Allow using uninitialized CA for generating CRL (#18)

lib/src/main/java/fi/protonode/certy/CertificateRevocationList.java

@@ -145,11 +145,15 @@ public CertificateRevocationList writeAsPem(Path out) throws IOException, Certif
     private X509CRLHolder generateCrl() throws CertificateException, NoSuchAlgorithmException {
         if (this.issuer == null) {
             if (this.revoked.isEmpty()) {
-                throw new IllegalArgumentException("issuer not known: either set issuer or add certificates to the CRL");
+                throw new IllegalArgumentException(
+                        "issuer not known: either set issuer or add certificates to the CRL");
             }
             this.issuer = this.revoked.get(0).issuer;
         }
 
+        // Ensure that the issuer has a key pair.
+        this.issuer.ensureGenerated();
+
         Date effectiveRevocationTime = new Date();
         if (this.thisUpdate != null) {
             effectiveRevocationTime = this.thisUpdate;

lib/src/test/java/fi/protonode/certy/TestCertificateRevocationList.java

@@ -127,4 +127,16 @@ public void testWritingPem(@TempDir Path tempDir) throws Exception {
         assertFalse(got.isRevoked(notRevokedCert.getCertificate()));
     }
 
+    @Test
+    public void testUninitializedCaCertificate(@TempDir Path tempDir) throws Exception {
+        Credential uninitialized = new Credential().subject("cn=ca"); // We have not called generate() yet.
+        assertDoesNotThrow(() -> new CertificateRevocationList().issuer(uninitialized).writeAsPem(tempDir.resolve("crl.pem")));
+    }
+
+    @Test
+    public void testUninitializedRevokedCertificate(@TempDir Path tempDir) throws Exception {
+        Credential uninitialized = new Credential().issuer(ca).subject("cn=uninitialized");  // We have not called generate() yet.
+        assertDoesNotThrow(() -> new CertificateRevocationList().issuer(ca).add(uninitialized).writeAsPem(tempDir.resolve("crl.pem")));
+    }
+
 }