Package com.netscape.certsrv.security
Class SigningUnit
java.lang.Object
com.netscape.certsrv.security.SigningUnit
A class represents the signing unit which is
capable of signing data.
- Version:
- $Revision$, $Date$
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected org.mozilla.jss.netscape.security.x509.CertificateChain
static org.slf4j.Logger
protected org.mozilla.jss.crypto.X509Certificate
protected org.mozilla.jss.netscape.security.x509.X509CertImpl
protected SigningUnitConfig
protected String
protected org.mozilla.jss.crypto.SignatureAlgorithm
protected boolean
protected org.mozilla.jss.CryptoManager
protected String
protected org.mozilla.jss.crypto.PrivateKey
protected PublicKey
protected org.mozilla.jss.crypto.CryptoToken
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
org.mozilla.jss.crypto.SignatureAlgorithm
checkSigningAlgorithmFromName
(String algname) Checks if the given algorithm name is supported.String[]
Retrieves all supported signing algorithm of this unit.org.mozilla.jss.crypto.X509Certificate
getCert()
Retrieves the signing certificate.org.mozilla.jss.netscape.security.x509.CertificateChain
org.mozilla.jss.netscape.security.x509.X509CertImpl
Retrieves the signing certificate.Retrieves the default algorithm name.org.mozilla.jss.crypto.SignatureAlgorithm
Retrieves the default algorithm.Retrieves the new nickname in the renewal process.Retrieves the nickname of the signing certificate.org.mozilla.jss.crypto.PrivateKey
Retrieves the private key associated in this unit.Retrieves the public key associated in this unit.Retrieves the token name of this unit.void
setDefaultAlgorithm
(String algorithm) Set default signing algorithm.void
setNewNickName
(String name) Sets new nickname of the signing certificate.abstract byte[]
Signs the given data in specific algorithm.abstract void
updateConfig
(String nickname, String tokenname) Updates new nickname and tokename in the configuration file.abstract boolean
Verifies the signed data.
-
Field Details
-
logger
public static org.slf4j.Logger logger -
mManager
protected org.mozilla.jss.CryptoManager mManager -
mToken
protected org.mozilla.jss.crypto.CryptoToken mToken -
mPubk
-
mPrivk
protected org.mozilla.jss.crypto.PrivateKey mPrivk -
mCert
protected org.mozilla.jss.crypto.X509Certificate mCert -
mCertImpl
protected org.mozilla.jss.netscape.security.x509.X509CertImpl mCertImpl -
certChain
protected org.mozilla.jss.netscape.security.x509.CertificateChain certChain -
mNickname
-
mInited
protected boolean mInited -
mConfig
-
mDefSigningAlgname
-
mDefSigningAlgorithm
protected org.mozilla.jss.crypto.SignatureAlgorithm mDefSigningAlgorithm
-
-
Constructor Details
-
SigningUnit
public SigningUnit()
-
-
Method Details
-
getNickname
Retrieves the nickname of the signing certificate. -
getNewNickName
Retrieves the new nickname in the renewal process.- Returns:
- new nickname
- Throws:
EBaseException
- failed to get new nickname
-
setNewNickName
Sets new nickname of the signing certificate.- Parameters:
name
- nickname
-
getCert
public org.mozilla.jss.crypto.X509Certificate getCert()Retrieves the signing certificate.- Returns:
- signing certificate
-
getCertImpl
public org.mozilla.jss.netscape.security.x509.X509CertImpl getCertImpl()Retrieves the signing certificate.- Returns:
- signing certificate
-
buildCertChain
public void buildCertChain() throws org.mozilla.jss.NotInitializedException, CertificateException, org.mozilla.jss.crypto.TokenException- Throws:
org.mozilla.jss.NotInitializedException
CertificateException
org.mozilla.jss.crypto.TokenException
-
getCertChain
public org.mozilla.jss.netscape.security.x509.CertificateChain getCertChain() -
sign
Signs the given data in specific algorithm.- Parameters:
data
- data to be signedalgname
- signing algorithm to be used- Returns:
- signed data
- Throws:
Exception
- failed to sign
-
verify
Verifies the signed data.- Parameters:
data
- signed datasignature
- signaturealgname
- signing algorithm- Returns:
- true if verification is good
- Throws:
Exception
- failed to verify
-
getDefaultSignatureAlgorithm
public org.mozilla.jss.crypto.SignatureAlgorithm getDefaultSignatureAlgorithm()Retrieves the default algorithm.- Returns:
- default signing algorithm
-
getDefaultAlgorithm
Retrieves the default algorithm name.- Returns:
- default signing algorithm name
-
setDefaultAlgorithm
Set default signing algorithm.- Parameters:
algorithm
- signing algorithm- Throws:
EBaseException
- failed to set default signing algorithm
-
getAllAlgorithms
Retrieves all supported signing algorithm of this unit.- Returns:
- a list of signing algorithms
- Throws:
EBaseException
- failed to list
-
getTokenName
Retrieves the token name of this unit.- Returns:
- token name
- Throws:
EBaseException
- failed to retrieve name
-
updateConfig
Updates new nickname and tokename in the configuration file.- Parameters:
nickname
- new nicknametokenname
- new tokenname
-
checkSigningAlgorithmFromName
public org.mozilla.jss.crypto.SignatureAlgorithm checkSigningAlgorithmFromName(String algname) throws EBaseException Checks if the given algorithm name is supported.- Parameters:
algname
- algorithm name from JCA- Returns:
- JSS signing algorithm
- Throws:
EBaseException
- failed to check signing algorithm
-
getPublicKey
Retrieves the public key associated in this unit.- Returns:
- public key
-
getPrivateKey
public org.mozilla.jss.crypto.PrivateKey getPrivateKey()Retrieves the private key associated in this unit.- Returns:
- public key
-