Modifier and Type | Field | Description |
---|---|---|
protected String |
base |
Base URL of certificate authority
|
protected String |
baseCaCert |
URL of CA cert
|
protected static X509Certificate |
cacert |
CA certificate (cached)
|
protected String |
caDN |
CA DN
|
protected static Logger |
logger |
Constructor | Description |
---|---|
TestCA() |
Create new TestCA
|
Modifier and Type | Method | Description |
---|---|---|
X509Certificate |
downloadCertificate(PKCS10CertificationRequest req,
Properties info) |
Download a certificate from the Test CA
|
String |
encodeCertificationRequest(PKCS10CertificationRequest req,
Properties info) |
Just returns the PEM encoded version of the request.
|
X509Certificate |
getCACertificate() |
Return the CA certificate
|
boolean |
isCertificationRequestProcessed(PKCS10CertificationRequest req,
Properties info) |
Checks to see if a certificate signing request was processed by a CA.
|
boolean |
isIssuer(X509Certificate cert) |
Return whether a certificate was issued by this CA
|
String |
signCertificationRequest(PKCS10CertificationRequest req,
Properties info,
PrivateKey oldKey,
X509Certificate oldCert) |
TestCA does not handle renewals differently than ordinary requests.
|
void |
uploadCertificationRequest(String req,
Properties info) |
Uploads a user certificate signing request onto the Test CA
|
protected static final Logger logger
protected String base
protected String baseCaCert
protected static X509Certificate cacert
protected String caDN
public TestCA() throws NoSuchAlgorithmException, KeyManagementException
public String encodeCertificationRequest(PKCS10CertificationRequest req, Properties info) throws IOException
encodeCertificationRequest
in interface CA
req
- certificate signing requestinfo
- extra information that may be sent with the request (implementation-dependent)IOException
public String signCertificationRequest(PKCS10CertificationRequest req, Properties info, PrivateKey oldKey, X509Certificate oldCert) throws IOException
signCertificationRequest
in interface CA
req
- certificate signing requestinfo
- extra information that may be sent with the request (implementation-dependent)oldKey
- key to sign request witholdCert
- certificate to sign request withIOException
public void uploadCertificationRequest(String req, Properties info) throws IOException
uploadCertificationRequest
in interface CA
req
- certification signing request request returned by encode/signinfo
- extra information that may be sent with the request (implementation-dependant); email
and fullname
are used hereIOException
public boolean isCertificationRequestProcessed(PKCS10CertificationRequest req, Properties info) throws IOException
CA
When true, the certificate can be downloaded using CA.downloadCertificate(org.bouncycastle.jce.PKCS10CertificationRequest, java.util.Properties)
.
Implementers of this CA interface could, for example, just return if
CA.downloadCertificate(org.bouncycastle.jce.PKCS10CertificationRequest, java.util.Properties)
would complete without errors, optionally caching the
fetched certificate.
isCertificationRequestProcessed
in interface CA
req
- the certificate signing request that was sentinfo
- properties supplied to previous methods as wellIOException
public X509Certificate downloadCertificate(PKCS10CertificationRequest req, Properties info) throws IOException
downloadCertificate
in interface CA
req
- the certificate signing request that was sent (not used by TestCA)info
- properties supplied to previous methods as wellIOException
public X509Certificate getCACertificate() throws IOException
Test CA certificate is downloaded once each program run.
getCACertificate
in interface CA
IOException
public boolean isIssuer(X509Certificate cert)
Copyright © 2010-2018 Nikhef / Stichting FOM. All Rights Reserved.