Mark.TwoFive/home-cert-assistant
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Wiki Activity Actions

🚧 Work on allowing the creation of OpenSSL certificates

Browse source
This commit is contained in:
Magnus Leßmann (@MarkL4YG) 2024-11-10 19:08:19 +01:00
parent ebfde75853
commit 8f198f944e
5 changed files with 197 additions and 157 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
src/main/java/de/mlessmann/certassist/ExecutableResolver.java
View file

@ -2,6 +2,7 @@ package de.mlessmann.certassist;
import de.mlessmann.certassist.except.UnresolvableCLIDependency;
import lombok.Setter;
import org.apache.commons.lang3.SystemUtils;
import org.slf4j.Logger;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
@ -9,6 +10,7 @@ import org.springframework.stereotype.Service;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
@ -43,13 +45,23 @@ public class ExecutableResolver {
String[] pathEntries = envPath.split(File.pathSeparator);
for (String pathEntry : pathEntries) {
Path executablePath = Path.of(pathEntry, executableName);
for (String fileExtension : getAllowedExtensions()) {
Path executablePath = Path.of(pathEntry, executableName + fileExtension);
if (Files.isRegularFile(executablePath) && Files.isExecutable(executablePath)) {
return Optional.of(executablePath.toString());
}
}
}
LOGGER.error("Could not find executable '{}' in PATH. Make sure that it exists on the of the directory and is executable.", executableName);
return Optional.empty();
}
public List<String> getAllowedExtensions() {
if (SystemUtils.IS_OS_WINDOWS) {
return List.of(".exe", ".bat", ".cmd");
} else {
return List.of("", ".sh");
}
}
}

39
src/main/java/de/mlessmann/certassist/OpenSSLCertificateCreator.java
View file

@ -1,39 +0,0 @@
package de.mlessmann.certassist;
import de.mlessmann.certassist.except.UnresolvableCLIDependency;
import org.slf4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.io.IOException;
import static org.slf4j.LoggerFactory.getLogger;
@Service
public class OpenSSLCertificateCreator {
private static final Logger LOGGER = getLogger(OpenSSLCertificateCreator.class);
private final ExecutableResolver executableResolver;
@Autowired
public OpenSSLCertificateCreator(ExecutableResolver executableResolver) {
this.executableResolver = executableResolver;
}
public void createCertificate(CertificateRequest request) {
try {
String openSSLPath = executableResolver.getOpenSSLPath();
Process process = new ProcessBuilder()
.command(openSSLPath, "--version")
.redirectOutput(ProcessBuilder.Redirect.PIPE)
.start();
process.waitFor();
} catch (IOException | InterruptedException e) {
LOGGER.atError().log(e.getMessage());
} catch (UnresolvableCLIDependency e) {
LOGGER.atError().log(e.getMessage());
}
}
}

7
src/main/java/de/mlessmann/certassist/CertificateRequest.java → src/main/java/de/mlessmann/certassist/openssl/CertificateRequest.java
View file

@ -1,4 +1,4 @@
package de.mlessmann.certassist;
package de.mlessmann.certassist.openssl;
import lombok.Builder;
import lombok.Getter;
@ -27,6 +27,11 @@ public class CertificateRequest {
@Setter
private String trustingAuthority;
@Getter
@Setter
@Builder.Default
private int requestedKeyLength = 4096;
public enum RequestType {
ROOT_AUTHORITY,
STANDALONE_CERTIFICATE,

62
src/main/java/de/mlessmann/certassist/openssl/OpenSSLCertificateCreator.java Normal file
View file

@ -0,0 +1,62 @@
package de.mlessmann.certassist.openssl;
import de.mlessmann.certassist.ExecutableResolver;
import de.mlessmann.certassist.except.UnresolvableCLIDependency;
import org.slf4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import static org.slf4j.LoggerFactory.getLogger;
@Service
public class OpenSSLCertificateCreator {
private static final Logger LOGGER = getLogger(OpenSSLCertificateCreator.class);
private final ExecutableResolver executableResolver;
@Autowired
public OpenSSLCertificateCreator(ExecutableResolver executableResolver) {
this.executableResolver = executableResolver;
}
public void createCertificate(CertificateRequest request) {
Path tmpDir;
try {
tmpDir = Files.createTempDirectory("certassist");
} catch (IOException e) {
LOGGER.atError()
.log("Could not create temp directory for openssl generator!", e);
return;
}
try {
createKeyfile(request, tmpDir);
} catch (IOException | InterruptedException e) {
LOGGER.atError()
.log(e.getMessage());
} catch (UnresolvableCLIDependency e) {
LOGGER.atError()
.log(e.getMessage());
}
}
private Path createKeyfile(CertificateRequest request, Path tmpDir) throws UnresolvableCLIDependency, IOException, InterruptedException {
Path keyFile = tmpDir.resolve("root.key").toAbsolutePath();
LOGGER.atDebug().log("Creating root certificate key at: {}", keyFile);
String openSSLPath = executableResolver.getOpenSSLPath();
Process createRootKeyProc = new ProcessBuilder()
.command(openSSLPath, "req", "genrsa", "-des3", "-out", keyFile.toString(),
Integer.toString(request.getRequestedKeyLength()))
.inheritIO()
.start();
createRootKeyProc.waitFor();
return keyFile;
}
}

6
src/test/java/de/mlessmann/certassist/TestOpenSSLCertificateCreator.java
View file

@ -1,10 +1,10 @@
package de.mlessmann.certassist;
import de.mlessmann.certassist.CertificateRequest.RequestType;
import de.mlessmann.certassist.openssl.CertificateRequest;
import de.mlessmann.certassist.openssl.CertificateRequest.RequestType;
import de.mlessmann.certassist.openssl.OpenSSLCertificateCreator;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
public class TestOpenSSLCertificateCreator {