com.ibm.security.certclient.util
Class JPKI
- java.lang.Object
com.ibm.security.certclient.util.JPKI
All implemented interfaces:
- public class JPKI
- extends Object
- implements PkConstants
Field Summary
Fields inherited from interface com.ibm.security.certclient.base.PkConstants |
---|
BIG_TWO, PKI_DB_CONN, PKI_DB_CONNS, PKI_ISSUER_DN, PKI_ISSUER_HOST, PKI_ISSUER_PORT, PKI_OPER, PKI_ROOT |
Fields inherited from interface com.ibm.security.certclient.base.PkAttrKind |
---|
ATTR_APPLIED, ATTR_APPROVED, ATTR_NAMES |
Fields inherited from interface com.ibm.security.certclient.base.PkRevoConstants |
---|
REVO_BAD_SINCE_DATE, REVO_CRL_EXT, REVO_OPER, REVO_PUBLISH_IMMEDIATELY, REVO_REASON, REVO_ROOT |
Fields inherited from interface com.ibm.security.certclient.base.PkHttpConstants |
---|
HTTP_BASE_NAME, HTTP_FILE_NAME, HTTP_METHOD, HTTP_ROOT, HTTP_VERSION |
Fields inherited from interface com.ibm.security.certclient.base.PkPollConstants |
---|
POLL_REFERENCE, POLL_ROOT, POLL_TIME_TO_CHECK_BACK |
Constructor Summary
Constructor and Description |
---|
JPKI()
|
Method Summary
Modifier and Type | Method and Description |
---|---|
confRequest(Object[] values,Object[] initCertInfo)
Create a confirmation request
|
|
confRequest(String[] values)
|
|
confRequestForCr(String[] values,Object[] items)
|
|
initialCertRequest(byte[] base64pkcs10RequestAsByteArray,String[] values)
Creates an initial certificate request
|
|
initialCertRequest(com.ibm.security.pkcs10.CertificationRequest certReq,String[] values)
Creates an initial certificate request
|
|
initialCertRequest(String[] values,String[] subjectAltNames,String[] kUsage,PublicKey pubKey,PrivateKey privateKey)
Creates an initial certificate request
this method assumes that the public,private key pair has been generated
by the caller.
|
|
initialCertRequest(String[] values,String[] subjectAltNames,String[] kUsage,String[] extkUsage,PublicKey pubKey,PrivateKey privateKey)
|
|
revoRequest(BigInteger certSerialNumber,Object[] items)
Create a request to revoke a certificate
|
|
revoRequest(Object[] items)
Create a request to revoke a certificate
|
|
revoRequest(PublicKey publicKey,Object[] items)
Create a request to revoke a certificate
|
|
secnRequest(String[] values,String[] subjectAltNames,String[] kUsage,PublicKey publicKey,PrivateKey privateKey,Object[] initCertInfo)
Creates a subsequent certificate request
this method assumes that the public,private key pair has been generated
by the caller.
|
|
secnRequest(String[] values,String[] subjectAltNames,String[] kUsage,String[] extkUsage,PublicKey publicKey,PrivateKey privateKey,Object[] initCertInfo)
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail
JPKI
- public JPKI()
Method Detail
initialCertRequest
- public PkAttrs initialCertRequest( String[] values,
- String[] subjectAltNames,
- String[] kUsage,
- PublicKey pubKey,
- PrivateKey privateKey)
- throws Exception
Creates an initial certificate request
this method assumes that the public,private key pair has been generated
by the caller. The public key will be passed in by the user.
Parameters:
values
- array of string with values as follows:
subjectAltNames
- array for specifying subject alternative names. Zero or more values may be
specified in the following order. Specify null to indicate that no value is being specified.
kUsage
- array for specifying keyusage. Any of the values below can be specified. The last
value must be null.
pubKey
- public key for which certificate is being requested privateKey
- This is optional. private key corresponding to the above public key Returns:
PkAttrs attributes that make up a certificate request
Throws:
initialCertRequest
- public PkAttrs initialCertRequest( String[] values,
- String[] subjectAltNames,
- String[] kUsage,
- String[] extkUsage,
- PublicKey pubKey,
- PrivateKey privateKey)
- throws Exception
Throws:
initialCertRequest
- public PkAttrs initialCertRequest( byte[] base64pkcs10RequestAsByteArray,
- String[] values)
- throws Exception
Creates an initial certificate request
values
- array of string with values as follows:
Throws:
initialCertRequest
- public PkAttrs initialCertRequest( com.ibm.security.pkcs10.CertificationRequest certReq,
- String[] values)
- throws Exception
Creates an initial certificate request
Parameters:
certReq
- CertificationRequest - certificate request in PKCS#10 format values
- array of string with values as follows:
Throws:
confRequest
confRequest
Create a confirmation request
Parameters:
values
- array of objects with values as follows:
- 0 = PkiHeader corresponding to the header used in the certificate request
- 1 = initialAuthPassword //password used during the initial request
- 2 = reference number //reference number used during initial request
- 3 = revoPassword //this is optional
initCertInfo
- array of objects containing information from the initial certificate request:
If you specify the values below, the confirmation request is generated for
a subsequent request.
Returns:
PkAttrs attributes that make up a confirmation request
Throws:
secnRequest
- public PkAttrs secnRequest(String[] values,
- String[] subjectAltNames,
- String[] kUsage,
- PublicKey publicKey,
- PrivateKey privateKey,
- Object[] initCertInfo)
- throws Exception
Creates a subsequent certificate request
this method assumes that the public,private key pair has been generated
by the caller. The public key will be passed in to the user. This is useful
for applications that want to manage their own keystores
Parameters:
values
- array of string with values as follows:
subjectAltNames
- array for specifying subject alternative names. Zero or more values may be
specified in the following order. Specify null to indicate that no value is being specified.
kUsage
- array for specifying keyusage. Any of the values below can be specified. The last
value must be null.
initCertInfo
- array of objects containing information from the initial certificate request:
Returns:
PkAttrs attributes that make up a certificate request
Throws:
secnRequest
- public PkAttrs secnRequest(String[] values,
- String[] subjectAltNames,
- String[] kUsage,
- String[] extkUsage,
- PublicKey publicKey,
- PrivateKey privateKey,
- Object[] initCertInfo)
- throws Exception
Throws:
confRequestForCr
Throws:
revoRequest
Create a request to revoke a certificate
Parameters:
items
- array of objects with values as follows:
- 0 = certificate to be revoked, provided as an X509CertImpl object
- 1 = intReason an integer representing the reason for a revocation. Set to one of the following:
unused (0), keyCompromise (1), cACompromise (2), affiliationChanged (3), superseded (4), cessationOfOperation (5), certificateHold (6) }
- 2 = privateKey (optional)the private key of the subject whose certificate is being revoked.
- 3 = revocation-password (optional) the revocation password that was specified
when the certificate request was made. Note that either the private key or revocation
password must be provided, otherwise the request will be rejected.
Returns:
PkAttrs attributes that make up a revocation request
Throws:
revoRequest
- public PkAttrs revoRequest(BigInteger certSerialNumber,
- Object[] items)
- throws Exception
Create a request to revoke a certificate
items
- array of objects with values as follows:
- 0 = intReason an integer representing the reason for a revocation. Set to one of the following:
unused (0), keyCompromise (1), cACompromise (2), affiliationChanged (3), superseded (4), cessationOfOperation (5), certificateHold (6) }
- 1 = privateKey (optional)the private key of the subject whose certificate is being revoked.
- 2 = revocation-password (optional) the revocation password that was specified
when the certificate request was made. Note that either the private key or revocation
password must be provided, otherwise the request will be rejected.
Returns:
PkAttrs attributes that make up a revocation request
Throws:
revoRequest
Create a request to revoke a certificate
items
- array of objects with values as follows:
- 0 = publicKey the public key of the subject whose certificate is being revoked.
- 2 = 0 = intReason, 1= (Optional) privatKey, 2= revoPwd
Returns:
PkAttrs attributes that make up a revocation request
Throws: