Package nl.nikhef.jgridstart.ca

Class TestCA

java.lang.Object

nl.nikhef.jgridstart.ca.TestCA

All Implemented Interfaces:

CA

public class TestCA
extends Object
implements CA

This class is used to download a certificate from the Test CA

Author:

wvengen

Field Summary

Fields

Modifier and Type	Field	Description
protected String	base	Base URL of certificate authority
protected String	baseCaCert	URL of CA cert
protected static X509Certificate	cacert	CA certificate (cached)
protected String	caDN	CA DN
protected static Logger	logger

Constructor Summary

Constructors

Constructor	Description
TestCA()	Create new TestCA

Method Summary

Modifier and Type	Method	Description
X509Certificate	downloadCertificate(PKCS10CertificationRequest req, Properties info)	Download a certificate from the Test CA
String	encodeCertificationRequest(PKCS10CertificationRequest req, Properties info)	Just returns the PEM encoded version of the request.
X509Certificate	getCACertificate()	Return the CA certificate
boolean	isCertificationRequestProcessed(PKCS10CertificationRequest req, Properties info)	Checks to see if a certificate signing request was processed by a CA.
boolean	isIssuer(X509Certificate cert)	Return whether a certificate was issued by this CA
String	signCertificationRequest(PKCS10CertificationRequest req, Properties info, PrivateKey oldKey, X509Certificate oldCert)	TestCA does not handle renewals differently than ordinary requests.
void	uploadCertificationRequest(String req, Properties info)	Uploads a user certificate signing request onto the Test CA

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

logger

protected static final Logger logger

base

protected String base

Base URL of certificate authority

baseCaCert

protected String baseCaCert

URL of CA cert

cacert

protected static X509Certificate cacert

CA certificate (cached)

caDN

protected String caDN

CA DN

Constructor Detail

TestCA

public TestCA()
       throws NoSuchAlgorithmException,
              KeyManagementException

Create new TestCA

Throws:

NoSuchAlgorithmException

KeyManagementException

Method Detail

encodeCertificationRequest

public String encodeCertificationRequest(PKCS10CertificationRequest req,
                                         Properties info)
                                  throws IOException

Just returns the PEM encoded version of the request.

Specified by:

encodeCertificationRequest in interface CA

Parameters:

req - certificate signing request

info - extra information that may be sent with the request (implementation-dependent)

Returns:

string with encoded certificate signing request

Throws:

IOException

signCertificationRequest

public String signCertificationRequest(PKCS10CertificationRequest req,
                                       Properties info,
                                       PrivateKey oldKey,
                                       X509Certificate oldCert)
                                throws IOException

TestCA does not handle renewals differently than ordinary requests.

Specified by:

signCertificationRequest in interface CA

Parameters:

req - certificate signing request

info - extra information that may be sent with the request (implementation-dependent)

oldKey - key to sign request with

oldCert - certificate to sign request with

Returns:

string with encoded and signed certificate signing request

Throws:

IOException

uploadCertificationRequest

public void uploadCertificationRequest(String req,
                                       Properties info)
                                throws IOException

Uploads a user certificate signing request onto the Test CA

Specified by:

uploadCertificationRequest in interface CA

Parameters:

req - certification signing request request returned by encode/sign

info - extra information that may be sent with the request (implementation-dependant); email and fullname are used here

Throws:

IOException

isCertificationRequestProcessed

public boolean isCertificationRequestProcessed(PKCS10CertificationRequest req,
                                               Properties info)
                                        throws IOException

Description copied from interface: CA

Checks to see if a certificate signing request was processed by a CA.

When true, the certificate can be downloaded using CA.downloadCertificate(org.bouncycastle.jce.PKCS10CertificationRequest, java.util.Properties).

Implementers of this CA interface could, for example, just return if CA.downloadCertificate(org.bouncycastle.jce.PKCS10CertificationRequest, java.util.Properties) would complete without errors, optionally caching the fetched certificate.

Specified by:

isCertificationRequestProcessed in interface CA

Parameters:

req - the certificate signing request that was sent

info - properties supplied to previous methods as well

Returns:

whether the certificate is available at the CA or not

Throws:

IOException

downloadCertificate

public X509Certificate downloadCertificate(PKCS10CertificationRequest req,
                                           Properties info)
                                    throws IOException

Download a certificate from the Test CA

Specified by:

downloadCertificate in interface CA

Parameters:

req - the certificate signing request that was sent (not used by TestCA)

info - properties supplied to previous methods as well

Returns:

certificate signed by the certificate authority

Throws:

IOException

getCACertificate

public X509Certificate getCACertificate()
                                 throws IOException

Return the CA certificate

Test CA certificate is downloaded once each program run.

Specified by:

getCACertificate in interface CA

Throws:

IOException

isIssuer

public boolean isIssuer(X509Certificate cert)

Return whether a certificate was issued by this CA

Specified by:

isIssuer in interface CA