Package com.isode.dsapi.x509

Class PendingIdentity

java.lang.Object
com.isode.dsapi.x509.PendingIdentity
public class PendingIdentity extends Object
Convenience class that wraps information about a CertificateRequest and associated Key in a single object representing an Identity that the user has started to create but that he hasn't yet been matched with a certificate from a CA.

  • Constructor Details

    • PendingIdentity

      public PendingIdentity(CsrGenerator csrgen)
      Create a new object out of a CsrGenerator, and synthesize a filename for it
      Parameters:
      csrgen -

    • PendingIdentity

      public PendingIdentity(String reqFilename, String passphrase) throws CryptoException
      Create an object by loading the components from the filesystem
      Parameters:
      reqFilename - the name of the CSR file. This will be a String ending in ".p10". The same filename, with ".p10" replaced with ".pem" will be read in order to obtain the key.
      passphrase - the passphrase to be used to decrypt the key file.
      Throws:
      CryptoException - if one or other of the files cannot be found, or if passphrase does not decrypt the key file.
      IllegalArgumentException - if csrFilename doesn't end with ".p10"

  • Method Details

    • getParentDirectory

      public String getParentDirectory()
      Get the parent directory of the pending identity.
      Returns:
      directory containing all files related to a pending identity (passphrase and csr file)

    • toString

      public String toString()
      Return a String containing the subject DN of this PendingIdentity. This makes the class suitable for use in a ListBrowser.
      Overrides:
      toString in class Object
      Returns:
      string representation

    • getDNString

      public String getDNString()
      Return the subject DN of this PendingIdentity, or the string "[invalid]" if the subject cannot be determined.
      Returns:
      subject dn

    • getDN

      public DN getDN()
      Return a DN representing the subject of this certificate request.
      Returns:
      a DN, or null if the subject string can't be parsed into a DN.

    • getCertificateRequest

      public CertificateRequest getCertificateRequest()
      Extract the CertificateRequest object
      Returns:
      the CertificateRequest contained in this object.

    • getKey

      public SSLKey getKey()
      Extract the SSLKey object.
      Returns:
      the SSLKey in this object.

    • setFilename

      public void setFilename(String fileName)
      Set the simple name(without extension) of the files that would be generated. For example if filename is 123456 ,then it would generate files 123456.p10, 123456.pem and so on
      Parameters:
      fileName - simple file name without extension
      Since:
      15.0

    • getCsrFilename

      public String getCsrFilename()
      Return a filename suitable for saving the CSR. This is the filename only, i.e. no directory specification is included.
      Returns:
      a filename.

    • getPemCsrFilename

      public String getPemCsrFilename()
      Return a filename suitable for saving the CSR in PEM format. This is the filename only, i.e. no directory specification is included.
      Returns:
      a filename.

    • getKeyFilename

      public String getKeyFilename()
      Return a filename suitable for saving the key. This is the filename only, i.e. no directory specification is included.
      Returns:
      a filename.

    • getKeyPphrFilename

      public String getKeyPphrFilename()
      Return a filename suitable for saving the key passphrase file. This is the filename only, i.e. no directory specification is included.
      Returns:
      a filename.
      Since:
      15.0

    • getCertFilenames

      public String[] getCertFilenames()
      Return possible filename which should be used to read the certificate for this PendingIdentity. This is the filenames only, i.e. no directory specification is included.
      Returns:
      filenames, not null

    • getPKCS12Filename

      public String getPKCS12Filename()
      Return a filename which should be used as the PKCS#12 file for this PendingIdentity. This is the filename only, i.e. no directory specification is included.
      Returns:
      a filename.

    • getCreationTime

      public Date getCreationTime()
      Determine the time when this object was created. For an object which has been created but not saved to disk, this will be the time when it was instantiated. For an object restored from disk, this will be the modification time of the disk file containing the PKCS#10 CSR (which may not be the same as the time when the initial request was created).
      Returns:
      an approximate time when this PendingIdentity was created.

    • saveToDisk

      public void saveToDisk(String directory, String passphrase, boolean writePassphrase, boolean makeNameUnique) throws IOException
      Save this PendingIdentity to disk in a specified directory. This will save the Certificate Request in a ".p10" file, and the encrypted key in a ".pem" file.
      Parameters:
      directory - the directory in which to save the files representing this PendingIdentity
      passphrase - the passphrase to use to encrypt sensitive data
      writePassphrase - true if the passphrase should be saved in a "filename".pem.pphr file and false otherwise
      makeNameUnique - if this is true, a unique name will be generated for saving the files.
      Throws:
      IOException - if a problem occurred writing the files.
      Since:
      15.0

    • saveToDisk

      public void saveToDisk(String directory, String passphrase, boolean makeNameUnique) throws IOException
      Save this PendingIdentity to disk in a specified directory. This will save the Certificate Request in a ".p10" file, and the encrypted key in a ".pem" file.
      Parameters:
      directory - the directory in which to save the files representing this PendingIdentity
      passphrase - the passphrase to use to encrypt sensitive data
      makeNameUnique - if this is true, a unique name will be generated for saving the files. The function will check for the presence of csr filename and append a number until it becomes a unique name. The same name will be used for the key and passphrase file.
      Throws:
      IOException - if a problem occurred writing the files.

    • removeFiles

      public boolean removeFiles()
      Remove from disk any files that correspond with this PendingIdentity. This will remove the CSR (.p10) and key (.pem) files if they exist. It is expected that after calling this method, the object won't be used any more. Note that this method should be used to remove files if the identity has been created using the constructor PendingIdentity(String, String) where the parent directory was known
      Returns:
      true if the files were deleted, false otherwise.
      See Also:

    • removeFiles

      public boolean removeFiles(String identityParentDir)
      Remove from disk any files that correspond with this PendingIdentity. This will remove the CSR (.p10) and key (.pem) files if they exist. It is expected that after calling this method, the object won't be used any more.
      Parameters:
      identityParentDir - the directory where the identity files are present, should not be null
      Returns:
      true if the files were deleted, false otherwise.
      Since:
      15.1
      See Also:

    • generateCertificateRequest

      public void generateCertificateRequest(String subjectDn, Extensions exts) throws CryptoException
      Generate certificate request
      Parameters:
      subjectDn - subject of the request
      exts - extensions
      Throws:
      CryptoException - if there is error while generating the request

    • generateKeys

      public void generateKeys(String algorithm, int keySize, String ecCurve) throws CryptoException
      Generated the Certificate Request for the identity being represented . It ensures that Key is not generated if the options have not been changed since its last call.
      Parameters:
      algorithm - - Public Key Algorithm
      keySize - - Key Size
      ecCurve - curve to be used for ECDSA keys, can be null for other algorithms
      Throws:
      CryptoException - if there is an error generating Certificate Request from Crypto Library

    • getPendingIdType

      public PendingIdentity.PENDING_ID_TYPE getPendingIdType()
      Get the Pending Identity Type
      Returns:
      Pending Identity Type

    • isOnDisk

      public boolean isOnDisk()
      Determine if the pending identity exists on disk
      Returns:
      true if it comes from disk (PendingIdentity(String, String) or has been written to disk (, #saveToDisk(String, String, boolean, boolean) and false otherwise