Class CertServiceImpl
- java.lang.Object
-
- org.nuxeo.runtime.model.DefaultComponent
-
- org.nuxeo.ecm.platform.signature.core.pki.CertServiceImpl
-
- All Implemented Interfaces:
CertService
,Adaptable
,Component
,Extensible
,TimestampedService
public class CertServiceImpl extends DefaultComponent implements CertService
Base implementation of the certification service.
-
-
Field Summary
Fields Modifier and Type Field Description protected X509Certificate
rootCertificate
protected RootService
rootService
-
Fields inherited from class org.nuxeo.runtime.model.DefaultComponent
lastModified, name
-
-
Constructor Summary
Constructors Constructor Description CertServiceImpl()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected Date
getCertEndDate()
protected X509Certificate
getCertificate(KeyPair keyPair, UserInfo userInfo)
X509Certificate
getCertificate(KeyStore ks, String certificateAlias)
Retrieves an existing certificate from a keystore using keystore's certificate alias.String
getCertificateEmail(X509Certificate certificate)
Extracts the email address from a certificateprotected Date
getCertStartDate()
KeyPair
getKeyPair(KeyStore ks, String keyAlias, String certAlias, String keyPassword)
Retrieves existing private and public key from a KeyStore.KeyStore
getKeyStore(InputStream keystoreIS, String password)
Retrieves a KeyStore object from a supplied InputStream.X509Certificate
getRootCertificate()
Retrieves the root certificate.protected RootService
getRootService()
KeyStore
initializeUser(UserInfo userInfo, String suppliedPassword)
Generates a private key and a public certificate for a user whose X.509 field information was enclosed in a UserInfo parameter.void
setRootService(RootService rootService)
Sets up a root service to be used for CA-related services like certificate request signing and certificate revocation.void
storeCertificate(KeyStore keystore, OutputStream os, String keystorePassword)
Wraps a certificate object into an OutputStream object secured by a keystore password-
Methods inherited from class org.nuxeo.runtime.model.DefaultComponent
activate, addRuntimeMessage, addRuntimeMessage, deactivate, getAdapter, getDescriptor, getDescriptors, getLastModified, getRegistry, register, registerContribution, registerExtension, setLastModified, setModifiedNow, setName, start, stop, unregister, unregisterContribution, unregisterExtension
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.nuxeo.runtime.model.Component
applicationStarted, getApplicationStartedOrder
-
-
-
-
Field Detail
-
rootService
protected RootService rootService
-
rootCertificate
protected X509Certificate rootCertificate
-
-
Constructor Detail
-
CertServiceImpl
public CertServiceImpl()
-
-
Method Detail
-
setRootService
public void setRootService(RootService rootService)
Description copied from interface:CertService
Sets up a root service to be used for CA-related services like certificate request signing and certificate revocation.- Specified by:
setRootService
in interfaceCertService
-
getRootCertificate
public X509Certificate getRootCertificate() throws CertException
Description copied from interface:CertService
Retrieves the root certificate.- Specified by:
getRootCertificate
in interfaceCertService
- Throws:
CertException
-
getCertStartDate
protected Date getCertStartDate()
-
getCertEndDate
protected Date getCertEndDate()
-
initializeUser
public KeyStore initializeUser(UserInfo userInfo, String suppliedPassword) throws CertException
Description copied from interface:CertService
Generates a private key and a public certificate for a user whose X.509 field information was enclosed in a UserInfo parameter. Stores those artifacts in a password protected keystore. This is the principal method for activating a new certificate and signing it with a root certificate.- Specified by:
initializeUser
in interfaceCertService
- Returns:
- KeyStore based on the provided userInfo
- Throws:
CertException
-
getKeyPair
public KeyPair getKeyPair(KeyStore ks, String keyAlias, String certAlias, String keyPassword) throws CertException
Description copied from interface:CertService
Retrieves existing private and public key from a KeyStore.- Specified by:
getKeyPair
in interfaceCertService
- Throws:
CertException
-
getCertificate
public X509Certificate getCertificate(KeyStore ks, String certificateAlias) throws CertException
Description copied from interface:CertService
Retrieves an existing certificate from a keystore using keystore's certificate alias.- Specified by:
getCertificate
in interfaceCertService
- Throws:
CertException
-
getCertificate
protected X509Certificate getCertificate(KeyPair keyPair, UserInfo userInfo) throws CertException
- Throws:
CertException
-
getKeyStore
public KeyStore getKeyStore(InputStream keystoreIS, String password) throws CertException
Description copied from interface:CertService
Retrieves a KeyStore object from a supplied InputStream. Requires a keystore password.- Specified by:
getKeyStore
in interfaceCertService
- Throws:
CertException
-
getCertificateEmail
public String getCertificateEmail(X509Certificate certificate) throws CertException
Description copied from interface:CertService
Extracts the email address from a certificate- Specified by:
getCertificateEmail
in interfaceCertService
- Throws:
CertException
-
storeCertificate
public void storeCertificate(KeyStore keystore, OutputStream os, String keystorePassword) throws CertException
Description copied from interface:CertService
Wraps a certificate object into an OutputStream object secured by a keystore password- Specified by:
storeCertificate
in interfaceCertService
- Throws:
CertException
-
getRootService
protected RootService getRootService() throws CertException
- Throws:
CertException
-
-