use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CertificateCredentialVersionTest method CertificateCredential_withMissingCertificateValue_shouldNotError.
@Test
public void CertificateCredential_withMissingCertificateValue_shouldNotError() {
final CertificateCredentialValue certificateCredentialValue = new CertificateCredentialValue("someCa", "", "my-priv", "/aCaName");
final CertificateCredentialVersion certificateCredential = new CertificateCredentialVersion(certificateCredentialValue, encryptor);
assertThat(certificateCredential.getCa(), equalTo("someCa"));
assertThat(certificateCredential.getCertificate(), equalTo(""));
assertThat(certificateCredential.getPrivateKey(), equalTo("my-priv"));
assertThat(certificateCredential.getCaName(), equalTo("/aCaName"));
}
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CertificateGeneratorTest method whenTheCADoesNotHaveAPrivateKey_itThrowsAnException.
@Test
public void whenTheCADoesNotHaveAPrivateKey_itThrowsAnException() throws Exception {
CertificateGenerationRequestParameters parameters = new CertificateGenerationRequestParameters();
parameters.setCaName("/ca-without-private-key");
parameters.setKeyLength(2048);
parameters.setSelfSigned(false);
CertificateCredentialValue caWithoutPrivateKey = mock(CertificateCredentialValue.class);
when(certificateAuthorityService.findActiveVersion("/ca-without-private-key")).thenReturn(caWithoutPrivateKey);
when(caWithoutPrivateKey.getPrivateKey()).thenReturn(null);
when(keyGenerator.generateKeyPair(anyInt())).thenReturn(rootCaKeyPair);
try {
subject.generateCredential(new CertificateGenerationParameters(parameters));
fail("Should throw exception");
} catch (ParameterizedValidationException e) {
assertThat(e.getMessage(), equalTo("error.ca_missing_private_key"));
}
}
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CertificateGeneratorTest method beforeEach.
@Before
public void beforeEach() throws Exception {
TestHelper.getBouncyCastleProvider();
keyGenerator = mock(LibcryptoRsaKeyPairGenerator.class);
signedCertificateGenerator = mock(SignedCertificateGenerator.class);
certificateAuthorityService = mock(CertificateAuthorityService.class);
permissionCheckingService = mock(PermissionCheckingService.class);
userContext = mock(UserContext.class);
subject = new CertificateGenerator(keyGenerator, signedCertificateGenerator, certificateAuthorityService);
when(permissionCheckingService.hasPermission(anyString(), anyString(), any())).thenReturn(true);
fakeKeyPairGenerator = new FakeKeyPairGenerator();
rootCaDn = new X500Name("O=foo,ST=bar,C=root");
signeeDn = new X500Name("O=foo,ST=bar,C=mars");
rootCaKeyPair = fakeKeyPairGenerator.generate();
X509CertificateHolder caX509CertHolder = makeCert(rootCaKeyPair, rootCaKeyPair.getPrivate(), rootCaDn, rootCaDn, true);
rootCaX509Certificate = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(caX509CertHolder);
rootCa = new CertificateCredentialValue(null, CertificateFormatter.pemOf(rootCaX509Certificate), CertificateFormatter.pemOf(rootCaKeyPair.getPrivate()), null);
generationParameters = new CertificateGenerationRequestParameters();
generationParameters.setOrganization("foo");
generationParameters.setState("bar");
generationParameters.setCaName("my-ca-name");
generationParameters.setCountry("mars");
generationParameters.setDuration(365);
inputParameters = new CertificateGenerationParameters(generationParameters);
}
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class PermissionedCertificateServiceTest method save_whenTransitionalIsTrue_AndThereIsAnotherTransitionalVersion_throwsAnException.
@Test
public void save_whenTransitionalIsTrue_AndThereIsAnotherTransitionalVersion_throwsAnException() throws Exception {
CertificateCredentialValue value = mock(CertificateCredentialValue.class);
when(value.isTransitional()).thenReturn(true);
BaseCredentialGenerateRequest generateRequest = mock(BaseCredentialGenerateRequest.class);
when(generateRequest.getName()).thenReturn("/some-name");
CertificateCredentialVersion previousVersion = mock(CertificateCredentialVersion.class);
when(previousVersion.isVersionTransitional()).thenReturn(true);
when(permissionedCredentialService.findAllByName(eq("/some-name"), any())).thenReturn(newArrayList(previousVersion));
try {
subject.save(mock(CredentialVersion.class), value, generateRequest, newArrayList());
fail("should throw exception");
} catch (ParameterizedValidationException e) {
assertThat(e.getMessage(), equalTo("error.too_many_transitional_versions"));
}
}
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CertificateAuthorityServiceTest method beforeEach.
@Before
public void beforeEach() {
certificate = new CertificateCredentialValue(null, CertificateStringConstants.SELF_SIGNED_CA_CERT, "my-key", null);
certificateCredential = mock(CertificateCredentialVersion.class);
permissionCheckingService = mock(PermissionCheckingService.class);
userContext = mock(UserContext.class);
when(userContext.getActor()).thenReturn(USER_NAME);
when(certificateCredential.getName()).thenReturn(CREDENTIAL_NAME);
when(permissionCheckingService.hasPermission(USER_NAME, CREDENTIAL_NAME, PermissionOperation.READ)).thenReturn(true);
certificateVersionDataService = mock(CertificateVersionDataService.class);
UserContextHolder userContextHolder = new UserContextHolder();
userContextHolder.setUserContext(userContext);
certificateAuthorityService = new CertificateAuthorityService(certificateVersionDataService, permissionCheckingService, userContextHolder);
}
Aggregations