Example 16 with CertificateCredentialValue
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CertificatesHandlerTest method handleRegenerate_passesOnTransitionalFlagWhenRegeneratingCertificate.
@Test
public void handleRegenerate_passesOnTransitionalFlagWhenRegeneratingCertificate() {
BaseCredentialGenerateRequest generateRequest = mock(BaseCredentialGenerateRequest.class);
CertificateCredentialVersion certificate = mock(CertificateCredentialVersion.class);
CertificateCredentialValue newValue = mock(CertificateCredentialValue.class);
when(certificate.getName()).thenReturn("test");
when(certificateService.findByCredentialUuid(eq(UUID_STRING), any())).thenReturn(certificate);
when(generationRequestGenerator.createGenerateRequest(eq(certificate), eq("test"), any())).thenReturn(generateRequest);
when(universalCredentialGenerator.generate(eq(generateRequest))).thenReturn(newValue);
when(permissionedCertificateService.save(eq(certificate), any(), any(), any())).thenReturn(mock(CertificateCredentialVersion.class));
CertificateRegenerateRequest regenerateRequest = new CertificateRegenerateRequest(true);
subject.handleRegenerate(UUID_STRING, Collections.emptyList(), regenerateRequest);
verify(newValue).setTransitional(true);
}
Also used :
CertificateRegenerateRequest(org.cloudfoundry.credhub.request.CertificateRegenerateRequest)
BaseCredentialGenerateRequest(org.cloudfoundry.credhub.request.BaseCredentialGenerateRequest)
CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
Test(org.junit.Test)
Example 17 with CertificateCredentialValue
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class SetHandlerTest method handleSetRequest_withACertificateSetRequest_andNoCaName_usesCorrectParameters.
@Test
public void handleSetRequest_withACertificateSetRequest_andNoCaName_usesCorrectParameters() {
CertificateSetRequest setRequest = new CertificateSetRequest();
final CertificateCredentialValue certificateValue = new CertificateCredentialValue(null, "Picard", "Enterprise", null);
final ArrayList<EventAuditRecordParameters> eventAuditRecordParameters = new ArrayList<>();
setRequest.setType("certificate");
setRequest.setName("/captain");
setRequest.setAdditionalPermissions(accessControlEntries);
setRequest.setOverwrite(false);
setRequest.setCertificateValue(certificateValue);
subject.handle(setRequest, eventAuditRecordParameters);
verify(credentialService).save(null, certificateValue, setRequest, eventAuditRecordParameters);
verify(permissionService).savePermissions(credentialVersion, accessControlEntries, eventAuditRecordParameters, true, "/captain");
}
Also used :
CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue)
ArrayList(java.util.ArrayList)
CertificateSetRequest(org.cloudfoundry.credhub.request.CertificateSetRequest)
EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters)
Test(org.junit.Test)
Example 18 with CertificateCredentialValue
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CredentialFactoryTest method makeCredentialFromRequest_givenCertificateType_andNoExisting_returnsCertificateCredential.
@Test
public void makeCredentialFromRequest_givenCertificateType_andNoExisting_returnsCertificateCredential() throws Exception {
CertificateCredentialValue certificateValue = new CertificateCredentialValue("ca-certificate", "certificate", PLAINTEXT_VALUE, "my-ca");
CertificateCredentialVersion credential = (CertificateCredentialVersion) subject.makeNewCredentialVersion(CredentialType.valueOf("certificate"), CREDENTIAL_NAME, certificateValue, null, null);
MatcherAssert.assertThat(credential.getCredential().getName(), equalTo(CREDENTIAL_NAME));
assertThat(credential.getCa(), equalTo("ca-certificate"));
assertThat(credential.getCertificate(), equalTo("certificate"));
assertThat(credential.getPrivateKey(), equalTo(PLAINTEXT_VALUE));
assertThat(credential.getCaName(), equalTo("/my-ca"));
}
Also used :
CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue)
Test(org.junit.Test)
Example 19 with CertificateCredentialValue
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CertificateGeneratorTest method whenCAExists_andItIsARootCA_aValidChildCertificateIsGeneratedWithTheProvidedKeyLength.
@Test
public void whenCAExists_andItIsARootCA_aValidChildCertificateIsGeneratedWithTheProvidedKeyLength() throws Exception {
final KeyPair childCertificateKeyPair = setupKeyPair();
setupMocksForRootCA(childCertificateKeyPair);
generationParameters.setKeyLength(4096);
CertificateGenerationParameters params = new CertificateGenerationParameters(generationParameters);
when(signedCertificateGenerator.getSignedByIssuer(childCertificateKeyPair, params, rootCaX509Certificate, rootCaKeyPair.getPrivate())).thenReturn(childX509Certificate);
CertificateCredentialValue certificate = subject.generateCredential(params);
assertThat(certificate, notNullValue());
verify(keyGenerator, times(1)).generateKeyPair(4096);
}
Also used :
KeyPair(java.security.KeyPair)
CertificateGenerationParameters(org.cloudfoundry.credhub.domain.CertificateGenerationParameters)
CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue)
Test(org.junit.Test)
Example 20 with CertificateCredentialValue
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CertificateGeneratorTest method whenSelfSignIsTrue_itGeneratesAValidSelfSignedCertificate.
@Test
public void whenSelfSignIsTrue_itGeneratesAValidSelfSignedCertificate() throws Exception {
final X509Certificate certificate = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(generateX509SelfSignedCert());
generationParameters.setCaName(null);
generationParameters.setSelfSigned(true);
inputParameters = new CertificateGenerationParameters(generationParameters);
when(keyGenerator.generateKeyPair(anyInt())).thenReturn(rootCaKeyPair);
when(signedCertificateGenerator.getSelfSigned(rootCaKeyPair, inputParameters)).thenReturn(certificate);
CertificateCredentialValue certificateCredential = subject.generateCredential(inputParameters);
assertThat(certificateCredential.getPrivateKey(), equalTo(CertificateFormatter.pemOf(rootCaKeyPair.getPrivate())));
assertThat(certificateCredential.getCertificate(), equalTo(CertificateFormatter.pemOf(certificate)));
assertThat(certificateCredential.getCa(), equalTo(CertificateFormatter.pemOf(certificate)));
verify(signedCertificateGenerator, times(1)).getSelfSigned(rootCaKeyPair, inputParameters);
}
Also used :
CertificateGenerationParameters(org.cloudfoundry.credhub.domain.CertificateGenerationParameters)
JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)
CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue)
X509Certificate(java.security.cert.X509Certificate)
Test(org.junit.Test)
Aggregations
CertificateCredentialValue (org.cloudfoundry.credhub.credential.CertificateCredentialValue)22
Test (org.junit.Test)13
CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)8
CertificateGenerationParameters (org.cloudfoundry.credhub.domain.CertificateGenerationParameters)6
CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)5
ParameterizedValidationException (org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)5
BaseCredentialGenerateRequest (org.cloudfoundry.credhub.request.BaseCredentialGenerateRequest)5
KeyPair (java.security.KeyPair)4
Before (org.junit.Before)4
X509Certificate (java.security.cert.X509Certificate)3
JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)3
UserContext (org.cloudfoundry.credhub.auth.UserContext)3
StringCredentialValue (org.cloudfoundry.credhub.credential.StringCredentialValue)3
CertificateSetRequest (org.cloudfoundry.credhub.request.CertificateSetRequest)3
ArrayList (java.util.ArrayList)2
X500Name (org.bouncycastle.asn1.x500.X500Name)2
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)2
EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)2
RsaCredentialValue (org.cloudfoundry.credhub.credential.RsaCredentialValue)2
SshCredentialValue (org.cloudfoundry.credhub.credential.SshCredentialValue)2
