Fix test case failure when extracting cert from signature

appinstallfixx
Navod Zoysa 1 month ago
parent 66c9c4f4e6
commit 1aa32528b0

@ -29,7 +29,6 @@ import io.entgra.device.mgt.core.certificate.mgt.core.util.CertificateManagement
import io.entgra.device.mgt.core.certificate.mgt.core.util.CommonUtil; import io.entgra.device.mgt.core.certificate.mgt.core.util.CommonUtil;
import io.entgra.device.mgt.core.certificate.mgt.core.util.Serializer; import io.entgra.device.mgt.core.certificate.mgt.core.util.Serializer;
import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1Encodable;
@ -436,7 +435,7 @@ public class CertificateGenerator {
String orgUnit = CommonUtil.getSubjectDnAttribute(reqCert, String orgUnit = CommonUtil.getSubjectDnAttribute(reqCert,
CertificateManagementConstants.ORG_UNIT_ATTRIBUTE); CertificateManagementConstants.ORG_UNIT_ATTRIBUTE);
CertificateResponse lookUpCertificate; CertificateResponse lookUpCertificate;
if (StringUtils.isNotEmpty(orgUnit)) { if (CommonUtil.isScepOrgUnit(orgUnit)) {
int tenantId = Integer.parseInt(orgUnit.split(("_"))[1]); int tenantId = Integer.parseInt(orgUnit.split(("_"))[1]);
lookUpCertificate = keyStoreReader.getCertificateBySerial(reqCert.getSerialNumber().toString(), lookUpCertificate = keyStoreReader.getCertificateBySerial(reqCert.getSerialNumber().toString(),
tenantId); tenantId);

@ -36,6 +36,7 @@ public final class CertificateManagementConstants {
public static final String CONF_LOCATION = "conf.location"; public static final String CONF_LOCATION = "conf.location";
public static final String DEFAULT_PRINCIPAL = "O=WSO2, OU=Mobile, C=LK"; public static final String DEFAULT_PRINCIPAL = "O=WSO2, OU=Mobile, C=LK";
public static final String ORG_UNIT_ATTRIBUTE = "OU="; public static final String ORG_UNIT_ATTRIBUTE = "OU=";
public static final String ORG_UNIT_TENANT_PREFIX = "tenant_";
public static final String RSA_PRIVATE_KEY_BEGIN_TEXT = "-----BEGIN RSA PRIVATE KEY-----\n"; public static final String RSA_PRIVATE_KEY_BEGIN_TEXT = "-----BEGIN RSA PRIVATE KEY-----\n";
public static final String RSA_PRIVATE_KEY_END_TEXT = "-----END RSA PRIVATE KEY-----"; public static final String RSA_PRIVATE_KEY_END_TEXT = "-----END RSA PRIVATE KEY-----";
public static final String EMPTY_TEXT = ""; public static final String EMPTY_TEXT = "";

@ -18,6 +18,7 @@
package io.entgra.device.mgt.core.certificate.mgt.core.util; package io.entgra.device.mgt.core.certificate.mgt.core.util;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.math.NumberUtils;
import java.math.BigInteger; import java.math.BigInteger;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
@ -68,4 +69,24 @@ public class CommonUtil {
} }
return null; return null;
} }
/**
* Checks if the organizational unit (OU) attribute has a valid tenant id in order to verify that it is
* a SCEP certificate. eg: OU=tenant_1
* <br/><br/>
* Refer to engineering mail SCEP implementation for Android
* @param orgUnit organizational unit (OU) of the certificate
* @return true if it is a valid SCEP org unit else false
*/
public static boolean isScepOrgUnit(String orgUnit) {
if (StringUtils.isNotEmpty(orgUnit)) {
if (orgUnit.contains(CertificateManagementConstants.ORG_UNIT_TENANT_PREFIX)) {
String[] orgUnitArray = orgUnit.split(("_"));
if (orgUnitArray.length > 1) {
return NumberUtils.isNumber(orgUnitArray[1]);
}
}
}
return false;
}
} }

Loading…
Cancel
Save