All Known Implementing Classes:

AbstractCrypto, BouncyCastle, Merlin
```
public interface Crypto
```
Crypto.

Author:

Davanum Srinivas (dims@yahoo.com).

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method	Description
`java.lang.String[]`	`getAliasesForDN(java.lang.String subjectDN)`	Lookup X509 Certificates in the keystore according to a given DN of the subject of the certificate
`java.lang.String`	`getAliasForX509Cert(byte[] skiBytes)`	Lookup a X509 Certificate in the keystore according to a given SubjectKeyIdentifier.
`java.lang.String`	`getAliasForX509Cert(java.lang.String issuer)`	Lookup a X509 Certificate in the keystore according to a given the issuer of a Certficate.
`java.lang.String`	`getAliasForX509Cert(java.lang.String issuer, java.math.BigInteger serialNumber)`	Search a X509 Certificate in the keystore according to a given serial number and the issuer of a Certficate.
`java.lang.String`	`getAliasForX509Cert(java.security.cert.Certificate cert)`	Return a X509 Certificate alias in the keystore according to a given Certificate
`java.lang.String`	`getAliasForX509CertThumb(byte[] thumb)`	Lookup a X509 Certificate in the keystore according to a given Thumbprint.
`byte[]`	`getCertificateData(boolean reverse, java.security.cert.X509Certificate[] certs)`	get a byte array given an array of X509 certificates.
`java.security.cert.CertificateFactory`	`getCertificateFactory()`	Gets the CertificateFactory instantiated by the underlying implementation
`java.security.cert.X509Certificate[]`	`getCertificates(java.lang.String alias)`	get the list of certificates for a given alias.
`java.lang.String`	`getDefaultX509Alias()`	Retrieves the alias name of the default certificate which has been specified as a property.
`java.security.KeyStore`	`getKeyStore()`	Gets the Keystore that was loaded by the underlying implementation
`java.security.PrivateKey`	`getPrivateKey(java.lang.String alias, java.lang.String password)`	Gets the private key identified by `alias and password.`
`byte[]`	`getSKIBytesFromCert(java.security.cert.X509Certificate cert)`	Reads the SubjectKeyIdentifier information from the certificate.
`java.security.cert.X509Certificate[]`	`getX509Certificates(byte[] data, boolean reverse)`	Construct an array of X509Certificate's from the byte array.
`java.security.cert.X509Certificate`	`loadCertificate(java.io.InputStream in)`	load a X509Certificate from the input stream.
`boolean`	`validateCertPath(java.security.cert.X509Certificate[] certs)`	Uses the CertPath API to validate a given certificate chain

- Method Detail
  - loadCertificate
```
java.security.cert.X509Certificate loadCertificate(java.io.InputStream in)
                                            throws WSSecurityException
```
    load a X509Certificate from the input stream.
    
    Parameters:
    
    in - The InputStream array containg the X509 data
    
    Returns:
    
    An X509 certificate
    
    Throws:
    
    WSSecurityException
  - getX509Certificates
```
java.security.cert.X509Certificate[] getX509Certificates(byte[] data,
                                                         boolean reverse)
                                                  throws WSSecurityException
```
    Construct an array of X509Certificate's from the byte array.
    
    Parameters:
    
    data - The byte array containg the X509 data
    
    reverse - If set the first certificate in input data will the last in the array
    
    Returns:
    
    An array of X509 certificates, ordered according to the reverse flag
    
    Throws:
    
    WSSecurityException
  - getCertificateData
```
byte[] getCertificateData(boolean reverse,
                          java.security.cert.X509Certificate[] certs)
                   throws WSSecurityException
```
    get a byte array given an array of X509 certificates.
    
    Parameters:
    
    reverse - If set the first certificate in the array data will the last in the byte array
    
    certs - The certificates to convert
    
    Returns:
    
    The byte array for the certficates ordered according to the reverse flag
    
    Throws:
    
    WSSecurityException
  - getPrivateKey
```
java.security.PrivateKey getPrivateKey(java.lang.String alias,
                                       java.lang.String password)
                                throws java.lang.Exception
```
    Gets the private key identified by alias and password.
    Parameters: alias - The alias (KeyStore) of the key owner password - The password needed to access the private key Returns: The private key Throws: java.lang.Exception
  getCertificates java.security.cert.X509Certificate[] getCertificates(java.lang.String alias) throws WSSecurityException get the list of certificates for a given alias. This method reads a new certificate chain and overwrites a previously stored certificate chain. Parameters: alias - Lookup certificate chain for this alias Returns: Array of X509 certificates for this alias name, or null if this alias does not exist in the keystore Throws: WSSecurityException getAliasForX509Cert java.lang.String getAliasForX509Cert(java.security.cert.Certificate cert) throws WSSecurityException Return a X509 Certificate alias in the keystore according to a given Certificate Parameters: cert - The certificate to lookup Returns: alias name of the certificate that matches the given certificate or null if no such certificate was found. See comment above See comment above Throws: WSSecurityException getAliasForX509Cert java.lang.String getAliasForX509Cert(java.lang.String issuer) throws WSSecurityException Lookup a X509 Certificate in the keystore according to a given the issuer of a Certficate. The search gets all alias names of the keystore and gets the certificate chain for each alias. Then the Issuer fo each certificate of the chain is compared with the parameters. Parameters: issuer - The issuer's name for the certificate Returns: alias name of the certificate that matches the issuer name or null if no such certificate was found. Throws: WSSecurityException getAliasForX509Cert java.lang.String getAliasForX509Cert(java.lang.String issuer, java.math.BigInteger serialNumber) throws WSSecurityException Search a X509 Certificate in the keystore according to a given serial number and the issuer of a Certficate. The search gets all alias names of the keystore and gets the certificate chain for each alias. Then the SerialNumber and Issuer fo each certificate of the chain is compared with the parameters. Parameters: issuer - The issuer's name for the certificate serialNumber - The serial number of the certificate from the named issuer Returns: alias name of the certificate that matches serialNumber and issuer name or null if no such certificate was found. Throws: WSSecurityException getAliasForX509Cert java.lang.String getAliasForX509Cert(byte[] skiBytes) throws WSSecurityException Lookup a X509 Certificate in the keystore according to a given SubjectKeyIdentifier. The search gets all alias names of the keystore and gets the certificate chain or certificate for each alias. Then the SKI for each user certificate is compared with the SKI parameter. Parameters: skiBytes - The SKI info bytes Returns: alias name of the certificate that matches serialNumber and issuer name or null if no such certificate was found. Throws: WSSecurityException getDefaultX509Alias java.lang.String getDefaultX509Alias() Retrieves the alias name of the default certificate which has been specified as a property. This should be the certificate that is used for signature and encryption. This alias corresponds to the certificate that should be used whenever KeyInfo is not poresent in a signed or an encrypted message. May return null. Returns: alias name of the default X509 certificate. getSKIBytesFromCert byte[] getSKIBytesFromCert(java.security.cert.X509Certificate cert) throws WSSecurityException Reads the SubjectKeyIdentifier information from the certificate. Parameters: cert - The certificate to read SKI Returns: The byte array conating the binary SKI data Throws: WSSecurityException getAliasForX509CertThumb java.lang.String getAliasForX509CertThumb(byte[] thumb) throws WSSecurityException Lookup a X509 Certificate in the keystore according to a given Thumbprint. The search gets all alias names of the keystore, then reads the certificate chain or certificate for each alias. Then the thumbprint for each user certificate is compared with the thumbprint parameter. Parameters: thumb - The SHA1 thumbprint info bytes Returns: alias name of the certificate that matches the thumbprint or null if no such certificate was found. Throws: WSSecurityException - if problems during keystore handling or wrong certificate getKeyStore java.security.KeyStore getKeyStore() Gets the Keystore that was loaded by the underlying implementation Returns: the Keystore getCertificateFactory java.security.cert.CertificateFactory getCertificateFactory() throws WSSecurityException Gets the CertificateFactory instantiated by the underlying implementation Returns: the CertificateFactory Throws: WSSecurityException validateCertPath boolean validateCertPath(java.security.cert.X509Certificate[] certs) throws WSSecurityException Uses the CertPath API to validate a given certificate chain Parameters: certs - Certificate chain to validate Returns: true if the certificate chain is valid, false otherwise Throws: WSSecurityException getAliasesForDN java.lang.String[] getAliasesForDN(java.lang.String subjectDN) throws WSSecurityException Lookup X509 Certificates in the keystore according to a given DN of the subject of the certificate Parameters: subjectDN - The DN of subject to look for in the keystore Returns: Vector with all alias of certificates with the same DN as given in the parameters Throws: WSSecurityException

Interface Crypto

Method Summary

Method Detail

loadCertificate

getX509Certificates

getCertificateData

getPrivateKey

getCertificates

getAliasForX509Cert

getAliasForX509Cert

getAliasForX509Cert

getAliasForX509Cert

getDefaultX509Alias

getSKIBytesFromCert

getAliasForX509CertThumb

getKeyStore

getCertificateFactory

validateCertPath

getAliasesForDN