chore: Add version logging for OpenSSL
This commit is contained in:
parent
463328f04f
commit
61ccad5a1c
GPG key ID:
5B5EBCBE331F1E6F
4 changed files with 58 additions and 33 deletions
|
|
@ -3,7 +3,6 @@ package de.mlessmann.certassist.openssl;
|
|||
import java.util.List;
|
||||
import java.util.Objects;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
import lombok.Builder;
|
||||
import lombok.Getter;
|
||||
|
||||
|
|
@ -17,11 +16,13 @@ public class CertificateRequestExtension {
|
|||
|
||||
public CertificateRequestExtensionBuilder alternativeNames(String... altNames) {
|
||||
Objects.requireNonNull(altNames, "Alternative names must not be null (but can be empty)");
|
||||
this.alternativeNames = Stream.of(altNames)
|
||||
.filter(Objects::nonNull)
|
||||
.map(String::trim)
|
||||
.map(name -> name.replaceAll("^DNS:", ""))
|
||||
.toList();
|
||||
this.alternativeNames =
|
||||
Stream
|
||||
.of(altNames)
|
||||
.filter(Objects::nonNull)
|
||||
.map(String::trim)
|
||||
.map(name -> name.replaceAll("^DNS:", ""))
|
||||
.toList();
|
||||
return this;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@ import java.nio.file.StandardOpenOption;
|
|||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
import java.util.concurrent.ExecutionException;
|
||||
import java.util.concurrent.atomic.AtomicBoolean;
|
||||
import java.util.concurrent.atomic.AtomicInteger;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
|
@ -49,6 +50,7 @@ public class OpenSSLCertificateCreator {
|
|||
private static final Pattern FINGERPRINT_EXTRACTOR = Pattern.compile(
|
||||
"^(?<algo>[0-9a-zA-Z]+) (?i)Fingerprint(?-i)=(?<finger>[a-z:A-Z0-9]+)"
|
||||
);
|
||||
private final AtomicBoolean versionLogged = new AtomicBoolean(false);
|
||||
|
||||
private final ExecutableResolver executableResolver;
|
||||
private final CertificatePasswordProvider passwordProvider;
|
||||
|
|
@ -426,7 +428,7 @@ public class OpenSSLCertificateCreator {
|
|||
if (infoResult.getExitValue() != 0) {
|
||||
log.debug("Certificate info command output:\n{}", output);
|
||||
throw new CommandLineOperationException(
|
||||
"Failed to get info of path. Exit code: %d".formatted(infoResult.getExitValue())
|
||||
"Failed to get info of path. Exit code: %d".formatted(infoResult.getExitValue())
|
||||
);
|
||||
}
|
||||
return getCertificateInfo(output.lines().toArray(String[]::new));
|
||||
|
|
@ -437,7 +439,28 @@ public class OpenSSLCertificateCreator {
|
|||
|
||||
private String resolveOpenSSL() throws CommandLineOperationException {
|
||||
try {
|
||||
return executableResolver.getOpenSSLPath();
|
||||
String path = executableResolver.getOpenSSLPath();
|
||||
if (!versionLogged.get()) {
|
||||
try {
|
||||
StartedProcess versionProc = new ProcessExecutor()
|
||||
.command(path, "version")
|
||||
.readOutput(true)
|
||||
.redirectError(Slf4jStream.ofCaller().asError())
|
||||
.start();
|
||||
var versionResult = versionProc.getFuture().get();
|
||||
if (versionResult.getExitValue() != 0) {
|
||||
throw new CommandLineOperationException(
|
||||
"Failed to get OpenSSL version. Exit code: " + versionResult.getExitValue()
|
||||
);
|
||||
}
|
||||
|
||||
log.info("Using OpenSSL version: {}", versionResult.getOutput().getUTF8());
|
||||
versionLogged.set(true);
|
||||
} catch (IOException | InterruptedException | ExecutionException e) {
|
||||
throw new CommandLineOperationException("Failed to get OpenSSL version", e);
|
||||
}
|
||||
}
|
||||
return path;
|
||||
} catch (UnresolvableCLIDependency e) {
|
||||
throw new CommandLineOperationException(e);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,17 +1,16 @@
|
|||
package de.mlessmann.certassist;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
|
||||
import de.mlessmann.certassist.openssl.CertificateRequest;
|
||||
import de.mlessmann.certassist.openssl.CertificateRequestExtension;
|
||||
import de.mlessmann.certassist.openssl.CertificateSubject;
|
||||
import de.mlessmann.certassist.service.CertificateCreationService;
|
||||
import java.nio.file.Path;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
|
||||
import java.nio.file.Path;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
|
||||
@SpringBootTest
|
||||
public class CertificateServiceTest {
|
||||
|
||||
|
|
@ -20,18 +19,20 @@ public class CertificateServiceTest {
|
|||
|
||||
@Test
|
||||
void testCanCreateCertificate() {
|
||||
var request = CertificateRequest.builder()
|
||||
.type(CertificateRequest.RequestType.STANDALONE_CERTIFICATE)
|
||||
.subject(
|
||||
CertificateSubject.builder()
|
||||
.commonName("cert.creation")
|
||||
.country("DE")
|
||||
.state("SH")
|
||||
.locality("HH")
|
||||
.organization("Crazy-Cats")
|
||||
)
|
||||
.extension(CertificateRequestExtension.builder().alternativeNames("test2.home", "test3.home"))
|
||||
.build();
|
||||
var request = CertificateRequest
|
||||
.builder()
|
||||
.type(CertificateRequest.RequestType.STANDALONE_CERTIFICATE)
|
||||
.subject(
|
||||
CertificateSubject
|
||||
.builder()
|
||||
.commonName("cert.creation")
|
||||
.country("DE")
|
||||
.state("SH")
|
||||
.locality("HH")
|
||||
.organization("Crazy-Cats")
|
||||
)
|
||||
.extension(CertificateRequestExtension.builder().alternativeNames("test2.home", "test3.home"))
|
||||
.build();
|
||||
var cert = certificateService.createCertificate(request);
|
||||
assertThat(cert).isNotNull();
|
||||
assertThat(cert.getId()).isGreaterThan("0");
|
||||
|
|
@ -40,8 +41,11 @@ public class CertificateServiceTest {
|
|||
@Test
|
||||
void testCanImportCertificate() {
|
||||
Path certDir = TestOpenSSLCertificateCreator.TEST_CERT_PATH;
|
||||
var importedCert = certificateService.importCertificate(certDir.resolve("x509forImport.pem"),
|
||||
certDir.resolve("x509forImport.key.pem"), TestOpenSSLCertificateCreator.TEST_CERT_PASSPHRASE);
|
||||
var importedCert = certificateService.importCertificate(
|
||||
certDir.resolve("x509forImport.pem"),
|
||||
certDir.resolve("x509forImport.key.pem"),
|
||||
TestOpenSSLCertificateCreator.TEST_CERT_PASSPHRASE
|
||||
);
|
||||
assertThat(importedCert).isNotNull();
|
||||
assertThat(importedCert.getId()).isGreaterThan("0");
|
||||
}
|
||||
|
|
|
|||
|
|
@ -66,10 +66,7 @@ class TestOpenSSLCertificateCreator {
|
|||
.locality("HH")
|
||||
.organization("Crazy-Cats")
|
||||
)
|
||||
.extension(
|
||||
CertificateRequestExtension.builder()
|
||||
.alternativeNames("test2.local", "test3.local")
|
||||
)
|
||||
.extension(CertificateRequestExtension.builder().alternativeNames("test2.local", "test3.local"))
|
||||
.build();
|
||||
|
||||
var spiedCert = spy(cert);
|
||||
|
|
@ -91,9 +88,9 @@ class TestOpenSSLCertificateCreator {
|
|||
CertificateProvider certificateProvider = mock(CertificateProvider.class);
|
||||
ExecutableResolver executableResolver = new ExecutableResolver();
|
||||
var certificateCreator = new OpenSSLCertificateCreator(
|
||||
executableResolver,
|
||||
passwordProvider,
|
||||
certificateProvider
|
||||
executableResolver,
|
||||
passwordProvider,
|
||||
certificateProvider
|
||||
);
|
||||
|
||||
var request = certificateCreator.getCertificateInfo(TEST_CERT_PATH.resolve("x509forImportCA.pem"));
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue