ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-06-14 05:08:18 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

CORDA-1715 Ordering the X500 name for the CRL extension of the TLS certificates (#3515)

Browse Source 
* CORDA-1715 Ordering the X500 name for the CRL extension of the TLS certificate

* Addressing review comments

* Addressing review comments - round 2

* Throwing an exception on incorrect TLS CRL issuer configuration

* Changes after the redesign decisions

* Small refactoring
This commit is contained in:
Michal Kit
2018-07-09 13:45:38 +01:00
committed by GitHub
parent 5d738ac8e8
commit 408cc68c65
8 changed files with 164 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
node-api/src/main/kotlin/net/corda/nodeapi/internal/KeyStoreConfigHelpers.kt
View File

@ -4,7 +4,7 @@ import net.corda.core.crypto.Crypto
import net.corda.core.crypto.Crypto.generateKeyPair
import net.corda.core.identity.CordaX500Name
import net.corda.core.identity.PartyAndCertificate
import net.corda.core.internal.x500Name
import net.corda.core.internal.toX500Name
import net.corda.nodeapi.internal.config.SSLConfiguration
import net.corda.nodeapi.internal.crypto.*
import org.bouncycastle.asn1.x509.GeneralName
@ -83,7 +83,7 @@ fun createDevNetworkMapCa(rootCa: CertificateAndKeyPair = DEV_ROOT_CA): Certific
fun createDevNodeCa(intermediateCa: CertificateAndKeyPair,
legalName: CordaX500Name,
nodeKeyPair: KeyPair = generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME)): CertificateAndKeyPair {
val nameConstraints = NameConstraints(arrayOf(GeneralSubtree(GeneralName(GeneralName.directoryName, legalName.x500Name))), arrayOf())
val nameConstraints = NameConstraints(arrayOf(GeneralSubtree(GeneralName(GeneralName.directoryName, legalName.toX500Name()))), arrayOf())
val cert = X509Utilities.createCertificate(
CertificateType.NODE_CA,
intermediateCa.certificate,