search

aws-samples / aws-cloudhsm-jce-examples

Sample applications demonstrating how to use the CloudHSM JCE
MIT No Attribution
36 stars 56 forks source link

Add certificate signing and storing to KeyStoreExampleRunner #59

Closed TheEmpty closed 1 year ago

TheEmpty commented 1 year ago

Issue #, if available: N/A

Description of changes:

Testing:

Setup / running

cd /home/ec2-user/samples/aws-cloudhsm-jce-examples && mvn clean package
export HSM_USER=REMOVED
export HSM_PASSWORD=REMOVED
java -ea -jar target/assembly/cloudhsm-keystore-runner.jar --store /tmp/key.store --password REMOVED --label test4"

output w/ new

Searching for example key and certificate...
No entry found, creating...
Found private key test4 with certificate   [0]         Version: 3
         SerialNumber: 1661842031782
             IssuerDN: C=US,ST=Washington,L=Seattle,O=Amazon,OU=AWS,CN=CloudHSM
           Start Date: Tue Aug 30 06:47:11 UTC 2022
           Final Date: Tue Aug 30 06:47:11 UTC 2022
            SubjectDN: C=US,ST=Washington,L=Seattle,O=Amazon,OU=AWS,CN=CloudHSM
           Public Key: RSA Public Key [c7:9d:29:94:de:ac:9f:80:1a:61:4f:8a:63:81:01:ce:4f:7d:0e:fd],[56:66:d1:a4]
        modulus: a55896a48c747aa77c6c56e0c7acbea1459488a6590a83f3137ae1ed8624e31b77ac97fbdb2ae56ba0ff93b179e4e60a5bcc4d67c8874929998ded696c1c60f5d954f47dc56fb69b791f2d72d84bcafcd3db6c90b2b9b0205a168b9d6ff0ed0c22dab4b205d422fd649f45086f373465fc804d526343bbe71f43e95645dd8cb87890d15319f12373b847a2f5653daff163f56b54970217196650774b7bc49342cc51e5f1304f06382a62af325aa32c9c238c6619688e029b6bacbedcd8fd0fffc0753afbda6e12a4d496484f57b77bd6704e0c7a28399f96e41365357b9a613672c8ead00fe522989f32da24931093ed85022687f0a543a5a6501cab7cbe2a49
public exponent: 10001

  Signature Algorithm: SHA512withRSA
            Signature: 8d9159a7bfe4baf519f9ffa3703c3ae2d748ee85
                       6c3f2e7d1dbf6019cf62fbdfaeb78bc432ed3dea
                       d91e20ce9c6127d1ed22521130a268e456c08ec7
                       396347c599afde06c339aa76c87e22168f46b1b0
                       56c3158c8d98ec4c862d047e3058743d5d5e8331
                       872b7ed174952c2183f4ef2096ca24ce05d97d6a
                       1fc3b4bc70d955fdcae92c6b8adc65acf14133b8
                       b74e3a86d0c9d90e984cdec8152fdbba38f2fe9d
                       6fe5cbbeae19f3bbddf18bfb561fa565d74edf82
                       37dca477960eb3def58afb15cdc5963ab73122c6
                       4899ecff7df8d93c1949d6b1ae7273b3e408cc90
                       2db5089b9973ae81f5c790e6065b09b20f3b47f7
                       efeef2bd839818b563c05d34f0f611c5

output after creation

Searching for example key and certificate...
Found private key test4 with certificate [
[
  Version: V3
  Subject: CN=CloudHSM, OU=AWS, O=Amazon, L=Seattle, ST=Washington, C=US
  Signature Algorithm: SHA512withRSA, OID = 1.2.840.113549.1.1.13

  Key:  Sun RSA public key, 2048 bits
  params: null
  modulus: 20873004911409940983950401538750969576534570921424354809802837164029380644557512685972375042107880661149052219467482076297688173992587309950241388098354699537869012609188388962271995623033540725601996288207760743970298406499478353870604410311175327316830605051244046051292261539355599409647085255596769795487574220677950837068604990887786288872859160417221611681753702024613105121606785063072150616659522160885553863563728248729297193264916307903872294846477783236182449327216707823246653148711278041887719355795138128453403534265638510497771186432245752717477099205394155292809810451130335884744744472843360434793033
  public exponent: 65537
  Validity: [From: Tue Aug 30 06:47:11 UTC 2022,
               To: Tue Aug 30 06:47:11 UTC 2022]
  Issuer: CN=CloudHSM, OU=AWS, O=Amazon, L=Seattle, ST=Washington, C=US
  SerialNumber: [    0182ed81 04a6]

]
  Algorithm: [SHA512withRSA]
  Signature:
0000: 8D 91 59 A7 BF E4 BA F5   19 F9 FF A3 70 3C 3A E2  ..Y.........p<:.
0010: D7 48 EE 85 6C 3F 2E 7D   1D BF 60 19 CF 62 FB DF  .H..l?....`..b..
0020: AE B7 8B C4 32 ED 3D EA   D9 1E 20 CE 9C 61 27 D1  ....2.=... ..a'.
0030: ED 22 52 11 30 A2 68 E4   56 C0 8E C7 39 63 47 C5  ."R.0.h.V...9cG.
0040: 99 AF DE 06 C3 39 AA 76   C8 7E 22 16 8F 46 B1 B0  .....9.v.."..F..
0050: 56 C3 15 8C 8D 98 EC 4C   86 2D 04 7E 30 58 74 3D  V......L.-..0Xt=
0060: 5D 5E 83 31 87 2B 7E D1   74 95 2C 21 83 F4 EF 20  ]^.1.+..t.,!...
0070: 96 CA 24 CE 05 D9 7D 6A   1F C3 B4 BC 70 D9 55 FD  ..$....j....p.U.
0080: CA E9 2C 6B 8A DC 65 AC   F1 41 33 B8 B7 4E 3A 86  ..,k..e..A3..N:.
0090: D0 C9 D9 0E 98 4C DE C8   15 2F DB BA 38 F2 FE 9D  .....L.../..8...
00A0: 6F E5 CB BE AE 19 F3 BB   DD F1 8B FB 56 1F A5 65  o...........V..e
00B0: D7 4E DF 82 37 DC A4 77   96 0E B3 DE F5 8A FB 15  .N..7..w........
00C0: CD C5 96 3A B7 31 22 C6   48 99 EC FF 7D F8 D9 3C  ...:.1".H......<
00D0: 19 49 D6 B1 AE 72 73 B3   E4 08 CC 90 2D B5 08 9B  .I...rs.....-...
00E0: 99 73 AE 81 F5 C7 90 E6   06 5B 09 B2 0F 3B 47 F7  .s.......[...;G.
00F0: EF EE F2 BD 83 98 18 B5   63 C0 5D 34 F0 F6 11 C5  ........c.]4....

]

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.