Search in sources :

Example 1 with CertificateGenerationRequestParameters

use of org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters in project credhub by cloudfoundry-incubator.

the class CertificateGenerationParametersTest method equals_returnsTrueWhenExtendedKeyUsagesAreIdentical.

@Test
public void equals_returnsTrueWhenExtendedKeyUsagesAreIdentical() throws Exception {
    final CertificateGenerationRequestParameters requestParameters1 = new CertificateGenerationRequestParameters();
    final String[] keyUsages1 = new String[] { "server_auth", "client_auth", "code_signing", "email_protection", "timestamping" };
    final String[] keyUsages2 = new String[] { "server_auth", "client_auth", "code_signing", "email_protection", "timestamping" };
    requestParameters1.setExtendedKeyUsage(keyUsages1);
    requestParameters1.setCommonName("a-common-name");
    final CertificateGenerationRequestParameters requestParameters2 = new CertificateGenerationRequestParameters();
    requestParameters2.setExtendedKeyUsage(keyUsages2);
    requestParameters2.setCommonName("a-common-name");
    final CertificateGenerationParameters parameters1 = new CertificateGenerationParameters(requestParameters1);
    final CertificateGenerationParameters parameters2 = new CertificateGenerationParameters(requestParameters2);
    assertThat(parameters1.equals(parameters2), equalTo(true));
}
Also used : CertificateGenerationRequestParameters(org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters) Test(org.junit.Test)

Example 2 with CertificateGenerationRequestParameters

use of org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters in project credhub by cloudfoundry-incubator.

the class CertificateGenerationParametersTest method equals_returnsFalseWhenExtendedKeyUsagesAreDifferent.

@Test
public void equals_returnsFalseWhenExtendedKeyUsagesAreDifferent() throws Exception {
    final CertificateGenerationRequestParameters requestParameters1 = new CertificateGenerationRequestParameters();
    final String[] keyUsages1 = new String[] { "server_auth", "client_auth", "code_signing", "email_protection", "timestamping" };
    final String[] keyUsages2 = new String[] { "server_auth", "client_auth", "code_signing", "email_protection" };
    requestParameters1.setExtendedKeyUsage(keyUsages1);
    requestParameters1.setCommonName("a-common-name");
    final CertificateGenerationRequestParameters requestParameters2 = new CertificateGenerationRequestParameters();
    requestParameters2.setExtendedKeyUsage(keyUsages2);
    requestParameters2.setCommonName("a-common-name");
    final CertificateGenerationParameters parameters1 = new CertificateGenerationParameters(requestParameters1);
    final CertificateGenerationParameters parameters2 = new CertificateGenerationParameters(requestParameters2);
    assertThat(parameters1.equals(parameters2), equalTo(false));
}
Also used : CertificateGenerationRequestParameters(org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters) Test(org.junit.Test)

Example 3 with CertificateGenerationRequestParameters

use of org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters in project credhub by cloudfoundry-incubator.

the class CertificateGeneratorTest method whenTheCADoesNotHaveAPrivateKey_itThrowsAnException.

@Test
public void whenTheCADoesNotHaveAPrivateKey_itThrowsAnException() throws Exception {
    CertificateGenerationRequestParameters parameters = new CertificateGenerationRequestParameters();
    parameters.setCaName("/ca-without-private-key");
    parameters.setKeyLength(2048);
    parameters.setSelfSigned(false);
    CertificateCredentialValue caWithoutPrivateKey = mock(CertificateCredentialValue.class);
    when(certificateAuthorityService.findActiveVersion("/ca-without-private-key")).thenReturn(caWithoutPrivateKey);
    when(caWithoutPrivateKey.getPrivateKey()).thenReturn(null);
    when(keyGenerator.generateKeyPair(anyInt())).thenReturn(rootCaKeyPair);
    try {
        subject.generateCredential(new CertificateGenerationParameters(parameters));
        fail("Should throw exception");
    } catch (ParameterizedValidationException e) {
        assertThat(e.getMessage(), equalTo("error.ca_missing_private_key"));
    }
}
Also used : CertificateGenerationParameters(org.cloudfoundry.credhub.domain.CertificateGenerationParameters) CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) CertificateGenerationRequestParameters(org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters) ParameterizedValidationException(org.cloudfoundry.credhub.exceptions.ParameterizedValidationException) Test(org.junit.Test)

Example 4 with CertificateGenerationRequestParameters

use of org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters in project credhub by cloudfoundry-incubator.

the class CertificateGeneratorTest method beforeEach.

@Before
public void beforeEach() throws Exception {
    TestHelper.getBouncyCastleProvider();
    keyGenerator = mock(LibcryptoRsaKeyPairGenerator.class);
    signedCertificateGenerator = mock(SignedCertificateGenerator.class);
    certificateAuthorityService = mock(CertificateAuthorityService.class);
    permissionCheckingService = mock(PermissionCheckingService.class);
    userContext = mock(UserContext.class);
    subject = new CertificateGenerator(keyGenerator, signedCertificateGenerator, certificateAuthorityService);
    when(permissionCheckingService.hasPermission(anyString(), anyString(), any())).thenReturn(true);
    fakeKeyPairGenerator = new FakeKeyPairGenerator();
    rootCaDn = new X500Name("O=foo,ST=bar,C=root");
    signeeDn = new X500Name("O=foo,ST=bar,C=mars");
    rootCaKeyPair = fakeKeyPairGenerator.generate();
    X509CertificateHolder caX509CertHolder = makeCert(rootCaKeyPair, rootCaKeyPair.getPrivate(), rootCaDn, rootCaDn, true);
    rootCaX509Certificate = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(caX509CertHolder);
    rootCa = new CertificateCredentialValue(null, CertificateFormatter.pemOf(rootCaX509Certificate), CertificateFormatter.pemOf(rootCaKeyPair.getPrivate()), null);
    generationParameters = new CertificateGenerationRequestParameters();
    generationParameters.setOrganization("foo");
    generationParameters.setState("bar");
    generationParameters.setCaName("my-ca-name");
    generationParameters.setCountry("mars");
    generationParameters.setDuration(365);
    inputParameters = new CertificateGenerationParameters(generationParameters);
}
Also used : UserContext(org.cloudfoundry.credhub.auth.UserContext) CertificateAuthorityService(org.cloudfoundry.credhub.data.CertificateAuthorityService) X500Name(org.bouncycastle.asn1.x500.X500Name) CertificateGenerationRequestParameters(org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters) PermissionCheckingService(org.cloudfoundry.credhub.service.PermissionCheckingService) CertificateGenerationParameters(org.cloudfoundry.credhub.domain.CertificateGenerationParameters) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) Before(org.junit.Before)

Example 5 with CertificateGenerationRequestParameters

use of org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters in project credhub by cloudfoundry-incubator.

the class CertificateGenerationParametersTest method equals_returnsTrueWhenKeyUsagesAreIdentical.

@Test
public void equals_returnsTrueWhenKeyUsagesAreIdentical() throws Exception {
    final CertificateGenerationRequestParameters requestParameters1 = new CertificateGenerationRequestParameters();
    final String[] keyUsages1 = new String[] { "data_encipherment", "digital_signature", "non_repudiation", "key_encipherment" };
    final String[] keyUsages2 = new String[] { "digital_signature", "non_repudiation", "key_encipherment", "data_encipherment" };
    requestParameters1.setKeyUsage(keyUsages1);
    requestParameters1.setCommonName("a-common-name");
    final CertificateGenerationRequestParameters requestParameters2 = new CertificateGenerationRequestParameters();
    requestParameters2.setKeyUsage(keyUsages2);
    requestParameters2.setCommonName("a-common-name");
    final CertificateGenerationParameters parameters1 = new CertificateGenerationParameters(requestParameters1);
    final CertificateGenerationParameters parameters2 = new CertificateGenerationParameters(requestParameters2);
    assertThat(parameters1.equals(parameters2), equalTo(true));
}
Also used : CertificateGenerationRequestParameters(org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters) Test(org.junit.Test)

Aggregations

CertificateGenerationRequestParameters (org.cloudfoundry.credhub.request.CertificateGenerationRequestParameters)7 Test (org.junit.Test)6 CertificateCredentialValue (org.cloudfoundry.credhub.credential.CertificateCredentialValue)2 CertificateGenerationParameters (org.cloudfoundry.credhub.domain.CertificateGenerationParameters)2 X500Name (org.bouncycastle.asn1.x500.X500Name)1 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)1 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)1 UserContext (org.cloudfoundry.credhub.auth.UserContext)1 CertificateAuthorityService (org.cloudfoundry.credhub.data.CertificateAuthorityService)1 ParameterizedValidationException (org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)1 PermissionCheckingService (org.cloudfoundry.credhub.service.PermissionCheckingService)1 Before (org.junit.Before)1