-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #7 from relxd/create-javakeystore-for-mutual-tls-a…
…uth-certificate Tests for certificate generation and javaKeyStoreService
- Loading branch information
Showing
10 changed files
with
427 additions
and
89 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -19,3 +19,7 @@ hs_err_pid* | |
target | ||
.gradle | ||
build | ||
|
||
*.idea | ||
.idea** | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
21 changes: 0 additions & 21 deletions
21
src/main/java/org/relxd/lxd/auth/javakeystore/JavaKeyStoreService.java
This file was deleted.
Oops, something went wrong.
68 changes: 0 additions & 68 deletions
68
src/main/java/org/relxd/lxd/auth/javakeystore/JavaKeyStoreServiceImpl.java
This file was deleted.
Oops, something went wrong.
20 changes: 20 additions & 0 deletions
20
src/main/java/org/relxd/lxd/auth/javakeystore/service/JavaKeyStoreService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
package org.relxd.lxd.auth.javakeystore.service; | ||
|
||
import java.io.IOException; | ||
import java.security.KeyPair; | ||
import java.security.KeyStore; | ||
import java.security.KeyStoreException; | ||
import java.security.cert.Certificate; | ||
|
||
public interface JavaKeyStoreService { | ||
|
||
void exportKeyPairToKeystoreFile(KeyPair keyPair, Certificate certificate, String alias, String fileName, String storeType, String storePass) throws Exception; | ||
|
||
Certificate[] loadCertificateFromKeyStore(String alias, String filePath, String password); | ||
|
||
void deleteKeyStore(String keystorePath) throws IOException; | ||
|
||
void removeAllKeyStoreElements(KeyStore keyStore) throws KeyStoreException; | ||
|
||
void removeKeyStoreElement(KeyStore keyStore, String secretKey) throws KeyStoreException; | ||
} |
96 changes: 96 additions & 0 deletions
96
src/main/java/org/relxd/lxd/auth/javakeystore/service/JavaKeyStoreServiceImpl.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,96 @@ | ||
package org.relxd.lxd.auth.javakeystore.service; | ||
|
||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
|
||
import java.io.*; | ||
import java.nio.file.Files; | ||
import java.nio.file.Paths; | ||
import java.security.KeyPair; | ||
import java.security.KeyStore; | ||
import java.security.KeyStoreException; | ||
import java.security.cert.Certificate; | ||
import java.util.Enumeration; | ||
|
||
public class JavaKeyStoreServiceImpl implements JavaKeyStoreService{ | ||
|
||
private static final String BC_PROVIDER = "BC"; | ||
|
||
Logger logger = LoggerFactory.getLogger(JavaKeyStoreService.class); | ||
|
||
public void exportKeyPairToKeystoreFile(KeyPair keyPair, Certificate certificate, String alias, String fileName, String storeType, String storePass) throws Exception { | ||
KeyStore sslKeyStore = KeyStore.getInstance(storeType, BC_PROVIDER); | ||
File file = new File(fileName); | ||
if (!file.exists()) { | ||
sslKeyStore.load(null, null); | ||
}else { | ||
InputStream readCert = new FileInputStream(file); | ||
try { | ||
sslKeyStore.load(readCert, storePass.toCharArray()); | ||
} finally { | ||
readCert.close(); | ||
} | ||
} | ||
|
||
if (sslKeyStore.containsAlias(alias)){ | ||
throw new Exception("The keystore already contains alias :" + alias + ", try another one"); | ||
} | ||
|
||
sslKeyStore.setKeyEntry(alias, keyPair.getPrivate(),null, new Certificate[]{certificate}); | ||
FileOutputStream keyStoreOs = new FileOutputStream(fileName); | ||
sslKeyStore.store(keyStoreOs, storePass.toCharArray()); | ||
} | ||
|
||
public Certificate[] loadCertificateFromKeyStore(String alias, String filePath, String password){ | ||
|
||
try{ | ||
File file = new File(filePath); | ||
if (!file.exists()) { | ||
throw new Exception("Keystore does not exist at path :"+ filePath); | ||
} | ||
|
||
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); | ||
|
||
|
||
InputStream readStream = new FileInputStream(filePath); | ||
|
||
try{ | ||
keyStore.load(readStream, password.toCharArray()); | ||
}finally { | ||
readStream.close(); | ||
} | ||
final Certificate[] certificateChain = keyStore.getCertificateChain(alias); | ||
if (null == certificateChain) { | ||
throw new Exception("There is no X.509 certificate chain under alias " + alias); | ||
}else { | ||
logger.info("FOUND CERTIFICATES ::>> {}", certificateChain.length); | ||
return certificateChain; | ||
} | ||
|
||
}catch (Exception ex){ | ||
ex.printStackTrace(); | ||
} | ||
|
||
return null; | ||
} | ||
|
||
public void deleteKeyStore(String keystorePath) throws IOException{ | ||
|
||
Files.delete(Paths.get(keystorePath)); | ||
|
||
} | ||
|
||
public void removeAllKeyStoreElements(KeyStore keyStore) throws KeyStoreException { | ||
|
||
Enumeration<String> aliases = keyStore.aliases(); | ||
while (aliases.hasMoreElements()) { | ||
String alias = aliases.nextElement(); | ||
keyStore.deleteEntry(alias); | ||
} | ||
} | ||
|
||
public void removeKeyStoreElement(KeyStore keyStore, String secretKey) throws KeyStoreException{ | ||
keyStore.deleteEntry(secretKey); | ||
} | ||
|
||
} |
35 changes: 35 additions & 0 deletions
35
src/main/java/org/relxd/lxd/auth/javakeystore/x509certificate/X509CertificateAndKeyPair.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
package org.relxd.lxd.auth.javakeystore.x509certificate; | ||
|
||
import java.security.KeyPair; | ||
import java.security.cert.X509Certificate; | ||
|
||
public class X509CertificateAndKeyPair { | ||
|
||
private X509Certificate x509Certificate; | ||
|
||
private KeyPair keyPair; | ||
|
||
public X509Certificate getX509Certificate() { | ||
return x509Certificate; | ||
} | ||
|
||
public void setX509Certificate(X509Certificate x509Certificate) { | ||
this.x509Certificate = x509Certificate; | ||
} | ||
|
||
public KeyPair getKeyPair() { | ||
return keyPair; | ||
} | ||
|
||
public void setKeyPair(KeyPair keyPair) { | ||
this.keyPair = keyPair; | ||
} | ||
|
||
@Override | ||
public String toString() { | ||
return "X509CertificateAndKeyPair{" + | ||
"x509Certificate=" + x509Certificate + | ||
", keyPair=" + keyPair + | ||
'}'; | ||
} | ||
} |
16 changes: 16 additions & 0 deletions
16
...elxd/lxd/auth/javakeystore/x509certificate/service/CertificateChainGenerationService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
package org.relxd.lxd.auth.javakeystore.x509certificate.service; | ||
|
||
import org.relxd.lxd.auth.javakeystore.x509certificate.X509CertificateAndKeyPair; | ||
|
||
import java.security.cert.Certificate; | ||
|
||
public interface CertificateChainGenerationService { | ||
|
||
X509CertificateAndKeyPair generateX509Certificate(String issuedTo, String rootCertificateAlias, String issuedCertificateAliase) throws Exception; | ||
|
||
void writeCertToFileBase64Encoded(Certificate certificate, String fileName) throws Exception; | ||
|
||
} | ||
|
||
|
||
|
Oops, something went wrong.