diff --git a/server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java b/server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java index ba71d631a94..c2c155d0b8c 100644 --- a/server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java +++ b/server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java @@ -18,8 +18,6 @@ package org.apache.cloudstack.network.lb; import java.io.IOException; import java.io.StringReader; -import java.io.UnsupportedEncodingException; -import java.net.URLDecoder; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.KeyPair; @@ -53,18 +51,17 @@ import javax.crypto.NoSuchPaddingException; import javax.ejb.Local; import javax.inject.Inject; -import org.apache.commons.io.IOUtils; -import org.apache.log4j.Logger; -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.bouncycastle.openssl.PEMReader; -import org.bouncycastle.openssl.PasswordFinder; - import org.apache.cloudstack.acl.SecurityChecker; import org.apache.cloudstack.api.command.user.loadbalancer.DeleteSslCertCmd; import org.apache.cloudstack.api.command.user.loadbalancer.ListSslCertsCmd; import org.apache.cloudstack.api.command.user.loadbalancer.UploadSslCertCmd; import org.apache.cloudstack.api.response.SslCertResponse; import org.apache.cloudstack.context.CallContext; +import org.apache.commons.io.IOUtils; +import org.apache.log4j.Logger; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.openssl.PEMReader; +import org.bouncycastle.openssl.PasswordFinder; import com.cloud.event.ActionEvent; import com.cloud.event.EventTypes; @@ -109,10 +106,10 @@ public class CertServiceImpl implements CertService { public SslCertResponse uploadSslCert(UploadSslCertCmd certCmd) { try { - String cert = URLDecoder.decode(certCmd.getCert(), "UTF-8"); - String key = URLDecoder.decode(certCmd.getKey(), "UTF-8"); + String cert = certCmd.getCert(); + String key = certCmd.getKey(); String password = certCmd.getPassword(); - String chain = certCmd.getChain() == null ? null : URLDecoder.decode(certCmd.getChain(), "UTF-8"); + String chain = certCmd.getChain(); validate(cert, key, password, chain); s_logger.debug("Certificate Validation succeeded"); @@ -127,8 +124,8 @@ public class CertServiceImpl implements CertService { return createCertResponse(certVO, null); - } catch (UnsupportedEncodingException e) { - throw new CloudRuntimeException("Error decoding certificate data"); + } catch (Exception e) { + throw new CloudRuntimeException("Error parsing certificate data " + e.getMessage()); } } @@ -429,7 +426,7 @@ public class CertServiceImpl implements CertService { try { return (Certificate)certPem.readObject(); } catch (Exception e) { - throw new InvalidParameterValueException("Invalid Certificate format. Expected X509 certificate"); + throw new InvalidParameterValueException("Invalid Certificate format. Expected X509 certificate. Failed due to " + e.getMessage()); } finally { IOUtils.closeQuietly(certPem); } diff --git a/server/test/org/apache/cloudstack/network/lb/CertServiceTest.java b/server/test/org/apache/cloudstack/network/lb/CertServiceTest.java index a67a9abf12b..038845d9283 100644 --- a/server/test/org/apache/cloudstack/network/lb/CertServiceTest.java +++ b/server/test/org/apache/cloudstack/network/lb/CertServiceTest.java @@ -27,21 +27,19 @@ import static org.mockito.Mockito.when; import java.io.File; import java.io.IOException; import java.lang.reflect.Field; -import java.net.URLEncoder; import java.util.ArrayList; import java.util.List; import java.util.UUID; +import org.apache.cloudstack.api.command.user.loadbalancer.DeleteSslCertCmd; +import org.apache.cloudstack.api.command.user.loadbalancer.UploadSslCertCmd; +import org.apache.cloudstack.context.CallContext; import org.junit.After; import org.junit.Assume; import org.junit.Before; import org.junit.Test; import org.mockito.Mockito; -import org.apache.cloudstack.api.command.user.loadbalancer.DeleteSslCertCmd; -import org.apache.cloudstack.api.command.user.loadbalancer.UploadSslCertCmd; -import org.apache.cloudstack.context.CallContext; - import com.cloud.network.dao.LoadBalancerCertMapDao; import com.cloud.network.dao.LoadBalancerCertMapVO; import com.cloud.network.dao.LoadBalancerVO; @@ -101,9 +99,9 @@ public class CertServiceTest { String chainFile = getClass().getResource("/certs/root_chain.crt").getFile(); String password = "user"; - String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8"); - String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8"); - String chain = URLEncoder.encode(readFileToString(new File(chainFile)), "UTF-8"); + String cert = readFileToString(new File(certFile)); + String key = readFileToString(new File(keyFile)); + String chain = readFileToString(new File(chainFile)); CertServiceImpl certService = new CertServiceImpl(); @@ -153,8 +151,8 @@ public class CertServiceTest { String keyFile = getClass().getResource("/certs/rsa_self_signed_with_pwd.key").getFile(); String password = "test"; - String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8"); - String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8"); + String cert = readFileToString(new File(certFile)); + String key = readFileToString(new File(keyFile)); CertServiceImpl certService = new CertServiceImpl(); @@ -199,8 +197,8 @@ public class CertServiceTest { String certFile = getClass().getResource("/certs/rsa_self_signed.crt").getFile(); String keyFile = getClass().getResource("/certs/rsa_self_signed.key").getFile(); - String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8"); - String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8"); + String cert = readFileToString(new File(certFile)); + String key = readFileToString(new File(keyFile)); CertServiceImpl certService = new CertServiceImpl(); @@ -239,9 +237,9 @@ public class CertServiceTest { String chainFile = getClass().getResource("/certs/rsa_self_signed.crt").getFile(); String password = "user"; - String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8"); - String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8"); - String chain = URLEncoder.encode(readFileToString(new File(chainFile)), "UTF-8"); + String cert = readFileToString(new File(certFile)); + String key = readFileToString(new File(keyFile)); + String chain = readFileToString(new File(chainFile)); CertServiceImpl certService = new CertServiceImpl(); @@ -291,9 +289,9 @@ public class CertServiceTest { String chainFile = getClass().getResource("/certs/rsa_ca_signed2.crt").getFile(); String password = "user"; - String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8"); - String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8"); - String chain = URLEncoder.encode(readFileToString(new File(chainFile)), "UTF-8"); + String cert = readFileToString(new File(certFile)); + String key = readFileToString(new File(keyFile)); + String chain = readFileToString(new File(chainFile)); CertServiceImpl certService = new CertServiceImpl(); @@ -343,8 +341,8 @@ public class CertServiceTest { String keyFile = getClass().getResource("/certs/rsa_ca_signed.key").getFile(); String password = "user"; - String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8"); - String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8"); + String cert = readFileToString(new File(certFile)); + String key = readFileToString(new File(keyFile)); CertServiceImpl certService = new CertServiceImpl(); @@ -388,8 +386,8 @@ public class CertServiceTest { String keyFile = getClass().getResource("/certs/rsa_self_signed_with_pwd.key").getFile(); String password = "bad_password"; - String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8"); - String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8"); + String cert = readFileToString(new File(certFile)); + String key = readFileToString(new File(keyFile)); CertServiceImpl certService = new CertServiceImpl(); @@ -432,8 +430,8 @@ public class CertServiceTest { String certFile = getClass().getResource("/certs/rsa_self_signed.crt").getFile(); String keyFile = getClass().getResource("/certs/rsa_random_pkey.key").getFile(); - String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8"); - String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8"); + String cert = readFileToString(new File(certFile)); + String key = readFileToString(new File(keyFile)); CertServiceImpl certService = new CertServiceImpl(); @@ -471,8 +469,8 @@ public class CertServiceTest { String certFile = getClass().getResource("/certs/rsa_self_signed.crt").getFile(); String keyFile = getClass().getResource("/certs/dsa_self_signed.key").getFile(); - String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8"); - String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8"); + String cert = readFileToString(new File(certFile)); + String key = readFileToString(new File(keyFile)); CertServiceImpl certService = new CertServiceImpl(); @@ -511,8 +509,8 @@ public class CertServiceTest { String certFile = getClass().getResource("/certs/expired_cert.crt").getFile(); String keyFile = getClass().getResource("/certs/rsa_self_signed.key").getFile(); - String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8"); - String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8"); + String cert = readFileToString(new File(certFile)); + String key = readFileToString(new File(keyFile)); CertServiceImpl certService = new CertServiceImpl(); @@ -550,8 +548,8 @@ public class CertServiceTest { String certFile = getClass().getResource("/certs/non_x509_pem.crt").getFile(); String keyFile = getClass().getResource("/certs/rsa_self_signed.key").getFile(); - String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8"); - String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8"); + String cert = readFileToString(new File(certFile)); + String key = readFileToString(new File(keyFile)); CertServiceImpl certService = new CertServiceImpl(); @@ -590,8 +588,8 @@ public class CertServiceTest { String certFile = getClass().getResource("/certs/bad_format_cert.crt").getFile(); String keyFile = getClass().getResource("/certs/rsa_self_signed.key").getFile(); - String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8"); - String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8"); + String cert = readFileToString(new File(certFile)); + String key = readFileToString(new File(keyFile)); CertServiceImpl certService = new CertServiceImpl();