Examples with PEMCollection com.venafi.vcert.sdk.certificate.PEMCollection used on opensource projects

Search in sources :

Example 16 with PEMCollection

use of com.venafi.vcert.sdk.certificate.PEMCollection in project vcert-java by Venafi.

the class CloudConnectorTest method retrieveCertificate.

@Test
void retrieveCertificate() throws VCertException, IOException {
    Security.addProvider(new BouncyCastleProvider());
    String apiKey = "12345678-1234-1234-1234-123456789012";
    final Authentication auth = new Authentication(null, null, apiKey);
    classUnderTest.authenticate(auth);
    String body = readResourceAsString("certificates/certWithKey.pem");
    PEMCollection pemCollection = PEMCollection.fromStringPEMCollection(body, ChainOption.ChainOptionIgnore, null, null);
    CertificateRequest request = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName("random name").organization(singletonList("Venafi, Inc.")).organizationalUnit(singletonList("Automated Tests")));
    request.pickupId("jackpot").keyType(KeyType.RSA).keyPair(new KeyPair(pemCollection.certificate().getPublicKey(), pemCollection.privateKey())).keyPassword(KEY_SECRET);
    List<String> list = new ArrayList<String>();
    list.add("jackpot");
    CertificateStatus status = new CertificateStatus().status("ISSUED").certificateIds(list);
    CertificateDetails certificateDetails = new CertificateDetails().dekHash("12345");
    EdgeEncryptionKey edgeEncryptionKey = new EdgeEncryptionKey();
    cloud.certificateDetails(eq("jackpot"), eq(apiKey));
    when(cloud.certificateStatus(eq("jackpot"), eq(apiKey))).thenReturn(status);
    when(cloud.retrieveCertificate(eq("jackpot"), eq(apiKey), eq("ROOT_FIRST"))).thenReturn(Response.builder().request(Request.create(Request.HttpMethod.GET, "http://localhost", new HashMap<String, Collection<String>>(), null, null)).status(200).body(body, Charset.forName("UTF-8")).build());
    when(cloud.certificateDetails(eq("jackpot"), eq(apiKey))).thenReturn(certificateDetails);
    when(cloud.retrieveEdgeEncryptionKey(eq("12345"), eq(apiKey))).thenReturn(edgeEncryptionKey);
    PEMCollection pemCollection2 = classUnderTest.retrieveCertificate(request);
    assertThat(pemCollection2).isNotNull();
    assertThat(pemCollection2.certificate()).isNotNull();
    assertThat(pemCollection2.privateKey()).isNotNull();
    assertThat(pemCollection2.privateKeyPassword()).isEqualTo(KEY_SECRET);
}
Also used : KeyPair(java.security.KeyPair) HashMap(java.util.HashMap) CertificateStatus(com.venafi.vcert.sdk.certificate.CertificateStatus) CertificateDetails(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateDetails) ArrayList(java.util.ArrayList) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) Authentication(com.venafi.vcert.sdk.endpoint.Authentication) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) EdgeEncryptionKey(com.venafi.vcert.sdk.connectors.cloud.domain.EdgeEncryptionKey) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider) Test(org.junit.jupiter.api.Test)

Example 17 with PEMCollection

use of com.venafi.vcert.sdk.certificate.PEMCollection in project vcert-java by Venafi.

the class CloudConnectorCertAT method privateKeyPKCSTest.

@Test
void privateKeyPKCSTest() throws VCertException, UnknownHostException, IOException {
    CloudConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    // By default the DataFormat of the CertificateRequest is PKCS8
    CertificateRequest certificateRequest = connectorResource.certificateRequest().csrOrigin(CsrOriginOption.ServiceGeneratedCSR).keyPassword(TestUtils.KEY_PASSWORD);
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    String pickupId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(pickupId).isNotNull();
    // Retrieving the PemCollection
    PEMCollection pemCollectionRSAPrivateKeyPKCS8 = connector.retrieveCertificate(certificateRequest);
    // getting the PrivateKey as PEM which should be a RSA Private Key in PKCS8 Encrypted
    String privateKeyPKCS8AsEncryptedPem = pemCollectionRSAPrivateKeyPKCS8.pemPrivateKey();
    PemObject privateKeyPKCS8AsPemObject = new PemReader(new StringReader(privateKeyPKCS8AsEncryptedPem)).readPemObject();
    // evaluating that the private Key is in PKCS8 Encrypted
    assertThat(pemCollectionRSAPrivateKeyPKCS8.privateKey()).isNotNull();
    assertTrue(privateKeyPKCS8AsPemObject.getType().equals(TestUtils.PEM_HEADER_PKCS8_ENCRYPTED));
    // changing to data format Legacy in order to get the PrivateKey in PKCS1
    certificateRequest.dataFormat(DataFormat.LEGACY);
    // Retrieving the PemCollection
    PEMCollection pemCollectionRSAPrivateKey = connector.retrieveCertificate(certificateRequest);
    // getting the PrivateKey as PEM which should be a RSA Private Key Encrypted
    String privateKeyRSAAsEncryptedPem = pemCollectionRSAPrivateKey.pemPrivateKey();
    PemObject privateKeyRSAAsPemObject = new PemReader(new StringReader(privateKeyRSAAsEncryptedPem)).readPemObject();
    // evaluating that the private Key is in PKCS1 Encrypted
    assertThat(pemCollectionRSAPrivateKey.privateKey()).isNotNull();
    assertTrue(privateKeyRSAAsPemObject.getHeaders().stream().anyMatch(header -> TestUtils.PEM_RSA_PRIVATE_KEY_ENCRYPTED_HEADER_VALUE.equals(((PemHeader) header).getValue())));
}
Also used : Assertions.assertThrows(org.junit.jupiter.api.Assertions.assertThrows) X509Certificate(java.security.cert.X509Certificate) RenewalRequest(com.venafi.vcert.sdk.certificate.RenewalRequest) Date(java.util.Date) KeyType(com.venafi.vcert.sdk.certificate.KeyType) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) LocalDateTime(java.time.LocalDateTime) LoggerFactory(org.slf4j.LoggerFactory) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) PemHeader(org.bouncycastle.util.io.pem.PemHeader) TestUtils(com.venafi.vcert.sdk.TestUtils) CsrOriginOption(com.venafi.vcert.sdk.certificate.CsrOriginOption) CertificateNotFoundByThumbprintException(com.venafi.vcert.sdk.connectors.ConnectorException.CertificateNotFoundByThumbprintException) RegisterExtension(org.junit.jupiter.api.extension.RegisterExtension) ZoneOffset(java.time.ZoneOffset) VCertUtils(com.venafi.vcert.sdk.utils.VCertUtils) PemObject(org.bouncycastle.util.io.pem.PemObject) PemReader(org.bouncycastle.util.io.pem.PemReader) Logger(org.slf4j.Logger) Assert.assertTrue(org.junit.Assert.assertTrue) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) Instant(java.time.Instant) UnknownHostException(java.net.UnknownHostException) VCertException(com.venafi.vcert.sdk.VCertException) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) DisplayName(org.junit.jupiter.api.DisplayName) Test(org.junit.jupiter.api.Test) DataFormat(com.venafi.vcert.sdk.certificate.DataFormat) StringReader(java.io.StringReader) LocalDate(java.time.LocalDate) DigestUtils(org.apache.commons.codec.digest.DigestUtils) RevocationRequest(com.venafi.vcert.sdk.certificate.RevocationRequest) PemObject(org.bouncycastle.util.io.pem.PemObject) PemReader(org.bouncycastle.util.io.pem.PemReader) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) StringReader(java.io.StringReader) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 18 with PEMCollection

use of com.venafi.vcert.sdk.certificate.PEMCollection in project vcert-java by Venafi.

the class CloudConnectorCertAT method createCertificateValidateValidityHours.

@Test
@DisplayName("Create a certificate and validate specified validity hours - Cloud")
public void createCertificateValidateValidityHours() throws VCertException {
    CloudConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    CertificateRequest certificateRequest = connectorResource.certificateRequest().keyType(KeyType.RSA).validityHours(TestUtils.VALID_HOURS);
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    connector.requestCertificate(certificateRequest, zoneConfiguration);
    // Retrieve PEM collection from Venafi
    PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
    Date notAfter = pemCollection.certificate().getNotAfter();
    LocalDate notAfterDate = notAfter.toInstant().atOffset(ZoneOffset.UTC).toLocalDate();
    Instant now = Instant.now();
    LocalDateTime utcDateTime = LocalDateTime.ofInstant(now, ZoneOffset.UTC);
    int validityDays = VCertUtils.getValidityDays(TestUtils.VALID_HOURS);
    utcDateTime = utcDateTime.plusDays(validityDays);
    LocalDate nowDateInUTC = utcDateTime.toLocalDate();
    // Dates should be equals if not then it will fail
    assertTrue(notAfterDate.compareTo(nowDateInUTC) == 0);
}
Also used : LocalDateTime(java.time.LocalDateTime) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) Instant(java.time.Instant) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) LocalDate(java.time.LocalDate) Date(java.util.Date) LocalDate(java.time.LocalDate) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 19 with PEMCollection

use of com.venafi.vcert.sdk.certificate.PEMCollection in project vcert-java by Venafi.

the class TppClient method main.

public static void main(String[] args) throws VCertException, CertificateEncodingException, NoSuchAlgorithmException, KeyManagementException {
    String url = System.getenv("TPPURL");
    String zone = System.getenv("TPPZONE");
    String appInfo = System.getenv("PRODUCT");
    String tpp_user = System.getenv("TPPUSER");
    String tpp_passwd = System.getenv("TPPPASSWORD");
    if (tpp_user == null)
        tpp_user = "local:admin";
    if (tpp_passwd == null)
        tpp_passwd = "password";
    if (url == null)
        url = "https://tpp.venafi.example/vedsdk";
    if (zone == null)
        zone = "Certificates\\vcert\\";
    if (appInfo == null)
        appInfo = "CompanyName AppName";
    // Configuration
    Config config = Config.builder().connectorType(ConnectorType.TPP).baseUrl(url).appInfo(appInfo).build();
    Authentication auth = Authentication.builder().user(tpp_user).password(tpp_passwd).build();
    VCertClient client = new VCertClient(config);
    client.authenticate(auth);
    ZoneConfiguration zoneConfiguration = client.readZoneConfiguration(zone);
    // Generate a certificate
    CertificateRequest certificateRequest = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName("vcert-java.venafi.example").organization(Collections.singletonList("Venafi, Inc.")).organizationalUnit(Arrays.asList("Product Management")).country(Collections.singletonList("US")).locality(Collections.singletonList("Salt Lake City")).province(Collections.singletonList("Utah"))).keyType(KeyType.RSA).keyLength(2048);
    certificateRequest = client.generateRequest(zoneConfiguration, certificateRequest);
    // Submit the certificate request
    client.requestCertificate(certificateRequest, zoneConfiguration);
    // Retrieve PEM collection from Venafi
    PEMCollection pemCollection = client.retrieveCertificate(certificateRequest);
    System.out.println(pemCollection.certificate());
}
Also used : PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) Config(com.venafi.vcert.sdk.Config) Authentication(com.venafi.vcert.sdk.endpoint.Authentication) VCertClient(com.venafi.vcert.sdk.VCertClient) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest)

Example 20 with PEMCollection

use of com.venafi.vcert.sdk.certificate.PEMCollection in project vcert-java by Venafi.

the class TppTokenClient method main.

public static void main(String[] args) throws VCertException, CertificateEncodingException, NoSuchAlgorithmException, KeyManagementException {
    String url = System.getenv("TPP_TOKEN_URL");
    String zone = System.getenv("TPPZONE");
    String appInfo = System.getenv("PRODUCT");
    String tpp_user = System.getenv("TPPUSER");
    String tpp_passwd = System.getenv("TPPPASSWORD");
    if (tpp_user == null)
        tpp_user = "local:admin";
    if (tpp_passwd == null)
        tpp_passwd = "password";
    if (url == null)
        url = "https://tpp.venafi.example/vedsdk";
    if (zone == null)
        zone = "Certificates\\vcert\\";
    if (appInfo == null)
        appInfo = "CompanyName AppName";
    // Configuration
    Config config = Config.builder().connectorType(ConnectorType.TPP_TOKEN).baseUrl(url).appInfo(appInfo).build();
    Authentication auth = Authentication.builder().user(tpp_user).password(tpp_passwd).build();
    VCertTknClient client = new VCertTknClient(config);
    TokenInfo tknInfo = client.getAccessToken(auth);
    ZoneConfiguration zoneConfiguration = client.readZoneConfiguration(zone);
    // Generate a certificate
    CertificateRequest certificateRequest = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName("vcert-java.venafi.example").organization(Collections.singletonList("Venafi, Inc.")).organizationalUnit(Arrays.asList("Product Management")).country(Collections.singletonList("US")).locality(Collections.singletonList("Salt Lake City")).province(Collections.singletonList("Utah"))).keyType(KeyType.RSA).keyLength(2048);
    certificateRequest = client.generateRequest(zoneConfiguration, certificateRequest);
    // Submit the certificate request
    client.requestCertificate(certificateRequest, zoneConfiguration);
    // Retrieve PEM collection from Venafi
    PEMCollection pemCollection = client.retrieveCertificate(certificateRequest);
    System.out.println(pemCollection.certificate());
}
Also used : VCertTknClient(com.venafi.vcert.sdk.VCertTknClient) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) Config(com.venafi.vcert.sdk.Config) Authentication(com.venafi.vcert.sdk.endpoint.Authentication) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) TokenInfo(com.venafi.vcert.sdk.connectors.tpp.TokenInfo)

Aggregations

PEMCollection (com.venafi.vcert.sdk.certificate.PEMCollection)20 CertificateRequest (com.venafi.vcert.sdk.certificate.CertificateRequest)18 ZoneConfiguration (com.venafi.vcert.sdk.connectors.ZoneConfiguration)17 Test (org.junit.jupiter.api.Test)14 RenewalRequest (com.venafi.vcert.sdk.certificate.RenewalRequest)7 X509Certificate (java.security.cert.X509Certificate)7 DisplayName (org.junit.jupiter.api.DisplayName)6 Authentication (com.venafi.vcert.sdk.endpoint.Authentication)5 Instant (java.time.Instant)5 Config (com.venafi.vcert.sdk.Config)3 TestUtils (com.venafi.vcert.sdk.TestUtils)3 VCertException (com.venafi.vcert.sdk.VCertException)3 CsrOriginOption (com.venafi.vcert.sdk.certificate.CsrOriginOption)3 DataFormat (com.venafi.vcert.sdk.certificate.DataFormat)3 RevocationRequest (com.venafi.vcert.sdk.certificate.RevocationRequest)3 CertificateNotFoundByThumbprintException (com.venafi.vcert.sdk.connectors.ConnectorException.CertificateNotFoundByThumbprintException)3 IOException (java.io.IOException)3 StringReader (java.io.StringReader)3 UnknownHostException (java.net.UnknownHostException)3 CertificateException (java.security.cert.CertificateException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial