|
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface KeyInfo
KeyInfo
data of KeyBindings.
The public key information to which the key binding information is bound. KeyInfo may contain keys, names, certificates and other public key management information.
KeyInfo is a collection of different objects. The add... methods
add objects to the internal list, use get... methods to
retrieve objects.
Get the size of the current content with getLength()
.
Get the type of the object at list position x with getType(int)
.
The X509Data Object is a list itself and a container for other
X509... objects. Thus, on finding a X509Data object in the main list
(getType(position)==KeyInfoType.X509Data) one can dig deeper into
this sublist with
getLength(int)
and getType(int, int)
etc.
Note that KeyInfo is a temporary storage. It only keeps references to the passed objects and remembers their order, but does not do defensive copying of object contents.
NOTE: The KeyInfo API may not be final, upon more experience with usage patterns methods may change.
The KeyName element contains a string value (in which white space is significant) which may be used to communicate a key identifier to the recipient. Typically, KeyName contains an identifier related to the key pair, but it may contain other protocol-related information that indirectly identifies a key pair. (Common uses of KeyName include simple string names for keys, a key index, a distinguished name (DN), an email address, etc.)
The KeyValue element contains a single public key.
A RetrievalMethod element within KeyInfo is used to convey a
reference to KeyInfo information that is stored at another location.
An X509Data element within KeyInfo contains one or more identifiers
of keys or X509 certificates, certificates' identifiers or a revocation
list. At least one element, from the following set of element types:
* The X509IssuerSerial element, which contains an X.509 issuer
distinguished name/serial number pair that SHOULD be compliant with RFC2253 [LDAP-DN]
* The X509SubjectName element, which contains an X.509 subject
distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN]
* The X509SKI element, which contains the base64 encoded plain
(i.e. non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
* The X509Certificate element, which contains a base64-encoded
X509v3 certificate, and Elements from an external namespace which
accompanies/complements any of the elements above.
* The X509CRL element, which contains a base64-encoded certificate
revocation list (CRL).
No ordering is implied.
Method Summary | |
---|---|
void |
addKeyName(String name)
Adds KeyName to KeyInfo content. |
void |
addKeyValue(PublicKey key)
Adds PublicKey to KeyInfo content. |
void |
addRetrievalMethod(URI uri,
URI type)
Adds RetrievalMethod to KeyInfo content. |
void |
addX509Certificate(X509Certificate cert)
Adds X509 certificate to KeyInfo content, |
void |
addX509Certificates(X509Certificate[] certs)
Adds an array of X509 certificates to KeyInfo content, |
void |
addX509CRL(X509CRL crl)
Adds X509 certificate revocation list (CRL) to KeyInfo content. |
void |
addX509IssuerSerial(String issuerName,
BigInteger serialnumber)
Adds X509 issuer distinguished name/serial number pair to KeyInfo content. |
void |
addX509SKI(byte[] ski)
Adds X509v3 SubjectKeyIdentifier extension to KeyInfo content. |
void |
addX509SubjectName(String name)
Adds X509 subject distinguished name to KeyInfo content. |
KeyInfo |
duplicate()
Duplicates KeyInfo object. |
String |
getKeyName(int index)
Gets KeyName at specific KeyInfo list position. |
List<String> |
getKeyNames()
Gets list of all KeyName objects. |
PublicKey |
getKeyValue(int index)
Gets PublicKey at specific KeyInfo list position. |
List<PublicKey> |
getKeyValues()
Gets list of all KeyValue objects. |
int |
getLength()
Gets size of current KeyInfo content. |
int |
getLength(int index)
Gets size of X509Data sublist at specified position of KeyInfo main list. |
URI[] |
getRetrievalMethod(int index)
Gets RetrievalMethod at specific KeyInfo list position. |
List<URI[]> |
getRetrievalMethods()
Gets list of all RetrievalMethod objects. |
KeyInfoType |
getType(int index)
Gets type of object at KeyInfo list position. |
KeyInfoType |
getType(int index,
int innerindex)
Gets type of X509 subtype in X509Data list. |
X509Certificate |
getX509Certificate(int index,
int innerindex)
Gets X509 certificate at specific KeyInfo list position. |
X509CRL |
getX509CRL(int index,
int innerindex)
Gets X509 certificate revocation list (CRL) at specific KeyInfo list position. |
List<Integer> |
getX509Datas()
Gets list of indices of X509Data objects in main KeyInfo list. |
Object[] |
getX509IssuerSerial(int index,
int innerindex)
Gets X509 issuer distinguished name/serial number pair at specific KeyInfo list position. |
byte[] |
getX509SKI(int index,
int innerindex)
Gets X509v3 SubjectKeyIdentifier extension at specific KeyInfo list position. |
String |
getX509SubjectName(int index,
int innerindex)
Gets X509 subject distinguished name at specific KeyInfo list position. |
Method Detail |
---|
List<String> getKeyNames()
This is a convenience method.
List<PublicKey> getKeyValues()
This is a convenience method.
List<URI[]> getRetrievalMethods()
This is a convenience method.
List<Integer> getX509Datas()
This is a convenience method.
KeyInfo duplicate()
Note that only internal Lists and references to objects are duplicated, not the objects themselves.
void addKeyName(String name)
name
- key name to add
IllegalArgumentException
- if parameter is null
void addKeyValue(PublicKey key)
key
- public key to add
IllegalArgumentException
- if parameter is null
void addRetrievalMethod(URI uri, URI type)
uri
- URI to retrieve data fromtype
- URI specifying type of KeyInfo to retrieve (may be null
)
IllegalArgumentException
- if parameter is null
void addX509IssuerSerial(String issuerName, BigInteger serialnumber)
issuerName
- X509 issuer distinguished nameserialnumber
- X509 serial number
IllegalArgumentException
- if one or both parameters are null
void addX509SKI(byte[] ski)
ski
- X509v3 SubjectKeyIdentifier extension
IllegalArgumentException
- if parameter is null
void addX509SubjectName(String name)
name
- X509 subject distinguished name to add.
IllegalArgumentException
- if parameter is null
void addX509Certificate(X509Certificate cert)
cert
- X509 certificate to add
IllegalArgumentException
- if parameter is null
void addX509Certificates(X509Certificate[] certs)
This is a convenience function, it loops over the certificates
and repeatedly calls addX509Certificate(X509Certificate)
.
certs
- X509 certificates to add
IllegalArgumentException
- if parameter is null
void addX509CRL(X509CRL crl)
crl
- X509 certificate revocation list to add
IllegalArgumentException
- if parameter is null
KeyInfoType getType(int index)
index
- position in list
KeyInfoType.KeyName
, KeyInfoType.KeyValue
,
KeyInfoType.RetrievalMethod
, KeyInfoType.X509Data
KeyInfoType.INVALID
if index is out of boundsKeyInfoType getType(int index, int innerindex)
index
- index of X509Data in KeyInfo list (thus, KeyInfo.getType(index)
must be equal KeyInfoType.X509Data
)innerindex
- subindex in X509Data list
KeyInfoType.X509IssuerSerial
, KeyInfoType.X509SKI
,
KeyInfoType.X509SubjectName
, KeyInfoType.X509Certificate
or KeyInfoType.X509CRL
.KeyInfoType.INVALID
if object at index position is not KeyInfoType.X509Data
or out of boundsint getLength()
int getLength(int index)
index
- position of X509Data in KeyInfo list (thus, KeyInfo.getType(index)
must be equal KeyInfoType.X509Data
)
String getKeyName(int index)
index
- index into KeyInfo list
null
if KeyInfo.getType(index)
is not KeyInfoType.KeyName
PublicKey getKeyValue(int index)
index
- index into KeyInfo list
null
if KeyInfo.getType(index)
is not KeyInfoType.KeyValue
URI[] getRetrievalMethod(int index)
index
- index into KeyInfo list
null
if KeyInfo.getType(index)
is not KeyInfoType.RetrievalMethod
Object[] getX509IssuerSerial(int index, int innerindex)
index
- index of X509Data in KeyInfo list (thus, KeyInfo.getType(index)
must be equal KeyInfoType.X509Data
)innerindex
- subindex in X509Data list
String
(issuer distinguished name),
the second a BigInteger
(serial number).null
if KeyInfo.getType(index,innerindex)
is not KeyInfoType.X509IssuerSerial
byte[] getX509SKI(int index, int innerindex)
index
- index of X509Data in KeyInfo list (thus, KeyInfo.getType(index)
must be equal KeyInfoType.X509Data
)innerindex
- subindex in X509Data list
null
if KeyInfo.getType(index,innerindex)
is not KeyInfoType.X509SKI
String getX509SubjectName(int index, int innerindex)
index
- index of X509Data in KeyInfo list (thus, KeyInfo.getType(index)
must be equal KeyInfoType.X509Data
)innerindex
- subindex in X509Data list
null
if KeyInfo.getType(index,innerindex)
is not KeyInfoType.X509SubjectName
X509Certificate getX509Certificate(int index, int innerindex)
index
- index of X509Data in KeyInfo list (thus, KeyInfo.getType(index)
must be equal KeyInfoType.X509Data
)innerindex
- subindex in X509Data list
null
if KeyInfo.getType(index,innerindex)
is not KeyInfoType.X509Certificate
X509CRL getX509CRL(int index, int innerindex)
index
- index of X509Data in KeyInfo list (thus, KeyInfo.getType(index)
must be equal KeyInfoType.X509Data
)innerindex
- subindex in X509Data list
null
if KeyInfo.getType(index,innerindex)
is not KeyInfoType.X509CRL
|
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |