-
Notifications
You must be signed in to change notification settings - Fork 314
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
refactor(core.keystore): Extracted rest.keystore from core.keystore b…
…undle (#5341) * Extracted rest.keystore from core.keystore bundle Signed-off-by: pierantoniomerlino <[email protected]> * Refactored KeystoreRemoteService Signed-off-by: pierantoniomerlino <[email protected]> * Added missing files Signed-off-by: pierantoniomerlino <[email protected]> --------- Signed-off-by: pierantoniomerlino <[email protected]>
- Loading branch information
1 parent
837b1e3
commit 86fbc13
Showing
40 changed files
with
793 additions
and
158 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
91 changes: 91 additions & 0 deletions
91
...e.kura.core.keystore/src/main/java/org/eclipse/kura/core/keystore/util/KeystoreUtils.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,91 @@ | ||
| /******************************************************************************* | ||
| * Copyright (c) 2024 Eurotech and/or its affiliates and others | ||
| * | ||
| * This program and the accompanying materials are made | ||
| * available under the terms of the Eclipse Public License 2.0 | ||
| * which is available at https://www.eclipse.org/legal/epl-2.0/ | ||
| * | ||
| * SPDX-License-Identifier: EPL-2.0 | ||
| * | ||
| * Contributors: | ||
| * Eurotech | ||
| * | ||
| *******************************************************************************/ | ||
| package org.eclipse.kura.core.keystore.util; | ||
|
|
||
| import java.io.ByteArrayInputStream; | ||
| import java.io.IOException; | ||
| import java.io.StringReader; | ||
| import java.nio.charset.StandardCharsets; | ||
| import java.security.GeneralSecurityException; | ||
| import java.security.KeyStore.PrivateKeyEntry; | ||
| import java.security.KeyStore.TrustedCertificateEntry; | ||
| import java.security.PrivateKey; | ||
| import java.security.Security; | ||
| import java.security.cert.Certificate; | ||
| import java.security.cert.CertificateException; | ||
| import java.security.cert.CertificateFactory; | ||
| import java.security.cert.X509Certificate; | ||
| import java.util.ArrayList; | ||
| import java.util.Collection; | ||
|
|
||
| import org.bouncycastle.jce.provider.BouncyCastleProvider; | ||
| import org.bouncycastle.openssl.PEMParser; | ||
| import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; | ||
|
|
||
| public class KeystoreUtils { | ||
|
|
||
| private KeystoreUtils() { | ||
| // Empty constructor | ||
| } | ||
|
|
||
| public static PrivateKeyEntry createPrivateKey(String privateKey, String publicKey) | ||
| throws IOException, GeneralSecurityException { | ||
| // Works with RSA and DSA. EC is not supported since the certificate is encoded | ||
| // with ECDSA while the corresponding private key with EC. | ||
| // This cause an error when the PrivateKeyEntry is generated. | ||
| Certificate[] certs = parsePublicCertificates(publicKey); | ||
|
|
||
| Security.addProvider(new BouncyCastleProvider()); | ||
| PEMParser pemParser = new PEMParser(new StringReader(privateKey)); | ||
| Object object = pemParser.readObject(); | ||
| pemParser.close(); | ||
| JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC"); | ||
| PrivateKey privkey = null; | ||
| if (object instanceof org.bouncycastle.asn1.pkcs.PrivateKeyInfo) { | ||
| privkey = converter.getPrivateKey((org.bouncycastle.asn1.pkcs.PrivateKeyInfo) object); | ||
| } else if (object instanceof org.bouncycastle.openssl.PEMKeyPair) { | ||
| privkey = converter.getKeyPair((org.bouncycastle.openssl.PEMKeyPair) object).getPrivate(); | ||
| } else { | ||
| throw new IOException("PrivateKey not recognized."); | ||
| } | ||
| return new PrivateKeyEntry(privkey, certs); | ||
| } | ||
|
|
||
| public static X509Certificate[] parsePublicCertificates(String certificates) throws CertificateException { | ||
| CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); | ||
| ByteArrayInputStream is = new ByteArrayInputStream(certificates.getBytes(StandardCharsets.UTF_8)); | ||
|
|
||
| final Collection<? extends Certificate> decodedCertificates = certFactory.generateCertificates(is); | ||
|
|
||
| final ArrayList<X509Certificate> result = new ArrayList<>(); | ||
|
|
||
| for (final Certificate cert : decodedCertificates) { | ||
| if (!(cert instanceof X509Certificate)) { | ||
| throw new CertificateException("Provided certificate is not a X509Certificate"); | ||
| } | ||
|
|
||
| result.add((X509Certificate) cert); | ||
| } | ||
|
|
||
| return result.toArray(new X509Certificate[result.size()]); | ||
| } | ||
|
|
||
| public static TrustedCertificateEntry createCertificateEntry(String certificate) throws CertificateException { | ||
| CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); | ||
| ByteArrayInputStream is = new ByteArrayInputStream(certificate.getBytes(StandardCharsets.UTF_8)); | ||
| X509Certificate cert = (X509Certificate) certFactory.generateCertificate(is); | ||
| return new TrustedCertificateEntry(cert); | ||
| } | ||
|
|
||
| } |
35 changes: 35 additions & 0 deletions
35
kura/org.eclipse.kura.rest.keystore.provider/META-INF/MANIFEST.MF
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| Manifest-Version: 1.0 | ||
| Bundle-ManifestVersion: 2 | ||
| Bundle-Name: org.eclipse.kura.rest.keystore.provider | ||
| Bundle-SymbolicName: org.eclipse.kura.rest.keystore.provider;singleton:=true | ||
| Bundle-Version: 1.0.0.qualifier | ||
| Import-Package: com.google.gson;version="2.7.0", | ||
| com.google.gson.annotations;version="2.7.0", | ||
| javax.annotation.security;version="1.2.0", | ||
| javax.ws.rs;version="2.0.1", | ||
| javax.ws.rs.core;version="2.0.1", | ||
| org.bouncycastle.asn1.pkcs;version="1.78.1", | ||
| org.bouncycastle.jce.provider;version="1.78.1", | ||
| org.bouncycastle.openssl;version="1.78.1", | ||
| org.bouncycastle.openssl.jcajce;version="1.78.1", | ||
| org.eclipse.kura;version="[1.7,2.0)", | ||
| org.eclipse.kura.cloudconnection.message;version="[1.0,2.0)", | ||
| org.eclipse.kura.cloudconnection.request;version="[1.0,2.0)", | ||
| org.eclipse.kura.core.keystore.util;version="[1.1,2.0)", | ||
| org.eclipse.kura.marshalling;version="[1.0,2.0)", | ||
| org.eclipse.kura.message;version="[1.4,2.0)", | ||
| org.eclipse.kura.request.handler.jaxrs;version="[1.1,2.0)", | ||
| org.eclipse.kura.rest.utils;version="[1.0,2.0)", | ||
| org.eclipse.kura.security.keystore;version="[1.1,1.2)", | ||
| org.eclipse.kura.util.service;version="[1.0,2.0)", | ||
| org.osgi.framework;version="1.10.0", | ||
| org.osgi.service.component;version="1.2.0", | ||
| org.osgi.service.useradmin;version="1.1.0", | ||
| org.osgi.util.tracker;version="1.5.2", | ||
| org.slf4j;version="1.7.36" | ||
| Bundle-Vendor: Eclipse Kura | ||
| Require-Capability: osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" | ||
| Bundle-ClassPath: . | ||
| Bundle-ActivationPolicy: lazy | ||
| Service-Component: OSGI-INF/*.xml | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" | ||
| "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> | ||
| <html xmlns="http://www.w3.org/1999/xhtml"> | ||
| <head> | ||
| <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> | ||
| <title>About</title> | ||
| </head> | ||
| <body lang="EN-US"> | ||
| <h2>About This Content</h2> | ||
|
|
||
| <p>November 30, 2017</p> | ||
| <h3>License</h3> | ||
|
|
||
| <p> | ||
| The Eclipse Foundation makes available all content in this plug-in | ||
| ("Content"). Unless otherwise indicated below, the Content | ||
| is provided to you under the terms and conditions of the Eclipse | ||
| Public License Version 2.0 ("EPL"). A copy of the EPL is | ||
| available at <a href="http://www.eclipse.org/legal/epl-2.0">http://www.eclipse.org/legal/epl-2.0</a>. | ||
| For purposes of the EPL, "Program" will mean the Content. | ||
| </p> | ||
|
|
||
| <p> | ||
| If you did not receive this Content directly from the Eclipse | ||
| Foundation, the Content is being redistributed by another party | ||
| ("Redistributor") and different terms and conditions may | ||
| apply to your use of any object code in the Content. Check the | ||
| Redistributor's license that was provided with the Content. If no such | ||
| license exists, contact the Redistributor. Unless otherwise indicated | ||
| below, the terms and conditions of the EPL still apply to any source | ||
| code in the Content and such source code may be obtained at <a | ||
| href="http://www.eclipse.org/">http://www.eclipse.org</a>. | ||
| </p> | ||
|
|
||
| </body> | ||
| </html> |
Oops, something went wrong.