mirror of
https://github.com/GravitLauncher/Launcher
synced 2024-11-15 11:39:11 +03:00
[FEATURE] Эллиптическая криптография. Создание клиентских сертификатов
This commit is contained in:
Gravit
parent
c9f27a4f3c
commit
2e5295dbaf
2 changed files with 54 additions and 6 deletions
|
|
@ -66,12 +66,7 @@
|
||||||
import pro.gravit.launchserver.config.LaunchServerRuntimeConfig;
|
import pro.gravit.launchserver.config.LaunchServerRuntimeConfig;
|
||||||
import pro.gravit.launchserver.dao.UserService;
|
import pro.gravit.launchserver.dao.UserService;
|
||||||
import pro.gravit.launchserver.dao.provider.DaoProvider;
|
import pro.gravit.launchserver.dao.provider.DaoProvider;
|
||||||
import pro.gravit.launchserver.manangers.LaunchServerGsonManager;
|
import pro.gravit.launchserver.manangers.*;
|
||||||
import pro.gravit.launchserver.manangers.MirrorManager;
|
|
||||||
import pro.gravit.launchserver.manangers.ModulesManager;
|
|
||||||
import pro.gravit.launchserver.manangers.ReconfigurableManager;
|
|
||||||
import pro.gravit.launchserver.manangers.ReloadManager;
|
|
||||||
import pro.gravit.launchserver.manangers.SessionManager;
|
|
||||||
import pro.gravit.launchserver.manangers.hook.AuthHookManager;
|
import pro.gravit.launchserver.manangers.hook.AuthHookManager;
|
||||||
import pro.gravit.launchserver.manangers.hook.BuildHookManager;
|
import pro.gravit.launchserver.manangers.hook.BuildHookManager;
|
||||||
import pro.gravit.launchserver.socket.WebSocketService;
|
import pro.gravit.launchserver.socket.WebSocketService;
|
||||||
|
|
@ -441,6 +436,8 @@ public static void main(String... args) throws Throwable {
|
||||||
|
|
||||||
public final ConfigManager configManager;
|
public final ConfigManager configManager;
|
||||||
|
|
||||||
|
public final CertificateManager certificateManager;
|
||||||
|
|
||||||
|
|
||||||
public final BuildHookManager buildHookManager;
|
public final BuildHookManager buildHookManager;
|
||||||
|
|
||||||
|
|
@ -599,6 +596,7 @@ public LaunchServer(Path dir, boolean testEnv, String[] args) throws IOException
|
||||||
reconfigurableManager = new ReconfigurableManager();
|
reconfigurableManager = new ReconfigurableManager();
|
||||||
authHookManager = new AuthHookManager();
|
authHookManager = new AuthHookManager();
|
||||||
configManager = new ConfigManager();
|
configManager = new ConfigManager();
|
||||||
|
certificateManager = new CertificateManager();
|
||||||
GarbageManager.registerNeedGC(sessionManager);
|
GarbageManager.registerNeedGC(sessionManager);
|
||||||
reloadManager.registerReloadable("launchServer", this);
|
reloadManager.registerReloadable("launchServer", this);
|
||||||
registerObject("permissionsHandler", config.permissionsHandler);
|
registerObject("permissionsHandler", config.permissionsHandler);
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,50 @@
|
||||||
|
package pro.gravit.launchserver.manangers;
|
||||||
|
|
||||||
|
|
||||||
|
import org.bouncycastle.asn1.x500.X500NameBuilder;
|
||||||
|
import org.bouncycastle.asn1.x500.style.BCStyle;
|
||||||
|
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
|
||||||
|
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
|
||||||
|
import org.bouncycastle.cert.X509CertificateHolder;
|
||||||
|
import org.bouncycastle.cert.X509v3CertificateBuilder;
|
||||||
|
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
|
||||||
|
import org.bouncycastle.operator.ContentSigner;
|
||||||
|
import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
|
||||||
|
import org.bouncycastle.operator.OperatorCreationException;
|
||||||
|
import org.bouncycastle.operator.bc.BcECContentSignerBuilder;
|
||||||
|
import pro.gravit.utils.helper.SecurityHelper;
|
||||||
|
|
||||||
|
import java.math.BigInteger;
|
||||||
|
import java.security.PublicKey;
|
||||||
|
import java.time.Instant;
|
||||||
|
import java.time.temporal.ChronoUnit;
|
||||||
|
import java.util.Date;
|
||||||
|
|
||||||
|
public class CertificateManager {
|
||||||
|
public X509CertificateHolder ca;
|
||||||
|
public AsymmetricKeyParameter caKey;
|
||||||
|
|
||||||
|
//public X509CertificateHolder server;
|
||||||
|
//public AsymmetricKeyParameter serverKey;
|
||||||
|
|
||||||
|
public int validDays = 0;
|
||||||
|
public int minusHours = 6;
|
||||||
|
|
||||||
|
public X509CertificateHolder generateCertificate(String subjectName, PublicKey subjectPublicKey) throws OperatorCreationException {
|
||||||
|
SubjectPublicKeyInfo subjectPubKeyInfo = SubjectPublicKeyInfo.getInstance(subjectPublicKey);
|
||||||
|
BigInteger serial = BigInteger.valueOf(SecurityHelper.newRandom().nextLong());
|
||||||
|
Date startDate = Date.from(Instant.now().minus(minusHours, ChronoUnit.HOURS));
|
||||||
|
Date endDate = Date.from(startDate.toInstant().plus(validDays, ChronoUnit.DAYS));
|
||||||
|
|
||||||
|
X500NameBuilder subject = new X500NameBuilder();
|
||||||
|
subject.addRDN(BCStyle.CN, subjectName);
|
||||||
|
X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(ca.getSubject(), serial,
|
||||||
|
startDate, endDate, subject.build(), subjectPubKeyInfo);
|
||||||
|
|
||||||
|
AlgorithmIdentifier sigAlgId = ca.getSignatureAlgorithm();
|
||||||
|
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
|
||||||
|
ContentSigner sigGen = new BcECContentSignerBuilder(sigAlgId, digAlgId).build(caKey);
|
||||||
|
|
||||||
|
return v3CertGen.build(sigGen);
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue