Add cert and private key + cert creation service
This commit is contained in:
Torge Hamann
parent
adc973e90d
commit
958fafa0b3
2 changed files with 78 additions and 0 deletions
|
|
@ -7,10 +7,12 @@ import java.util.ArrayList;
|
|||
import java.util.List;
|
||||
import lombok.AccessLevel;
|
||||
import lombok.Data;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.Setter;
|
||||
|
||||
@Entity
|
||||
@Data
|
||||
@RequiredArgsConstructor
|
||||
public class Certificate {
|
||||
|
||||
@Id
|
||||
|
|
@ -42,4 +44,10 @@ public class Certificate {
|
|||
|
||||
@OneToMany(cascade = CascadeType.ALL, orphanRemoval = true)
|
||||
private List<CertificateExtension> certificateExtension = new ArrayList<>();
|
||||
|
||||
@Lob
|
||||
private byte[] cert = new byte[0];
|
||||
|
||||
@Lob
|
||||
private byte[] privateKey = new byte[0];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,70 @@
|
|||
package de.mlessmann.certassist.service;
|
||||
|
||||
import de.mlessmann.certassist.except.CommandLineOperationException;
|
||||
import de.mlessmann.certassist.models.Certificate;
|
||||
import de.mlessmann.certassist.models.CertificateExtension;
|
||||
import de.mlessmann.certassist.models.CertificateType;
|
||||
import de.mlessmann.certassist.openssl.*;
|
||||
import de.mlessmann.certassist.repositories.CertificateRepository;
|
||||
import java.io.IOException;
|
||||
import java.nio.file.Files;
|
||||
import java.util.List;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@Service
|
||||
@RequiredArgsConstructor
|
||||
public class CertificateCreationService {
|
||||
|
||||
private final CertificateRepository certificateRepository;
|
||||
private final OpenSSLCertificateCreator openSSLCertificateCreator;
|
||||
|
||||
public Certificate createCertificate(final CertificateRequest certificateRequest) {
|
||||
final Certificate certificate = new Certificate();
|
||||
certificate.setType(mapCertificateRequestType(certificateRequest.getType()));
|
||||
certificate.setCommonName(certificateRequest.getCommonName());
|
||||
certificate.setTrustingAuthority(certificateRequest.getTrustingAuthority());
|
||||
certificate.setRequestedKeyLength(certificateRequest.getRequestedKeyLength());
|
||||
certificate.setRequestedValidityDays(certificateRequest.getRequestedValidityDays());
|
||||
final CertificateSubject certificateSubject = certificateRequest.getSubject();
|
||||
certificate.setSubjectEmailAddress(certificateSubject.getEmailAddress());
|
||||
certificate.setSubjectOrganization(certificateSubject.getOrganization());
|
||||
certificate.setSubjectOrganizationalUnit(certificateSubject.getOrganizationalUnit());
|
||||
certificate.setSubjectCountry(certificateSubject.getCountry());
|
||||
certificate.setSubjectState(certificateSubject.getState());
|
||||
certificate.setSubjectLocality(certificateSubject.getLocality());
|
||||
|
||||
final CertificateRequestExtension extension = certificateRequest.getExtension();
|
||||
if (extension != null) {
|
||||
final CertificateExtension certificateExtension = new CertificateExtension();
|
||||
certificateExtension.setIdentifier("alternativeNames");
|
||||
certificateExtension.setValue(String.join(",", extension.getAlternativeNames()));
|
||||
certificate.setCertificateExtension(List.of(certificateExtension));
|
||||
}
|
||||
|
||||
try (
|
||||
OpenSSLCertificateResult certificateCreatorResult = openSSLCertificateCreator.createCertificate(
|
||||
certificateRequest
|
||||
);
|
||||
) {
|
||||
certificate.setPrivateKey(Files.readAllBytes(certificateCreatorResult.getPrivateKeyPath()));
|
||||
certificate.setCert(Files.readAllBytes(certificateCreatorResult.getCertificatePath()));
|
||||
} catch (InterruptedException e) {
|
||||
Thread.currentThread().interrupt();
|
||||
throw new IllegalStateException("Interrupted exception", e);
|
||||
} catch (CommandLineOperationException | IOException e) {
|
||||
throw new IllegalStateException("Failed to create certificate!", e);
|
||||
}
|
||||
|
||||
certificateRepository.save(certificate);
|
||||
return certificate;
|
||||
}
|
||||
|
||||
private CertificateType mapCertificateRequestType(CertificateRequest.RequestType requestType) {
|
||||
return switch (requestType) {
|
||||
case ROOT_AUTHORITY -> CertificateType.ROOT_CA;
|
||||
case STANDALONE_CERTIFICATE -> CertificateType.STANDALONE_CERT;
|
||||
case NORMAL_CERTIFICATE -> CertificateType.SIGNED_CERT;
|
||||
};
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Reference in a new issue