Search in sources :

Example 1 with CertSigner

use of com.yahoo.athenz.common.server.cert.CertSigner in project athenz by yahoo.

the class ZTSUtilsTest method testGenerateIdentityFailure.

@Test
public void testGenerateIdentityFailure() throws IOException {
    CertSigner certSigner = Mockito.mock(CertSigner.class);
    Mockito.when(certSigner.generateX509Certificate(Mockito.<String>any(), Mockito.<String>any(), Mockito.anyInt())).thenReturn(null);
    Path path = Paths.get("src/test/resources/valid.csr");
    String csr = new String(Files.readAllBytes(path));
    Identity identity = ZTSUtils.generateIdentity(certSigner, csr, "unknown.syncer", null, 0);
    assertNull(identity);
}
Also used : Path(java.nio.file.Path) CertSigner(com.yahoo.athenz.common.server.cert.CertSigner) Identity(com.yahoo.athenz.zts.Identity) Test(org.testng.annotations.Test)

Example 2 with CertSigner

use of com.yahoo.athenz.common.server.cert.CertSigner in project athenz by yahoo.

the class HttpCertSignerTest method testHttpCertSignerFactory.

@Test
public void testHttpCertSignerFactory() {
    HttpCertSignerFactory certFactory = new HttpCertSignerFactory();
    assertNotNull(certFactory);
    CertSigner certSigner = certFactory.create();
    assertNotNull(certSigner);
    certSigner.close();
}
Also used : CertSigner(com.yahoo.athenz.common.server.cert.CertSigner) HttpCertSigner(com.yahoo.athenz.zts.cert.impl.HttpCertSigner) HttpCertSignerFactory(com.yahoo.athenz.zts.cert.impl.HttpCertSignerFactory) Test(org.testng.annotations.Test)

Example 3 with CertSigner

use of com.yahoo.athenz.common.server.cert.CertSigner in project athenz by yahoo.

the class InstanceCertManagerTest method testGetSshCertificateSigner.

@Test
public void testGetSshCertificateSigner() {
    CertSigner certSigner = Mockito.mock(com.yahoo.athenz.common.server.cert.CertSigner.class);
    Mockito.when(certSigner.getSSHCertificate(ZTSConsts.ZTS_SSH_HOST)).thenReturn("ssh-host");
    Mockito.when(certSigner.getSSHCertificate(ZTSConsts.ZTS_SSH_USER)).thenReturn("ssh-user");
    InstanceCertManager instanceManager = new InstanceCertManager(null, certSigner);
    assertEquals(instanceManager.getSshCertificateSigner("host"), "ssh-host");
    assertEquals(instanceManager.getSshCertificateSigner("user"), "ssh-user");
    // second time we should not fetch from certsigner and use fetched copies
    Mockito.when(certSigner.getSSHCertificate(ZTSConsts.ZTS_SSH_HOST)).thenReturn(null);
    Mockito.when(certSigner.getSSHCertificate(ZTSConsts.ZTS_SSH_USER)).thenReturn(null);
    assertEquals(instanceManager.getSshCertificateSigner("host"), "ssh-host");
    assertEquals(instanceManager.getSshCertificateSigner("user"), "ssh-user");
}
Also used : CertSigner(com.yahoo.athenz.common.server.cert.CertSigner) Test(org.testng.annotations.Test)

Example 4 with CertSigner

use of com.yahoo.athenz.common.server.cert.CertSigner in project athenz by yahoo.

the class InstanceCertManagerTest method testGenerateSshIdentityEmptyCertError.

@Test
public void testGenerateSshIdentityEmptyCertError() {
    String sshCsr = "{\"csr\":\"csr\",\"certtype\":\"host\"}";
    CertSigner certSigner = Mockito.mock(com.yahoo.athenz.common.server.cert.CertSigner.class);
    Mockito.when(certSigner.generateSSHCertificate(sshCsr)).thenReturn("");
    Mockito.when(certSigner.getSSHCertificate(ZTSConsts.ZTS_SSH_HOST)).thenReturn("ssh-host");
    Mockito.when(certSigner.getSSHCertificate(ZTSConsts.ZTS_SSH_USER)).thenReturn("ssh-user");
    InstanceCertManager instanceManager = new InstanceCertManager(null, certSigner);
    InstanceIdentity identity = new InstanceIdentity().setName("athenz.service");
    boolean result = instanceManager.generateSshIdentity(identity, sshCsr, "host");
    assertFalse(result);
}
Also used : CertSigner(com.yahoo.athenz.common.server.cert.CertSigner) InstanceIdentity(com.yahoo.athenz.zts.InstanceIdentity) Test(org.testng.annotations.Test)

Example 5 with CertSigner

use of com.yahoo.athenz.common.server.cert.CertSigner in project athenz by yahoo.

the class ZTSImplTest method testGetRoleTokenCert.

@Test
public void testGetRoleTokenCert() throws Exception {
    // this csr is for sports:role.readers role
    RoleCertificateRequest req = new RoleCertificateRequest().setCsr(ROLE_CERT_CORETECH_REQUEST).setExpiryTime(Long.valueOf(3600));
    SignedDomain signedDomain = createSignedDomain("coretech", "weather", "storage", true);
    store.processDomain(signedDomain, false);
    File caCert = new File("src/test/resources/valid_cn_x509.cert");
    X509Certificate caCertificate = Crypto.loadX509Certificate(caCert);
    File caKey = new File("src/test/resources/private_encrypted.key");
    PrivateKey caPrivateKey = Crypto.loadPrivateKey(caKey, "athenz");
    CertSigner certSigner = new SelfCertSigner(caPrivateKey, caCertificate);
    CloudStore cloudStore = new MockCloudStore(certSigner);
    store.setCloudStore(cloudStore);
    zts.cloudStore = cloudStore;
    Principal principal = SimplePrincipal.create("user_domain", "user1", "v=U1;d=user_domain;n=user;s=signature", 0, null);
    ResourceContext context = createResourceContext(principal);
    RoleToken roleToken = zts.postRoleCertificateRequest(context, "coretech", "readers", req);
    assertNotNull(roleToken);
    assertEquals(roleToken.getExpiryTime(), TimeUnit.SECONDS.convert(30, TimeUnit.DAYS));
}
Also used : PrivateKey(java.security.PrivateKey) MockCloudStore(com.yahoo.athenz.zts.store.MockCloudStore) CloudStore(com.yahoo.athenz.zts.store.CloudStore) CertSigner(com.yahoo.athenz.common.server.cert.CertSigner) SelfCertSigner(com.yahoo.athenz.zts.cert.impl.SelfCertSigner) SignedDomain(com.yahoo.athenz.zms.SignedDomain) MockCloudStore(com.yahoo.athenz.zts.store.MockCloudStore) SelfCertSigner(com.yahoo.athenz.zts.cert.impl.SelfCertSigner) File(java.io.File) X509Certificate(java.security.cert.X509Certificate) SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test)

Aggregations

CertSigner (com.yahoo.athenz.common.server.cert.CertSigner)11 Test (org.testng.annotations.Test)11 InstanceIdentity (com.yahoo.athenz.zts.InstanceIdentity)6 SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)2 SelfCertSigner (com.yahoo.athenz.zts.cert.impl.SelfCertSigner)2 Path (java.nio.file.Path)2 Principal (com.yahoo.athenz.auth.Principal)1 PrincipalAuthority (com.yahoo.athenz.auth.impl.PrincipalAuthority)1 SignedDomain (com.yahoo.athenz.zms.SignedDomain)1 Identity (com.yahoo.athenz.zts.Identity)1 HttpCertSigner (com.yahoo.athenz.zts.cert.impl.HttpCertSigner)1 HttpCertSignerFactory (com.yahoo.athenz.zts.cert.impl.HttpCertSignerFactory)1 ChangeLogStore (com.yahoo.athenz.zts.store.ChangeLogStore)1 CloudStore (com.yahoo.athenz.zts.store.CloudStore)1 DataStore (com.yahoo.athenz.zts.store.DataStore)1 MockCloudStore (com.yahoo.athenz.zts.store.MockCloudStore)1 MockZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.MockZMSFileChangeLogStore)1 ZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.ZMSFileChangeLogStore)1 File (java.io.File)1 IOException (java.io.IOException)1