Example 6 with KeyCertificateEntry
use of com.emc.storageos.security.keystore.impl.KeyCertificateEntry in project coprhd-controller by CoprHD.
the class KeyCertificatePairGeneratorTest method testLoadKey.
@Test
public void testLoadKey() throws SecurityException, NoSuchAlgorithmException {
// test the defaults
KeyCertificatePairGenerator rsaGen = new KeyCertificatePairGenerator();
rsaGen.setKeyCertificateAlgorithmValuesHolder(defaultValues);
KeyCertificateEntry pair = rsaGen.generateKeyCertificatePair();
byte[] RSAKeyBytes = pair.getKey();
PrivateKey loadedRSAKey = KeyCertificatePairGenerator.loadPrivateKeyFromBytes(RSAKeyBytes);
byte[] loadedRSAKeyBytes = loadedRSAKey.getEncoded();
Assert.assertEquals(RSAKeyBytes.length, loadedRSAKeyBytes.length);
Assert.assertArrayEquals(RSAKeyBytes, loadedRSAKeyBytes);
}
Also used :
PrivateKey(java.security.PrivateKey)
KeyCertificatePairGenerator(com.emc.storageos.security.keystore.impl.KeyCertificatePairGenerator)
KeyCertificateEntry(com.emc.storageos.security.keystore.impl.KeyCertificateEntry)
Test(org.junit.Test)
Example 7 with KeyCertificateEntry
use of com.emc.storageos.security.keystore.impl.KeyCertificateEntry in project coprhd-controller by CoprHD.
the class KeystoreTest method testZookeeperKeystore.
@Test
public void testZookeeperKeystore() throws IOException {
DistributedKeyStore zookeeperKeystore = new DistributedKeyStoreImpl();
boolean exceptionThrown = false;
try {
zookeeperKeystore.init(invalidLoadStoreParam);
} catch (SecurityException e) {
exceptionThrown = true;
}
Assert.assertTrue(exceptionThrown);
zookeeperKeystore.init(loadStoreParam);
// this is in case this test was run previously
zookeeperKeystore.setTrustedCertificates(null);
KeyCertificateEntry origEntry = gen.generateKeyCertificatePair();
origEntry.setCreationDate(new Date());
zookeeperKeystore.setKeyCertificatePair(origEntry);
KeyCertificateEntry storedEntry = zookeeperKeystore.getKeyCertificatePair();
assertKeyCertificateEntriesEquals(origEntry, storedEntry);
origEntry = gen.generateKeyCertificatePair();
TrustedCertificateEntry origCertEntry = new TrustedCertificateEntry(origEntry.getCertificateChain()[0], new Date());
Map<String, TrustedCertificateEntry> origCertEntries = new HashMap<String, TrustedCertificateEntry>();
origCertEntries.put("trustedCert1", origCertEntry);
zookeeperKeystore.addTrustedCertificate("trustedCert1", origCertEntry);
origEntry = gen.generateKeyCertificatePair();
origCertEntry = new TrustedCertificateEntry(origEntry.getCertificateChain()[0], new Date());
origCertEntries.put("trustedCert2", origCertEntry);
zookeeperKeystore.addTrustedCertificate("trustedCert2", origCertEntry);
assertTrustedCertsEquals(origCertEntries, zookeeperKeystore.getTrustedCertificates());
origEntry = gen.generateKeyCertificatePair();
origCertEntry = new TrustedCertificateEntry(origEntry.getCertificateChain()[0], new Date());
origCertEntries.put("trustedCert3", origCertEntry);
zookeeperKeystore.setTrustedCertificates(origCertEntries);
assertTrustedCertsEquals(origCertEntries, zookeeperKeystore.getTrustedCertificates());
origCertEntries.remove("trustedCert3");
zookeeperKeystore.setTrustedCertificates(origCertEntries);
assertTrustedCertsEquals(origCertEntries, zookeeperKeystore.getTrustedCertificates());
origCertEntries.remove("trustedCert2");
zookeeperKeystore.removeTrustedCertificate("trustedCert2");
assertTrustedCertsEquals(origCertEntries, zookeeperKeystore.getTrustedCertificates());
zookeeperKeystore.removeTrustedCertificate("trustedCert10");
}
Also used :
DistributedKeyStoreImpl(com.emc.storageos.security.keystore.impl.DistributedKeyStoreImpl)
HashMap(java.util.HashMap)
SecurityException(com.emc.storageos.security.exceptions.SecurityException)
KeyCertificateEntry(com.emc.storageos.security.keystore.impl.KeyCertificateEntry)
Date(java.util.Date)
TrustedCertificateEntry(com.emc.storageos.security.keystore.impl.TrustedCertificateEntry)
Test(org.junit.Test)
Example 8 with KeyCertificateEntry
use of com.emc.storageos.security.keystore.impl.KeyCertificateEntry in project coprhd-controller by CoprHD.
the class TrustManagerTest method testCheckServerTrusted.
@Test
public void testCheckServerTrusted() throws Exception {
DistributedKeyStore zookeeperKeystore = new DistributedKeyStoreImpl();
zookeeperKeystore.init(loadStoreParam);
zookeeperKeystore.setTrustedCertificates(null);
KeyStoreUtil.setAcceptAllCertificates(zkhHelper, Boolean.FALSE);
ViPRX509TrustManager tm = new ViPRX509TrustManager(coordinatorClient);
KeyCertificatePairGenerator gen = new KeyCertificatePairGenerator();
gen.setKeyCertificateAlgorithmValuesHolder(new KeyCertificateAlgorithmValuesHolder(coordinatorClient));
KeyCertificateEntry entry = gen.generateKeyCertificatePair();
X509Certificate[] chainToVerify = new X509Certificate[] { (X509Certificate) entry.getCertificateChain()[0] };
boolean exceptionThrown = false;
try {
tm.checkServerTrusted(chainToVerify, "RSA_EXPORT");
} catch (CertificateException e) {
exceptionThrown = true;
}
Assert.assertTrue(exceptionThrown);
TrustedCertificateEntry trustedCert = new TrustedCertificateEntry(entry.getCertificateChain()[0], new Date());
zookeeperKeystore.addTrustedCertificate("someAlias", trustedCert);
// creating a new instance since trust manager caches all the certs
tm = new ViPRX509TrustManager(coordinatorClient);
try {
tm.checkServerTrusted(chainToVerify, "RSA_EXPORT");
} catch (CertificateException e) {
Assert.fail();
}
KeyStoreUtil.setAcceptAllCertificates(zkhHelper, Boolean.TRUE);
entry = gen.generateKeyCertificatePair();
chainToVerify = new X509Certificate[] { (X509Certificate) entry.getCertificateChain()[0] };
try {
tm.checkServerTrusted(chainToVerify, "RSA_EXPORT");
} catch (CertificateException e) {
Assert.fail();
}
}
Also used :
KeyCertificateAlgorithmValuesHolder(com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder)
DistributedKeyStoreImpl(com.emc.storageos.security.keystore.impl.DistributedKeyStoreImpl)
KeyCertificatePairGenerator(com.emc.storageos.security.keystore.impl.KeyCertificatePairGenerator)
CertificateException(java.security.cert.CertificateException)
ViPRX509TrustManager(com.emc.storageos.security.ssl.ViPRX509TrustManager)
KeyCertificateEntry(com.emc.storageos.security.keystore.impl.KeyCertificateEntry)
X509Certificate(java.security.cert.X509Certificate)
Date(java.util.Date)
TrustedCertificateEntry(com.emc.storageos.security.keystore.impl.TrustedCertificateEntry)
Test(org.junit.Test)
Aggregations
KeyCertificateEntry (com.emc.storageos.security.keystore.impl.KeyCertificateEntry)8
Test (org.junit.Test)6
SecurityException (com.emc.storageos.security.exceptions.SecurityException)4
KeyCertificatePairGenerator (com.emc.storageos.security.keystore.impl.KeyCertificatePairGenerator)4
DistributedKeyStoreImpl (com.emc.storageos.security.keystore.impl.DistributedKeyStoreImpl)3
TrustedCertificateEntry (com.emc.storageos.security.keystore.impl.TrustedCertificateEntry)3
KeyStoreException (java.security.KeyStoreException)3
Date (java.util.Date)3
SiteState (com.emc.storageos.coordinator.client.model.SiteState)1
DatabaseException (com.emc.storageos.db.exceptions.DatabaseException)1
CheckPermission (com.emc.storageos.security.authorization.CheckPermission)1
KeyCertificateAlgorithmValuesHolder (com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder)1
SecurityProvider (com.emc.storageos.security.keystore.impl.SecurityProvider)1
ViPRX509TrustManager (com.emc.storageos.security.ssl.ViPRX509TrustManager)1
APIException (com.emc.storageos.svcs.errorhandling.resources.APIException)1
BadRequestException (com.emc.storageos.svcs.errorhandling.resources.BadRequestException)1
InternalServerErrorException (com.emc.storageos.svcs.errorhandling.resources.InternalServerErrorException)1
KeyAndCertificateChain (com.emc.vipr.model.keystore.KeyAndCertificateChain)1
UnknownHostException (java.net.UnknownHostException)1
GeneralSecurityException (java.security.GeneralSecurityException)1
