Removed some unnecessary imports. Fixed bugs in tests where Java path handlers don't properly deal with platform differences (e.g. /C:/ path). Fixed bugs in certificate and other generators because bouncy castle doesn't properly handle whitespace per RFC7468. Fixed typos in comments. Set default signature algorithm to SHA256.

Author: jbrown123

src/main/java/com/venafi/vcert/sdk/Config.java

@@ -9,10 +9,8 @@
 
 import java.io.IOException;
 import java.nio.file.Path;
-import java.util.Arrays;
 import java.util.List;
 import java.util.Objects;
-import java.util.Set;
 
 import static java.util.Arrays.asList;
 

src/main/java/com/venafi/vcert/sdk/connectors/ServerPolicy.java

@@ -145,6 +145,7 @@ public Policy toPolicy() {
     public ZoneConfiguration toZoneConfig() {
         return new ZoneConfiguration()
                 .customAttributeValues(new HashMap<>())
+                .hashAlgorithm(SignatureAlgorithm.SHA256WithRSA)
                 .country(subject.country().value())
                 .organization(subject.organization().value())
                 .organizationalUnit(subject.organizationalUnit().values())

src/main/java/com/venafi/vcert/sdk/connectors/tpp/ZoneConfiguration.java

@@ -33,7 +33,7 @@ public class ZoneConfiguration {
 
 
     /**
-     * UpdateCertificateRequest updates a certificate request based on the zone configurataion retrieved from the remote endpoint
+     * UpdateCertificateRequest updates a certificate request based on the zone configuration retrieved from the remote endpoint
      * @return
      */
     public void updateCertificateRequest(CertificateRequest request) {

src/test/java/com/venafi/vcert/sdk/TestUtils.java

@@ -70,6 +70,7 @@ public static byte[] getCertificateAsBytes(X509Certificate certificate) throws I
         outputStream.write("-----BEGIN CERTIFICATE-----".getBytes());
         outputStream.write(System.lineSeparator().getBytes());
         outputStream.write(Base64.getEncoder().encode(certificate.getEncoded()));
+        outputStream.write(System.lineSeparator().getBytes());
         outputStream.write("-----END CERTIFICATE-----".getBytes());
         return outputStream.toByteArray();
     }

src/test/java/com/venafi/vcert/sdk/certificate/CertificateRequestTest.java

@@ -2,13 +2,7 @@
 
 import com.venafi.vcert.sdk.SignatureAlgorithm;
 import com.venafi.vcert.sdk.VCertException;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.openssl.PEMParser;
-import org.bouncycastle.pkcs.PKCS10CertificationRequest;
-import org.junit.jupiter.api.Test;
 
-import java.io.IOException;
-import java.io.StringReader;
 import java.net.*;
 import java.security.KeyPair;
 import java.security.Security;
@@ -29,7 +23,6 @@
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.StringReader;
-import java.net.*;
 import java.nio.file.Files;
 import java.nio.file.Paths;
 import java.security.*;
@@ -175,13 +168,19 @@ private static CertificateRequest createCertSigningRequestFor(PKCS10Certificatio
         outputStream.write("-----BEGIN CERTIFICATE REQUEST-----".getBytes());
         outputStream.write(System.lineSeparator().getBytes());
         outputStream.write(Base64.getEncoder().encode(certSigningReq.getEncoded()));
+        outputStream.write(System.lineSeparator().getBytes());
         outputStream.write("-----END CERTIFICATE REQUEST-----".getBytes());
         return new CertificateRequest().csr(outputStream.toByteArray());
     }
 
     private static KeyPair loadKeyPairFromFile(String name) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
         ClassLoader classLoader = CertificateRequestTest.class.getClassLoader();
-        String body = new String(Files.readAllBytes(Paths.get(classLoader.getResource("certificates/" + name).getPath())));
+        String path = classLoader.getResource("certificates/" + name).getPath();
+        // windows platform: if it starts with /C: then remove the leading slash
+        if (path.charAt(0) == '/' && path.charAt(2) == ':') {
+            path = path.substring(1);
+        }
+        String body = new String(Files.readAllBytes( Paths.get(path).toAbsolutePath() ));
         PEMParser pemParser = new PEMParser(new StringReader(body));
         JcaPEMKeyConverter keyConverter = new JcaPEMKeyConverter();
         Object object = pemParser.readObject();
@@ -195,7 +194,12 @@ private static KeyPair loadKeyPairFromFile(String name) throws IOException, NoSu
 
     private static Certificate loadCertificateFromFile(String name) throws IOException, CertificateException {
         ClassLoader classLoader = CertificateRequestTest.class.getClassLoader();
-        String body = new String(Files.readAllBytes(Paths.get(classLoader.getResource("certificates/" + name).getPath())));
+        String path = classLoader.getResource("certificates/" + name).getPath();
+        // windows platform: if it starts with /C: then remove the leading slash
+        if (path.charAt(0) == '/' && path.charAt(2) == ':') {
+            path = path.substring(1);
+        }
+        String body = new String(Files.readAllBytes( Paths.get(path).toAbsolutePath() ));
         PEMParser pemParser = new PEMParser(new StringReader(body));
         JcaX509CertificateConverter certificateConverter = new JcaX509CertificateConverter();
         Object object = pemParser.readObject();
@@ -204,7 +208,12 @@ private static Certificate loadCertificateFromFile(String name) throws IOExcepti
 
     private static PKCS10CertificationRequest loadCertificateSigningRequestFromFile(String name) throws IOException {
         ClassLoader classLoader = CertificateRequestTest.class.getClassLoader();
-        String body = new String(Files.readAllBytes(Paths.get(classLoader.getResource("certificates/" + name).getPath())));
+        String path = classLoader.getResource("certificates/" + name).getPath();
+        // windows platform: if it starts with /C: then remove the leading slash
+        if (path.charAt(0) == '/' && path.charAt(2) == ':') {
+            path = path.substring(1);
+        }
+        String body = new String(Files.readAllBytes( Paths.get(path).toAbsolutePath() ));
         StringReader reader = new StringReader(body);
         try(PEMParser pemParser = new PEMParser(reader)) {
             return (PKCS10CertificationRequest) pemParser.readObject();

src/test/java/com/venafi/vcert/sdk/certificate/PEMCollectionTest.java

@@ -14,7 +14,12 @@ class PEMCollectionTest {
     @Test
     void fromResponse() throws VCertException, IOException {
         ClassLoader classLoader = getClass().getClassLoader();
-        String body = new String(Files.readAllBytes(Paths.get(classLoader.getResource("certificates/certWithKey.pem").getPath())));
+        String path = classLoader.getResource("certificates/certWithKey.pem").getPath();
+        // windows platform: if it starts with /C: then remove the leading slash
+        if (path.charAt(0) == '/' && path.charAt(2) == ':') {
+            path = path.substring(1);
+        }
+        String body = new String(Files.readAllBytes( Paths.get(path).toAbsolutePath() ));
         PEMCollection pemCollection = PEMCollection.fromResponse(body, ChainOption.ChainOptionIgnore);
         assertThat(pemCollection.certificate()).isNotNull();
         assertThat(pemCollection.chain()).hasSize(0);

src/test/java/com/venafi/vcert/sdk/connectors/tpp/TppConnectorIT.java

@@ -10,7 +10,7 @@
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 
-import static com.venafi.vcert.sdk.SignatureAlgorithm.MD2withRSA;
+import static com.venafi.vcert.sdk.SignatureAlgorithm.*;
 import static com.venafi.vcert.sdk.certificate.EllipticCurve.*;
 import static com.venafi.vcert.sdk.certificate.KeyType.ECDSA;
 import static com.venafi.vcert.sdk.certificate.KeyType.RSA;
@@ -80,7 +80,7 @@ void readZoneConfiguration() throws VCertException {
         assertThat(zoneConfiguration.policy().upnSanRegExs()).containsExactly(".*");
         assertThat(zoneConfiguration.policy().allowWildcards()).isTrue();
         assertThat(zoneConfiguration.policy().allowKeyReuse()).isFalse();
-        assertThat(zoneConfiguration.hashAlgorithm()).isEqualTo(MD2withRSA);
+        assertThat(zoneConfiguration.hashAlgorithm()).isEqualTo(SHA256WithRSA);
         assertThat(zoneConfiguration.customAttributeValues()).isNotNull();
         assertThat(zoneConfiguration.customAttributeValues()).isEmpty();
     }