ProxyCertificate (Unicore Atomic Services 1.3.2 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

de.fzj.unicore.uas.security
Class ProxyCertificate

java.lang.Object
  de.fzj.unicore.uas.security.ProxyCertificate

public class ProxyCertificate
extends java.lang.Object
extends java.lang.Object

This class generates proxy certificates for use with Globus-based tools. These are "legacy" proxies according to http://dev.globus.org/wiki/Security/ProxyCertTypes
(Originally from the UNICORE 5 proxy cert plugin. Modified for use with UNICORE 6)

Author:: Thomas Kentemich, schuller

Field Summary
`static java.lang.String`	`BEGIN_CERT`
`static java.lang.String`	`BEGIN_PRIVATE`
`static java.lang.String`	`END_CERT`
`static java.lang.String`	`END_PRIVATE`
`static java.lang.String`	`PROXY_JKS_ALIAS`
`static java.lang.String`	`PROXY_JKS_PASSWORD`
`static java.lang.String`	`PROXY_SIGNATURE` property for defining the signature algorithm name default for RSA certs: SHA1WITHRSAENCRYPTION for DSA certs: SHA256WITHDSA

Method Summary
`java.security.cert.Certificate[]`	`getCertChain()` Returns the cert chain (proxy certificate and user certificate)
`static ProxyCertificate`	`getInstance(IUASSecurityProperties sec, boolean limited, long lifeTime, int keyLength)` Generate a new proxy certificate for each call.
`int`	`getKeyLength()` Return the length of the public/private key pair
`java.lang.String`	`getPEMEncoded()`
`java.security.PrivateKey`	`getPrivateKey()` Returns the private unprotected key of the proxy certificate
`java.security.cert.X509Certificate`	`getProxyCertificate()` Returns the proxy certifcate signed with the users private key
`java.security.PublicKey`	`getPublicKey()` Returns the public key of the proxy certificate
`java.security.cert.X509Certificate`	`getUserCertificate()` Returns the user certificate
`long`	`getValidFrom()` Returns start time of the proxy certificate
`long`	`getValidTo()` Returns end time of the proxy certificate
`boolean`	`isLimited()` Is this a limited proxy?
`void`	`writeJKS(java.lang.String fileName)` write to a JKS keystore (password is "unicore")
`void`	`writePEM(java.io.Writer writer)` write the proxy to the given writer in OpenSSL compatible format

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

BEGIN_CERT

public static final java.lang.String BEGIN_CERT

See Also:: Constant Field Values

END_CERT

public static final java.lang.String END_CERT

See Also:: Constant Field Values

BEGIN_PRIVATE

public static final java.lang.String BEGIN_PRIVATE

See Also:: Constant Field Values

END_PRIVATE

public static final java.lang.String END_PRIVATE

See Also:: Constant Field Values

PROXY_JKS_PASSWORD

public static final java.lang.String PROXY_JKS_PASSWORD

See Also:: Constant Field Values

PROXY_JKS_ALIAS

public static final java.lang.String PROXY_JKS_ALIAS

See Also:: Constant Field Values

PROXY_SIGNATURE

public static final java.lang.String PROXY_SIGNATURE

property for defining the signature algorithm name
default for RSA certs: SHA1WITHRSAENCRYPTION
for DSA certs: SHA256WITHDSA

See Also:: Constant Field Values

Method Detail

getProxyCertificate

public java.security.cert.X509Certificate getProxyCertificate()

Returns the proxy certifcate signed with the users private key

Returns:: the proxy certifcate

getPrivateKey

public java.security.PrivateKey getPrivateKey()

Returns the private unprotected key of the proxy certificate

Returns:: The private key

getPublicKey

public java.security.PublicKey getPublicKey()

Returns the public key of the proxy certificate

getCertChain

public java.security.cert.Certificate[] getCertChain()

Returns the cert chain (proxy certificate and user certificate)

getValidFrom

public long getValidFrom()

Returns start time of the proxy certificate

Returns:: Start time

getValidTo

public long getValidTo()

Returns end time of the proxy certificate

Returns:: End Time

getUserCertificate

public java.security.cert.X509Certificate getUserCertificate()

Returns the user certificate

Returns:: The user certificate

isLimited

public boolean isLimited()

Is this a limited proxy?

Returns:: Limited or not

getKeyLength

public int getKeyLength()

Return the length of the public/private key pair

Returns:: Length

getInstance

public static ProxyCertificate getInstance(IUASSecurityProperties sec,
                                           boolean limited,
                                           long lifeTime,
                                           int keyLength)
                                    throws java.lang.Exception

Generate a new proxy certificate for each call. Subject and issuer is the current default identity.

Parameters:: limited - Generate a limited proxy ?; lifeTime - Description of the Parameter; keyLength - Description of the Parameter
Throws:: java.lang.Exception - Description of the Exception

getPEMEncoded

public java.lang.String getPEMEncoded()
                               throws java.lang.Exception

Throws:: java.lang.Exception

writePEM

public void writePEM(java.io.Writer writer)
              throws java.io.IOException

write the proxy to the given writer in OpenSSL compatible format

Parameters:: writer -
Throws:: java.io.IOException

writeJKS

public void writeJKS(java.lang.String fileName)
              throws java.io.IOException

write to a JKS keystore (password is "unicore")

Parameters:: fileName - - the filename of the keystore to write
Throws:: java.io.IOException