common/securis.git

..	..	@@ -1,3 +1,6 @@
	1	+/*
	2	+ * Copyright @ 2013 CurisTEC, S.A.S. All Rights Reserved.
	3	+ */
1	4	package net.curisit.securis;
2	5
3	6	import java.io.File;
..	..	@@ -24,23 +27,35 @@
24	27	import org.apache.logging.log4j.LogManager;
25	28	import org.apache.logging.log4j.Logger;
26	29
	30	+import jakarta.inject.Singleton;
	31	+
27	32	/**
28		- * License generator and signer
29		- *
30		- * @author roberto <roberto.sanchez@curisit.net>
31		- */
32		-@javax.inject.Singleton
	33	+* LicenseGenerator
	34	+* <p>
	35	+* Factory for building and signing {@link LicenseBean} instances. Uses a process-wide
	36	+* singleton and expects a PKCS#8 private key at:
	37	+* <code>~/.SeCuris/keys/securis_private_key.pkcs8</code>.
	38	+*
	39	+* @author JRA
	40	+* Last reviewed by JRA on Oct 5, 2025.
	41	+*/
	42	+@Singleton
33	43	public class LicenseGenerator {
34	44
35	45	private static final Logger LOG = LogManager.getLogger(LicenseGenerator.class);
36	46
37	47	private static LicenseGenerator singleton = new LicenseGenerator();
38	48
	49	+ /**
	50	+ * getInstance<p>
	51	+ * Singleton accessor.
	52	+ */
39	53	public static LicenseGenerator getInstance() {
40	54	return singleton;
41	55	}
42	56
43	57	/**
	58	+ * generateLicense<p>
44	59	* Generate a license bean with the specified data
45	60	*
46	61	* @param req
..	..	@@ -66,12 +81,14 @@
66	81	}
67	82
68	83	/**
69		- * Generate a license file using a {@link LicenseBean}
70		- *
71		- * @param license
72		- * @param file
73		- * @throws SeCurisException
74		- */
	84	+ * save
	85	+ * <p>
	86	+ * Persist a pretty-printed JSON representation of the signed license to disk.
	87	+ *
	88	+ * @param license source license
	89	+ * @param file target file path
	90	+ * @throws SeCurisException if serialization or IO fails
	91	+ */
75	92	public void save(LicenseBean license, File file) throws SeCurisException {
76	93	SignedLicenseBean signedLic = new SignedLicenseBean(license);
77	94	byte[] json;
..	..	@@ -91,15 +108,14 @@
91	108	}
92	109
93	110	/**
94		- *
95		- * @param licBean
96		- * @return
97		- * @throws NoSuchAlgorithmException
98		- * @throws IOException
99		- * @throws InvalidKeySpecException
100		- * @throws InvalidKeyException
101		- * @throws SignatureException
102		- */
	111	+ * sign
	112	+ * <p>
	113	+ * Compute a Base64 signature for the given license and set it into the bean.
	114	+ *
	115	+ * @param licBean license to sign (in-place)
	116	+ * @return Base64 signature string
	117	+ * @throws SeCurisException if the signature process fails
	118	+ */
103	119	public String sign(LicenseBean licBean) throws SeCurisException {
104	120	SignatureHelper sh = SignatureHelper.getInstance();
105	121
..	..	@@ -114,16 +130,8 @@
114	130	byte[] signatureData = signature.sign();
115	131	licBean.setSignature(Base64.encodeBase64String(signatureData));
116	132	return licBean.getSignature();
117		- } catch (NoSuchAlgorithmException e) {
118		- LOG.error("Error signing license for " + licBean, e);
119		- } catch (InvalidKeyException e) {
120		- LOG.error("Error signing license for " + licBean, e);
121		- } catch (InvalidKeySpecException e) {
122		- LOG.error("Error signing license for " + licBean, e);
123		- } catch (IOException e) {
124		- LOG.error("Error signing license for " + licBean, e);
125		- } catch (SignatureException e) {
126		- LOG.error("Error signing license for " + licBean, e);
	133	+ } catch (NoSuchAlgorithmException \| InvalidKeyException \| InvalidKeySpecException \| IOException \| SignatureException e) {
	134	+ LOG.error("Error signing license for {}", licBean, e);
127	135	}
128	136	throw new SeCurisException("License could not be generated");
129	137	}