ref: 422f587a1a75f9264fc3eabc086c55b1abc62ead
src/main/java/net/lulli/certsigner/ca/CertificateData.java
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 |
package net.lulli.certsigner.ca; import net.lulli.certsigner.util.Serde; import net.lulli.certsigner.util.PemUtil; import net.lulli.certsigner.Settings; import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.bouncycastle.pkcs.PKCS10CertificationRequest; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Security; import java.security.cert.X509Certificate; import java.util.Objects; public class CertificateData { private final String certificateSubject; private String pemCertificate; private CertificateData(String certificateSubject) { Objects.requireNonNull(certificateSubject); this.certificateSubject = certificateSubject; } public static CertificateData withSubject(String rootSubject) { return new CertificateData(rootSubject); } public String certificate() { return pemCertificate; } public void sign( String pemPrivateKey, String pemRootCertificate, PKCS10CertificationRequest csr, String rootSubject ) { try { Security.addProvider(new BouncyCastleProvider()); PrivateKey caPrivateKey = Serde.readPKCS8PrivateKey(pemPrivateKey); X509Certificate rootCert = Serde.readX509Certificate(pemRootCertificate); PublicKey caPublicKey = rootCert.getPublicKey(); X509Certificate issuedCert = CertificateIssue.clientCertificate( caPrivateKey, rootSubject, rootCert, csr); issuedCert.verify(caPublicKey, Settings.BC_PROVIDER); this.pemCertificate = PemUtil.toString(issuedCert); } catch (Exception e) { throw new IllegalStateException(e.getMessage()); } } } |