Example 11 with CertificateCredentialValue
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CertificateCredentialVersionTest method CertificateCredential_withMissingCertificateValue_shouldNotError.
@Test
public void CertificateCredential_withMissingCertificateValue_shouldNotError() {
final CertificateCredentialValue certificateCredentialValue = new CertificateCredentialValue("someCa", "", "my-priv", "/aCaName");
final CertificateCredentialVersion certificateCredential = new CertificateCredentialVersion(certificateCredentialValue, encryptor);
assertThat(certificateCredential.getCa(), equalTo("someCa"));
assertThat(certificateCredential.getCertificate(), equalTo(""));
assertThat(certificateCredential.getPrivateKey(), equalTo("my-priv"));
assertThat(certificateCredential.getCaName(), equalTo("/aCaName"));
}
Also used :
CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue)
Test(org.junit.Test)
Example 12 with CertificateCredentialValue
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CertificateGeneratorTest method whenTheCADoesNotHaveAPrivateKey_itThrowsAnException.
@Test
public void whenTheCADoesNotHaveAPrivateKey_itThrowsAnException() throws Exception {
CertificateGenerationRequestParameters parameters = new CertificateGenerationRequestParameters();
parameters.setCaName("/ca-without-private-key");
parameters.setKeyLength(2048);
parameters.setSelfSigned(false);
CertificateCredentialValue caWithoutPrivateKey = mock(CertificateCredentialValue.class);
when(certificateAuthorityService.findActiveVersion("/ca-without-private-key")).thenReturn(caWithoutPrivateKey);
when(caWithoutPrivateKey.getPrivateKey()).thenReturn(null);
when(keyGenerator.generateKeyPair(anyInt())).thenReturn(rootCaKeyPair);
try {
subject.generateCredential(new CertificateGenerationParameters(parameters));
fail("Should throw exception");
} catch (ParameterizedValidationException e) {
assertThat(e.getMessage(), equalTo("error.ca_missing_private_key"));
}
}
Also used :
CertificateGenerationParameters(org.cloudfoundry.credhub.domain.CertificateGenerationParameters)
CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue)
CertificateGenerationRequestParameters(org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters)
ParameterizedValidationException(org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)
Test(org.junit.Test)
Example 13 with CertificateCredentialValue
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CertificateGeneratorTest method beforeEach.
@Before
public void beforeEach() throws Exception {
TestHelper.getBouncyCastleProvider();
keyGenerator = mock(LibcryptoRsaKeyPairGenerator.class);
signedCertificateGenerator = mock(SignedCertificateGenerator.class);
certificateAuthorityService = mock(CertificateAuthorityService.class);
permissionCheckingService = mock(PermissionCheckingService.class);
userContext = mock(UserContext.class);
subject = new CertificateGenerator(keyGenerator, signedCertificateGenerator, certificateAuthorityService);
when(permissionCheckingService.hasPermission(anyString(), anyString(), any())).thenReturn(true);
fakeKeyPairGenerator = new FakeKeyPairGenerator();
rootCaDn = new X500Name("O=foo,ST=bar,C=root");
signeeDn = new X500Name("O=foo,ST=bar,C=mars");
rootCaKeyPair = fakeKeyPairGenerator.generate();
X509CertificateHolder caX509CertHolder = makeCert(rootCaKeyPair, rootCaKeyPair.getPrivate(), rootCaDn, rootCaDn, true);
rootCaX509Certificate = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(caX509CertHolder);
rootCa = new CertificateCredentialValue(null, CertificateFormatter.pemOf(rootCaX509Certificate), CertificateFormatter.pemOf(rootCaKeyPair.getPrivate()), null);
generationParameters = new CertificateGenerationRequestParameters();
generationParameters.setOrganization("foo");
generationParameters.setState("bar");
generationParameters.setCaName("my-ca-name");
generationParameters.setCountry("mars");
generationParameters.setDuration(365);
inputParameters = new CertificateGenerationParameters(generationParameters);
}
Also used :
UserContext(org.cloudfoundry.credhub.auth.UserContext)
CertificateAuthorityService(org.cloudfoundry.credhub.data.CertificateAuthorityService)
X500Name(org.bouncycastle.asn1.x500.X500Name)
CertificateGenerationRequestParameters(org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters)
PermissionCheckingService(org.cloudfoundry.credhub.service.PermissionCheckingService)
CertificateGenerationParameters(org.cloudfoundry.credhub.domain.CertificateGenerationParameters)
JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)
CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
Before(org.junit.Before)
Example 14 with CertificateCredentialValue
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class PermissionedCertificateServiceTest method save_whenTransitionalIsTrue_AndThereIsAnotherTransitionalVersion_throwsAnException.
@Test
public void save_whenTransitionalIsTrue_AndThereIsAnotherTransitionalVersion_throwsAnException() throws Exception {
CertificateCredentialValue value = mock(CertificateCredentialValue.class);
when(value.isTransitional()).thenReturn(true);
BaseCredentialGenerateRequest generateRequest = mock(BaseCredentialGenerateRequest.class);
when(generateRequest.getName()).thenReturn("/some-name");
CertificateCredentialVersion previousVersion = mock(CertificateCredentialVersion.class);
when(previousVersion.isVersionTransitional()).thenReturn(true);
when(permissionedCredentialService.findAllByName(eq("/some-name"), any())).thenReturn(newArrayList(previousVersion));
try {
subject.save(mock(CredentialVersion.class), value, generateRequest, newArrayList());
fail("should throw exception");
} catch (ParameterizedValidationException e) {
assertThat(e.getMessage(), equalTo("error.too_many_transitional_versions"));
}
}
Also used :
BaseCredentialGenerateRequest(org.cloudfoundry.credhub.request.BaseCredentialGenerateRequest)
CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue)
ParameterizedValidationException(org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
Test(org.junit.Test)
Example 15 with CertificateCredentialValue
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CertificateAuthorityServiceTest method beforeEach.
@Before
public void beforeEach() {
certificate = new CertificateCredentialValue(null, CertificateStringConstants.SELF_SIGNED_CA_CERT, "my-key", null);
certificateCredential = mock(CertificateCredentialVersion.class);
permissionCheckingService = mock(PermissionCheckingService.class);
userContext = mock(UserContext.class);
when(userContext.getActor()).thenReturn(USER_NAME);
when(certificateCredential.getName()).thenReturn(CREDENTIAL_NAME);
when(permissionCheckingService.hasPermission(USER_NAME, CREDENTIAL_NAME, PermissionOperation.READ)).thenReturn(true);
certificateVersionDataService = mock(CertificateVersionDataService.class);
UserContextHolder userContextHolder = new UserContextHolder();
userContextHolder.setUserContext(userContext);
certificateAuthorityService = new CertificateAuthorityService(certificateVersionDataService, permissionCheckingService, userContextHolder);
}
Also used :
PermissionCheckingService(org.cloudfoundry.credhub.service.PermissionCheckingService)
CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue)
UserContext(org.cloudfoundry.credhub.auth.UserContext)
UserContextHolder(org.cloudfoundry.credhub.auth.UserContextHolder)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
Before(org.junit.Before)
Aggregations
CertificateCredentialValue (org.cloudfoundry.credhub.credential.CertificateCredentialValue)22
Test (org.junit.Test)13
CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)8
CertificateGenerationParameters (org.cloudfoundry.credhub.domain.CertificateGenerationParameters)6
CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)5
ParameterizedValidationException (org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)5
BaseCredentialGenerateRequest (org.cloudfoundry.credhub.request.BaseCredentialGenerateRequest)5
KeyPair (java.security.KeyPair)4
Before (org.junit.Before)4
X509Certificate (java.security.cert.X509Certificate)3
JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)3
UserContext (org.cloudfoundry.credhub.auth.UserContext)3
StringCredentialValue (org.cloudfoundry.credhub.credential.StringCredentialValue)3
CertificateSetRequest (org.cloudfoundry.credhub.request.CertificateSetRequest)3
ArrayList (java.util.ArrayList)2
X500Name (org.bouncycastle.asn1.x500.X500Name)2
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)2
EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)2
RsaCredentialValue (org.cloudfoundry.credhub.credential.RsaCredentialValue)2
SshCredentialValue (org.cloudfoundry.credhub.credential.SshCredentialValue)2
