Examples with ZoneConfiguration com.venafi.vcert.sdk.connectors.ZoneConfiguration used on opensource projects

Search in sources :

Example 1 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class TppConnectorCertAT method privateKeyPKCSTest.

@Test
void privateKeyPKCSTest() throws VCertException, UnknownHostException, IOException {
    TppConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    // By default the DataFormat of the CertificateRequest is PKCS8
    CertificateRequest certificateRequest = connectorResource.certificateRequest().csrOrigin(CsrOriginOption.ServiceGeneratedCSR).keyPassword(TestUtils.KEY_PASSWORD);
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    String pickupId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(pickupId).isNotNull();
    // Retrieving the PemCollection
    PEMCollection pemCollectionRSAPrivateKeyPKCS8 = connector.retrieveCertificate(certificateRequest);
    // getting the PrivateKey as PEM which should be a RSA Private Key in PKCS8 Encrypted
    String privateKeyPKCS8AsEncryptedPem = pemCollectionRSAPrivateKeyPKCS8.pemPrivateKey();
    PemObject privateKeyPKCS8AsPemObject = new PemReader(new StringReader(privateKeyPKCS8AsEncryptedPem)).readPemObject();
    // evaluating that the private Key is in PKCS8 Encrypted
    assertThat(pemCollectionRSAPrivateKeyPKCS8.privateKey()).isNotNull();
    assertTrue(privateKeyPKCS8AsPemObject.getType().equals(TestUtils.PEM_HEADER_PKCS8_ENCRYPTED));
    // changing to data format Legacy in order to get the PrivateKey in PKCS1
    certificateRequest.dataFormat(DataFormat.LEGACY);
    // Retrieving the PemCollection
    PEMCollection pemCollectionRSAPrivateKey = connector.retrieveCertificate(certificateRequest);
    // getting the PrivateKey as PEM which should be a RSA Private Key Encrypted
    String privateKeyRSAAsEncryptedPem = pemCollectionRSAPrivateKey.pemPrivateKey();
    PemObject privateKeyRSAAsPemObject = new PemReader(new StringReader(privateKeyRSAAsEncryptedPem)).readPemObject();
    // evaluating that the private Key is in PKCS1 Encrypted
    assertThat(pemCollectionRSAPrivateKey.privateKey()).isNotNull();
    assertTrue(privateKeyRSAAsPemObject.getHeaders().stream().anyMatch(header -> TestUtils.PEM_RSA_PRIVATE_KEY_ENCRYPTED_HEADER_VALUE.equals(((PemHeader) header).getValue())));
}
Also used : X509Certificate(java.security.cert.X509Certificate) ImportResponse(com.venafi.vcert.sdk.certificate.ImportResponse) RenewalRequest(com.venafi.vcert.sdk.certificate.RenewalRequest) Date(java.util.Date) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) LocalDateTime(java.time.LocalDateTime) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) PemHeader(org.bouncycastle.util.io.pem.PemHeader) TestUtils(com.venafi.vcert.sdk.TestUtils) CsrOriginOption(com.venafi.vcert.sdk.certificate.CsrOriginOption) SocketException(java.net.SocketException) RegisterExtension(org.junit.jupiter.api.extension.RegisterExtension) ZoneOffset(java.time.ZoneOffset) VCertUtils(com.venafi.vcert.sdk.utils.VCertUtils) PemObject(org.bouncycastle.util.io.pem.PemObject) PemReader(org.bouncycastle.util.io.pem.PemReader) Assert.assertTrue(org.junit.Assert.assertTrue) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) Instant(java.time.Instant) UnknownHostException(java.net.UnknownHostException) VCertException(com.venafi.vcert.sdk.VCertException) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) DisplayName(org.junit.jupiter.api.DisplayName) Test(org.junit.jupiter.api.Test) DataFormat(com.venafi.vcert.sdk.certificate.DataFormat) ImportRequest(com.venafi.vcert.sdk.certificate.ImportRequest) StringReader(java.io.StringReader) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) LocalDate(java.time.LocalDate) DigestUtils(org.apache.commons.codec.digest.DigestUtils) RevocationRequest(com.venafi.vcert.sdk.certificate.RevocationRequest) PemObject(org.bouncycastle.util.io.pem.PemObject) PemReader(org.bouncycastle.util.io.pem.PemReader) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) StringReader(java.io.StringReader) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 2 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class TppConnectorCertAT method retrieveCertificate.

@Test
void retrieveCertificate() throws VCertException, SocketException, UnknownHostException {
    TppConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    CertificateRequest certificateRequest = connectorResource.certificateRequest();
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(certificateId).isNotNull();
    PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
    assertThat(pemCollection.certificate()).isNotNull();
    assertThat(pemCollection.privateKey()).isNotNull();
}
Also used : PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 3 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class TppConnectorIT method readZoneConfiguration.

@Test
void readZoneConfiguration() throws VCertException {
    ZoneConfiguration zoneConfiguration = classUnderTest.readZoneConfiguration("tag");
    assertThat(zoneConfiguration).isNotNull();
    assertThat(zoneConfiguration.organization()).isNull();
    assertThat(zoneConfiguration.organizationalUnit()).isNotNull();
    assertThat(zoneConfiguration.organizationalUnit()).isEmpty();
    assertThat(zoneConfiguration.country()).isNull();
    assertThat(zoneConfiguration.province()).isNull();
    assertThat(zoneConfiguration.locality()).isNull();
    assertThat(zoneConfiguration.policy()).isNotNull();
    assertThat(zoneConfiguration.policy().subjectCNRegexes()).containsExactly(".*");
    assertThat(zoneConfiguration.policy().subjectORegexes()).containsExactly(".*");
    assertThat(zoneConfiguration.policy().subjectOURegexes()).containsExactly(".*");
    assertThat(zoneConfiguration.policy().subjectSTRegexes()).containsExactly(".*");
    assertThat(zoneConfiguration.policy().subjectLRegexes()).containsExactly(".*");
    assertThat(zoneConfiguration.policy().subjectCRegexes()).containsExactly(".*");
    assertThat(zoneConfiguration.policy().allowedKeyConfigurations()).isNotNull();
    assertThat(zoneConfiguration.policy().allowedKeyConfigurations()).hasSize(2);
    assertThat(zoneConfiguration.policy().allowedKeyConfigurations().get(0).keyType()).isEqualTo(RSA);
    assertThat(zoneConfiguration.policy().allowedKeyConfigurations().get(0).keySizes()).containsExactly(512, 1024, 2048, 4096, 8192);
    assertThat(zoneConfiguration.policy().allowedKeyConfigurations().get(0).keyCurves()).isNull();
    assertThat(zoneConfiguration.policy().allowedKeyConfigurations().get(1).keyType()).isEqualTo(ECDSA);
    assertThat(zoneConfiguration.policy().allowedKeyConfigurations().get(1).keySizes()).isNull();
    assertThat(zoneConfiguration.policy().allowedKeyConfigurations().get(1).keyCurves()).containsExactly(EllipticCurveP224, EllipticCurveP256, EllipticCurveP384, EllipticCurveP521);
    assertThat(zoneConfiguration.policy().dnsSanRegExs()).containsExactly(".*");
    assertThat(zoneConfiguration.policy().ipSanRegExs()).containsExactly(".*");
    assertThat(zoneConfiguration.policy().emailSanRegExs()).containsExactly(".*");
    assertThat(zoneConfiguration.policy().uriSanRegExs()).containsExactly(".*");
    assertThat(zoneConfiguration.policy().upnSanRegExs()).containsExactly(".*");
    assertThat(zoneConfiguration.policy().allowWildcards()).isTrue();
    assertThat(zoneConfiguration.policy().allowKeyReuse()).isFalse();
    assertThat(zoneConfiguration.hashAlgorithm()).isEqualTo(SHA256WithRSA);
    assertThat(zoneConfiguration.customAttributeValues()).isNotNull();
    assertThat(zoneConfiguration.customAttributeValues()).isEmpty();
}
Also used : ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) Test(org.junit.jupiter.api.Test)

Example 4 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class TppTokenConnectorAT method generateRequest.

@Test
void generateRequest() throws VCertException, IOException {
    String commonName = TestUtils.randomCN();
    ZoneConfiguration zoneConfiguration = connectorResource.connector().readZoneConfiguration(TestUtils.TPP_ZONE);
    CertificateRequest certificateRequest = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName(commonName).organization(Collections.singletonList("Venafi, Inc.")).organizationalUnit(Arrays.asList("Engineering", "Automated Tests")).country(Collections.singletonList("US")).locality(Collections.singletonList("SLC")).province(Collections.singletonList("Utah"))).dnsNames(Collections.singletonList(InetAddress.getLocalHost().getHostName())).ipAddresses(getTestIps()).keyType(KeyType.RSA).keyLength(2048);
    certificateRequest = connectorResource.connector().generateRequest(zoneConfiguration, certificateRequest);
    assertThat(certificateRequest.csr()).isNotEmpty();
    PKCS10CertificationRequest request = (PKCS10CertificationRequest) new PEMParser(new StringReader(new String(certificateRequest.csr()))).readObject();
    // Values overridden by policy which is why they don't match the above values
    String subject = request.getSubject().toString();
    assertThat(subject).contains(format("CN=%s", commonName));
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) PEMParser(org.bouncycastle.openssl.PEMParser) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) StringReader(java.io.StringReader) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 5 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class TppTokenConnectorCertAT method privateKeyPKCSTest.

@Test
void privateKeyPKCSTest() throws VCertException, UnknownHostException, IOException {
    TppTokenConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    // By default the DataFormat of the CertificateRequest is PKCS8
    CertificateRequest certificateRequest = connectorResource.certificateRequest().csrOrigin(CsrOriginOption.ServiceGeneratedCSR).keyPassword(TestUtils.KEY_PASSWORD);
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    String pickupId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(pickupId).isNotNull();
    // Retrieving the PemCollection
    PEMCollection pemCollectionRSAPrivateKeyPKCS8 = connector.retrieveCertificate(certificateRequest);
    // getting the PrivateKey as PEM which should be a RSA Private Key in PKCS8 Encrypted
    String privateKeyPKCS8AsEncryptedPem = pemCollectionRSAPrivateKeyPKCS8.pemPrivateKey();
    PemObject privateKeyPKCS8AsPemObject = new PemReader(new StringReader(privateKeyPKCS8AsEncryptedPem)).readPemObject();
    // evaluating that the private Key is in PKCS8 Encrypted
    assertThat(pemCollectionRSAPrivateKeyPKCS8.privateKey()).isNotNull();
    assertTrue(privateKeyPKCS8AsPemObject.getType().equals(TestUtils.PEM_HEADER_PKCS8_ENCRYPTED));
    // changing to data format Legacy in order to get the PrivateKey in PKCS1
    certificateRequest.dataFormat(DataFormat.LEGACY);
    // Retrieving the PemCollection
    PEMCollection pemCollectionRSAPrivateKey = connector.retrieveCertificate(certificateRequest);
    // getting the PrivateKey as PEM which should be a RSA Private Key Encrypted
    String privateKeyRSAAsEncryptedPem = pemCollectionRSAPrivateKey.pemPrivateKey();
    PemObject privateKeyRSAAsPemObject = new PemReader(new StringReader(privateKeyRSAAsEncryptedPem)).readPemObject();
    // evaluating that the private Key is in PKCS1 Encrypted
    assertThat(pemCollectionRSAPrivateKey.privateKey()).isNotNull();
    assertTrue(privateKeyRSAAsPemObject.getHeaders().stream().anyMatch(header -> TestUtils.PEM_RSA_PRIVATE_KEY_ENCRYPTED_HEADER_VALUE.equals(((PemHeader) header).getValue())));
}
Also used : X509Certificate(java.security.cert.X509Certificate) ImportResponse(com.venafi.vcert.sdk.certificate.ImportResponse) RenewalRequest(com.venafi.vcert.sdk.certificate.RenewalRequest) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) PemHeader(org.bouncycastle.util.io.pem.PemHeader) TestUtils(com.venafi.vcert.sdk.TestUtils) ArrayList(java.util.ArrayList) CsrOriginOption(com.venafi.vcert.sdk.certificate.CsrOriginOption) SocketException(java.net.SocketException) RegisterExtension(org.junit.jupiter.api.extension.RegisterExtension) PemObject(org.bouncycastle.util.io.pem.PemObject) PemReader(org.bouncycastle.util.io.pem.PemReader) CustomField(com.venafi.vcert.sdk.certificate.CustomField) Assert.assertTrue(org.junit.Assert.assertTrue) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) UnknownHostException(java.net.UnknownHostException) VCertException(com.venafi.vcert.sdk.VCertException) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) DisplayName(org.junit.jupiter.api.DisplayName) Test(org.junit.jupiter.api.Test) DataFormat(com.venafi.vcert.sdk.certificate.DataFormat) ImportRequest(com.venafi.vcert.sdk.certificate.ImportRequest) List(java.util.List) StringReader(java.io.StringReader) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) DigestUtils(org.apache.commons.codec.digest.DigestUtils) RevocationRequest(com.venafi.vcert.sdk.certificate.RevocationRequest) PemObject(org.bouncycastle.util.io.pem.PemObject) PemReader(org.bouncycastle.util.io.pem.PemReader) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) StringReader(java.io.StringReader) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Aggregations

ZoneConfiguration (com.venafi.vcert.sdk.connectors.ZoneConfiguration)50 CertificateRequest (com.venafi.vcert.sdk.certificate.CertificateRequest)42 Test (org.junit.jupiter.api.Test)42 DisplayName (org.junit.jupiter.api.DisplayName)20 PEMCollection (com.venafi.vcert.sdk.certificate.PEMCollection)17 RenewalRequest (com.venafi.vcert.sdk.certificate.RenewalRequest)7 StringReader (java.io.StringReader)7 X509Certificate (java.security.cert.X509Certificate)7 RevocationRequest (com.venafi.vcert.sdk.certificate.RevocationRequest)5 Authentication (com.venafi.vcert.sdk.endpoint.Authentication)5 PEMParser (org.bouncycastle.openssl.PEMParser)4 PKCS10CertificationRequest (org.bouncycastle.pkcs.PKCS10CertificationRequest)4 Config (com.venafi.vcert.sdk.Config)3 TestUtils (com.venafi.vcert.sdk.TestUtils)3 VCertException (com.venafi.vcert.sdk.VCertException)3 CsrOriginOption (com.venafi.vcert.sdk.certificate.CsrOriginOption)3 DataFormat (com.venafi.vcert.sdk.certificate.DataFormat)3 ServerPolicy (com.venafi.vcert.sdk.connectors.ServerPolicy)3 FeignException (feign.FeignException)3 IOException (java.io.IOException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial