eu.emi.security.authn.x509.helpers.trust
Class OpensslTrustAnchorStoreImpl

java.lang.Object
  extended by eu.emi.security.authn.x509.helpers.trust.AbstractTrustAnchorStore
      extended by eu.emi.security.authn.x509.helpers.trust.TimedTrustAnchorStoreBase
          extended by eu.emi.security.authn.x509.helpers.trust.DirectoryTrustAnchorStore
              extended by eu.emi.security.authn.x509.helpers.trust.OpensslTrustAnchorStoreImpl
All Implemented Interfaces:
OpensslTrustAnchorStore, TrustAnchorStore

public class OpensslTrustAnchorStoreImpl
extends DirectoryTrustAnchorStore
implements OpensslTrustAnchorStore

Implementation of the truststore which uses CA certificates from a single directory in OpenSSL format. Each certificate should be stored in a file named HASH.NUM, where HASH is an 8 digit hex number. The NUM must be a number, starting from 0. The hash can be either of openssl pre 1.0.0 version (with 8 least significant digits of the MD5 hash of the certificate subject in DER format) or in openssl 1.0.0 and above format (SHA1 hash of specially normalized DN). The class is configured to use one or another, never both.

This class is extending the DirectoryTrustAnchorStore and restricts the certificates which are loaded.

Author:
K. Benedyczak

Field Summary
static String CERT_WILDCARD
           
 
Fields inherited from class eu.emi.security.authn.x509.helpers.trust.DirectoryTrustAnchorStore
anchors, encoding, locations2anchors
 
Fields inherited from class eu.emi.security.authn.x509.helpers.trust.AbstractTrustAnchorStore
observers, updateInterval
 
Constructor Summary
OpensslTrustAnchorStoreImpl(String basePath, Timer t, long updateInterval, boolean loadGlobusNs, boolean loadEuGridPmaNs, ObserversHandler observers, boolean openssl1Mode)
           
 
Method Summary
 NamespacesStore getGlobusNsStore()
           
 NamespacesStore getPmaNsStore()
           
protected  void reloadCerts(Collection<URL> locations)
          For all URLs tries to load a CA cert and namespaces
protected  boolean tryLoadCert(URL location, Set<TrustAnchorExt> tmpAnchors, Map<URL,TrustAnchorExt> tmpLoc2anch)
           
 
Methods inherited from class eu.emi.security.authn.x509.helpers.trust.DirectoryTrustAnchorStore
getCacheDir, getConnTimeout, getEncoding, getLocations, getTrustAnchors, getTrustedCertificates, loadCert, update
 
Methods inherited from class eu.emi.security.authn.x509.helpers.trust.TimedTrustAnchorStoreBase
dispose, scheduleUpdate, setUpdateInterval
 
Methods inherited from class eu.emi.security.authn.x509.helpers.trust.AbstractTrustAnchorStore
checkValidity, getUpdateInterval
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface eu.emi.security.authn.x509.helpers.trust.TrustAnchorStore
dispose, getTrustAnchors, getTrustedCertificates, getUpdateInterval, setUpdateInterval
 

Field Detail

CERT_WILDCARD

public static final String CERT_WILDCARD
See Also:
Constant Field Values
Constructor Detail

OpensslTrustAnchorStoreImpl

public OpensslTrustAnchorStoreImpl(String basePath,
                                   Timer t,
                                   long updateInterval,
                                   boolean loadGlobusNs,
                                   boolean loadEuGridPmaNs,
                                   ObserversHandler observers,
                                   boolean openssl1Mode)
Method Detail

reloadCerts

protected void reloadCerts(Collection<URL> locations)
For all URLs tries to load a CA cert and namespaces

Overrides:
reloadCerts in class DirectoryTrustAnchorStore

tryLoadCert

protected boolean tryLoadCert(URL location,
                              Set<TrustAnchorExt> tmpAnchors,
                              Map<URL,TrustAnchorExt> tmpLoc2anch)

getPmaNsStore

public NamespacesStore getPmaNsStore()
Specified by:
getPmaNsStore in interface OpensslTrustAnchorStore

getGlobusNsStore

public NamespacesStore getGlobusNsStore()
Specified by:
getGlobusNsStore in interface OpensslTrustAnchorStore


Copyright © 2012-2014 European Middleware Initiative. All Rights Reserved.