<parent>
<groupId>org.onap.oom.platform.cert-service</groupId>
<artifactId>oom-certservice</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>2.1.1-SNAPSHOT</version>
</parent>
<artifactId>oom-certservice-api</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>2.1.1-SNAPSHOT</version>
<name>oom-certservice-api</name>
<description>OOM Certification Service Api</description>
<packaging>jar</packaging>
private static final AlgorithmIdentifier OWF_ALGORITHM =
new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.3.14.3.2.26"));
private static final AlgorithmIdentifier MAC_ALGORITHM =
- new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.840.113549.2.9"));
+ new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.3.6.1.5.5.8.1.2"));
private static final ASN1ObjectIdentifier PASSWORD_BASED_MAC =
new ASN1ObjectIdentifier("1.2.840.113533.7.66.13");
import java.util.Date;
import java.util.List;
+import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.cmp.PKIBody;
import org.bouncycastle.asn1.cmp.PKIHeader;
import org.bouncycastle.asn1.cmp.PKIMessage;
import org.bouncycastle.asn1.crmf.CertTemplateBuilder;
import org.bouncycastle.asn1.crmf.ProofOfPossession;
import org.bouncycastle.asn1.x500.X500Name;
+import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
import org.onap.oom.certservice.cmpv2client.exceptions.CmpClientException;
/**
private String initAuthPassword;
private String senderKid;
- private static final int ITERATIONS = createRandomInt(5000);
+ private static final int ITERATIONS = createRandomInt(1000);
private static final byte[] SALT = createRandomBytes();
private final int certReqId = createRandomInt(Integer.MAX_VALUE);
+ private final AlgorithmIdentifier signingAlgorithm = new DefaultSignatureAlgorithmIdentifierFinder()
+ .find("SHA256withRSA");
public void setIssuerDn(X500Name issuerDn) {
this.issuerDn = issuerDn;
.setSubject(subjectDn)
.setExtensions(CmpMessageHelper.generateExtension(sansList))
.setValidity(CmpMessageHelper.generateOptionalValidity(notBefore, notAfter))
+ .setVersion(2)
+ .setSerialNumber(new ASN1Integer(0L))
+ .setSigningAlg(signingAlgorithm)
.setPublicKey(
SubjectPublicKeyInfo.getInstance(subjectKeyPair.getPublic().getEncoded()));
-major=1
-minor=2
-patch=0
+major=2
+minor=1
+patch=1
base_version=${major}.${minor}.${patch}
release_version=${base_version}
snapshot_version=${base_version}-SNAPSHOT
<parent>
<artifactId>oom-certservice</artifactId>
<groupId>org.onap.oom.platform.cert-service</groupId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>2.1.1-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>oom-certservice-client</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>2.1.1-SNAPSHOT</version>
<name>oom-certservice-client</name>
<description>OOM Certification Service Api Client</description>
<packaging>jar</packaging>
return path.matches("^/|(/[a-zA-Z0-9_-]+)+/?$");
}
- public boolean isAlphaNumeric(String caName) {
- return caName.matches("^[a-zA-Z0-9]*$");
+ public boolean isCaNameValid(String caName) {
+ return caName.matches("^[a-zA-Z0-9_.~-]{1,128}$");
}
public boolean isCommonNameValid(String commonName) {
.orElseThrow(() -> new ClientConfigurationException(ClientConfigurationEnvs.OUTPUT_PATH + " is invalid."));
envsForClient.getCaName()
- .filter(this::isAlphaNumeric)
+ .filter(this::isCaNameValid)
.map(configuration::setCaName)
.orElseThrow(() -> new ClientConfigurationException(ClientConfigurationEnvs.CA_NAME + " is invalid."));
}
@ParameterizedTest
- @ValueSource(strings = {"caname", "caname1", "123caName", "ca1name"})
- void shouldAcceptValidAlphanumeric(String caName) {
- assertThat(cut.isAlphaNumeric(caName)).isTrue();
+ @ValueSource(strings = {"caname", "caname1", "123caName", "ca1name", "ca_name", "ca-name", "ca.na~me"})
+ void shouldAcceptValidCaName(String caName) {
+ assertThat(cut.isCaNameValid(caName)).isTrue();
}
@ParameterizedTest
- @ValueSource(strings = {"44caname$", "#caname1", "1c_aname", "ca1-name"})
- void shouldRejectInvalidAlphanumeric(String caName) {
- assertThat(cut.isAlphaNumeric(caName)).isFalse();
+ @ValueSource(strings = {"44caname$", "#caname1", "1c[aname]", "ca1/name", "", " "})
+ void shouldRejectInvalidCaName(String caName) {
+ assertThat(cut.isCaNameValid(caName)).isFalse();
}
@ParameterizedTest
-major=1
-minor=2
-patch=0
+major=2
+minor=1
+patch=1
base_version=${major}.${minor}.${patch}
release_version=${base_version}
snapshot_version=${base_version}-SNAPSHOT
<parent>
<artifactId>oom-certservice</artifactId>
<groupId>org.onap.oom.platform.cert-service</groupId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>2.1.1-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>oom-certservice-post-processor</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>2.1.1-SNAPSHOT</version>
<name>oom-certservice-post-processor</name>
<description>An application which conducts certificate post-processing like: merging truststores, copying keystores.</description>
<packaging>jar</packaging>
</parent>
<groupId>org.onap.oom.platform.cert-service</groupId>
<artifactId>oom-certservice</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>2.1.1-SNAPSHOT</version>
<name>oom-certservice</name>
<description>OOM Certification Service</description>
<packaging>pom</packaging>
major=2
minor=1
-patch=0
+patch=1
base_version=${major}.${minor}.${patch}
release_version=${base_version}
snapshot_version=${base_version}-SNAPSHOT