diff options
author | Morten Tokle <morten.tokle@gmail.com> | 2021-05-28 08:29:28 +0200 |
---|---|---|
committer | Morten Tokle <mortent@verizonmedia.com> | 2021-05-28 11:27:27 +0200 |
commit | 057b88a27172d2e6b8912cfcff67ab341f19affa (patch) | |
tree | 4720e923a079b4c40890cd47f00d8698f6ecde0d /security-utils | |
parent | 8d86fe0d7b23871ed643ba592423e92d7b86d024 (diff) |
Revert "Revert mortent/cfg operator cert"
Diffstat (limited to 'security-utils')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java b/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java index cefa8ab2f51..215dc311af3 100644 --- a/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java +++ b/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java @@ -18,13 +18,18 @@ import java.io.IOException; import java.io.StringReader; import java.io.StringWriter; import java.io.UncheckedIOException; +import java.math.BigInteger; import java.security.GeneralSecurityException; +import java.security.KeyPair; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.SignatureException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; +import java.time.Duration; +import java.time.Instant; +import java.time.temporal.ChronoUnit; import java.util.ArrayList; import java.util.Collections; import java.util.List; @@ -161,4 +166,16 @@ public class X509CertificateUtils { } } + public static X509CertificateWithKey createSelfSigned(String cn, Duration duration) { + KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.EC, 256); + X500Principal subject = new X500Principal(cn); + Instant now = Instant.now(); + X509Certificate cert = + X509CertificateBuilder.fromKeypair(keyPair, subject, now, + now.plus(duration), SignatureAlgorithm.SHA256_WITH_ECDSA, + BigInteger.ONE) + .setBasicConstraints(true, true) + .build(); + return new X509CertificateWithKey(cert, keyPair.getPrivate()); + } } |