Class CertServiceImpl
java.lang.Object
org.nuxeo.runtime.model.DefaultComponent
org.nuxeo.ecm.platform.signature.core.pki.CertServiceImpl
- All Implemented Interfaces:
CertService
,Adaptable
,Component
,Extensible
,TimestampedService
Base implementation of the certification service.
-
Field Summary
Fields inherited from class org.nuxeo.runtime.model.DefaultComponent
lastModified, name
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected Date
protected X509Certificate
getCertificate
(KeyPair keyPair, UserInfo userInfo) getCertificate
(KeyStore ks, String certificateAlias) Retrieves an existing certificate from a keystore using keystore's certificate alias.getCertificateEmail
(X509Certificate certificate) Extracts the email address from a certificateprotected Date
getKeyPair
(KeyStore ks, String keyAlias, String certAlias, String keyPassword) Retrieves existing private and public key from a KeyStore.getKeyStore
(InputStream keystoreIS, String password) Retrieves a KeyStore object from a supplied InputStream.Retrieves the root certificate.protected RootService
initializeUser
(UserInfo userInfo, String suppliedPassword) Generates a private key and a public certificate for a user whose X.509 field information was enclosed in a UserInfo parameter.void
setRootService
(RootService rootService) Sets up a root service to be used for CA-related services like certificate request signing and certificate revocation.void
storeCertificate
(KeyStore keystore, OutputStream os, String keystorePassword) Wraps a certificate object into an OutputStream object secured by a keystore passwordMethods inherited from class org.nuxeo.runtime.model.DefaultComponent
activate, addRuntimeMessage, addRuntimeMessage, deactivate, getAdapter, getDescriptor, getDescriptors, getLastModified, getRegistry, register, registerContribution, registerExtension, setLastModified, setModifiedNow, setName, start, stop, unregister, unregisterContribution, unregisterExtension
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.nuxeo.runtime.model.Component
getApplicationStartedOrder
-
Field Details
-
rootService
-
rootCertificate
-
-
Constructor Details
-
CertServiceImpl
public CertServiceImpl()
-
-
Method Details
-
setRootService
Description copied from interface:CertService
Sets up a root service to be used for CA-related services like certificate request signing and certificate revocation.- Specified by:
setRootService
in interfaceCertService
-
getRootCertificate
Description copied from interface:CertService
Retrieves the root certificate.- Specified by:
getRootCertificate
in interfaceCertService
- Throws:
CertException
-
getCertStartDate
-
getCertEndDate
-
initializeUser
Description copied from interface:CertService
Generates a private key and a public certificate for a user whose X.509 field information was enclosed in a UserInfo parameter. Stores those artifacts in a password protected keystore. This is the principal method for activating a new certificate and signing it with a root certificate.- Specified by:
initializeUser
in interfaceCertService
- Returns:
- KeyStore based on the provided userInfo
- Throws:
CertException
-
getKeyPair
public KeyPair getKeyPair(KeyStore ks, String keyAlias, String certAlias, String keyPassword) throws CertException Description copied from interface:CertService
Retrieves existing private and public key from a KeyStore.- Specified by:
getKeyPair
in interfaceCertService
- Throws:
CertException
-
getCertificate
Description copied from interface:CertService
Retrieves an existing certificate from a keystore using keystore's certificate alias.- Specified by:
getCertificate
in interfaceCertService
- Throws:
CertException
-
getCertificate
- Throws:
CertException
-
getKeyStore
Description copied from interface:CertService
Retrieves a KeyStore object from a supplied InputStream. Requires a keystore password.- Specified by:
getKeyStore
in interfaceCertService
- Throws:
CertException
-
getCertificateEmail
Description copied from interface:CertService
Extracts the email address from a certificate- Specified by:
getCertificateEmail
in interfaceCertService
- Throws:
CertException
-
storeCertificate
public void storeCertificate(KeyStore keystore, OutputStream os, String keystorePassword) throws CertException Description copied from interface:CertService
Wraps a certificate object into an OutputStream object secured by a keystore password- Specified by:
storeCertificate
in interfaceCertService
- Throws:
CertException
-
getRootService
- Throws:
CertException
-