mirror of
https://github.com/GravitLauncher/Launcher
synced 2024-11-15 03:31:15 +03:00
[FEATURE] Эллиптическая криптография. Создание клиентских сертификатов
This commit is contained in:
parent
c9f27a4f3c
commit
2e5295dbaf
2 changed files with 54 additions and 6 deletions
|
@ -66,12 +66,7 @@
|
|||
import pro.gravit.launchserver.config.LaunchServerRuntimeConfig;
|
||||
import pro.gravit.launchserver.dao.UserService;
|
||||
import pro.gravit.launchserver.dao.provider.DaoProvider;
|
||||
import pro.gravit.launchserver.manangers.LaunchServerGsonManager;
|
||||
import pro.gravit.launchserver.manangers.MirrorManager;
|
||||
import pro.gravit.launchserver.manangers.ModulesManager;
|
||||
import pro.gravit.launchserver.manangers.ReconfigurableManager;
|
||||
import pro.gravit.launchserver.manangers.ReloadManager;
|
||||
import pro.gravit.launchserver.manangers.SessionManager;
|
||||
import pro.gravit.launchserver.manangers.*;
|
||||
import pro.gravit.launchserver.manangers.hook.AuthHookManager;
|
||||
import pro.gravit.launchserver.manangers.hook.BuildHookManager;
|
||||
import pro.gravit.launchserver.socket.WebSocketService;
|
||||
|
@ -441,6 +436,8 @@ public static void main(String... args) throws Throwable {
|
|||
|
||||
public final ConfigManager configManager;
|
||||
|
||||
public final CertificateManager certificateManager;
|
||||
|
||||
|
||||
public final BuildHookManager buildHookManager;
|
||||
|
||||
|
@ -599,6 +596,7 @@ public LaunchServer(Path dir, boolean testEnv, String[] args) throws IOException
|
|||
reconfigurableManager = new ReconfigurableManager();
|
||||
authHookManager = new AuthHookManager();
|
||||
configManager = new ConfigManager();
|
||||
certificateManager = new CertificateManager();
|
||||
GarbageManager.registerNeedGC(sessionManager);
|
||||
reloadManager.registerReloadable("launchServer", this);
|
||||
registerObject("permissionsHandler", config.permissionsHandler);
|
||||
|
|
|
@ -0,0 +1,50 @@
|
|||
package pro.gravit.launchserver.manangers;
|
||||
|
||||
|
||||
import org.bouncycastle.asn1.x500.X500NameBuilder;
|
||||
import org.bouncycastle.asn1.x500.style.BCStyle;
|
||||
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
|
||||
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
|
||||
import org.bouncycastle.cert.X509CertificateHolder;
|
||||
import org.bouncycastle.cert.X509v3CertificateBuilder;
|
||||
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
|
||||
import org.bouncycastle.operator.ContentSigner;
|
||||
import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
|
||||
import org.bouncycastle.operator.OperatorCreationException;
|
||||
import org.bouncycastle.operator.bc.BcECContentSignerBuilder;
|
||||
import pro.gravit.utils.helper.SecurityHelper;
|
||||
|
||||
import java.math.BigInteger;
|
||||
import java.security.PublicKey;
|
||||
import java.time.Instant;
|
||||
import java.time.temporal.ChronoUnit;
|
||||
import java.util.Date;
|
||||
|
||||
public class CertificateManager {
|
||||
public X509CertificateHolder ca;
|
||||
public AsymmetricKeyParameter caKey;
|
||||
|
||||
//public X509CertificateHolder server;
|
||||
//public AsymmetricKeyParameter serverKey;
|
||||
|
||||
public int validDays = 0;
|
||||
public int minusHours = 6;
|
||||
|
||||
public X509CertificateHolder generateCertificate(String subjectName, PublicKey subjectPublicKey) throws OperatorCreationException {
|
||||
SubjectPublicKeyInfo subjectPubKeyInfo = SubjectPublicKeyInfo.getInstance(subjectPublicKey);
|
||||
BigInteger serial = BigInteger.valueOf(SecurityHelper.newRandom().nextLong());
|
||||
Date startDate = Date.from(Instant.now().minus(minusHours, ChronoUnit.HOURS));
|
||||
Date endDate = Date.from(startDate.toInstant().plus(validDays, ChronoUnit.DAYS));
|
||||
|
||||
X500NameBuilder subject = new X500NameBuilder();
|
||||
subject.addRDN(BCStyle.CN, subjectName);
|
||||
X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(ca.getSubject(), serial,
|
||||
startDate, endDate, subject.build(), subjectPubKeyInfo);
|
||||
|
||||
AlgorithmIdentifier sigAlgId = ca.getSignatureAlgorithm();
|
||||
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
|
||||
ContentSigner sigGen = new BcECContentSignerBuilder(sigAlgId, digAlgId).build(caKey);
|
||||
|
||||
return v3CertGen.build(sigGen);
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue