Mark.TwoFive/home-cert-assistant
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Wiki Activity Actions

chore: Apply spotless formatting

Browse source
This commit is contained in:
Magnus Leßmann (@MarkL4YG) 2025-04-20 15:41:16 +02:00
parent b27623db26
commit 4b863fec42
Signed by: Mark.TwoFive
GPG key ID: E906A79D91006ECD
6 changed files with 85 additions and 81 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
src/main/java/de/mlessmann/certassist/models/Certificate.java
View file

@ -3,13 +3,12 @@ package de.mlessmann.certassist.models;
import jakarta.persistence.*;
import jakarta.validation.constraints.Min;
import jakarta.validation.constraints.NotNull;
import lombok.*;
import org.hibernate.proxy.HibernateProxy;
import java.time.OffsetDateTime;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import lombok.*;
import org.hibernate.proxy.HibernateProxy;
@Entity
@Table(uniqueConstraints = { @UniqueConstraint(columnNames = { "fingerprint" }) })
@ -69,8 +68,12 @@ public class Certificate {
public final boolean equals(Object o) {
if (this == o) return true;
if (o == null) return false;
Class<?> oEffectiveClass = o instanceof HibernateProxy ? ((HibernateProxy) o).getHibernateLazyInitializer().getPersistentClass() : o.getClass();
Class<?> thisEffectiveClass = this instanceof HibernateProxy ? ((HibernateProxy) this).getHibernateLazyInitializer().getPersistentClass() : this.getClass();
Class<?> oEffectiveClass = o instanceof HibernateProxy
? ((HibernateProxy) o).getHibernateLazyInitializer().getPersistentClass()
: o.getClass();
Class<?> thisEffectiveClass = this instanceof HibernateProxy
? ((HibernateProxy) this).getHibernateLazyInitializer().getPersistentClass()
: this.getClass();
if (thisEffectiveClass != oEffectiveClass) return false;
Certificate that = (Certificate) o;
return getId() != null && Objects.equals(getId(), that.getId());
@ -78,6 +81,8 @@ public class Certificate {
@Override
public final int hashCode() {
return this instanceof HibernateProxy ? ((HibernateProxy) this).getHibernateLazyInitializer().getPersistentClass().hashCode() : getClass().hashCode();
return this instanceof HibernateProxy
? ((HibernateProxy) this).getHibernateLazyInitializer().getPersistentClass().hashCode()
: getClass().hashCode();
}
}

32
src/main/java/de/mlessmann/certassist/openssl/OpenSSLService.java
View file

@ -23,11 +23,9 @@ import java.nio.file.Path;
import java.nio.file.StandardOpenOption;
import java.security.cert.X509Certificate;
import java.time.OffsetDateTime;
import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
import java.time.format.DateTimeFormatterBuilder;
import java.time.temporal.ChronoField;
import java.time.temporal.IsoFields;
import java.util.*;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeoutException;
@ -72,20 +70,20 @@ public class OpenSSLService {
"^(?<algo>[0-9a-zA-Z]+) (?i)Fingerprint(?-i)=(?<finger>[a-z:A-Z0-9]+)"
);
private final DateTimeFormatter OSSL_DATE_TIME = new DateTimeFormatterBuilder()
.parseCaseInsensitive()
.appendValue(ChronoField.YEAR, 4)
.appendLiteral('-')
.appendValue(ChronoField.MONTH_OF_YEAR, 2)
.appendLiteral('-')
.appendValue(ChronoField.DAY_OF_MONTH, 2)
.appendLiteral(' ')
.appendValue(ChronoField.HOUR_OF_DAY, 2)
.appendLiteral(':')
.appendValue(ChronoField.MINUTE_OF_HOUR, 2)
.appendLiteral(':')
.appendValue(ChronoField.SECOND_OF_MINUTE, 2)
.appendOffset("+HH:MM:ss","Z")
.toFormatter();
.parseCaseInsensitive()
.appendValue(ChronoField.YEAR, 4)
.appendLiteral('-')
.appendValue(ChronoField.MONTH_OF_YEAR, 2)
.appendLiteral('-')
.appendValue(ChronoField.DAY_OF_MONTH, 2)
.appendLiteral(' ')
.appendValue(ChronoField.HOUR_OF_DAY, 2)
.appendLiteral(':')
.appendValue(ChronoField.MINUTE_OF_HOUR, 2)
.appendLiteral(':')
.appendValue(ChronoField.SECOND_OF_MINUTE, 2)
.appendOffset("+HH:MM:ss", "Z")
.toFormatter();
private static final String OSSL_ENV_KEY_PW = "KEY_PASS";
private static final String OSSL_ARG_KEY_PW = "env:" + OSSL_ENV_KEY_PW;
private final AtomicBoolean versionLogged = new AtomicBoolean(false);
@ -764,7 +762,7 @@ public class OpenSSLService {
"sep_multiline",
"-nameopt",
"lname",
"-modulus"
"-modulus"
)
);
command.addAll(Arrays.asList(additArgs));

18
src/main/java/de/mlessmann/certassist/openssl/X509CertificateInfo.java
View file

@ -2,23 +2,21 @@ package de.mlessmann.certassist.openssl;
import de.mlessmann.certassist.models.CertificateInfoExtension;
import de.mlessmann.certassist.models.CertificateInfoSubject;
import lombok.Builder;
import org.springframework.lang.Nullable;
import java.time.OffsetDateTime;
import java.time.ZonedDateTime;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import lombok.Builder;
import org.springframework.lang.Nullable;
@Builder
public record X509CertificateInfo(
CertificateInfoSubject subject,
@Nullable CertificateInfoSubject issuer,
String serial,
OffsetDateTime notBefore,
OffsetDateTime notAfter,
List<CertificateInfoExtension> extensions
CertificateInfoSubject subject,
@Nullable CertificateInfoSubject issuer,
String serial,
OffsetDateTime notBefore,
OffsetDateTime notAfter,
List<CertificateInfoExtension> extensions
) {
public X509CertificateInfo {
Objects.requireNonNull(subject);

8
src/main/java/de/mlessmann/certassist/service/CertificateCreationService.java
View file

@ -79,7 +79,13 @@ public class CertificateCreationService {
private Certificate createEntityFromInfo(X509CertificateInfo info) {
final Certificate certificate = new Certificate();
certificate.setType(mapCertificateRequestType(info.issuer() != null ? CertificateInfo.RequestType.NORMAL_CERTIFICATE : CertificateInfo.RequestType.STANDALONE_CERTIFICATE));
certificate.setType(
mapCertificateRequestType(
info.issuer() != null
? CertificateInfo.RequestType.NORMAL_CERTIFICATE
: CertificateInfo.RequestType.STANDALONE_CERTIFICATE
)
);
certificate.setSubjectCommonName(info.subject().getCommonName());
certificate.setTrustingAuthority(info.issuer().getCommonName());
certificate.setRequestedKeyLength(-1);

90
src/test/java/de/mlessmann/certassist/TestOpenSSLService.java
View file

@ -1,5 +1,9 @@
package de.mlessmann.certassist;
import static java.util.Objects.requireNonNull;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.*;
import de.mlessmann.certassist.models.CertificateInfo;
import de.mlessmann.certassist.models.CertificateInfo.RequestType;
import de.mlessmann.certassist.models.CertificateInfoExtension;
@ -8,24 +12,19 @@ import de.mlessmann.certassist.openssl.CertificatePasswordProvider;
import de.mlessmann.certassist.openssl.CertificateProvider;
import de.mlessmann.certassist.openssl.OpenSSLService;
import de.mlessmann.certassist.service.ExecutableResolver;
import java.nio.file.Path;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.mock.mockito.MockBean;
import java.nio.file.Path;
import static java.util.Objects.requireNonNull;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.*;
@SpringBootTest
class TestOpenSSLService {
public static final String TEST_CERT_PASSPHRASE = "ABC-123";
public static final Path TEST_CERT_PATH = Path.of("src/test/resources/openssl");
public static final String TEST_CERT_FINGERPRINT =
"SHA1;4E:D6:0A:47:F0:63:AD:96:26:83:16:28:32:F5:E8:36:5A:62:91:95";
"SHA1;4E:D6:0A:47:F0:63:AD:96:26:83:16:28:32:F5:E8:36:5A:62:91:95";
private static final String ERR_NOT_ENCRYPTED = "Private key not encrypted";
private static final String ERR_VERIFY_FAILED = "Certificate verification failed";
@ -45,57 +44,55 @@ class TestOpenSSLService {
var certificateCreator = new OpenSSLService(executableResolver, passwordProvider, certificateProvider);
CertificateInfo certRequest = CertificateInfo
.builder()
.type(RequestType.STANDALONE_CERTIFICATE)
.subject(
CertificateInfoSubject
.builder()
.commonName("test.home")
.country("DE")
.state("SH")
.locality("HH")
.organization("Crazy-Cats")
)
.extension(CertificateInfoExtension.builder().alternativeDnsNames("test2.home", "test3.home"))
.build();
.builder()
.type(RequestType.STANDALONE_CERTIFICATE)
.subject(
CertificateInfoSubject
.builder()
.commonName("test.home")
.country("DE")
.state("SH")
.locality("HH")
.organization("Crazy-Cats")
)
.extension(CertificateInfoExtension.builder().alternativeDnsNames("test2.home", "test3.home"))
.build();
try (var cert = certificateCreator.createCertificate(certRequest)) {
assertThat(certificateCreator.verifyCertificate(cert.certificatePath(), cert.certificatePath()))
.withFailMessage(ERR_VERIFY_FAILED)
.isTrue();
.withFailMessage(ERR_VERIFY_FAILED)
.isTrue();
assertThat(certificateCreator.isKeyEncrypted(requireNonNull(cert.certificateKeyPath())))
.withFailMessage(ERR_NOT_ENCRYPTED)
.isTrue();
.withFailMessage(ERR_NOT_ENCRYPTED)
.isTrue();
CertificateInfo childRequest = CertificateInfo
.builder()
.type(RequestType.NORMAL_CERTIFICATE)
.trustingAuthority(cert.fingerprint())
.subject(
CertificateInfoSubject
.builder()
.commonName("test.local")
.country("DE")
.state("SH")
.locality("HH")
.organization("Crazy-Cats")
)
.extension(CertificateInfoExtension.builder().alternativeDnsNames("test2.local", "test3.local"))
.build();
.builder()
.type(RequestType.NORMAL_CERTIFICATE)
.trustingAuthority(cert.fingerprint())
.subject(
CertificateInfoSubject
.builder()
.commonName("test.local")
.country("DE")
.state("SH")
.locality("HH")
.organization("Crazy-Cats")
)
.extension(CertificateInfoExtension.builder().alternativeDnsNames("test2.local", "test3.local"))
.build();
var spiedCert = spy(cert);
doNothing().when(spiedCert).close();
when(certificateProvider.requestCertificateUsage(cert.fingerprint())).thenReturn(spiedCert);
try (var childCert = certificateCreator.createCertificate(childRequest)) {
Path fullchain = childCert.fullchainPath();
assertThat(
certificateCreator.verifyCertificate(requireNonNull(fullchain), cert.certificatePath())
)
.withFailMessage(ERR_VERIFY_FAILED)
.isTrue();
assertThat(certificateCreator.verifyCertificate(requireNonNull(fullchain), cert.certificatePath()))
.withFailMessage(ERR_VERIFY_FAILED)
.isTrue();
assertThat(certificateCreator.isKeyEncrypted(requireNonNull(childCert.certificateKeyPath())))
.withFailMessage(ERR_NOT_ENCRYPTED)
.isTrue();
.withFailMessage(ERR_NOT_ENCRYPTED)
.isTrue();
}
}
}
@ -124,6 +121,7 @@ class TestOpenSSLService {
assertThat(request.subject().getState()).isEqualTo("SH");
assertThat(request.subject().getLocality()).isEqualTo("HH");
assertThat(request.subject().getOrganization()).isEqualTo("Crazy-Cats");
assertThat(request.extensions().getFirst().getAlternativeDnsNames()).containsExactly("test2.local", "test3.local");
assertThat(request.extensions().getFirst().getAlternativeDnsNames())
.containsExactly("test2.local", "test3.local");
}
}

1
src/test/java/de/mlessmann/certassist/repositories/CertificateRepositoryTest.java
View file

@ -6,7 +6,6 @@ import de.mlessmann.certassist.models.Certificate;
import de.mlessmann.certassist.models.CertificateExtension;
import de.mlessmann.certassist.models.CertificateType;
import jakarta.transaction.Transactional;
import java.time.OffsetDateTime;
import java.util.List;
import java.util.stream.StreamSupport;