<parent>
<groupId>org.onap.oom.platform.cert-service</groupId>
<artifactId>oom-certservice</artifactId>
- <version>2.3.1-SNAPSHOT</version>
+ <version>2.3.2-SNAPSHOT</version>
</parent>
<artifactId>oom-certservice-api</artifactId>
- <version>2.3.1-SNAPSHOT</version>
+ <version>2.3.2-SNAPSHOT</version>
<name>oom-certservice-api</name>
<description>OOM Certification Service Api</description>
<packaging>jar</packaging>
private static final AlgorithmIdentifier OWF_ALGORITHM =
new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.3.14.3.2.26"));
private static final AlgorithmIdentifier MAC_ALGORITHM =
- new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.840.113549.2.9"));
+ new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.3.6.1.5.5.8.1.2"));
private static final ASN1ObjectIdentifier PASSWORD_BASED_MAC =
new ASN1ObjectIdentifier("1.2.840.113533.7.66.13");
import java.security.KeyPair;
import java.util.Date;
+import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.cmp.PKIBody;
import org.bouncycastle.asn1.cmp.PKIHeader;
import org.bouncycastle.asn1.cmp.PKIMessage;
import org.bouncycastle.asn1.crmf.CertTemplateBuilder;
import org.bouncycastle.asn1.crmf.ProofOfPossession;
import org.bouncycastle.asn1.x500.X500Name;
+import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
import org.onap.oom.certservice.cmpv2client.exceptions.CmpClientException;
/**
private String initAuthPassword;
private String senderKid;
- private static final int ITERATIONS = createRandomInt(5000);
+ private static final int ITERATIONS = createRandomInt(1000);
private static final byte[] SALT = createRandomBytes();
private final int certReqId = createRandomInt(Integer.MAX_VALUE);
+ private final AlgorithmIdentifier signingAlgorithm = new DefaultSignatureAlgorithmIdentifierFinder()
+ .find("SHA256withRSA");
public void setIssuerDn(X500Name issuerDn) {
this.issuerDn = issuerDn;
.setSubject(subjectDn)
.setExtensions(CmpMessageHelper.generateExtension(sansArray))
.setValidity(CmpMessageHelper.generateOptionalValidity(notBefore, notAfter))
+ .setVersion(2)
+ .setSerialNumber(new ASN1Integer(0L))
+ .setSigningAlg(signingAlgorithm)
.setPublicKey(
SubjectPublicKeyInfo.getInstance(subjectKeyPair.getPublic().getEncoded()));
major=2
minor=3
-patch=1
+patch=2
base_version=${major}.${minor}.${patch}
release_version=${base_version}
snapshot_version=${base_version}-SNAPSHOT
<parent>
<artifactId>oom-certservice</artifactId>
<groupId>org.onap.oom.platform.cert-service</groupId>
- <version>2.3.1-SNAPSHOT</version>
+ <version>2.3.2-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>oom-certservice-client</artifactId>
- <version>2.3.1-SNAPSHOT</version>
+ <version>2.3.2-SNAPSHOT</version>
<name>oom-certservice-client</name>
<description>OOM Certification Service Api Client</description>
<packaging>jar</packaging>
.orElseThrow(() -> new ClientConfigurationException(ClientConfigurationEnvs.OUTPUT_PATH + " is invalid."));
envsForClient.getCaName()
- .filter(ClientEnvsValueValidators::isAlphaNumeric)
+ .filter(ClientEnvsValueValidators::isCaNameValid)
.map(configuration::setCaName)
.orElseThrow(() -> new ClientConfigurationException(ClientConfigurationEnvs.CA_NAME + " is invalid."));
package org.onap.oom.certservice.client.configuration.validation.client;
public final class ClientEnvsValueValidators {
- private static final String ALPHA_NUMERIC_REGEX = "^[a-zA-Z0-9]*$";
+ private static final String CA_NAME_REGEX = "^[a-zA-Z0-9_.~-]{1,128}$";
private static final String VALID_PATH_REGEX = "^/|(/[a-zA-Z0-9_-]+)+/?$";
- public static boolean isAlphaNumeric(String caName) {
- return caName.matches(ALPHA_NUMERIC_REGEX);
+ public static boolean isCaNameValid(String caName) {
+ return caName.matches(CA_NAME_REGEX);
}
public static boolean isPathValid(String path) {
package org.onap.oom.certservice.client.configuration.validation.client;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.onap.oom.certservice.client.configuration.validation.client.ClientEnvsValueValidators.isAlphaNumeric;
+import static org.onap.oom.certservice.client.configuration.validation.client.ClientEnvsValueValidators.isCaNameValid;
import static org.onap.oom.certservice.client.configuration.validation.client.ClientEnvsValueValidators.isPathValid;
import org.junit.jupiter.params.ParameterizedTest;
class ClientEnvsValueValidatorsTest {
@ParameterizedTest
- @ValueSource(strings = {"caname", "caname1", "123caName", "ca1name"})
- void shouldAcceptValidAlphanumeric(String caName) {
- assertThat(isAlphaNumeric(caName)).isTrue();
+ @ValueSource(strings = {"caname", "caname1", "123caName", "ca1name", "ca_name", "ca-name", "ca.na~me"})
+ void shouldAcceptValidCaName(String caName) {
+ assertThat(isCaNameValid(caName)).isTrue();
}
@ParameterizedTest
- @ValueSource(strings = {"44caname$", "#caname1", "1c_aname", "ca1-name"})
- void shouldRejectInvalidAlphanumeric(String caName) {
- assertThat(isAlphaNumeric(caName)).isFalse();
+ @ValueSource(strings = {"44caname$", "#caname1", "1c[aname]", "ca1/name", "", " "})
+ void shouldRejectInvalidCaName(String caName) {
+ assertThat(isCaNameValid(caName)).isFalse();
}
@ParameterizedTest
major=2
minor=3
-patch=1
+patch=2
base_version=${major}.${minor}.${patch}
release_version=${base_version}
snapshot_version=${base_version}-SNAPSHOT
<parent>
<artifactId>oom-certservice</artifactId>
<groupId>org.onap.oom.platform.cert-service</groupId>
- <version>2.3.1-SNAPSHOT</version>
+ <version>2.3.2-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>oom-certservice</artifactId>
<groupId>org.onap.oom.platform.cert-service</groupId>
- <version>2.3.1-SNAPSHOT</version>
+ <version>2.3.2-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>oom-certservice-post-processor</artifactId>
- <version>2.3.1-SNAPSHOT</version>
+ <version>2.3.2-SNAPSHOT</version>
<name>oom-certservice-post-processor</name>
<description>An application which conducts certificate post-processing like: merging truststores, copying keystores.</description>
<packaging>jar</packaging>
</parent>
<groupId>org.onap.oom.platform.cert-service</groupId>
<artifactId>oom-certservice</artifactId>
- <version>2.3.1-SNAPSHOT</version>
+ <version>2.3.2-SNAPSHOT</version>
<name>oom-certservice</name>
<description>OOM Certification Service</description>
<packaging>pom</packaging>
major=2
minor=3
-patch=1
+patch=2
base_version=${major}.${minor}.${patch}
release_version=${base_version}
snapshot_version=${base_version}-SNAPSHOT