https://github.com/greendelta/olca-license
A data library licensing framework for openLCA.
https://github.com/greendelta/olca-license
Last synced: 4 months ago
JSON representation
A data library licensing framework for openLCA.
- Host: GitHub
- URL: https://github.com/greendelta/olca-license
- Owner: GreenDelta
- License: mpl-2.0
- Created: 2023-01-11T09:09:17.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-09-17T14:59:05.000Z (over 1 year ago)
- Last Synced: 2025-03-31T21:19:49.614Z (about 1 year ago)
- Language: Java
- Homepage:
- Size: 186 KB
- Stars: 2
- Watchers: 4
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# olca-license
A licensing framework for openLCA that can certify, sign and encrypt data library.
## Create the Certificate Authority (CA)
- Create the Root CA - that has to later be stored offline - with `root_ca.sh`.
- Create the server CA (Nexus) subordinated from the Root CA with
`nexus_ca.sh` and store the `nexus-ca` folder into the server
`/etc/ssl/certs/` directory.
## Certify a data library
Once the certificate authority is created and stored in the server, one can
start certifying data libraries.
First, create a `Licensor` instance with the CA `File` folder as an input:
```java
var ca = new File("path/to/the/certificate/authority");
var licensor = Licensor.getInstance(ca);
```
Then, certify the library by inputting the `ZipInputStream` of the compressed
raw library, the destination `ZipOutputStream`, the password provided by the
user of the library and the `CertificateInfo` object holding the start and
expiration date and the subject and issuer information:
```java
var info = licensor.createCertificateInfo(notBefore, notAfter, subject);
try (var output = new ZipOutputStream(new FileOutputStream(library))) {
licensor.license(input, output, PASSWORD_LIB, info);
}
```
If the end date of the certificate is not determined, it is possible to omit it:
```java
var info = licensor.createCertificateInfo(notBefore, subject);
```
## Check the information of an issued certificate
An X.509 certificate can be stored with respect with the industry standard as a
key encoded in `Base64`:
```bash
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
```
This certificate can be converted in a more readable format by using the
following command:
```bash
openssl x509 -text -in issued-cert.crt -noout
```