org.opcfoundation.ua.transport.security
Class ScCertificateProvider

java.lang.Object
  extended by org.opcfoundation.ua.transport.security.ScCertificateProvider
All Implemented Interfaces:
CertificateProvider

public class ScCertificateProvider
extends Object
implements CertificateProvider

ScCertificateProvider class.


Constructor Summary
ScCertificateProvider()
           
 
Method Summary
 X509Certificate generateCertificate(String domainName, PublicKey publicKey, PrivateKey privateKey, KeyPair issuerKeys, Date from, Date to, BigInteger serial, String applicationUri, String... hostNames)
          generateCertificate.
 X509Certificate generateIssuerCert(PublicKey publicKey, PrivateKey privateKey, KeyPair issuerKeys, String commonName, BigInteger serialNr, Date startDate, Date expiryDate)
          generateIssuerCert.
 Collection<List<?>> getSubjectAlternativeNames(X509Certificate cert)
          getSubjectAlternativeNames.
 void writeToPem(X509Certificate key, File savePath, String password, String algorithm)
          writeToPem.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ScCertificateProvider

public ScCertificateProvider()
Method Detail

generateCertificate

public X509Certificate generateCertificate(String domainName,
                                           PublicKey publicKey,
                                           PrivateKey privateKey,
                                           KeyPair issuerKeys,
                                           Date from,
                                           Date to,
                                           BigInteger serial,
                                           String applicationUri,
                                           String... hostNames)
                                    throws IOException,
                                           GeneralSecurityException

generateCertificate.

Generates a new certificate using the Spongy Castle implementation.

The method is used from CertificateUtils.createApplicationInstanceCertificate(String, String, String, int, String...) and CertificateUtils.renewApplicationInstanceCertificate(String, String, String, int, org.opcfoundation.ua.transport.security.KeyPair, String...)

Specified by:
generateCertificate in interface CertificateProvider
Parameters:
domainName - a String object.
publicKey - a PublicKey object.
privateKey - a PrivateKey object.
issuerKeys - a KeyPair object.
from - a Date object.
to - a Date object.
serial - a BigInteger object.
applicationUri - a String object.
hostNames - a String object.
Returns:
a X509Certificate object.
Throws:
IOException - if any.
GeneralSecurityException - if any.

generateIssuerCert

public X509Certificate generateIssuerCert(PublicKey publicKey,
                                          PrivateKey privateKey,
                                          KeyPair issuerKeys,
                                          String commonName,
                                          BigInteger serialNr,
                                          Date startDate,
                                          Date expiryDate)
                                   throws GeneralSecurityException,
                                          IOException

generateIssuerCert.

Build a X509 V3 certificate to use as an issuer (CA) certificate. The certificate does not define OPC UA specific fields, so it cannot be used for an application instance certificate.

Specified by:
generateIssuerCert in interface CertificateProvider
Parameters:
publicKey - a PublicKey object.
privateKey - a PrivateKey object.
issuerKeys - a KeyPair object.
commonName - a String object.
serialNr - a BigInteger object.
startDate - a Date object.
expiryDate - a Date object.
Returns:
a X509Certificate object.
Throws:
GeneralSecurityException - if any.
IOException - if any.

getSubjectAlternativeNames

public Collection<List<?>> getSubjectAlternativeNames(X509Certificate cert)
                                               throws CertificateParsingException

getSubjectAlternativeNames.

Specified by:
getSubjectAlternativeNames in interface CertificateProvider
Parameters:
cert - a X509Certificate object.
Returns:
a Collection object.
Throws:
CertificateParsingException - if any.

writeToPem

public void writeToPem(X509Certificate key,
                       File savePath,
                       String password,
                       String algorithm)
                throws IOException

writeToPem.

Specified by:
writeToPem in interface CertificateProvider
Parameters:
key - a X509Certificate object.
savePath - a File object.
password - a String object.
algorithm - a String object.
Throws:
IOException - if any.


Copyright © 2018. All rights reserved.