|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--org.edg.security.delegation.DelegationUtil
Utility methods used by the delegation system.
Field Summary | |
static java.lang.String |
DEFAULT_DELEGATIONID
|
static int |
KEYPAIR_KEYSIZE
|
static long |
PROXY_VALIDITY_TIME
|
Constructor Summary | |
DelegationUtil()
|
Method Summary | |
static java.lang.String |
chainToPem(java.security.cert.X509Certificate[] chain)
Method encodes the certificate chain given as a parameter to PEM-String. |
static DelegationRequestItem |
createCred(java.lang.String delegId)
Method creates a DelegationRequestItem with a given delegation id. |
static DelegationRequestItem |
createCred(java.lang.String delegId,
java.security.cert.X509Certificate[] chain)
Method creates a DelegationRequestItem with a given delegation id and client cert chain. |
static java.lang.String |
createRequest(DelegationRequestItem dri)
Creates a PEM-String from a given DelegationRequestItem. |
static DelegationStorageItem |
createStorageItem(DelegationRequestItem dri,
java.security.cert.X509Certificate[] dcc)
Creates DelegationStorageItem from the request & delegated cert chain |
static java.security.cert.X509Certificate[] |
generateProxy(java.lang.String certReq,
java.lang.String delegationId,
long proxyValidityTime,
java.security.cert.X509Certificate[] chain,
java.security.PrivateKey privateKey)
Generates a new proxy from the public key in the certReq and add it to the certicate chain. |
static java.security.cert.X509Certificate[] |
pemToChain(java.lang.String pem)
|
static java.security.cert.X509Certificate |
signCert(java.security.PublicKey publicKey,
java.lang.String subjectDN,
java.lang.String issuerDN,
long validityTime,
java.math.BigInteger serial,
java.security.PrivateKey privateKey)
Signs the request given in the parameters with the credentials and data found from the parameters too. |
static java.security.cert.X509Certificate |
signCert(java.lang.String certReqString,
java.lang.String subjectDN,
java.lang.String issuerDN,
long validityTime,
java.math.BigInteger serial,
java.security.PrivateKey privateKey)
Signs the request given in the parameters with the credentials and data found from the parameters too. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
public static final int KEYPAIR_KEYSIZE
public static final long PROXY_VALIDITY_TIME
public static final java.lang.String DEFAULT_DELEGATIONID
Constructor Detail |
public DelegationUtil()
Method Detail |
public static java.lang.String chainToPem(java.security.cert.X509Certificate[] chain)
chain
- the certificate chain to be encoded
public static java.security.cert.X509Certificate[] pemToChain(java.lang.String pem)
public static DelegationRequestItem createCred(java.lang.String delegId)
delegId
- delegation id for the request
public static DelegationRequestItem createCred(java.lang.String delegId, java.security.cert.X509Certificate[] chain)
delegId
- delegation id for the requestchain
- the client cert chain for the request
public static java.lang.String createRequest(DelegationRequestItem dri)
dri
- the request item
public static java.security.cert.X509Certificate signCert(java.lang.String certReqString, java.lang.String subjectDN, java.lang.String issuerDN, long validityTime, java.math.BigInteger serial, java.security.PrivateKey privateKey)
subjectDN
- Subject DN for the new certificate.issuerDN
- Issuer DN for the new certificate.validityTime
- How long (from this point) the cert is valid.serial
- Serial number for the new certificate.privateKey
- Private key used for signing the new certificate.
public static java.security.cert.X509Certificate signCert(java.security.PublicKey publicKey, java.lang.String subjectDN, java.lang.String issuerDN, long validityTime, java.math.BigInteger serial, java.security.PrivateKey privateKey)
publicKey
- the public key for the new certificatesubjectDN
- Subject DN for the new certificate.issuerDN
- Issuer DN for the new certificate.validityTime
- How long the certificate is valid (from now on).serial
- Serial number for the new certificate.privateKey
- Private key used for signing the new certiifcate.
public static java.security.cert.X509Certificate[] generateProxy(java.lang.String certReq, java.lang.String delegationId, long proxyValidityTime, java.security.cert.X509Certificate[] chain, java.security.PrivateKey privateKey)
certReq
- contains the public key to signdelegationId
- delegation id to be added to the subjectproxyValidityTime
- validity time from now on in millisecondschain
- the certificate chain to which the proxy
will be addedprivateKey
- key for signing the proxypublic static DelegationStorageItem createStorageItem(DelegationRequestItem dri, java.security.cert.X509Certificate[] dcc)
dri
- the request itemdcc
- delegated cert chain
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |