org.opcfoundation.ua.transport.security
Class BcCertificateProvider

java.lang.Object
  extended by org.opcfoundation.ua.transport.security.BcCertificateProvider
All Implemented Interfaces:
CertificateProvider

public class BcCertificateProvider
extends Object
implements CertificateProvider

BcCertificateProvider class.


Constructor Summary
BcCertificateProvider()
          Constructor for BcCertificateProvider.
 
Method Summary
 X509Certificate generateCertificate(String domainName, PublicKey publicKey, PrivateKey privateKey, KeyPair issuerKeys, Date from, Date to, BigInteger serial, String applicationUri, String... hostNames)
          generateCertificate.
 X509Certificate generateIssuerCert(PublicKey publicKey, PrivateKey privateKey, KeyPair issuerKeys, String commonName, BigInteger serialNr, Date startDate, Date expiryDate)
          generateIssuerCert.
 Collection<List<?>> getSubjectAlternativeNames(X509Certificate cert)
          getSubjectAlternativeNames.
 void writeToPem(X509Certificate key, File savePath, String password, String algorithm)
          writeToPem.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

BcCertificateProvider

public BcCertificateProvider()

Constructor for BcCertificateProvider.

Method Detail

generateCertificate

public X509Certificate generateCertificate(String domainName,
                                           PublicKey publicKey,
                                           PrivateKey privateKey,
                                           KeyPair issuerKeys,
                                           Date from,
                                           Date to,
                                           BigInteger serial,
                                           String applicationUri,
                                           String... hostNames)
                                    throws IOException,
                                           GeneralSecurityException

generateCertificate.

Generates a new certificate using the Bouncy Castle implementation.

The method is used from CertificateUtils.createApplicationInstanceCertificate(String, String, String, int, String...) and CertificateUtils.renewApplicationInstanceCertificate(String, String, String, int, org.opcfoundation.ua.transport.security.KeyPair, String...)

Specified by:
generateCertificate in interface CertificateProvider
Parameters:
domainName - a String object.
publicKey - a PublicKey object.
privateKey - a PrivateKey object.
issuerKeys - a KeyPair object.
from - a Date object.
to - a Date object.
serial - a BigInteger object.
applicationUri - a String object.
hostNames - a String object.
Returns:
a X509Certificate object.
Throws:
IOException - if any.
GeneralSecurityException - if any.

generateIssuerCert

public X509Certificate generateIssuerCert(PublicKey publicKey,
                                          PrivateKey privateKey,
                                          KeyPair issuerKeys,
                                          String commonName,
                                          BigInteger serialNr,
                                          Date startDate,
                                          Date expiryDate)
                                   throws GeneralSecurityException,
                                          IOException

generateIssuerCert.

Build a X509 V3 certificate to use as an issuer (CA) certificate. The certificate does not define OPC UA specific fields, so it cannot be used for an application instance certificate.

Specified by:
generateIssuerCert in interface CertificateProvider
Parameters:
publicKey - a PublicKey object.
privateKey - a PrivateKey object.
issuerKeys - a KeyPair object.
commonName - a String object.
serialNr - a BigInteger object.
startDate - a Date object.
expiryDate - a Date object.
Returns:
a X509Certificate object.
Throws:
GeneralSecurityException - if any.
IOException - if any.

getSubjectAlternativeNames

public Collection<List<?>> getSubjectAlternativeNames(X509Certificate cert)
                                               throws CertificateParsingException

getSubjectAlternativeNames.

Specified by:
getSubjectAlternativeNames in interface CertificateProvider
Parameters:
cert - a X509Certificate object.
Returns:
a Collection object.
Throws:
CertificateParsingException - if any.

writeToPem

public void writeToPem(X509Certificate key,
                       File savePath,
                       String password,
                       String algorithm)
                throws IOException

writeToPem.

Specified by:
writeToPem in interface CertificateProvider
Parameters:
key - a X509Certificate object.
savePath - a File object.
password - a String object.
algorithm - a String object.
Throws:
IOException - if any.


Copyright © 2018. All rights reserved.