GeronimoCertificationAuthority (Geronimo

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.geronimo.security.ca
Class GeronimoCertificationAuthority

java.lang.Object
  org.apache.geronimo.security.ca.GeronimoCertificationAuthority

All Implemented Interfaces:: org.apache.geronimo.gbean.GBeanLifecycle, org.apache.geronimo.management.geronimo.CertificationAuthority

public class GeronimoCertificationAuthority
extends Object
implements org.apache.geronimo.management.geronimo.CertificationAuthority, org.apache.geronimo.gbean.GBeanLifecycle
extends Object
implements org.apache.geronimo.management.geronimo.CertificationAuthority, org.apache.geronimo.gbean.GBeanLifecycle

A Certification Authority implementation using KeystoreInstance to store CA's private key, CertificateStore to store issued certificates and CertificateRequestStore to store certificate requests

Field Summary
`static org.apache.geronimo.gbean.GBeanInfo`	`GBEAN_INFO`

Constructor Summary
`GeronimoCertificationAuthority(org.apache.geronimo.system.serverinfo.ServerInfo serverInfo, org.apache.geronimo.management.geronimo.KeystoreInstance caKeystore, org.apache.geronimo.management.geronimo.CertificateStore certStore, org.apache.geronimo.management.geronimo.CertificateRequestStore certReqStore, org.apache.geronimo.kernel.Kernel kernel, org.apache.geronimo.gbean.AbstractName abstractName)` Constructor

Constructor Summary

GeronimoCertificationAuthority(org.apache.geronimo.system.serverinfo.ServerInfo serverInfo,
                                                             org.apache.geronimo.management.geronimo.KeystoreInstance caKeystore,
                                                             org.apache.geronimo.management.geronimo.CertificateStore certStore,
                                                             org.apache.geronimo.management.geronimo.CertificateRequestStore certReqStore,
                                                             org.apache.geronimo.kernel.Kernel kernel,
                                                             org.apache.geronimo.gbean.AbstractName abstractName)

Constructor

Method Summary
`void`	`doFail()`
`void`	`doStart()`
`void`	`doStop()`
`Certificate`	`getCertificate()` This method returns CA's own certificate.
`Certificate`	`getCertificate(BigInteger sNo)` This method retrieves a certificate with the specified serial number.
`String`	`getCertificateBase64Text(BigInteger sNo)` This method retrieves a certificate with the specified serial number.
`static org.apache.geronimo.gbean.GBeanInfo`	`getGBeanInfo()`
`BigInteger`	`getHighestSerialNumber()` This method returns the highest serial number used by the CA.
`X500Principal`	`getName()` This method returns CA's name.
`BigInteger`	`getNextSerialNumber()` This method returns the next serial number that can be used to issue a certificate and increments the highest serial number.
`boolean`	`isCertificateIssued(BigInteger sNo)` This method checks if a Certificate with a given serial number is already issued.
`boolean`	`isLocked()` This method checks if the CA is locked.
`Certificate`	`issueCertificate(X500Principal subject, PublicKey publicKey, BigInteger sNo, Date validFromDate, Date validToDate, String algorithm)` This method issues a certificate.
`void`	`issueOwnCertificate(BigInteger sNo, Date validFromDate, Date validToDate, String algorithm)` This method makes the CA issue a self-signed certificate with given details.
`void`	`lock()` This method locks the CA.
`void`	`unlock(char[] password)` This method unlocks the CA.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

GBEAN_INFO

public static final org.apache.geronimo.gbean.GBeanInfo GBEAN_INFO

Constructor Detail

GeronimoCertificationAuthority

public GeronimoCertificationAuthority(org.apache.geronimo.system.serverinfo.ServerInfo serverInfo,
                                      org.apache.geronimo.management.geronimo.KeystoreInstance caKeystore,
                                      org.apache.geronimo.management.geronimo.CertificateStore certStore,
                                      org.apache.geronimo.management.geronimo.CertificateRequestStore certReqStore,
                                      org.apache.geronimo.kernel.Kernel kernel,
                                      org.apache.geronimo.gbean.AbstractName abstractName)

Constructor

Parameters:: instance - KeystoreInstance containing CA's private-key and certificate; certStore - CertificateStore for storing certificates issued by this CA; certReqStore - CeetificateRequestStore for storing certificates requests

Method Detail

isLocked

public boolean isLocked()

This method checks if the CA is locked.

Specified by:: isLocked in interface org.apache.geronimo.management.geronimo.CertificationAuthority

Returns:: true if CA is locked, false otherwise.

lock

public void lock()

This method locks the CA.

Specified by:: lock in interface org.apache.geronimo.management.geronimo.CertificationAuthority

unlock

public void unlock(char[] password)
            throws org.apache.geronimo.management.geronimo.CertificationAuthorityException

This method unlocks the CA.

Specified by:: unlock in interface org.apache.geronimo.management.geronimo.CertificationAuthority

Parameters:: password - Password to unlock the CA.
Throws:: org.apache.geronimo.management.geronimo.CertificationAuthorityException

getName

public X500Principal getName()
                      throws org.apache.geronimo.management.geronimo.CertificationAuthorityException

This method returns CA's name.

Specified by:: getName in interface org.apache.geronimo.management.geronimo.CertificationAuthority

Throws:: Exception - if CA is locked.; org.apache.geronimo.management.geronimo.CertificationAuthorityException

getCertificate

public Certificate getCertificate()
                           throws org.apache.geronimo.management.geronimo.CertificationAuthorityException

This method returns CA's own certificate.

Specified by:: getCertificate in interface org.apache.geronimo.management.geronimo.CertificationAuthority

Throws:: Exception - if CA is locked.; org.apache.geronimo.management.geronimo.CertificationAuthorityException

issueOwnCertificate

public void issueOwnCertificate(BigInteger sNo,
                                Date validFromDate,
                                Date validToDate,
                                String algorithm)
                         throws org.apache.geronimo.management.geronimo.CertificationAuthorityException

This method makes the CA issue a self-signed certificate with given details. This method is usually called while initializing the CA.

Specified by:: issueOwnCertificate in interface org.apache.geronimo.management.geronimo.CertificationAuthority

Parameters:: sNo - Serial number for self-signed certificate; validFromDate - Certificate validity period start date; validToDate - Certificate validity period end date; algorithm - Signature algorithm for self-signed certificate
Throws:: org.apache.geronimo.management.geronimo.CertificationAuthorityException

issueCertificate

public Certificate issueCertificate(X500Principal subject,
                                    PublicKey publicKey,
                                    BigInteger sNo,
                                    Date validFromDate,
                                    Date validToDate,
                                    String algorithm)
                             throws org.apache.geronimo.management.geronimo.CertificationAuthorityException

This method issues a certificate.

Specified by:: issueCertificate in interface org.apache.geronimo.management.geronimo.CertificationAuthority

Parameters:: subject - Subject X500Principal; publicKey - Subject's public key; sNo - Serial number for the certificate to be issued; validFromDate - Certificate validity period start date; validToDate - Certificate validity period end date; algorithm - Signature algorithm for the certificate
Returns:: newly issued certificate
Throws:: org.apache.geronimo.management.geronimo.CertificationAuthorityException

getHighestSerialNumber

public BigInteger getHighestSerialNumber()
                                  throws org.apache.geronimo.management.geronimo.CertificationAuthorityException

This method returns the highest serial number used by the CA.

Specified by:: getHighestSerialNumber in interface org.apache.geronimo.management.geronimo.CertificationAuthority

Throws:: org.apache.geronimo.management.geronimo.CertificationAuthorityException

isCertificateIssued

public boolean isCertificateIssued(BigInteger sNo)
                            throws org.apache.geronimo.management.geronimo.CertificationAuthorityException

This method checks if a Certificate with a given serial number is already issued.

Specified by:: isCertificateIssued in interface org.apache.geronimo.management.geronimo.CertificationAuthority

Parameters:: sNo - The serial number of the the certificate to be looked for
Returns:: true if a certificate with the specified serial number has already been issued
Throws:: org.apache.geronimo.management.geronimo.CertificationAuthorityException

getNextSerialNumber

public BigInteger getNextSerialNumber()
                               throws org.apache.geronimo.management.geronimo.CertificationAuthorityException

This method returns the next serial number that can be used to issue a certificate and increments the highest serial number.

Specified by:: getNextSerialNumber in interface org.apache.geronimo.management.geronimo.CertificationAuthority

Throws:: org.apache.geronimo.management.geronimo.CertificationAuthorityException

getCertificate

public Certificate getCertificate(BigInteger sNo)
                           throws org.apache.geronimo.management.geronimo.CertificationAuthorityException

This method retrieves a certificate with the specified serial number.

Specified by:: getCertificate in interface org.apache.geronimo.management.geronimo.CertificationAuthority

Parameters:: sNo - The serial number of the certificate to be retrieved
Returns:: java.security.cert.Certificate instance of the certificate
Throws:: org.apache.geronimo.management.geronimo.CertificationAuthorityException

getCertificateBase64Text

public String getCertificateBase64Text(BigInteger sNo)
                                throws org.apache.geronimo.management.geronimo.CertificationAuthorityException

This method retrieves a certificate with the specified serial number.

Specified by:: getCertificateBase64Text in interface org.apache.geronimo.management.geronimo.CertificationAuthority

Parameters:: sNo - The serial number of the certificate to be retrieved
Returns:: base64 encoded certificate text
Throws:: org.apache.geronimo.management.geronimo.CertificationAuthorityException

doFail

public void doFail()

Specified by:: doFail in interface org.apache.geronimo.gbean.GBeanLifecycle

doStart

public void doStart()
             throws Exception

Specified by:: doStart in interface org.apache.geronimo.gbean.GBeanLifecycle

Throws:: Exception

doStop

public void doStop()
            throws Exception

Specified by:: doStop in interface org.apache.geronimo.gbean.GBeanLifecycle

Throws:: Exception

getGBeanInfo

public static org.apache.geronimo.gbean.GBeanInfo getGBeanInfo()

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.geronimo.security.ca Class GeronimoCertificationAuthority

GBEAN_INFO

GeronimoCertificationAuthority

isLocked

lock

unlock

getName

getCertificate

issueOwnCertificate

issueCertificate

getHighestSerialNumber

isCertificateIssued

getNextSerialNumber

getCertificate

getCertificateBase64Text

doFail

doStart

doStop

getGBeanInfo

org.apache.geronimo.security.ca
Class GeronimoCertificationAuthority