Class OpenSshCertificateImpl
- java.lang.Object
-
- org.apache.sshd.common.config.keys.OpenSshCertificateImpl
-
- All Implemented Interfaces:
java.io.Serializable
,java.security.Key
,java.security.PrivateKey
,java.security.PublicKey
,javax.security.auth.Destroyable
,OpenSshCertificate
public class OpenSshCertificateImpl extends java.lang.Object implements OpenSshCertificate
- See Also:
- Serialized Form
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.apache.sshd.common.config.keys.OpenSshCertificate
OpenSshCertificate.CertificateOption, OpenSshCertificate.Type
-
-
Field Summary
Fields Modifier and Type Field Description private java.security.PublicKey
caPubKey
private java.security.PublicKey
certificatePublicKey
private java.util.List<OpenSshCertificate.CertificateOption>
criticalOptions
private java.util.List<OpenSshCertificate.CertificateOption>
extensions
private java.lang.String
id
private java.lang.String
keyType
private byte[]
message
private byte[]
nonce
private java.util.Collection<java.lang.String>
principals
private java.lang.String
reserved
private long
serial
private static long
serialVersionUID
private byte[]
signature
private int
type
private long
validAfter
private long
validBefore
-
Fields inherited from interface org.apache.sshd.common.config.keys.OpenSshCertificate
INFINITY, MIN_EPOCH
-
-
Constructor Summary
Constructors Constructor Description OpenSshCertificateImpl()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.String
getAlgorithm()
java.security.PublicKey
getCaPubKey()
Retrieves the CA public key of this certificate.java.security.PublicKey
getCertPubKey()
Retrieves the certified public key.java.util.List<OpenSshCertificate.CertificateOption>
getCriticalOptions()
Retrieves the critical options set in the certificate.byte[]
getEncoded()
java.util.List<OpenSshCertificate.CertificateOption>
getExtensions()
Retrieves the extensions set in the certificate.java.lang.String
getFormat()
java.lang.String
getId()
Retrieves a free-form text set by the CA when the certificate was generated; intended to identify the identity principal in log message.java.lang.String
getKeyType()
Retrieves the SSH key type of this certificate.byte[]
getMessage()
Retrieves the raw byte content of the certificate, minus the signature.byte[]
getNonce()
Retrieves the nonce of this certificate.java.util.Collection<java.lang.String>
getPrincipals()
Retrieves the principals mentioned in the certificate.java.lang.String
getRawKeyType()
Retrieves the raw SSH key type of this certificate.byte[]
getRawSignature()
Retrieves the raw signature bytes, without the signature algorithm.java.lang.String
getReserved()
Retrieves the "reserved" field of the certificate.long
getSerial()
Retrieves the serial number of this certificate.byte[]
getSignature()
Retrieves the signature of the certificate, including the signature algorithm.java.lang.String
getSignatureAlgorithm()
Retrieves the signature algorithm used for the signature.OpenSshCertificate.Type
getType()
Retrieves the type of certificate.long
getValidAfter()
Retrieves the time in number of seconds since theInstant.EPOCH
at which this certificate becomes or became valid.long
getValidBefore()
Retrieves the time in number of seconds since theInstant.EPOCH
at which this certificate becomes or became invalid.void
setCaPubKey(java.security.PublicKey caPubKey)
void
setCertPubKey(java.security.PublicKey certificatePublicKey)
void
setCriticalOptions(java.util.List<OpenSshCertificate.CertificateOption> criticalOptions)
void
setExtensions(java.util.List<OpenSshCertificate.CertificateOption> extensions)
void
setId(java.lang.String id)
void
setKeyType(java.lang.String keyType)
void
setMessage(byte[] message)
void
setNonce(byte[] nonce)
void
setPrincipals(java.util.Collection<java.lang.String> principals)
void
setReserved(java.lang.String reserved)
void
setSerial(long serial)
void
setSignature(byte[] signature)
void
setType(OpenSshCertificate.Type type)
void
setValidAfter(long validAfter)
void
setValidAfter(java.time.Instant validAfter)
If null, usesOpenSshCertificate.MIN_EPOCH
void
setValidBefore(long validBefore)
void
setValidBefore(java.time.Instant validBefore)
If null, usesOpenSshCertificate.INFINITY
private static java.lang.String
toDate(long timestamp)
java.lang.String
toString()
-
-
-
Field Detail
-
serialVersionUID
private static final long serialVersionUID
- See Also:
- Constant Field Values
-
keyType
private java.lang.String keyType
-
nonce
private byte[] nonce
-
certificatePublicKey
private java.security.PublicKey certificatePublicKey
-
serial
private long serial
-
type
private int type
-
id
private java.lang.String id
-
principals
private java.util.Collection<java.lang.String> principals
-
validAfter
private long validAfter
-
validBefore
private long validBefore
-
criticalOptions
private java.util.List<OpenSshCertificate.CertificateOption> criticalOptions
-
extensions
private java.util.List<OpenSshCertificate.CertificateOption> extensions
-
reserved
private java.lang.String reserved
-
caPubKey
private java.security.PublicKey caPubKey
-
message
private byte[] message
-
signature
private byte[] signature
-
-
Method Detail
-
getRawKeyType
public java.lang.String getRawKeyType()
Description copied from interface:OpenSshCertificate
Retrieves the raw SSH key type of this certificate.- Specified by:
getRawKeyType
in interfaceOpenSshCertificate
- Returns:
- the key type, for instance "ssh-rsa" for a "ssh-rsa-cert-v01@openssh.com" certificate
-
getNonce
public byte[] getNonce()
Description copied from interface:OpenSshCertificate
Retrieves the nonce of this certificate.- Specified by:
getNonce
in interfaceOpenSshCertificate
- Returns:
- the nonce.
-
getKeyType
public java.lang.String getKeyType()
Description copied from interface:OpenSshCertificate
Retrieves the SSH key type of this certificate.- Specified by:
getKeyType
in interfaceOpenSshCertificate
- Returns:
- the key type, for instance "ssh-rsa-cert-v01@openssh.com"
-
getCertPubKey
public java.security.PublicKey getCertPubKey()
Description copied from interface:OpenSshCertificate
Retrieves the certified public key.- Specified by:
getCertPubKey
in interfaceOpenSshCertificate
- Returns:
- the
PublicKey
-
getSerial
public long getSerial()
Description copied from interface:OpenSshCertificate
Retrieves the serial number of this certificate.- Specified by:
getSerial
in interfaceOpenSshCertificate
- Returns:
- the serial number
-
getType
public OpenSshCertificate.Type getType()
Description copied from interface:OpenSshCertificate
Retrieves the type of certificate.- Specified by:
getType
in interfaceOpenSshCertificate
- Returns:
- the
OpenSshCertificate.Type
-
getId
public java.lang.String getId()
Description copied from interface:OpenSshCertificate
Retrieves a free-form text set by the CA when the certificate was generated; intended to identify the identity principal in log message.- Specified by:
getId
in interfaceOpenSshCertificate
- Returns:
- the id; never
null
but may be empty.
-
getPrincipals
public java.util.Collection<java.lang.String> getPrincipals()
Description copied from interface:OpenSshCertificate
Retrieves the principals mentioned in the certificate.- Specified by:
getPrincipals
in interfaceOpenSshCertificate
- Returns:
- the collection of principals, never
null
but possibly empty
-
getValidAfter
public long getValidAfter()
Description copied from interface:OpenSshCertificate
Retrieves the time in number of seconds since theInstant.EPOCH
at which this certificate becomes or became valid.- Specified by:
getValidAfter
in interfaceOpenSshCertificate
- Returns:
- the number of seconds since the
Instant.EPOCH
as an unsigned 64bit value - See Also:
OpenSshCertificate.isValidNow(OpenSshCertificate)
-
getValidBefore
public long getValidBefore()
Description copied from interface:OpenSshCertificate
Retrieves the time in number of seconds since theInstant.EPOCH
at which this certificate becomes or became invalid.- Specified by:
getValidBefore
in interfaceOpenSshCertificate
- Returns:
- the number of seconds since the
Instant.EPOCH
as an unsigned 64bit value - See Also:
OpenSshCertificate.isValidNow(OpenSshCertificate)
-
getCriticalOptions
public java.util.List<OpenSshCertificate.CertificateOption> getCriticalOptions()
Description copied from interface:OpenSshCertificate
Retrieves the critical options set in the certificate.- Specified by:
getCriticalOptions
in interfaceOpenSshCertificate
- Returns:
- the critical options as a list, never
null
but possibly empty
-
getExtensions
public java.util.List<OpenSshCertificate.CertificateOption> getExtensions()
Description copied from interface:OpenSshCertificate
Retrieves the extensions set in the certificate.- Specified by:
getExtensions
in interfaceOpenSshCertificate
- Returns:
- the extensions as a list, never
null
but possibly empty
-
getReserved
public java.lang.String getReserved()
Description copied from interface:OpenSshCertificate
Retrieves the "reserved" field of the certificate. OpenSSH currently doesn't use it and ignores it.- Specified by:
getReserved
in interfaceOpenSshCertificate
- Returns:
- the "reserved" field.
-
getCaPubKey
public java.security.PublicKey getCaPubKey()
Description copied from interface:OpenSshCertificate
Retrieves the CA public key of this certificate.- Specified by:
getCaPubKey
in interfaceOpenSshCertificate
- Returns:
- the
PublicKey
-
getMessage
public byte[] getMessage()
Description copied from interface:OpenSshCertificate
Retrieves the raw byte content of the certificate, minus the signature. This is the data that was signed.- Specified by:
getMessage
in interfaceOpenSshCertificate
- Returns:
- the part of the certificate raw data that was signed
-
getSignature
public byte[] getSignature()
Description copied from interface:OpenSshCertificate
Retrieves the signature of the certificate, including the signature algorithm.- Specified by:
getSignature
in interfaceOpenSshCertificate
- Returns:
- the signature bytes
- See Also:
OpenSshCertificate.getRawSignature()
-
getRawSignature
public byte[] getRawSignature()
Description copied from interface:OpenSshCertificate
Retrieves the raw signature bytes, without the signature algorithm.- Specified by:
getRawSignature
in interfaceOpenSshCertificate
- Returns:
- the signature bytes
- See Also:
OpenSshCertificate.getSignature()
-
getSignatureAlgorithm
public java.lang.String getSignatureAlgorithm()
Description copied from interface:OpenSshCertificate
Retrieves the signature algorithm used for the signature.- Specified by:
getSignatureAlgorithm
in interfaceOpenSshCertificate
- Returns:
- the signature algorithm as recorded in the certificate
-
getAlgorithm
public java.lang.String getAlgorithm()
- Specified by:
getAlgorithm
in interfacejava.security.Key
-
getFormat
public java.lang.String getFormat()
- Specified by:
getFormat
in interfacejava.security.Key
-
getEncoded
public byte[] getEncoded()
- Specified by:
getEncoded
in interfacejava.security.Key
-
setKeyType
public void setKeyType(java.lang.String keyType)
-
setNonce
public void setNonce(byte[] nonce)
-
setCertPubKey
public void setCertPubKey(java.security.PublicKey certificatePublicKey)
-
setSerial
public void setSerial(long serial)
-
setType
public void setType(OpenSshCertificate.Type type)
-
setId
public void setId(java.lang.String id)
-
setPrincipals
public void setPrincipals(java.util.Collection<java.lang.String> principals)
-
setValidAfter
public void setValidAfter(long validAfter)
-
setValidAfter
public void setValidAfter(java.time.Instant validAfter)
If null, usesOpenSshCertificate.MIN_EPOCH
- Parameters:
validAfter
-Instant
to use for validAfter
-
setValidBefore
public void setValidBefore(long validBefore)
-
setValidBefore
public void setValidBefore(java.time.Instant validBefore)
If null, usesOpenSshCertificate.INFINITY
- Parameters:
validBefore
-Instant
to use for validBefore
-
setCriticalOptions
public void setCriticalOptions(java.util.List<OpenSshCertificate.CertificateOption> criticalOptions)
-
setExtensions
public void setExtensions(java.util.List<OpenSshCertificate.CertificateOption> extensions)
-
setReserved
public void setReserved(java.lang.String reserved)
-
setCaPubKey
public void setCaPubKey(java.security.PublicKey caPubKey)
-
setMessage
public void setMessage(byte[] message)
-
setSignature
public void setSignature(byte[] signature)
-
toDate
private static java.lang.String toDate(long timestamp)
-
toString
public java.lang.String toString()
- Overrides:
toString
in classjava.lang.Object
-
-