MOSIP-36530 : Separate Error Codes

kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/keymanagerservice/constant/KeymanagerErrorConstant.java

@@ -69,6 +69,16 @@ public enum KeymanagerErrorConstant {
 
 	EC_SIGN_REFERENCE_ID_NOT_SUPPORTED("KER-KMS-030", "EC Sign Reference Id Not Supported for the Application ID."),
 
+	SIGN_APP_ID_REFERENCEID_NOT_ALLOWED("KER-KMS-031", "Application Id with KERNEL & Reference Id with Sign not allowed to upload Partner certificate."),
+
+	VALID_KEY_ALREADY_EXIST("KER-KMS-032", "Valid Key already Exist, not allowed to upload another Certificate."),
+
+	OTHER_DOMAIN_VALID_KEY_NOT_EXIST("KER-KMS-033", "Other Domain Valid key not available, Upload other domain valid Key certificate."),
+
+	PRIVATE_KEY_FOUND("KER-KMS-034", "PrivateKey available, for Other Domain Certificate, Private Key should not available."),
+
+	CERTIFICATE_ALREADY_EXIST("KER-KMS-035", "Certificate Already Exist, not allowed to upload same certificate again"),
+
 	INTERNAL_SERVER_ERROR("KER-KMS-500", "Internal server error");
 
 	/**

kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/keymanagerservice/service/impl/KeymanagerServiceImpl.java

@@ -977,16 +977,16 @@ public UploadCertificateResponseDto uploadOtherDomainCertificate(UploadCertifica
 		if (appId.equalsIgnoreCase(signApplicationid) && refId.equalsIgnoreCase(certificateSignRefID)) {
 			LOGGER.error(KeymanagerConstant.SESSIONID, KeymanagerConstant.APPLICATIONID, appId,
 					"Not allowed to upload other domain certificate with AppId: " + signApplicationid + " & RefId: SIGN.");
-			throw new KeymanagerServiceException(KeymanagerErrorConstant.UPLOAD_NOT_ALLOWED.getErrorCode(),
-					KeymanagerErrorConstant.UPLOAD_NOT_ALLOWED.getErrorMessage());
+			throw new KeymanagerServiceException(KeymanagerErrorConstant.SIGN_APP_ID_REFERENCEID_NOT_ALLOWED.getErrorCode(),
+					KeymanagerErrorConstant.SIGN_APP_ID_REFERENCEID_NOT_ALLOWED.getErrorMessage());
 		}
 		if (keymanagerUtil.isValidReferenceId(refId) && 
 					(Arrays.stream(KeyReferenceIdConsts.values()).anyMatch((rId) -> rId.name().equals(refId)))) {
 			LOGGER.error(KeymanagerConstant.SESSIONID, KeymanagerConstant.APPLICATIONID, appId,
 						"Not allowed to upload other domain certificate with RefId: " + refId 
 						+ ", This refId is reserve for ECC algorithms.");
-			throw new KeymanagerServiceException(KeymanagerErrorConstant.UPLOAD_NOT_ALLOWED.getErrorCode(),
-						KeymanagerErrorConstant.UPLOAD_NOT_ALLOWED.getErrorMessage());
+			throw new KeymanagerServiceException(KeymanagerErrorConstant.EC_SIGN_REFERENCE_ID_NOT_SUPPORTED.getErrorCode(),
+						KeymanagerErrorConstant.EC_SIGN_REFERENCE_ID_NOT_SUPPORTED.getErrorMessage());
 		}
 
 		LOGGER.info(KeymanagerConstant.SESSIONID, KeymanagerConstant.APPLICATIONID, appId,
@@ -1019,8 +1019,8 @@ public UploadCertificateResponseDto uploadOtherDomainCertificate(UploadCertifica
 			if (!keyFromDBStore.isPresent()) {
 				LOGGER.error(KeymanagerConstant.SESSIONID, KeymanagerConstant.EMPTY, KeymanagerConstant.EMPTY,
 									"Other valid key is available, so not allowed to upload certificate.");
-				throw new KeymanagerServiceException(KeymanagerErrorConstant.UPLOAD_NOT_ALLOWED.getErrorCode(),
-									KeymanagerErrorConstant.UPLOAD_NOT_ALLOWED.getErrorMessage());
+				throw new KeymanagerServiceException(KeymanagerErrorConstant.VALID_KEY_ALREADY_EXIST.getErrorCode(),
+									KeymanagerErrorConstant.VALID_KEY_ALREADY_EXIST.getErrorMessage());
 			}
 			return storeAndBuildResponse(appId, refId, reqX509Cert, notBeforeDate, notAfterDate, certThumbprint);
 		}
@@ -1031,8 +1031,8 @@ public UploadCertificateResponseDto uploadOtherDomainCertificate(UploadCertifica
 		if (!keyFromDBStore.isPresent() && currentKeyAlias.size() == 1) {
 			LOGGER.error(KeymanagerConstant.SESSIONID, KeymanagerConstant.EMPTY, KeymanagerConstant.EMPTY,
 								"Other domain valid key is not available in key store, so not allowed to upload certificate.");
-			throw new KeymanagerServiceException(KeymanagerErrorConstant.UPLOAD_NOT_ALLOWED.getErrorCode(),
-								KeymanagerErrorConstant.UPLOAD_NOT_ALLOWED.getErrorMessage());
+			throw new KeymanagerServiceException(KeymanagerErrorConstant.OTHER_DOMAIN_VALID_KEY_NOT_EXIST.getErrorCode(),
+								KeymanagerErrorConstant.OTHER_DOMAIN_VALID_KEY_NOT_EXIST.getErrorMessage());
 		} 
 
 		// master key alias & key alias should be same & private key should not available for other domain certificates.
@@ -1041,17 +1041,17 @@ public UploadCertificateResponseDto uploadOtherDomainCertificate(UploadCertifica
 		if (!keyAlias.equals(masterKeyAlias) || !privateKeyObj.equals(KeymanagerConstant.KS_PK_NA)) {
 			LOGGER.error(KeymanagerConstant.SESSIONID, KeymanagerConstant.APPLICATIONID, null,
 					"Not Allowed to update certificate for other domains if private key available.");
-			throw new KeymanagerServiceException(KeymanagerErrorConstant.UPLOAD_NOT_ALLOWED.getErrorCode(),
-					KeymanagerErrorConstant.UPLOAD_NOT_ALLOWED.getErrorMessage());
+			throw new KeymanagerServiceException(KeymanagerErrorConstant.PRIVATE_KEY_FOUND.getErrorCode(),
+					KeymanagerErrorConstant.PRIVATE_KEY_FOUND.getErrorMessage());
 		}
 
 		// 
 		if (currentKeyAlias.get(0).getCertThumbprint().equals(certThumbprint)) {
 			LOGGER.error(KeymanagerConstant.SESSIONID, KeymanagerConstant.APPLICATIONID, appId,
 					"Not Allowed to upload same certificate for other domains. " +
 							"Current available certificate thumbprint matching with input certificate thumbprint.");
-			throw new KeymanagerServiceException(KeymanagerErrorConstant.UPLOAD_NOT_ALLOWED.getErrorCode(),
-					KeymanagerErrorConstant.UPLOAD_NOT_ALLOWED.getErrorMessage());
+			throw new KeymanagerServiceException(KeymanagerErrorConstant.CERTIFICATE_ALREADY_EXIST.getErrorCode(),
+					KeymanagerErrorConstant.CERTIFICATE_ALREADY_EXIST.getErrorMessage());
 		}
 
 		LocalDateTime expireTime = timestamp.minusMinutes(1L);