|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object issrg.utils.ssl.UtilitySSL
public final class UtilitySSL
general ssl connection methods. to be used throughout PERMIS.
Method Summary | |
---|---|
static int |
keepPrincipal(java.security.KeyStore keyStore,
java.security.Principal keepPrincipal)
Strip out all by the given principal's PKC. |
static javax.net.ssl.KeyManagerFactory |
keyManagerFactory(java.security.KeyStore identityStore,
char[] identityStorePassword,
java.lang.String identityManagerFactoryService)
convinenece overloaded method. |
static javax.net.ssl.KeyManagerFactory |
keyManagerFactory(java.security.KeyStore identityStore,
char[] identityStorePassword,
java.lang.String identityManagerFactoryService,
java.lang.String identityManagerFactoryProvider)
create a key manager factory. |
static java.security.KeyStore |
loadKeyStore(java.io.InputStream keyStoreInputStream,
char[] keyStorePassword,
java.lang.String keyStoreService)
convinenece overloaded method. |
static java.security.KeyStore |
loadKeyStore(java.io.InputStream keyStoreInputStream,
char[] keyStorePassword,
java.lang.String keyStoreService,
java.lang.String keyStoreProvider)
load in a key store. |
static java.security.KeyStore |
loadKeyStore(java.lang.String fileName,
char[] keyStorePassword,
java.lang.String keyStoreService)
|
static javax.net.ssl.SSLContext |
setupSSLContext(javax.net.ssl.KeyManagerFactory keyManagerFactory,
javax.net.ssl.TrustManagerFactory trustManagerFactory,
java.lang.String sslContextService,
java.lang.String sslContextProvider,
java.lang.String secureRandomNumberService,
java.lang.String secureRandomNumberProvider)
creates an SSLContext from the with key and trust managers. |
static javax.net.ssl.TrustManagerFactory |
trustManagerFactory(java.security.KeyStore trustStore,
java.lang.String trustManagerFactoryService)
convinenece overloaded method. |
static javax.net.ssl.TrustManagerFactory |
trustManagerFactory(java.security.KeyStore trustStore,
java.lang.String trustManagerFactoryService,
java.lang.String trustManagerFactoryProvider)
create a trust manager factory. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Method Detail |
---|
public static final java.security.KeyStore loadKeyStore(java.io.InputStream keyStoreInputStream, char[] keyStorePassword, java.lang.String keyStoreService, java.lang.String keyStoreProvider) throws UtilitySSLException
The input stream is then closed, by this method.
If a password is incorrect than a UtilitySSLPasswordException exception is thrown.
Note Java's implementation of PKCS#12 fails to return the correct cause exception of: UnrecoverableKeyException so incorrect password is difficult to detect !
keyStoreName
- the key store file namekeyStorePassword
- the key store passwordkeyStoreService
- the type of servicekeyStoreProvider
- the provider of the service (This is optional
and should be an empty String "" to specify
any provider)
UtilitySSLException
- with an embeded cause exception of
what went wrong.
UtilitySSLPasswordException
- if the password was identified
as being incorect (see above Note)public static final java.security.KeyStore loadKeyStore(java.io.InputStream keyStoreInputStream, char[] keyStorePassword, java.lang.String keyStoreService) throws UtilitySSLException
UtilitySSLException
public static final java.security.KeyStore loadKeyStore(java.lang.String fileName, char[] keyStorePassword, java.lang.String keyStoreService) throws UtilitySSLException
UtilitySSLException
public static final javax.net.ssl.KeyManagerFactory keyManagerFactory(java.security.KeyStore identityStore, char[] identityStorePassword, java.lang.String identityManagerFactoryService, java.lang.String identityManagerFactoryProvider) throws UtilitySSLException
Note: there is another form of initialisation (init method) which allowes the key store to be opened at the point of making the SSL connection. The choice of init method is providor specific. This other from is not implemented by Java's standard key manager factories, and is not implemented in this class (as of 2008.06.11).
identityStore
- a KeyStore containing the private keyidentityStorePassword
- the KeyStore password (same used to
access the KeyStore)identityManagerFactoryService
- type of key manager factory
E.g. "NewSunX509"identityManagerFactoryProvider
- (This is optional
and should be an empty String "" to specify
any provider)
UtilitySSLException
- with an embeded cause exception of
what went wrong.public static final javax.net.ssl.KeyManagerFactory keyManagerFactory(java.security.KeyStore identityStore, char[] identityStorePassword, java.lang.String identityManagerFactoryService) throws UtilitySSLException
UtilitySSLException
public static final javax.net.ssl.TrustManagerFactory trustManagerFactory(java.security.KeyStore trustStore, java.lang.String trustManagerFactoryService, java.lang.String trustManagerFactoryProvider) throws UtilitySSLException
trustStore
- the KeyStore containing the trusted PKC'strustManagerFactoryService
- the type of trust manager factory
e.g. "SunX509"trustManagerFactoryProvider
- (This is optional
and should be an empty String "" to specify
any provider)
UtilitySSLException
- with an embeded cause exception of
what went wrong.public static final javax.net.ssl.TrustManagerFactory trustManagerFactory(java.security.KeyStore trustStore, java.lang.String trustManagerFactoryService) throws UtilitySSLException
UtilitySSLException
public static final javax.net.ssl.SSLContext setupSSLContext(javax.net.ssl.KeyManagerFactory keyManagerFactory, javax.net.ssl.TrustManagerFactory trustManagerFactory, java.lang.String sslContextService, java.lang.String sslContextProvider, java.lang.String secureRandomNumberService, java.lang.String secureRandomNumberProvider) throws UtilitySSLException
keyManagerFactory
- that contains the identity KeyStorestrustManagerFactory
- that contains the trust KeyStoressslContextService
- the type of SSLContextsslContextProvider
- (This is optional
and should be an empty String "" to specify
any provider)secureRandomNumberService
- the type of Random Number GeneratorsecureRandomNumberProvider
- (This is optional
and should be an empty String "" to specify
any provider)
UtilitySSLException
- with an embeded cause exception of
what went wrong.public static final int keepPrincipal(java.security.KeyStore keyStore, java.security.Principal keepPrincipal) throws UtilitySSLException
remove from the key store every entry except ones belonging to the given principal.
This applies to TrustedCertificateEntry (PKC's) and PrivateKeyEntry (private key and the PKC chain)
This method was written in order to remove all trusted PKC's from a trust store except the PERMIS SOA.
KeyStore
- keepPrincipal
-
UtilitySSLException
- with an embedded cause exception,
that is thrown if this method failed to "delete"
one of the unwanted entries.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |