Search in sources :

Example 1 with CertificateIssuingTemplate

use of com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate in project vcert-java by Venafi.

the class CloudPolicyToPolicyConverter method convertToPolicy.

public PolicySpecification convertToPolicy(CloudPolicy cloudPolicy) throws Exception {
    PolicySpecification policySpecification = new PolicySpecification();
    CertificateIssuingTemplate cit = cloudPolicy.certificateIssuingTemplate();
    policySpecification.name(cit.name());
    processPolicy(policySpecification, cloudPolicy);
    processDefaults(policySpecification, cloudPolicy);
    return policySpecification;
}
Also used : PolicySpecification(com.venafi.vcert.sdk.policy.domain.PolicySpecification) CertificateIssuingTemplate(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate)

Example 2 with CertificateIssuingTemplate

use of com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate in project vcert-java by Venafi.

the class PolicyToCloudPolicyConverter method convertFromPolicy.

public CloudPolicy convertFromPolicy(PolicySpecification policySpecification) throws Exception {
    CloudPolicy cloudPolicy = new CloudPolicy();
    Policy policy = policySpecification.policy();
    CloudPolicy.CAInfo caInfo = getCertAuthorityInfo(policy);
    cloudPolicy.caInfo(caInfo);
    CertificateIssuingTemplate cit = new CertificateIssuingTemplate();
    cloudPolicy.certificateIssuingTemplate(cit);
    cit.certificateAuthority(caInfo.caType());
    cit.product(new CertificateIssuingTemplate.Product(caInfo.caType(), caInfo.vendorProductName(), getValidityPeriod(policy), null, null, null));
    switch(caInfo.caType().toUpperCase()) {
        case CloudConstants.ENTRUST_TYPE:
            cit.trackingData(CloudConstants.ENTRUST_DEFAULT_TRACKING_DATA);
            break;
        case CloudConstants.DIGICERT_TYPE:
            CertificateIssuingTemplate.Product product = cit.product();
            product.hashAlgorithm("SHA256");
            product.autoRenew(false);
            break;
    }
    List<String> domainsInRegex = convertDomainsToRegex(policy);
    cit.subjectCNRegexes(domainsInRegex);
    if (policy != null && policy.subjectAltNames() != null && policy.subjectAltNames().dnsAllowed() != null) {
        if (policy.subjectAltNames().dnsAllowed())
            cit.sanDnsNameRegexes(domainsInRegex);
    } else
        cit.sanDnsNameRegexes(domainsInRegex);
    List<String> defaultRegexes = new ArrayList<>();
    defaultRegexes.add(PolicySpecificationConst.ALLOW_ALL);
    if (policy != null && policy.subject() != null) {
        Subject policySubject = policy.subject();
        cit.subjectORegexes((policySubject.orgs() != null && policySubject.orgs().length > 0) ? Arrays.asList(policySubject.orgs()) : defaultRegexes);
        cit.subjectOURegexes((policySubject.orgUnits() != null && policySubject.orgUnits().length > 0) ? Arrays.asList(policySubject.orgUnits()) : defaultRegexes);
        cit.subjectLRegexes((policySubject.localities() != null && policySubject.localities().length > 0) ? Arrays.asList(policySubject.localities()) : defaultRegexes);
        cit.subjectSTRegexes((policySubject.states() != null && policySubject.states().length > 0) ? Arrays.asList(policySubject.states()) : defaultRegexes);
        cit.subjectCValues((policySubject.countries() != null && policySubject.countries().length > 0) ? Arrays.asList(policySubject.countries()) : defaultRegexes);
    } else {
        cit.subjectORegexes(defaultRegexes);
        cit.subjectOURegexes(defaultRegexes);
        cit.subjectLRegexes(defaultRegexes);
        cit.subjectSTRegexes(defaultRegexes);
        cit.subjectCValues(defaultRegexes);
    }
    cit.keyTypes(getKeyTypes(policy));
    cit.keyReuse(policy != null && policy.keyPair() != null && policy.keyPair().reuseAllowed() != null ? policy.keyPair().reuseAllowed() : false);
    // build recommended settings
    Defaults defaults = policySpecification.defaults();
    if (defaults != null && defaults.subject() != null) {
        DefaultsSubject defaultsSubject = defaults.subject();
        if (defaultsSubject.org() != null)
            getRecommendedSettings(cit).subjectOValue(defaultsSubject.org());
        if (defaultsSubject.orgUnits() != null)
            getRecommendedSettings(cit).subjectOUValue(defaultsSubject.orgUnits()[0]);
        if (defaultsSubject.locality() != null)
            getRecommendedSettings(cit).subjectLValue(defaultsSubject.locality());
        if (defaultsSubject.state() != null)
            getRecommendedSettings(cit).subjectSTValue(defaultsSubject.state());
        if (defaultsSubject.country() != null)
            getRecommendedSettings(cit).subjectCValue(defaultsSubject.country());
    }
    if (defaults != null && defaults.keyPair() != null) {
        CertificateIssuingTemplate.AllowedKeyType recommendedKey = getDefaultKeyType(defaults);
        CertificateIssuingTemplate.RecommendedSettingsKey key = getRecommendedSettingsKey(cit);
        key.type(recommendedKey.keyType());
        key.length(recommendedKey.keyLengths().get(0));
    }
    return cloudPolicy;
}
Also used : CloudPolicy(com.venafi.vcert.sdk.policy.api.domain.CloudPolicy) ArrayList(java.util.ArrayList) CloudPolicy(com.venafi.vcert.sdk.policy.api.domain.CloudPolicy) CertificateIssuingTemplate(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate)

Example 3 with CertificateIssuingTemplate

use of com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate in project vcert-java by Venafi.

the class CloudConnectorUtils method setCit.

public static void setCit(String policyName, CertificateIssuingTemplate cit, CloudPolicy.CAInfo caInfo, String apiKey, Cloud cloud) throws VCertException {
    CloudZone cloudZone = new CloudZone(policyName);
    cit.name(cloudZone.citAlias());
    // getting the CAProductOptionId
    CAAccountInfo caAccountInfo = CloudConnectorUtils.getCAAccountInfo(caInfo, apiKey, cloud);
    String caProductOptionId = caAccountInfo.productId;
    if (caProductOptionId == null)
        throw new VCertException("Specified CA doesn't exist");
    // Setting the CAProductOptionId to the parsed cit
    cit.certificateAuthorityProductOptionId(caProductOptionId);
    // setting the OrganizationId if the CA is DIGICERT
    if (caInfo.caType().equals(CloudConstants.DIGICERT_TYPE))
        if (caAccountInfo.organizationId != null)
            cit.product().organizationId(caAccountInfo.organizationId);
        else
            throw new VCertException("It was not possible to determine the Organization Id from the DIGICERT Product.");
    // Getting the cit from the server
    CertificateIssuingTemplate citFromServer = CloudConnectorUtils.getCIT(cit.name(), apiKey, cloud);
    // if cit already exists
    if (citFromServer != null) {
        // update it
        // the citId can't put directly in the cit because it is not part of the format of the body request that the endpoint is waiting
        cloud.updateCIT(cit, citFromServer.id(), apiKey);
        cit.id(citFromServer.id());
    } else {
        // create it
        // setting the citId resulting of the creation of the cit
        cit.id(createCIT(cit, apiKey, cloud));
    }
    setCitToApp(policyName, cit, apiKey, cloud);
}
Also used : VCertException(com.venafi.vcert.sdk.VCertException) CertificateIssuingTemplate(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate) CloudZone(com.venafi.vcert.sdk.connectors.cloud.domain.CloudZone)

Example 4 with CertificateIssuingTemplate

use of com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate in project vcert-java by Venafi.

the class CloudConnectorUtils method getCloudPolicy.

public static CloudPolicy getCloudPolicy(String policyName, String apiKey, Cloud cloud) throws VCertException {
    CloudPolicy cloudPolicy = new CloudPolicy();
    CertificateIssuingTemplate cit = getPolicy(policyName, apiKey, cloud);
    cloudPolicy.certificateIssuingTemplate(cit);
    cloudPolicy.caInfo(getCAInfo(cit, apiKey, cloud));
    return cloudPolicy;
}
Also used : CertificateIssuingTemplate(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate) CloudPolicy(com.venafi.vcert.sdk.policy.api.domain.CloudPolicy)

Example 5 with CertificateIssuingTemplate

use of com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate in project vcert-java by Venafi.

the class CloudConnectorUtils method getCIT.

public static CertificateIssuingTemplate getCIT(String citName, String apiKey, Cloud cloud) throws VCertException {
    CertificateIssuingTemplate cit = null;
    CITsList citsList = cloud.getCITs(apiKey);
    for (CertificateIssuingTemplate certificateIssuingTemplate : citsList.certificateIssuingTemplates()) {
        if (certificateIssuingTemplate.name.equals(citName)) {
            cit = certificateIssuingTemplate;
            break;
        }
    }
    return cit;
}
Also used : CertificateIssuingTemplate(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate)

Aggregations

CertificateIssuingTemplate (com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate)7 CloudPolicy (com.venafi.vcert.sdk.policy.api.domain.CloudPolicy)2 VCertException (com.venafi.vcert.sdk.VCertException)1 CertificateRequest (com.venafi.vcert.sdk.certificate.CertificateRequest)1 ZoneConfiguration (com.venafi.vcert.sdk.connectors.ZoneConfiguration)1 Application (com.venafi.vcert.sdk.connectors.cloud.domain.Application)1 AllowedKeyType (com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate.AllowedKeyType)1 CloudZone (com.venafi.vcert.sdk.connectors.cloud.domain.CloudZone)1 Authentication (com.venafi.vcert.sdk.endpoint.Authentication)1 PolicySpecification (com.venafi.vcert.sdk.policy.domain.PolicySpecification)1 ArrayList (java.util.ArrayList)1 BouncyCastleProvider (org.bouncycastle.jce.provider.BouncyCastleProvider)1 Test (org.junit.jupiter.api.Test)1 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)1