Search in sources :

Example 11 with VCertException

use of com.venafi.vcert.sdk.VCertException in project vcert-java by Venafi.

the class CloudConnectorTest method testExceptionValidatingMaxValidDays.

@Test
@DisplayName("Cloud - Testing Exception in Validation of MaxValidDays")
public void testExceptionValidatingMaxValidDays() throws VCertException {
    classUnderTest.authenticate(new Authentication(null, null, "12345678-1234-1234-1234-123456789012"));
    PolicySpecification policySpecification = CloudTestUtils.getPolicySpecification();
    // setting the maxValidDays to null to validate that the related VCertException is thrown
    policySpecification.policy().maxValidDays(-10);
    Exception exception = assertThrows(VCertException.class, () -> classUnderTest.setPolicy(CloudTestUtils.getRandomZone(), policySpecification));
    assertEquals(CloudTestUtils.getVCertExceptionMessage(CloudPolicySpecificationValidator.MAX_VALID_DAYS_EXCEPTION_MESSAGE), exception.getMessage());
}
Also used : PolicySpecification(com.venafi.vcert.sdk.policy.domain.PolicySpecification) Authentication(com.venafi.vcert.sdk.endpoint.Authentication) VCertException(com.venafi.vcert.sdk.VCertException) IOException(java.io.IOException) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 12 with VCertException

use of com.venafi.vcert.sdk.VCertException in project vcert-java by Venafi.

the class CloudConnectorTest method testExceptionValidatingPolicyKeyTypeContainsInvalidValue.

@Test
@DisplayName("Cloud - Testing Exception in Validation of Policy KeyType")
public void testExceptionValidatingPolicyKeyTypeContainsInvalidValue() throws VCertException {
    classUnderTest.authenticate(new Authentication(null, null, "12345678-1234-1234-1234-123456789012"));
    PolicySpecification policySpecification = CloudTestUtils.getPolicySpecification();
    // setting the keypair to a list of values which contains not only "RSA" to validate that the related VCertException is thrown
    policySpecification.policy().keyPair().keyTypes(new String[] { "RSA", "ECDSA" });
    Exception exception = assertThrows(VCertException.class, () -> classUnderTest.setPolicy(CloudTestUtils.getRandomZone(), policySpecification));
    assertEquals(CloudTestUtils.getVCertExceptionMessage(CloudPolicySpecificationValidator.ATTRIBUTE_DOESNT_MATCH_WITH_ACCEPTED_VALUES_EXCEPTION_MESSAGE, PolicySpecificationConst.ATT_POLICY_KEYPAIR_KEY_TYPES), exception.getMessage());
}
Also used : PolicySpecification(com.venafi.vcert.sdk.policy.domain.PolicySpecification) Authentication(com.venafi.vcert.sdk.endpoint.Authentication) VCertException(com.venafi.vcert.sdk.VCertException) IOException(java.io.IOException) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 13 with VCertException

use of com.venafi.vcert.sdk.VCertException in project vcert-java by Venafi.

the class TppConnectorCertAT method privateKeyPKCSTest.

@Test
void privateKeyPKCSTest() throws VCertException, UnknownHostException, IOException {
    TppConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    // By default the DataFormat of the CertificateRequest is PKCS8
    CertificateRequest certificateRequest = connectorResource.certificateRequest().csrOrigin(CsrOriginOption.ServiceGeneratedCSR).keyPassword(TestUtils.KEY_PASSWORD);
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    String pickupId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(pickupId).isNotNull();
    // Retrieving the PemCollection
    PEMCollection pemCollectionRSAPrivateKeyPKCS8 = connector.retrieveCertificate(certificateRequest);
    // getting the PrivateKey as PEM which should be a RSA Private Key in PKCS8 Encrypted
    String privateKeyPKCS8AsEncryptedPem = pemCollectionRSAPrivateKeyPKCS8.pemPrivateKey();
    PemObject privateKeyPKCS8AsPemObject = new PemReader(new StringReader(privateKeyPKCS8AsEncryptedPem)).readPemObject();
    // evaluating that the private Key is in PKCS8 Encrypted
    assertThat(pemCollectionRSAPrivateKeyPKCS8.privateKey()).isNotNull();
    assertTrue(privateKeyPKCS8AsPemObject.getType().equals(TestUtils.PEM_HEADER_PKCS8_ENCRYPTED));
    // changing to data format Legacy in order to get the PrivateKey in PKCS1
    certificateRequest.dataFormat(DataFormat.LEGACY);
    // Retrieving the PemCollection
    PEMCollection pemCollectionRSAPrivateKey = connector.retrieveCertificate(certificateRequest);
    // getting the PrivateKey as PEM which should be a RSA Private Key Encrypted
    String privateKeyRSAAsEncryptedPem = pemCollectionRSAPrivateKey.pemPrivateKey();
    PemObject privateKeyRSAAsPemObject = new PemReader(new StringReader(privateKeyRSAAsEncryptedPem)).readPemObject();
    // evaluating that the private Key is in PKCS1 Encrypted
    assertThat(pemCollectionRSAPrivateKey.privateKey()).isNotNull();
    assertTrue(privateKeyRSAAsPemObject.getHeaders().stream().anyMatch(header -> TestUtils.PEM_RSA_PRIVATE_KEY_ENCRYPTED_HEADER_VALUE.equals(((PemHeader) header).getValue())));
}
Also used : X509Certificate(java.security.cert.X509Certificate) ImportResponse(com.venafi.vcert.sdk.certificate.ImportResponse) RenewalRequest(com.venafi.vcert.sdk.certificate.RenewalRequest) Date(java.util.Date) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) LocalDateTime(java.time.LocalDateTime) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) PemHeader(org.bouncycastle.util.io.pem.PemHeader) TestUtils(com.venafi.vcert.sdk.TestUtils) CsrOriginOption(com.venafi.vcert.sdk.certificate.CsrOriginOption) SocketException(java.net.SocketException) RegisterExtension(org.junit.jupiter.api.extension.RegisterExtension) ZoneOffset(java.time.ZoneOffset) VCertUtils(com.venafi.vcert.sdk.utils.VCertUtils) PemObject(org.bouncycastle.util.io.pem.PemObject) PemReader(org.bouncycastle.util.io.pem.PemReader) Assert.assertTrue(org.junit.Assert.assertTrue) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) Instant(java.time.Instant) UnknownHostException(java.net.UnknownHostException) VCertException(com.venafi.vcert.sdk.VCertException) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) DisplayName(org.junit.jupiter.api.DisplayName) Test(org.junit.jupiter.api.Test) DataFormat(com.venafi.vcert.sdk.certificate.DataFormat) ImportRequest(com.venafi.vcert.sdk.certificate.ImportRequest) StringReader(java.io.StringReader) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) LocalDate(java.time.LocalDate) DigestUtils(org.apache.commons.codec.digest.DigestUtils) RevocationRequest(com.venafi.vcert.sdk.certificate.RevocationRequest) PemObject(org.bouncycastle.util.io.pem.PemObject) PemReader(org.bouncycastle.util.io.pem.PemReader) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) StringReader(java.io.StringReader) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 14 with VCertException

use of com.venafi.vcert.sdk.VCertException in project vcert-java by Venafi.

the class TppTokenConnectorCertAT method privateKeyPKCSTest.

@Test
void privateKeyPKCSTest() throws VCertException, UnknownHostException, IOException {
    TppTokenConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    // By default the DataFormat of the CertificateRequest is PKCS8
    CertificateRequest certificateRequest = connectorResource.certificateRequest().csrOrigin(CsrOriginOption.ServiceGeneratedCSR).keyPassword(TestUtils.KEY_PASSWORD);
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    String pickupId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(pickupId).isNotNull();
    // Retrieving the PemCollection
    PEMCollection pemCollectionRSAPrivateKeyPKCS8 = connector.retrieveCertificate(certificateRequest);
    // getting the PrivateKey as PEM which should be a RSA Private Key in PKCS8 Encrypted
    String privateKeyPKCS8AsEncryptedPem = pemCollectionRSAPrivateKeyPKCS8.pemPrivateKey();
    PemObject privateKeyPKCS8AsPemObject = new PemReader(new StringReader(privateKeyPKCS8AsEncryptedPem)).readPemObject();
    // evaluating that the private Key is in PKCS8 Encrypted
    assertThat(pemCollectionRSAPrivateKeyPKCS8.privateKey()).isNotNull();
    assertTrue(privateKeyPKCS8AsPemObject.getType().equals(TestUtils.PEM_HEADER_PKCS8_ENCRYPTED));
    // changing to data format Legacy in order to get the PrivateKey in PKCS1
    certificateRequest.dataFormat(DataFormat.LEGACY);
    // Retrieving the PemCollection
    PEMCollection pemCollectionRSAPrivateKey = connector.retrieveCertificate(certificateRequest);
    // getting the PrivateKey as PEM which should be a RSA Private Key Encrypted
    String privateKeyRSAAsEncryptedPem = pemCollectionRSAPrivateKey.pemPrivateKey();
    PemObject privateKeyRSAAsPemObject = new PemReader(new StringReader(privateKeyRSAAsEncryptedPem)).readPemObject();
    // evaluating that the private Key is in PKCS1 Encrypted
    assertThat(pemCollectionRSAPrivateKey.privateKey()).isNotNull();
    assertTrue(privateKeyRSAAsPemObject.getHeaders().stream().anyMatch(header -> TestUtils.PEM_RSA_PRIVATE_KEY_ENCRYPTED_HEADER_VALUE.equals(((PemHeader) header).getValue())));
}
Also used : X509Certificate(java.security.cert.X509Certificate) ImportResponse(com.venafi.vcert.sdk.certificate.ImportResponse) RenewalRequest(com.venafi.vcert.sdk.certificate.RenewalRequest) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) PemHeader(org.bouncycastle.util.io.pem.PemHeader) TestUtils(com.venafi.vcert.sdk.TestUtils) ArrayList(java.util.ArrayList) CsrOriginOption(com.venafi.vcert.sdk.certificate.CsrOriginOption) SocketException(java.net.SocketException) RegisterExtension(org.junit.jupiter.api.extension.RegisterExtension) PemObject(org.bouncycastle.util.io.pem.PemObject) PemReader(org.bouncycastle.util.io.pem.PemReader) CustomField(com.venafi.vcert.sdk.certificate.CustomField) Assert.assertTrue(org.junit.Assert.assertTrue) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) UnknownHostException(java.net.UnknownHostException) VCertException(com.venafi.vcert.sdk.VCertException) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) DisplayName(org.junit.jupiter.api.DisplayName) Test(org.junit.jupiter.api.Test) DataFormat(com.venafi.vcert.sdk.certificate.DataFormat) ImportRequest(com.venafi.vcert.sdk.certificate.ImportRequest) List(java.util.List) StringReader(java.io.StringReader) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) DigestUtils(org.apache.commons.codec.digest.DigestUtils) RevocationRequest(com.venafi.vcert.sdk.certificate.RevocationRequest) PemObject(org.bouncycastle.util.io.pem.PemObject) PemReader(org.bouncycastle.util.io.pem.PemReader) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) StringReader(java.io.StringReader) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 15 with VCertException

use of com.venafi.vcert.sdk.VCertException in project vcert-java by Venafi.

the class CloudConnectorTest method testExceptionValidatingDefaultKeySizeDoesntMatchWithPolicyKeySizes.

@Test
@DisplayName("Cloud - Testing Exception in Validation of Default KeySize with a value not matching with the Policy KeySizes")
public void testExceptionValidatingDefaultKeySizeDoesntMatchWithPolicyKeySizes() throws VCertException {
    classUnderTest.authenticate(new Authentication(null, null, "12345678-1234-1234-1234-123456789012"));
    PolicySpecification policySpecification = CloudTestUtils.getPolicySpecification();
    // setting the default keysize to a value which is not matching with
    // the Policy KeySizes to validate that the related VCertException is thrown
    policySpecification.defaults().keyPair().rsaKeySize(4096);
    Exception exception = assertThrows(VCertException.class, () -> classUnderTest.setPolicy(CloudTestUtils.getRandomZone(), policySpecification));
    assertEquals(CloudTestUtils.getVCertExceptionMessage(CloudPolicySpecificationValidator.DEFAULT_ATTRIBUTE_DOESNT_MATCH_EXCEPTION_MESSAGE, PolicySpecificationConst.ATT_DEFAULTS_KEYPAIR_RSA_KEY_SIZE, PolicySpecificationConst.ATT_POLICY_KEYPAIR_RSA_KEY_SIZES), exception.getMessage());
}
Also used : PolicySpecification(com.venafi.vcert.sdk.policy.domain.PolicySpecification) Authentication(com.venafi.vcert.sdk.endpoint.Authentication) VCertException(com.venafi.vcert.sdk.VCertException) IOException(java.io.IOException) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Aggregations

VCertException (com.venafi.vcert.sdk.VCertException)68 PolicySpecification (com.venafi.vcert.sdk.policy.domain.PolicySpecification)49 DisplayName (org.junit.jupiter.api.DisplayName)48 Test (org.junit.jupiter.api.Test)48 IOException (java.io.IOException)34 CertificateNotFoundByThumbprintException (com.venafi.vcert.sdk.connectors.ConnectorException.CertificateNotFoundByThumbprintException)26 CertificateDNOrThumbprintWasNotProvidedException (com.venafi.vcert.sdk.connectors.ConnectorException.CertificateDNOrThumbprintWasNotProvidedException)25 MoreThanOneCertificateWithSameThumbprintException (com.venafi.vcert.sdk.connectors.ConnectorException.MoreThanOneCertificateWithSameThumbprintException)25 FeignException (feign.FeignException)25 FailedToRevokeTokenException (com.venafi.vcert.sdk.connectors.ConnectorException.FailedToRevokeTokenException)23 Authentication (com.venafi.vcert.sdk.endpoint.Authentication)23 StringReader (java.io.StringReader)7 CertificateRequest (com.venafi.vcert.sdk.certificate.CertificateRequest)5 PEMCollection (com.venafi.vcert.sdk.certificate.PEMCollection)5 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5 CsrOriginOption (com.venafi.vcert.sdk.certificate.CsrOriginOption)4 DataFormat (com.venafi.vcert.sdk.certificate.DataFormat)4 ImportResponse (com.venafi.vcert.sdk.certificate.ImportResponse)4 RenewalRequest (com.venafi.vcert.sdk.certificate.RenewalRequest)4 RevocationRequest (com.venafi.vcert.sdk.certificate.RevocationRequest)4