Package org.nuxeo.ecm.platform.signature.core.pki

Class CertServiceImpl

java.lang.Object

org.nuxeo.runtime.model.DefaultComponent

org.nuxeo.ecm.platform.signature.core.pki.CertServiceImpl

All Implemented Interfaces:

CertService, Adaptable, Component, Extensible, TimestampedService

public class CertServiceImpl
extends DefaultComponent
implements CertService

Base implementation of the certification service.

Field Summary

Fields

Modifier and Type	Field	Description
protected X509Certificate	rootCertificate
protected RootService	rootService

Fields inherited from class org.nuxeo.runtime.model.DefaultComponent

lastModified, name

Constructor Summary

Constructors

Constructor	Description
CertServiceImpl()

Method Summary

Modifier and Type	Method	Description
protected Date	getCertEndDate()
protected X509Certificate	getCertificate(KeyPair keyPair, UserInfo userInfo)
X509Certificate	getCertificate(KeyStore ks, String certificateAlias)	Retrieves an existing certificate from a keystore using keystore's certificate alias.
String	getCertificateEmail(X509Certificate certificate)	Extracts the email address from a certificate
protected Date	getCertStartDate()
KeyPair	getKeyPair(KeyStore ks, String keyAlias, String certAlias, String keyPassword)	Retrieves existing private and public key from a KeyStore.
KeyStore	getKeyStore(InputStream keystoreIS, String password)	Retrieves a KeyStore object from a supplied InputStream.
X509Certificate	getRootCertificate()	Retrieves the root certificate.
protected RootService	getRootService()
KeyStore	initializeUser(UserInfo userInfo, String suppliedPassword)	Generates a private key and a public certificate for a user whose X.509 field information was enclosed in a UserInfo parameter.
void	setRootService(RootService rootService)	Sets up a root service to be used for CA-related services like certificate request signing and certificate revocation.
void	storeCertificate(KeyStore keystore, OutputStream os, String keystorePassword)	Wraps a certificate object into an OutputStream object secured by a keystore password

Methods inherited from class org.nuxeo.runtime.model.DefaultComponent

activate, addRuntimeMessage, addRuntimeMessage, deactivate, getAdapter, getDescriptor, getDescriptors, getLastModified, getRegistry, register, registerContribution, registerExtension, setLastModified, setModifiedNow, setName, start, stop, unregister, unregisterContribution, unregisterExtension

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.nuxeo.runtime.model.Component

getApplicationStartedOrder

Field Details

rootService

protected RootService rootService

rootCertificate

protected X509Certificate rootCertificate

Constructor Details

CertServiceImpl

public CertServiceImpl()

Method Details

setRootService

public void setRootService(RootService rootService)

Description copied from interface: CertService

Sets up a root service to be used for CA-related services like certificate request signing and certificate revocation.

Specified by:

setRootService in interface CertService

getRootCertificate

public X509Certificate getRootCertificate()
                                   throws CertException

Description copied from interface: CertService

Retrieves the root certificate.

Specified by:

getRootCertificate in interface CertService

Throws:

CertException

getCertStartDate

protected Date getCertStartDate()

getCertEndDate

protected Date getCertEndDate()

initializeUser

public KeyStore initializeUser(UserInfo userInfo,
 String suppliedPassword)
                        throws CertException

Description copied from interface: CertService

Generates a private key and a public certificate for a user whose X.509 field information was enclosed in a UserInfo parameter. Stores those artifacts in a password protected keystore. This is the principal method for activating a new certificate and signing it with a root certificate.

Specified by:

initializeUser in interface CertService

Returns:

KeyStore based on the provided userInfo

Throws:

CertException

getKeyPair

public KeyPair getKeyPair(KeyStore ks,
 String keyAlias,
 String certAlias,
 String keyPassword)
                   throws CertException

Description copied from interface: CertService

Retrieves existing private and public key from a KeyStore.

Specified by:

getKeyPair in interface CertService

Throws:

CertException

getCertificate

public X509Certificate getCertificate(KeyStore ks,
 String certificateAlias)
                               throws CertException

Description copied from interface: CertService

Retrieves an existing certificate from a keystore using keystore's certificate alias.

Specified by:

getCertificate in interface CertService

Throws:

CertException

getCertificate

protected X509Certificate getCertificate(KeyPair keyPair,
 UserInfo userInfo)
                                  throws CertException

Throws:

CertException

getKeyStore

public KeyStore getKeyStore(InputStream keystoreIS,
 String password)
                     throws CertException

Description copied from interface: CertService

Retrieves a KeyStore object from a supplied InputStream. Requires a keystore password.

Specified by:

getKeyStore in interface CertService

Throws:

CertException

getCertificateEmail

public String getCertificateEmail(X509Certificate certificate)
                           throws CertException

Description copied from interface: CertService

Extracts the email address from a certificate

Specified by:

getCertificateEmail in interface CertService

Throws:

CertException

storeCertificate

public void storeCertificate(KeyStore keystore,
 OutputStream os,
 String keystorePassword)
                      throws CertException

Description copied from interface: CertService

Wraps a certificate object into an OutputStream object secured by a keystore password

Specified by:

storeCertificate in interface CertService

Throws:

CertException

getRootService

protected RootService getRootService()
                              throws CertException

Throws:

CertException