Class OpensslTrustAnchorStoreImpl
- java.lang.Object
-
- eu.emi.security.authn.x509.helpers.trust.AbstractTrustAnchorStore
-
- eu.emi.security.authn.x509.helpers.trust.TimedTrustAnchorStoreBase
-
- eu.emi.security.authn.x509.helpers.trust.DirectoryTrustAnchorStore
-
- eu.emi.security.authn.x509.helpers.trust.OpensslTrustAnchorStoreImpl
-
- All Implemented Interfaces:
OpensslTrustAnchorStore,TrustAnchorStore
public class OpensslTrustAnchorStoreImpl extends DirectoryTrustAnchorStore implements OpensslTrustAnchorStore
Implementation of the truststore which uses CA certificates from a single directory in OpenSSL format. Each certificate should be stored in a file named HASH.NUM, where HASH is an 8 digit hex number. The NUM must be a number, starting from 0. The hash can be either of openssl pre 1.0.0 version (with 8 least significant digits of the MD5 hash of the certificate subject in DER format) or in openssl 1.0.0 and above format (SHA1 hash of specially normalized DN). The class is configured to use one or another, never both.This class is extending the
DirectoryTrustAnchorStoreand restricts the certificates which are loaded.- Author:
- K. Benedyczak
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringCERT_WILDCARD-
Fields inherited from class eu.emi.security.authn.x509.helpers.trust.DirectoryTrustAnchorStore
anchors, encoding
-
Fields inherited from class eu.emi.security.authn.x509.helpers.trust.AbstractTrustAnchorStore
observers
-
-
Constructor Summary
Constructors Constructor Description OpensslTrustAnchorStoreImpl(java.lang.String basePath, java.util.Timer t, long updateInterval, boolean loadGlobusNs, boolean loadEuGridPmaNs, ObserversHandler observers, boolean openssl1Mode)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description NamespacesStoregetGlobusNsStore()NamespacesStoregetPmaNsStore()protected voidreloadCerts(java.util.Collection<java.net.URL> locations)For all URLs tries to load a CA cert and namespacesprotected booleantryLoadCert(java.net.URL location, java.util.Set<TrustAnchorExt> tmpAnchors)-
Methods inherited from class eu.emi.security.authn.x509.helpers.trust.DirectoryTrustAnchorStore
getCacheDir, getConnTimeout, getEncoding, getLocations, getTrustAnchors, getTrustedCertificates, loadCerts, update
-
Methods inherited from class eu.emi.security.authn.x509.helpers.trust.TimedTrustAnchorStoreBase
dispose, scheduleUpdate, setUpdateInterval
-
Methods inherited from class eu.emi.security.authn.x509.helpers.trust.AbstractTrustAnchorStore
checkValidity, getUpdateInterval
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface eu.emi.security.authn.x509.helpers.trust.TrustAnchorStore
dispose, getTrustAnchors, getTrustedCertificates, getUpdateInterval, setUpdateInterval
-
-
-
-
Field Detail
-
CERT_WILDCARD
public static final java.lang.String CERT_WILDCARD
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
OpensslTrustAnchorStoreImpl
public OpensslTrustAnchorStoreImpl(java.lang.String basePath, java.util.Timer t, long updateInterval, boolean loadGlobusNs, boolean loadEuGridPmaNs, ObserversHandler observers, boolean openssl1Mode)
-
-
Method Detail
-
reloadCerts
protected void reloadCerts(java.util.Collection<java.net.URL> locations)
For all URLs tries to load a CA cert and namespaces- Overrides:
reloadCertsin classDirectoryTrustAnchorStore- Parameters:
locations- a collection of URLs
-
tryLoadCert
protected boolean tryLoadCert(java.net.URL location, java.util.Set<TrustAnchorExt> tmpAnchors)
-
getPmaNsStore
public NamespacesStore getPmaNsStore()
- Specified by:
getPmaNsStorein interfaceOpensslTrustAnchorStore
-
getGlobusNsStore
public NamespacesStore getGlobusNsStore()
- Specified by:
getGlobusNsStorein interfaceOpensslTrustAnchorStore
-
-