Package se.swedenconnect.signservice.certificate.simple.ca

Class BasicCAService

java.lang.Object

se.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>

se.swedenconnect.signservice.certificate.simple.ca.BasicCAService

All Implemented Interfaces:

se.swedenconnect.ca.engine.ca.issuer.CAService

public class BasicCAService
extends se.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>

Basic CA service implementation equipped to issue certificates to signers.

Constructor Summary

Constructors

Constructor	Description
BasicCAService(PkiCredential caCredential, se.swedenconnect.ca.engine.ca.repository.CARepository caRepository, se.swedenconnect.ca.engine.ca.issuer.CertificateIssuerModel issuerModel, se.swedenconnect.ca.engine.revocation.crl.CRLIssuerModel crlIssuerModel)	Constructor.

Method Summary

Modifier and Type	Method	Description
protected se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder	getBaseCertificateModelBuilder(se.swedenconnect.ca.engine.ca.models.cert.CertNameModel<?> subject, PublicKey subjectPublicKey, org.bouncycastle.cert.X509CertificateHolder issuerCertificate, se.swedenconnect.ca.engine.ca.issuer.CertificateIssuerModel certificateIssuerModel)
String	getCaAlgorithm()
se.swedenconnect.ca.engine.ca.issuer.CertificateIssuer	getCertificateIssuer()
List<String>	getCrlDpURLs()
protected se.swedenconnect.ca.engine.revocation.crl.CRLIssuer	getCrlIssuer()
se.swedenconnect.ca.engine.revocation.ocsp.OCSPResponder	getOCSPResponder()
org.bouncycastle.cert.X509CertificateHolder	getOCSPResponderCertificate()
String	getOCSPResponderURL()
void	setOcspResponder(se.swedenconnect.ca.engine.revocation.ocsp.OCSPResponder ocspResponder, String ocspResponderUrl, X509Certificate ocspResponderCertificate)	Assigns the OCSP responder for this CA service.
void	setProfileConfiguration(CertificateProfileConfiguration profileConfiguration)	Assigns the certificate profile to be adopted in issued certificates.

Methods inherited from class se.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService

getCaCertificate, getCACertificateChain, getCaRepository, getCertificateModelBuilder, getCurrentCrl, issueCertificate, publishNewCrl, revokeCertificate, revokeCertificate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

BasicCAService

public BasicCAService(@Nonnull
 PkiCredential caCredential,
 @Nonnull
 se.swedenconnect.ca.engine.ca.repository.CARepository caRepository,
 @Nonnull
 se.swedenconnect.ca.engine.ca.issuer.CertificateIssuerModel issuerModel,
 @Nullable
 se.swedenconnect.ca.engine.revocation.crl.CRLIssuerModel crlIssuerModel)
               throws NoSuchAlgorithmException,
CertificateException,
CRLException

Constructor.

Parameters:

caCredential - the CA credential (private key and certificates)

caRepository - repository for storing issued certificates

issuerModel - model for issuing certificates

crlIssuerModel - model for publishing CRL:s (optional)

Throws:

NoSuchAlgorithmException - algorithm is not supported

CertificateException - for certificate errors

CRLException - if a CRL cannot be published

Method Details

getCertificateIssuer

@Nonnull
public se.swedenconnect.ca.engine.ca.issuer.CertificateIssuer getCertificateIssuer()

Specified by:

getCertificateIssuer in class se.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>

getCrlIssuer

@Nullable
protected se.swedenconnect.ca.engine.revocation.crl.CRLIssuer getCrlIssuer()

Specified by:

getCrlIssuer in class se.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>

getCaAlgorithm

@Nonnull
public String getCaAlgorithm()

getCrlDpURLs

@Nonnull
public List<String> getCrlDpURLs()

getOCSPResponderCertificate

@Nullable
public org.bouncycastle.cert.X509CertificateHolder getOCSPResponderCertificate()

getOCSPResponderURL

@Nullable
public String getOCSPResponderURL()

getOCSPResponder

@Nullable
public se.swedenconnect.ca.engine.revocation.ocsp.OCSPResponder getOCSPResponder()

Specified by:

getOCSPResponder in interface se.swedenconnect.ca.engine.ca.issuer.CAService

Specified by:

getOCSPResponder in class se.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>

setOcspResponder

public void setOcspResponder(@Nonnull
 se.swedenconnect.ca.engine.revocation.ocsp.OCSPResponder ocspResponder,
 @Nonnull
 String ocspResponderUrl,
 @Nonnull
 X509Certificate ocspResponderCertificate)

Assigns the OCSP responder for this CA service.

Parameters:

ocspResponder - the OCSP responder implementation

ocspResponderUrl - the URL for sending requests to the OCSP responder

ocspResponderCertificate - the OCSP responder certificate

getBaseCertificateModelBuilder

protected se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder getBaseCertificateModelBuilder(@Nonnull
 se.swedenconnect.ca.engine.ca.models.cert.CertNameModel<?> subject,
 @Nonnull
 PublicKey subjectPublicKey,
 @Nullable
 org.bouncycastle.cert.X509CertificateHolder issuerCertificate,
 @Nonnull
 se.swedenconnect.ca.engine.ca.issuer.CertificateIssuerModel certificateIssuerModel)

Specified by:

getBaseCertificateModelBuilder in class se.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>

setProfileConfiguration

public void setProfileConfiguration(@Nullable
 CertificateProfileConfiguration profileConfiguration)

Assigns the certificate profile to be adopted in issued certificates.

Parameters:

profileConfiguration - certificate profile configuration