Package org.dogtagpki.nss
Class NSSDatabase
java.lang.Object
org.dogtagpki.nss.NSSDatabase
- Author:
- Endi S. Dewata
-
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionNSSDatabase
(File directory) NSSDatabase
(String directory) NSSDatabase
(Path path) -
Method Summary
Modifier and TypeMethodDescriptionvoid
addAIAExtension
(List<String> cmd, PrintWriter stdin, org.mozilla.jss.netscape.security.extensions.AuthInfoAccessExtension extension) This method provides the arguments and the standard input for certutil to create a cert/CSR with AIA extension.void
addAKIDExtension
(List<String> cmd, PrintWriter stdin, org.mozilla.jss.netscape.security.x509.AuthorityKeyIdentifierExtension extension) This method provides the arguments and the standard input for certutil to create a cert/CSR with AKID extension.void
addBasicConstraintsExtension
(List<String> cmd, PrintWriter stdin, org.mozilla.jss.netscape.security.x509.BasicConstraintsExtension extension) This method provides the arguments and the standard input for certutil to create a cert/CSR with basic constraints extension.void
addCertificate
(String tokenName, String nickname, org.mozilla.jss.netscape.security.x509.X509CertImpl certImpl, String trustFlags) void
addCertificate
(String nickname, org.mozilla.jss.netscape.security.x509.X509CertImpl certImpl, String trustFlags) org.mozilla.jss.crypto.X509Certificate
addCertificate
(X509Certificate cert, String trustFlags) void
addCertificatePoliciesExtension
(List<String> cmd, PrintWriter stdin, org.mozilla.jss.netscape.security.x509.CertificatePoliciesExtension extension) This method provides the arguments and the standard input for certutil to create a cert/CSR with certificate policies extension.void
addExtendedKeyUsageExtension
(List<String> cmd, org.mozilla.jss.netscape.security.extensions.ExtendedKeyUsageExtension extension) This method provides the arguments for certutil to create a cert/CSR with extended key usage extension.void
addExtensions
(List<String> cmd, StringWriter sw, org.mozilla.jss.netscape.security.x509.Extensions extensions, Path tmpDir) void
addKeyUsageExtension
(List<String> cmd, org.mozilla.jss.netscape.security.x509.KeyUsageExtension extension) This method provides the arguments for certutil to create a cert/CSR with key usage extension.void
void
addOCSPNoCheckExtension
(List<String> cmd, PrintWriter stdin, org.mozilla.jss.netscape.security.extensions.OCSPNoCheckExtension extension, Path tmpDir) This method provides the arguments and the standard input for certutil to create a cert/CSR with OCSP No Check extension.org.mozilla.jss.crypto.X509Certificate
addPEMCertificate
(String filename, String trustFlags) void
addPEMCertificate
(String nickname, String filename, String trustFlags) void
addPEMCertificate
(String tokenName, String nickname, String filename, String trustFlags) void
addSKIDExtension
(List<String> cmd, PrintWriter stdin, org.mozilla.jss.netscape.security.x509.SubjectKeyIdentifierExtension extension) This method provides the arguments and the standard input for certutil to create a cert/CSR with SKID extension.void
create()
void
void
createCertificate
(String tokenName, org.mozilla.jss.netscape.security.x509.X509Key x509Key, org.mozilla.jss.netscape.security.x509.X500Name subjectName, org.mozilla.jss.crypto.X509Certificate issuer, String serialNumber, int validityLength, int validityUnit, String hash, org.mozilla.jss.netscape.security.x509.Extensions extensions) createCertificate
(org.mozilla.jss.netscape.security.x509.X509Key x509Key, org.mozilla.jss.netscape.security.x509.X500Name subjectName, org.mozilla.jss.crypto.X509Certificate issuer, int validityLength, int validityUnit, String hash, org.mozilla.jss.netscape.security.x509.Extensions extensions) createCertificate
(org.mozilla.jss.netscape.security.x509.X509Key x509Key, org.mozilla.jss.netscape.security.x509.X500Name subjectName, org.mozilla.jss.crypto.X509Certificate issuer, String serialNumber, int validityLength, int validityUnit, String hash, org.mozilla.jss.netscape.security.x509.Extensions extensions) org.mozilla.jss.asn1.SEQUENCE
createCRMFRequest
(org.mozilla.jss.crypto.CryptoToken token, KeyPair keyPair, org.mozilla.jss.pkix.primitive.Name subject, org.mozilla.jss.crypto.X509Certificate transportCert, org.mozilla.jss.crypto.SignatureAlgorithm signatureAlgorithm, Boolean withPop, org.mozilla.jss.crypto.KeyWrapAlgorithm keyWrapAlgorithm, boolean useOAEP, org.mozilla.jss.netscape.security.x509.Extensions extensions) createECKeyPair
(org.mozilla.jss.crypto.CryptoToken token, String curveName, boolean sslECDH) createECKeyPair
(org.mozilla.jss.crypto.CryptoToken token, String curveName, boolean sslECDH, Boolean temporary, Boolean sensitive, Boolean extractable) createECKeyPair
(org.mozilla.jss.crypto.CryptoToken token, String curveName, Boolean temporary, Boolean sensitive, Boolean extractable, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usagesMask) org.mozilla.jss.netscape.security.pkcs.PKCS10
createPKCS10Request
(KeyPair keyPair, String subject, boolean encodingEnabled, String hash, org.mozilla.jss.netscape.security.x509.Extensions extensions) createRSAKeyPair
(org.mozilla.jss.crypto.CryptoToken token, int keySize, boolean keyWrap) createRSAKeyPair
(org.mozilla.jss.crypto.CryptoToken token, int keySize, boolean keyWrap, Boolean temporary, Boolean sensitive, Boolean extractable) createRSAKeyPair
(org.mozilla.jss.crypto.CryptoToken token, int keySize, Boolean temporary, Boolean sensitive, Boolean extractable, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usagesMask) org.mozilla.jss.crypto.SymmetricKey
createSymmetricKey
(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.KeyGenAlgorithm algorithm, int keySize, org.mozilla.jss.crypto.SymmetricKey.Usage[] usages, boolean temporary, Boolean sensitive) void
debug
(Collection<String> command) void
delete()
boolean
exists()
getPath()
loadKeyPair
(org.mozilla.jss.crypto.CryptoToken token, byte[] keyID) boolean
moduleExists
(String name) void
readStderr
(Process process) void
readStdout
(Process process) void
setDirectory
(File directory) void
setPasswordStore
(PasswordStore passwordStore) void
static int
validityUnitFromString
(String validityUnit) static String
validityUnitToString
(int validityUnit) void
writeStdin
(Process process, String input)
-
Field Details
-
logger
public static org.slf4j.Logger logger
-
-
Constructor Details
-
NSSDatabase
public NSSDatabase() -
NSSDatabase
-
NSSDatabase
-
NSSDatabase
-
-
Method Details
-
getPath
-
setPath
-
getDirectory
-
setDirectory
-
getPasswordStore
-
setPasswordStore
-
exists
public boolean exists() -
create
- Throws:
Exception
-
create
- Throws:
Exception
-
create
- Throws:
Exception
-
moduleExists
- Throws:
Exception
-
addModule
- Throws:
Exception
-
addCertificate
public org.mozilla.jss.crypto.X509Certificate addCertificate(X509Certificate cert, String trustFlags) throws Exception - Throws:
Exception
-
addPEMCertificate
public org.mozilla.jss.crypto.X509Certificate addPEMCertificate(String filename, String trustFlags) throws Exception - Throws:
Exception
-
addCertificate
public void addCertificate(String nickname, org.mozilla.jss.netscape.security.x509.X509CertImpl certImpl, String trustFlags) throws Exception - Throws:
Exception
-
addCertificate
public void addCertificate(String tokenName, String nickname, org.mozilla.jss.netscape.security.x509.X509CertImpl certImpl, String trustFlags) throws Exception - Throws:
Exception
-
addPEMCertificate
- Throws:
Exception
-
addPEMCertificate
public void addPEMCertificate(String tokenName, String nickname, String filename, String trustFlags) throws Exception - Throws:
Exception
-
addBasicConstraintsExtension
public void addBasicConstraintsExtension(List<String> cmd, PrintWriter stdin, org.mozilla.jss.netscape.security.x509.BasicConstraintsExtension extension) throws Exception This method provides the arguments and the standard input for certutil to create a cert/CSR with basic constraints extension.- Parameters:
cmd
- certutil command and argumentsstdin
- certutil's standard inputextension
- The extension to add- Throws:
Exception
-
addAKIDExtension
public void addAKIDExtension(List<String> cmd, PrintWriter stdin, org.mozilla.jss.netscape.security.x509.AuthorityKeyIdentifierExtension extension) throws Exception This method provides the arguments and the standard input for certutil to create a cert/CSR with AKID extension.- Parameters:
cmd
- certutil command and argumentsstdin
- certutil's standard inputextension
- The extension to add- Throws:
Exception
-
addSKIDExtension
public void addSKIDExtension(List<String> cmd, PrintWriter stdin, org.mozilla.jss.netscape.security.x509.SubjectKeyIdentifierExtension extension) throws Exception This method provides the arguments and the standard input for certutil to create a cert/CSR with SKID extension.- Parameters:
cmd
- certutil command and argumentsstdin
- certutil's standard inputextension
- The extension to add- Throws:
Exception
-
addAIAExtension
public void addAIAExtension(List<String> cmd, PrintWriter stdin, org.mozilla.jss.netscape.security.extensions.AuthInfoAccessExtension extension) throws Exception This method provides the arguments and the standard input for certutil to create a cert/CSR with AIA extension.- Parameters:
cmd
- certutil command and argumentsstdin
- certutil's standard inputextension
- The extension to add- Throws:
Exception
-
addKeyUsageExtension
public void addKeyUsageExtension(List<String> cmd, org.mozilla.jss.netscape.security.x509.KeyUsageExtension extension) throws Exception This method provides the arguments for certutil to create a cert/CSR with key usage extension.- Parameters:
cmd
- certutil command and argumentsextension
- The extension to add- Throws:
Exception
-
addExtendedKeyUsageExtension
public void addExtendedKeyUsageExtension(List<String> cmd, org.mozilla.jss.netscape.security.extensions.ExtendedKeyUsageExtension extension) throws Exception This method provides the arguments for certutil to create a cert/CSR with extended key usage extension.- Parameters:
cmd
- certutil command and argumentsextension
- The extension to add- Throws:
Exception
-
addCertificatePoliciesExtension
public void addCertificatePoliciesExtension(List<String> cmd, PrintWriter stdin, org.mozilla.jss.netscape.security.x509.CertificatePoliciesExtension extension) throws Exception This method provides the arguments and the standard input for certutil to create a cert/CSR with certificate policies extension.- Parameters:
cmd
- certutil command and argumentsstdin
- certutil's standard inputextension
- The extension to add- Throws:
Exception
-
addOCSPNoCheckExtension
public void addOCSPNoCheckExtension(List<String> cmd, PrintWriter stdin, org.mozilla.jss.netscape.security.extensions.OCSPNoCheckExtension extension, Path tmpDir) throws Exception This method provides the arguments and the standard input for certutil to create a cert/CSR with OCSP No Check extension.- Parameters:
cmd
- certutil command and argumentsstdin
- certutil's standard inputextension
- The extension to addtmpDir
- Temporary directory to store extension value- Throws:
Exception
-
addExtensions
public void addExtensions(List<String> cmd, StringWriter sw, org.mozilla.jss.netscape.security.x509.Extensions extensions, Path tmpDir) throws Exception - Throws:
Exception
-
loadKeyPair
- Throws:
Exception
-
createRSAKeyPair
public KeyPair createRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token, int keySize, Boolean temporary, Boolean sensitive, Boolean extractable, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usagesMask) throws Exception - Throws:
Exception
-
createRSAKeyPair
public KeyPair createRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token, int keySize, boolean keyWrap, Boolean temporary, Boolean sensitive, Boolean extractable) throws Exception - Throws:
Exception
-
createRSAKeyPair
public KeyPair createRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token, int keySize, boolean keyWrap) throws Exception - Throws:
Exception
-
createECKeyPair
public KeyPair createECKeyPair(org.mozilla.jss.crypto.CryptoToken token, String curveName, Boolean temporary, Boolean sensitive, Boolean extractable, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages, org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usagesMask) throws Exception - Throws:
Exception
-
createECKeyPair
public KeyPair createECKeyPair(org.mozilla.jss.crypto.CryptoToken token, String curveName, boolean sslECDH) throws Exception - Throws:
Exception
-
createECKeyPair
public KeyPair createECKeyPair(org.mozilla.jss.crypto.CryptoToken token, String curveName, boolean sslECDH, Boolean temporary, Boolean sensitive, Boolean extractable) throws Exception - Throws:
Exception
-
createSymmetricKey
public org.mozilla.jss.crypto.SymmetricKey createSymmetricKey(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.KeyGenAlgorithm algorithm, int keySize, org.mozilla.jss.crypto.SymmetricKey.Usage[] usages, boolean temporary, Boolean sensitive) throws Exception - Throws:
Exception
-
createPKCS10Request
public org.mozilla.jss.netscape.security.pkcs.PKCS10 createPKCS10Request(KeyPair keyPair, String subject, boolean encodingEnabled, String hash, org.mozilla.jss.netscape.security.x509.Extensions extensions) throws Exception - Throws:
Exception
-
createCRMFRequest
public org.mozilla.jss.asn1.SEQUENCE createCRMFRequest(org.mozilla.jss.crypto.CryptoToken token, KeyPair keyPair, org.mozilla.jss.pkix.primitive.Name subject, org.mozilla.jss.crypto.X509Certificate transportCert, org.mozilla.jss.crypto.SignatureAlgorithm signatureAlgorithm, Boolean withPop, org.mozilla.jss.crypto.KeyWrapAlgorithm keyWrapAlgorithm, boolean useOAEP, org.mozilla.jss.netscape.security.x509.Extensions extensions) throws Exception - Throws:
Exception
-
validityUnitFromString
- Throws:
Exception
-
validityUnitToString
- Throws:
Exception
-
createCertificate
public X509Certificate createCertificate(org.mozilla.jss.netscape.security.x509.X509Key x509Key, org.mozilla.jss.netscape.security.x509.X500Name subjectName, org.mozilla.jss.crypto.X509Certificate issuer, int validityLength, int validityUnit, String hash, org.mozilla.jss.netscape.security.x509.Extensions extensions) throws Exception - Throws:
Exception
-
createCertificate
public X509Certificate createCertificate(org.mozilla.jss.netscape.security.x509.X509Key x509Key, org.mozilla.jss.netscape.security.x509.X500Name subjectName, org.mozilla.jss.crypto.X509Certificate issuer, String serialNumber, int validityLength, int validityUnit, String hash, org.mozilla.jss.netscape.security.x509.Extensions extensions) throws Exception - Throws:
Exception
-
createCertificate
public X509Certificate createCertificate(String tokenName, org.mozilla.jss.netscape.security.x509.X509Key x509Key, org.mozilla.jss.netscape.security.x509.X500Name subjectName, org.mozilla.jss.crypto.X509Certificate issuer, String serialNumber, int validityLength, int validityUnit, String hash, org.mozilla.jss.netscape.security.x509.Extensions extensions) throws Exception - Throws:
Exception
-
delete
- Throws:
Exception
-
debug
-
readStdout
-
readStderr
-
writeStdin
- Throws:
Exception
-