added module :keystores to deal with certificates (PKCS12, ...)

jlangch · Oct 17, 2024 · a8a078b · a8a078b
1 parent f236c43
commit a8a078b
Show file tree

Hide file tree

Showing 5 changed files with 318 additions and 44 deletions.
diff --git a/ChangeLog.md b/ChangeLog.md
@@ -13,7 +13,7 @@ All notable changes to this project will be documented in this file.
 - :openai module support for assistant message api (in work)
 - :openai module support for assistant run api (...)
 - :openai module support for assistant run steps api (...)
-
+- module :keystores to deal with certificates (PKCS12, ...)
 
 
 ## [1.12.34] - 2024-10-10

diff --git a/src/main/java/com/github/jlangch/venice/impl/docgen/cheatsheet/DocGenerator.java b/src/main/java/com/github/jlangch/venice/impl/docgen/cheatsheet/DocGenerator.java
@@ -66,6 +66,7 @@
 import com.github.jlangch.venice.impl.docgen.cheatsheet.modules.ModuleJdbcCoreSection;
 import com.github.jlangch.venice.impl.docgen.cheatsheet.modules.ModuleJdbcPostgreSQLSection;
 import com.github.jlangch.venice.impl.docgen.cheatsheet.modules.ModuleJsonlSection;
+import com.github.jlangch.venice.impl.docgen.cheatsheet.modules.ModuleKeystoresSection;
 import com.github.jlangch.venice.impl.docgen.cheatsheet.modules.ModuleKiraSection;
 import com.github.jlangch.venice.impl.docgen.cheatsheet.modules.ModuleMatrixSection;
 import com.github.jlangch.venice.impl.docgen.cheatsheet.modules.ModuleMavenSection;
@@ -371,6 +372,7 @@ private List<DocSection> getTOC() {
         extmod.addSection(new DocSection("ZipVault", "modules.zipvault"));
         extmod.addSection(new DocSection("Fonts", "modules.fonts"));
         extmod.addSection(new DocSection("Cryptography", "modules.cryptography"));
+        extmod.addSection(new DocSection("Keystores", "modules.keystores"));
         extmod.addSection(new DocSection("AsciiTable", "modules.asciitable"));
         extmod.addSection(new DocSection("Matrix", "modules.matrix"));
         extmod.addSection(new DocSection("Shell", "modules.shell"));
@@ -514,6 +516,7 @@ private List<DocSection> getModulesLeftSections() {
         return Arrays.asList(
                 new ModuleKiraSection(diBuilder).section(),
                 new ModuleCryptographySection(diBuilder).section(),
+                new ModuleKeystoresSection(diBuilder).section(),
                 new ModuleJsonlSection(diBuilder).section(),
                 new ModuleZipVaultSection(diBuilder).section(),
                 new ModuleXmlSection(diBuilder).section(),

diff --git a/...java/com/github/jlangch/venice/impl/docgen/cheatsheet/modules/ModuleKeystoresSection.java b/...java/com/github/jlangch/venice/impl/docgen/cheatsheet/modules/ModuleKeystoresSection.java
@@ -0,0 +1,64 @@
+/*   __    __         _
+ *   \ \  / /__ _ __ (_) ___ ___
+ *    \ \/ / _ \ '_ \| |/ __/ _ \
+ *     \  /  __/ | | | | (_|  __/
+ *      \/ \___|_| |_|_|\___\___|
+ *
+ *
+ * Copyright 2017-2024 Venice
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.github.jlangch.venice.impl.docgen.cheatsheet.modules;
+
+import com.github.jlangch.venice.impl.docgen.cheatsheet.DocItemBuilder;
+import com.github.jlangch.venice.impl.docgen.cheatsheet.DocSection;
+import com.github.jlangch.venice.impl.docgen.cheatsheet.ISectionBuilder;
+
+
+public class ModuleKeystoresSection implements ISectionBuilder {
+
+    public ModuleKeystoresSection(final DocItemBuilder diBuilder) {
+        this.diBuilder = diBuilder;
+    }
+
+    @Override
+    public DocSection section() {
+        final DocSection section = new DocSection(
+                                            "Java Keystore",
+                                            "modules.keystores");
+
+        final DocSection all = new DocSection("(load-module :keystores)", id());
+        section.addSection(all);
+
+        final DocSection load = new DocSection("Load", id());
+        all.addSection(load);
+        load.addItem(diBuilder.getDocItem("keystores/load", false));
+
+        final DocSection certs = new DocSection("Certificates", id());
+        all.addSection(certs);
+        certs.addItem(diBuilder.getDocItem("keystores/aliases", false));
+        certs.addItem(diBuilder.getDocItem("keystores/certificate", false));
+        certs.addItem(diBuilder.getDocItem("keystores/subject-dn", false));
+        certs.addItem(diBuilder.getDocItem("keystores/issuer-dn", false));
+        certs.addItem(diBuilder.getDocItem("keystores/expiry-date", false));
+
+        return section;
+    }
+
+    private String id() {
+        return diBuilder.id();
+    }
+
+    private final DocItemBuilder diBuilder;
+}
diff --git a/src/main/java/com/github/jlangch/venice/util/ssl/Keystores.java b/src/main/java/com/github/jlangch/venice/util/ssl/Keystores.java
@@ -29,6 +29,9 @@
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
+import java.time.Instant;
+import java.time.LocalDateTime;
+import java.time.ZoneId;
 import java.util.Date;
 import java.util.List;
 
@@ -37,48 +40,73 @@
 
 public class Keystores {
 
-	public static KeyStore load(
-			final InputStream is,
-			final String password
-	) throws KeyStoreException,
-			 NoSuchAlgorithmException,
-			 CertificateException,
-			 IOException
-	{
-		final KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
-		keystore.load(is,password.toCharArray());
-
-		return keystore;
-	}
-
-	public static KeyStore load(
-			final byte[] ks,
-			final String password
-	) throws KeyStoreException,
-			 NoSuchAlgorithmException,
-			 CertificateException,
-			 IOException {
-		try(ByteArrayInputStream is = new ByteArrayInputStream(ks)) {
-			return load(is, password);
-		}
-	}
-
-	public List<String> aliases(final KeyStore keystore) throws KeyStoreException {
-		return CollectionUtil.toList(keystore.aliases());
-	}
-
-	public Date expiryDate(final KeyStore keystore, final String alias) throws KeyStoreException {
-		return ((X509Certificate)keystore.getCertificate(alias)).getNotAfter();
-	}
-
-	public Date expiryDate(final KeyStore keystore) throws KeyStoreException {
-		Date expiryDate = null;
-
-		for(String alias: aliases(keystore)) {
-			expiryDate = ((X509Certificate)keystore.getCertificate(alias)).getNotAfter();
-		}
-
-		return expiryDate;
-	}
+    public static KeyStore load(
+            final InputStream is,
+            final String password
+    ) throws KeyStoreException,
+             NoSuchAlgorithmException,
+             CertificateException,
+             IOException
+    {
+        final KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
+        keystore.load(is, password.toCharArray());
 
+        return keystore;
+    }
+
+    public static KeyStore load(
+            final byte[] ks,
+            final String password
+    ) throws KeyStoreException,
+             NoSuchAlgorithmException,
+             CertificateException,
+             IOException {
+        try(ByteArrayInputStream is = new ByteArrayInputStream(ks)) {
+            return load(is, password);
+        }
+    }
+
+    public static List<String> aliases(final KeyStore keystore) throws KeyStoreException {
+        return CollectionUtil.toList(keystore.aliases());
+    }
+
+    public static X509Certificate certificate(final KeyStore keystore, final String alias) throws KeyStoreException {
+        return ((X509Certificate)keystore.getCertificate(alias));
+    }
+
+    public static String subjectDN(final KeyStore keystore, final String alias) throws KeyStoreException {
+        return certificate(keystore, alias).getSubjectDN().getName();
+    }
+
+    public static String issuerDN(final KeyStore keystore, final String alias) throws KeyStoreException {
+        return certificate(keystore, alias).getIssuerDN().getName();
+    }
+
+    public static LocalDateTime expiryDate(final KeyStore keystore, final String alias) throws KeyStoreException {
+        return toLocalDateTime(certificate(keystore, alias).getNotAfter());
+    }
+
+    public static LocalDateTime expiryDate(final KeyStore keystore) throws KeyStoreException {
+        Date expiryDate = null;
+
+        for(String alias: aliases(keystore)) {
+            expiryDate = ((X509Certificate)keystore.getCertificate(alias)).getNotAfter();
+        }
+
+        return toLocalDateTime(expiryDate);
+    }
+
+
+    private static LocalDateTime toLocalDateTime(final Date date) {
+            if (date == null) {
+                return null;
+            }
+            else {
+                final long millis = date.getTime();
+
+                return Instant.ofEpochMilli(millis)
+                              .atZone(ZoneId.systemDefault())
+                              .toLocalDateTime();
+            }
+    }
 }