use of com.venafi.vcert.sdk.policy.api.domain.CloudPolicy in project vcert-java by Venafi.
the class PolicyToCloudPolicyConverter method convertFromPolicy.
public CloudPolicy convertFromPolicy(PolicySpecification policySpecification) throws Exception {
CloudPolicy cloudPolicy = new CloudPolicy();
Policy policy = policySpecification.policy();
CloudPolicy.CAInfo caInfo = getCertAuthorityInfo(policy);
cloudPolicy.caInfo(caInfo);
CertificateIssuingTemplate cit = new CertificateIssuingTemplate();
cloudPolicy.certificateIssuingTemplate(cit);
cit.certificateAuthority(caInfo.caType());
cit.product(new CertificateIssuingTemplate.Product(caInfo.caType(), caInfo.vendorProductName(), getValidityPeriod(policy), null, null, null));
switch(caInfo.caType().toUpperCase()) {
case CloudConstants.ENTRUST_TYPE:
cit.trackingData(CloudConstants.ENTRUST_DEFAULT_TRACKING_DATA);
break;
case CloudConstants.DIGICERT_TYPE:
CertificateIssuingTemplate.Product product = cit.product();
product.hashAlgorithm("SHA256");
product.autoRenew(false);
break;
}
List<String> domainsInRegex = convertDomainsToRegex(policy);
cit.subjectCNRegexes(domainsInRegex);
if (policy != null && policy.subjectAltNames() != null && policy.subjectAltNames().dnsAllowed() != null) {
if (policy.subjectAltNames().dnsAllowed())
cit.sanDnsNameRegexes(domainsInRegex);
} else
cit.sanDnsNameRegexes(domainsInRegex);
List<String> defaultRegexes = new ArrayList<>();
defaultRegexes.add(PolicySpecificationConst.ALLOW_ALL);
if (policy != null && policy.subject() != null) {
Subject policySubject = policy.subject();
cit.subjectORegexes((policySubject.orgs() != null && policySubject.orgs().length > 0) ? Arrays.asList(policySubject.orgs()) : defaultRegexes);
cit.subjectOURegexes((policySubject.orgUnits() != null && policySubject.orgUnits().length > 0) ? Arrays.asList(policySubject.orgUnits()) : defaultRegexes);
cit.subjectLRegexes((policySubject.localities() != null && policySubject.localities().length > 0) ? Arrays.asList(policySubject.localities()) : defaultRegexes);
cit.subjectSTRegexes((policySubject.states() != null && policySubject.states().length > 0) ? Arrays.asList(policySubject.states()) : defaultRegexes);
cit.subjectCValues((policySubject.countries() != null && policySubject.countries().length > 0) ? Arrays.asList(policySubject.countries()) : defaultRegexes);
} else {
cit.subjectORegexes(defaultRegexes);
cit.subjectOURegexes(defaultRegexes);
cit.subjectLRegexes(defaultRegexes);
cit.subjectSTRegexes(defaultRegexes);
cit.subjectCValues(defaultRegexes);
}
cit.keyTypes(getKeyTypes(policy));
cit.keyReuse(policy != null && policy.keyPair() != null && policy.keyPair().reuseAllowed() != null ? policy.keyPair().reuseAllowed() : false);
// build recommended settings
Defaults defaults = policySpecification.defaults();
if (defaults != null && defaults.subject() != null) {
DefaultsSubject defaultsSubject = defaults.subject();
if (defaultsSubject.org() != null)
getRecommendedSettings(cit).subjectOValue(defaultsSubject.org());
if (defaultsSubject.orgUnits() != null)
getRecommendedSettings(cit).subjectOUValue(defaultsSubject.orgUnits()[0]);
if (defaultsSubject.locality() != null)
getRecommendedSettings(cit).subjectLValue(defaultsSubject.locality());
if (defaultsSubject.state() != null)
getRecommendedSettings(cit).subjectSTValue(defaultsSubject.state());
if (defaultsSubject.country() != null)
getRecommendedSettings(cit).subjectCValue(defaultsSubject.country());
}
if (defaults != null && defaults.keyPair() != null) {
CertificateIssuingTemplate.AllowedKeyType recommendedKey = getDefaultKeyType(defaults);
CertificateIssuingTemplate.RecommendedSettingsKey key = getRecommendedSettingsKey(cit);
key.type(recommendedKey.keyType());
key.length(recommendedKey.keyLengths().get(0));
}
return cloudPolicy;
}
use of com.venafi.vcert.sdk.policy.api.domain.CloudPolicy in project vcert-java by Venafi.
the class CloudConnectorUtils method getCloudPolicy.
public static CloudPolicy getCloudPolicy(String policyName, String apiKey, Cloud cloud) throws VCertException {
CloudPolicy cloudPolicy = new CloudPolicy();
CertificateIssuingTemplate cit = getPolicy(policyName, apiKey, cloud);
cloudPolicy.certificateIssuingTemplate(cit);
cloudPolicy.caInfo(getCAInfo(cit, apiKey, cloud));
return cloudPolicy;
}
use of com.venafi.vcert.sdk.policy.api.domain.CloudPolicy in project vcert-java by Venafi.
the class CloudConnector method setPolicy.
@Override
public void setPolicy(String policyName, PolicySpecification policySpecification) throws VCertException {
try {
CloudPolicy cloudPolicy = CloudPolicySpecificationConverter.INSTANCE.convertFromPolicySpecification(policySpecification);
CloudConnectorUtils.setCit(policyName, cloudPolicy.certificateIssuingTemplate(), cloudPolicy.caInfo(), auth.apiKey(), cloud);
} catch (Exception e) {
throw new VCertException(e);
}
}
use of com.venafi.vcert.sdk.policy.api.domain.CloudPolicy in project vcert-java by Venafi.
the class CloudConnector method getPolicy.
private PolicySpecification getPolicy(String policyName, boolean removeRegexFromSubjectCN) throws VCertException {
PolicySpecification policySpecification;
try {
CloudPolicy cloudPolicy = CloudConnectorUtils.getCloudPolicy(policyName, auth.apiKey(), cloud);
cloudPolicy.removeRegexesFromSubjectCN(removeRegexFromSubjectCN);
policySpecification = CloudPolicySpecificationConverter.INSTANCE.convertToPolicySpecification(cloudPolicy);
} catch (Exception e) {
throw new VCertException(e);
}
return policySpecification;
}
Aggregations