4 Fail in CSR generation
5 CertService HTTP unsuccessful response
6 Internal HTTP Client connection problem
-7 Fail in PKCS12 conversion
+7 Fail in PEM conversion
8 Fail in Private Key to PEM Encoding
9 Wrong TLS configuration
10 File could not be created
CSR_GENERATION_EXCEPTION(4,"Fail in CSR generation"),
CERT_SERVICE_API_CONNECTION_EXCEPTION(5,"CertService HTTP unsuccessful response"),
HTTP_CLIENT_EXCEPTION(6,"Internal HTTP Client connection problem"),
- PKCS12_CONVERSION_EXCEPTION(7,"Fail in PKCS12 conversion"),
+ PEM_CONVERSION_EXCEPTION(7,"Fail in PEM conversion"),
PK_TO_PEM_ENCODING_EXCEPTION(8,"Fail in Private Key to PEM Encoding"),
TLS_CONFIGURATION_EXCEPTION(9, "Invalid TLS configuration"),
FILE_CREATION_EXCEPTION(10, "File could not be created");
import org.onap.aaf.certservice.client.certification.writer.CertFileWriter;
public enum ArtifactsCreatorProvider {
- P12 {
+ P12("PKCS12") {
@Override
ArtifactsCreator create(String destPath) {
- return new PKCS12ArtifactsCreator(
- new CertFileWriter(destPath),
- new RandomPasswordGenerator(),
- new PemToPKCS12Converter());
+ return ConvertedArtifactsCreatorFactory.createConverter(destPath, getExtension(), getKeyStoreType());
}
},
- JKS {
+ JKS("JKS") {
@Override
ArtifactsCreator create(String destPath) {
- return null;
+ return ConvertedArtifactsCreatorFactory.createConverter(destPath, getExtension(), getKeyStoreType());
}
},
- PEM {
+ PEM("PEM"){
@Override
ArtifactsCreator create(String destPath) {
- return new PemArtifactsCreator(
- new CertFileWriter(destPath),
- new PrivateKeyToPemEncoder());
+ return new PemArtifactsCreator(new CertFileWriter(destPath), new PrivateKeyToPemEncoder());
}
};
+ private final String keyStoreType;
+ ArtifactsCreatorProvider(String keyStoreType) {
+ this.keyStoreType = keyStoreType;
+ }
public static ArtifactsCreator getCreator(String outputType, String destPath) {
return valueOf(outputType).create(destPath);
}
+ String getKeyStoreType() {
+ return keyStoreType;
+ }
+
+ String getExtension() {
+ return this.toString().toLowerCase();
+ }
+
abstract ArtifactsCreator create(String destPath);
}
import java.security.PrivateKey;
import java.util.List;
import org.onap.aaf.certservice.client.certification.exception.CertFileWriterException;
-import org.onap.aaf.certservice.client.certification.exception.PemToPKCS12ConverterException;
+import org.onap.aaf.certservice.client.certification.exception.PemConversionException;
import org.onap.aaf.certservice.client.certification.writer.CertFileWriter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-public class PKCS12ArtifactsCreator implements ArtifactsCreator {
+public class ConvertedArtifactsCreator implements ArtifactsCreator {
- private static final Logger LOGGER = LoggerFactory.getLogger(PKCS12ArtifactsCreator.class);
+ private static final Logger LOGGER = LoggerFactory.getLogger(ConvertedArtifactsCreator.class);
private static final String CERTIFICATE_ALIAS = "certificate";
private static final String TRUSTED_CERTIFICATE_ALIAS = "trusted-certificate-";
private static final int PASSWORD_LENGTH = 24;
- private static final String KEYSTORE_P12 = "keystore.p12";
- private static final String KEYSTORE_PASS = "keystore.pass";
- private static final String TRUSTSTORE_P12 = "truststore.p12";
- private static final String TRUSTSTORE_PASS = "truststore.pass";
- private final RandomPasswordGenerator generator;
- private final PemToPKCS12Converter converter;
- private final CertFileWriter writer;
+ private static final String PASS_EXT = "pass";
+ private static final String KEYSTORE = "keystore";
+ private static final String TRUSTSTORE = "truststore";
- public PKCS12ArtifactsCreator(CertFileWriter writer, RandomPasswordGenerator generator,
- PemToPKCS12Converter converter) {
- this.generator = generator;
+ private final String fileExtension;
+ private final RandomPasswordGenerator passwordGenerator;
+ private final PemConverter converter;
+ private final CertFileWriter fileWriter;
+
+ public ConvertedArtifactsCreator(CertFileWriter fileWriter, RandomPasswordGenerator passwordGenerator,
+ PemConverter converter, String fileExtension) {
+ this.passwordGenerator = passwordGenerator;
this.converter = converter;
- this.writer = writer;
+ this.fileWriter = fileWriter;
+ this.fileExtension = fileExtension;
}
@Override
public void create(List<String> keystoreData, List<String> truststoreData, PrivateKey privateKey)
- throws PemToPKCS12ConverterException, CertFileWriterException {
+ throws PemConversionException, CertFileWriterException {
createKeystore(keystoreData,privateKey);
createTruststore(truststoreData);
}
private void createKeystore(List<String> data, PrivateKey privateKey)
- throws PemToPKCS12ConverterException, CertFileWriterException {
- Password password = generator.generate(PASSWORD_LENGTH);
+ throws PemConversionException, CertFileWriterException {
+ Password password = passwordGenerator.generate(PASSWORD_LENGTH);
+ String keystoreArtifactName = String.format("%s.%s", KEYSTORE, fileExtension);
+ String keystorePass = String.format("%s.%s", KEYSTORE, PASS_EXT);
- LOGGER.debug("Attempt to create PKCS12 keystore files and saving data. File names: {}, {}", KEYSTORE_P12, KEYSTORE_PASS);
+ LOGGER.debug("Attempt to create keystore files and saving data. File names: {}, {}", keystoreArtifactName, keystorePass);
- writer.saveData(converter.convertKeystore(data, password, CERTIFICATE_ALIAS, privateKey), KEYSTORE_P12);
- writer.saveData(getPasswordAsBytes(password), KEYSTORE_PASS);
+ fileWriter.saveData(converter.convertKeystore(data, password, CERTIFICATE_ALIAS, privateKey), keystoreArtifactName);
+ fileWriter.saveData(getPasswordAsBytes(password), keystorePass);
}
private void createTruststore(List<String> data)
- throws PemToPKCS12ConverterException, CertFileWriterException {
- Password password = generator.generate(PASSWORD_LENGTH);
+ throws PemConversionException, CertFileWriterException {
+ Password password = passwordGenerator.generate(PASSWORD_LENGTH);
+ String truststoreArtifactName = String.format("%s.%s", TRUSTSTORE, fileExtension);
+ String truststorePass = String.format("%s.%s", TRUSTSTORE, PASS_EXT);
- LOGGER.debug("Attempt to create PKCS12 truststore files and saving data. File names: {}, {}", TRUSTSTORE_P12, TRUSTSTORE_PASS);
+ LOGGER.debug("Attempt to create truststore files and saving data. File names: {}, {}", truststoreArtifactName, truststorePass);
- writer.saveData(converter.convertTruststore(data, password, TRUSTED_CERTIFICATE_ALIAS), TRUSTSTORE_P12);
- writer.saveData(getPasswordAsBytes(password), TRUSTSTORE_PASS);
+ fileWriter.saveData(converter.convertTruststore(data, password, TRUSTED_CERTIFICATE_ALIAS), truststoreArtifactName);
+ fileWriter.saveData(getPasswordAsBytes(password), truststorePass);
}
private byte[] getPasswordAsBytes(Password password) {
--- /dev/null
+/*============LICENSE_START=======================================================
+ * aaf-certservice-client
+ * ================================================================================
+ * Copyright (C) 2020 Nokia. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.aaf.certservice.client.certification.conversion;
+
+import org.onap.aaf.certservice.client.certification.writer.CertFileWriter;
+
+public class ConvertedArtifactsCreatorFactory {
+
+ private ConvertedArtifactsCreatorFactory() { }
+
+ public static ConvertedArtifactsCreator createConverter(String destPath, String fileExtension, String keyStoreType) {
+ return new ConvertedArtifactsCreator(
+ new CertFileWriter(destPath),
+ new RandomPasswordGenerator(),
+ new PemConverter(keyStoreType),
+ fileExtension);
+ }
+
+}
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMParser;
-import org.onap.aaf.certservice.client.certification.exception.PemToPKCS12ConverterException;
+import org.onap.aaf.certservice.client.certification.exception.PemConversionException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-class PemToPKCS12Converter {
+class PemConverter {
- private static final Logger LOGGER = LoggerFactory.getLogger(PemToPKCS12Converter.class);
- private static final String PKCS12 = "PKCS12";
+ private static final Logger LOGGER = LoggerFactory.getLogger(PemConverter.class);
private static final String PASSWORD_ERROR_MSG = "Password should be min. 16 chars long and should contain only alphanumeric characters and special characters like Underscore (_), Dollar ($) and Pound (#)";
private final LoadStoreParameter EMPTY_KEYSTORE_CONFIGURATION = null;
+ private final String keyStoreType;
+
+ public PemConverter(String keyStoreType) {
+ this.keyStoreType = keyStoreType;
+ }
byte[] convertKeystore(List<String> certificateChain, Password password, String alias, PrivateKey privateKey)
- throws PemToPKCS12ConverterException {
- LOGGER.info("Conversion of PEM certificates to PKCS12 keystore");
+ throws PemConversionException {
+ LOGGER.info("Conversion of PEM certificates to " + keyStoreType + " keystore");
return convert(certificateChain, password, certs -> getKeyStore(alias, password, certs, privateKey));
}
byte[] convertTruststore(List<String> trustAnchors, Password password, String alias)
- throws PemToPKCS12ConverterException {
- LOGGER.info("Conversion of PEM certificates to PKCS12 truststore");
+ throws PemConversionException {
+ LOGGER.info("Conversion of PEM certificates to " + keyStoreType + " truststore");
return convert(trustAnchors, password, certs -> getTrustStore(alias, certs));
}
private byte[] convert(List<String> certificates, Password password, StoreEntryOperation operation)
- throws PemToPKCS12ConverterException {
+ throws PemConversionException {
checkPassword(password);
final Certificate[] X509Certificates = convertToCertificateArray(certificates);
return getKeyStoreBytes(password, operation, X509Certificates);
}
- private void checkPassword(Password password) throws PemToPKCS12ConverterException {
+ private void checkPassword(Password password) throws PemConversionException {
if (!password.isCorrectPasswordPattern()) {
LOGGER.error(PASSWORD_ERROR_MSG);
- throw new PemToPKCS12ConverterException(PASSWORD_ERROR_MSG);
+ throw new PemConversionException(PASSWORD_ERROR_MSG);
}
}
private byte[] getKeyStoreBytes(Password password, StoreEntryOperation op, Certificate[] x509Certificates)
- throws PemToPKCS12ConverterException {
+ throws PemConversionException {
try (ByteArrayOutputStream bos = new ByteArrayOutputStream()) {
KeyStore ks = op.getStore(x509Certificates);
ks.store(bos, password.toCharArray());
return bos.toByteArray();
} catch (IOException | CertificateException | NoSuchAlgorithmException | KeyStoreException e) {
- LOGGER.error("Pem to PKCS12 converter failed, exception message: {}", e.getMessage());
- throw new PemToPKCS12ConverterException(e);
+ LOGGER.error("Pem to " + keyStoreType + " converter failed, exception message: {}", e.getMessage());
+ throw new PemConversionException(e);
}
}
private KeyStore getKeyStoreInstance()
throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
- KeyStore ks = KeyStore.getInstance(PKCS12);
+ KeyStore ks = KeyStore.getInstance(keyStoreType);
ks.load(EMPTY_KEYSTORE_CONFIGURATION);
return ks;
}
private Certificate[] convertToCertificateArray(List<String> certificates)
- throws PemToPKCS12ConverterException {
+ throws PemConversionException {
Certificate[] parsedCertificates = new Certificate[certificates.size()];
for (String certificate : certificates) {
parsedCertificates[certificates.indexOf(certificate)] = parseCertificate(certificate);
return parsedCertificates;
}
- private Certificate parseCertificate(String certificate) throws PemToPKCS12ConverterException {
+ private Certificate parseCertificate(String certificate) throws PemConversionException {
try (PEMParser pem = new PEMParser(new StringReader(certificate))) {
X509CertificateHolder certHolder = Optional.ofNullable((X509CertificateHolder) pem.readObject())
.orElseThrow(
- () -> new PemToPKCS12ConverterException("The certificate couldn't be parsed correctly. " + certificate));
+ () -> new PemConversionException("The certificate couldn't be parsed correctly. " + certificate));
return new JcaX509CertificateConverter()
.setProvider(new BouncyCastleProvider())
.getCertificate(certHolder);
} catch (IOException | CertificateException e) {
LOGGER.error("Certificates conversion failed, exception message: {}", e.getMessage());
- throw new PemToPKCS12ConverterException(e);
+ throw new PemConversionException(e);
}
}
}
import org.onap.aaf.certservice.client.api.ExitStatus;
import org.onap.aaf.certservice.client.api.ExitableException;
-public class PemToPKCS12ConverterException extends ExitableException {
- private static final ExitStatus EXIT_STATUS = ExitStatus.PKCS12_CONVERSION_EXCEPTION;
+public class PemConversionException extends ExitableException {
+ private static final ExitStatus EXIT_STATUS = ExitStatus.PEM_CONVERSION_EXCEPTION;
- public PemToPKCS12ConverterException(Throwable e) {
+ public PemConversionException(Throwable e) {
super(e);
}
- public PemToPKCS12ConverterException(String message) {
+ public PemConversionException(String message) {
super(message);
}
package org.onap.aaf.certservice.client.certification.conversion;
import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.CsvSource;
+import org.junit.jupiter.params.provider.ValueSource;
import static org.assertj.core.api.Assertions.assertThat;
class ArtifactsCreatorProviderTest {
private static final String P12 = "P12";
+ private static final String JKS = "JKS";
private static final String PEM = "PEM";
private static final String TEST_PATH = "testPath";
- @Test
- void artifactsProviderShouldReturnP12Creator(){
+ @ParameterizedTest
+ @ValueSource(strings = {JKS, P12})
+ void artifactsProviderShouldReturnConvertedCreator(String outputType){
// when
ArtifactsCreator artifactsCreator =
- ArtifactsCreatorProvider.getCreator(P12, TEST_PATH);
+ ArtifactsCreatorProvider.getCreator(outputType, TEST_PATH);
// then
- assertThat(artifactsCreator).isInstanceOf(PKCS12ArtifactsCreator.class);
+ assertThat(artifactsCreator).isInstanceOf(ConvertedArtifactsCreator.class);
}
@Test
// then
assertThat(artifactsCreator).isInstanceOf(PemArtifactsCreator.class);
}
+
+ @ParameterizedTest
+ @CsvSource({
+ "JKS, jks",
+ "P12, p12"})
+ void getExtensionShouldProvideExtensionBasedOnArtifactType(String artifactType, String expectedExtension){
+
+ //when
+ String actualExtension = ArtifactsCreatorProvider.valueOf(artifactType).getExtension();
+ //then
+ assertThat(actualExtension).isEqualTo(expectedExtension);
+ }
+
}
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.onap.aaf.certservice.client.certification.exception.CertFileWriterException;
-import org.onap.aaf.certservice.client.certification.exception.PemToPKCS12ConverterException;
+import org.onap.aaf.certservice.client.certification.exception.PemConversionException;
import org.onap.aaf.certservice.client.certification.writer.CertFileWriter;
-class PKCS12ArtifactsCreatorTest {
+class ConvertedArtifactsCreatorTest {
private static final int PASSWORD_LENGTH = 24;
private static final String CERTIFICATE_ALIAS = "certificate";
private static final List<String> SAMPLE_TRUSTED_CERTIFICATE_CHAIN = List.of("c", "d");
private static final byte[] SAMPLE_KEYSTORE_BYTES = "this is a keystore test".getBytes();
private static final byte[] SAMPLE_TRUSTSTORE_BYTES = "this is a truststore test".getBytes();
+ private static final String P12_EXTENSION= "p12";
private CertFileWriter certFileWriter;
private RandomPasswordGenerator passwordGenerator;
- private PemToPKCS12Converter converter;
+ private PemConverter converter;
private PrivateKey privateKey;
- private PKCS12ArtifactsCreator artifactCreator;
+ private ConvertedArtifactsCreator artifactsCreator;
@BeforeEach
void setUp() {
certFileWriter = mock(CertFileWriter.class);
passwordGenerator = mock(RandomPasswordGenerator.class);
- converter = mock(PemToPKCS12Converter.class);
+ converter = mock(PemConverter.class);
privateKey = mock(PrivateKey.class);
- artifactCreator = new PKCS12ArtifactsCreator(certFileWriter, passwordGenerator, converter);
+ artifactsCreator = new ConvertedArtifactsCreator(certFileWriter, passwordGenerator, converter, P12_EXTENSION);
}
@Test
- void artifactsCreatorShouldCauseCallOfConvertAndDataSaveMethods()
- throws PemToPKCS12ConverterException, CertFileWriterException {
+ void convertedArtifactCreatorShouldTryCreateFileWithGivenExtension()
+ throws CertFileWriterException, PemConversionException {
+ //given
+ mockPasswordGeneratorAndPemConverter();
+ final String keystore = "keystore";
+ final String testExtension = "testExt";
+ final String keystoreFileName = String.format("%s.%s", keystore, testExtension);
+ artifactsCreator = new ConvertedArtifactsCreator(certFileWriter, passwordGenerator, converter, testExtension);
+
+ //when
+ artifactsCreator.create(SAMPLE_KEYSTORE_CERTIFICATE_CHAIN, SAMPLE_TRUSTED_CERTIFICATE_CHAIN, privateKey);
+
+ //then
+ verify(certFileWriter, times(1))
+ .saveData(SAMPLE_KEYSTORE_BYTES, keystoreFileName);
+ }
+
+ @Test
+ void convertedArtifactsCreatorShouldCallConverterAndFilesCreatorMethods()
+ throws PemConversionException, CertFileWriterException {
// given
- mockPasswordGeneratorAndPKSC12Converter();
+ mockPasswordGeneratorAndPemConverter();
final String keystoreP12 = "keystore.p12";
final String keystorePass = "keystore.pass";
//when
- artifactCreator.create(SAMPLE_KEYSTORE_CERTIFICATE_CHAIN, SAMPLE_TRUSTED_CERTIFICATE_CHAIN, privateKey);
+ artifactsCreator.create(SAMPLE_KEYSTORE_CERTIFICATE_CHAIN, SAMPLE_TRUSTED_CERTIFICATE_CHAIN, privateKey);
// then
verify(converter, times(1))
}
@Test
- void artifactsCreatorShouldCallPasswordGeneratorTwice()
- throws PemToPKCS12ConverterException, CertFileWriterException {
+ void convertedArtifactsCreatorShouldCallPasswordGeneratorTwice()
+ throws PemConversionException, CertFileWriterException {
// given
- mockPasswordGeneratorAndPKSC12Converter();
+ mockPasswordGeneratorAndPemConverter();
//when
- artifactCreator.create(SAMPLE_KEYSTORE_CERTIFICATE_CHAIN, SAMPLE_TRUSTED_CERTIFICATE_CHAIN, privateKey);
+ artifactsCreator.create(SAMPLE_KEYSTORE_CERTIFICATE_CHAIN, SAMPLE_TRUSTED_CERTIFICATE_CHAIN, privateKey);
// then
verify(passwordGenerator, times(2)).generate(PASSWORD_LENGTH);
}
- private void mockPasswordGeneratorAndPKSC12Converter() throws PemToPKCS12ConverterException {
+ private void mockPasswordGeneratorAndPemConverter() throws PemConversionException {
when(passwordGenerator.generate(PASSWORD_LENGTH)).thenReturn(SAMPLE_PASSWORD);
when(converter.convertKeystore(SAMPLE_KEYSTORE_CERTIFICATE_CHAIN, SAMPLE_PASSWORD, CERTIFICATE_ALIAS, privateKey))
.thenReturn(SAMPLE_KEYSTORE_BYTES);
import java.util.List;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.ValueSource;
import org.onap.aaf.certservice.client.certification.EncryptionAlgorithmConstants;
-import org.onap.aaf.certservice.client.certification.exception.PemToPKCS12ConverterException;
+import org.onap.aaf.certservice.client.certification.exception.PemConversionException;
-class PemToPKCS12ConverterTest {
+class PemConverterTest {
private static final String RESOURCES_PATH = "src/test/resources";
private static final String CERT1_PATH = RESOURCES_PATH + "/cert1.pem";
private static final String EXPECTED_TRUSTSTORE_PATH = RESOURCES_PATH + "/expectedTruststore.jks";
private static final String PKCS12 = "PKCS12";
private static final String PKCS8 = "PKCS#8";
+ private static final String JKS = "JKS";
private static final String KEY_ERROR_MSG = "java.security.KeyStoreException: Key protection algorithm not found: java.lang.NullPointerException";
private static final String CERTIFICATES_ERROR_MSG = "The certificate couldn't be parsed correctly. certificate1";
private static final String PASSWORD_ERROR_MSG = "Password should be min. 16 chars long and should contain only alphanumeric characters and special characters like Underscore (_), Dollar ($) and Pound (#)";
key = Files.readAllBytes(Path.of(KEY_PATH));
}
- @Test
- void convertKeystoreShouldReturnKeystoreWithGivenPrivateKeyAndCertificateChain()
- throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, PemToPKCS12ConverterException {
+ @ParameterizedTest
+ @ValueSource(strings = {PKCS12, JKS})
+ void convertKeystoreShouldReturnKeystoreWithGivenPrivateKeyAndCertificateChain(String conversionTarget)
+ throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, PemConversionException {
// given
final String alias = "keystore-entry";
final Password password = new Password("d9D_u8LooYaXH4G48DtN#vw0");
final List<String> certificateChain = getCertificates();
- final PemToPKCS12Converter converter = new PemToPKCS12Converter();
- final KeyStore expectedKeyStore = KeyStore.getInstance(PKCS12);
+ final PemConverter converter = new PemConverter(conversionTarget);
+ final KeyStore expectedKeyStore = KeyStore.getInstance(conversionTarget);
expectedKeyStore.load(new ByteArrayInputStream(Files.readAllBytes(Path.of(EXPECTED_KEYSTORE_PATH))),
password.toCharArray());
final Certificate[] expectedChain = expectedKeyStore.getCertificateChain(alias);
final byte[] result = converter.convertKeystore(certificateChain, password, alias, privateKey);
// then
- final KeyStore actualKeyStore = KeyStore.getInstance(PKCS12);
+ final KeyStore actualKeyStore = KeyStore.getInstance(conversionTarget);
actualKeyStore.load(new ByteArrayInputStream(result), password.toCharArray());
final Certificate[] actualChain = actualKeyStore.getCertificateChain(alias);
assertArrayEquals(expectedChain, actualChain);
}
- @Test
- void convertKeystoreShouldThrowPemToPKCS12ConverterExceptionBecauseOfWrongPassword() throws IOException {
+ @ParameterizedTest
+ @ValueSource(strings = {PKCS12, JKS})
+ void convertKeystoreShouldThrowPemConverterExceptionBecauseOfWrongPassword(String conversionTarget) throws IOException {
// given
final String alias = "keystore-entry";
final Password password = new Password("apple");
final List<String> certificateChain = getCertificates();
- final PemToPKCS12Converter converter = new PemToPKCS12Converter();
+ final PemConverter converter = new PemConverter(conversionTarget);
privateKeyMockSetup();
// when
- Exception exception = assertThrows(PemToPKCS12ConverterException.class, () ->
+ Exception exception = assertThrows(PemConversionException.class, () ->
converter.convertKeystore(certificateChain, password, alias, privateKey)
);
assertEquals(PASSWORD_ERROR_MSG, exception.getMessage());
}
- @Test
- void convertTruststoreShouldReturnTruststoreWithGivenCertificatesArray()
- throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, PemToPKCS12ConverterException {
+ @ParameterizedTest
+ @ValueSource(strings = {PKCS12, JKS})
+ void convertTruststoreShouldReturnTruststoreWithGivenCertificatesArray(String conversionTarget)
+ throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, PemConversionException {
// given
- final PemToPKCS12Converter converter = new PemToPKCS12Converter();
+ final PemConverter converter = new PemConverter(conversionTarget);
final String alias = "trusted-certificate-";
final String alias1 = alias + 1;
final String alias2 = alias + 2;
final Password password = new Password("9z6oFx1epRSCuBWU4Er8i_0y");
final List<String> trustedCertificates = getCertificates();
- final KeyStore expectedTrustStore = KeyStore.getInstance(PKCS12);
+ final KeyStore expectedTrustStore = KeyStore.getInstance(conversionTarget);
expectedTrustStore.load(new ByteArrayInputStream(Files.readAllBytes(Path.of(EXPECTED_TRUSTSTORE_PATH))),
password.toCharArray());
final byte[] result = converter.convertTruststore(trustedCertificates, password, alias);
// then
- final KeyStore actualKeyStore = KeyStore.getInstance(PKCS12);
+ final KeyStore actualKeyStore = KeyStore.getInstance(conversionTarget);
actualKeyStore.load(new ByteArrayInputStream(result), password.toCharArray());
assertTrue(actualKeyStore.containsAlias(alias1));
assertEquals(expectedTrustStore.getCertificate(alias2), actualKeyStore.getCertificate(alias2));
}
- @Test
- void convertTruststoreShouldThrowPemToPKCS12ConverterExceptionBecauseOfWrongPassword() throws IOException {
+ @ParameterizedTest
+ @ValueSource(strings = {PKCS12, JKS})
+ void convertTruststoreShouldThrowPemConverterExceptionBecauseOfWrongPassword(String conversionTarget) throws IOException {
// given
final String alias = "trusted-certificate-";
final Password password = new Password("nokia");
final List<String> trustedCertificates = getCertificates();
- final PemToPKCS12Converter converter = new PemToPKCS12Converter();
+ final PemConverter converter = new PemConverter(conversionTarget);
// when then
assertThatThrownBy(() ->
converter.convertTruststore(trustedCertificates, password, alias))
- .isInstanceOf(PemToPKCS12ConverterException.class).hasMessage(PASSWORD_ERROR_MSG);
+ .isInstanceOf(PemConversionException.class).hasMessage(PASSWORD_ERROR_MSG);
}
@Test
- void convertKeystoreShouldThrowPemToPKCS12ConverterExceptionBecauseOfWrongPrivateKey() throws IOException {
+ void convertKeystoreShouldThrowPemConverterExceptionBecauseOfWrongPrivateKey() throws IOException {
// given
final String alias = "keystore-entry";
final Password password = new Password("d9D_u8LooYaXH4G48DtN#vw0");
final List<String> certificateChain = getCertificates();
- final PemToPKCS12Converter converter = new PemToPKCS12Converter();
+ final PemConverter converter = new PemConverter(PKCS12);
// when then
assertThatThrownBy(() -> converter.convertKeystore(certificateChain, password, alias, privateKey))
- .isInstanceOf(PemToPKCS12ConverterException.class).hasMessage(KEY_ERROR_MSG);
+ .isInstanceOf(PemConversionException.class).hasMessage(KEY_ERROR_MSG);
}
- @Test
- void convertKeystoreShouldThrowPemToPKCS12ConverterExceptionBecauseOfWrongCertificates() {
+ @ParameterizedTest
+ @ValueSource(strings = {PKCS12, JKS})
+ void convertKeystoreShouldThrowPemConverterExceptionBecauseOfWrongCertificates(String conversionTarget) {
// given
final String alias = "keystore-entry";
final Password password = new Password("d9D_u8LooYaXH4G48DtN#vw0");
final List<String> certificateChain = List.of("certificate1", "certificate2");
- final PemToPKCS12Converter converter = new PemToPKCS12Converter();
+ final PemConverter converter = new PemConverter(conversionTarget);
privateKeyMockSetup();
// when then
assertThatThrownBy(() -> converter.convertKeystore(certificateChain, password, alias, privateKey))
- .isInstanceOf(PemToPKCS12ConverterException.class).hasMessage(CERTIFICATES_ERROR_MSG);
+ .isInstanceOf(PemConversionException.class).hasMessage(CERTIFICATES_ERROR_MSG);
}
private void privateKeyMockSetup() {
Path.of(CERT2_PATH), StandardCharsets.UTF_8)
);
}
-}
\ No newline at end of file
+}
Code Review / oom / platform / cert-service.git / commitdiff