diff options
Diffstat (limited to 'src/main/java/com/juick/KeystoreManager.java')
-rw-r--r-- | src/main/java/com/juick/KeystoreManager.java | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/src/main/java/com/juick/KeystoreManager.java b/src/main/java/com/juick/KeystoreManager.java new file mode 100644 index 00000000..50576255 --- /dev/null +++ b/src/main/java/com/juick/KeystoreManager.java @@ -0,0 +1,92 @@ +/* + * Copyright (C) 2008-2020, Juick + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +package com.juick; + +import com.juick.www.api.activity.model.objects.Person; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.core.io.Resource; +import org.springframework.util.Base64Utils; + +import javax.net.ssl.KeyManagerFactory; +import java.io.IOException; +import java.io.InputStream; +import java.security.*; +import java.security.cert.Certificate; +import java.security.cert.CertificateException; +import java.security.spec.X509EncodedKeySpec; +import java.util.Arrays; + +public class KeystoreManager { + private static final Logger logger = LoggerFactory.getLogger("ActivityPub"); + + private String keystorePassword; + + private KeyStore ks; + + public KeystoreManager(Resource keystore, String keystorePassword) { + this.keystorePassword = keystorePassword; + try (InputStream ksIs = keystore.getInputStream()) { + ks = KeyStore.getInstance("PKCS12"); + ks.load(ksIs, keystorePassword.toCharArray()); + KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory + .getDefaultAlgorithm()); + kmf.init(ks, keystorePassword.toCharArray()); + } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) { + logger.error("Keystore error", e); + } + } + + private KeyPair getKeyPair() { + Key privateKey; + try { + privateKey = ks.getKey("1", keystorePassword.toCharArray()); + Certificate certificate = ks.getCertificate("1"); + return new KeyPair(certificate.getPublicKey(), (PrivateKey) privateKey); + } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) { + e.printStackTrace(); + } + return null; + } + public PrivateKey getPrivateKey() { + return getKeyPair().getPrivate(); + } + public PublicKey getPublicKey() { + return getKeyPair().getPublic(); + } + public String getPublicKeyPem() { + String[] key = Base64Utils.encodeToString(getKeyPair().getPublic().getEncoded()).split("(?<=\\G.{64})"); + return String.format("-----BEGIN PUBLIC KEY-----\n%s\n-----END PUBLIC KEY-----\n", + String.join("\n", key)); + } + public static PublicKey publicKeyOf(Person person) { + String pubkeyPem = person.getPublicKey().getPublicKeyPem(); + String[] rawKey = pubkeyPem.split("\\n"); + String pubkeyData = String.join("", Arrays.asList(rawKey).subList(1, rawKey.length - 1)); + try{ + byte[] byteKey = Base64Utils.decodeFromString(pubkeyData); + X509EncodedKeySpec X509publicKey = new X509EncodedKeySpec(byteKey); + KeyFactory kf = KeyFactory.getInstance("RSA"); + return kf.generatePublic(X509publicKey); + } + catch(Exception e){ + e.printStackTrace(); + } + return null; + } +} |