Field Detail

• logger

  public static org.slf4j.Logger logger

• PROP_DEFAULT_SIGNALG

  public static final java.lang.String PROP_DEFAULT_SIGNALG

  See Also:

  Constant Field Values

• PROP_CA_CERT_NICKNAME

  @Deprecated
  public static final java.lang.String PROP_CA_CERT_NICKNAME

  Deprecated.

  The cacertnickname has been replaced with certnickname. TODO: Remove cacertnickname property from existing instances with an upgrade script.

  See Also:

  Constant Field Values

• PROP_CERT_NICKNAME

  public static final java.lang.String PROP_CERT_NICKNAME

  See Also:

  Constant Field Values

• PROP_TOKEN_NAME

  public static final java.lang.String PROP_TOKEN_NAME

  See Also:

  Constant Field Values

• PROP_NEW_NICKNAME

  public static final java.lang.String PROP_NEW_NICKNAME

  See Also:

  Constant Field Values

• mManager

  protected org.mozilla.jss.CryptoManager mManager

• mToken

  protected org.mozilla.jss.crypto.CryptoToken mToken

• mPubk

  protected java.security.PublicKey mPubk

• mPrivk

  protected org.mozilla.jss.crypto.PrivateKey mPrivk

• mCert

  protected org.mozilla.jss.crypto.X509Certificate mCert

• mCertImpl

  protected org.mozilla.jss.netscape.security.x509.X509CertImpl mCertImpl

• certChain

  protected org.mozilla.jss.netscape.security.x509.CertificateChain certChain

• mNickname

  protected java.lang.String mNickname

• mInited

  protected boolean mInited

• mConfig

  protected IConfigStore mConfig

• mDefSigningAlgname

  protected java.lang.String mDefSigningAlgname

• mDefSigningAlgorithm

  protected org.mozilla.jss.crypto.SignatureAlgorithm mDefSigningAlgorithm

Constructor Detail

• SigningUnit

  public SigningUnit()

Method Detail

• getNickname

  public java.lang.String getNickname()

  Retrieves the nickname of the signing certificate.

• getNewNickName

  public java.lang.String getNewNickName()
                                  throws EBaseException

  Retrieves the new nickname in the renewal process.

  Returns:

  new nickname

  Throws:

  EBaseException - failed to get new nickname

• setNewNickName

  public void setNewNickName​(java.lang.String name)

  Sets new nickname of the signing certificate.

  Parameters:

  name - nickname

• getCert

  public org.mozilla.jss.crypto.X509Certificate getCert()

  Retrieves the signing certificate.

  Returns:

  signing certificate

• getCertImpl

  public org.mozilla.jss.netscape.security.x509.X509CertImpl getCertImpl()

  Retrieves the signing certificate.

  Returns:

  signing certificate

• buildCertChain

  public void buildCertChain()
                      throws org.mozilla.jss.NotInitializedException,
                             java.security.cert.CertificateException,
                             org.mozilla.jss.crypto.TokenException

  Throws:

  org.mozilla.jss.NotInitializedException

  java.security.cert.CertificateException

  org.mozilla.jss.crypto.TokenException

• getCertChain

  public org.mozilla.jss.netscape.security.x509.CertificateChain getCertChain()

• sign

  public abstract byte[] sign​(byte[] data,
                              java.lang.String algname)
                       throws java.lang.Exception

  Signs the given data in specific algorithm.

  Parameters:

  data - data to be signed

  algname - signing algorithm to be used

  Returns:

  signed data

  Throws:

  java.lang.Exception - failed to sign

• verify

  public abstract boolean verify​(byte[] data,
                                 byte[] signature,
                                 java.lang.String algname)
                          throws java.lang.Exception

  Verifies the signed data.

  Parameters:

  data - signed data

  signature - signature

  algname - signing algorithm

  Returns:

  true if verification is good

  Throws:

  java.lang.Exception - failed to verify

• getDefaultSignatureAlgorithm

  public org.mozilla.jss.crypto.SignatureAlgorithm getDefaultSignatureAlgorithm()

  Retrieves the default algorithm.

  Returns:

  default signing algorithm

• getDefaultAlgorithm

  public java.lang.String getDefaultAlgorithm()

  Retrieves the default algorithm name.

  Returns:

  default signing algorithm name

• setDefaultAlgorithm

  public void setDefaultAlgorithm​(java.lang.String algorithm)
                           throws EBaseException

  Set default signing algorithm.

  Parameters:

  algorithm - signing algorithm

  Throws:

  EBaseException - failed to set default signing algorithm

• getAllAlgorithms

  public java.lang.String[] getAllAlgorithms()
                                      throws EBaseException

  Retrieves all supported signing algorithm of this unit.

  Returns:

  a list of signing algorithms

  Throws:

  EBaseException - failed to list

• getTokenName

  public java.lang.String getTokenName()
                                throws EBaseException

  Retrieves the token name of this unit.

  Returns:

  token name

  Throws:

  EBaseException - failed to retrieve name

• updateConfig

  public abstract void updateConfig​(java.lang.String nickname,
                                    java.lang.String tokenname)

  Updates new nickname and tokename in the configuration file.

  Parameters:

  nickname - new nickname

  tokenname - new tokenname

• checkSigningAlgorithmFromName

  public org.mozilla.jss.crypto.SignatureAlgorithm checkSigningAlgorithmFromName​(java.lang.String algname)
                                                                          throws EBaseException

  Checks if the given algorithm name is supported.

  Parameters:

  algname - algorithm name from JCA

  Returns:

  JSS signing algorithm

  Throws:

  EBaseException - failed to check signing algorithm

• getPublicKey

  public java.security.PublicKey getPublicKey()

  Retrieves the public key associated in this unit.

  Returns:

  public key

• getPrivateKey

  public org.mozilla.jss.crypto.PrivateKey getPrivateKey()

  Retrieves the private key associated in this unit.

  Returns:

  public key