package com.juick.server; import com.juick.server.api.activity.model.Person; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; import org.springframework.util.Base64Utils; import javax.annotation.PostConstruct; import javax.net.ssl.KeyManagerFactory; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.security.*; import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.spec.X509EncodedKeySpec; import java.util.Arrays; import java.util.List; import java.util.stream.Collectors; import java.util.stream.IntStream; @Component public class KeystoreManager { private static final Logger logger = LoggerFactory.getLogger("com.juick.server"); @Value("${keystore:../juick.p12}") private String keystore; @Value("${keystore_password:secret}") private String keystorePassword; private KeyStore ks; private KeyManagerFactory kmf; @PostConstruct public void init() { try (InputStream ksIs = new FileInputStream(keystore)) { ks = KeyStore.getInstance("PKCS12"); ks.load(ksIs, keystorePassword.toCharArray()); kmf = KeyManagerFactory.getInstance(KeyManagerFactory .getDefaultAlgorithm()); kmf.init(ks, keystorePassword.toCharArray()); } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) { logger.error("Keystore error", e); } } public KeyStore getKeystore() { return ks; } public KeyManagerFactory getKeymanagerFactory() { return kmf; } private KeyPair getKeyPair() { Key privateKey = null; try { privateKey = ks.getKey("1", keystorePassword.toCharArray()); Certificate certificate = ks.getCertificate("1"); return new KeyPair(certificate.getPublicKey(), (PrivateKey) privateKey); } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) { e.printStackTrace(); } return null; } public PrivateKey getPrivateKey() { return getKeyPair().getPrivate(); } public PublicKey getPublicKey() { return getKeyPair().getPublic(); } public String getPublicKeyPem() { String[] key = Base64Utils.encodeToString(getKeyPair().getPublic().getEncoded()).split("(?<=\\G.{64})"); return String.format("-----BEGIN PUBLIC KEY-----\n%s\n-----END PUBLIC KEY-----\n", Arrays.asList(key).stream().collect(Collectors.joining("\n"))); } public static PublicKey publicKeyOf(Person person) { String pubkeyPem = person.getPublicKey().getPublicKeyPem(); String[] rawKey = pubkeyPem.split("\\n"); String pubkeyData = String.join("", Arrays.asList(rawKey).subList(1, rawKey.length - 1)); try{ byte[] byteKey = Base64Utils.decodeFromString(pubkeyData); X509EncodedKeySpec X509publicKey = new X509EncodedKeySpec(byteKey); KeyFactory kf = KeyFactory.getInstance("RSA"); return kf.generatePublic(X509publicKey); } catch(Exception e){ e.printStackTrace(); } return null; } }