eu.xtreemos.xosd.security.rca.server
Class RCAServerProcessor
java.lang.Object
eu.xtreemos.xosd.security.rca.server.RCAServerProcessor
public class RCAServerProcessor
- extends java.lang.Object
The class that implements the processing done by the Resourse Certification
Authority server. This includes processing the certification request by
checking the the public and, if it checks well, signing it with the root
certificate of the global authority.
- Author:
- matej.artac@xlab.si
Constructor Summary |
RCAServerProcessor(java.lang.String keyFileName,
java.lang.String certificateFilename,
char[] privateKeyPassword,
char[] cdaPassword)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
logger
static org.apache.log4j.Logger logger
config
protected CRCAServerConfig config
xosCertGenerator
protected XosCertGenerator xosCertGenerator
cdaCertKeyPair
protected java.security.KeyPair cdaCertKeyPair
cdaCert
protected java.security.cert.X509Certificate cdaCert
signatureAlgorithm
public static java.lang.String signatureAlgorithm
ciperSuite
public static java.lang.String[] ciperSuite
RCAServerProcessor
public RCAServerProcessor(java.lang.String keyFileName,
java.lang.String certificateFilename,
char[] privateKeyPassword,
char[] cdaPassword)
throws java.lang.Exception
- Throws:
java.lang.Exception
getResourceDN
protected java.util.HashMap<java.lang.String,java.lang.String> getResourceDN(ResourceDescriptorRecord resourceDescriptor)
throws java.lang.IllegalArgumentException
- Generate the distinguished name (DN) for the resource's certificates.
Currently, common name (CN) is the host's IP. The organisation (O) is
a compulsory field and should be present in the RCA server's config
file. The rest of the elements are optional.
- Parameters:
resourceDescriptor
-
- Returns:
-
- Throws:
java.lang.Exception
java.lang.IllegalArgumentException
requestResourceCertificates
public RCASignedResponse requestResourceCertificates(org.bouncycastle.jce.PKCS10CertificationRequest resourceRequest,
ResourceDescriptorRecord resourceDescriptor)
throws java.lang.IllegalArgumentException,
java.security.InvalidKeyException,
java.security.SignatureException,
java.lang.Exception
- Process the resource certificate request. The method takes the
certificate request and the resource descriptor with the resource's
attribute values, signing the identity certificate and producing a
certificate containing the attributes. Depending on the configuration
settings it produces either an attribute certificate or a certificate
with attributes in extensions.
- Parameters:
resourceRequest
- The request for certificate to be signed and to
base the certificate with attributes on.resourceDescriptor
- The descriptor containing the values of the
resource attributes.
- Returns:
- A class instance that contains the signed and produced
certificates.
- Throws:
java.lang.IllegalArgumentException
- Thrown when the certificate request is
invalid.
java.security.InvalidKeyException
java.security.SignatureException
java.lang.Exception
requestVOResourceCertificates
public RCASignedResponse requestVOResourceCertificates(java.lang.String vo,
java.security.cert.X509Certificate certificate,
ResourceDescriptorRecord resourceDescriptor)
throws java.lang.IllegalArgumentException,
java.security.InvalidKeyException,
java.security.SignatureException,
BadResourceException,
java.lang.IllegalArgumentException,
java.lang.Exception
- Throws:
java.lang.IllegalArgumentException
java.security.InvalidKeyException
java.security.SignatureException
BadResourceException
java.lang.Exception