Search in sources :

Example 1 with CertificateOperation

use of com.microsoft.azure.keyvault.models.CertificateOperation in project azure-sdk-for-java by Azure.

the class CertificateOperationsTest method createCertificatePkcs12.

/**
     * Create a test-issuer issued certificate in PKCS12 format (which includes
     * the private key) certificate.
     * 
     * @throws Exception
     */
@Test
public void createCertificatePkcs12() throws Exception {
    // Construct organization administrator details
    AdministratorDetails administratorDetails = new AdministratorDetails().withFirstName("John").withLastName("Doe").withEmailAddress("john.doe@contoso.com").withPhone("1234567890");
    // Construct organization details
    List<AdministratorDetails> administratorsDetails = new ArrayList<AdministratorDetails>();
    administratorsDetails.add(administratorDetails);
    OrganizationDetails organizationDetails = new OrganizationDetails().withAdminDetails(administratorsDetails);
    // Construct certificate issuer credentials
    IssuerCredentials credentials = new IssuerCredentials().withAccountId("account1").withPassword("Pa$$w0rd");
    String certificateIssuerName = "createCertificateJavaPkcs12Issuer01";
    IssuerBundle createdCertificateIssuer = keyVaultClient.setCertificateIssuer(new SetCertificateIssuerRequest.Builder(getVaultUri(), certificateIssuerName, ISSUER_TEST).withCredentials(credentials).withOrganizationDetails(organizationDetails).build());
    validateCertificateIssuer(createdCertificateIssuer, certificateIssuerName);
    // Set content type to indicate the certificate is PKCS12 format.
    SecretProperties secretProperties = new SecretProperties().withContentType(MIME_PKCS12);
    String subjectName = "CN=TestJavaPkcs12";
    X509CertificateProperties x509Properties = new X509CertificateProperties().withSubject(subjectName).withValidityInMonths(12);
    // Set issuer reference to the created issuer
    IssuerParameters issuerParameters = new IssuerParameters();
    issuerParameters.withName(createdCertificateIssuer.issuerIdentifier().name());
    CertificatePolicy certificatePolicy = new CertificatePolicy().withSecretProperties(secretProperties).withIssuerParameters(issuerParameters).withX509CertificateProperties(x509Properties);
    String vaultUri = getVaultUri();
    String certificateName = "createTestJavaPkcs12";
    CertificateOperation certificateOperation = keyVaultClient.createCertificate(new CreateCertificateRequest.Builder(vaultUri, certificateName).withPolicy(certificatePolicy).build());
    Assert.assertNotNull(certificateOperation);
    Assert.assertTrue(certificateOperation.status().equalsIgnoreCase(STATUS_IN_PROGRESS));
    CertificateBundle certificateBundle = pollOnCertificateOperation(certificateOperation);
    validateCertificateBundle(certificateBundle, certificatePolicy);
    // Load the CER part into X509Certificate object
    X509Certificate x509Certificate = loadCerToX509Certificate(certificateBundle);
    Assert.assertTrue(x509Certificate.getSubjectX500Principal().getName().equals(subjectName));
    Assert.assertTrue(x509Certificate.getIssuerX500Principal().getName().equals(subjectName));
    // Retrieve the secret backing the certificate
    SecretIdentifier secretIdentifier = certificateBundle.secretIdentifier();
    SecretBundle secret = keyVaultClient.getSecret(secretIdentifier.baseIdentifier());
    Assert.assertTrue(secret.managed());
    // Load the secret into a KeyStore
    String secretPassword = "";
    KeyStore keyStore = loadSecretToKeyStore(secret, secretPassword);
    // Validate the certificate and key in the KeyStore
    validateCertificateKeyInKeyStore(keyStore, x509Certificate, secretPassword);
    CertificateBundle deletedCertificateBundle = keyVaultClient.deleteCertificate(getVaultUri(), certificateName);
    Assert.assertNotNull(deletedCertificateBundle);
    try {
        keyVaultClient.getCertificate(deletedCertificateBundle.certificateIdentifier().baseIdentifier());
    } catch (KeyVaultErrorException e) {
        Assert.assertNotNull(e.body().error());
        Assert.assertEquals("CertificateNotFound", e.body().error().code());
    }
}
Also used : CertificateBundle(com.microsoft.azure.keyvault.models.CertificateBundle) KeyVaultErrorException(com.microsoft.azure.keyvault.models.KeyVaultErrorException) IssuerParameters(com.microsoft.azure.keyvault.models.IssuerParameters) CertificatePolicy(com.microsoft.azure.keyvault.models.CertificatePolicy) ArrayList(java.util.ArrayList) OrganizationDetails(com.microsoft.azure.keyvault.models.OrganizationDetails) X509CertificateProperties(com.microsoft.azure.keyvault.models.X509CertificateProperties) CertificateOperation(com.microsoft.azure.keyvault.models.CertificateOperation) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) IssuerBundle(com.microsoft.azure.keyvault.models.IssuerBundle) CreateCertificateRequest(com.microsoft.azure.keyvault.requests.CreateCertificateRequest) SecretIdentifier(com.microsoft.azure.keyvault.SecretIdentifier) SecretBundle(com.microsoft.azure.keyvault.models.SecretBundle) SecretProperties(com.microsoft.azure.keyvault.models.SecretProperties) IssuerCredentials(com.microsoft.azure.keyvault.models.IssuerCredentials) AdministratorDetails(com.microsoft.azure.keyvault.models.AdministratorDetails) Test(org.junit.Test)

Example 2 with CertificateOperation

use of com.microsoft.azure.keyvault.models.CertificateOperation in project azure-sdk-for-java by Azure.

the class CertificateOperationsTest method certificateAsyncRequestCancellation.

/**
     * Cancel the certificate create asynchronously
     * @throws IOException 
     * @throws IllegalArgumentException 
     * @throws KeyVaultErrorException 
     * 
     */
@Test
public void certificateAsyncRequestCancellation() throws KeyVaultErrorException, IllegalArgumentException, IOException {
    // Set content type to indicate the certificate is PKCS12 format.
    SecretProperties secretProperties = new SecretProperties().withContentType(MIME_PKCS12);
    String subjectName = "CN=SelfSignedJavaPkcs12";
    X509CertificateProperties x509Properties = new X509CertificateProperties().withSubject(subjectName).withValidityInMonths(12);
    // Set issuer to "Self"
    IssuerParameters issuerParameters = new IssuerParameters().withName(ISSUER_SELF);
    CertificatePolicy certificatePolicy = new CertificatePolicy().withSecretProperties(secretProperties).withIssuerParameters(issuerParameters).withX509CertificateProperties(x509Properties);
    String vaultUri = getVaultUri();
    String certificateName = "cancellationRequestedCertJava";
    keyVaultClient.createCertificate(new CreateCertificateRequest.Builder(vaultUri, certificateName).withPolicy(certificatePolicy).build());
    CertificateOperation cancelledCertificateOperation = keyVaultClient.updateCertificateOperation(new UpdateCertificateOperationRequest.Builder(vaultUri, certificateName, true).build());
    Assert.assertNotNull(cancelledCertificateOperation);
    Assert.assertTrue(cancelledCertificateOperation.cancellationRequested());
    keyVaultClient.deleteCertificateOperation(getVaultUri(), certificateName);
    keyVaultClient.deleteCertificate(getVaultUri(), certificateName);
}
Also used : CreateCertificateRequest(com.microsoft.azure.keyvault.requests.CreateCertificateRequest) SecretProperties(com.microsoft.azure.keyvault.models.SecretProperties) IssuerParameters(com.microsoft.azure.keyvault.models.IssuerParameters) CertificatePolicy(com.microsoft.azure.keyvault.models.CertificatePolicy) X509CertificateProperties(com.microsoft.azure.keyvault.models.X509CertificateProperties) CertificateOperation(com.microsoft.azure.keyvault.models.CertificateOperation) Test(org.junit.Test)

Example 3 with CertificateOperation

use of com.microsoft.azure.keyvault.models.CertificateOperation in project azure-sdk-for-java by Azure.

the class CertificateOperationsTest method pollOnCertificateOperation.

/**
     * Polls on a certificate operation for completion.
     * 
     * @throws Exception
     */
private static CertificateBundle pollOnCertificateOperation(CertificateOperation certificateOperation) throws Exception {
    // Wait for enrollment to complete. We will wait for 200 seconds
    int pendingPollCount = 0;
    while (pendingPollCount < 21) {
        String certificateName = certificateOperation.certificateOperationIdentifier().name();
        CertificateOperation pendingCertificateOperation = keyVaultClient.getCertificateOperation(getVaultUri(), certificateName);
        if (pendingCertificateOperation.status().equalsIgnoreCase(STATUS_IN_PROGRESS)) {
            Thread.sleep(10000);
            pendingPollCount += 1;
            continue;
        }
        if (pendingCertificateOperation.status().equalsIgnoreCase(STATUS_COMPLETED)) {
            return keyVaultClient.getCertificate(pendingCertificateOperation.target());
        }
        throw new Exception(String.format("Polling on pending certificate returned an unexpected result. Error code = {1}, Error message = {2}", pendingCertificateOperation.error().code(), pendingCertificateOperation.error().message()));
    }
    throw new Exception("Pending certificate processing delayed");
}
Also used : CertificateOperation(com.microsoft.azure.keyvault.models.CertificateOperation) KeyStoreException(java.security.KeyStoreException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) ExecutionException(java.util.concurrent.ExecutionException) KeyVaultErrorException(com.microsoft.azure.keyvault.models.KeyVaultErrorException) BadPaddingException(javax.crypto.BadPaddingException)

Example 4 with CertificateOperation

use of com.microsoft.azure.keyvault.models.CertificateOperation in project azure-sdk-for-java by Azure.

the class KeyVaultClientImpl method updateCertificateOperationWithServiceResponseAsync.

/**
     * Updates a certificate operation.
     *
     * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net.
     * @param certificateName The name of the certificate.
     * @param cancellationRequested Indicates if cancellation was requested on the certificate operation.
     * @return the observable to the CertificateOperation object
     */
public Observable<ServiceResponse<CertificateOperation>> updateCertificateOperationWithServiceResponseAsync(String vaultBaseUrl, String certificateName, boolean cancellationRequested) {
    if (vaultBaseUrl == null) {
        throw new IllegalArgumentException("Parameter vaultBaseUrl is required and cannot be null.");
    }
    if (certificateName == null) {
        throw new IllegalArgumentException("Parameter certificateName is required and cannot be null.");
    }
    if (this.apiVersion() == null) {
        throw new IllegalArgumentException("Parameter this.apiVersion() is required and cannot be null.");
    }
    CertificateOperationUpdateParameter certificateOperation = new CertificateOperationUpdateParameter();
    certificateOperation.withCancellationRequested(cancellationRequested);
    String parameterizedHost = Joiner.on(", ").join("{vaultBaseUrl}", vaultBaseUrl);
    return service.updateCertificateOperation(certificateName, this.apiVersion(), this.acceptLanguage(), certificateOperation, parameterizedHost, this.userAgent()).flatMap(new Func1<Response<ResponseBody>, Observable<ServiceResponse<CertificateOperation>>>() {

        @Override
        public Observable<ServiceResponse<CertificateOperation>> call(Response<ResponseBody> response) {
            try {
                ServiceResponse<CertificateOperation> clientResponse = updateCertificateOperationDelegate(response);
                return Observable.just(clientResponse);
            } catch (Throwable t) {
                return Observable.error(t);
            }
        }
    });
}
Also used : Response(retrofit2.Response) ServiceResponse(com.microsoft.rest.ServiceResponse) ServiceResponse(com.microsoft.rest.ServiceResponse) CertificateOperationUpdateParameter(com.microsoft.azure.keyvault.models.CertificateOperationUpdateParameter) CertificateOperation(com.microsoft.azure.keyvault.models.CertificateOperation) Observable(rx.Observable) ResponseBody(okhttp3.ResponseBody)

Example 5 with CertificateOperation

use of com.microsoft.azure.keyvault.models.CertificateOperation in project azure-sdk-for-java by Azure.

the class CertificateOperationsTest method createCertificatePem.

/**
     * Create a test-issuer certificate in PEM format (which includes the
     * private key) certificate.
     * 
     * @throws Exception
     */
@Test
public void createCertificatePem() throws Exception {
    // Construct organization administrator details
    AdministratorDetails administratorDetails = new AdministratorDetails().withFirstName("John").withLastName("Doe").withEmailAddress("john.doe@contoso.com").withPhone("1234567890");
    // Construct organization details
    OrganizationDetails organizationDetails = new OrganizationDetails();
    List<AdministratorDetails> administratorsDetails = new ArrayList<AdministratorDetails>();
    administratorsDetails.add(administratorDetails);
    organizationDetails.withAdminDetails(administratorsDetails);
    // Construct certificate issuer credentials
    IssuerCredentials credentials = new IssuerCredentials().withAccountId("account1").withPassword("Pa$$w0rd");
    String certificateIssuerName = "createCertificateJavaPemIssuer01";
    IssuerBundle createdCertificateIssuer = keyVaultClient.setCertificateIssuer(new SetCertificateIssuerRequest.Builder(getVaultUri(), certificateIssuerName, ISSUER_TEST).withCredentials(credentials).withOrganizationDetails(organizationDetails).build());
    validateCertificateIssuer(createdCertificateIssuer, certificateIssuerName);
    // Set content type to indicate the certificate is PEM format.
    SecretProperties secretProperties = new SecretProperties();
    secretProperties.withContentType(MIME_PEM);
    X509CertificateProperties x509Properties = new X509CertificateProperties();
    String subjectName = "CN=TestJavaPem";
    x509Properties.withSubject(subjectName);
    x509Properties.withValidityInMonths(12);
    // Set issuer reference to the created issuer
    IssuerParameters issuerParameters = new IssuerParameters();
    issuerParameters.withName(createdCertificateIssuer.issuerIdentifier().name());
    CertificatePolicy certificatePolicy = new CertificatePolicy().withSecretProperties(secretProperties).withIssuerParameters(issuerParameters).withX509CertificateProperties(x509Properties);
    String vaultUri = getVaultUri();
    String certificateName = "createTestJavaPem";
    CertificateOperation certificateOperation = keyVaultClient.createCertificate(new CreateCertificateRequest.Builder(vaultUri, certificateName).withPolicy(certificatePolicy).build());
    Assert.assertNotNull(certificateOperation);
    Assert.assertTrue(certificateOperation.status().equalsIgnoreCase(STATUS_IN_PROGRESS));
    CertificateBundle certificateBundle = pollOnCertificateOperation(certificateOperation);
    validateCertificateBundle(certificateBundle, certificatePolicy);
    validatePem(certificateBundle, subjectName);
    CertificateBundle deletedCertificateBundle = keyVaultClient.deleteCertificate(getVaultUri(), certificateName);
    Assert.assertNotNull(deletedCertificateBundle);
    try {
        keyVaultClient.getCertificate(deletedCertificateBundle.certificateIdentifier().baseIdentifier());
    } catch (KeyVaultErrorException e) {
        Assert.assertNotNull(e.body().error());
        Assert.assertEquals("CertificateNotFound", e.body().error().code());
    }
}
Also used : CertificateBundle(com.microsoft.azure.keyvault.models.CertificateBundle) KeyVaultErrorException(com.microsoft.azure.keyvault.models.KeyVaultErrorException) IssuerParameters(com.microsoft.azure.keyvault.models.IssuerParameters) CertificatePolicy(com.microsoft.azure.keyvault.models.CertificatePolicy) OrganizationDetails(com.microsoft.azure.keyvault.models.OrganizationDetails) ArrayList(java.util.ArrayList) X509CertificateProperties(com.microsoft.azure.keyvault.models.X509CertificateProperties) CertificateOperation(com.microsoft.azure.keyvault.models.CertificateOperation) IssuerBundle(com.microsoft.azure.keyvault.models.IssuerBundle) CreateCertificateRequest(com.microsoft.azure.keyvault.requests.CreateCertificateRequest) SecretProperties(com.microsoft.azure.keyvault.models.SecretProperties) IssuerCredentials(com.microsoft.azure.keyvault.models.IssuerCredentials) AdministratorDetails(com.microsoft.azure.keyvault.models.AdministratorDetails) Test(org.junit.Test)

Aggregations

CertificateOperation (com.microsoft.azure.keyvault.models.CertificateOperation)11 CertificatePolicy (com.microsoft.azure.keyvault.models.CertificatePolicy)8 IssuerParameters (com.microsoft.azure.keyvault.models.IssuerParameters)7 KeyVaultErrorException (com.microsoft.azure.keyvault.models.KeyVaultErrorException)7 SecretProperties (com.microsoft.azure.keyvault.models.SecretProperties)7 X509CertificateProperties (com.microsoft.azure.keyvault.models.X509CertificateProperties)7 CreateCertificateRequest (com.microsoft.azure.keyvault.requests.CreateCertificateRequest)7 Test (org.junit.Test)7 CertificateBundle (com.microsoft.azure.keyvault.models.CertificateBundle)6 ServiceResponse (com.microsoft.rest.ServiceResponse)3 ResponseBody (okhttp3.ResponseBody)3 Response (retrofit2.Response)3 Observable (rx.Observable)3 SecretIdentifier (com.microsoft.azure.keyvault.SecretIdentifier)2 AdministratorDetails (com.microsoft.azure.keyvault.models.AdministratorDetails)2 CertificateAttributes (com.microsoft.azure.keyvault.models.CertificateAttributes)2 CertificateCreateParameters (com.microsoft.azure.keyvault.models.CertificateCreateParameters)2 IssuerBundle (com.microsoft.azure.keyvault.models.IssuerBundle)2 IssuerCredentials (com.microsoft.azure.keyvault.models.IssuerCredentials)2 OrganizationDetails (com.microsoft.azure.keyvault.models.OrganizationDetails)2