Search in sources :

Example 1 with UploadSslCertCmd

use of com.cloud.api.command.user.loadbalancer.UploadSslCertCmd in project cosmic by MissionCriticalCloud.

the class CertServiceTest method runUploadSslCertBadChain.

@Test
public void runUploadSslCertBadChain() throws IOException, IllegalAccessException, NoSuchFieldException {
    Assume.assumeTrue(isOpenJdk() || isJCEInstalled());
    final String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.crt").getFile(), Charset.defaultCharset().name());
    final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.key").getFile(), Charset.defaultCharset().name());
    final String chainFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.crt").getFile(), Charset.defaultCharset().name());
    final String cert = readFileToString(new File(certFile));
    final String key = readFileToString(new File(keyFile));
    final String chain = readFileToString(new File(chainFile));
    final CertServiceImpl certService = new CertServiceImpl();
    // setting mock objects
    certService._accountMgr = Mockito.mock(AccountManager.class);
    final Account account = new AccountVO("testaccount", 1, "networkdomain", (short) 0, UUID.randomUUID().toString());
    when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
    certService._domainDao = Mockito.mock(DomainDao.class);
    final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
    when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
    certService._sslCertDao = Mockito.mock(SslCertDao.class);
    when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
    // creating the command
    final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
    final Class<?> _class = uploadCmd.getClass().getSuperclass();
    final Field certField = _class.getDeclaredField("cert");
    certField.setAccessible(true);
    certField.set(uploadCmd, cert);
    final Field keyField = _class.getDeclaredField("key");
    keyField.setAccessible(true);
    keyField.set(uploadCmd, key);
    final Field chainField = _class.getDeclaredField("chain");
    chainField.setAccessible(true);
    chainField.set(uploadCmd, chain);
    try {
        certService.uploadSslCert(uploadCmd);
        fail("The chain given is not the correct chain for the certificate");
    } catch (final Exception e) {
        assertTrue(e.getMessage().contains("Invalid certificate chain"));
    }
}
Also used : Account(com.cloud.user.Account) SslCertDao(com.cloud.network.dao.SslCertDao) FileUtils.readFileToString(org.apache.commons.io.FileUtils.readFileToString) AccountVO(com.cloud.user.AccountVO) IOException(java.io.IOException) DomainVO(com.cloud.domain.DomainVO) Field(java.lang.reflect.Field) SslCertVO(com.cloud.network.dao.SslCertVO) DomainDao(com.cloud.domain.dao.DomainDao) AccountManager(com.cloud.user.AccountManager) UploadSslCertCmd(com.cloud.api.command.user.loadbalancer.UploadSslCertCmd) File(java.io.File) Test(org.junit.Test)

Example 2 with UploadSslCertCmd

use of com.cloud.api.command.user.loadbalancer.UploadSslCertCmd in project cosmic by MissionCriticalCloud.

the class CertServiceTest method runUploadSslCertNotX509.

@Test
public void runUploadSslCertNotX509() throws IOException, IllegalAccessException, NoSuchFieldException {
    // Reading appropritate files
    final String certFile = URLDecoder.decode(getClass().getResource("/certs/non_x509_pem.crt").getFile(), Charset.defaultCharset().name());
    final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.key").getFile(), Charset.defaultCharset().name());
    final String cert = readFileToString(new File(certFile));
    final String key = readFileToString(new File(keyFile));
    final CertServiceImpl certService = new CertServiceImpl();
    // setting mock objects
    certService._accountMgr = Mockito.mock(AccountManager.class);
    final Account account = new AccountVO("testaccount", 1, "networkdomain", (short) 0, UUID.randomUUID().toString());
    when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
    certService._domainDao = Mockito.mock(DomainDao.class);
    final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
    when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
    certService._sslCertDao = Mockito.mock(SslCertDao.class);
    when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
    // creating the command
    final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
    final Class<?> _class = uploadCmd.getClass().getSuperclass();
    final Field certField = _class.getDeclaredField("cert");
    certField.setAccessible(true);
    certField.set(uploadCmd, cert);
    final Field keyField = _class.getDeclaredField("key");
    keyField.setAccessible(true);
    keyField.set(uploadCmd, key);
    try {
        certService.uploadSslCert(uploadCmd);
        fail("Given a Certificate which is not X509, upload should fail");
    } catch (final Exception e) {
        assertTrue(e.getMessage().contains("Expected X509 certificate"));
    }
}
Also used : Account(com.cloud.user.Account) SslCertDao(com.cloud.network.dao.SslCertDao) FileUtils.readFileToString(org.apache.commons.io.FileUtils.readFileToString) AccountVO(com.cloud.user.AccountVO) IOException(java.io.IOException) DomainVO(com.cloud.domain.DomainVO) Field(java.lang.reflect.Field) SslCertVO(com.cloud.network.dao.SslCertVO) DomainDao(com.cloud.domain.dao.DomainDao) AccountManager(com.cloud.user.AccountManager) UploadSslCertCmd(com.cloud.api.command.user.loadbalancer.UploadSslCertCmd) File(java.io.File) Test(org.junit.Test)

Example 3 with UploadSslCertCmd

use of com.cloud.api.command.user.loadbalancer.UploadSslCertCmd in project cosmic by MissionCriticalCloud.

the class CertServiceTest method runUploadSslCertBadFormat.

@Test
public void runUploadSslCertBadFormat() throws IOException, IllegalAccessException, NoSuchFieldException {
    // Reading appropritate files
    final String certFile = URLDecoder.decode(getClass().getResource("/certs/bad_format_cert.crt").getFile(), Charset.defaultCharset().name());
    final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.key").getFile(), Charset.defaultCharset().name());
    final String cert = readFileToString(new File(certFile));
    final String key = readFileToString(new File(keyFile));
    final CertServiceImpl certService = new CertServiceImpl();
    // setting mock objects
    certService._accountMgr = Mockito.mock(AccountManager.class);
    final Account account = new AccountVO("testaccount", 1, "networkdomain", (short) 0, UUID.randomUUID().toString());
    when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
    certService._domainDao = Mockito.mock(DomainDao.class);
    final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
    when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
    certService._sslCertDao = Mockito.mock(SslCertDao.class);
    when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
    // creating the command
    final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
    final Class<?> _class = uploadCmd.getClass().getSuperclass();
    final Field certField = _class.getDeclaredField("cert");
    certField.setAccessible(true);
    certField.set(uploadCmd, cert);
    final Field keyField = _class.getDeclaredField("key");
    keyField.setAccessible(true);
    keyField.set(uploadCmd, key);
    try {
        certService.uploadSslCert(uploadCmd);
        fail("Given a Certificate in bad format (Not PEM), upload should fail");
    } catch (final Exception e) {
        assertTrue(e.getMessage().contains("Invalid certificate format"));
    }
}
Also used : Account(com.cloud.user.Account) SslCertDao(com.cloud.network.dao.SslCertDao) FileUtils.readFileToString(org.apache.commons.io.FileUtils.readFileToString) AccountVO(com.cloud.user.AccountVO) IOException(java.io.IOException) DomainVO(com.cloud.domain.DomainVO) Field(java.lang.reflect.Field) SslCertVO(com.cloud.network.dao.SslCertVO) DomainDao(com.cloud.domain.dao.DomainDao) AccountManager(com.cloud.user.AccountManager) UploadSslCertCmd(com.cloud.api.command.user.loadbalancer.UploadSslCertCmd) File(java.io.File) Test(org.junit.Test)

Example 4 with UploadSslCertCmd

use of com.cloud.api.command.user.loadbalancer.UploadSslCertCmd in project cosmic by MissionCriticalCloud.

the class CertServiceTest method runUploadSslCertWithCAChain.

@Test
public /**
 * Given a certificate signed by a CA and a valid CA chain, upload should succeed
 */
void runUploadSslCertWithCAChain() throws Exception {
    Assume.assumeTrue(isOpenJdk() || isJCEInstalled());
    final TransactionLegacy txn = TransactionLegacy.open("runUploadSslCertWithCAChain");
    final String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.crt").getFile(), Charset.defaultCharset().name());
    final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.key").getFile(), Charset.defaultCharset().name());
    final String chainFile = URLDecoder.decode(getClass().getResource("/certs/root_chain.crt").getFile(), Charset.defaultCharset().name());
    final String cert = readFileToString(new File(certFile));
    final String key = readFileToString(new File(keyFile));
    final String chain = readFileToString(new File(chainFile));
    final CertServiceImpl certService = new CertServiceImpl();
    // setting mock objects
    certService._accountMgr = Mockito.mock(AccountManager.class);
    final Account account = new AccountVO("testaccount", 1, "networkdomain", (short) 0, UUID.randomUUID().toString());
    when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
    certService._domainDao = Mockito.mock(DomainDao.class);
    final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
    when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
    certService._sslCertDao = Mockito.mock(SslCertDao.class);
    when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
    certService._accountDao = Mockito.mock(AccountDao.class);
    when(certService._accountDao.findByIdIncludingRemoved(anyLong())).thenReturn((AccountVO) account);
    // creating the command
    final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
    final Class<?> _class = uploadCmd.getClass().getSuperclass();
    final Field certField = _class.getDeclaredField("cert");
    certField.setAccessible(true);
    certField.set(uploadCmd, cert);
    final Field keyField = _class.getDeclaredField("key");
    keyField.setAccessible(true);
    keyField.set(uploadCmd, key);
    final Field chainField = _class.getDeclaredField("chain");
    chainField.setAccessible(true);
    chainField.set(uploadCmd, chain);
    certService.uploadSslCert(uploadCmd);
}
Also used : Account(com.cloud.user.Account) SslCertDao(com.cloud.network.dao.SslCertDao) AccountDao(com.cloud.user.dao.AccountDao) FileUtils.readFileToString(org.apache.commons.io.FileUtils.readFileToString) AccountVO(com.cloud.user.AccountVO) TransactionLegacy(com.cloud.utils.db.TransactionLegacy) DomainVO(com.cloud.domain.DomainVO) Field(java.lang.reflect.Field) SslCertVO(com.cloud.network.dao.SslCertVO) DomainDao(com.cloud.domain.dao.DomainDao) AccountManager(com.cloud.user.AccountManager) UploadSslCertCmd(com.cloud.api.command.user.loadbalancer.UploadSslCertCmd) File(java.io.File) Test(org.junit.Test)

Example 5 with UploadSslCertCmd

use of com.cloud.api.command.user.loadbalancer.UploadSslCertCmd in project cosmic by MissionCriticalCloud.

the class CertServiceTest method runUploadSslCertNoRootCert.

@Test
public void runUploadSslCertNoRootCert() throws IOException, IllegalAccessException, NoSuchFieldException {
    Assume.assumeTrue(isOpenJdk() || isJCEInstalled());
    final String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.crt").getFile(), Charset.defaultCharset().name());
    final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.key").getFile(), Charset.defaultCharset().name());
    final String chainFile = URLDecoder.decode(getClass().getResource("/certs/non_root.crt").getFile(), Charset.defaultCharset().name());
    final String cert = readFileToString(new File(certFile));
    final String key = readFileToString(new File(keyFile));
    final String chain = readFileToString(new File(chainFile));
    final CertServiceImpl certService = new CertServiceImpl();
    // setting mock objects
    certService._accountMgr = Mockito.mock(AccountManager.class);
    final Account account = new AccountVO("testaccount", 1, "networkdomain", (short) 0, UUID.randomUUID().toString());
    when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
    certService._domainDao = Mockito.mock(DomainDao.class);
    final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
    when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
    certService._sslCertDao = Mockito.mock(SslCertDao.class);
    when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
    // creating the command
    final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
    final Class<?> _class = uploadCmd.getClass().getSuperclass();
    final Field certField = _class.getDeclaredField("cert");
    certField.setAccessible(true);
    certField.set(uploadCmd, cert);
    final Field keyField = _class.getDeclaredField("key");
    keyField.setAccessible(true);
    keyField.set(uploadCmd, key);
    final Field chainField = _class.getDeclaredField("chain");
    chainField.setAccessible(true);
    chainField.set(uploadCmd, chain);
    try {
        certService.uploadSslCert(uploadCmd);
        fail("Chain is given but does not link to the certificate");
    } catch (final Exception e) {
        assertTrue(e.getMessage().contains("Invalid certificate chain"));
    }
}
Also used : Account(com.cloud.user.Account) SslCertDao(com.cloud.network.dao.SslCertDao) FileUtils.readFileToString(org.apache.commons.io.FileUtils.readFileToString) AccountVO(com.cloud.user.AccountVO) IOException(java.io.IOException) DomainVO(com.cloud.domain.DomainVO) Field(java.lang.reflect.Field) SslCertVO(com.cloud.network.dao.SslCertVO) DomainDao(com.cloud.domain.dao.DomainDao) AccountManager(com.cloud.user.AccountManager) UploadSslCertCmd(com.cloud.api.command.user.loadbalancer.UploadSslCertCmd) File(java.io.File) Test(org.junit.Test)

Aggregations

UploadSslCertCmd (com.cloud.api.command.user.loadbalancer.UploadSslCertCmd)11 DomainVO (com.cloud.domain.DomainVO)11 DomainDao (com.cloud.domain.dao.DomainDao)11 SslCertDao (com.cloud.network.dao.SslCertDao)11 SslCertVO (com.cloud.network.dao.SslCertVO)11 Account (com.cloud.user.Account)11 AccountManager (com.cloud.user.AccountManager)11 AccountVO (com.cloud.user.AccountVO)11 File (java.io.File)11 Field (java.lang.reflect.Field)11 FileUtils.readFileToString (org.apache.commons.io.FileUtils.readFileToString)11 Test (org.junit.Test)11 IOException (java.io.IOException)8 AccountDao (com.cloud.user.dao.AccountDao)3 TransactionLegacy (com.cloud.utils.db.TransactionLegacy)3