GeronimoCertificationAuthority (Geronimo 2.1.3 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.geronimo.security.ca
Class GeronimoCertificationAuthority

java.lang.Object
  org.apache.geronimo.security.ca.GeronimoCertificationAuthority

All Implemented Interfaces:: GBeanLifecycle, CertificationAuthority

public class GeronimoCertificationAuthority
extends Object
implements CertificationAuthority, GBeanLifecycle
extends Object
implements CertificationAuthority, GBeanLifecycle

A Certification Authority implementation using KeystoreInstance to store CA's private key, CertificateStore to store issued certificates and CertificateRequestStore to store certificate requests

Field Summary
`static GBeanInfo`	`GBEAN_INFO`

Constructor Summary
`GeronimoCertificationAuthority(ServerInfo serverInfo, KeystoreInstance caKeystore, CertificateStore certStore, CertificateRequestStore certReqStore, Kernel kernel, AbstractName abstractName)` Constructor

Method Summary
`void`	`doFail()` Fails the GBean.
`void`	`doStart()` Starts the GBean.
`void`	`doStop()` Stops the target.
`Certificate`	`getCertificate()` This method returns CA's own certificate.
`Certificate`	`getCertificate(BigInteger sNo)` This method retrieves a certificate with the specified serial number.
`String`	`getCertificateBase64Text(BigInteger sNo)` This method retrieves a certificate with the specified serial number.
`static GBeanInfo`	`getGBeanInfo()`
`BigInteger`	`getHighestSerialNumber()` This method returns the highest serial number used by the CA.
`X500Principal`	`getName()` This method returns CA's name.
`BigInteger`	`getNextSerialNumber()` This method returns the next serial number that can be used to issue a certificate and increments the highest serial number.
`boolean`	`isCertificateIssued(BigInteger sNo)` This method checks if a Certificate with a given serial number is already issued.
`boolean`	`isLocked()` This method checks if the CA is locked.
`Certificate`	`issueCertificate(X500Principal subject, PublicKey publicKey, BigInteger sNo, Date validFromDate, Date validToDate, String algorithm)` This method issues a certificate.
`void`	`issueOwnCertificate(BigInteger sNo, Date validFromDate, Date validToDate, String algorithm)` This method makes the CA issue a self-signed certificate with given details.
`void`	`lock()` This method locks the CA.
`void`	`unlock(char[] password)` This method unlocks the CA.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

GBEAN_INFO

public static final GBeanInfo GBEAN_INFO

Constructor Detail

GeronimoCertificationAuthority

public GeronimoCertificationAuthority(ServerInfo serverInfo,
                                      KeystoreInstance caKeystore,
                                      CertificateStore certStore,
                                      CertificateRequestStore certReqStore,
                                      Kernel kernel,
                                      AbstractName abstractName)

Constructor

Parameters:: instance - KeystoreInstance containing CA's private-key and certificate; certStore - CertificateStore for storing certificates issued by this CA; certReqStore - CeetificateRequestStore for storing certificates requests

Method Detail

isLocked

public boolean isLocked()

This method checks if the CA is locked.

Specified by:: isLocked in interface CertificationAuthority

Returns:: true if CA is locked, false otherwise.

lock

public void lock()

This method locks the CA.

Specified by:: lock in interface CertificationAuthority

unlock

public void unlock(char[] password)
            throws CertificationAuthorityException

This method unlocks the CA.

Specified by:: unlock in interface CertificationAuthority

Parameters:: password - Password to unlock the CA.
Throws:: CertificationAuthorityException

getName

public X500Principal getName()
                      throws CertificationAuthorityException

This method returns CA's name.

Specified by:: getName in interface CertificationAuthority

Throws:: Exception - if CA is locked.; CertificationAuthorityException

getCertificate

public Certificate getCertificate()
                           throws CertificationAuthorityException

This method returns CA's own certificate.

Specified by:: getCertificate in interface CertificationAuthority

Throws:: Exception - if CA is locked.; CertificationAuthorityException

issueOwnCertificate

public void issueOwnCertificate(BigInteger sNo,
                                Date validFromDate,
                                Date validToDate,
                                String algorithm)
                         throws CertificationAuthorityException

This method makes the CA issue a self-signed certificate with given details. This method is usually called while initializing the CA.

Specified by:: issueOwnCertificate in interface CertificationAuthority

Parameters:: sNo - Serial number for self-signed certificate; validFromDate - Certificate validity period start date; validToDate - Certificate validity period end date; algorithm - Signature algorithm for self-signed certificate
Throws:: CertificationAuthorityException

issueCertificate

public Certificate issueCertificate(X500Principal subject,
                                    PublicKey publicKey,
                                    BigInteger sNo,
                                    Date validFromDate,
                                    Date validToDate,
                                    String algorithm)
                             throws CertificationAuthorityException

This method issues a certificate.

Specified by:: issueCertificate in interface CertificationAuthority

Parameters:: subject - Subject X500Principal; publicKey - Subject's public key; sNo - Serial number for the certificate to be issued; validFromDate - Certificate validity period start date; validToDate - Certificate validity period end date; algorithm - Signature algorithm for the certificate
Returns:: newly issued certificate
Throws:: CertificationAuthorityException

getHighestSerialNumber

public BigInteger getHighestSerialNumber()
                                  throws CertificationAuthorityException

This method returns the highest serial number used by the CA.

Specified by:: getHighestSerialNumber in interface CertificationAuthority

Throws:: CertificationAuthorityException

isCertificateIssued

public boolean isCertificateIssued(BigInteger sNo)
                            throws CertificationAuthorityException

This method checks if a Certificate with a given serial number is already issued.

Specified by:: isCertificateIssued in interface CertificationAuthority

Parameters:: sNo - The serial number of the the certificate to be looked for
Returns:: true if a certificate with the specified serial number has already been issued
Throws:: CertificationAuthorityException

getNextSerialNumber

public BigInteger getNextSerialNumber()
                               throws CertificationAuthorityException

This method returns the next serial number that can be used to issue a certificate and increments the highest serial number.

Specified by:: getNextSerialNumber in interface CertificationAuthority

Throws:: CertificationAuthorityException

getCertificate

public Certificate getCertificate(BigInteger sNo)
                           throws CertificationAuthorityException

This method retrieves a certificate with the specified serial number.

Specified by:: getCertificate in interface CertificationAuthority

Parameters:: sNo - The serial number of the certificate to be retrieved
Returns:: java.security.cert.Certificate instance of the certificate
Throws:: CertificationAuthorityException

getCertificateBase64Text

public String getCertificateBase64Text(BigInteger sNo)
                                throws CertificationAuthorityException

This method retrieves a certificate with the specified serial number.

Specified by:: getCertificateBase64Text in interface CertificationAuthority

Parameters:: sNo - The serial number of the certificate to be retrieved
Returns:: base64 encoded certificate text
Throws:: CertificationAuthorityException

doFail

public void doFail()

Description copied from interface: GBeanLifecycle

Fails the GBean. This informs the GBean that it is about to transition to the failed state.

Specified by:: doFail in interface GBeanLifecycle

doStart

public void doStart()
             throws Exception

Description copied from interface: GBeanLifecycle

Starts the GBean. This informs the GBean that it is about to transition to the running state.

Specified by:: doStart in interface GBeanLifecycle

Throws:: Exception - if the target failed to start; this will cause a transition to the failed state

doStop

public void doStop()
            throws Exception

Description copied from interface: GBeanLifecycle

Stops the target. This informs the GBean that it is about to transition to the stopped state.

Specified by:: doStop in interface GBeanLifecycle

Throws:: Exception - if the target failed to stop; this will cause a transition to the failed state

getGBeanInfo

public static GBeanInfo getGBeanInfo()

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.geronimo.security.ca Class GeronimoCertificationAuthority

GBEAN_INFO

GeronimoCertificationAuthority

isLocked

lock

unlock

getName

getCertificate

issueOwnCertificate

issueCertificate

getHighestSerialNumber

isCertificateIssued

getNextSerialNumber

getCertificate

getCertificateBase64Text

doFail

doStart

doStop

getGBeanInfo

org.apache.geronimo.security.ca
Class GeronimoCertificationAuthority