|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.ws.security.components.crypto.Merlin
JDK1.4 based implementation of Crypto (uses keystore).
Field Summary | |
protected static java.security.cert.CertificateFactory |
certFact
|
protected java.security.KeyStore |
keystore
|
protected java.util.Properties |
properties
|
Constructor Summary | |
Merlin(java.util.Properties properties)
Constructor. |
Method Summary | |
java.lang.String[] |
getAliasesForDN(java.lang.String subjectDN)
Lookup X509 Certificates in the keystore according to a given DN of the subject of the certificate The search gets all alias names of the keystore and gets the certificate (chain) for each alias. |
java.lang.String |
getAliasForX509Cert(byte[] skiBytes)
Lookup a X509 Certificate in the keystore according to a given SubjectKeyIdentifier. |
java.lang.String |
getAliasForX509Cert(java.security.cert.Certificate cert)
Return a X509 Certificate alias in the keystore according to a given Certificate |
java.lang.String |
getAliasForX509Cert(java.lang.String issuer)
Lookup a X509 Certificate in the keystore according to a given the issuer of a Certficate. |
java.lang.String |
getAliasForX509Cert(java.lang.String issuer,
java.math.BigInteger serialNumber)
Lookup a X509 Certificate in the keystore according to a given serial number and the issuer of a Certficate. |
byte[] |
getCertificateData(boolean reverse,
java.security.cert.X509Certificate[] certs)
get a byte array given an array of X509 certificates. |
java.security.cert.CertificateFactory |
getCertificateFactory()
Singleton certificate factory for this Crypto instance. |
java.security.cert.X509Certificate[] |
getCertificates(java.lang.String alias)
Gets the list of certificates for a given alias. |
java.lang.String |
getDefaultX509Alias()
Retrieves the alias name of the default certificate which has been specified as a property. |
java.security.KeyStore |
getKeyStore()
Gets the Keystore that was loaded by the underlying implementation |
java.security.PrivateKey |
getPrivateKey(java.lang.String alias,
java.lang.String password)
Gets the private key identified by alias> and |
byte[] |
getSKIBytesFromCert(java.security.cert.X509Certificate cert)
Reads the SubjectKeyIdentifier information from the certificate. |
java.security.cert.X509Certificate[] |
getX509Certificates(byte[] data,
boolean reverse)
Construct an array of X509Certificate's from the byte array. |
void |
load(java.io.InputStream input)
Loads the the keystore from an InputStream . |
java.security.cert.X509Certificate |
loadCertificate(java.io.InputStream in)
load a X509Certificate from the input stream. |
void |
setKeyStore(java.security.KeyStore ks)
A Hook for subclasses to set the keystore without having to load it from an InputStream . |
boolean |
validateCertPath(java.security.cert.X509Certificate[] certs)
Uses the CertPath API to validate a given certificate chain |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
protected static java.security.cert.CertificateFactory certFact
protected java.util.Properties properties
protected java.security.KeyStore keystore
Constructor Detail |
public Merlin(java.util.Properties properties) throws CredentialException, java.io.IOException
properties
-
CredentialException
java.io.IOException
Method Detail |
public java.security.cert.CertificateFactory getCertificateFactory() throws WSSecurityException
getCertificateFactory
in interface Crypto
CertificateFactory
to construct
X509 certficates
WSSecurityException
public java.security.cert.X509Certificate loadCertificate(java.io.InputStream in) throws WSSecurityException
loadCertificate
in interface Crypto
in
- The InputStream
array containg the X509 data
WSSecurityException
public java.security.cert.X509Certificate[] getX509Certificates(byte[] data, boolean reverse) throws WSSecurityException
getX509Certificates
in interface Crypto
data
- The byte
array containg the X509 datareverse
- If set the first certificate in input data will
the last in the array
WSSecurityException
public byte[] getCertificateData(boolean reverse, java.security.cert.X509Certificate[] certs) throws WSSecurityException
getCertificateData
in interface Crypto
reverse
- If set the first certificate in the array data will
the last in the byte arraycerts
- The certificates to convert
WSSecurityException
public java.security.PrivateKey getPrivateKey(java.lang.String alias, java.lang.String password) throws java.lang.Exception
alias> and password
.
- Specified by:
getPrivateKey
in interface Crypto
- Parameters:
alias
- The alias (KeyStore
) of the key ownerpassword
- The password needed to access the private key
- Returns:
- The private key
- Throws:
java.lang.Exception
public java.lang.String getAliasForX509Cert(java.lang.String issuer) throws WSSecurityException
getAliasForX509Cert
in interface Crypto
issuer
- The issuer's name for the certificate
WSSecurityException
public java.lang.String getAliasForX509Cert(java.lang.String issuer, java.math.BigInteger serialNumber) throws WSSecurityException
getAliasForX509Cert
in interface Crypto
issuer
- The issuer's name for the certificateserialNumber
- The serial number of the certificate from the named issuer
WSSecurityException
public java.lang.String getAliasForX509Cert(byte[] skiBytes) throws WSSecurityException
getAliasForX509Cert
in interface Crypto
skiBytes
- The SKI info bytes
WSSecurityException
- if problems during keystore handling or wrong certificate (no SKI data)public java.lang.String getAliasForX509Cert(java.security.cert.Certificate cert) throws WSSecurityException
getAliasForX509Cert
in interface Crypto
cert
- The certificate to lookup
WSSecurityException
public java.lang.String getDefaultX509Alias()
getDefaultX509Alias
in interface Crypto
public java.security.cert.X509Certificate[] getCertificates(java.lang.String alias) throws WSSecurityException
getCertificates
in interface Crypto
alias
- Lookup certificate chain for this alias
WSSecurityException
public void setKeyStore(java.security.KeyStore ks)
InputStream
.
ks
- existing keystorepublic void load(java.io.InputStream input) throws CredentialException
InputStream
.
input
- InputStream
to read from
CredentialException
public byte[] getSKIBytesFromCert(java.security.cert.X509Certificate cert) throws WSSecurityException
getSKIBytesFromCert
in interface Crypto
cert
- The certificate to read SKI
WSSecurityException
public java.security.KeyStore getKeyStore()
Crypto
getKeyStore
in interface Crypto
public boolean validateCertPath(java.security.cert.X509Certificate[] certs) throws WSSecurityException
validateCertPath
in interface Crypto
certs
- Certificate chain to validate
WSSecurityException
public java.lang.String[] getAliasesForDN(java.lang.String subjectDN) throws WSSecurityException
getAliasesForDN
in interface Crypto
subjectDN
- The DN of subject to look for in the keystore
WSSecurityException
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |