directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kayyag...@apache.org
Subject svn commit: r1667550 - in /directory/sandbox/kayyagari/cert-util: ./ src/ src/main/ src/main/java/ src/main/java/org/ src/main/java/org/apache/ src/main/java/org/apache/directory/ src/test/ src/test/java/ src/test/java/org/ src/test/java/org/apache/ sr...
Date Wed, 18 Mar 2015 13:38:20 GMT
Author: kayyagari
Date: Wed Mar 18 13:38:19 2015
New Revision: 1667550

URL: http://svn.apache.org/r1667550
Log:
utility for generating the LDIF for updating the certificate and keys of ApacheDS

Added:
    directory/sandbox/kayyagari/cert-util/
    directory/sandbox/kayyagari/cert-util/pom.xml
    directory/sandbox/kayyagari/cert-util/src/
    directory/sandbox/kayyagari/cert-util/src/main/
    directory/sandbox/kayyagari/cert-util/src/main/java/
    directory/sandbox/kayyagari/cert-util/src/main/java/org/
    directory/sandbox/kayyagari/cert-util/src/main/java/org/apache/
    directory/sandbox/kayyagari/cert-util/src/main/java/org/apache/directory/
    directory/sandbox/kayyagari/cert-util/src/main/java/org/apache/directory/CertificateUtil.java
    directory/sandbox/kayyagari/cert-util/src/test/
    directory/sandbox/kayyagari/cert-util/src/test/java/
    directory/sandbox/kayyagari/cert-util/src/test/java/org/
    directory/sandbox/kayyagari/cert-util/src/test/java/org/apache/
    directory/sandbox/kayyagari/cert-util/src/test/java/org/apache/directory/

Added: directory/sandbox/kayyagari/cert-util/pom.xml
URL: http://svn.apache.org/viewvc/directory/sandbox/kayyagari/cert-util/pom.xml?rev=1667550&view=auto
==============================================================================
--- directory/sandbox/kayyagari/cert-util/pom.xml (added)
+++ directory/sandbox/kayyagari/cert-util/pom.xml Wed Mar 18 13:38:19 2015
@@ -0,0 +1,74 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>org.apache.directory</groupId>
+  <artifactId>cert-util</artifactId>
+  <packaging>jar</packaging>
+  <version>1.0-SNAPSHOT</version>
+  <name>cert-util</name>
+  
+  <properties>
+  <bouncycastle.version>1.51</bouncycastle.version>
+  </properties>
+  
+  <dependencies>
+    <dependency>
+      <groupId>org.bouncycastle</groupId>
+      <artifactId>bcprov-jdk15on</artifactId>
+      <version>${bouncycastle.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.bouncycastle</groupId>
+      <artifactId>bcpkix-jdk15on</artifactId>
+      <version>${bouncycastle.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>junit</groupId>
+      <artifactId>junit</artifactId>
+      <version>4.11</version>
+      <scope>test</scope>
+    </dependency>
+  </dependencies>
+  
+  <build>
+   <finalName>cert-util</finalName>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-shade-plugin</artifactId>
+        <version>2.3</version>
+        <executions>
+          <execution>
+            <phase>package</phase>
+            <goals>
+              <goal>shade</goal>
+            </goals>
+            <configuration>
+              <filters>
+                <filter>
+                  <artifact>org.bouncycastle:bcprov-jdk15on</artifact>
+                  <excludes>
+                    <exclude>META-INF/BCKEY.SF</exclude>
+                    <exclude>META-INF/BCKEY.DSA</exclude>
+                  </excludes>
+                </filter>
+                <filter>
+                  <artifact>org.bouncycastle:bcpkix-jdk15on</artifact>
+                  <excludes>
+                    <exclude>META-INF/BCKEY.SF</exclude>
+                    <exclude>META-INF/BCKEY.DSA</exclude>
+                  </excludes>
+                </filter>
+              </filters>
+              <transformers>
+                <transformer implementation="org.apache.maven.plugins.shade.resource.ManifestResourceTransformer">
+                  <mainClass>org.apache.directory.CertificateUtil</mainClass>
+                </transformer>
+              </transformers>
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+    </plugins>
+  </build>
+</project>

Added: directory/sandbox/kayyagari/cert-util/src/main/java/org/apache/directory/CertificateUtil.java
URL: http://svn.apache.org/viewvc/directory/sandbox/kayyagari/cert-util/src/main/java/org/apache/directory/CertificateUtil.java?rev=1667550&view=auto
==============================================================================
--- directory/sandbox/kayyagari/cert-util/src/main/java/org/apache/directory/CertificateUtil.java
(added)
+++ directory/sandbox/kayyagari/cert-util/src/main/java/org/apache/directory/CertificateUtil.java
Wed Mar 18 13:38:19 2015
@@ -0,0 +1,124 @@
+/*
+ *   Licensed to the Apache Software Foundation (ASF) under one
+ *   or more contributor license agreements.  See the NOTICE file
+ *   distributed with this work for additional information
+ *   regarding copyright ownership.  The ASF licenses this file
+ *   to you under the Apache License, Version 2.0 (the
+ *   "License"); you may not use this file except in compliance
+ *   with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+package org.apache.directory;
+
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileReader;
+import java.security.KeyPair;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+
+import org.bouncycastle.openssl.PEMDecryptorProvider;
+import org.bouncycastle.openssl.PEMEncryptedKeyPair;
+import org.bouncycastle.openssl.PEMParser;
+import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
+import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
+import org.bouncycastle.util.encoders.Base64;
+
+
+/**
+ * A utility class to parse a Keystore and create a LDIF entry
+ * used for updating the server's certificate and keys.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class CertificateUtil
+{
+    public static String createCertUpdateEntry( File certFile, File privateKeyFile, String
password ) throws Exception
+    {
+        X509Certificate cert = null;
+        
+        FileInputStream inStream = new FileInputStream( certFile );
+        
+        CertificateFactory cf = CertificateFactory.getInstance( "X.509" );
+        try
+        {
+            cert = ( X509Certificate ) cf.generateCertificate( inStream );
+        }
+        catch( Exception e )
+        {
+            System.out.println( "Failed to parse the certificate from the file " + certFile
+ " make sure it is DER encoded" );
+            throw e;
+        }
+        finally
+        {
+            inStream.close();
+        }
+
+        PublicKey pubKey = cert.getPublicKey();
+
+        FileReader fr = new FileReader( privateKeyFile );
+        PEMParser parser = new PEMParser( fr );
+        Object obj = parser.readObject();
+        fr.close();
+
+        JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
+
+        KeyPair keyPair = null;
+
+        if ( obj instanceof PEMEncryptedKeyPair )
+        {
+            PEMEncryptedKeyPair pep = ( PEMEncryptedKeyPair ) obj;
+            PEMDecryptorProvider decrypter = new JcePEMDecryptorProviderBuilder().build(
password.toCharArray() );
+            keyPair = converter.getKeyPair( pep.decryptKeyPair( decrypter ) );
+        }
+
+        PrivateKey privKey = keyPair.getPrivate();
+
+        StringBuilder sb = new StringBuilder();
+        sb.append( "\ndn: uid=admin,ou=system" );
+        sb.append( "\nchangetype: modify" );
+        sb.append( "\nreplace: publicKey" );
+        sb.append( "\npublicKey:: " ).append( Base64.toBase64String( pubKey.getEncoded()
) ).append( "\n" );
+
+        sb.append( "\ndn: uid=admin,ou=system" );
+        sb.append( "\nchangetype: modify" );
+        sb.append( "\nreplace: privateKey" );
+        sb.append( "\nprivateKey:: " ).append( Base64.toBase64String( privKey.getEncoded()
) ).append( "\n" );
+
+        sb.append( "\ndn: uid=admin,ou=system" );
+        sb.append( "\nchangetype: modify" );
+        sb.append( "\nreplace: userCertificate" );
+        sb.append( "\nuserCertificate:: " ).append( Base64.toBase64String( cert.getEncoded()
) ).append( "\n" );
+
+        return sb.toString();
+    }
+
+
+    public static void main( String[] args ) throws Exception
+    {
+        if( args.length < 3 )
+        {
+            System.out.println( "java -jar cert-utils.jar <cert-file> <private-key-file>
<password>" );
+            System.exit( 0 );
+        }
+        
+        File certFile = new File( args[0] );
+        File keyFile = new File( args[1] );
+
+        String ldif = createCertUpdateEntry( certFile, keyFile, args[2] );
+
+        System.out.println( ldif );
+    }
+}



Mime
View raw message