public class ProxyGeneratorHelper
extends java.lang.Object
ProxyGenerator
.Modifier and Type | Field and Description |
---|---|
private X509v3CertificateBuilder |
certBuilder |
private java.security.cert.X509Certificate |
proxy |
private java.security.PrivateKey |
proxyPrivateKey |
private org.bouncycastle.asn1.x509.SubjectPublicKeyInfo |
proxyPublicKeyInfo |
Constructor and Description |
---|
ProxyGeneratorHelper() |
Modifier and Type | Method and Description |
---|---|
private void |
addExtensions(BaseProxyCertificateOptions param) |
private void |
buildCertificate(java.security.cert.X509Certificate issuingCert,
java.security.PrivateKey privateKey) |
private void |
establishKeys(ProxyCertificateOptions param) |
private org.bouncycastle.asn1.x509.KeyUsage |
establishKeyUsage(BaseProxyCertificateOptions param) |
static java.math.BigInteger |
establishSerial(BaseProxyCertificateOptions param)
For LEGACY proxies returns the serial from the issuing certificate.
|
ProxyCertificate |
generate(ProxyCertificateOptions param,
java.security.PrivateKey privateKey)
Generate the proxy certificate object from the local certificate.
|
java.security.cert.X509Certificate[] |
generate(ProxyRequestOptions param,
java.security.PrivateKey privateKey)
Generate the proxy certificate object from the received Certificate Signing Request.
|
private ProxyCertificate |
generateCommon(BaseProxyCertificateOptions param,
java.security.PrivateKey privateKey) |
static org.bouncycastle.asn1.x500.X500Name |
generateDN(javax.security.auth.x500.X500Principal parentSubject,
ProxyType type,
boolean limited,
java.math.BigInteger serial)
Generate a correct DN for the proxy, depending on its type.
|
static java.security.KeyPair |
generateKeyPair(int len) |
static java.lang.Integer |
getChainKeyUsage(java.security.cert.X509Certificate[] chain)
If the input chain has no KeyUsage extension null is returned.
|
private void |
setupCertBuilder(BaseProxyCertificateOptions param) |
private ProxyCertificate |
wrapResult(java.security.cert.X509Certificate[] originalChain) |
private org.bouncycastle.asn1.x509.SubjectPublicKeyInfo proxyPublicKeyInfo
private transient java.security.PrivateKey proxyPrivateKey
private X509v3CertificateBuilder certBuilder
private java.security.cert.X509Certificate proxy
public ProxyCertificate generate(ProxyCertificateOptions param, java.security.PrivateKey privateKey) throws java.security.InvalidKeyException, java.security.SignatureException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateParsingException, java.io.IOException
param
- proxy parametersprivateKey
- key to sign the proxyjava.security.InvalidKeyException
- invalid key exceptionjava.security.SignatureException
- signature exceptionjava.security.NoSuchAlgorithmException
- no such algorithm exceptionjava.security.cert.CertificateParsingException
- certificate parsing exceptionjava.io.IOException
- IO exceptionpublic java.security.cert.X509Certificate[] generate(ProxyRequestOptions param, java.security.PrivateKey privateKey) throws java.security.InvalidKeyException, java.security.SignatureException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateParsingException, java.io.IOException
param
- proxy parametersprivateKey
- key to sign the proxyjava.security.InvalidKeyException
- invalid key exceptionjava.security.SignatureException
- signature exceptionjava.security.NoSuchAlgorithmException
- no such algorithm exceptionjava.security.cert.CertificateParsingException
- certificate encoding exceptionjava.io.IOException
- IO exceptionprivate ProxyCertificate generateCommon(BaseProxyCertificateOptions param, java.security.PrivateKey privateKey) throws java.security.InvalidKeyException, java.security.SignatureException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateParsingException, java.io.IOException
java.security.InvalidKeyException
java.security.SignatureException
java.security.NoSuchAlgorithmException
java.security.cert.CertificateParsingException
java.io.IOException
private void establishKeys(ProxyCertificateOptions param) throws java.security.InvalidKeyException
java.security.InvalidKeyException
private void setupCertBuilder(BaseProxyCertificateOptions param) throws java.security.InvalidKeyException
java.security.InvalidKeyException
public static java.lang.Integer getChainKeyUsage(java.security.cert.X509Certificate[] chain)
chain
- certificate chainprivate org.bouncycastle.asn1.x509.KeyUsage establishKeyUsage(BaseProxyCertificateOptions param)
private void addExtensions(BaseProxyCertificateOptions param) throws java.io.IOException
java.io.IOException
private void buildCertificate(java.security.cert.X509Certificate issuingCert, java.security.PrivateKey privateKey) throws java.security.cert.CertificateParsingException, java.security.InvalidKeyException, java.security.NoSuchProviderException, java.security.NoSuchAlgorithmException, java.security.SignatureException, java.io.IOException
java.security.cert.CertificateParsingException
java.security.InvalidKeyException
java.security.NoSuchProviderException
java.security.NoSuchAlgorithmException
java.security.SignatureException
java.io.IOException
private ProxyCertificate wrapResult(java.security.cert.X509Certificate[] originalChain) throws java.security.InvalidKeyException
java.security.InvalidKeyException
public static java.math.BigInteger establishSerial(BaseProxyCertificateOptions param)
param
- proxy certificate optionspublic static org.bouncycastle.asn1.x500.X500Name generateDN(javax.security.auth.x500.X500Principal parentSubject, ProxyType type, boolean limited, java.math.BigInteger serial)
parentSubject
- parent subjecttype
- proxy typelimited
- true if limited proxyserial
- serial numberpublic static java.security.KeyPair generateKeyPair(int len)