worked on keystore module

jlangch · Dec 4, 2024 · 46fd4b9 · 46fd4b9
1 parent 9071151
commit 46fd4b9
Show file tree

Hide file tree

Showing 3 changed files with 92 additions and 5 deletions.
diff --git a/...java/com/github/jlangch/venice/impl/docgen/cheatsheet/modules/ModuleKeystoresSection.java b/...java/com/github/jlangch/venice/impl/docgen/cheatsheet/modules/ModuleKeystoresSection.java
@@ -51,6 +51,7 @@ public DocSection section() {
         certs.addItem(diBuilder.getDocItem("keystores/certificate", false));
         certs.addItem(diBuilder.getDocItem("keystores/subject-dn", false));
         certs.addItem(diBuilder.getDocItem("keystores/issuer-dn", false));
+        certs.addItem(diBuilder.getDocItem("keystores/parse-dn", false));
         certs.addItem(diBuilder.getDocItem("keystores/expiry-date", false));
         certs.addItem(diBuilder.getDocItem("keystores/expired?", false));
 

diff --git a/src/main/java/com/github/jlangch/venice/util/ssl/Keystores.java b/src/main/java/com/github/jlangch/venice/util/ssl/Keystores.java
@@ -33,7 +33,12 @@
 import java.time.LocalDateTime;
 import java.time.ZoneId;
 import java.util.Date;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
+
+import javax.naming.ldap.LdapName;
+import javax.naming.ldap.Rdn;
 
 import com.github.jlangch.venice.impl.util.CollectionUtil;
 
@@ -78,10 +83,37 @@ public static String subjectDN(final KeyStore keystore, final String alias) thro
         return certificate(keystore, alias).getSubjectDN().getName();
     }
 
+	public static Map<String,Object> parseSubjectDN(final KeyStore keystore, final String alias) {
+		try {
+			return parseDN(subjectDN(keystore, alias));
+		}
+		catch (Exception ex) {
+			throw new RuntimeException(ex.getMessage(), ex);
+		}
+	}
+
     public static String issuerDN(final KeyStore keystore, final String alias) throws KeyStoreException {
         return certificate(keystore, alias).getIssuerDN().getName();
     }
 
+	public static Map<String,Object> parseIssuerDN(final KeyStore keystore, final String alias) {
+		try {
+			return parseDN(issuerDN(keystore, alias));
+		}
+		catch (Exception ex) {
+			throw new RuntimeException(ex.getMessage(), ex);
+		}
+	}
+
+	public static Map<String,Object> parseDN(final String dn) {
+		try {
+			return parse(new LdapName(dn));
+		}
+		catch (Exception ex) {
+			throw new RuntimeException(ex.getMessage(), ex);
+		}
+	}
+
     public static boolean hasExpired(final KeyStore keystore, final String alias) throws KeyStoreException {
         return expiryDate(keystore, alias).isBefore(LocalDateTime.now());
     }
@@ -113,4 +145,16 @@ private static LocalDateTime toLocalDateTime(final Date date) {
                               .toLocalDateTime();
             }
     }
+
+	private static Map<String,Object> parse(final LdapName ln) {
+		final Map<String,Object> elements = new HashMap<>();
+
+		for(int ii=0; ii<ln.size(); ii++) {
+			final Rdn rdn = ln.getRdn(ii);
+			elements.put(rdn.getType(), rdn.getValue());
+		}
+
+		return elements;
+	}
+
 }
diff --git a/src/main/resources/com/github/jlangch/venice/keystores.venice b/src/main/resources/com/github/jlangch/venice/keystores.venice
@@ -109,7 +109,7 @@
           (do
             (load-module :keystores)
             (let [ks    (keystores/load (io/file "cert.p12") "12345")
-                  alias (first (keystores/aliases ks)]
+                  alias (first (keystores/aliases ks))]
               (keystores/certificate ks alias)))
           """)
      :see-also '(
@@ -137,14 +137,15 @@
           (do
             (load-module :keystores)
             (let [ks    (keystores/load (io/file "cert.p12") "12345")
-                  alias (first (keystores/aliases ks)]
+                  alias (first (keystores/aliases ks))]
               (keystores/subject-dn ks alias)))
           """)
      :see-also '(
           "keystores/load", 
           "keystores/aliases",
           "keystores/certificate",
           "keystores/issuer-dn",
+          "keystores/parse-dn",
           "keystores/expiry-date"
           "keystores/expired?" ) }
 
@@ -165,14 +166,15 @@
           (do
             (load-module :keystores)
             (let [ks    (keystores/load (io/file "cert.p12") "12345")
-                  alias (first (keystores/aliases ks)]
+                  alias (first (keystores/aliases ks))]
               (keystores/issuer-dn ks alias)))
           """)
      :see-also '(
           "keystores/load", 
           "keystores/aliases",
           "keystores/certificate",
           "keystores/subject-dn",
+          "keystores/parse-dn",
           "keystores/expiry-date"
           "keystores/expired?" ) }
 
@@ -182,6 +184,46 @@
   (. :Keystores :issuerDN keystore alias))
 
 
+(defn 
+  ^{ :arglists '("(parse-dn dn)")
+     :doc """
+          Parses a DN and returns a map with the DN's elements.
+
+          Typical elements of an LDAP distinguished name are:
+
+          | [![width: 15%]] | [![width: 85%]]      |
+          | CN              | Common name          |
+          | O               | Organisation         |
+          | OU              | Organisational unit  |
+          | ST              | State or province    |
+          | OID.2.5.4.17    | Zip code             |
+          | L               | Locality name (city) |
+          | C               | Country              |
+          """
+     :examples '(
+          """
+          (do
+            (load-module :keystores)
+            (let [ks    (keystores/load (io/file "cert.p12") "12345")
+                  alias (first (keystores/aliases ks))]
+              (-> (keystores/subject-dn ks alias)
+                  (keystores/parse-dn))))
+          """)
+     :see-also '(
+          "keystores/load", 
+          "keystores/aliases",
+          "keystores/certificate",
+          "keystores/subject-dn",
+          "keystores/issuer-dn",
+          "keystores/expiry-date"
+          "keystores/expired?" ) }
+
+  parse-dn [dn]
+
+  { :pre [(string? dn)] }
+  (. :Keystores :parseDN dn))
+
+
 (defn 
   ^{ :arglists '("(expiry-date keystore alias)")
      :doc """
@@ -193,7 +235,7 @@
           (do
             (load-module :keystores)
             (let [ks    (keystores/load (io/file "cert.p12") "12345")
-                  alias (first (keystores/aliases ks)]
+                  alias (first (keystores/aliases ks))]
               (keystores/expiry-date ks alias)))
           """)
      :see-also '(
@@ -221,7 +263,7 @@
           (do
             (load-module :keystores)
             (let [ks    (keystores/load (io/file "cert.p12") "12345")
-                  alias (first (keystores/aliases ks)]
+                  alias (first (keystores/aliases ks))]
               (keystores/expired? ks alias)))
           """)
      :see-also '(