Class OpenSshCertificateImpl
- java.lang.Object
-
- org.apache.sshd.common.config.keys.OpenSshCertificateImpl
-
- All Implemented Interfaces:
Serializable,Key,PrivateKey,PublicKey,Destroyable,OpenSshCertificate
public class OpenSshCertificateImpl extends Object implements OpenSshCertificate
- Author:
- Apache MINA SSHD Project
- See Also:
- Serialized Form
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.apache.sshd.common.config.keys.OpenSshCertificate
OpenSshCertificate.CertificateOption, OpenSshCertificate.Type
-
-
Field Summary
-
Fields inherited from interface org.apache.sshd.common.config.keys.OpenSshCertificate
INFINITY, MIN_EPOCH
-
-
Constructor Summary
Constructors Constructor Description OpenSshCertificateImpl()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description StringgetAlgorithm()PublicKeygetCaPubKey()Retrieves the CA public key of this certificate.PublicKeygetCertPubKey()Retrieves the certified public key.List<OpenSshCertificate.CertificateOption>getCriticalOptions()Retrieves the critical options set in the certificate.byte[]getEncoded()List<OpenSshCertificate.CertificateOption>getExtensions()Retrieves the extensions set in the certificate.StringgetFormat()StringgetId()Retrieves a free-form text set by the CA when the certificate was generated; intended to identify the identity principal in log message.StringgetKeyType()Retrieves the SSH key type of this certificate.byte[]getMessage()Retrieves the raw byte content of the certificate, minus the signature.byte[]getNonce()Retrieves the nonce of this certificate.Collection<String>getPrincipals()Retrieves the principals mentioned in the certificate.StringgetRawKeyType()Retrieves the raw SSH key type of this certificate.byte[]getRawSignature()Retrieves the raw signature bytes, without the signature algorithm.StringgetReserved()Retrieves the "reserved" field of the certificate.longgetSerial()Retrieves the serial number of this certificate.byte[]getSignature()Retrieves the signature of the certificate, including the signature algorithm.StringgetSignatureAlgorithm()Retrieves the signature algorithm used for the signature.OpenSshCertificate.TypegetType()Retrieves the type of certificate.longgetValidAfter()Retrieves the time in number of seconds since theInstant.EPOCHat which this certificate becomes or became valid.longgetValidBefore()Retrieves the time in number of seconds since theInstant.EPOCHat which this certificate becomes or became invalid.voidsetCaPubKey(PublicKey caPubKey)voidsetCertPubKey(PublicKey certificatePublicKey)voidsetCriticalOptions(List<OpenSshCertificate.CertificateOption> criticalOptions)voidsetExtensions(List<OpenSshCertificate.CertificateOption> extensions)voidsetId(String id)voidsetKeyType(String keyType)voidsetMessage(byte[] message)voidsetNonce(byte[] nonce)voidsetPrincipals(Collection<String> principals)voidsetReserved(String reserved)voidsetSerial(long serial)voidsetSignature(byte[] signature)voidsetType(OpenSshCertificate.Type type)voidsetValidAfter(long validAfter)voidsetValidAfter(Instant validAfter)If null, usesOpenSshCertificate.MIN_EPOCHvoidsetValidBefore(long validBefore)voidsetValidBefore(Instant validBefore)If null, usesOpenSshCertificate.INFINITYStringtoString()-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface javax.security.auth.Destroyable
destroy, isDestroyed
-
-
-
-
Method Detail
-
getRawKeyType
public String getRawKeyType()
Description copied from interface:OpenSshCertificateRetrieves the raw SSH key type of this certificate.- Specified by:
getRawKeyTypein interfaceOpenSshCertificate- Returns:
- the key type, for instance "ssh-rsa" for a "ssh-rsa-cert-v01@openssh.com" certificate
-
getNonce
public byte[] getNonce()
Description copied from interface:OpenSshCertificateRetrieves the nonce of this certificate.- Specified by:
getNoncein interfaceOpenSshCertificate- Returns:
- the nonce.
-
getKeyType
public String getKeyType()
Description copied from interface:OpenSshCertificateRetrieves the SSH key type of this certificate.- Specified by:
getKeyTypein interfaceOpenSshCertificate- Returns:
- the key type, for instance "ssh-rsa-cert-v01@openssh.com"
-
getCertPubKey
public PublicKey getCertPubKey()
Description copied from interface:OpenSshCertificateRetrieves the certified public key.- Specified by:
getCertPubKeyin interfaceOpenSshCertificate- Returns:
- the
PublicKey
-
getSerial
public long getSerial()
Description copied from interface:OpenSshCertificateRetrieves the serial number of this certificate.- Specified by:
getSerialin interfaceOpenSshCertificate- Returns:
- the serial number
-
getType
public OpenSshCertificate.Type getType()
Description copied from interface:OpenSshCertificateRetrieves the type of certificate.- Specified by:
getTypein interfaceOpenSshCertificate- Returns:
- the
OpenSshCertificate.Type
-
getId
public String getId()
Description copied from interface:OpenSshCertificateRetrieves a free-form text set by the CA when the certificate was generated; intended to identify the identity principal in log message.- Specified by:
getIdin interfaceOpenSshCertificate- Returns:
- the id; never
nullbut may be empty.
-
getPrincipals
public Collection<String> getPrincipals()
Description copied from interface:OpenSshCertificateRetrieves the principals mentioned in the certificate.- Specified by:
getPrincipalsin interfaceOpenSshCertificate- Returns:
- the collection of principals, never
nullbut possibly empty
-
getValidAfter
public long getValidAfter()
Description copied from interface:OpenSshCertificateRetrieves the time in number of seconds since theInstant.EPOCHat which this certificate becomes or became valid.- Specified by:
getValidAfterin interfaceOpenSshCertificate- Returns:
- the number of seconds since the
Instant.EPOCHas an unsigned 64bit value - See Also:
OpenSshCertificate.isValidNow(OpenSshCertificate)
-
getValidBefore
public long getValidBefore()
Description copied from interface:OpenSshCertificateRetrieves the time in number of seconds since theInstant.EPOCHat which this certificate becomes or became invalid.- Specified by:
getValidBeforein interfaceOpenSshCertificate- Returns:
- the number of seconds since the
Instant.EPOCHas an unsigned 64bit value - See Also:
OpenSshCertificate.isValidNow(OpenSshCertificate)
-
getCriticalOptions
public List<OpenSshCertificate.CertificateOption> getCriticalOptions()
Description copied from interface:OpenSshCertificateRetrieves the critical options set in the certificate.- Specified by:
getCriticalOptionsin interfaceOpenSshCertificate- Returns:
- the critical options as a list, never
nullbut possibly empty
-
getExtensions
public List<OpenSshCertificate.CertificateOption> getExtensions()
Description copied from interface:OpenSshCertificateRetrieves the extensions set in the certificate.- Specified by:
getExtensionsin interfaceOpenSshCertificate- Returns:
- the extensions as a list, never
nullbut possibly empty
-
getReserved
public String getReserved()
Description copied from interface:OpenSshCertificateRetrieves the "reserved" field of the certificate. OpenSSH currently doesn't use it and ignores it.- Specified by:
getReservedin interfaceOpenSshCertificate- Returns:
- the "reserved" field.
-
getCaPubKey
public PublicKey getCaPubKey()
Description copied from interface:OpenSshCertificateRetrieves the CA public key of this certificate.- Specified by:
getCaPubKeyin interfaceOpenSshCertificate- Returns:
- the
PublicKey
-
getMessage
public byte[] getMessage()
Description copied from interface:OpenSshCertificateRetrieves the raw byte content of the certificate, minus the signature. This is the data that was signed.- Specified by:
getMessagein interfaceOpenSshCertificate- Returns:
- the part of the certificate raw data that was signed
-
getSignature
public byte[] getSignature()
Description copied from interface:OpenSshCertificateRetrieves the signature of the certificate, including the signature algorithm.- Specified by:
getSignaturein interfaceOpenSshCertificate- Returns:
- the signature bytes
- See Also:
OpenSshCertificate.getRawSignature()
-
getRawSignature
public byte[] getRawSignature()
Description copied from interface:OpenSshCertificateRetrieves the raw signature bytes, without the signature algorithm.- Specified by:
getRawSignaturein interfaceOpenSshCertificate- Returns:
- the signature bytes
- See Also:
OpenSshCertificate.getSignature()
-
getSignatureAlgorithm
public String getSignatureAlgorithm()
Description copied from interface:OpenSshCertificateRetrieves the signature algorithm used for the signature.- Specified by:
getSignatureAlgorithmin interfaceOpenSshCertificate- Returns:
- the signature algorithm as recorded in the certificate
-
getAlgorithm
public String getAlgorithm()
- Specified by:
getAlgorithmin interfaceKey
-
getEncoded
public byte[] getEncoded()
- Specified by:
getEncodedin interfaceKey
-
setKeyType
public void setKeyType(String keyType)
-
setNonce
public void setNonce(byte[] nonce)
-
setCertPubKey
public void setCertPubKey(PublicKey certificatePublicKey)
-
setSerial
public void setSerial(long serial)
-
setType
public void setType(OpenSshCertificate.Type type)
-
setId
public void setId(String id)
-
setPrincipals
public void setPrincipals(Collection<String> principals)
-
setValidAfter
public void setValidAfter(long validAfter)
-
setValidAfter
public void setValidAfter(Instant validAfter)
If null, usesOpenSshCertificate.MIN_EPOCH- Parameters:
validAfter-Instantto use for validAfter
-
setValidBefore
public void setValidBefore(long validBefore)
-
setValidBefore
public void setValidBefore(Instant validBefore)
If null, usesOpenSshCertificate.INFINITY- Parameters:
validBefore-Instantto use for validBefore
-
setCriticalOptions
public void setCriticalOptions(List<OpenSshCertificate.CertificateOption> criticalOptions)
-
setExtensions
public void setExtensions(List<OpenSshCertificate.CertificateOption> extensions)
-
setReserved
public void setReserved(String reserved)
-
setCaPubKey
public void setCaPubKey(PublicKey caPubKey)
-
setMessage
public void setMessage(byte[] message)
-
setSignature
public void setSignature(byte[] signature)
-
-