Magnus Leßmann (@MarkL4YG)
402bd99abf
chore: Run spotless feat: Update ordering of certificate chains to match what JDK demands feat: Implement creating trust- and keystores from certs :)
42 lines
1.7 KiB
Java
42 lines
1.7 KiB
Java
package de.mlessmann.certassist.openssl;
|
|
|
|
import java.nio.file.Path;
|
|
import org.springframework.lang.Nullable;
|
|
|
|
/**
|
|
* Instance of a certificate that is temporarily stored on disk to be available for use in command line calls.
|
|
* The instance implements AutoCloseable to enable cleanup after the stored files are no longer needed.
|
|
* @implSpec The files should be removed from disk when the instance is closed, UNLESS the provided paths are the permanent storage location for the certificate files.
|
|
*/
|
|
public interface CertificateUsage extends AutoCloseable {
|
|
/**
|
|
* Returns the path to the certificate file (on disk, potentially temporary depending on the storage implementation).
|
|
*/
|
|
Path certificatePath();
|
|
|
|
/**
|
|
* Returns the path to the private key file (on disk, potentially temporary depending on the storage implementation).
|
|
* This file should also be encrypted.
|
|
* @see CertificatePasswordProvider
|
|
*/
|
|
Path certificateKeyPath();
|
|
|
|
/**
|
|
* Returns the path to the fullchain file (on disk, potentially temporary depending on the storage implementation).
|
|
* This should contain the entire certification chain from (inclusive) the certificate to the root authority (inclusive).
|
|
* @implSpec This method may return {@code null} if the certificate is self-signed.
|
|
*/
|
|
@Nullable
|
|
Path fullchainPath();
|
|
|
|
/**
|
|
* String representation of the certificate's fingerprint.
|
|
* In case of OpenSSL, this should be in the form of: {@code SHA1;<HEX>:<HEX>:...}
|
|
*/
|
|
String fingerprint();
|
|
|
|
@Override
|
|
default void close() {
|
|
// Default implementation does nothing - overwrite this if you need to close resources.
|
|
}
|
|
}
|