Package org.xipki.ca.server

Class IdentifiedCertprofile

java.lang.Object

org.xipki.ca.server.IdentifiedCertprofile

All Implemented Interfaces:

Closeable, AutoCloseable

public class IdentifiedCertprofile
extends Object
implements Closeable

CertProfiel with identifier.

Since:

2.0.0

Author:

Lijun Liao (xipki)

Constructor Summary

Constructors

Constructor	Description
IdentifiedCertprofile(org.xipki.ca.api.mgmt.entry.CertprofileEntry dbEntry, org.xipki.ca.api.profile.Certprofile certprofile)

Method Summary

Modifier and Type	Method	Description
org.bouncycastle.asn1.x509.SubjectPublicKeyInfo	checkPublicKey(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKey)
void	close()
BigInteger	generateSerialNumber(org.bouncycastle.asn1.x500.X500Name caSubject, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo caPublicKeyInfo, org.bouncycastle.asn1.x500.X500Name requestSubject, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo, org.xipki.util.ConfPairs caExtraControl)
org.xipki.ca.api.profile.Certprofile.CertLevel	getCertLevel()
org.xipki.ca.api.profile.Certprofile	getCertprofile()
org.xipki.ca.api.mgmt.entry.CertprofileEntry	getDbEntry()
Map<org.bouncycastle.asn1.ASN1ObjectIdentifier,org.xipki.ca.api.profile.Certprofile.ExtensionControl>	getExtensionControls()
org.xipki.ca.api.profile.ExtensionValues	getExtensions(org.bouncycastle.asn1.x500.X500Name requestedSubject, org.bouncycastle.asn1.x500.X500Name grantedSubject, org.bouncycastle.asn1.x509.Extensions requestedExtensions, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo, org.xipki.ca.api.PublicCaInfo publicCaInfo, org.xipki.security.X509Cert crlSignerCert, Instant notBefore, Instant notAfter)	Get the extensions.
org.xipki.ca.api.NameId	getIdent()
org.xipki.ca.api.profile.KeypairGenControl	getKeypairGenControl()
int	getMaxCertSize()
org.xipki.ca.api.profile.NotAfterMode	getNotAfterMode()
Instant	getNotBefore(Instant notBefore)
Integer	getPathLenBasicConstraint()
String	getSerialNumberMode()
List<org.xipki.security.SignAlgo>	getSignatureAlgorithms()
org.xipki.ca.api.profile.Certprofile.SubjectInfo	getSubject(org.bouncycastle.asn1.x500.X500Name requestedSubject, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
org.bouncycastle.asn1.x509.SubjectKeyIdentifier	getSubjectKeyIdentifier(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKey)
org.xipki.util.Validity	getValidity()
org.xipki.ca.api.profile.Certprofile.X509CertVersion	getVersion()
boolean	hasNoWellDefinedExpirationDate()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

IdentifiedCertprofile

public IdentifiedCertprofile(org.xipki.ca.api.mgmt.entry.CertprofileEntry dbEntry,
                             org.xipki.ca.api.profile.Certprofile certprofile)
                      throws org.xipki.ca.api.profile.CertprofileException

Throws:

org.xipki.ca.api.profile.CertprofileException

Method Detail

getIdent

public org.xipki.ca.api.NameId getIdent()

getCertprofile

public org.xipki.ca.api.profile.Certprofile getCertprofile()

getDbEntry

public org.xipki.ca.api.mgmt.entry.CertprofileEntry getDbEntry()

getVersion

public org.xipki.ca.api.profile.Certprofile.X509CertVersion getVersion()

getSignatureAlgorithms

public List<org.xipki.security.SignAlgo> getSignatureAlgorithms()

getNotBefore

public Instant getNotBefore(Instant notBefore)

getValidity

public org.xipki.util.Validity getValidity()

hasNoWellDefinedExpirationDate

public boolean hasNoWellDefinedExpirationDate()

getNotAfterMode

public org.xipki.ca.api.profile.NotAfterMode getNotAfterMode()

getSubject

public org.xipki.ca.api.profile.Certprofile.SubjectInfo getSubject(org.bouncycastle.asn1.x500.X500Name requestedSubject,
                                                                   org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
                                                            throws org.xipki.ca.api.profile.CertprofileException,
                                                                   org.xipki.util.exception.BadCertTemplateException

Throws:

org.xipki.ca.api.profile.CertprofileException

org.xipki.util.exception.BadCertTemplateException

getExtensions

public org.xipki.ca.api.profile.ExtensionValues getExtensions(org.bouncycastle.asn1.x500.X500Name requestedSubject,
                                                              org.bouncycastle.asn1.x500.X500Name grantedSubject,
                                                              org.bouncycastle.asn1.x509.Extensions requestedExtensions,
                                                              org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo,
                                                              org.xipki.ca.api.PublicCaInfo publicCaInfo,
                                                              org.xipki.security.X509Cert crlSignerCert,
                                                              Instant notBefore,
                                                              Instant notAfter)
                                                       throws org.xipki.ca.api.profile.CertprofileException,
                                                              org.xipki.util.exception.BadCertTemplateException

Get the extensions.

Parameters:

requestedSubject - Subject requested subject. Must not be null.

grantedSubject - Granted subject. Must not be null.

requestedExtensions - Extensions requested by the requestor. Could be null.

publicKeyInfo - Subject public key. Must not be null.

publicCaInfo - CA information. Must not be null.

crlSignerCert - CRL signer certificate. Could be null.

notBefore - NotBefore. Must not be null.

notAfter - NotAfter. Must not be null.

Returns:

the extensions of the certificate to be issued.

Throws:

org.xipki.ca.api.profile.CertprofileException

org.xipki.util.exception.BadCertTemplateException

getCertLevel

public org.xipki.ca.api.profile.Certprofile.CertLevel getCertLevel()

getKeypairGenControl

public org.xipki.ca.api.profile.KeypairGenControl getKeypairGenControl()

getSerialNumberMode

public String getSerialNumberMode()

generateSerialNumber

public BigInteger generateSerialNumber(org.bouncycastle.asn1.x500.X500Name caSubject,
                                       org.bouncycastle.asn1.x509.SubjectPublicKeyInfo caPublicKeyInfo,
                                       org.bouncycastle.asn1.x500.X500Name requestSubject,
                                       org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo,
                                       org.xipki.util.ConfPairs caExtraControl)
                                throws org.xipki.ca.api.profile.CertprofileException

Throws:

org.xipki.ca.api.profile.CertprofileException

checkPublicKey

public org.bouncycastle.asn1.x509.SubjectPublicKeyInfo checkPublicKey(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKey)
                                                               throws org.xipki.ca.api.profile.CertprofileException,
                                                                      org.xipki.util.exception.BadCertTemplateException

Throws:

org.xipki.ca.api.profile.CertprofileException

org.xipki.util.exception.BadCertTemplateException

getSubjectKeyIdentifier

public org.bouncycastle.asn1.x509.SubjectKeyIdentifier getSubjectKeyIdentifier(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKey)
                                                                        throws org.xipki.ca.api.profile.CertprofileException

Throws:

org.xipki.ca.api.profile.CertprofileException

close

public void close()

Specified by:

close in interface AutoCloseable

Specified by:

close in interface Closeable

getExtensionControls

public Map<org.bouncycastle.asn1.ASN1ObjectIdentifier,org.xipki.ca.api.profile.Certprofile.ExtensionControl> getExtensionControls()

getPathLenBasicConstraint

public Integer getPathLenBasicConstraint()

getMaxCertSize

public int getMaxCertSize()