mirror of
https://github.com/GravitLauncher/Launcher
synced 2025-01-25 00:29:23 +03:00
[FEATURE] CertificateManager стал полноценной частью API
This commit is contained in:
parent
bbbe7a968c
commit
6f77c5720f
2 changed files with 67 additions and 1 deletions
|
@ -13,7 +13,9 @@
|
||||||
import java.nio.file.Path;
|
import java.nio.file.Path;
|
||||||
import java.nio.file.SimpleFileVisitor;
|
import java.nio.file.SimpleFileVisitor;
|
||||||
import java.nio.file.attribute.BasicFileAttributes;
|
import java.nio.file.attribute.BasicFileAttributes;
|
||||||
|
import java.security.InvalidAlgorithmParameterException;
|
||||||
import java.security.KeyPair;
|
import java.security.KeyPair;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
import java.security.interfaces.RSAPrivateKey;
|
import java.security.interfaces.RSAPrivateKey;
|
||||||
import java.security.interfaces.RSAPublicKey;
|
import java.security.interfaces.RSAPublicKey;
|
||||||
import java.security.spec.InvalidKeySpecException;
|
import java.security.spec.InvalidKeySpecException;
|
||||||
|
@ -33,6 +35,10 @@
|
||||||
import java.util.zip.CRC32;
|
import java.util.zip.CRC32;
|
||||||
|
|
||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
|
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
|
||||||
|
import org.bouncycastle.crypto.util.PrivateKeyFactory;
|
||||||
|
import org.bouncycastle.crypto.util.PrivateKeyInfoFactory;
|
||||||
|
import org.bouncycastle.operator.OperatorCreationException;
|
||||||
import pro.gravit.launcher.Launcher;
|
import pro.gravit.launcher.Launcher;
|
||||||
import pro.gravit.launcher.LauncherConfig;
|
import pro.gravit.launcher.LauncherConfig;
|
||||||
import pro.gravit.launcher.NeedGarbageCollection;
|
import pro.gravit.launcher.NeedGarbageCollection;
|
||||||
|
@ -391,6 +397,14 @@ public static void main(String... args) throws Throwable {
|
||||||
|
|
||||||
public final Path privateKeyFile;
|
public final Path privateKeyFile;
|
||||||
|
|
||||||
|
public final Path caCertFile;
|
||||||
|
|
||||||
|
public final Path caKeyFile;
|
||||||
|
|
||||||
|
public final Path serverCertFile;
|
||||||
|
|
||||||
|
public final Path serverKeyFile;
|
||||||
|
|
||||||
public final Path updatesDir;
|
public final Path updatesDir;
|
||||||
|
|
||||||
//public static LaunchServer server = null;
|
//public static LaunchServer server = null;
|
||||||
|
@ -479,6 +493,12 @@ public LaunchServer(Path dir, boolean testEnv, String[] args) throws IOException
|
||||||
updatesDir = dir.resolve("updates");
|
updatesDir = dir.resolve("updates");
|
||||||
profilesDir = dir.resolve("profiles");
|
profilesDir = dir.resolve("profiles");
|
||||||
|
|
||||||
|
caCertFile = dir.resolve("ca.crt");
|
||||||
|
caKeyFile = dir.resolve("ca.key");
|
||||||
|
|
||||||
|
serverCertFile = dir.resolve("server.crt");
|
||||||
|
serverKeyFile = dir.resolve("server.key");
|
||||||
|
|
||||||
//Registration handlers and providers
|
//Registration handlers and providers
|
||||||
AuthHandler.registerHandlers();
|
AuthHandler.registerHandlers();
|
||||||
AuthProvider.registerProviders();
|
AuthProvider.registerProviders();
|
||||||
|
@ -591,6 +611,41 @@ public LaunchServer(Path dir, boolean testEnv, String[] args) throws IOException
|
||||||
authHookManager = new AuthHookManager();
|
authHookManager = new AuthHookManager();
|
||||||
configManager = new ConfigManager();
|
configManager = new ConfigManager();
|
||||||
certificateManager = new CertificateManager();
|
certificateManager = new CertificateManager();
|
||||||
|
//Generate or set new Certificate API
|
||||||
|
certificateManager.orgName = config.projectName;
|
||||||
|
if(IOHelper.isFile(caCertFile) && IOHelper.isFile(caKeyFile))
|
||||||
|
{
|
||||||
|
certificateManager.ca = certificateManager.readCertificate(caCertFile);
|
||||||
|
certificateManager.caKey = certificateManager.readPrivateKey(caKeyFile);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
try {
|
||||||
|
certificateManager.generateCA();
|
||||||
|
certificateManager.writeCertificate(caCertFile, certificateManager.ca);
|
||||||
|
certificateManager.writePrivateKey(caKeyFile, certificateManager.caKey);
|
||||||
|
} catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException | OperatorCreationException e) {
|
||||||
|
LogHelper.error(e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if(IOHelper.isFile(serverCertFile) && IOHelper.isFile(serverKeyFile))
|
||||||
|
{
|
||||||
|
certificateManager.server = certificateManager.readCertificate(serverCertFile);
|
||||||
|
certificateManager.serverKey = certificateManager.readPrivateKey(serverKeyFile);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
try {
|
||||||
|
KeyPair pair = certificateManager.generateKeyPair();
|
||||||
|
certificateManager.server = certificateManager.generateCertificate(config.projectName.concat(" Server"), pair.getPublic());
|
||||||
|
certificateManager.serverKey = PrivateKeyFactory.createKey(pair.getPrivate().getEncoded());
|
||||||
|
certificateManager.writePrivateKey(serverKeyFile, pair.getPrivate());
|
||||||
|
certificateManager.writeCertificate(serverCertFile, certificateManager.server);
|
||||||
|
} catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | OperatorCreationException e) {
|
||||||
|
LogHelper.error(e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
GarbageManager.registerNeedGC(sessionManager);
|
GarbageManager.registerNeedGC(sessionManager);
|
||||||
reloadManager.registerReloadable("launchServer", this);
|
reloadManager.registerReloadable("launchServer", this);
|
||||||
registerObject("permissionsHandler", config.permissionsHandler);
|
registerObject("permissionsHandler", config.permissionsHandler);
|
||||||
|
|
|
@ -42,12 +42,18 @@ public class CertificateManager {
|
||||||
public X509CertificateHolder ca;
|
public X509CertificateHolder ca;
|
||||||
public AsymmetricKeyParameter caKey;
|
public AsymmetricKeyParameter caKey;
|
||||||
|
|
||||||
|
public X509CertificateHolder server;
|
||||||
|
public AsymmetricKeyParameter serverKey;
|
||||||
|
|
||||||
|
|
||||||
//public X509CertificateHolder server;
|
//public X509CertificateHolder server;
|
||||||
//public AsymmetricKeyParameter serverKey;
|
//public AsymmetricKeyParameter serverKey;
|
||||||
|
|
||||||
public int validDays = 60;
|
public int validDays = 60;
|
||||||
public int minusHours = 6;
|
public int minusHours = 6;
|
||||||
|
|
||||||
|
public String orgName;
|
||||||
|
|
||||||
public X509CertificateHolder generateCertificate(String subjectName, PublicKey subjectPublicKey) throws OperatorCreationException {
|
public X509CertificateHolder generateCertificate(String subjectName, PublicKey subjectPublicKey) throws OperatorCreationException {
|
||||||
SubjectPublicKeyInfo subjectPubKeyInfo = SubjectPublicKeyInfo.getInstance(subjectPublicKey.getEncoded());
|
SubjectPublicKeyInfo subjectPubKeyInfo = SubjectPublicKeyInfo.getInstance(subjectPublicKey.getEncoded());
|
||||||
BigInteger serial = BigInteger.valueOf(SecurityHelper.newRandom().nextLong());
|
BigInteger serial = BigInteger.valueOf(SecurityHelper.newRandom().nextLong());
|
||||||
|
@ -56,6 +62,7 @@ public X509CertificateHolder generateCertificate(String subjectName, PublicKey s
|
||||||
|
|
||||||
X500NameBuilder subject = new X500NameBuilder();
|
X500NameBuilder subject = new X500NameBuilder();
|
||||||
subject.addRDN(BCStyle.CN, subjectName);
|
subject.addRDN(BCStyle.CN, subjectName);
|
||||||
|
subject.addRDN(BCStyle.O, orgName);
|
||||||
X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(ca.getSubject(), serial,
|
X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(ca.getSubject(), serial,
|
||||||
startDate, endDate, subject.build(), subjectPubKeyInfo);
|
startDate, endDate, subject.build(), subjectPubKeyInfo);
|
||||||
|
|
||||||
|
@ -73,8 +80,12 @@ public void generateCA() throws NoSuchAlgorithmException, IOException, OperatorC
|
||||||
KeyPair pair = generator.generateKeyPair();
|
KeyPair pair = generator.generateKeyPair();
|
||||||
LocalDateTime startDate = LocalDate.now().atStartOfDay();
|
LocalDateTime startDate = LocalDate.now().atStartOfDay();
|
||||||
|
|
||||||
|
X500NameBuilder subject = new X500NameBuilder();
|
||||||
|
subject.addRDN(BCStyle.CN, orgName.concat(" CA"));
|
||||||
|
subject.addRDN(BCStyle.O, orgName);
|
||||||
|
|
||||||
X509v3CertificateBuilder builder= new X509v3CertificateBuilder(
|
X509v3CertificateBuilder builder= new X509v3CertificateBuilder(
|
||||||
new X500Name("CN=ca"),
|
subject.build(),
|
||||||
new BigInteger("0"),
|
new BigInteger("0"),
|
||||||
Date.from(startDate.atZone(ZoneId.systemDefault()).toInstant()),
|
Date.from(startDate.atZone(ZoneId.systemDefault()).toInstant()),
|
||||||
Date.from(startDate.plusDays(3650).atZone(ZoneId.systemDefault()).toInstant()),
|
Date.from(startDate.plusDays(3650).atZone(ZoneId.systemDefault()).toInstant()),
|
||||||
|
|
Loading…
Reference in a new issue