Package org.opensaml.security.x509
Class BasicX509Credential
- java.lang.Object
-
- org.opensaml.security.credential.AbstractCredential
-
- org.opensaml.security.credential.BasicCredential
-
- org.opensaml.security.x509.BasicX509Credential
-
- All Implemented Interfaces:
Credential
,MutableCredential
,X509Credential
public class BasicX509Credential extends BasicCredential implements X509Credential
A basic implementation ofX509Credential
.
-
-
Field Summary
Fields Modifier and Type Field Description private Collection<X509CRL>
crls
CRLs for this credential.private X509Certificate
entityCert
Entity certificate.private Collection<X509Certificate>
entityCertChain
Entity certificate chain, must include entity certificate.
-
Constructor Summary
Constructors Constructor Description BasicX509Credential(X509Certificate entityCertificate)
Constructor.BasicX509Credential(X509Certificate entityCertificate, PrivateKey privateKey)
Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description Class<? extends Credential>
getCredentialType()
Get the primary type of the credential instance.Collection<X509CRL>
getCRLs()
Gets a collection of CRLs associated with the credential.X509Certificate
getEntityCertificate()
Gets the public key certificate for the entity.Collection<X509Certificate>
getEntityCertificateChain()
Gets an immutable collection of certificates in the entity's trust chain.PublicKey
getPublicKey()
Gets the public key for the entity.SecretKey
getSecretKey()
This operation is unsupported for X.509 credentials.void
setCRLs(Collection<X509CRL> newCRLs)
Sets the CRLs for this credential.void
setEntityCertificate(X509Certificate newEntityCertificate)
Sets the entity certificate for this credential.void
setEntityCertificateChain(Collection<X509Certificate> newCertificateChain)
Sets the entity certificate chain for this credential.void
setPublicKey(PublicKey newPublicKey)
This operation is unsupported for X.509 credentials.void
setSecretKey(SecretKey newSecretKey)
This operation is unsupported for X.509 credentials.-
Methods inherited from class org.opensaml.security.credential.BasicCredential
setEntityId, setPrivateKey, setUsageType
-
Methods inherited from class org.opensaml.security.credential.AbstractCredential
getCredentialContextSet, getEntityId, getKeyNames, getPrivateKey, getUsageType
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.opensaml.security.credential.Credential
getCredentialContextSet, getEntityId, getKeyNames, getPrivateKey, getUsageType
-
-
-
-
Field Detail
-
entityCert
private X509Certificate entityCert
Entity certificate.
-
entityCertChain
private Collection<X509Certificate> entityCertChain
Entity certificate chain, must include entity certificate.
-
crls
private Collection<X509CRL> crls
CRLs for this credential.
-
-
Constructor Detail
-
BasicX509Credential
public BasicX509Credential(@Nonnull @ParameterName(name="entityCertificate") X509Certificate entityCertificate)
Constructor.- Parameters:
entityCertificate
- the credential entity certificate
-
BasicX509Credential
public BasicX509Credential(@Nonnull @ParameterName(name="entityCertificate") X509Certificate entityCertificate, @ParameterName(name="privateKey") @Nonnull PrivateKey privateKey)
Constructor.- Parameters:
entityCertificate
- the credential entity certificateprivateKey
- the credential private key
-
-
Method Detail
-
getCredentialType
@Nonnull public Class<? extends Credential> getCredentialType()
Get the primary type of the credential instance. This will usually be the primary sub-interface ofCredential
implemented by an implementation.- Specified by:
getCredentialType
in interfaceCredential
- Overrides:
getCredentialType
in classBasicCredential
- Returns:
- the credential type
-
getCRLs
@Nullable public Collection<X509CRL> getCRLs()
Gets a collection of CRLs associated with the credential.- Specified by:
getCRLs
in interfaceX509Credential
- Returns:
- CRLs associated with the credential
-
setCRLs
public void setCRLs(@Nullable Collection<X509CRL> newCRLs)
Sets the CRLs for this credential.- Parameters:
newCRLs
- CRLs for this credential
-
getEntityCertificate
@Nonnull public X509Certificate getEntityCertificate()
Gets the public key certificate for the entity. The public key of this certificate will be the same key obtained fromCredential.getPublicKey()
.- Specified by:
getEntityCertificate
in interfaceX509Credential
- Returns:
- the public key certificate for the entity
-
setEntityCertificate
public void setEntityCertificate(@Nonnull X509Certificate newEntityCertificate)
Sets the entity certificate for this credential.- Parameters:
newEntityCertificate
- entity certificate for this credential
-
getPublicKey
@Nonnull public PublicKey getPublicKey()
Gets the public key for the entity.- Specified by:
getPublicKey
in interfaceCredential
- Overrides:
getPublicKey
in classAbstractCredential
- Returns:
- public key for the entity
-
setPublicKey
public void setPublicKey(PublicKey newPublicKey)
This operation is unsupported for X.509 credentials. The public key will be retrieved automatically from the entity certificate.- Specified by:
setPublicKey
in interfaceMutableCredential
- Overrides:
setPublicKey
in classBasicCredential
- Parameters:
newPublicKey
- not supported
-
getEntityCertificateChain
@Nonnull public Collection<X509Certificate> getEntityCertificateChain()
Gets an immutable collection of certificates in the entity's trust chain. The entity certificate is contained within this list. No specific ordering of the certificates is guaranteed.- Specified by:
getEntityCertificateChain
in interfaceX509Credential
- Returns:
- entities certificate chain
-
setEntityCertificateChain
public void setEntityCertificateChain(@Nonnull Collection<X509Certificate> newCertificateChain)
Sets the entity certificate chain for this credential. This MUST include the entity certificate.- Parameters:
newCertificateChain
- entity certificate chain for this credential
-
getSecretKey
@Nullable public SecretKey getSecretKey()
This operation is unsupported for X.509 credentials.- Specified by:
getSecretKey
in interfaceCredential
- Overrides:
getSecretKey
in classAbstractCredential
- Returns:
- null
-
setSecretKey
public void setSecretKey(SecretKey newSecretKey)
This operation is unsupported for X.509 credentials.- Specified by:
setSecretKey
in interfaceMutableCredential
- Overrides:
setSecretKey
in classBasicCredential
- Parameters:
newSecretKey
- unsupported
-
-