Examples with CertificateGenerationParameters org.cloudfoundry.credhub.domain.CertificateGenerationParameters used on opensource projects

Search in sources :

Example 6 with CertificateGenerationParameters

use of org.cloudfoundry.credhub.domain.CertificateGenerationParameters in project credhub by cloudfoundry-incubator.

the class CertificateGeneratorTest method whenTheCADoesNotHaveAPrivateKey_itThrowsAnException.

@Test
public void whenTheCADoesNotHaveAPrivateKey_itThrowsAnException() throws Exception {
    CertificateGenerationRequestParameters parameters = new CertificateGenerationRequestParameters();
    parameters.setCaName("/ca-without-private-key");
    parameters.setKeyLength(2048);
    parameters.setSelfSigned(false);
    CertificateCredentialValue caWithoutPrivateKey = mock(CertificateCredentialValue.class);
    when(certificateAuthorityService.findActiveVersion("/ca-without-private-key")).thenReturn(caWithoutPrivateKey);
    when(caWithoutPrivateKey.getPrivateKey()).thenReturn(null);
    when(keyGenerator.generateKeyPair(anyInt())).thenReturn(rootCaKeyPair);
    try {
        subject.generateCredential(new CertificateGenerationParameters(parameters));
        fail("Should throw exception");
    } catch (ParameterizedValidationException e) {
        assertThat(e.getMessage(), equalTo("error.ca_missing_private_key"));
    }
}
Also used : CertificateGenerationParameters(org.cloudfoundry.credhub.domain.CertificateGenerationParameters) CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) CertificateGenerationRequestParameters(org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters) ParameterizedValidationException(org.cloudfoundry.credhub.exceptions.ParameterizedValidationException) Test(org.junit.Test)

Example 7 with CertificateGenerationParameters

use of org.cloudfoundry.credhub.domain.CertificateGenerationParameters in project credhub by cloudfoundry-incubator.

the class CertificateGeneratorTest method beforeEach.

@Before
public void beforeEach() throws Exception {
    TestHelper.getBouncyCastleProvider();
    keyGenerator = mock(LibcryptoRsaKeyPairGenerator.class);
    signedCertificateGenerator = mock(SignedCertificateGenerator.class);
    certificateAuthorityService = mock(CertificateAuthorityService.class);
    permissionCheckingService = mock(PermissionCheckingService.class);
    userContext = mock(UserContext.class);
    subject = new CertificateGenerator(keyGenerator, signedCertificateGenerator, certificateAuthorityService);
    when(permissionCheckingService.hasPermission(anyString(), anyString(), any())).thenReturn(true);
    fakeKeyPairGenerator = new FakeKeyPairGenerator();
    rootCaDn = new X500Name("O=foo,ST=bar,C=root");
    signeeDn = new X500Name("O=foo,ST=bar,C=mars");
    rootCaKeyPair = fakeKeyPairGenerator.generate();
    X509CertificateHolder caX509CertHolder = makeCert(rootCaKeyPair, rootCaKeyPair.getPrivate(), rootCaDn, rootCaDn, true);
    rootCaX509Certificate = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(caX509CertHolder);
    rootCa = new CertificateCredentialValue(null, CertificateFormatter.pemOf(rootCaX509Certificate), CertificateFormatter.pemOf(rootCaKeyPair.getPrivate()), null);
    generationParameters = new CertificateGenerationRequestParameters();
    generationParameters.setOrganization("foo");
    generationParameters.setState("bar");
    generationParameters.setCaName("my-ca-name");
    generationParameters.setCountry("mars");
    generationParameters.setDuration(365);
    inputParameters = new CertificateGenerationParameters(generationParameters);
}
Also used : UserContext(org.cloudfoundry.credhub.auth.UserContext) CertificateAuthorityService(org.cloudfoundry.credhub.data.CertificateAuthorityService) X500Name(org.bouncycastle.asn1.x500.X500Name) CertificateGenerationRequestParameters(org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters) PermissionCheckingService(org.cloudfoundry.credhub.service.PermissionCheckingService) CertificateGenerationParameters(org.cloudfoundry.credhub.domain.CertificateGenerationParameters) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) Before(org.junit.Before)

Example 8 with CertificateGenerationParameters

use of org.cloudfoundry.credhub.domain.CertificateGenerationParameters in project credhub by cloudfoundry-incubator.

the class CertificateGeneratorTest method whenCAExists_andItIsARootCA_aValidChildCertificateIsGeneratedWithTheProvidedKeyLength.

@Test
public void whenCAExists_andItIsARootCA_aValidChildCertificateIsGeneratedWithTheProvidedKeyLength() throws Exception {
    final KeyPair childCertificateKeyPair = setupKeyPair();
    setupMocksForRootCA(childCertificateKeyPair);
    generationParameters.setKeyLength(4096);
    CertificateGenerationParameters params = new CertificateGenerationParameters(generationParameters);
    when(signedCertificateGenerator.getSignedByIssuer(childCertificateKeyPair, params, rootCaX509Certificate, rootCaKeyPair.getPrivate())).thenReturn(childX509Certificate);
    CertificateCredentialValue certificate = subject.generateCredential(params);
    assertThat(certificate, notNullValue());
    verify(keyGenerator, times(1)).generateKeyPair(4096);
}
Also used : KeyPair(java.security.KeyPair) CertificateGenerationParameters(org.cloudfoundry.credhub.domain.CertificateGenerationParameters) CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) Test(org.junit.Test)

Example 9 with CertificateGenerationParameters

use of org.cloudfoundry.credhub.domain.CertificateGenerationParameters in project credhub by cloudfoundry-incubator.

the class CertificateGeneratorTest method whenSelfSignIsTrue_itGeneratesAValidSelfSignedCertificate.

@Test
public void whenSelfSignIsTrue_itGeneratesAValidSelfSignedCertificate() throws Exception {
    final X509Certificate certificate = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(generateX509SelfSignedCert());
    generationParameters.setCaName(null);
    generationParameters.setSelfSigned(true);
    inputParameters = new CertificateGenerationParameters(generationParameters);
    when(keyGenerator.generateKeyPair(anyInt())).thenReturn(rootCaKeyPair);
    when(signedCertificateGenerator.getSelfSigned(rootCaKeyPair, inputParameters)).thenReturn(certificate);
    CertificateCredentialValue certificateCredential = subject.generateCredential(inputParameters);
    assertThat(certificateCredential.getPrivateKey(), equalTo(CertificateFormatter.pemOf(rootCaKeyPair.getPrivate())));
    assertThat(certificateCredential.getCertificate(), equalTo(CertificateFormatter.pemOf(certificate)));
    assertThat(certificateCredential.getCa(), equalTo(CertificateFormatter.pemOf(certificate)));
    verify(signedCertificateGenerator, times(1)).getSelfSigned(rootCaKeyPair, inputParameters);
}
Also used : CertificateGenerationParameters(org.cloudfoundry.credhub.domain.CertificateGenerationParameters) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) X509Certificate(java.security.cert.X509Certificate) Test(org.junit.Test)

Aggregations

CertificateGenerationParameters (org.cloudfoundry.credhub.domain.CertificateGenerationParameters)9 CertificateCredentialValue (org.cloudfoundry.credhub.credential.CertificateCredentialValue)5 Test (org.junit.Test)5 CertificateGenerateRequest (org.cloudfoundry.credhub.request.CertificateGenerateRequest)4 CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)3 CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)3 ParameterizedValidationException (org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)3 KeyPair (java.security.KeyPair)2 X509Certificate (java.security.cert.X509Certificate)2 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)2 PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)2 CertificateGenerationRequestParameters (org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters)2 X500Name (org.bouncycastle.asn1.x500.X500Name)1 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)1 EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)1 UserContext (org.cloudfoundry.credhub.auth.UserContext)1 CredentialValue (org.cloudfoundry.credhub.credential.CredentialValue)1 CertificateAuthorityService (org.cloudfoundry.credhub.data.CertificateAuthorityService)1 PermissionCheckingService (org.cloudfoundry.credhub.service.PermissionCheckingService)1 CertificateReader (org.cloudfoundry.credhub.util.CertificateReader)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial