Backporting introduction of constants for the dev certs from enterprise (#2502)

2025-06-13 04:38:19 +00:00 · 2018-02-12 12:12:16 +00:00
parent 1218fa037e
commit d1627fed5b
5 changed files with 12 additions and 8 deletions
--- a/node-api/src/main/kotlin/net/corda/nodeapi/internal/KeyStoreConfigHelpers.kt
+++ b/node-api/src/main/kotlin/net/corda/nodeapi/internal/KeyStoreConfigHelpers.kt
@ -95,14 +95,18 @@ fun createDevNodeCa(intermediateCa: CertificateAndKeyPair,
 }

 val DEV_INTERMEDIATE_CA: CertificateAndKeyPair get() = DevCaHelper.loadDevCa(X509Utilities.CORDA_INTERMEDIATE_CA)
-
 val DEV_ROOT_CA: CertificateAndKeyPair get() = DevCaHelper.loadDevCa(X509Utilities.CORDA_ROOT_CA)
+const val DEV_CA_PRIVATE_KEY_PASS: String = "cordacadevkeypass"
+const val DEV_CA_KEY_STORE_FILE: String = "cordadevcakeys.jks"
+const val DEV_CA_KEY_STORE_PASS: String = "cordacadevpass"
+const val DEV_CA_TRUST_STORE_FILE: String = "cordatruststore.jks"
+const val DEV_CA_TRUST_STORE_PASS: String = "trustpass"

 // We need a class so that we can get hold of the class loader
 internal object DevCaHelper {
    fun loadDevCa(alias: String): CertificateAndKeyPair {
        // TODO: Should be identity scheme
-        val caKeyStore = loadKeyStore(javaClass.classLoader.getResourceAsStream("certificates/cordadevcakeys.jks"), "cordacadevpass")
-        return caKeyStore.getCertificateAndKeyPair(alias, "cordacadevkeypass")
+        val caKeyStore = loadKeyStore(javaClass.classLoader.getResourceAsStream("certificates/$DEV_CA_KEY_STORE_FILE"), DEV_CA_KEY_STORE_PASS)
+        return caKeyStore.getCertificateAndKeyPair(alias, DEV_CA_PRIVATE_KEY_PASS)
    }
 }
--- a/node-api/src/main/kotlin/net/corda/nodeapi/internal/crypto/X509Utilities.kt
+++ b/node-api/src/main/kotlin/net/corda/nodeapi/internal/crypto/X509Utilities.kt
@ -156,7 +156,7 @@ object X509Utilities {

        val builder = JcaX509v3CertificateBuilder(issuer, serial, validityWindow.first, validityWindow.second, subject, subjectPublicKey)
                .addExtension(Extension.subjectKeyIdentifier, false, BcX509ExtensionUtils().createSubjectKeyIdentifier(subjectPublicKeyInfo))
-                .addExtension(Extension.basicConstraints, certificateType.isCA, BasicConstraints(certificateType.isCA))
+                .addExtension(Extension.basicConstraints, true, BasicConstraints(certificateType.isCA))
                .addExtension(Extension.keyUsage, false, certificateType.keyUsage)
                .addExtension(Extension.extendedKeyUsage, false, keyPurposes)

--- a/node-api/src/main/resources/certificates/cordadevcakeys.jks
+++ b/node-api/src/main/resources/certificates/cordadevcakeys.jks
--- a/node-api/src/main/resources/certificates/cordatruststore.jks
+++ b/node-api/src/main/resources/certificates/cordatruststore.jks