CryptographyService.java

package won.cryptography.service;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;

/**
 * User: fsalcher
 * Date: 12.06.2014
 */
public class CryptographyService {

    private final Logger logger = LoggerFactory.getLogger(this.getClass());

    private KeyPairService keyPairService;
    private CertificateService certificateService;

    private KeyStoreService keyStoreService;

    public CryptographyService(KeyStoreService keyStoreService, KeyPairService keyPairService, CertificateService
      certificateService) {

      this.keyStoreService = keyStoreService;
      this.keyPairService = keyPairService;
      this.certificateService = certificateService;
      createClientDefaultCertificateIfNotPresent();

    }

  /**
   * A default key (application acting as client key) has to be put into the key store if not already present. This
   * has to be done before other objects start using CryptographyService or corresponding KeyStore.
   */
  private void createClientDefaultCertificateIfNotPresent() {
    String alias = getDefaultPrivateKeyAlias();
    logger.debug("checking if the certificate with alias {} is in the keystore", alias);
    if (containsEntry(alias)) {
      logger.info("entry with alias {} found in the keystore", alias);
      return;
    }
    //no certificate, create it:
    logger.info("certificate not found under alias {}, creating new one", alias);
    try {
      createNewKeyPair(alias, null);
      logger.info("certificate created");
    } catch (IOException e) {
      throw new RuntimeException("Could not create certificate for " + alias, e);
    }

  }


    public KeyPair createNewKeyPair(BigInteger certNumber, String commonName, String webId) throws IOException {

      String alias = webId;
      if (alias == null) {
        alias = commonName;
      }
//      if (containsEntry(alias)) {
//        throw new IOException("Cannot create certificate - key store already contains entry for " + alias);
//      }

      KeyPair newKeyPair = keyPairService.generateNewKeyPairInSecp384r1();
      X509Certificate newCertificate = certificateService.createSelfSignedCertificate(certNumber, newKeyPair,
                                                                                        commonName, webId);
      keyStoreService.putKey(alias, newKeyPair.getPrivate(), new Certificate[] {newCertificate}, false);
      return newKeyPair;
    }


  public KeyPair createNewKeyPair(String commonName, String webId) throws IOException {

    BigInteger certNumber = BigInteger.valueOf(keyStoreService.size() + 1);
    return createNewKeyPair(certNumber, commonName, webId);

  }

  public PrivateKey getPrivateKey(String alias) {
        return keyStoreService.getPrivateKey(alias);
    }

  public PrivateKey getDefaultPrivateKey() {
    return keyStoreService.getPrivateKey(keyStoreService.getDefaultAlias());
  }

  public String getDefaultPrivateKeyAlias() {
    return keyStoreService.getDefaultAlias();
  }

  public PublicKey getPublicKey(String alias) {
      return keyStoreService.getPublicKey(alias);
  }

  public boolean containsEntry(String alias) {
    try {
      return keyStoreService.getUnderlyingKeyStore().containsAlias(alias);
    } catch (KeyStoreException e) {
      return false;
    }
  }
}