Search in sources :

Example 1 with CloudPolicy

use of com.venafi.vcert.sdk.policy.api.domain.CloudPolicy in project vcert-java by Venafi.

the class PolicyToCloudPolicyConverter method convertFromPolicy.

public CloudPolicy convertFromPolicy(PolicySpecification policySpecification) throws Exception {
    CloudPolicy cloudPolicy = new CloudPolicy();
    Policy policy = policySpecification.policy();
    CloudPolicy.CAInfo caInfo = getCertAuthorityInfo(policy);
    cloudPolicy.caInfo(caInfo);
    CertificateIssuingTemplate cit = new CertificateIssuingTemplate();
    cloudPolicy.certificateIssuingTemplate(cit);
    cit.certificateAuthority(caInfo.caType());
    cit.product(new CertificateIssuingTemplate.Product(caInfo.caType(), caInfo.vendorProductName(), getValidityPeriod(policy), null, null, null));
    switch(caInfo.caType().toUpperCase()) {
        case CloudConstants.ENTRUST_TYPE:
            cit.trackingData(CloudConstants.ENTRUST_DEFAULT_TRACKING_DATA);
            break;
        case CloudConstants.DIGICERT_TYPE:
            CertificateIssuingTemplate.Product product = cit.product();
            product.hashAlgorithm("SHA256");
            product.autoRenew(false);
            break;
    }
    List<String> domainsInRegex = convertDomainsToRegex(policy);
    cit.subjectCNRegexes(domainsInRegex);
    if (policy != null && policy.subjectAltNames() != null && policy.subjectAltNames().dnsAllowed() != null) {
        if (policy.subjectAltNames().dnsAllowed())
            cit.sanDnsNameRegexes(domainsInRegex);
    } else
        cit.sanDnsNameRegexes(domainsInRegex);
    List<String> defaultRegexes = new ArrayList<>();
    defaultRegexes.add(PolicySpecificationConst.ALLOW_ALL);
    if (policy != null && policy.subject() != null) {
        Subject policySubject = policy.subject();
        cit.subjectORegexes((policySubject.orgs() != null && policySubject.orgs().length > 0) ? Arrays.asList(policySubject.orgs()) : defaultRegexes);
        cit.subjectOURegexes((policySubject.orgUnits() != null && policySubject.orgUnits().length > 0) ? Arrays.asList(policySubject.orgUnits()) : defaultRegexes);
        cit.subjectLRegexes((policySubject.localities() != null && policySubject.localities().length > 0) ? Arrays.asList(policySubject.localities()) : defaultRegexes);
        cit.subjectSTRegexes((policySubject.states() != null && policySubject.states().length > 0) ? Arrays.asList(policySubject.states()) : defaultRegexes);
        cit.subjectCValues((policySubject.countries() != null && policySubject.countries().length > 0) ? Arrays.asList(policySubject.countries()) : defaultRegexes);
    } else {
        cit.subjectORegexes(defaultRegexes);
        cit.subjectOURegexes(defaultRegexes);
        cit.subjectLRegexes(defaultRegexes);
        cit.subjectSTRegexes(defaultRegexes);
        cit.subjectCValues(defaultRegexes);
    }
    cit.keyTypes(getKeyTypes(policy));
    cit.keyReuse(policy != null && policy.keyPair() != null && policy.keyPair().reuseAllowed() != null ? policy.keyPair().reuseAllowed() : false);
    // build recommended settings
    Defaults defaults = policySpecification.defaults();
    if (defaults != null && defaults.subject() != null) {
        DefaultsSubject defaultsSubject = defaults.subject();
        if (defaultsSubject.org() != null)
            getRecommendedSettings(cit).subjectOValue(defaultsSubject.org());
        if (defaultsSubject.orgUnits() != null)
            getRecommendedSettings(cit).subjectOUValue(defaultsSubject.orgUnits()[0]);
        if (defaultsSubject.locality() != null)
            getRecommendedSettings(cit).subjectLValue(defaultsSubject.locality());
        if (defaultsSubject.state() != null)
            getRecommendedSettings(cit).subjectSTValue(defaultsSubject.state());
        if (defaultsSubject.country() != null)
            getRecommendedSettings(cit).subjectCValue(defaultsSubject.country());
    }
    if (defaults != null && defaults.keyPair() != null) {
        CertificateIssuingTemplate.AllowedKeyType recommendedKey = getDefaultKeyType(defaults);
        CertificateIssuingTemplate.RecommendedSettingsKey key = getRecommendedSettingsKey(cit);
        key.type(recommendedKey.keyType());
        key.length(recommendedKey.keyLengths().get(0));
    }
    return cloudPolicy;
}
Also used : CloudPolicy(com.venafi.vcert.sdk.policy.api.domain.CloudPolicy) ArrayList(java.util.ArrayList) CloudPolicy(com.venafi.vcert.sdk.policy.api.domain.CloudPolicy) CertificateIssuingTemplate(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate)

Example 2 with CloudPolicy

use of com.venafi.vcert.sdk.policy.api.domain.CloudPolicy in project vcert-java by Venafi.

the class CloudConnectorUtils method getCloudPolicy.

public static CloudPolicy getCloudPolicy(String policyName, String apiKey, Cloud cloud) throws VCertException {
    CloudPolicy cloudPolicy = new CloudPolicy();
    CertificateIssuingTemplate cit = getPolicy(policyName, apiKey, cloud);
    cloudPolicy.certificateIssuingTemplate(cit);
    cloudPolicy.caInfo(getCAInfo(cit, apiKey, cloud));
    return cloudPolicy;
}
Also used : CertificateIssuingTemplate(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate) CloudPolicy(com.venafi.vcert.sdk.policy.api.domain.CloudPolicy)

Example 3 with CloudPolicy

use of com.venafi.vcert.sdk.policy.api.domain.CloudPolicy in project vcert-java by Venafi.

the class CloudConnector method setPolicy.

@Override
public void setPolicy(String policyName, PolicySpecification policySpecification) throws VCertException {
    try {
        CloudPolicy cloudPolicy = CloudPolicySpecificationConverter.INSTANCE.convertFromPolicySpecification(policySpecification);
        CloudConnectorUtils.setCit(policyName, cloudPolicy.certificateIssuingTemplate(), cloudPolicy.caInfo(), auth.apiKey(), cloud);
    } catch (Exception e) {
        throw new VCertException(e);
    }
}
Also used : VCertException(com.venafi.vcert.sdk.VCertException) CloudPolicy(com.venafi.vcert.sdk.policy.api.domain.CloudPolicy) VCertException(com.venafi.vcert.sdk.VCertException) ConnectorException(com.venafi.vcert.sdk.connectors.ConnectorException) IOException(java.io.IOException)

Example 4 with CloudPolicy

use of com.venafi.vcert.sdk.policy.api.domain.CloudPolicy in project vcert-java by Venafi.

the class CloudConnector method getPolicy.

private PolicySpecification getPolicy(String policyName, boolean removeRegexFromSubjectCN) throws VCertException {
    PolicySpecification policySpecification;
    try {
        CloudPolicy cloudPolicy = CloudConnectorUtils.getCloudPolicy(policyName, auth.apiKey(), cloud);
        cloudPolicy.removeRegexesFromSubjectCN(removeRegexFromSubjectCN);
        policySpecification = CloudPolicySpecificationConverter.INSTANCE.convertToPolicySpecification(cloudPolicy);
    } catch (Exception e) {
        throw new VCertException(e);
    }
    return policySpecification;
}
Also used : PolicySpecification(com.venafi.vcert.sdk.policy.domain.PolicySpecification) VCertException(com.venafi.vcert.sdk.VCertException) CloudPolicy(com.venafi.vcert.sdk.policy.api.domain.CloudPolicy) VCertException(com.venafi.vcert.sdk.VCertException) ConnectorException(com.venafi.vcert.sdk.connectors.ConnectorException) IOException(java.io.IOException)

Aggregations

CloudPolicy (com.venafi.vcert.sdk.policy.api.domain.CloudPolicy)4 VCertException (com.venafi.vcert.sdk.VCertException)2 ConnectorException (com.venafi.vcert.sdk.connectors.ConnectorException)2 CertificateIssuingTemplate (com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate)2 IOException (java.io.IOException)2 PolicySpecification (com.venafi.vcert.sdk.policy.domain.PolicySpecification)1 ArrayList (java.util.ArrayList)1