Add top-level object, simplify tests

3 files changed, 41 insertions, 14 deletions

diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/tenant/OperatorCertificateSerializer.java b/configserver/src/main/java/com/yahoo/vespa/config/server/tenant/OperatorCertificateSerializer.java
index 7fe2ab5e12f..3dbdf1380f1 100644
--- a/configserver/src/main/java/com/yahoo/vespa/config/server/tenant/OperatorCertificateSerializer.java
+++ b/configserver/src/main/java/com/yahoo/vespa/config/server/tenant/OperatorCertificateSerializer.java
@@ -15,17 +15,21 @@ import java.util.stream.Collectors;
 
 public class OperatorCertificateSerializer {
 
+    private final static String certificateField = "certificates";
+
+
     public static Slime toSlime(List<X509Certificate> certificateList) {
         Slime slime = new Slime();
-        Cursor array = slime.setArray();
+        var root = slime.setObject();
+        Cursor array = root.setArray(certificateField);
         certificateList.stream()
                 .map(X509CertificateUtils::toPem)
                 .forEach(array::addString);
         return slime;
     }
 
-    public static List<X509Certificate> fromSlime(Inspector array) {
-        return SlimeUtils.entriesStream(array)
+    public static List<X509Certificate> fromSlime(Inspector object) {
+        return SlimeUtils.entriesStream(object.field(certificateField))
                 .map(Inspector::asString)
                 .map(X509CertificateUtils::fromPem)
                 .collect(Collectors.toList());
diff --git a/configserver/src/test/java/com/yahoo/vespa/config/server/session/PrepareParamsTest.java b/configserver/src/test/java/com/yahoo/vespa/config/server/session/PrepareParamsTest.java
index 06ff9f4b3f6..08794cf0b78 100644
--- a/configserver/src/test/java/com/yahoo/vespa/config/server/session/PrepareParamsTest.java
+++ b/configserver/src/test/java/com/yahoo/vespa/config/server/session/PrepareParamsTest.java
@@ -12,6 +12,7 @@ import com.yahoo.security.KeyUtils;
 import com.yahoo.security.SignatureAlgorithm;
 import com.yahoo.security.X509CertificateBuilder;
 import com.yahoo.security.X509CertificateUtils;
+import com.yahoo.security.X509CertificateWithKey;
 import com.yahoo.slime.ArrayInserter;
 import com.yahoo.slime.Cursor;
 import com.yahoo.slime.Injector;
@@ -195,19 +196,11 @@ public class PrepareParamsTest {
         Slime slime = SlimeUtils.jsonToSlime(json);
         Cursor cursor = slime.get();
         Cursor array = cursor.setArray(PrepareParams.OPERATOR_CERTIFICATES);
-
-        KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.EC, 256);
-        X500Principal subject = new X500Principal("CN=myservice");
-        X509Certificate cert =
-                X509CertificateBuilder.fromKeypair(keyPair, subject, Instant.now(),
-                                                   Instant.now().plus(1, ChronoUnit.DAYS), SignatureAlgorithm.SHA256_WITH_ECDSA,
-                                                   BigInteger.valueOf(1))
-                        .setBasicConstraints(true, true)
-                        .build();
-        array.addString(X509CertificateUtils.toPem(cert));
+        X509Certificate certificate = X509CertificateUtils.createSelfSigned("cn=myservice", Duration.ofDays(1)).certificate();
+        array.addString(X509CertificateUtils.toPem(certificate));
         PrepareParams prepareParams = PrepareParams.fromJson(SlimeUtils.toJsonBytes(slime), TenantName.from("foo"), Duration.ofSeconds(60));
         assertEquals(1, prepareParams.operatorCertificates().size());
-        assertEquals(cert, prepareParams.operatorCertificates().get(0));
+        assertEquals(certificate, prepareParams.operatorCertificates().get(0));
     }
 
     private void assertPrepareParamsEqual(PrepareParams urlParams, PrepareParams jsonParams) {
diff --git a/configserver/src/test/java/com/yahoo/vespa/config/server/tenant/OperatorCertificateSerializerTest.java b/configserver/src/test/java/com/yahoo/vespa/config/server/tenant/OperatorCertificateSerializerTest.java
new file mode 100644
index 00000000000..b77248f0840
--- /dev/null
+++ b/configserver/src/test/java/com/yahoo/vespa/config/server/tenant/OperatorCertificateSerializerTest.java
@@ -0,0 +1,30 @@
+// Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+
+package com.yahoo.vespa.config.server.tenant;
+
+import com.yahoo.security.X509CertificateUtils;
+import com.yahoo.security.X509CertificateWithKey;
+import com.yahoo.slime.Slime;
+import com.yahoo.slime.SlimeUtils;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.security.cert.X509Certificate;
+import java.time.Duration;
+import java.util.List;
+
+import static org.junit.Assert.assertEquals;
+
+public class OperatorCertificateSerializerTest {
+
+    @Test
+    public void testSerialization() {
+        X509Certificate certificate = X509CertificateUtils.createSelfSigned("cn=mycn", Duration.ofDays(1)).certificate();
+        Slime slime = OperatorCertificateSerializer.toSlime(List.of(certificate));
+        List<X509Certificate> deserialized = OperatorCertificateSerializer.fromSlime(slime.get());
+        assertEquals(1, deserialized.size());
+        assertEquals(certificate, deserialized.get(0));
+    }
+}