public interface Crypto
Modifier and Type | Method and Description |
---|---|
byte[] |
getBytesFromCertificates(X509Certificate[] certs)
Get a byte array given an array of X509 certificates.
|
CertificateFactory |
getCertificateFactory()
Get the CertificateFactory instance on this Crypto instance
|
X509Certificate[] |
getCertificatesFromBytes(byte[] data)
Construct an array of X509Certificate's from the byte array.
|
String |
getCryptoProvider()
Get the crypto provider associated with this implementation
|
String |
getDefaultX509Identifier()
Retrieves the identifier name of the default certificate.
|
PrivateKey |
getPrivateKey(String identifier,
String password)
Gets the private key corresponding to the identifier.
|
PrivateKey |
getPrivateKey(X509Certificate certificate,
CallbackHandler callbackHandler)
Gets the private key corresponding to the certificate.
|
byte[] |
getSKIBytesFromCert(X509Certificate cert)
Reads the SubjectKeyIdentifier information from the certificate.
|
X509Certificate[] |
getX509Certificates(CryptoType cryptoType)
Get an X509Certificate (chain) corresponding to the CryptoType argument.
|
String |
getX509Identifier(X509Certificate cert)
Get the implementation-specific identifier corresponding to the cert parameter, e.g.
|
X509Certificate |
loadCertificate(InputStream in)
Load a X509Certificate from the input stream.
|
void |
setCertificateFactory(String provider,
CertificateFactory certFactory)
Sets the CertificateFactory instance on this Crypto instance
|
void |
setCryptoProvider(String provider)
Set the crypto provider associated with this implementation
|
void |
setDefaultX509Identifier(String identifier)
Sets the identifier name of the default certificate.
|
boolean |
verifyTrust(PublicKey publicKey)
Evaluate whether a given public key should be trusted.
|
boolean |
verifyTrust(X509Certificate[] certs)
Deprecated.
|
boolean |
verifyTrust(X509Certificate[] certs,
boolean enableRevocation)
Evaluate whether a given certificate chain should be trusted.
|
String getCryptoProvider()
void setCryptoProvider(String provider)
provider
- the crypto provider to setString getDefaultX509Identifier() throws WSSecurityException
WSSecurityException
void setDefaultX509Identifier(String identifier)
identifier
- name of the default X509 certificate.void setCertificateFactory(String provider, CertificateFactory certFactory)
provider
- the CertificateFactory provider namecertFactory
- the CertificateFactory the CertificateFactory instance to setCertificateFactory getCertificateFactory() throws WSSecurityException
CertificateFactory
to construct
X509 certificatesWSSecurityException
X509Certificate loadCertificate(InputStream in) throws WSSecurityException
in
- The InputStream
containing the X509 dataWSSecurityException
byte[] getSKIBytesFromCert(X509Certificate cert) throws WSSecurityException
cert
- The certificate to read SKIWSSecurityException
byte[] getBytesFromCertificates(X509Certificate[] certs) throws WSSecurityException
certs
- The certificates to convertWSSecurityException
X509Certificate[] getCertificatesFromBytes(byte[] data) throws WSSecurityException
data
- The byte
array containing the X509 dataWSSecurityException
X509Certificate[] getX509Certificates(CryptoType cryptoType) throws WSSecurityException
WSSecurityException
String getX509Identifier(X509Certificate cert) throws WSSecurityException
cert
- The X509Certificate for which to search for an identifierWSSecurityException
PrivateKey getPrivateKey(X509Certificate certificate, CallbackHandler callbackHandler) throws WSSecurityException
certificate
- The X509Certificate corresponding to the private keycallbackHandler
- The callbackHandler needed to get the passwordWSSecurityException
PrivateKey getPrivateKey(String identifier, String password) throws WSSecurityException
identifier
- The implementation-specific identifier corresponding to the keypassword
- The password needed to get the keyWSSecurityException
@Deprecated boolean verifyTrust(X509Certificate[] certs) throws WSSecurityException
certs
- Certificate chain to validateWSSecurityException
boolean verifyTrust(X509Certificate[] certs, boolean enableRevocation) throws WSSecurityException
certs
- Certificate chain to validateenableRevocation
- whether to enable CRL verification or notWSSecurityException
boolean verifyTrust(PublicKey publicKey) throws WSSecurityException
publicKey
- The PublicKey to be evaluatedWSSecurityException
Copyright © 2004–2017 The Apache Software Foundation. All rights reserved.