6 +22,7 @@ package org.onap.oom.truststoremerger.certification.file.provider; import org.junit.jupiter.api.Test; import java.io.File; +import org.onap.oom.truststoremerger.certification.file.exception.PasswordReaderException; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; diff --git a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/PemCertificateControllerTest.java b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/PemCertificateControllerTest.java new file mode 100644 index 00000000..080fcca3 --- /dev/null +++ b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/PemCertificateControllerTest.java @@ -0,0 +1,95 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.provider; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; + +import java.io.File; +import java.io.IOException; +import java.security.cert.Certificate; +import java.util.List; +import java.util.stream.Collectors; +import org.junit.jupiter.api.Test; +import org.onap.oom.truststoremerger.api.ExitableException; +import org.onap.oom.truststoremerger.certification.file.provider.entry.CertificateWithAlias; +import org.onap.oom.truststoremerger.certification.file.TestCertificateProvider; +import org.onap.oom.truststoremerger.certification.file.exception.MissingTruststoreException; +import org.onap.oom.truststoremerger.certification.file.exception.TruststoreDataOperationException; +import org.onap.oom.truststoremerger.certification.file.model.PemTruststore; + +class PemCertificateControllerTest { + + @Test + void getNotEmptyCertificateListShouldThrowExceptionWhenFileNotContainsCertificate() { + //given + File emptyPemFile = TestCertificateProvider.getEmptyPemTruststoreFile().getFile(); + PemCertificateController pemCertificateController = new PemCertificateController(emptyPemFile); + //when//then + assertThatExceptionOfType(MissingTruststoreException.class) + .isThrownBy(pemCertificateController::getNotEmptyCertificateList); + } + + @Test + void transformToStringInPemFormatShouldCorrectlyTransform() throws ExitableException, IOException { + //given + PemTruststore pemTruststore = TestCertificateProvider.getSamplePemTruststoreFile(); + List wrappedCertificates = pemTruststore.getCertificates(); + File notEmptyPemFile = pemTruststore.getFile(); + List certificateList = unWrapCertificate(wrappedCertificates); + PemCertificateController pemCertificateController = new PemCertificateController(notEmptyPemFile); + String expected = TestCertificateProvider.getExpectedPemCertificateAsString(); + + //when + String certificateTransformed = pemCertificateController.transformToStringInPemFormat(certificateList); + + //then + assertThat(certificateTransformed).isEqualTo(expected); + } + + @Test + void fileNotContainsPemCertificateShouldReturnTrueIfFileNotContainsCertificate() + throws TruststoreDataOperationException { + //given + File emptyPemFile = TestCertificateProvider.getEmptyPemTruststoreFile().getFile(); + PemCertificateController pemCertificateController = new PemCertificateController(emptyPemFile); + //when//then + assertThat(pemCertificateController.isFileWithoutPemCertificate()).isTrue(); + } + + @Test + void fileNotContainsPemCertificateShouldReturnFalseIfFileContainsCertificate() + throws TruststoreDataOperationException { + //given + File notEmptyPemFile = TestCertificateProvider.getSamplePemTruststoreFile().getFile(); + PemCertificateController pemCertificateController = new PemCertificateController(notEmptyPemFile); + + //when//then + assertThat(pemCertificateController.isFileWithoutPemCertificate()).isFalse(); + } + + private List unWrapCertificate(List certificateWithAliases) { + return certificateWithAliases + .stream() + .map(CertificateWithAlias::getCertificate) + .collect(Collectors.toList()); + } + +} diff --git a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFileFactoryTest.java b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFactoryTest.java similarity index 70% rename from trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFileFactoryTest.java rename to trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFactoryTest.java index f00b2bc4..b2063cc3 100644 --- a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFileFactoryTest.java +++ b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFactoryTest.java @@ -24,25 +24,27 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.junit.jupiter.MockitoExtension; -import org.onap.oom.truststoremerger.certification.file.JksTruststore; -import org.onap.oom.truststoremerger.certification.file.P12Truststore; -import org.onap.oom.truststoremerger.certification.file.PemTruststore; -import org.onap.oom.truststoremerger.certification.file.TruststoreFile; +import org.onap.oom.truststoremerger.certification.file.TruststoreFileFactory; +import org.onap.oom.truststoremerger.certification.file.model.JavaTruststore; +import org.onap.oom.truststoremerger.certification.file.model.PemTruststore; +import org.onap.oom.truststoremerger.certification.file.model.Truststore; +import org.onap.oom.truststoremerger.certification.file.exception.KeystoreInstanceException; +import org.onap.oom.truststoremerger.certification.file.exception.LoadTruststoreException; import java.io.File; +import org.onap.oom.truststoremerger.certification.file.exception.PasswordReaderException; +import org.onap.oom.truststoremerger.certification.file.exception.TruststoreFileFactoryException; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; @ExtendWith(MockitoExtension.class) -class TruststoreFileFactoryTest { +class TruststoreFactoryTest { private static final String TRUSTSTORE_JKS_PATH = "src/test/resources/truststore-jks.jks"; private static final String TRUSTSTORE_JKS_PASS_PATH = "src/test/resources/truststore-jks.pass"; - private static final String TRUSTSTORE_JKS_PASS = "EOyuFbuYDyq_EhpboM72RHua"; private static final String TRUSTSTORE_P12_PATH = "src/test/resources/truststore-p12.p12"; private static final String TRUSTSTORE_P12_PASS_PATH = "src/test/resources/truststore-p12.pass"; - private static final String TRUSTSTORE_P12_PASS = "88y9v5D8H3SG6bZWRVHDfOAo"; private static final String TRUSTSTORE_PEM_PATH = "src/test/resources/truststore.pem"; private static final String EMPTY_PASS_PATH = ""; private static final String TRUSTSTORE_UNKNOWN_EXTENSION_PATH = "src/test/resources/truststore-jks.unknown"; @@ -56,28 +58,28 @@ class TruststoreFileFactoryTest { } @Test - void shouldReturnCorrectJksTruststoreForJksFile() throws TruststoreFileFactoryException, PasswordReaderException { - TruststoreFile truststore = truststoreFileFactory + void shouldReturnCorrectJksTruststoreForJksFile() + throws LoadTruststoreException, PasswordReaderException, TruststoreFileFactoryException, KeystoreInstanceException { + Truststore truststore = truststoreFileFactory .create(TRUSTSTORE_JKS_PATH, TRUSTSTORE_JKS_PASS_PATH); - assertThat(truststore).isInstanceOf(JksTruststore.class); - JksTruststore jksTruststore = (JksTruststore) truststore; - assertThat(jksTruststore.getPassword()).isEqualTo(TRUSTSTORE_JKS_PASS); - assertThat(jksTruststore.getTruststoreFile()).isEqualTo(new File(TRUSTSTORE_JKS_PATH)); + assertThat(truststore).isInstanceOf(JavaTruststore.class); + JavaTruststore jksTruststore = (JavaTruststore) truststore; + assertThat(jksTruststore.getFile()).isEqualTo(new File(TRUSTSTORE_JKS_PATH)); } @Test - void shouldReturnCorrectP12TruststoreForP12File() throws TruststoreFileFactoryException, PasswordReaderException { - TruststoreFile truststore = truststoreFileFactory + void shouldReturnCorrectP12TruststoreForP12File() + throws LoadTruststoreException, PasswordReaderException, TruststoreFileFactoryException, KeystoreInstanceException { + Truststore truststore = truststoreFileFactory .create(TRUSTSTORE_P12_PATH, TRUSTSTORE_P12_PASS_PATH); - assertThat(truststore).isInstanceOf(P12Truststore.class); - P12Truststore jksTruststore = (P12Truststore) truststore; - assertThat(jksTruststore.getPassword()).isEqualTo(TRUSTSTORE_P12_PASS); + assertThat(truststore).isInstanceOf(JavaTruststore.class); } @Test - void shouldReturnCorrectPemTruststoreForPemFile() throws TruststoreFileFactoryException, PasswordReaderException { - TruststoreFile truststore = truststoreFileFactory + void shouldReturnCorrectPemTruststoreForPemFile() + throws LoadTruststoreException, PasswordReaderException, TruststoreFileFactoryException, KeystoreInstanceException { + Truststore truststore = truststoreFileFactory .create(TRUSTSTORE_PEM_PATH, EMPTY_PASS_PATH); assertThat(truststore).isInstanceOf(PemTruststore.class); diff --git a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFilesListProviderTest.java b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFilesListProviderTest.java index 034e1b32..0dadcfef 100644 --- a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFilesListProviderTest.java +++ b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/TruststoreFilesListProviderTest.java @@ -22,15 +22,19 @@ package org.onap.oom.truststoremerger.certification.file.provider; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; -import org.onap.oom.truststoremerger.certification.file.JksTruststore; -import org.onap.oom.truststoremerger.certification.file.P12Truststore; -import org.onap.oom.truststoremerger.certification.file.PemTruststore; -import org.onap.oom.truststoremerger.certification.file.TruststoreFile; -import org.onap.oom.truststoremerger.certification.file.TruststoreFileWithPassword; +import org.onap.oom.truststoremerger.certification.file.TruststoreFileFactory; +import org.onap.oom.truststoremerger.certification.file.TruststoreFilesListProvider; +import org.onap.oom.truststoremerger.certification.file.model.JavaTruststore; +import org.onap.oom.truststoremerger.certification.file.model.PemTruststore; +import org.onap.oom.truststoremerger.certification.file.model.Truststore; +import org.onap.oom.truststoremerger.certification.file.exception.KeystoreInstanceException; +import org.onap.oom.truststoremerger.certification.file.exception.LoadTruststoreException; import java.io.File; import java.util.Arrays; import java.util.List; +import org.onap.oom.truststoremerger.certification.file.exception.PasswordReaderException; +import org.onap.oom.truststoremerger.certification.file.exception.TruststoreFileFactoryException; import static org.assertj.core.api.Assertions.assertThat; @@ -38,10 +42,8 @@ class TruststoreFilesListProviderTest { private static final String TRUSTSTORE_JKS_PATH = "src/test/resources/truststore-jks.jks"; private static final String TRUSTSTORE_JKS_PASS_PATH = "src/test/resources/truststore-jks.pass"; - private static final String TRUSTSTORE_JKS_PASS = "EOyuFbuYDyq_EhpboM72RHua"; private static final String TRUSTSTORE_P12_PATH = "src/test/resources/truststore-p12.p12"; private static final String TRUSTSTORE_P12_PASS_PATH = "src/test/resources/truststore-p12.pass"; - private static final String TRUSTSTORE_P12_PASS = "88y9v5D8H3SG6bZWRVHDfOAo"; private static final String TRUSTSTORE_PEM_PATH = "src/test/resources/truststore.pem"; private static final String EMPTY_PASS_PATH = ""; @@ -54,37 +56,32 @@ class TruststoreFilesListProviderTest { } @Test - void shouldReturnTruststoreFilesList() throws PasswordReaderException, TruststoreFileFactoryException { + void shouldReturnTruststoreFilesList() + throws TruststoreFileFactoryException, PasswordReaderException, LoadTruststoreException, KeystoreInstanceException { List truststorePaths = Arrays.asList(TRUSTSTORE_JKS_PATH, TRUSTSTORE_P12_PATH, TRUSTSTORE_PEM_PATH); List truststorePasswordPaths = Arrays.asList(TRUSTSTORE_JKS_PASS_PATH, TRUSTSTORE_P12_PASS_PATH, EMPTY_PASS_PATH); - List truststoreFilesList = truststoreFilesListProvider.getTruststoreFilesList(truststorePaths, truststorePasswordPaths); + List truststoreFilesList = truststoreFilesListProvider.getTruststoreFilesList(truststorePaths, truststorePasswordPaths); assertThat(truststoreFilesList.size()).isEqualTo(3); - assertCorrectJksTruststore(truststoreFilesList.get(0), TRUSTSTORE_JKS_PATH, TRUSTSTORE_JKS_PASS); - assertCorrectP12Truststore(truststoreFilesList.get(1), TRUSTSTORE_P12_PATH, TRUSTSTORE_P12_PASS); + assertCorrectJksTruststore(truststoreFilesList.get(0), TRUSTSTORE_JKS_PATH); + assertCorrectP12Truststore(truststoreFilesList.get(1), TRUSTSTORE_P12_PATH); assertCorrectPemTruststore(truststoreFilesList.get(2), TRUSTSTORE_PEM_PATH); } - private void assertCorrectJksTruststore(TruststoreFile truststoreFile, String truststorePath, String truststorePass) { - assertCorrectTypeAndTruststorePath(truststoreFile, truststorePath, JksTruststore.class); - assertContainsCorrectPassword(truststoreFile, truststorePass); + private void assertCorrectJksTruststore(Truststore truststore, String truststorePath) { + assertCorrectTypeAndTruststorePath(truststore, truststorePath, JavaTruststore.class); } - private void assertCorrectP12Truststore(TruststoreFile truststoreFile, String truststorePath, String truststorePass) { - assertCorrectTypeAndTruststorePath(truststoreFile, truststorePath, P12Truststore.class); - assertContainsCorrectPassword(truststoreFile, truststorePass); + private void assertCorrectP12Truststore(Truststore truststore, String truststorePath) { + assertCorrectTypeAndTruststorePath(truststore, truststorePath, JavaTruststore.class); } - private void assertCorrectPemTruststore(TruststoreFile truststoreFile, String truststorePath) { - assertCorrectTypeAndTruststorePath(truststoreFile, truststorePath, PemTruststore.class); + private void assertCorrectPemTruststore(Truststore truststore, String truststorePath) { + assertCorrectTypeAndTruststorePath(truststore, truststorePath, PemTruststore.class); } - private void assertCorrectTypeAndTruststorePath(TruststoreFile truststoreFile, String truststorePath, Class truststoreType) { - assertThat(truststoreFile).isInstanceOf(truststoreType); - assertThat(truststoreFile.getTruststoreFile()).isEqualTo(new File(truststorePath)); + private void assertCorrectTypeAndTruststorePath(Truststore truststore, String truststorePath, Class truststoreType) { + assertThat(truststore).isInstanceOf(truststoreType); + assertThat(truststore.getFile()).isEqualTo(new File(truststorePath)); } - private void assertContainsCorrectPassword(TruststoreFile truststoreFile, String truststorePass) { - TruststoreFileWithPassword truststoreFileWithPassword = (TruststoreFileWithPassword) truststoreFile; - assertThat(truststoreFileWithPassword.getPassword()).isEqualTo(truststorePass); - } } diff --git a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/entry/PemAliasGeneratorTest.java b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/entry/PemAliasGeneratorTest.java new file mode 100644 index 00000000..0897de29 --- /dev/null +++ b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/file/provider/entry/PemAliasGeneratorTest.java @@ -0,0 +1,58 @@ +/*============LICENSE_START======================================================= + * oom-truststore-merger + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.truststoremerger.certification.file.provider.entry; + +import static org.assertj.core.api.Assertions.assertThat; + +import java.util.HashSet; +import java.util.Set; +import org.junit.jupiter.api.Test; + +class PemAliasGeneratorTest { + + private final static String PREFIX_ALIAS_NAME = "pem-trusted-certificate-"; + static final int GENERATED_ALIASES_NUMBER = 100; + + @Test + void aliasHasPemPrefix() { + //given + PemAliasGenerator pemAliasGenerator = PemAliasGenerator.getInstance(); + //when + String alias = pemAliasGenerator.getAlias(); + //then + assertThat(alias.contains(PREFIX_ALIAS_NAME)).isTrue(); + } + + @Test + void generatedAliasesHaveUniqNames() { + //given + PemAliasGenerator pemAliasGenerator = PemAliasGenerator.getInstance(); + Set aliases = new HashSet<>(); + + //when + for (int i = 0; i < GENERATED_ALIASES_NUMBER; i++) { + aliases.add(pemAliasGenerator.getAlias()); + } + + //then + assertThat(aliases).hasSize(GENERATED_ALIASES_NUMBER); + } + +} diff --git a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/path/TruststoresPathsProviderTest.java b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/path/TruststoresPathsProviderTest.java index 945a1077..38422d5c 100644 --- a/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/path/TruststoresPathsProviderTest.java +++ b/trustStoreMerger/src/test/java/org/onap/oom/truststoremerger/certification/path/TruststoresPathsProviderTest.java @@ -30,8 +30,8 @@ import java.util.Optional; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.mockito.Mockito.when; -import static org.onap.oom.truststoremerger.api.ConfigurationEnvs.TRUSTSTORES_ENV; -import static org.onap.oom.truststoremerger.api.ConfigurationEnvs.TRUSTSTORES_PASSWORDS_ENV; +import static org.onap.oom.truststoremerger.api.ConfigurationEnvs.TRUSTSTORES_PATHS_ENV; +import static org.onap.oom.truststoremerger.api.ConfigurationEnvs.TRUSTSTORES_PASSWORDS_PATHS_ENV; @ExtendWith(MockitoExtension.class) @@ -94,11 +94,11 @@ class TruststoresPathsProviderTest { } private void mockTruststoresEnv(String truststores) { - mockEnv(truststores, TRUSTSTORES_ENV); + mockEnv(truststores, TRUSTSTORES_PATHS_ENV); } private void mockTruststoresPasswordsEnv(String truststoresPasswords) { - mockEnv(truststoresPasswords, TRUSTSTORES_PASSWORDS_ENV); + mockEnv(truststoresPasswords, TRUSTSTORES_PASSWORDS_PATHS_ENV); } private void mockEnv(String envValue, String envName) { diff --git a/trustStoreMerger/src/test/resources/empty-truststore.pem b/trustStoreMerger/src/test/resources/empty-truststore.pem new file mode 100644 index 00000000..8b137891 --- /dev/null +++ b/trustStoreMerger/src/test/resources/empty-truststore.pem @@ -0,0 +1 @@ + diff --git a/trustStoreMerger/src/test/resources/keystore.p12 b/trustStoreMerger/src/test/resources/keystore.p12 new file mode 100644 index 0000000000000000000000000000000000000000..bc047a987a768d9b1f4bc1a83fd467a23a40f243 GIT binary patch literal 2873 zcmY+EbyyRM8pgLVaHNbFEgcdvMkqNzB$N;tQe%{)q@;wv=nz5rs5p8w4g@3xB!(gg zBF!O&;7AFPzMT8qd(LzIc%Sck-uL~!KYws6tvm=w0mss8Qc;V?>c$?>11|w_Seie< zSeoezdmN6X^!-;v`2dWiw7sy=7c!@!{ofTG4G@IGf{)=?@B#cP70v(ci|1Tm7TM=Y zR(Cp15Koc=pai&aTvlS+E{FoqeHV-c_m68_<;z6MKqUJ~k9^)45q^XS0EI(e)2(8E z8%)SqIA0kpB0dc?iVDaVC5F))I9RxRwaEeL7aUuo_cPEraL#4exAnnd)S)s;_w(Q{ zYJyGtO?Zc>6ElX{8paIBS|zCzRcJUt{I>RulC9i#I^p@t0j2pC-E`WkwNI6si&>Sn zNRu}Qc%mM5Ds&u_iM@3DE}yhsxW40fG;%EBmTuv=Ey!yo)EKuM*U-YDP8SfgrAf$t zvgX@kZreL15iis}AD6^g%uC|kVg7{-MCq46-rjJ>t5ZbgyW8;xMgOUothpeV2m>Ar;9xWb<;4atmo7@Xs$BNXwy; zd(@_hid_5#4??Yt5DtYc+qSGTluiA%<2#9Vg_8$%z7#?;&YXR&lJ_{j(blz*&2RFr z?cGwM=`CBSsaJ)^b!#+zeqgr}Seo4$oSr`^_^!Vhs(Kv=!S7E|TsB0B7-4P#She^UN@tgPEzE|XxB(a7xp^m0Pp{WzD=K7Ffb@aqikeaEBfL-dHS~T0F%6vbG1f+!9^RzRC+$gB}lPDDN;bw)qT=| zK}oIb6?~^U_Yu3578pv*Tcq4rsoz6J&zbZ;ZRD60p|*f>t9;KP<%ZUbYbHcD-Lh+^ zHU6M`)ANpf=?NK{K0X4tR)c?CctW~MD)h@v1*4E%{xvR+S+|c7`0T1LT?*Nc9Qn+@ zlx-vjIizRLHi!F{-&l_Hm?zvYDDKr(O+EYeIibF?w;L^I`3aLT%sh{1nVHOBtqZAK zey5!}$~?7dR2ItjVrSY`4}-x(Fs4*@sIc=(TA7`L^I2PmoxCcK-A-P=_sTfb5=~Xt zps?Plgl(uTb}UBb7RI~#{!t!1t`37N9_q&juR`JvAA20rrQF#joEM|_mlsT9$`cfL zc;~5Riz?_3K6CUlg;joJR7JG7AJpcMIm%|KB4z2(Af#uod6AR(j1+Qx{jvp8zTBhw z(&B2`5LH9k9q?p?J&N0l$7xW{G2)qNR9)NZCCspvFS=wVJh%19&xB=l+0F+quZ>wBN%eq1H^8Oi@% z-6eLkGg^7rQg5RaorRu;rm>Jl%EF!Mo7^e)kddZj5{-b5AhmRx zoOf*qz!oZ2k@Jt@mtjo{TTcQ+4BwS)r?pv|xU`vVd2g}DiU>B?YiGwT#h(h8?{S5Z zqI-0FU#S8*i{Dl;3;R&VIZMvpHppdtukgDI)Y37%rjj(^njYyu4Jb;Gt z7^$asOA=XpvMUxoC_wfL85FO2D+_zzwjEY_O}QtK{xtQ5-Hl$%qq+0=$SdTi6vObZ z&gb01_7k}=v(B4DOWcMJ-WE+3t5c_ktY{;T&6mX8SISs24XA?#_`)~5Q8;3jHOA#uA&8Uv*|;CfNP?+L)-KJ0&XZ^`D%V zYzR5GQd&U@nv;=L=R!+K(QhSY7Ifd`((0q)*Y3BZi|0mJ$_-3)Jpsk=aommT48~ql zsino1>Io{zwho!T8hF8{N4Bq8Uw!OXpA$ea4Z-CSaM_AEuAIp_57kqxH~KudLa&Eg zR`YuBey-lW3tRhMlvzB%1G&n^uq_jsGom^Fa*vMzl#{Xb{sWA4Lc`c?zJN>231#^z z0QmdR(V}r8+<(2DAl~ir#}jvy8`Y|EiR)>h=zQOUiHBK?Y0^zoiDQwhweXFw!A};g z$Ii(;CZL9(X#LNZm?u<}V*b!p6}~TYUnY$ktvO!;m=A2NqTjyMmsht-VG&+fE2n!q z-VIr|2Kw3*iIm}w_l0(l*s29#X$*`s9qq8xJ5f4ozGY>{_Mu%n5w~B@siS7k!XbVG z!d2Hj$?yo6^q`jyz|d{X5dye5cyW(&+C3~CL2kcQjvZ?@&{z=hpqYj%!DT2E6C2# z+>}$s_pk>n{a(1%!Znt~j`Sa{Mx3KNh`GX2QpD(r9**`&?J7YWF;Iu!>crD!#$j(_feqO2D@Q{2HxVLLzwZeL zdu;$c;v?iKWvBzx9p%zg4;}I7?7Sb6r6yW)Diout-Kx=R^b=>RW(ytG_Ch(290sd@ zs#=UYSgIcM(xeWg$$gI6RRrf?=BJ88O4+JswYbHJi?|3)uf*?|NPCUZr|v*n=&&XOK$h+o1=xJIjbRorTXz05DwL57|WrAut?CO5{Q zK}$!BMQS4|)?`|YjV67iO6}pfz1(PH@2)CbG-KlxEW)ADRRX}jo7_wn^&<^*7^!pgY(0wsVF5F zC_tQ)05Hq!`_PQISXCx{9~QEWL4NC5`&2!c<=Q|zeGEH|r@j%2|g*0q$AKd7p5|Dgukk?yVB* zu+6x8^`$VE0Kyo8j}>Gr`TTu~AxDtW(Ae!s!KpMcX-Q59-igWL@HvucI^0Hxt@iYCtFUBOnYKj|?a)!zO+g<-^Z?#u`$8y9-j z>XiTBk;KcGBH}W6B(LQ|$4(BOlX^M&loGL)+_I8B@V0)gO=+)SKpZ7KXg zs-L1?xGF|n{%HU457v1?V12iWO4WM)d^cmk40Cgy;A!v*{h6Ll@;4g?XIf zN8nMc`Mm?DrGpP{&=utuG%<(5iFxF7NbAyv@I~2~JkOT13{>0ARQO6V{<3_$eb2~p z(fP)qQmnx4B=t`teSk{#4W7RZI%%SHf$bM6Yy%cW=v#01#KW;%UvZSX`MFMpx4lW~ ztpv?fYwE(UcC<;A9?OxMnT!6C%o~JdQO*=1wF#h;nC)>4a&aG4gG`=V z$7+Z@Q`~yn>ivY_kmyGZ6dG2^k#U0y8i87Os0t@Y2^`KK;K-_<;P}p|GBygoXCdk+ zM3vUs!u+DKFz3hw-_?Iip@l^=pAnQcgr?s|nUvIa&;MKi?G?V9mI4wxnbB7y`YlhdmNE-cH;-YRtqx1PTT~rwzWAwqtjmJ#Tx;B-F>r@(sa>n z9DoCS5&UR-?-2>UG$k3|_QmlvWE=g1h*);7G6pyhxMPaWtH=FmDS}KjN^rNHaX8rH zwSqM{Y3s6X3Yu&{rZT`kY^Ys6QD9?NGoE z*lY?#v@ff6HjjkOP;&NJ9^1xiaCX* zw@JENIy{1|>GA-TkFYF z3C+;A#qo)XNCBT_xkOt3{!t$^pqMLangPTCwo$^8W!3GPfiP4CG|7ptsUWKb8eO&s9o`4CcTNhFjSnmh4NdW_=2{Kl`=tN%EEX8ZxqU-B&HV=KfzbQ+%14dWfh znZq#d_r-6CZ_cAE&I`x!RTqFFSzhQ4AlN3($WIbS4y&#EalP|jH&J!i(!1_E``}^s z*%{CQJ{Im6Qi9+3$b-RSlJFREpZ$k2TmnePS_EVLW8iHX&5W>*nbwzz*K`P%u6)AutIB1uG5%0vZJX1Qa&`Cf-zxtY1->D3W#?nX&11 gD%AuO%F(