org.iaccess.CredentialManager
Class CertificateManager

java.lang.Object
  extended by org.iaccess.CredentialManager.CertificateManager

public class CertificateManager
extends java.lang.Object

Manages with digital certificates validation and verification, and initializaiton of trusted CAs and SOAs.

For more information consult the source.


Field Summary
static java.util.Hashtable CredentialsValidity
           
 
Constructor Summary
CertificateManager()
          Creates a new instance of CertificateManager
 
Method Summary
static java.lang.String accessDecisionToSAML(int decision, java.lang.String servReq, java.lang.String sessionID, java.lang.String Identity, long accessDecisionTimeValidity)
          Generates a SAML Authorization Decision Statement.
static int checkSignatureAttrCert(org.bouncycastle.x509.X509V2AttributeCertificate certificate, java.util.ArrayList PublicKeysOfCA)
           
static org.bouncycastle.x509.X509V2AttributeCertificate createX509AttrObject(byte[] certDecoded)
           
static byte[] decodeCertificate(java.lang.String certAsString)
           
static java.lang.String getCertFilePath(java.lang.String ServiceRequest)
           
static java.lang.String getCredential(java.lang.String cred, java.lang.String anyValueTerm)
           
static java.util.ArrayList loadCAPublicKeys()
          Loads trusted CAs' Public Keys.
static void loadMyCredentials()
          Loads credentials in possession by the agent.
static java.util.ArrayList loadSOAPublicKeys()
          Loads trusted SOAs' Public Keys.
static java.lang.String loadSSLKeystoreAndGetHolderDNToLogic()
          Loads the private key in the memory and extracts the holder of the X.509 ID certificate in the corresponding to the private key in the SSL keystore.
static void loadTrustedPublicKeys()
          Calls loadSOAPublicKeys(), loadCAPublicKeys(), and BouncyCastleProvider() if not already loaded/set up.
static CertificateLogical mappingToLogicalSSL(java.lang.String certAsString, long sessionValidNotAfter)
          Maps a certificate received over a secure SSL connection (Base64 encoded) to a logic format.
static java.lang.String setCertificateFromFile(java.lang.String certFilePath)
          Loads a certificate from a local file (certFilePath).
static boolean verifyX509AttrCert(org.bouncycastle.x509.X509V2AttributeCertificate certificate, java.util.ArrayList PublicKeysOfCA, long sessionValidNotAfter)
           
static boolean verifyX509IDCert(java.security.cert.X509Certificate certificate, java.util.ArrayList PublicKeysOfCA, long sessionValidNotAfter)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

CredentialsValidity

public static java.util.Hashtable CredentialsValidity
Constructor Detail

CertificateManager

public CertificateManager()
Creates a new instance of CertificateManager

Method Detail

loadMyCredentials

public static void loadMyCredentials()
Loads credentials in possession by the agent.


loadSSLKeystoreAndGetHolderDNToLogic

public static java.lang.String loadSSLKeystoreAndGetHolderDNToLogic()
Loads the private key in the memory and extracts the holder of the X.509 ID certificate in the corresponding to the private key in the SSL keystore. The holder is transformed into a logical representation. The function retrieves the first key entry in the store.


loadSOAPublicKeys

public static java.util.ArrayList loadSOAPublicKeys()
Loads trusted SOAs' Public Keys.


loadCAPublicKeys

public static java.util.ArrayList loadCAPublicKeys()
Loads trusted CAs' Public Keys.


loadTrustedPublicKeys

public static void loadTrustedPublicKeys()
Calls loadSOAPublicKeys(), loadCAPublicKeys(), and BouncyCastleProvider() if not already loaded/set up.


setCertificateFromFile

public static java.lang.String setCertificateFromFile(java.lang.String certFilePath)
Loads a certificate from a local file (certFilePath).


decodeCertificate

public static byte[] decodeCertificate(java.lang.String certAsString)

createX509AttrObject

public static org.bouncycastle.x509.X509V2AttributeCertificate createX509AttrObject(byte[] certDecoded)

verifyX509AttrCert

public static boolean verifyX509AttrCert(org.bouncycastle.x509.X509V2AttributeCertificate certificate,
                                         java.util.ArrayList PublicKeysOfCA,
                                         long sessionValidNotAfter)

verifyX509IDCert

public static boolean verifyX509IDCert(java.security.cert.X509Certificate certificate,
                                       java.util.ArrayList PublicKeysOfCA,
                                       long sessionValidNotAfter)

checkSignatureAttrCert

public static int checkSignatureAttrCert(org.bouncycastle.x509.X509V2AttributeCertificate certificate,
                                         java.util.ArrayList PublicKeysOfCA)

mappingToLogicalSSL

public static CertificateLogical mappingToLogicalSSL(java.lang.String certAsString,
                                                     long sessionValidNotAfter)
Maps a certificate received over a secure SSL connection (Base64 encoded) to a logic format.


getCredential

public static java.lang.String getCredential(java.lang.String cred,
                                             java.lang.String anyValueTerm)

getCertFilePath

public static java.lang.String getCertFilePath(java.lang.String ServiceRequest)

accessDecisionToSAML

public static java.lang.String accessDecisionToSAML(int decision,
                                                    java.lang.String servReq,
                                                    java.lang.String sessionID,
                                                    java.lang.String Identity,
                                                    long accessDecisionTimeValidity)
Generates a SAML Authorization Decision Statement.