diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/LaunchServer.java b/LaunchServer/src/main/java/pro/gravit/launchserver/LaunchServer.java index 2f0bb97d..8d135b90 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/LaunchServer.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/LaunchServer.java @@ -13,7 +13,9 @@ import java.nio.file.Path; import java.nio.file.SimpleFileVisitor; import java.nio.file.attribute.BasicFileAttributes; +import java.security.InvalidAlgorithmParameterException; import java.security.KeyPair; +import java.security.NoSuchAlgorithmException; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.InvalidKeySpecException; @@ -33,6 +35,10 @@ import java.util.zip.CRC32; import io.netty.handler.logging.LogLevel; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.crypto.util.PrivateKeyFactory; +import org.bouncycastle.crypto.util.PrivateKeyInfoFactory; +import org.bouncycastle.operator.OperatorCreationException; import pro.gravit.launcher.Launcher; import pro.gravit.launcher.LauncherConfig; import pro.gravit.launcher.NeedGarbageCollection; @@ -391,6 +397,14 @@ public static void main(String... args) throws Throwable { public final Path privateKeyFile; + public final Path caCertFile; + + public final Path caKeyFile; + + public final Path serverCertFile; + + public final Path serverKeyFile; + public final Path updatesDir; //public static LaunchServer server = null; @@ -479,6 +493,12 @@ public LaunchServer(Path dir, boolean testEnv, String[] args) throws IOException updatesDir = dir.resolve("updates"); profilesDir = dir.resolve("profiles"); + caCertFile = dir.resolve("ca.crt"); + caKeyFile = dir.resolve("ca.key"); + + serverCertFile = dir.resolve("server.crt"); + serverKeyFile = dir.resolve("server.key"); + //Registration handlers and providers AuthHandler.registerHandlers(); AuthProvider.registerProviders(); @@ -591,6 +611,41 @@ public LaunchServer(Path dir, boolean testEnv, String[] args) throws IOException authHookManager = new AuthHookManager(); configManager = new ConfigManager(); certificateManager = new CertificateManager(); + //Generate or set new Certificate API + certificateManager.orgName = config.projectName; + if(IOHelper.isFile(caCertFile) && IOHelper.isFile(caKeyFile)) + { + certificateManager.ca = certificateManager.readCertificate(caCertFile); + certificateManager.caKey = certificateManager.readPrivateKey(caKeyFile); + } + else + { + try { + certificateManager.generateCA(); + certificateManager.writeCertificate(caCertFile, certificateManager.ca); + certificateManager.writePrivateKey(caKeyFile, certificateManager.caKey); + } catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException | OperatorCreationException e) { + LogHelper.error(e); + } + } + if(IOHelper.isFile(serverCertFile) && IOHelper.isFile(serverKeyFile)) + { + certificateManager.server = certificateManager.readCertificate(serverCertFile); + certificateManager.serverKey = certificateManager.readPrivateKey(serverKeyFile); + } + else + { + try { + KeyPair pair = certificateManager.generateKeyPair(); + certificateManager.server = certificateManager.generateCertificate(config.projectName.concat(" Server"), pair.getPublic()); + certificateManager.serverKey = PrivateKeyFactory.createKey(pair.getPrivate().getEncoded()); + certificateManager.writePrivateKey(serverKeyFile, pair.getPrivate()); + certificateManager.writeCertificate(serverCertFile, certificateManager.server); + } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | OperatorCreationException e) { + LogHelper.error(e); + } + } + GarbageManager.registerNeedGC(sessionManager); reloadManager.registerReloadable("launchServer", this); registerObject("permissionsHandler", config.permissionsHandler); diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/CertificateManager.java b/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/CertificateManager.java index f2a15df4..f9c9bbd1 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/CertificateManager.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/CertificateManager.java @@ -42,12 +42,18 @@ public class CertificateManager { public X509CertificateHolder ca; public AsymmetricKeyParameter caKey; + public X509CertificateHolder server; + public AsymmetricKeyParameter serverKey; + + //public X509CertificateHolder server; //public AsymmetricKeyParameter serverKey; public int validDays = 60; public int minusHours = 6; + public String orgName; + public X509CertificateHolder generateCertificate(String subjectName, PublicKey subjectPublicKey) throws OperatorCreationException { SubjectPublicKeyInfo subjectPubKeyInfo = SubjectPublicKeyInfo.getInstance(subjectPublicKey.getEncoded()); BigInteger serial = BigInteger.valueOf(SecurityHelper.newRandom().nextLong()); @@ -56,6 +62,7 @@ public X509CertificateHolder generateCertificate(String subjectName, PublicKey s X500NameBuilder subject = new X500NameBuilder(); subject.addRDN(BCStyle.CN, subjectName); + subject.addRDN(BCStyle.O, orgName); X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(ca.getSubject(), serial, startDate, endDate, subject.build(), subjectPubKeyInfo); @@ -73,8 +80,12 @@ public void generateCA() throws NoSuchAlgorithmException, IOException, OperatorC KeyPair pair = generator.generateKeyPair(); LocalDateTime startDate = LocalDate.now().atStartOfDay(); + X500NameBuilder subject = new X500NameBuilder(); + subject.addRDN(BCStyle.CN, orgName.concat(" CA")); + subject.addRDN(BCStyle.O, orgName); + X509v3CertificateBuilder builder= new X509v3CertificateBuilder( - new X500Name("CN=ca"), + subject.build(), new BigInteger("0"), Date.from(startDate.atZone(ZoneId.systemDefault()).toInstant()), Date.from(startDate.plusDays(3650).atZone(ZoneId.systemDefault()).toInstant()),