Package org.globus.gsi
Class X509Credential
java.lang.Object
org.globus.gsi.X509Credential
- All Implemented Interfaces:
Serializable
FILL ME
This class equivalent was called GlobusCredential in CoG -maybe a better name?
- Author:
- ranantha@mcs.anl.gov
- See Also:
-
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionX509Credential
(InputStream input) X509Credential
(InputStream certInputStream, InputStream keyInputStream) X509Credential
(String proxyFile) X509Credential
(String certFile, String keyFile) X509Credential
(PrivateKey initKey, X509Certificate[] initCertChain) -
Method Summary
Modifier and TypeMethodDescriptionboolean
int
Returns the number of certificates in the credential without the self-signed certificates.static X509Credential
Returns the default credential.Returns the identity of this credential.Returns the identity certificate of this credential.Returns the issuer DN of the first certificate in the chain.int
Returns the path length constraint.getPrivateKey
(String password) Returns the certificate type of the first certificate in the chain.int
Returns strength of the private/public key in bits.int
getStrength
(String password) Returns strength of the private/public key in bits.Returns the subject DN of the first certificate in the chain.long
Returns time left of this credential.int
hashCode()
boolean
protected void
load
(InputStream input) protected void
loadCertificate
(InputStream input) protected void
loadKey
(InputStream input) void
save
(OutputStream out) void
void
saveKey
(OutputStream out) static void
Sets default credential.toString()
void
verify()
Verifies the validity of the credentials.void
writeToFile
(File file) void
writeToFile
(File certFile, File keyFile)
-
Field Details
-
BUFFER_SIZE
public static final int BUFFER_SIZE- See Also:
-
-
Constructor Details
-
X509Credential
-
X509Credential
public X509Credential(InputStream certInputStream, InputStream keyInputStream) throws CredentialException - Throws:
CredentialException
-
X509Credential
- Throws:
CredentialException
IOException
-
X509Credential
- Throws:
CredentialException
-
X509Credential
- Throws:
CredentialException
-
-
Method Details
-
getCertificateChain
-
getPrivateKey
- Throws:
CredentialException
-
getPrivateKey
- Throws:
CredentialException
-
isEncryptedKey
public boolean isEncryptedKey() -
saveKey
- Throws:
IOException
-
saveCertificateChain
-
save
-
writeToFile
-
writeToFile
public void writeToFile(File certFile, File keyFile) throws IOException, CertificateEncodingException -
getNotBefore
-
getCertNum
public int getCertNum()Returns the number of certificates in the credential without the self-signed certificates.- Returns:
- number of certificates without counting self-signed certificates
-
getStrength
Returns strength of the private/public key in bits.- Returns:
- strength of the key in bits. Returns -1 if unable to determine it.
- Throws:
CredentialException
-
getStrength
Returns strength of the private/public key in bits.- Returns:
- strength of the key in bits. Returns -1 if unable to determine it.
- Throws:
CredentialException
-
getSubject
Returns the subject DN of the first certificate in the chain.- Returns:
- subject DN.
-
getIssuer
Returns the issuer DN of the first certificate in the chain.- Returns:
- issuer DN.
-
getProxyType
Returns the certificate type of the first certificate in the chain. Returns -1 if unable to determine the certificate type (an error occurred)- Returns:
- the type of first certificate in the chain. -1 if unable to determine the certificate type.
- See Also:
-
getTimeLeft
public long getTimeLeft()Returns time left of this credential. The time left of the credential is based on the certificate with the shortest validity time.- Returns:
- time left in seconds. Returns 0 if the certificate has expired.
-
getIdentity
Returns the identity of this credential.- Returns:
- The identity cert in Globus format (e.g. /C=US/..). Null, if unable to get the identity (an error occurred)
- See Also:
-
getIdentityCertificate
Returns the identity certificate of this credential. The identity certificate is the first certificate in the chain that is not an impersonation proxy certificate.- Returns:
X509Certificate
the identity cert. Null, if unable to get the identity certificate (an error occurred)
-
getPathConstraint
public int getPathConstraint()Returns the path length constraint. The shortest length in the chain of certificates is returned as the credential's path length.- Returns:
- The path length constraint of the credential. -1 is any error occurs.
-
verify
Verifies the validity of the credentials. All certificate path validation is performed using trusted certificates in default locations.- Throws:
CredentialException
- if one of the certificates in the chain expired or if path validiation fails.
-
getDefaultCredential
Returns the default credential. The default credential is usually the user proxy certificate.
The credential will be loaded on the initial call. It must not be expired. All subsequent calls to this function return cached credential object. Once the credential is cached, and the underlying file changes, the credential will be reloaded.- Returns:
- the default credential.
- Throws:
CredentialException
- if the credential expired or some other error with the credential.
-
setDefaultCredential
Sets default credential.- Parameters:
cred
- the credential to set a default.
-
toString
-
load
- Throws:
CredentialException
-
loadCertificate
- Throws:
CredentialException
-
loadKey
- Throws:
CredentialException
-
equals
-
hashCode
public int hashCode()
-