Class X509Credential

  • All Implemented Interfaces:
    java.io.Serializable

    public class X509Credential
    extends java.lang.Object
    implements java.io.Serializable
    FILL ME

    This class equivalent was called GlobusCredential in CoG -maybe a better name?

    See Also:
    Serialized Form
    • Field Detail

      • logger

        private static org.apache.commons.logging.Log logger
      • certChain

        private java.security.cert.X509Certificate[] certChain
      • credentialLastModified

        private static long credentialLastModified
      • credentialSet

        private static boolean credentialSet
      • credentialFile

        private static java.io.File credentialFile
    • Method Detail

      • getCertificateChain

        public java.security.cert.X509Certificate[] getCertificateChain()
      • isEncryptedKey

        public boolean isEncryptedKey()
      • getDecodedPEMObject

        private static byte[] getDecodedPEMObject​(java.io.BufferedReader reader)
                                           throws java.io.IOException
        Reads Base64 encoded data from the stream and returns its decoded value. The reading continues until the "END" string is found in the data. Otherwise, returns null.
        Throws:
        java.io.IOException
      • saveKey

        public void saveKey​(java.io.OutputStream out)
                     throws java.io.IOException
        Throws:
        java.io.IOException
      • saveCertificateChain

        public void saveCertificateChain​(java.io.OutputStream out)
                                  throws java.io.IOException,
                                         java.security.cert.CertificateEncodingException
        Throws:
        java.io.IOException
        java.security.cert.CertificateEncodingException
      • save

        public void save​(java.io.OutputStream out)
                  throws java.io.IOException,
                         java.security.cert.CertificateEncodingException
        Throws:
        java.io.IOException
        java.security.cert.CertificateEncodingException
      • writeToFile

        public void writeToFile​(java.io.File file)
                         throws java.io.IOException,
                                java.security.cert.CertificateEncodingException
        Throws:
        java.io.IOException
        java.security.cert.CertificateEncodingException
      • writeToFile

        public void writeToFile​(java.io.File certFile,
                                java.io.File keyFile)
                         throws java.io.IOException,
                                java.security.cert.CertificateEncodingException
        Throws:
        java.io.IOException
        java.security.cert.CertificateEncodingException
      • getNotBefore

        public java.util.Date getNotBefore()
      • getCertNum

        public int getCertNum()
        Returns the number of certificates in the credential without the self-signed certificates.
        Returns:
        number of certificates without counting self-signed certificates
      • getStrength

        public int getStrength()
                        throws CredentialException
        Returns strength of the private/public key in bits.
        Returns:
        strength of the key in bits. Returns -1 if unable to determine it.
        Throws:
        CredentialException
      • getStrength

        public int getStrength​(java.lang.String password)
                        throws CredentialException
        Returns strength of the private/public key in bits.
        Returns:
        strength of the key in bits. Returns -1 if unable to determine it.
        Throws:
        CredentialException
      • getSubject

        public java.lang.String getSubject()
        Returns the subject DN of the first certificate in the chain.
        Returns:
        subject DN.
      • getIssuer

        public java.lang.String getIssuer()
        Returns the issuer DN of the first certificate in the chain.
        Returns:
        issuer DN.
      • getTimeLeft

        public long getTimeLeft()
        Returns time left of this credential. The time left of the credential is based on the certificate with the shortest validity time.
        Returns:
        time left in seconds. Returns 0 if the certificate has expired.
      • getIdentity

        public java.lang.String getIdentity()
        Returns the identity of this credential.
        Returns:
        The identity cert in Globus format (e.g. /C=US/..). Null, if unable to get the identity (an error occurred)
        See Also:
        getIdentityCertificate()
      • getIdentityCertificate

        public java.security.cert.X509Certificate getIdentityCertificate()
        Returns the identity certificate of this credential. The identity certificate is the first certificate in the chain that is not an impersonation proxy certificate.
        Returns:
        X509Certificate the identity cert. Null, if unable to get the identity certificate (an error occurred)
      • getPathConstraint

        public int getPathConstraint()
        Returns the path length constraint. The shortest length in the chain of certificates is returned as the credential's path length.
        Returns:
        The path length constraint of the credential. -1 is any error occurs.
      • verify

        public void verify()
                    throws CredentialException
        Verifies the validity of the credentials. All certificate path validation is performed using trusted certificates in default locations.
        Throws:
        CredentialException - if one of the certificates in the chain expired or if path validiation fails.
      • getDefaultCredential

        public static X509Credential getDefaultCredential()
                                                   throws CredentialException
        Returns the default credential. The default credential is usually the user proxy certificate.
        The credential will be loaded on the initial call. It must not be expired. All subsequent calls to this function return cached credential object. Once the credential is cached, and the underlying file changes, the credential will be reloaded.
        Returns:
        the default credential.
        Throws:
        CredentialException - if the credential expired or some other error with the credential.
      • setDefaultCredential

        public static void setDefaultCredential​(X509Credential cred)
        Sets default credential.
        Parameters:
        cred - the credential to set a default.
      • toString

        public java.lang.String toString()
        Overrides:
        toString in class java.lang.Object
      • equals

        public boolean equals​(java.lang.Object object)
        Overrides:
        equals in class java.lang.Object
      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class java.lang.Object