issrg.security
Class PKCS12Security
java.lang.Object
issrg.security.DefaultVerifier
issrg.security.DefaultSecurity
issrg.security.PKCS12Security
- All Implemented Interfaces:
- SessionOriented, Signer, Verifier, javax.security.auth.spi.LoginModule
public class PKCS12Security
- extends DefaultSecurity
This class implements a security that uses a PKCS#12 file to authenticate
the user and obtain the signing and signature verification keys. The user
interaction is inherited from DefaultSecurity. Only the key methods are
overridden to log the user in using a known PKCS#12 file name, and
a method to construct a FilenameCallback.
| Fields inherited from class issrg.security.DefaultSecurity |
ch, DEFAULT_FILE, DEFAULT_FILE_STRING, DIGEST_ALGORITHM, digestAlgorithm, DSA_ALGORITHMS, KEY_ALGORITHMS, LAST_FILE_STRING, MD2_WITH_RSA_ALGORITHM, MD4_WITH_RSA_ALGORITHM, MD5_WITH_RSA_ALGORITHM, options, PASSWORD_SHARES_INTEGER, PASSWORD_SHARES_STRING, PASSWORD_STORED, PASSWORDS, PROMPT_STRING, RSA_ALGORITHMS, SHA1_WITH_DSA_ALGORITHM, SHA1_WITH_RSA_ALGORITHM, sharedState, subj, TITLE_STRING |
|
Method Summary |
FilenameCallback |
getFilenameCallback(java.lang.String defaultFile)
This method constructs a FilenameCallback that will filter out all but
PKCS#12 files with the extensions PKC_EXTENSION (".p12") and PFX_EXTENSION
(".pfx"). |
void |
login(java.lang.String pkcFile,
char[] password)
The method for logging the user in without GUI. |
| Methods inherited from class issrg.security.DefaultSecurity |
abort, commit, getDigestAlgorithm, getPrivateKey, getSignature, getSigningAlgorithmID, getVerificationCertificate, initialize, isLoggedIn, login, login, logout, setDigestAlgorithm, setPrivateKey, setSignature, sign |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
PKC_EXTENSION
public static final java.lang.String PKC_EXTENSION
- See Also:
- Constant Field Values
PFX_EXTENSION
public static final java.lang.String PFX_EXTENSION
- See Also:
- Constant Field Values
exts
public static final java.lang.String[] exts
PKCS12Security
public PKCS12Security()
throws SecurityException
- Throws:
SecurityException
login
public void login(java.lang.String pkcFile,
char[] password)
throws SecurityException
- The method for logging the user in without GUI. The method attempts to
decrypt the private key, then signs and verifies a signature on an
arbitrary
byte array to ensure that the private key and the PKC match. Note that for
signing purposes it is necessary to know the DN of the signer, which is
not included
in the private key.
After logging the user in the Root CAs are set to the collection of PKCs
in the PKCS#12 file, including the user's signature verification PKC. The
first PKC to match the signing key is used as the user's signature
verification key.
- Specified by:
login in class DefaultSecurity
- Parameters:
pkcFile - is the filename of the PKCS#12 constructpassword - is the password for decrypting the PKCS#12 file
- Throws:
SecurityException
getFilenameCallback
public FilenameCallback getFilenameCallback(java.lang.String defaultFile)
- This method constructs a FilenameCallback that will filter out all but
PKCS#12 files with the extensions PKC_EXTENSION (".p12") and PFX_EXTENSION
(".pfx").
- Specified by:
getFilenameCallback in class DefaultSecurity
- Parameters:
defaultFile - - the default file to use if the user doesn't make any
selection
- Returns:
- FilenameCallback configured to display PKCS#12 files only