diff --git a/certificate-generator-junit5/src/main/java/me/escoffier/certs/junit5/CertificateGenerationExtension.java b/certificate-generator-junit5/src/main/java/me/escoffier/certs/junit5/CertificateGenerationExtension.java index 17ac154..8af485d 100644 --- a/certificate-generator-junit5/src/main/java/me/escoffier/certs/junit5/CertificateGenerationExtension.java +++ b/certificate-generator-junit5/src/main/java/me/escoffier/certs/junit5/CertificateGenerationExtension.java @@ -21,7 +21,7 @@ public void beforeAll(ExtensionContext extensionContext) throws Exception { String baseDir = annotation.baseDir(); File file = new File(baseDir); file.mkdirs(); - CertificateGenerator generator = new CertificateGenerator(file.toPath()); + CertificateGenerator generator = new CertificateGenerator(file.toPath(), annotation.replaceIfExists()); CertificateRequest request = new CertificateRequest() .withName(certificate.name()) diff --git a/certificate-generator-junit5/src/main/java/me/escoffier/certs/junit5/Certificates.java b/certificate-generator-junit5/src/main/java/me/escoffier/certs/junit5/Certificates.java index 760e568..198a00b 100644 --- a/certificate-generator-junit5/src/main/java/me/escoffier/certs/junit5/Certificates.java +++ b/certificate-generator-junit5/src/main/java/me/escoffier/certs/junit5/Certificates.java @@ -26,4 +26,8 @@ */ Certificate[] certificates(); + /** + * Whether to replace the certificates if they already exist. + */ + boolean replaceIfExists() default false; } diff --git a/certificate-generator-maven-plugin/src/main/java/me/escoffier/certs/maven/CertificatesGeneratorMojo.java b/certificate-generator-maven-plugin/src/main/java/me/escoffier/certs/maven/CertificatesGeneratorMojo.java index fd23cb0..ea64b8a 100644 --- a/certificate-generator-maven-plugin/src/main/java/me/escoffier/certs/maven/CertificatesGeneratorMojo.java +++ b/certificate-generator-maven-plugin/src/main/java/me/escoffier/certs/maven/CertificatesGeneratorMojo.java @@ -23,6 +23,9 @@ public class CertificatesGeneratorMojo extends AbstractMojo { @Parameter(property = "certificate-generator.outputDirectory", defaultValue = "${project.build.directory}/certificates") private String outputDirectory; + @Parameter(property = "certificate-generator.replaceIfExists", defaultValue = "false") + private boolean replaceIfExists; + @Override public void execute() throws MojoExecutionException { getLog().info("Generating certificates"); @@ -33,7 +36,7 @@ public void execute() throws MojoExecutionException { } try { - CertificateGenerator generator = new CertificateGenerator(new File(outputDirectory).toPath()); + CertificateGenerator generator = new CertificateGenerator(new File(outputDirectory).toPath(), replaceIfExists); for (CertificateRequestParameter request : certificates) { CertificateRequest cr = new CertificateRequest() .withName(request.getName()) diff --git a/certificate-generator/src/main/java/me/escoffier/certs/CertificateGenerator.java b/certificate-generator/src/main/java/me/escoffier/certs/CertificateGenerator.java index 3184331..040d051 100644 --- a/certificate-generator/src/main/java/me/escoffier/certs/CertificateGenerator.java +++ b/certificate-generator/src/main/java/me/escoffier/certs/CertificateGenerator.java @@ -14,13 +14,16 @@ public class CertificateGenerator { final File root; static System.Logger LOGGER = System.getLogger(CertificateGenerator.class.getName()); + private final boolean replaceIfExists; - public CertificateGenerator(Path tempDir) { - root = tempDir.toFile(); + public CertificateGenerator(Path tempDir, boolean replaceIfExists) { + this.replaceIfExists = replaceIfExists; + this.root = tempDir.toFile(); } public CertificateGenerator() { root = new File("."); + replaceIfExists = false; } public void generate(CertificateRequest request) throws Exception { @@ -43,19 +46,31 @@ public void generate(CertificateRequest request) throws Exception { if (format == Format.PEM) { File certFile = new File(root, request.name() + ".crt"); File keyFile = new File(root, request.name() + ".key"); - File trustfile = new File(root, request.name() + (client!=null ? "-client" : "") + "-ca.crt"); + File trustfile = new File(root, request.name() + (client != null ? "-client" : "") + "-ca.crt"); File clientCertFile = new File(root, request.name() + "-client.crt"); File clientKeyFile = new File(root, request.name() + "-client.key"); File serverTrustfile = new File(root, request.name() + "-server-ca.crt"); - writeCertificateToPEM(certificate, certFile); - writePrivateKeyToPem(keyPair.getPrivate(), keyFile); - writeTruststoreToPem(List.of(certificate), trustfile); + if (replaceIfExists || !certFile.isFile()) { + writeCertificateToPEM(certificate, certFile); + } + if (replaceIfExists || ! keyFile.isFile()) { + writePrivateKeyToPem(keyPair.getPrivate(), keyFile); + } + if (replaceIfExists || ! trustfile.isFile()) { + writeTruststoreToPem(List.of(certificate), trustfile); + } if (client != null) { - writeCertificateToPEM(clientCertificate, clientCertFile); - writePrivateKeyToPem(clientKeyPair.getPrivate(), clientKeyFile); - writeTruststoreToPem(List.of(clientCertificate), serverTrustfile); + if (replaceIfExists || !clientCertFile.isFile()) { + writeCertificateToPEM(clientCertificate, clientCertFile); + } + if (replaceIfExists || !clientKeyFile.isFile()) { + writePrivateKeyToPem(clientKeyPair.getPrivate(), clientKeyFile); + } + if (replaceIfExists || !serverTrustfile.isFile()) { + writeTruststoreToPem(List.of(clientCertificate), serverTrustfile); + } } LOGGER.log(System.Logger.Level.INFO, "⭐ PEM Certificates, keystore, and truststore generated successfully!"); @@ -71,18 +86,26 @@ public void generate(CertificateRequest request) throws Exception { } } else if (format == Format.JKS) { - File keyStoreFile = new File(root, request.name() + "-keystore." + format.extension()); - File trustStoreFile = new File(root, request.name() + (client!=null ? "-client" : "") + "-truststore." + format.extension()); + File keyStoreFile = new File(root, request.name() + "-keystore." + format.extension()); + File trustStoreFile = new File(root, request.name() + (client != null ? "-client" : "") + "-truststore." + format.extension()); - File clientKeyStoreFile = new File(root, request.name() + "-client-keystore." + format.extension()); - File serverTrustStoreFile = new File(root, request.name() + "-server-truststore." + format.extension()); + File clientKeyStoreFile = new File(root, request.name() + "-client-keystore." + format.extension()); + File serverTrustStoreFile = new File(root, request.name() + "-server-truststore." + format.extension()); - writePrivateKeyAndCertificateToJKS(certificate, keyPair, keyStoreFile, request.password().toCharArray(), request.getAlias()); - writeTrustStoreToJKS(Map.of(request.getAlias(), certificate), trustStoreFile, request.password().toCharArray()); + if (replaceIfExists || !keyStoreFile.isFile()) { + writePrivateKeyAndCertificateToJKS(certificate, keyPair, keyStoreFile, request.password().toCharArray(), request.getAlias()); + } + if (replaceIfExists || !trustStoreFile.isFile()) { + writeTrustStoreToJKS(Map.of(request.getAlias(), certificate), trustStoreFile, request.password().toCharArray()); + } if (client != null) { - writePrivateKeyAndCertificateToJKS(clientCertificate, clientKeyPair, clientKeyStoreFile, request.password().toCharArray(), request.getAlias()); - writeTrustStoreToJKS(Map.of(request.getAlias(), clientCertificate), serverTrustStoreFile, request.password().toCharArray()); + if (replaceIfExists || !clientKeyStoreFile.isFile()) { + writePrivateKeyAndCertificateToJKS(clientCertificate, clientKeyPair, clientKeyStoreFile, request.password().toCharArray(), request.getAlias()); + } + if (replaceIfExists || !serverTrustStoreFile.isFile()) { + writeTrustStoreToJKS(Map.of(request.getAlias(), clientCertificate), serverTrustStoreFile, request.password().toCharArray()); + } } LOGGER.log(System.Logger.Level.INFO, "⭐ JKS Keystore and truststore generated successfully!"); @@ -96,18 +119,26 @@ public void generate(CertificateRequest request) throws Exception { LOGGER.log(System.Logger.Level.INFO, "\uD83D\uDD13 Trust Store File: " + trustStoreFile.getAbsolutePath()); } } else if (format == Format.PKCS12) { - File keyStoreFile = new File(root, request.name() + "-keystore." + format.extension()); - File trustStoreFile = new File(root, request.name() + (client!=null ? "-client" : "") + "-truststore." + format.extension()); + File keyStoreFile = new File(root, request.name() + "-keystore." + format.extension()); + File trustStoreFile = new File(root, request.name() + (client != null ? "-client" : "") + "-truststore." + format.extension()); - File clientKeyStoreFile = new File(root, request.name() + "-client-keystore." + format.extension()); - File serverTrustStoreFile = new File(root, request.name() + "-server-truststore." + format.extension()); + File clientKeyStoreFile = new File(root, request.name() + "-client-keystore." + format.extension()); + File serverTrustStoreFile = new File(root, request.name() + "-server-truststore." + format.extension()); - writePrivateKeyAndCertificateToPKCS12(certificate, keyPair, keyStoreFile, request.password().toCharArray(), request.getAlias()); - writeTrustStoreToPKCS12(Map.of(request.getAlias(), certificate), trustStoreFile, request.password().toCharArray()); + if (replaceIfExists || !keyStoreFile.isFile()) { + writePrivateKeyAndCertificateToPKCS12(certificate, keyPair, keyStoreFile, request.password().toCharArray(), request.getAlias()); + } + if (replaceIfExists || !trustStoreFile.isFile()) { + writeTrustStoreToPKCS12(Map.of(request.getAlias(), certificate), trustStoreFile, request.password().toCharArray()); + } if (client != null) { - writePrivateKeyAndCertificateToPKCS12(clientCertificate, clientKeyPair, clientKeyStoreFile, request.password().toCharArray(), request.getAlias()); - writeTrustStoreToPKCS12(Map.of(request.getAlias(), clientCertificate), serverTrustStoreFile, request.password().toCharArray()); + if (replaceIfExists || !clientKeyStoreFile.isFile()) { + writePrivateKeyAndCertificateToPKCS12(clientCertificate, clientKeyPair, clientKeyStoreFile, request.password().toCharArray(), request.getAlias()); + } + if (replaceIfExists || !serverTrustStoreFile.isFile()) { + writeTrustStoreToPKCS12(Map.of(request.getAlias(), clientCertificate), serverTrustStoreFile, request.password().toCharArray()); + } } LOGGER.log(System.Logger.Level.INFO, "⭐ PCKS12 Keystore and truststore generated successfully!"); diff --git a/certificate-generator/src/test/java/me/escoffier/certs/GenerationTest.java b/certificate-generator/src/test/java/me/escoffier/certs/GenerationTest.java index ffeb461..7614e86 100644 --- a/certificate-generator/src/test/java/me/escoffier/certs/GenerationTest.java +++ b/certificate-generator/src/test/java/me/escoffier/certs/GenerationTest.java @@ -32,7 +32,7 @@ void JKSGeneration(@Dir Path tempDir) throws Exception { .withName("test") .withFormat(Format.JKS) .withPassword("password"); - new CertificateGenerator(tempDir).generate(request); + new CertificateGenerator(tempDir, true).generate(request); KeyCertOptions serverOptions = new JksOptions().setPath(new File(tempDir.toFile(), "test-keystore.jks").getAbsolutePath()).setPassword("password"); TrustOptions clientOptions = new JksOptions().setPath(new File(tempDir.toFile(), "test-truststore.jks").getAbsolutePath()).setPassword("password"); @@ -49,7 +49,7 @@ void JKSGenerationWithDifferentAlias(@Dir Path tempDir) throws Exception { .withAlias("alias") .withFormat(Format.JKS) .withPassword("password"); - new CertificateGenerator(tempDir).generate(request); + new CertificateGenerator(tempDir, true).generate(request); KeyCertOptions serverOptions = new JksOptions().setPath(new File(tempDir.toFile(), "test-keystore.jks").getAbsolutePath()).setPassword("password").setAlias("alias"); TrustOptions clientOptions = new JksOptions().setPath(new File(tempDir.toFile(), "test-truststore.jks").getAbsolutePath()).setPassword("password").setAlias("alias"); @@ -64,7 +64,7 @@ void PEMGeneration(@Dir Path tempDir) throws Exception { CertificateRequest request = new CertificateRequest() .withName("test") .withFormat(Format.PEM); - new CertificateGenerator(tempDir).generate(request); + new CertificateGenerator(tempDir, true).generate(request); KeyCertOptions serverOptions = new PemKeyCertOptions() .addKeyPath(new File(tempDir.toFile(), "test.key").getAbsolutePath()) @@ -82,7 +82,7 @@ void PCKS12Generation(@Dir Path tempDir) throws Exception { .withName("test") .withFormat(Format.PKCS12) .withPassword("secret"); - new CertificateGenerator(tempDir).generate(request); + new CertificateGenerator(tempDir, true).generate(request); KeyCertOptions serverOptions = new PfxOptions().setPath(new File(tempDir.toFile(), "test-keystore.p12").getAbsolutePath()).setPassword("secret"); TrustOptions clientOptions = new PfxOptions().setPath(new File(tempDir.toFile(), "test-truststore.p12").getAbsolutePath()).setPassword("secret"); @@ -99,7 +99,7 @@ void multiFormatGeneration(@Dir Path tempDir) throws Exception { .withFormat(Format.PKCS12) .withFormat(Format.PEM) .withPassword("password"); - new CertificateGenerator(tempDir).generate(request); + new CertificateGenerator(tempDir, true).generate(request); KeyCertOptions serverOptions = new PfxOptions().setPath(new File(tempDir.toFile(), "test-keystore.p12").getAbsolutePath()).setPassword("password"); TrustOptions clientOptions = new PemTrustOptions().addCertPath(new File(tempDir.toFile(), "test-ca.crt").getAbsolutePath()); @@ -115,7 +115,7 @@ void mTLSWithPemGeneration(@Dir Path tempDir) throws Exception { .withName("test") .withClientCertificate() .withFormat(Format.PEM); - new CertificateGenerator(tempDir).generate(request); + new CertificateGenerator(tempDir, true).generate(request); KeyCertOptions serverOptions = new PemKeyCertOptions() .addKeyPath(new File(tempDir.toFile(), "test.key").getAbsolutePath()) @@ -140,7 +140,7 @@ void mTLSWithJKSGeneration(@Dir Path tempDir) throws Exception { .withAlias("alias") .withClientCertificate() .withFormat(Format.JKS); - new CertificateGenerator(tempDir).generate(request); + new CertificateGenerator(tempDir, true).generate(request); KeyCertOptions serverOptions = new JksOptions().setPath(new File(tempDir.toFile(), "test-keystore.jks").getAbsolutePath()).setPassword("secret").setAlias("alias"); @@ -163,7 +163,7 @@ void mTLSWithPKCS12Generation(@Dir Path tempDir) throws Exception { .withAlias("alias") .withClientCertificate() .withFormat(Format.PKCS12); - new CertificateGenerator(tempDir).generate(request); + new CertificateGenerator(tempDir, true).generate(request); KeyCertOptions serverOptions = new PfxOptions().setPath(new File(tempDir.toFile(), "test-keystore.p12").getAbsolutePath()).setPassword("secret").setAlias("alias"); @@ -187,7 +187,7 @@ void mTLSWithJKSAndPemGeneration(@Dir Path tempDir) throws Exception { .withClientCertificate() .withFormat(Format.JKS) .withFormat(Format.PEM); - new CertificateGenerator(tempDir).generate(request); + new CertificateGenerator(tempDir, true).generate(request); KeyCertOptions serverOptions = new JksOptions().setPath(new File(tempDir.toFile(), "test-keystore.jks").getAbsolutePath()).setPassword("secret").setAlias("alias");