update of crypt-data dependency to the new minor version 9.2

astrapi69 · Jul 13, 2024 · d470bde · d470bde
1 parent 510df91
commit d470bde
Show file tree

Hide file tree

Showing 10 changed files with 350 additions and 82 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -16,6 +16,7 @@ CHANGED:
 - update gradle to new version 8.8
 - update of gradle-plugin dependency 'com.diffplug.spotless:spotless-plugin-gradle' to new minor version 7.0.0.BETA1
 - update of dependency commons-codec dependency version to 1.17.0
+- update of crypt-data dependency to the new minor version 9.2
 - update of dependency commons-io dependency version to 2.16.1
 - update of dependency file-worker to new version to 17.3
 - update of dependency xml-base to new version to 2

diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
@@ -7,7 +7,7 @@ commons-codec-version = "1.17.0"
 commons-io-version = "2.16.1"
 commons-lang3-version = "3.14.0"
 crypt-api-version = "9"
-crypt-data-version = "9.1-SNAPSHOT"
+crypt-data-version = "9.2"
 file-worker-version = "17.3"
 gradle-plugin-grgit-version = "5.2.2"
 gradle-plugin-license-version = "0.16.1"

diff --git a/src/test/java/io/github/astrapi69/mystic/crypt/key/agreement/KeyToolExample.java b/src/test/java/io/github/astrapi69/mystic/crypt/key/agreement/KeyToolExample.java
@@ -25,7 +25,6 @@
 package io.github.astrapi69.mystic.crypt.key.agreement;
 
 import java.io.File;
-import java.io.FileOutputStream;
 import java.math.BigInteger;
 import java.security.KeyPair;
 import java.security.KeyStore;
@@ -41,15 +40,13 @@
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 
 import io.github.astrapi69.crypt.api.algorithm.key.KeyPairGeneratorAlgorithm;
-import io.github.astrapi69.crypt.data.certificate.CertificateAttributes;
 import io.github.astrapi69.crypt.data.factory.CertFactory;
 import io.github.astrapi69.crypt.data.factory.KeyPairFactory;
 import io.github.astrapi69.crypt.data.factory.KeyStoreFactory;
+import io.github.astrapi69.crypt.data.key.KeyStoreExtensions;
 import io.github.astrapi69.crypt.data.model.DistinguishedNameInfo;
-import io.github.astrapi69.crypt.data.model.KeyPairInfo;
 import io.github.astrapi69.file.create.FileFactory;
 import io.github.astrapi69.file.search.PathFinder;
-import io.github.astrapi69.mystic.crypt.ssl.KeyStoreExtensions;
 
 public class KeyToolExample
 {
@@ -65,10 +62,20 @@ public static void main(String[] args) throws Exception
 		String signatureAlgorithm;
 		X509Certificate cert;
 		String distinguishedName;
-		DistinguishedNameInfo distinguishedNameInfo = DistinguishedNameInfo.builder()
-			.commonName("Tyler Durden").countryCode("GR").location("Katerini")
-			.organisation("Cool Company").organisationUnit("IT Department").state("Macedonia")
-			.build();
+		char[] password;
+		DistinguishedNameInfo distinguishedNameInfo;
+		String certificateAlias;
+		File keystoreFile;
+		KeyStore keyStore;
+		KeyStore trustStore;
+		File trustStoreFile;
+
+		certificateAlias = "serverKey";
+		password = "password".toCharArray();
+
+		distinguishedNameInfo = DistinguishedNameInfo.builder().commonName("Tyler Durden")
+			.countryCode("GR").location("Katerini").organisation("Cool Company")
+			.organisationUnit("IT Department").state("Macedonia").build();
 
 		distinguishedName = distinguishedNameInfo.toRepresentableString();
 		serial = BigInteger.ONE;
@@ -80,33 +87,29 @@ public static void main(String[] args) throws Exception
 		signatureAlgorithm = "SHA256withRSA";
 		issuer = new X500Name(distinguishedName);
 
-		// Create KeyPairInfo object with necessary information
-		KeyPairInfo keyPairInfo = KeyPairInfo.builder().algorithm("RSA").keySize(2048).build();
-
 		// Generate a key pair
 		keyPair = KeyPairFactory.newKeyPair(KeyPairGeneratorAlgorithm.RSA, 2048);
 
 		// Create a self-signed certificate
 		cert = CertFactory.newX509CertificateV3(keyPair, issuer, serial, notBefore, notAfter,
 			subject, signatureAlgorithm);
 
-		File keystoreFile = FileFactory.newFile(PathFinder.getSrcTestResourcesDir(),
-			"new-keystore.jks");
+		keystoreFile = FileFactory.newFile(PathFinder.getSrcTestResourcesDir(), "new-keystore.jks");
 
 		// Initialize a KeyStore and store the key pair and certificate
-		KeyStore keyStore = KeyStoreFactory.newKeyStore(keystoreFile, "JKS", "password");
-		KeyStoreExtensions.setKeyEntry(keyStore, "serverKey", keyPair.getPrivate(),
-			"password".toCharArray(), new Certificate[] { cert });
+		keyStore = KeyStoreFactory.newKeyStore(keystoreFile, "JKS", "password");
+		KeyStoreExtensions.setKeyEntry(keyStore, certificateAlias, keyPair.getPrivate(), password,
+			new Certificate[] { cert });
 		// Save the KeyStore to a file
 		KeyStoreExtensions.store(keyStore, keystoreFile, "password");
 
-		File trustStoreFile = FileFactory.newFile(PathFinder.getSrcTestResourcesDir(),
+		trustStoreFile = FileFactory.newFile(PathFinder.getSrcTestResourcesDir(),
 			"new-truststore.jks");
 
 		// Initialize a KeyStore for the truststore and store the key pair and certificate
-		KeyStore trustStore = KeyStoreFactory.newKeyStore(trustStoreFile, "JKS", "password");
-		KeyStoreExtensions.setKeyEntry(trustStore, "serverKey", keyPair.getPrivate(),
-			"password".toCharArray(), new Certificate[] { cert });
+		trustStore = KeyStoreFactory.newKeyStore(trustStoreFile, "JKS", "password");
+		KeyStoreExtensions.setKeyEntry(trustStore, certificateAlias, keyPair.getPrivate(), password,
+			new Certificate[] { cert });
 		// Save the KeyStore to a file
 		KeyStoreExtensions.store(trustStore, trustStoreFile, "password");
 

diff --git a/src/test/java/io/github/astrapi69/mystic/crypt/key/agreement/KeyToolFactoryTest.java b/src/test/java/io/github/astrapi69/mystic/crypt/key/agreement/KeyToolFactoryTest.java
@@ -0,0 +1,196 @@
+package io.github.astrapi69.mystic.crypt.key.agreement;
+
+import java.io.File;
+import java.math.BigInteger;
+import java.security.KeyPair;
+import java.security.KeyStore;
+import java.security.PrivateKey;
+import java.security.Security;
+import java.security.cert.Certificate;
+import java.security.cert.X509Certificate;
+import java.time.LocalDate;
+import java.time.Month;
+import java.time.ZoneId;
+import java.time.ZonedDateTime;
+import java.util.Date;
+
+import org.bouncycastle.asn1.x500.X500Name;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.junit.jupiter.api.Test;
+
+import io.github.astrapi69.collection.array.ArrayFactory;
+import io.github.astrapi69.crypt.api.algorithm.key.KeyPairGeneratorAlgorithm;
+import io.github.astrapi69.crypt.data.factory.CertFactory;
+import io.github.astrapi69.crypt.data.factory.KeyPairFactory;
+import io.github.astrapi69.crypt.data.factory.KeyStoreFactory;
+import io.github.astrapi69.crypt.data.key.KeyStoreExtensions;
+import io.github.astrapi69.crypt.data.model.DistinguishedNameInfo;
+import io.github.astrapi69.crypt.data.model.ExtensionInfo;
+import io.github.astrapi69.crypt.data.model.KeyPairInfo;
+import io.github.astrapi69.crypt.data.model.KeyStoreInfo;
+import io.github.astrapi69.crypt.data.model.Validity;
+import io.github.astrapi69.crypt.data.model.X509CertificateV1Info;
+import io.github.astrapi69.crypt.data.model.X509CertificateV3Info;
+import io.github.astrapi69.file.create.FileFactory;
+import io.github.astrapi69.file.create.FileInfo;
+import io.github.astrapi69.file.delete.DeleteFileExtensions;
+import io.github.astrapi69.file.search.PathFinder;
+import io.github.astrapi69.random.number.RandomBigIntegerFactory;
+
+/**
+ * The class {@code KeyToolFactoryTest} provides unit tests for creating keystores and truststores
+ * with the help of various cryptographic models and utilities.
+ */
+public class KeyToolFactoryTest
+{
+
+	/**
+	 * Test method for creating a keystore and a truststore using {@link KeyStoreInfo},
+	 * {@link KeyPairInfo}, and other related objects.
+	 *
+	 * @throws Exception
+	 *             if any error occurs during the creation or saving of keystores
+	 */
+	@Test
+	public void testCreateKeyStoreAndTrustStoreWithInfoObjects() throws Exception
+	{
+		Security.addProvider(new BouncyCastleProvider());
+		DistinguishedNameInfo distinguishedNameInfo;
+		KeyPairInfo keyPairInfo;
+		KeyStoreInfo keyStoreInfo;
+		char[] password;
+		BigInteger serial;
+		KeyPair keyPair;
+		PrivateKey privateKey;
+		X509Certificate certificate;
+		File keystoreFile;
+		FileInfo keystoreFileInfo;
+		File trustStoreFile;
+		FileInfo trustStoreFileInfo;
+		String certificateAlias;
+		ExtensionInfo[] extensionInfos;
+
+		certificateAlias = "serverKey";
+		password = "password".toCharArray();
+
+		distinguishedNameInfo = DistinguishedNameInfo.builder().commonName("Test Server")
+			.countryCode("GB").location("London").organisation("My Company")
+			.organisationUnit("IT Department").state("Greater London").build();
+
+		keyPairInfo = KeyPairInfo.builder().algorithm("RSA").keySize(2048).build();
+
+		keyPair = KeyPairInfo.toKeyPair(keyPairInfo);
+		extensionInfos = ArrayFactory.newArray(ExtensionInfo.builder()
+			.extensionId("1.3.6.1.5.5.7.3.2").critical(false).value("foo bar").build());
+
+		serial = RandomBigIntegerFactory.randomBigInteger();
+		X509CertificateV1Info x509CertificateV1Info = X509CertificateV1Info.builder()
+			.issuer(distinguishedNameInfo).serial(serial)
+			.validity(Validity.builder().notBefore(ZonedDateTime.parse("2024-01-01T00:00:00Z"))
+				.notAfter(ZonedDateTime.parse("2034-01-01T00:00:00Z")).build())
+			.subject(distinguishedNameInfo).signatureAlgorithm("SHA256withRSA").build();
+
+		X509CertificateV3Info x509CertificateV3Info = X509CertificateV3Info.builder()
+			.certificateV1Info(x509CertificateV1Info).extensions(extensionInfos).build();
+
+		certificate = CertFactory.newX509CertificateV3(keyPair, x509CertificateV3Info);
+
+		privateKey = keyPair.getPrivate();
+
+		// Initialize a KeyStore and store the key pair and certificate
+		keystoreFile = FileFactory.newFile(PathFinder.getSrcTestResourcesDir(), "new-keystore.jks");
+		keystoreFileInfo = FileInfo.toFileInfo(keystoreFile);
+		keyStoreInfo = KeyStoreInfo.builder().fileInfo(keystoreFileInfo).type("JKS")
+			.keystorePassword(password).build();
+		KeyStore keyStore = KeyStoreFactory.newKeystoreAndSaveForSsl(keyStoreInfo, privateKey,
+			certificate, certificateAlias, password);
+
+		// Initialize a KeyStore for the truststore and store the key pair and certificate
+		trustStoreFile = FileFactory.newFile(PathFinder.getSrcTestResourcesDir(),
+			"new-truststore.jks");
+		trustStoreFileInfo = FileInfo.toFileInfo(trustStoreFile);
+		KeyStoreInfo trustStoreInfo = KeyStoreInfo.builder().fileInfo(trustStoreFileInfo)
+			.type("JKS").keystorePassword(password).build();
+		KeyStoreFactory.newKeystoreAndSaveForSsl(trustStoreInfo, privateKey, certificate,
+			certificateAlias, password);
+		// comment if you want to check with SecureServer and SecureClient
+		DeleteFileExtensions.delete(keystoreFile);
+		DeleteFileExtensions.delete(trustStoreFile);
+	}
+
+	/**
+	 * Test method for creating a keystore and a truststore without using {@link KeyStoreInfo},
+	 * {@link KeyPairInfo}, and other related objects.
+	 *
+	 * @throws Exception
+	 *             if any error occurs during the creation or saving of keystores
+	 */
+	@Test
+	public void testCreateKeyStoreAndTrustStore() throws Exception
+	{
+		Security.addProvider(new BouncyCastleProvider());
+		KeyPair keyPair;
+		org.bouncycastle.asn1.x500.X500Name issuer;
+		BigInteger serial;
+		Date notBefore;
+		Date notAfter;
+		X500Name subject;
+		String signatureAlgorithm;
+		X509Certificate cert;
+		String distinguishedName;
+		char[] password;
+		DistinguishedNameInfo distinguishedNameInfo;
+		String certificateAlias;
+		File keystoreFile;
+		KeyStore keyStore;
+		KeyStore trustStore;
+		File trustStoreFile;
+
+		certificateAlias = "serverKey";
+		password = "password".toCharArray();
+
+		distinguishedNameInfo = DistinguishedNameInfo.builder().commonName("Tyler Durden")
+			.countryCode("GR").location("Katerini").organisation("Cool Company")
+			.organisationUnit("IT Department").state("Macedonia").build();
+
+		distinguishedName = distinguishedNameInfo.toRepresentableString();
+		serial = BigInteger.ONE;
+		notBefore = Date.from(
+			LocalDate.of(2024, Month.JANUARY, 1).atStartOfDay(ZoneId.systemDefault()).toInstant());
+		notAfter = Date.from(
+			LocalDate.of(2034, Month.JANUARY, 1).atStartOfDay(ZoneId.systemDefault()).toInstant());
+		subject = new X500Name(distinguishedName);
+		signatureAlgorithm = "SHA256withRSA";
+		issuer = new X500Name(distinguishedName);
+
+		// Generate a key pair
+		keyPair = KeyPairFactory.newKeyPair(KeyPairGeneratorAlgorithm.RSA, 2048);
+
+		// Create a self-signed certificate
+		cert = CertFactory.newX509CertificateV3(keyPair, issuer, serial, notBefore, notAfter,
+			subject, signatureAlgorithm);
+
+		keystoreFile = FileFactory.newFile(PathFinder.getSrcTestResourcesDir(), "new-keystore.jks");
+
+		// Initialize a KeyStore and store the key pair and certificate
+		keyStore = KeyStoreFactory.newKeyStore(keystoreFile, "JKS", "password");
+		KeyStoreExtensions.setKeyEntry(keyStore, certificateAlias, keyPair.getPrivate(), password,
+			new Certificate[] { cert });
+		// Save the KeyStore to a file
+		KeyStoreExtensions.store(keyStore, keystoreFile, "password");
+
+		trustStoreFile = FileFactory.newFile(PathFinder.getSrcTestResourcesDir(),
+			"new-truststore.jks");
+
+		// Initialize a KeyStore for the truststore and store the key pair and certificate
+		trustStore = KeyStoreFactory.newKeyStore(trustStoreFile, "JKS", "password");
+		KeyStoreExtensions.setKeyEntry(trustStore, certificateAlias, keyPair.getPrivate(), password,
+			new Certificate[] { cert });
+		// Save the KeyStore to a file
+		KeyStoreExtensions.store(trustStore, trustStoreFile, "password");
+		// comment if you want to check with SecureServer and SecureClient
+		DeleteFileExtensions.delete(keystoreFile);
+		DeleteFileExtensions.delete(trustStoreFile);
+	}
+
+}
diff --git a/src/test/java/io/github/astrapi69/mystic/crypt/key/agreement/NewKeyToolExample.java b/src/test/java/io/github/astrapi69/mystic/crypt/key/agreement/NewKeyToolExample.java
@@ -61,7 +61,9 @@
 import io.github.astrapi69.file.create.FileFactory;
 import io.github.astrapi69.file.create.FileInfo;
 import io.github.astrapi69.file.search.PathFinder;
-import io.github.astrapi69.mystic.crypt.ssl.KeyStoreExtensions;
+import io.github.astrapi69.random.SecureRandomBuilder;
+import io.github.astrapi69.random.number.RandomBigIntegerFactory;
+import io.github.astrapi69.random.object.RandomObjectFactory;
 
 public class NewKeyToolExample
 {
@@ -72,65 +74,58 @@ public static void main(String[] args) throws Exception
 		KeyPairInfo keyPairInfo;
 		KeyStoreInfo keyStoreInfo;
 		char[] password;
-		X509Certificate certificate;
+		BigInteger serial;
 		KeyPair keyPair;
+		PrivateKey privateKey;
+		X509Certificate certificate;
 		File keystoreFile;
 		FileInfo keystoreFileInfo;
 		File trustStoreFile;
 		FileInfo trustStoreFileInfo;
 		String certificateAlias;
+		ExtensionInfo[] extensionInfos;
 
 		certificateAlias = "serverKey";
-
 		password = "password".toCharArray();
-		Security.addProvider(new BouncyCastleProvider());
-
-		keystoreFile = FileFactory.newFile(PathFinder.getSrcTestResourcesDir(), "new-keystore.jks");
 
 		distinguishedNameInfo = DistinguishedNameInfo.builder().commonName("Test Server")
 			.countryCode("GB").location("London").organisation("My Company")
 			.organisationUnit("IT Department").state("Greater London").build();
 
 		keyPairInfo = KeyPairInfo.builder().algorithm("RSA").keySize(2048).build();
-		keystoreFileInfo = FileInfo.toFileInfo(keystoreFile);
-
-		keyStoreInfo = KeyStoreInfo.builder().fileInfo(keystoreFileInfo).type("JKS")
-			.keystorePassword(password).build();
 
 		keyPair = KeyPairInfo.toKeyPair(keyPairInfo);
-		ExtensionInfo[] extensionInfos = ArrayFactory.newArray(ExtensionInfo.builder()
+		extensionInfos = ArrayFactory.newArray(ExtensionInfo.builder()
 			.extensionId("1.3.6.1.5.5.7.3.2").critical(false).value("foo bar").build());
 
+		serial = RandomBigIntegerFactory.randomBigInteger();
 		X509CertificateV1Info x509CertificateV1Info = X509CertificateV1Info.builder()
-			.keyPairInfo(keyPairInfo).issuer(distinguishedNameInfo)
-			.serial(new BigInteger(160, new SecureRandom()))
-			.validity(Validity.builder().notBefore(ZonedDateTime.parse("2023-12-01T00:00:00Z"))
-				.notAfter(ZonedDateTime.parse("2025-01-01T00:00:00Z")).build())
+			.issuer(distinguishedNameInfo).serial(serial)
+			.validity(Validity.builder().notBefore(ZonedDateTime.parse("2024-01-01T00:00:00Z"))
+				.notAfter(ZonedDateTime.parse("2034-01-01T00:00:00Z")).build())
 			.subject(distinguishedNameInfo).signatureAlgorithm("SHA256withRSA").build();
 
 		X509CertificateV3Info x509CertificateV3Info = X509CertificateV3Info.builder()
 			.certificateV1Info(x509CertificateV1Info).extensions(extensionInfos).build();
 
-		certificate = CertFactory.newX509CertificateV3(x509CertificateV3Info);
+		certificate = CertFactory.newX509CertificateV3(keyPair, x509CertificateV3Info);
 
-		KeyInfo privateKeyModel = KeyInfo.builder().keyType(KeyType.PRIVATE_KEY.getDisplayValue())
-			.encoded(keyPair.getPrivate().getEncoded())
-			.algorithm(keyPair.getPrivate().getAlgorithm()).build();
+		privateKey = keyPair.getPrivate();
 
-		PrivateKey privateKey = KeyInfoExtensions.toPrivateKey(privateKeyModel);
 		// Initialize a KeyStore and store the key pair and certificate
+		keystoreFile = FileFactory.newFile(PathFinder.getSrcTestResourcesDir(), "new-keystore.jks");
+		keystoreFileInfo = FileInfo.toFileInfo(keystoreFile);
+		keyStoreInfo = KeyStoreInfo.builder().fileInfo(keystoreFileInfo).type("JKS")
+			.keystorePassword(password).build();
 		KeyStore keyStore = KeyStoreFactory.newKeystoreAndSaveForSsl(keyStoreInfo, privateKey,
 			certificate, certificateAlias, password);
 
+		// Initialize a KeyStore for the truststore and store the key pair and certificate
 		trustStoreFile = FileFactory.newFile(PathFinder.getSrcTestResourcesDir(),
 			"new-truststore.jks");
-
 		trustStoreFileInfo = FileInfo.toFileInfo(trustStoreFile);
-
 		KeyStoreInfo trustStoreInfo = KeyStoreInfo.builder().fileInfo(trustStoreFileInfo)
 			.type("JKS").keystorePassword(password).build();
-
-		// Initialize a KeyStore for the truststore and store the key pair and certificate
 		KeyStoreFactory.newKeystoreAndSaveForSsl(trustStoreInfo, privateKey, certificate,
 			certificateAlias, password);