public interface Crypto
Modifier and Type | Method and Description |
---|---|
byte[] |
getBytesFromCertificates(X509Certificate[] certs)
Get a byte array given an array of X509 certificates.
|
CertificateFactory |
getCertificateFactory()
Get the CertificateFactory instance on this Crypto instance
|
X509Certificate[] |
getCertificatesFromBytes(byte[] data)
Construct an array of X509Certificate's from the byte array.
|
String |
getCryptoProvider()
Get the crypto provider associated with this implementation
|
String |
getDefaultX509Identifier()
Retrieves the identifier name of the default certificate.
|
PrivateKey |
getPrivateKey(PublicKey publicKey,
CallbackHandler callbackHandler)
Gets the private key corresponding to the given PublicKey.
|
PrivateKey |
getPrivateKey(String identifier,
String password)
Gets the private key corresponding to the identifier.
|
PrivateKey |
getPrivateKey(X509Certificate certificate,
CallbackHandler callbackHandler)
Gets the private key corresponding to the certificate.
|
byte[] |
getSKIBytesFromCert(X509Certificate cert)
Reads the SubjectKeyIdentifier information from the certificate.
|
String |
getTrustProvider()
Get the crypto provider used for truststore operation associated with this implementation.
|
X509Certificate[] |
getX509Certificates(CryptoType cryptoType)
Get an X509Certificate (chain) corresponding to the CryptoType argument.
|
String |
getX509Identifier(X509Certificate cert)
Get the implementation-specific identifier corresponding to the cert parameter, e.g.
|
X509Certificate |
loadCertificate(InputStream in)
Load a X509Certificate from the input stream.
|
void |
setCertificateFactory(CertificateFactory certFactory)
Sets the CertificateFactory instance on this Crypto instance
|
void |
setCryptoProvider(String provider)
Set the crypto provider associated with this implementation
|
void |
setDefaultX509Identifier(String identifier)
Sets the identifier name of the default certificate.
|
void |
setTrustProvider(String provider)
Set the crypto provider used for truststore operations associated with this implementation
|
void |
verifyTrust(PublicKey publicKey)
Evaluate whether a given public key should be trusted.
|
void |
verifyTrust(X509Certificate[] certs,
boolean enableRevocation,
Collection<Pattern> subjectCertConstraints,
Collection<Pattern> issuerCertConstraints)
Evaluate whether a given certificate chain should be trusted.
|
String getCryptoProvider()
void setCryptoProvider(String provider)
provider
- the crypto provider name to setString getTrustProvider()
void setTrustProvider(String provider)
provider
- the name of the providerString getDefaultX509Identifier() throws WSSecurityException
WSSecurityException
void setDefaultX509Identifier(String identifier)
identifier
- name of the default X509 certificate.void setCertificateFactory(CertificateFactory certFactory)
certFactory
- the CertificateFactory the CertificateFactory instance to setCertificateFactory getCertificateFactory() throws WSSecurityException
CertificateFactory
to construct
X509 certificatesWSSecurityException
X509Certificate loadCertificate(InputStream in) throws WSSecurityException
in
- The InputStream
containing the X509 dataWSSecurityException
byte[] getSKIBytesFromCert(X509Certificate cert) throws WSSecurityException
cert
- The certificate to read SKIWSSecurityException
byte[] getBytesFromCertificates(X509Certificate[] certs) throws WSSecurityException
certs
- The certificates to convertWSSecurityException
X509Certificate[] getCertificatesFromBytes(byte[] data) throws WSSecurityException
data
- The byte
array containing the X509 dataWSSecurityException
X509Certificate[] getX509Certificates(CryptoType cryptoType) throws WSSecurityException
WSSecurityException
String getX509Identifier(X509Certificate cert) throws WSSecurityException
cert
- The X509Certificate for which to search for an identifierWSSecurityException
PrivateKey getPrivateKey(X509Certificate certificate, CallbackHandler callbackHandler) throws WSSecurityException
certificate
- The X509Certificate corresponding to the private keycallbackHandler
- The callbackHandler needed to get the passwordWSSecurityException
PrivateKey getPrivateKey(PublicKey publicKey, CallbackHandler callbackHandler) throws WSSecurityException
publicKey
- The PublicKey corresponding to the private keycallbackHandler
- The callbackHandler needed to get the passwordWSSecurityException
PrivateKey getPrivateKey(String identifier, String password) throws WSSecurityException
identifier
- The implementation-specific identifier corresponding to the keypassword
- The password needed to get the keyWSSecurityException
void verifyTrust(X509Certificate[] certs, boolean enableRevocation, Collection<Pattern> subjectCertConstraints, Collection<Pattern> issuerCertConstraints) throws WSSecurityException
certs
- Certificate chain to validateenableRevocation
- whether to enable CRL verification or notsubjectCertConstraints
- A set of constraints on the Subject DN of the certificatesissuerCertConstraints
- A set of constraints on the Issuer DN of the certificatesWSSecurityException
- if the certificate chain is invalidvoid verifyTrust(PublicKey publicKey) throws WSSecurityException
publicKey
- The PublicKey to be evaluatedWSSecurityException
- if the PublicKey is invalidCopyright © 2019 JBoss by Red Hat. All rights reserved.