org.opcfoundation.ua.transport.security
Class SunJceCertificateProvider

java.lang.Object
  extended by org.opcfoundation.ua.transport.security.SunJceCertificateProvider
All Implemented Interfaces:
CertificateProvider

public class SunJceCertificateProvider
extends Object
implements CertificateProvider

SunJceCertificateProvider class.


Constructor Summary
SunJceCertificateProvider()
           
 
Method Summary
 X509Certificate generateCertificate(String domainName, PublicKey publicKey, PrivateKey privateKey, KeyPair issuerKeys, Date from, Date to, BigInteger serialNumber, String applicationUri, String... hostNames)
          generateCertificate.
 X509Certificate generateIssuerCert(PublicKey publicKey, PrivateKey privateKey, KeyPair issuerKeys, String domainName, BigInteger serialNumber, Date startDate, Date expiryDate)
          generateIssuerCert.
 Collection<List<?>> getSubjectAlternativeNames(X509Certificate cert)
          getSubjectAlternativeNames.
 void writeToPem(X509Certificate key, File savePath, String password, String algorithm)
          writeToPem.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SunJceCertificateProvider

public SunJceCertificateProvider()
Method Detail

generateCertificate

public X509Certificate generateCertificate(String domainName,
                                           PublicKey publicKey,
                                           PrivateKey privateKey,
                                           KeyPair issuerKeys,
                                           Date from,
                                           Date to,
                                           BigInteger serialNumber,
                                           String applicationUri,
                                           String... hostNames)
                                    throws GeneralSecurityException,
                                           IOException

generateCertificate.

Generates a new certificate using the Sun implementation.

The method is used from CertificateUtils.createApplicationInstanceCertificate(String, String, String, int, String...) and CertificateUtils.renewApplicationInstanceCertificate(String, String, String, int, org.opcfoundation.ua.transport.security.KeyPair, String...)

Specified by:
generateCertificate in interface CertificateProvider
Parameters:
domainName - a String object.
publicKey - a PublicKey object.
privateKey - a PrivateKey object.
issuerKeys - a KeyPair object.
from - a Date object.
to - a Date object.
serialNumber - a BigInteger object.
applicationUri - a String object.
hostNames - a String object.
Returns:
a X509Certificate object.
Throws:
GeneralSecurityException - if any.
IOException - if any.

generateIssuerCert

public X509Certificate generateIssuerCert(PublicKey publicKey,
                                          PrivateKey privateKey,
                                          KeyPair issuerKeys,
                                          String domainName,
                                          BigInteger serialNumber,
                                          Date startDate,
                                          Date expiryDate)
                                   throws GeneralSecurityException,
                                          IOException

generateIssuerCert.

Build a X509 V3 certificate to use as an issuer (CA) certificate. The certificate does not define OPC UA specific fields, so it cannot be used for an application instance certificate.

Specified by:
generateIssuerCert in interface CertificateProvider
Parameters:
publicKey - a PublicKey object.
privateKey - a PrivateKey object.
issuerKeys - a KeyPair object.
domainName - a String object.
serialNumber - a BigInteger object.
startDate - a Date object.
expiryDate - a Date object.
Returns:
a X509Certificate object.
Throws:
GeneralSecurityException - if any.
IOException - if any.

getSubjectAlternativeNames

public Collection<List<?>> getSubjectAlternativeNames(X509Certificate cert)
                                               throws CertificateParsingException

getSubjectAlternativeNames.

Specified by:
getSubjectAlternativeNames in interface CertificateProvider
Parameters:
cert - a X509Certificate object.
Returns:
a Collection object.
Throws:
CertificateParsingException - if any.

writeToPem

public void writeToPem(X509Certificate key,
                       File savePath,
                       String password,
                       String algorithm)
                throws IOException

writeToPem.

Specified by:
writeToPem in interface CertificateProvider
Parameters:
key - a X509Certificate object.
savePath - a File object.
password - a String object.
algorithm - a String object.
Throws:
IOException - if any.


Copyright © 2018. All rights reserved.