cert-signer.git

ref: 538be75f1ffe4d54419e54d382933ebd2c49512f

src/main/java/net/lulli/certsigner/ca/CaData.java

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

/* 
 * This file is part of cert-signer
 * Copyright (c) 2024 Paolo Lulli.
 * 
 * This program is free software: you can redistribute it and/or modify  
 * it under the terms of the GNU General Public License as published by  
 * the Free Software Foundation, version 3.
 *
 * This program is distributed in the hope that it will be useful, but 
 * WITHOUT ANY WARRANTY; without even the implied warranty of 
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License 
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */

package net.lulli.certsigner.ca;

import net.lulli.certsigner.util.PemUtil;
import net.lulli.certsigner.Settings;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import java.security.KeyPairGenerator;
import java.security.Security;
import java.util.Objects;

public class CaData {
    private final String rootSubject;
    private String pemCertificate;
    private String pemPrivateKey;

    public static CaData withSubject(String rootSubject) {
        return new CaData(rootSubject);
    }

    private CaData(String rootSubject) {
        Objects.requireNonNull(rootSubject);

        this.rootSubject = rootSubject;
        initializeCa();
    }

    private void initializeCa() {
        try {
            Security.addProvider(new BouncyCastleProvider());

            var keyPairGenerator = KeyPairGenerator.getInstance(Settings.KEY_ALGORITHM, Settings.BC_PROVIDER);
            keyPairGenerator.initialize(2048);

            var rootKeyPair = keyPairGenerator.generateKeyPair();
            var rootCert = CertificateIssue.rootCertificate(rootKeyPair.getPublic(), rootKeyPair.getPrivate(), rootSubject);

            this.pemCertificate = PemUtil.toString(rootCert);
            this.pemPrivateKey = PemUtil.toString(rootKeyPair.getPrivate());
        } catch (Exception e) {
            throw new IllegalStateException(e.getMessage());
        }
    }

    public String certificate() {
        return pemCertificate;
    }

    public String privateKey() {
        return pemPrivateKey;
    }
}