Add cert and private key + cert creation service
This commit is contained in:
Torge Hamann
parent
adc973e90d
commit
f1cfce920a
2 changed files with 78 additions and 0 deletions
|
|
@ -7,10 +7,12 @@ import java.util.ArrayList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import lombok.AccessLevel;
|
import lombok.AccessLevel;
|
||||||
import lombok.Data;
|
import lombok.Data;
|
||||||
|
import lombok.RequiredArgsConstructor;
|
||||||
import lombok.Setter;
|
import lombok.Setter;
|
||||||
|
|
||||||
@Entity
|
@Entity
|
||||||
@Data
|
@Data
|
||||||
|
@RequiredArgsConstructor
|
||||||
public class Certificate {
|
public class Certificate {
|
||||||
|
|
||||||
@Id
|
@Id
|
||||||
|
|
@ -42,4 +44,10 @@ public class Certificate {
|
||||||
|
|
||||||
@OneToMany(cascade = CascadeType.ALL, orphanRemoval = true)
|
@OneToMany(cascade = CascadeType.ALL, orphanRemoval = true)
|
||||||
private List<CertificateExtension> certificateExtension = new ArrayList<>();
|
private List<CertificateExtension> certificateExtension = new ArrayList<>();
|
||||||
|
|
||||||
|
@Lob
|
||||||
|
private byte[] cert = new byte[0];
|
||||||
|
|
||||||
|
@Lob
|
||||||
|
private byte[] privateKey = new byte[0];
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,70 @@
|
||||||
|
package de.mlessmann.certassist.service;
|
||||||
|
|
||||||
|
import de.mlessmann.certassist.except.CommandLineOperationException;
|
||||||
|
import de.mlessmann.certassist.models.Certificate;
|
||||||
|
import de.mlessmann.certassist.models.CertificateExtension;
|
||||||
|
import de.mlessmann.certassist.models.CertificateType;
|
||||||
|
import de.mlessmann.certassist.openssl.*;
|
||||||
|
import de.mlessmann.certassist.repositories.CertificateRepository;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.nio.file.Files;
|
||||||
|
import java.util.List;
|
||||||
|
import lombok.RequiredArgsConstructor;
|
||||||
|
import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
|
@Service
|
||||||
|
@RequiredArgsConstructor
|
||||||
|
public class CertificateCreationService {
|
||||||
|
|
||||||
|
private final CertificateRepository certificateRepository;
|
||||||
|
private final OpenSSLCertificateCreator openSSLCertificateCreator;
|
||||||
|
|
||||||
|
public Certificate createCertificate(final CertificateRequest certificateRequest) {
|
||||||
|
final Certificate certificate = new Certificate();
|
||||||
|
certificate.setType(mapCertificateRequestType(certificateRequest.getType()));
|
||||||
|
certificate.setCommonName(certificateRequest.getCommonName());
|
||||||
|
certificate.setTrustingAuthority(certificateRequest.getTrustingAuthority());
|
||||||
|
certificate.setRequestedKeyLength(certificateRequest.getRequestedKeyLength());
|
||||||
|
certificate.setRequestedValidityDays(certificateRequest.getRequestedValidityDays());
|
||||||
|
final CertificateSubject certificateSubject = certificateRequest.getSubject();
|
||||||
|
certificate.setSubjectEmailAddress(certificateSubject.getEmailAddress());
|
||||||
|
certificate.setSubjectOrganization(certificateSubject.getOrganization());
|
||||||
|
certificate.setSubjectOrganizationalUnit(certificateSubject.getOrganizationalUnit());
|
||||||
|
certificate.setSubjectCountry(certificateSubject.getCountry());
|
||||||
|
certificate.setSubjectState(certificateSubject.getState());
|
||||||
|
certificate.setSubjectLocality(certificateSubject.getLocality());
|
||||||
|
|
||||||
|
final CertificateRequestExtension extension = certificateRequest.getExtension();
|
||||||
|
if (extension != null) {
|
||||||
|
final CertificateExtension certificateExtension = new CertificateExtension();
|
||||||
|
certificateExtension.setIdentifier("alternativeNames");
|
||||||
|
certificateExtension.setValue(String.join(",", extension.getAlternativeNames()));
|
||||||
|
certificate.setCertificateExtension(List.of(certificateExtension));
|
||||||
|
}
|
||||||
|
|
||||||
|
try (
|
||||||
|
OpenSSLCertificateResult certificateCreatorResult = openSSLCertificateCreator.createCertificate(
|
||||||
|
certificateRequest
|
||||||
|
);
|
||||||
|
) {
|
||||||
|
certificate.setPrivateKey(Files.readAllBytes(certificateCreatorResult.getPrivateKeyPath()));
|
||||||
|
certificate.setCert(Files.readAllBytes(certificateCreatorResult.getCertificatePath()));
|
||||||
|
} catch (InterruptedException e) {
|
||||||
|
Thread.currentThread().interrupt();
|
||||||
|
throw new IllegalStateException("Interrupted exception", e);
|
||||||
|
} catch (CommandLineOperationException | IOException e) {
|
||||||
|
throw new IllegalStateException("Failed to create certificate!", e);
|
||||||
|
}
|
||||||
|
|
||||||
|
certificateRepository.save(certificate);
|
||||||
|
return certificate;
|
||||||
|
}
|
||||||
|
|
||||||
|
private CertificateType mapCertificateRequestType(CertificateRequest.RequestType requestType) {
|
||||||
|
return switch (requestType) {
|
||||||
|
case ROOT_AUTHORITY -> CertificateType.ROOT_CA;
|
||||||
|
case STANDALONE_CERTIFICATE -> CertificateType.STANDALONE_CERT;
|
||||||
|
case NORMAL_CERTIFICATE -> CertificateType.SIGNED_CERT;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Add table
Reference in a new issue