001 /** 002 * 003 * Licensed to the Apache Software Foundation (ASF) under one or more 004 * contributor license agreements. See the NOTICE file distributed with 005 * this work for additional information regarding copyright ownership. 006 * The ASF licenses this file to You under the Apache License, Version 2.0 007 * (the "License"); you may not use this file except in compliance with 008 * the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018 package org.apache.geronimo.management.geronimo; 019 020 import java.math.BigInteger; 021 import java.security.PublicKey; 022 import java.security.cert.Certificate; 023 import java.util.Date; 024 025 import javax.security.auth.x500.X500Principal; 026 027 import org.apache.geronimo.management.geronimo.CertificationAuthorityException; 028 029 /** 030 * Management interface for dealing with a specific CertificationAuthority. 031 * 032 * @version $Rev: 706640 $ $Date: 2008-10-21 14:44:05 +0000 (Tue, 21 Oct 2008) $ 033 */ 034 public interface CertificationAuthority { 035 036 /** 037 * This method checks if the CA is locked. 038 * @return true if CA is locked, false otherwise. 039 */ 040 public abstract boolean isLocked(); 041 042 /** 043 * This method locks the CA. 044 */ 045 public abstract void lock(); 046 047 /** 048 * This method unlocks the CA. 049 * @param password Password to unlock the CA. 050 */ 051 public abstract void unlock(char[] password) throws CertificationAuthorityException; 052 053 /** 054 * This method returns CA's name. 055 * @throws Exception if CA is locked. 056 */ 057 public abstract X500Principal getName() throws CertificationAuthorityException; 058 059 /** 060 * This method returns CA's own certificate. 061 * @throws Exception if CA is locked. 062 */ 063 public abstract Certificate getCertificate() throws CertificationAuthorityException; 064 065 /** 066 * This method makes the CA issue a self-signed certificate with given details. This method is usually 067 * called while initializing the CA. 068 * 069 * @param sNo Serial number for self-signed certificate 070 * @param validFromDate Certificate validity period start date 071 * @param validToDate Certificate validity period end date 072 * @param algorithm Signature algorithm for self-signed certificate 073 */ 074 public abstract void issueOwnCertificate(BigInteger sNo, Date validFromDate, Date validToDate, String algorithm) throws CertificationAuthorityException; 075 076 /** 077 * This method issues a certificate. 078 * 079 * @param subject Subject name 080 * @param publicKey Subject's public key 081 * @param sNo Serial number for the certificate to be issued 082 * @param validFromDate Certificate validity period start date 083 * @param validToDate Certificate validity period end date 084 * @param algorithm Signature algorithm for the certificate 085 * @return newly issued certificate 086 */ 087 public abstract Certificate issueCertificate(X500Principal subject, PublicKey publicKey, BigInteger sNo, Date validFromDate, Date validToDate, String algorithm) throws CertificationAuthorityException; 088 089 /** 090 * This method returns the highest serial number used by the CA. 091 */ 092 public abstract BigInteger getHighestSerialNumber() throws CertificationAuthorityException; 093 094 /** 095 * This method checks if a Certificate with a given serial number is already issued. 096 * @param sNo The serial number of the the certificate to be looked for 097 * @return true if a certificate with the specified serial number has already been issued 098 */ 099 public abstract boolean isCertificateIssued(BigInteger sNo) throws CertificationAuthorityException; 100 101 /** 102 * This method returns the next serial number that can be used to issue a certificate and increments the 103 * highest serial number. 104 */ 105 public abstract BigInteger getNextSerialNumber() throws CertificationAuthorityException; 106 107 /** 108 * This method retrieves a certificate with the specified serial number. 109 * @param sNo The serial number of the certificate to be retrieved 110 * @return java.security.cert.Certificate instance of the certificate 111 */ 112 public abstract Certificate getCertificate(BigInteger sNo) throws CertificationAuthorityException; 113 114 /** 115 * This method retrieves a certificate with the specified serial number. 116 * @param sNo The serial number of the certificate to be retrieved 117 * @return base64 encoded certificate text 118 */ 119 public abstract String getCertificateBase64Text(BigInteger sNo) throws CertificationAuthorityException; 120 }