diff --git a/build.gradle b/build.gradle index ca60b45..e2930c7 100644 --- a/build.gradle +++ b/build.gradle @@ -8,7 +8,7 @@ plugins { } ext { - transactIdCoreVersion = "2.0.0-beta1" + transactIdCoreVersion = "2.0.0-beta3" dokkaVersion = "0.9.17" protoVersion = "3.10.0" bouncyCastleVersion = "1.67" @@ -21,7 +21,7 @@ ext { kotlinReflectVersion = "1.3.70" groupId = 'com.netki' - versionRelease = '2.0.0-beta1' + versionRelease = '2.0.0-beta3' artifactId = 'transactid' } diff --git a/src/main/java/com/netki/keymanagement/service/impl/KeyManagementNetkiService.kt b/src/main/java/com/netki/keymanagement/service/impl/KeyManagementNetkiService.kt index 3f6dea1..fa454a5 100644 --- a/src/main/java/com/netki/keymanagement/service/impl/KeyManagementNetkiService.kt +++ b/src/main/java/com/netki/keymanagement/service/impl/KeyManagementNetkiService.kt @@ -1,6 +1,7 @@ package com.netki.keymanagement.service.impl import com.netki.exceptions.* +import com.netki.exceptions.ExceptionInformation.CERTIFICATE_INFORMATION_STRING_NOT_CORRECT_ERROR_PROVIDER import com.netki.exceptions.ExceptionInformation.KEY_MANAGEMENT_CERTIFICATE_INVALID_EXCEPTION import com.netki.exceptions.ExceptionInformation.KEY_MANAGEMENT_ERROR_FETCHING_CERTIFICATE import com.netki.exceptions.ExceptionInformation.KEY_MANAGEMENT_ERROR_FETCHING_CERTIFICATE_NOT_FOUND @@ -9,13 +10,14 @@ import com.netki.exceptions.ExceptionInformation.KEY_MANAGEMENT_ERROR_FETCHING_P import com.netki.exceptions.ExceptionInformation.KEY_MANAGEMENT_ERROR_STORING_CERTIFICATE import com.netki.exceptions.ExceptionInformation.KEY_MANAGEMENT_ERROR_STORING_PRIVATE_KEY import com.netki.exceptions.ExceptionInformation.KEY_MANAGEMENT_PRIVATE_KEY_INVALID_EXCEPTION +import com.netki.extensions.isAlphaNumeric import com.netki.keygeneration.main.KeyGeneration +import com.netki.keygeneration.util.toPrincipal import com.netki.keymanagement.driver.KeyManagementDriver import com.netki.keymanagement.service.KeyManagementService +import com.netki.model.AttestationCertificate import com.netki.model.AttestationInformation -import com.netki.security.toCertificate -import com.netki.security.toPemFormat -import com.netki.security.toPrivateKey +import com.netki.security.* import java.security.PrivateKey import java.security.cert.X509Certificate import java.util.* @@ -28,8 +30,35 @@ internal class KeyManagementNetkiService( /** * {@inheritDoc} */ - override fun generateCertificates(attestationsInformation: List) = - keyGeneration.generateCertificates(attestationsInformation) + override fun generateCertificates(attestationsInformation: List): List { + validateAttestationData(attestationsInformation) + + val keyPair = Keys.generateKeyPair() + + val attestationsCertificate = attestationsInformation.map { + AttestationCertificate( + attestation = it.attestation, + csr = Certificate.csrObjectToPem( + Certificate.generateCSR(it.attestation.toPrincipal(it.data, it.ivmsConstraint), keyPair) + ), + publicKeyPem = keyPair.public.toPemFormat() + ) + } + + val certificates = keyGeneration.generateCertificates(attestationsCertificate) + + return if (certificates.count() == 0) { + emptyList() + } else { + certificates.map { + AttestationCertificate( + it.attestation, + it.certificatePem!!, + keyPair.private.toPemFormat() + ) + } + } + } /** * {@inheritDoc} @@ -175,6 +204,19 @@ internal class KeyManagementNetkiService( } ?: throw ObjectNotFoundException(KEY_MANAGEMENT_ERROR_FETCHING_PRIVATE_KEY_NOT_FOUND.format(privateKeyId)) } - private fun generateUniqueId() = UUID.randomUUID().toString() + + private fun validateAttestationData(attestationsInformation: List) { + attestationsInformation.forEach { information -> + if (!information.data.isAlphaNumeric()) { + throw CertificateProviderException( + String.format( + CERTIFICATE_INFORMATION_STRING_NOT_CORRECT_ERROR_PROVIDER, + information.data, + information.attestation + ) + ) + } + } + } } diff --git a/src/test/java/com/netki/keymanagement/main/impl/KeyManagementNetkiTest.kt b/src/test/java/com/netki/keymanagement/main/impl/KeyManagementNetkiTest.kt index b10199b..4ce885d 100644 --- a/src/test/java/com/netki/keymanagement/main/impl/KeyManagementNetkiTest.kt +++ b/src/test/java/com/netki/keymanagement/main/impl/KeyManagementNetkiTest.kt @@ -1,9 +1,13 @@ package com.netki.keymanagement.main.impl import com.netki.exceptions.* +import com.netki.exceptions.ExceptionInformation.CERTIFICATE_INFORMATION_STRING_NOT_CORRECT_ERROR_PROVIDER import com.netki.keygeneration.main.KeyGeneration import com.netki.keymanagement.driver.impl.VaultDriver import com.netki.keymanagement.service.impl.KeyManagementNetkiService +import com.netki.model.Attestation +import com.netki.model.AttestationInformation +import com.netki.model.IvmsConstraint import com.netki.security.toCertificate import com.netki.security.toPrivateKey import com.netki.util.TestData @@ -46,7 +50,7 @@ internal class KeyManagementNetkiTest { val idResult = keyManagement.storeCertificatePem(TestData.KeyPairs.CLIENT_CERTIFICATE_RANDOM) - assert(!idResult.isBlank()) + assert(idResult.isNotBlank()) } @Test @@ -311,5 +315,29 @@ internal class KeyManagementNetkiTest { assert(exception.message != null && exception.message!!.contains("Private key not found for id")) } + + @Test + fun `Generate certificate for attestations with invalid data`() { + val attestationInformation = AttestationInformation( + Attestation.LEGAL_PERSON_NAME, + IvmsConstraint.LEGL, + "This is invalid data #$#$#$" + ) + val attestationInformationInvalid = listOf(attestationInformation) + + val exception = assertThrows(CertificateProviderException::class.java) { + keyManagement.generateCertificates(attestationInformationInvalid) + } + + assert( + exception.message != null && exception.message!!.contains( + String.format( + CERTIFICATE_INFORMATION_STRING_NOT_CORRECT_ERROR_PROVIDER, + attestationInformation.data, + attestationInformation.attestation + ) + ) + ) + } }