http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d8c42a91/server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java
----------------------------------------------------------------------
diff --git a/server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java b/server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java
index c5668c2..45fb267 100644
--- a/server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java
+++ b/server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java
@@ -116,37 +116,37 @@ public class CertServiceImpl implements CertService {
@DB
@Override
@ActionEvent(eventType = EventTypes.EVENT_LB_CERT_UPLOAD, eventDescription = "Uploading a certificate to cloudstack", async = false)
- public SslCertResponse uploadSslCert(UploadSslCertCmd certCmd) {
+ public SslCertResponse uploadSslCert(final UploadSslCertCmd certCmd) {
try {
- String cert = certCmd.getCert();
- String key = certCmd.getKey();
- String password = certCmd.getPassword();
- String chain = certCmd.getChain();
+ final String cert = certCmd.getCert();
+ final String key = certCmd.getKey();
+ final String password = certCmd.getPassword();
+ final String chain = certCmd.getChain();
validate(cert, key, password, chain);
s_logger.debug("Certificate Validation succeeded");
- String fingerPrint = generateFingerPrint(parseCertificate(cert));
+ final String fingerPrint = generateFingerPrint(parseCertificate(cert));
- CallContext ctx = CallContext.current();
- Account caller = ctx.getCallingAccount();
+ final CallContext ctx = CallContext.current();
+ final Account caller = ctx.getCallingAccount();
Account owner = null;
- if ((certCmd.getAccountName() != null && certCmd.getDomainId() != null) || certCmd.getProjectId() != null) {
+ if (certCmd.getAccountName() != null && certCmd.getDomainId() != null || certCmd.getProjectId() != null) {
owner = _accountMgr.finalizeOwner(caller, certCmd.getAccountName(), certCmd.getDomainId(), certCmd.getProjectId());
} else {
owner = caller;
}
- Long accountId = owner.getId();
- Long domainId = owner.getDomainId();
+ final Long accountId = owner.getId();
+ final Long domainId = owner.getDomainId();
- SslCertVO certVO = new SslCertVO(cert, key, password, chain, accountId, domainId, fingerPrint);
+ final SslCertVO certVO = new SslCertVO(cert, key, password, chain, accountId, domainId, fingerPrint);
_sslCertDao.persist(certVO);
return createCertResponse(certVO, null);
- } catch (Exception e) {
+ } catch (final Exception e) {
throw new CloudRuntimeException("Error parsing certificate data " + e.getMessage());
}
@@ -155,26 +155,26 @@ public class CertServiceImpl implements CertService {
@DB
@Override
@ActionEvent(eventType = EventTypes.EVENT_LB_CERT_DELETE, eventDescription = "Deleting a certificate to cloudstack", async = false)
- public void deleteSslCert(DeleteSslCertCmd deleteSslCertCmd) {
+ public void deleteSslCert(final DeleteSslCertCmd deleteSslCertCmd) {
- CallContext ctx = CallContext.current();
- Account caller = ctx.getCallingAccount();
+ final CallContext ctx = CallContext.current();
+ final Account caller = ctx.getCallingAccount();
- Long certId = deleteSslCertCmd.getId();
- SslCertVO certVO = _sslCertDao.findById(certId);
+ final Long certId = deleteSslCertCmd.getId();
+ final SslCertVO certVO = _sslCertDao.findById(certId);
if (certVO == null) {
throw new InvalidParameterValueException("Invalid certificate id: " + certId);
}
_accountMgr.checkAccess(caller, SecurityChecker.AccessType.OperateEntry, true, certVO);
- List<LoadBalancerCertMapVO> lbCertRule = _lbCertDao.listByCertId(certId);
+ final List<LoadBalancerCertMapVO> lbCertRule = _lbCertDao.listByCertId(certId);
- if ((lbCertRule != null) && (!lbCertRule.isEmpty())) {
+ if (lbCertRule != null && !lbCertRule.isEmpty()) {
String lbUuids = "";
- for (LoadBalancerCertMapVO rule : lbCertRule) {
- LoadBalancerVO lb = _entityMgr.findById(LoadBalancerVO.class, rule.getLbId());
+ for (final LoadBalancerCertMapVO rule : lbCertRule) {
+ final LoadBalancerVO lb = _entityMgr.findById(LoadBalancerVO.class, rule.getLbId());
lbUuids += " " + lb.getUuid();
}
@@ -185,16 +185,16 @@ public class CertServiceImpl implements CertService {
}
@Override
- public List<SslCertResponse> listSslCerts(ListSslCertsCmd listSslCertCmd) {
- CallContext ctx = CallContext.current();
- Account caller = ctx.getCallingAccount();
+ public List<SslCertResponse> listSslCerts(final ListSslCertsCmd listSslCertCmd) {
+ final CallContext ctx = CallContext.current();
+ final Account caller = ctx.getCallingAccount();
- Long certId = listSslCertCmd.getCertId();
- Long accountId = listSslCertCmd.getAccountId();
- Long lbRuleId = listSslCertCmd.getLbId();
- Long projectId = listSslCertCmd.getProjectId();
+ final Long certId = listSslCertCmd.getCertId();
+ final Long accountId = listSslCertCmd.getAccountId();
+ final Long lbRuleId = listSslCertCmd.getLbId();
+ final Long projectId = listSslCertCmd.getProjectId();
- List<SslCertResponse> certResponseList = new ArrayList<SslCertResponse>();
+ final List<SslCertResponse> certResponseList = new ArrayList<SslCertResponse>();
if (certId == null && accountId == null && lbRuleId == null && projectId == null) {
throw new InvalidParameterValueException("Invalid parameters either certificate ID or Account ID or Loadbalancer ID or Project ID required");
@@ -219,7 +219,7 @@ public class CertServiceImpl implements CertService {
}
if (lbRuleId != null) {
- LoadBalancer lb = _entityMgr.findById(LoadBalancerVO.class, lbRuleId);
+ final LoadBalancer lb = _entityMgr.findById(LoadBalancerVO.class, lbRuleId);
if (lb == null) {
throw new InvalidParameterValueException("Found no loadbalancer with id: " + lbRuleId);
@@ -245,18 +245,19 @@ public class CertServiceImpl implements CertService {
}
if (projectId != null) {
- Project project = _projectMgr.getProject(projectId);
+ final Project project = _projectMgr.getProject(projectId);
if (project == null) {
throw new InvalidParameterValueException("Found no project with id: " + projectId);
}
- List<SslCertVO> projectCertVOList = _sslCertDao.listByAccountId(project.getProjectAccountId());
- if (projectCertVOList == null || projectCertVOList.isEmpty())
+ final List<SslCertVO> projectCertVOList = _sslCertDao.listByAccountId(project.getProjectAccountId());
+ if (projectCertVOList == null || projectCertVOList.isEmpty()) {
return certResponseList;
+ }
_accountMgr.checkAccess(caller, SecurityChecker.AccessType.UseEntry, true, projectCertVOList.get(0));
- for (SslCertVO cert : projectCertVOList) {
+ for (final SslCertVO cert : projectCertVOList) {
certLbMap = _lbCertDao.listByCertId(cert.getId());
certResponseList.add(createCertResponse(cert, certLbMap));
}
@@ -264,19 +265,20 @@ public class CertServiceImpl implements CertService {
}
//reached here look by accountId
- List<SslCertVO> certVOList = _sslCertDao.listByAccountId(accountId);
- if (certVOList == null || certVOList.isEmpty())
+ final List<SslCertVO> certVOList = _sslCertDao.listByAccountId(accountId);
+ if (certVOList == null || certVOList.isEmpty()) {
return certResponseList;
+ }
_accountMgr.checkAccess(caller, SecurityChecker.AccessType.UseEntry, true, certVOList.get(0));
- for (SslCertVO cert : certVOList) {
+ for (final SslCertVO cert : certVOList) {
certLbMap = _lbCertDao.listByCertId(cert.getId());
certResponseList.add(createCertResponse(cert, certLbMap));
}
return certResponseList;
}
- private void validate(String certInput, String keyInput, String password, String chainInput) {
+ private void validate(final String certInput, final String keyInput, final String password, final String chainInput) {
Certificate cert;
PrivateKey key;
List<Certificate> chain = null;
@@ -296,17 +298,18 @@ public class CertServiceImpl implements CertService {
validateCert(cert, chainInput != null ? true : false);
validateKeys(cert.getPublicKey(), key);
- if (chainInput != null)
+ if (chainInput != null) {
validateChain(chain, cert);
+ }
}
- public SslCertResponse createCertResponse(SslCertVO cert, List<LoadBalancerCertMapVO> lbCertMap) {
- SslCertResponse response = new SslCertResponse();
+ public SslCertResponse createCertResponse(final SslCertVO cert, final List<LoadBalancerCertMapVO> lbCertMap) {
+ final SslCertResponse response = new SslCertResponse();
- Account account = _accountDao.findByIdIncludingRemoved(cert.getAccountId());
+ final Account account = _accountDao.findByIdIncludingRemoved(cert.getAccountId());
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
// find the project
- Project project = _projectMgr.findByProjectAccountIdIncludingRemoved(account.getId());
+ final Project project = _projectMgr.findByProjectAccountIdIncludingRemoved(account.getId());
if (project != null)
{
response.setProjectId(project.getUuid());
@@ -318,7 +321,7 @@ public class CertServiceImpl implements CertService {
response.setAccountName(account.getAccountName());
}
- DomainVO domain = _domainDao.findByIdIncludingRemoved(cert.getDomainId());
+ final DomainVO domain = _domainDao.findByIdIncludingRemoved(cert.getDomainId());
response.setDomainId(domain.getUuid());
response.setDomainName(domain.getName());
@@ -327,13 +330,14 @@ public class CertServiceImpl implements CertService {
response.setCertificate(cert.getCertificate());
response.setFingerprint(cert.getFingerPrint());
- if (cert.getChain() != null)
+ if (cert.getChain() != null) {
response.setCertchain(cert.getChain());
+ }
if (lbCertMap != null && !lbCertMap.isEmpty()) {
- List<String> lbIds = new ArrayList<String>();
- for (LoadBalancerCertMapVO mapVO : lbCertMap) {
- LoadBalancer lb = _entityMgr.findById(LoadBalancerVO.class, mapVO.getLbId());
+ final List<String> lbIds = new ArrayList<String>();
+ for (final LoadBalancerCertMapVO mapVO : lbCertMap) {
+ final LoadBalancer lb = _entityMgr.findById(LoadBalancerVO.class, mapVO.getLbId());
if (lb != null) {
lbIds.add(lb.getUuid());
}
@@ -344,74 +348,79 @@ public class CertServiceImpl implements CertService {
return response;
}
- private void validateCert(Certificate cert, boolean chainPresent) {
+ private void validateCert(final Certificate cert, final boolean chainPresent) {
- if (!(cert instanceof X509Certificate))
+ if (!(cert instanceof X509Certificate)) {
throw new IllegalArgumentException("Invalid certificate format. Expected X509 certificate");
+ }
try {
((X509Certificate)cert).checkValidity();
- } catch (Exception e) {
+ } catch (final Exception e) {
throw new IllegalArgumentException("Certificate expired or not valid", e);
}
}
- private void validateKeys(PublicKey pubKey, PrivateKey privKey) {
+ private void validateKeys(final PublicKey pubKey, final PrivateKey privKey) {
- if (pubKey.getAlgorithm() != privKey.getAlgorithm())
+ if (pubKey.getAlgorithm() != privKey.getAlgorithm()) {
throw new IllegalArgumentException("Public and private key have different algorithms");
+ }
// No encryption for DSA
- if (pubKey.getAlgorithm() != "RSA")
+ if (pubKey.getAlgorithm() != "RSA") {
return;
+ }
try {
- String data = "ENCRYPT_DATA";
- SecureRandom random = new SecureRandom();
- Cipher cipher = Cipher.getInstance(pubKey.getAlgorithm());
+ final String data = "ENCRYPT_DATA";
+ final SecureRandom random = new SecureRandom();
+ final Cipher cipher = Cipher.getInstance(pubKey.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, privKey, random);
- byte[] encryptedData = cipher.doFinal(data.getBytes());
+ final byte[] encryptedData = cipher.doFinal(data.getBytes());
cipher.init(Cipher.DECRYPT_MODE, pubKey, random);
- String decreptedData = new String(cipher.doFinal(encryptedData));
- if (!decreptedData.equals(data))
+ final String decreptedData = new String(cipher.doFinal(encryptedData));
+ if (!decreptedData.equals(data)) {
throw new IllegalArgumentException("Bad public-private key");
+ }
- } catch (BadPaddingException e) {
+ } catch (final BadPaddingException e) {
throw new IllegalArgumentException("Bad public-private key", e);
- } catch (IllegalBlockSizeException e) {
+ } catch (final IllegalBlockSizeException e) {
throw new IllegalArgumentException("Bad public-private key", e);
- } catch (NoSuchPaddingException e) {
+ } catch (final NoSuchPaddingException e) {
throw new IllegalArgumentException("Bad public-private key", e);
- } catch (InvalidKeyException e) {
+ } catch (final InvalidKeyException e) {
throw new IllegalArgumentException("Invalid public-private key", e);
- } catch (NoSuchAlgorithmException e) {
+ } catch (final NoSuchAlgorithmException e) {
throw new IllegalArgumentException("Invalid algorithm for public-private key", e);
}
}
- private void validateChain(List<Certificate> chain, Certificate cert) {
+ private void validateChain(final List<Certificate> chain, final Certificate cert) {
- List<Certificate> certs = new ArrayList<Certificate>();
- Set<TrustAnchor> anchors = new HashSet<TrustAnchor>();
+ final List<Certificate> certs = new ArrayList<Certificate>();
+ final Set<TrustAnchor> anchors = new HashSet<TrustAnchor>();
certs.add(cert); // adding for self signed certs
certs.addAll(chain);
- for (Certificate c : certs) {
- if (!(c instanceof X509Certificate))
+ for (final Certificate c : certs) {
+ if (!(c instanceof X509Certificate)) {
throw new IllegalArgumentException("Invalid chain format. Expected X509 certificate");
+ }
- X509Certificate xCert = (X509Certificate)c;
+ final X509Certificate xCert = (X509Certificate)c;
xCert.getSubjectDN();
xCert.getIssuerDN();
- anchors.add(new TrustAnchor(xCert, null));
+ anchors.add(new TrustAnchor(xCert, null));
}
- X509CertSelector target = new X509CertSelector();
+ final X509CertSelector target = new X509CertSelector();
target.setCertificate((X509Certificate)cert);
PKIXBuilderParameters params = null;
@@ -419,16 +428,16 @@ public class CertServiceImpl implements CertService {
params = new PKIXBuilderParameters(anchors, target);
params.setRevocationEnabled(false);
params.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(certs)));
- CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "BC");
+ final CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "BC");
builder.build(params);
- } catch (InvalidAlgorithmParameterException e) {
+ } catch (final InvalidAlgorithmParameterException e) {
throw new IllegalArgumentException("Invalid certificate chain", e);
- } catch (CertPathBuilderException e) {
+ } catch (final CertPathBuilderException e) {
throw new IllegalArgumentException("Invalid certificate chain", e);
- } catch (NoSuchAlgorithmException e) {
+ } catch (final NoSuchAlgorithmException e) {
throw new IllegalArgumentException("Invalid certificate chain", e);
- } catch (NoSuchProviderException e) {
+ } catch (final NoSuchProviderException e) {
throw new CloudRuntimeException("No provider for certificate validation", e);
}
@@ -448,7 +457,7 @@ public class CertServiceImpl implements CertService {
}
}
- public Certificate parseCertificate(String cert) {
+ public Certificate parseCertificate(final String cert) {
final PemReader certPem = new PemReader(new StringReader(cert));
try {
return readCertificateFromPemObject(certPem.readPemObject());
@@ -459,7 +468,7 @@ public class CertServiceImpl implements CertService {
}
}
- private Certificate readCertificateFromPemObject(PemObject pemObject) throws CertificateException {
+ private Certificate readCertificateFromPemObject(final PemObject pemObject) throws CertificateException {
final ByteArrayInputStream bais = new ByteArrayInputStream(pemObject.getContent());
final CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
@@ -467,20 +476,20 @@ public class CertServiceImpl implements CertService {
}
- public List<Certificate> parseChain(String chain) throws IOException, CertificateException {
+ public List<Certificate> parseChain(final String chain) throws IOException, CertificateException {
return CertificateHelper.parseChain(chain);
}
- String generateFingerPrint(Certificate cert) {
+ String generateFingerPrint(final Certificate cert) {
final char[] HEX = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
- StringBuilder buffer = new StringBuilder(60);
+ final StringBuilder buffer = new StringBuilder(60);
try {
- MessageDigest md = MessageDigest.getInstance("SHA-1");
- byte[] data = md.digest(cert.getEncoded());
+ final MessageDigest md = MessageDigest.getInstance("SHA-1");
+ final byte[] data = md.digest(cert.getEncoded());
for (final byte element : data) {
if (buffer.length() > 0) {
@@ -511,7 +520,7 @@ public class CertServiceImpl implements CertService {
boolean passwordRequested = false;
char[] password;
- KeyPassword(char[] word) {
+ KeyPassword(final char[] word) {
password = word;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d8c42a91/server/test/org/apache/cloudstack/network/lb/CertServiceTest.java
----------------------------------------------------------------------
diff --git a/server/test/org/apache/cloudstack/network/lb/CertServiceTest.java b/server/test/org/apache/cloudstack/network/lb/CertServiceTest.java
index 033b44e..734e381 100644
--- a/server/test/org/apache/cloudstack/network/lb/CertServiceTest.java
+++ b/server/test/org/apache/cloudstack/network/lb/CertServiceTest.java
@@ -62,8 +62,8 @@ public class CertServiceTest {
@Before
public void setUp() {
- Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
- UserVO user = new UserVO(1, "testuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
+ final Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
+ final UserVO user = new UserVO(1, "testuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
CallContext.register(user, account);
}
@@ -99,23 +99,23 @@ public class CertServiceTest {
TransactionLegacy.open("runUploadSslCertWithCAChain");
- String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.crt").getFile(),Charset.defaultCharset().name());
- String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.key").getFile(),Charset.defaultCharset().name());
- String chainFile = URLDecoder.decode(getClass().getResource("/certs/root_chain.crt").getFile(),Charset.defaultCharset().name());
+ final String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.crt").getFile(),Charset.defaultCharset().name());
+ final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.key").getFile(),Charset.defaultCharset().name());
+ final String chainFile = URLDecoder.decode(getClass().getResource("/certs/root_chain.crt").getFile(),Charset.defaultCharset().name());
- String cert = readFileToString(new File(certFile));
- String key = readFileToString(new File(keyFile));
- String chain = readFileToString(new File(chainFile));
+ final String cert = readFileToString(new File(certFile));
+ final String key = readFileToString(new File(keyFile));
+ final String chain = readFileToString(new File(chainFile));
- CertServiceImpl certService = new CertServiceImpl();
+ final CertServiceImpl certService = new CertServiceImpl();
//setting mock objects
certService._accountMgr = Mockito.mock(AccountManager.class);
- Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
+ final Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
certService._domainDao = Mockito.mock(DomainDao.class);
- DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
+ final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
certService._sslCertDao = Mockito.mock(SslCertDao.class);
@@ -125,25 +125,25 @@ public class CertServiceTest {
when(certService._accountDao.findByIdIncludingRemoved(anyLong())).thenReturn((AccountVO)account);
//creating the command
- UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
- Class<?> _class = uploadCmd.getClass().getSuperclass();
+ final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
+ final Class<?> _class = uploadCmd.getClass().getSuperclass();
- Field certField = _class.getDeclaredField("cert");
+ final Field certField = _class.getDeclaredField("cert");
certField.setAccessible(true);
certField.set(uploadCmd, cert);
- Field keyField = _class.getDeclaredField("key");
+ final Field keyField = _class.getDeclaredField("key");
keyField.setAccessible(true);
keyField.set(uploadCmd, key);
- Field chainField = _class.getDeclaredField("chain");
+ final Field chainField = _class.getDeclaredField("chain");
chainField.setAccessible(true);
chainField.set(uploadCmd, chain);
certService.uploadSslCert(uploadCmd);
}
-// @Test
+ // @Test
/**
* Given a Self-signed Certificate with encrypted key, upload should succeed
*/
@@ -151,22 +151,22 @@ public class CertServiceTest {
TransactionLegacy.open("runUploadSslCertSelfSignedWithPassword");
- String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed_with_pwd.crt").getFile(),Charset.defaultCharset().name());
- String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed_with_pwd.key").getFile(),Charset.defaultCharset().name());
- String password = "test";
+ final String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed_with_pwd.crt").getFile(),Charset.defaultCharset().name());
+ final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed_with_pwd.key").getFile(),Charset.defaultCharset().name());
+ final String password = "test";
- String cert = readFileToString(new File(certFile));
- String key = readFileToString(new File(keyFile));
+ final String cert = readFileToString(new File(certFile));
+ final String key = readFileToString(new File(keyFile));
- CertServiceImpl certService = new CertServiceImpl();
+ final CertServiceImpl certService = new CertServiceImpl();
//setting mock objects
certService._accountMgr = Mockito.mock(AccountManager.class);
- Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
+ final Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
certService._domainDao = Mockito.mock(DomainDao.class);
- DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
+ final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
certService._sslCertDao = Mockito.mock(SslCertDao.class);
@@ -176,18 +176,18 @@ public class CertServiceTest {
when(certService._accountDao.findByIdIncludingRemoved(anyLong())).thenReturn((AccountVO)account);
//creating the command
- UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
- Class<?> _class = uploadCmd.getClass().getSuperclass();
+ final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
+ final Class<?> _class = uploadCmd.getClass().getSuperclass();
- Field certField = _class.getDeclaredField("cert");
+ final Field certField = _class.getDeclaredField("cert");
certField.setAccessible(true);
certField.set(uploadCmd, cert);
- Field keyField = _class.getDeclaredField("key");
+ final Field keyField = _class.getDeclaredField("key");
keyField.setAccessible(true);
keyField.set(uploadCmd, key);
- Field passField = _class.getDeclaredField("password");
+ final Field passField = _class.getDeclaredField("password");
passField.setAccessible(true);
passField.set(uploadCmd, password);
@@ -202,21 +202,21 @@ public class CertServiceTest {
TransactionLegacy.open("runUploadSslCertSelfSignedNoPassword");
- String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.crt").getFile(),Charset.defaultCharset().name());
- String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.key").getFile(),Charset.defaultCharset().name());
+ final String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.crt").getFile(),Charset.defaultCharset().name());
+ final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.key").getFile(),Charset.defaultCharset().name());
- String cert = readFileToString(new File(certFile));
- String key = readFileToString(new File(keyFile));
+ final String cert = readFileToString(new File(certFile));
+ final String key = readFileToString(new File(keyFile));
- CertServiceImpl certService = new CertServiceImpl();
+ final CertServiceImpl certService = new CertServiceImpl();
//setting mock objects
certService._accountMgr = Mockito.mock(AccountManager.class);
- Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
+ final Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
certService._domainDao = Mockito.mock(DomainDao.class);
- DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
+ final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
certService._sslCertDao = Mockito.mock(SslCertDao.class);
@@ -226,14 +226,14 @@ public class CertServiceTest {
when(certService._accountDao.findByIdIncludingRemoved(anyLong())).thenReturn((AccountVO)account);
//creating the command
- UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
- Class<?> _class = uploadCmd.getClass().getSuperclass();
+ final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
+ final Class<?> _class = uploadCmd.getClass().getSuperclass();
- Field certField = _class.getDeclaredField("cert");
+ final Field certField = _class.getDeclaredField("cert");
certField.setAccessible(true);
certField.set(uploadCmd, cert);
- Field keyField = _class.getDeclaredField("key");
+ final Field keyField = _class.getDeclaredField("key");
keyField.setAccessible(true);
keyField.set(uploadCmd, key);
@@ -245,48 +245,48 @@ public class CertServiceTest {
public void runUploadSslCertBadChain() throws IOException, IllegalAccessException, NoSuchFieldException {
Assume.assumeTrue(isOpenJdk() || isJCEInstalled());
- String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.crt").getFile(),Charset.defaultCharset().name());
- String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.key").getFile(),Charset.defaultCharset().name());
- String chainFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.crt").getFile(),Charset.defaultCharset().name());
+ final String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.crt").getFile(),Charset.defaultCharset().name());
+ final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.key").getFile(),Charset.defaultCharset().name());
+ final String chainFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.crt").getFile(),Charset.defaultCharset().name());
- String cert = readFileToString(new File(certFile));
- String key = readFileToString(new File(keyFile));
- String chain = readFileToString(new File(chainFile));
+ final String cert = readFileToString(new File(certFile));
+ final String key = readFileToString(new File(keyFile));
+ final String chain = readFileToString(new File(chainFile));
- CertServiceImpl certService = new CertServiceImpl();
+ final CertServiceImpl certService = new CertServiceImpl();
//setting mock objects
certService._accountMgr = Mockito.mock(AccountManager.class);
- Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
+ final Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
certService._domainDao = Mockito.mock(DomainDao.class);
- DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
+ final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
certService._sslCertDao = Mockito.mock(SslCertDao.class);
when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
//creating the command
- UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
- Class<?> _class = uploadCmd.getClass().getSuperclass();
+ final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
+ final Class<?> _class = uploadCmd.getClass().getSuperclass();
- Field certField = _class.getDeclaredField("cert");
+ final Field certField = _class.getDeclaredField("cert");
certField.setAccessible(true);
certField.set(uploadCmd, cert);
- Field keyField = _class.getDeclaredField("key");
+ final Field keyField = _class.getDeclaredField("key");
keyField.setAccessible(true);
keyField.set(uploadCmd, key);
- Field chainField = _class.getDeclaredField("chain");
+ final Field chainField = _class.getDeclaredField("chain");
chainField.setAccessible(true);
chainField.set(uploadCmd, chain);
try {
certService.uploadSslCert(uploadCmd);
fail("The chain given is not the correct chain for the certificate");
- } catch (Exception e) {
+ } catch (final Exception e) {
assertTrue(e.getMessage().contains("Invalid certificate chain"));
}
}
@@ -297,48 +297,48 @@ public class CertServiceTest {
Assume.assumeTrue(isOpenJdk() || isJCEInstalled());
- String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.crt").getFile(),Charset.defaultCharset().name());
- String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.key").getFile(),Charset.defaultCharset().name());
- String chainFile = URLDecoder.decode(getClass().getResource("/certs/non_root.crt").getFile(),Charset.defaultCharset().name());
+ final String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.crt").getFile(),Charset.defaultCharset().name());
+ final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.key").getFile(),Charset.defaultCharset().name());
+ final String chainFile = URLDecoder.decode(getClass().getResource("/certs/non_root.crt").getFile(),Charset.defaultCharset().name());
- String cert = readFileToString(new File(certFile));
- String key = readFileToString(new File(keyFile));
- String chain = readFileToString(new File(chainFile));
+ final String cert = readFileToString(new File(certFile));
+ final String key = readFileToString(new File(keyFile));
+ final String chain = readFileToString(new File(chainFile));
- CertServiceImpl certService = new CertServiceImpl();
+ final CertServiceImpl certService = new CertServiceImpl();
//setting mock objects
certService._accountMgr = Mockito.mock(AccountManager.class);
- Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
+ final Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
certService._domainDao = Mockito.mock(DomainDao.class);
- DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
+ final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
certService._sslCertDao = Mockito.mock(SslCertDao.class);
when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
//creating the command
- UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
- Class<?> _class = uploadCmd.getClass().getSuperclass();
+ final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
+ final Class<?> _class = uploadCmd.getClass().getSuperclass();
- Field certField = _class.getDeclaredField("cert");
+ final Field certField = _class.getDeclaredField("cert");
certField.setAccessible(true);
certField.set(uploadCmd, cert);
- Field keyField = _class.getDeclaredField("key");
+ final Field keyField = _class.getDeclaredField("key");
keyField.setAccessible(true);
keyField.set(uploadCmd, key);
- Field chainField = _class.getDeclaredField("chain");
+ final Field chainField = _class.getDeclaredField("chain");
chainField.setAccessible(true);
chainField.set(uploadCmd, chain);
try {
certService.uploadSslCert(uploadCmd);
fail("Chain is given but does not link to the certificate");
- } catch (Exception e) {
+ } catch (final Exception e) {
assertTrue(e.getMessage().contains("Invalid certificate chain"));
}
@@ -348,40 +348,40 @@ public class CertServiceTest {
@Test
public void runUploadSslCertBadPassword() throws IOException, IllegalAccessException, NoSuchFieldException {
- String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed_with_pwd.crt").getFile(),Charset.defaultCharset().name());
- String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed_with_pwd.key").getFile(),Charset.defaultCharset().name());
- String password = "bad_password";
+ final String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed_with_pwd.crt").getFile(),Charset.defaultCharset().name());
+ final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed_with_pwd.key").getFile(),Charset.defaultCharset().name());
+ final String password = "bad_password";
- String cert = readFileToString(new File(certFile));
- String key = readFileToString(new File(keyFile));
+ final String cert = readFileToString(new File(certFile));
+ final String key = readFileToString(new File(keyFile));
- CertServiceImpl certService = new CertServiceImpl();
+ final CertServiceImpl certService = new CertServiceImpl();
//setting mock objects
certService._accountMgr = Mockito.mock(AccountManager.class);
- Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
+ final Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
certService._domainDao = Mockito.mock(DomainDao.class);
- DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
+ final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
certService._sslCertDao = Mockito.mock(SslCertDao.class);
when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
//creating the command
- UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
- Class<?> _class = uploadCmd.getClass().getSuperclass();
+ final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
+ final Class<?> _class = uploadCmd.getClass().getSuperclass();
- Field certField = _class.getDeclaredField("cert");
+ final Field certField = _class.getDeclaredField("cert");
certField.setAccessible(true);
certField.set(uploadCmd, cert);
- Field keyField = _class.getDeclaredField("key");
+ final Field keyField = _class.getDeclaredField("key");
keyField.setAccessible(true);
keyField.set(uploadCmd, key);
- Field passField = _class.getDeclaredField("password");
+ final Field passField = _class.getDeclaredField("password");
passField.setAccessible(true);
passField.set(uploadCmd, password);
@@ -398,41 +398,41 @@ public class CertServiceTest {
@Test
public void runUploadSslCertBadkeyPair() throws IOException, IllegalAccessException, NoSuchFieldException {
// Reading appropritate files
- String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.crt").getFile(),Charset.defaultCharset().name());
- String keyFile = URLDecoder.decode(getClass().getResource("/certs/non_root.key").getFile(),Charset.defaultCharset().name());
+ final String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.crt").getFile(),Charset.defaultCharset().name());
+ final String keyFile = URLDecoder.decode(getClass().getResource("/certs/non_root.key").getFile(),Charset.defaultCharset().name());
- String cert = readFileToString(new File(certFile));
- String key = readFileToString(new File(keyFile));
+ final String cert = readFileToString(new File(certFile));
+ final String key = readFileToString(new File(keyFile));
- CertServiceImpl certService = new CertServiceImpl();
+ final CertServiceImpl certService = new CertServiceImpl();
//setting mock objects
certService._accountMgr = Mockito.mock(AccountManager.class);
- Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
+ final Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
certService._domainDao = Mockito.mock(DomainDao.class);
- DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
+ final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
certService._sslCertDao = Mockito.mock(SslCertDao.class);
when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
//creating the command
- UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
- Class<?> _class = uploadCmd.getClass().getSuperclass();
+ final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
+ final Class<?> _class = uploadCmd.getClass().getSuperclass();
- Field certField = _class.getDeclaredField("cert");
+ final Field certField = _class.getDeclaredField("cert");
certField.setAccessible(true);
certField.set(uploadCmd, cert);
- Field keyField = _class.getDeclaredField("key");
+ final Field keyField = _class.getDeclaredField("key");
keyField.setAccessible(true);
keyField.set(uploadCmd, key);
try {
certService.uploadSslCert(uploadCmd);
- } catch (Exception e) {
+ } catch (final Exception e) {
assertTrue(e.getMessage().contains("Bad public-private key"));
}
}
@@ -441,35 +441,35 @@ public class CertServiceTest {
public void runUploadSslCertBadkeyAlgo() throws IOException, IllegalAccessException, NoSuchFieldException {
// Reading appropritate files
- String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.crt").getFile(),Charset.defaultCharset().name());
- String keyFile = URLDecoder.decode(getClass().getResource("/certs/dsa_self_signed.key").getFile(),Charset.defaultCharset().name());
+ final String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.crt").getFile(),Charset.defaultCharset().name());
+ final String keyFile = URLDecoder.decode(getClass().getResource("/certs/dsa_self_signed.key").getFile(),Charset.defaultCharset().name());
- String cert = readFileToString(new File(certFile));
- String key = readFileToString(new File(keyFile));
+ final String cert = readFileToString(new File(certFile));
+ final String key = readFileToString(new File(keyFile));
- CertServiceImpl certService = new CertServiceImpl();
+ final CertServiceImpl certService = new CertServiceImpl();
//setting mock objects
certService._accountMgr = Mockito.mock(AccountManager.class);
- Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
+ final Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
certService._domainDao = Mockito.mock(DomainDao.class);
- DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
+ final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
certService._sslCertDao = Mockito.mock(SslCertDao.class);
when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
//creating the command
- UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
- Class<?> _class = uploadCmd.getClass().getSuperclass();
+ final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
+ final Class<?> _class = uploadCmd.getClass().getSuperclass();
- Field certField = _class.getDeclaredField("cert");
+ final Field certField = _class.getDeclaredField("cert");
certField.setAccessible(true);
certField.set(uploadCmd, cert);
- Field keyField = _class.getDeclaredField("key");
+ final Field keyField = _class.getDeclaredField("key");
keyField.setAccessible(true);
keyField.set(uploadCmd, key);
@@ -486,42 +486,42 @@ public class CertServiceTest {
public void runUploadSslCertExpiredCert() throws IOException, IllegalAccessException, NoSuchFieldException {
// Reading appropritate files
- String certFile = URLDecoder.decode(getClass().getResource("/certs/expired_cert.crt").getFile(),Charset.defaultCharset().name());
- String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.key").getFile(),Charset.defaultCharset().name());
+ final String certFile = URLDecoder.decode(getClass().getResource("/certs/expired_cert.crt").getFile(),Charset.defaultCharset().name());
+ final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.key").getFile(),Charset.defaultCharset().name());
- String cert = readFileToString(new File(certFile));
- String key = readFileToString(new File(keyFile));
+ final String cert = readFileToString(new File(certFile));
+ final String key = readFileToString(new File(keyFile));
- CertServiceImpl certService = new CertServiceImpl();
+ final CertServiceImpl certService = new CertServiceImpl();
//setting mock objects
certService._accountMgr = Mockito.mock(AccountManager.class);
- Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
+ final Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
certService._domainDao = Mockito.mock(DomainDao.class);
- DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
+ final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
certService._sslCertDao = Mockito.mock(SslCertDao.class);
when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
//creating the command
- UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
- Class<?> _class = uploadCmd.getClass().getSuperclass();
+ final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
+ final Class<?> _class = uploadCmd.getClass().getSuperclass();
- Field certField = _class.getDeclaredField("cert");
+ final Field certField = _class.getDeclaredField("cert");
certField.setAccessible(true);
certField.set(uploadCmd, cert);
- Field keyField = _class.getDeclaredField("key");
+ final Field keyField = _class.getDeclaredField("key");
keyField.setAccessible(true);
keyField.set(uploadCmd, key);
try {
certService.uploadSslCert(uploadCmd);
fail("Given an expired certificate, upload should fail");
- } catch (Exception e) {
+ } catch (final Exception e) {
assertTrue(e.getMessage().contains("Certificate expired"));
}
}
@@ -529,42 +529,42 @@ public class CertServiceTest {
@Test
public void runUploadSslCertNotX509() throws IOException, IllegalAccessException, NoSuchFieldException {
// Reading appropritate files
- String certFile = URLDecoder.decode(getClass().getResource("/certs/non_x509_pem.crt").getFile(),Charset.defaultCharset().name());
- String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.key").getFile(),Charset.defaultCharset().name());
+ final String certFile = URLDecoder.decode(getClass().getResource("/certs/non_x509_pem.crt").getFile(),Charset.defaultCharset().name());
+ final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.key").getFile(),Charset.defaultCharset().name());
- String cert = readFileToString(new File(certFile));
- String key = readFileToString(new File(keyFile));
+ final String cert = readFileToString(new File(certFile));
+ final String key = readFileToString(new File(keyFile));
- CertServiceImpl certService = new CertServiceImpl();
+ final CertServiceImpl certService = new CertServiceImpl();
//setting mock objects
certService._accountMgr = Mockito.mock(AccountManager.class);
- Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
+ final Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
certService._domainDao = Mockito.mock(DomainDao.class);
- DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
+ final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
certService._sslCertDao = Mockito.mock(SslCertDao.class);
when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
//creating the command
- UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
- Class<?> _class = uploadCmd.getClass().getSuperclass();
+ final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
+ final Class<?> _class = uploadCmd.getClass().getSuperclass();
- Field certField = _class.getDeclaredField("cert");
+ final Field certField = _class.getDeclaredField("cert");
certField.setAccessible(true);
certField.set(uploadCmd, cert);
- Field keyField = _class.getDeclaredField("key");
+ final Field keyField = _class.getDeclaredField("key");
keyField.setAccessible(true);
keyField.set(uploadCmd, key);
try {
certService.uploadSslCert(uploadCmd);
fail("Given a Certificate which is not X509, upload should fail");
- } catch (Exception e) {
+ } catch (final Exception e) {
assertTrue(e.getMessage().contains("Expected X509 certificate"));
}
}
@@ -573,35 +573,35 @@ public class CertServiceTest {
public void runUploadSslCertBadFormat() throws IOException, IllegalAccessException, NoSuchFieldException {
// Reading appropritate files
- String certFile = URLDecoder.decode(getClass().getResource("/certs/bad_format_cert.crt").getFile(),Charset.defaultCharset().name());
- String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.key").getFile(),Charset.defaultCharset().name());
+ final String certFile = URLDecoder.decode(getClass().getResource("/certs/bad_format_cert.crt").getFile(),Charset.defaultCharset().name());
+ final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.key").getFile(),Charset.defaultCharset().name());
- String cert = readFileToString(new File(certFile));
- String key = readFileToString(new File(keyFile));
+ final String cert = readFileToString(new File(certFile));
+ final String key = readFileToString(new File(keyFile));
- CertServiceImpl certService = new CertServiceImpl();
+ final CertServiceImpl certService = new CertServiceImpl();
//setting mock objects
certService._accountMgr = Mockito.mock(AccountManager.class);
- Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
+ final Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
certService._domainDao = Mockito.mock(DomainDao.class);
- DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
+ final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
certService._sslCertDao = Mockito.mock(SslCertDao.class);
when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
//creating the command
- UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
- Class<?> _class = uploadCmd.getClass().getSuperclass();
+ final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
+ final Class<?> _class = uploadCmd.getClass().getSuperclass();
- Field certField = _class.getDeclaredField("cert");
+ final Field certField = _class.getDeclaredField("cert");
certField.setAccessible(true);
certField.set(uploadCmd, cert);
- Field keyField = _class.getDeclaredField("key");
+ final Field keyField = _class.getDeclaredField("key");
keyField.setAccessible(true);
keyField.set(uploadCmd, key);
@@ -620,18 +620,18 @@ public class CertServiceTest {
*/
public void runDeleteSslCertValid() throws Exception {
- TransactionLegacy txn = TransactionLegacy.open("runDeleteSslCertValid");
+ TransactionLegacy.open("runDeleteSslCertValid");
- CertServiceImpl certService = new CertServiceImpl();
- long certId = 1;
+ final CertServiceImpl certService = new CertServiceImpl();
+ final long certId = 1;
//setting mock objects
certService._accountMgr = Mockito.mock(AccountManager.class);
- Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
+ final Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
certService._domainDao = Mockito.mock(DomainDao.class);
- DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
+ final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
certService._sslCertDao = Mockito.mock(SslCertDao.class);
@@ -644,10 +644,10 @@ public class CertServiceTest {
when(certService._lbCertDao.listByCertId(anyLong())).thenReturn(null);
//creating the command
- DeleteSslCertCmd deleteCmd = new DeleteSslCertCmdExtn();
- Class<?> _class = deleteCmd.getClass().getSuperclass();
+ final DeleteSslCertCmd deleteCmd = new DeleteSslCertCmdExtn();
+ final Class<?> _class = deleteCmd.getClass().getSuperclass();
- Field certField = _class.getDeclaredField("id");
+ final Field certField = _class.getDeclaredField("id");
certField.setAccessible(true);
certField.set(deleteCmd, certId);
@@ -657,19 +657,19 @@ public class CertServiceTest {
@Test
public void runDeleteSslCertBoundCert() throws NoSuchFieldException, IllegalAccessException {
- TransactionLegacy txn = TransactionLegacy.open("runDeleteSslCertBoundCert");
+ TransactionLegacy.open("runDeleteSslCertBoundCert");
- CertServiceImpl certService = new CertServiceImpl();
+ final CertServiceImpl certService = new CertServiceImpl();
//setting mock objects
- long certId = 1;
+ final long certId = 1;
certService._accountMgr = Mockito.mock(AccountManager.class);
- Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
+ final Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
certService._domainDao = Mockito.mock(DomainDao.class);
- DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
+ final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
certService._sslCertDao = Mockito.mock(SslCertDao.class);
@@ -679,7 +679,7 @@ public class CertServiceTest {
// rule holding the cert
certService._lbCertDao = Mockito.mock(LoadBalancerCertMapDao.class);
- List<LoadBalancerCertMapVO> lbMapList = new ArrayList<LoadBalancerCertMapVO>();
+ final List<LoadBalancerCertMapVO> lbMapList = new ArrayList<LoadBalancerCertMapVO>();
lbMapList.add(new LoadBalancerCertMapVO());
certService._lbCertDao = Mockito.mock(LoadBalancerCertMapDao.class);
@@ -689,17 +689,17 @@ public class CertServiceTest {
when(certService._entityMgr.findById(eq(LoadBalancerVO.class), anyLong())).thenReturn(new LoadBalancerVO());
//creating the command
- DeleteSslCertCmd deleteCmd = new DeleteSslCertCmdExtn();
- Class<?> _class = deleteCmd.getClass().getSuperclass();
+ final DeleteSslCertCmd deleteCmd = new DeleteSslCertCmdExtn();
+ final Class<?> _class = deleteCmd.getClass().getSuperclass();
- Field certField = _class.getDeclaredField("id");
+ final Field certField = _class.getDeclaredField("id");
certField.setAccessible(true);
certField.set(deleteCmd, certId);
try {
certService.deleteSslCert(deleteCmd);
fail("Delete with a cert id bound to a lb should fail");
- } catch (Exception e) {
+ } catch (final Exception e) {
assertTrue(e.getMessage().contains("Certificate in use by a loadbalancer"));
}
@@ -707,17 +707,17 @@ public class CertServiceTest {
@Test
public void runDeleteSslCertInvalidId() throws NoSuchFieldException, IllegalAccessException {
- TransactionLegacy txn = TransactionLegacy.open("runDeleteSslCertInvalidId");
+ TransactionLegacy.open("runDeleteSslCertInvalidId");
- long certId = 1;
- CertServiceImpl certService = new CertServiceImpl();
+ final long certId = 1;
+ final CertServiceImpl certService = new CertServiceImpl();
certService._accountMgr = Mockito.mock(AccountManager.class);
- Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
+ final Account account = new AccountVO("testaccount", 1, "networkdomain", (short)0, UUID.randomUUID().toString());
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
certService._domainDao = Mockito.mock(DomainDao.class);
- DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
+ final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
certService._sslCertDao = Mockito.mock(SslCertDao.class);
@@ -729,17 +729,17 @@ public class CertServiceTest {
when(certService._lbCertDao.listByCertId(anyLong())).thenReturn(null);
//creating the command
- DeleteSslCertCmd deleteCmd = new DeleteSslCertCmdExtn();
- Class<?> _class = deleteCmd.getClass().getSuperclass();
+ final DeleteSslCertCmd deleteCmd = new DeleteSslCertCmdExtn();
+ final Class<?> _class = deleteCmd.getClass().getSuperclass();
- Field certField = _class.getDeclaredField("id");
+ final Field certField = _class.getDeclaredField("id");
certField.setAccessible(true);
certField.set(deleteCmd, certId);
try {
certService.deleteSslCert(deleteCmd);
fail("Delete with an invalid ID should fail");
- } catch (Exception e) {
+ } catch (final Exception e) {
assertTrue(e.getMessage().contains("Invalid certificate id"));
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d8c42a91/utils/src/main/java/com/cloud/utils/security/CertificateHelper.java
----------------------------------------------------------------------
diff --git a/utils/src/main/java/com/cloud/utils/security/CertificateHelper.java b/utils/src/main/java/com/cloud/utils/security/CertificateHelper.java
index 2426500..ee7c438 100644
--- a/utils/src/main/java/com/cloud/utils/security/CertificateHelper.java
+++ b/utils/src/main/java/com/cloud/utils/security/CertificateHelper.java
@@ -50,30 +50,30 @@ import com.cloud.utils.Ternary;
import com.cloud.utils.exception.CloudRuntimeException;
public class CertificateHelper {
- public static byte[] buildAndSaveKeystore(String alias, String cert, String privateKey, String storePassword) throws KeyStoreException, CertificateException,
- NoSuchAlgorithmException, InvalidKeySpecException, IOException {
- KeyStore ks = buildKeystore(alias, cert, privateKey, storePassword);
+ public static byte[] buildAndSaveKeystore(final String alias, final String cert, final String privateKey, final String storePassword) throws KeyStoreException, CertificateException,
+ NoSuchAlgorithmException, InvalidKeySpecException, IOException {
+ final KeyStore ks = buildKeystore(alias, cert, privateKey, storePassword);
- ByteArrayOutputStream os = new ByteArrayOutputStream();
+ final ByteArrayOutputStream os = new ByteArrayOutputStream();
ks.store(os, storePassword != null ? storePassword.toCharArray() : null);
os.close();
return os.toByteArray();
}
- public static byte[] buildAndSaveKeystore(List<Ternary<String, String, String>> certs, String storePassword) throws KeyStoreException, NoSuchAlgorithmException,
- CertificateException, IOException, InvalidKeySpecException {
- KeyStore ks = KeyStore.getInstance("JKS");
+ public static byte[] buildAndSaveKeystore(final List<Ternary<String, String, String>> certs, final String storePassword) throws KeyStoreException, NoSuchAlgorithmException,
+ CertificateException, IOException, InvalidKeySpecException {
+ final KeyStore ks = KeyStore.getInstance("JKS");
ks.load(null, storePassword != null ? storePassword.toCharArray() : null);
//name,cert,key
- for (Ternary<String, String, String> cert : certs) {
+ for (final Ternary<String, String, String> cert : certs) {
if (cert.third() == null) {
- Certificate c = buildCertificate(cert.second());
+ final Certificate c = buildCertificate(cert.second());
ks.setCertificateEntry(cert.first(), c);
} else {
- Certificate[] c = new Certificate[certs.size()];
+ final Certificate[] c = new Certificate[certs.size()];
int i = certs.size();
- for (Ternary<String, String, String> ct : certs) {
+ for (final Ternary<String, String, String> ct : certs) {
c[i - 1] = buildCertificate(ct.second());
i--;
}
@@ -81,46 +81,46 @@ public class CertificateHelper {
}
}
- ByteArrayOutputStream os = new ByteArrayOutputStream();
+ final ByteArrayOutputStream os = new ByteArrayOutputStream();
ks.store(os, storePassword != null ? storePassword.toCharArray() : null);
os.close();
return os.toByteArray();
}
- public static KeyStore loadKeystore(byte[] ksData, String storePassword) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
- assert (ksData != null);
- KeyStore ks = KeyStore.getInstance("JKS");
+ public static KeyStore loadKeystore(final byte[] ksData, final String storePassword) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
+ assert ksData != null;
+ final KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new ByteArrayInputStream(ksData), storePassword != null ? storePassword.toCharArray() : null);
return ks;
}
- public static KeyStore buildKeystore(String alias, String cert, String privateKey, String storePassword) throws KeyStoreException, CertificateException,
- NoSuchAlgorithmException, InvalidKeySpecException, IOException {
+ public static KeyStore buildKeystore(final String alias, final String cert, final String privateKey, final String storePassword) throws KeyStoreException, CertificateException,
+ NoSuchAlgorithmException, InvalidKeySpecException, IOException {
- KeyStore ks = KeyStore.getInstance("JKS");
+ final KeyStore ks = KeyStore.getInstance("JKS");
ks.load(null, storePassword != null ? storePassword.toCharArray() : null);
- Certificate[] certs = new Certificate[1];
+ final Certificate[] certs = new Certificate[1];
certs[0] = buildCertificate(cert);
ks.setKeyEntry(alias, buildPrivateKey(privateKey), storePassword != null ? storePassword.toCharArray() : null, certs);
return ks;
}
- public static Certificate buildCertificate(String content) throws CertificateException {
- assert (content != null);
+ public static Certificate buildCertificate(final String content) throws CertificateException {
+ assert content != null;
- BufferedInputStream bis = new BufferedInputStream(new ByteArrayInputStream(content.getBytes()));
- CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ final BufferedInputStream bis = new BufferedInputStream(new ByteArrayInputStream(content.getBytes()));
+ final CertificateFactory cf = CertificateFactory.getInstance("X.509");
return cf.generateCertificate(bis);
}
- public static Key buildPrivateKey(String base64EncodedKeyContent) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
- KeyFactory kf = KeyFactory.getInstance("RSA");
- PKCS8EncodedKeySpec keysp = new PKCS8EncodedKeySpec(Base64.decodeBase64(base64EncodedKeyContent));
+ public static Key buildPrivateKey(final String base64EncodedKeyContent) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
+ final KeyFactory kf = KeyFactory.getInstance("RSA");
+ final PKCS8EncodedKeySpec keysp = new PKCS8EncodedKeySpec(Base64.decodeBase64(base64EncodedKeyContent));
return kf.generatePrivate(keysp);
}
- public static List<Certificate> parseChain(String chain) throws IOException, CertificateException {
+ public static List<Certificate> parseChain(final String chain) throws IOException, CertificateException {
final List<Certificate> certs = new ArrayList<Certificate>();
try(final PemReader pemReader = new PemReader(new StringReader(chain));)
@@ -130,8 +130,8 @@ public class CertificateHelper {
final ByteArrayInputStream bais = new ByteArrayInputStream(pemObject.getContent());
final CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
- Collection<? extends Certificate> c = certificateFactory.generateCertificates(bais);
- Iterator<? extends Certificate> i = c.iterator();
+ final Collection<? extends Certificate> c = certificateFactory.generateCertificates(bais);
+ final Iterator<? extends Certificate> i = c.iterator();
while (i.hasNext()) {
cert = i.next();
if (cert instanceof X509Certificate) {
@@ -149,15 +149,15 @@ public class CertificateHelper {
return certs;
}
- public static String generateFingerPrint(Certificate cert) {
+ public static String generateFingerPrint(final Certificate cert) {
final char[] HEX = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
- StringBuilder buffer = new StringBuilder(60);
+ final StringBuilder buffer = new StringBuilder(60);
try {
- MessageDigest md = MessageDigest.getInstance("SHA-1");
- byte[] data = md.digest(cert.getEncoded());
+ final MessageDigest md = MessageDigest.getInstance("SHA-1");
+ final byte[] data = md.digest(cert.getEncoded());
for (final byte element : data) {
if (buffer.length() > 0) {
|