From c1a311487cfbb7482f214e9428819281293df404 Mon Sep 17 00:00:00 2001 From: marcos-albornoz Date: Tue, 1 Mar 2022 14:42:46 -0600 Subject: [PATCH] Avoiding duplicated code between CloudKeyPairsEnums and TPPKeyPairsEnums --- .../vcert/sdk/features/SupportedECCKeys.java | 37 ++++++++ .../vcert/sdk/features/SupportedKeyPairs.java | 45 +++++++++ .../sdk/features/SupportedRSAKeySizes.java | 38 ++++++++ .../converter/cloud/CloudKeyPairEnums.java | 67 ------------- .../CloudPolicySpecificationValidator.java | 10 +- .../policy/converter/tpp/TPPKeyPairEnums.java | 95 ------------------- .../tpp/TPPPolicySpecificationValidator.java | 15 +-- 7 files changed, 135 insertions(+), 172 deletions(-) create mode 100644 src/main/java/com/venafi/vcert/sdk/features/SupportedECCKeys.java create mode 100644 src/main/java/com/venafi/vcert/sdk/features/SupportedKeyPairs.java create mode 100644 src/main/java/com/venafi/vcert/sdk/features/SupportedRSAKeySizes.java delete mode 100644 src/main/java/com/venafi/vcert/sdk/policy/converter/cloud/CloudKeyPairEnums.java delete mode 100644 src/main/java/com/venafi/vcert/sdk/policy/converter/tpp/TPPKeyPairEnums.java diff --git a/src/main/java/com/venafi/vcert/sdk/features/SupportedECCKeys.java b/src/main/java/com/venafi/vcert/sdk/features/SupportedECCKeys.java new file mode 100644 index 0000000..1eb18d2 --- /dev/null +++ b/src/main/java/com/venafi/vcert/sdk/features/SupportedECCKeys.java @@ -0,0 +1,37 @@ +package com.venafi.vcert.sdk.features; + +import com.venafi.vcert.sdk.certificate.EllipticCurve; + +import java.util.List; +import java.util.Map; +import java.util.function.Function; +import java.util.stream.Collectors; + +public class SupportedECCKeys { + + public static final SupportedECCKeys TPP = new SupportedECCKeys(List.of(EllipticCurve.EllipticCurveP256, EllipticCurve.EllipticCurveP384, EllipticCurve.EllipticCurveP521)); + + private Map ellipticCurveMap; + + public SupportedECCKeys(List ellipticCurves) { + ellipticCurveMap = ellipticCurves.stream().collect(Collectors.toMap(EllipticCurve::value, Function.identity())); + } + + public boolean containsEllipticCurves(String[] curves){ + + for (String curve : curves) { + if(!containsEllipticCurve(curve)) + return false; + } + + return true; + } + + public boolean containsEllipticCurve(String value){ + return ellipticCurveMap.containsKey(value); + } + + public EllipticCurve getEllipticCurve(String value){ + return ellipticCurveMap.get(value); + } +} diff --git a/src/main/java/com/venafi/vcert/sdk/features/SupportedKeyPairs.java b/src/main/java/com/venafi/vcert/sdk/features/SupportedKeyPairs.java new file mode 100644 index 0000000..d9e7cdc --- /dev/null +++ b/src/main/java/com/venafi/vcert/sdk/features/SupportedKeyPairs.java @@ -0,0 +1,45 @@ +package com.venafi.vcert.sdk.features; + +import com.venafi.vcert.sdk.certificate.KeyType; + +import java.util.List; +import java.util.Map; +import java.util.function.Function; +import java.util.stream.Collectors; + +public class SupportedKeyPairs { + + public static final SupportedKeyPairs TPP = new SupportedKeyPairs(List.of(KeyType.RSA, KeyType.ECDSA)); + public static final SupportedKeyPairs VAAS = new SupportedKeyPairs(List.of(KeyType.RSA)); + + private Map keyTypeMap; + + public SupportedKeyPairs(List keyTypes) { + keyTypeMap = keyTypes.stream().collect(Collectors.toMap(KeyType::value, Function.identity())); + } + + public boolean containsKeyTypes(String[] types){ + + for (String type : types) { + if(!containsKeyType(type)) + return false; + } + + return true; + } + + public boolean containsKeyType(String value){ + KeyType keyType = null; + try { + keyType = KeyType.from(value); + } catch (IllegalArgumentException e){ + return false; + } + + return keyTypeMap.containsKey(keyType.value()); + } + + public KeyType getKeyType(String value){ + return keyTypeMap.get(KeyType.from(value).value()); + } +} diff --git a/src/main/java/com/venafi/vcert/sdk/features/SupportedRSAKeySizes.java b/src/main/java/com/venafi/vcert/sdk/features/SupportedRSAKeySizes.java new file mode 100644 index 0000000..80015a4 --- /dev/null +++ b/src/main/java/com/venafi/vcert/sdk/features/SupportedRSAKeySizes.java @@ -0,0 +1,38 @@ +package com.venafi.vcert.sdk.features; + +import com.venafi.vcert.sdk.certificate.KeySize; + +import java.util.List; +import java.util.Map; +import java.util.function.Function; +import java.util.stream.Collectors; + +public class SupportedRSAKeySizes { + + public static final SupportedRSAKeySizes TPP = new SupportedRSAKeySizes(List.of(KeySize.KS512, KeySize.KS1024, KeySize.KS2048, KeySize.KS3072, KeySize.KS4096)); + public static final SupportedRSAKeySizes VAAS = new SupportedRSAKeySizes(List.of(KeySize.KS1024, KeySize.KS2048, KeySize.KS4096)); + + private Map rsaKeySizeMap; + + public SupportedRSAKeySizes(List keySizes) { + rsaKeySizeMap = keySizes.stream().collect(Collectors.toMap(KeySize::value, Function.identity())); + } + + public boolean containsRsaKeySizes(Integer[] sizes){ + + for (int size : sizes) { + if(!containsRsaKeySize(size)) + return false; + } + + return true; + } + + public boolean containsRsaKeySize(int value){ + return rsaKeySizeMap.containsKey(value); + } + + public KeySize getRsaKeySize(int value){ + return rsaKeySizeMap.get(value); + } +} diff --git a/src/main/java/com/venafi/vcert/sdk/policy/converter/cloud/CloudKeyPairEnums.java b/src/main/java/com/venafi/vcert/sdk/policy/converter/cloud/CloudKeyPairEnums.java deleted file mode 100644 index d60118c..0000000 --- a/src/main/java/com/venafi/vcert/sdk/policy/converter/cloud/CloudKeyPairEnums.java +++ /dev/null @@ -1,67 +0,0 @@ -package com.venafi.vcert.sdk.policy.converter.cloud; - -import com.venafi.vcert.sdk.certificate.KeySize; -import com.venafi.vcert.sdk.certificate.KeyType; - -import java.util.HashMap; -import java.util.Map; - -public class CloudKeyPairEnums { - - private static Map keyTypeMap = new HashMap(); - private static Map rsaKeySizeMap = new HashMap(); - - static { - keyTypeMap.put(KeyType.RSA.value(), KeyType.RSA); - } - - static { - rsaKeySizeMap.put(KeySize.KS1024.value(), KeySize.KS1024); - rsaKeySizeMap.put(KeySize.KS2048.value(), KeySize.KS2048); - rsaKeySizeMap.put(KeySize.KS4096.value(), KeySize.KS4096); - } - - public static boolean containsKeyTypes(String[] types){ - - for (String type : types) { - if(!containsKeyType(type)) - return false; - } - - return true; - } - - public static boolean containsKeyType(String value){ - KeyType keyType = null; - try { - keyType = KeyType.from(value); - } catch (IllegalArgumentException e){ - return false; - } - - return keyTypeMap.containsKey(keyType.value()); - } - - public static KeyType getKeyType(String value){ - return keyTypeMap.get(KeyType.from(value).value()); - } - - public static boolean containsRsaKeySizes(Integer[] sizes){ - - for (int size : sizes) { - if(!containsRsaKeySize(size)) - return false; - } - - return true; - } - - public static boolean containsRsaKeySize(int value){ - return rsaKeySizeMap.containsKey(value); - } - - public static KeySize getRsaKeySize(int value){ - return rsaKeySizeMap.get(value); - } - -} diff --git a/src/main/java/com/venafi/vcert/sdk/policy/converter/cloud/CloudPolicySpecificationValidator.java b/src/main/java/com/venafi/vcert/sdk/policy/converter/cloud/CloudPolicySpecificationValidator.java index 3621e53..3dcffe4 100644 --- a/src/main/java/com/venafi/vcert/sdk/policy/converter/cloud/CloudPolicySpecificationValidator.java +++ b/src/main/java/com/venafi/vcert/sdk/policy/converter/cloud/CloudPolicySpecificationValidator.java @@ -1,6 +1,8 @@ package com.venafi.vcert.sdk.policy.converter.cloud; import com.venafi.vcert.sdk.VCertException; +import com.venafi.vcert.sdk.features.SupportedKeyPairs; +import com.venafi.vcert.sdk.features.SupportedRSAKeySizes; import com.venafi.vcert.sdk.policy.domain.*; import com.venafi.vcert.sdk.policy.converter.IPolicySpecificationValidator; import org.apache.commons.lang3.StringUtils; @@ -91,13 +93,13 @@ private void validateKeyPair(KeyPair keyPair) throws VCertException { if(keyPair.keyTypes() != null) { int keyTypesLength = keyPair.keyTypes().length; - if (keyTypesLength > 0 && !CloudKeyPairEnums.containsKeyTypes(keyPair.keyTypes())) + if (keyTypesLength > 0 && !SupportedKeyPairs.VAAS.containsKeyTypes(keyPair.keyTypes())) throw new VCertException(String.format(ATTRIBUTE_DOESNT_MATCH_WITH_ACCEPTED_VALUES_EXCEPTION_MESSAGE, PolicySpecificationConst.ATT_POLICY_KEYPAIR_KEY_TYPES)); } //validate key bit strength if(keyPair.rsaKeySizes() != null) { - if (!CloudKeyPairEnums.containsRsaKeySizes(keyPair.rsaKeySizes())) + if (!SupportedRSAKeySizes.VAAS.containsRsaKeySizes(keyPair.rsaKeySizes())) throw new VCertException(String.format(ATTRIBUTE_DOESNT_MATCH_WITH_ACCEPTED_VALUES_EXCEPTION_MESSAGE, PolicySpecificationConst.ATT_POLICY_KEYPAIR_RSA_KEY_SIZES)); } } @@ -165,7 +167,7 @@ private void validateDefaultKeyPair(DefaultsKeyPair defaultsKeyPair, KeyPair pol String defaultKeyType = defaultsKeyPair.keyType(); if ( defaultKeyType != null && !defaultKeyType.equals("")) { - if(!CloudKeyPairEnums.containsKeyType( defaultKeyType )) + if(!SupportedKeyPairs.VAAS.containsKeyType( defaultKeyType )) throw new VCertException(String.format(DEFAULT_ATTRIBUTE_DOESNT_MATCH_WITH_ACCEPTED_VALUES_EXCEPTION_MESSAGE, PolicySpecificationConst.ATT_DEFAULTS_KEYPAIR_KEY_TYPE)); if(policyKeyPair != null) { @@ -177,7 +179,7 @@ private void validateDefaultKeyPair(DefaultsKeyPair defaultsKeyPair, KeyPair pol Integer defaultRsaKeySize = defaultsKeyPair.rsaKeySize(); if( defaultRsaKeySize != null ) { - if( !CloudKeyPairEnums.containsRsaKeySize( defaultRsaKeySize )) + if( !SupportedRSAKeySizes.VAAS.containsRsaKeySize( defaultRsaKeySize )) throw new VCertException(String.format(DEFAULT_ATTRIBUTE_DOESNT_MATCH_WITH_ACCEPTED_VALUES_EXCEPTION_MESSAGE, PolicySpecificationConst.ATT_DEFAULTS_KEYPAIR_RSA_KEY_SIZE)); if(policyKeyPair != null && !Arrays.stream(policyKeyPair.rsaKeySizes()).anyMatch(defaultRsaKeySize::equals)) diff --git a/src/main/java/com/venafi/vcert/sdk/policy/converter/tpp/TPPKeyPairEnums.java b/src/main/java/com/venafi/vcert/sdk/policy/converter/tpp/TPPKeyPairEnums.java deleted file mode 100644 index 88ab722..0000000 --- a/src/main/java/com/venafi/vcert/sdk/policy/converter/tpp/TPPKeyPairEnums.java +++ /dev/null @@ -1,95 +0,0 @@ -package com.venafi.vcert.sdk.policy.converter.tpp; - -import com.venafi.vcert.sdk.certificate.EllipticCurve; -import com.venafi.vcert.sdk.certificate.KeyType; -import com.venafi.vcert.sdk.certificate.KeySize; - -import java.util.HashMap; -import java.util.Map; - -public class TPPKeyPairEnums { - - private static Map keyTypeMap = new HashMap(); - private static Map rsaKeySizeMap = new HashMap(); - private static Map ellipticCurveMap = new HashMap(); - - static { - keyTypeMap.put(KeyType.RSA.value(), KeyType.RSA); - keyTypeMap.put(KeyType.ECDSA.value(), KeyType.ECDSA); - } - - static { - rsaKeySizeMap.put(KeySize.KS512.value(), KeySize.KS512); - rsaKeySizeMap.put(KeySize.KS1024.value(), KeySize.KS1024); - rsaKeySizeMap.put(KeySize.KS2048.value(), KeySize.KS2048); - rsaKeySizeMap.put(KeySize.KS3072.value(), KeySize.KS3072); - rsaKeySizeMap.put(KeySize.KS4096.value(), KeySize.KS4096); - } - - static { - ellipticCurveMap.put(EllipticCurve.EllipticCurveP256.value(), EllipticCurve.EllipticCurveP256); - ellipticCurveMap.put(EllipticCurve.EllipticCurveP384.value(), EllipticCurve.EllipticCurveP384); - ellipticCurveMap.put(EllipticCurve.EllipticCurveP521.value(), EllipticCurve.EllipticCurveP521); - } - - public static boolean containsKeyTypes(String[] types){ - - for (String type : types) { - if(!containsKeyType(type)) - return false; - } - - return true; - } - - public static boolean containsKeyType(String value){ - KeyType keyType = null; - try { - keyType = KeyType.from(value); - } catch (IllegalArgumentException e){ - return false; - } - - return keyTypeMap.containsKey(keyType.value()); - } - - public static KeyType getKeyType(String value){ - return keyTypeMap.get(KeyType.from(value).value()); - } - - public static boolean containsRsaKeySizes(Integer[] sizes){ - - for (int size : sizes) { - if(!containsRsaKeySize(size)) - return false; - } - - return true; - } - - public static boolean containsRsaKeySize(int value){ - return rsaKeySizeMap.containsKey(value); - } - - public static KeySize getRsaKeySize(int value){ - return rsaKeySizeMap.get(value); - } - - public static boolean containsEllipticCurves(String[] curves){ - - for (String curve : curves) { - if(!containsEllipticCurve(curve)) - return false; - } - - return true; - } - - public static boolean containsEllipticCurve(String value){ - return ellipticCurveMap.containsKey(value); - } - - public static EllipticCurve getEllipticCurve(String value){ - return ellipticCurveMap.get(value); - } -} diff --git a/src/main/java/com/venafi/vcert/sdk/policy/converter/tpp/TPPPolicySpecificationValidator.java b/src/main/java/com/venafi/vcert/sdk/policy/converter/tpp/TPPPolicySpecificationValidator.java index 74736b0..0ba496a 100644 --- a/src/main/java/com/venafi/vcert/sdk/policy/converter/tpp/TPPPolicySpecificationValidator.java +++ b/src/main/java/com/venafi/vcert/sdk/policy/converter/tpp/TPPPolicySpecificationValidator.java @@ -1,6 +1,9 @@ package com.venafi.vcert.sdk.policy.converter.tpp; import com.venafi.vcert.sdk.VCertException; +import com.venafi.vcert.sdk.features.SupportedKeyPairs; +import com.venafi.vcert.sdk.features.SupportedRSAKeySizes; +import com.venafi.vcert.sdk.features.SupportedECCKeys; import com.venafi.vcert.sdk.policy.domain.*; import com.venafi.vcert.sdk.policy.converter.IPolicySpecificationValidator; @@ -68,7 +71,7 @@ private void validateKeyPair(KeyPair keyPair) throws VCertException { if (keyTypesLength > 1) throw new VCertException(String.format(ATTRIBUTE_HAS_MORE_THAN_ONE_VALUE_EXCEPTION_MESSAGE, PolicySpecificationConst.ATT_POLICY_KEYPAIR_KEY_TYPES)); - if (keyTypesLength == 1 && !TPPKeyPairEnums.containsKeyTypes(keyPair.keyTypes())) + if (keyTypesLength == 1 && !SupportedKeyPairs.TPP.containsKeyTypes(keyPair.keyTypes())) throw new VCertException(String.format(ATTRIBUTE_DOESNT_MATCH_WITH_ACCEPTED_VALUES_EXCEPTION_MESSAGE, PolicySpecificationConst.ATT_POLICY_KEYPAIR_KEY_TYPES)); } @@ -78,7 +81,7 @@ private void validateKeyPair(KeyPair keyPair) throws VCertException { if (rsaKeySizesLength > 1) throw new VCertException(String.format(ATTRIBUTE_HAS_MORE_THAN_ONE_VALUE_EXCEPTION_MESSAGE, PolicySpecificationConst.ATT_POLICY_KEYPAIR_RSA_KEY_SIZES)); - if (rsaKeySizesLength == 1 && !TPPKeyPairEnums.containsRsaKeySizes(keyPair.rsaKeySizes())) + if (rsaKeySizesLength == 1 && !SupportedRSAKeySizes.TPP.containsRsaKeySizes(keyPair.rsaKeySizes())) throw new VCertException(String.format(ATTRIBUTE_DOESNT_MATCH_WITH_ACCEPTED_VALUES_EXCEPTION_MESSAGE, PolicySpecificationConst.ATT_POLICY_KEYPAIR_RSA_KEY_SIZES)); } @@ -88,7 +91,7 @@ private void validateKeyPair(KeyPair keyPair) throws VCertException { if (ecLength > 1) throw new VCertException(String.format(ATTRIBUTE_HAS_MORE_THAN_ONE_VALUE_EXCEPTION_MESSAGE, PolicySpecificationConst.ATT_POLICY_KEYPAIR_ELLIPTIC_CURVES)); - if (ecLength == 1 && !TPPKeyPairEnums.containsEllipticCurves(keyPair.ellipticCurves())) + if (ecLength == 1 && !SupportedECCKeys.TPP.containsEllipticCurves(keyPair.ellipticCurves())) throw new VCertException(String.format(ATTRIBUTE_DOESNT_MATCH_WITH_ACCEPTED_VALUES_EXCEPTION_MESSAGE, PolicySpecificationConst.ATT_POLICY_KEYPAIR_ELLIPTIC_CURVES)); } } @@ -138,7 +141,7 @@ private void validateDefaultKeyPair(DefaultsKeyPair defaultsKeyPair, KeyPair pol String defaultKeyType = defaultsKeyPair.keyType(); if ( defaultKeyType != null && !defaultKeyType.equals("")) { - if(!TPPKeyPairEnums.containsKeyType( defaultKeyType )) + if(!SupportedKeyPairs.TPP.containsKeyType( defaultKeyType )) throw new VCertException(String.format(DEFAULT_ATTRIBUTE_DOESNT_MATCH_WITH_ACCEPTED_VALUES_EXCEPTION_MESSAGE, PolicySpecificationConst.ATT_DEFAULTS_KEYPAIR_KEY_TYPE)); if(policyKeyPair != null) { @@ -150,7 +153,7 @@ private void validateDefaultKeyPair(DefaultsKeyPair defaultsKeyPair, KeyPair pol Integer defaultRsaKeySize = defaultsKeyPair.rsaKeySize(); if( defaultRsaKeySize != null ) { - if( !TPPKeyPairEnums.containsRsaKeySize( defaultRsaKeySize )) + if( !SupportedRSAKeySizes.TPP.containsRsaKeySize( defaultRsaKeySize )) throw new VCertException(String.format(DEFAULT_ATTRIBUTE_DOESNT_MATCH_WITH_ACCEPTED_VALUES_EXCEPTION_MESSAGE, PolicySpecificationConst.ATT_DEFAULTS_KEYPAIR_RSA_KEY_SIZE)); if(policyKeyPair != null) { @@ -162,7 +165,7 @@ private void validateDefaultKeyPair(DefaultsKeyPair defaultsKeyPair, KeyPair pol String defaultEC = defaultsKeyPair.ellipticCurve(); if ( defaultEC != null && !defaultEC.equals("")){ - if ( !TPPKeyPairEnums.containsEllipticCurve( defaultEC ) ) + if ( !SupportedECCKeys.TPP.containsEllipticCurve( defaultEC ) ) throw new VCertException(String.format(DEFAULT_ATTRIBUTE_DOESNT_MATCH_WITH_ACCEPTED_VALUES_EXCEPTION_MESSAGE, PolicySpecificationConst.ATT_DEFAULTS_KEYPAIR_ELLIPTIC_CURVE)); if(policyKeyPair != null) {