Merge pull request smallrye#3 from cescoffier/no-cleanup

Option to not override existing certificates
dmlloyd · Feb 22, 2024 · 1a4c912 · 1a4c912
2 parents b63fd37 + 3539f6a
commit 1a4c912
Show file tree

Hide file tree

Showing 5 changed files with 74 additions and 36 deletions.
diff --git a/...erator-junit5/src/main/java/me/escoffier/certs/junit5/CertificateGenerationExtension.java b/...erator-junit5/src/main/java/me/escoffier/certs/junit5/CertificateGenerationExtension.java
@@ -21,7 +21,7 @@ public void beforeAll(ExtensionContext extensionContext) throws Exception {
             String baseDir = annotation.baseDir();
             File file = new File(baseDir);
             file.mkdirs();
-            CertificateGenerator generator = new CertificateGenerator(file.toPath());
+            CertificateGenerator generator = new CertificateGenerator(file.toPath(), annotation.replaceIfExists());
 
             CertificateRequest request = new CertificateRequest()
                     .withName(certificate.name())

diff --git a/certificate-generator-junit5/src/main/java/me/escoffier/certs/junit5/Certificates.java b/certificate-generator-junit5/src/main/java/me/escoffier/certs/junit5/Certificates.java
@@ -26,4 +26,8 @@
      */
     Certificate[] certificates();
 
+    /**
+     * Whether to replace the certificates if they already exist.
+     */
+    boolean replaceIfExists() default false;
 }
diff --git a/...erator-maven-plugin/src/main/java/me/escoffier/certs/maven/CertificatesGeneratorMojo.java b/...erator-maven-plugin/src/main/java/me/escoffier/certs/maven/CertificatesGeneratorMojo.java
@@ -23,6 +23,9 @@ public class CertificatesGeneratorMojo extends AbstractMojo {
     @Parameter(property = "certificate-generator.outputDirectory", defaultValue = "${project.build.directory}/certificates")
     private String outputDirectory;
 
+    @Parameter(property = "certificate-generator.replaceIfExists", defaultValue = "false")
+    private boolean replaceIfExists;
+
     @Override
     public void execute() throws MojoExecutionException {
         getLog().info("Generating certificates");
@@ -33,7 +36,7 @@ public void execute() throws MojoExecutionException {
         }
 
         try {
-            CertificateGenerator generator = new CertificateGenerator(new File(outputDirectory).toPath());
+            CertificateGenerator generator = new CertificateGenerator(new File(outputDirectory).toPath(), replaceIfExists);
             for (CertificateRequestParameter request : certificates) {
                 CertificateRequest cr = new CertificateRequest()
                         .withName(request.getName())

diff --git a/certificate-generator/src/main/java/me/escoffier/certs/CertificateGenerator.java b/certificate-generator/src/main/java/me/escoffier/certs/CertificateGenerator.java
@@ -14,13 +14,16 @@ public class CertificateGenerator {
     final File root;
 
     static System.Logger LOGGER = System.getLogger(CertificateGenerator.class.getName());
+    private final boolean replaceIfExists;
 
-    public CertificateGenerator(Path tempDir) {
-        root = tempDir.toFile();
+    public CertificateGenerator(Path tempDir, boolean replaceIfExists) {
+        this.replaceIfExists = replaceIfExists;
+        this.root = tempDir.toFile();
     }
 
     public CertificateGenerator() {
         root = new File(".");
+        replaceIfExists = false;
     }
 
     public void generate(CertificateRequest request) throws Exception {
@@ -43,19 +46,31 @@ public void generate(CertificateRequest request) throws Exception {
                 if (format == Format.PEM) {
                     File certFile = new File(root, request.name() + ".crt");
                     File keyFile = new File(root, request.name() + ".key");
-                    File trustfile = new File(root, request.name() + (client!=null ? "-client" : "") + "-ca.crt");
+                    File trustfile = new File(root, request.name() + (client != null ? "-client" : "") + "-ca.crt");
                     File clientCertFile = new File(root, request.name() + "-client.crt");
                     File clientKeyFile = new File(root, request.name() + "-client.key");
                     File serverTrustfile = new File(root, request.name() + "-server-ca.crt");
 
-                    writeCertificateToPEM(certificate, certFile);
-                    writePrivateKeyToPem(keyPair.getPrivate(), keyFile);
-                    writeTruststoreToPem(List.of(certificate), trustfile);
+                    if (replaceIfExists  || !certFile.isFile()) {
+                        writeCertificateToPEM(certificate, certFile);
+                    }
+                    if (replaceIfExists || ! keyFile.isFile()) {
+                        writePrivateKeyToPem(keyPair.getPrivate(), keyFile);
+                    }
+                    if (replaceIfExists || ! trustfile.isFile()) {
+                        writeTruststoreToPem(List.of(certificate), trustfile);
+                    }
 
                     if (client != null) {
-                        writeCertificateToPEM(clientCertificate, clientCertFile);
-                        writePrivateKeyToPem(clientKeyPair.getPrivate(), clientKeyFile);
-                        writeTruststoreToPem(List.of(clientCertificate), serverTrustfile);
+                        if (replaceIfExists || !clientCertFile.isFile()) {
+                            writeCertificateToPEM(clientCertificate, clientCertFile);
+                        }
+                        if (replaceIfExists || !clientKeyFile.isFile()) {
+                            writePrivateKeyToPem(clientKeyPair.getPrivate(), clientKeyFile);
+                        }
+                        if (replaceIfExists || !serverTrustfile.isFile()) {
+                            writeTruststoreToPem(List.of(clientCertificate), serverTrustfile);
+                        }
                     }
 
                     LOGGER.log(System.Logger.Level.INFO, "⭐ PEM Certificates, keystore, and truststore generated successfully!");
@@ -71,18 +86,26 @@ public void generate(CertificateRequest request) throws Exception {
                     }
 
                 } else if (format == Format.JKS) {
-                    File keyStoreFile = new File(root,  request.name() + "-keystore." + format.extension());
-                    File trustStoreFile = new File(root, request.name() + (client!=null ? "-client" : "") + "-truststore." + format.extension());
+                    File keyStoreFile = new File(root, request.name() + "-keystore." + format.extension());
+                    File trustStoreFile = new File(root, request.name() + (client != null ? "-client" : "") + "-truststore." + format.extension());
 
-                    File clientKeyStoreFile = new File(root,  request.name() + "-client-keystore." + format.extension());
-                    File serverTrustStoreFile = new File(root,  request.name() + "-server-truststore." + format.extension());
+                    File clientKeyStoreFile = new File(root, request.name() + "-client-keystore." + format.extension());
+                    File serverTrustStoreFile = new File(root, request.name() + "-server-truststore." + format.extension());
 
-                    writePrivateKeyAndCertificateToJKS(certificate, keyPair, keyStoreFile, request.password().toCharArray(), request.getAlias());
-                    writeTrustStoreToJKS(Map.of(request.getAlias(), certificate), trustStoreFile, request.password().toCharArray());
+                    if (replaceIfExists || !keyStoreFile.isFile()) {
+                        writePrivateKeyAndCertificateToJKS(certificate, keyPair, keyStoreFile, request.password().toCharArray(), request.getAlias());
+                    }
+                    if (replaceIfExists || !trustStoreFile.isFile()) {
+                        writeTrustStoreToJKS(Map.of(request.getAlias(), certificate), trustStoreFile, request.password().toCharArray());
+                    }
 
                     if (client != null) {
-                        writePrivateKeyAndCertificateToJKS(clientCertificate, clientKeyPair, clientKeyStoreFile, request.password().toCharArray(), request.getAlias());
-                        writeTrustStoreToJKS(Map.of(request.getAlias(), clientCertificate), serverTrustStoreFile, request.password().toCharArray());
+                        if (replaceIfExists || !clientKeyStoreFile.isFile()) {
+                            writePrivateKeyAndCertificateToJKS(clientCertificate, clientKeyPair, clientKeyStoreFile, request.password().toCharArray(), request.getAlias());
+                        }
+                        if (replaceIfExists || !serverTrustStoreFile.isFile()) {
+                            writeTrustStoreToJKS(Map.of(request.getAlias(), clientCertificate), serverTrustStoreFile, request.password().toCharArray());
+                        }
                     }
 
                     LOGGER.log(System.Logger.Level.INFO, "⭐  JKS Keystore and truststore generated successfully!");
@@ -96,18 +119,26 @@ public void generate(CertificateRequest request) throws Exception {
                         LOGGER.log(System.Logger.Level.INFO, "\uD83D\uDD13  Trust Store File: " + trustStoreFile.getAbsolutePath());
                     }
                 } else if (format == Format.PKCS12) {
-                    File keyStoreFile = new File(root,  request.name() + "-keystore." + format.extension());
-                    File trustStoreFile = new File(root, request.name() + (client!=null ? "-client" : "") + "-truststore." + format.extension());
+                    File keyStoreFile = new File(root, request.name() + "-keystore." + format.extension());
+                    File trustStoreFile = new File(root, request.name() + (client != null ? "-client" : "") + "-truststore." + format.extension());
 
-                    File clientKeyStoreFile = new File(root,  request.name() + "-client-keystore." + format.extension());
-                    File serverTrustStoreFile = new File(root,  request.name() + "-server-truststore." + format.extension());
+                    File clientKeyStoreFile = new File(root, request.name() + "-client-keystore." + format.extension());
+                    File serverTrustStoreFile = new File(root, request.name() + "-server-truststore." + format.extension());
 
-                    writePrivateKeyAndCertificateToPKCS12(certificate, keyPair, keyStoreFile, request.password().toCharArray(), request.getAlias());
-                    writeTrustStoreToPKCS12(Map.of(request.getAlias(), certificate), trustStoreFile, request.password().toCharArray());
+                    if (replaceIfExists || !keyStoreFile.isFile()) {
+                        writePrivateKeyAndCertificateToPKCS12(certificate, keyPair, keyStoreFile, request.password().toCharArray(), request.getAlias());
+                    }
+                    if (replaceIfExists || !trustStoreFile.isFile()) {
+                        writeTrustStoreToPKCS12(Map.of(request.getAlias(), certificate), trustStoreFile, request.password().toCharArray());
+                    }
 
                     if (client != null) {
-                        writePrivateKeyAndCertificateToPKCS12(clientCertificate, clientKeyPair, clientKeyStoreFile, request.password().toCharArray(), request.getAlias());
-                        writeTrustStoreToPKCS12(Map.of(request.getAlias(), clientCertificate), serverTrustStoreFile, request.password().toCharArray());
+                        if (replaceIfExists || !clientKeyStoreFile.isFile()) {
+                            writePrivateKeyAndCertificateToPKCS12(clientCertificate, clientKeyPair, clientKeyStoreFile, request.password().toCharArray(), request.getAlias());
+                        }
+                        if (replaceIfExists || !serverTrustStoreFile.isFile()) {
+                            writeTrustStoreToPKCS12(Map.of(request.getAlias(), clientCertificate), serverTrustStoreFile, request.password().toCharArray());
+                        }
                     }
 
                     LOGGER.log(System.Logger.Level.INFO, "⭐  PCKS12 Keystore and truststore generated successfully!");

diff --git a/certificate-generator/src/test/java/me/escoffier/certs/GenerationTest.java b/certificate-generator/src/test/java/me/escoffier/certs/GenerationTest.java
@@ -32,7 +32,7 @@ void JKSGeneration(@Dir Path tempDir) throws Exception {
                 .withName("test")
                 .withFormat(Format.JKS)
                 .withPassword("password");
-        new CertificateGenerator(tempDir).generate(request);
+        new CertificateGenerator(tempDir, true).generate(request);
 
         KeyCertOptions serverOptions = new JksOptions().setPath(new File(tempDir.toFile(), "test-keystore.jks").getAbsolutePath()).setPassword("password");
         TrustOptions clientOptions = new JksOptions().setPath(new File(tempDir.toFile(), "test-truststore.jks").getAbsolutePath()).setPassword("password");
@@ -49,7 +49,7 @@ void JKSGenerationWithDifferentAlias(@Dir Path tempDir) throws Exception {
                 .withAlias("alias")
                 .withFormat(Format.JKS)
                 .withPassword("password");
-        new CertificateGenerator(tempDir).generate(request);
+        new CertificateGenerator(tempDir, true).generate(request);
 
         KeyCertOptions serverOptions = new JksOptions().setPath(new File(tempDir.toFile(), "test-keystore.jks").getAbsolutePath()).setPassword("password").setAlias("alias");
         TrustOptions clientOptions = new JksOptions().setPath(new File(tempDir.toFile(), "test-truststore.jks").getAbsolutePath()).setPassword("password").setAlias("alias");
@@ -64,7 +64,7 @@ void PEMGeneration(@Dir Path tempDir) throws Exception {
         CertificateRequest request = new CertificateRequest()
                 .withName("test")
                 .withFormat(Format.PEM);
-        new CertificateGenerator(tempDir).generate(request);
+        new CertificateGenerator(tempDir, true).generate(request);
 
         KeyCertOptions serverOptions = new PemKeyCertOptions()
                 .addKeyPath(new File(tempDir.toFile(), "test.key").getAbsolutePath())
@@ -82,7 +82,7 @@ void PCKS12Generation(@Dir Path tempDir) throws Exception {
                 .withName("test")
                 .withFormat(Format.PKCS12)
                 .withPassword("secret");
-        new CertificateGenerator(tempDir).generate(request);
+        new CertificateGenerator(tempDir, true).generate(request);
 
         KeyCertOptions serverOptions = new PfxOptions().setPath(new File(tempDir.toFile(), "test-keystore.p12").getAbsolutePath()).setPassword("secret");
         TrustOptions clientOptions = new PfxOptions().setPath(new File(tempDir.toFile(), "test-truststore.p12").getAbsolutePath()).setPassword("secret");
@@ -99,7 +99,7 @@ void multiFormatGeneration(@Dir Path tempDir) throws Exception {
                 .withFormat(Format.PKCS12)
                 .withFormat(Format.PEM)
                 .withPassword("password");
-        new CertificateGenerator(tempDir).generate(request);
+        new CertificateGenerator(tempDir, true).generate(request);
 
         KeyCertOptions serverOptions = new PfxOptions().setPath(new File(tempDir.toFile(), "test-keystore.p12").getAbsolutePath()).setPassword("password");
         TrustOptions clientOptions = new PemTrustOptions().addCertPath(new File(tempDir.toFile(), "test-ca.crt").getAbsolutePath());
@@ -115,7 +115,7 @@ void mTLSWithPemGeneration(@Dir Path tempDir) throws Exception {
                 .withName("test")
                 .withClientCertificate()
                 .withFormat(Format.PEM);
-        new CertificateGenerator(tempDir).generate(request);
+        new CertificateGenerator(tempDir, true).generate(request);
 
         KeyCertOptions serverOptions = new PemKeyCertOptions()
                 .addKeyPath(new File(tempDir.toFile(), "test.key").getAbsolutePath())
@@ -140,7 +140,7 @@ void mTLSWithJKSGeneration(@Dir Path tempDir) throws Exception {
                 .withAlias("alias")
                 .withClientCertificate()
                 .withFormat(Format.JKS);
-        new CertificateGenerator(tempDir).generate(request);
+        new CertificateGenerator(tempDir, true).generate(request);
 
 
         KeyCertOptions serverOptions = new JksOptions().setPath(new File(tempDir.toFile(), "test-keystore.jks").getAbsolutePath()).setPassword("secret").setAlias("alias");
@@ -163,7 +163,7 @@ void mTLSWithPKCS12Generation(@Dir Path tempDir) throws Exception {
                 .withAlias("alias")
                 .withClientCertificate()
                 .withFormat(Format.PKCS12);
-        new CertificateGenerator(tempDir).generate(request);
+        new CertificateGenerator(tempDir, true).generate(request);
 
 
         KeyCertOptions serverOptions = new PfxOptions().setPath(new File(tempDir.toFile(), "test-keystore.p12").getAbsolutePath()).setPassword("secret").setAlias("alias");
@@ -187,7 +187,7 @@ void mTLSWithJKSAndPemGeneration(@Dir Path tempDir) throws Exception {
                 .withClientCertificate()
                 .withFormat(Format.JKS)
                 .withFormat(Format.PEM);
-        new CertificateGenerator(tempDir).generate(request);
+        new CertificateGenerator(tempDir, true).generate(request);
 
 
         KeyCertOptions serverOptions = new JksOptions().setPath(new File(tempDir.toFile(), "test-keystore.jks").getAbsolutePath()).setPassword("secret").setAlias("alias");