Class SigningUnit

java.lang.Object
com.netscape.certsrv.security.SigningUnit
public abstract class SigningUnit extends Object
A class represents the signing unit which is capable of signing data.
Version:
$Revision$, $Date$

  • Field Details

    • logger

      public static org.slf4j.Logger logger

    • PROP_DEFAULT_SIGNALG

      public static final String PROP_DEFAULT_SIGNALG
      See Also:

    • PROP_CA_CERT_NICKNAME

      @Deprecated public static final String PROP_CA_CERT_NICKNAME
      Deprecated.
      The cacertnickname has been replaced with certnickname. TODO: Remove cacertnickname property from existing instances with an upgrade script.
      See Also:

    • PROP_CERT_NICKNAME

      public static final String PROP_CERT_NICKNAME
      See Also:

    • PROP_TOKEN_NAME

      public static final String PROP_TOKEN_NAME
      See Also:

    • PROP_NEW_NICKNAME

      public static final String PROP_NEW_NICKNAME
      See Also:

    • mManager

      protected org.mozilla.jss.CryptoManager mManager

    • mToken

      protected org.mozilla.jss.crypto.CryptoToken mToken

    • mPubk

      protected PublicKey mPubk

    • mPrivk

      protected org.mozilla.jss.crypto.PrivateKey mPrivk

    • mCert

      protected org.mozilla.jss.crypto.X509Certificate mCert

    • mCertImpl

      protected org.mozilla.jss.netscape.security.x509.X509CertImpl mCertImpl

    • certChain

      protected org.mozilla.jss.netscape.security.x509.CertificateChain certChain

    • mNickname

      protected String mNickname

    • mInited

      protected boolean mInited

    • mConfig

      protected IConfigStore mConfig

    • mDefSigningAlgname

      protected String mDefSigningAlgname

    • mDefSigningAlgorithm

      protected org.mozilla.jss.crypto.SignatureAlgorithm mDefSigningAlgorithm

  • Constructor Details

    • SigningUnit

      public SigningUnit()

  • Method Details

    • getNickname

      public String getNickname()
      Retrieves the nickname of the signing certificate.

    • getNewNickName

      public String getNewNickName() throws EBaseException
      Retrieves the new nickname in the renewal process.
      Returns:
      new nickname
      Throws:
      EBaseException - failed to get new nickname

    • setNewNickName

      public void setNewNickName(String name)
      Sets new nickname of the signing certificate.
      Parameters:
      name - nickname

    • getCert

      public org.mozilla.jss.crypto.X509Certificate getCert()
      Retrieves the signing certificate.
      Returns:
      signing certificate

    • getCertImpl

      public org.mozilla.jss.netscape.security.x509.X509CertImpl getCertImpl()
      Retrieves the signing certificate.
      Returns:
      signing certificate

    • buildCertChain

      public void buildCertChain() throws org.mozilla.jss.NotInitializedException, CertificateException, org.mozilla.jss.crypto.TokenException
      Throws:
      org.mozilla.jss.NotInitializedException
      CertificateException
      org.mozilla.jss.crypto.TokenException

    • getCertChain

      public org.mozilla.jss.netscape.security.x509.CertificateChain getCertChain()

    • sign

      public abstract byte[] sign(byte[] data, String algname) throws Exception
      Signs the given data in specific algorithm.
      Parameters:
      data - data to be signed
      algname - signing algorithm to be used
      Returns:
      signed data
      Throws:
      Exception - failed to sign

    • verify

      public abstract boolean verify(byte[] data, byte[] signature, String algname) throws Exception
      Verifies the signed data.
      Parameters:
      data - signed data
      signature - signature
      algname - signing algorithm
      Returns:
      true if verification is good
      Throws:
      Exception - failed to verify

    • getDefaultSignatureAlgorithm

      public org.mozilla.jss.crypto.SignatureAlgorithm getDefaultSignatureAlgorithm()
      Retrieves the default algorithm.
      Returns:
      default signing algorithm

    • getDefaultAlgorithm

      public String getDefaultAlgorithm()
      Retrieves the default algorithm name.
      Returns:
      default signing algorithm name

    • setDefaultAlgorithm

      public void setDefaultAlgorithm(String algorithm) throws EBaseException
      Set default signing algorithm.
      Parameters:
      algorithm - signing algorithm
      Throws:
      EBaseException - failed to set default signing algorithm

    • getAllAlgorithms

      public String[] getAllAlgorithms() throws EBaseException
      Retrieves all supported signing algorithm of this unit.
      Returns:
      a list of signing algorithms
      Throws:
      EBaseException - failed to list

    • getTokenName

      public String getTokenName() throws EBaseException
      Retrieves the token name of this unit.
      Returns:
      token name
      Throws:
      EBaseException - failed to retrieve name

    • updateConfig

      public abstract void updateConfig(String nickname, String tokenname)
      Updates new nickname and tokename in the configuration file.
      Parameters:
      nickname - new nickname
      tokenname - new tokenname

    • checkSigningAlgorithmFromName

      public org.mozilla.jss.crypto.SignatureAlgorithm checkSigningAlgorithmFromName(String algname) throws EBaseException
      Checks if the given algorithm name is supported.
      Parameters:
      algname - algorithm name from JCA
      Returns:
      JSS signing algorithm
      Throws:
      EBaseException - failed to check signing algorithm

    • getPublicKey

      public PublicKey getPublicKey()
      Retrieves the public key associated in this unit.
      Returns:
      public key

    • getPrivateKey

      public org.mozilla.jss.crypto.PrivateKey getPrivateKey()
      Retrieves the private key associated in this unit.
      Returns:
      public key