Package org.jumpmind.security

Class BouncyCastleSecurityService

java.lang.Object

org.jumpmind.security.SecurityService

org.jumpmind.security.BouncyCastleSecurityService

All Implemented Interfaces:

ISecurityService

Direct Known Subclasses:

AzureKeyVaultSecurityService

public class BouncyCastleSecurityService
extends SecurityService

Field Summary

Fields inherited from class org.jumpmind.security.SecurityService

hasInitKeyStore, keyStoreFileName, keyStoreURL, log, secretKey, trustStoreFileName, trustStoreURL

Constructor Summary

Constructors

Constructor	Description
BouncyCastleSecurityService()

Method Summary

Modifier and Type	Method	Description
KeyStore.PrivateKeyEntry	createDefaultSslCert(String host)
KeyStore.PrivateKeyEntry	createSslCert(byte[] content, String fileType, String alias, String password)
protected KeyStore.Entry	createSslCert(byte[] content, String fileType, String alias, String password, boolean isKeyEntry)
KeyStore.TrustedCertificateEntry	createTrustedCert(byte[] content, String fileType, String alias, String password)
String	exportCurrentSslCert(boolean includePrivateKey)
String	exportTrustedCert(String alias)
protected KeyPair	generateRSAKeyPair()
protected X509Certificate	generateV1Certificate(String host, KeyPair pair)	Bouncy Castle library is needed for signing a public key to generate a certificate
X509Certificate	getCurrentSslCert()
void	installDefaultSamlSslCert(String host)
void	installDefaultSslCert(String host)
void	installSslCert(KeyStore.PrivateKeyEntry entry)
protected byte[]	readPemBytes(BufferedReader reader)
boolean	supportsBackupCertificate()
boolean	supportsExportCertificate()
boolean	supportsGenerateSelfSignedCertificate()
boolean	supportsImportCertificate()

Methods inherited from class org.jumpmind.security.SecurityService

checkThatKeystoreFileExists, decrypt, deleteKeystoreEntry, encrypt, getBytes, getCipher, getDefaultSecretKey, getKeyManagerFactory, getKeyManagerFactoryAlgorithm, getKeyStore, getKeystoreEntry, getKeyStorePassword, getKeyStoreType, getTrustStore, getTrustStorePassword, init, initializeCipher, initializeSecretKey, installTrustedCert, nextSecureHexString, obfuscate, saveKeyStore, saveTrustStore, setKeystoreEntry, unobfuscate, unobfuscateIfNeeded

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

BouncyCastleSecurityService

public BouncyCastleSecurityService()

Method Details

generateRSAKeyPair

protected KeyPair generateRSAKeyPair()
                              throws Exception

Throws:

Exception

supportsExportCertificate

public boolean supportsExportCertificate()

Specified by:

supportsExportCertificate in interface ISecurityService

Overrides:

supportsExportCertificate in class SecurityService

supportsImportCertificate

public boolean supportsImportCertificate()

Specified by:

supportsImportCertificate in interface ISecurityService

Overrides:

supportsImportCertificate in class SecurityService

supportsBackupCertificate

public boolean supportsBackupCertificate()

Specified by:

supportsBackupCertificate in interface ISecurityService

Overrides:

supportsBackupCertificate in class SecurityService

supportsGenerateSelfSignedCertificate

public boolean supportsGenerateSelfSignedCertificate()

Specified by:

supportsGenerateSelfSignedCertificate in interface ISecurityService

Overrides:

supportsGenerateSelfSignedCertificate in class SecurityService

generateV1Certificate

protected X509Certificate generateV1Certificate(String host,
 KeyPair pair)
                                         throws Exception

Bouncy Castle library is needed for signing a public key to generate a certificate

Throws:

Exception

installDefaultSslCert

public void installDefaultSslCert(String host)

Specified by:

installDefaultSslCert in interface ISecurityService

Overrides:

installDefaultSslCert in class SecurityService

installDefaultSamlSslCert

public void installDefaultSamlSslCert(String host)

Specified by:

installDefaultSamlSslCert in interface ISecurityService

Overrides:

installDefaultSamlSslCert in class SecurityService

createDefaultSslCert

public KeyStore.PrivateKeyEntry createDefaultSslCert(String host)

Specified by:

createDefaultSslCert in interface ISecurityService

Overrides:

createDefaultSslCert in class SecurityService

installSslCert

public void installSslCert(KeyStore.PrivateKeyEntry entry)

Specified by:

installSslCert in interface ISecurityService

Overrides:

installSslCert in class SecurityService

createSslCert

public KeyStore.PrivateKeyEntry createSslCert(byte[] content,
 String fileType,
 String alias,
 String password)

Specified by:

createSslCert in interface ISecurityService

Overrides:

createSslCert in class SecurityService

createTrustedCert

public KeyStore.TrustedCertificateEntry createTrustedCert(byte[] content,
 String fileType,
 String alias,
 String password)

Specified by:

createTrustedCert in interface ISecurityService

Overrides:

createTrustedCert in class SecurityService

createSslCert

protected KeyStore.Entry createSslCert(byte[] content,
 String fileType,
 String alias,
 String password,
 boolean isKeyEntry)

readPemBytes

protected byte[] readPemBytes(BufferedReader reader)
                       throws IOException,
CertificateException

Throws:

IOException

CertificateException

getCurrentSslCert

public X509Certificate getCurrentSslCert()

Specified by:

getCurrentSslCert in interface ISecurityService

Overrides:

getCurrentSslCert in class SecurityService

exportCurrentSslCert

public String exportCurrentSslCert(boolean includePrivateKey)

Specified by:

exportCurrentSslCert in interface ISecurityService

Overrides:

exportCurrentSslCert in class SecurityService

exportTrustedCert

public String exportTrustedCert(String alias)

Specified by:

exportTrustedCert in interface ISecurityService

Overrides:

exportTrustedCert in class SecurityService