diff options
author | Morten Tokle <mortent@verizonmedia.com> | 2021-05-21 14:12:00 +0200 |
---|---|---|
committer | Morten Tokle <mortent@verizonmedia.com> | 2021-05-25 08:01:56 +0200 |
commit | d97430f1bb633fc9eb541f2fb057a41a012d088f (patch) | |
tree | dc057905a336908b768ee67c2c88acbcb83579d3 /security-utils | |
parent | 05c8138b4936a3144e8b95348ebc525148ba709f (diff) |
Add top-level object, simplify tests
Diffstat (limited to 'security-utils')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java b/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java index cefa8ab2f51..215dc311af3 100644 --- a/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java +++ b/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java @@ -18,13 +18,18 @@ import java.io.IOException; import java.io.StringReader; import java.io.StringWriter; import java.io.UncheckedIOException; +import java.math.BigInteger; import java.security.GeneralSecurityException; +import java.security.KeyPair; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.SignatureException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; +import java.time.Duration; +import java.time.Instant; +import java.time.temporal.ChronoUnit; import java.util.ArrayList; import java.util.Collections; import java.util.List; @@ -161,4 +166,16 @@ public class X509CertificateUtils { } } + public static X509CertificateWithKey createSelfSigned(String cn, Duration duration) { + KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.EC, 256); + X500Principal subject = new X500Principal(cn); + Instant now = Instant.now(); + X509Certificate cert = + X509CertificateBuilder.fromKeypair(keyPair, subject, now, + now.plus(duration), SignatureAlgorithm.SHA256_WITH_ECDSA, + BigInteger.ONE) + .setBasicConstraints(true, true) + .build(); + return new X509CertificateWithKey(cert, keyPair.getPrivate()); + } } |