org.apache.sshd.common.config.keys

Class OpenSshCertificateImpl

java.lang.Object

org.apache.sshd.common.config.keys.OpenSshCertificateImpl

All Implemented Interfaces:

java.io.Serializable, java.security.Key, java.security.PrivateKey, java.security.PublicKey, javax.security.auth.Destroyable, OpenSshCertificate

public class OpenSshCertificateImpl
extends java.lang.Object
implements OpenSshCertificate

See Also:

Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from interface org.apache.sshd.common.config.keys.OpenSshCertificate

OpenSshCertificate.CertificateOption, OpenSshCertificate.Type

Field Summary

Fields

Modifier and Type	Field and Description
private java.security.PublicKey	caPubKey
private java.security.PublicKey	certificatePublicKey
private java.util.List<OpenSshCertificate.CertificateOption>	criticalOptions
private java.util.List<OpenSshCertificate.CertificateOption>	extensions
private java.lang.String	id
private java.lang.String	keyType
private byte[]	message
private byte[]	nonce
private java.util.Collection<java.lang.String>	principals
private java.lang.String	reserved
private long	serial
private static long	serialVersionUID
private byte[]	signature
private int	type
private long	validAfter
private long	validBefore

Fields inherited from interface org.apache.sshd.common.config.keys.OpenSshCertificate

INFINITY, MIN_EPOCH

Constructor Summary

Constructors

Constructor and Description
OpenSshCertificateImpl()

Method Summary

Modifier and Type	Method and Description
java.lang.String	getAlgorithm()
java.security.PublicKey	getCaPubKey() Retrieves the CA public key of this certificate.
java.security.PublicKey	getCertPubKey() Retrieves the certified public key.
java.util.List<OpenSshCertificate.CertificateOption>	getCriticalOptions() Retrieves the critical options set in the certificate.
byte[]	getEncoded()
java.util.List<OpenSshCertificate.CertificateOption>	getExtensions() Retrieves the extensions set in the certificate.
java.lang.String	getFormat()
java.lang.String	getId() Retrieves a free-form text set by the CA when the certificate was generated; intended to identify the identity principal in log message.
java.lang.String	getKeyType() Retrieves the SSH key type of this certificate.
byte[]	getMessage() Retrieves the raw byte content of the certificate, minus the signature.
byte[]	getNonce() Retrieves the nonce of this certificate.
java.util.Collection<java.lang.String>	getPrincipals() Retrieves the principals mentioned in the certificate.
java.lang.String	getRawKeyType() Retrieves the raw SSH key type of this certificate.
byte[]	getRawSignature() Retrieves the raw signature bytes, without the signature algorithm.
java.lang.String	getReserved() Retrieves the "reserved" field of the certificate.
long	getSerial() Retrieves the serial number of this certificate.
byte[]	getSignature() Retrieves the signature of the certificate, including the signature algorithm.
java.lang.String	getSignatureAlgorithm() Retrieves the signature algorithm used for the signature.
OpenSshCertificate.Type	getType() Retrieves the type of certificate.
long	getValidAfter() Retrieves the time in number of seconds since the Instant.EPOCH at which this certificate becomes or became valid.
long	getValidBefore() Retrieves the time in number of seconds since the Instant.EPOCH at which this certificate becomes or became invalid.
void	setCaPubKey(java.security.PublicKey caPubKey)
void	setCertPubKey(java.security.PublicKey certificatePublicKey)
void	setCriticalOptions(java.util.List<OpenSshCertificate.CertificateOption> criticalOptions)
void	setExtensions(java.util.List<OpenSshCertificate.CertificateOption> extensions)
void	setId(java.lang.String id)
void	setKeyType(java.lang.String keyType)
void	setMessage(byte[] message)
void	setNonce(byte[] nonce)
void	setPrincipals(java.util.Collection<java.lang.String> principals)
void	setReserved(java.lang.String reserved)
void	setSerial(long serial)
void	setSignature(byte[] signature)
void	setType(OpenSshCertificate.Type type)
void	setValidAfter(java.time.Instant validAfter) If null, uses OpenSshCertificate.MIN_EPOCH
void	setValidAfter(long validAfter)
void	setValidBefore(java.time.Instant validBefore) If null, uses OpenSshCertificate.INFINITY
void	setValidBefore(long validBefore)
private static java.lang.String	toDate(long timestamp)
java.lang.String	toString()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.apache.sshd.common.config.keys.OpenSshCertificate

isValidNow

Methods inherited from interface javax.security.auth.Destroyable

destroy, isDestroyed

Field Detail

serialVersionUID

private static final long serialVersionUID

See Also:

Constant Field Values

keyType

private java.lang.String keyType

nonce

private byte[] nonce

certificatePublicKey

private java.security.PublicKey certificatePublicKey

serial

private long serial

type

private int type

id

private java.lang.String id

principals

private java.util.Collection<java.lang.String> principals

validAfter

private long validAfter

validBefore

private long validBefore

criticalOptions

private java.util.List<OpenSshCertificate.CertificateOption> criticalOptions

extensions

private java.util.List<OpenSshCertificate.CertificateOption> extensions

reserved

private java.lang.String reserved

caPubKey

private java.security.PublicKey caPubKey

message

private byte[] message

signature

private byte[] signature

Constructor Detail

OpenSshCertificateImpl

public OpenSshCertificateImpl()

Method Detail

getRawKeyType

public java.lang.String getRawKeyType()

Description copied from interface: OpenSshCertificate

Retrieves the raw SSH key type of this certificate.

Specified by:

getRawKeyType in interface OpenSshCertificate

Returns:

the key type, for instance "ssh-rsa" for a "ssh-rsa-cert-v01@openssh.com" certificate

getNonce

public byte[] getNonce()

Description copied from interface: OpenSshCertificate

Retrieves the nonce of this certificate.

Specified by:

getNonce in interface OpenSshCertificate

Returns:

the nonce.

getKeyType

public java.lang.String getKeyType()

Description copied from interface: OpenSshCertificate

Retrieves the SSH key type of this certificate.

Specified by:

getKeyType in interface OpenSshCertificate

Returns:

the key type, for instance "ssh-rsa-cert-v01@openssh.com"

getCertPubKey

public java.security.PublicKey getCertPubKey()

Description copied from interface: OpenSshCertificate

Retrieves the certified public key.

Specified by:

getCertPubKey in interface OpenSshCertificate

Returns:

the PublicKey

getSerial

public long getSerial()

Description copied from interface: OpenSshCertificate

Retrieves the serial number of this certificate.

Specified by:

getSerial in interface OpenSshCertificate

Returns:

the serial number

getType

public OpenSshCertificate.Type getType()

Description copied from interface: OpenSshCertificate

Retrieves the type of certificate.

Specified by:

getType in interface OpenSshCertificate

Returns:

the OpenSshCertificate.Type

getId

public java.lang.String getId()

Description copied from interface: OpenSshCertificate

Retrieves a free-form text set by the CA when the certificate was generated; intended to identify the identity principal in log message.

Specified by:

getId in interface OpenSshCertificate

Returns:

the id; never null but may be empty.

getPrincipals

public java.util.Collection<java.lang.String> getPrincipals()

Description copied from interface: OpenSshCertificate

Retrieves the principals mentioned in the certificate.

Specified by:

getPrincipals in interface OpenSshCertificate

Returns:

the collection of principals, never null but possibly empty

getValidAfter

public long getValidAfter()

Description copied from interface: OpenSshCertificate

Retrieves the time in number of seconds since the Instant.EPOCH at which this certificate becomes or became valid.

Specified by:

getValidAfter in interface OpenSshCertificate

Returns:

the number of seconds since the Instant.EPOCH as an unsigned 64bit value

See Also:

OpenSshCertificate.isValidNow(OpenSshCertificate)

getValidBefore

public long getValidBefore()

Description copied from interface: OpenSshCertificate

Retrieves the time in number of seconds since the Instant.EPOCH at which this certificate becomes or became invalid.

Specified by:

getValidBefore in interface OpenSshCertificate

Returns:

the number of seconds since the Instant.EPOCH as an unsigned 64bit value

See Also:

OpenSshCertificate.isValidNow(OpenSshCertificate)

getCriticalOptions

public java.util.List<OpenSshCertificate.CertificateOption> getCriticalOptions()

Description copied from interface: OpenSshCertificate

Retrieves the critical options set in the certificate.

Specified by:

getCriticalOptions in interface OpenSshCertificate

Returns:

the critical options as a list, never null but possibly empty

getExtensions

public java.util.List<OpenSshCertificate.CertificateOption> getExtensions()

Description copied from interface: OpenSshCertificate

Retrieves the extensions set in the certificate.

Specified by:

getExtensions in interface OpenSshCertificate

Returns:

the extensions as a list, never null but possibly empty

getReserved

public java.lang.String getReserved()

Description copied from interface: OpenSshCertificate

Retrieves the "reserved" field of the certificate. OpenSSH currently doesn't use it and ignores it.

Specified by:

getReserved in interface OpenSshCertificate

Returns:

the "reserved" field.

getCaPubKey

public java.security.PublicKey getCaPubKey()

Description copied from interface: OpenSshCertificate

Retrieves the CA public key of this certificate.

Specified by:

getCaPubKey in interface OpenSshCertificate

Returns:

the PublicKey

getMessage

public byte[] getMessage()

Description copied from interface: OpenSshCertificate

Retrieves the raw byte content of the certificate, minus the signature. This is the data that was signed.

Specified by:

getMessage in interface OpenSshCertificate

Returns:

the part of the certificate raw data that was signed

getSignature

public byte[] getSignature()

Description copied from interface: OpenSshCertificate

Retrieves the signature of the certificate, including the signature algorithm.

Specified by:

getSignature in interface OpenSshCertificate

Returns:

the signature bytes

See Also:

OpenSshCertificate.getRawSignature()

getRawSignature

public byte[] getRawSignature()

Description copied from interface: OpenSshCertificate

Retrieves the raw signature bytes, without the signature algorithm.

Specified by:

getRawSignature in interface OpenSshCertificate

Returns:

the signature bytes

See Also:

OpenSshCertificate.getSignature()

getSignatureAlgorithm

public java.lang.String getSignatureAlgorithm()

Description copied from interface: OpenSshCertificate

Retrieves the signature algorithm used for the signature.

Specified by:

getSignatureAlgorithm in interface OpenSshCertificate

Returns:

the signature algorithm as recorded in the certificate

getAlgorithm

public java.lang.String getAlgorithm()

Specified by:

getAlgorithm in interface java.security.Key

getFormat

public java.lang.String getFormat()

Specified by:

getFormat in interface java.security.Key

getEncoded

public byte[] getEncoded()

Specified by:

getEncoded in interface java.security.Key

setKeyType

public void setKeyType(java.lang.String keyType)

setNonce

public void setNonce(byte[] nonce)

setCertPubKey

public void setCertPubKey(java.security.PublicKey certificatePublicKey)

setSerial

public void setSerial(long serial)

setType

public void setType(OpenSshCertificate.Type type)

setId

public void setId(java.lang.String id)

setPrincipals

public void setPrincipals(java.util.Collection<java.lang.String> principals)

setValidAfter

public void setValidAfter(long validAfter)

setValidAfter

public void setValidAfter(java.time.Instant validAfter)

If null, uses OpenSshCertificate.MIN_EPOCH

Parameters:

validAfter - Instant to use for validAfter

setValidBefore

public void setValidBefore(long validBefore)

setValidBefore

public void setValidBefore(java.time.Instant validBefore)

If null, uses OpenSshCertificate.INFINITY

Parameters:

validBefore - Instant to use for validBefore

setCriticalOptions

public void setCriticalOptions(java.util.List<OpenSshCertificate.CertificateOption> criticalOptions)

setExtensions

public void setExtensions(java.util.List<OpenSshCertificate.CertificateOption> extensions)

setReserved

public void setReserved(java.lang.String reserved)

setCaPubKey

public void setCaPubKey(java.security.PublicKey caPubKey)

setMessage

public void setMessage(byte[] message)

setSignature

public void setSignature(byte[] signature)

toDate

private static java.lang.String toDate(long timestamp)

toString

public java.lang.String toString()

Overrides:

toString in class java.lang.Object