use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class CloudConnectorTest method renewCertificate.
@Test
@DisplayName("Renew a certificate with fingerprint")
void renewCertificate() throws VCertException {
final String apiKey = "12345678-1234-1234-1234-123456789012";
final Authentication auth = new Authentication(null, null, apiKey);
String requestId = "request_1";
final String thumbprint = "52030990E3DC44199DA11C2D73E41EF8EAD8A4E1";
final RenewalRequest renewalRequest = new RenewalRequest();
CertificateRequest request = mock(CertificateRequest.class);
renewalRequest.request(request);
final Cloud.CertificateSearchResponse searchResponse = mock(Cloud.CertificateSearchResponse.class);
final CertificateStatus certificateStatus = mock(CertificateStatus.class);
renewalRequest.thumbprint(thumbprint);
final Cloud.Certificate certificate1 = new Cloud.Certificate();
certificate1.certificateRequestId(requestId);
final CloudConnector.CertificateRequestsResponse requestsResponse = mock(CloudConnector.CertificateRequestsResponse.class);
final CloudConnector.CertificateRequestsResponseData requestsResponseData = mock(CloudConnector.CertificateRequestsResponseData.class);
// CertificateDetails certDetails = cloud.certificateDetails(certificateId, auth.apiKey());
CertificateDetails certDetails = new CertificateDetails();
certDetails.id("007");
certDetails.certificateRequestId(requestId);
List<String> list = new ArrayList<String>();
list.add(requestId);
when(cloud.certificateDetails(eq(requestId), eq(apiKey))).thenReturn(certDetails);
when(cloud.searchCertificates(eq(apiKey), searchRequestArgumentCaptor.capture())).thenReturn(searchResponse);
when(searchResponse.certificates()).thenReturn(singletonList(certificate1));
when(cloud.certificateStatus(requestId, apiKey)).thenReturn(certificateStatus);
when(certificateStatus.certificateIds()).thenReturn(list);
when(cloud.certificateRequest(eq(apiKey), any(CloudConnector.CertificateRequestsPayload.class))).thenReturn(requestsResponse);
when(requestsResponse.certificateRequests()).thenReturn(singletonList(requestsResponseData));
when(requestsResponseData.id()).thenReturn("certificate_result");
String fakeCSR = "fake csr";
byte[] bytes = fakeCSR.getBytes();
when(renewalRequest.request().csr()).thenReturn(bytes);
classUnderTest.authenticate(auth);
assertThat(classUnderTest.renewCertificate(renewalRequest)).isEqualTo("certificate_result");
}
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class TppConnectorCertAT method privateKeyPKCSTest.
@Test
void privateKeyPKCSTest() throws VCertException, UnknownHostException, IOException {
TppConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
// By default the DataFormat of the CertificateRequest is PKCS8
CertificateRequest certificateRequest = connectorResource.certificateRequest().csrOrigin(CsrOriginOption.ServiceGeneratedCSR).keyPassword(TestUtils.KEY_PASSWORD);
certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
String pickupId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(pickupId).isNotNull();
// Retrieving the PemCollection
PEMCollection pemCollectionRSAPrivateKeyPKCS8 = connector.retrieveCertificate(certificateRequest);
// getting the PrivateKey as PEM which should be a RSA Private Key in PKCS8 Encrypted
String privateKeyPKCS8AsEncryptedPem = pemCollectionRSAPrivateKeyPKCS8.pemPrivateKey();
PemObject privateKeyPKCS8AsPemObject = new PemReader(new StringReader(privateKeyPKCS8AsEncryptedPem)).readPemObject();
// evaluating that the private Key is in PKCS8 Encrypted
assertThat(pemCollectionRSAPrivateKeyPKCS8.privateKey()).isNotNull();
assertTrue(privateKeyPKCS8AsPemObject.getType().equals(TestUtils.PEM_HEADER_PKCS8_ENCRYPTED));
// changing to data format Legacy in order to get the PrivateKey in PKCS1
certificateRequest.dataFormat(DataFormat.LEGACY);
// Retrieving the PemCollection
PEMCollection pemCollectionRSAPrivateKey = connector.retrieveCertificate(certificateRequest);
// getting the PrivateKey as PEM which should be a RSA Private Key Encrypted
String privateKeyRSAAsEncryptedPem = pemCollectionRSAPrivateKey.pemPrivateKey();
PemObject privateKeyRSAAsPemObject = new PemReader(new StringReader(privateKeyRSAAsEncryptedPem)).readPemObject();
// evaluating that the private Key is in PKCS1 Encrypted
assertThat(pemCollectionRSAPrivateKey.privateKey()).isNotNull();
assertTrue(privateKeyRSAAsPemObject.getHeaders().stream().anyMatch(header -> TestUtils.PEM_RSA_PRIVATE_KEY_ENCRYPTED_HEADER_VALUE.equals(((PemHeader) header).getValue())));
}
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class TppConnectorCertAT method retrieveCertificate.
@Test
void retrieveCertificate() throws VCertException, SocketException, UnknownHostException {
TppConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connectorResource.certificateRequest();
certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(certificateId).isNotNull();
PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
assertThat(pemCollection.certificate()).isNotNull();
assertThat(pemCollection.privateKey()).isNotNull();
}
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class TppTokenConnectorAT method generateRequest.
@Test
void generateRequest() throws VCertException, IOException {
String commonName = TestUtils.randomCN();
ZoneConfiguration zoneConfiguration = connectorResource.connector().readZoneConfiguration(TestUtils.TPP_ZONE);
CertificateRequest certificateRequest = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName(commonName).organization(Collections.singletonList("Venafi, Inc.")).organizationalUnit(Arrays.asList("Engineering", "Automated Tests")).country(Collections.singletonList("US")).locality(Collections.singletonList("SLC")).province(Collections.singletonList("Utah"))).dnsNames(Collections.singletonList(InetAddress.getLocalHost().getHostName())).ipAddresses(getTestIps()).keyType(KeyType.RSA).keyLength(2048);
certificateRequest = connectorResource.connector().generateRequest(zoneConfiguration, certificateRequest);
assertThat(certificateRequest.csr()).isNotEmpty();
PKCS10CertificationRequest request = (PKCS10CertificationRequest) new PEMParser(new StringReader(new String(certificateRequest.csr()))).readObject();
// Values overridden by policy which is why they don't match the above values
String subject = request.getSubject().toString();
assertThat(subject).contains(format("CN=%s", commonName));
}
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class TppTokenConnectorCertAT method privateKeyPKCSTest.
@Test
void privateKeyPKCSTest() throws VCertException, UnknownHostException, IOException {
TppTokenConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
// By default the DataFormat of the CertificateRequest is PKCS8
CertificateRequest certificateRequest = connectorResource.certificateRequest().csrOrigin(CsrOriginOption.ServiceGeneratedCSR).keyPassword(TestUtils.KEY_PASSWORD);
certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
String pickupId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(pickupId).isNotNull();
// Retrieving the PemCollection
PEMCollection pemCollectionRSAPrivateKeyPKCS8 = connector.retrieveCertificate(certificateRequest);
// getting the PrivateKey as PEM which should be a RSA Private Key in PKCS8 Encrypted
String privateKeyPKCS8AsEncryptedPem = pemCollectionRSAPrivateKeyPKCS8.pemPrivateKey();
PemObject privateKeyPKCS8AsPemObject = new PemReader(new StringReader(privateKeyPKCS8AsEncryptedPem)).readPemObject();
// evaluating that the private Key is in PKCS8 Encrypted
assertThat(pemCollectionRSAPrivateKeyPKCS8.privateKey()).isNotNull();
assertTrue(privateKeyPKCS8AsPemObject.getType().equals(TestUtils.PEM_HEADER_PKCS8_ENCRYPTED));
// changing to data format Legacy in order to get the PrivateKey in PKCS1
certificateRequest.dataFormat(DataFormat.LEGACY);
// Retrieving the PemCollection
PEMCollection pemCollectionRSAPrivateKey = connector.retrieveCertificate(certificateRequest);
// getting the PrivateKey as PEM which should be a RSA Private Key Encrypted
String privateKeyRSAAsEncryptedPem = pemCollectionRSAPrivateKey.pemPrivateKey();
PemObject privateKeyRSAAsPemObject = new PemReader(new StringReader(privateKeyRSAAsEncryptedPem)).readPemObject();
// evaluating that the private Key is in PKCS1 Encrypted
assertThat(pemCollectionRSAPrivateKey.privateKey()).isNotNull();
assertTrue(privateKeyRSAAsPemObject.getHeaders().stream().anyMatch(header -> TestUtils.PEM_RSA_PRIVATE_KEY_ENCRYPTED_HEADER_VALUE.equals(((PemHeader) header).getValue())));
}
Aggregations