feat: Implement import of CA bundles to keystores

2024-11-24 12:44:06 +01:00 · 2024-11-24 12:44:06 +01:00 · c44d842226
commit c44d842226
parent d0f1daa02b
8 changed files with 207 additions and 7 deletions
--- a/src/main/java/de/mlessmann/certassist/openssl/OpenSSLService.java
+++ b/src/main/java/de/mlessmann/certassist/openssl/OpenSSLService.java
@ -19,6 +19,7 @@ import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.StandardOpenOption;
+import java.security.cert.X509Certificate;
 import java.util.List;
 import java.util.Optional;
 import java.util.UUID;
@ -30,6 +31,7 @@ import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 import java.util.stream.Collectors;
 import lombok.RequiredArgsConstructor;
+import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
@ -535,6 +537,51 @@ public class OpenSSLService {
        }
    }

+    @NonNull
+    @SneakyThrows
+    public String getCertificateFingerPrint(X509Certificate jdkCert) {
+        String pemContent =
+            "-----BEGIN CERTIFICATE-----\n%s\n-----END CERTIFICATE-----".formatted(
+                    new String(jdkCert.getEncoded(), StandardCharsets.UTF_8)
+                );
+        return getCertificateFingerprint(pemContent);
+    }
+
+    @NonNull
+    @SneakyThrows
+    public String getCertificateFingerprint(@NonNull String pemContent) throws CommandLineOperationException {
+        requireNonNull(pemContent, "Certificate PEM content must be provided to generate fingerprint from string.");
+        Path tmpFile = Files.createTempFile(CERTASSIST_TMP_PREFIX, ".pem");
+        try {
+            Files.writeString(tmpFile, pemContent);
+            return getCertificateFingerprint(tmpFile);
+        } finally {
+            try {
+                Files.deleteIfExists(tmpFile);
+            } catch (IOException e) {
+                log.warn("Unable to delete temporary file, adding to shutdown hook. {}", tmpFile);
+                tmpFile.toFile().deleteOnExit();
+            }
+        }
+    }
+
+    @NonNull
+    @SneakyThrows
+    public CertificateInfo getCertificateInfo(String pemContent) {
+        Path tmpFile = Files.createTempFile(CERTASSIST_TMP_PREFIX, ".pem");
+        try {
+            Files.writeString(tmpFile, pemContent);
+            return getCertificateInfo(tmpFile);
+        } finally {
+            try {
+                Files.deleteIfExists(tmpFile);
+            } catch (IOException e) {
+                log.warn("Unable to delete temporary file, adding to shutdown hook. {}", tmpFile);
+                tmpFile.toFile().deleteOnExit();
+            }
+        }
+    }
+
    @NonNull
    public CertificateInfo getCertificateInfo(Path path) throws CommandLineOperationException {
        requireNonNull(path, "Certificate file must be provided to read the info.");